Commit Graph

445 Commits

Author SHA1 Message Date
Rachel Baker e4a7c0a397 REST API: Introduce the Content API endpoints.
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.
Built from https://develop.svn.wordpress.org/trunk@38832


git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 02:55:32 +00:00
Pascal Birchler ef8f9168b6 Taxonomy: Introduce `WP_Taxonomy` and use it in `register_taxonomy()` and `unregister_taxonomy()`.
This changes the global `$wp_taxonomies` to an array of `WP_Taxonomy ` objects. `WP_Taxonomy ` includes methods to handle rewrite rules and hooks.
Each taxonomy argument becomes a property of `WP_Taxonomy`. Introducing such a class makes further improvements in the future much more feasible.

Props boonebgorges for review.
Fixes #36224. See #36217.
Built from https://develop.svn.wordpress.org/trunk@38747


git-svn-id: http://core.svn.wordpress.org/trunk@38690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-07 17:12:29 +00:00
Gary Pendergast 4babadb704 Bootstrap: `class-wp-locale.php` needs to be `require_once()`-ed.
After [38364], the inclusion of `class-wp-locale.php` was changed from a `require_once()` to a `require()`. This caused problems for anything that called `load_text_domain_early()` prior to the `require()` but didn't bail, as it was now being `require()`-ed a second time.

With the use of `require_once()`, it doesn't really matter where it's loaded, so it has been moved next to the related `l10n.php` load.

See #37827.


Built from https://develop.svn.wordpress.org/trunk@38496


git-svn-id: http://core.svn.wordpress.org/trunk@38437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-01 12:36:28 +00:00
Scott Taylor a3ffebce30 Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38470


git-svn-id: http://core.svn.wordpress.org/trunk@38411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:31:29 +00:00
Scott Taylor 7e8d7f8a81 General: revert [38386], `functions.php` was probably too tempting for some people to not load by itself.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38469


git-svn-id: http://core.svn.wordpress.org/trunk@38410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 15:24:29 +00:00
Scott Taylor 390ceba6c7 Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38411


git-svn-id: http://core.svn.wordpress.org/trunk@38352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 22:32:37 +00:00
Dion Hulse 0e31a46161 Bootstrap: Revert [38399] as it's broken `/build/` and subsequently core.svn.wordpress.org.
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.

See #36335

Built from https://develop.svn.wordpress.org/trunk@38402


git-svn-id: http://core.svn.wordpress.org/trunk@38343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 14:37:32 +00:00
Scott Taylor 6a529648cf Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.

The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php

We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php

When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.

The future is now.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38399


git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 09:15:29 +00:00
Scott Taylor b9f516e55e Bootstrap: load `option.php` in `wp-settings.php`, not in `functions.php`.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38386


git-svn-id: http://core.svn.wordpress.org/trunk@38327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 21:11:29 +00:00
Scott Taylor b3d474a6dc Load: move `WP_MatchesMapRegex` into its own file.
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38376


git-svn-id: http://core.svn.wordpress.org/trunk@38317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 18:11:39 +00:00
Scott Taylor 524effb58f Load: remove `session.php` and, instead, move the 2 `require` calls to `wp-settings.php`. This simplifies the include path.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38373


git-svn-id: http://core.svn.wordpress.org/trunk@38314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 17:45:17 +00:00
Scott Taylor 481123661c Load: load `class-phpass.php` (`PasswordHash` class) early in `wp-settings.php`, instead of `require_once()`'ing it in several places.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38371


git-svn-id: http://core.svn.wordpress.org/trunk@38312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 17:40:35 +00:00
Scott Taylor 6d87157eb9 i18n: move `is_rtl()` to `l10n.php` (which loads way earlier). Load `WP_Locale` file in `wp-settings.php`. Retire `wp-includes/locale.php` - it only loaded the class and the one function, `is_rtl()`. If someone loaded this file for fun somewhere else, it would be a fatal error.
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38364


git-svn-id: http://core.svn.wordpress.org/trunk@38305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 10:20:29 +00:00
Scott Taylor b144d69ba0 Embed: `wp-settings.php` loads `class-wp-embed.php`, which currently produces side effects. Move the `global` instantiation to `wp-settings.php`. `WP_Embed` is then in a file by itself.
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38362


git-svn-id: http://core.svn.wordpress.org/trunk@38303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 09:53:28 +00:00
Scott Taylor ff59281441 OEmbed: move `_wp_oembed_get_object()` to `embed.php`, where all of the other embed functions live. `WP_oEmbed` is then in a file by itself. Load `class-oembed.php` in `wp-settings.php` and remove extraneous include calls.
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38361


git-svn-id: http://core.svn.wordpress.org/trunk@38302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 09:49:28 +00:00
Scott Taylor d5f28fdad8 Query: move `WP_Query` into its own file via `svn cp`.
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38351


git-svn-id: http://core.svn.wordpress.org/trunk@38292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-25 17:20:38 +00:00
Aaron Jorbin a138374ec8 Bootstrap/Load: Include Plugin API via `require_once`
Currently, auto-prepended files need to directly modify the globals in order to add filters and actions. This is a bad idea. Globals are bad. You should never directly interact with the Plugin globals.

Fixes #37707.


Built from https://develop.svn.wordpress.org/trunk@38282


git-svn-id: http://core.svn.wordpress.org/trunk@38223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-19 04:10:30 +00:00
Aaron Jorbin 7e14c27bb9 Bootstrap/Load: Revert Plugin Global restoration around `advance-cache.php`.
First added in [37588] and later modified in [38224], the idea was to ensure that filters/actions added before `advance-cache.php` would not disappear if `advance-cache.php` overloaded the filters/actions with code such as `$wp_filter = array()`. This is an edge case and one that there is no documented case of existing.

This restores the behavior from WordPress 4.5 and before. It is strongly encouraged that developers using `advance-cache.php` to use the Plugins API that is available before the loading of `advance-cache.php` rather than directly interacting with any of the globals.

Props azaozz, jorbin, dd32 for review, pento for review, westi for investigation, ipstenu for research.
See #36819.


Built from https://develop.svn.wordpress.org/trunk@38251


git-svn-id: http://core.svn.wordpress.org/trunk@38192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-13 16:00:33 +00:00
Gary Pendergast 4ac3feaa64 Boostrap/Load: Improve forward compatiblity of plugin global backup methods.
[37588] added methods to backup the plugin globals, for ensuring that advanced cache drop-ins don't overwrite hooks that've been added earlier in the load process.

The method for restoring the plugin globals wasn't compatible with the implementation of `WP_Hook` in #17817. `WP_Hook` implements `ArrayAccess`, so `_restore_plugin_globals()` was treating it as an array, and inadvertantly overwriting the `WP_Hook` object with a plain array.

To avoid having to re-write this code as part of #17817, we now use `add_filter()` to restore any hooks that were added by cache drop-ins, which `WP_Hook` correctly supports.

Props pento, jorbin.
See #36819.


Built from https://develop.svn.wordpress.org/trunk@38223


git-svn-id: http://core.svn.wordpress.org/trunk@38164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-09 01:45:29 +00:00
Drew Jaynes 6c7148943b Docs: Standardize capitalization of Ajax throughout core documentation per the core spelling guide.
Ajax, while considered an acronym for Asynchronous JavaScript and XML, is most commonly capitalized only in the first character.

Part props ocean90.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@38028


git-svn-id: http://core.svn.wordpress.org/trunk@37969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-10 00:51:30 +00:00
Drew Jaynes c009abcc98 Docs: Fix a typo in the hook doc description for the `enable_loading_advanced_cache_dropin` run-time filter.
See #34936. See #37318.

Built from https://develop.svn.wordpress.org/trunk@38021


git-svn-id: http://core.svn.wordpress.org/trunk@37962 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-09 13:17:30 +00:00
Jeremy Felt f111fdb69a Multisite: Introduce `WP_Network_Query`.
Provides a consistent way to query `$wpdb->site` for `WP_Network` objects based on domain, path, network ID, and (main) site ID.

Introduces and uses update_network_cache() and _prime_network_caches() to maintain a cached list of WP_Network objects for use in multiple queries.

Props flixos90.
See #32504.

Built from https://develop.svn.wordpress.org/trunk@37894


git-svn-id: http://core.svn.wordpress.org/trunk@37835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-28 21:27:30 +00:00
Dominik Schilling 60dc856d64 Posts: Introduce `WP_Post_Type` and use it in `register_post_type()` and `unregister_post_type()`.
This changes the global `$wp_post_types` to an array of `WP_Post_Type` objects. `WP_Post_Type` includes methods to handle post type supports, rewrite rules, meta boxes, hooks, and taxonomies.
Each post type argument becomes a property of `WP_Post_Type`.

Props swissspidy, flixos90.
Fixes #36217.
Built from https://develop.svn.wordpress.org/trunk@37890


git-svn-id: http://core.svn.wordpress.org/trunk@37831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-28 16:41:35 +00:00
Jeremy Felt 6f3f00ea97 Multisite: Change `WP_Network` `id` property to an integer.
For consistency and developer sanity.

Props flixos90.
Fixes #37050.

Built from https://develop.svn.wordpress.org/trunk@37870


git-svn-id: http://core.svn.wordpress.org/trunk@37811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-26 14:26:29 +00:00
Aaron Jorbin c918c1ede1 Bootstrap/Load. Adjust filters added in [37626].
These adjustments improve the documentation for the filters and adjust the names make them more consistent with other filters already in core.

See #34936.
Props DrewAPicture, ocean90, jorbin

Built from https://develop.svn.wordpress.org/trunk@37690


git-svn-id: http://core.svn.wordpress.org/trunk@37656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-12 02:43:27 +00:00
Aaron Jorbin cedaaaf779 Introduce filters for skipping parts of the bootstrap process
Non web interfaces with WordPress (such as wp-cli) need to be able to bypass certain checks in the bootstrap process. This introduces three new filters to allow for those checks to be skipped.

1. Provides a way of forcefully bypassing wp_maintenance().
2. Provides a way of forcefully bypassing wp_debug_mode(). See https://github.com/wp-cli/wp-cli/issues/177
3. Provide a way of forcefully skipping loading wp-content/advance-cache.php. See https://github.com/wp-cli/wp-cli/pull/164

These filters should not be used by plugins (in fact, they run before plugins are loaded, so they can't be used by plugins). In general, they should only be used in non-web interactions with WordPress.

See #34936.
Props jorbin, DrewAPicture.

Built from https://develop.svn.wordpress.org/trunk@37626


git-svn-id: http://core.svn.wordpress.org/trunk@37594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-02 18:47:27 +00:00
Aaron Jorbin 95cbf8922b Bootstrap/Load: Load plugin.php earlier in wp-settings.php
In order to allow non-web initializations of WordPress (such as through wp-cli) to modify things like the check for maintenance mode, plugins.php and the associated functions must be available much earlier. The use of these functions earlier than the loading of plugins is not recommended in most use cases.

Fixes #36819. See #34936.
Props jorbin, danielbachhuber for documentation.

Built from https://develop.svn.wordpress.org/trunk@37588


git-svn-id: http://core.svn.wordpress.org/trunk@37556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-27 19:20:29 +00:00
Boone Gorges df0c758e22 Introduce `WP_Term_Query` and use in `get_terms()`.
`WP_Term_Query` is modeled on existing query classes, such as those used
for comments and users. It provides a more consistent structure for generating
term queries, and should make it easier to add new functionality in the future.

Props flixos90, boonebgorges.
See #35381.
Built from https://develop.svn.wordpress.org/trunk@37572


git-svn-id: http://core.svn.wordpress.org/trunk@37540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-26 04:33:30 +00:00
Drew Jaynes e52762a725 Docs: Apply inline `@see` tags to hooks referenced in DocBlocks for root directory files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as hooks.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37536


git-svn-id: http://core.svn.wordpress.org/trunk@37504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 17:07:28 +00:00
Jeremy Felt 2dd1e72f10 Multisite: Introduce `WP_Site_Query`
Provides a consistent way to query `$wpdb->blogs` for `WP_Site` objects based on domain, path, site ID, network ID, and more.

Introduces and uses `update_site_cache()` and `_prime_site_caches()` to maintain a cached list of `WP_Site` objects for use in multiple queries.

Props spacedmonkey, flixos90, DrewAPicture, jeremyfelt, ocean90.
See #35791.

Built from https://develop.svn.wordpress.org/trunk@37477


git-svn-id: http://core.svn.wordpress.org/trunk@37445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-20 22:04:27 +00:00
Ryan McCue 37f6e6813a HTTP API: Replace internals with Requests library.
Requests is a library very similar to WP_HTTP, with a high level of unit test coverage, and has a common lineage and development team. It also supports parallel requests.

See #33055.

Built from https://develop.svn.wordpress.org/trunk@37428


git-svn-id: http://core.svn.wordpress.org/trunk@37394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-13 04:42:28 +00:00
Boone Gorges 571e14f897 More performance improvements to metadata lazyloading.
Comment and term meta lazyloading for `WP_Query` loops, introduced in 4.4,
depended on filter callback methods belonging to `WP_Query` objects. This meant
storing `WP_Query` objects in the `$wp_filter` global (via `add_filter()`),
requiring that PHP retain the objects in memory, even when the local variables
would typically be expunged during normal garbage collection. In cases where a
large number of `WP_Query` objects were instantiated on a single pageload,
and/or where the contents of the `WP_Query` objects were quite large, serious
performance issues could result.

We skirt this problem by moving metadata lazyloading out of `WP_Query`. The
new `WP_Metadata_Lazyloader` class acts as a lazyload queue. Query instances
register items whose metadata should be lazyloaded - such as post terms, or
comments - and a `WP_Metadata_Lazyloader` method will intercept comment and
term meta requests to perform the cache priming. Since `WP_Metadata_Lazyloader`
instances are far smaller than `WP_Query` (containing only object IDs), and
clean up after themselves far better than the previous `WP_Query` methods (bp
only running their callbacks a single time for a given set of queued objects),
the resource use is decreased dramatically.

See [36525] for an earlier step in this direction.

Props lpawlik, stevegrunwell, boonebgorges.
Fixes #35816.
Built from https://develop.svn.wordpress.org/trunk@36566


git-svn-id: http://core.svn.wordpress.org/trunk@36533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-17 22:58:26 +00:00
Dominik Schilling d1d90a3263 Make `$wp_local_package` explicitly global in wp-settings.php.
Props danielbachhuber.
Fixes #34975.
Built from https://develop.svn.wordpress.org/trunk@36557


git-svn-id: http://core.svn.wordpress.org/trunk@36524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-17 19:32:25 +00:00
Andrew Nacin 1579e45d41 Simplify the include graph after work to split out classes.
see #33413. More details there.

Built from https://develop.svn.wordpress.org/trunk@35718


git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00
John Blackbourn 43bc6dc931 Revert [35639] pending investigation into failures on PHP 5.2.
See #19455

Built from https://develop.svn.wordpress.org/trunk@35641


git-svn-id: http://core.svn.wordpress.org/trunk@35605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-16 00:54:28 +00:00
John Blackbourn 45658705f3 On servers running PHP <= 5.4 which have `magic_quotes_sybase` enabled, the superglobals need to be magic-quoted before `magic_quotes_sybase` is subsequently disabled to avoid incorrect un-slashing. This must surely effect a miniscule number of servers, but so be it.
Fixes #19455
Props summerblue, kurtpayne, lucatume

Built from https://develop.svn.wordpress.org/trunk@35639


git-svn-id: http://core.svn.wordpress.org/trunk@35603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-15 23:00:28 +00:00
Scott Taylor 00ade45fd1 Docs: some `@global object` vernaculars should be converted to the actual object type.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@35013


git-svn-id: http://core.svn.wordpress.org/trunk@34978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-10 15:45:25 +00:00
Jeremy Felt 554b1425ed Make `$blog_id` explicitly global.
`$blog_id` is used in both single and multisite configurations as a global variable, though has never been explicitly marked as such in the global scope. This can cause confusion depending on how core is loaded.

Fixes #34217.

Built from https://develop.svn.wordpress.org/trunk@34961


git-svn-id: http://core.svn.wordpress.org/trunk@34926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 21:45:25 +00:00
Ryan McCue 94e2352956 REST API: Introduce baby API to the world.
Baby API was born at 2.8KLOC on October 8th at 2:30 UTC. API has lots
of growing to do, so wish it the best of luck.

Thanks to everyone who helped along the way:

Props rmccue, rachelbaker, danielbachhuber, joehoyle, drewapicture,
adamsilverstein, netweb, tlovett1, shelob9, kadamwhite, pento,
westonruter, nikv, tobych, redsweater, alecuf, pollyplummer, hurtige,
bpetty, oso96_2000, ericlewis, wonderboymusic, joshkadis, mordauk,
jdgrimes, johnbillion, jeremyfelt, thiago-negri, jdolan, pkevan,
iseulde, thenbrent, maxcutler, kwight, markoheijnen, phh, natewr,
jjeaton, shprink, mattheu, quasel, jmusal, codebykat, hubdotcom,
tapsboy, QWp6t, pushred, jaredcobb, justinsainton, japh, matrixik,
jorbin, frozzare, codfish, michael-arestad, kellbot, ironpaperweight,
simonlampen, alisspers, eliorivero, davidbhayes, JohnDittmar, dimadin,
traversal, cmmarslender, Toddses, kokarn, welcher, and ericpedia.

Fixes #33982.

Built from https://develop.svn.wordpress.org/trunk@34928


git-svn-id: http://core.svn.wordpress.org/trunk@34893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 02:31:25 +00:00
Gary Pendergast 83c3e3e00e Embeds: Add oEmbed provider support.
For the past 6 years, WordPress has operated as an oEmbed consumer, allowing users to easily embed content from other sites. By adding oEmbed provider support, this allows any oEmbed consumer to embed posts from WordPress sites.

In addition to creating an oEmbed provider, WordPress' oEmbed consumer code has been enhanced to work with any site that provides oEmbed data (as long as it matches some strict security rules), and provides a preview from within the post editor.

For security, embeds appear within a sandboxed iframe - the iframe content is a template that can be styled or replaced entirely by the theme on the provider site.

Props swissspidy, pento, melchoyce, netweb, pfefferle, johnbillion, extendwings, davidbinda, danielbachhuber, SergeyBiryukov, afercia

Fixes #32522.


Built from https://develop.svn.wordpress.org/trunk@34903


git-svn-id: http://core.svn.wordpress.org/trunk@34868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 10:36:25 +00:00
Scott Taylor 2003bc15ba Multisite: in `wpmu_validate_blog_signup()`, pass `embed` to the array passed to `subdirectory_reserved_names`.
See #32522.

Built from https://develop.svn.wordpress.org/trunk@34853


git-svn-id: http://core.svn.wordpress.org/trunk@34818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 04:05:24 +00:00
Boone Gorges 0e7c1d3b14 Use `wp_installing()` instead of `WP_INSTALLING` constant.
The `WP_INSTALLING` constant is a flag that WordPress sets in a number of
places, telling the system that options should be fetched directly from the
database instead of from the cache, that WP should not ping wordpress.org for
updates, that the normal "not installed" checks should be bypassed, and so on.

A constant is generally necessary for this purpose, because the flag is
typically set before the WP bootstrap, meaning that WP functions are not yet
available.  However, it is possible - notably, during `wpmu_create_blog()` -
for the "installing" flag to be set after WP has already loaded. In these
cases, `WP_INSTALLING` would be set for the remainder of the process, since
there's no way to change a constant once it's defined. This, in turn, polluted
later function calls that ought to have been outside the scope of site
creation, particularly the non-caching of option data. The problem was
particularly evident in the case of the automated tests, where `WP_INSTALLING`
was set the first time a site was created, and remained set for the rest of the
suite.

The new `wp_installing()` function allows developers to fetch the current
installation status (when called without any arguments) or to set the
installation status (when called with a boolean `true` or `false`). Use of
the `WP_INSTALLING` constant is still supported; `wp_installing()` will default
to `true` if the constant is defined during the bootstrap.

Props boonebgorges, jeremyfelt.
See #31130.
Built from https://develop.svn.wordpress.org/trunk@34828


git-svn-id: http://core.svn.wordpress.org/trunk@34793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-05 15:06:28 +00:00
Scott Taylor 7c8c216bec HTTP: move classes into their own files, `http.php` loads the new files, so this is 100% BC if someone is loading `http.php` directly. New files created using `svn cp`.
`class-http.php` requires functions from `http.php`, so loading it by itself wouldn't have worked.

Creates: 
`class-wp-http-cookie.php` 
`class-wp-http-curl.php` 
`class-wp-http-encoding.php` 
`class-wp-http-proxy.php` 
`class-wp-http-streams.php` 
`http-functions.php` 

`WP_Http` remains in `class-http.php`.

`http.php` contains only top-level code. Class files only contain classes. Functions file only contains functions.

See #33413.

Built from https://develop.svn.wordpress.org/trunk@33748


git-svn-id: http://core.svn.wordpress.org/trunk@33716 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-26 03:55:21 +00:00
Scott Taylor ef87172270 `foreach` is a statement, not a function.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33734


git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
Andrew Ozz eaadfde950 Define `SCRIPT_DEBUG` early on every load, similarly to `WP_DEBUG`. Remove `defined( 'SCRIPT_DEBUG' )` checks.
Fixes #32333.
Built from https://develop.svn.wordpress.org/trunk@32935


git-svn-id: http://core.svn.wordpress.org/trunk@32906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-25 02:29:31 +00:00
Dominik Schilling 64fc7294b6 Use HTTPS URLs for codex.wordpress.org.
see #27115.
Built from https://develop.svn.wordpress.org/trunk@32116


git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
Sergey Biryukov c2260dc85b Remove obsolete inline comment.
props travisnorthcutt.
fixes #30924.
Built from https://develop.svn.wordpress.org/trunk@31056


git-svn-id: http://core.svn.wordpress.org/trunk@31037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-06 01:57:22 +00:00
Andrew Nacin 654e46f03d Tie cookies and nonces to user sessions so they may be invalidated upon logout.
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.

Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().

This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.

props duck_, nacin, mdawaffe.
see #20276.

Built from https://develop.svn.wordpress.org/trunk@29221


git-svn-id: http://core.svn.wordpress.org/trunk@29005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 09:13:15 +00:00
Scott Taylor ef436cb6e0 Revert [28563]. See #18298.
Built from https://develop.svn.wordpress.org/trunk@29044


git-svn-id: http://core.svn.wordpress.org/trunk@28832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-09 18:07:16 +00:00
Sergey Biryukov 7a47b7585d Move ms-load.php and ms-default-constants.php inclusion back to ms-settings.php to avoid breaking WP-CLI.
Use require_once() to allow for ms-settings.php to be included multiple times while testing.

props jeremyfelt.
see #27884.
Built from https://develop.svn.wordpress.org/trunk@28934


git-svn-id: http://core.svn.wordpress.org/trunk@28732 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-30 23:50:15 +00:00