Commit Graph

247 Commits

Author SHA1 Message Date
Aaron Jorbin 793b30bc30 Media: Redirect inactive attachment pages for logged-out users.
Ensure logged out users are redirected to the media file when attachment pages are inactive. This removes the read_post capability check from the canonical redirects as anonymous users lack the permission.

This was previously committed in [57310] before being reverted in [57318]. This update includes a fix to cover instances where revealing a URL could be considered a data leak and greatly expands the unit tests to ensure that this is covered along with many other instances.

Follow-up to [56657], [56658], [56711], [57310], [57318].

Props peterwilsoncc, jorbin, afercia, aristath, chesio, joppuyo, jorbin, lakshmananphp, poena, sergeybiryukov, swissspidy, johnbillion.
Fixes #59866.
See #57913.

Built from https://develop.svn.wordpress.org/trunk@57357


git-svn-id: http://core.svn.wordpress.org/trunk@56863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-01-25 17:36:15 +00:00
Peter Wilson 2ce808cc7f Media: Revert [57310].
This commit reintroduced a minor data exposure issue.

Props swissspidy.
See #59866, #57913.


Built from https://develop.svn.wordpress.org/trunk@57318


git-svn-id: http://core.svn.wordpress.org/trunk@56824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-01-20 00:00:11 +00:00
Peter Wilson 3a36e92c88 Media: Redirect inactive attachement pages for logged-out users.
Ensure logged out users are redirected to the media file when attachment pages are inactive. This removes the `read_post` capability check from the canonical redirects as anonymous users lack the permission.

Follow-up to [56657], [56658], [56711].

Props afercia, aristath, chesio, joppuyo, jorbin, lakshmananphp, poena, sergeybiryukov.
Fixes #59866.
See #57913.


Built from https://develop.svn.wordpress.org/trunk@57310


git-svn-id: http://core.svn.wordpress.org/trunk@56816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-01-19 00:44:13 +00:00
Sergey Biryukov 366d370d37 Canonical: Check if the `author` parameter is a string in `redirect_canonical()`.
This avoids a PHP warning or error when viewing an author on the front end, while an array is passed as `$_GET['author']`.

Follow-up to [12034], [12040], [12202].

Props david.binda, antonvlasenko, azaozz, SergeyBiryukov.
Fixes #60059.
Built from https://develop.svn.wordpress.org/trunk@57232


git-svn-id: http://core.svn.wordpress.org/trunk@56738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-12-29 13:54:17 +00:00
Sergey Biryukov 11f30a677a Coding Standards: Remove redundant ignore annotations.
This removes ignore annotations which are ignoring an error which would not be thrown for that code.

Includes tidying up the format of the ignore annotation:
* Customary one space between the `//` and the start of the comment.
* There should be no spaces in the comma-separated sniff list.

Follow-up to [45607], [47185], [49200], [53152].

Props jrf.
See #59161.
Built from https://develop.svn.wordpress.org/trunk@56738


git-svn-id: http://core.svn.wordpress.org/trunk@56250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-28 00:04:24 +00:00
Sergey Biryukov 57f2930594 Login and Registration: Add `/login.php` as an alias for the login page.
This aims to make the login process more user-friendly.

Follow-up to [19875], [19880].

Props lancewillett, subrataemfluence, tejwanihemant, ankit-k-gupta, devmuhib, audrasjb, hellofromTonya, joemcgill.
Fixes #40762.
Built from https://develop.svn.wordpress.org/trunk@56718


git-svn-id: http://core.svn.wordpress.org/trunk@56230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-26 16:11:20 +00:00
Sergey Biryukov 229d32f6d7 Media: Disable attachment pages for new installations.
WordPress creates attachment pages by default for every attachment uploaded. On the vast majority of sites, these attachment pages don't contain any meaningful information. They do however exist, get indexed by search engines, and sometimes even rank in search results, leading to bad results for users and site owners.

This commit introduces a `wp_attachment_pages_enabled` database option to control the attachment pages behavior:

* On existing sites, the option is set to `1` on upgrade, so that attachment pages continue to work as is.
* For new sites, the option is set to to `0` by default, which means attachment pages are redirected to the attachment URL.
* Sites that want to enable or disable the attachment pages can set the option to `1` or `0`, respectively.

Follow-up to [2958], [3303], [7149], [34690].

Props aristath, poena, afercia, joostdevalk, jonoaldersonwp, azaozz, johnbillion, joedolson, basiliskan, audrasjb, davelo, rilwis, manfcarlo, tyxla, garrett-eclipse, seedsca, eatingrules, matveb, antpb, zodiac1978, oglekler, zunaid321, costdev, SergeyBiryukov.
Fixes #57913.
Built from https://develop.svn.wordpress.org/trunk@56657


git-svn-id: http://core.svn.wordpress.org/trunk@56169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-22 00:04:41 +00:00
Sergey Biryukov 59f1c9c205 Code Modernization: Use `str_contains()` in a few more places.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [55988], [55990], [56014], [56021], [56031], [56032], [56065], [56241].

See #58206.
Built from https://develop.svn.wordpress.org/trunk@56245


git-svn-id: http://core.svn.wordpress.org/trunk@55757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-17 13:18:27 +00:00
audrasjb 2697e5bf6e Docs: Replace multiple single line comments with multi-line comments.
This changeset updates various comments as per WordPress PHP Inline Documentation Standards.
See https://developer.wordpress.org/coding-standards/inline-documentation-standards/php/#5-inline-comments.

Follow-up to [56174], [56175], [56176].

Props costdev, audrasjb.
See #58459.



Built from https://develop.svn.wordpress.org/trunk@56177


git-svn-id: http://core.svn.wordpress.org/trunk@55689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-09 20:17:29 +00:00
Sergey Biryukov 1ce5dc7444 Code Modernization: Replace usage of `strpos()` with `str_contains()`.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].

Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988


git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:36:26 +00:00
Sergey Biryukov b9a31d5343 Docs: Improve code comments in some sanitizing functions.
This aims to clarify a few inline comments related to removing percent-encoded characters and HTML entities.

Affected functions:
* `sanitize_user()`
* `sanitize_title_with_dashes()`
* `sanitize_html_class()`
* `_sanitize_text_fields()`
* `get_comments_number_text()`

Follow-up to [465], [3454], [11433], [12503], [37987].

Props ace100, tanjimtc71, codemonksuvro, SergeyBiryukov.
Fixes #57712.
Built from https://develop.svn.wordpress.org/trunk@55346


git-svn-id: http://core.svn.wordpress.org/trunk@54879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-15 13:06:21 +00:00
Peter Wilson 486bec9939 Canonical: Protect against error for term not exists queries.
Prevent term `NOT EXISTS` queries causing `redirect_canonical()` to throw a fatal error in PHP 8 and above, or a warning in earlier versions.

This ensures the `tax_query`'s `terms` property both exists and is countable before attempting to count it.

Props codesdnc, SergeyBiryukov, kadamwhite, costdev, miguelaxcar.
Fixes #55955.


Built from https://develop.svn.wordpress.org/trunk@54785


git-svn-id: http://core.svn.wordpress.org/trunk@54337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-10 03:01:14 +00:00
Peter Wilson be3aa9a149 Canonical: Include all public status in 404 redirects.
In `redirect_guess_404_permalink()` search for posts using all publicly queryable statuses rather than limiting options to the `publish` status.

Props goaroundagain, costdev, htdat, audrasjb, chaion07.
Fixes #47911.


Built from https://develop.svn.wordpress.org/trunk@53043


git-svn-id: http://core.svn.wordpress.org/trunk@52632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-01 03:25:01 +00:00
Sergey Biryukov a1d974a2e1 Canonical: Check if the URL scheme exists in `strip_fragment_from_url()`.
This avoids an "Undefined index" PHP notice when a schemeless URI is passed.

Props dd32, SergeyBiryukov.
Fixes #55333.
Built from https://develop.svn.wordpress.org/trunk@52833


git-svn-id: http://core.svn.wordpress.org/trunk@52422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-09 15:08:06 +00:00
whyisjake 32ecbd061e Permalinks: Revert the changes stemming from pagination limits.
In [51118], an attempt was made to add pagination limits. The added tests need to be updated to ensure that they pass with the new changes.

Reverts [51118].

See #50233.

Built from https://develop.svn.wordpress.org/trunk@51125


git-svn-id: http://core.svn.wordpress.org/trunk@50734 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-08 23:32:56 +00:00
whyisjake b672d77e87 Permalinks: Limit pagination for posts with comments.
Additionally, redirect pages back to the source page if comments don't exist.

Props devrekli, carike, sumanm, mukesh27, chaion07, audrasjb, whyisjake, SergeyBiryukov.

Fixes #50233.

Built from https://develop.svn.wordpress.org/trunk@51118


git-svn-id: http://core.svn.wordpress.org/trunk@50727 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-08 22:51:01 +00:00
Peter Wilson faa29f5716 Canonical: Prevent ID enumeration of private post slugs.
Add check to `redirect_canonical()` to ensure private posts only redirect for logged in users.

Modifies the `read_post` mata capability to user `get_post_status()` rather than the post's `post_status` property to allow attachments to redirect based on the inherited post status.

Introduces `wp_force_ugly_post_permalink()` to unify the check to determine if an ugly link should be displayed in each of the functions used for determining permalinks: `get_permalink()`, `get_post_permalink()`, `_get_page_link()` and `get_attachment_link()`.

Improves logic of `get_attachment_link()` to validate parent post and resolution of inherited post status. This is an incomplete fix of #52373 to prevent the function returning links resulting in a file not found error. Required to unblock this ticket.

Props peterwilsoncc, TimothyBlynJacobs.
See #52373.
Fixes #5272.

Built from https://develop.svn.wordpress.org/trunk@50132


git-svn-id: http://core.svn.wordpress.org/trunk@49811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 00:40:01 +00:00
Sergey Biryukov d495eb4548 Canonical: Check if the post type exists when attempting a canonical redirect.
This avoids a PHP notice if the post type is no longer registered.

Follow-up to [14595], [35480].

Props bobbingwide, hareesh-pillai.
Fixes #40309.
Built from https://develop.svn.wordpress.org/trunk@49924


git-svn-id: http://core.svn.wordpress.org/trunk@49623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 17:56:06 +00:00
Peter Wilson 30b79ebd28 Permalinks: Prevent attachment pages 404ing following [49563].
This largely reverts [49563] due to attachment pages returning 404: File not found errors when they use the `inherit` status.

Permalink changes to attachment pages are retained when they are descendants of trashed or deleted posts.

Props Toro_Unit, helen, johnbillion, peterwilsoncc.
Fixes #51776.
See #5272.


Built from https://develop.svn.wordpress.org/trunk@49622


git-svn-id: http://core.svn.wordpress.org/trunk@49360 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-17 03:29:12 +00:00
Peter Wilson 5da8c0fceb Canonical: Prevent ID enumeration of private post slugs.
Add check to `redirect_canonical()` to ensure the destination post is not using a private post status.

Props dd32, Denis-de-Bernardy, donmhico, helen, nacin, peterwilsoncc, pishmishy, TimothyBlynJacobs, tzafrir, Viper007Bond, whyisjake.
Fixes #5272.


Built from https://develop.svn.wordpress.org/trunk@49563


git-svn-id: http://core.svn.wordpress.org/trunk@49301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-12 04:16:08 +00:00
Peter Wilson a08fd6ff6f Canonical: Support multiple post types in `redirect_guess_404_permalink()`.
Prevent `redirect_guess_404_permalink()` from throwing a notice when multiple post types are included in the `post_type` query.

Props junaidbhura.
Fixes #43056.


Built from https://develop.svn.wordpress.org/trunk@49200


git-svn-id: http://core.svn.wordpress.org/trunk@48962 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 23:23:05 +00:00
Peter Wilson 2db137784b Sitemaps: Prevent incorrect redirection of paged sitemap requests.
Update `redirect_canonical()` to account for custom pagination and URL format used by sitemaps in order to follow standard practices.

Introduce the function `get_sitemap_url()` to simplify getting the index and provider URLs as needed.

Props jonathanstegall, pbiron, GamerZ, salvoaranzulla, peterwilsoncc.
Fixes #50910.


Built from https://develop.svn.wordpress.org/trunk@48872


git-svn-id: http://core.svn.wordpress.org/trunk@48634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-27 01:30:04 +00:00
John Blackbourn 57a3f803ae Docs: First pass at some inline docs fixes mostly made by PHPCBF.
See #49572, #50744
Built from https://develop.svn.wordpress.org/trunk@48586


git-svn-id: http://core.svn.wordpress.org/trunk@48348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 20:01:04 +00:00
Sergey Biryukov 40c389c95e Docs: Standardize on "Returning a value from the filter" vs. "Passing a value to the filter".
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.

The documentation is referring to the latter.

Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185


git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:49:09 +00:00
John Blackbourn eb9a6c9690 Docs: Miscellaneous docblock improvements.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48184


git-svn-id: http://core.svn.wordpress.org/trunk@47953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:40:04 +00:00
desrosj 9ebcf0922c Docs: Reword inline docs for better readability and clarity.
This improves the wording of the inline documentation for `redirect_guess_404_permalink()` and the related filters introduced in [47878].

Previously [47878,47885]
See #16557.
Built from https://develop.svn.wordpress.org/trunk@48182


git-svn-id: http://core.svn.wordpress.org/trunk@47951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 16:16:04 +00:00
Sergey Biryukov d10595ce32 Canonical: Move trailing slash handling for `robots.txt` and sitemaps to a single condition.
Give the unit test a more descriptive name.

Follow-up to [48153], [48155].

See #48025.
Built from https://develop.svn.wordpress.org/trunk@48166


git-svn-id: http://core.svn.wordpress.org/trunk@47935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 11:41:10 +00:00
whyisjake bb7a531b75 Canonical: Ensure that when permalinks are set to a trailing slash, that robots.txt doesn't.
Fixes #48025.

Props Toro_Unit, joostdevalk, SergeyBiryukov.


Built from https://develop.svn.wordpress.org/trunk@48153


git-svn-id: http://core.svn.wordpress.org/trunk@47922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-23 23:44:09 +00:00
Pascal Birchler 609dd1d14f Sitemaps: Add XML sitemaps functionality to WordPress.
While web crawlers are able to discover pages from links within the site and from other sites, XML sitemaps supplement this approach by allowing crawlers to quickly and comprehensively identify all URLs included in the sitemap and learn other signals about those URLs using the associated metadata.

See https://make.wordpress.org/core/2020/06/10/merge-announcement-extensible-core-sitemaps/ for more details.

This feature exposes the sitemap index via `/wp-sitemap.xml` and exposes a variety of new filters and hooks for developers to modify the behavior. Users can disable sitemaps completely by turning off search engine visibility in WordPress admin.

This change also introduces a new `esc_xml()` function to escape strings for output in XML, as well as XML support to `wp_kses_normalize_entities()`.

Props Adrian McShane, afragen, adamsilverstein, casiepa, flixos90, garrett-eclipse, joemcgill, kburgoine, kraftbj, milana_cap, pacifika, pbiron, pfefferle, Ruxandra Gradina, swissspidy, szepeviktor, tangrufus, tweetythierry.
Fixes #50117.
See #3670. See #19998.

Built from https://develop.svn.wordpress.org/trunk@48072


git-svn-id: http://core.svn.wordpress.org/trunk@47839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-17 15:24:07 +00:00
Sergey Biryukov 4de0d47792 Canonical: Revert [47937] pending unit tests and further review.
Props needle.
See #12456.
Built from https://develop.svn.wordpress.org/trunk@48026


git-svn-id: http://core.svn.wordpress.org/trunk@47794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-11 10:55:11 +00:00
whyisjake c65334d820 Canonical: Ensure a redirect for posts missing `postname` in a query with an ID.
If a site is using `/%post_id%/%postname%/` as permalink structure, and is missing the `postname`, the site  won't redirect to the appropriate URL. This change ensure that the redirect happens.

Fixes: #12456.
Props: Frank.Prendergast, dd32, Otto42, hlanggo, wonderboymusic, atimmer, seth17, calvin_ngan, Niresh12495, anbumz, SergeyBiryukov, donmhico.



Built from https://develop.svn.wordpress.org/trunk@47937


git-svn-id: http://core.svn.wordpress.org/trunk@47710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-09 19:26:12 +00:00
Sergey Biryukov 3fd1fe298a Docs: Correct `@param` type for `pre_redirect_guess_404_permalink` filter.
Improve filter documentation for consistency with other similar short-circuit filters in core.

Follow-up to [47878].

See #16557.
Built from https://develop.svn.wordpress.org/trunk@47885


git-svn-id: http://core.svn.wordpress.org/trunk@47659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-02 16:23:11 +00:00
whyisjake f201c1b217 Canonical: Add the ability to disable `redirect_guess_404_permalink()`.
This also adds a few more filters to make adding redirects easier. Notably:

1. `do_redirect_guess_404_permalink`
2. `pre_redirect_guess_404_permalink`
3. `strict_redirect_guess_404_permalink`

Fixes: #16557.
Props: msafi, nacin, simonwheatley, westi, mboynes, joostdevalk, Lex_Robinson, MikeSchinkel, haukep, paulschreiber, DrewAPicture, ravenswd, esemlabel, stevegibson12, martychc23, DrLightman, jivanpal, neonkowy, laternastudio, apedog, audrasjb, davidbaumwald, Confridin, donmhico, ryotsun. 


Built from https://develop.svn.wordpress.org/trunk@47878


git-svn-id: http://core.svn.wordpress.org/trunk@47652 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-01 18:49:10 +00:00
Sergey Biryukov 7b192d406a Coding Standards: Fix instances of `Generic.WhiteSpace.ArbitraryParenthesesSpacing.FoundEmpty`.
See #49542.
Built from https://develop.svn.wordpress.org/trunk@47855


git-svn-id: http://core.svn.wordpress.org/trunk@47631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-26 09:37:10 +00:00
Sergey Biryukov b1a275684a Canonical: Only redirect non-existing page requests to the post permalink if the post is found.
Follow-up to [47760].

See #45337, #40773, #28081, #11694.
Built from https://develop.svn.wordpress.org/trunk@47761


git-svn-id: http://core.svn.wordpress.org/trunk@47537 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-04 10:49:07 +00:00
Sergey Biryukov 5b046976cc Canonical: Redirect paged requests for a static page assigned as the "Posts page".
This avoids displaying duplicate content of the home page under different URLs with appended page numbers.

This change only affects the `<!--nextpage-->` pagination (`page` query variable) and not the regular multiple posts pagination (`paged` query variable).

The posts page does not support the `<!--nextpage-->` pagination, so requests for invalid page numbers should be redirected to the page permalink, applying the logic previously implemented for single posts or pages.

Follow-up to [34492], [47727].

Props jeremyfelt, sachit.tandukar, SergeyBiryukov.
Fixes #45337. See #40773, #28081, #11694.
Built from https://develop.svn.wordpress.org/trunk@47760


git-svn-id: http://core.svn.wordpress.org/trunk@47536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-04 10:42:07 +00:00
Sergey Biryukov 37d179de1c Coding Standards: Fix WPCS issues in `wp-includes/canonical.php`.
Reformat long conditions and dense code blocks for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47759


git-svn-id: http://core.svn.wordpress.org/trunk@47535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-04 09:05:08 +00:00
Sergey Biryukov eae1462bef Canonical: Redirect paged requests for non-paginated posts to the post permalink.
This avoids displaying duplicate content of the same post under different URLs and ensures the canonical URL is correct.

Previously, requests for invalid page numbers were only redirected to the post permalink if the post was actually paginated using the `<!--nextpage-->` marker.

Follow-up to [34492].

Props jeremyfelt, prografika, sachit.tandukar, subrataemfluence, hronak, ekatherine, henry.wright, chesio, dd32, SergeyBiryukov.
Fixes #40773. See #45337, #28081, #11694.
Built from https://develop.svn.wordpress.org/trunk@47727


git-svn-id: http://core.svn.wordpress.org/trunk@47504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-30 12:05:14 +00:00
Sergey Biryukov ced8fb20a1 Code Modernization: Remove error suppression from `parse_url()` calls.
Previously, the `@` operator was used to prevent possible warnings emitted by `parse_url()` in PHP < 5.3.3 when URL parsing failed.

Now that the minimum version of PHP required by WordPress is 5.6.20, this is no longer needed.

Props netpassprodsr, Howdy_McGee.
Fixes #49980. See #24780.
Built from https://develop.svn.wordpress.org/trunk@47617


git-svn-id: http://core.svn.wordpress.org/trunk@47392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-24 07:28:10 +00:00
Sergey Biryukov 38676936ba Coding Standards: Use strict type check for `in_array()` and `array_search()` where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
Sergey Biryukov 982a6453c9 Canonical: When removing trailing punctuation from query string arguments, match the whole query var name.
Props daveslaughter.
Fixes #49347.
Built from https://develop.svn.wordpress.org/trunk@47169


git-svn-id: http://core.svn.wordpress.org/trunk@46969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-03 00:14:07 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov dd4d98a368 Docs: In various `@return` tags, list the expected type first, instead of `false`.
Follow-up to [46696].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47060


git-svn-id: http://core.svn.wordpress.org/trunk@46860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-11 18:32:05 +00:00
Sergey Biryukov d858656023 Bootstrap/Load: Make handling the `/favicon.ico` requests more flexible.
Previously, `wp_favicon_request()` was introduced in [13205] to avoid a performance hit of serving a full 404 page on every favicon request.

While working as intended, that implementation did not provide a way for theme or plugin authors to manage the behavior of favicon requests.

This changeset implements the following logic (only applied if WordPress is installed in the root directory):

* If there is a Site Icon set in Customizer, redirect `/favicon.ico` requests to that icon.
* Otherwise, use the WordPress logo as a default icon.
* If a physical `/favicon.ico` file exists, do nothing, let the server handle the request.

Handling `/favicon.ico` is now more consistent with handling `/robots.txt` requests.

New functions and hooks:

* Introduce `is_favicon()` conditional tag to complement `is_robots()`.
* Introduce `do_favicon` action to complement `do_robots` and use it in template loader.
* Introduce `do_favicon()` function, hooked to the above action by default, to complement `do_robots()`.
* Introduce `do_faviconico` action to complement `do_robotstxt`, for plugins to override the default behavior.
* Mark `wp_favicon_request()` as deprecated in favor of `do_favicon()`.

Props jonoaldersonwp, birgire, joostdevalk, mukesh27, SergeyBiryukov.
Fixes #47398.
Built from https://develop.svn.wordpress.org/trunk@47018


git-svn-id: http://core.svn.wordpress.org/trunk@46818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-28 21:20:04 +00:00
Sergey Biryukov 7f7480cb2a Docs: Add missing description for `$wp_query` and `$wp_the_query` globals.
Props mukesh27.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45739


git-svn-id: http://core.svn.wordpress.org/trunk@45550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:59:56 +00:00
Sergey Biryukov b1e34ccc1f Docs: Add missing description for `$wp_rewrite` global.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45735


git-svn-id: http://core.svn.wordpress.org/trunk@45546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:19:56 +00:00
Sergey Biryukov 29b072e706 Docs: Add missing description for `$wpdb`, `$wp_db_version`, and `$wp_current_db_version` globals.
Props mukesh27, utsav72640, immeet94, SergeyBiryukov.
See #45604.
Built from https://develop.svn.wordpress.org/trunk@45734


git-svn-id: http://core.svn.wordpress.org/trunk@45545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:12:56 +00:00
Gary Pendergast 4803fc405e Coding Standards: Fix the `Squiz.PHP.DisallowMultipleAssignments` violations in `wp-includes`.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Gary Pendergast 625d1694a3 Canonical: Ensure redirect query keys are URL encoded.
This prevents an infinite redirect loop when a request containing URL-encoded characters triggers `is_404()`.

Props soulseekah, wrwrwr0.
Fixes #43745.

Built from https://develop.svn.wordpress.org/trunk@45133


git-svn-id: http://core.svn.wordpress.org/trunk@44942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-08 01:10:55 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00