Commit Graph

476 Commits

Author SHA1 Message Date
John Blackbourn 52679edbff Docs: Add examples of possible names for various hooks whose name contains a dynamic portion.
This provides greater discoverability of such hooks in search results on the Code Reference site as well as increased clarity when reading the source.

See #50734, #52628

Built from https://develop.svn.wordpress.org/trunk@50505


git-svn-id: http://core.svn.wordpress.org/trunk@50118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-03-07 12:32:09 +00:00
Sergey Biryukov 90ca61ba07 Upgrade/Install: Return a `WP_Error` from `copy_dir()` and `_copy_dir()` if the directory listing failed.
Props afragen, dd32.
Fixes #52342.
Built from https://develop.svn.wordpress.org/trunk@50149


git-svn-id: http://core.svn.wordpress.org/trunk@49828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 17:23:06 +00:00
joedolson ee751b9779 Administration: Remove italic text to improve readability.
Italicized text can be difficult to read for some people with dyslexia or related forms of reading disorders. This removes italics on a number of larger blocks onpm run grunt rpf text in the admin. This has been a task 5.3; this commit closes the task. Further instances of italicized text should be addressed individually.

Props afercia, xkon, audrasjb
Fixes #47327
Built from https://develop.svn.wordpress.org/trunk@50032


git-svn-id: http://core.svn.wordpress.org/trunk@49733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 21:03:57 +00:00
John Blackbourn f0078d043e Docs: Miscellaneous docblock corrections and improvements.
See #51800.
Built from https://develop.svn.wordpress.org/trunk@49942


git-svn-id: http://core.svn.wordpress.org/trunk@49641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-07 14:17:11 +00:00
John Blackbourn b59c0f307b Docs: Corrections and improvements to types used in various docblocks.
See #51800, #52217

Built from https://develop.svn.wordpress.org/trunk@49936


git-svn-id: http://core.svn.wordpress.org/trunk@49635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-05 17:16:11 +00:00
Sergey Biryukov 37662df05e Docs: In various `@return` tags, list the expected type first, instead of `false` or `WP_Error`.
Follow-up to [46696], [47060], [49926], [49927].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@49929


git-svn-id: http://core.svn.wordpress.org/trunk@49628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-04 17:18:04 +00:00
John Blackbourn dfe1f9b322 Docs: Promote many `bool` types to `true` or `false` where only that value is used.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49927


git-svn-id: http://core.svn.wordpress.org/trunk@49626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 22:04:04 +00:00
John Blackbourn e7cc15b321 Upload: Introduce the `{$action}_overrides` filter that allows the overrides parameter for file uploads and file sideloads to be filtered.
The dynamic portion of the hook name, `$action`, refers to the post action.

Props iandunn, jakub.tyrcha, nacin, wonderboymusic, Mte90, johnbillion

Fixes #16849

Built from https://develop.svn.wordpress.org/trunk@49845


git-svn-id: http://core.svn.wordpress.org/trunk@49564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-20 16:15:03 +00:00
Helen Hou-Sandí aceaf33edd Multisite: More consistency for `clean_dirsize_cache()`.
Props SergeyBiryukov.
Fixes #19879.

Built from https://develop.svn.wordpress.org/trunk@49616


git-svn-id: http://core.svn.wordpress.org/trunk@49354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-16 22:31:06 +00:00
Helen Hou-Sandí bdfd1a954f Multisite: More specific caching for `get_dirsize`.
Instead of one cache entry for all upload folders for a site on multisite, this now caches for each folder and invalidates that cache based on context. In multisite, this should speed up `get_dirsize` calls since older directories that are much less likely to change will no longer have the size recalculated.

Props janthiel, A5hleyRich, batmoo.
Fixes #19879.

Built from https://develop.svn.wordpress.org/trunk@49212


git-svn-id: http://core.svn.wordpress.org/trunk@48974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-19 21:51:06 +00:00
Sergey Biryukov 0e3147c40e Coding Standards: Replace alias PHP functions with the canonical names.
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.

This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast

In part, this is a follow-up to #47746.

Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193


git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 17:27:06 +00:00
Sergey Biryukov 897f004a9c General: Replace older-style PHP type conversion functions with type casts.
This improves performance, readability, and consistency throughout core.

* `intval()` → `(int)`
* `strval()` → `(string)`
* `floatval()` → `(float)`

Props ayeshrajans.
Fixes #42918.
Built from https://develop.svn.wordpress.org/trunk@49108


git-svn-id: http://core.svn.wordpress.org/trunk@48870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 21:15:13 +00:00
Sergey Biryukov 1f85e7484f Docs: Consistently use third-person singular verbs for various filter descriptions, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48782


git-svn-id: http://core.svn.wordpress.org/trunk@48544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-11 00:34:08 +00:00
Sergey Biryukov 7e1e4f379a Site Health: Check if `session_status()` exists before calling it.
Props bgermann.
Fixes #50862.
Built from https://develop.svn.wordpress.org/trunk@48742


git-svn-id: http://core.svn.wordpress.org/trunk@48504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-06 00:25:07 +00:00
Mike Schroder 8c3d56919e Upgrade/Install: Improve `wp_opcache_invalidate()` performance.
Changes from using `preg_match()` based `.php` extension checking to using `substr()` in `wp_opcache_invalidate()`.

Props jnylen0, aaroncampbell, SergeyBiryukov, desrosj, mikeschroder.
Fixes #50784.
Built from https://develop.svn.wordpress.org/trunk@48657


git-svn-id: http://core.svn.wordpress.org/trunk@48419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-28 08:09:05 +00:00
Mike Schroder 9ec7f2febd Docs: Correct `wp_opcache_invalidate_file` filter docs.
Changes incorrectly named `$filename` variable to `$filepath` and adjusts wording to align with PHP docs.

See #36455.
Built from https://develop.svn.wordpress.org/trunk@48632


git-svn-id: http://core.svn.wordpress.org/trunk@48394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-27 09:08:05 +00:00
Sergey Biryukov 40c389c95e Docs: Standardize on "Returning a value from the filter" vs. "Passing a value to the filter".
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.

The documentation is referring to the latter.

Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185


git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:49:09 +00:00
John Blackbourn eb9a6c9690 Docs: Miscellaneous docblock improvements.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48184


git-svn-id: http://core.svn.wordpress.org/trunk@47953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:40:04 +00:00
Sergey Biryukov 178059c1cb Docs: Improve DocBlocks in `wp-admin/includes/file.php` per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48164


git-svn-id: http://core.svn.wordpress.org/trunk@47933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 09:39:13 +00:00
Sergey Biryukov f8c59f3152 Docs: Synchronize documentation and variable names in `wp_get_(plugin|theme)_file_editable_extensions()` for consistency.
Add missing `@since` tag to `wp_get_theme_file_editable_extensions()`.

See #49572.
Built from https://develop.svn.wordpress.org/trunk@48163


git-svn-id: http://core.svn.wordpress.org/trunk@47932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 09:31:15 +00:00
Mike Schroder 0792fb37db Upgrade/Install: Fix Yoda condition in `wp_opcache_invalidate()`.
Fixes linting failure due to Yoda condition in `wp_opcache_invalidate()` following [48160].

See #36455.
Built from https://develop.svn.wordpress.org/trunk@48161


git-svn-id: http://core.svn.wordpress.org/trunk@47930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 07:55:12 +00:00
Mike Schroder dd11076dc7 Upgrade/Install: Invalidate OPcache for PHP files during updates.
When files are copied into place, check whether opcode invalidation is available and attempt to invalidate to avoid unintended behavior or fatal errors from themes, plugins, or core.

Introduces `wp_opcache_invalidate()` to allow safe invalidation of PHP files from opcode cache, and a filter, `wp_opcache_invalidate_file` to override the behavior.

Replaces the existing calls to `opcache_invalidate()` in the plugin and theme editors to use the new function.

Thanks to jnylen0 for porting over a patch from ClassicPress that provided much of the approach for what is being committed.

Props nigro.simone, dd32, JasWSInc, szepe.viktor, swissspidy, JanR, asalce, Garavani, pavelevap, pputzer, GregLone, benoitchantre, jadonn, doc987, kraftbj, Krstarica, jnylen0, nextendweb, williampatton, ayeshrajans, joostdevalk, stevenkussmaul, boogah, jorbin, mikeschroder.
Fixes #36455, #50354.
Built from https://develop.svn.wordpress.org/trunk@48160


git-svn-id: http://core.svn.wordpress.org/trunk@47929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 07:15:12 +00:00
Andrea Fercia ae447adaf4 I18N: Restore the "Error:" prefix for error messages.
Partially reverts [48059] as there's no full consensus on the removal of the text prefix. Further actions should be taken to improve consistency and accessibility of the admin notices. Keeps some improvements to the translatable strings from [48059].

Fixes #47656.

Built from https://develop.svn.wordpress.org/trunk@48115


git-svn-id: http://core.svn.wordpress.org/trunk@47884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-21 14:00:09 +00:00
Sergey Biryukov a576a13246 Docs: Remove an empty line between `@param` and `@return` tags, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48102


git-svn-id: http://core.svn.wordpress.org/trunk@47871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 11:18:09 +00:00
Sergey Biryukov de59ad23a4 Docs: Consistently include an empty line between `@since` tag and `@see`, `@link`, or `@global`, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48067


git-svn-id: http://core.svn.wordpress.org/trunk@47834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 21:07:14 +00:00
Andrea Fercia f83c504b88 I18N: Remove the "Error:" prefix from error messages.
For a number of years, most of the WordPress error messages have been prefixed with "Error:". However, these messages appear in a context where it's already clear an error occurred. Whether it's an error, a warning, or any other classification, that's not so relevant for users. The content of the message is the relevant part. The "Error:" prefix doesn't add great value while it does add unnecessary complexity for the message readability.

Also, revises some of these messages to improve clarity and removes HTML from translatable strings.

Props garrett-eclipse, ramiy, SergeyBiryukov, afercia, sabernhardt, quadthemes, audrasjb. 
See #47003, #43037, #42945, #15887.
Fixes #47656.

Built from https://develop.svn.wordpress.org/trunk@48059


git-svn-id: http://core.svn.wordpress.org/trunk@47826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 15:35:13 +00:00
Sergey Biryukov f22e113e95 File Editor: Don't verify SSL certificate when doing loopback requests for checking for fatal errors.
Previously, verification was disabled for the loopback request to the admin URL, but not to the home URL.

Follow-up to [46230].

Props munyagu.
Fixes #50309. See #47957.
Built from https://develop.svn.wordpress.org/trunk@47896


git-svn-id: http://core.svn.wordpress.org/trunk@47670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-03 11:43:15 +00:00
Sergey Biryukov b9751d4efe Coding Standards: Use strict comparison for `count()` calls.
See #49542.
Built from https://develop.svn.wordpress.org/trunk@47848


git-svn-id: http://core.svn.wordpress.org/trunk@47624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-23 11:38:08 +00:00
Sergey Biryukov 7932193708 Coding Standards: Use strict comparison where static strings are involved.
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47808


git-svn-id: http://core.svn.wordpress.org/trunk@47584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:42:12 +00:00
Sergey Biryukov 4e13efaf96 Code Modernization: Remove conditional use of `stream_get_contents()` PHP function.
The function was introduced in PHP 5.0.0. Now that the minimum version of PHP required by WordPress is 5.6.20, these conditions are no longer needed.

Props jrf.
Fixes #48091.
Built from https://develop.svn.wordpress.org/trunk@47584


git-svn-id: http://core.svn.wordpress.org/trunk@47359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-15 11:54:08 +00:00
Sergey Biryukov 38676936ba Coding Standards: Use strict type check for `in_array()` and `array_search()` where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
Sergey Biryukov 49d7b8c51f Filesystem API: Correct punctuation in `request_filesystem_credentials()` error message.
Props mayankmajeji, kharisblank.
Fixes #49724.
Built from https://develop.svn.wordpress.org/trunk@47530


git-svn-id: http://core.svn.wordpress.org/trunk@47305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-30 01:32:07 +00:00
Sergey Biryukov 73ef224e64 Administration: When editing a plugin or theme file, close any active PHP session.
This prevents HTTP requests from timing out when attempting to connect back to the site.

Props bruandet, vjik, donmhico, SergeyBiryukov.
Fixes #43358.
Built from https://develop.svn.wordpress.org/trunk@47457


git-svn-id: http://core.svn.wordpress.org/trunk@47244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-15 19:45:07 +00:00
John Blackbourn 251d77e1a1 Docs: Miscellaneous docs fixes and improvements.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47398


git-svn-id: http://core.svn.wordpress.org/trunk@47185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:40:07 +00:00
John Blackbourn bf8c4ee5c6 Docs: Correct the parameter documentation of the `request_filesystem_credentials` filter.
See #48303
Built from https://develop.svn.wordpress.org/trunk@47396


git-svn-id: http://core.svn.wordpress.org/trunk@47183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:33:04 +00:00
Sergey Biryukov f0dfe42216 I18N: Replace `upload_max_filesize`, `php.ini`, `MAX_FILE_SIZE` with placeholders in upload error strings.
Props ramiy.
Fixes #48869.
Built from https://develop.svn.wordpress.org/trunk@47330


git-svn-id: http://core.svn.wordpress.org/trunk@47123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-20 17:18:06 +00:00
Sergey Biryukov 641c632b0c Coding Standards: Use Yoda conditions where appropriate.
See #49222.
Built from https://develop.svn.wordpress.org/trunk@47219


git-svn-id: http://core.svn.wordpress.org/trunk@47019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 16:55:09 +00:00
Sergey Biryukov 47ed56f38f Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant.
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.

This commit also includes:

* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
 * `wp-admin/admin-header.php`
 * `wp-admin/admin-footer.php`
 * `wp-includes/version.php`

Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082.
Built from https://develop.svn.wordpress.org/trunk@47198


git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-06 06:33:11 +00:00
Sergey Biryukov deb1886078 Accessibility: Text Changes: Use sentence case for the word `Error` in various error messages, instead of all caps.
Using all caps should be avoided for better readability and because screen readers may pronounce all-caps words as abbreviations.

Props afercia, ryokuhi, sabernhardt, garrett-eclipse.
See #47656, #43037, #42945.
Built from https://develop.svn.wordpress.org/trunk@47156


git-svn-id: http://core.svn.wordpress.org/trunk@46956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-01 21:38:04 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov 053a9cd5b8 Docs: Improve comments in some `wp-admin` files per the documentation standards.
Props passoniate.
Fixes #49215, #49216.
Built from https://develop.svn.wordpress.org/trunk@47084


git-svn-id: http://core.svn.wordpress.org/trunk@46884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-18 00:54:04 +00:00
Sergey Biryukov dd4d98a368 Docs: In various `@return` tags, list the expected type first, instead of `false`.
Follow-up to [46696].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47060


git-svn-id: http://core.svn.wordpress.org/trunk@46860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-11 18:32:05 +00:00
Sergey Biryukov 667f26b3af I18N: Replace `php.ini`, `post_max_size`, and `upload_max_filesize` with placeholders in "File is empty" error message.
Props ramiy.
Fixes #48868.
Built from https://develop.svn.wordpress.org/trunk@47043


git-svn-id: http://core.svn.wordpress.org/trunk@46843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-06 16:16:03 +00:00
Sergey Biryukov 3d623995a8 Docs: In various `@return` tags, list the expected type first, instead of `WP_Error`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@46696


git-svn-id: http://core.svn.wordpress.org/trunk@46496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-11 02:43:03 +00:00
John Blackbourn 9e2b6902b3 Docs: Update the docs for the error parameter that gets passed around during filesystem credential collection.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46597


git-svn-id: http://core.svn.wordpress.org/trunk@46394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-26 23:16:04 +00:00
John Blackbourn 3caaa40fc6 Docs: Switch more docs over to typed array notation, plus some fixes.
See #48303, #41756

Built from https://develop.svn.wordpress.org/trunk@46596


git-svn-id: http://core.svn.wordpress.org/trunk@46393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-26 21:09:04 +00:00
Sergey Biryukov f19ecd19de Filesystem API: Use strict type check in the `in_array()` call for the `$skip_list` parameter in `copy_dir()` and `_copy_dir()`.
This ensures that parent folders with a numeric name are not accidentally skipped when only a subfolder is intended to be skipped.

Props codex-m.
Fixes #46581.
Built from https://develop.svn.wordpress.org/trunk@46400


git-svn-id: http://core.svn.wordpress.org/trunk@46199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-05 02:16:56 +00:00
Sergey Biryukov 30913bc9a2 Docs: Correct formatting of the `@return` value description in `_wp_handle_upload()`.
See #47110.
Built from https://develop.svn.wordpress.org/trunk@46399


git-svn-id: http://core.svn.wordpress.org/trunk@46198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-05 02:09:57 +00:00
Andrew Ozz ff225c8bfc Upload: Fix the method used to create image sub-sizes when uploading fails with a PHP fatal error. Use a custom header to send the new attachment post ID even in HTTP 500 responses instead of an upload reference sent by the client. Also add another cap check and remove the action when deleting an attachment post during a failed upload cleanup.
Props timothyblynjacobs, clorith, azaozz.
Fixes #48200.
Built from https://develop.svn.wordpress.org/trunk@46382


git-svn-id: http://core.svn.wordpress.org/trunk@46181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-03 21:02:00 +00:00
desrosj 894e133d0c Build/Test Tools: Introduce automated PHP compatibility checking.
This change introduces a new Composer script, `compat` that will scan the codebase for (detectable) potential PHP compatibility issues using the `PHP_CodeSniffer` and a custom ruleset based off of the `PHPCompayibilityWP` ruleset (`phpcompat.xml.dist`).

The command will be run as a separate job within each Travis build. While many compatibility issues and false positives have already been corrected in this commit and other Trac tickets, there are still some remaining. For that reason, the job is allowed to fail while the remainder of the potential compatibility issues are investigated and addressed. After those are resolved, the job should be set as required to pass to help prevent new compatibility issues from being introduced.

Props desrosj, jrf, all PHPCompatibilityWP and PHPCompatibility contributors.
Fixes #46152.
Built from https://develop.svn.wordpress.org/trunk@46290


git-svn-id: http://core.svn.wordpress.org/trunk@46102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-25 13:47:58 +00:00
John Blackbourn e36d1bcbd8 Docs: Docblock corrections and improvements, mostly related to various `pre_*` filters.
See #47110

Built from https://develop.svn.wordpress.org/trunk@46232


git-svn-id: http://core.svn.wordpress.org/trunk@46044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 17:41:57 +00:00
Dominik Schilling 4d9c482e79 File Editor: Don't verify SSL certificate when doing loopback requests for checking for fatal errors.
Props Clorith.
See #47957.
Built from https://develop.svn.wordpress.org/trunk@46230


git-svn-id: http://core.svn.wordpress.org/trunk@46042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 15:59:56 +00:00
Andrew Ozz 463e050b25 Uploads: add helper functions for setting, getting, and deleting the temp upload reference used to the attachment_id when retrying to make image sub-sizes.
See #47872.
Built from https://develop.svn.wordpress.org/trunk@46174


git-svn-id: http://core.svn.wordpress.org/trunk@45986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 01:26:55 +00:00
Sergey Biryukov e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov 16b8d91baa I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.

Includes minor code layout fixes.

Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!

Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926


git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 17:13:59 +00:00
Sergey Biryukov 8e85299a00 General: First pass at replacing Codex URLs with a corresponding HelpHub or DevHub article.
Props ianbelanger, tobifjellner, SergeyBiryukov.
See #47771.
Built from https://develop.svn.wordpress.org/trunk@45674


git-svn-id: http://core.svn.wordpress.org/trunk@45485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 22:45:57 +00:00
Sergey Biryukov aee690fd84 Permalinks: Update URLs for "Changing File Permissions" documentation article.
Props patilswapnilv, ianbelanger, SergeyBiryukov.
Fixes #47768.
Built from https://develop.svn.wordpress.org/trunk@45669


git-svn-id: http://core.svn.wordpress.org/trunk@45480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 01:18:55 +00:00
Gary Pendergast 4be25f3d06 Coding Standards: Fix instances of `WordPress.NamingConventions.ValidVariableName.UsedPropertyNotSnakeCase`.
See #46732.

Built from https://develop.svn.wordpress.org/trunk@45612


git-svn-id: http://core.svn.wordpress.org/trunk@45423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-09 06:29:57 +00:00
Gary Pendergast abcbee954f Coding Standards: Fix instances of `WordPress.PHP.NoSilencedErrors.Discouraged`.
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.

See #46732.

Built from https://develop.svn.wordpress.org/trunk@45611


git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-09 05:45:58 +00:00
Gary Pendergast cf3fa9f7c8 Coding Standards: Fix the `Squiz.PHP.DisallowMultipleAssignments` violations in `wp-admin`.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45583


git-svn-id: http://core.svn.wordpress.org/trunk@45394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-01 12:52:01 +00:00
Gary Pendergast 55af0f0d0a Coding Standards: Fix/ignore the `WordPress.NamingConventions.ValidFunctionName` violations.
See #47632


Built from https://develop.svn.wordpress.org/trunk@45580


git-svn-id: http://core.svn.wordpress.org/trunk@45391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-01 08:01:57 +00:00
Andrew Ozz d0c1b77cda Privacy tools:
- Move the (remaining) privacy tools related functions from `wp-admin/includes/file.php` to `wp-admin/includes/privacy-tools.php`.
- Move the `WP_User_Request` class to a separate file.

See #43895.
Built from https://develop.svn.wordpress.org/trunk@45519


git-svn-id: http://core.svn.wordpress.org/trunk@45330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-10 23:54:53 +00:00
Sergey Biryukov 3b69e493f6 I18N: Merge duplicate "authenticity could not be verified" strings, fix comma placement on About page.
Props pedromendonca, garrett-eclipse.
Fixes #47475.
Built from https://develop.svn.wordpress.org/trunk@45515


git-svn-id: http://core.svn.wordpress.org/trunk@45326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-10 14:14:51 +00:00
Sergey Biryukov f5db16738e Administration: Merge similar "file does not exist" messages in plugin and theme editors.
Props ramiy.
Fixes #47249.
Built from https://develop.svn.wordpress.org/trunk@45431


git-svn-id: http://core.svn.wordpress.org/trunk@45242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 12:35:51 +00:00
Sergey Biryukov a36f5d2295 Docs: Fix typos in DocBlocks and comments in `wp-admin/includes/file.php`.
Props mukesh27.
Fixes #47026.
Built from https://develop.svn.wordpress.org/trunk@45394


git-svn-id: http://core.svn.wordpress.org/trunk@45205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-24 01:08:51 +00:00
tellyworth 1d730f20e5 Upgrade/Install: Don't run signature verify on slow 32-bit systems.
The sodium_compat library can be very slow for certain operations on 32-bit architectures, which can lead to web server timeouts while attempting to verify an update. This adds a runtime speed check to skip signature verification on systems that would otherwise time out. Includes simple unit tests.

Props dd32, paragoninitiativeenterprises.
See #47186.

Built from https://develop.svn.wordpress.org/trunk@45345


git-svn-id: http://core.svn.wordpress.org/trunk@45156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-17 11:06:53 +00:00
desrosj d0f46bf73c I18N: Combine similar strings with minor differences.
Props dimadin.
Fixes #47158.
Built from https://develop.svn.wordpress.org/trunk@45298


git-svn-id: http://core.svn.wordpress.org/trunk@45107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-09 19:48:53 +00:00
Sergey Biryukov 8b333f8c20 Docs: Use 3-digit, x.x.x style semantic versioning for `@since 5.2.0` entries in `wp-admin/includes/file.php`.
See #46543.
Built from https://develop.svn.wordpress.org/trunk@45266


git-svn-id: http://core.svn.wordpress.org/trunk@45075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-24 23:36:51 +00:00
tellyworth ed802428e3 Upgrade/install: fix verification bugs and scale back signature checks.
This fixes several bugs in the signature verification code:
Disables signature checks on certain incompatible PHP versions that cause math errors when opcache is enabled;
Prevents a spurious URL and subsequent error when downloading a zip file with query arguments;
Prevents errors triggered by third-party upgrade scripts as per #46615;
Disables signature tests for Plugins, Themes, and Translations, leaving only core updates.

At the 5.2 release the API servers will only provide signatures for core update packages, which is why messages are suppressed for plugins and other package types. Signatures for those other items will become available later.

Props dd32.
See #39309, #46615


Built from https://develop.svn.wordpress.org/trunk@45262


git-svn-id: http://core.svn.wordpress.org/trunk@45071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-24 07:44:51 +00:00
Sergey Biryukov d2ccaacedf Docs: Correct spelling in various comments and DocBlocks, per the conventions in Core Contributor Handbook.
Props man4toman, samanehmirrajabi.
Fixes #45857.
Built from https://develop.svn.wordpress.org/trunk@45232


git-svn-id: http://core.svn.wordpress.org/trunk@45041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-17 13:26:51 +00:00
John Blackbourn d4d1267847 I18N: Improvements to and additions of translator comments for various email subject strings.
Props ramiy

Fixes #46920

Built from https://develop.svn.wordpress.org/trunk@45204


git-svn-id: http://core.svn.wordpress.org/trunk@45013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-15 22:39:50 +00:00
desrosj e04ffc348b Administration: Remove unnecessary numbered placeholders.
Props: tobifjellner, thrijith.
Fixes #46824.
Built from https://develop.svn.wordpress.org/trunk@45167


git-svn-id: http://core.svn.wordpress.org/trunk@44976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-12 16:32:50 +00:00
Gary Pendergast cbc0240cd6 Privacy: Only mark a personal data export as complete when the user downloads it.
An admin may download an export to check that it's all correct, but this action shouldn't mark the request as complete.

Props garrett-eclipse, JoshuaWold, birgire.
Fixes #44644.


Built from https://develop.svn.wordpress.org/trunk@45148


git-svn-id: http://core.svn.wordpress.org/trunk@44957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-09 00:04:50 +00:00
tellyworth 23fe2800cc Upgrade/Install: Add more context in signature verify failures.
This includes version numbers and signature counts in error reports, to help diagnose isolated failures that have no apparent cause.

Props dd32.
See #39309.

Built from https://develop.svn.wordpress.org/trunk@45112


git-svn-id: http://core.svn.wordpress.org/trunk@44921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-05 05:20:51 +00:00
Sergey Biryukov 5291f46c8a Docs: Fix typo in a comment in `unzip_file()`.
Props mukesh27.
Fixes #46766.
Built from https://develop.svn.wordpress.org/trunk@45098


git-svn-id: http://core.svn.wordpress.org/trunk@44907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-02 13:34:53 +00:00
Sergey Biryukov 10409c0f7c Privacy: Ensure the personal data export email is sent in the locale of the user whose data is being exported (or the site's default locale if they are not a registered user) when the administrator fulfilling the request uses a different locale.
Props garrett-eclipse.
Fixes #46056.
Built from https://develop.svn.wordpress.org/trunk@45062


git-svn-id: http://core.svn.wordpress.org/trunk@44871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-28 21:29:50 +00:00
Sergey Biryukov 7d74080b80 Privacy: Introduce Privacy Policy page helpers:
* `is_privacy_policy()` template tag
* `privacy-policy.php` template
* `.privacy-policy` body class
* `.menu-item-privacy-policy` menu item class

Props garrett-eclipse, birgire, xkon, Clorith.
Fixes #44005.
Built from https://develop.svn.wordpress.org/trunk@44966


git-svn-id: http://core.svn.wordpress.org/trunk@44797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 19:48:50 +00:00
tellyworth e38814f359 Upgrade/Install: Add experimental package signing to some updates.
This adds code for soft verification of signatures for theme and plugin installs and updates, when provided by the update server. This experimental version does not reject unverified packages or failed signatures; it simply reports anonymous errors so we can evaluate its feasibility and detect incompatibilities.

This code relies on the new sodium_compat library for PHP versions prior to 7.2.

Props dd32, paragoninitiativeenterprises.
See #39309, #45806.

Built from https://develop.svn.wordpress.org/trunk@44954


git-svn-id: http://core.svn.wordpress.org/trunk@44785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 05:49:50 +00:00
desrosj 26ab5fcee1 Privacy: Be less restrictive of the HTML tags allowed in user data exports.
Previously, only `a` and `br` tags were allowed in the `value` table cell for each field included in the HTML file generated when a user is exporting their personal data. Instead of relying on a hardcoded list of allowed tags, the `wp_kses()` call in `wp_privacy_generate_personal_data_export_group_html()` will now fallback to the default list of allowed tags (which includes `i`, `strong`, `em`, and other basic HTML formatting tags).

Also, a new context of `personal_data_export` will now be passed to the `wp_kses()` call. As a result, the list of HTML tags and attributes allowed in the export file can now be filtered using the `wp_kses_allowed_html` filter and checking for the `personal_data_export` context.

Fixes #44044.
Props tz-media, desrosj, pento, birgire, garrett-eclipse.
Built from https://develop.svn.wordpress.org/trunk@44824


git-svn-id: http://core.svn.wordpress.org/trunk@44656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-08 22:05:53 +00:00
Gary Pendergast dcdfd7f412 Docs: Fix the last handful of incorrect `@since 5.0.0` docblock tags.
Props peterwilsoncc.
Fixes #45543.


Built from https://develop.svn.wordpress.org/trunk@44635


git-svn-id: http://core.svn.wordpress.org/trunk@44466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-17 06:46:50 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Gary Pendergast 8244397ffb Coding Standards: Prepare for upgrading WPCS to 1.0.0.
In order to get the best result when running `phpcbf` across the codebase, there are some manual tweaks we need to make.

These fall into three categories:
- Fixing incorrectly indented code which has flow-on effects when auto-fixing.
- Tweaking the layout of inline PHP inside HTML tags.
- Moving more complex inline PHP inside HTML tags, to execute earlier.

See #44600.


Built from https://develop.svn.wordpress.org/trunk@43569


git-svn-id: http://core.svn.wordpress.org/trunk@43398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-15 06:22:26 +00:00
Sergey Biryukov 08af3900c3 Privacy: Ensure the user request email is sent in the requested user's locale (or the site's default locale if they are not a registered user) when the administrator creating the request uses a different locale.
Props desrosj, Chouby, iandunn, lbenicio, birgire, earnjam, swissspidy, garrett-eclipse.
Fixes #43985.
Built from https://develop.svn.wordpress.org/trunk@43568


git-svn-id: http://core.svn.wordpress.org/trunk@43397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-13 16:32:27 +00:00
Sergey Biryukov 76e821e647 I18N: Separate two "About" strings with different context.
Props desrosj, XpertOne, Nao.
Fixes #44139.
Built from https://develop.svn.wordpress.org/trunk@43527


git-svn-id: http://core.svn.wordpress.org/trunk@43356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 15:04:25 +00:00
Aaron Jorbin 691dc59ad3 Privacy: Silence is golden and invisible.
"Be more discrete." declared matt in [3155], and since then, "Silence is Golden" has been the calling card of placeholder index files. Historically, these have been php files, but [43012] changed that and added index.html files for privacy export generated folders.

The php silence files produce no visible content. This adds consistency with these new html files in that there will be no visible content. Silence will fall when the question is asked.

Fixes #44195.
Props audrasjb, rafsuntaskin, Ov3rfly, johnbillion, pento


Built from https://develop.svn.wordpress.org/trunk@43446


git-svn-id: http://core.svn.wordpress.org/trunk@43273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-15 23:39:27 +00:00
Felix Arntz 9768bde3c4 Privacy: Fix a further inconsistency of site name and URL usage in notification emails.
This is a follow-up to [43388].

Props desrosj.
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43435


git-svn-id: http://core.svn.wordpress.org/trunk@43262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-08 13:55:28 +00:00
Sergey Biryukov 33c708feca Privacy: Remove unnecessary `This email has been sent to ###EMAIL###` from privacy emails.
The line was copied from the emails that get sent when an email address changes, without considering if it made sense in the new context.

Props iandunn, ianbelanger, desrosj.
Fixes #44030.
Built from https://develop.svn.wordpress.org/trunk@43353


git-svn-id: http://core.svn.wordpress.org/trunk@43181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:32:48 +00:00
Sergey Biryukov b4320bcd8f Docs: Add missing documentation and duplicate hook references for `wp_privacy_personal_data_export_file`, `wp_privacy_personal_data_exporters`, and `wp_privacy_personal_data_erasers` hooks.
Props birgire.
See #44125.
Built from https://develop.svn.wordpress.org/trunk@43303


git-svn-id: http://core.svn.wordpress.org/trunk@43132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-21 13:03:21 +00:00
Sergey Biryukov 35f94eb211 Privacy: Correct the error check when creating an export folder in `wp_privacy_generate_personal_data_export_file()`.
`wp_mkdir_p()` returns `false` on error, not a `WP_Error` object.

Props birgire.
Fixes #44158.
Built from https://develop.svn.wordpress.org/trunk@43299


git-svn-id: http://core.svn.wordpress.org/trunk@43128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-21 11:59:24 +00:00
iandunn fdd5b8dacd Privacy: Rename exports folder to avoid deleting other files.
Previously, personal data exports were stored in `wp-content/uploads/exports`, which is generic enough that it's likely there are existing folders with that name, either created by plugins or manually by administrators. If that folder were reused by Core, then `wp_privacy_delete_old_export_files()` would delete all of the existing files inside it, which is almost certainly not what the site owner wants or expects.

To avoid that, the folder is being renamed to include a specific reference to Core, and a more verbose description of its purpose. With those factored in, it's very unlikely that there will be any conflicts with existing folders.

The `wp_privacy_exports_dir()` and `wp_privacy_exports_url()` functions were introduced to provide a canonical source for the location, and the `wp_privacy_exports_dir` and `wp_privacy_exports_url` filters were introduced to allow plugins to customize it.

Props johnjamesjacoby, allendav.
Fixes #44091.

Built from https://develop.svn.wordpress.org/trunk@43284


git-svn-id: http://core.svn.wordpress.org/trunk@43113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-15 20:22:20 +00:00
Sergey Biryukov 0a9de1ef2e Privacy: Normalize file paths in `wp_privacy_generate_personal_data_export_file()` to make sure Windows paths don't have their backslashes stripped.
Props xkon, pmbaldha.
Fixes #43908.
Built from https://develop.svn.wordpress.org/trunk@43234


git-svn-id: http://core.svn.wordpress.org/trunk@43063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 21:11:23 +00:00
Sergey Biryukov 760ab78ff9 Privacy: Pass export request ID to `wp_privacy_personal_data_export_file_created` filter.
Props thomasplevy.
Fixes #44031.
Built from https://develop.svn.wordpress.org/trunk@43208


git-svn-id: http://core.svn.wordpress.org/trunk@43037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 23:18:22 +00:00
iandunn 798e3dc84d Privacy: Reuse existing archive filenames to maintain URLs.
Whenever an admin initiates a download or email of a personal data export, a fresh copy of the file is generated. Previously, a new filename was used each time, which could lead to situations where a URL that was emailed to a data subject is broken.

That can be avoided by reusing the same filename when building fresh archives.

Props desrosj, tz-media, allendav.
Fixes #43905.

Built from https://develop.svn.wordpress.org/trunk@43180


git-svn-id: http://core.svn.wordpress.org/trunk@43009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-08 00:52:21 +00:00
iandunn 3d4c461e50 Privacy: Store plugin callbacks in associative array for flexibility.
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.

Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.

Props desrosj, allendav, ocean90.
Fixes #43931.

Built from https://develop.svn.wordpress.org/trunk@43154


git-svn-id: http://core.svn.wordpress.org/trunk@42983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:28:21 +00:00
Andrew Ozz 3a43a64c20 Privacy: fix inconsistencies in new strings.
Props audrasjb.
Fixes #43925.
Built from https://develop.svn.wordpress.org/trunk@43118


git-svn-id: http://core.svn.wordpress.org/trunk@42947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 18:42:21 +00:00
Sergey Biryukov eca2bf8545 I18N: Correct translator comment in `wp_privacy_generate_personal_data_export_file()`.
See #43546.
Built from https://develop.svn.wordpress.org/trunk@43089


git-svn-id: http://core.svn.wordpress.org/trunk@42918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:52:22 +00:00
Andrew Ozz c77a8ed2fc Privacy: add attachments to the personal data export file.
Props allendav.
See #43883.
Built from https://develop.svn.wordpress.org/trunk@43054


git-svn-id: http://core.svn.wordpress.org/trunk@42883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 13:45:21 +00:00
iandunn 9abc0fe73e Privacy: Add `wp_privacy_personal_data_export_file_created` filter.
This runs immediately after the data export file has been successfully created, allowing plugins to introduce some workflow customizations. For example, a plugin could password-protect the export file, for peace of mind, even though the CSPRN in the filename makes brute force attacks nearly impossible.

See #43546.

Built from https://develop.svn.wordpress.org/trunk@43047


git-svn-id: http://core.svn.wordpress.org/trunk@42876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 21:04:22 +00:00
iandunn 23bf0c7535 Privacy: Add cron to delete expired export files to protect privacy.
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.

`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.

This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.

`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.

Props iandunn, desrosj.
See #43546.

Built from https://develop.svn.wordpress.org/trunk@43046


git-svn-id: http://core.svn.wordpress.org/trunk@42875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 20:09:23 +00:00
iandunn 5b4aa26436 Privacy: Use a CSPRNG in export filenames for more security.
`rand()` is deterministic and therefore offers much less protection in this context. `wp_generate_password()` is a convenient wrapper around `wp_rand()`, which uses `random_int()` to generate cryptographically-secure psuedorandom numbers.

See #43546.

Built from https://develop.svn.wordpress.org/trunk@43045


git-svn-id: http://core.svn.wordpress.org/trunk@42874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 18:53:25 +00:00