Changeset 54562
- Timestamp:
- 10/17/2022 06:03:55 PM (22 months ago)
- Location:
- branches/5.3
- Files:
-
- 20 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/5.3
- Property svn:mergeinfo changed
/trunk merged: 54521-54530,54541
- Property svn:mergeinfo changed
-
branches/5.3/src/wp-admin/includes/ajax-actions.php
r46421 r54562 2947 2947 // Filter query clauses to include filenames. 2948 2948 if ( isset( $query['s'] ) ) { 2949 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );2949 add_filter( '' ); 2950 2950 } 2951 2951 -
branches/5.3/src/wp-admin/includes/post.php
r46091 r54562 1251 1251 // Filter query clauses to include filenames. 1252 1252 if ( isset( $q['s'] ) ) { 1253 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );1253 add_filter( '' ); 1254 1254 } 1255 1255 -
branches/5.3/src/wp-includes/class-wp-date-query.php
r45932 r54562 150 150 } 151 151 152 if ( isset( $date_query['relation'] ) && 'OR' === strtoupper( $date_query['relation'] )) {153 $this->relation = 'OR';152 if ( isset( $date_query['relation'] ) ) { 153 $this->relation = ; 154 154 } else { 155 155 $this->relation = 'AND'; … … 221 221 $this->validate_date_values( $queries ); 222 222 } 223 224 225 223 226 224 227 foreach ( $queries as $key => $q ) { … … 1040 1043 return $wpdb->prepare( "DATE_FORMAT( $column, %s ) $compare %f", $format, $time ); 1041 1044 } 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1042 1061 } -
branches/5.3/src/wp-includes/class-wp-query.php
r47644 r54562 434 434 public $thumbnails_cached = false; 435 435 436 437 438 439 440 441 442 436 443 /** 437 444 * Cached list of search stopwords. … … 1374 1381 } 1375 1382 1376 $like = $n . $wpdb->esc_like( $term ) . $n; 1377 $search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s))", $like, $like, $like ); 1383 $like = $n . $wpdb->esc_like( $term ) . $n; 1384 1385 if ( ! empty( $this->allow_query_attachment_by_filename ) ) { 1386 $search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s) $andor_op (sq1.meta_value $like_op %s))", $like, $like, $like, $like ); 1387 } else { 1388 $search .= $wpdb->prepare( "{$searchand}(({$wpdb->posts}.post_title $like_op %s) $andor_op ({$wpdb->posts}.post_excerpt $like_op %s) $andor_op ({$wpdb->posts}.post_content $like_op %s))", $like, $like, $like ); 1389 } 1378 1390 $searchand = ' AND '; 1379 1391 } … … 1759 1771 $q = $this->fill_query_vars( $q ); 1760 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1761 1783 // Parse meta query 1762 1784 $this->meta_query = new WP_Meta_Query(); … … 2190 2212 } 2191 2213 2192 if ( ! empty( $this->tax_query->queries ) || ! empty( $this->meta_query->queries ) ) {2214 if ( ! empty( $this->tax_query->queries ) || ! empty( $this->meta_query->queries ) ) { 2193 2215 $groupby = "{$wpdb->posts}.ID"; 2194 2216 } … … 2266 2288 } 2267 2289 $where .= $search . $whichauthor . $whichmimetype; 2290 2291 2292 2293 2268 2294 2269 2295 if ( ! empty( $this->meta_query->queries ) ) { -
branches/5.3/src/wp-includes/comment.php
r47916 r54562 2332 2332 } 2333 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2334 2343 // Escape data pulled from DB. 2335 2344 $comment = wp_slash( $comment ); … … 2341 2350 2342 2351 $commentarr = wp_filter_comment( $commentarr ); 2352 2353 2354 2355 2343 2356 2344 2357 // Now extract the merged array. -
branches/5.3/src/wp-includes/customize/class-wp-customize-header-image-control.php
r45932 r54562 131 131 132 132 <button type="button" class="choice thumbnail" 133 data-customize-image-value="{{ {data.header.url}}}"133 data-customize-image-value="{{}}" 134 134 data-customize-header-image-data="{{JSON.stringify(data.header)}}"> 135 135 <span class="screen-reader-text"><?php _e( 'Set image' ); ?></span> 136 <img src="{{ {data.header.thumbnail_url}}}" alt="{{{data.header.alt_text || data.header.description}}}">136 <img src="{{> 137 137 </button> 138 138 -
branches/5.3/src/wp-includes/customize/class-wp-customize-site-icon-control.php
r46389 r54562 65 65 <img src="{{ data.attachment.sizes.full ? data.attachment.sizes.full.url : data.attachment.url }}" alt="<?php esc_attr_e( 'Preview as a browser icon' ); ?>"/> 66 66 </div> 67 <span class="browser-title" aria-hidden="true"><# print( '<?php bloginfo( 'name'); ?>' ) #></span>67 <span class="browser-title" aria-hidden="true"><# print( '<?php ); ?>' ) #></span> 68 68 </div> 69 69 <img class="app-icon-preview" src="{{ data.attachment.sizes.full ? data.attachment.sizes.full.url : data.attachment.url }}" alt="<?php esc_attr_e( 'Preview as an app icon' ); ?>"/> -
branches/5.3/src/wp-includes/deprecated.php
r46290 r54562 3954 3954 } 3955 3955 } 3956 3957 3958 3959 3960 3961 3962 3963 3964 3965 3966 3967 3968 3969 3970 3971 3972 3973 -
branches/5.3/src/wp-includes/functions.php
r51746 r54562 3165 3165 $html = __( 'The link you followed has expired.' ); 3166 3166 if ( wp_get_referer() ) { 3167 $html .= '</p><p>'; 3168 $html .= sprintf( 3167 $wp_http_referer = remove_query_arg( 'updated', wp_get_referer() ); 3168 $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) ); 3169 $html .= '</p><p>'; 3170 $html .= sprintf( 3169 3171 '<a href="%s">%s</a>', 3170 esc_url( remove_query_arg( 'updated', wp_get_referer() )),3172 esc_url( ), 3171 3173 __( 'Please try again.' ) 3172 3174 ); -
branches/5.3/src/wp-includes/media-template.php
r46777 r54562 1437 1437 <img id="preview-favicon" src="{{ data.url }}" alt="<?php esc_attr_e( 'Preview as a browser icon' ); ?>"/> 1438 1438 </div> 1439 <span class="browser-title" aria-hidden="true"><# print( '<?php bloginfo( 'name'); ?>' ) #></span>1439 <span class="browser-title" aria-hidden="true"><# print( '<?php ); ?>' ) #></span> 1440 1440 </div> 1441 1441 -
branches/5.3/src/wp-includes/pluggable.php
r47959 r54562 312 312 $phpmailer->clearCustomHeaders(); 313 313 $phpmailer->clearReplyTos(); 314 315 314 316 315 317 // From email and name -
branches/5.3/src/wp-includes/post.php
r52470 r54562 1962 1962 * @since 4.5.0 Added the ability to pass a post type name in addition to object. 1963 1963 * @since 4.6.0 Converted the `$post_type` parameter to accept a `WP_Post_Type` object. 1964 1964 1965 * 1965 1966 * @param string|WP_Post_Type $post_type Post type name or object. … … 1969 1970 if ( is_scalar( $post_type ) ) { 1970 1971 $post_type = get_post_type_object( $post_type ); 1972 1971 1973 if ( ! $post_type ) { 1972 1974 return false; … … 1974 1976 } 1975 1977 1976 return $post_type->publicly_queryable || ( $post_type->_builtin && $post_type->public ); 1978 if ( ! is_object( $post_type ) ) { 1979 return false; 1980 } 1981 1982 $is_viewable = $post_type->publicly_queryable || ( $post_type->_builtin && $post_type->public ); 1983 1984 /** 1985 * Filters whether a post type is considered "viewable". 1986 * 1987 * The returned filtered value must be a boolean type to ensure 1988 * `is_post_type_viewable()` only returns a boolean. This strictness 1989 * is by design to maintain backwards-compatibility and guard against 1990 * potential type errors in PHP 8.1+. Non-boolean values (even falsey 1991 * and truthy values) will result in the function returning false. 1992 * 1993 * @since 5.9.0 1994 * 1995 * @param bool $is_viewable Whether the post type is "viewable" (strict type). 1996 * @param WP_Post_Type $post_type Post type object. 1997 */ 1998 return true === apply_filters( 'is_post_type_viewable', $is_viewable, $post_type ); 1999 } 2000 2001 /** 2002 * Determines whether a post status is considered "viewable". 2003 * 2004 * For built-in post statuses such as publish and private, the 'public' value will be evaluated. 2005 * For all others, the 'publicly_queryable' value will be used. 2006 * 2007 * @since 5.7.0 2008 * @since 5.9.0 Added `is_post_status_viewable` hook to filter the result. 2009 * 2010 * @param string|stdClass $post_status Post status name or object. 2011 * @return bool Whether the post status should be considered viewable. 2012 */ 2013 function is_post_status_viewable( $post_status ) { 2014 if ( is_scalar( $post_status ) ) { 2015 $post_status = get_post_status_object( $post_status ); 2016 2017 if ( ! $post_status ) { 2018 return false; 2019 } 2020 } 2021 2022 if ( 2023 ! is_object( $post_status ) || 2024 $post_status->internal || 2025 $post_status->protected 2026 ) { 2027 return false; 2028 } 2029 2030 $is_viewable = $post_status->publicly_queryable || ( $post_status->_builtin && $post_status->public ); 2031 2032 /** 2033 * Filters whether a post status is considered "viewable". 2034 * 2035 * The returned filtered value must be a boolean type to ensure 2036 * `is_post_status_viewable()` only returns a boolean. This strictness 2037 * is by design to maintain backwards-compatibility and guard against 2038 * potential type errors in PHP 8.1+. Non-boolean values (even falsey 2039 * and truthy values) will result in the function returning false. 2040 * 2041 * @since 5.9.0 2042 * 2043 * @param bool $is_viewable Whether the post status is "viewable" (strict type). 2044 * @param stdClass $post_status Post status object. 2045 */ 2046 return true === apply_filters( 'is_post_status_viewable', $is_viewable, $post_status ); 2047 } 2048 2049 /** 2050 * Determines whether a post is publicly viewable. 2051 * 2052 * Posts are considered publicly viewable if both the post status and post type 2053 * are viewable. 2054 * 2055 * @since 5.7.0 2056 * 2057 * @param int|WP_Post|null $post Optional. Post ID or post object. Defaults to global $post. 2058 * @return bool Whether the post is publicly viewable. 2059 */ 2060 function is_post_publicly_viewable( $post = null ) { 2061 $post = get_post( $post ); 2062 2063 if ( ! $post ) { 2064 return false; 2065 } 2066 2067 $post_type = get_post_type( $post ); 2068 $post_status = get_post_status( $post ); 2069 2070 return is_post_type_viewable( $post_type ) && is_post_status_viewable( $post_status ); 1977 2071 } 1978 2072 … … 7100 7194 7101 7195 /** 7102 * Filter the SQL clauses of an attachment query to include filenames.7103 *7104 * @since 4.7.07105 * @access private7106 *7107 * @global wpdb $wpdb WordPress database abstraction object.7108 *7109 * @param array $clauses An array including WHERE, GROUP BY, JOIN, ORDER BY,7110 * DISTINCT, fields (SELECT), and LIMITS clauses.7111 * @return array The modified clauses.7112 */7113 function _filter_query_attachment_filenames( $clauses ) {7114 global $wpdb;7115 remove_filter( 'posts_clauses', __FUNCTION__ );7116 7117 // Add a LEFT JOIN of the postmeta table so we don't trample existing JOINs.7118 $clauses['join'] .= " LEFT JOIN {$wpdb->postmeta} AS sq1 ON ( {$wpdb->posts}.ID = sq1.post_id AND sq1.meta_key = '_wp_attached_file' )";7119 7120 $clauses['groupby'] = "{$wpdb->posts}.ID";7121 7122 $clauses['where'] = preg_replace(7123 "/\({$wpdb->posts}.post_content (NOT LIKE|LIKE) (\'[^']+\')\)/",7124 '$0 OR ( sq1.meta_value $1 $2 )',7125 $clauses['where']7126 );7127 7128 return $clauses;7129 }7130 7131 /**7132 7196 * Sets the last changed time for the 'posts' cache group. 7133 7197 * -
branches/5.3/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
r46422 r54562 73 73 // Filter query clauses to include filenames. 74 74 if ( isset( $query_args['s'] ) ) { 75 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );75 add_filter( '' ); 76 76 } 77 77 -
branches/5.3/src/wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php
r46469 r54562 136 136 137 137 /** 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 138 167 * Checks if a request has access to read terms in the specified taxonomy. 139 168 * … … 145 174 public function get_items_permissions_check( $request ) { 146 175 $tax_obj = get_taxonomy( $this->taxonomy ); 176 147 177 if ( ! $tax_obj || ! $this->check_is_taxonomy_allowed( $this->taxonomy ) ) { 148 178 return false; 149 179 } 180 150 181 if ( 'edit' === $request['context'] && ! current_user_can( $tax_obj->cap->edit_terms ) ) { 151 return new WP_Error( 'rest_forbidden_context', __( 'Sorry, you are not allowed to edit terms in this taxonomy.' ), array( 'status' => rest_authorization_required_code() ) ); 152 } 182 return new WP_Error( 183 'rest_forbidden_context', 184 __( 'Sorry, you are not allowed to edit terms in this taxonomy.' ), 185 array( 'status' => rest_authorization_required_code() ) 186 ); 187 } 188 189 if ( ! empty( $request['post'] ) ) { 190 $post = get_post( $request['post'] ); 191 192 if ( ! $post ) { 193 return new WP_Error( 194 'rest_post_invalid_id', 195 __( 'Invalid post ID.' ), 196 array( 197 'status' => 400, 198 ) 199 ); 200 } 201 202 if ( ! $this->check_read_terms_permission_for_post( $post, $request ) ) { 203 return new WP_Error( 204 'rest_forbidden_context', 205 __( 'Sorry, you are not allowed to view terms for this post.' ), 206 array( 207 'status' => rest_authorization_required_code(), 208 ) 209 ); 210 } 211 } 212 153 213 return true; 154 214 } -
branches/5.3/src/wp-includes/widgets.php
r46451 r54562 1497 1497 if ( is_wp_error( $rss ) ) { 1498 1498 if ( is_admin() || current_user_can( 'manage_options' ) ) { 1499 echo '<p><strong>' . __( 'RSS Error:' ) . '</strong> ' . $rss->get_error_message() . '</p>';1499 echo '<p><strong>' . __( 'RSS Error:' ) . '</strong> ' . ) . '</p>'; 1500 1500 } 1501 1501 return; … … 1620 1620 1621 1621 if ( ! empty( $args['error'] ) ) { 1622 echo '<p class="widget-error"><strong>' . __( 'RSS Error:' ) . '</strong> ' . $args['error']. '</p>';1622 echo '<p class="widget-error"><strong>' . __( 'RSS Error:' ) . '</strong> ' . . '</p>'; 1623 1623 } 1624 1624 -
branches/5.3/src/wp-mail.php
r45932 r54562 65 65 wp_die( __( 'There doesn’t seem to be any new mail.' ) ); 66 66 } 67 68 69 67 70 68 71 for ( $i = 1; $i <= $count; $i++ ) { … … 132 135 $author = sanitize_email( $author ); 133 136 if ( is_email( $author ) ) { 134 /* translators: %s: Post author email address. */135 echo '<p>' . sprintf( __( 'Author is %s' ), $author ) . '</p>';136 137 $userdata = get_user_by( 'email', $author ); 137 138 if ( ! empty( $userdata ) ) { -
branches/5.3/src/wp-trackback.php
r42343 r54562 13 13 wp( array( 'tb' => '1' ) ); 14 14 } 15 16 17 15 18 16 19 /** -
branches/5.3/tests/phpunit/tests/query/search.php
r43571 r54562 456 456 457 457 add_post_meta( $attachment, '_wp_attached_file', 'some-image1.png', true ); 458 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );458 add_filter( '' ); 459 459 460 460 // Pass post_type a string value. … … 486 486 487 487 add_post_meta( $attachment, '_wp_attached_file', 'some-image2.png', true ); 488 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );488 add_filter( '' ); 489 489 490 490 // Pass post_type an array value. … … 545 545 add_post_meta( $attachment, '_wp_attached_file', 'some-image4.png', true ); 546 546 add_post_meta( $attachment, '_test_meta_key', 'value', true ); 547 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );547 add_filter( '' ); 548 548 549 549 // Pass post_type a string value. … … 585 585 586 586 add_post_meta( $attachment, '_wp_attached_file', 'some-image5.png', true ); 587 add_filter( ' posts_clauses', '_filter_query_attachment_filenames' );587 add_filter( '' ); 588 588 589 589 // Pass post_type a string value. … … 610 610 * @ticket 22744 611 611 */ 612 public function test_filter_query_attachment_filenames_unhooks_itself() { 613 add_filter( 'posts_clauses', '_filter_query_attachment_filenames' ); 614 615 apply_filters( 616 'posts_clauses', 617 array( 618 'where' => '', 619 'groupby' => '', 620 'join' => '', 621 'orderby' => '', 622 'distinct' => '', 623 'fields' => '', 624 'limit' => '', 625 ) 626 ); 627 628 $result = has_filter( 'posts_clauses', '_filter_query_attachment_filenames' ); 629 630 $this->assertFalse( $result ); 612 public function test_wp_query_removes_filter_wp_allow_query_attachment_by_filename() { 613 $attachment = self::factory()->post->create( 614 array( 615 'post_type' => 'attachment', 616 'post_status' => 'publish', 617 'post_title' => 'bar foo', 618 'post_content' => 'foo bar', 619 'post_excerpt' => 'This post has foo', 620 ) 621 ); 622 623 add_post_meta( $attachment, '_wp_attached_file', 'some-image1.png', true ); 624 add_filter( 'wp_allow_query_attachment_by_filename', '__return_true' ); 625 626 $q = new WP_Query( 627 array( 628 's' => 'image1', 629 'fields' => 'ids', 630 'post_type' => 'attachment', 631 'post_status' => 'inherit', 632 ) 633 ); 634 635 $this->assertSame( array( $attachment ), $q->posts ); 636 637 /* 638 * WP_Query should have removed the wp_allow_query_attachment_by_filename filter 639 * and thus not match the attachment created above 640 */ 641 $q->get_posts(); 642 $this->assertEmpty( $q->posts ); 631 643 } 632 644 -
branches/5.3/tests/phpunit/tests/rest-api/rest-comments-controller.php
r46433 r54562 2739 2739 'author_name' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2740 2740 'author_user_agent' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2741 2741 2742 ), 2742 2743 array( … … 2747 2748 'author_name' => 'div strong', 2748 2749 'author_user_agent' => 'div strong', 2750 2749 2751 ) 2750 2752 ); … … 2756 2758 'author_name' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2757 2759 'author_user_agent' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2760 2758 2761 ), 2759 2762 array( … … 2764 2767 'author_name' => 'div strong', 2765 2768 'author_user_agent' => 'div strong', 2769 2766 2770 ) 2767 2771 ); … … 2777 2781 'author_name' => '\\\&\\\ & &invalid; < < &lt;', 2778 2782 'author_user_agent' => '\\\&\\\ & &invalid; < < &lt;', 2783 2779 2784 ), 2780 2785 array( … … 2785 2790 'author_name' => '\\\&\\\ & &invalid; < < &lt;', 2786 2791 'author_user_agent' => '\\\&\\\ & &invalid; < < &lt;', 2792 2787 2793 ) 2788 2794 ); … … 2797 2803 'author_name' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2798 2804 'author_user_agent' => '<div>div</div> <strong>strong</strong> <script>oh noes</script>', 2805 2799 2806 ), 2800 2807 array( … … 2805 2812 'author_name' => 'div strong', 2806 2813 'author_user_agent' => 'div strong', 2814 2807 2815 ) 2808 2816 );
Note: See TracChangeset
for help on using the changeset viewer.