Making incorrect assumptions about microdata used in a theme results in invalid markup.
The attribute can still be added using the `get_custom_logo` or `wp_get_attachment_image_attributes` filter, but it should not be added by default.
Props henry.wright, tfrommen, afercia, markcallen, zodiac1978.
Fixes#37305.
Built from https://develop.svn.wordpress.org/trunk@45028
git-svn-id: http://core.svn.wordpress.org/trunk@44837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows screen readers to properly announce each search landmark region independently.
Introduce `search_form_args` filter for the arguments used when generating the search form.
Props afercia, williampatton.
Fixes#42057.
Built from https://develop.svn.wordpress.org/trunk@44956
git-svn-id: http://core.svn.wordpress.org/trunk@44787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Because the names of the `get_header()`, `get_footer()`, `get_sidebar()`, and `get_template_part()` functions indicate that a value is returned, some plugins and themes already have `echo get_template_part()` in their codebase. Adding a return value to these functions using the approach in [44678] will cause the two unintended side effects of unexpected content being sent to the browser, and accidental path disclosure.
Reverts [44678].
Props davidbinda.
See #40969.
Built from https://develop.svn.wordpress.org/trunk@44725
git-svn-id: http://core.svn.wordpress.org/trunk@44556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `get_header()`, `get_footer()`, `get_sidebar()`, and `get_template_part()` functions all call `locate_template()` as their final action, which returns the name of the template being loaded. Returning this value helps handle problems with templates being loaded.
Props tferry.
Fixes#40969.
Built from https://develop.svn.wordpress.org/trunk@44678
git-svn-id: http://core.svn.wordpress.org/trunk@44509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Currently, when an SVG is used as a menu icon, the color is inconsistent with the other, default dashicons and the contrast ratio does not meet the minimum requirement for accessibility.
This updates the base color for the default `fresh` color scheme to ensure consistency and proper contrast.
Props swift, dschalk.
Fixes#44209.
Built from https://develop.svn.wordpress.org/trunk@44353
git-svn-id: http://core.svn.wordpress.org/trunk@44183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces new `determine_locale()` function for deciding the proper locale to use for a response. Default value is `get_user_locale()` in the admin, and `get_locale()` on the frontend. Because REST API requests are considered frontend requests, `?_locale=user` can be used to render the response in the user's locale.
Also updates `wp-login.php?wp_lang` implementation to benefit from this abstraction.
Merges [43776] from the 5.0 branch to trunk.
Props flixos90, mnelson4, swissspidy, TimothyBlynJacobs.
Fixes#44758.
Built from https://develop.svn.wordpress.org/trunk@44134
git-svn-id: http://core.svn.wordpress.org/trunk@43964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
Built from https://develop.svn.wordpress.org/trunk@43571
git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42228
git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.
See #12423, #38707, #35395.
Fixes#41897.
Built from https://develop.svn.wordpress.org/trunk@41558
git-svn-id: http://core.svn.wordpress.org/trunk@41391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.
Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes#12423, #39892.
Built from https://develop.svn.wordpress.org/trunk@41376
git-svn-id: http://core.svn.wordpress.org/trunk@41209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates Twemoji to 2.3.0 to include Emoji 5 support.
The pride flag test is replaced with a test for the English flag, a five character sub-devision locale. The UN flag test is retained as the most recent two character locale.
An Emoji 5 "bearded person" replaces both Emoji 4 tests.
Fixes#40858.
Built from https://develop.svn.wordpress.org/trunk@40837
git-svn-id: http://core.svn.wordpress.org/trunk@40688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates Twemoji and adds a second Emoji 4 test to include a shrugging man. Emoji 4 is being implemented gradually, while some browsers now support the female technologist, the indifferent shrugging man is breaking things with his presence.
Props peterwilsoncc, pento for code review.
Fixes#40615.
Built from https://develop.svn.wordpress.org/trunk@40626
git-svn-id: http://core.svn.wordpress.org/trunk@40487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An empty string causes some browsers to use the current URL as the `href`. When using `history.replaceState()` Chrome will re-fetch the favicon with each call, meaning that `customize.php` gets hit with wasted requests which tax the server.
Fixes#38377.
Built from https://develop.svn.wordpress.org/trunk@38901
git-svn-id: http://core.svn.wordpress.org/trunk@38844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
One thing fairly common to the cache groups is a block of code to look to see when the cache was last changed, and if there isn't one, to set it for the current microtime(). It appears in 8 different places in core. This adds a new helper `wp_cache_get_last_changed` to DRY things up a bit.
Since `wp-includes/cache.php` isn't guaranteed to be loaded, this new function is in `wp-includes/functions.php`
Props spacedmonkey, desrosj.
Fixes#37464.
Built from https://develop.svn.wordpress.org/trunk@38849
git-svn-id: http://core.svn.wordpress.org/trunk@38792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37920] introduced resource hints that allow browsers to prefetch specific pages or render them in the background. With this change, the `as`, `crossorigin`, `pr`, and `type` attributes can be passed in addition to the URLs/hosts.
Props peterwilsoncc, swissspidy.
Fixes#38121.
Built from https://develop.svn.wordpress.org/trunk@38826
git-svn-id: http://core.svn.wordpress.org/trunk@38769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces some consistency in the usage of the button CSS classes, fixes the
focus style for accessibility and responsiveness of the buttons.
- Adds the `button` class to all primary buttons make them responsive
- Removes all `secondary-button` classes and replaces it with button when needed. `button-secondary` shouldn't be used and exists just for backward compatibility reasons
- Replaces classes inside `submit_button()` with a shorthand for some buttons, and use an empty string for the default `button` class. Passing `button` is unnecessary
- Adjusts `get_submit_button()` to remove empty items
Props iseulde, dimchik, chris_d2d, mhowell, afercia.
Fixes#27314, #37138, #37448.
Built from https://develop.svn.wordpress.org/trunk@38672
git-svn-id: http://core.svn.wordpress.org/trunk@38615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.
The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php
When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.
The future is now.
See #36335.
Built from https://develop.svn.wordpress.org/trunk@38399
git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_resource_hints()` parses the URL for the `preconnect` and `dns-prefetch` relation types to ensure correct values for both. While protocol-relative URLs are supported for `dns-prefetch`, the double slash was lost for `preconnect`.
Props swissspidy, peterwilsoncc.
Props azaozz for review.
Fixes#37652.
Built from https://develop.svn.wordpress.org/trunk@38255
git-svn-id: http://core.svn.wordpress.org/trunk@38196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `preconnect` will be potentially pretty heavy on the CDN. With the Unicode 9.0 emoji update, almost all browsers will trigger the `preconnect`.
* `preconnect` only opens one connection, but `s.w.org` is HTTP/1.1, so the browser will use the preconnected connection for the first emoji, then it has to open new connections for subsequent emoji.
Also use the same URL as we use for the `emoji_svg_url` filter. This will print the hint for the correct CDN in case someone uses a custom CDN.
Props peterwilsoncc.
Fixes#37387.
Built from https://develop.svn.wordpress.org/trunk@38122
git-svn-id: http://core.svn.wordpress.org/trunk@38063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Externally hosted script and style dependencies trigger `dns-prefetch` hinting only when enqueued. This removed a bug in which hinting was added on registration.
Renames the function `wp_resource_hints_scripts_styles` to `wp_dependencies_unique_hosts` as the function provides the hosts, not the hinting.
Props swissspidy.
Fixes#37385.
Built from https://develop.svn.wordpress.org/trunk@38100
git-svn-id: http://core.svn.wordpress.org/trunk@38041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Resource hints allow browsers to prefetch specific pages or render them in the background to perform DNS lookups or to begin the connection handshake (DNS, TCP, TLS) in the background.
By default, `wp_resource_hints()` prints hints for "s.w.org" (the WordPress.org CDN) and for all scripts and styles which are enqueued from external hosts.
Use the `wp_resource_hints` filter to add custom domains and URLs for `dns-prefetch`, `preconnect`, `prefetch` or `prerender`.
Props voldemortensen, swissspidy.
Fixes#34292.
Built from https://develop.svn.wordpress.org/trunk@37920
git-svn-id: http://core.svn.wordpress.org/trunk@37861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The return from `wp_logout_url()` is HTML-encoded due to its value passing through `wp_nonce_url()` and thus `esc_html()`. Adversely `wp_login_url()` passes through no such escaping and therefore should not be expected to return an HTML-encoded value.
Props akibjorklund for the initial patch.
Fixes#34352.
Built from https://develop.svn.wordpress.org/trunk@37753
git-svn-id: http://core.svn.wordpress.org/trunk@37718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Unifies the APIs for getting a post's modified date or time with getting a post's date or time.
Adds the `$post` parameter to the functions `get_the_modified_date` and `get_the_modified_time`.
Adds the `$post` parameter to the filters `get_the_modified_date` and `get_the_modified_time`.
Props Soean, lukecavanagh.
Fixes#37059.
Built from https://develop.svn.wordpress.org/trunk@37738
git-svn-id: http://core.svn.wordpress.org/trunk@37703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.
Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.
Props ocean90.
Fixes#36835.
Built from https://develop.svn.wordpress.org/trunk@37431
git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.
Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.
See #32246.
Built from https://develop.svn.wordpress.org/trunk@37342
git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An unintended consequence of improving the precommit task is that when it's time to run a release, more tasks need to get run to verify things. This adds a prerelease task to help fix that situation. grunt prerelease should include tasks that verify the code base is ready to be released to the wild and find all the tears on the mausoleum floor and help Blood stain the Colosseum doors.
See #35557
Built from https://develop.svn.wordpress.org/trunk@36930
git-svn-id: http://core.svn.wordpress.org/trunk@36898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Locales are codes to identify a language in WordPress which can be different from the specification for language tags, see https://www.w3.org/International/articles/language-tags/.
An example is `de_DE_formal` or `nl_NL_formal` where the subtag `formal` isn't officially supported.
To give translators the possibility to specify the language tag of their language introduce a string `html_lang_attribute` which can be translated into the language tag which conforms to the specification.
Props SergeyBiryukov.
Fixes#33511.
Built from https://develop.svn.wordpress.org/trunk@36802
git-svn-id: http://core.svn.wordpress.org/trunk@36769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Splits wp-includes/embed-template.php, introduced in 4.4, into five new templates that can be individually overridden by themes:
* embed.php
* embed-404.php
* embed-content.php
* header-embed.php
* footer-embed.php
Also introduces a new template tag for outputting the site title, `the_embed_site_title()`.
The five new templates live in theme-compat, allowing for graceful fallbacks should themes prefer not to override any or all of them.
Props swissspidy, imath, ocean90, DrewAPicture.
See #34561.
Built from https://develop.svn.wordpress.org/trunk@36693
git-svn-id: http://core.svn.wordpress.org/trunk@36660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reverts [35700] which didn't account for author archives without posts.
Determination of the correct title is now based on the same order of
conditionals that template loader uses to select the right template.
H/t ocean90.
Fixes#34516.
Built from https://develop.svn.wordpress.org/trunk@35706
git-svn-id: http://core.svn.wordpress.org/trunk@35670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the site icon for another site is requested, retrieving its ID via `get_blog_option()` is not enough. `switch_to_blog()` is used to set proper context when required.
Adds multsite tests for `has_site_icon()`.
Props imath.
Fixes#34312.
Built from https://develop.svn.wordpress.org/trunk@35572
git-svn-id: http://core.svn.wordpress.org/trunk@35536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces more flexibility in filtering all parts of the document title,the
separator, and a way to short-circuit title generation. Plugins can now also
check for theme support and reliably filter the entire output. See #18548.
Deprecates `wp_title()`.
Fixes#31078.
Built from https://develop.svn.wordpress.org/trunk@35294
git-svn-id: http://core.svn.wordpress.org/trunk@35260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Only call `get_blog_option()` when there is a blog id and we're in Mulitsite. If there is no blog id the request is for the current blog.
* Check return value of `wp_get_attachment_image_src()` before getting the URL since it could be `false`.
* Use `{bool}` rather than `!!` to return a boolean value.
Props MikeHansenMe, obenland.
Fixes#33326.
Built from https://develop.svn.wordpress.org/trunk@33606
git-svn-id: http://core.svn.wordpress.org/trunk@33573 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This v1 marries Jetpack's Site Icon module with the Media Modal, reusing code
from the Custom Header admin. For now, the core-provided icons will be limited
to a favicon, an iOS app icon, and a Windows tile icon, leaving `.ico` support
and additional icons to plugins to add.
Props obenland, tyxla, flixos90, jancbeck, markjaquith, scruffian.
See #16434.
Built from https://develop.svn.wordpress.org/trunk@32994
git-svn-id: http://core.svn.wordpress.org/trunk@32965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`$initial` shouldn't be loosely compared to `true` in `get_calendar()`.
`current_user_can()` shouldn't be loosely compared to `false` in `kses_init()`
`$get_all` shouldn't be loosely compared to `true` in `get_blog_details()`.
`is_array()` and `in_array()` shouldn't be loosely compared in `wpmu_validate_user_signup()`.
`$result` should by strictly compared in `check_ajax_referer()`.
`wp_verify_nonce()` should by strictly compared in `_show_post_preview()`.
`is_user_logged_in()` should not be loosly compared against `false` in `wp-signup.php`.
See #32444.
Built from https://develop.svn.wordpress.org/trunk@32733
git-svn-id: http://core.svn.wordpress.org/trunk@32704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Custom pagination query vars, as provided in the 'base' parameter, must be
detected in the current page URL and removed before generating fresh pagination
links. The logic introduced in this changeset ensures that these custom
query vars are properly detected in cases where the 'format' param contains
a `#`.
This is a follow-up to [31203] #30831.
Fixes#31939.
Built from https://develop.svn.wordpress.org/trunk@32359
git-svn-id: http://core.svn.wordpress.org/trunk@32330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sorting by post_date alone can cause indeterminacy problems on different
versions of MySQL when post_date ties need to be broken. Using `ID` as a
secondary sort ensures that the order is always determinate.
Props herbmillerjr for an initial patch.
Fixes#30480.
Built from https://develop.svn.wordpress.org/trunk@31452
git-svn-id: http://core.svn.wordpress.org/trunk@31433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since 4.1 [29780], the default value of the 'add_args' argument in
`paginate_links()` has been determined by parsing the current URL. This change
had the side effect of overriding custom values of 'format' that changed the
pagination query var, with the result that plugins using `paginate_links()`
with a custom format generated the incorrect links unless explicitly
declaring 'add_args=false' to prevent the default values from overriding. We
fix this behavior by parsing URL query vars into the 'add_args' array only
after the explicit function params have been parsed, and by skipping the
current page's pagination query var when doing this parsing (to avoid the
override).
Props obenland.
Fixes#30831 for trunk.
Built from https://develop.svn.wordpress.org/trunk@31203
git-svn-id: http://core.svn.wordpress.org/trunk@31184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes#25672.
Built from https://develop.svn.wordpress.org/trunk@31188
git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Up to this point, various core elements' DocBlocks incorrectly included an `@internal` tag as a means for skipping the parsing process. When paired with a description (inline or otherwise), `@internal` is a valid tag meant to provide internal-only context, but not necessarily to skip parsing the entire element.
See #30987.
Built from https://develop.svn.wordpress.org/trunk@31170
git-svn-id: http://core.svn.wordpress.org/trunk@31151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Affects DocBlocks for the following core elements:
* Markdown-indent a code snippet in the description for `_deprecated_argument()`
* Markdown-indent a code snippet in the description for `wp_localize_script()`
* Backtick-escape HTML tags in two parameter descriptions for `wp_register()`
* Various DocBlock formatting in the description for `get_bloginfo()`
* Remove HTML tag from the summary for `_wp_render_title_tag()`
* Backtick-escape a HTML tag in the description for `get_archives_link()`
* Markdown-indent a code snippet in the description for `wp_admin_css_color()`
* Markdown-indent a code snippet in the description for the `welcome_panel` hook
Props rarst.
See #30473.
Built from https://develop.svn.wordpress.org/trunk@30541
git-svn-id: http://core.svn.wordpress.org/trunk@30530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `get_the_archive_title()` and `the_archive_title()` for returning/displaying the title of the current term, date, post type, post format, or author archive.
* `get_the_archive_description()` and `the_archive_description()` for returning/displaying the description associated with the current term archive.
Fixes#21995
Props obenland, DrewAPicture
Built from https://develop.svn.wordpress.org/trunk@30223
git-svn-id: http://core.svn.wordpress.org/trunk@30223 1a063a9b-81f0-0310-95a4-ce76da25c4cd