This adds an object cache drop-in to the `tests/phpunit/includes` directory to avoid relying on and having to copy from an external repository.
Follow up to [50313].
See #50401.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@50315 602fd350-edb4-49c9-b593-d223f7449a82
Adjust it to handle more types of timeouts, e.g. "Resolving timed out", "Connection timed out".
Merges [38757], [43511], [43512], [46682], [46996] to the 4.5 branch.
See #51669.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@50090 602fd350-edb4-49c9-b593-d223f7449a82
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.
Brings the changes from [49380,49382-49388] to the 4.5 branch.
Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@49401 602fd350-edb4-49c9-b593-d223f7449a82
Query: Ensure that only a single post can be returned on date/time based queries.
Cache API: Ensure proper escaping around the stats method in the cache API.
Formatting: Expand `sanitize_file_name` to have better support for utf8 characters.
Brings the changes in [47634], [47635], [47637], and [47638] to the 4.7 branch.
Props: batmoo, ehti, nickdaugherty, peterwilsoncc, sergeybiryukov, sstoqnov, westi, whyisjake, whyisjake, xknown.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@47652 602fd350-edb4-49c9-b593-d223f7449a82
These tests no longer test anything that WordPress core has control over. YouTube now serves everything
over HTTPS by default, so the tests for #23149 will always pass, and the tests for #32714 aren't testing
anything that core has control over.
Tests for the responses from oEmbed providers has been attempted and reverted in #32360.
Props johnbillion.
Merges [41712] to the 4.5 branch.
See #42076, #32714, #23149.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@47482 602fd350-edb4-49c9-b593-d223f7449a82
`wp_kses_bad_protocol()` makes sure to validate that uri attributes don’t contain invalid/or not allowed protocols. While this works fine in most cases, there’s a risk that by using the colon html5 named entity, one is able to bypass this function.
Brings r46895 to the 4.5 branch.
Props: xknown, nickdaugherty, peterwilsoncc.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@46913 602fd350-edb4-49c9-b593-d223f7449a82
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
Merges [41662], [42056] to the 4.5 branch.
See #41925.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@42060 602fd350-edb4-49c9-b593-d223f7449a82
PHPUnit 6.4.1 and earlier versions ignored the `'0'` value, causing the issue to go unnoticed.
Merge of [41870] to the 4.5 branch.
Props SergeyBiryukov.
See #42232.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@42054 602fd350-edb4-49c9-b593-d223f7449a82
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.
Merges [41496] to 4.5 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@41500 602fd350-edb4-49c9-b593-d223f7449a82
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.
Merges [41470] to 4.5 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@41474 602fd350-edb4-49c9-b593-d223f7449a82
This skips time sensitive tests (copyright year and PHP/MySQL version requirements) when tests are run on branches on Travis.
Props netweb, jorbin
Fixes#39486
Merges [40241] to the 4.5 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@40242 602fd350-edb4-49c9-b593-d223f7449a82
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.
Merge of [38615] to the 4.5 branch.
Fixes#37989.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@39711 602fd350-edb4-49c9-b593-d223f7449a82
Otherwise `wp_filter_pre_oembed_result()` could erroneously return the HTML of the current post instead of the intended result.
Merge of [37729] to the 4.5 branch.
Props kraftbj.
See #36767.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@37732 602fd350-edb4-49c9-b593-d223f7449a82
When the post being embedded is from the same site, there's no reason to do an HTTP request for it. The data can be fetched directly using `get_oembed_response_data()`.
Merge of [37708] to the 4.5 branch.
Fixes#36767.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@37709 602fd350-edb4-49c9-b593-d223f7449a82
When upgrading to `utf8mb4`, `TEXT` fields will be upgraded to `MEDIUMTEXT` (and likewise for all other `*TEXT` and `*BLOB` fields). This is to allow for the additional space requirements of `utf8mb4`.
On the subsequent upgrade, after the `utf8mb4` upgrade, `dbDelta()` would try and downgrade the fields to their original size again. At best, this it a waste of time, at worst, this could truncate any data larger than the original size. There's no harm in leaving them at their original size, so let's do that.
Merge of [37525] to the 4.5 branch.
Props pento.
See #36748.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@37606 602fd350-edb4-49c9-b593-d223f7449a82
Fixes warning related to a non-array argument for `array_merge()` in `WP_Customize_Widgets::customize_register()`.
Merge of [37352] to the 4.5 branch.
See [37166].
See #36389.
Fixes#36660.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@37453 602fd350-edb4-49c9-b593-d223f7449a82
Adding the `singular` class per default to the list of body classes is breaking the layout of Twenty Eleven and other themes. Twenty Eleven adds the `singular` class only to single pages if the page doesn't use specific page templates.
Merge of [37249] to the 4.5 branch.
Props flixos90, swissspidy.
Fixes#36510.
git-svn-id: https://develop.svn.wordpress.org/branches/4.5@37250 602fd350-edb4-49c9-b593-d223f7449a82
This disables the concatenation of remaining enqueued scripts once `wp_add_inline_script()` is invoked, which allows us to reliably print these scripts and their before/after inline scripts in the desired order.
Props gitlost, azaozz, swisspidy, ocean90.
Fixes#36392.
git-svn-id: https://develop.svn.wordpress.org/trunk@37171 602fd350-edb4-49c9-b593-d223f7449a82
Theme support for `customize-selective-refresh-widgets` can be added _after_ the logic for registering the settings for incoming widgets that have been changed. This is due to themes adding the theme support in `after_setup_theme` which is also the action where `WP_Customize_Widgets::register_settings()` is called. If these both happen at priority 10, which one is called first depends on which one was added first. The other issue is that at the time that `WP_Customize_Widgets::register_settings()` is called at `after_setup_theme`, it is called before `widgets_init` and thus no widgets are yet registered. This means that any settings registered at this point will always have a `refresh` transport even if the theme supports `customize-selective-refresh-widgets`, since the `WP_Widget` instance is not visible yet to see if it supports selective refresh.
The fix: Defer `WP_Customize_Widgets::register_settings()` from `after_setup_theme` to `widgets_init` at priority 95 when the widget objects have all been registered. Also, ensure that the preview filter for `sidebars_widgets` is added before the sidebars are iterated for adding the controls.
Props westonruter.
Fixes#36389.
git-svn-id: https://develop.svn.wordpress.org/trunk@37166 602fd350-edb4-49c9-b593-d223f7449a82
Percent signs are reserved characters in URIs. As such, it was impossible for
plugins to route requests to trashed posts, as happens in bbPress. The new
`__trashed` suffix should be sufficiently unique.
Also adds a test that demonstrates that the `__trashed` suffix can be
appended to slugs that contain the suffix somewhere other than the end of
the string.
Props netweb, ericlewis.
Fixes#11863.
git-svn-id: https://develop.svn.wordpress.org/trunk@37165 602fd350-edb4-49c9-b593-d223f7449a82
We goofed, and parameters accessed through the REST API's methods
were slashed (inconsistently, even). This unslashes the data, so
you get the un-messed-with data that was sent.
Props joehoyle.
Fixes#36419.
git-svn-id: https://develop.svn.wordpress.org/trunk@37163 602fd350-edb4-49c9-b593-d223f7449a82
This reverts part of [34659] due to excessive canonical problems it's caused in 4.4.x.
Remove the unit tests which are no longer supported.
This also removes the `is_feed()` code to avoid confusion - only pages & embeds will be redirected.
Merges [36280] and [36281] to trunk.
Props dd32.
See #21602, #35344.
git-svn-id: https://develop.svn.wordpress.org/trunk@37075 602fd350-edb4-49c9-b593-d223f7449a82
* Introduces `customize-selective-refresh-widgets` theme support feature and adds to themes.
* Introduces `customize_selective_refresh` arg for `WP_Widget::$widget_options` and adds to all core widgets.
* Remove `selective_refresh` from being a component that can be removed via `customize_loaded_components` filter.
* Add `WP_Customize_Widgets::get_selective_refreshable_widgets()` and `WP_Customize_Widgets::is_widget_selective_refreshable()`.
* Fix default `selector` for `Partial` instances.
* Implement and improve Masronry sidebar refresh logic in Twenty Thirteen and Twenty Fourteen, including preservation of initial widget position after refresh.
* Re-initialize ME.js when refreshing `Twenty_Fourteen_Ephemera_Widget`.
See #27355.
Fixes#35855.
git-svn-id: https://develop.svn.wordpress.org/trunk@37040 602fd350-edb4-49c9-b593-d223f7449a82
Confusion abound, the API index is the generic term `url` to display the `site_url`. New `home` key will display the `home_url` in the index as well.
Fixes#35647.
git-svn-id: https://develop.svn.wordpress.org/trunk@37031 602fd350-edb4-49c9-b593-d223f7449a82
