Extend the check in 'rest_allow_anonymous_comments' to accept any falsy value (previously this was an explicit check for `false`).
One possible failure case is that a plugin developer forgets to include a return value for some code path in their callback for this filter, leading to a value of null which is currently treated like `true`.
Props joehoyle, jnylen0.
Merges [39487] to the 4.7 branch.
Fixes#39010.
Built from https://develop.svn.wordpress.org/branches/4.7@39566
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds `srcset` and `sizes` to the about page images, including
art direction, via `<picture>` for the lead Twenty Seventeen image.
This also replaces URLs for all images and feature videos to their
CDN locations on s.w.org.
Props helen, pento, joemcgill.
Fixes#38616 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39515
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The ultimate `post_name` is stored in postmeta until the post is published. The `get_page_by_path()` function does not exclude `auto-draft` posts. Revert changes to `wp_unique_post_slug()` from [39411] which excluded `auto-draft` posts.
Props westonruter, dlh for testing, helen for testing.
Merges [39506] onto 4.7 branch.
Fixes#39078 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39507
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the theme's CSS feature query for `object-fit` overrode styles it shouldn't have on interior pages.
This moves the feature query farther down in the stylesheet so it takes precedence in the cascade in supported browsers, and applies the appropriate selector for the interior pages. In browsers that don't support feature queries or `object-fit`, the fallback styles are still applied. The problem was that the rules had the same specificity, so this way, the cascade takes over properly. The transforms and position changes for fallbacks are still needed in browsers that don't support `object-fit` and feature queries.
Merge of [39495] to the 4.7 branch.
Props peterwilsoncc, davidakennedy.
See #39073.
Built from https://develop.svn.wordpress.org/branches/4.7@39497
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The theme uses a hack to help the video header and header image fill the available space. This centers around `max-width: 1000%;`. It causes visual issues (zooming of the header video or image) for all users though.
This fixes that with CSS Features Queries. The hack remains for browsers that don't support Feature Queries and `object-fit`. Browsers that do support both get a better experience with a more reliable styling of the video and image header container.
Props laurelfulford, peterwilsoncc.
Fixes#39035 for the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@39485
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `siteurl` setting is registered and made available to the REST API. On a multisite installation, this setting is not configurable from the General Settings screen, but due to the above it is configurable from the REST API.
Merge of [39468] to the 4.7 branch.
Props peterwilsoncc.
Fixes#39005.
Built from https://develop.svn.wordpress.org/branches/4.7@39469
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the `require_name_email` option is true, creating a comment with an empty string for the author name or email should not be accepted. Both values can be an empty string on update.
Merges [39444] into the 4.7 branch.
Props flixos90, hnle, dd32, rachelbaker, jnylen0, ChopinBach, joehoyle, pento.
Fixes#38971 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39446
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- 'orderby' => 'include' requires an array of post_ids via the include collection param.
- 'orderby' => 'id' and 'orderby' => 'slug' need map the correct WP_Query equivalents.
Merges [39440] to the 4.7 branch.
Props flixos90, hnle, dd32, rachelbaker, joehoyle, pento.
Fixes#38971 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39441
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In wp-admin, users are removed from individual sites rather than deleted. A user can only be deleted from the network admin.
Until support for a PUT request that removes a user's site and content associations is available, DELETE requests are disabled to avoid possible issues with lost content.
Merges [34938] onto 4.7 branch.
Props jnylen0, rachelbaker.
Fixes#38962 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39439
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When deleting a user through the WordPress admin, a specific decision is presented - whether to assign all of the user's posts to another user, or to delete all of the posts.
This change requires `reassign` as a parameter in the corresponding REST API endpoint, so that content isn't accidentally lost.
Merges [39426] to the 4.7 branch.
Props jeremyfelt.
Fixes#39000.
Built from https://develop.svn.wordpress.org/branches/4.7@39427
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This simplifies the line `$( siteNavigation.closest( '.main-navigation' ), this ).toggleClass( 'toggled-on' );` to `$( siteNavContain ).toggleClass( 'toggled-on' );`, since `this` is the clicked button, so the extra context isn't needed.
Props afercia, laurelfulford.
Fixes#38992 for the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@39423
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39363 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that a standard header is shown on the front page whenever
a header video is set without a header image if the video doesn't load,
e.g., on mobile sizes or if the JS doesn't fire.
This adds a new class, `.has-header-video` that is added whenever the
`wp-custom-header-video-loaded` event is fired, which is then used to style
the custom headers along with `.has-header-image` whenever a header image
is available. This also changes the class name on the custom header media
wrapping `div` from `.custom-header-image` to `.custom-header-media`.
Props laurelfulford, joemcgill.
Fixes#38995 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39414
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Updates `wp_unique_post_slug()` to ignore `auto-draft` posts. Prevents publishing multiple posts that have the same slugs from starter content.
* Fixes fatal error when attempting to save an header_image setting from a non-admin context.
* Fixes substituting attachment symbols in options and theme mods.
* Fixes applying starter content for header images and background images.
Merges [39411] to 4.7 branch.
See #38114.
Fixes#38928 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39412
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Also moves checks from `customize_save` Ajax handler to the underlying `WP_Customize_Manager::save_changeset_post()` call which plugins may invoke directly.
* Ensures that `customize_save_response` filter is always passed an array, with error code available as `code`.
Props utkarshpatel, westonruter, sayedwp.
Merges [39409] into 4.7 branch.
See #30937.
Fixes#38943 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39410
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the capability check used in `WP_REST_Terms_Controller` when creating a new term is attempted, from `manage_terms` to `edit_terms`. This matches the behavior within the WordPress admin. See #35614.
Props johnbillion, rmccue, rachelbaker, helen, jorbin, SergeyBiryukov.
Merges [39402] to the 4.7 branch.
Fixes#38958 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39403
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the `check_username()` and `check_password()` callbacks in the Users controller cast the provided request value to a string. The `rest_sanitize_value_from_schema()` function was being used incorrectly which was causing unintended request parsing.
In `rest_sanitize_request_arg()` do not pass nonexistent third parameter for the `rest_sanitize_value_from_schema()` function.
Props jnylen0, joehoyle, rachelbaker, ocean90.
Merges [39400] to the 4.7 branch.
Fixes#38984 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39401
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a regression in the media library after [38949], which caused
small images (< thumbnail size) to not display within the media library.
Accounts for images that have no intermediate sizes
in `wp_prepare_attachment_for_js()`.
Adds test.
Merges [39396] to the 4.7 branch.
Fixes#38965 for 4.7.
Props joemcgill, clorith, mikeschroder.
Built from https://develop.svn.wordpress.org/branches/4.7@39399
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39339 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Show default labels for nav menu item as placeholders in a control's label field instead of showing blank.
* Store empty string as label instead of copying default labels.
* Prevent labels for post type archive items from being dropped in preview.
* Also ensure that the item type label is displayed on nav menu item controls for settings that are loaded from an existing changeset.
Amends [38618].
See #38015.
Fixes#38955 for 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@39395
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The API should allow updates that don't actually change anything. This allows clients to, for example, accidentally send the same request twice without encountering unexpected errors. This currently works for posts, terms, and users, so this commit adds test cases accordingly.
See #38700 for issues preventing this from working for comments.
Merge of [39371] to the 4.7 branch.
Props jnylen0.
See #38975.
Built from https://develop.svn.wordpress.org/branches/4.7@39372
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes typo in args passed to `get_term_link()` which caused a fatal error due to this call returning a `WP_Error` which was set to `url`. Also fixes never-satisfiable condition for obtaining post type archive URL. Also ensures that `WP_Error` never leaks through as `url` by setting it to an empty string. Adds missing unit tests.
Amends [38991].
See #38114.
Fixes#38945 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39366
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Moves logic from `WP_Customize_Custom_CSS_Setting::update()` into a re-usable `wp_update_custom_css_post()` function, useful for future REST API endpoint, WP-CLI command, or plugin migrations.
* Renames `customize_update_custom_css_post_content_args` filter to `update_custom_css_data` and improves the naming of the parameters. Instead of passing `post_content` and `post_content_filtered` the filtered array now contains `css` and `preprocessed` respectively.
* The second context param for the `update_custom_css_data` filter is now an array of the original args passed to `wp_update_custom_css_post()` and there is now no more `$setting` arg since it isn't necessarily being called in the customizer context.
Props westonruter, georgestephanis.
See #35395.
Fixes#38672.
Built from https://develop.svn.wordpress.org/trunk@39350
git-svn-id: http://core.svn.wordpress.org/trunk@39290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Core requires the post password to view and create comments on password protected posts, so we must support a “password” param on the comments endpoint when fetch comments for a specific post and creating a comment on a password protected post.
Props flixos90, jnylen0.
Fixes#38692.
Built from https://develop.svn.wordpress.org/trunk@39349
git-svn-id: http://core.svn.wordpress.org/trunk@39289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Brings consistency to the `rest_insert_*` actions. Also includes some shuffling and clean-up as well including:
- Ensure we are passing the most current `$post` and `$user` objects to the `update_additional_fields_for_object()` callbacks.
- Changes the function signature of `handle_status_param()` in the Comments controller to accept just the comment_id as the 2nd parameter, instead of a full WP_Comment object. Only the comment_id is needed in the method, this avoids having to include another `get_comment()` call.
- Renames a variable in the `create_item()` method of the Posts controller from `$post` -> `$prepared_post` to be more explicit.
- Minor fixes/clarifications to the rest_insert_* hook docs
Props rachelbaker, joehoyle
Fixes#38905.
Built from https://develop.svn.wordpress.org/trunk@39348
git-svn-id: http://core.svn.wordpress.org/trunk@39288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Featured image support means that attachments can now be imported. Media can be sideloaded from within theme or plugin directories. Like other posts, attachments are auto-drafts until customizer changes are published, and are not duplicated when they already exist in the customized state. Attachment IDs can be used for any number of purposes, much like post IDs. Twenty Seventeen now includes 3 images used as featured images to best showcase the multi-section homepage setup.
As featured image IDs are stored in post meta, it also made sense to add support for page templates. Twenty Seventeen does not include any such templates, but the functionality can be quite important for displaying themes to their best effect.
props westonruter, helen, flixos90.
fixes#38615.
Built from https://develop.svn.wordpress.org/trunk@39346
git-svn-id: http://core.svn.wordpress.org/trunk@39286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This bug occurred in any language where text wraps character-by-character, since those languages don't delimit words with spaces. In Japanese, Chinese and Korean, etc., it was possible for the label to be displayed vertically.
Props tg29359, afercia, odysseygate.
Fixes#38876.
Built from https://develop.svn.wordpress.org/trunk@39341
git-svn-id: http://core.svn.wordpress.org/trunk@39281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This makes a few adjustments to CSS to bring them inline with WordPress
CSS coding standards including:
* Font weights should be defined using numeric values
* Do not pad parentheses with spaces
This also fixes a couple of typos to inline comments.
Props netweb for initial patch.
Fixes#38901.
Built from https://develop.svn.wordpress.org/trunk@39340
git-svn-id: http://core.svn.wordpress.org/trunk@39280 1a063a9b-81f0-0310-95a4-ce76da25c4cd