Prevent notes from inadvertently showing up in the context of comments - including on the Dashboard recent comments widget and the “Mine” count on the Comments page. Notes are stored as a custom ‘note’ comment type and this change ensures the note type is only returned when explicitly requested, or when ‘all’ types are requested.
The query for note children is modified to return all child notes. This fixes an issue where children were no longer being returned for the ‘note’ type.
Also fixes https://github.com/WordPress/gutenberg/issues/72548.
Props adamsilverstein, timothyblynjacobs, shailu25, peterwilsoncc, westonruter, mamaduka, kadamwhite.
Fixes#64145.
Fixes#64152.
Built from https://develop.svn.wordpress.org/trunk@61105
git-svn-id: http://core.svn.wordpress.org/trunk@60441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds an `auth_callback` to the `_wp_note_status` comment meta so that only users with the `edit_comment` capability can update this meta field via the REST API.
This is necessary to ensure that users can properly resolve or reopen Notes.
Props wildworks, adamsilverstein, westonruter, mamaduka, desrosj.
Fixes#64153.
Built from https://develop.svn.wordpress.org/trunk@61089
git-svn-id: http://core.svn.wordpress.org/trunk@60425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Bring the PHP part of the new Notes feature into core for the 6.9 release. See related Gutenberg Issue: https://github.com/WordPress/gutenberg/issues/71826. These changes do not impact any user facing functionality, they simply prepare core for the JavaScript functionality that will come over in a separate sync.
Overview of changes:
- Ensure Notes are not included in comment counts
- Enable the note type (REST API)
- Adjust capabilities so edit_post cap implies ability to edit notes
- Enable empty and duplicate notes for resolve/re-open actions
- Add control over notes with post type supports check
- Register new note resolution status meta
Props: ristojovanovic, adamsilverstein, jeffpaul, wildworks, mamaduka, swissspidy, timothyblynjacobs, kadamwhite.
Fixes#64096.
Built from https://develop.svn.wordpress.org/trunk@60987
git-svn-id: http://core.svn.wordpress.org/trunk@60323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit corrects some parameter type issues concerning arrays. More specifically:
* `separate_comments()` now correctly indicates that it returns an array of `WP_Comment` objects, keyed by their string types.
* `_close_comments_for_old_posts()` now correctly indicates that it both takes and returns an array of `WP_Post` objects.
Follow-up to [8892], [8897], [8949], [32587], [42876].
Props justlevine, johnbillion.
See #63268.
Built from https://develop.svn.wordpress.org/trunk@60330
git-svn-id: http://core.svn.wordpress.org/trunk@59666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Document that unserialised data types are stored as strings in the database and returned as such by the meta data functions. For example, setting meta data to the integer value `1` will be returned as `"1"` when subsequently queried via `get_metadata()` and the related functions.
Props sukhendu2002, azaozz, jrf, rodrigosprimo.
Fixes ticket:61950.
Built from https://develop.svn.wordpress.org/trunk@59657
git-svn-id: http://core.svn.wordpress.org/trunk@59000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The previous approach of running `wp_allow_comment()` twice could have unintended consequences, e.g. the `check_comment_flood` action was also triggered twice, which might lead to false-positive identification of comment flood in case there is some custom callback hooked to it, which is not expecting identical data seeing twice.
This commit introduces a new function, `wp_check_comment_data()`, to specifically check for disallowed content before and after comment data is filtered.
Follow-up to [59267].
Props david.binda, SergeyBiryukov.
See #61827.
Built from https://develop.svn.wordpress.org/trunk@59319
git-svn-id: http://core.svn.wordpress.org/trunk@58705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that a Disallowed Comment Keys match will consistently send the comment to the Trash, by checking both the original unmodified comment data and the final filtered comment data.
If the first check has already resulted in a `trash` or `spam` status, the second check is skipped as redundant.
Follow-up to [2894], [3851], [48121], [48575].
Props cfinke, kbrownkd, thompsonsj, mi5t4n, devspace, chaion07, engahmeds3ed, SergeyBiryukov.
Fixes#61827.
Built from https://develop.svn.wordpress.org/trunk@59267
git-svn-id: http://core.svn.wordpress.org/trunk@58659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Removes the automatic addition of `rel="noopener noreferrer"` from links targeting a new tab or window, `target='_blank'`. Since this was introduced, supported browsers have changed their security policies and no longer allow the opened link to have JavaScript access to the previous tab.
Deprecates:
* `wp_targeted_link_rel()`
* `wp_targeted_link_rel_callback()`
* `wp_init_targeted_link_rel_filters()`: converted to a noop function
* `wp_remove_targeted_link_rel_filters()`: converted to a noop function
The deprecated functions are retained in `formatting.php` as in `SHORTINIT` mode the file is included while `deprecated.php` is not.
This also removes the `noopener` from links hard coded within the WordPress dashboard linking to documentation and other resources.
Props audrasjb, azaozz, dhruval04, dorzki, neo2k23, presskopp, sabernhardt, swissspidy, tobiasbg.
Fixes#53843.
Built from https://develop.svn.wordpress.org/trunk@59120
git-svn-id: http://core.svn.wordpress.org/trunk@58516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`set_time_limit` can cause unexpected behavior so it general should be avoided. There are instances though where they should be used so those instances should be properly documented.
Props Rcrayno, ryan, kurtpayne, jorbin.
Fixes#21521. See #19487.
Built from https://develop.svn.wordpress.org/trunk@59039
git-svn-id: http://core.svn.wordpress.org/trunk@58435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a note that the functions return either an empty array or an empty string for a valid but non-existing ID, depending on the `$single` parameter.
Follow-up to [48658], [50641].
Props rodrigosprimo, jrf.
See #61608.
Built from https://develop.svn.wordpress.org/trunk@58962
git-svn-id: http://core.svn.wordpress.org/trunk@58358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In cases where `WP_Comment_Query` or `get_comments` is employed with the 'count' parameter set to true, specify 'order by' as 'none'. Since these queries serve solely to determine the count of comments matching specific query parameters, the 'order by' clause becomes redundant and places unnecessary strain on the database server, resulting in slower query execution. Given that count queries are executed on every admin request to retrieve comment counts, this change enhances the performance of the wp-admin interface.
Props guss77, davidbaumwald, SergeyBiryukov, westonruter, peterwilsoncc, foliovision, hareesh-pillai, spacedmonkey.
Fixes#58368
Built from https://develop.svn.wordpress.org/trunk@56747
git-svn-id: http://core.svn.wordpress.org/trunk@56259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].
Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes#58206.
Built from https://develop.svn.wordpress.org/trunk@55988
git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of [55749] wp_queue_comments_for_comment_meta_lazyload is no longer used in core. This commit, deprecates this function. Update docs and tests accordingly.
Props sh4lin, spacedmonkey, costdev, peterwilsoncc.
Fixes#58301.
Built from https://develop.svn.wordpress.org/trunk@55855
git-svn-id: http://core.svn.wordpress.org/trunk@55367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [34270] introduced lazy loading of comment meta. However, this was only in the context of `WP_Query`. Other parts of the codebase, like `WP_Comment_Query` did not lazily load comment meta. In this change, calls to `update_meta_cache` are now replaced with `wp_lazyload_comment_meta`, that instead of priming comment meta caches, just adds them to the queue to be primed it ever called. This results in far less database queries, as there a number of places where comment meta is being primed unnecessarily and never used. Adding everything to the comment meta queue, also means that if comment meta is used, that is all loaded in a single database / cache call.
Follow on from [55671], [55747].
Props spacedmonkey, peterwilsoncc, flixos90, mukesh27.
Fixes#57801.
Built from https://develop.svn.wordpress.org/trunk@55749
git-svn-id: http://core.svn.wordpress.org/trunk@55261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).
WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.
While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.
Follow-up to [52039], [52040], [52326].
Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes#58012.
Built from https://develop.svn.wordpress.org/trunk@55703
git-svn-id: http://core.svn.wordpress.org/trunk@55215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a helper function called `wp_cache_set_last_changed` to set the last changed value for cache groups. This function has a new action called `wp_cache_set_last_changed`, allowing for developers to cache invalidate when last changed value is changed.
Props tillkruess, spacedmonkey, peterwilsoncc, mukesh27, johnjamesjacoby.
Fixes#57905.
Built from https://develop.svn.wordpress.org/trunk@55702
git-svn-id: http://core.svn.wordpress.org/trunk@55214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Per [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#writing-include-require-statements WordPress PHP coding standards], it is ''strongly recommended'' to use `require[_once]` for unconditional includes. When using `include[_once]`, PHP will throw a warning when the file is not found but will continue execution, which will almost certainly lead to other errors/warnings/notices being thrown if your application depends on the file loaded, potentially leading to security leaks. For that reason, `require[_once]` is generally the better choice as it will throw a `Fatal Error` if the file cannot be found.
Follow-up to [1674], [1812], [1964], [6779], [8540], [10521], [11005], [11911], [16065], [16149], [25421], [25466], [25823], [37714], [42981], [45448], [47198], [54276], [55633].
Props kausaralm, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55641
git-svn-id: http://core.svn.wordpress.org/trunk@55153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
