This commit aims to fix errors caused by incorrect usage of the `strncmp()` function inside the `WP_Theme_JSON::get_property_value()` method on PHP 8.1 and above.
Some history of the affected code:
* [50973] introduced the `WP_Theme_JSON::get_property_value()` method.
* [54162] removed the `$default` parameter from the `_wp_array_get()` call in the method.
With the latter change, the default value that is returned if the path does not exist within the array, or if `$array` or `$path` are not arrays, became `null` instead of an empty string. Since `null` would then be unintentionally passed to the `strncmp()` function further in the code, this caused ~35 errors in the test suite along the lines of:
{{{
1) Tests_Blocks_Editor::test_get_block_editor_settings_theme_json_settings
strncmp(): Passing null to parameter #1 ($string1) of type string is deprecated
/var/www/src/wp-includes/class-wp-theme-json.php:1754
/var/www/src/wp-includes/class-wp-theme-json.php:1641
/var/www/src/wp-includes/class-wp-theme-json.php:2066
/var/www/src/wp-includes/class-wp-theme-json.php:1002
/var/www/src/wp-includes/class-wp-theme-json.php:898
/var/www/src/wp-includes/global-styles-and-settings.php:140
/var/www/src/wp-includes/block-editor.php:421
/var/www/tests/phpunit/tests/blocks/editor.php:388
/var/www/vendor/bin/phpunit:123
}}}
This commit includes:
* Restoring the `$default` value for `_wp_array_get()` call.
* Adding an early return if the value is an empty string or `null`.
* Adding a dedicated unit test to ensure that the method returns a string for invalid paths or `null` values.
Follow-up to [50973], [54162].
Props antonvlasenko, jrf, imadarshakshat, SergeyBiryukov.
Fixes#56620.
Built from https://develop.svn.wordpress.org/trunk@54362
git-svn-id: http://core.svn.wordpress.org/trunk@53921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When running the full test suite locally via `npm run grunt phpunit` or `composer test`, it is not uncommon for the test run to exceed the Composer's default timeout, causing an error in the middle of the test output:
{{{
The process "..." exceeded the timeout of 300 seconds.
}}}
This commit disables the process timeout for the `composer test` command, allowing the test run to complete successfully.
Follow-up to [47881], [51016].
Props ironprogrammer, robinwpdeveloper, SergeyBiryukov.
Fixes#55919.
Built from https://develop.svn.wordpress.org/trunk@54355
git-svn-id: http://core.svn.wordpress.org/trunk@53914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [53941] database query caching was added to `WP_Query`. However on sites with persistent object caching enabled, this resulted in a high number of unnecessary cache set and adds being run on every request. Caches are not set, if the query cache already exists and is cached. Replace usage of `update_post_caches` with `_prime_post_caches` to ensure that only posts that are not in cache are primed.
Props spacedmonkey, peterwilsoncc, mukesh27.
See #22176.
Built from https://develop.svn.wordpress.org/trunk@54352
git-svn-id: http://core.svn.wordpress.org/trunk@53911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$path` parameter of some script translation functions had a default value of `null`, even though the parameter is documented as a string.
This commit corrects the default value for `$path` in:
* `WP_Dependency::set_translations()`
* `WP_Scripts::set_translations()`
* `wp_set_script_translations()`
Additionally, this commit removes an `is_string()` check for `$path` in `load_script_textdomain()`. Now that the default value for `$path` in that function has also been corrected to an empty string instead of `null`, that check is no longer necessary, as it would ''hide'' an error which should be ''fixed'' (at the source of the problem) instead.
Follow-up to [54349].
Props jrf, johnjamesjacoby.
See #55967, #55656.
Built from https://develop.svn.wordpress.org/trunk@54351
git-svn-id: http://core.svn.wordpress.org/trunk@53910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$path` parameter of `load_script_textdomain()` had a default value of `null`, but would be passed onto the `untrailingslashit()` function without any input validation, even though the latter explicitly only expects/supports a string input.
This commit changes the default value for `$path` to an empty string, and adds an `is_string()` check before passing the value to `untrailingslashit()` to fix the issue at the point where the invalid input is incorrectly (not) validated.
Note: Changing the `untrailingslashit()` function is outside the scope of this commit.
Includes:
* Adding a dedicated unit test for this issue.
* Correcting the default value for `$path` from `null` to an empty string in a few related methods and functions:
* `WP_Dependency::set_translations()`
* `WP_Scripts::set_translations()`
* `wp_set_script_translations()`
* `load_script_textdomain()`
This fix also allows to remove a couple of calls to `expectDeprecation()` in unrelated tests.
Fixes an error when running the test suite:
{{{
4) Tests_Dependencies_Scripts::test_wp_external_wp_i18n_print_order
rtrim(): Passing null to parameter #1 ($string) of type string is deprecated
/var/www/src/wp-includes/formatting.php:2782
/var/www/src/wp-includes/l10n.php:1068
/var/www/src/wp-includes/class.wp-scripts.php:605
/var/www/src/wp-includes/class.wp-scripts.php:320
/var/www/src/wp-includes/class.wp-dependencies.php:136
/var/www/src/wp-includes/functions.wp-scripts.php:109
/var/www/tests/phpunit/tests/dependencies/scripts.php:1505
/var/www/tests/phpunit/includes/utils.php:436
/var/www/tests/phpunit/tests/dependencies/scripts.php:1507
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [44169], [44607], [51968].
Props jrf, ocean90, Chouby, swissspidy, lovor, iviweb, meysamnorouzi, DarkoG, oneearth27, SergeyBiryukov.
Fixes#55967. See #55656.
Built from https://develop.svn.wordpress.org/trunk@54349
git-svn-id: http://core.svn.wordpress.org/trunk@53908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the `notoptions` key does not exist in a persistent object cache, it was requested hundreds of times until the first not-option is written.
This commit improves performance by setting the value to an empty array to prevent non-existent `notoptions` key from triggering multiple key lookups.
Follow-up to [4855], [14515].
Props tillkruess, dd32, spacedmonkey.
Fixes#56639.
Built from https://develop.svn.wordpress.org/trunk@54345
git-svn-id: http://core.svn.wordpress.org/trunk@53904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds missing escaping to some instances of `get_author_posts_url()` used in Twenty Ten, as per WordPress Coding Standards.
Props hztyfoon, robinwpdeveloper, mukesh27, rudlinkon, SergeyBiryukov, jakariaistauk.
Fixes#56674.
Built from https://develop.svn.wordpress.org/trunk@54344
git-svn-id: http://core.svn.wordpress.org/trunk@53903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This version adds support for `octokit/plugin-retry.js`, which retries requests automatically when `4xx` or `5xx` response codes are returned.
To start, the feature is configured to retry all `4xx` and `5xx` response codes, unless the server identifies as a teapot.
See #55652.
Built from https://develop.svn.wordpress.org/trunk@54342
git-svn-id: http://core.svn.wordpress.org/trunk@53901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures the text color selected for the text of the Table Block is reflected on the `thead` cells, on the figcaption and on the border below it. It also adds better consistency in headings cells padding.
Props umesh84, mukesh27, multidots1896, sabernhardt.
Fixes#56462.
Built from https://develop.svn.wordpress.org/trunk@54340
git-svn-id: http://core.svn.wordpress.org/trunk@53899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When calling `register_rest_route()`, the `args` parameter for a route should be an array of arrays. However, some plugins/themes have passed an array of strings or key-value pairs which produces a PHP warning when `array_intersect_key` is used to filter the array keys based on an allowed list of schema keywords.
This change adds a check of the `args` parameter to ensure it's an array of arrays, presenting a `_doing_it_wrong` if any element of `args` is not an array and restructuring to an array of arrays. This change also adds a unit test for the incorrect usage described above, expecting that a `_doing_it_wrong` is produced.
Props slaFFik, desrosj, apermo, AndrewNZ, aristath, poena, dovyp, timothyblynjacobs, Hinjiriyo, johnmark8080, nateallen.
Fixes#51986.
Built from https://develop.svn.wordpress.org/trunk@54339
git-svn-id: http://core.svn.wordpress.org/trunk@53898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Inside `WP_Community_Events::get_cached_events()`, `WP_Community_Events::get_events_transient_key()` is used to retrieve the transient key name, based on the user's location. However, the transient key can potentially return `false`, resulting in a call to `get_site_transient()` with the `$key` being `false`.
This change first attempts to evaluate and guard against a `false` return from `WP_Community_Events::get_events_transient_key()`. The result is an early `false` return from `WP_Community_Events::get_cached_events()`.
Props malthert, rafiahmedd, audrasjb, costdev.
Fixes#55888.
Built from https://develop.svn.wordpress.org/trunk@54338
git-svn-id: http://core.svn.wordpress.org/trunk@53897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When replying to a comment and nothing has yet been entered for the reply content, clicking "Reply" or "Quick Edit" on another comment presents the "Are you sure..." prompt indicating there are unsaved changes in the reply content. However, if nothing is entered, this prompt should not be displayed.
This change implements a new check to determine if any text has been entered by the user before deciding to show the "Are you sure..." prompt.
Props cu121, mkox, azouamauriac, hasanuzzamanshamim, pls78, faisal03, rafiahmedd.
Fixes#54990.
Built from https://develop.svn.wordpress.org/trunk@54334
git-svn-id: http://core.svn.wordpress.org/trunk@53893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After discussions with the Editor Tech leads for 6.1(@bernhard-reiter, @cbravobernal, and @ndiego) and additional guidance from @hellofromtonya, the decision has been made to exclude [https://github.com/WordPress/gutenberg/pull/43862 Gutenberg PR #43862] from the pre-Beta 2 Gutenberg sync PR and revert [54280]. Why? [54280] added the feature's PHP code, but the JS package updates were not included before feature freeze(Beta 1), meaning the feature was incomplete. As the PHP code does not work without the JS package update, the feature is incomplete and missed the feature freeze deadline.
Leaving the PHP code was discussed. However, there is a risk of it needing to change which could complicate backwards compatibility in 6.2 when the feature is eventually introduced.
Follow-up to [54280].
Props hellofromTonya, bernhard-reiter, cbravobernal.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54333
git-svn-id: http://core.svn.wordpress.org/trunk@53892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After some further discussion, it is apparent that the added clarity was subjective, and the `_screen` suffix may not always be appropriate, e.g. in Ajax context. To address any confusion with the existing names, the documentation for these functions can be updated instead.
Additionally, the `is_super_admin_user()` alias for `is_super_admin()` is reverted as well, which may be reconsidered in the future.
Follow-up to [54259].
Props azaozz, jrf, johnbillion, manfcarlo, Clorith.
See #56400.
Built from https://develop.svn.wordpress.org/trunk@54332
git-svn-id: http://core.svn.wordpress.org/trunk@53891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When setting an RTL language under Settings → General, some RTL stylesheets were not loaded, with LTR stylesheets being loaded instead, meaning that some blocks were not displayed correctly.
This commit ensures that all appropriate RTL stylesheets are loaded when selecting an RTL language.
Additionally, this commit improves performance by only running a `file_exists()` check for an RTL stylesheet if `is_rtl()` returns true, i.e. an RTL locale is selected.
Follow-up to [49982], [50836].
Props zoonini, sabernhardt, maahrokh, ankit-k-gupta, aristath, poena, SergeyBiryukov.
See #56325.
Built from https://develop.svn.wordpress.org/trunk@54330
git-svn-id: http://core.svn.wordpress.org/trunk@53889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The user meta `context` property in `wp_register_persisted_preferences_meta()` was incorrectly configured. It should be part of the `schema` array, not the `show_in_rest` array.
Follow-up to [54182].
Props talldanwp, dd32.
Fixes#56665. See #56467.
Built from https://develop.svn.wordpress.org/trunk@54329
git-svn-id: http://core.svn.wordpress.org/trunk@53888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are no code changes to the library in this release.
Updating to the latest version for WordPress 6.1 ensures security scanners do not incorrectly flag sites as potentially insecure for having out of date libraries.
Fixes#56030.
Built from https://develop.svn.wordpress.org/trunk@54328
git-svn-id: http://core.svn.wordpress.org/trunk@53887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `register_block_style_handle()` function runs ~200 times on each page load. Each time it runs, we call `get_theme_file_path()` and then run it through `wp_normalize_path()`.
`get_theme_file_path()` calls a few other functions: `get_stylesheet_directory()`, `get_stylesheet()`, `get_option()`, and there's a bunch of filters that run on each iteration of that, without ever changing.
By caching the value in a static variable, we can avoid ~200 calls on many functions and filters, improving performance.
Follow-up to [53091], [54290], [54291], [54309].
Props aristath, mukesh27.
Fixes#56666.
Built from https://develop.svn.wordpress.org/trunk@54327
git-svn-id: http://core.svn.wordpress.org/trunk@53886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures the value of the search engine checkbox is not reset to its default value when a faulty form is sent in the Install screen.
Props ramon-fincken, audrasjb, whaze, rafiahmedd, khokansardar, costdev, ankit-k-gupta.
Fixes#55900.
Built from https://develop.svn.wordpress.org/trunk@54326
git-svn-id: http://core.svn.wordpress.org/trunk@53885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the Site Health message said "The WP_AUTO_UPDATE_CORE constant is defined and enabled" when in fact the constant was defined and disabled using `define( 'WP_AUTO_UPDATE_CORE', false );`.
This changeset improves the message by providing the value of the constant. For example: "The WP_AUTO_UPDATE_CORE constant is defined as false".
Props johnbillion, chrisbudd1, robinwpdeveloper, audrasjb, Clorith.
Fixes#51041.
Built from https://develop.svn.wordpress.org/trunk@54325
git-svn-id: http://core.svn.wordpress.org/trunk@53884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[54155] broke loading of style.css files, namely it was enqueuing style.css files that don't exist on the frontend, which lead to 404 HTTO errors. All these style.css files don't exist for core blocks as they should be registered style handlers without a file path.
Follow-up to [54155].
Props tobiasbg, nendeb55.
Fixes#56408, #56614.
Built from https://develop.svn.wordpress.org/trunk@54323
git-svn-id: http://core.svn.wordpress.org/trunk@53882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add strings for use in future maintenance/security releases to indicate the security support status of the version of WordPress.
Two strings are introduced:
* indicating the version of WordPress is not receiving security updates, and,
* indicating the version of WordPress will shortly stop receiving security updates.
This change does not make use of the strings, the purpose is to make them available to translators prior to dropping support of selected versions of WordPress.
Props costdev, chesio, robinwpdeveloper, desrosj, rudlinkon, mukesh27, sumitbagthariya16.
See #56532.
Built from https://develop.svn.wordpress.org/trunk@54322
git-svn-id: http://core.svn.wordpress.org/trunk@53881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `wp_xmlrpc_server::_insert_post()` method creates a new post via `wp_insert_post()` or updates an existing one via `wp_update_post()`, which subsequently calls `wp_insert_post()`. However, the default/fallback values used in the function were not in line with the default/fallback values used in the `wp_insert_post()` function.
The `wp_insert_post()` function does a `wp_parse_args()` (array merge) of the received arguments with the defaults. If any of the received arguments are `null`, this would overwrite the default value, as seen in [https://3v4l.org/bfVlv array_merge() example], and lead to "passing null to non-nullable" deprecation notices on PHP 8.1 for certain arguments.
Unfortunately, the conditional logic within the `wp_xmlrpc_server::_insert_post()` function itself often uses an `isset()` to trigger certain code blocks, so syncing the defaults with those used in the `wp_insert_post()` function was not an option.
This commit:
* Updates the default/fallback values in the `$defaults` array only for those values where this would not lead to a change in the behavior of the function.
* Adds a safeguard function, filtering out all remaining `null` values from the `$post_data` array before it is passed on to the `wp_insert_post()` or `wp_update_post()` functions. Removing those values is safe as this means that these array keys will now:
* either be set to the default/fallback value as defined in `wp_insert_post()`.
* or not be set and for those values which don't have a default/fallback value in `wp_insert_post()`, the function does an `! empty()` or `isset()` check anyway and those array keys not being defined means that the result of those checks will remain the same.
Includes
* Removing a couple of conditions which are now redundant.
* Removing an `expectDeprecation()` in the `Tests_Date_XMLRPC` test class, which is now no longer needed.
Fixes various errors along the lines of:
{{{
36) Tests_XMLRPC_wp_newPost::test_no_content
json_decode(): Passing null to parameter #1 ($json) of type string is deprecated
/var/www/src/wp-includes/kses.php:2074
/var/www/src/wp-includes/class-wp-hook.php:307
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:1683
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:1347
/var/www/tests/phpunit/tests/xmlrpc/wp/newPost.php:25
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [1563], [4793], [7900], [16824], [19848], [19873], [20632], [40677], [51968], [54320].
Props jrf.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54321
git-svn-id: http://core.svn.wordpress.org/trunk@53880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `wp_xmlrpc_server::mw_newPost()` method creates a new post via `wp_insert_post()`, but the default/fallback values used in the function were not in line with the default/fallback values used in the `wp_insert_post()` function.
The `wp_insert_post()` function does a `wp_parse_args()` (array merge) of the received arguments with the defaults. If any of the received arguments are `null`, this would overwrite the default value, as seen in [https://3v4l.org/bfVlv array_merge() example], and lead to "passing null to non-nullable" deprecation notices on PHP 8.1 for certain arguments.
This commit:
* Ensures that all arguments are defined before they are `compact()`'ed together to the arguments array.
* Verifies that the default/fallback value of the arguments as set within the `wp_xmlrpc_server::mw_newPost()` method are the same as the default/fallback values used in the `wp_insert_post()` function.
* Verifies that arguments which do not have a default/fallback value defined in the `wp_insert_post()` function are handled correctly.
* This was not the case for `$post_name`, which would previously already get an empty string default value in the `wp_xmlrpc_server::mw_newPost()` function, but then in the `wp_insert_post()` function, this would prevent the slug generation from being activated. Fixed now by setting the default in the `wp_xmlrpc_server::mw_newPost()` function to `null`.
* The `page_template` argument was handled, but not documented in the `wp_insert_post()` function. The argument is now documented in the `wp_insert_post()` function DocBlock. Note: There are more than likely several other potential arguments missing from that list, but verifying the whole list is outside the scope of this particular commit.
Includes minor simplifications, such as:
* Setting a default ahead of an `if`, instead of in an `else` clause (as long as no function call is needed to set the default).
* Removing the unnecessary logic duplication in the `$post_status` switch.
* Using a combined concatenation + assignment operator for adding `$post_more`.
Fixes various errors along the lines of:
{{{
1) Tests_XMLRPC_mw_editPost::test_draft_not_prematurely_published
strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated
/var/www/src/wp-includes/formatting.php:2497
/var/www/src/wp-includes/class-wp-hook.php:308
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:5616
/var/www/tests/phpunit/tests/xmlrpc/mw/editPost.php:315
...
23) Tests_XMLRPC_mw_editPost::test_draft_not_prematurely_published
json_decode(): Passing null to parameter #1 ($json) of type string is deprecated
/var/www/src/wp-includes/kses.php:2074
/var/www/src/wp-includes/class-wp-hook.php:307
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:5615
/var/www/tests/phpunit/tests/xmlrpc/mw/editPost.php:315
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [1563], [4793], [7900], [16824], [19848], [40677], [51968].
Props jrf.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54320
git-svn-id: http://core.svn.wordpress.org/trunk@53879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[54248] reversed the wrapping of `do_shortcode` and `apply_shortcodes` and updated all direct internal calls of `do_shortcode` to `apply_shortcodes` after [47004]. After further consideration, the long history of `do_shortcodes` should be favored over any subjective semantic improvements. This change reverts the remaining changes from #55883 not already reverted in [54278].
Follow-up to [47004], [54248], and [54278].
Props azaozz, jorbin.
See #55883.
Built from https://develop.svn.wordpress.org/trunk@54319
git-svn-id: http://core.svn.wordpress.org/trunk@53878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Not all requests are accompanied by a `$request['email']`. This leads to a PHP 8.1 "passing null to non-nullable" deprecation notice when the `WP_REST_Users_Controller::update_item()` method passes a `null` email address onto `email_exists()`, which eventually reached the `WP_User::get_data_by()` method where things go wrong.
In the next condition in the code of the `WP_REST_Users_Controller::update_item()` method - `if ( $owner_id && $owner_id !== $id )` - you can see that the code already takes this into account as it will not throw a `WP_Error` if `$owner_id` is falsey.
`WP_User::get_data_by()` returns `false` for a failed field request. The other functions through which the return value is passed through, do the same.
So, by setting a default value for `$owner_id` of `false` and only checking `email_exists()` when there is an email to check, the "passing null to non-nullable" deprecation notice is bypassed without breaking BC.
Fixes a whole slew of test errors along the lines of:
{{{
6) WP_Test_REST_Users_Controller::test_update_item_en_US_locale
trim(): Passing null to parameter https://github.com/WordPress/wordpress-develop/pull/1 ($string) of type string is deprecated
/var/www/src/wp-includes/class-wp-user.php:211
/var/www/src/wp-includes/pluggable.php:105
/var/www/src/wp-includes/user.php:1953
/var/www/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:728
/var/www/src/wp-includes/rest-api/class-wp-rest-server.php:1143
/var/www/src/wp-includes/rest-api/class-wp-rest-server.php:990
/var/www/tests/phpunit/includes/spy-rest-server.php:67
/var/www/tests/phpunit/tests/rest-api/rest-users-controller.php:1719
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [44641], [38832].
Props jrf.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54317
git-svn-id: http://core.svn.wordpress.org/trunk@53876 1a063a9b-81f0-0310-95a4-ce76da25c4cd