Commit Graph

835 Commits

Author SHA1 Message Date
Sergey Biryukov 114a672cfa Coding Standards: Upgrade WPCS to version 3.0.0.
This is an important release which makes significant changes to improve the accuracy, performance, stability and maintainability of all sniffs, as well as making WordPressCS much better at handling modern PHP.

WordPressCS 3.0.0 contains breaking changes, both for people using ignore annotations, people maintaining custom rulesets, as well as for sniff developers who maintain a custom PHPCS standard based on WordPressCS.

If you are an end-user or maintain a custom WordPressCS based ruleset, please start by reading the [https://github.com/WordPress/WordPress-Coding-Standards/wiki/Upgrade-Guide-to-WordPressCS-3.0.0-for-ruleset-maintainers Upgrade Guide to WordPressCS 3.0.0 for ruleset maintainers] which lists the most important changes and contains a step by step guide for upgrading.

If you are a maintainer of an external standard based on WordPressCS and any of your custom sniffs are based on or extend WordPressCS sniffs, please read the [https://github.com/WordPress/WordPress-Coding-Standards/wiki/Upgrade-Guide-to-WordPressCS-3.0.0-for-Developers-of-external-standards Upgrade Guide to WordPressCS 3.0.0 for Developers].

In all cases, please read the complete changelog carefully before you upgrade.

This commit:
* Updates the Composer dependencies to use the new version, including updating the underlying PHP_CodeSniffer dependency to the new minimum supported version for WPCS.[[BR]] Note: the Composer PHPCS installer plugin is no longer explicitly required as it is now a dependency of WPCS, so the dependency is inherited automatically.
* Updates the ruleset for WPCS 3.0.0. This includes:
 * Raising the memory limit to be on the safe side as WPCS 3.0.0 contains a lot more sniffs.
 * Removing explicit inclusions of extra rules, which have now been added to the `WordPress-Core` ruleset..
 * Updating property names for select sniffs.
 * Updating one exclusion — the `WordPress.CodeAnalysis.AssignmentInCondition` sniff has been (partially) replaced by the `Generic.CodeAnalysis.AssignmentInCondition` sniff.
 * Adding one new exclusion.
* Downgrades one new error to a warning.[[BR]] The `Generic.Files.OneObjectStructurePerFile` sniff enforces that there is only one OO structure declaration per file. At this time, this sniff would yield 29 errors. By downgrading the sniff to a ''warning'', the build can pass and the issues can be fixed in due time. For now, the test directory will be excluded until the issues are fixed (as the test directory CS run does not allow for warnings).
* Updates ignore annotations for WPCS 3.0.0.

Reference: [https://github.com/WordPress/WordPress-Coding-Standards/releases/tag/3.0.0 WPCS 3.0.0 release notes].

Follow-up to [43571], [44574], [45600], [47927].

Props jrf, jorbin, desrosj.
See #59161.
Built from https://develop.svn.wordpress.org/trunk@56695


git-svn-id: http://core.svn.wordpress.org/trunk@56207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-26 00:27:12 +00:00
Felix Arntz 70e0a22e7d Media: Ensure images within shortcodes are correctly considered for loading optimization attributes.
Prior to this change, images added in shortcodes would be considered separately from all other images within post content, which led to incorrect application of the loading optimization attributes `loading="lazy"` and `fetchpriority="high"`.

This changeset changes the filter priority of `wp_filter_content_tags()` from the default `10` to `12` on the various content filters it is hooked in, in order to run that function after parsing shortcodes. While this may technically be considered a backward compatibility break, substantial research and lack of any relevant usage led to the assessment that the change is acceptable given its benefits.

An additional related fix included is that now the duplicate processing of images is prevented not only for post content blobs (`the_content` filter), but also for widget content blobs (`widget_text_content` and `widget_block_content` filters).

Props joemcgill, mukesh27, costdev, spacedmonkey, flixos90.
Fixes #58853.

Built from https://develop.svn.wordpress.org/trunk@56693


git-svn-id: http://core.svn.wordpress.org/trunk@56205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-26 00:13:12 +00:00
spacedmonkey 72f19abd94 Script Loader: Replace hardcoded output of style tags with calls to `wp_add_inline_style`.
In this commit, enhancements have been made by replacing manually constructed style tags with calls to `wp_add_inline_style`. Previously, numerous style tags were generated and output directly in the header, resulting in redundant code and bypassing the core's style enqueueing system. This approach made it challenging for third-party developers to manage and control the output of these style tags.

To ensure backward compatibility, the following functions have been deprecated and replaced:

- print_embed_styles
- print_emoji_styles
- wp_admin_bar_header
- _admin_bar_bump_cb

Backward compatibility shims have also been added, ensuring that if these functions were previously unhooked from there actions, they will continue to not output a style tag.

However, for the following functions, conversion to use inline styles was not feasible due to the potential disruption it might cause by changing the style tag IDs, potentially breaking JavaScript functionality for a number of plugins in the repository:

- custom-background
- wp-custom

These changes improve code maintainability and enhance the flexibility and control available to developers when managing style outputs within WordPress core.

Props spacedmonkey, hlunter, westonruter, flixos90.
Fixes #58775.
Built from https://develop.svn.wordpress.org/trunk@56682


git-svn-id: http://core.svn.wordpress.org/trunk@56194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-25 17:06:34 +00:00
Sergey Biryukov 30a1eec22a Coding Standards: Remove extra parentheses in a few `str_contains()` conditionals.
Follow-up to [55988].

Props Cybr.
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56596


git-svn-id: http://core.svn.wordpress.org/trunk@56108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-16 06:50:23 +00:00
Sergey Biryukov 7630eab57f Docs: Fix typo in a comment in `wp_trim_excerpt()`.
Includes removing redundant `@covers` tags. There is already an existing annotation for the whole test class, following the [https://docs.phpunit.de/en/9.6/annotations.html#covers PHPUnit recommendation]:
> This annotation can be added to the docblock of the test class or the individual test methods. The recommended way is to add the annotation to the docblock of the test class, not to the docblock of the test methods.

Follow-up to [56560].

See #58682.
Built from https://develop.svn.wordpress.org/trunk@56561


git-svn-id: http://core.svn.wordpress.org/trunk@56073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-13 08:08:20 +00:00
Felix Arntz 4bfba35169 Posts, Post Types: Avoid unnecessarily parsing blocks twice in `wp_trim_excerpt()`.
All blocks relevant for the excerpt are already being parsed in `excerpt_remove_blocks()`. Therefore running `do_blocks()` on the post content only to create the excerpt is unnecessary and wasteful from a performance perspective.

Props thekt12, spacedmonkey, mukesh27, joemcgill.
Fixes #58682.

Built from https://develop.svn.wordpress.org/trunk@56560


git-svn-id: http://core.svn.wordpress.org/trunk@56072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-12 19:20:21 +00:00
Sergey Biryukov e5490118af Coding Standards: Include one space after `function` keyword for closures.
Note: This is enforced by WPCS 3.0.0.

Reference: [https://github.com/WordPress/WordPress-Coding-Standards/pull/2328 WPCS: PR #2328 Core: properly check formatting of function declaration statements].

Props jrf.
See #59161, #58831.
Built from https://develop.svn.wordpress.org/trunk@56559


git-svn-id: http://core.svn.wordpress.org/trunk@56071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-12 15:23:18 +00:00
Sergey Biryukov b80ce60f70 Coding Standards: Use pre-increment/decrement for stand-alone statements.
Note: This is enforced by WPCS 3.0.0:

1. There should be no space between an increment/decrement operator and the variable it applies to.
2. Pre-increment/decrement should be favoured over post-increment/decrement for stand-alone statements. “Pre” will in/decrement and then return, “post” will return and then in/decrement. Using the “pre” version is slightly more performant and can prevent future bugs when code gets moved around.

References:
* [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#increment-decrement-operators WordPress PHP Coding Standards: Increment/decrement operators]
* [https://github.com/WordPress/WordPress-Coding-Standards/pull/2130 WPCS: PR #2130 Core: add sniffs to check formatting of increment/decrement operators]

Props jrf.
See #59161, #58831.
Built from https://develop.svn.wordpress.org/trunk@56549


git-svn-id: http://core.svn.wordpress.org/trunk@56061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-09 09:28:26 +00:00
Sergey Biryukov 8aa8b5883a Coding Standards: Use strict comparison in `wp-includes/formatting.php`.
Follow-up to [1345], [4112], [6974], [24214], [25055], [28831], [32863].

Props aristath, poena, afercia, SergeyBiryukov.
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56325


git-svn-id: http://core.svn.wordpress.org/trunk@55837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-30 08:53:25 +00:00
isabel_brison 54f218ae18 Editor: trim footnote anchors from post excerpts.
Adds the `excerpt_remove_footnotes` function to trim footnote anchors from post excerpts.

Props: ramonopoly, costdev, mukesh27, mcsf, azaozz.
Fixes #58805.

Built from https://develop.svn.wordpress.org/trunk@56244


git-svn-id: http://core.svn.wordpress.org/trunk@55756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-17 01:47:26 +00:00
audrasjb 321158f726 Docs: Replace multiple single line comments with multi-line comments.
This changeset updates various comments as per WordPress PHP Inline Documentation Standards.
See https://developer.wordpress.org/coding-standards/inline-documentation-standards/php/#5-inline-comments.

Follow-up to [56174], [56175], [56176], [56177], [56178], [56179], [56180].

Props costdev, audrasjb.
See #58459.



Built from https://develop.svn.wordpress.org/trunk@56191


git-svn-id: http://core.svn.wordpress.org/trunk@55703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-10 22:38:25 +00:00
Sergey Biryukov 67863b9fb7 Options, Meta APIs: Check if the `gmt_offset` value is numeric in `sanitize_option()`.
When saving the settings via the admin UI, the default value for any options not passed in the current `$_POST` request is set to `null` in `wp-admin/options.php`. Some options, e.g. `blog_public`, then rely on `null` being passed to `update_option()` to determine whether the value was changed or not.

This commit resolves a PHP 8.1 deprecation notice when saving the `gmt_offset` option without any changes:
{{{
Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}

Includes a similar fix for the `blog_charset` option.

Follow-up to [4112], [4329], [5541], [21849].

Props adi3890, dhrupo, hrdelwar, hasanmisbah, oglekler, mukesh27, SergeyBiryukov.
Fixes #57728.
Built from https://develop.svn.wordpress.org/trunk@56132


git-svn-id: http://core.svn.wordpress.org/trunk@55644 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-04 13:42:24 +00:00
Sergey Biryukov ad16732d27 Code Modernization: Use `str_contains()` in a few more places.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [55988], [56021].

See #58206.
Built from https://develop.svn.wordpress.org/trunk@56031


git-svn-id: http://core.svn.wordpress.org/trunk@55543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-26 10:17:25 +00:00
Sergey Biryukov c2603744aa Code Modernization: Use `str_contains()` in a few more places.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [55988].

Props spacedmonkey.
See #58220.
Built from https://develop.svn.wordpress.org/trunk@56021


git-svn-id: http://core.svn.wordpress.org/trunk@55533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-25 10:50:24 +00:00
Sergey Biryukov 84e9601e5a Code Modernization: Replace usage of `substr()` with `str_starts_with()` and `str_ends_with()`.
`str_starts_with()` and `str_ends_with()` were introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins or ends with the given substring (needle).

WordPress core includes a polyfill for these functions on PHP < 8.0 as of WordPress 5.9.

This commit uses `str_starts_with()` and `str_ends_with()` in core files where appropriate:
* `$needle === substr( $string, 0, $length )`, where `$length` is the length of `$needle`, is replaced with `str_starts_with( $haystack, $needle )`.
* `$needle === substr( $string, $offset )`, where `$offset` is negative and the absolute value of `$offset` is the length of `$needle`, is replaced with `str_ends_with( $haystack, $needle )`.

This aims to make the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987], [55988].

Props Soean, spacedmonkey, Clorith, ocean90, azaozz, sabernhardt, SergeyBiryukov.
Fixes #58220.
Built from https://develop.svn.wordpress.org/trunk@55990


git-svn-id: http://core.svn.wordpress.org/trunk@55502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:57:24 +00:00
Sergey Biryukov 1ce5dc7444 Code Modernization: Replace usage of `strpos()` with `str_contains()`.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].

Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988


git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:36:26 +00:00
Weston Ruter a04d9a32b3 Emoji: Remove extraneous `sprintf()` from `_print_emoji_detection_script()`.
The `sprintf()` is not being passed any values, and there is no placeholder to replace.
This originated in r52132 in which I erroneously included this `sprintf()` in
two places. I fixed one of the cases in r52151 but I missed the other.

Follow-up to [52132], [52151].

Fixes #58436.
See #44632.

Built from https://develop.svn.wordpress.org/trunk@55875


git-svn-id: http://core.svn.wordpress.org/trunk@55387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-01 18:09:18 +00:00
audrasjb 1dc049b06c Formatting: Add support for schwa in remove_accents().
This changeset adds support for schwa character. Ə (U+018F) and ə (U+0259) are part of Latin Extended-B and used in 
several languages like Azerbaijani or also in gender neutral Italian.

Props suleymankenar, audrasjb, przemekhernik.
Fixes #57609.


Built from https://develop.svn.wordpress.org/trunk@55858


git-svn-id: http://core.svn.wordpress.org/trunk@55370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-25 13:14:20 +00:00
Felix Arntz 8f8114fb06 Media: Fix lazy-loading bug by avoiding to modify content images when creating an excerpt.
The `wp_filter_content_tags()` function, which modifies image tags for example to optimize performance, is hooked into the `the_content` filter by default. When rendering an excerpt for a post that doesn't have a manually provided excerpt, the post content is used to generate the excerpt, handled by the `wp_trim_excerpt()` function.

Prior to this changeset, this led to `wp_filter_content_tags()` being called on the content when generating the excerpt, which is wasteful as all tags are stripped from the excerpt, and it furthermore could result in a lazy-loading bug when the post content contained images, as those images were being counted even though they would never be rendered as part of the excerpt.

This changeset fixes the bug and slightly improves performance for generating an excerpt by temporarily unhooking the `wp_filter_content_tags()` function from the `the_content` filter when using it to generate the excerpt.

Props costdev, flixos90, joemcgill, mukesh27, salvoaranzulla, spacedmonkey, thekt12, westonruter.
Fixes #56588.

Built from https://develop.svn.wordpress.org/trunk@55850


git-svn-id: http://core.svn.wordpress.org/trunk@55362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-23 18:25:19 +00:00
Sergey Biryukov fc3f62f4a2 Docs: Improve a few DocBlocks in `wp-includes/formatting.php`.
This addresses missing hyphens, typos and unnecessarily complex language.

Follow-up to [8540], [8743], [11615], [11907], [28670], [42056].

Props apermo.
Fixes #58316.
Built from https://develop.svn.wordpress.org/trunk@55844


git-svn-id: http://core.svn.wordpress.org/trunk@55356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-21 10:41:22 +00:00
audrasjb 02a131ec30 I18N: Introduce sanitization function for locale.
Introduce the `sanitize_locale_name()` for sanitizing user input of locales.

Props xknown, timothyblynjacobs, ocean90, peterwilsoncc.


Built from https://develop.svn.wordpress.org/trunk@55760


git-svn-id: http://core.svn.wordpress.org/trunk@55272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-16 14:18:20 +00:00
Sergey Biryukov 0c5a04d541 Coding Standards: Use strict comparison where `strtolower()` is involved.
Follow-up to [649], [7736], [18821], [19444], [20886], [20893], [23303], [55642], [55652], [55653], [55654].

Props aristath, poena, afercia, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55677


git-svn-id: http://core.svn.wordpress.org/trunk@55189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-22 15:19:22 +00:00
Sergey Biryukov 4d6f46401f Coding Standards: Use strict comparison where `strlen()` is involved.
Follow-up to [649], [1345], [3034], [6132], [6314], [6974], [55642].

Props aristath, poena, afercia, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55652


git-svn-id: http://core.svn.wordpress.org/trunk@55164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-15 12:11:24 +00:00
Sergey Biryukov f0352db3e4 Coding Standards: Rename the `$myHTML` parameter to `$text` in `htmlentities2()`.
This resolves a WPCS warning:
{{{
Variable "$myHTML" is not in valid snake_case format, try "$my_h_t_m_l"
}}}

It also matches other formatting functions with the `$text` parameter, e.g. `esc_html()`, `ent2ncr()`, etc.

Follow-up to [1727], [3717], [8662], [8743], [54927].

Props victoranto, audrasjb, jrf.
Fixes #58129.
Built from https://develop.svn.wordpress.org/trunk@55651


git-svn-id: http://core.svn.wordpress.org/trunk@55163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-14 01:27:23 +00:00
Sergey Biryukov bdfe3d5a46 Coding Standards: Use strict comparison where `count()` is involved.
Follow-up to [1636], [6974], [8114], [10322], [13326], [14760], [18006], [18541], [19743], [23249], [24115], [33359].

Props aristath, poena, afercia, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55642


git-svn-id: http://core.svn.wordpress.org/trunk@55154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-10 12:56:21 +00:00
Sergey Biryukov 4630e311e7 Tests: Improve documentation and variable names in some formatting tests.
Includes documenting data provider values using hash notation in the tests for:
* `convert_smilies()`
* `get_url_in_content()`
* `links_add_target()`
* `normalize_whitespace()`

Follow-up to [26191], [26327], [26328], [26972], [55562].

See #57841.
Built from https://develop.svn.wordpress.org/trunk@55563


git-svn-id: http://core.svn.wordpress.org/trunk@55075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-03-19 12:53:17 +00:00
Sergey Biryukov 8743a96dfe Formatting: Restore consistent quotes in `_make_web_ftp_clickable_cb()`.
After the introduction of `_make_clickable_rel_attr()` in an earlier commit, the function ended up returning link markup with a mix of single and double quotes.

This commit ensures that `_make_web_ftp_clickable_cb()` always returns double quotes, restoring consistency with other similar callback functions used by `make_clickable()`:
* `_make_url_clickable_cb()`
* `_make_email_clickable_cb()`

Follow-up to [55289].

See #53290, #56444.
Built from https://develop.svn.wordpress.org/trunk@55495


git-svn-id: http://core.svn.wordpress.org/trunk@55028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-03-09 00:20:18 +00:00
audrasjb 34229a4286 Help/About: Avoid extra redirections on HelpHub Links.
This changeset replaces various HelpHub links that have changed to avoid extra 301 redirections.

Props sabernhardt, audrasjb.
See #57726.

Built from https://develop.svn.wordpress.org/trunk@55414


git-svn-id: http://core.svn.wordpress.org/trunk@54947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-23 11:06:19 +00:00
audrasjb 418a21fdbc Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin.
As `https://wordpress.org/support/` was redirected to `https://wordpress.org/documentation/`, this changeset replaces various `/support/article/*` links with `/documentation/article/*` to avoid an extra redirect.

This also updates links to Support Forums by replacing `https://wordpress.org/support/` URLs with `https://wordpress.org/support/forums/`.

Props SergeyBiryukov, audrasjb, dhrupo, hasanmisbah, sakibmd, sabernhardt.
See #57726.

Built from https://develop.svn.wordpress.org/trunk@55412


git-svn-id: http://core.svn.wordpress.org/trunk@54945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-23 10:38:21 +00:00
Sergey Biryukov b9a31d5343 Docs: Improve code comments in some sanitizing functions.
This aims to clarify a few inline comments related to removing percent-encoded characters and HTML entities.

Affected functions:
* `sanitize_user()`
* `sanitize_title_with_dashes()`
* `sanitize_html_class()`
* `_sanitize_text_fields()`
* `get_comments_number_text()`

Follow-up to [465], [3454], [11433], [12503], [37987].

Props ace100, tanjimtc71, codemonksuvro, SergeyBiryukov.
Fixes #57712.
Built from https://develop.svn.wordpress.org/trunk@55346


git-svn-id: http://core.svn.wordpress.org/trunk@54879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-15 13:06:21 +00:00
Aaron Jorbin 6d179f0d90 Comments: Improve rel attribute usage in comments.
Internal links should be followed and it should be easier to modify other rel attributes on comments. This adds a helper function for determining if a URL is internal and also adds some new filters to make it easy to modify rel attributes in comments.

Props thomasplevy, desrosj, sabernhardt, benish74, samiamnot, galbaras, jorbin.

Fixes #53290, #56444.

Built from https://develop.svn.wordpress.org/trunk@55289


git-svn-id: http://core.svn.wordpress.org/trunk@54822 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-07 18:54:19 +00:00
audrasjb 3223743a6a I18N: Introduce `word_count_type` property to `WP_Locale`.
This changesets adds a `word_count_type` property, so that it does not need to be translated separately across multiple projects.

List of changes:
- New property: `WP_Locale::word_count_type`.
- New method: `WP_Locale::get_word_count_type()`.
- New function: `wp_get_word_count_type()` as a wrapper for `WP_Locale::get_word_count_type()`.
- All `_x( 'words', 'Word count type. Do not translate!' )` strings have been replaced with a call to `wp_get_word_count_type()`.

Props pedromendonca, desrosj, costdev, mukesh27, johnbillion.
Fixes #56698.

Built from https://develop.svn.wordpress.org/trunk@55279


git-svn-id: http://core.svn.wordpress.org/trunk@54812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-07 17:28:18 +00:00
joedolson b2fb194bc1 Formatting: Treat `math` elements as block-level elements.
The `math` element can be displayed either as a block or inline element. If `wpautop` only treats it as an inline element, it will break multiline elements by inserting `br` elements. Treating the element as a block element means that the editor won't break common normative usages of the `math` element. 

Prevent `math` elements from having internal elements split up with `br` elements, disrupting formatting.

Props nicholaswilson, wojtek.szkutnik, hakre, conner_bw, ericlewis, hughie.molloy, SteelWagstaff, ryokuhi, joedolson, bgoewert, adamsilverstein, joedolson.
Fixes #13340.
Built from https://develop.svn.wordpress.org/trunk@55272


git-svn-id: http://core.svn.wordpress.org/trunk@54805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-07 16:18:22 +00:00
Peter Wilson 6b50b3e9fe Formatting: Guard `wp_strip_all_tags()` against fatal errors.
Check the input of `wp_strip_all_tags()` before passing it to `strip_tags()`. This protects against fatal errors introduced in PHP 8, retaining the `E_USER_WARNING` from PHP 7, and prevents a PHP 8.1 deprecation notice when passing null.

Props chocofc1, costdev, jrf, dd32, audrasjb, peterwilsoncc.
Fixes #56434.


Built from https://develop.svn.wordpress.org/trunk@55245


git-svn-id: http://core.svn.wordpress.org/trunk@54778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-07 03:34:15 +00:00
audrasjb 965fe8f209 Media: Replace consecutive periods in `sanitize_file_name()`.
On some servers, consecutive periods in a filename can cause a 403 Forbidden response.
This changeset replaces consecutive periods with a single period, and adds related unit tests.

Props ArtZ91, costdev, SergeyBiryukov, arthurshlain, mukesh27.
Fixes #57242.

Built from https://develop.svn.wordpress.org/trunk@55209


git-svn-id: http://core.svn.wordpress.org/trunk@54742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-03 12:48:23 +00:00
Sergey Biryukov ff399d17fe Code Modernization: Rename parameters that use reserved keywords in `wp-includes/formatting.php`.
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.

This commit renames the `$class` parameter to `$classname` in `sanitize_html_class()`.

Follow-up to [54927].

See also: [search:?q=code+modernization+rename+parameters+that+use+reserved+keywords&changeset=on equivalent commits for other files].

Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@55162


git-svn-id: http://core.svn.wordpress.org/trunk@54695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-01-30 14:15:16 +00:00
audrasjb 6e88e39baa Docs: Align spelling with American English.
This changeset updates the use of "-ise" suffix to American English "-ize" in various files.

Follow-up to [54663], [54664], [55043], [55044].

Props kebbet, mukesh27.
See #56811, #56792.

Built from https://develop.svn.wordpress.org/trunk@55051


git-svn-id: http://core.svn.wordpress.org/trunk@54584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-01-11 13:59:13 +00:00
Sergey Biryukov a460de4e58 Code Modernization: Rename parameters that use reserved keywords in `wp-includes/functions.php`.
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.

This commit:
* Renames the `$echo` parameter to `$display` in:
 * `wp_nonce_field()`
 * `wp_referer_field()`
 * `wp_original_referer_field()`
* Renames the `$string` parameter to `$input_string` in
 * `_wp_json_convert_string()`
 * `_wp_to_kebab_case()`
* Renames the `$list` parameter to `$input_list` in:
 * `wp_parse_list()`
 * `wp_parse_id_list()`
 * `wp_parse_slug_list()`
 * `wp_filter_object_list()`
 * `wp_list_filter()`
 * `wp_list_pluck()`
 * `wp_list_sort()`
* Renames the `$array` parameter to `$input_array` in:
 * `add_magic_quotes()`
 * `wp_array_slice_assoc()`
 * `_wp_array_get()`
 * `_wp_array_set()`
* Renames the `$function` parameter to `$function_name` in:
 * `_deprecated_function()`
 * `_deprecated_argument()`
 * `_doing_it_wrong()`
* Renames the `$class` parameter to `$class_name` in `_deprecated_constructor()`.
* Renames the `$default` parameter to `$default_value` in `apache_mod_loaded()`.
* Renames the `$var` parameter to `$value` in `wp_validate_boolean()`.
* Amends the `$input` parameter in `wp_parse_str()` for consistency.

Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365], [54927].

Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@54929


git-svn-id: http://core.svn.wordpress.org/trunk@54481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-03 15:07:14 +00:00
Sergey Biryukov 868f939367 Code Modernization: Rename parameters that use reserved keywords in `wp-includes/formatting.php`.
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.

This commit:
* Renames the `$string` parameter to `$text` in:
 * `_wp_specialchars()`
 * `wp_specialchars_decode()`
 * `wp_check_invalid_utf8()`
 * `remove_accents()`
 * `_split_str_by_whitespace()`
 * `wp_strip_all_tags()`
* Renames the `$string` parameter to `$value` in:
 * `backslashit()`
 * `trailingslashit()`
 * `untrailingslashit()`
* Renames the `$string` parameter to `$subject` in `wp_iso_descrambler()`.
* Renames the `$match` parameter to `$matches` in `_wp_iso_convert()`.
* Renames the `$string` parameter to `$date_string` in:
 * `get_gmt_from_date()`
 * `get_date_from_gmt()`
* Renames the `$string` parameter to`$input` in `wp_parse_str()`.
* Renames the `$string` parameter to `$content` in `wp_pre_kses_block_attributes()`.
* Amends the `$text` parameter in `wp_pre_kses_less_than()` for consistency.

Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365].

Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@54927


git-svn-id: http://core.svn.wordpress.org/trunk@54479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-02 18:53:19 +00:00
Sergey Biryukov 43addd9e1e Formatting: Check that both `normalizer_*` functions exist in `remove_accents()`.
This applies to:
* `normalizer_is_normalized()`
* `normalizer_normalize()`

Includes removing the `Normalizer::FORM_C` constant as a parameter, since it is the default value for both functions and does not need to be explicitly passed. This avoids a fatal error if a plugin includes polyfill for any of the functions but the `Normalizer` class has a different namespace, for example when using the Symfony polyfill.

Follow-up to [53754].

Props hellofromTonya, costdev, desrosj, mukesh27, zodiac1978, jchambo, gisgeo, SergeyBiryukov.
Fixes #56980.
Built from https://develop.svn.wordpress.org/trunk@54813


git-svn-id: http://core.svn.wordpress.org/trunk@54365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-11 15:28:12 +00:00
audrasjb 823517e1de Docs: Align spelling with American English.
This changeset replaces "behaviour" with "behavior" in various docblocks.

Props kebbet, jrf.
See #56811, #56792.

Built from https://develop.svn.wordpress.org/trunk@54663


git-svn-id: http://core.svn.wordpress.org/trunk@54215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-21 21:12:14 +00:00
audrasjb ac36170175 Networks and Sites: Ensure `fileupload_maxk` is an `int` to avoid potential fatal errors.
This changeset fixes a potential fatal error, for example when "Max upload file size" setting is set to an empty value. It also adds unit tests for `upload_size_limit_filter`.

Props mjkhajeh, bhrugesh12, SergeyBiryukov, kebbet, audrasjb, felipeelia.
Fixes #55926.

Built from https://develop.svn.wordpress.org/trunk@54482


git-svn-id: http://core.svn.wordpress.org/trunk@54041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-11 15:07:10 +00:00
audrasjb 907986ff68 Formatting: Strip object replacement characters from slugs.
This changeset prevents object replacement characters – UTF-8 `%ef%bf%bc`, used as a placeholder in text for an otherwise unspecified object – from being added to slugs.

Props cantuaria, costdev, audrasjb, SergeyBiryukov, archon810, maciejmackowiak, BaneD, markparnell, ironprogrammer, dmsnell, nikkigagency, webprom.
Fixes #55117.

Built from https://develop.svn.wordpress.org/trunk@54474


git-svn-id: http://core.svn.wordpress.org/trunk@54033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-11 10:28:16 +00:00
Sergey Biryukov c58963b07f Coding Standards: Rename WordPress Dependencies API class files.
The current coding standards note that the name of the class files should be based on the class name with `class-` prepended, and the underscores replaced by hyphens (see the [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#naming-conventions Naming Conventions] section in the handbook), except for the three legacy files: `class.wp-dependencies.php`, `class.wp-scripts.php`, `class.wp-styles.php`.

To bring more consistency to the codebase and make it easier to implement autoloading in the future, this commit renames those three legacy files to conform to the coding standards:

* `wp-includes/class.wp-dependencies.php` → `wp-includes/class-wp-dependencies.php`
* `wp-includes/class.wp-scripts.php` → `wp-includes/class-wp-scripts.php`
* `wp-includes/class.wp-styles.php` → `wp-includes/class-wp-styles.php`

Includes:
* Loading the new files from the old ones, for anyone that may have been including the files directly.
* Replacing references to the old filenames with the new filenames.

Follow-up to [7970], [45654], [45662], [45663], [45678], [47197], [52026], [53749].

Props afragen, schlessera, swissspidy, dingo_d, hellofromTonya, SergeyBiryukov.
Fixes #37861. See #55647.
Built from https://develop.svn.wordpress.org/trunk@54254


git-svn-id: http://core.svn.wordpress.org/trunk@53813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-20 14:17:12 +00:00
Sergey Biryukov 22e363e6c6 Date/Time: Correct sanitization of `timezone_string` in `sanitize_option()`.
This fixes a bug where if the `timezone_string` is set to a timezone name which has since been deprecated, the option value would be “lost” when saving the value again, as the comparison being done to verify whether it is a valid timezone name would only take “current” timezone names into account and would invalidate deprecated timezone names.

By passing the `DateTimeZone::ALL_WITH_BC` constant as the `$timezoneGroup` parameter to the PHP native `timezone_identifiers_list()` function, a timezone name list is retrieved containing both current and deprecated timezone names, preventing the invalidation of the option value.

See the extensive write-up about this in ticket #56468.

Also see: [https://www.php.net/manual/en/datetimezone.listidentifiers.php PHP Manual: timezone_identifiers_list()].

Includes adding a dedicated test to the data provider used in the `Tests_Option_SanitizeOption` test class.

Note: The new data set is ''named'', even though the other data sets are unnamed, to make sure it is clear what this data set is testing. Adding test names for the original data sets in this data provider would be a great future improvement, but is outside of the scope of this commit.

Follow-up to [18323], [33119], [54207], [54217], [54227].

Props jrf, costdev.
See #56468.
Built from https://develop.svn.wordpress.org/trunk@54229


git-svn-id: http://core.svn.wordpress.org/trunk@53788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-19 23:48:08 +00:00
audrasjb b6fad3a241 Docs: Remove an obsolete function description in `addslashes_gpc()`.
- Usage of `get_magic_quotes_gpc()` was removed from `addslashes_gpc()` in [46105] / #47783.
- A similar description fragment was removed from `wp_parse_str()` in that changeset, but this one was missed.
- The `get_magic_quotes_gpc()` function itself was deprecated in PHP 7.4 and removed in PHP 8.0.

Props mitweka, audrasjb, SergeyBiryukov.
Fixes #56233.
See #55646.

Built from https://develop.svn.wordpress.org/trunk@53776


git-svn-id: http://core.svn.wordpress.org/trunk@53335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-25 17:28:09 +00:00
audrasjb 83da7ca360 Docs: Refine `@return` docblock mentions for `esc_sql()`, `wp_slash()` and `wp_unslash()`.
Props malthert, SergeyBiryukov, johnbillion, desrosj, byohann6.
Fixes #53946.
See #55646.

Built from https://develop.svn.wordpress.org/trunk@53775


git-svn-id: http://core.svn.wordpress.org/trunk@53334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-25 15:43:09 +00:00
audrasjb f7921555ca Formatting: Normalize to Unicode NFC encoding before converting accent characters in `remove_accents()`.
This changeset adds Unicode sequence normalization from NFD to NFC, via the `normalizer_normalize()` PHP function which is available with the recommended `intl` PHP extension.

This fixes an issue where NFD characters were not properly sanitized. It also provides a unit test for NFD sequences (alternate Unicode representations of the same characters).

Props NumidWasNotAvailable, targz, nacin, nunomorgadinho, p_enrique, gitlost, SergeyBiryukov, markoheijnen, mikeschroder, ocean90, pento, helen, rodrigosevero, zodiac1978, ironprogrammer, audrasjb, azaozz, laboiteare, nuryko, virgar, dxd5001, onnimonni, johnbillion.
Fixes #24661, #47763, #35951.
See #30130, #52654.

Built from https://develop.svn.wordpress.org/trunk@53754


git-svn-id: http://core.svn.wordpress.org/trunk@53313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-21 21:11:12 +00:00
Sergey Biryukov 01d172b581 General: Replace all `esc_url_raw()` calls in core with `sanitize_url()`.
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.

Follow-up to [11383], [13096], [51597], [53452].

Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes #55852.
Built from https://develop.svn.wordpress.org/trunk@53455


git-svn-id: http://core.svn.wordpress.org/trunk@53044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-01 18:14:10 +00:00
Sergey Biryukov d0712f35d4 Formatting: Make `sanitize_url()` the recommended function for sanitizing a URL.
A general security rule is "Sanitize when you save, escape when you echo".

In WordPress 5.9, `sanitize_url()` was un-deprecated in order to better align with the naming of other sanitizing functions, while still being an alias for `esc_url_raw()`.

This commit reverses the order and turns `esc_url_raw()` into a wrapper for `sanitize_url()`, making the latter the canonical function call and aiming to improve performance by reducing the number of function calls required when using the recommended technique.

Follow-up to [11383], [13096], [51597].

Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
See #55852.
Built from https://develop.svn.wordpress.org/trunk@53452


git-svn-id: http://core.svn.wordpress.org/trunk@53041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-05-31 15:17:14 +00:00