Commit Graph

18930 Commits

Author SHA1 Message Date
Peter Wilson 0b9c7b7cdf Site Health: Update loopback test to `POST` to wp-cron.
Replace loopback health check URL with a `POST` request to `wp-cron.php` in the WordPress install directory. This more closely represents how WordPress uses loopback requests.

A `POST` request is used to cause `wp-cron.php` to exit prior to running any cron jobs. This allows the test to indicate success quicker and accounts for sites that set the `DISABLE_WP_CRON` constant to avoid running cron jobs on loopback requests.

Props clorith, peterwilsoncc, TimothyBlynJacobs.
Fixes #52547.


Built from https://develop.svn.wordpress.org/trunk@50399


git-svn-id: http://core.svn.wordpress.org/trunk@50010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-22 00:51:09 +00:00
Sergey Biryukov 17fa3f6b6d I18N: Remove extra spaces from translatable strings in Privacy help tabs.
Follow-up to [50147].

Props tobifjellner.
Fixes #52583.
Built from https://develop.svn.wordpress.org/trunk@50398


git-svn-id: http://core.svn.wordpress.org/trunk@50009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-21 16:04:11 +00:00
Sergey Biryukov 50f8dafe17 Users: Correctly display an error message after clicking the "Send Reset Link" button.
The `addInlineNotice()` function expects a single string as a success or error message, not an array of strings.

Follow-up to [50129].

Props audrasjb.
Fixes #52573.
Built from https://develop.svn.wordpress.org/trunk@50390


git-svn-id: http://core.svn.wordpress.org/trunk@50001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-19 17:24:05 +00:00
ryelle 6e895528e7 Customizer: Bring admin color schemes back into the customizer.
In #50547, the admin color schemes were added to the customizer UI, but at some point specificity changed and the colors were overridden by the defaults. This brings the color schemes back into the customizer, using the button color as a highlight, with the link color for text to keep things readable.

Follow up to [48371].
Props audrasjb, peterwilsoncc.
Fixes #52230.


Built from https://develop.svn.wordpress.org/trunk@50386


git-svn-id: http://core.svn.wordpress.org/trunk@49997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-18 16:51:05 +00:00
ryelle 369c43ff2e Administration: Apply background color to updated message in plugin list table.
Follow-up to [50025].
Props afragen.
Fixes #52452.


Built from https://develop.svn.wordpress.org/trunk@50385


git-svn-id: http://core.svn.wordpress.org/trunk@49996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-18 15:16:03 +00:00
Peter Wilson c6af819b3a Site Health: Use home page for loopback test.
Use `home_url()` for asynchronous loopback test to ensure correct results on sites with WordPress installed elsewhere, for example WordPress in a sub-directory.

Props Levdbas.
Fixes #52547.


Built from https://develop.svn.wordpress.org/trunk@50381


git-svn-id: http://core.svn.wordpress.org/trunk@49992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-17 23:10:04 +00:00
Sergey Biryukov dcbe3cb7b8 Privacy: Suggest `wp_add_privacy_policy_content()` as an alternative for the deprecated `wp_get_default_privacy_policy_content` hook.
Follow-up to [50161].

See #49264.
Built from https://develop.svn.wordpress.org/trunk@50374


git-svn-id: http://core.svn.wordpress.org/trunk@49985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-17 12:45:04 +00:00
Sergey Biryukov f331ff5a7a Docs: Correct the alternative hook name for the deprecated `whitelist_options` hook.
Follow-up to [48121].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@50373


git-svn-id: http://core.svn.wordpress.org/trunk@49984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-17 12:42:03 +00:00
Sergey Biryukov 8080762e93 External Libraries: Further fix jQuery deprecations in WordPress core.
This addresses `JQMIGRATE` warnings in some admin files and the Thickbox library.

Follow-up to [50001], [50270].

Props bordoni, poena.
See #51812.
Built from https://develop.svn.wordpress.org/trunk@50367


git-svn-id: http://core.svn.wordpress.org/trunk@49978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-16 20:25:03 +00:00
Sergey Biryukov b50e49f5c1 Accessibility: Taxonomy: Correct keyboard navigation for the Tags meta box in classic editor.
Props sabernhardt, almendron, jose64, alexstine, joedolson, ryokuhi.
Fixes #52408.
Built from https://develop.svn.wordpress.org/trunk@50363


git-svn-id: http://core.svn.wordpress.org/trunk@49974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-16 20:04:07 +00:00
Sergey Biryukov e99d544215 Administration: Apply the `months_dropdown_results` filter separately from `pre_months_dropdown_query`.
Follow-up to [50163].

Props hellofromTonya.
Fixes #51660.
Built from https://develop.svn.wordpress.org/trunk@50362


git-svn-id: http://core.svn.wordpress.org/trunk@49973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-16 19:58:05 +00:00
John Blackbourn 6cb1eaa583 Posts, Post Types: Update the styling of the legacy Links editing screen.
This brings its styling inline with other meta boxes in the admin area.

Props antonlukin, kburgoine, grzim, sabernhardt, pbiron, audrasjb

Fixes #48782

Built from https://develop.svn.wordpress.org/trunk@50357


git-svn-id: http://core.svn.wordpress.org/trunk@49968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-16 18:50:03 +00:00
Sergey Biryukov dbaee6b550 Filesystem API: Make sure to only call `fread()` on non-empty files in the PclZip library.
This avoids a fatal error on PHP 8 caused by passing a zero value to `fread()` as the `$length` argument, which must be greater than zero.

Props yakimun, fierevere, jrf, DavidAnderson, SergeyBiryukov.
Fixes #52018.
Built from https://develop.svn.wordpress.org/trunk@50355


git-svn-id: http://core.svn.wordpress.org/trunk@49966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-16 18:42:03 +00:00
gziolo 135a35fd04 Blocks: Add missing apiVersion field when preparing server-registered blocks for the block editor
When working on changes to @wordpress/create-block tool (https://github.com/WordPress/gutenberg/pull/28883) to use register_block_type_from_metadata with block.json file in the templates for scaffolded blocks I run into this issue where apiVersion wasn't exposed from the server.

Fixes #52512.


Built from https://develop.svn.wordpress.org/trunk@50297


git-svn-id: http://core.svn.wordpress.org/trunk@49942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-12 16:00:06 +00:00
Sergey Biryukov 463df820f8 Block Editor: Remove extra quotes from the default font stack for editor styles.
Follow-up to [50155].

Props dd32, Joen, kafleg.
Fixes #46169.
Built from https://develop.svn.wordpress.org/trunk@50295


git-svn-id: http://core.svn.wordpress.org/trunk@49940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-12 07:55:06 +00:00
Peter Wilson 0f251cdd90 Canonical: Rename `wp_force_plain_ugly_permalink()` to match UI terminology.
Rename `wp_force_plain_ugly_permalink()` to `wp_force_plain_post_permalink()` to match terminology used in the WordPress dashboard.

Follow up to [50132].
Props SergeyBiryukov.
Fixes #5272.


Built from https://develop.svn.wordpress.org/trunk@50282


git-svn-id: http://core.svn.wordpress.org/trunk@49927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-10 05:40:07 +00:00
ryelle 10d1280ff3 Administration: Update color contrast on UI elements.
The color palette changes in #49999 introduced some contrast issues on buttons, input elements, and links. This change ensures that all interactive elements have an appropriate contrast ratio.

Follow-up to [50025].
Props audrasjb, joedolson.
Fixes #52402.


Built from https://develop.svn.wordpress.org/trunk@50278


git-svn-id: http://core.svn.wordpress.org/trunk@49923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-09 19:47:03 +00:00
Sergey Biryukov 4fd440cd5c External Libraries: Further fix jQuery deprecations in WordPress core.
This addresses `JQMIGRATE` warnings in the `image-edit.js` library and the `imgAreaSelect` jQuery plugin

Follow-up to [50001].

Props Clorith, poena, dariak, jeroenrotty.
See #51812.
Built from https://develop.svn.wordpress.org/trunk@50270


git-svn-id: http://core.svn.wordpress.org/trunk@49915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-09 16:45:06 +00:00
Sergey Biryukov 19ce835654 Docs: Update some recently added inline comments per the documentation standards.
Follow-up to [50256], [50258], [50259].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@50264


git-svn-id: http://core.svn.wordpress.org/trunk@49909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-09 12:34:06 +00:00
Sergey Biryukov ea2ff553e9 Site Health: Clarify the recommendation in file uploads test when `post_max_size` is defined as `0`.
This adds a more descriptive text in scenarios where `post_max_size` and `upload_max_filesize` differ, and `post_max_size` is set to a value of `0`.

In some scenarios, PHP may read `0` as a literal zero size, and not as unlimited, which it also means in other scenarios.

See https://www.php.net/manual/en/ini.core.php#ini.post-max-size for details, as PHP 5.3.4 introduced this behavior for literal zero interpretation when the content type of a request is `application/x-www-form-urlencoded` or is not registered with PHP.

Props Clorith, pixolin, helen, ratneshk.
Fixes #51466.
Built from https://develop.svn.wordpress.org/trunk@50263


git-svn-id: http://core.svn.wordpress.org/trunk@49908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-09 12:05:07 +00:00
antpb 19dbb952f3 Media: Allow `post_date` to be respected in `media_handle_sideload()`.
Previously, date information was unable to be changed when using `media_handle_sideload()`. 

Now you can override the date for a media item using `$post_data['post_date']` before using the function.

Props jamesgol, mukesh27, SergeyBiryukov, hellofromTonya, Mista-Flo.
Fixes #50972.

Built from https://develop.svn.wordpress.org/trunk@50258


git-svn-id: http://core.svn.wordpress.org/trunk@49903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-08 23:22:04 +00:00
Dominik Schilling 219d92f75b Block Editor: Use a unique name for the nonce of the custom fields toggle form.
Avoids a browser warning for having two elements with a non-unique id `#_wpnonce` on the post edit screen.

See #23165.
Fixes #51483.
Props vandestouwe, Mista-Flo.
Built from https://develop.svn.wordpress.org/trunk@50255


git-svn-id: http://core.svn.wordpress.org/trunk@49900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-08 21:39:16 +00:00
ryelle 591845b4c9 Privacy: Update colors to match new color palette.
Follow-up to [50161].
Props xkon.
Fixes #52436.


Built from https://develop.svn.wordpress.org/trunk@50238


git-svn-id: http://core.svn.wordpress.org/trunk@49899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-08 19:15:06 +00:00
ryelle d4e4828d0a Administration: Fix background color of plugin update row on small screens.
When the color change was done, the background of plugins with updates had to be manually changed. This section was missed, which caused a visual bug. This fix also removes some redundant CSS for the same element.

Follow-up to [50025].
Props afragen.
Fixes #52452.


Built from https://develop.svn.wordpress.org/trunk@50237


git-svn-id: http://core.svn.wordpress.org/trunk@49898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-08 16:13:07 +00:00
Sergey Biryukov b88325dbc6 I18N: Use the actual placeholder instead of a number in translator comments if the corresponding string does not use numbered placeholders.
Adjust some newly introduced strings to remove unnecessary numbered placeholders for consistency.

Follow-up to [42827].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@50234


git-svn-id: http://core.svn.wordpress.org/trunk@49895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-07 12:44:04 +00:00
Sergey Biryukov a80f705d97 Privacy: Rename the `$send_confirmation_email` parameter of `wp_create_user_request()` to `$status`, for clarity.
Follow-up to [50159], [50165].

Props xkon, TimothyBlynJacobs.
Fixes #52430. See #43890.
Built from https://develop.svn.wordpress.org/trunk@50230


git-svn-id: http://core.svn.wordpress.org/trunk@49891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-05 15:50:05 +00:00
John Blackbourn 9cd08881ba Users: Coding standards fixes after [50228].
See #52238

Built from https://develop.svn.wordpress.org/trunk@50229


git-svn-id: http://core.svn.wordpress.org/trunk@49890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-05 14:43:03 +00:00
John Blackbourn 523e292d8c Users: Allow the role of users to be bulk changed to no role from the Users listing screen.
This option is already available when editing an individual user, but it was previously missing from the bulk actions.

Props bonniebeeman, sabernhardt, ovidiul, jeroenrotty

Fixes #52238

Built from https://develop.svn.wordpress.org/trunk@50228


git-svn-id: http://core.svn.wordpress.org/trunk@49889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-05 14:40:08 +00:00
Sergey Biryukov c8759b4a14 Privacy: Remove gray left border on the inline notices in Privacy Policy Guide.
Follow-up to [50161].

Props xkon.
See #52430.
Built from https://develop.svn.wordpress.org/trunk@50182


git-svn-id: http://core.svn.wordpress.org/trunk@49861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-04 12:48:05 +00:00
Sergey Biryukov 1e7305ed4b Privacy: Update URLs to the Privacy Policy Guide in help tabs.
Follow-up to [50147], [50161].

Props xkon.
See #52430.
Built from https://develop.svn.wordpress.org/trunk@50181


git-svn-id: http://core.svn.wordpress.org/trunk@49860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-04 12:06:07 +00:00
antpb b566631d5e Media: Consistency in logic to pass `wp_getimagesize()` tests.
Previously, we used `DIR_TESTDATA` to determine if a test should skip a newly silenced error in `wp_getimagesize()`.

We are now using `WP_RUN_CORE_TESTS` instead for consistency.

Props hellofromTonya, SergeyBiryukov.
See #49889.

Built from https://develop.svn.wordpress.org/trunk@50170


git-svn-id: http://core.svn.wordpress.org/trunk@49849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 21:36:03 +00:00
Sergey Biryukov 8984e4ef8c Docs: Update documentation for `wp_create_user_request()` per the documentation standards.
Add a `@since` note for the `$send_confirmation_email` parameter.

Follow-up to [50159].

See #43890.
Built from https://develop.svn.wordpress.org/trunk@50165


git-svn-id: http://core.svn.wordpress.org/trunk@49844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 20:42:03 +00:00
whyisjake 8e8fe6d2c0 Administration: New filter ahead of the months drop-down.
As this can cause large, long running queries on sites with many posts, this filter allows the query to be modified, bypassing entirely if needed. 

Fixes #51660.

Props geoffguillain, SergeyBiryukov, hareesh-pillai, hellofromTonya, TimothyBlynJacobs, whyisjake. 


Built from https://develop.svn.wordpress.org/trunk@50163


git-svn-id: http://core.svn.wordpress.org/trunk@49842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 20:34:04 +00:00
Aaron Jorbin 56c9aa3cab Administration: use shorthand css properties to improve readability
Consolidating `border`, `padding`, and `margin` instances where the shorthand can be used to improve readability.

Props ankitmaru, audrasjb, sabernhardt, mukesh27, hellofromTonya.
Fixes #52148.


Built from https://develop.svn.wordpress.org/trunk@50162


git-svn-id: http://core.svn.wordpress.org/trunk@49841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 20:28:08 +00:00
TimothyBlynJacobs 9bab39685a Privacy: Redesign the Privacy settings pages.
The Privacy settings pages now use the same design patterns as the Site Health screen. Additionally, each privacy policy guide is now contained in an accordion to make the page easier to navigate when multiple plugins are in use.

Props xkon, hedgefield, garrett-eclipse, hellofromTonya, paaljoachim, joedolson.
Fixes #49264.

Built from https://develop.svn.wordpress.org/trunk@50161


git-svn-id: http://core.svn.wordpress.org/trunk@49840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 20:14:03 +00:00
antpb 64bb29d087 Privacy: Allow Admin to Skip e-mail confirmation for Export.
This adds a form option to skip the admin email alert when exporting personal data.

Props xkon, azaozz, TZ-Media, iandunn, desrosj, iprg, allendav, wesselvandenberg, karmatosed, birgire, davidbaumwald, estelaris, paaljoachim, hellofromTonya.
Fixes #43890.

Built from https://develop.svn.wordpress.org/trunk@50159


git-svn-id: http://core.svn.wordpress.org/trunk@49838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 19:45:03 +00:00
Sergey Biryukov 9dac2542aa Block Editor: Drop Noto Serif in favor of system fonts.
This aims to improve privacy and performance of the editor.

Follow-up to [37361].

Props Joen, hellofromTonya, garrett-eclipse, aristath, noisysocks, hedgefield, pento, sabernhardt, joyously, yannkozon.
Fixes #46169.
Built from https://develop.svn.wordpress.org/trunk@50155


git-svn-id: http://core.svn.wordpress.org/trunk@49834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 18:37:04 +00:00
Sergey Biryukov 87f1e31871 Login and Registration: Improve the UX of the Reset Password screen.
Previously, it was unclear that the displayed password is only being suggested and should be saved by clicking the Reset Password button.

This adds separate Generate Password and Save Password buttons, for clarity.

Props xkon, estelaris, jaymanpandya, hedgefield, audrasjb, erichmond, magicroundabout, lukecavanagh, knutsp, tinodidriksen, nico_martin, markhowellsmead, kara.mcnair, e_baker, pixelverbieger, souri_wpaustria, megabyterose, poena, whyisjake.
Fixes #39638.
Built from https://develop.svn.wordpress.org/trunk@50153


git-svn-id: http://core.svn.wordpress.org/trunk@49832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 18:13:04 +00:00
Sergey Biryukov 2cb2651c00 Upgrade/Install: Introduce a filter for the result of `WP_Upgrader::install_package()`.
This allows for the capture and usage of error data from the method, to facilitate a potential plugin/theme rollback in the event of an update failure.

Props afragen, dd32.
Fixes #52381.
Built from https://develop.svn.wordpress.org/trunk@50151


git-svn-id: http://core.svn.wordpress.org/trunk@49830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 17:31:05 +00:00
Sergey Biryukov 90ca61ba07 Upgrade/Install: Return a `WP_Error` from `copy_dir()` and `_copy_dir()` if the directory listing failed.
Props afragen, dd32.
Fixes #52342.
Built from https://develop.svn.wordpress.org/trunk@50149


git-svn-id: http://core.svn.wordpress.org/trunk@49828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 17:23:06 +00:00
Sergey Biryukov f5857c6a9f Privacy: Add help tabs for Export Personal Data and Erase Personal Data screens.
Props xkon, burtrw, netweblogic, desrosj, hellofromTonya, garrett-eclipse.
Fixes #43994.
Built from https://develop.svn.wordpress.org/trunk@50147


git-svn-id: http://core.svn.wordpress.org/trunk@49826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 16:55:03 +00:00
antpb f80e5d0919 Media: Avoid suppressing errors when using `getimagesize()`.
Previously, all logic utilizing `getimagesize()` was supressing errors making it difficult to debug usage of the function. 

A new `wp_getimagesize()` function has been added to allow the errors to no longer be suppressed when `WP_DEBUG` is enabled.

Props Howdy_McGee, SergeyBiryukov, mukesh27, davidbaumwald, noisysocks, hellofromTonya.
Fixes #49889.

Built from https://develop.svn.wordpress.org/trunk@50146


git-svn-id: http://core.svn.wordpress.org/trunk@49825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 16:53:04 +00:00
Sergey Biryukov ce816eeda1 Privacy: Introduce `manage_{$this->screen->id}_custom_column` action in `WP_Privacy_Requests_Table::column_default()`.
This brings some consistency with other list tables and allows for adding custom column data to columns registered with `manage_export-personal-data_columns` or `manage_erase-personal-data_columns` filters.

Props xkon, garrett-eclipse, birgire, pbiron, hellofromTonya, TimothyBlynJacobs, 7studio, mukesh27, Mista-Flo.
Fixes #44354.
Built from https://develop.svn.wordpress.org/trunk@50145


git-svn-id: http://core.svn.wordpress.org/trunk@49824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 16:44:04 +00:00
Sergey Biryukov c504140c32 Block Editor: Remove the `.is-dark-theme` body class from the admin header.
With the changes to dark theme support in https://github.com/WordPress/gutenberg/pull/28233 to check the real background color of the theme, this no longer serves any purpose.

Follow-up to [44133].

Props scruffian, sabernhardt.
Fixes #52385.
Built from https://develop.svn.wordpress.org/trunk@50142


git-svn-id: http://core.svn.wordpress.org/trunk@49821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 13:05:02 +00:00
Sergey Biryukov e0bda3a704 Users: Use consistent strings for error messages in `wp-admin/users.php`.
Use `_n()` for a string with plural forms.

Follow-up to [50129].

See #34281.
Built from https://develop.svn.wordpress.org/trunk@50139


git-svn-id: http://core.svn.wordpress.org/trunk@49818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 12:17:04 +00:00
iandunn 683e767517 Community Events: Show organizer CTA when less than 3 events.
When no events are available in the Events Widget, people have always been shown a message encouraging them to help organize one (see `tmpl-community-events-no-upcoming-events`). Now that it's common for online WordCamps and Learn discussion groups to be pinned to the Events API, it's rare that there are no events in the widget, even if there are no _local_ events. Because of that, users are rarely encouraged to join their local community and help organize.

This commit adds an additional call-to-action message, which is shown when there are only 1 or 2 events available.

Props anyssa, sippis, AmethystAnswers.
Fixes #51664.

Built from https://develop.svn.wordpress.org/trunk@50133


git-svn-id: http://core.svn.wordpress.org/trunk@49812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 00:43:06 +00:00
Felix Arntz dbfbf5501a Security, Site Health: Make migrating a site to HTTPS a one-click interaction.
Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained.

This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction.

* Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed.
    * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly.
    * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though.
    * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter.
    * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant.
* Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart.
    * A new `wp_update_urls_to_https()` function takes care of the update routine.
    * A new `update_https` meta capability is introduced to control access.
    * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health.
* Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version.
    * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS.
    * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS.

Props flixos90, timothyblynjacobs.
Fixes #51437.

Built from https://develop.svn.wordpress.org/trunk@50131


git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 00:10:01 +00:00
Adam Silverstein 315b1c185d Users: enable admins to send users a reset password link.
Add a feature so Admins can send users a 'password reset' email. This doesn't change the password or force a password change. It only emails the user the password reset link.

The feature appears in several places:
* A "Send Reset Link" button on user profile screen.
* A "Send password reset" option in the user list bulk action dropdown.
* A "Send password reset" quick action when hovering over a username in the user list.

Props Ipstenu, DrewAPicture, eventualo, wonderboymusic, knutsp, ericlewis, afercia, JoshuaWold, johnbillion, paaljoachim, hedgefield.
Fixes #34281.


Built from https://develop.svn.wordpress.org/trunk@50129


git-svn-id: http://core.svn.wordpress.org/trunk@49808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 22:13:03 +00:00
Adam Silverstein 68c6e9982b Revisions: Address PHP/JS errors when viewing autosave on imported posts.
Fix an issue where viewing an autosave created on a post without any previous revisions would throw a PHP notice. Also fixes the revision screen which was broken in these cases and showed a console error.

Props iseulde.
Fixes #31249.


Built from https://develop.svn.wordpress.org/trunk@50128


git-svn-id: http://core.svn.wordpress.org/trunk@49807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 22:03:01 +00:00
ryelle a69964f4a7 Build/Test Tools: Replace `node-sass` with Dart Sass
Switch the Sass implementation used by Grunt to `sass` (the Dart version), since LibSass & `node-sass` have been deprecated.

Props desrosj.
Fixes #51763.


Built from https://develop.svn.wordpress.org/trunk@50126


git-svn-id: http://core.svn.wordpress.org/trunk@49805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 20:24:16 +00:00