[32353] changed the way the 'name' param in `get_terms()` is sanitized, by
running it through `sanitize_term_field( 'name' )` before performing the SQL
query. An unintentional side effect of this change was that the string is
double-escaped: once by `wp_filter_kses()`, and once by `esc_sql()`. The
double-escaping was causing 'name' queries to fail when the param contained
apostrophes or other escaped characters.
Fixes#35493.
Built from https://develop.svn.wordpress.org/trunk@36348
git-svn-id: http://core.svn.wordpress.org/trunk@36315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [36338], a template loading error was shown only to users with the `install_themes` capability. This is now displayed users with the `switch_themes` capability, as users with this cap can at least switch to a different theme. Also, this will now show for site administrators in multisite, whereas `install_themes` is limited to superadmins.
Props dd32.
See #21931.
Built from https://develop.svn.wordpress.org/trunk@36344
git-svn-id: http://core.svn.wordpress.org/trunk@36311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After [36335], if a template file is not loaded, an error is displayed
to logged-in users. As logged-in users may have no capabilities,
this check is insubstantial. Limit the display of this error to users
with the `install_themes` capability, i.e. someone who has the capacity
to deal with the error.
See #21931.
Built from https://develop.svn.wordpress.org/trunk@36338
git-svn-id: http://core.svn.wordpress.org/trunk@36305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the off-chance the active theme folder is renamed or deleted, a "white screen
of death" was displayed to the user. Instead, the user is shown a useful error
screen displaying any errors the theme has (e.g. if the theme can't be found).
Props MikeHansenMe, SergeyBiryukov.
See #21931.
Built from https://develop.svn.wordpress.org/trunk@36335
git-svn-id: http://core.svn.wordpress.org/trunk@36302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Show a "Media attachment reattached."/"Media attachment detached." message when only one attachment was attached/detached.
* Use the string placeholder as `number_format_i18n()` returns a string.
* Add translator comments.
* Update help text to refer to the new dropdown menus.
* Add a more generic title to the attach modal.
Fixes#33237.
Built from https://develop.svn.wordpress.org/trunk@36328
git-svn-id: http://core.svn.wordpress.org/trunk@36295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The refactor of `WP_Comment_Query`'s SQL generation in [34542] introduced a bug
that caused only the last post-related filter to be respected in comment
queries. In other words, if querying for comments using params
`post_status=draft&post_author=3`, only the last-processed of these params
would be respected. The current changeset fixes the logic so that these clauses
don't overwrite each other.
Props chriscct7.
Fixes#35478.
Built from https://develop.svn.wordpress.org/trunk@36326
git-svn-id: http://core.svn.wordpress.org/trunk@36293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36157] fixed a problem, introduced in 4.4, that caused custom pagination
parameters passed to `wp_list_comments()`. However, the fix introduced in that
changeset was limited to the `is_singular()` context, so that the bug remained
when `wp_list_comments()` is used within a non-singular `WP_Query` loop. We
fix this by removing the `is_singular()` check and using the more general
`get_the_ID()` to identify the correct post_id to use for the secondary
comment query.
Fixes#35402.
Built from https://develop.svn.wordpress.org/trunk@36324
git-svn-id: http://core.svn.wordpress.org/trunk@36291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[34999] modified the cache strategy for terms in the context of
`wp_get_object_terms()`. As part of these changes, the `object_id` property of
term objects had to be unset before being cached. To avoid modifying passed-by-
reference terms, `update_term_cache()` attempted to make a copy of the terms
passed to the function; however, it failed to use the `clone` keyword, and thus
only created a reference instead of a copy.
Props berengerzyla.
Fixes#35462.
Built from https://develop.svn.wordpress.org/trunk@36323
git-svn-id: http://core.svn.wordpress.org/trunk@36290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows getting the excerpt for a specific post, similar to how most other template tags work.
A deprecation notice is thrown if a boolean value is passed, which is deprecated since 2.3 and has not been used for a long time.
Adds unit tests.
Fixes#27246.
Built from https://develop.svn.wordpress.org/trunk@36319
git-svn-id: http://core.svn.wordpress.org/trunk@36286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It encourages an ugly pattern like `global $userdata; get_currentuserinfo();` in plugins/themes. `wp_get_current_user()` should be used instead, e.g. `$current_user = wp_get_current_user();`.
Props scribu for initial patch.
Fixes#19615.
Built from https://develop.svn.wordpress.org/trunk@36311
git-svn-id: http://core.svn.wordpress.org/trunk@36278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Subviews are stored internally on the Subview manager as an object. The object
is composed of key-value pairs where the key is a jQuery selector for a view,
and the value is an array of views that matching the selector.
To extract subviews, `_.flatten()` was used to collate the nested arrays of
views into a single view. However, `_.flatten()` is not intended to be used
for objects, and this unintended functionality breaks in newer versions of
Underscore.js.
Instead, we'll use `_.values()` to extract the arrays of views first,
and then flatten the array of arrays.
Props adamsilverstein.
See #34350.
Built from https://develop.svn.wordpress.org/trunk@36305
git-svn-id: http://core.svn.wordpress.org/trunk@36272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The descendant query in `WP_Comment_Query::fill_descendants()` uses the clauses
of the main `get_comment_ids()` query as a basis, discarding the `parent`,
`parent__in`, and `parent__not_in` clauses. As implemented in WP 4.4 [34546],
the WHERE clause was assembled in such a way that any modifications applied
using the `comments_clauses` filter were not inherited by `fill_descendants()`.
This resulted in descendant queries that did not always properly filter
results, and sometimes contained syntax errors.
The current changeset fixes the problem by using the post-filter WHERE clause
as the basis for the `fill_descendants()` query. This change requires a new
approach for eliminating the unneeded parent-related clauses: instead of
eliminating values in an associative array, we must use regular expressions.
Props boonebgorges, firebird75.
Fixes#35192.
Built from https://develop.svn.wordpress.org/trunk@36277
git-svn-id: http://core.svn.wordpress.org/trunk@36244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36157] fixed a bug whereby `wp_list_comments()` would not properly recognize
custom pagination arguments. See #35175. However, it inadvertently introduced
a bug that caused any `$comments` array explicitly passed to the function to be
ignored, when that array was accompanied by pagination arguments that differ
from those in `$wp_query`. We address this bug by moving the logic introduced
in [36157] inside a block that only fires when no `$comments` array has been
provided to the function.
Props ivankristianto.
Fixes#35356.
Built from https://develop.svn.wordpress.org/trunk@36276
git-svn-id: http://core.svn.wordpress.org/trunk@36243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In order to calculate comment pagination when newest comments are displayed
first, `comments_template()` must perform a separate query to determine the
total number of paginating comments available on a post. See [34729], #8071,
pagination calculation - can be defined as a top-level comment, or a comment
with `parent=0`. However, when comment threading is disabled, yet comments
exist in the database that have parents, all comments - even those with a
parent - are "paginating". (This typically happens when comments threading was
once enabled, but has since been turned off.) As such, the total-paginating-
comments query should only be limited to top-level comments when
'thread_comments' is disabled.
Props jmdodd.
Fixes#35419.
Built from https://develop.svn.wordpress.org/trunk@36275
git-svn-id: http://core.svn.wordpress.org/trunk@36242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Added hardcoded maxlength attributes on the author, author_email, author_url, and comment_field input markup. These can be modified via the comment_form_defaults filter. Added logic in wp_handle_comment_submission() to return a WP_Error when the comment_author, comment_author_url, or comment_content values exceed the max length of their columns. Introduces wp_get_comment_column_max_length() which returns the max column length for a given column name, and is filterable. Unit tests included for the error conditions in wp_handle_comment_submission()
Fixes#10377.
Props westonruter rachelbaker.
Built from https://develop.svn.wordpress.org/trunk@36272
git-svn-id: http://core.svn.wordpress.org/trunk@36239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Date and time formats are now displayed in plain text and available for all
users. Also, lines up them with the "custom" date and time format fields to
help reinforce what these fields do.
Props afercia, perezlabs.
Fixes#35064.
Built from https://develop.svn.wordpress.org/trunk@36263
git-svn-id: http://core.svn.wordpress.org/trunk@36230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes issue where user gets stuck at login screen after trying to close the app if previously they had to first login to access the Customizer. Prevents `WP_Customize_Manager::get_return_url()` from using `wp-login.php` as a referer.
Props chandrapatel.
See #32637.
Fixes#35355.
Built from https://develop.svn.wordpress.org/trunk@36261
git-svn-id: http://core.svn.wordpress.org/trunk@36228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`array_slice()` must be told to preserve keys when the query results exceed the
limit specified the 'number' parameter, so that `id=>parent` and other
id-indexed return value formats don't get mangled.
Props fantasyworld, wpdelighter.
Fixes#35382.
Built from https://develop.svn.wordpress.org/trunk@36252
git-svn-id: http://core.svn.wordpress.org/trunk@36219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The introduction of negative search terms in 4.4 [34934] introduced the
possibility that the ORDER BY clause of a search query could be assembled in
such a way as to create invalid syntax. The current changeset fixes this by
ensuring that the ORDER BY clause corresponding to the search terms is
excluded when it would otherwise be empty.
Props salvoaranzulla.
Fixes#35361.
Built from https://develop.svn.wordpress.org/trunk@36251
git-svn-id: http://core.svn.wordpress.org/trunk@36218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Dion Hulse
Boone Gorges
Eric Lewis
Rachel Baker
Jeremy Felt
Ella Iseulde Van Dorpe
Andrea Fercia
Pascal Birchler
Dominik Schilling
Drew Jaynes
John Blackbourn
Joe Hoyle
Konstantin Obenland
Weston Ruter