Commit Graph

37033 Commits

Author SHA1 Message Date
John Blackbourn 2916cd9417 Media: bring the capability check in `wp_ajax_crop_image()` inline with those in `wp_ajax_imgedit_preview()` and `wp_ajax_image_editor()`.
This change means that a user can crop an image if they have the ability to edit its attachment post, without requiring the ability to access the Customizer.

Fixes #40193

Built from https://develop.svn.wordpress.org/trunk@41270


git-svn-id: http://core.svn.wordpress.org/trunk@41110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-19 13:30:43 +00:00
Felix Arntz 755a926b65 Multisite: Use correct capability for the Updates page in the network admin.
A user should not be required to have the `update_core` capability to access the Updates page. Having one of the update capabilities for core, plugins, themes and languages should be sufficient.

Fixes #41538.

Built from https://develop.svn.wordpress.org/trunk@41269


git-svn-id: http://core.svn.wordpress.org/trunk@41109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-19 10:39:44 +00:00
Felix Arntz f6ebc1a80c Role/Capability: Introduce capabilities dedicated to installing and updating language files.
The new meta capabilities are called `install_languages` and `update_languages`. Prior to this change, there were no proper capability checks applied. Instead only the filesystem and related constants were checked, and for actual permissions a rather vague fallback was used where a user needed to have at least one of the other updating capabilities. In addition to being generally more verbose, the new capabilities make it possible for example to allow a user to update languages, but nothing else. By default they fall back to the original way of how they were handled.

Props johnbillion, flixos90.
Fixes #39677.

Built from https://develop.svn.wordpress.org/trunk@41268


git-svn-id: http://core.svn.wordpress.org/trunk@41108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 18:31:44 +00:00
Felix Arntz c14e0a0527 Post Thumbnails: Pass post ID to `post_thumbnail_size` filter.
In addition to the enhancement, tests for the filter usage including the new parameter have been added.

Props NathanAtmoz.
Fixes #39030.

Built from https://develop.svn.wordpress.org/trunk@41267


git-svn-id: http://core.svn.wordpress.org/trunk@41107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 18:19:44 +00:00
Konstantin Obenland 7414759f92 Widgets: Add tests for `retrieve_widgets()`.
Helps with maintaining back compat when making changes in the future.

See #39693.


Built from https://develop.svn.wordpress.org/trunk@41266


git-svn-id: http://core.svn.wordpress.org/trunk@41106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 15:04:43 +00:00
Adam Silverstein a806e2d3b3 Docs: Improve JavaScript documentation in autosave.js.
Add and improve JSDOC blocks.

Props carolinegeven.
Fixes #41203.



Built from https://develop.svn.wordpress.org/trunk@41265


git-svn-id: http://core.svn.wordpress.org/trunk@41105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 14:24:45 +00:00
Adam Silverstein d856eda571 Docs: Improve JavaScript documentation in color-picker.js.
Add and improve JSDOC blocks.

Props carolinegeven, jjcomack, jipmoors.
Fixes #41063.



Built from https://develop.svn.wordpress.org/trunk@41264


git-svn-id: http://core.svn.wordpress.org/trunk@41104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 13:10:44 +00:00
Gary Pendergast 61d683989f Tests: Rename ignored tests in `multisite.xml`.
For  bonus :yolo: :friday:, this repeats [41262] for `multisite.xml`, which duplicates the ignored file list from `phpunit.xml.dist`.

See #41658.


Built from https://develop.svn.wordpress.org/trunk@41263


git-svn-id: http://core.svn.wordpress.org/trunk@41103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 11:00:45 +00:00
Gary Pendergast 190012c409 Tests: Rename ignored tests in `phpunit.xml.dist`.
Some of the files renamed in [41261] are listed in `phpunit.xml.dist`, as they need to be ignore in PHP 5.2.

This followup commit changes `phpunit.xml.dist` to match their new names.

See #41658.


Built from https://develop.svn.wordpress.org/trunk@41262


git-svn-id: http://core.svn.wordpress.org/trunk@41102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 10:27:43 +00:00
Gary Pendergast 01be3075b6 Tests: Rename tests with underscore in the name
There were a handful of files with an underscore in the name, which violated our naming scheme, and caused problems for anyone how enforced the scheme on their own systems.

This commit renames all of the files to the correct camelCase scheme.

Fixes #41658.


Built from https://develop.svn.wordpress.org/trunk@41261


git-svn-id: http://core.svn.wordpress.org/trunk@41101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 09:58:46 +00:00
Weston Ruter 667f377cd0 Widgets: Prevent visual Text widget from decoding encoded HTML.
Also apply `the_editor_content` filters on widget `text` with `format_for_editor()` as is done for the post editor.

Amends [40631].
Props westonruter, azaozz.
See #35243.
Fixes #41596.

Built from https://develop.svn.wordpress.org/trunk@41260


git-svn-id: http://core.svn.wordpress.org/trunk@41100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-17 23:37:43 +00:00
Andrew Ozz b1d28c5e90 TinyMCE: Add the default `link` plugin without enabling it. This makes it easy for WordPress plugins to use it at places where `wplink` is not suitable, for example when initializing the editor from JS.
Props turtlepod.
Fixes #41590.
Built from https://develop.svn.wordpress.org/trunk@41259


git-svn-id: http://core.svn.wordpress.org/trunk@41099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-17 21:04:45 +00:00
Drew Jaynes d5e3ea444d Filesystem: Introduce the `pre_move_uploaded_file` filter.
Passing a non-null value to the filter will prevent the uploaded file from being moved to the uploads directory for any of the functions leveraging `_wp_handle_upload()`, such as `wp_handle_upload()` or `wp_handle_sideload()`.

Error reporting related to the file being moved will also be skipped.

Props ryan, Mte90.
Fixes #24603.

Built from https://develop.svn.wordpress.org/trunk@41258


git-svn-id: http://core.svn.wordpress.org/trunk@41098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-16 21:59:43 +00:00
Drew Jaynes e80cf1d861 Canonical: Check first before attempting to include a 'path' value in the URL in `strip_fragment_from_url()`.
Props Mte90.
Fixes #40542.

Built from https://develop.svn.wordpress.org/trunk@41257


git-svn-id: http://core.svn.wordpress.org/trunk@41097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-16 21:11:43 +00:00
Weston Ruter ea92bb5f10 Customize: Harden color control's logic for obtaining default value to prevent JS error when non-string default supplied.
Props andreagobetti, yonivh for testing.
Fixes #37174.

Built from https://develop.svn.wordpress.org/trunk@41256


git-svn-id: http://core.svn.wordpress.org/trunk@41096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-16 19:04:47 +00:00
John Blackbourn e06146a9b5 Options, Meta APIs: Update the multisite unit tests after [41254], [41164], and [41163].
This moves some more previously Multisite-only tests into the main test suite, and makes small adjustments to their assertions.

See #39118, #16470, #39117

Built from https://develop.svn.wordpress.org/trunk@41255


git-svn-id: http://core.svn.wordpress.org/trunk@41095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-15 09:16:43 +00:00
John Blackbourn b52e37f9bf Options, Meta APIs: Require a confirmation link in an email to be clicked when an admin attempts to change the site admin email address.
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.

Props MatheusGimenez, johnbillion

Fixes #39118

Built from https://develop.svn.wordpress.org/trunk@41254


git-svn-id: http://core.svn.wordpress.org/trunk@41094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 20:13:43 +00:00
John Blackbourn b51f60de6d Users: Display the "Your email address has not been updated yet" message when a user changes their profile email address from within network admin.
This ensures continuity with the regular profile editing screen and the user admin profile editing screen.

Fixes #41635

Built from https://develop.svn.wordpress.org/trunk@41253


git-svn-id: http://core.svn.wordpress.org/trunk@41093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 19:42:43 +00:00
Weston Ruter 75ad3494a8 Widgets: Expose link URL input field in Image widget to avoid having to open media modal to discover.
Props timmydcrawford, westonruter.
See #39993.
Fixes #41274.

Built from https://develop.svn.wordpress.org/trunk@41252


git-svn-id: http://core.svn.wordpress.org/trunk@41092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 17:56:42 +00:00
Weston Ruter ae47e05f74 Widgets: Suppress PHP warnings raised by `DOMDocument::loadHTML()` in `WP_Widget_Text::is_legacy_instance()` which could appear in Text widget forms.
Also explicitly use HTML5 doctype when parsing Text widget contents in legacy mode detection.

Amends [41050].
See #40951.
Fixes #41622.

Built from https://develop.svn.wordpress.org/trunk@41251


git-svn-id: http://core.svn.wordpress.org/trunk@41091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 05:59:42 +00:00
Peter Wilson d8bf666313 Emoji: Update Twemoji to 2.5.0.
Twemoji 2.3.0 has a rendering issue in Safari, emoji can sometimes be followed by U+FEOF (which is just a flag meaning "render the preceding character as emoji).

Twemoji wasn't catching this character correctly, and Safari rendered it incorrectly.

Twemoji 2.5.0 resolves this issue.

Fixes #41584.

Built from https://develop.svn.wordpress.org/trunk@41250


git-svn-id: http://core.svn.wordpress.org/trunk@41090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 02:04:45 +00:00
Weston Ruter 18613c0010 Widgets: Add missing `open` class for expanded widgets in Customizer; utilize `open` class for expansion detection in Text and Media widgets.
Fixes #41625.

Built from https://develop.svn.wordpress.org/trunk@41249


git-svn-id: http://core.svn.wordpress.org/trunk@41089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-13 06:25:43 +00:00
Weston Ruter 5c755f652b Customize: Prevent attachment deletions from silently failing in media modals opened for Media widgets.
Amends [40640].
See #32417.
Fixes #41609.

Built from https://develop.svn.wordpress.org/trunk@41248


git-svn-id: http://core.svn.wordpress.org/trunk@41088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-13 06:11:43 +00:00
Weston Ruter e956aa4176 Customize: Prevent wide widgets from being displayed as wide when Customizer is displayed in mobile breakpoint.
Fixes #41624.

Built from https://develop.svn.wordpress.org/trunk@41247


git-svn-id: http://core.svn.wordpress.org/trunk@41087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-13 05:55:43 +00:00
Weston Ruter a5d3688157 Customize: Update selector to add `max-height`/`max-width` for wide widgets to account for JS-driven Text widget and Media widgets.
Fixes #41623.

Built from https://develop.svn.wordpress.org/trunk@41246


git-svn-id: http://core.svn.wordpress.org/trunk@41086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-13 05:42:42 +00:00
Weston Ruter 9c3cdaf3fb Widgets: Fix extensibility of Text widgets so that JS logic will initialize on subclassed widgets.
Amends [40631].
See #35243.
Fixes #41540.

Built from https://develop.svn.wordpress.org/trunk@41245


git-svn-id: http://core.svn.wordpress.org/trunk@41085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-13 05:25:46 +00:00
Weston Ruter 300894da61 Customize: Prevent `_delete_option_fresh_site()` from hitting DB if `fresh_site` flag already cleared.
Amends [38991].
Props dlh, westonruter.
Fixes #41039.

Built from https://develop.svn.wordpress.org/trunk@41244


git-svn-id: http://core.svn.wordpress.org/trunk@41084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-13 00:57:43 +00:00
Weston Ruter 6428de97a7 Customize: Fix PHP warning raised when deleting a setting from changeset via passing `null` as params in `WP_Customize_Manager::save_changeset_post()`.
Props dlh.
Fixes #41621.

Built from https://develop.svn.wordpress.org/trunk@41243


git-svn-id: http://core.svn.wordpress.org/trunk@41083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-12 21:21:48 +00:00
Felix Arntz 473e1ba73b Multisite: Remove references to `$wpdb->siteid` and use `get_current_network_id()` instead.
Props sathyapulse, spacedmonkey.
Fixes #41507.

Built from https://develop.svn.wordpress.org/trunk@41242


git-svn-id: http://core.svn.wordpress.org/trunk@41082 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-12 13:11:43 +00:00
Felix Arntz 820d3973a3 Multisite: Rename internal `$site_id` variables referencing networks to `$network_id`.
This change improves code clarity by using the current naming conventions for networks.

Props lemacarl.
Fixes #41510.

Built from https://develop.svn.wordpress.org/trunk@41241


git-svn-id: http://core.svn.wordpress.org/trunk@41081 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-12 12:48:47 +00:00
Weston Ruter f0ee106d86 Media: Upgrade MediaElement.js from 4.2.3 to 4.2.5.
Props rafa8626.
See #39686.

Built from https://develop.svn.wordpress.org/trunk@41240


git-svn-id: http://core.svn.wordpress.org/trunk@41080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-12 06:20:44 +00:00
Adam Silverstein f42a3a2440 Docs: Improve JavaScript documentation in audiovideo.manifest.js.
Add and improve JSDOC blocks.

Props nicollle, manuelaugustin.
Fixes #41602.

Built from https://develop.svn.wordpress.org/trunk@41239


git-svn-id: http://core.svn.wordpress.org/trunk@41079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-11 20:37:45 +00:00
James Nylen fce0b2dcd9 REST API: Always call `rest_get_server()` instead of accessing the `$wp_rest_server` global.
This is a consistency improvement and also a bug fix for fairly obscure cases involving modified WP load order.

Fixes #41555.

Built from https://develop.svn.wordpress.org/trunk@41238


git-svn-id: http://core.svn.wordpress.org/trunk@41078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-10 01:38:43 +00:00
Konstantin Obenland e183d59acb Map nav menu locations on theme switch
This will send nav menu locations through three levels of mapping:
1. If both themes have only one location, that gets mapped.
2. If both themes have locations with the same slug, they get mapped.
3. Locations that (even partially) match slugs from a similar kind of menu location will get mapped.

Menu locations are mapped for Live Previews in the Customizer and during theme switches.

Props westonruter, obenland, welcher, melchoyce.
Fixes #39692.


Built from https://develop.svn.wordpress.org/trunk@41237


git-svn-id: http://core.svn.wordpress.org/trunk@41077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-09 21:04:47 +00:00
Sergey Biryukov 5fe8d31118 Link Template: Allow the `type` argument to be passed through `get_the_comments_pagination()` as long as its value isn't `array`.
See [30820] for `get_the_posts_pagination().

Props jainnidhi, poena.
Fixes #39792.
Built from https://develop.svn.wordpress.org/trunk@41236


git-svn-id: http://core.svn.wordpress.org/trunk@41076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-09 04:07:43 +00:00
Sergey Biryukov dd330359eb Docs: Correct `@param` type for `$term_id` in `get_term_children()`.
Props Soean, wido.
Fixes #41585.
Built from https://develop.svn.wordpress.org/trunk@41235


git-svn-id: http://core.svn.wordpress.org/trunk@41075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-08 20:53:46 +00:00
Sergey Biryukov 187b4ad48b Media: Pass shortcode attributes to `wp_audio_shortcode_class` and `wp_video_shortcode_class` filters.
Props sathyapulse.
Fixes #37329.
Built from https://develop.svn.wordpress.org/trunk@41234


git-svn-id: http://core.svn.wordpress.org/trunk@41074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-05 16:42:45 +00:00
Drew Jaynes 1a123e432f External Libraries: Update jQuery Form (unused in core) to the latest version, 4.2.1.
Fixes #41565.

Built from https://develop.svn.wordpress.org/trunk@41233


git-svn-id: http://core.svn.wordpress.org/trunk@41073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-05 13:00:47 +00:00
John Blackbourn 41f71598f7 Formatting: Introduce `get_the_post_type_description()` to allow post type archive descriptions to be formatted the same as author and term archives.
Props henry.wright

Fixes #40040

Built from https://develop.svn.wordpress.org/trunk@41232


git-svn-id: http://core.svn.wordpress.org/trunk@41072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-04 23:01:44 +00:00
John Blackbourn c96b33e3a5 Plugins: Correct and improve docblocks for the various `plugin_action_links` filters on the Plugins screen.
This also adds a changelog for the removal of the Edit links in [41160].

See #41017
Fixes #38169

Built from https://develop.svn.wordpress.org/trunk@41231


git-svn-id: http://core.svn.wordpress.org/trunk@41071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-04 22:15:45 +00:00
John Blackbourn c26b735c8a Multisite: Clarify descriptions of the `wpmu_signup_blog_notification()` and `wpmu_signup_user_notification()` functions.
See #41017

Built from https://develop.svn.wordpress.org/trunk@41230


git-svn-id: http://core.svn.wordpress.org/trunk@41070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-04 14:21:43 +00:00
John Blackbourn 5062d7d134 Media: Move the `Tests_Media::test_video_shortcode_body()` method so it runs before other tests in the class that depend on it.
The following tests were never executed as they have `@depends` annotations which means they get skipped because the `test_video_shortcode_body()` test has not run by the time they run. Re-ordering the test methods fixes this.

* `test_wp_video_shortcode_with_empty_params()`
* `test_wp_video_shortcode_with_bad_attr()`
* `test_wp_video_shortcode_attributes()`
* `test_wp_video_shortcode_youtube_remove_feature()`
* `test_wp_video_shortcode_youtube_force_ssl()`
* `test_wp_video_shortcode_vimeo_force_ssl_remove_query_args()`
* `test_wp_video_shortcode_vimeo_adds_loop()`
* `test_wp_video_shortcode_vimeo_force_adds_loop_true()`

See #35367

Built from https://develop.svn.wordpress.org/trunk@41229


git-svn-id: http://core.svn.wordpress.org/trunk@41069 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-04 14:06:43 +00:00
John Blackbourn 22779110c4 REST API: Populate some missing tests from test cases which extend the controller test case.
See #41463

Built from https://develop.svn.wordpress.org/trunk@41228


git-svn-id: http://core.svn.wordpress.org/trunk@41068 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-04 13:56:46 +00:00
Andrea Fercia a029f83fb5 Menus: Visually hide the menu item edit link text in a consistent way.
Fixes a visual glitch visible on Ubuntu. WordPress uses system fonts and they have
different metrics across operating systems. Uses screen-reader-text as a more
solid way to visually hide text.

Props punit5658, afercia.
Fixes #41497.

Built from https://develop.svn.wordpress.org/trunk@41227


git-svn-id: http://core.svn.wordpress.org/trunk@41067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 22:12:43 +00:00
Felix Arntz 1d0478d4b1 REST API: Allow site administrators to edit user roles in multisite.
While site administrators cannot generally edit users in multisite, they have always been able to change the roles of users on their site. In the REST API however, this has not been possible so far. This changeset brings parity with how it is handled in the administration panel: A REST request to edit only a user's roles succeeds correctly, while a REST request to edit any further details of a user fails.

Props jnylen0.
Fixes #40263.

Built from https://develop.svn.wordpress.org/trunk@41226


git-svn-id: http://core.svn.wordpress.org/trunk@41066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 21:59:44 +00:00
Felix Arntz 7e2ca92e69 Multisite: Introduce a `can_add_user_to_blog` filter to prevent adding a user to a site.
Under certain circumstances, it can be necessary that a user should not be added to a site, beyond the restrictions that WordPress core applies. With the new `can_add_user_to_blog` filter, plugin developers can run custom checks and return an error in case of a failure, that will prevent the user from being added.

The user-facing parts and the REST API route that interact with `add_user_to_blog()` have been adjusted accordingly to provide appropriate error feedback when a user could not be added to a site. Furthermore, two existing error feedback messages in the site admin's "New User" screen have been adjusted to properly show inside an error notice instead of a success notice.

Props jmdodd.
Fixes #41101.

Built from https://develop.svn.wordpress.org/trunk@41225


git-svn-id: http://core.svn.wordpress.org/trunk@41065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 21:41:45 +00:00
Andrea Fercia 19aab9d3d6 REST API: Make jshint happy again after [41222].
See #40919.

Built from https://develop.svn.wordpress.org/trunk@41224


git-svn-id: http://core.svn.wordpress.org/trunk@41064 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 20:36:42 +00:00
James Nylen 0ef4d4289f REST API: Exclude numeric parameters from regex parsing
The list of endpoint parameters should only include explicitly named and requested parameters.

Props flixos90, rmccue, jnylen0.
Fixes #40704.

Built from https://develop.svn.wordpress.org/trunk@41223


git-svn-id: http://core.svn.wordpress.org/trunk@41063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 19:55:43 +00:00
James Nylen 17c48865db REST API: Add QUnit tests for `api-request.js`
These should have been included in [41206].

See #40919.

Built from https://develop.svn.wordpress.org/trunk@41222


git-svn-id: http://core.svn.wordpress.org/trunk@41062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 19:47:45 +00:00
John Blackbourn 4981452aba General: Fix more instances of inconsistent parameters passed to various filters, plus fix some filter docs.
See #38462, #41017

Built from https://develop.svn.wordpress.org/trunk@41221


git-svn-id: http://core.svn.wordpress.org/trunk@41061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 16:13:44 +00:00