Changeset 54563
- Timestamp:
- 10/17/2022 06:08:00 PM (2 years ago)
- Location:
- branches/5.2
- Files:
-
- 20 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/5.2
- Property svn:mergeinfo changed
/trunk merged: 54521-54530,54541
- Property svn:mergeinfo changed
-
branches/5.2/src/wp-admin/includes/ajax-actions.php
r45938 r54563 2756 2756 // Filter query clauses to include filenames. 2757 2757 if ( isset( $query['s'] ) ) { 2758 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );2758 add_filter( '' ); 2759 2759 } 2760 2760 -
branches/5.2/src/wp-admin/includes/post.php
r45219 r54563 1246 1246 // Filter query clauses to include filenames. 1247 1247 if ( isset( $q['s'] ) ) { 1248 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );1248 add_filter( '' ); 1249 1249 } 1250 1250 -
branches/5.2/src/wp-includes/class-wp-query.php
r47645 r54563 434 434 public $thumbnails_cached = false; 435 435 436 437 438 439 440 441 442 436 443 /** 437 444 * Cached list of search stopwords. … … 1370 1377 } 1371 1378 1372 $like = $n . $wpdb->esc_like( $term ) . $n; 1373 $search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s))", $like, $like, $like ); 1379 $like = $n . $wpdb->esc_like( $term ) . $n; 1380 1381 if ( ! empty( $this->allow_query_attachment_by_filename ) ) { 1382 $search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s) $andor_op (sq1.meta_value $like_op %s))", $like, $like, $like, $like ); 1383 } else { 1384 $search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s))", $like, $like, $like ); 1385 } 1374 1386 $searchand = ' AND '; 1375 1387 } … … 1754 1766 $q = $this->fill_query_vars( $q ); 1755 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1756 1778 // Parse meta query 1757 1779 $this->meta_query = new WP_Meta_Query(); … … 2184 2206 } 2185 2207 2186 if ( ! empty( $this->tax_query->queries ) || ! empty( $this->meta_query->queries ) ) {2208 if ( ! empty( $this->tax_query->queries ) || ! empty( $this->meta_query->queries ) ) { 2187 2209 $groupby = "{$wpdb->posts}.ID"; 2188 2210 } … … 2260 2282 } 2261 2283 $where .= $search . $whichauthor . $whichmimetype; 2284 2285 2286 2287 2262 2288 2263 2289 if ( ! empty( $this->meta_query->queries ) ) { -
branches/5.2/src/wp-includes/comment.php
r47917 r54563 2307 2307 } 2308 2308 2309 2310 2311 2312 2313 2314 2315 2316 2317 2309 2318 // Escape data pulled from DB. 2310 2319 $comment = wp_slash( $comment ); … … 2316 2325 2317 2326 $commentarr = wp_filter_comment( $commentarr ); 2327 2328 2329 2330 2318 2331 2319 2332 // Now extract the merged array. -
branches/5.2/src/wp-includes/customize/class-wp-customize-header-image-control.php
r44600 r54563 131 131 132 132 <button type="button" class="choice thumbnail" 133 data-customize-image-value="{{ {data.header.url}}}"133 data-customize-image-value="{{}}" 134 134 data-customize-header-image-data="{{JSON.stringify(data.header)}}"> 135 135 <span class="screen-reader-text"><?php _e( 'Set image' ); ?></span> 136 <img src="{{ {data.header.thumbnail_url}}}" alt="{{{data.header.alt_text || data.header.description}}}">136 <img src="{{> 137 137 </button> 138 138 -
branches/5.2/src/wp-includes/customize/class-wp-customize-site-icon-control.php
r44796 r54563 65 65 <img src="{{ data.attachment.sizes.full ? data.attachment.sizes.full.url : data.attachment.url }}" alt="<?php esc_attr_e( 'Preview as a browser icon' ); ?>"/> 66 66 </div> 67 <span class="browser-title" aria-hidden="true"><?php bloginfo( 'name'); ?></span>67 <span class="browser-title" aria-hidden="true"><?php ); ?></span> 68 68 </div> 69 69 <img class="app-icon-preview" src="{{ data.attachment.sizes.full ? data.attachment.sizes.full.url : data.attachment.url }}" alt="<?php esc_attr_e( 'Preview as an app icon' ); ?>"/> -
branches/5.2/src/wp-includes/date.php
r42877 r54563 146 146 */ 147 147 public function __construct( $date_query, $default_column = 'post_date' ) { 148 if ( isset( $date_query['relation'] ) && 'OR' === strtoupper( $date_query['relation'] )) {149 $this->relation = 'OR';148 if ( isset( $date_query['relation'] ) ) { 149 $this->relation = ; 150 150 } else { 151 151 $this->relation = 'AND'; … … 225 225 $this->validate_date_values( $queries ); 226 226 } 227 228 229 227 230 228 231 foreach ( $queries as $key => $q ) { … … 1021 1024 return $wpdb->prepare( "DATE_FORMAT( $column, %s ) $compare %f", $format, $time ); 1022 1025 } 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1023 1042 } -
branches/5.2/src/wp-includes/deprecated.php
r44785 r54563 3953 3953 } 3954 3954 } 3955 3956 3957 3958 3959 3960 3961 3962 3963 3964 3965 3966 3967 3968 3969 3970 3971 3972 -
branches/5.2/src/wp-includes/functions.php
r51747 r54563 2926 2926 $html = __( 'The link you followed has expired.' ); 2927 2927 if ( wp_get_referer() ) { 2928 $html .= '</p><p>'; 2929 $html .= sprintf( 2928 $wp_http_referer = remove_query_arg( 'updated', wp_get_referer() ); 2929 $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) ); 2930 $html .= '</p><p>'; 2931 $html .= sprintf( 2930 2932 '<a href="%s">%s</a>', 2931 esc_url( remove_query_arg( 'updated', wp_get_referer() )),2933 esc_url( ), 2932 2934 __( 'Please try again.' ) 2933 2935 ); -
branches/5.2/src/wp-includes/media-template.php
r45866 r54563 1332 1332 <img id="preview-favicon" src="{{ data.url }}" alt="<?php esc_attr_e( 'Preview as a browser icon' ); ?>"/> 1333 1333 </div> 1334 <span class="browser-title" aria-hidden="true"><?php bloginfo( 'name'); ?></span>1334 <span class="browser-title" aria-hidden="true"><?php ); ?></span> 1335 1335 </div> 1336 1336 -
branches/5.2/src/wp-includes/pluggable.php
r47960 r54563 315 315 $phpmailer->clearCustomHeaders(); 316 316 $phpmailer->clearReplyTos(); 317 318 317 319 318 320 // From email and name -
branches/5.2/src/wp-includes/post.php
r52471 r54563 1884 1884 * @since 4.5.0 Added the ability to pass a post type name in addition to object. 1885 1885 * @since 4.6.0 Converted the `$post_type` parameter to accept a `WP_Post_Type` object. 1886 1886 1887 * 1887 1888 * @param string|WP_Post_Type $post_type Post type name or object. … … 1891 1892 if ( is_scalar( $post_type ) ) { 1892 1893 $post_type = get_post_type_object( $post_type ); 1894 1893 1895 if ( ! $post_type ) { 1894 1896 return false; … … 1896 1898 } 1897 1899 1898 return $post_type->publicly_queryable || ( $post_type->_builtin && $post_type->public ); 1900 if ( ! is_object( $post_type ) ) { 1901 return false; 1902 } 1903 1904 $is_viewable = $post_type->publicly_queryable || ( $post_type->_builtin && $post_type->public ); 1905 1906 /** 1907 * Filters whether a post type is considered "viewable". 1908 * 1909 * The returned filtered value must be a boolean type to ensure 1910 * `is_post_type_viewable()` only returns a boolean. This strictness 1911 * is by design to maintain backwards-compatibility and guard against 1912 * potential type errors in PHP 8.1+. Non-boolean values (even falsey 1913 * and truthy values) will result in the function returning false. 1914 * 1915 * @since 5.9.0 1916 * 1917 * @param bool $is_viewable Whether the post type is "viewable" (strict type). 1918 * @param WP_Post_Type $post_type Post type object. 1919 */ 1920 return true === apply_filters( 'is_post_type_viewable', $is_viewable, $post_type ); 1921 } 1922 1923 /** 1924 * Determines whether a post status is considered "viewable". 1925 * 1926 * For built-in post statuses such as publish and private, the 'public' value will be evaluated. 1927 * For all others, the 'publicly_queryable' value will be used. 1928 * 1929 * @since 5.7.0 1930 * @since 5.9.0 Added `is_post_status_viewable` hook to filter the result. 1931 * 1932 * @param string|stdClass $post_status Post status name or object. 1933 * @return bool Whether the post status should be considered viewable. 1934 */ 1935 function is_post_status_viewable( $post_status ) { 1936 if ( is_scalar( $post_status ) ) { 1937 $post_status = get_post_status_object( $post_status ); 1938 1939 if ( ! $post_status ) { 1940 return false; 1941 } 1942 } 1943 1944 if ( 1945 ! is_object( $post_status ) || 1946 $post_status->internal || 1947 $post_status->protected 1948 ) { 1949 return false; 1950 } 1951 1952 $is_viewable = $post_status->publicly_queryable || ( $post_status->_builtin && $post_status->public ); 1953 1954 /** 1955 * Filters whether a post status is considered "viewable". 1956 * 1957 * The returned filtered value must be a boolean type to ensure 1958 * `is_post_status_viewable()` only returns a boolean. This strictness 1959 * is by design to maintain backwards-compatibility and guard against 1960 * potential type errors in PHP 8.1+. Non-boolean values (even falsey 1961 * and truthy values) will result in the function returning false. 1962 * 1963 * @since 5.9.0 1964 * 1965 * @param bool $is_viewable Whether the post status is "viewable" (strict type). 1966 * @param stdClass $post_status Post status object. 1967 */ 1968 return true === apply_filters( 'is_post_status_viewable', $is_viewable, $post_status ); 1969 } 1970 1971 /** 1972 * Determines whether a post is publicly viewable. 1973 * 1974 * Posts are considered publicly viewable if both the post status and post type 1975 * are viewable. 1976 * 1977 * @since 5.7.0 1978 * 1979 * @param int|WP_Post|null $post Optional. Post ID or post object. Defaults to global $post. 1980 * @return bool Whether the post is publicly viewable. 1981 */ 1982 function is_post_publicly_viewable( $post = null ) { 1983 $post = get_post( $post ); 1984 1985 if ( ! $post ) { 1986 return false; 1987 } 1988 1989 $post_type = get_post_type( $post ); 1990 $post_status = get_post_status( $post ); 1991 1992 return is_post_type_viewable( $post_type ) && is_post_status_viewable( $post_status ); 1899 1993 } 1900 1994 … … 6864 6958 6865 6959 /** 6866 * Filter the SQL clauses of an attachment query to include filenames.6867 *6868 * @since 4.7.06869 * @access private6870 *6871 * @global wpdb $wpdb WordPress database abstraction object.6872 *6873 * @param array $clauses An array including WHERE, GROUP BY, JOIN, ORDER BY,6874 * DISTINCT, fields (SELECT), and LIMITS clauses.6875 * @return array The modified clauses.6876 */6877 function _filter_query_attachment_filenames( $clauses ) {6878 global $wpdb;6879 remove_filter( 'posts_clauses', __FUNCTION__ );6880 6881 // Add a LEFT JOIN of the postmeta table so we don't trample existing JOINs.6882 $clauses['join'] .= " LEFT JOIN {$wpdb->postmeta} AS sq1 ON ( {$wpdb->posts}.ID = sq1.post_id AND sq1.meta_key = '_wp_attached_file' )";6883 6884 $clauses['groupby'] = "{$wpdb->posts}.ID";6885 6886 $clauses['where'] = preg_replace(6887 "/\({$wpdb->posts}.post_content (NOT LIKE|LIKE) (\'[^']+\')\)/",6888 '$0 OR ( sq1.meta_value $1 $2 )',6889 $clauses['where']6890 );6891 6892 return $clauses;6893 }6894 6895 /**6896 6960 * Sets the last changed time for the 'posts' cache group. 6897 6961 * -
branches/5.2/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
r44934 r54563 49 49 // Filter query clauses to include filenames. 50 50 if ( isset( $query_args['s'] ) ) { 51 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );51 add_filter( '' ); 52 52 } 53 53 -
branches/5.2/src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php
r45267 r54563 136 136 137 137 /** 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 138 167 * Checks if a request has access to read terms in the specified taxonomy. 139 168 * … … 145 174 public function get_items_permissions_check( $request ) { 146 175 $tax_obj = get_taxonomy( $this->taxonomy ); 176 147 177 if ( ! $tax_obj || ! $this->check_is_taxonomy_allowed( $this->taxonomy ) ) { 148 178 return false; 149 179 } 180 150 181 if ( 'edit' === $request['context'] && ! current_user_can( $tax_obj->cap->edit_terms ) ) { 151 return new WP_Error( 'rest_forbidden_context', __( 'Sorry, you are not allowed to edit terms in this taxonomy.' ), array( 'status' => rest_authorization_required_code() ) ); 152 } 182 return new WP_Error( 183 'rest_forbidden_context', 184 __( 'Sorry, you are not allowed to edit terms in this taxonomy.' ), 185 array( 'status' => rest_authorization_required_code() ) 186 ); 187 } 188 189 if ( ! empty( $request['post'] ) ) { 190 $post = get_post( $request['post'] ); 191 192 if ( ! $post ) { 193 return new WP_Error( 194 'rest_post_invalid_id', 195 __( 'Invalid post ID.' ), 196 array( 197 'status' => 400, 198 ) 199 ); 200 } 201 202 if ( ! $this->check_read_terms_permission_for_post( $post, $request ) ) { 203 return new WP_Error( 204 'rest_forbidden_context', 205 __( 'Sorry, you are not allowed to view terms for this post.' ), 206 array( 207 'status' => rest_authorization_required_code(), 208 ) 209 ); 210 } 211 } 212 153 213 return true; 154 214 } -
branches/5.2/src/wp-includes/widgets.php
r44585 r54563 1447 1447 if ( is_wp_error( $rss ) ) { 1448 1448 if ( is_admin() || current_user_can( 'manage_options' ) ) { 1449 echo '<p><strong>' . __( 'RSS Error:' ) . '</strong> ' . $rss->get_error_message() . '</p>';1449 echo '<p><strong>' . __( 'RSS Error:' ) . '</strong> ' . ) . '</p>'; 1450 1450 } 1451 1451 return; … … 1570 1570 1571 1571 if ( ! empty( $args['error'] ) ) { 1572 echo '<p class="widget-error"><strong>' . __( 'RSS Error:' ) . '</strong> ' . $args['error']. '</p>';1572 echo '<p class="widget-error"><strong>' . __( 'RSS Error:' ) . '</strong> ' . . '</p>'; 1573 1573 } 1574 1574 -
branches/5.2/src/wp-mail.php
r42343 r54563 65 65 wp_die( __( 'There doesn’t seem to be any new mail.' ) ); 66 66 } 67 68 69 67 70 68 71 for ( $i = 1; $i <= $count; $i++ ) { … … 132 135 $author = sanitize_email( $author ); 133 136 if ( is_email( $author ) ) { 134 /* translators: Post author email address */135 echo '<p>' . sprintf( __( 'Author is %s' ), $author ) . '</p>';136 137 $userdata = get_user_by( 'email', $author ); 137 138 if ( ! empty( $userdata ) ) { -
branches/5.2/src/wp-trackback.php
r42343 r54563 13 13 wp( array( 'tb' => '1' ) ); 14 14 } 15 16 17 15 18 16 19 /** -
branches/5.2/tests/phpunit/tests/query/search.php
r43571 r54563 456 456 457 457 add_post_meta( $attachment, '_wp_attached_file', 'some-image1.png', true ); 458 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );458 add_filter( '' ); 459 459 460 460 // Pass post_type a string value. … … 486 486 487 487 add_post_meta( $attachment, '_wp_attached_file', 'some-image2.png', true ); 488 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );488 add_filter( '' ); 489 489 490 490 // Pass post_type an array value. … … 545 545 add_post_meta( $attachment, '_wp_attached_file', 'some-image4.png', true ); 546 546 add_post_meta( $attachment, '_test_meta_key', 'value', true ); 547 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );547 add_filter( '' ); 548 548 549 549 // Pass post_type a string value. … … 585 585 586 586 add_post_meta( $attachment, '_wp_attached_file', 'some-image5.png', true ); 587 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );587 add_filter( '' ); 588 588 589 589 // Pass post_type a string value. … … 610 610 * @ticket 22744 611 611 */ 612 public function test_filter_query_attachment_filenames_unhooks_itself() { 613 add_filter( 'posts_clauses', '_filter_query_attachment_filenames' ); 614 615 apply_filters( 616 'posts_clauses', 617 array( 618 'where' => '', 619 'groupby' => '', 620 'join' => '', 621 'orderby' => '', 622 'distinct' => '', 623 'fields' => '', 624 'limit' => '', 625 ) 626 ); 627 628 $result = has_filter( 'posts_clauses', '_filter_query_attachment_filenames' ); 629 630 $this->assertFalse( $result ); 612 public function test_wp_query_removes_filter_wp_allow_query_attachment_by_filename() { 613 $attachment = self::factory()->post->create( 614 array( 615 'post_type' => 'attachment', 616 'post_status' => 'publish', 617 'post_title' => 'bar foo', 618 'post_content' => 'foo bar', 619 'post_excerpt' => 'This post has foo', 620 ) 621 ); 622 623 add_post_meta( $attachment, '_wp_attached_file', 'some-image1.png', true ); 624 add_filter( 'wp_allow_query_attachment_by_filename', '__return_true' ); 625 626 $q = new WP_Query( 627 array( 628 's' => 'image1', 629 'fields' => 'ids', 630 'post_type' => 'attachment', 631 'post_status' => 'inherit', 632 ) 633 ); 634 635 $this->assertSame( array( $attachment ), $q->posts ); 636 637 /* 638 * WP_Query should have removed the wp_allow_query_attachment_by_filename filter 639 * and thus not match the attachment created above 640 */ 641 $q->get_posts(); 642 $this->assertEmpty( $q->posts ); 631 643 } 632 644 -
branches/5.2/tests/phpunit/tests/rest-api/rest-comments-controller.php
r43571 r54563 2696 2696 'author_name' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2697 2697 'author_user_agent' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2698 2698 2699 ), 2699 2700 array( … … 2704 2705 'author_name' => 'div strong', 2705 2706 'author_user_agent' => 'div strong', 2707 2706 2708 ) 2707 2709 ); … … 2713 2715 'author_name' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2714 2716 'author_user_agent' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2717 2715 2718 ), 2716 2719 array( … … 2721 2724 'author_name' => 'div strong', 2722 2725 'author_user_agent' => 'div strong', 2726 2723 2727 ) 2724 2728 ); … … 2734 2738 'author_name' => '\\\&\\\ & &invalid; < < &lt;', 2735 2739 'author_user_agent' => '\\\&\\\ & &invalid; < < &lt;', 2740 2736 2741 ), 2737 2742 array( … … 2742 2747 'author_name' => '\\\&\\\ & &invalid; < < &lt;', 2743 2748 'author_user_agent' => '\\\&\\\ & &invalid; < < &lt;', 2749 2744 2750 ) 2745 2751 ); … … 2754 2760 'author_name' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2755 2761 'author_user_agent' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2762 2756 2763 ), 2757 2764 array( … … 2762 2769 'author_name' => 'div strong', 2763 2770 'author_user_agent' => 'div strong', 2771 2764 2772 ) 2765 2773 );
Note: See TracChangeset
for help on using the changeset viewer.