Commit Graph

19285 Commits

Author SHA1 Message Date
desrosj c2a7d2a773 Themes: Remove temporary Full Site Editing safety checks.
These checks were added in [51193] and [51197] as a temporary measure to prevent a site owner from activating a Full Site Editing theme when Gutenberg plugin was not active.

Because Core only had partial support for the features required for FSE, the front end of the site would display a white screen or error message to visitors. Unless the site owner visited the front end, there would be no indication that there was a problem.

Since 5.9 will include the remaining features required for FSE, these checks can be removed.

Props poena, jffng.
Fixes #54366. See #534190.
Built from https://develop.svn.wordpress.org/trunk@52044


git-svn-id: http://core.svn.wordpress.org/trunk@51636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 15:27:59 +00:00
John Blackbourn 2a3ad7c430 Docs: Various docblock improvements and corrections.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52035


git-svn-id: http://core.svn.wordpress.org/trunk@51627 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 10:48:59 +00:00
antpb 3dc76d614a Media: Adjust alt text info link text.
Previous messaging of this link was confusing given it went to an external source. This change describes more accurately that it will perform the action of taking you to the resource.

Props karmatosed, joedolson, melchoyce, hellofromTonya, afercia, sabernhardt, antpb.
Fixes #48939.


Built from https://develop.svn.wordpress.org/trunk@52033


git-svn-id: http://core.svn.wordpress.org/trunk@51625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 00:22:57 +00:00
antpb c1f6817cad Media: Remove security messaging in media upload failures.
Previously, when uploading a media item type that is not supported, the default error message claims that the reason it cannot upload is due to security reasons. This is not always true. Now the warning says that the type is not allowed, which is always true.

Props antpb, Presskopp, peterwilsoncc, desrosj, iluy, circlecube, mikeschroder.
Fixes #53626.


Built from https://develop.svn.wordpress.org/trunk@52032


git-svn-id: http://core.svn.wordpress.org/trunk@51624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-07 23:29:56 +00:00
joedolson 201f4ddfbe Editor: Update structure of title element for editing.
Re-format the title element for post editing to follow general scheme for WordPress admin screens.

Props SergeyBiryukov.
Fixes #52314.
Built from https://develop.svn.wordpress.org/trunk@52030


git-svn-id: http://core.svn.wordpress.org/trunk@51622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-07 22:09:56 +00:00
Clorith 44f50060eb Site Health: Add the constant `WP_ENVIRONMENT_TYPE` for debug data.
As a legacy from the old Health Check plugin, the constant `WP_LOCAL_DEV` was included in the debug data under the "WordPress Constants" section. This was incorrect, and has never been a constant used by core.

Instead, that field is now replaced by `WP_ENVIRONMENT_TYPE`, which was introduced with WordPress 5.5, and is a much more appropriate value to provide in a debug scenario.

Props johnbillion, bgoewert, sabbirshouvo.
Fixes #54340.
Built from https://develop.svn.wordpress.org/trunk@52021


git-svn-id: http://core.svn.wordpress.org/trunk@51613 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 21:05:00 +00:00
Sergey Biryukov 0531cc11b4 Coding Standards: Consistently escape attribute in `wp-admin/themes.php`.
Follow-up to [27012], [38057], [47816], [51083].

Props sabbirshouvo, audrasjb.
Fixes #54256.
Built from https://develop.svn.wordpress.org/trunk@52020


git-svn-id: http://core.svn.wordpress.org/trunk@51612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 17:58:57 +00:00
hellofromTonya b9d15392bf Code Modernization: Pass correct default value to `http_build_query()` in `get_core_checksums()` and `wp_version_check()`.
The `get_core_checksums()` and `wp_version_check()` functions call the PHP native `http_build_query()` function, the second parameter of which is the ''optional'' `$numeric_prefix` parameter which expects a non-nullable `string`.

A parameter being optional, however, does not automatically make it nullable.

As of PHP 8.1, passing `null` to a non-nullable PHP native function will generate a deprecation notice.

In this case, this function call yielded a `http_build_query(): Passing null to parameter #2 ($numeric_prefix) of type string is deprecated` notice.

Changing the `null` to an empty string fixes this without a backward compatibility break.

References:
* [https://www.php.net/manual/en/function.http-build-query.php PHP Manual: http_build_query()]
* [https://wiki.php.net/rfc/deprecate_null_to_scalar_internal_arg PHP RFC: Deprecate passing null to non-nullable arguments of internal functions]

Follow-up to [18697], [25540].

Props bjorsch, kraftbj, hellofromTonya, jrf.
See #54229.
Built from https://develop.svn.wordpress.org/trunk@52019


git-svn-id: http://core.svn.wordpress.org/trunk@51611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 12:18:58 +00:00
Clorith 500da91f70 Site Health: Update the icon used when no issues are reported.
The icon used to be a rather blocky checkmark, but has now been changed to the more friendly, and less ambiguous, smiley dashicon.

It also helps cover a rare cases where a checkmark, while often used to mark something as done, may also be used to indicate that something is incorrect (many thanks to my 6th grade teacher for this rationale).

As an added bonus, this commit also adjusts the margins used around the icon, to make it fit more nicely on both large and small viewports.

Props sabernhardt, generosus.
Fixes #53980.
Built from https://develop.svn.wordpress.org/trunk@52018


git-svn-id: http://core.svn.wordpress.org/trunk@51610 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 11:41:01 +00:00
hellofromTonya 9036739acc Administration: Make dashboard widget control submit button text more clear.
Changes the submit button text from "Submit" to "Save Changes".

Why? The text is more semantic and clear of what happens when activating that button.

Follow-up to [9103].

Props zodiac1978, knutsp, hilayt24, audrasjb.
Fixes #54229.
Built from https://develop.svn.wordpress.org/trunk@52014


git-svn-id: http://core.svn.wordpress.org/trunk@51605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 23:30:58 +00:00
davidbaumwald 2e249395de Comments: Add `noopener noreferrer` to author links in list table.
When viewing the listing of all comments, author links previously passed referrer information to untrusted URLs.  This change adds `noreferrer` to each author link, as well as `noopener` to prevent the passing of information about the parent window.

Props cybr, adam3128, erayalakese, andraganescu, audrasjb, joedolson, sabernhardt. 
Fixes #40916.
Built from https://develop.svn.wordpress.org/trunk@52007


git-svn-id: http://core.svn.wordpress.org/trunk@51596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 20:02:02 +00:00
Sergey Biryukov aa62c253e0 External Libraries: Update the Iris color picker to version 1.1.1.
The latest version includes jQuery 3.x deprecation fixes:
* `$.isArray` → `Array.isArray`
* Event attachment/trigger shorthands → `.on()` and `.trigger()`

For a full list of changes in this update, see the PR on GitHub:
https://github.com/Automattic/Iris/pull/72

Follow-up to [22030], [22033], [22385], [22457], [22697], [22732], [23443], [26334], [30551], [30650], [38931], [50547].

Props Clorith, mattwiebe, Cybr.
Fixes #54224.
Built from https://develop.svn.wordpress.org/trunk@52006


git-svn-id: http://core.svn.wordpress.org/trunk@51595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 19:40:00 +00:00
hellofromTonya 6a10d18458 Customize: Fix `focus()` to collapse child panels and show parent panel.
When a child panel is open, `wp.customize.panel('parent_panel').focus()` (e.g. `'parent_parent'` might be `'nav_menus'`) collapses the child panel(s) to show the parent panel. 

Follow-up to [30102], [31920], [38648].

Props celloexpressions, costdev, dlh, hareesh-pillai, hellofromTonya, westonruter, wpweaver. 
Fixes #34436.
Built from https://develop.svn.wordpress.org/trunk@52003


git-svn-id: http://core.svn.wordpress.org/trunk@51592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 15:05:58 +00:00
Sergey Biryukov a59ade2290 Help/About: Improve typography in the `Welcome to your WordPress Dashboard!` text.
Per the general consensus in #8714 and similar tickets, user-facing strings should use “curly quotes” for better typography.

Remove the `svn:executable` property that appears to be added accidentally.

Follow-up to [38049], [42200], [46585], [51995].

See #54321.
Built from https://develop.svn.wordpress.org/trunk@52001


git-svn-id: http://core.svn.wordpress.org/trunk@51590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 03:16:57 +00:00
hellofromTonya b87617e271 Customizer: Make range controls full width.
Adds CSS for range controls in the Customizer to be as wide as possible allowing for smaller increments to be more easily obtained by the user.

Follow-up to [28930].

Props domainsupport, dlh, sabernhardt, audrasjb.
Fixes #54329.
Built from https://develop.svn.wordpress.org/trunk@51996


git-svn-id: http://core.svn.wordpress.org/trunk@51585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 23:19:59 +00:00
hellofromTonya 22e4a52258 Help/About: Improve the Welcome text in `wp-admin/_index.php`.
Improves the `Welcome to your WordPress Dashboard!` copy in the `Overview` section of the help tab.

Follow-up to [18914], [19007], [37680].

Props webcommsat, marybaum, costdev, audrasjb.
Fixes #54321.
Built from https://develop.svn.wordpress.org/trunk@51995


git-svn-id: http://core.svn.wordpress.org/trunk@51584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 22:54:59 +00:00
hellofromTonya 3819fa7340 Help/About: Simplifies WordPress version in "Help" sidebar.
Simplifies the logic for when not in alpha/beta/RC.

The changelog URL is translatable in a few other places in core. This commit uses the same pattern for consistency.

Follow-up to [51985].

Props sergeybiryukov.
Fixes #47848.
Built from https://develop.svn.wordpress.org/trunk@51991


git-svn-id: http://core.svn.wordpress.org/trunk@51580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 21:43:57 +00:00
Sergey Biryukov 1fdea15a96 Coding Standards: Fix some WPCS errors and warnings in `wp-admin/user-edit.php`:
* Add missing translators comment.
* Add missing space, correct indentation.
* Put opening and closing PHP tag on a line by itself.
* Remove unnecessary escaping for consistency with other strings.

Follow-up to [51980].

See #53658.
Built from https://develop.svn.wordpress.org/trunk@51988


git-svn-id: http://core.svn.wordpress.org/trunk@51577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 20:19:59 +00:00
johnjamesjacoby 88e9e36233 Help/About: add WordPress version to contextual "Help" sidebar area.
This change adds a new way for users to quickly identify what version of WordPress they are looking at, directly from the "Help" sidebar on the main "Dashboard" page.

* Stable versions will link to their respective support documents.
* Development versions (alpha/beta/RC) will not link anywhere.

Props audrasjb, costdev, donmhico, hellofromtonya, ipstenu, justinahinon, karmatosed, knutsp, marybaum, sergeybiryukov, webcommsat.

Fixes #47848.
Built from https://develop.svn.wordpress.org/trunk@51985


git-svn-id: http://core.svn.wordpress.org/trunk@51574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 19:09:03 +00:00
Sergey Biryukov 3ab8d52d78 Media: Use `WP_Query::get()` method to retrieve the `posts_per_page` value in `wp_ajax_query_attachments()`.
This avoids a PHP notice and ensures that a default value is always provided if none is set by the user.

Follow-up to [51145], [51485].

Props davidwebca, mukesh27.
Fixes #54129.
Built from https://develop.svn.wordpress.org/trunk@51982


git-svn-id: http://core.svn.wordpress.org/trunk@51571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 18:30:02 +00:00
johnjamesjacoby fae48afc92 Application Passwords: display guiding text & link in `user-edit.php` when unavailable.
This change intends to avoid confusion around the requirements of the Application Passwords feature, specific to it requiring HTTPS and the `WP_ENVIRONMENT_TYPE` constant.

It does this by conditionally hiding the traditional UI and showing some insightful explanations instead, including a translatable link to the `WP_ENVIRONMENT_TYPE` documentation on the "Editing wp-config.php" support page.

Props ashfame, audrasjb, iluy, johnbillion.

Fixes  #53658.
Built from https://develop.svn.wordpress.org/trunk@51980


git-svn-id: http://core.svn.wordpress.org/trunk@51569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:57:03 +00:00
johnjamesjacoby 6d451fb64b Admin/UI-Copy: reword some "we" usages.
This changes some admin-area, user-facing text, to better match the guidelines and recommendations set forth in the make/core handbook, specifically:

> the word “we” should be avoided (...) unless its made very clear which group is speaking

(There are several more usages of "we" that will receive this same scrutiny in future commits/releases.)

Props audrasjb, johnbillion, marybaum, peterwilsoncc, sergeybiryukov, shital-patel.

Fixes  #46057.
Built from https://develop.svn.wordpress.org/trunk@51979


git-svn-id: http://core.svn.wordpress.org/trunk@51568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:37:57 +00:00
johnjamesjacoby f60dae0731 Admin/Menu: include `960` exact pixel width in collapse measurements.
This change removes a 1 pixel gap in the measurement of the viewport width when clicking the "Collapse menu" button (at the bottom of the admin menu UI) when already collapsed, causing the menu not to open as intended when exactly 960 pixels wide.

Before this change, the menu would be stuck in the collapsed position. After this change, the menu opens as expected.

Props abesell132, ankit-k-gupta, audrasjb, boniu91, mai21, sabernhardt, webaxones.

Fixes #54210.
Built from https://develop.svn.wordpress.org/trunk@51977


git-svn-id: http://core.svn.wordpress.org/trunk@51566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:07:57 +00:00
johnjamesjacoby dd7cb532a1 Admin/Discussion Settings: attempt to clarify intent of "Default post settings" section.
This changes the descriptive text underneath 3 settings that are frequently overridden by individual posts & pages, and are also often misunderstood to work differently than they do.

"(These settings may be overridden for individual posts.)"

...becomes...

"Individual posts may override these settings. Changes here will only be applied to new posts."

* Parenthesis were removed to improve text layout and flow for RTL languages.
* Original statement was reworded to emphasize "individual posts".
* New statement provides clarity to users about settings changes not being retroactive.

Props audrasjb, johnjamesjacoby, sabbirshouvo, sabernhardt, tobifjellner.

Fixes #54300.
Built from https://develop.svn.wordpress.org/trunk@51976


git-svn-id: http://core.svn.wordpress.org/trunk@51565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 16:42:59 +00:00
johnjamesjacoby 791998fb7c Admin/Comments: remove bespoke truncation from search string HTML.
This change removes a call to `wp_html_excerpt()` used on the HTML output of the search string, supplied by the current user in the previous page request via the named `s` input in the search-box UI.

If the search string is extremely long, it wraps around the available empty space in a way that is not visually displeasing, confirming that truncation is not a requirement here.

This also addresses a small accessibility concern as the non-truncated string was not alternatively presented, and helps normalize the output of `$_REQUEST['s']` for more broad improvements in the future.

Props hareesh-pillai, jakubtyrcha, johnjamesjacoby, lukecavanagh, sabernhardt.

Fixes #17636.
Built from https://develop.svn.wordpress.org/trunk@51975


git-svn-id: http://core.svn.wordpress.org/trunk@51564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 15:57:59 +00:00
joedolson c90e2fe4f2 Widgets: Remove unused CSS breaking wp_text_diff layout.
Remove CSS used in version of `wp_text_diff` prior to [50034]. Orphaned CSS breaks default layout of function output, but is overridden in the revisions screen.

Props mt8.biz, hareesh-pillai, mukesh27.
Fixes #54140.
Built from https://develop.svn.wordpress.org/trunk@51972


git-svn-id: http://core.svn.wordpress.org/trunk@51561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 23:14:00 +00:00
joedolson 67779da49f Widgets: Use a text-based button to select location.
The WordPress Events and News widget used an icon-only button to select a location. The Pencil icon alone provided insufficient context and labeling for accessibility. Add text to clearly describe button action and change icon to represent a location marker. 

Props AmethystAnswers, sabernhardt.
Fixes #53311.
Built from https://develop.svn.wordpress.org/trunk@51971


git-svn-id: http://core.svn.wordpress.org/trunk@51560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:54:57 +00:00
hellofromTonya 69dc72d0b9 Site Health: Internationalizes count in the info section headings.
If a site health info section includes the `show_count` parameter, this commit internationalizes the count.

Follow-up to [45176].

Props johnbillion, swissspidy.
Fixes #54341.
Built from https://develop.svn.wordpress.org/trunk@51970


git-svn-id: http://core.svn.wordpress.org/trunk@51559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:36:59 +00:00
joedolson a841368a3e Editor: Include post's title in editor `title` element.
Include the current post title in the `title` element when editing a post. Improve accessibility by distinguishing between different edit screens in the browser tab list. 

Props skierpage, alexstine, audrasjb, sabernhardt.
Fixes #52314.
Built from https://develop.svn.wordpress.org/trunk@51969


git-svn-id: http://core.svn.wordpress.org/trunk@51558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:32:58 +00:00
joedolson a3a61c5a3e General: Remove role="navigation" from nav elements.
Role="navigation" was required for assistive technology to recognize HTML5 element's native ARIA roles while HTML5 and ARIA were being introduced. With the deprecation of IE11, the role attribute is only required when mapping elements that don't have native role.

Props costdev, mukesh27.
Fixes #54054.
Built from https://develop.svn.wordpress.org/trunk@51967


git-svn-id: http://core.svn.wordpress.org/trunk@51556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 21:47:13 +00:00
TimothyBlynJacobs bac6e41c85 REST API: Support custom namespaces for custom post types.
While a custom post type can define a custom route by using the `rest_base` argument, a namespace of `wp/v2` was assumed. This commit introduces support for a `rest_namespace` argument. 

A new `rest_get_route_for_post_type_items` function has been introduced and the `rest_get_route_for_post` function updated to facilitate getting the correct route for custom post types.

While the WordPress Core Block Editor bootstrap code has been updated to use these API functions, for maximum compatibility sticking with the default `wp/v2` namespace is recommended until the API functions see wider use.

Props spacedmonkey, swissspidy.
Fixes #53656.

Built from https://develop.svn.wordpress.org/trunk@51962


git-svn-id: http://core.svn.wordpress.org/trunk@51551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 23:16:58 +00:00
John Blackbourn c274d3c520 Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51957


git-svn-id: http://core.svn.wordpress.org/trunk@51546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:17:01 +00:00
Sergey Biryukov 4459eaf392 Docs: Further update the `debug_information` filter description per the documentation standards.
Specifically, this ensures that the DocBlock follows the line wrapping recommendations.

Follow-up to [44986], [45156], [45259], [51949].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51956


git-svn-id: http://core.svn.wordpress.org/trunk@51545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 13:41:02 +00:00
John Blackbourn 6babc3833b Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51955


git-svn-id: http://core.svn.wordpress.org/trunk@51544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 23:13:05 +00:00
Sergey Biryukov 0e2f9ad5b6 Coding Standards: Correct alignment in `WP_Site_Health::get_test_update_temp_backup_writable()`.
This fixes an `Equals sign not aligned with surrounding assignments; expected 1 space but found 6 spaces` WPCS warning.

Follow-up to [51815].

See #51857, #53359.
Built from https://develop.svn.wordpress.org/trunk@51951


git-svn-id: http://core.svn.wordpress.org/trunk@51540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 16:52:57 +00:00
John Blackbourn a0d8a60547 Site Health: Correct and improve the documentation for the `debug_information` hook.
This corrects the structure of the documentation so it accurately reflects the array elements contained within.

See #53399.

Built from https://develop.svn.wordpress.org/trunk@51949


git-svn-id: http://core.svn.wordpress.org/trunk@51538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 15:35:00 +00:00
joedolson d71ae9a7e3 Administration: Hide mobile menu on focusout.
Closes the admin menu on mobile devices when keyboard focus moves outside of the menu or menu toggle elements. Improves the usability of the menu on mobile by allowing closure anywhere outside the menu rather than only on the toggle. 

Props kaneva, costdev, sabernhardt
Fixes #53587.
Built from https://develop.svn.wordpress.org/trunk@51946


git-svn-id: http://core.svn.wordpress.org/trunk@51535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 17:28:56 +00:00
Pascal Birchler a225165010 Role/Capability: Add support for capability queries in `WP_User_Query`.
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:

* `capability` 
* `capability__in`
* `capability__not_in`

These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.

Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:

* all users with a role that has this capability
* all users with the capability being assigned directly

Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.

The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.

Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.

This updates any usage of `'who' => 'authors'` in core to use capability queries instead.

Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.

Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.

Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.

Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes #16841.

Built from https://develop.svn.wordpress.org/trunk@51943


git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:43:57 +00:00
johnjamesjacoby 7a0a07d691 Admin/HTTP API: add suggested filename support to `download_url()`.
This change allows for external clients to supply a suggested filename via a `Content-Disposition` response header. This filename is processed through `sanitize_file_name()` to ensure it is allowable (on the server, MIME's, etc...) and `validate_file()` to prevent directory traversal.

If the suggested filename fails the above processing/checks, that suggestion is discarded and the standard temporary filename (generated by WordPress) is used.

If no `Content-Disposition` header is found in the response headers, the standard temporary filename continues to be used as per normal.

Included in this change are 6 additional PHPUnit tests with 9 assertions. These tests confirm that valid filename values are correctly saved, and invalid filename values are correctly rejected.

Props cklosows, costdev, dd32, johnjamesjacoby, ocean90, psrpinto.

Fixes #38231.
Built from https://develop.svn.wordpress.org/trunk@51939


git-svn-id: http://core.svn.wordpress.org/trunk@51528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 15:00:01 +00:00
Sergey Biryukov e6ede0c816 Coding Standards: Improve escaping in `wp-admin/theme-install.php`.
* Rename a duplicate `$feature_name` variable to `$feature_group` for clarity.
* Escape the remaining `$feature_name` variable.

Follow-up to [27636], [35273].

Props sabbirshouvo, sabernhardt, mukesh27, afragen.
Fixes #54277.
Built from https://develop.svn.wordpress.org/trunk@51923


git-svn-id: http://core.svn.wordpress.org/trunk@51516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 19:18:01 +00:00
Sergey Biryukov 2c84d63322 Help/About: Don't output empty `<span>` tags on Credits screen.
If the contributor does not have a title, the empty tags are not necessary.

Follow-up to [17877], [17909], [17942], [18162], [19143], [46709].

Props sayedulsayem, audrasjb, mukesh27.
Fixes #54275.
Built from https://develop.svn.wordpress.org/trunk@51920


git-svn-id: http://core.svn.wordpress.org/trunk@51513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-19 23:09:00 +00:00
hellofromTonya 234877c9c3 Coding Standards: Add `public` visibility to methods in `src` directory.
This commit adds the `public` visibility keyword to each method which did not have an explicit visibility keyword.

Why `public`?

With no visibility previously declared, these methods are implicitly `public` and available for use. Changing them to anything else would be a backwards-compatibility break.

Props costdev, jrf.
See #54177.
Built from https://develop.svn.wordpress.org/trunk@51919


git-svn-id: http://core.svn.wordpress.org/trunk@51512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 17:52:58 +00:00
hellofromTonya db3a05178b Cron: Remove errant `false` values in cron array when upgrading to 5.9+.
[51916] fixed a bug where `array( `false` )` was added to the cron array when `_get_cron_array()` returned `false`. 

This commit:
* Removes any `false` values from the cron array when upgrading to 5.9+.
* Bumps the database version.

Follow-up to [44917], [51916].

Props peterwilsoncc, jrf.
See #53950.
Built from https://develop.svn.wordpress.org/trunk@51917


git-svn-id: http://core.svn.wordpress.org/trunk@51510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 13:30:57 +00:00
Sergey Biryukov cea5785cdb Coding Standards: Consistently escape form action URL in `wp-admin/update-core.php`.
Follow-up to [10166], [23739], [25806].

Props sabbirshouvo, mukesh27.
Fixes #54278.
Built from https://develop.svn.wordpress.org/trunk@51914


git-svn-id: http://core.svn.wordpress.org/trunk@51507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-17 20:31:02 +00:00
Sergey Biryukov 8b8b5d8ecc Media: Display the unsaved changes dialog in image edit form using jQuery `.text()` function.
This ensures that HTML entities like non-breaking spaces are properly displayed instead of being encoded.

Props jdy68, sebastienserre, audrasjb, mukesh27, SergeyBiryukov.
Fixes #54232.
Built from https://develop.svn.wordpress.org/trunk@51907


git-svn-id: http://core.svn.wordpress.org/trunk@51500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-15 00:18:56 +00:00
Sergey Biryukov 1020306fe9 I18N: Add context for some Media Library filter strings:
* Audio
* Video
* Unattached

This allows for more homogeneous translations in languages where keeping a plural form is important.

Follow-up to [6910], [7397], [8901], [9556], [11749], [13100], [12110], [15491], [15578], [22743], [29426], [29625], [34256], [45651], [46437].

Props jdy68, audrasjb, SergeyBiryukov.
Fixes #54238.
Built from https://develop.svn.wordpress.org/trunk@51903


git-svn-id: http://core.svn.wordpress.org/trunk@51496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-12 16:44:01 +00:00
Sergey Biryukov 2030b6e313 Upgrade/Install: Restore or clean up the temporary plugin or theme backup on shutdown.
This allows these actions to run ''after'' the main process, without affecting the update. Actions running on `shutdown` are immune to PHP timeouts, so in case the failure was due to a PHP timeout, we'll still be able to properly restore the previous version.

Follow-up to [51815], [51898], [51899].

Props aristath, peterwilsoncc.
See #54166.
Built from https://develop.svn.wordpress.org/trunk@51902


git-svn-id: http://core.svn.wordpress.org/trunk@51495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-11 15:09:05 +00:00
Sergey Biryukov d5887aeec3 Upgrade/Install: Introduce a `move_dir()` function.
This replaces the `copy_dir()` usage in `WP_Upgrader::install_package()` and aims to avoid PHP timeout issues when installing or updating large plugins on slower systems like Vagrant or the WP Docker test environment.

The new function attempts a native PHP `rename()` function first and falls back to the previous `copy_dir()`.

Follow-up to [51815], [51898].

Props afragen, aristath, peterwilsoncc, galbaras, noisysocks, pbiron.
Fixes #54166. See #51857.
Built from https://develop.svn.wordpress.org/trunk@51899


git-svn-id: http://core.svn.wordpress.org/trunk@51492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-09 03:38:57 +00:00
Sergey Biryukov 0f2d2264b5 Site Health: Use an integer value as a fallback in the available disk space check.
This avoids a few type problems further in the code: boolean divided by a number, or passing `false` to `size_format()` which is documented to accept integers or strings only.

Follow-up to [51815].

Props TobiasBg.
See #51857.
Built from https://develop.svn.wordpress.org/trunk@51898


git-svn-id: http://core.svn.wordpress.org/trunk@51491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-09 02:50:56 +00:00
Sergey Biryukov c477dcda88 Taxonomy: Populate the `WP_Terms_List_Table::$items` property in `::prepare_items()`.
This allows the parent `WP_List_Table::has_items()` method to work as expected, and the override in the child class can now be removed. It also makes the class more consistent with other list table classes.

As a result of this change, the "Bulk actions" dropdown is no longer unnecessarily displayed if there are no terms.

Follow-up to [15491], [17025], [17026].

Props mattoakley, swissspidy, audrasjb, SergeyBiryukov.
Fixes #54181.
Built from https://develop.svn.wordpress.org/trunk@51896


git-svn-id: http://core.svn.wordpress.org/trunk@51489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-08 00:38:00 +00:00