Commit Graph

654 Commits

Author SHA1 Message Date
Gary Pendergast 9ff54f214f General: Add a `sanitize_textarea_field()` function.
Like its predecessor (`sanitize_text_field()`), `sanitize_textarea_field()` is a helper function to sanitise user input. As the name suggests, this function is for sanitising input from `textarea` fields - it strips tags and invalid UTF-8 characters, like `sanitize_text_field()`, but retains newlines and extra inline whitespace.

Props ottok, nbachiyski, chriscct7, pento.
Fixes #32257.


Built from https://develop.svn.wordpress.org/trunk@38944


git-svn-id: http://core.svn.wordpress.org/trunk@38887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 05:17:35 +00:00
Peter Wilson e73ba84b04 Emoji: Load polyfill responsibly.
Improve performance of Emoji tests and loading of the polyfill.

Reduces the number of tests to determine browser support for emoji to those most likely to fail. Adds the defer flag to the loaded scripts for browsers lacking support.

Props superpoincare for perf testing, peterwilsoncc.
Fixes #37817.

Built from https://develop.svn.wordpress.org/trunk@38869


git-svn-id: http://core.svn.wordpress.org/trunk@38812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-23 00:00:34 +00:00
Gary Pendergast 84aebb9896 Emoji: Add support for the upcoming Emoji 4 release.
Emoji 4 adds 32 new professions, (with variations for gender and skin tone), and updates 33 existing character for male and female variations.

Fixes #38113 for trunk.


Built from https://develop.svn.wordpress.org/trunk@38717


git-svn-id: http://core.svn.wordpress.org/trunk@38660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-04 03:24:30 +00:00
Sergey Biryukov c3ad13e72e I18N: Add support for Serbian crossed D in `remove_accents()`.
Props Krstarica for the report.
Fixes #38078.
Built from https://develop.svn.wordpress.org/trunk@38646


git-svn-id: http://core.svn.wordpress.org/trunk@38589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-23 00:07:29 +00:00
Gary Pendergast e1d553e20a Docs: Fix an outdated comment.
[38592] changed the functionality of `wpautop()`, but didn't update the associated comment to match.

Fixes #4857.


Built from https://develop.svn.wordpress.org/trunk@38593


git-svn-id: http://core.svn.wordpress.org/trunk@38536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-13 04:01:30 +00:00
Gary Pendergast 109ffb9390 Formatting: Add an extra line break before block elements in `wpautop()`.
`wpautop()` considers double line breaks to be the separator between block level HTML elements. By adding two line breaks before a block element, this allows us to process the text before a block element correctly.

Fixes #4857.


Built from https://develop.svn.wordpress.org/trunk@38592


git-svn-id: http://core.svn.wordpress.org/trunk@38535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-12 07:06:30 +00:00
Scott Taylor 9383bf8f74 General: use `get_bloginfo( 'version' )` instead of `global $wp_version` in several locations - excluding those locations which reload `version.php` mid-flight.
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38459


git-svn-id: http://core.svn.wordpress.org/trunk@38400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 05:49:37 +00:00
Scott Taylor 6a43b84454 Formatting: for a performance boost in `remove_accents()`, convert `chr()` calls to string literals.
Props gitlost.
Fixes #37643.

Built from https://develop.svn.wordpress.org/trunk@38359


git-svn-id: http://core.svn.wordpress.org/trunk@38300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 09:35:27 +00:00
Dominik Schilling ea6e749c71 Emoji: Update the Twemoji loader to include the rainbow flag.
[38179] added support for the rainbow flag to core, but platform compatibility is a bit strange, because the flag was defined out of sync with the usual Unicode release cycle. For example Android N supports all Unicode 9.0 emoji, but doesn't support the rainbow flag thus the rainbow flag isn't rendered.
The Twemoji loader already has an exception for flags - it'll load if the browser supports everything but flags, and then only replace flag emoji, leaving everything else as native rendering. To provide a seamless experience for all flags the loader now uses the rainbow flag to test flag support.

Props pento.
See #37543.
Fixes #37566.
Built from https://develop.svn.wordpress.org/trunk@38194


git-svn-id: http://core.svn.wordpress.org/trunk@38135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-04 20:51:31 +00:00
Sergey Biryukov 6182c9f805 Formatting: In `remove_accents()`, correct replacements for:
* Latin small letter n preceded by apostrophe
* Latin capital letter Eng
* Latin small letter Eng

Props gitlost.
Fixes #37564.
Built from https://develop.svn.wordpress.org/trunk@38193


git-svn-id: http://core.svn.wordpress.org/trunk@38134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-04 13:56:29 +00:00
Drew Jaynes 6cc13f0c54 Docs: Fix formatting, tense, verb conjugation, and other syntax for wp-includes/* elements introduced or changed in 4.6.
Part 1/2.

See #37318.

Built from https://develop.svn.wordpress.org/trunk@38121


git-svn-id: http://core.svn.wordpress.org/trunk@38062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-20 16:57:32 +00:00
Gary Pendergast 46ac7ac930 Emoji: Update to Unicode 9.0 emoji.
This includes a new test in the emoji loader, to see if the browser supports rendering Unicode 9.0 emoji, as well as an update to `twemoji.js`, to load Unicode 9.0 twemoji images.

The default CDN location for loading Twemoji images has changed, moving to a versioned subdirectory. This allows updates without needing to purge the CDN.

Fixes #37361.


Built from https://develop.svn.wordpress.org/trunk@38087


git-svn-id: http://core.svn.wordpress.org/trunk@38028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-18 07:35:39 +00:00
Sergey Biryukov 139387b7e5 Docs: Use 3-digit, x.x.x-style semantic versioning for `_doing_it_wrong()`, `_deprecated_function()`, `_deprecated_argument()`, and `_deprecated_file()` throughout core.
Props metodiew.
Fixes #36495.
Built from https://develop.svn.wordpress.org/trunk@37985


git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Jeremy Felt 6f3f00ea97 Multisite: Change `WP_Network` `id` property to an integer.
For consistency and developer sanity.

Props flixos90.
Fixes #37050.

Built from https://develop.svn.wordpress.org/trunk@37870


git-svn-id: http://core.svn.wordpress.org/trunk@37811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-26 14:26:29 +00:00
Joe McGill 2bdc11781d Media: Improve handling of extensionless filenames.
This ensures files retain a filename after sanitization.

Fixes 37111.
Built from https://develop.svn.wordpress.org/trunk@37756


git-svn-id: http://core.svn.wordpress.org/trunk@37721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 13:44:31 +00:00
Pascal Birchler a97f0a2c19 Permalinks: Validate custom permalink structures.
Custom permalink structures require at least one valid structure tag, e.g. `%postname%`. If none is included, it would leave users with broken permalinks.
Let's make sure this won't happen by validating the permalink structure.

Adds unit tests.

Props rockwell15 for initial patch.
Fixes #35936.
Built from https://develop.svn.wordpress.org/trunk@37747


git-svn-id: http://core.svn.wordpress.org/trunk@37712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-19 12:02:29 +00:00
Sergey Biryukov 54aafeedbe I18N: In `remove_accents()`, add support for `de_CH` and `de_CH_informal`.
Props grapplerulrich.
Fixes #37076.
Built from https://develop.svn.wordpress.org/trunk@37698


git-svn-id: http://core.svn.wordpress.org/trunk@37664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 17:44:30 +00:00
Peter Wilson 47d26cd9fb DOCS: Replace HTTP links with HTTPS.
Replaces unsecure links in documentation and translator comments with their secure versions.

Props johnpgreen, netweb

Fixes #36993

Built from https://develop.svn.wordpress.org/trunk@37674


git-svn-id: http://core.svn.wordpress.org/trunk@37640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 04:50:33 +00:00
Drew Jaynes 84cd369763 Docs: Add extensive documentation to the `remove_accents()` DocBlock outlining the accented characters core replaces.
Covers:
* Currency signs
* Decompositions for Latin-1 Supplement
* Decompositions for Latin Extended-A
* Decompositions for Latin Extended-B
* Vowels with diacritic (Chinese, Hanyu Pinyin)
* Characters replaced for the `de_DE`, `de_DE_formal`, and `da_DK` locales 

Props john_schlick for the initial work.
Props DrewAPicture, ocean90.

See #34677.

Built from https://develop.svn.wordpress.org/trunk@37669


git-svn-id: http://core.svn.wordpress.org/trunk@37635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-09 19:14:30 +00:00
Drew Jaynes d28f1a08ef Docs: Apply inline `@see` tags to hooks referenced in DocBlocks in a variety of wp-includes/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37543


git-svn-id: http://core.svn.wordpress.org/trunk@37511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 19:01:27 +00:00
Drew Jaynes 03b342f22d Docs: Standardize filter docs in wp-includes/formatting.php to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37515


git-svn-id: http://core.svn.wordpress.org/trunk@37483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:45:28 +00:00
Drew Jaynes f52a8cb1fa Docs: Remove/replace invalid inline `@link` tags in DocBlocks in wp-includes/*.
Fixes #36910.

Built from https://develop.svn.wordpress.org/trunk@37487


git-svn-id: http://core.svn.wordpress.org/trunk@37455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 17:39:28 +00:00
Peter Wilson a593be4403 Docs: Correct @since tag for Emoji SVG filters
See [37471]

Fixes #36525

Built from https://develop.svn.wordpress.org/trunk@37473


git-svn-id: http://core.svn.wordpress.org/trunk@37441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-20 06:15:27 +00:00
Peter Wilson 94290a843b Emoji: Use SVG in supported browsers
Use SVG images in supporting browsers, otherwise fall back to PNG images. Add the filters `emoji_svg_url` and `emoji_svg_ext`.

Introduces unit tests to check the Emoji CDN filters.

Fixes #36525

Built from https://develop.svn.wordpress.org/trunk@37471


git-svn-id: http://core.svn.wordpress.org/trunk@37439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-20 06:03:27 +00:00
Gary Pendergast 7349a7a60e Emoji: Allow emoji in `blogname` and `blogdescription` on `utf8` installs.
When the options table is set to `utf8` instead of `utf8mb4`, emoji will be stripped from the blog name and description when they're saved. Instead of stripping them, they can be encode as HTML entities.

Fixes #36122.


Built from https://develop.svn.wordpress.org/trunk@37469


git-svn-id: http://core.svn.wordpress.org/trunk@37437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-20 04:54:27 +00:00
Drew Jaynes b1804afeaf Docs: Standardize on 'backward compatibility/compatible' nomenclature in core inline docs.
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.

Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.

Props ocean90.
Fixes #36835.

Built from https://develop.svn.wordpress.org/trunk@37431


git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-13 18:41:31 +00:00
Weston Ruter 959f1a07a6 Customize/Formatting: Move `sanitize_hex_color()`, `sanitize_hex_color_no_hash()`, and `maybe_hash_hex_color()` from `class-wp-customize-manager.php` into `formatting.php`.
Adds missing braces.

See #33413.
Props downstairsdev, tollmanz.
Fixes #27583.

Built from https://develop.svn.wordpress.org/trunk@37283


git-svn-id: http://core.svn.wordpress.org/trunk@37249 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-21 19:22:27 +00:00
Gary Pendergast b43ee4b8fe Emoji: The diversity support test was incorrectly passing on all browsers.
[37028] missed some logic to capture the base emoji skin tone, to compare to the modified emoji skin tone. This caused all browsers to report that they supported skin tone modifiers, regardless of whether they actually did.

Fixes #36604 for trunk.


Built from https://develop.svn.wordpress.org/trunk@37256


git-svn-id: http://core.svn.wordpress.org/trunk@37222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-20 13:56:28 +00:00
Gary Pendergast e899cc7ae5 Emoji: The `everythingExceptFlag` browser support flag, introduced in [36816], wasn't being initialised correctly.
See #35300.


Built from https://develop.svn.wordpress.org/trunk@37029


git-svn-id: http://core.svn.wordpress.org/trunk@36996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-17 05:00:28 +00:00
Gary Pendergast 261aa938cf Emoji: Fix the diversity emoji check in Safari.
When the browser test for diversity emoji was added in [36160], it included a workaround for Chrome not being able to compare `Uint8ClampedArray` objects directly, by converting them to a string. Unfortunately, Safari doesn't support the `Uint8ClampedArray.toString()` method correctly, so the test was incorrectly failing in Safari.

Fixes #36266 for trunk.


Built from https://develop.svn.wordpress.org/trunk@37028


git-svn-id: http://core.svn.wordpress.org/trunk@36995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-17 04:54:26 +00:00
Dominik Schilling d8f3325c14 Docs: Correct grammar when referring to "a URL" vs "an URL" in several places.
Fixes #36218.
Built from https://develop.svn.wordpress.org/trunk@36970


git-svn-id: http://core.svn.wordpress.org/trunk@36938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-12 12:39:27 +00:00
Gary Pendergast 2c277e3952 Emoji: Clean up the emoji browser support tests.
As new sets of emoji are added to Unicode, and browsers add support for them at random intervals, we'll inevitably need to add new tests to the emoji loader. This change makes it much easier to add new tests as they're needed.

Fixes #35300.


Built from https://develop.svn.wordpress.org/trunk@36816


git-svn-id: http://core.svn.wordpress.org/trunk@36783 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-03 05:17:26 +00:00
Sergey Biryukov d115144857 Formatting: In `sanitize_title_with_dashes()`, convert `&nbsp`, `&ndash`, and `&mdash` HTML entities to hyphens on save.
Props polevaultweb for initial patch.
Fixes #31790.
Built from https://develop.svn.wordpress.org/trunk@36775


git-svn-id: http://core.svn.wordpress.org/trunk@36742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-29 04:42:27 +00:00
Dominik Schilling 529a53e903 Formatting: Avoid a PHP warning when `wptexturize()` is called with a trailing less-than symbol.
Props westonruter.
Fixes #35864.
Built from https://develop.svn.wordpress.org/trunk@36578


git-svn-id: http://core.svn.wordpress.org/trunk@36545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-18 20:31:27 +00:00
Drew Jaynes c1b837b47f Docs: Add a missing type to the return description for `map_deep()`.
Props sebastianpisula.
See #35700.

Built from https://develop.svn.wordpress.org/trunk@36488


git-svn-id: http://core.svn.wordpress.org/trunk@36455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-07 00:15:27 +00:00
Dion Hulse dddfbfa1d3 Emoji: Work around a `mod_security` rule which prevents pages with 4 or more instances of `String.fromCharCode(` from being served.
Fixes #35412 for trunk.

Built from https://develop.svn.wordpress.org/trunk@36359


git-svn-id: http://core.svn.wordpress.org/trunk@36326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-20 07:40:28 +00:00
John Blackbourn 877d14883e Emoji: Explictly use `https` as the scheme for emoji fallback images, as they're only served over HTTPS by the CDN anyway.
Fixes #35376
Props ocean90

Built from https://develop.svn.wordpress.org/trunk@36249


git-svn-id: http://core.svn.wordpress.org/trunk@36216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-10 01:24:26 +00:00
Gary Pendergast 5a0f8ca847 Emoji: Add a test to the emoji loader, to see if the browser supports emoji diversity. If it doesn't, fall back to twemoji.
See #33592.


Built from https://develop.svn.wordpress.org/trunk@36160


git-svn-id: http://core.svn.wordpress.org/trunk@36126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-03 04:26:27 +00:00
Pascal Birchler 2c9896e8d1 Comments: Don't nofollow links within the site.
Fixes #11360.
Built from https://develop.svn.wordpress.org/trunk@36125


git-svn-id: http://core.svn.wordpress.org/trunk@36091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-30 23:20:25 +00:00
Dion Hulse 85718ebf9a Allow `map_deep()` to work with object properties containing a reference. Restores the previous behaviour of `stripslashes_deep()`.
Props jeff@pyebrook.com, swissspidy.
See #22300, [35252].
Fixes #35058.

Built from https://develop.svn.wordpress.org/trunk@36100


git-svn-id: http://core.svn.wordpress.org/trunk@36065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-26 05:22:26 +00:00
Dion Hulse 2038a29352 Shortcodes: `=` is a reserved character in shortcode names, mark it as such.
This allows for shortcodes such as `[shortcode=attribute]` to work, which while never intentionally supported were widely used in the pre-shortcode days.

Props aaroncampbell.
Fixes #34939 for trunk.

Built from https://develop.svn.wordpress.org/trunk@36097


git-svn-id: http://core.svn.wordpress.org/trunk@36062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-26 04:46:28 +00:00
Gary Pendergast ba8b95cdbe Texturize: Transform `&` into `&` in tag attributes.
[35709] was overly broad, and stopped transforming `&` characters within tag attributes. So that sites aren't generating invalid HTML, we need to restore this functionality, while continuing to not transform `&` within blocked tags.

Fixes #35008 for trunk.


Built from https://develop.svn.wordpress.org/trunk@36036


git-svn-id: http://core.svn.wordpress.org/trunk@36001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-21 02:43:26 +00:00
Pascal Birchler 47306630ca Docs: Improve documentation for `format_for_editor()` and the `'the_editor_content'` filter it is hooked to.
Props AramZS for initial patch.
Fixes #34866.
Built from https://develop.svn.wordpress.org/trunk@35904


git-svn-id: http://core.svn.wordpress.org/trunk@35868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-13 19:22:26 +00:00
John Blackbourn a027edc277 Comments: The year is 2003. Permalinks are a new thing and everyone's using Blogger. It's a time when opening a modal window in JavaScript to view a section of a website is not a completely weird thing, although many users get annoyed by it. b2 has recently become WordPress, and with it comes a bunch of functionality that will become stale over the next decade, remnants of simpler times.
Twelve years later, after no fewer than three themes have intentionally implemented popup comments in their functionality, before being abandoned for at least the last six years, we've reached a time where we can put this era behind us. A time when we can remove comment popup functionality from WordPress.

If this breaks the internet, I'll eat my hat.

Fixes #28617

Built from https://develop.svn.wordpress.org/trunk@35848


git-svn-id: http://core.svn.wordpress.org/trunk@35812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-10 03:06:30 +00:00
John Blackbourn 8826804952 Formatting: Don't make links inside `<script>` and `<style>` tags clickable.
Fixes #30162
Props ninos-ego, adamsilverstein

Built from https://develop.svn.wordpress.org/trunk@35847


git-svn-id: http://core.svn.wordpress.org/trunk@35811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-09 23:55:32 +00:00
Pascal Birchler 331fdaf184 Docs: After [35314], fix the DocBlock for `url_shorten()`.
See #20166.
Built from https://develop.svn.wordpress.org/trunk@35813


git-svn-id: http://core.svn.wordpress.org/trunk@35777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-07 16:39:25 +00:00
Pascal Birchler 4ace55b0dc Docs: Add proper `@param` and `@return` tags for `capital_P_dangit()`.
Props timplunkett.
Fixes #34863.
Built from https://develop.svn.wordpress.org/trunk@35803


git-svn-id: http://core.svn.wordpress.org/trunk@35767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-06 22:02:27 +00:00
Konstantin Kovshenin e1966f061d Allow usage of angle brackets in a site title or tagline.
The whole string is escaped with `esc_html()` anyway, so we don't
need to `wp_kses_post()`. This is a better experience for users who
want to use angle brackets in their site title or description.
Does not allow any HTML, adds unit tests.

props BandonRandon, pauldewouters.
fixes #27942.

Built from https://develop.svn.wordpress.org/trunk@35788


git-svn-id: http://core.svn.wordpress.org/trunk@35752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-06 20:29:25 +00:00
Gary Pendergast a3cd85eefd Texturize: Only convert `&` to `&#038;` within text nodes.
Previously, `&` would be converted everywhere, which caused problems when it was converted within a `<script>`, for example.

`convert_chars()` is now removed from the `the_content` filter, as it was doing the same job as `wptexturize()`.

KSES correctly handles converting `&` within HTML attributes, so there's no need for `wptexturize()` and `convert_chars()` to do the same job.

Fixes #34698.


Built from https://develop.svn.wordpress.org/trunk@35709


git-svn-id: http://core.svn.wordpress.org/trunk@35673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-19 23:31:26 +00:00
Gary Pendergast d3f30288e9 Emoji: Use twemoji in browsers that don't support Unicode 8 emoji.
Some less advanced browsers are yet to add support for the important advances made in Unicode 8. Let's make ensure that their users can experience emoji in their full glory.

See #33592.


Built from https://develop.svn.wordpress.org/trunk@35606


git-svn-id: http://core.svn.wordpress.org/trunk@35570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 02:25:25 +00:00
Sergey Biryukov 5f16d19be7 Use the `MONTH_IN_SECONDS` constant added in [33698] for the month representation in `human_time_diff()` logic.
Props tyxla.
Fixes #34602.
Built from https://develop.svn.wordpress.org/trunk@35555


git-svn-id: http://core.svn.wordpress.org/trunk@35519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-06 16:34:26 +00:00
Sergey Biryukov a9d6fa9c7a Formatting: `wp_make_link_relative()` should return an empty string if no path is present in the link.
Props bcworkz, MikeHansenMe, chriscct7, SergeyBiryukov.
Fixes #26819.
Built from https://develop.svn.wordpress.org/trunk@35497


git-svn-id: http://core.svn.wordpress.org/trunk@35461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-03 21:36:25 +00:00
Scott Taylor d8eacd51d8 Media: add a new image size, `medium_large`. Bumps db version to add new options.
Adds unit tests.

Props DH-Shredder, joemcgill, azaozz.
Fixes #34196.

Built from https://develop.svn.wordpress.org/trunk@35479


git-svn-id: http://core.svn.wordpress.org/trunk@35443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-31 20:50:25 +00:00
Dion Hulse d63f346cbc Use `wp_parse_url()` in `esc_url()` to avoid parsing bugs in < PHP 5.4.7.
Props johnbillion for unit tests
See #34408
Fixes #34202

Built from https://develop.svn.wordpress.org/trunk@35370


git-svn-id: http://core.svn.wordpress.org/trunk@35334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-23 05:57:24 +00:00
Scott Taylor 8eb3de46c9 Formatting: move `url_shorten()` from `wp-admin/includes/misc.php` to `wp-includes/formatting.php` for more global access.
Adds unit tests.

Props mulvane, chriscct7.
Fixes #20166.

Built from https://develop.svn.wordpress.org/trunk@35314


git-svn-id: http://core.svn.wordpress.org/trunk@35280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 03:48:24 +00:00
Scott Taylor afe975d754 Formatting: allow date strings to be passed to `get_gmt_from_date()`, instead of requiring `'Y-m-d H:i:s'`.
Adds unit tests.

Props pbearne.
Fixes #34279.

Built from https://develop.svn.wordpress.org/trunk@35284


git-svn-id: http://core.svn.wordpress.org/trunk@35250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-20 06:08:25 +00:00
John Blackbourn 5576cd3978 Introduce `map_deep()`, a utility function that recursively maps a callable function to every item in an array or object. Works like `array_walk_recursive()` but works with objects too.
Updates `rawurlencode_deep()`, `urlencode_deep()`, and `stripslashes_deep()` to use `map_deep()`. Introduces `urldecode_deep()` for completeness.

Props wpmuguru, nbachiyski, boonebgorges, MikeHansenMe, chriscct7, realloc, johnbillion
Fixes #22300

Built from https://develop.svn.wordpress.org/trunk@35252


git-svn-id: http://core.svn.wordpress.org/trunk@35218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-17 23:26:24 +00:00
Drew Jaynes 217b661703 Docs: Add missing descriptions for the `$wpdb` global in DocBlocks all the places.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@35170


git-svn-id: http://core.svn.wordpress.org/trunk@35136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-14 23:44:25 +00:00
Scott Taylor d8e20fa273 Fotmatting: in `sanitize_file_name()`, escape `%` when uploads contain them, otherwise attachment URLs will unescape the char and break.
Adds unit tests.

Props mordauk, simonwheatley, dd32, solarissmoke.
Fixes #16226.

Built from https://develop.svn.wordpress.org/trunk@35122


git-svn-id: http://core.svn.wordpress.org/trunk@35087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-13 03:22:24 +00:00
John Blackbourn 6d21ed0d99 Avoid stripping square brackets from URLs, and instead correctly encode them. Square brackets must be encoded in the path, path parameters, query parameters, and fragment, but must not be encoded in anything up to the domain and port.
Adds tests.

Fixes #16859

Built from https://develop.svn.wordpress.org/trunk@34920


git-svn-id: http://core.svn.wordpress.org/trunk@34885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 23:39:23 +00:00
Drew Jaynes c6bbcdb256 Docs: Remove documentation for a phantom parameter not actually passed to the `is_email` filter.
The documentation error was introduced in [26485].

Props chrisvendiadvertisingcom.
Fixes #34097.

Built from https://develop.svn.wordpress.org/trunk@34770


git-svn-id: http://core.svn.wordpress.org/trunk@34735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-02 07:03:25 +00:00
Scott Taylor 7a0f8602f3 Shortcodes/Formatting: Add PCRE Performance Testing
* Move pattern from `wptexturize()` into a separate function.
* Move pattern from `wp_html_split()` into a separate function.
* Beautify code for `wp_html_split()`.
* Remove unnecessary instances of `/s` modifier in patterns that don't use dots.
* Add `tests/phpunit/data/formatting/whole-posts.php` for testing larger strings.
* Add function `benchmark_pcre_backtracking()`.
* Add tests for `wp_html_split()`.
* Add tests for `wptexturize()`.
* Add tests for `get_shortcode_regex()`.

Props miqrogroove.
Fixes #34121.

Built from https://develop.svn.wordpress.org/trunk@34761


git-svn-id: http://core.svn.wordpress.org/trunk@34726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-02 04:26:25 +00:00
Scott Taylor 99347fd96e Shortcodes: Fix PCRE performance bugs in `get_shortcode_regexp()` and related to `wptexturize()`, `do_shortcode()`, and `strip_shortcodes()`
Alters unit tests.

Props miqrogroove.
Fixes #33517.

Built from https://develop.svn.wordpress.org/trunk@34747


git-svn-id: http://core.svn.wordpress.org/trunk@34712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-01 18:05:25 +00:00
Drew Jaynes ec9ec3138e Formatting: Rename the `$richedit` parameter in `format_to_edit()` to `$rich_text`.
Previously, it was necessary to explain in a double-negative that `$richedit` being false would prevent `$content` from being passed through `esc_textarea()`. The updated `$rich_edit` name and documentation now better reflects the intent of the parameter.

Fixes #21613.

Built from https://develop.svn.wordpress.org/trunk@34727


git-svn-id: http://core.svn.wordpress.org/trunk@34691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-01 02:01:26 +00:00
John Blackbourn 5f09357c21 Revert r34674 due to failures on PHP < 5.4.
See #16859

Built from https://develop.svn.wordpress.org/trunk@34675


git-svn-id: http://core.svn.wordpress.org/trunk@34639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-29 01:01:24 +00:00
John Blackbourn eb352accc4 Avoid stripping square brackets from URLs, and instead correctly encode them.
Square brackets must be encoded in the path, path parameters, query parameters, and fragment, but must not be encoded in anything up to the domain and port.

Adds a bunch of tests, including square brackets in query parameters, IPv6 URLs, and several other permutations.

See #16859

Built from https://develop.svn.wordpress.org/trunk@34674


git-svn-id: http://core.svn.wordpress.org/trunk@34638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-29 00:41:24 +00:00
Scott Taylor 3c66bd6cb6 Sanitization: when falling back to (wait for it...) `$fallback` in `sanitize_html_class()`, sanitize it as well.
Props MikeHansenMe, wonderboymusic.
Fixes #30967.

Built from https://develop.svn.wordpress.org/trunk@34377


git-svn-id: http://core.svn.wordpress.org/trunk@34341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 04:31:25 +00:00
Scott Taylor c1c8b55617 Comments: in `wp_rel_nofollow_callback()`, account for the fact that a link might already have a `rel` attribute. Currently, if a link already has a `rel`, it will result it duplicate attributes on the element with conflicting values.
Adds unit tests.

Props junsuijin, wonderboymusic.
Fixes #9959.

Built from https://develop.svn.wordpress.org/trunk@34277


git-svn-id: http://core.svn.wordpress.org/trunk@34241 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-18 04:36:24 +00:00
Sergey Biryukov 61bef72b95 Fix a typo in `wptexturize()` and `wp_replace_in_html_tags()` comments.
Props bobbingwide.
See #15694.
Built from https://develop.svn.wordpress.org/trunk@34222


git-svn-id: http://core.svn.wordpress.org/trunk@34186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 05:54:26 +00:00
Scott Taylor 3a0db2a22f Fix the case-sensitivity of some HTTP class usage.
See #33413.

Built from https://develop.svn.wordpress.org/trunk@34123


git-svn-id: http://core.svn.wordpress.org/trunk@34091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 17:37:25 +00:00
Andrew Ozz 4e7dd2c4b1 Formatting: maintain the content of HTML comments when they contain `<object>` tags. Add more tests for wpaitop().
Props miqrogroove.
Fixes #33645 for trunk.
Built from https://develop.svn.wordpress.org/trunk@33955


git-svn-id: http://core.svn.wordpress.org/trunk@33924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-08 22:55:24 +00:00
John Blackbourn bdde0261bc Bail out early from `esc_url()` if the URL becomes empty after stripping out disallowed characters.
Fixes #28015
Props jesin for the unit test

Built from https://develop.svn.wordpress.org/trunk@33923


git-svn-id: http://core.svn.wordpress.org/trunk@33892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 21:29:25 +00:00
John Blackbourn 6aad2eb98c Correctly encode spaces in URLs passed to `esc_url()` instead of removing them.
Fixes #23605
Props enshrined, johnbillion

Built from https://develop.svn.wordpress.org/trunk@33858


git-svn-id: http://core.svn.wordpress.org/trunk@33826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-02 17:20:21 +00:00
Scott Taylor ef87172270 `foreach` is a statement, not a function.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33734


git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
Scott Taylor 3982598305 Doc block for`_wp_specialchars`: `$quote_style` can also be `string` ('single' or 'double')
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33700


git-svn-id: http://core.svn.wordpress.org/trunk@33667 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-21 18:36:24 +00:00
Andrew Ozz 2de7757124 Fix creating of extra `<br />` tags in both PHP and JS variants of wpautop(). Add PHP tests to catch similar problems in the future.
Props valendesigns, azaozz. Fixes #33377.
Built from https://develop.svn.wordpress.org/trunk@33624


git-svn-id: http://core.svn.wordpress.org/trunk@33591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-17 17:36:24 +00:00
Dominik Schilling 0e1476d078 Editor: word count: Remove indentation from the translator comment.
Avoids a duplicate comment in the POT file.

see #30966.
Built from https://develop.svn.wordpress.org/trunk@33517


git-svn-id: http://core.svn.wordpress.org/trunk@33484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-30 17:08:24 +00:00
Scott Taylor 15a7d98ce6 Protect newlines inside of `CDATA`. This was breaking things, notably inline JS that used comments for HTML standards compat.
* Tokenize newlines in `WP_Embed::autoembed()` before running `->autoembed_callback()`
* Tokenize newlines with placeholders in `wpautop()` 
* Introduce `wp_html_split()` to DRY the RegEx from `wp_replace_in_html_tags()` and `do_shortcodes_in_html_tags()`

Adds unit tests.

Props miqrogroove, kitchin, azaozz.
Fixes #33106.

Built from https://develop.svn.wordpress.org/trunk@33469


git-svn-id: http://core.svn.wordpress.org/trunk@33436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-28 23:03:24 +00:00
Ella Iseulde Van Dorpe 491c863f35 Editor: word count: better names for types.
Also fix it in wp_trim_words().

Fixes #30966.

Built from https://develop.svn.wordpress.org/trunk@33440


git-svn-id: http://core.svn.wordpress.org/trunk@33407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-27 11:19:26 +00:00
Scott Taylor d8e8ad4a2f Pinking shears.
Built from https://develop.svn.wordpress.org/trunk@33411


git-svn-id: http://core.svn.wordpress.org/trunk@33379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-24 17:27:24 +00:00
Gary Pendergast c3e0ed7e03 Shortcodes: Improve the reliablity of shortcodes inside HTML tags.
Props miqrogroove.

See #15694.


Built from https://develop.svn.wordpress.org/trunk@33359


git-svn-id: http://core.svn.wordpress.org/trunk@33331 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 05:15:25 +00:00
Scott Taylor 7c218ab59a After [33148]:
Don't nest `esc_attr()` and `htmlspecialchars()` when escaping the post title on the edit post screen.

Unrevert parts of [32851] and [32850].

Adds/alters unit tests.

Props miqrogroove.
Fixes #17780.

Built from https://develop.svn.wordpress.org/trunk@33271


git-svn-id: http://core.svn.wordpress.org/trunk@33243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 17:56:26 +00:00
Drew Jaynes 9e12c71872 Fix inline documentation syntax for two formatting functions added in 4.3.
* `wptexturize_primes()` See [32863]
* `format_for_editor()` See [32899]

See #32891.

Built from https://develop.svn.wordpress.org/trunk@33225


git-svn-id: http://core.svn.wordpress.org/trunk@33197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 21:30:24 +00:00
Andrew Ozz 4bd5e2db01 TinyMCE:
- Go back to encoding the editor content only when TinyMCE is used.
- Add check and encode `</textarea>` if present.
See #32425.
Built from https://develop.svn.wordpress.org/trunk@33187


git-svn-id: http://core.svn.wordpress.org/trunk@33159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 03:19:24 +00:00
Scott Taylor 6cc3a903d7 Revert [32851] and [32850] for now, tl;dr encoding issues.
See #17780.


Built from https://develop.svn.wordpress.org/trunk@33148


git-svn-id: http://core.svn.wordpress.org/trunk@33120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-09 20:56:24 +00:00
Aaron Jorbin 91712711eb Don't strip newline in esc_url() when protocol is mailto:
The mailto protocol is a bit different than the other protocols in that new lines are something you might realistically want to include. Includes tests to make sure that http protocol urls that contain mailto: aren't affected. Tests for stripping newlines in general already exist.

Fixes #31632
Props danielbachhuber


Built from https://develop.svn.wordpress.org/trunk@33064


git-svn-id: http://core.svn.wordpress.org/trunk@33035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-03 14:28:23 +00:00
Dominik Schilling 699dbedb03 l10n: Update `wp_get_installed_translations()` to support variants of a language.
* A variant of a language has its own locale, for example the locale of the formal variant of German is `de_DE_formal`.
* Update `remove_accents()` and some CSS rules to support `de_DE_formal`.
* Add tests for `get_bloginfo( 'language' )`.
* API changes will be deployed over the next few days.

see #28303.
Built from https://develop.svn.wordpress.org/trunk@33027


git-svn-id: http://core.svn.wordpress.org/trunk@32998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 15:43:24 +00:00
Konstantin Obenland c56a8ae0f7 Introducing Site Icon, favicon management for WordPress.
This v1 marries Jetpack's Site Icon module with the Media Modal, reusing code
from the Custom Header admin. For now, the core-provided icons will be limited
to a favicon, an iOS app icon, and a Windows tile icon, leaving `.ico` support
and additional icons to plugins to add.

Props obenland, tyxla, flixos90, jancbeck, markjaquith, scruffian.
See #16434.


Built from https://develop.svn.wordpress.org/trunk@32994


git-svn-id: http://core.svn.wordpress.org/trunk@32965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-29 12:58:25 +00:00
Andrew Ozz eaadfde950 Define `SCRIPT_DEBUG` early on every load, similarly to `WP_DEBUG`. Remove `defined( 'SCRIPT_DEBUG' )` checks.
Fixes #32333.
Built from https://develop.svn.wordpress.org/trunk@32935


git-svn-id: http://core.svn.wordpress.org/trunk@32906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-25 02:29:31 +00:00
Andrew Ozz baa8e833ff Fix typo/white space in the docs.
See #32425.
Built from https://develop.svn.wordpress.org/trunk@32900


git-svn-id: http://core.svn.wordpress.org/trunk@32871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 22:08:28 +00:00
Andrew Ozz e4758f42e5 Update the TinyMCE initialization:
- Replace `wp_htmledit_pre()` and `wp_richedit_pre()` with `format_for_editor()`.
- Replace the `'htmledit_pre'` and `'richedit_pre'` filters with `'format_for_editor'`.
- Do not run the post content through `wpautop()` in PHP when the visual editor is default. Run the textarea content through the JS wpautop on initializing TinyMCE.
- Simplify both editors initialization.
- Improve setting of `wpActiveEditor` in Quicktags.
- Improve editor.js, use `tinymce.$` when possible.
See #32425.
Built from https://develop.svn.wordpress.org/trunk@32899


git-svn-id: http://core.svn.wordpress.org/trunk@32870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 22:01:28 +00:00
Dominik Schilling 4423739c65 Use 3-digit x.x.x style for `4.3.0` @since versions.
see #32335, #32430.
Built from https://develop.svn.wordpress.org/trunk@32897


git-svn-id: http://core.svn.wordpress.org/trunk@32868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 11:41:26 +00:00
Andrew Ozz b9a4fefb08 Update convert_chars():
- Stop trying to remove `<title>` and `<category>` meta tags. They have not been used for many many years.
- Replacement of `<br>` with `<br />` and `<hr>` with `<hr />` is not needed for HTML 5.0. Also, these tags are formatted like that by the visual editor.
- Replace invalid HTML entities that might be pasted in the Text editor on save instead of on display.
Fixes #32335.
Built from https://develop.svn.wordpress.org/trunk@32896


git-svn-id: http://core.svn.wordpress.org/trunk@32867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 00:59:26 +00:00
Scott Taylor 777d3ba7e2 `wptexturize()` improvements:
* Make sure that strings ending with a number and quotation mark get the proper smart quotes
* Introduce `wptexturize_primes()`, a logic tree to determine whether or not "7'." represents seven feet, then converts the special char into either a prime char or a closing quote char.

Adds unit tests.

Props miqrogroove.
Fixes #29256.

Built from https://develop.svn.wordpress.org/trunk@32863


git-svn-id: http://core.svn.wordpress.org/trunk@32834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-19 20:06:25 +00:00
Andrew Ozz 503b80be0b Fix using `htmlspecialchars()` whit the `$double_encode` parameter. PHP < 5.4 doesn't validate the entities.
Props miqrogroove. Fixes #17780.
Built from https://develop.svn.wordpress.org/trunk@32851


git-svn-id: http://core.svn.wordpress.org/trunk@32822 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-19 01:53:26 +00:00
Scott Taylor d8c93a081d Since PHP 5.2.3, the `htmlspecialchars()` function has an optional `$double_encode` parameter, which we can now use. This will save us a few expensive kses/html decoding calls.
Adds unit tests.

Props miqrogroove.
Fixes #17780.

Built from https://develop.svn.wordpress.org/trunk@32850


git-svn-id: http://core.svn.wordpress.org/trunk@32821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-18 22:00:26 +00:00
Scott Taylor 5c6b63d3a6 `if` is a statment, not a function.
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32800


git-svn-id: http://core.svn.wordpress.org/trunk@32771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 20:01:25 +00:00
Scott Taylor efbb8fa4e5 Document the default list of allowed protocols in the doc block for `wp_allowed_protocols()` and cross-reference in `esc_url()` and the `kses_allowed_protocols` filter.
Props GunGeekATX.
Fixes #32421.

Built from https://develop.svn.wordpress.org/trunk@32797


git-svn-id: http://core.svn.wordpress.org/trunk@32768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 19:45:26 +00:00
Scott Taylor 362704ab9a `sanitize_option()` needs to handle `WP_Error`. DRY the conditional calls to `add_settings_error()`.
Props chriscct7 for an initial patch.
Fixes #32350.

Built from https://develop.svn.wordpress.org/trunk@32791


git-svn-id: http://core.svn.wordpress.org/trunk@32762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 01:29:27 +00:00
Scott Taylor 8df67cb188 Add a note to `wptexturize()` docs.
Props miqrogroove.
Fixes #32521.

Built from https://develop.svn.wordpress.org/trunk@32790


git-svn-id: http://core.svn.wordpress.org/trunk@32761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 00:57:24 +00:00