* Allowed origin whitelist that can be altered by plugins
* Validation of the request origin against the whitelist
* Send Access-Control-Allow-Origin if origin allowed
* get_http_origin(), get_allowed_http_origins(), is_allowed_http_origin(), send_origin_headers()
See #20681
git-svn-id: http://core.svn.wordpress.org/trunk@20794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Use ajax-based saving, add saving indicator.
* Use ajax-based refreshing instead of form targets.
* Instead of using hidden inputs with prefixed names to track the canonical data, use the values stored in wp.customize. Encode the values as JSON before sending to avoid bugs with ids that contain square brackets (PHP mangles POST values with nested brackets).
* Use wp.customize.Previewer solely for the purpose of previewing; move the postMessage connection with the parent frame and other unrelated code snippets into the 'ready' handler.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Move the color control from the switch statement to WP_Customize_Color_Control.
Markup improvements.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces WP_Customize->start_previewing_theme() and WP_Customize->stop_previewing_theme() to easily enable/disable the theme filters as needed.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Overhauled image pickers:
* Add support for drag and drop uploads to image controls.
* Improve the 'uploaded' tab in image controls: automatically add images uploaded during the current session, hide the tab when no uploaded images exist.
* Move the header image control to the WP_Customize_Header_Image_Control class. Remove wp_customize_print_uploaded_headers() and wp_customize_print_uploaded_headers() functions.
* Abstract the dropdown functionality from the color picker to the .dropdown class.
* In wp.Uploader, unset element keys if passed an empty jQuery collection.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Combine the setup_theme() and customize_previewing() methods. Remove the set_template() and set_stylesheet() methods. Add set_theme() method to WP_Customize to store the working WP_Theme object. We will use this for the stylesheet and template.
Use the WP_Theme display() method when preparing headers for display, not get() or the deprecate properties.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Use theme customizer in theme install/update screens.
* Separate the customize loader from the customizer. Use wp_customize_loader() to include the loader script and markup.
* Deprecated: wp-admin/js/theme-preview.js is now no longer used by core.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Instead of grouping together every control parameter into a single array and passing them all to the JS, use subclasses with custom parameters to implement additional PHP functionality and the parameter to send only the necessary variables to the JavaScript control.
Replaces WP_Customize_Control->control_params with WP_Customize_Control->json and WP_Customize_Control->to_json(). The to_json() method refreshes the json array passed to the JavaScript control (set to control.param by default).
Creates WP_Customize_Upload_Control and WP_Customize_Image_Control.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Certain customize settings (such as show_on_front and other static front page features) need to be overridden before template_redirect.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Many-to-many mapping between settings and controls.
* Settings and controls have been separated in both the PHP (WP_Customize_Setting, WP_Customize_Control) and the JS (wp.customize.Setting, wp.customize.Control).
* While most settings are tied to a single control, some require multiple controls. The 'header_textcolor' control is a good example: to hide the header text, header_textcolor is set to 'blank'.
Add 'Display Header Text' control.
A handful of miscellaneous bugfixes along the way.
Notes:
* Controls should be separated out a bit more; juggling type-specific arguments in the switch statement is rather inelegant.
* Page dropdowns are currently inactive and need to be re-linked.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While the customize_render_control- action has been removed, we could still accomplish this with the customize_render_setting action. That said, in this case, avoiding native integration was a matter of minor semantics that ended in the same result.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* prepare_controls() now removes any settings and sections that return false for check_capabilities().
* Added maybe_render() methods to both settings and sections that call the protected render() methods.
* Stop firing front-end preview functionality when rendering the controls.
* Merged the WP_Customize_Setting->_render_type() method into WP_Customize_Setting->render().
* Removed the 'customize_render_control-' hook; use 'customize_render_setting' instead.
* Added a property to sections and settings so they no longer rely on the global. Hooray for dependency injection.
* Shifted calls to WP_Customize_Setting->enqueue() to the 'customize_controls_enqueue_scripts' action.
* Added a theme_supports check for the header_textcolor setting.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Custom header: Use add_theme_support('custom-header', $args) instead of add_custom_image_header(). Deprecates all use of constants.
* HEADER_TEXTCOLOR is now (string) 'default-text-color'.
* NO_HEADER_TEXT is nowi ! (bool) 'header-text'.
* HEADER_IMAGE_WIDTH (and _HEIGHT) are now (int) 'width' and 'height'.
* HEADER_IMAGE is now (string) 'default-image'.
* The 3.4 arguments 'suggested-width' and 'suggested-height' are now just 'width' and 'height' (they are "suggested" when flex-width and flex-height are set).
* Callback arguments for add_custom_image_header() can now be passed to add_theme_support().
Custom background: Use add_theme_support('custom-background, $args) instead of add_custom_background(). Deprecates all use of constants.
* BACKGROUND_COLOR is now (string) 'default-color'.
* BACKGROUND_IMAGE is now (string) 'default-image'.
* Callback arguments for add_custom_background() can now be passed to add_theme_support().
Inheritance: add_theme_support() arguments for custom headers and custom backgrounds is a first-one-wins situation. This is not an unusual paradigm for theming as a child theme (which is included first) overrides a parent theme.
* Once an argument is explicitly set, it cannot be overridden. You must hook in earlier and set it first.
* Any argument that is not explicitly set before WP is loaded will inherit the default value for that argument.
* It is therefore possible for a child theme to pass minimal arguments as long as the parent theme specifies others that may be necessary.
* Allows for a child theme to alter callbacks for <head> and preview (previously, calling add_custom_image_header more than once broke things).
* The just-in-time bits ensure that arguments fall back to default values, that the values of all constants are considered (such as one defined after an old add_custom_image_header call), and that all constants are defined (so as to be backwards compatible).
get_theme_support(): Introduce new second argument, which headers and backgrounds leverage to return an argument. current_theme_supports() already supported checking the truthiness of the argument.
* For example, get_theme_support( 'custom-header', 'width' ) will return the width specified during registration.
* If you had wanted the default image, use get_theme_support( 'custom-header', 'default-image' ) instead of HEADER_IMAGE.
Deprecate remove_custom_image_header(), remove_custom_background(). Use remove_theme_support('custom-header'), 'custom-background'.
Deprecate short-lived custom-header-uploads internal support; this is now (bool) 'uploads' for add_theme_support().
New 3.4 functions renamed or removed: Rename get_current_header_data() to get_custom_header(). Remove get_header_image_width() and _height() in favor of get_custom_header()->width and height.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
wp.Uploader is a wrapper that provides a simple way to upload an attachment (using the wp_ajax_upload_attachment handler). It is intentionally decoupled from the UI. When an upload succeeds, it will receive the attachment information (id, url, meta, etc) as a JSON response. If the upload fails, the wrapper handles both WordPress and plupload errors through a single handler.
As todos, we should add drag classes for the uploader dropzone and account for the rough 100mb filesize limit in most browsers. The UI for the customizer upload controls could be improved as well.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Getters and Helpers: Introduces a series of methods to allow for easy generation of headers for display, and other theme metadata, including page templates.
* Screenshots: Handles support for multiple screenshots. (see # Additional screenshots must be PNG and start with screenshot-2.png, and be sequential to be counted. see #19816.
* Error Handling: Broken themes have a WP_Error object attached to them.
* Caching: Introduces a wp_cache_themes_persistently filter (also in [20020]) to enable persistent caching of all filesystem and sanitization operations normally handled by WP_Theme (and formerly get_file_data() and get_themes()). Themes are cached individually and across five different cache keys for different data pieces.
* Compatibility: A WP_Theme object is backwards compatible with a theme's array formerly returned by get_themes() and get_theme(), and an stdClass object formerly returned by current_theme_info().
* i18n/L10n: Theme headers are now localizable with proper Text Domain and Domain Path headers, like plugins. (Language packs may remove the requirement for headers.) For page templates, see #6007 (not fixed yet, but will be easy now). For headers, fixes#15858.
* PHP and CSS files: New methods that fetch a list of theme files (for the theme editor) only on demand, rather than only loading them into memory. fixes#11214.
Functions deprecated:
* get_themes(), get_allowed_themes() and get_broken_themes() -- use wp_get_themes()
* get_theme() and current_theme_info() -- use wp_get_theme()
* get_site_allowed_themes() -- use WP_Theme::get_allowed_on_network()
* wpmu_get_blog_allowedthemes() -- use WP_theme::get_allowed_on_site()
see also [20016], [20018], [20019], [20020], [20021], [20022], [20025], [20026], [20027]. also fixes#19244.
see #20103.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
ryan
koopersmith
nacin