__group__ ticket summary owner component _version priority severity milestone type _status workflow _created modified _description _reporter Future Releases 45958 Errors displayed on shutdown handler Bootstrap/Load high normal Awaiting Review defect (bug) new has-patch 2019-01-12T13:59:04Z 2019-09-16T16:09:54Z "PHP errors are displayed on shutdown handler screen for REST API requests. See attached screenshot." spacedmonkey Future Releases 56780 shortcode block in block-based template part in a classic theme does not get expanded costdev Editor 6.1 high normal 6.6 defect (bug) assigned changes-requested 2022-10-10T14:03:01Z 2024-02-23T13:12:44Z "While testing the new feature in 6.1 (w/ 6.1-beta3) for a classic theme to include block-based template parts, I discovered that shortcode blocks in such template parts are not expanded (their render callbacks are not called). The details are in my [https://make.wordpress.org/core/2022/10/04/block-based-template-parts-in-traditional-themes/#comment-43901 comment on the Dev Note] announcing this new feature. Note: creating the ticket here in Trac, rather than the GB GitHub, because that's where @mamaduka asked me to open in" pbiron Future Releases 17133 Code Editor: Register ctrl + s event for plugin/theme editor Plugins 3.1 high normal Future Release enhancement new has-patch 2011-04-14T12:20:34Z 2023-11-28T19:29:05Z Often when modifying code or writing a post using the wordpress editor I instinctively hit ctrl + s to save it. Up pops the save website dialog which I then have to close. In Gmail when I hit ctrl+ s it saves the email to drafts. I think a similar thing would be useful for wordpress. jcnetsys Future Releases 54582 Problem with deleting old files at the end of a core update when the filesystem is case-insensitive SergeyBiryukov* Upgrade/Install high major Future Release defect (bug) accepted changes-requested 2021-12-05T22:53:38Z 2023-01-12T20:13:49Z "WP 5.9 updates the external Requests library (used by [https://developer.wordpress.org/reference/functions/wp_remote_get/ wp_remote_get()], et. al). As part of that update, a number of filenames have changed in case only, e.g. * wp-includes/Requests/IRI.php => wp-includes/Requests/Iri.php * wp-includes/Requests/Transport/cURL.php => wp-includes/Requests/Transport/Curl.php When updating to 5.9-beta1 via `wp-cli` on a system that uses a case-insensitive filesystem (not only Windows, but that's the most obvioous example) via the `wp core update --version=5.9-beta` command, all those files that have been renamed in case only get incorrectly deleted (in [https://github.com/wp-cli/core-command/blob/5d5cc4631381cad926b5c73841df31250cc8ff5e/src/Core_Command.php#L1352 Core_Command::cleanup_extra_files()]) which results in PHP fatal error(s). This was discovered during the 5.9-beta1 release party, and an [https://github.com/wp-cli/core-command/issues/195 issue was created] against that wp-cli command. Core has it's own means on deleting files from previous releases, but it doesn't come into play until a major release package to built. [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/update-core.php#L21 wp-admin/includes/update-core.php] defines the `$_old_files` array that contains files from all previous WP versions that should be deleted by core after an update has been performed. That array is not amended until just before the `major` version package is created (see [https://make.wordpress.org/core/handbook/about/release-cycle/releasing-major-versions/#dry-run Releasing Major Versions] in the Core Handbook]. I've been experimenting and I think the exact same thing will happen when 5.9 is is released and sites are updated via the Dashboard. To test this hypothesis I did the following on a Windows machine (with basically a WAMP stack): 1. Installed 5.8.2 2. Edited `wp-admin/includes/class-core-upgrader.php` and added `global $_old_files; $_old_files[] = 'wp-includes/Requests/IRI.php';` just before [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/class-core-upgrader.php#L172 line 172]. This simulates that file being added to the `$_old_files` array in [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/update-core.php#L21 wp-admin/includes/update-core.php] of the 5.9 release package. 3. Added `define( 'WP_AUTO_UPDATE_CORE', 'beta' );` to `wp-config.php`. This allows core to update to 5.9-beta1 in `Dashboard > Updates` (without the need for wp-cli nor the [https://wordpress.org/plugins/wordpress-beta-tester Beta Tester plugin]. 4. Went to `Dashboard > Updates` and clicked on the `Update to version 5.9-beta1` button 5. When the update finished, I looked on disk and found that neither `wp-includes/Requests/IRI.php` nor `wp-includes/Requests/Iri.php` existed 6. Went back to `Dashboard > Updates` (which causes [https://developer.wordpress.org/reference/functions/wp_version_check/ wp_version_check()], and thus `wp_remote_get()`, to be called...resulting in a fatal error (`Fatal error: Uncaught Error: Class 'WpOrg\Requests\Iri' not found in ABSPATH\wp-includes\Requests\Requests.php on line 682`) One might thing that to avoid this problem, any files whose name case in case only just shouldn'd be added to `$_old_files`. Unfortunately, that would be bad for sites with case-senstive filesystems, because then files with both filenames would exist on disk after the update (e.g., both `wp-includes/Requests/Iri.php` and /wp-includes/Requests-IRI.php`). To prove this to myself, I then did the following on a machine with a case-sensitive filesystem (centos 7): 1. installed 5.8.2 2. Added `define( 'WP_AUTO_UPDATE_CORE', 'beta' );` to `wp-config.php` 3. Went to `Dashboard > Updates` and clicked on the `Update to version 5.9-beta1` button 4. When the update finished, I looked on disk and found that both `wp-includes/Requests/IRI.php` and `wp-includes/Requests/Iri.php` existed 5. Rolled back to 5.8.2 6. Edited `wp-admin/includes/class-core-upgrader.php and added `global $_old_files; $_old_files[] = 'wp-includes/Requests/IRI.php';` just before line 172 7. Went to `Dashboard > Updates` and clicked on the `Update to version 5.9-beta1` button 8. When the update finished, I looked on disk and found that only `wp-includes/Requests/Iri.php` existed, as it should be As mentioned, I've only tested these hypotheses on Windows and linux (centos). It would be great if someone could test on MacOS (in both it's case-sensitive and case-insensitive filesystem configurations)!!! What do I think should be done to solve this? The ""delete old files"" routines in both core and wp-cli should check whether the filesystem is case-insensitive and, if so, not delete files whose names have changed only in case (note: the current [https://github.com/wp-cli/core-command/pull/196 PR] against wp-cli's `wp core update` command doesn't yet do this). I've been experimenting with how to detect whether the filesystem is case-insensitive (hint: just checking the OS is **not** sufficient, for a number of reasons). I'll add some comments about this after I finish opening this ticket. Related: #54546, #54547, https://github.com/wp-cli/core-command/issues/195" pbiron Next Release 59930 Problems pulling relevant MySQL Docker container desrosj Build/Test Tools normal normal 6.5 defect (bug) reopened has-patch 2023-11-17T19:01:53Z 2024-02-27T18:38:28Z "Recently, I started receiving this error on my Apple Silicone machine. {{{ no matching manifest for linux/arm64/v8 in the manifest list entries node:child_process:935 throw err; ^ Error: Command failed: docker-compose up -d wordpress-develop at checkExecSyncError (node:child_process:861:11) at execSync (node:child_process:932:15) at Object. (Sites/wordpress-svn/trunk/tools/local-env/scripts/start.js:22:1) at Module._compile (node:internal/modules/cjs/loader:1198:14) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10) at Module.load (node:internal/modules/cjs/loader:1076:32) at Function.Module._load (node:internal/modules/cjs/loader:911:12) at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12) at node:internal/main/run_main_module:22:47 { status: 18, signal: null, output: [ null, null, null ], pid: 17288, stdout: null, stderr: null } }}} I'm not sure what happened to cause these errors to start, but any `pull` or `start` commands where the environment had not been set up previously fail." desrosj Next Release 60398 "WordPress 6.4.3 MacOS/Linux Compressed Zip plugin archives ""Incompatible Archive"" on upload" peterwilsoncc Upload 6.4.3 normal normal 6.4.4 defect (bug) reopened commit 2024-01-31T11:42:20Z 2024-03-06T08:44:43Z "If I zip a plugin folder using MacOS right-click Compress command in the contextual menu, those archives are no longer accepted when using upload plugin. It returns ""Incompatible Archive"". This has worked up until now. Probably related to recent security updates for the plugin and theme uploader. If I create a zip on the command line of the same folder that works correctly." Endymion00 Future Releases 36201 Admin Pagination URLs Use Wrong Hostname Administration normal normal Future Release defect (bug) reopened dev-feedback 2016-03-10T21:18:06Z 2024-02-01T00:58:46Z "The pagination links on the posts/pages screen uses the wrong host in some cases. Particularly for my case I have a Wordpress blog installed on a separate server from my main website, but it's hosted as a subdirectory `/blog` on the main site using the `mod_proxy` Apache module. So the pagination links are coming through using the wrong host like this: http://1647760595.us-east-1.elb.amazonaws.com/wp-admin/edit.php?paged=2 It seems like these pagination links are the only ones with this issue, and I believe it's because of how they are being constructed. I've attached a patch that solves the issue for me. -Garrett" grimmdude Future Releases 38809 Better wp namespace in password-strength-meter.js Administration normal normal Future Release defect (bug) reviewing close 2016-11-15T23:27:37Z 2022-03-30T20:52:46Z "Currently, `password-strength-meter.js` uses this pattern to pass the wp object as argument: {{{ window.wp = window.wp || {}; var passwordStrength; (function($){ wp.passwordStrength = { ... })(jQuery); }}} so `wp` inside the IIFE is, technically, undefined, even if WordPress considers `wp` a global object. Also the first line is pointless if then `window.wp` is not passed as argument." afercia Future Releases 58639 Entity Name vs. Entity Number, for 6.4 Administration normal normal Awaiting Review defect (bug) new has-patch 2023-06-27T06:18:42Z 2023-06-27T06:18:42Z "This is a follow up ticket to #30796, which had some changes included in WordPress 6.3. See that ticket for discussion and history. The list of @sabernhardt findings of strings using `’`: [https://docs.google.com/spreadsheets/d/1HrJsZSuTfWeAiZFu1STBrhrMT6U49qeeb26-cjUIiFo/edit?usp=sharingText strings with the apostrophe character code] A PR at GitHub with some changes implemented from that list: [https://github.com/WordPress/wordpress-develop/pull/4672 PR #4672]" kebbet Future Releases 32017 Fix class name typo from 'hndle' to 'handle' Administration normal normal Awaiting Review defect (bug) new has-patch 2015-04-19T15:43:53Z 2020-01-16T21:20:54Z The typo was introduced in [8682] changeset. michalzuber Future Releases 48881 Fix inline SVG error with wp_admin_css_color Administration normal normal Awaiting Review defect (bug) new reporter-feedback 2019-12-05T04:31:07Z 2023-05-30T18:35:46Z "To get to the point, `url-friendly-colour` in `wp-admin/css/colors/_admin.scss` currently has: `@return '%23' + str-slice( '#{ $color }', 2, -1 );` but both Firefox and Safari (possibly others) are having an issue with CSS generated based on this (at least inline SVG assets). Safari (and possibly others) doesn't like the fact that `'` is used to wrap the str-slice color value since inline SVG assets are using `'` to wrap the parameters/attributes so it then breaks the SVG's syntax by having that value use `'` within itself being wrapped in a `'`. Then, Firefox (and possibly others) doesn't like the fact that `#` is used within an inline SVG since it's expecting `%23` as with the rest of the SVG being encoded. I've found that switching this out for: `@return '%23' + str-slice( %23{ $color }, 2, -1 );` resolves these issues experienced by both of these web browsers (and possibly others.) I haven't tested thoroughly for any potential side-effects, but I don't foresee all that much given how little it seems like `url-friendly-colour` is used (with this then just resolving browser issues for its current usage.) Btw, I came across this with the Admin Color Schemer plugin (with it patched for PHP 7.x per the approved code on its GitHub; not sure why it hasn't been pushed out to WP.org yet... the dev should maybe do that. Either way, this plugin is using WP's own `_admin.scss` and it's not creating compliant results, currently, and this should resolve that issue.)" KZeni Future Releases 42002 Improve the accordions accessibility joedolson* Administration normal normal 6.6 defect (bug) accepted changes-requested 2017-09-27T07:46:56Z 2024-03-01T05:43:44Z "Splitting this out from #37013, props to monikarao, xavortm, mihai2u, Kopepasah for the work done there. In #37013 was noted that the toggle ""arrows"" of the accordions in the Menus screen don't have the circular shape to indicate keyboard focus. This is inconsistent with other similar controls that do use the circular focus and could be improved. [[Image(https://cldup.com/WXR2bcgPQp.png)]] However, the accordions in the Menus screen are generated with `do_accordion_sections()`: plugins or themes might use this function for their own purposes and any change here should be carefully considered and well communicated. In core, as far as I see, the Menus screen is the only place where `do_accordion_sections()` is used. In other places, for example the Customizer, the accordions markup is output by a custom implementation. The JS part instead, if I'm not wrong, is still shared and uses `accordion.js`. This would be also a good opportunity to improve the accordions accessibility in core and standardize all the different implementations. I'd recommend to follow the example on the ARIA Authoring Practices, see https://www.w3.org/TR/wai-aria-practices/#accordion and see the example on https://www.w3.org/TR/wai-aria-practices/examples/accordion/accordion.html where the accordion ""titles"" use a button inside a heading (note: the example uses `
` because it's an ARIA example :) that's equivalent to a heading)." afercia Future Releases 37712 Opacity not applied to admin menu icon when it selected Administration normal normal Future Release defect (bug) new has-patch 2016-08-18T08:09:28Z 2020-11-20T01:26:01Z "Opacity not applied to single menu with custom menu logo when it selected. But it work fine where menu has sub-menu and following css applied for it. {{{ #adminmenu li.menu-top:hover .wp-menu-image img, #adminmenu li.wp-has-current-submenu .wp-menu-image img { opacity: 1; } }}} So here css rule missing for single menu with custom menu logo. When I applied following css then it work fine. {{{ #adminmenu li.menu-top.current .wp-menu-image img { opacity: 1; } }}} " chandrapatel Future Releases 9716 WordPress Theme/Plugin editor adds blank lines Administration 2.7.1 normal normal Future Release defect (bug) reopened has-patch 2009-05-03T20:32:01Z 2022-07-13T19:45:44Z "When I edit theme css in theme editor in WP admin !WordPress reformats my CSS and adds a blank life between entrys in css. it adds a cr and line break .... In other words if you have a 100 line css download with FTP look at in text editor it is now 200 lines as WP added blank lines to css it should not be adding things to the CSS? It may only do this when it wraps window but I think not it appears to add blank lines. Imagine the damage to a 1000 line CSS it spaces every entry by 1 line!!!!!!!!!!!!!! It stiil works but it messes it up. THAT IS COFIRMED ONE EDIT DOUBLE SPACE ENTIRE CSS... VERY BAD Here is part of the problem but not the double space in total. When you down load the file in FTP and it is in windows encoding the line endings. So you ftp back and all is fine. Now you are at the coffee shop and what a quick change, so you login to WP admin and theme editor edit CSS. Now you get home and download in ftp to continue your work on CSS. The file is now mac formatted (or thinks it is) so when you edit the line endings do not contain the right line breaks for windows OR WP theme editor as it ignores them. This explains the wierd spacing though not the double spacing .... why is it converting to mac and yet ignores mac?! weird.. it adds a CR tag must be bug again though its still double spacing on edit IN windows line ending though if you down load cSS its tagged mac format... Use notepad 2 or Note pad plus to see the error. When ever you edit with !WordPress editor it adds cr and says css is now mac formatted. FTP download the file and now see all the extra CR's it adds. So it likes CR only so I convert to CR only and it beaks CSS it wants CR LF to work but if that is the case why does the online editor add CR only????????????????????????? " Vistronic Future Releases 47690 remove_submenu_page() doesn't remove corresponding entry from $_wp_submenu_nopriv johnbillion Administration normal normal Future Release defect (bug) reviewing dev-feedback 2019-07-12T10:41:09Z 2020-04-13T10:43:50Z "It can sometimes be desirable to give access to a submenu to a user that wouldn't normally have access to it. Calling `remove_submenu_page()` and then calling `add_submenu_page()` to re-register the screen with a different user capability doesn't work completely because the entry that gets added to the `$_wp_submenu_nopriv` global by `add_submenu_page()` doesn't get removed by `remove_submenu_page()`. This means the menu item appears but access to the screen is denied when `user_can_access_admin_page()` is called, resulting in a `Sorry, you are not allowed to access this page` error. " johnbillion Future Releases 32940 Add IDs to Admin Hyperlinks Administration 4.3 normal normal Future Release enhancement new dev-feedback 2015-07-09T12:18:59Z 2020-02-15T22:37:53Z "Suggestion: add Ids to the primary admin interface hyperlinks. Adding IDs to primary anchor tags in the admin UI makes it far easier to create and maintain UI test suites such as Selenium IDE. UI testing catches problems that phpUnit is not designed to address. Example: Pages / Add New xpath = /html/body/div/div[1]/div[2]/ul/li[5]/ul/li[3]/a css = html.wp-toolbar body.wp-admin.wp-core-ui.js.edit-php.auto-fold.admin-bar.post-type-page.branch-4-3.version-4-3.admin-color-fresh.locale-en-us.customize-support.sticky-menu.svg div#wpwrap div#adminmenumain div#adminmenuwrap ul#adminmenu li#menu-pages.wp-has-submenu.wp-has-current-submenu.wp-menu-open.menu-top.menu-icon-page ul.wp-submenu.wp-submenu-wrap li a Would be nice to reference key elements with things like a#menu-page-add-new instead. Especially when updates to WP Core change the higher level HTML DOM classesor structures. " charlestonsw Future Releases 47165 Admin menu: submenu for active menu doesn't have box-shadow Administration normal normal Awaiting Review enhancement new dev-feedback 2019-05-07T08:49:12Z 2020-08-03T17:12:39Z Submenu for active menu doesn't have box-shadow, please check screenshots. man4toman Future Releases 35554 De-emphasise WordPress Version in the admin Administration normal normal Future Release enhancement new has-patch 2016-01-21T09:54:32Z 2022-05-06T10:49:33Z "Currently WordPress is very proud of the version it's running - but version strings are not exactly the most important piece of information to a regular user. I'd like to bring it back to displaying only the major version (ie. `Version 4.4`, not `Version 4.4.1`). A few of us have kicked the idea around over the years, and making the version number less specific as we move towards faster point releases really makes a lot of sense. There's two options which could be taken: 1. Simply bring it back to x.y (`Version 4.4`). attachment:major.minor.diff 2. Remove it entirely, including the `You are running WordPress x.y.z running Theme X theme.` message in the at-a-glance widget. attachment:remove-all-version-mentions.diff The second option is a harder-line approach, but removes information that most users have no need to see most of the time. They'll still see update nags when a new version comes out (Well, except for the million or more of sites which choose to enable automatic updates for major versions too) and the version string will always be available on the update screen where it's useful." dd32 Future Releases 26571 "Increase flexibility of ""At a Glance"" Dashboard Widget to match ""Right Now"" Widget" chriscct7 Administration 3.8 normal normal Future Release enhancement reviewing needs-docs 2013-12-12T18:00:27Z 2021-06-01T13:48:46Z "Following the changes in #26495, the ""At a Glance"" Dashboard widget is now much less flexible for extending. Primarily, the issue is the new `dashboard_glance_items` filter which is significantly less flexible than the previous collection of actions. Two main issues: 1. The filter forces all items to be in a single list along with the core ""glance items."" 1. The filter does not add any classes to added list items, making them impossible to style. This last issue is particularly bad, since a class is required to change the icon associated with a list item in the ""At a Glance"" list. Here's a use case for why a more flexible filter or an action following the list but before Version and Privacy info is important from my plugin Post Status Menu Items: [[Image(http://mrwweb.com/files/wp-trac/at-a-glance-statuses.png)]] Note the separate list and list-item icons. To get that at the present time, I had to hack out of the existing list with an empty list item in the first list and a new empty list with one empty item at the end: {{{ ...
  • 28 Comments
  • Post Statuses

    }}} At a bare minimum, the filter should allow for classes, and the ability to create multiple lists would be even better. There is a `rightnow_end` action, but it comes after the version and privacy information which feels like a ""footer"" to me. The easiest solution for allowing separate lists and wouldn't require reverting #26495 would be to simply add an action following the closing tag of the At a Glance list. Then the `dashboard_glance_items` could just be extended a bit to add unique classes for styling." mrwweb Future Releases 38238 Sorting a list table by some kind of count should default to DESC initially helen Administration normal normal Awaiting Review enhancement reviewing has-patch 2016-10-05T21:32:01Z 2020-06-29T11:01:52Z "List tables that can be sorted by some kind of count (posts with that term, comments on that post, etc.) should likely use `DESC` for that sort initially, as more frequent user workflows involve wanting to see things with many X (popularity/usage), as opposed to items with no X (cleanup). For example, you may want to see which categories are most popular (related: #36964) or which posts have generated a lot of comments. Should also consider how sortable custom columns indicate whether to use `ASC` or `DESC` initially." helen Future Releases 46973 Suggestion for selection boxes in Reading setting > settings > Dashboard Administration 5.2 normal normal Awaiting Review enhancement new dev-feedback 2019-04-18T09:46:30Z 2019-04-19T13:17:28Z "Hello, I got across with a suggestion while going through Reading setting > Setting > Dashboard. It would be more convenient if the two selection box(under Reading setting header) will be placed side by side using the white space right side. It will enhance the user experience and will result in clean design." monarkpatel Future Releases 60770 TimeZone select box compatibility with RTL directions Administration trunk normal normal Awaiting Review enhancement new has-patch 2024-03-13T15:35:10Z 2024-03-13T16:55:59Z "This patch fixes the time zone select box compatibility with RTL directions It sets auto direction which makes the options value compatible with both RTL and LTR directions " farhad0 Future Releases 27888 Feature request: `get_current_admin_url()` and `get_current_admin_hook()` lucatume Administration 3.9 normal normal Awaiting Review feature request assigned needs-unit-tests 2014-04-18T12:22:45Z 2019-12-11T20:16:46Z "It would be sweet if to be able to get the current page's url using some kind of API. And its hook, for that matter. For instance: {{{ public function get_current_admin_page_url() { if (!is_admin()) { return false; } global $pagenow; global $typenow; global $taxnow; global $plugin_page; $url = $pagenow; if (!empty($plugin_page)) { $url .= '?page='.$plugin_page; } elseif (!empty($typenow)) { $url .= '?post_type='.$typenow; } elseif (!empty($taxnow)) { $url .= '?taxonomy='.$taxnow; } return $url; } }}} And something similar for `get_current_admin_hook()`." Denis-de-Bernardy Future Releases 41535 Prevent or warn about offline status before submitting a form Administration normal normal Awaiting Review feature request new has-patch 2017-08-02T15:09:27Z 2019-02-19T21:40:41Z "For browsers that support it, the `navigator.online` property reliably indicates that the browser is offline (the inverse isn't true, but it doesn't matter). Prior to submission of a form in the admin area (for example the post editing screen form), WordPress should check the value of `navigator.online` and present a prompt to the user stating that they appear to be offline. They can close the prompt or, optionally, ignore it and continue with the form submission. This functionality would help prevent data loss when a user submits a form while they don't have an internet connection." johnbillion Future Releases 43760 Create a revision when autosaving if the content has changed significantly Autosave normal normal Future Release enhancement new dev-feedback 2018-04-13T13:08:12Z 2019-09-19T20:52:21Z "Sometimes a user may edit a post for hours without saving it. We have autosaves to prevent any data loss. However in some cases there may be an user or a server error and the content may not be submitted or the post may be ""empty"". This doesn't happen often, but is usually devastating for the users. They just lost hours of work! To safeguard against these cases, we can create post revisions when the autosave data is significantly different than the existing post." azaozz Future Releases 41180 ABSPATH definition - incorrect on chrooted vhost Bootstrap/Load 4.8 normal normal Awaiting Review defect (bug) new has-patch 2017-06-27T08:17:39Z 2019-02-04T17:41:03Z "ABSPATH defined in wp-load.php (and in other files) returns incorrect string on chrooted vhosts (double slash '/' instead of a single): {{{#!php > 588 tests completed with 0 failed, 0 skipped, and 0 todo. >> 1738 assertions (in 8024ms), passed: 1738, failed: 0 }}} Looking into this a little I was able to resolve these by updating the `tests/qunit/index.html` to use localhost for the ajax urls. Uploading patch but am unsure if it's the correct action, seems to work nicely for me at least and suppresses the error." garrett-eclipse Future Releases 36786 Can't pass filter names to `MockAction::get_call_count()` Build/Test Tools normal normal Future Release defect (bug) new has-patch 2016-05-09T04:20:03Z 2021-09-03T08:15:40Z "The first of these tests works as expected, but the second generates an ""Undefined index"" notice. {{{#!php assertSame( 1, $ma->get_call_count( 'action' ) ); } function test_get_call_count_filter() { $filter = rand_str(); $ma = new MockAction(); add_filter( $filter, array( $ma, 'filter' ) ); apply_filters( $filter, rand_str() ); $this->assertSame( 1, $ma->get_call_count( 'filter' ) ); } }}} The attached patch attempts to fix the notice and allow passing filter names to `get_call_count()`. " dlh Future Releases 41978 `_delete_all_data()` does not delete attachment files johnbillion Build/Test Tools 4.7 normal normal Future Release defect (bug) reviewing has-patch 2017-09-25T14:30:55Z 2019-01-16T03:23:14Z "The `_delete_all_data()` function is called by `WP_UnitTestCase::wpTearDownAfterClass()`. The function deletes all the contents of the posts table in the tests database. However it does not delete any attachment files. So when you create a shared attachment fixture in `WP_UnitTestCase::wpSetUpBeforeClass()`, `_delete_all_data()` will delete the attachment post in `WP_UnitTestCase::wpTearDownAfterClass()`, but leave the file. There is no way to manually delete the attachment file in `wpTearDownAfterClass()`, because the attachment id no longer exists, and `wp_delete_attachment()` will therefore fail. The solution: Instead of a direct SQL query, `_delete_all_data()` should use `_delete_all_posts()`, which accounts for attachments." Frank Klein Future Releases 54152 Core posts e2e tests Build/Test Tools normal normal Awaiting Review enhancement new has-patch 2021-09-21T07:39:50Z 2021-09-23T12:24:38Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for Core posts e2e tests." justinahinon Future Releases 54151 Dashboard widgets e2e tests justinahinon Build/Test Tools normal normal Awaiting Review enhancement assigned has-patch 2021-09-21T07:35:18Z 2021-09-21T12:16:01Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for dashboard widgets." justinahinon Future Releases 47256 Use composer to install and update external PHP libraries Build/Test Tools 5.2 normal normal Awaiting Review enhancement new has-patch 2019-05-13T18:23:42Z 2019-09-17T14:04:26Z "As of WordPress 5.2, the minimum version of PHP requires was changed to 5.6. This opens up some options around how PHP dependencies can be managed. [https://getcomposer.org/ Composer] is a popular PHP dependency manager similar to npm or yarn for javascript. WordPress core has support already got [https://github.com/WordPress/wordpress-develop/commit/39a145e0e1e442b4bed8921029c86800a804af60#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780 support for composer] since 4.7. Since 5.0, many of the javascript dependancies are now loaded in using npm, php should have a similar build step. Here are a list of dependancies that could be loaded in using composer. - [https://github.com/JamesHeinrich/getID3 ID3] - [https://github.com/rmccue/Requests Requests] - [https://github.com/LeoColomb/pomo Pomo] - [https://github.com/simplepie/simplepie SimplePie] - [https://github.com/paragonie/sodium_compat sodium_compat] - [https://github.com/paragonie/random_compat random_compat] - [https://github.com/pear/Text_Diff Text_Diff] If there are modification to these library in core, these libraries should be forked and maintained outside of core. Composer has a custom install path feature, that may allow us to maintain the current file structure. However, it may mean creating a new vendor directory (wp_vendor) and use autoloading. Loading composer these via composer will remove a lot of the bloat of the code case, will make it easier for the core to manage updates in the future. " spacedmonkey Future Releases 25117 The distribution build process should be fully available to anyone. Build/Test Tools normal normal Future Release feature request reopened has-patch 2013-08-22T14:36:33Z 2019-07-04T11:42:38Z "The wordress build environment for each version should be specified in enough detail for third parties to be able to run a build process and get the same distribution as generated by wordress.org. See discussion about maintaining and documenting the build environment in #24977" mark-k Future Releases 41870 Code Editor: Add grunt task for building new CodeMirror bundles from external dependencies adamsilverstein Build/Test Tools normal normal Future Release task (blessed) assigned has-patch 2017-09-13T18:06:08Z 2022-01-30T16:51:32Z "After [41376] for #12423, it would be ideal if the CodeMirror bundling logic (via browserify) could be added as part of core. In this way, the external dependencies (CodeMirror and the linter linraries) can be managed by NPM. For now, just the minified bundles are being included. The logic used in the Better Code Editing plugin for creating the bundles can be seen here: https://github.com/WordPress/better-code-editing/pull/92/files Depends on #40894 which replaces Browserify with Webpack in core. See also #42424, where we need to fix line-endings for CSSLint. Additionally, the linters are currently being included as separate assets. They are not being minified, other than they are already minified as distributed. These could either benefit from additional uglification or bundling with codemirror if they are not going to be enqueued separately. The same goes for the `htmlhint-kses` script." westonruter Future Releases 55974 Bundled theme: Add support for border options Bundled Theme 6.0 normal normal Future Release defect (bug) new has-patch 2022-06-14T11:42:12Z 2024-03-02T08:22:01Z "In Twenty Twenty Theme, when we add Pullquote block in editor side and add any border style after that choose border color, We can see that border color is seen in editor side. But when we see the same Pullquote block at front side, border color is not reflected. Steps to replicate: 1: Activate the Twenty Twenty Theme 2: Add Pullquote block 3: Add border style 4: choose border color 5: Save Page/Post 6: View the page/post at front side For better understanding I provide video attachment link. Video URL : https://share.cleanshot.com/bqZzSHG6AGVy2hslSIqc Thanks" kajalgohel Future Releases 60435 Footnotes Icon not showing for TT4 on Mac OS Sonoma 14.3 and Safari 17.3 Bundled Theme 6.4.3 normal normal 6.6 defect (bug) new has-patch 2024-02-05T04:08:58Z 2024-02-22T10:03:20Z "When updated to the latest Mac OS (Sonoma 14.3) and using Safari 17.3 - the arrow icon for footnotes (at the bottom of the page) does not display. The ''inline'' footnote arrow shows - just not the one at the bottom of the content. This ''seems'' related to the font face - if I change to default sans-serif, the arrow displays once again. [[Image(https://s3.amazonaws.com/i.snag.gy/dR6Xwz.jpg)]]" jordesign Future Releases 56153 Query loop block with full width and having template of image, title and date has full width issue in editor side in twenty twenty theme. Bundled Theme 6.0 normal normal Awaiting Review defect (bug) new has-patch 2022-07-05T17:38:20Z 2022-07-12T06:41:45Z "While using query loop block in twenty-twenty theme having full width selected. The image in the template of the query loop block is not displaying in full width on the editor side. but in front, the image is displaying properly. The front and editor sides should be the same. Steps to reproduce: 1. Add query loop block. 2. Select the template in the query loop block having an image. 3. Set the query loop block as full width. 4. Now you can clearly see the issue. the image will not display in full width on the editor side. But if you check on the front side the image will appear in full width. Attaching image for better understanding." smit08 Future Releases 57113 Submenu's text are not visible in Home page Navigation in Twenty Twenty Two Theme Bundled Theme normal normal Awaiting Review defect (bug) new close 2022-11-15T10:31:59Z 2023-03-06T06:14:20Z "- Choose Twenty Twenty Two Theme - Activate theme - Add Menu items & submenu items - Check frontend side in home page (submenu item text are not visible)" shailu25 Future Releases 30575 Twenty Fourteen: Submenu items on dropdown menus nearly impossible to select on some Android mobile tablets Bundled Theme 4.0.1 normal normal Awaiting Review defect (bug) assigned has-patch 2014-12-02T16:01:22Z 2024-03-07T05:01:38Z "On larger Android tablets, it's next to impossible select a submenu item from the dropdown menu, since it appears too quickly to be tapped. Replicated on [http://wp-themes.com/twentyfourteen/ Twenty Fourteen demo] site using: - Samsung Galaxy note 10.1 2014 edition, running Android 4.4.2, using the ""Browser"" app and Chrome. Tester noted that ""When I use my stylus, I am able to hover over the menus so I can choose the correct one."" - Nexus 7 in landscape mode, Android 4.4.2, Chrome Screencast: https://cloudup.com/imicb2EvVyc This does '''not''' seem to affect the mobile menu, which kicks in at smaller screen sizes, such as the Nexus 7 in portrait mode. It only affects screen sizes at which the regular dropdown menu is displayed. Reported in [http://en.forums.wordpress.com/topic/not-functional-drop-down-menus-on-20-14-theme-and-android-platform this forum thread] " zoonini Future Releases 58100 Twenty Nineteen :- PullQuote block color is not reflacted on citation text Bundled Theme 6.2 normal normal Awaiting Review defect (bug) new has-patch 2023-04-06T16:10:15Z 2023-04-20T08:38:09Z "Steps to reproduce the issue :- 1. Activate Twenty Nineteen theme. 2. Choose Pullquote block. 3. Add some text. 4. Apply text color. You can able to see that text color is not reflected on the citation text. I have attached video for better understanding. Video URL :- https://share.cleanshot.com/tcxjFQrzTyDgzzTN4yjR" nidhidhandhukiya Future Releases 47044 Twenty Nineteen: Add padding for full-aligned text blocks inside of a full-width column block. Bundled Theme normal normal Future Release defect (bug) new has-patch 2019-04-25T13:19:46Z 2019-10-03T22:05:35Z "As noted by @dianeco, after #46999, text-based blocks inside of a full-width columns block now bump up against the edges of the screen: [[Image(https://cldup.com/KnBH49tlCQ-3000x3000.png)]] In the case of media/image blocks, it's likely that users ''will'' want these to bump right up against the edge of the page, so we should try adding some padding only to text-based blocks if possible. Note that this needs to be fixed in both the editor and front-end. " kjellr Future Releases 46215 Twenty Nineteen: Aligning table to center not working on front end Bundled Theme 5.0.3 normal normal Future Release defect (bug) new has-patch 2019-02-08T12:36:18Z 2023-05-26T08:49:20Z "When i add **Table block** in editor and assign Alignment ""Center"" from the toolbar it's working properly in backend but it's not working properly in frontend." iamjaydip Future Releases 49931 Twenty Nineteen: Group color styles prevent custom colors poena Bundled Theme normal normal Future Release defect (bug) assigned dev-feedback 2020-04-17T09:42:10Z 2024-02-13T11:46:31Z "When TwentyNineteen was created, the ability to colorize various blocks was not as full-featured as it is today. You could easily choose text and background colors in a block, that would have no contrast at all. However this is less of an issue today, where the contrast checker will help inform you whether the text is sufficiently legible or not. In addition to this, the rules that colorize text according to what background color you applied to a group means that custom colors don't work at all, which will be more of an issue as global styles let you colorize more aspects. This was originally reported in https://github.com/WordPress/gutenberg/issues/21672." Joen Future Releases 49787 Twenty Nineteen: Highlight text color isn't reflected in the editor poena Bundled Theme normal normal Future Release defect (bug) assigned has-patch 2020-04-02T21:59:12Z 2024-02-13T11:48:49Z "The new text color feature doesn't work in Twenty Nineteen, you are unable to change the text color. [[Image(http://cldup.com/M49Ikw3xxW.png)]]" karmatosed Future Releases 46048 Twenty Nineteen: Latest posts block: Post title overlaps other titles on certain screen widths Bundled Theme 5.0.3 normal normal Future Release defect (bug) new has-patch 2019-01-21T15:56:20Z 2020-01-13T17:37:10Z "Affects: Only Twenty Nineteen. Does not affect other core themes like Twenty Seventeen or Twenty Sixteen. On certain screen widths, with the ""Latest posts"" Gutenberg block, the long post title overlaps with the nearby titles. This seems to happen only for titles having characters like ""/"" on it, at the end. I haven't been able to see if this is the case with other special characters. The attached images can help understand this better. Video https://cloudup.com/c2G8sjrlp1b showing that this is not affected with other themes like Twenty Seventeen." arunsathiya Future Releases 46658 Twenty Nineteen: Navigation menu is messy with RTL language SergeyBiryukov Bundled Theme normal normal Future Release defect (bug) reviewing has-patch 2019-03-26T14:46:38Z 2019-10-15T14:25:23Z "Hello, For our languages switcher, we can add it in primary navigation menu with an options for adding country flag for each language. With a rtl language like arabic, we have a strange behaviour because of the first li tag does not have the behaviour expected. See first screenshot attached Unlike in twenty seventeen {{{ display: inline; }}} is used instead of {{{ display: inline-block; }}} When I corrected to {{{ display: inline-block; }}} it works well again in this case. See second screenshot attached Regards " manooweb Future Releases 45991 Twenty Nineteen: Post titles are overflowing the content area Bundled Theme 5.0.3 normal normal Future Release defect (bug) new reporter-feedback 2019-01-15T10:11:02Z 2023-11-08T08:34:03Z "Post titles are overflowing the content area. In Twenty Seventeen the following code in style.css prevents titles from overflowing the content area. This code should be added to Twenty Nineteen as well. {{{ #page { word-wrap: break-word; } }}} " Dejan85 Future Releases 58169 Twenty Nineteen: Quote block having issue when font-size is selected Bundled Theme 6.2 normal normal Future Release defect (bug) new has-patch 2023-04-20T18:02:09Z 2024-02-12T09:05:34Z "Steps to reproduce the issue :- 1. Activate Twenty Nineteen theme. 2. Choose Quote block. 3. Change font size. 4. Now check that applied font-size both side admin and user side for citation text. You can able to see the difference between both the fonts. I have attached video for better understanding. Video URL :- https://share.cleanshot.com/m4sv6stcg7PLCcwdH8QK" nidhidhandhukiya Future Releases 45907 Twenty Nineteen: Right-aligned, uncaptioned images inserted via the Classic Editor do not extend beyond the text column Bundled Theme 5.0 normal normal Future Release defect (bug) new has-patch 2019-01-10T16:33:20Z 2020-02-21T15:15:42Z "Originally reported by @joyously on the Twenty Nineteen GitHub repo: https://github.com/WordPress/twentynineteen/issues/688 The Twenty Nineteen is designed to have right-aligned elements extend beyond the text column like so: [[Image(https://cldup.com/jqNamSAitA-1200x1200.png)]] This works in all cases ''except'' under the following conditions: 1. An image has been inserted via the Classic Editor. 2. The image is floated right. 3. The image does not have a caption. In that case, the image will appear tucked into the text column: [[Image(https://cldup.com/b_oMnbi4XQ-1200x1200.png)]] In that case, the images are housed within paragraph tags. For example: {{{

    This is some text that the image will float around.

    }}} The `

    ` inherits our max-width styles, and prevents the image from extending beyond the content column. In order to have the image extend beyond the paragraph's width, we'd need to pull it out via negative margins or relative positioning of some sort. The markup would be very different from the markup we're currently using for all other cases though — I'm not personally sure it's worth sorting out for this single use case, but leaving the issue here in case anyone comes across a simple solution. " kjellr Future Releases 56455 Twenty Nineteen: Text Color issue in Pullquote Block Bundled Theme 6.0.1 normal normal Awaiting Review defect (bug) new has-patch 2022-08-29T07:16:04Z 2024-03-18T10:33:29Z "In Twenty Nineteen Theme, when we add Pullquote block in editor side, and choose text color, We can see that the text color is not reflected for ""Add citation"" text.But when we see the same Pullquote block at front side, text color for ""Add quote"" and ""Add citation"" is not reflected. Steps to replicate: 1: Activate the Twenty Nineteen Theme 2: Add Pullquote block 3: Enter some Text for ""Add quote"" 4: Enter some Text for ""Add citation"" 3: Choose Text color 4: Save Page/Post 5: View the page/post at front side For better understanding I provide video attachment link. Video URL : https://share.cleanshot.com/4DhJNFXRZcP8DJKYfZnp Thanks" kajalgohel Future Releases 56456 Twenty Nineteen: Text Color issue when added background color in Pullquote Block Bundled Theme 6.0.1 normal normal Awaiting Review defect (bug) new has-patch 2022-08-29T09:01:12Z 2023-05-26T08:23:01Z "In Twenty Nineteen Theme, when we add Pullquote block in editor side, and choose text color after that choose Background color, We can see that the text color is not reflected for ""Add quote"" and ""Add citation"" text. Steps to replicate: 1: Activate the Twenty Nineteen Theme 2: Add Pullquote block 3: Enter some Text for ""Add quote"" 4: Enter some Text for ""Add citation"" 5: Choose Text color 6: Choose Background color 7: Save Page/Post 8: View the page/post at front side For better understanding I provide video attachment link. Video URL : https://share.cleanshot.com/CN6Zb1g87OIUmDsJgD9i Thanks" kajalgohel Future Releases 46785 Twenty Seventeen: Floated Images appear with extra space on top on the front end. Bundled Theme 5.1 normal normal Awaiting Review defect (bug) new has-patch 2019-04-03T13:22:17Z 2021-08-17T00:01:38Z "''Ported over from Gutenberg's repo, since this is a Twenty Seventeen issue:'' https://github.com/WordPress/gutenberg/issues/14782 **Steps to reproduce** 1. Create a new page, add an image block and insert image. 2. Add a paragraph block below with text. 3. Resize image and change to left alignment. Text wraps around image. 4. Preview/publish **What I expected** Expected the image and text to be almost exactly aligned, as it appears in the editor. **What happened instead** When previewed/published, the first line of text has a gap above it. Workaround: Adding an empty paragraph block above the image block removes the gap. **Browser / OS version** Chrome Version 73.0.3683.86 macOS Mojave 10.14.3 ---- **Screenshots** Page creation: [[Image(https://cldup.com/whURZYOf-k.gif)]] Before adding empty paragraph block: [[Image(https://cldup.com/QiGnsXicGs-1200x1200.png)]] Empty paragraph block applied in editor: [[Image(https://cldup.com/QOrcLW8iWM-3000x3000.png)]] After adding empty paragraph block: [[Image(https://cldup.com/AgAjLakQ6b-3000x3000.png)]]" kjellr Future Releases 46604 Twenty Seventeen: Front page panels allow pages of any status to be shown. Bundled Theme normal normal Awaiting Review defect (bug) new has-patch 2019-03-22T11:55:51Z 2021-08-17T00:21:05Z "I noticed that if you have a published page set to a `Front Page Section X Content` and that page is then set to `private`, `draft`, `pending`, or `trash` at some point in the future, the content still appears on the homepage. And if the page is deleted permanently, an error is shown and the content of the ""Homepage"" is shown again. When going back into the Customizer > Theme Options, pages that do not have the status `publish` no longer show up in the select box. This makes it unclear to the user what has happened. Choosing `— Select —` and publishing the Customizer changes removes the page(s), but I think that's a suboptimal experience. It's easy enough to check the `post_status` of the page before displaying the panel, but some thought will need to go into how to handle that situation in the Customizer." brettshumaker Future Releases 50376 Twenty Seventeen: Gallery captions are not at the bottom of images of some sizes Bundled Theme normal normal Awaiting Review defect (bug) reopened has-patch 2020-06-12T17:05:56Z 2020-06-17T16:19:34Z "I am using a default gallery block and adding some captions to this WordPress-powered page: https://krasnogor.eu/?page_id=17 And you can see how the captions look in the top gallery. For comparison, I have add a caption to one image in the second gallery block underneath and you can see it displays properly. I have tried changing the size of the images as well as number of columns but adding the captions always looks like this, cutting across the middle of the images of this shape. Am I doing something wrong? Aren't captions expected to display properly on all image shapes, especially if the images are cropped automatically by WP?" pevogam Future Releases 56747 Twenty Seventeen: Image Block captions are Italic on frontend but not in editor audrasjb Bundled Theme normal normal Future Release defect (bug) reopened has-patch 2022-10-06T13:17:05Z 2023-08-21T15:36:13Z "If you add a caption to an image in the Image Block, the caption is in italics on the front end but not in the editor. This means that if you select the caption text you have the option to make it italic (which has no change on the front end) but not the option to deselect italics. Either captions need to not be italic by default on the front end or the image block in Twenty Seventeen needs to have italic captions enabled by default. Oliver" domainsupport Future Releases 44768 Twenty Seventeen: Ordered and unordered both lists overlap outside of the main container Bundled Theme 4.9.8 normal normal Awaiting Review defect (bug) new has-patch 2018-08-09T20:26:07Z 2018-08-11T11:45:59Z "Unordered and ordered list both overlap the main container to left for both frontend and backend (Editor). Twentyseventeen has custom styles for the ul and ol. I've attached a patch with few screenshots for better understanding. " mmaumio Future Releases 42598 Twenty Seventeen: Sticky header offset issue Bundled Theme normal normal Future Release defect (bug) new has-patch 2017-11-17T10:17:07Z 2019-01-21T17:31:53Z "Theme: Twenty Seventeen Version: 1.3+ (not tested below 1.3) The theme has an option to make the header/ menu ""sticky"" or fixed position. The theme also has a function that handles the position of the viewport, so that the menu does not sit on top of content navigated from internal links. For example if you were to jump to a section of the page using '#about' the theme's JS would fire and amend the viewport in relation to the height of the fixed menu. '''The bug''' If a link goes to a section of content another page the theme's JS that amends the viewport no longer works. I've tried debugging this from the support forums on someone's website and I think the issue is related to the order in which the JS fires; 1) When the page loads the header height is not fully calculated; 2) The theme's JS then moves the viewport to fix the sticky menu overlap, which uses the position of the scrollbar as reference; 3) The theme's JS then applies a margin-bottom on the header, causing a shift in the scrolling position 4) The result is that the offset is incorrect and the fixed menu sits on top of the content. Steps to replicate: - Enable the sticky header - Create a ""Continue reading"" link that goes to a new page (with a hash to the section) - Press that ""Continue reading"" link to see the problem in the linked page " anevins Future Releases 52716 Twenty Seventeen: consider style updates for box-shadow on linked images justinahinon Bundled Theme 5.0 normal minor Awaiting Review defect (bug) assigned has-patch 2021-03-04T20:32:41Z 2021-04-08T20:07:58Z "== Origin User report: https://github.com/WordPress/gutenberg/issues/22187 That report was only about the Media & Text block specifically but looking into I recognized it as a general issue with the styles from Twenty Seventeen and applicable to other blocks. == Steps to replicate 1. Add any block that supports inner blocks and background colors (Group, Columns) 2. Add a background color to the block 3. Inside the block, add any/all of the following blocks: Image, Gallery or Media & Text 4. Add a link to the inner block (Gallery block gets links via a setting the Inspector (block settings sidebar) == Results * In each block there is a box-shadow on the images * In the Gallery block the box-shadows double-up between images * In a Media & Text block with a background-color of its own, the box-shadow expands beyond the block background area == Expected Consistency between what is seen in the Block Editor and the frontend (i.e. Either without box-shadows on the frontend or with box-shadows in the Editor). == Screenshots === Blocks with linked images ||= Block editor =||= Frontend =|| || image pending || image pending || === Inline images with links Inline images are also styled differently between editor/frontend. ||= Block editor =||= Frontend =|| || image pending || image pending || " presstoke Future Releases 41884 Twenty Seventeen: responsive (gallery) images are too large Bundled Theme 4.8.1 normal normal Future Release defect (bug) new has-patch 2017-09-14T19:36:03Z 2019-10-03T22:17:54Z "It seems the sizes attribute used for gallery images on the Twenty Seventeen theme is a bit off. When viewed on the front page or an archive page, instead of the selected thumbnail images (150px), the browser is choosing the medium size at 600w, which I believe is based on the ""default"" of 580px. Even worse, when viewing a single post with a gallery, the ""size"" attribute is 100vw, which means a 1080p screen forces the browser to load the largest image available (1024w in my case). I switched over to the Twenty Sixteen theme and it does not seem to have this same problem. I also tested this on another site, and initially it was only showing thumbs (as expected). I compared the media settings, and realized the two sites were different. So there is one other thing that must be true to cause this behavior. Under the Media settings, if you have the thumbnail cropping turned off, this is the trigger. So essentially, when the thumbs are 150x113 instead of 150x150, the Twenty Seventeen theme adds all (or most of) the available sizes to the srcset list because it fails to find an exact match to display in the gallery. You can see it in action here: https://test.shanebishop.net/2017/06/23/hello-world/" nosilver4u Future Releases 60336 Twenty Sixteen :- Table block having issue with border when text color is used. Bundled Theme 6.4.2 normal normal Awaiting Review defect (bug) new has-patch 2024-01-24T09:48:00Z 2024-03-02T07:28:39Z "Steps to reproduced the issue :- 1. Activate Twenty Sixteen theme. 2. Choose table block. 3. Add some text. 4. Apply text color. Now you can able to see that the choosen text color also applied on border in editor side but in the user side the border color remains same as default border color. I have attached video for better understanding. Video URL :- https://share.cleanshot.com/LJlVp3460bvvl5ZYRTsP" nidhidhandhukiya Future Releases 56601 Twenty Ten: overlap issue in Button block Bundled Theme 6.0.2 normal normal Awaiting Review defect (bug) new close 2022-09-19T12:09:07Z 2023-06-05T04:39:33Z "In Twenty Ten Theme, when we add Button block in editor side and change alignment as ""Align left"" or ""Align right"". After that we add paragraph block or any other block then we can see that the Button block is overlapping with the newly added block. Steps to replicate: 1: Activate the Twenty Ten Theme 2: Add Button block 3: Choose ""Align right"" or ""Align left"" from Align option 4: Add paragraph Block 5: View the page/post at editor side For better understanding I provide video attachment link. Video link: https://share.cleanshot.com/XuFtIRCURbgfcSSNxf41 Thanks" kajalgohel Future Releases 56290 Twenty Twelve: Button blocks inside widget areas don't apply custom colours Bundled Theme 5.8 normal normal Awaiting Review defect (bug) new has-patch 2022-07-27T05:31:47Z 2023-05-26T12:22:18Z "A similar issue was reported in #45432 but it was only partially fixed. I have noticed that, while this is fixed for buttons adding to the main content, the problem is still reproducible with buttons added to widget areas. We would need to reduce the specificity of the selectors on widget areas to prevent this." mrfoxtalbot Future Releases 49950 Twenty Twenty (1.2) Horizontal menu - Submenu joedolson Bundled Theme normal normal 6.6 defect (bug) assigned has-patch 2020-04-18T16:04:32Z 2024-03-05T15:24:47Z "Hi there! I've tried adding a submenu in the horizontal menu but there is some issue regarding accessibility when I tested it. It fails the Success Criterion 1.4.13 Content on Hover or Focus of WCAG : https://www.w3.org/TR/WCAG21/#content-on-hover-or-focus The submenu cannot be dismissed. If there are many links in the submenu, keyboard navigation is tedious since the person will have to tab all of the content of the submenu before reaching the next item of the menu. Expected fix: The submenu should be dismissable with the Esc key for example. Here is a menu with a submenu that implements the SC 1.4.13 : https://www.eesc.europa.eu/ It's my first ticket, so I hope I'v done it properly. Regards, Luce" lcarevic Future Releases 55991 Twenty Twenty One: Unable to change size in Quote block audrasjb* Bundled Theme 6.0 normal normal 6.6 defect (bug) accepted has-patch 2022-06-16T13:00:19Z 2024-02-22T03:59:24Z "Hello Team, In Twenty Twenty One Theme when we select Quote block and try to change size, nothing happens in Editor. In the front-end, the size change is reflected only for citation. How to Replicate: 1. Activate the Twenty Twenty One theme 2. Insert Quote block 3. Enter text and select size [https://www.loom.com/share/eb2d91e3bd90413184308d9f5452e785]" jyolsna Future Releases 57257 Twenty Twenty theme button block is having issue when alignment and width both are used. Bundled Theme 6.1.1 normal normal Future Release defect (bug) new reporter-feedback 2022-12-02T08:55:09Z 2023-02-08T04:31:55Z "Steps to reproduce the issue :- 1. Activate Twenty Twenty theme. 2. Choose button block. 3. make the button align-right and give width 75%. You can able to see the button is aligned right into admin side but width is not applied to button admin side. Now, on the userside you can able to see that button width is 75% but the alignment is not right side. I have attached video for better understanding :- https://share.cleanshot.com/JW8RJkfKfCGC2MGGbX9A" nidhidhandhukiya Future Releases 57250 Twenty Twenty theme quote block ciation is having issue with text color. Bundled Theme normal normal Future Release defect (bug) new has-patch 2022-12-02T04:54:32Z 2023-03-25T15:16:05Z "Steps to reproduce the issue :- 1. Activate Twenty Twenty theme. 2. Choose Quote block. 3. Choose any text color. You can able to see text color is not refclated on the ciation." nidhidhandhukiya Future Releases 58499 Twenty Twenty theme table block having issue with color Bundled Theme 6.2.2 normal minor Awaiting Review defect (bug) new has-patch 2023-06-09T07:33:23Z 2023-07-13T06:57:04Z "Steps to reproduce the issue. 1. Activate Twenty Twenty theme. 2. Take table block. 3. Add some text. 4. Apply background color black or pink. 5. Now apply any color to the text. You can able to see it will not take the value of that choosen color if black or pink is set as a background color for editor side. Front side it is working fine it is having issue only in editor side. I have attached video for better understandng. Video URL :- https://share.cleanshot.com/plqBT1cn6hMbRR5g6Grz " nidhidhandhukiya Future Releases 60335 Twenty Twenty-Four: FAQ Pattern creates accessibility issues Bundled Theme 6.4 normal normal 6.6 defect (bug) new has-patch 2024-01-24T09:04:02Z 2024-03-05T15:28:33Z "This was reported by @alh0319 in https://github.com/WordPress/twentytwentyfour/issues/743 I have copied and pasted the text from the issue, as well as the comment. ---- The FAQ Pattern packaged in the theme uses multiple Details blocks in a row. While it's not labeled or promoted as an accordion, this functionally behaves like an accordion, and most users, especially non-tech-savvy ones, will see this pattern as an accordion and use it as such throughout their site. They are likely to create long lists of FAQs in this manner when given the pattern as an example. Core themes should set website owners up for success and provide a good example of how to build websites that are accessible. This pattern does neither. Accessible accordions have headings, which are vital for navigation with a screen reader. Lists of FAQs, which frequently include important information about products, services, and companies, need headings so that screen reader users can access that information easily. The details block is not a substitute for an accordion block and users should not be encouraged to use it as one. This pattern should be removed from Twenty Twenty-Four. Either the pattern should be removed completely, or the questions and answers that are built with the details block should be rebuilt with the questions as H3s and the answers as visible paragraphs. If an accordion block can be built quickly, it could be replaced with that, but given testing time needed, it would be better to remove this pattern from the theme ASAP to reduce the number of websites and that using it and will need to be fixed later. == Step-by-step reproduction instructions Insert FAQ pattern into a page and inspect it. == Expected behavior Accordions should be built accessibly. Here's a good [example of how the accordion block should be coded for accessibility https://designsystem.digital.gov/components/accordion/]. We shouldn't create patterns that add accessibility problems to user's websites. == Additional context Please reference the discussion on the [https://github.com/WordPress/gutenberg/issues/21584 New block: Accordion block issue] in the Gutenberg repo for more information on why the Details block should not be used as an accordion. @joedolson said in that discussion that he didn't think it was an issue, so he may want to way in here, but I disagree. ----- Comment by @alexstine Not trying to tell anyone told you so but I felt like this could be one of those blocks that would be misused. Upvote to doing something about it. " poena Future Releases 52780 Twenty Twenty-One: Code tag shows outside of section area Bundled Theme 5.6 normal normal Future Release defect (bug) new has-patch 2021-03-11T15:37:45Z 2023-02-07T07:36:35Z "Code tag formatting issue, text show outside of section area [[Image(https://i.ibb.co/Jpym68L/1.png)]] [[Image(https://i.ibb.co/G0Z18Wc/2.png)]]" ravipatel Future Releases 48617 Twenty Twenty: Figure elements with inline style can overflow content bounds nielslange Bundled Theme 5.3 normal normal Future Release defect (bug) assigned has-patch 2019-11-13T22:30:45Z 2020-05-13T11:05:22Z "In content created in the classic editor, images that have captions and are set to alignnone or aligncenter can exceed the width of the entry content. This is caused by the inline style on the figure element overwriting the `width` set on `.entry-content > *` in style.css. **Steps to reproduce:** 1. Add an image while using the classic editor. 2. Set it to alignnone or aligncenter. 3. Add a caption. 4. Check on a screen size thinner than the width of the image. **Suggested solution:** (Condensed for clarity) {{{#!css .entry-content figure.alignnone[style*=""width""], .entry-content figure.aligncenter[style*=""width""] { max-width: calc(100% - 4rem) !important; } @media ( min-width: 620px ) { body:not(.template-full-width) .entry-content figure.alignnone[style*=""width""], body:not(.template-full-width) .entry-content figure.aligncenter[style*=""width""] { max-width: 58rem !important; } } @media ( min-width: 1280px ) { body.template-full-width .entry-content figure.alignnone[style*=""width""], body.template-full-width .entry-content figure.aligncenter[style*=""width""] { max-width: 120rem !important; } } }}} First reported by @derlynad." Anlino Future Releases 49075 Twenty Twenty: Inserted images not responsive at smaller browser widths Bundled Theme 5.3 normal normal Future Release defect (bug) reopened reporter-feedback 2019-12-24T08:32:24Z 2020-02-20T16:50:26Z "Reported on the forums here initially: https://wordpress.org/support/topic/posts-images-are-not-responsive When decreasing the browser width down to the > 600px width you'll start to see some images being cut off. This is due to the following code: {{{ .entry-content > *:not(.alignwide):not(.alignfull):not(.alignleft):not(.alignright):not(.is-style-wide) { max-width: 58rem; width: calc(100% - 4rem); } }}} As inserted images are placed inside of a

    element the code sets the max-width to something wider than what the browser width is. If the inserted image has a width set inline, it'll cause it to display past the border of the browser. max-width could be set to either 100% in this case or could be targeted using media queries to something where if the browser width is less than 600px the max-width is then set to 100% " JarretC Future Releases 56157 Twenty Twenty: Table font size not reflected in frontend Bundled Theme 6.0 normal normal Awaiting Review defect (bug) new has-patch 2022-07-06T11:35:19Z 2023-06-25T04:40:10Z "Twenty Twenty Table font size not reflected in front. Steps to replicate: 1: Activate the Twenty Twenty Themes
 2: add Table block
 3: Select Size URL: https://www.loom.com/share/dc28c0c09ef247e1afe55a0561c1c911" umesh84 Future Releases 58024 Twenty Twenty: button block link does not inherit custom letter spacing Bundled Theme 6.2 normal normal Awaiting Review defect (bug) new has-patch 2023-03-30T11:41:09Z 2023-07-01T22:10:51Z "Steps to reproduce the issue:- 1. Activate Twenty Twenty theme. 2. choose button block. 3. Give letter spacing. You can able to see there is no spacing between the letters. I have attached video for better understanding. Video URL :- https://share.cleanshot.com/B2GwwvWvlTvwZFMWD55P" nidhidhandhukiya Future Releases 49030 Twenty Twenty: video resize functionality also impacts other elements on the page Bundled Theme 5.3 normal normal Awaiting Review defect (bug) new dev-feedback 2019-12-18T17:34:13Z 2020-05-14T15:37:38Z "Twenty Twenty bundles a functionality named ""Intrinsic Ratio Embeds"", allowing videos ({{{iframe}}}, {{{object}}}, {{{video}}}) to be automatically resized on demand. This is practical, but can be problematic for some elements on the page that may not behave like a video, or that may not be in the post content at all. While plugins can use the {{{.intrinsic-ignore}}} CSS class to avoid being impacted by this, I wonder if we could be a bit more specific within the theme, and only target videos inside the post content. This would avoid conflicting with plugins adding iFrames and / or videos outside of the post content, like in widgets. " jeherve Future Releases 59688 Add descriptions to patterns in bundled themes audrasjb Bundled Theme normal normal 6.6 enhancement reviewing has-patch 2023-10-20T02:09:00Z 2024-02-13T14:24:24Z "Patterns have a parameter called ""Description"". The description is used in the WordPress interface, to add context for users that can not see or use the pattern preview. For example users of screen readers. All patterns without the ""Inserter"" parameter set to ""false"" or ""no"", should use the description parameter (These patterns are hidden in the block inserter and do not use the descriptions). Patterns in bundled themes that are missing descriptions needs to be updated. Patterns can be registered using the patterns folder or with [https://developer.wordpress.org/reference/functions/register_block_pattern/ register_block_pattern()] and both type of patterns should be updated. " poena Future Releases 45928 Twenty Nineteen: Add a filter to the $primary_color variable Bundled Theme normal normal Future Release enhancement reviewing has-patch 2019-01-10T22:21:51Z 2020-02-21T17:51:36Z "There should be a filter added to the `$primary_color` variable, so that child-themes and plugins can override the built-in default primary color if they choose. Currently, saturation, lightness, and selected text-color can all be filtered. Once the primary color is also filterable, it’ll allow for child themes and plugins to fully customize the color dynamics in the theme. See: https://core.trac.wordpress.org/browser/trunk/src/wp-content/themes/twentynineteen/inc/color-patterns.php#L15" allancole Future Releases 45878 Twenty Nineteen: Search widget input field width is too narrow on wide screens Bundled Theme 5.0.2 normal normal Awaiting Review enhancement reopened has-patch 2019-01-09T14:02:14Z 2019-03-05T16:37:55Z "At screens below ~600px, the search input field is 100% of the parent container, but above that it changes to `width: auto;` which causes it to shrink to ~170px. I suggest we make that a little larger by removing auto and setting a max-width in the CSS. Below 598px: [[Image(https://cldup.com/N7c64xcdCn-2000x2000.png)]] Above 600px: [[Image(https://cldup.com/8WGvnHWHLQ-3000x3000.png)]] --- This issue was migrated over from Twenty Nineteen's GitHub repository: https://github.com/WordPress/twentynineteen/issues/747" crunnells Future Releases 39281 Twenty Seventeen: header.php forces thumbnails on all post types Bundled Theme 4.8 normal normal 6.6 enhancement reopened has-patch 2016-12-14T17:23:54Z 2024-02-22T06:48:27Z "My plugin has custom post type and custom 'single-post-type' views and doesn't utilize thumbnails in them. As a result layout appears broken, and there is nothing I can do to make the plugin compatible with Twentyseventeen. I went to have a look how WooCommerce deals with this, and it turns out that there is this piece of code in the style of twentyseventeen: {{{ .single-product .single-featured-image-header { display: none } }}} While that does work, I don't think it's a solution. At the very least there has to be a filter to dynamically disable the thumbnail from `header.php`" justnorris Future Releases 52551 Twenty Twenty-One: Search box alignment Bundled Theme 5.7 normal minor 6.6 enhancement new has-patch 2021-02-17T07:17:16Z 2024-03-18T10:28:19Z I was Customized theme twenty twenty-one search-box on tablet and smartphones view. here search-box text field and button are not in correct alignment. vinita29 Future Releases 55948 Twenty Twenty: Not able to change the Text size or Color for Add citation in Gutenberg Quote block Bundled Theme 6.0 normal normal Awaiting Review enhancement new has-patch 2022-06-08T11:20:47Z 2023-06-02T07:21:13Z "Hello Team, In Twenty Twenty Theme when we select Quote block we cannot able to change the Text size or Color for the ""Add citation"" text. Also for the Left Border we cannot able to change its color. For more information please find the Video attached. Thanks." varshil151189 Future Releases 30430 WP_Object_Cache does not properly cache objects nested in arrays Cache API 2.0 normal normal Awaiting Review defect (bug) new needs-unit-tests 2014-11-21T00:17:31Z 2022-07-08T23:23:03Z "I noticed on a plugin that cached data wasn't coming out the way it was inserted. What was happening is that it was an array of objects. The code would then go and change the original data and the data in the cache is changed. I would expect data retrieved from the cache to be exactly the same as what was inserted. To make sure there was minimal performance impact I did some tests and the test script is attached. Initially I thought unserialize(serialize($data)) would be a good route, but it was twice as slow as rolling your own solution. I tried numerous methods and the function I initially build was always the fastest. The transient/option table doesn't have this problem because it calls maybe_serialize. Another way to fix this would be to call maybe_serialize on the set, and maybe_unserialize on a get but that would spread the cost to both functions and I think it is better to have the set be slightly more expensive than having every set and get take slightly longer. " jamesgol Future Releases 39535 Canonical redirects disallow tag named comments Canonical normal normal Future Release defect (bug) new needs-unit-tests 2017-01-10T09:04:05Z 2019-02-28T19:41:33Z "The `redirect_canonical` function includes a regular expression replacement which effectively disallows tags named ""comments"" to have an RSS feed: https://github.com/WordPress/WordPress/blob/master/wp-includes/canonical.php#L285 For example: /blog1/tag/comments/feed/ This is redirected to: /blog1/tag/feed/ Could / should the regular expression on line 285 could pay attention to the first placeholder it matched (`comments/?`) or check whether the page is a tag request?" dwc Future Releases 14773 Error in slug parsing leads to unlimited URLs for the same article = duplicate content Canonical 2.5 normal normal Future Release defect (bug) reviewing has-patch 2010-09-03T14:20:45Z 2023-10-19T20:10:42Z "an example says more than 1000 words: right url: http://ahmongwoman.wordpress.com/2010/09/02/i-am-not-hmong-and-i-dont-speak-spanish/ wrong urls: http://ahmongwoman.wordpress.com/2010/09/02/i-am-not------hmong-and-i-dont-speak-spanish/ http://ahmongwoman.wordpress.com/2010/09/02/i----am-not-hmong-and-i-dont-speak-spanish/ http://ahmongwoman.wordpress.com/2010/09/02/i-am-not-----hmong-and-i-------dont-speak---------spanish/ Problem: Wordpress returns the article with HTTP status code 200 for the wrong URLs. This is a serious issue for people regarding search engine optimization (duplicate content). Expected results: Wordpress returns HTTP Status code 301 with Location-Header and right URL to the client." thermoman Future Releases 54758 Front page not embeddable when using a static page_on_front Canonical normal normal Awaiting Review defect (bug) new has-patch 2022-01-07T06:01:48Z 2022-01-07T09:11:15Z "When a site is configured with a page_on_front, Canonical kicks in and redirects the user to the homepage. This is caused by Canonical not being embed-aware. As an example, the WordPress.org homepage should be embeddable: {{{ $ curl -Is https://en-au.wordpress.org/embed/ | grep -E '^(HTTP|location)' HTTP/2 301 location: https://en-au.wordpress.org/ }}} The non-pretty embeds do however work, unfortunately WordPress doesn't link to these when rewrites are enabled: {{{ $ curl -Is https://en-au.wordpress.org/?embed=1 | grep -E '^(HTTP|location)' HTTP/2 200 }}} After the PR attached to this ticket: {{{ $ curl -ILs https://en-au.wordpress.org/embed/ | grep -E '^(HTTP|location)' HTTP/2 200 }}} The fix attached is a combination bugfix/enhancement, as I've fixed the bug by making canonical embed aware, so it redirects to the canonical embed location. The PR isn't complete, as it appears to still fail on one of the test-cases I added, and appears to have altered (Potentially fixed?) the behaviour of another canonical test. A more targeted fix would be to disable canonical when `is_embed()` is truthful." dd32 Future Releases 52376 Redirect loop occurs in taxonomy archive with URL-encoded slug. Canonical normal normal Awaiting Review defect (bug) new has-patch 2021-01-26T13:14:28Z 2021-01-29T18:12:20Z "The following steps will occur. 1. Create taxonomy with `rewrite => false`. {{{#!php 'Genre', 'public' => true, 'rewrite' => false, ); register_taxonomy( 'genre', array( 'post' ), $args ); }}} 2. Create a term with URL-encoded slugs. ( example: 🏠, ワードプレス ) 3. Set Permalink structure to to something other than Plain. 4. Go to the archive of the created term. 5. Redirect loop. `remove_action( 'template_redirect', 'redirect_canonical' )`, it will not occur. " Toro_Unit Future Releases 18734 Subcategory archive does work with any name as parent category in URL Canonical 3.0.1 normal normal Future Release defect (bug) new dev-feedback 2011-09-21T15:10:46Z 2022-05-16T02:25:51Z "Parent category is ''parentcategory'' and his sub category is ''subcategory''. The URL will be ''domain.com/category/parentcategory/subcategory''. The problem is, that you will get the same page if you use any words as ''parentcategory''. Examples: - ''domain.com/category/xxx/subcategory'' - ''domain.com/category/subcategory'' - ''domain.com/category/foo/bar/subcategory'' IMO {{{redirect_canonical}}} should do his work here (and sometimes it does). In 3.1 it does redirect. In 3.1.4 it doesn't redirect; after r17549. In 3.2.1 it doesn't redirect. Duck_ found that it does redirect before r18079. In current trunk it doesn't redirect. " ocean90 Future Releases 39827 notice in wp-includes/canonical.php:392 SergeyBiryukov Canonical 4.7.2 normal normal Future Release defect (bug) reopened needs-unit-tests 2017-02-10T02:28:03Z 2024-02-15T09:23:06Z "Hello, We're getting notice in wp-includes/canonical.php:392, but it requires some specific steps to obtain it. Steps: 1. Setup a clean install of WPML 2. Set permalinks to postname without ending slash: /%postname% 3. Create a page in secondary language 4. Set this page as Home Page (under Settings/Reading) but only in the secondary language When you enter ""home page"", you get 404 because a page for original language does not exist. In line 121, you get {{{$redirect_url = get_permalink($redirect_post);}}} and value of $redirect_url is for instance ""http://testsite.dev?lang=fr"". As you see, there is no ""/"" before ""?"", that's why path is empty. You have already fixed the similar issue in line:77-79 {{{#!php // Notice fixing if ( !isset($redirect['path']) ) $redirect['path'] = ''; }}} I suspect, we need the same fix before line: 392 {{{#!php $redirect['path'] = preg_replace('|/' . preg_quote( $wp_rewrite->index, '|' ) . '/*?$|', '/', $redirect['path']); }}} " jakubbis Future Releases 33821 redirect_canonical does not consider port in $compare_original Canonical 2.3 normal normal Future Release defect (bug) new needs-unit-tests 2015-09-11T03:18:16Z 2019-09-23T21:12:34Z "In the `wp-includes/canonical.php` file the `$requested_url` is built starting at line 64. It combines `is_ssl()` for protocol, `$_SERVER['HTTP_HOST']`, and `$_SERVER['REQUEST_URI']` - but it does not consider `$_SERVER['SERVER_PORT']` This causes a redirect loop for us because we run HTTPS on port 8443. I suggest checking to see if a port other than 80 or 443 is being used and adding that as part of the comparison - suggested patch attached." willshouse Future Releases 34353 redirect_canonical() – Undefined indexes 'host' and 'scheme' Canonical 4.3.1 normal normal Future Release defect (bug) reopened needs-unit-tests 2015-10-19T08:47:03Z 2023-08-19T00:05:18Z "Hello, We have a problem on our Blog (http://blog.mila.com). Since over half a year, we get these notifications on top of our wordpress blog: '''Notice: Undefined index: HTTP_HOST in /opt/wordpress/wp-includes/canonical.php on line 66''' '''Notice: Undefined index: HTTP_HOST in /opt/wordpress/wp-includes/nav-menu-template.php on line 558''' The notifications come and go, so i don't know what the problem is.. This is line 66 in the canonical file: {{{#!php `. Considering the fact that just about any page on your site can be accessed with a malformed URL, I think it's time to enhance this function. The attached patch is just a first pass. But I think it gets us started in the right direction. There's also a filter before output, so themes and plugins can further enhance the output of this plugin (related #14458). Patch is against [438126]." nathanrice Future Releases 46017 """Mine"" comment count isn't updated when replying to or moderating a comment." Comments 5.1 normal normal Future Release defect (bug) new has-patch 2019-01-17T02:59:49Z 2019-01-24T04:40:53Z "To reproduce: - Visit `/wp-admin/edit-comments.php`. - Click Reply on a comment. - Type some text in the comment, click Reply. The ""All"" and ""Approved"" counts update as expected, but the ""Mine"" count doesn't." pento Future Releases 12104 'moderate_comments' capability by itself should grant the user the permission to See/Edit all comments from the Comments menu. Comments 3.0 normal normal Future Release defect (bug) new has-patch 2010-01-31T22:25:24Z 2021-11-08T19:10:31Z "I tried to create a Comment Moderator role today and realized it wouldn't work. My intention was to create a role for people who can't write or edit posts, but can keep an eye on the comment threads. I created the role like so: {{{ #!php add_role('moderator', 'Moderator', array( 'read' => 1, 'moderate_comments' => 1, )); }}} ... then created a new user with that role. When I logged in as my test user, I realized that it was for all intents and purposes a Subscriber. I couldn't see any admin panels but the Dashboard, my profile, and the Tools. I went poking around in edit-comments.php and discovered that it's checking for another capability altogether: {{{ #!php if ( !current_user_can('edit_posts') ) wp_die(__('Cheatin’ uh?')); }}} I double-checked wp-admin/includes/menu.php and it agreed that 'edit_posts' was the minimum capability to see this page, so I tried adding 'edit_posts' to my new role, and I still couldn't get there. Later on in edit-comments.php, when actually trashing a comment, there is a check for 'moderate_comments', but it's a moot point: this screen doesn't even show up in the admin menu, and if you navigate directly to it, you'll get the ""You do not have sufficient permissions to access this page"" message. I thought it was entirely possible I'd missed some finer point of creating roles, so I redid it with Justin Tadlock's excellent Members plugin, and that didn't work either. This behavior might be intentional, but if so, I'm not following the logic. I know roles are due for an overhaul in the next version or two." sillybean Future Releases 40319 Apostrophe in commenter's name prevents comment_whitelist setting from working. Comments 4.0 normal normal Future Release defect (bug) new has-patch 2017-03-30T18:30:04Z 2020-03-20T05:26:22Z "If a commenter has an apostrophe in their name, and they have a previously approved comment, and the comment_whitelist setting is enabled (""Comment author must have a previously approved comment""), the commenter's comment will always end up in moderation. The cause of this can be traced to r38738. If the name has an apostrophe, it will be slashed; the author name was previously included directly in the SQL, with the slash properly escaping the apostrophe, but when the query was updated to use `prepare()`, the author name was not unslashed. Affects 4.7, 4.7.1, 4.7.2, 4.7.3, and trunk. I've attached a patch that addresses the issue by unslashing the two `expected_slashed` parameters." cfinke Future Releases 57979 Can't upload images to WordPress Comments Comments 6.0.3 normal normal Future Release defect (bug) new changes-requested 2023-03-24T13:39:57Z 2023-10-16T15:35:22Z As the admin, I am unable to upload images from my image library to a WordPress comment posted by a user. Please Note: I can upload images to my own comments, but not a user-generated comment. On the admin page, I edit a user comment, click IMG button, add the image URL, and the correct code is added to the comment. When I click UPDATE, the image code disappears. Please note that all existing images in Comments display properly. This is a new problem. Theme is Genesis Magazine Pro. I tried: deactivating all plugins, multiple browsers, multiple operating systems (PC and Mac), and multiple computers. Also contacted my web host, WP-Engine, who has had other reports of this problem and believes it is a WordPress issue. Site is buildingadvisor.com. Thank you! sbb Future Releases 56539 Check if index in $args isset / ! empty before using it in Walker_Comment methods or create default $args in case if it is empty Comments normal normal Awaiting Review defect (bug) new has-patch 2022-09-09T08:23:59Z 2023-06-08T08:41:52Z "Taking into account the comments in #53449, I suggest local fix for the comments walker (wp-includes/class-walker-comment.php). Class Walker_Comment uses some $args indexes without checking if they exist. And in my case, they don't exist, $args are empty array and I am getting notices. I will consider adding $args into the call, but they are commented as optional and don't suppose to be used in such way. Examples: public function start_el uses: {{{ $args['short_ping'] $args['format'] }}} And {{{ $args['style'] }}} is used without checking that it exists in several methods - end_el, end_lvl, ping, comment, html5_comment, start_lvl. " oglekler Future Releases 46963 Comments meta box offset bug for custom comment types Comments normal normal Awaiting Review defect (bug) new has-patch 2019-04-17T13:13:39Z 2019-04-30T09:57:56Z "There is a conflict in the 'comments' meta box when used in combination with custom comment types. The `Show more comments` link loads duplicates, without an offset due to this line of code: https://github.com/WordPress/WordPress/blob/72979b167d913bf49745fa737654bdf6d13168de/wp-admin/js/post.js#L99 {{{ this.st = jQuery('#the-comment-list tr.comment:visible').length; }}} For custom comment types, the `comment` class may not exist. See how comment classes are generated here: https://github.com/WordPress/WordPress/blob/03240dd3f4442546562824bc6a10ed7c197bd6b2/wp-includes/comment-template.php#L466 {{{#!php comment_type ) ) ? 'comment' : $comment->comment_type; }}} You can see an example of this with WooCommerce which uses a comment type named 'review' (https://github.com/woocommerce/woocommerce/issues/23313). Because the comments out output without the `comment` class and instead they have a `review` class, the JS code fails to set the correct offset. Possible solutions: - Output `comment` class for custom comment types in addition to their custom class. - Revise jquery selector to be more generic e.g. count the `tr` elements instead." mikejolley Future Releases 35501 "Dashboard page: incorrect work of ""Activity"" group box bottom counters" adamsilverstein Comments 4.4.1 normal normal Future Release defect (bug) assigned has-patch 2016-01-17T21:22:17Z 2019-01-10T22:26:26Z "STEPS TO REPRODUCE Create new post, add comment through front end, go to dashboard page, click showed up menu items Approve/Unapprove/Spam/Trash in different combinations: - click ""Approve"" and quick click ""Trash"", - click ""Unapprove"" and quick click ""Trash"" - quick click ""Approve"" twice EXPECTED RESULT: bottom counters ""All"", ""Pending"", ""Approved"", ""Spam"", ""Trash"" counts correct. ACTUAL RESULT: see attachment." antonrinas Future Releases 48536 Allow cmd/ctrl-enter to submit comment forms in wp-admin davidbaumwald* Comments normal normal Future Release enhancement accepted dev-feedback 2019-11-08T12:02:30Z 2020-02-10T19:19:27Z "This is a follow-up on #41545 which says: > I think it'd be a nice enhancement for comment forms in both the admin and front end to submit this way. However, the r45790 introducing the feature does so only for frontend. Submitting comment by pressing ctrl/cmd + 'enter' does not seem to be working in wp-admin. It would be cool if the new feature could be added to wp-admin as well." david.binda Future Releases 43792 get_comment_excerpt filter should tell if the comment was shorted or not Comments normal normal Awaiting Review enhancement new dev-feedback 2018-04-17T22:14:58Z 2019-01-16T06:50:09Z "The design I am currently working on has long comments shortened to 100 words, and a 'show more' / 'show less' link is added. I only want to add the 'show more' text if the comment has been shortened. There is a filter before get_comment_excerpt() returns that I can use to add my link. However it does not pass along information about whether or not the comment was shortened. As a workaround I can check if the comment ends in ""…"", but it would make sense to add a boolean value to the filter arguments to make this easier/cleaner." mattkeys Future Releases 16252 Allow comment reparenting to fix poor threading Comments normal normal Future Release feature request new has-patch 2011-01-15T23:12:25Z 2023-11-23T06:26:37Z "For the OCD among us, it would be super nice to be able to edit the comment_parent, to properly thread comments made in the wrong place/threading order. Choose your own UI, but even just a numeric editor in the Quick Edit area would be a huge enhancement." Otto42 Future Releases 46540 Admin bar CSS shouldn't be added in the customizer Customize 4.5 normal normal Future Release defect (bug) new dev-feedback 2019-03-16T19:42:48Z 2021-05-30T19:49:09Z "I was playing with the Customizer selective refresh and noticed that the admin bar class WP_Admin_Bar doesn't check if the user is in the Customizer, thus it may add the 46px top margin and whatnots even if there is no admin bar. So to reproduce the bug, create a partial where the `render_callback` has wp_head() in it. " nabil_kadimi Future Releases 44820 CodeMirror in Customize - copy & paste bug Customize 4.9 normal minor Future Release defect (bug) new has-patch 2018-08-20T16:10:30Z 2023-02-26T14:56:51Z "Wrong behavior in CodeMirror: I go to **Customize > Additional CSS** and copy one selector including the opening curly bracket ""{"". I paste the copied text at the end of the content of the CSS textarea and press enter to create a new line. The new line won't be created, instead Autocompletion of CodeMirror is executed and the CSS attribute **''align-content''** is added. Animated screen capture as GIF: [https://hipp.design/media/code-mirror-copy-paste.gif] It only happens, when the selector is pasted at the end (of the textarea) and if the CSS field was already filled out and the Customize have been saved before. " dionysous Future Releases 46128 "Custom header ""Hide image"" button not displayed when randomizing images via theme setup" Customize 3.4 normal normal Awaiting Review defect (bug) new has-patch 2019-01-28T16:10:39Z 2019-12-11T21:33:31Z "**DESCRIPTION** When registering multiple [https://codex.wordpress.org/Custom_Headers custom header] images via theme code, and setting them to randomize (by enabling `random-default` custom header attribute), there is no ""**Hide image**"" button displayed. But the image should be displayed even in this case. The only way to enable ""**Hide image**"" button is to set `default-image` attribute during custom header registration in the theme code. But this actually effectively disables images randomization... ---- **HOW TO TEST/REPRODUCE** Append this code to Twenty Nineteen theme's `functions.php` file (without opening ` 'https://via.placeholder.com/1000x200/000099/ffffff?text=Image+default', 'random-default' => true, // Irrelevant, but required options: 'height' => 200, 'width' => 1000, ) ); // Registering some images to randomize from: register_default_headers( array( 'image-1' => array( 'url' => 'https://via.placeholder.com/1000x200/990000/ffffff?text=Image+1', 'thumbnail_url' => 'https://via.placeholder.com/250x50/990000/ffffff?text=Image+1', 'description' => 'Image 1', ), 'image-2' => array( 'url' => 'https://via.placeholder.com/1000x200/009900/ffffff?text=Image+2', 'thumbnail_url' => 'https://via.placeholder.com/250x50/009900/ffffff?text=Image+2', 'description' => 'Image 2', ), ) ); } add_action( 'after_setup_theme', 'test_custom_header_hide_button' ); // Display the custom header in theme footer for preview: add_action( 'wp_footer', 'the_custom_header_markup' ); }}} ---- **SCREENSHOT** [[Image(custom-header-setup-via-theme.png)]]" webmandesign Future Releases 39665 Customize: nav menu fallbacks don't get edit shortcuts Customize 4.7 normal normal Future Release defect (bug) new has-patch 2017-01-22T22:40:36Z 2017-10-18T19:52:19Z "`wp_nav_menu()` defaults to showing a menu of pages when no menu is set in a location. This is usually the case when a user first switches to a new theme. Since content is shown in the menu, I would expect to see an edit shortcut to be able to change what menu is displayed. But there isn't one. This is likely a bit of a technical challenge, but should be possible since the menu location is still there. There is a full refresh when switching a location to have an actual menu, so it's likely a matter of adding selective refresh support for menu fallbacks." celloexpressions Future Releases 36911 Customizer and Theme Installer spinners should have different z-index Customize 4.5 normal normal Future Release defect (bug) new has-patch 2016-05-22T17:25:39Z 2021-05-23T20:07:43Z "My bad, I think this has to do with some previous changes I've made on these spinners. Looks like after [36518] the ""loading"" spinner in the Customizer is hidden, at least in some browsers. While the spinners used in the Customizer and in the Theme installer are basically the same and so the CSS rule for them was grouped in just one rule in [36518], I think the only CSS property that has to be different is `z-index`. As far as I see, the Theme installer needs a value of `-1` but this will hide the spinner in the Customizer so it has to be `0` here. The fix would be trivial but I'd greatly appreciate some testing to confirm the issue, in different browsers." afercia Future Releases 48902 Customizer code editor CSS breaks on activate() (Or breaks when loaded later) Customize 4.9 normal normal Awaiting Review defect (bug) new has-patch 2019-12-06T13:37:55Z 2019-12-11T06:43:00Z "I've added css editor via {{{ WP_Customize_Code_Editor_Control() }}} which is hidden by default with provided active_callback. When activating control via JS in Customizer ex: {{{ wp.customize.control('my_custom_css').activate(); }}} it shows, but CodeMirror CSS is broken. " vukvukovich Future Releases 49009 Customizer header overlaps top of preview at small screen sizes Customize 5.3.1 normal normal Awaiting Review defect (bug) new has-patch 2019-12-17T10:19:20Z 2023-06-07T13:56:08Z "Hi, Design issue in customize.php on Twenty Twenty theme when preview page. For more information sees mention screenshot. Thanks" sumitsingh Future Releases 60236 Customizer’s Widget's component should only be loaded when not using a Block Theme Customize 5.9 normal normal 6.6 defect (bug) new has-patch 2024-01-11T23:53:34Z 2024-02-27T11:54:58Z "Hi, The BuddyPress plugin has a feature to customize the notification emails it sends when users interact. This feature uses the Customizer from the WP Admin context only. When the current theme is a Block Theme, previewing/customizing notification emails is generating this Warning notice: `PHP Warning: Attempt to read property ""title"" on null in /path/to/wordpress.develop/build/wp-includes/class-wp-customize-widgets.php on line 905` After some search into the `WP_Customize_Manager` class I noticed, although these kind of themes do not use the `widgets` component all corresponding Customizer controllers were loaded although this was not necessary. Disabling the Customizer `widgets` component using the `'customize_loaded_components'` filter removed this Warning notice, so I could use this from BuddyPress when these kind of themes are active on sites. But I believe WordPress should only make the Customizer's widgets component available when the active theme is not a Block theme as BuddyPress might not be the only plugin to use the Customizer even if a Block theme is the active one." imath Future Releases 42140 Incorrect use of plural in class-wp-customize-themes-section.php SergeyBiryukov Customize 4.9 normal normal Future Release defect (bug) reviewing dev-feedback 2017-10-08T07:05:41Z 2021-06-08T23:23:42Z "Use of {{{__()}}} where {{{_n()}}} is needed. /wp-includes/customize/class-wp-customize-themes-section.php {{{ /* translators: %s: number of themes displayed. */ echo sprintf( __( '%s themes' ), '0' ); }}} " tobifjellner Future Releases 37586 Menu customizer: search results not properly filtered Customize 4.3 normal normal Future Release defect (bug) new dev-feedback 2016-08-05T16:36:50Z 2019-10-06T09:10:16Z "{{{customize_nav_menu_available_item_types}}} is a filter located in {{{class-wp-customize-nav-menus.php}}}. The purpouse of this filter is to restrict item types available in the Menu Customizer. This filter should be applied even if I perform a research using the search field in Menu Customizer. But this does not happens. While in Menu Customizer, doing a research, in search results shows up even items of specific types excluded with {{{customize_nav_menu_available_item_types}}} filter. We can resolve this issue using another filter always located in the same class: the {{{customize_nav_menu_searched_items}}} filter. With this filter we can restrict the selections of items received from the search result just before sending them to the frontend (ajax response). But this could be considered only a workaround and not a solution, because items should be filtered/excluded by type BEFORE wordpress performs the query to the database. We should suppose that, if we uses the {{{customize_nav_menu_available_item_types}}} to filter item types available on Menu Customizer, most likely we do not want search for elements of theese item types. " virgodesign Future Releases 58183 PHP notice when accessing Customizer with a classic theme without widgets Customize normal normal Future Release defect (bug) new has-patch 2023-04-24T12:09:48Z 2024-02-22T20:59:37Z "If you open the Customizer with a classic theme that doesn't have any widget areas registered the following PHP warning is emitted: {{{ PHP Warning: Attempt to read property ""title"" on null in /var/www/html/wp-includes/class-wp-customize-widgets.php on line 905 PHP Stack trace: PHP 1. {main}() /var/www/html/wp-admin/customize.php:0 PHP 2. do_action($hook_name = 'customize_controls_print_footer_scripts') /var/www/html/wp-admin/customize.php:302 PHP 3. WP_Hook->do_action($args = [0 => '']) /var/www/html/wp-includes/plugin.php:517 PHP 4. WP_Hook->apply_filters($value = '', $args = [0 => '']) /var/www/html/wp-includes/class-wp-hook.php:332 PHP 5. WP_Customize_Widgets->output_widget_control_templates('') /var/www/html/wp-includes/class-wp-hook.php:308 }}} This seems to be similar to #54905. It seems that this is a similar issue, also mentioned by #56142, but not included in the fix deployed with [54419] since @westonruter wasn't able to reproduce it: https://core.trac.wordpress.org/ticket/54905#comment:38 This tickets adds the steps to reproduce it in the hope to then be able to find a fix. == Steps to reproduce 1. Create/Use a classic theme that does **not** have Widgets. 2. Open the customizer 3. Find the PHP warning in the logs. == Versions WordPress 6.2 PHP 8.2 (But also appears with other, older combinations, e.g. WP 5.9 and PHP 8.0)" kraftner Future Releases 47564 Protect against recursive customizer navigation menu data Customize normal normal Future Release defect (bug) new has-patch 2019-06-19T19:54:58Z 2021-05-31T16:27:33Z "Recursive data can slip into navigation menu structure but client-script currently has no protection against, resulting in browser freezing when trying to edit navigation menus. Attached patch changes `getDepth()` to keep track of parent navigation menu item ID to avoid recursion." donpark Future Releases 43896 Several flex and grid CSS properties listed as Unknown property in Customizer Customize 4.9 normal normal Future Release defect (bug) new has-patch 2018-04-29T01:11:57Z 2021-05-30T17:53:57Z "When I use the CSS editor in the Customizer it suggests element properties as I start typing them. One of the properties that it suggests is the justify-items property. When I save the settings in the Customizer I get a notice of ""Unknown property 'justify-items'."" I've checked some of the other flexbox and grid properties, and there are several others that this is the case for, namely: - justify-items - grid-gap - grid-column-gap - grid-row-gap - place-self The properties still work in supported browsers, they just display an error in the Customizer. Some valid values for properties that are recognized also give errors, such as the values of start and end for several grid properties." davidjlaietta Future Releases 47445 Unable to set rows attribute for textarea input in the Customizer Customize 5.2.1 normal normal Future Release defect (bug) new has-patch 2019-05-31T12:58:10Z 2021-05-31T16:18:48Z "Hi there, Currently, when a textarea input is added to the Customizer via WP_Customize_Manager::add_control(), the number of rows is fixed to 5. See [[https://core.trac.wordpress.org/browser/tags/5.2/src/wp-includes/class-wp-customize-manager.php#L4140|line 4140 of the Customize Manager]]. Could this be fixed to be 5 by default, but enables me to override this?" timhavinga Future Releases 46596 WP_Customize_Date_Time_Control class - date format ignores day of the month suffix (S) Customize 4.7 normal normal Awaiting Review defect (bug) new has-patch 2019-03-21T22:57:07Z 2019-03-22T18:32:31Z "When adding a date time control to the customizer using the WP_Customize_Date_Time_Control class with the add_control() method, the character for the day of the month suffix (S) is not replaced/stripped when formatting the date and gets displayed in the customizer. See attached image. Like other date formatting characters, the suffix should either be replaced with the get_option( 'date_format' ) value or be removed completely." F.Ilona Future Releases 44665 "Add a ""Create New Menu"" button to the menu widget" Customize 4.3 normal normal Future Release enhancement new has-patch 2018-07-29T00:32:39Z 2020-11-30T00:20:15Z "Menu widgets in the customizer have buttons to edit the selected menu, which cross-link to the menus customizer panel. Before a menu is selected, there should be a ""Create New Menu"" button that links to the new menu section and automatically assigns the menu to the corresponding widget. This would be a big improvement in user flow, particularly for new users trying the menu widget for the first time, who may not understand the relationship between widget and menu objects. The UI should match the existing edit menu button." celloexpressions Future Releases 47692 Optgroup in Customizer Select Control Customize 3.4 normal normal Future Release enhancement new has-patch 2019-07-13T07:11:07Z 2020-07-27T02:09:14Z Optgroup add in Customizer Select Control chintan1896 Future Releases 44976 Proposal to add deregister_control_type(), deregister_panel_type() and deregister_section_type() methods to WP_Customize_Manager Customize normal normal Awaiting Review enhancement assigned dev-feedback 2018-09-21T06:17:24Z 2019-06-01T15:47:37Z "Today was the time I wish I am able to remove a registered customizer control. I also have a patch to implement a deregister_control_type()" Collizo4sky Future Releases 38797 api.previewer.refresh() could return a deferred.promise() with custom server data Customize normal normal Future Release enhancement new has-patch 2016-11-15T09:49:46Z 2021-05-24T00:02:52Z "Following a discussion (https://core.trac.wordpress.org/ticket/38728#comment:8) with @westonruter, I'd like to propose an enhancement for the `api.previewer.refresh(`) method. There might be cases when a developer needs to fire a previewer refresh after a specific customizer change, and execute other actions when this refresh has been done. From a general standpoint, I think that the asynchronous nature of the refresh makes it a good candidate for returning a deferred promise. An example of use case could be that a developer has several predefined settings configuration available for a given theme. Each time a configuration is switched to, the settings have to be changed to a set of predefined values set in the api. Those predefined values are stored server side in say a custom post type ( like the changeset for ex. ). A way to do that would be to fire an `api.previewer.refresh()` when switching to a given predefined configuration, that would be followed on `api.previewer.refresh().done( ... )` by an update of the api values, if some conditions are met. With the current api, we can add callbacks to the `'synced'` previewer event, but it will be fired on all `api.previewer.refresh()` calls, with no possibility to target a specific refresh situation that should be followed by a custom action. This problem could be solved by making the refresh return a deferred promise. This $.Deferred() would be resolve() in the `onceSynced()` callback function (of the current refreh method), taking a `sent_preview_data` object as param. While this deferred would be implemented in the `api.previewer.refresh(`) method of customize-control.js, another minor addition in customize-preview.js could allow developers to easily pass custom server data on refresh to the panel this way, and then use those data once the refresh is done. This way, it would be possible to use the following kind of syntax to fire an action on demand after a specific refresh(). {{{ api.previewer.refresh().done( function( sent_preview_data ) { // fire actions after a specific refresh, when the preview is ready and synced // the sent_preview_data, could be an object sent when the api.preview.send( 'synced', preview_data() ), // providing customizable server informations that we may need after a refresh. } ); }}} On the preview side, in order to pass a server data object to the resolve refresh, the idea would be to introduce a `new api.Value()` that could be populated before the synced event occurence. The current code in [customize-preview.js]https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/customize-preview.js#L679 : {{{ api.preview.send( 'synced'); }}} could be replaced by : {{{ api.server_data = api.server_data || new api.Value( {} ); api.trigger('before_synced', api.server_data() );//<= developers can alter the api.server_data() here, before it gets sent api.preview.send( 'synced', api.server_data() ); }}} This way, a developer could pass custom data to the panel when `api.previewer.refresh().done()`, using the `synced` event, with this type of code : {{{ has_connected ) { $this->db_connect(); } if ( ! $this->ready ) { $this->check_current_query = true; return false; } }}} " spacedmonkey Future Releases 54042 Extending wpdb::prepare() to support IN() operator Database normal normal Future Release enhancement new changes-requested 2021-08-31T14:23:26Z 2023-09-17T10:53:12Z "wpdb::prepare() helps avoid SQL Injection vulnerabilities, by escaping most variables correctly. WP 6.1 added support for Identifiers (table/field names) with `%i`, in #52506. But it's also fairly common to make a mistake to include values with the `IN()` operator, for example: {{{#!php prepare('WHERE id IN (%...d)', $ids); }}} Where `%...d` or `%...s` would safely (and easily) include a comma separated array of integers or strings - taking the idea of using '...' for variadics in PHP. https://wiki.php.net/rfc/variadics https://www.php.net/manual/en/functions.arguments.php#functions.variable-arg-list https://dev.mysql.com/doc/refman/8.0/en/comparison-operators.html#operator_in" craigfrancis Future Releases 43019 Hook to validate post form data before save Database normal major Awaiting Review enhancement new has-patch 2018-01-04T13:23:07Z 2021-10-28T03:26:41Z "There doesn't seem to be a hook available to validate form data before a post is saved. In my case I'm considering using JavaScript to validate the post title, content and meta but would prefer to do this validation server side. Can we add a hook?" henry.wright Future Releases 54346 Slow SQL queries fetching posts from specific categories craigfrancis* Database normal normal Future Release enhancement accepted has-patch 2021-10-30T11:05:53Z 2023-12-11T00:44:48Z "Noticed that REST API queries used in mobile app are very slow and found that such SQL queries can be optimized to be 10 times faster (1.8134 seconds vs. 0.1804 seconds) for wp_posts table having 800k records, see below. Very similar queries are used when displaying posts from specific categories on the web, meaning optimizing this could lead to significant speed up everywhere. The one responsible for this is WP_Tax_Query->get_sql_for_clause function. REST API to fetch posts from specific categories, e.g. `/wp-json/wp/v2/posts/?per_page=10&_embed=1&categories=63545,63546,63547,63548,63549,63552,76287&page=1` executes the following SQL query: {{{ SELECT wp_posts.ID FROM wp_posts LEFT JOIN wp_term_relationships ON ( wp_posts.ID = wp_term_relationships.object_id ) WHERE 1 = 1 AND ( wp_term_relationships.term_taxonomy_id IN ( 63545, 63546, 63547, 63548, 63549, 63552, 76287 ) ) AND wp_posts.post_type = 'post' AND( (wp_posts.post_status = 'publish') ) GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 10 }}} Query took 1.8134 seconds. This query can be optimized by using subquery: {{{ SELECT wp_posts.ID FROM wp_posts WHERE wp_posts.ID IN ( SELECT object_id FROM wp_term_relationships WHERE wp_term_relationships.term_taxonomy_id IN ( 63545, 63546, 63547, 63548, 63549, 63552, 76287 ) ) AND wp_posts.post_type = 'post' AND wp_posts.post_status = 'publish' ORDER BY wp_posts.post_date DESC LIMIT 0, 10 }}} Query took 0.1804 seconds seconds. " Krstarica Future Releases 40357 dbDelta can't change primary keys, create AUTO_INCREMENT columns and doesn't make significant index changes Database 4.8 normal normal Awaiting Review enhancement new needs-unit-tests 2017-04-04T17:20:04Z 2017-04-04T18:21:02Z "dbDelta has three inter-related issues which center around changing indexes. 1) It isn't possible to change which column is the primary key 2) It isn't possible to add a new AUTO_INCREMENT column 2b) It isn't possible to modify an existing AUTO_INCREMENT to no longer be AUTO_INCREMENT 3) Indices with the same name are not dropped/re-created, even when the index definition is changed significantly. == Use case == A client had been tracking inventory in a custom table where the product ID was the primary key. When he opened a new location, we added a location column, and wanted to be able to track how many of each product was in each location. 1. A table's purpose is being expanded, or otherwise doesn't meet the needs of the data. Since the primary key is unique, we needed to add a new key column and change which column was designated as the primary key. 2. A table was originally defined without an AUTO_INCREMENT column and the need for such a column arises. The new column we wanted to add and use for the key was simply an AUTO_INCREMENT integer column. In testing we defined the new column and also defined a new UNIQUE index (so, not changing the primary key yet). Since dbDelta adds new columns before adding the new indices, and in separate ALTER TABLE statements, MySQL refuses to add a new AUTO_INCREMENT column without an index. The solution is to add the new column without the AUTO_INCREMENT designation, then add the UNIQUE index, then alter the table to use AUTO_INCREMENT. 3. A primary (or other key) could be significantly and intentionally altered, significantly changing how queries are run. I understand that WP doesn't want to drop and recreate indices when changing the sub-part of an index (see: https://core.trac.wordpress.org/ticket/34870#comment:21) However I think that it should change the index, if the definition is significantly altered. In the use case above, we could've changed the primary key to be `PRIMARY KEY(productId,location)` instead of adding a new column and switching the index to that column. In other use cases, changing from a BTREE to FULLTEXT index would change which types of queries need to a full table scan. == This Patch == This patch does the following: 1. You can now add a new AUTO_INCREMENT column to an existing table When a new AUTO_INCREMENT column is added to an existing table, the column creation is done in two parts. First the column is created as a non-AUTO_INCREMENT column, and a separate `ALTER TABLE` statement is set to run after index creation to enable AUTO_INCREMENT. Note: The CREATE TABLE statement given to dbDelta must provide the required indexes that MySQL expects. 2. You can now modify a column with AUTO_INCREMENT to no longer use AUTO_INCREMENT 3. You can change which column is the primary key 4. Significant index definitions cause an index to be dropped and re-created The cases that cause an index to be dropped and re-created are: * An index which wasn't UNIQUE, but now is or vice-versa * An index which changes index type (eg. FULLTEXT => BTREE) * An index which contains a different number of columns * An index which contains a different column order * An index which contains different columns Note: Changing the index sub-part or no longer defining the index in the table does not cause it to be dropped. == Other notes == 1. I've tried to use WP coding standards and comment my code well. I'd love feedback if there are things I can do better. 2. I've included a file, test.php which takes 13 table definitions, takes them two at a time, and converts between each possible combination. To run it, put it in the root WordPress directory and run `php ./test.php`. 3. Also, the dbDelta phpunit tests still pass." stuporglue Future Releases 58871 support uca14.0.0 collation in database where available Database 6.3 normal normal Awaiting Review enhancement new has-patch 2023-07-20T23:36:30Z 2023-09-25T00:17:50Z "Like #32105 supporting a modern collation is a good idea. MariaDB added this in 10.10.1 (ref: https://jira.mariadb.org/browse/MDEV-27009). As the current default is case insensitive, we'll follow the same insensitivity and use accent insensitive. So of the collations available, use uca1400_ai_ci. ref: https://mariadb.com/kb/en/supported-character-sets-and-collations/#collations" danielblack Future Releases 15332 dbDelta($query) - do not create view Database 3.0.1 normal normal Future Release feature request reopened needs-unit-tests 2010-11-07T14:23:52Z 2018-07-30T08:45:42Z "during plugin creation I create few tables with dbDelta($query). that is working without problems. But on the end I create two views on this tables with dbDelta($query) - that is not working. The views are not created. The sql is ok, manually the create works." christian_gnoth Future Releases 57035 Error in current_time() function when using timestamp and no value for gmt_offset audrasjb Date/Time 5.3 normal normal 6.6 defect (bug) reopened dev-feedback 2022-11-08T13:28:40Z 2024-02-18T14:59:54Z "This may be a but of an edge case, but if the gmt_offset is not set correctly a string is returned and then used in math to multiply against HOUR_IN_SECONDS. In PHP 7 and earlier this is dismissed as a warning so processing continues, but in PHP 8 this throws a fatal error. It looks like the function has some typecasting, but it is placed in the wrong spot. {{{ // Don't use non-GMT timestamp, unless you know the difference and really need to. if ( 'timestamp' === $type || 'U' === $type ) { return $gmt ? time() : time() + (int) ( get_option( 'gmt_offset' ) * HOUR_IN_SECONDS ); } }}} Should be {{{ // Don't use non-GMT timestamp, unless you know the difference and really need to. if ( 'timestamp' === $type || 'U' === $type ) { return $gmt ? time() : time() + ( (int) get_option( 'gmt_offset' ) * HOUR_IN_SECONDS ); } }}} Again, this is potentially an edge case. Another ticket, #56358, was reported and closed when the user discovered a work around, but I think this fix is pretty simple and will solve for weird edge cases that can break sites in php8." Nick_theGeek Future Releases 53236 Nonce lifespans are inaccurate and unintuitively affected by timezones Date/Time 2.5 normal minor Awaiting Review defect (bug) new needs-unit-tests 2021-05-20T09:51:46Z 2021-06-02T04:37:01Z "The docs on [[https://developer.wordpress.org/reference/functions/wp_verify_nonce/|wp_verify_nonce()]] specify that nonces are either 0-12 or 12-24 hours old by default, but this isn't true. In reality, the value `1` means < 12 hours old, but `2` means anywhere from 1 second to < 24 hours old. Observe what happens to the nonce tick value over a day: ||=local time=||=seconds since epoch=||=tick=|| ||2021-05-20T00:00:00+03:00||1621458000||37534|| ||2021-05-20T01:00:00+03:00||1621461600||37534|| ||2021-05-20T02:00:00+03:00||1621465200||37534|| ||2021-05-20T03:00:00+03:00||1621468800||37534|| ||2021-05-20T04:00:00+03:00||1621472400||37535|| ||2021-05-20T05:00:00+03:00||1621476000||37535|| ||2021-05-20T06:00:00+03:00||1621479600||37535|| ||2021-05-20T07:00:00+03:00||1621483200||37535|| ||2021-05-20T08:00:00+03:00||1621486800||37535|| ||2021-05-20T09:00:00+03:00||1621490400||37535|| ||2021-05-20T10:00:00+03:00||1621494000||37535|| ||2021-05-20T11:00:00+03:00||1621497600||37535|| ||2021-05-20T12:00:00+03:00||1621501200||37535|| ||2021-05-20T13:00:00+03:00||1621504800||37535|| ||2021-05-20T14:00:00+03:00||1621508400||37535|| ||2021-05-20T15:00:00+03:00||1621512000||37535|| ||2021-05-20T16:00:00+03:00||1621515600||37536|| ||2021-05-20T17:00:00+03:00||1621519200||37536|| ||2021-05-20T18:00:00+03:00||1621522800||37536|| ||2021-05-20T19:00:00+03:00||1621526400||37536|| ||2021-05-20T20:00:00+03:00||1621530000||37536|| ||2021-05-20T21:00:00+03:00||1621533600||37536|| ||2021-05-20T22:00:00+03:00||1621537200||37536|| ||2021-05-20T23:00:00+03:00||1621540800||37536|| …and over the boundary of a tick: ||=local time=||=seconds since epoch=||=tick=|| ||2021-05-20T14:59:58+03:00||1621511998||7535|| ||2021-05-20T14:59:59+03:00||1621511999||7535|| ||2021-05-20T15:00:00+03:00||1621512000||7535|| ||2021-05-20T15:00:01+03:00||1621512001||7536|| ||2021-05-20T15:00:02+03:00||1621512002||7536|| In this example, you can see that a nonce generated at 3pm and verified one second later will return 2 because of the tick change. The ticks do not align with timezones due to their basis in universal time, so nonces will always appear “old” to your code at certain times of the day, as touched on in ticket:33635#comment:2. I haven't thought of a way to reduce the huge variance in ages that have equal nonce values, but I did think of a way to make them more predictable. I've attached a patch that would align ticks to WP's timezone so there would be a predictable two ticks per calendar day, a.m. and p.m., starting at 00:00." lev0 Future Releases 58986 TypeError: Unsupported operand types: string * int * Date/Time 6.2.2 normal normal Future Release defect (bug) reopened dev-feedback 2023-08-05T17:08:48Z 2024-03-18T17:57:31Z "Path: `/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php` File: `class-wp-rest-posts-controller.php` Line: 1833 **Expression Error:** `get_option('gmt_offset') * HOUR_IN_SECONDS` **Rais Exception:** `TypeError: Unsupported operand types: string * int` Suggested Fix: `intval(get_option('gmt_offset')) * HOUR_IN_SECONDS` Thanks " nurielmeni Future Releases 44835 Add a hidden input for 'original_post_status' to the inline-edit rows so it's available on the $_POST in save_post SergeyBiryukov Editor normal normal Future Release defect (bug) reviewing has-patch 2018-08-23T20:14:05Z 2019-01-21T22:49:01Z "Hello, Can we add a hidden input for 'original_post_status' into the '.inline-edit-save' div found in the inline-edit rows so that it's available on the $_POST object form save_post as it is when you save a post from the post edit screen. Background: I am writing a plugin for a client to introduce Draft Revisions on published posts. I have a cleanup function tied to save_post which purges the Draft Revisions if the post being saved has a status of 'publish' or was previously 'publish'. From normal post submission the original_post_status is available on the $_POST as it's a hidden input on the post editor. From inline-edits this fails as there's no hidden input for original_post_status. I searched for some time to come up with a solution and settled on a jquery trigger which injected the missing input when the inline-edit row opens. With it present the existing ajax/etc fires properly and populated the missing `$_POST['original_post_status']` that I required. Proposition: Add the hidden input for original_post_status onto the inline edit rows to make that information available to save_post. Thank you " garrett-eclipse Future Releases 48787 "Classic Editor user interface CSS inconsistencies when toggling ""Enable full-height editor ...""" sabernhardt* Editor normal normal Future Release defect (bug) accepted has-patch 2019-11-25T10:28:30Z 2021-11-15T22:09:14Z "Splitting this out from #47477 after @johnjamesjacoby's feedback. When toggling the ""Enable full-height editor and distraction-free functionality"" setting, it appears the Classic Editor toolbar gets some CSS rules that make it look inconsistent depending on the state of the setting. Part of these inconsistencies are new in WordPress 5.3, while other inconsistencies can be reproduced on WordPress 5.2 thus are pre-existing to the recent CSS changes. Please refer to the attached animated GIFs below for better clarity. - #48101 changed the border color of various ""boxes"" in the admin from `#e5e5e5` to `#ccd0d4`. In the Classic Editor, seems that the new color applies only to the toolbar top border and only when ""Enable full-height ..."" is on. - The other toolbar borders and the bottom padding change when toggling the setting also on WordPress 5.2. Not sure this is intentional or if there's a good reason to have a different styling. I'd tend to think these are probably inconsistencies happened over time that should be fixed. Worth noting the Classic Editor will still be supported for a couple years but it's not meant to get new functionalities or improvements. Only bug fixes will be addressed. Personally, I'd be in favour of fixing these inconsistencies because they don't appear to be terribly complicated and the fix won't likely break anything. I'd also suggest to use the new border color `#ccd0d4` for better contrast." afercia Future Releases 29159 Classic editor: Visual editor is disabled when user agent is obscured by a proxy Editor 2.0 normal normal Future Release defect (bug) new needs-unit-tests 2014-08-08T23:54:26Z 2020-11-24T04:56:39Z "user-agent checking is removing visual editor in function user_can_richedit. It took us many days to find a problem, which is described here: http://www.benjaminhorn.se/code/wordpress-visual-editor-not-visible-because-of-user-agent-sniffing/ It is not sensible to use user-agent as a check whether to show visual editor. Hopefully this check can be amended or removed in future WP versions. There are various hosting environments where this check fails. Plus you would constantly need to manually add new strings over time. We need to write plugins or theme hacks to circumvent this problem (that is after spending days of struggling to pinpoint the problem)." vmuryginIB Future Releases 19173 Issues with wp_editor() when used inside of a meta box. azaozz Editor 3.3 normal normal Awaiting Review defect (bug) reopened has-patch 2011-11-06T07:16:40Z 2021-07-07T18:20:53Z "I ran into a couple of obscure issues when adding an editor inside of a meta box. Errors are generated when moving the meta box around and then switching between the Visual and HTML editors. Also, the resize handle (.mceResize) is a bit too low when viewing the Visual tab when our custom editor has been added within a meta box. Tested in FF7 7.0.1 WPv3.3beta2 I'm adding the Editor within a meta box because it's the easiest way to add an Editor field type within the meta box/ CPT plugin I've made. It seems like it will be a common use case. Here's a simple plugin that adds an editor within a meta box. {{{ ID, '_wp_editor_test_1', false ); wp_editor( $field_value[0], '_wp_editor_test_1' ); } /* When the post is saved, saves our custom data */ function myplugin_save_postdata( $post_id ) { // verify if this is an auto save routine. // If it is our form has not been submitted, so we dont want to do anything if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) return; // verify this came from the our screen and with proper authorization, // because save_post can be triggered at other times if ( ( isset ( $_POST['myplugin_noncename'] ) ) && ( ! wp_verify_nonce( $_POST['myplugin_noncename'], plugin_basename( __FILE__ ) ) ) ) return; // Check permissions if ( ( isset ( $_POST['post_type'] ) ) && ( 'page' == $_POST['post_type'] ) ) { if ( ! current_user_can( 'edit_page', $post_id ) ) { return; } } else { if ( ! current_user_can( 'edit_post', $post_id ) ) { return; } } // OK, we're authenticated: we need to find and save the data if ( isset ( $_POST['_wp_editor_test_1'] ) ) { update_post_meta( $post_id, '_wp_editor_test_1', $_POST['_wp_editor_test_1'] ); } } }}} '''Case 1:''' Steps to reproduce error:[[BR]] Activate test plugin.[[BR]] HTML tab is selected in our custom editor instance.[[BR]] Drag meta box containing editor around (ensuring the jQuery UI Sortable drop placeholder shows up, but the box does not need to be docked to a new location)[[BR]] Release the box[[BR]] Switch to the editor's Visual tab[[BR]] '''The following error occurs:''' j is null In file: /wp-includes/js/tinymce/wp-tinymce.php?c=1&ver=345-20110918 The top row of tinymce icons is also duplicated. Once the error occurs, we can no longer switch between tabs. '''Case 2:''' Steps to reproduce error:[[BR]] Activate test plugin.[[BR]] Visual tab selected.[[BR]] Drag meta box containing editor around.[[BR]] Release the box.[[BR]] switch to the editor's HTML tab.[[BR]] '''The following error occurs:''' Component returned failure code: 0x8000ffff (NS_ERROR_UNEXPECTED) [nsIDOMHTMLDocument.implementation] In file: /wp-includes/js/tinymce/wp-tinymce.php?c=1&ver=345-20110918 Note: It may take a couple of tries when switching between visual/HTML tabs to trigger the errors. Sometimes the errors won't happen, but usually they do." goto10 Future Releases 58132 Slashes used in block templates slug is a problem on Windows Editor 5.9 normal normal 6.6 defect (bug) new dev-feedback 2023-04-14T11:26:33Z 2024-02-29T21:46:03Z "Generally, they are all stored flat in the theme `templates` or `block-templates` folder; we have no problem here. But when they are stored deep under some folder/s, the slug checks won't pass on Windows. This is because finding the template paths [https://developer.wordpress.org/reference/functions/_get_block_templates_paths] return backslashes `\` and [https://core.trac.wordpress.org/browser/tags/6.2/src/wp-includes/block-template-utils.php#L313] currently only does `substr` extracts to come up with a slug that is passed to [https://developer.wordpress.org/reference/functions/_build_block_template_result_from_file/], which eventually fails line [https://core.trac.wordpress.org/browser/tags/6.2/src/wp-includes/block-template-utils.php#L981] as the slugs in the query are using forward slashes `\`." gaft Future Releases 45493 Square brackets in caption shortcode produce improper formatting Editor 4.9.8 normal normal Future Release defect (bug) reopened has-patch 2018-12-05T21:29:24Z 2023-07-27T03:14:55Z "If [square] brackets are placed inside of a {{{ [caption] }}} shortcode, the resulting formatting is broken when the captioned image is surrounded by text content. If you paste the following into the text editor, switch to visual, and then back to text, you'll notice the line break after the caption disappears. {{{ Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. [caption id=""attachment_143591"" align=""aligncenter"" width=""700""] This is a caption with some [square] braces that make it appear like another shortcode.[/caption] Duis autem vel eum iriure dolor in hendrerit in vulputate velit esse molestie consequat, vel illum dolore eu feugiat nulla facilisis at vero eros et accumsan et iusto odio dignissim qui blandit praesent luptatum zzril delenit augue duis dolore te feugait nulla facilisi. Lorem ipsum dolor sit amet, consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. }}} I'm not sure why this is happening, it may be related to some code thinking that the square brace inside the caption indicates it may be another shortcode. Escaping the shortcode using double brackets didn't have any affect." Christian1012 Future Releases 58362 Twenty Ten - Table block having issue with font size on editor side. Editor 6.2 normal critical Awaiting Review defect (bug) new has-patch 2023-05-20T07:50:08Z 2024-01-11T10:20:30Z "Steps to reproduce the issue:- Activate Twenty Ten Theme. Choose Table block. Add some text to the table. Now change the font size and check it on both the side editor and user side. You can able to see the change on the front side but the editor side have no change even after applying a different style font size. I have attached a video for better understanding. Video URL:- https://video.drift.com/v/abqA2x1QjxW/" iamfarhan09 Future Releases 40759 Word Count Discrepancies Editor normal normal Awaiting Review defect (bug) new has-patch 2017-05-14T12:36:09Z 2020-11-24T06:27:13Z "I've noticed several discrepancies between how WordPress, Pages, Google Docs, and Word count words. Given the following text, all four count things quite differently. {{{ a 1 foo-bar e.g. jack & jill 5 @ $4.99 . fuzz@baz.blog }}} || ||= WordPress =||= Word =||= Pages =||= Docs =|| || Individual Words (a, jack, jill) || 3 || 3 || 3 || 3 || || Individual Numbers (1, 5) || 0 || 2 || 2 || 2 || || Hyphenated Words (foo-bar) || 1 || 1 || 2 || 1 || || Abbreviations (e.g.) || 1 || 1 || 2 || 2 || || Punctuation that translates to a word (&) || 0 || 1 || 0 || 0 || || Punctuation that translates to a word in this usage (@) || 0 || 1 || 0 || 0 || || Punctuation that doesn't translate to a word (.) || 0 || 1 || 0 || 0 || || Compound number ($4.99) || 0 || 1 || 1 || 2 || || Email address (`fuzz@baz.blog`) || 1 || 1 || 3 || 3 || I tend to fall in the camp of ""what would a reasonable native speaker count as a word"", which is probably closest to Word's definition, minus the punctuation that doesn't translate to a word." pento Future Releases 54931 get_block_template filter not fired when template saved in posts Editor 5.9 normal normal Awaiting Review defect (bug) new has-patch 2022-01-26T15:45:54Z 2023-10-15T14:56:16Z "The `\get_block_template()` function fires a 'get_block_template' filter at the end that allows for plugins to filter the content etc. However, this only works if the template was retrieved from a theme's template file, if the template has been edited it is saved into the `posts` table. When a template (part) is found in the `posts` table the function exits early with the found template but does not wrap the return in a call to the 'get_block_template'. This means plugins and custom code do not get a chance to filter the template's content or properties when re-editing after a template has had an initial edit." ianmjones Future Releases 59043 the_excerpt() function return excerpt with different length in page load and ajax request on WordPress 6.3 Editor 6.3 normal normal 6.6 defect (bug) reopened has-patch 2023-08-10T07:17:00Z 2024-03-13T11:03:38Z "I'm using `the_excerpt()` function in a post loop that display posts from a custom WP query for ""Post"" post type. Using the same query with pagination parameter and same post loop to display more posts using AJAX. Recently I noticed that the excerpt length was different on page load & AJAX load. I think, it's started after updating to WordPress 6.3. Another user also raised a related support thread in support forum. https://wordpress.org/support/topic/unexpected-behavior-in-post-loop-after-sending-ajax-request/" sarathlal Future Releases 58801 Prefetch Block Editor from Posts page adamsilverstein Editor normal normal Future Release enhancement assigned needs-unit-tests 2023-07-13T15:44:37Z 2023-12-04T22:00:53Z "One of the most common user journeys in wp-admin for creating or editing a Post is navigating to the Posts page (`wp-admin/edit.php`) then to the Block Editor (either by clicking a post to edit or clicking the ""New Post"" button or sidebar menu). We can greatly increase up the speed with which the editor loads by prefetching the edit screen once the user reaches the Posts page. Prefetch will ""prime the html cache"" for all of the resources needed by the editor, resulting in the editor loading much faster for users. Note: since users can also reach the editor from the wp-admin bar, we might want to consider adding prefetch when the user interacts or opens the ""New"" menu. However, to keep this initial proposal small and easier to test I decided to limit the scope to the Posts page." adamsilverstein Future Releases 53076 Press This: Add filters to allow custom Press This plugins kraftbj* Editor 4.9 normal normal Future Release enhancement accepted has-patch 2021-04-22T19:38:03Z 2021-05-24T14:59:02Z "The Press This feature of WordPress was spun out of Core in 4.9 as into a ""canonical plugin"". The Core side code presumes the canonical plugin is the only implementation. If a site owner wants a custom version of Press This, they are required to hack the plugin in some way (set the version super high and edit the files, replace it with something of a high version, etc to ensure the plugin is updated back to stock by WordPress). This also limits what site owners can do—selective versions of Press This based on who is logged in, A/B tests of different Press This's, etc. Request a few filters added to wp-admin/press-this.php to allow for alternative implementations. " kraftbj Future Releases 42645 Support passing version number to add_editor_style() dinhtungdu Editor normal normal Future Release enhancement assigned has-patch 2017-11-20T23:11:26Z 2019-09-24T17:53:40Z For automagically flushing browser cache, it would be helpful if `add_editor_style()` supported a version number argument. danielbachhuber Future Releases 44610 Allow Youtube-Player to use youtube-nocookie.com URLS to avoid setting cookies. Embeds 4.9.7 normal normal Future Release enhancement assigned has-patch 2018-07-19T07:59:59Z 2023-05-26T12:40:39Z "The file ""wp-includes/class-wp-customize-manager.php"" includes a function ""_validate_external_header_video( $validity, $value )"". The regex used in this function is incomplete, as some urls are invalidated in the customizer. What is interesting is that the regex used in ""wp-includes/js/wp-custom-header.js"" (which actually sets the youtube video), is different and validates e.g the youtube-nocookie.com URLs, that I think more people will need due to GDPR. In the javascript file, it actually quotes a stackoverflow regex found at: http://stackoverflow.com/a/27728417 **Proposal:** Update the regex in ""wp-includes/class-wp-customize-manager.php"" (line 5664) to match the one used in ""wp-includes/js/wp-custom-header.js"" (line 379)." jepperask Future Releases 23431 [embed] shortcode doesn't work with do_shortcode() Embeds 3.5 normal normal Future Release feature request new needs-unit-tests 2013-02-09T15:05:02Z 2022-07-15T15:43:20Z It would be preferable to use the [embed] shortcode through do_shortcode rather than apply_filters( 'the_content',... in order to avoid sharing plugins, related posts plugins etc appending content to something that could simple be post meta, i.e. looking to convert a youtube url to a video. jtsternberg Future Releases 7813 export function does not preserve encoding tott Export 2.7 normal minor Future Release defect (bug) new has-patch 2008-09-30T20:07:25Z 2019-03-15T00:31:35Z "when exporting strings are always converted to utf-8 while header and encoding is set to encoding used in blog. this causes trouble when importing later." tott Future Releases 54034 Update jQuery UI Touch Punch to the latest version Hareesh Pillai External Libraries normal normal Future Release enhancement assigned changes-requested 2021-08-28T19:39:10Z 2023-03-23T17:20:07Z A new version of jQuery UI Touch Punch is available ([https://github.com/furf/jquery-ui-touch-punch/blob/master/jquery.ui.touch-punch.min.js v 0.2.3]). However, this version was released 7 years ago and might have issues while updating. Hareesh Pillai Future Releases 51812 Update jQuery step three SergeyBiryukov External Libraries normal normal Future Release task (blessed) reviewing has-patch 2020-11-18T09:34:57Z 2024-01-27T08:55:38Z "Follow up from #37110 and #50564. Remove jQuery Migrate 3.3.x. This ticket represents step 3 in the following roadmap for updating jQuery to 3.x in Core: https://make.wordpress.org/core/2020/06/29/updating-jquery-version-shipped-with-wordpress/. " azaozz Future Releases 48689 PHP warnings after updating to WP 5.3: ftp_nlist() and ftp_pwd() expect missing parameters costdev Filesystem API 5.3 normal minor 6.6 defect (bug) assigned needs-unit-tests 2019-11-17T23:24:37Z 2024-02-06T05:48:16Z "I updated several websites to WP 5.3 without any problems. But on one wesite I got these PHP warnings both in the backend and in the website: {{{ Warning: ftp_nlist() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 402 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_nlist() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 402 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 681 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: Cannot modify header information - headers already sent by (output started at /wp-admin/includes/class-wp-filesystem-ftpext.php:402) in /wp-includes/functions.php on line 5946 Warning: Cannot modify header information - headers already sent by (output started at /wp-admin/includes/class-wp-filesystem-ftpext.php:402) in /wp-admin/includes/misc.php on line 1252 Warning: Cannot modify header information - headers already sent by (output started at /wp-admin/includes/class-wp-filesystem-ftpext.php:402) in /wp-admin/admin-header.php on line 9 }}} I suppressed the ouput by ""muting"" the function calls with '@' in the file 'class-wp-filesystem-ftpext.php', i.e. changed {{{ftp_nlist()}}} to {{{@ftp_nlist()}}} etc.. I will be glad if any reason can be found and fixed until the next WP upgrade. " Hinjiriyo Future Releases 36710 Symlinked directories should not be deleted recursively Filesystem API normal major Future Release defect (bug) new has-patch 2016-04-28T21:51:47Z 2023-06-20T03:06:48Z "When deleting a symlinked plugin, the current behavior is to recursively delete everything in the plugin's real directory and then fail to unlink the symlink because rmdir won't work on a symlink. This is probably not what the site admin intended when they installed the plugin via a symlink. The desired behavior is to unlink only the symlink, leaving the external directory intact so that other symlinks remain intact. My patch fixes this in WP_Filesystem rather than in the plugin deletion logic because it seems generally applicable to the use cases for symlinks. What makes this hard is that trailing slashes are significant when dealing with symlinked directories. The trailing slash causes the link to be followed: {{{ is_link('/link/') => false is_link('/link') => true }}} The patch fixes deletion of symlinked plugins: it unlinks the symlink and leaves the real files intact. It should be carefully checked against other uses of delete because they might not include the trailing slash. In such cases, adding a trailing slash to the new `is_dir()` check might help. Could be a minefield, could be fine. Related to #29408 but not a duplicate." andy Future Releases 58541 WP_Filesystem_SSH2:put_contents (and others) does not check for $sftp_link to be up Filesystem API normal major Future Release defect (bug) new changes-requested 2023-06-15T06:47:39Z 2023-10-27T14:18:47Z "This is a bit long, as I need to explain the reason why it is a problem not to check for the link '$sftp_link' to be up. In short: WordPress allows choosing between various FS_METHODS (wp-config.php), e.g. 'direct' or 'ssh2'. While neither choice will affect WordPress updating itself at all, it has implications when some plugins updating files writing content to a file (htaccess, css etc) via {{{ $wp_filesystem->put_contents($file, $content); }}} The function put_contents should check whether the link is up. There is a big difference how one needs to setup the '$wp_filesystem' instance if you use 'direct' or 'ssh2' - the first one does not need to connect, the second needs to setup a connection before being able to write. For FS_METHODS 'direct': {{{ global $wp_filesystem; if(empty($wp_filesystem)) { require_once ABSPATH . '/wp-admin/includes/file.php'; WP_Filesystem(); } $wp_filesystem->put_contents($file, $content); }}} For FS_METHODS 'ssh2': {{{ global $wp_filesystem; if(empty($wp_filesystem)) { require_once ABSPATH . '/wp-admin/includes/file.php'; WP_Filesystem(); // this is the ONLY difference to 'direct' $wp_filesystem->connect(); } $wp_filesystem->put_contents($file, $content); }}} In the file ABSPATH/wp-admin/includes/file.php (around line 2051) the function WP_Filesystem() simply sets up an instance of the class defined by FS_METHOD, but does NOT connect if FS_METHOD is set to 'ssh2'. Now many plugins that need to write a file (css,htacess,etc) simply assume that FS_METHOD is set to 'direct' or even assume WP_Filesystem() will connect as well. I have three plugins (there are more, but these are the ones I am 100% sure) that have problems writing - Ultimate Addons for Elementor - Astra Addons - Sensei Now I could tell those developers to do it properly. However I think the function $wp_filesystem->put_contents() should CHECK whether the link is up and if NOT, call a function within the class and setup the link to the server, after all I would consider this is proper coding pratice. {{{ public function put_contents( $file, $contents, $mode = false ) { // so this is for people who come from the outside // just setting up the class and dont care whether // a call to ""connect"" is required. error_log(""class-wp-filesystem-ssh2.php -> put_contents -> $file ""); if(!$this->sftp_link) { error_log(""class-wp-filesystem-ssh2.php link is null, connecting ....""); // this function is similar to connect $rc = $this->build_options_connect(); } // put the contents $ret = file_put_contents( $this->sftp_path( $file ), $contents ); if ( strlen( $contents ) !== $ret ) { return false; } $this->chmod( $file, $mode ); return true; } }}} The function $this->build_options_connect() sets up the required data structure similar to the function ""request_filesystem_credentials()"" in file ABSPATH/wp-admin/includes/file.php (around line 2250) and then sets up the connection similar to the function $wp_filesystem->connect() in file ABSPATH/wp-admin/includes/class-wp-filesystem-ssh2.php (around line 120). I have done this on all of my servers for a few weeks now. Message like this one example (of many) below have completely disappeared. {{{ [10-Jun-2023 18:25:12 UTC] PHP Warning: file_put_contents(ssh2.sftp:///HIDDEN/htdocs/wp-content/uploads/uael_uploads/.htaccess): failed to open stream: operation failed in /HIDDEN/htdocs/wp-admin/includes/class-wp-filesystem-ssh2.php on line 283 }}} While I stated 'has patch' (I do), let's first see what people say about this." jobst Future Releases 55469 WP_Filesystem_SSH2::chmod() should use ssh2_sftp_chmod() Filesystem API normal normal Awaiting Review enhancement new has-patch 2022-03-27T17:10:57Z 2022-03-27T17:13:32Z "`WP_Filesystem_SSH2::chmod()` currently uses `::run_command( sprintf( 'chmod %o %s', $mode, escapeshellarg( $file ) ), true )` (which calls [https://www.php.net/manual/en/function.ssh2-exec.php ssh2_exec()]). It has essentially been this way since `WP_Filesystem_SS2` was introduced in [8812]. However, some sftp servers do not allow `ssh2_exec()` to be run, generating PHP warnings such as: > PHP Warning: ssh2_exec(): Unable to request command execution on remote host and on those severs all calls to `WP_Filesystem_SSH2::chmod()` basically become noops. Luckily, starting with version [https://pecl.php.net/package/ssh2/0.12 0.12], the ssh2 extension introduced [https://www.php.net/manual/en/function.ssh2-sftp-chmod.php ssh2_sftp_chmod()], and `WP_Filesystem_SSH2::chmod()` should be changed to use it." pbiron Future Releases 34722 Open P Tag in shortcode related to h tag Formatting 4.4 normal normal Awaiting Review defect (bug) new dev-feedback 2015-11-18T07:32:04Z 2017-07-20T07:25:55Z "Hi Wordpress core Team There is a bug in wordpress. When you add a simple text in the editor like this {{{

    Integer in ex vel urna tempor ultrices.

    Morbi vehicula a orci nec dignissim. }}} In the front of the website and in the page source code this text is changed by wordpress to this and there are no issues or open or extra p-tags. {{{

    Integer in ex vel urna tempor ultrices.

    Morbi vehicula a orci nec dignissim.

    }}} [[Image(http://i.imgur.com/9TCF7gi.png)]] However this does not happen in a shortcode F.e. if you create a simple shortcode to add a div with a class around your text. The result is open and or extra p-tags and break tags, {{{#!php ' . $content .''; } add_shortcode('theme_div', 'theme_shortcode_div'); }}} And add the text within a sshortcode {{{ [theme_div]

    Integer in ex vel urna tempor ultrices.

    Morbi vehicula a orci nec dignissim. [/theme_div] }}} The same text is rendered like this. {{{

    Integer in ex vel urna tempor ultrices.

    Morbi vehicula a orci nec dignissim.

    }}} The p tag is never closed and before the h-tag there is suddenly a break tag. I tested this in any of the default themes and i dont know how many commercial themes and all with same results. The p tag is left open and there is a extra break tag. [[Image(http://i.imgur.com/52p291S.png)]] It can even gets worse if you add it like this and embed your text in a p-tag. {{{ [theme_div]

    Integer in ex vel urna tempor ultrices.

    Morbi vehicula a orci nec dignissim.

    [/theme_div] }}} Now the end result is this {{{

    Integer in ex vel urna tempor ultrices.

    Morbi vehicula a orci nec dignissim.

    }}} There is suddenly a extra br tag before the h-tag a extra p tag suddenly in the h-tag and a extra p tag at the end of the div. [[Image(http://i.imgur.com/J3597aM.png)]] Note: All code has been added in text mode of the editor. The text was added as shown. H-tag and normal text without any break tag all on one line Note: used theme in my images twenty sixteen. Note: Shortcode added to the functions.php exactly as shown above. Note: You can only see the p-tags missing in the source of the page. If you inspect the page in firebug or chrome it shows the closing p-tags as that is what browsers do. They try to close the p-tags by default even if it is missing. [[Image(http://i.imgur.com/aTwn2Wg.png)]] Please resolve as this is a really annoying bug. " BackuPs Future Releases 46791 esc_url() adding http:// to a relative URL to parent directory '../pathname/' Formatting 5.1 normal normal Awaiting Review defect (bug) reopened has-patch 2019-04-04T09:50:03Z 2019-05-23T10:37:12Z "{{{esc_url()}}} adds '!http://' when it shouldn't. Line 4191 wp-includes/formatting.php states If the URL doesn't appear to contain a scheme, we presume it needs !http:// prepended (unless a relative link starting with /, # or ? or a php file). This is prepending !http:// to a relative url to a parent directory i.e. '''../path-to-page/''' Funtion needs ../ adding to the array or some regex code." OrangePixelNath Future Releases 37698 wp_kses_split global variable pollution Formatting normal normal Future Release defect (bug) new has-patch 2016-08-17T20:20:15Z 2021-02-09T16:12:22Z "In r10339, `wp_kses_split` was modified so it doesn't longer require the `preg_replace` with the `e` (eval) modifier. This implementation uses globals to pass the values of `$allowed_html` and `$allowed_protocols` to the `_wp_kses_split_callback` function. While in most cases this isn't really a problem, we noticed that a call to `wp_kses_split` (via a filter) from within `_wp_kses_split_callback` may have undesirable effects on the next replacements. The snippet below illustrates this problem, you can see in action in https://3v4l.org/YmYTZ {{{ |$))|(<[^>]*(>|$)|>))%', '_wp_kses_split_callback', $string ); } function _wp_kses_split_callback( $match ) { global $pass_allowed_html, $pass_allowed_protocols; return wp_kses_split2( $match[1], $pass_allowed_html, $pass_allowed_protocols ); } function wp_kses_split2($string, $allowed_html, $allowed_protocols) { wp_kses_split('', array(), array()); // this overrides the globals. print_r( array( $allowed_html, $allowed_protocols ) ); } wp_kses_split(""I link this"", array('a'=>array( 'style' => array() )), array('http') ); }}} One way to fix this would be to use an anonymous function, but I guess that's only available on PHP >= 5.3. Another way is to encapsulate the callback in a class and tie the arguments to an instance of this class." xknown Future Releases 37672 wpautop adds a closing p-tag without an opening p-tag Formatting 4.5.3 normal normal Awaiting Review defect (bug) new has-patch 2016-08-15T19:06:03Z 2019-04-18T21:39:39Z "Following code result in ill-formed HTML. {{{#!php This is a paragraph. This is another paragraph. EOT; echo wpautop($pee); }}} This is the output: {{{
    This is a paragraph.

    This is another paragraph.

    }}} As you can see, the first paragraph lacks an opening

    . " TBarregren Future Releases 38656 wpautop incorrectly handling paragraphs within block elements Formatting 5.0 normal normal Future Release defect (bug) new needs-unit-tests 2016-11-04T06:10:39Z 2019-03-26T15:02:11Z "When there are two line breaks within a block element, `wpautop()` will replace it with `

    `, but the corresponding opening and closing tags won't exist. For example, `

    a\n\nb
    ` will produce `
    a

    b

    `, when it really should produce `
    \n

    a

    \n

    b

    \n
    `." pento Future Releases 44394 Error when trying to get the columns of a three-columns gallery. Gallery 4.9.6 normal normal Awaiting Review defect (bug) new has-patch 2018-06-18T12:19:40Z 2018-06-19T08:08:11Z "It seems the `get_post_gallery` function fails to retrieve the column count if it's 3. First, create a gallery. Then, insert 2 or 3 or any number of images and set its column to 3. Then, run this code in the context of a post (content.php / single.php will do): {{{#!php ID, False ); $gallery_images = explode( ',', $gallery['ids'] ); var_dump( $gallery['columns'] ); }}} It will come out as: {{{ Notice: Undefined index: columns in C:\file.php on line 45 }}} " virginthumb Future Releases 38228 Add filter to default gallery shortcode output Gallery 4.7 normal normal Awaiting Review enhancement new dev-feedback 2016-10-04T18:27:54Z 2018-04-12T14:05:03Z "Right now the only way to alter the default gallery shortcode output is to use the ""post_gallery"" shortcode which effectively requires the developer to rewrite the entire shortcode. There is a lot of redundancy in here since in most cases, we do not want to alter the retrieval of gallery items. By adding a simple filter at the end of the gallery, we can save a lot of code as well as not effect anyone currently using the post_gallery filter. See my proposed patch." tristangemus Future Releases 38100 Gallery Caption Filter Gallery 4.6.1 normal normal Awaiting Review feature request new has-patch 2016-09-19T20:03:19Z 2018-11-30T13:13:38Z In media.php on line 1767: https://core.trac.wordpress.org/browser/tags/4.6.1/src/wp-includes/media.php#L1767 there is no way to filter a gallery's caption. A filter here would be really helpful to include attachment meta data within a gallery's caption. darrenshea Future Releases 45939 Coding Standards: fix
    in core files General normal normal Future Release defect (bug) reviewing has-patch 2019-01-11T12:21:14Z 2020-02-21T17:56:52Z "In order to [https://make.wordpress.org/core/handbook/best-practices/coding-standards/html/#self-closing-elements self-closing-elements], a single space should precede the self-closing slash. I created this patch for version 5.0.3, but this version isn't on ticket version selector." man4toman Future Releases 58763 Inconsistent add/get/update/delete_post_meta() functions leads to deleting post metadata. General normal major 6.6 defect (bug) new has-patch 2023-07-08T09:48:05Z 2024-02-19T20:57:08Z "The add_post_meta(), delete_post_meta(), and update_post_meta() functions all use wp_is_post_revision() to add/delete/update the metadata of the post, not its revision. That's fine, but the get_post_meta() function does NOT use wp_is_post_revision(). As a consequence, if you use get_post_meta() and update_post_meta() during the saving process for a revision, the post metadata ends up being overwritten/deleted: The get_post_meta() function gets the **revision** metadata, and then the update_post_meta() function updates the **post** metadata, NOT the revision metadata. js." jsmoriss Future Releases 53847 Removed 'noreferrer' relationship In JS file. Shital Patel General normal normal Future Release defect (bug) assigned close 2021-07-31T07:41:08Z 2021-07-31T10:04:52Z "remove ""noreferrer"" in js Files and add ""noopener""" Shital Patel Future Releases 58015 Text over images not readable in Block: Cover Post General 6.2 normal normal Awaiting Review defect (bug) new has-patch 2023-03-29T20:11:00Z 2023-04-04T09:48:18Z Black-colored text over background images is not always readable. I have fixed CSS to make texts readable. arafatjamil01 Future Releases 44082 settings_errors() wraps all notices in p and strong tags General normal normal Awaiting Review defect (bug) new has-patch 2018-05-14T19:06:59Z 2020-11-30T06:51:26Z "I noticed today that `settings_errors()` wraps every notice in a set of `

    ` and `` tags. This is undesirable for a few reasons: * Notices should be allowed to use their own formatting (they already are everywhere) * Many/most core notices that do not use `settings_errors()` are not strong, or use `strong` for emphasizing specific parts of a notice As a result, almost every plugin is forced to reinvent their own approach for putting out admin notices. Core even does this in a bespoke way in almost every other admin page, resulting in a bunch of duplication and fragmentation of approaches. (A quick grep of `.php` files in `wp-admin` with `is-dismissible` in them shows 75.) ---- A few ideas: * We could use `wpautop()` to wrap each notice to avoid duplicate `

    ` tags * We could use KSES to only allow certain tags in a notice (not certain this is necessary) * We could invent a new function for formatting admin area notices in places other than settings (which most plugins do already, so something they can use is preferable) I can also imagine this issue being a smaller part of a larger `admin_notices` initiative, but figured I'd at least document this kvetch." johnjamesjacoby Future Releases 57130 unittest for wp_upload_bits General normal normal Awaiting Review defect (bug) new has-patch 2022-11-16T22:11:05Z 2022-11-22T19:46:02Z pbearne Future Releases 38052 wp-utility.js misses function argument null General 4.6 normal major Awaiting Review defect (bug) new needs-unit-tests 2016-09-14T09:26:29Z 2017-07-28T08:57:16Z "Since 4.6 the wp-utility is updated. The null parameter has been removed here: {{{ compiled = compiled || _.template( $( '#tmpl-' + id ).html(), null, options ); }}} to {{{ compiled = compiled || _.template( $( '#tmpl-' + id ).html(), options ); }}} Which can give the following error: {{{ wp-util.min.js:1 Uncaught TypeError: (intermediate value)(intermediate value) is not a function }}} This is fixed by adding that null value again like this: {{{ compiled = compiled || _.template( $( '#tmpl-' + id ).html(), null, options ); }}} Affects version 4.6 and 4.6.1" wiardvanrij Future Releases 57136 wp_list_pluck's key argument not working correctly when its zero General 4.7 normal normal Awaiting Review defect (bug) new has-patch 2022-11-17T16:36:32Z 2024-02-23T02:49:01Z "This is better explained with an example: {{{ wp> var_dump( wp_list_pluck( [ [ 'key1', 'val1' ], [ 'key2', 'val2' ] ], 1, 0 )); array(2) { [0]=> string(4) ""val1"" [1]=> string(4) ""val2"" } }}} See the missing key? If we try with array_column it works correctly: {{{ wp> var_dump( array_column( [ [ 'key1', 'val1' ], [ 'key2', 'val2' ] ], 1, 0 )); array(2) { [""key1""]=> string(4) ""val1"" [""key2""]=> string(4) ""val2"" } }}}" dgwatkins Future Releases 53262 "wp_robots() (via wp_die) triggers a ""doing_it_wrong_trigger_error"", but should not." General 5.7 normal minor Awaiting Review defect (bug) new dev-feedback 2021-05-23T21:43:29Z 2022-08-03T15:31:55Z "Hello there. In my plugin, I need to die early, like, right after the plugins are loaded, imagine this for a shortcut: `add_action( 'plugins_loaded', 'wp_die' );` This is the output: ''Notice: is_embed was called incorrectly. Conditional query tags do not work before the query is run. Before then, they always return false. Please see Debugging in WordPress for more information. (This message was added in version 3.1.0.) in /wp-includes/functions.php on line 5313'' {{{ # Time Memory Function Location 1 0.0002 369912 {main}( ) .../admin.php:0 2 0.0003 370552 require_once( '/wp-load.php' ) .../admin.php:34 3 0.0003 370960 require_once( '/wp-config.php' ) .../wp-load.php:37 4 0.0003 375568 require_once( '/wp-settings.php' ) .../wp-config.php:88 5 0.0410 1735152 do_action( ) .../wp-settings.php:423 6 0.0411 1735528 WP_Hook->do_action( ) .../plugin.php:484 7 0.0411 1735528 WP_Hook->apply_filters( ) .../class-wp-hook.php:316 8 0.0882 3856336 wp_die( ) .../class-wp-hook.php:292 9 0.0882 3874480 _default_wp_die_handler( ) .../common.php:275 10 0.0884 3876304 wp_robots( ) .../functions.php:3497 11 0.0884 3876304 apply_filters( ) .../robots-template.php:32 12 0.0884 3876712 WP_Hook->apply_filters( ) .../plugin.php:212 13 0.0884 3878216 wp_robots_noindex_embeds( ) .../class-wp-hook.php:292 14 0.0884 3878216 is_embed( ) .../robots-template.php:93 15 0.0884 3878216 _doing_it_wrong( ) .../query.php:881 16 0.0885 3879304 trigger_error ( ) .../functions.php:5313 }}} another notice will be trigger, same thing but line 13 will be `wp_robots_noindex_search`. Since WP 5.7 the `wp_robots()` function is called in a `wp_die()`, but `wp_die()` can be called before the query is done, this is not too soon to die ''(for once, got it?)''. A possible patch is to delay these default filters a bit later ''(wp-includes/default-filters.php)'' instead of adding them right away: {{{ add_action( 'wp', 'wp_late_robots_check' ); function wp_late_robots_check() { add_filter( 'wp_robots', 'wp_robots_noindex_embeds' ); add_filter( 'wp_robots', 'wp_robots_noindex_search' ); } }}} Thanks for your attention." juliobox Future Releases 40790 Ability to filter $post_type in _get_last_post_time General 4.7.5 normal normal Awaiting Review enhancement new dev-feedback 2017-05-17T15:30:09Z 2019-04-25T07:36:14Z "This function starts on line 5610 of https://github.com/WordPress/WordPress/blob/4.7.5/wp-includes/post.php Currently, there is no way to filter the `$post_type` argument of the `_get_last_post_time` function. This creates situations where it's impossible to filter/modify the default post type when `_get_last_post_time` is called without the `$post_type` argument. Suggested enhancement is to add a `_get_last_post_time_post_type` filter inside the `_get_last_post_time` function, right after the `$field` is validated or the timezone gets lowercased. Something like this... {{{#!php $post_type = apply_filters( '_get_last_post_time_post_type', $post_type ); }}} Thank you for considering this enhancement. " toddlevy Future Releases 57213 Coding standards : Use Strict Comparison except Loose Comparison wp-includes/class-wp-hook.php General 4.7 normal normal Future Release enhancement new has-patch 2022-11-27T05:55:40Z 2023-02-06T19:50:50Z It's help for coding standardization when get the Integers data type then use Strict Comparison except Loose Comparison rockonshajib Future Releases 40178 Menus that contain post types in Draft status should be hidden from logged out users General 4.7.3 normal normal Awaiting Review enhancement new dev-feedback 2017-03-16T23:39:44Z 2017-03-19T19:48:41Z "I recently added 2 pages to my site. I published them, and moved them into a Menu on my site. Then realized, I don't want them public, but I also don't want to lose their positioning where I put them in the menu. I moved them to draft. When I go to my site logged out, I still see the links and goes to a 404. I'm proposing that when an item in the Menu moves to a non-published state that isn't the Trash (Draft or Pending), it should remain in the nav, but be hidden from any logged out users." jdingman Future Releases 59152 Need some css improvement on wordpress installation ( install.php ) page for mobile screen. General 6.4 normal normal Awaiting Review enhancement new has-patch 2023-08-20T09:51:54Z 2023-08-24T09:04:29Z We can improve the style ( spacing ) of description text below the password field on wordpress installation ( install.php ) page for mobile screen. See the screenshot for more clarification. ravigadhiyawp Future Releases 50422 Prevent Browser Caching From Getting Involved With wp_redirect and wp_safe_redirect (Leaving the Browser to Purely Honor the Redirect Code Used) General 5.4.2 normal normal Awaiting Review enhancement new has-patch 2020-06-18T16:51:16Z 2021-06-22T17:41:55Z "Currently, {{{wp_redirect}}} (and therefore {{{wp_safe_redirect}}} as well since that uses {{{wp_redirect}}}) can be cached by web browsers depending on a site's browser caching rules. For example, W3 Total Cache has browser caching that one would certainly want to utilize for improved site performance, but then doesn't really have the means to prevent this potential problem where a redirect then gets cached by the browser (even if it's a 302 redirect). W3TC is just one example, but browser caching can be implemented in any number of ways which this then can be a problem. I came across this with a plugin and proposed a patch to the plugin per https://wordpress.org/support/topic/proposed-bugfix-prevent-login-redirect-from-browser-cache-rules/, but I'm wondering why the fix for this isn't part of WordPress' core so that plugins & developers in general don't need to specifically add this to prevent an issue that can come about given the right circumstances (with the fix being rather simple & straightforward, from what I can tell.) In short, having {{{nocache_headers();}}} before the redirect happens has the redirect still honored as it was set while removing the potential undesired effect of it being cached by the web browser (ex. trying to view a page that needs you logged in to view it has a plugin redirect to the login page, but then that 302 redirect was cached by the browser so the user is still redirected to the login when trying to visit that page even after they've already logged in, and it can really happen with any redirect that should be honored as being temporary that was then cached as the page's result by the browser when it shouldn't be [translation plugins have also encountered this in the past as well when switching between languages for pages via a redirect, and I'm sure there's more instances of this.]) ---- Yes, currently developers can prevent this themselves by implementing {{{nocache_headers();}}} before their {{{wp_redirect}}} and/or {{{wp_safe_redirect}}} (I've made sure to document this as such at https://developer.wordpress.org/reference/functions/wp_redirect/#comment-3973 and https://developer.wordpress.org/reference/functions/wp_safe_redirect/#comment-3974, respectively [which I imagine both of these notes should be removed if/when this gets implemented natively]), but I'm wondering why that should be necessary. Would there really be any downside of having {{{wp_redirect}}} trigger {{{nocache_headers();}}} as part of that function natively so it just works more reliably without added code and/or developers potentially not knowing to do this which then results in problematic behavior? At that point, things like the {{{auth_redirect}}} function (and possibly others) can be cleaned up to not need to include {{{nocache_headers();}}} before their redirect. Meanwhile, {{{wp_get_nocache_headers();}}} (used by {{{nocache_headers();}}}) checks to see if headers have already been sent or not & also honors the existing headers while just enforcing specific ones so those that have this applied twice (ex. after this is included natively as part of {{{wp_redirect}}} while they still have it in their own implementation before this was done) shouldn't have any negative effects. ---- **- The Proposed Patch -** This simply has {{{nocache_headers(); // Prevent browser caching of page with the redirect header (browser should still honor the redirect status code)}}} before the {{{header( ""Location: $location"", true, $status );}}} snippet in the {{{wp_redirect}}} function within ''wp-includes/pluggable.php'', and then has a minor optimization of removing {{{nocache_headers();}}} from the {{{auth_redirect}}} function in that same file since that's no longer needed (the {{{wp_redirect}}} later in the function now takes care of this. I've attached a patched version of pluggable.php from WP 5.4.2 with these 2 changes. I filed this as an enhancement since it's not really a bug within the code being fixed as much as it is preventing bugs made by plugin & other developers (so it still is fixing bugs within the WordPress ecosystem [just going to the core of the problem rather than having to fix the issue with each instance where this came up as a result of the core code not taking care of this itself yet.])" KZeni Future Releases 33704 Reduce reliance on wp_is_mobile() General 3.4 normal normal Future Release enhancement assigned has-patch 2015-09-03T09:29:47Z 2023-09-18T17:49:09Z "User agent sniffing is bad. `wp_is_mobile()` isn't very reliable. In core it's actually used to detect if the device is a touch device (so that, among other things, elements that normally appear on hover are shown persistently and JavaScript for touch functionality is loaded). We should audit the use of `wp_is_mobile()` in core to see if replacing it in favour of client-side feature detection is possible. If so, `wp_is_mobile()` should be deprecated. Reported bugs with `wp_is_mobile()`: #24541, #21667, #24252. History: #20014" johnbillion Future Releases 51227 Update paginate_links dots to account for total pages General 5.5.1 normal trivial Awaiting Review enhancement new has-patch 2020-09-03T00:06:12Z 2020-09-03T00:08:51Z "Currently, under certain conditions the pagination shows dots when it would make more sense to show a number. Example: If you have the following variables: {{{ Mid size: 2 End size: 1 Total pages: 5 Current page: 1 }}} Then it will visually output as follows: {{{ Prev 1 2 3 ... 5 Next }}} With current changed to 5 then it will show dots at 2 instead. In this case, it would make more sense to show the number instead of dots. " mikeybinns Future Releases 58433 WP version in Etag header in load-styles.php file General normal normal Awaiting Review enhancement new has-patch 2023-05-31T11:16:13Z 2023-06-19T00:44:33Z "Hi I know there are plenty of plugins to hide WP version. You also decided to hide WP version from readme.html some time ago. When the user uses all possible methods to hide WP version, current version still can be checked by load-styles.php and load-scripts.php files. It is visible in eTag header. I know, this is not a big issue but I think is worth considering to use here some hash or checksum. Regards Dawid " dav4 Future Releases 58935 White page on admin.php in WordPress Dashboard General normal normal Awaiting Review enhancement new has-patch 2023-07-29T18:09:08Z 2023-08-02T10:22:12Z "Hello there, As we all know, plugins (e.g. WooCommerce, etc.) are using `wp-admin/admin.php` to handle their option pages. e.g. `http://localhost/wp-admin/admin.php?page=wc-admin` The problem is, when we navigate to `admin.php` without any query string, it shows a white screen. I believe we can improve it by showing a message or redirecting to the main page of the dashboard. e.g. `http://localhost/wp-admin/admin.php`" masoudin Future Releases 49408 Why is the action wp_ajax_wp_link_ajax not using wp_send_json() General 5.3.2 normal normal Awaiting Review enhancement new has-patch 2020-02-11T16:09:10Z 2020-12-16T19:31:11Z "The action now returns an array with results with the header content-type text/html Should this not be application/json as achieved by the wp_send_json() function? [https://core.trac.wordpress.org/browser/tags/5.3.2/src/wp-admin/includes/ajax-actions.php#L1863] " stephanh Future Releases 30499 define WP_VERSION, to prevent having to code around plugins which change $wp_version General normal normal Awaiting Review enhancement new has-patch 2014-11-25T14:09:14Z 2021-06-01T13:34:01Z "There are plugins, like this one - https://wordpress.org/plugins/replace-wp-version/ - which over-write $wp_version. Allegedly in the name of security (as if an external probe couldn't work out the WP version in 101 other ways). Unfortunately, their existence means that if another plugin wants to _really_ know the WP version, they have to do something ugly, and re-include wp-includes/version.php, like so: {{{ global $wp_version; include(ABSPATH.WPINC.'/version.php'); }}} The WP version really should not change, and there should be a more elegant way to know it is. The PHP way is via a constant; thus, the attached patch defines WP_VERSION, in order to provide coders with a reliable way of knowing the real WP version without having to use ugly work-arounds. " DavidAnderson Future Releases 48054 wp.sanitize.stripTags should iterate instead of using recursion General 5.2.3 normal minor Awaiting Review enhancement new has-patch 2019-09-16T21:23:38Z 2020-10-08T21:27:54Z "The changes to wp-sanitize.js seemed wasteful and like it produced dead code in the final return. https://github.com/WordPress/WordPress/commit/90d9bdc54c82229b3aa5a6e60d775f14b1f9a9dc#diff-9bedaa5d6abc6cb127b2f496bb2f7835 When I got into it to fix the dead code, I also felt a way about the recursion, because stack and memory exhaustion are two other potential issues. So this way should *at most* be one function call and only duplicate memory instead of being O(n*memory). https://github.com/WordPress/WordPress/commit/d9b128f50546a65c9cf0944ee61237e35ff269c0 This is probably a drive-by commit and for that I apologize. I hope it's more useful than not, but your mileage may vary. Thank you for making WordPress." jrchamp Future Releases 34058 Proposal: wp_get_archives_object() function General 4.3.1 normal normal Future Release feature request new has-patch 2015-09-28T16:10:27Z 2021-07-05T06:25:38Z "I'm currently working on building a personal site using the WP REST API, and one of the features I want to introduce is an equivalent to the archives widget on the front-end. Unfortunately, this isn't so straight forward given that I have no quick means of accessing an object representing the current archives. The existing function `wp_get_archives()` will return lots of lovely HTML - which I can use out of the box perfectly well - but this is useless given that I want full control of the data to manipulate/parse/sort as well as having something that is more suitable for output via JSON in the API. I propose that a new function called `wp_get_archives_object()` be added to give developers immediate access to the archives object for general use without having to get their hands dirty. As a compromise, perhaps add an additional parameter to `wp_get_archives()` that when set to `true` simply returns the object?" anonymized_13665966 Future Releases 54327 Support wp_die from array print General 5.8.1 normal normal Awaiting Review feature request new has-patch 2021-10-27T07:05:30Z 2021-10-28T20:28:38Z "I think wp_die() function is very used in wordpress plugin and theme developement and that is better to support array when pass an array to this and prevent from array to string notice. in wp-includes/functions.php line ~3800 before: {{{ echo $message; }}} after: {{{ if(is_array($message)) { print_r($message); }else { echo $message; } }}} tanx. " myousefi08 Future Releases 25840 Feature Request: WP_ACCESSIBLE_HOSTS as option HTTP API 3.7.1 normal normal Future Release enhancement new has-patch 2013-11-05T21:46:14Z 2020-09-16T17:40:10Z "Currently WP_ACCESSIBLE_HOSTS is defined as a constant. It would be great if this is a wordpress option (or something equivalent) so you can change it at runtime. If you have a multisite installation and need to add domains to the whitelist you must reload the whole installation to enable them. Writing a simple plugin for this is also not possible since constants can not be redefined. My suggestion: 1) Store a site_option for mutlisites. This should contain a general whitelist for all blogs 2) Store a option per blog to contain additional whitelists for this single blog 3) Make it configurable via the admin interface (single textbox to enter the domains) 4) In the block_request function (https://github.com/WordPress/WordPress/blob/master/wp-includes/class-http.php#L507) the 2 options should be merged and handled like the constant This way you could manage the whitelist at runtime. What do you think about this? Chris" xFireFartx Future Releases 58284 Add in wp_dropdown_languages en_US as selected value when 'explicit_option_en_us' is set to true I18N normal normal Awaiting Review defect (bug) new has-patch 2023-05-10T11:57:49Z 2023-05-10T11:57:49Z "When in the function ""wp_dropdown_languages"" the option ""explicit_option_en_us"" is set to true and the locale-value of the User is ""en_us"" the option is still not selected. The value in the selected function (l10n.php, L. 1591) is empty: {{{#!php English (United States)', esc_attr( $value ), selected( $value, $parsed_args['selected'], false ) ); } }}} Thank you very much" ekaliva Future Releases 45897 Chinese page uri dump fail I18N 5.0.2 normal normal Awaiting Review defect (bug) new has-patch 2019-01-10T07:17:56Z 2022-06-22T01:19:11Z "In theme home page , dump fail when clike message page if uri is chinese. In file wp-includes/class-wp.php, should modify like this: {{{ list( $req_uri ) = explode( '?', urldecode( $_SERVER['REQUEST_URI'] ) ); }}}" zh1995 Future Releases 50773 Merge duplicate strings in bulk actions and row actions for list tables SergeyBiryukov I18N normal normal Future Release defect (bug) reviewing has-patch 2020-07-26T12:15:17Z 2022-05-02T01:00:32Z "Backround: #40244, #50747. As noted by @ramiy in comment:25:ticket:40244 and me in comment:5:ticket:50747, as part of the changes in [48352] and [48595] some strings were duplicated with a different case: * `_x( 'Not Spam', 'comment' )` * `_x( 'Not spam', 'comment' )` * `_x( 'Not Spam', 'site' )` * `_x( 'Not spam', 'site' )` Additionally, some strings kept title casing and should be switched to sentence casing for consistency with others: * `__( 'Enable Auto-updates' )` * `__( 'Disable Auto-updates' )` * `__( 'Network Activate' )` * `__( 'Network Deactivate' )` * `__( 'Network Enable' )` * `__( 'Network Disable' )` The problem is that some of these strings are not only used in bulk actions, but also in row actions. While most of bulk action strings appear to be switched to sentence casing across the admin now, row actions are not. It seems like that would be the next step to bring some consistency here." SergeyBiryukov Future Releases 36259 Switching language should update date and time formats vagios I18N normal normal Future Release defect (bug) assigned needs-unit-tests 2016-03-16T07:43:07Z 2023-11-16T16:49:08Z "Previously: #11226 1. Install WordPress in English. 2. Switch language to Russian. 3. Date and time formats in General Settings are still `F j, Y` and `g:i a`, which doesn't make sense for Russian and doesn't match the locale defaults (`d.m.Y` and `H:i`, respectively)." SergeyBiryukov Future Releases 41305 Add lazily evaluated translations timothyblynjacobs I18N 4.8 normal normal Future Release enhancement assigned dev-feedback 2017-07-13T11:16:56Z 2023-05-12T12:14:20Z "In the context of #40988, I did a few performance tests and experimented with adding a lazily evaluated translation object. The general principle is this: Instead of returning the resulting string of a translation, return an object for which the `__toString()` and `jsonSerialize()` methods will fetch the resulting string instead. I tested by having the `__()` method return such a proxy object, instead of the actual translated string. From a quick profiling run on `wptrunk.dev/wp-json/wp/v2/posts`, I got the following results: Returning a `translate()` from `__()`: {{{ Wall Time 162ms CPU Time 157ms I/O Time 5.48ms Memory 16.5MB Network n/a n/a n/a SQL 4.41ms 13rq }}} Returning a `TranslationProxy` from `__()`: {{{ Wall Time 144ms -19ms -14.9% CPU Time 138ms -18ms -15.4% I/O Time 5.33ms -154µs -3.0% Memory 16.6MB +81.6KB n/s Network n/a n/a n/a SQL 4.33ms 13rq }}} As you can see, this shaved off almost 15% from this simple request. It saved 2255 calls to `translate()`, 2157 calls to `get_translations_for_domain()` and, more importantly still, 2156 calls to `apply_filters()` (which could involve a lot of additional processing in some cases). The main problem with this approach is that WordPress does not contain real type-hinting, so BC is broken wherever the proxy is not echoed, but used directly. As we cannot possibly foresee how plugins might use their localized strings, I suggest adding new lazy variations of the translation functions. To mirror the ""echo"" variations that prefix the translation functions with an `e`, I'd suggest using the `l` prefix for these variations: {{{#!php // Lazily retrieve the translation of $text. _l( $text , $domain = 'default' ); // Lazily retrieve the translation of $text and escape it for safe use in an attribute. esc_attr_l( $text, $domain = 'default' ); // Lazily retrieve the translation of $text and escape it for safe use in HTML output. esc_html_l( $text, $domain = 'default' ); // Lazily retrieve translated string with gettext context. _lx( $text, $context, $domain = 'default' ); // Lazily translate string with gettext context, and escape it for safe use in an attribute. esc_attr_lx( $text, $context, $domain = 'default' ); // Lazily translate string with gettext context, and escape it for safe use in HTML output. esc_html_lx( $text, $context, $domain = 'default' ); }}} Arbitrary testing has shown that using such lazily evaluated translations strategically can improve the performance by 10-30% for certain scenarios. Implementing them in this BC fashion allows us to fine-tune Core usage and make it available to plugins, while playing it safe with existing code." schlessera Future Releases 51039 Enhancement: Show a prompt in dashboard to recruit more translators I18N normal normal Awaiting Review enhancement new dev-feedback 2020-08-17T07:15:11Z 2023-08-18T05:09:24Z "Problem: Out of 204 available locales teams, around 130 are behind by more than one major version in releasing their core language pack, and considered to be “inactive.” The common issue among them is that they don't have enough contributors to suggest and approve translations. Also, once the team becomes inactive, it's very hard to find and onboard new contributors. In the [https://make.wordpress.org/polyglots/handbook/plugin-theme-authors-guide/#generating-community-contributions Polyglots Team handbook], we suggest plugin authors who are looking for translators of their product to show a dismissible message in the dashboard. How about core also adopts that method for core? * Only show suggestions to users whose browser language is not English AND it matches one of the inactive locales ([https://make.wordpress.org/polyglots/teams/#major-behind-many behind by more than one major version] or no language pack is ever created). * Link to a polyglots handbook page where the new contributor can get more info (I suggest [https://make.wordpress.org/polyglots/handbook/translating/first-steps/ First Steps] page for now) The message could look like this: **Translate WordPress to LOCALE_NAME:** It looks like you understand LOCALE_NAME. Did you know you can help translate WordPress in your language? [https://make.wordpress.org/polyglots/handbook/translating/first-steps/ Visit this page] to get started. After some time, polyglots global mentors can check and promote new contributors based on our [https://make.wordpress.org/polyglots/handbook/translating/expectations/translation-editor-locale-manager-vetting-criteria/ GTE/Locale Manager] vetting criteria and provide mentorship to help them stay active. " Nao Future Releases 42599 Design changes in Tools Categories and Tags Converter box and Tools Import box Import 4.9 normal normal Awaiting Review defect (bug) new has-patch 2017-11-17T10:27:46Z 2019-01-30T06:51:36Z "Some Design changes in Categories and Tags Converter box and Import box Go to wp-admin 1. Tools > Available Tools 2. Tools > Import" Shital Patel Future Releases 14949 Login gives false assurance of having logged out rajinsharwar* Login and Registration normal normal Future Release defect (bug) accepted dev-feedback 2010-09-23T10:39:34Z 2023-09-27T19:35:30Z "If you visit `wp-login.php?loggedout=true` while logged in, WordPress falsely tells you that ""You are now logged out."" This is a problem because it could lead you to think, e.g., that a public computer is no longer authenticated with access to your WP admin. Patch redirects a still-authenticated user back to the admin from the login page if she requests the above page without actually having logged out." filosofo Future Releases 17904 Multisite has more restrictions on user login character set Login and Registration 3.0 normal normal Future Release defect (bug) assigned needs-unit-tests 2011-06-27T11:09:12Z 2024-02-27T07:08:40Z "Multisite has more restrictions on the characters allowed in a user's login name compared to single site. This seems unnecessary and confusing. It was also the root of a recent bug in the importer, see [http://wordpress.org/support/topic/invalid-author-importing-single-wordpress-to-mulitsite-wordpress?replies=21#post-2186667 this forum thread] and the [http://plugins.trac.wordpress.org/changeset/401649 workaround]. I haven't worked up a patch yet since there seem to be a few locations where these restrictions are enforced and I don't know if I have found them all yet: - wpmu_validate_user_signup() uses the regex `/[a-z0-9]+/` - ms-default-filters.php adds `strtolower` to `sanitize_user` Relevant: http://mu.trac.wordpress.org/changeset/1689 [12948]" duck_ Future Releases 39703 wp-signup.php & wp-activate.php are doing an avoidable posts query Login and Registration normal normal 6.6 defect (bug) new has-patch 2017-01-26T14:56:01Z 2024-02-22T08:32:21Z "Hi, If in the reading settings of the site, i chose to list my latest posts as the home page: going on `wp-signup.php` or `wp-activate.php` will query & fetch the 10 latests posts for nothing in a way. Moreover In this case `is_home()` is true which is a bit confusing. If in the reading settings of the site, i chose a static front page as the home page, it will be requested and fetched when going on `wp-signup.php` or `wp-activate.php`. In this case `is_page()` is true which is less confusing. So i guess, the particularity of these two specific pages is they're getting the header and the footer of the active theme. But i wonder why running `wp()` ? By simply directly loading the `wp-includes/template-loader.php` it can save a query. > see signup-activate-1.patch If running `wp()` is required for a reason i don't see, a query could still be saved and it could be interested to use this to set a ""page"" title for the `` tag. > see signup-activate-2.patch " imath Future Releases 57394 wp_insert_user allows the new user to have a username equal to an already registered email audrasjb Login and Registration 6.1.1 normal normal Future Release defect (bug) assigned changes-requested 2022-12-28T23:54:02Z 2024-02-08T20:50:52Z "Scenario: User A is an administrator, has username = 'admin' and email = 'admin@domain.com'; User B registers (open to register wp install) with username = 'admin@domain.com' and email = 'test@gmail.com'; In my case, i use both users, one to admin the website, and the other to simulate an customer user. Both users had same password. When i tried to log in with administrator user by email, i end up logged in the as user B. Then i changed User B password to not conflict, and it works as it should, if i set user A password it gets logged in as user A and if i use User B password it gets logged in as User B. I don't think this is a security issue, but allowing an user to be registered with another users email as username could be annoying and confuse some website administrators for scams or something else. To solve this issue, i just filtered username_exists filter and checked if the username was existing email. {{{#!php public function __construct() { add_filter(""username_exists"", array($this, ""username_exists"")); } public function username_exists($user_id, $username) { if (email_exists($username)) { $user = get_user_by(""email"", $username); if ($user->exists()) { return $user->ID; } } return $user_id; } }}} " buutqn Future Releases 58901 Flush 'user_activation_key' after successfully login rajinsharwar Login and Registration normal normal 6.6 enhancement assigned has-patch 2023-07-25T08:38:46Z 2024-02-12T09:18:32Z "Hi all, Let's imagine the next steps: 1. User goes to `{site_url}/wp-login.php?action=lostpassword` for getting reset password link to its email. 2. Then go to email and open the reset password link with an expiration time (`DAY_IN_SECONDS` by default). It has been resolved [https://core.trac.wordpress.org/ticket/32429 a long time ago]. But then he remembers his old password and login using a second web browser with its username and old password. At the same time, the link to reset the password remains active in the first browser for a whole day. 3. If it's a public laptop anybody can use the reset password link and login with new credentials and make some hacker things. **Suggestions:** Flush the 'user_activation_key' after successful login: wp-includes/user.php::line 113 before {{{ do_action( 'wp_login', $user->user_login, $user ); }}} Can be added this line: {{{ global $wpdb; $wpdb->update( $wpdb->users, array( 'user_activation_key' => '', ), array( 'ID' => $user->ID ) ); }}} Best Regards!" nsinelnikov Future Releases 36010 New password reset styling changes are confusing to casual users Login and Registration 4.4 normal major Awaiting Review enhancement new has-patch 2016-02-29T16:20:53Z 2020-02-08T14:04:34Z "I've noticed an uptick in how many of my users have been confused by the password reset process recently. In talking a few of them through the process, I realized that there are two spots where they are unsure of what to do: * On the password reset screen, the ""New password"" input doesn't look like the other inputs they've encountered, like at wp-login.php. * Once they click ""Reset password,"" they're expecting to receive an email containing the new password (and aren't realizing that the characters in the ""new password"" box are the new password). So, when they're redirected to a standard login screen, they're doubtful. About the first issue, I'm attaching mockups of the reset password screen with less styling. It's less visually interesting to advanced users, but maybe less is more for less experienced users. To help with the second issue, adding an instructional banner might help. For instance, if we were to redirect on submission of the ""reset password"" form to `wp-login/?newpass=true` or similar, then we could offer some guidance. See attached images. Thanks for your consideration. " dcavins Future Releases 54761 Save the prefered language from login page (since WP5.9) Login and Registration 5.9 normal normal Future Release enhancement new dev-feedback 2022-01-07T17:17:33Z 2022-04-09T08:18:57Z "Hello, On WP5.9 a language switcher is added in the wp-login.php. Here is the dev note by @audrasjb https://make.wordpress.org/core/2021/12/20/introducing-new-language-switcher-on-the-login-screen-in-wp-5-9/ I think it should be great if choosing a language here will update the Language user meta to display the back-office in the same language as previously chosen. As per 1st test made, this doesn't currently update." sebastienserre Future Releases 28473 wp_mail incorrectly parses multiline From header Mail 3.9.1 normal normal Awaiting Review defect (bug) new has-patch 2014-06-06T19:08:32Z 2020-09-16T19:37:01Z "`wp_mail` tries to parse `From:` header when it is contained in headers. It fails when the header is multiline. Multiline headers are common when non-ascii characters are used and quoted-printable escaping kicks in. Example input: {{{ From: =?UTF-8?Q?=D0=92=D0=B7=D0=B3=D0=BB=D1=8F=D0=B4=20=D0=BD=D0=B0=20=D0=BE?= =?UTF-8?Q?=D0=BA=D1=80=D1=83=D0=B6=D0=B0=D1=8E=D1=89=D0=B8=D0=B9=20=D0=BC?= =?UTF-8?Q?=D0=B8=D1=80?= <live-positive@yandex.ru> }}} Parsed email in `$from_email`: {{{ =?UTF-8?Q?=D0=92=D0=B7=D0=B3=D0=BB=D1=8F=D0=B4=20=D0=BD=D0=B0=20=D0=BE?= }}}" arty.name Future Releases 39753 wp_mail() under PHP 7 hosted on Windows creates malformed email messages SergeyBiryukov* Mail 4.7.2 normal normal Future Release defect (bug) accepted has-patch 2017-02-01T01:54:38Z 2017-10-12T04:31:22Z "Synopsis: WordPress’ wp_mail function uses the third party component PHPmailer 5. PHPmailer 5 relies on the standard PHP mail() function for final delivery. With PHP 7.x hosted on Windows, WordPress mails are being rejected by providers, such as Gmail, due to RFC violations. Reason: PHPmailer->LE (Version 5) defaults to a lone ""LF"" (\n) as the end-of-line character. That is in violation of SMTP, which expressly forbids lone LF characters. This known error in PHPmailer 5 and has been be resolved with (not yet released) PHPmailer 6. Fortunately for WP (and other CMS'), Linux has an operating system default of ""LF"", so its mailer programs have always translated lone LF to CR/LF when creating SMTP data streams. And, in PHP 5, the Windows implementation of mail() has always ""fixed"" lone ""LF"" by replacing them with CR/LF. Consequently, WordPress (et al) have worked in both environments. As of PHP 7, the Windows implementation of mail() requires standards compliant input and no longer fixes malformed headers. The lone ""LF"" characters of the incorrect PHPmailer 5 defaults now ""bleed"" through and result in malformed SMTP data streams. (Linux is not effected, because PHP continues to launch the operating system's mailer programs.) At a future time PHPmailer 6 will be the final solution. In the meantime, WordPress wp_mail needs to explicitly set $phpmailer->LE = '\r\n' right after this line: $phpmailer = new PHPMailer( true ); " Andy Schmidt Future Releases 15448 wp_mail() sets Content-Type header twice for multipart emails SergeyBiryukov Mail normal normal Future Release enhancement reviewing has-patch 2010-11-17T12:15:04Z 2020-09-17T00:43:40Z "When trying to send emails via `wp_mail()` with a Content-Type of multipart/alternative, the Content-Type header will be set with `$phpmailer->ContentType`, and again with `$phpmailer->AddCustomHeader()`, which causes two Content-Type headers in the email: {{{ Content-Type: multipart/alternative; boundary=""example_boundary"" Content-Type: multipart/alternative; charset="""" }}} This appears to cause errors in Outlook, as there is no boundary on the latter. The cause of this is `PHPMailer::GetMailMIME()`, as it does not know that the email is a multipart email. The easiest way to achieve this appears to be to simply allow the user to set the AltBody via `wp_mail()`. In order to achieve backwards compatibility, `wp_mail()` should work out which part is the text/plain one and which is the text/html one based on the boundary. I'll be working on a patch for this." rmccue Future Releases 47605 Email sender name change with site title in wp-includes/pluggable.php Mail 2.2 normal normal Awaiting Review feature request new has-patch 2019-06-25T06:12:20Z 2020-01-03T10:00:08Z "A variable $from_name has default WordPress name as sender on line 316 in file name pluggable.php exist in wp-include folder. Where there is a line replacement with site name of WordPress website. The result will show in email with Site title of website in email of sender name." viitorcloudvc Future Releases 47527 Add visible class to media library sidebar on library frames joemcgill Media 5.3 normal normal Future Release defect (bug) reviewing has-patch 2019-06-11T20:42:27Z 2021-04-27T20:12:16Z "The visible class as the code comment specifies is used to ""''Show the sidebar on mobile''"". This ensures that when a user selects an image on the media library even on mobile, the user can still see the image/file details. This class is only added for insert frames. Insert frames are used by the classic editor to insert images, audio, and the media widgets also use them. Most tutorials I checked related to media library usage in plugins end up using the ""library"" frame, so I guess most plugins use this frame. The block editor also uses the library frame most of the times, so the block editor contains a bug where on mobile the media sidebar with the details of the selected file does not appear. I think this bug will also affect the media sidebar of most WordPress plugins. I don't think there is a reason to not add the visible class in the library frame, and in my tests, I did not found any regression with this change. With these changes when we are on a small screen e.g:600px, we add an image block on the block editor, we press the media upload button to open the media library and then we select a file we are able to see the file details, without this changes we don't see the sidebar at all. More details of the issue are available in the Gutenberg repository https://github.com/WordPress/gutenberg/issues/10232." jorgefilipecosta Future Releases 44790 Attachment Overlay does not trigger spinner for compat fields Media normal normal Future Release defect (bug) new close 2018-08-14T08:03:53Z 2023-10-19T18:35:25Z "we are using ACF and some other custom fields in the attachment library, when we change values of those ""compat"" fields - the spinner/loader does not show up, which leads to the situation that the editor/user, may think everything is saved, and clicks assign/close to the overlay, and behind the overlay he/she may click on publish, which in some situations cancels the XHR requests and leads to data loss. i have prepared a patch, not 100% sure if it is in the right place, let me know if you'd want me to adopt/change anything." hjanuschka Future Releases 44641 Customizing Button Text in Custom Media Manager Frame Doesn't Work Anymore antpb Media 4.9.7 normal normal Future Release defect (bug) assigned dev-feedback 2018-07-25T12:16:47Z 2022-01-30T16:52:29Z "= Summary I have a plugin that calls up the Media Manager. I use the ""gallery"" state, and customize the main button text via the `wp.media` arguments. I've noticed a regression. The text in the primary button is no longer overridden by the arguments that I pass. = What I'm Doing (Code is simplified) {{{ var file_frame = wp.media.frame = wp.media({ frame: 'post', state: 'gallery', library : { type : 'image'}, button: {text: 'Edit Image Order'}, // <----- LINE IN QUESTION multiple: true }); file_frame.open(); }}} = What Should Happen The text inside the primary button in the media manager modal should change from ""Create a new Gallery"" to ""Edit Image Order"". [[Image(https://imgur.com/faJevb7)]] = What Actually Happens The button ignores my arguments and retains its default text. [[Image(https://imgur.com/6gLdtLv)]] " Kelderic Future Releases 35959 Functon 'wp_generate_attachment_metadata(...)' silently swallowing errors from 'wp_get_image_editor(...)'. Media 3.5 normal normal Awaiting Review defect (bug) new has-patch 2016-02-26T05:11:54Z 2017-11-12T19:47:33Z "So the function {{{wp_generate_attachment_metadata(...)}}} in {{{wp-admin/includes/image.php}}} is silently ignoring / swallowing errors from the function {{{wp_get_image_editor(...)}}}. The logic is here: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/image.php?rev=36429#L123 This ignoring of these particular errors prevents user notification in the UI when image thumbnails could not be regenerated due to error ""{{{No editor could be selected}}}"" that is returned from the function {{{wp_get_image_editor(...)}}} when the PHP environment on the server is lacking graphics support. So the thumbnails are not getting regenerated, and because of this bug, there is notification to the user as to that fact or as to why. I looked this up in the history, and noticed that this bug is present since this revision: https://core.trac.wordpress.org/changeset/22192 What's odd is that this revision does add logic to relay these errors in its 1st change (to the function {{{wp_crop_image(...)}}}) in {{{trunk/wp-admin/includes/image.php}}}, but not in the 3rd change in that file (to the function {{{wp_generate_attachment_metadata(...)}}}). Not sure why the error is not being relayed there as well. " maratbn Future Releases 39625 Give an error message when a non-image is uploaded for featured image Media normal normal Future Release defect (bug) new has-patch 2017-01-18T15:04:41Z 2023-06-07T15:22:53Z "I was able to upload a video but it didn't error, it just didn't show. I feel we should give some feedback that this isn't supported. Yes, it doesn't add the video but it shouldn't just reshow the 'add' call. This is what you see after having seemingly gone through upload working - the video shows in media browser. [[Image(https://cldup.com/272Cq89Sl0.png, 40%)]]" karmatosed Future Releases 27914 Information about image is jumping in media modal joedolson* Media 3.5 normal normal 6.6 defect (bug) accepted has-patch 2014-04-19T11:58:57Z 2024-03-01T22:03:35Z "When changing title or caption, changes are saved automatically, but information about image is jumping and it is very distracting. It is caused by ""Saved."" message which is displayed for a sec. See attached screenshots." pavelevap Future Releases 39647 "Make media upload ""HTTP error."" more user-helpful" Media 3.4 normal normal Future Release defect (bug) new has-patch 2017-01-20T06:58:59Z 2019-09-25T16:18:14Z "Since the introduction of the Media Gallery in WordPress 3.4, the error messages when users attempt to upload media have been reduced to a detail-less “HTTP error.”, without any suggestion as to how users can move forward, and limited information for users to be able to contact their hosts to get help. This is user hostile, and not in line with many of the assertions in [https://wordpress.org/about/philosophy/ WordPress Philosophy]. There’s no doubt that error messages must exist, but they should be useful, providing next steps for users. A few possible parts/steps of this: - Retry - Auto Retry - Better error messages where possible (Timeout, Out of Memory, in user terms) - Expand for Exact Details to give to host (or WP_DEBUG enables this?) - Troubleshooting Steps, or link to troubleshooting steps This should be possible to accomplish in stages, which will likely each need their own tickets. One of the first steps for ""Retry"" is to make image upload/thumbnail creation able to be resumed, rather than only adding the meta after all sizes are created." kirasong Future Releases 39968 Media Library: deleting all items on the last page loses the pagination/navigation buttons and shows message antpb Media 4.7.2 normal normal Future Release defect (bug) reopened has-patch 2017-02-26T14:10:59Z 2021-02-25T15:14:07Z "While deleting all items on the last page of Media Library, the page loses the pagination/navigation buttons and shows the message ""No Media Files found"" with no way to access the earlier pages other than by going back to the ""Media"" link" donsony Future Releases 50866 Media Uploader Blows Up File Sizes antpb Media 5.4.2 normal major Future Release defect (bug) assigned dev-feedback 2020-08-06T03:06:49Z 2022-04-27T05:49:21Z "Dear Developers, this is a flaw in the media uploader that is very simple to reproduce: create a 512x512 PNG image with best compression, make sure that your wordpress is set to create small, medium, and large versions of that image, set one of those versions to be also 512x512px, so when you upload a 512x512px image the media manager will create a copy of that image with the same size. upload the image. wordpress's uploader will not use the original 512x512px PNG image when this size is requested by a page, but instead it will use its own 512x512px image that it has created, and compare sizes - the media uploader's PNG image file is at least 3x-4x times bigger, and wordpress will use that bigger image file instead of the smaller original of the same dimensions, and better compression. Please, could you fix that? Thank you" hvar Future Releases 24688 Memory exhaustion caused by very many unattached media Media 2.5 normal normal Future Release defect (bug) new has-patch 2013-07-04T18:20:09Z 2018-10-08T09:35:20Z "A blog with over 30,000 unattached images was exhausting available memory on unattached attachment pages. The exhaustion occurred in `previous_image_link() -> adjacent_image_link() -> get_children()` due to the large number of rows selected with `post_parent=0`. This is not the only place where `get_posts()` might be called with `post_parent=0`. A similar query appears in `twentythirteen_the_attached_image()` but the effect is wisely mitigated by `fields=ids`. Earlier, `twentyten/loop-attachment.php` called `get_children()` with `post_parent=0` on unattached image pages which is horribly inefficient when there are many unattached images. Attached patch depends on #24687. The change to `adjacent_image_link()` creates a MySQL query which selects only the desired row. This fixes the memory exhaustion error on the blog with 30,000 unattached images. The once-only filters would be unnecessary if WP_Query accepted arbitrary extra WHERE strings." andy Future Releases 35593 Metadata from wrong file in media_handle_upload Media normal normal Awaiting Review defect (bug) reviewing has-patch 2016-01-24T15:14:20Z 2023-02-06T15:07:08Z "In media_handle_upload and media_handle_sideload the attachment metadata is generated after inserting the attachment. For that the same file name is used. However, if a plugin changes the filename in an `add_attachment` hook the wrong file name will be used. Thus the wrong metadata is written or it is cleared. See wp-admin/includes/media.php: {{{ 368 // Save the data 369 $id = wp_insert_attachment($attachment, $file, $post_id); 370 if ( !is_wp_error($id) ) { 371 wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) ); 372 } }}} In my patch I query the filename again before updating the metadata. " normanrz Future Releases 55290 Not all image edits are applied to all subsizes joedolson* Media normal normal Future Release defect (bug) accepted needs-unit-tests 2022-03-01T22:05:28Z 2024-02-05T20:24:32Z "When editing an image using the admin editor, not all edits are applied correctly to all image subsizes. Specifically, the problem occurs when an edit results in a smaller size than the defined image size. Given the following image subsizes, and the attached image. {{{ => array(6) { [""thumbnail""]=> array(3) { [""width""]=> int(150) [""height""]=> int(150) [""crop""]=> bool(true) } [""medium""]=> array(3) { [""width""]=> int(300) [""height""]=> int(300) [""crop""]=> bool(false) } [""medium_large""]=> array(3) { [""width""]=> int(768) [""height""]=> int(0) [""crop""]=> bool(false) } [""large""]=> array(3) { [""width""]=> int(1024) [""height""]=> int(1024) [""crop""]=> bool(false) } [""1536x1536""]=> array(3) { [""width""]=> int(1536) [""height""]=> int(1536) [""crop""]=> bool(false) } [""2048x2048""]=> array(3) { [""width""]=> int(2048) [""height""]=> int(2048) [""crop""]=> bool(false) } } }}} ''The defined sizes above are the ones coming by default with the setting provided below. '' == Steps to replicate the problem: 1. Upload the image into your installation. 2. After the image is uploaded, click on edit to open the image editor or go to the image editor from within the media library. 3. Click on Edit image 4. Click on rotate image (either right or left) only once. 5. Make sure the changes are applied to all images by checking that the setting Apply changes to: All image sizes is set 6. Click on save After the image is saved observe the changes were applied only to the following image sizes: - `thumbnail` - `medium` - `large` - `full` The only size that was not updated as expected was: - `medium_large` == Setup {{{ ### wp-core ### version: 5.9.1 site_language: en_US user_language: en_US timezone: +00:00 permalink: /%year%/%monthnum%/%day%/%postname%/ https_status: true multisite: false user_registration: 0 blog_public: 1 default_comment_status: open environment_type: production user_count: 1 dotorg_communication: true ### wp-paths-sizes ### wordpress_path: /app wordpress_size: 152.90 MB (160327567 bytes) uploads_path: /app/wp-content/uploads uploads_size: 22.75 MB (23851112 bytes) themes_path: /app/wp-content/themes themes_size: 6.47 MB (6780262 bytes) plugins_path: /app/wp-content/plugins plugins_size: 208.42 MB (218539593 bytes) database_size: 3.96 MB (4149380 bytes) total_size: 394.49 MB (413647914 bytes) ### wp-active-theme ### name: Twenty Twenty-Two (twentytwentytwo) version: 1.0 (latest version: 1.1) author: the WordPress team author_website: https://wordpress.org/ parent_theme: none theme_features: core-block-patterns, post-thumbnails, responsive-embeds, editor-styles, html5, automatic-feed-links, block-templates, widgets-block-editor, wp-block-styles, editor-style theme_path: /app/wp-content/themes/twentytwentytwo auto_update: Disabled ### wp-themes-inactive (3) ### Twenty Nineteen: version: 2.2, author: the WordPress team, Auto-updates disabled Twenty Twenty: version: 1.9, author: the WordPress team, Auto-updates disabled Twenty Twenty-One: version: 1.5, author: the WordPress team, Auto-updates disabled ### wp-plugins-inactive (1) ### Performance Lab: version: 1.0.0-beta.1, author: WordPress Performance Group, Auto-updates disabled ### wp-media ### image_editor: WP_Image_Editor_Imagick imagick_module_version: 1691 imagemagick_version: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org imagick_version: 3.7.0 file_uploads: File uploads is turned off post_max_size: 100M upload_max_filesize: 100M max_effective_size: 100 MB max_file_uploads: 20 imagick_limits: imagick::RESOURCETYPE_AREA: 122 MB imagick::RESOURCETYPE_DISK: 1073741824 imagick::RESOURCETYPE_FILE: 786432 imagick::RESOURCETYPE_MAP: 512 MB imagick::RESOURCETYPE_MEMORY: 256 MB imagick::RESOURCETYPE_THREAD: 1 imagemagick_file_formats: 3FR, 3G2, 3GP, AAI, AI, APNG, ART, ARW, AVI, AVIF, AVS, BGR, BGRA, BGRO, BIE, BMP, BMP2, BMP3, BRF, CAL, CALS, CANVAS, CAPTION, CIN, CIP, CLIP, CMYK, CMYKA, CR2, CR3, CRW, CUR, CUT, DATA, DCM, DCR, DCX, DDS, DFONT, DJVU, DNG, DOT, DPX, DXT1, DXT5, EPDF, EPI, EPS, EPS2, EPS3, EPSF, EPSI, EPT, EPT2, EPT3, ERF, EXR, FAX, FILE, FITS, FRACTAL, FTP, FTS, G3, G4, GIF, GIF87, GRADIENT, GRAY, GRAYA, GROUP4, GV, H, HALD, HDR, HEIC, HISTOGRAM, HRZ, HTM, HTML, HTTP, HTTPS, ICB, ICO, ICON, IIQ, INFO, INLINE, IPL, ISOBRL, ISOBRL6, J2C, J2K, JBG, JBIG, JNG, JNX, JP2, JPC, JPE, JPEG, JPG, JPM, JPS, JPT, JSON, K25, KDC, LABEL, M2V, M4V, MAC, MAGICK, MAP, MASK, MAT, MATTE, MEF, MIFF, MKV, MNG, MONO, MOV, MP4, MPC, MPG, MRW, MSL, MSVG, MTV, MVG, NEF, NRW, NULL, ORF, OTB, OTF, PAL, PALM, PAM, PANGO, PATTERN, PBM, PCD, PCDS, PCL, PCT, PCX, PDB, PDF, PDFA, PEF, PES, PFA, PFB, PFM, PGM, PGX, PICON, PICT, PIX, PJPEG, PLASMA, PNG, PNG00, PNG24, PNG32, PNG48, PNG64, PNG8, PNM, POCKETMOD, PPM, PREVIEW, PS, PS2, PS3, PSB, PSD, PTIF, PWP, RADIAL-GRADIENT, RAF, RAS, RAW, RGB, RGBA, RGBO, RGF, RLA, RLE, RMF, RW2, SCR, SCT, SFW, SGI, SHTML, SIX, SIXEL, SPARSE-COLOR, SR2, SRF, STEGANO, SUN, SVG, SVGZ, TEXT, TGA, THUMBNAIL, TIFF, TIFF64, TILE, TIM, TTC, TTF, TXT, UBRL, UBRL6, UIL, UYVY, VDA, VICAR, VID, VIDEO, VIFF, VIPS, VST, WBMP, WEBM, WEBP, WMF, WMV, WMZ, WPG, X, X3F, XBM, XC, XCF, XPM, XPS, XV, XWD, YCbCr, YCbCrA, YUV gd_version: bundled (2.1.0 compatible) gd_formats: GIF, JPEG, PNG, WebP, BMP ghostscript_version: 9.53.3 ### wp-server ### server_architecture: Linux 5.15.12-1-MANJARO x86_64 httpd_software: nginx/1.17.10 php_version: 7.4.28 64bit php_sapi: fpm-fcgi max_input_variables: 10000 time_limit: 3 memory_limit: 1G max_input_time: 900 upload_max_filesize: 100M php_post_max_size: 100M curl_version: 7.74.0 OpenSSL/1.1.1k suhosin: false imagick_availability: true pretty_permalinks: true ### wp-database ### extension: mysqli server_version: 10.3.27-MariaDB client_version: mysqlnd 7.4.28 max_allowed_packet: 33554432 max_connections: 151 ### wp-constants ### WP_HOME: undefined WP_SITEURL: undefined WP_CONTENT_DIR: /app/wp-content WP_PLUGIN_DIR: /app/wp-content/plugins WP_MEMORY_LIMIT: 40M WP_MAX_MEMORY_LIMIT: 1G WP_DEBUG: true WP_DEBUG_DISPLAY: true WP_DEBUG_LOG: true SCRIPT_DEBUG: false WP_CACHE: false CONCATENATE_SCRIPTS: undefined COMPRESS_SCRIPTS: undefined COMPRESS_CSS: undefined WP_ENVIRONMENT_TYPE: Undefined DB_CHARSET: utf8mb4 DB_COLLATE: undefined ### wp-filesystem ### wordpress: writable wp-content: writable uploads: writable plugins: writable themes: writable mu-plugins: writable }}} " mitogh Future Releases 36477 Responsive images (srcset) can include images larger than the full size Media 4.4.2 normal normal Future Release defect (bug) assigned needs-unit-tests 2016-04-11T13:27:58Z 2023-09-01T15:35:00Z "In many cases, I saw the resized and smaller images are much larger than the origin image, especially for the optimized images, it will make no sense to do that resize in this case, the worst case I've seen is about 13x larger than the origin and bigger image. If an example can help to explain the problem, please take this picture: https://cdn2.peterdavehello.org/wp-content/uploads/2016/04/status.png Many thanks!" peterdavehello Future Releases 46971 Selected Image gets overflow in Edit Image in Media upload - iPhone - 6/7/8 Media normal normal Awaiting Review defect (bug) new dev-feedback 2019-04-18T09:01:10Z 2019-04-30T17:27:52Z "Hello, While we edit image from admin dashboard (Dashboard > Media > Library - edit), the selected image gets overflow in iPhone-6/7/8 portrait mode. So for that, we can apply max-width: 100%. Thanks, Shashank." shashank3105 Future Releases 60291 Support Lossless WebP in WP_Image_Editor_GD Media 5.8 normal normal 6.6 defect (bug) new needs-unit-tests 2024-01-19T01:08:14Z 2024-02-19T17:09:20Z "While WordPress has supported WebP lossless since WebP support was introduced in WP 5.8 (https://make.wordpress.org/core/2021/06/07/wordpress-5-8-adds-webp-support/) - outputting lossless sub-size image when you upload a lossless WebP - this only worked correctly when Imagick was installed as at the time lossless was not supported in PHP's bundled GD. PHP's bundled GD supports lossless output for WebP images since PHP 8.1, see see php.watch/versions/8.1/gd-webp-lossless. The capability to handle lossless WebPs can be detected in GD by the presence of the `IMG_WEBP_LOSSLESS` constant. To fix this - similar to Imagick, GD should output WebP lossless images when lossless WebP images are uploaded. " adamsilverstein Future Releases 60158 The description field for media doesn't automatically make paragraphs in the generated code joedolson* Media normal normal Awaiting Review defect (bug) accepted needs-unit-tests 2023-12-27T11:47:53Z 2024-02-12T21:00:48Z "There are two ways to edit a media: - via a modal window where all the contribution fields are only simple textareas; - via a dedicated web page where ""alternative text"" and ""caption"" fields are simple textareas and the ""description"" field is a WYSIWYG editor in text mode where TinyMCE is deactivated. For some media, you can need to add a long description just like a transcript (for videos, audios, complex images like infographic, etc.). So, in these cases, the description field can be used because it's totally appropriate. But, there is a problem: usually, in editor fields, the paragraphs (<p> elements) are automatically added when you display the web page (in the front view). In this field, they are not. For accessibility reason, paragraphs need to be HTML paragraphs ([https://www.w3.org/WAI/WCAG21/Understanding/info-and-relationships.html WCAG Success Criterion 1.3.1: Info and Relationships (level A)]). I've tried to modify the code in the core to add TinyMCE that is explicitly deactivated and this is fixing the problem. It's in wp-admin/includes/media.php, on line 3261 where you can just change ""false"" to ""true"" for ""tinymce"": {{{#!php <?php $quicktags_settings = array( 'buttons' => 'strong,em,link,block,del,ins,img,ul,ol,li,code,close' ); $editor_args = array( 'textarea_name' => 'content', 'textarea_rows' => 5, 'media_buttons' => false, 'tinymce' => false, 'quicktags' => $quicktags_settings, ); }}} So, is it possible to activate TinyMCE for this field? Why is it deactivated? Or, if it's not possible, is it possible to make this option hookable? Thank you " juliemoynat Future Releases 34981 Usage of `image_size_names_choose` breaks JS attachment model attributes Media 4.3.1 normal normal Future Release defect (bug) assigned has-patch 2015-12-10T16:31:31Z 2022-08-03T21:11:43Z "Here's a small use case that shows how the issue arise. I want to limit the options of image sizes in the default media modal to so I use the filter `image_size_names_choose` provided in `wp-admin/includes/media.php` and remove the sizes `thumbnail` and as well as `medium`. This brings me the expected result: [[Image(https://naber.pegasus.uberspace.de/fs/public/images/2015/limit-attachment-sizes.png)]] With this I have now the problem, that for every thumbnail image in the media library (mode: grid) the large image source is used which is a performance issue if there are more than a couple of images in the library. The reason is, that the same filter `image_size_names_choose` is also applied to each image in `wp_prepare_attachment_for_js()` and therefore the attachment model does not reflect all available image sizes (`console.log( attachment.sizes )`: [[Image(https://naber.pegasus.uberspace.de/fs/public/images/2015/attachment-model-sizes.png)]] Here's a plugin that reproduces the issue in a clean WordPress (4.4) install: `wp-content/plugins/image_sizes_issue/image_sizes_issue.php`: {{{#!php <?php /** * Plugin Name: Image sizes issue */ add_filter( 'image_size_names_choose', function( $sizes ) { unset( $sizes[ 'medium' ] ); unset( $sizes[ 'thumbnail' ] ); return $sizes; } ); add_action( 'admin_enqueue_scripts', function() { wp_enqueue_media(); wp_enqueue_script( 'image_size_test', plugins_url( '/image_sizes_issue.js', __FILE__ ), [ 'jquery' ] ); } ); }}} `wp-content/plugins/image_sizes_issue/image_sizes_issue.js`: {{{ ( function( $, wp ) { $( function() { var image = wp.media.model.Attachment.get( '4' ); var promise = image.sync( 'read', image ); promise.then( function( results ) { console.log( results.sizes ); } ); } ); } )( jQuery, window.wp = window.wp || {} ); }}} For what I see, the filter `image_size_names_choose` is meant to affect the default UI for customization purpose. At least the name of the filter and the name of the function `image_size_input_fields()` (introduced in 2.7) suggests that. In contrast to that, `wp_prepare_attachment_for_js()` prepares the data structure for the Javascript API. I'm sure there's some reason to apply the filter there, but I have no idea what this reason could be. A possible, backward compatible solution could be, to pass a second argument to the filter to specify the context, the filter is applied in. I detected this behaviour in 4.3.1 but I think it go back to 3.5 when `wp_prepare_attachments_for_js()` was introduced. " dnaber-de Future Releases 51929 Video links on Attachment pages Media 5.6 normal normal Future Release defect (bug) new has-patch 2020-12-03T22:22:40Z 2020-12-18T19:10:40Z "1) When i have click on this link. https://prnt.sc/vvcm0w 2) Show me just a link then video, Also content width issue. https://prnt.sc/vvclat" ravipatel Future Releases 28474 WordPress destroys animation in animated GIF when it resizes Media 3.9.1 normal normal Future Release defect (bug) assigned has-patch 2014-06-06T20:12:39Z 2023-12-07T16:43:11Z When uploading animated GIFs to WordPress and then resizing them, the end result is the resized versions lose all frames and become static. This is a bug and should be fixed to allow animated GIFs to be resized properly. archon810 Future Releases 55492 `Dismiss Errors` button alignment is not centered in Media Library. Media 5.9.2 normal normal Awaiting Review defect (bug) reopened has-patch 2022-03-31T04:20:58Z 2022-05-11T07:15:04Z "When I drag/upload an SVG image in the Media library then it shows a mime types error and the ""Dismiss Errors"" button is not aligned properly." iamjaydip Future Releases 51058 attachment_url_to_postid does not retrieve post ID of really large images Media 5.3 normal normal Awaiting Review defect (bug) new has-patch 2020-08-19T02:12:58Z 2021-11-14T13:59:45Z "Since WordPress now sets the `_wp_attached_file` meta value for very large images to use the scaled image: {{{ amazing-road-in-pure-nature-picjumbo-com.jpg }}} becomes {{{ amazing-road-in-pure-nature-picjumbo-com-scaled.jpg }}} any function which uses `attachment_url_to_postid` on a large image URL will not properly retrieve the image's post ID. Use case: I use this function after removing intermediate image size strings to get the post ID of the uploaded image. I'm currently getting around this issue by inserting `-scaled` into the image URL and running the function again if a post ID is not returned, but I would prefer if WP could account for this, please. Alternatively, if the WordPress function could manage the intermediate size conversion on its own, that would also resolve the issue by removing the need to remove it in the first place." littler.chicken Future Releases 59195 deprecation notice triggered in post.php by passing null to parameter #2 in preg_match() Media 6.3 normal normal Awaiting Review defect (bug) new changes-requested 2023-08-24T20:01:52Z 2024-02-15T17:32:16Z "I've trying to force myself to use PHP 8.2 to get our plugins into shape, but am still running into a deprecation notice in post.php when viewing the Media Library in list mode: {{{ PHP Deprecated: preg_match(): Passing null to parameter #2 ($subject) of type string is deprecated in /sites/test.example.com/files/wp-includes/post.php on line 3298 }}} Checking if $real is true before preg_match() is run seems to fix this particular one, but maybe to be safe an is_string( $real ) should be run also?" nosilver4u Future Releases 54943 image_get_intermediate_size(): size data is a bool, not an array throws notice / warning Media 5.9 normal normal Awaiting Review defect (bug) new needs-unit-tests 2022-01-27T08:03:50Z 2023-08-07T19:20:26Z "While testing my website on PHP 8.0 (in my example opening the blog page), I noticed the following two warnings in the error log: {{{ [27-Jan-2022 08:56:34] WARNING: [pool xxx] child 1031078 said into stderr: ""PHP message: PHP Warning: Trying to access array offset on value of type bool in /var/www/xxx/wp-includes/media.php on line 779"" [27-Jan-2022 08:56:34] WARNING: [pool xxx] child 1031078 said into stderr: ""PHP message: PHP Warning: Trying to access array offset on value of type bool in /var/www/xxx/wp-includes/media.php on line 785"" }}} PHP 7.4 throws a Notice. I also noticed with a fresh install of wordpress. " fhwebdesign Future Releases 40590 "wp_video_shortcode always adds controls=""controls""" Media 4.7.4 normal normal Future Release defect (bug) new has-patch 2017-04-27T22:05:01Z 2019-01-17T21:21:54Z "wp_video_shortcode always adds `controls=""controls""` to the `<video>` tags it generates. The user should be able to pass in a value to `$attr` to disable output of `controls=""controls""`." paulschreiber Future Releases 39004 Alt attributes should be searchable in media library joedolson* Media 3.0 normal normal Future Release enhancement accepted has-patch 2016-12-01T15:58:50Z 2023-10-18T15:41:48Z "The alt attribute is intended to be the alternative replacement value for an image. As such, if you're managing an image library correctly, it would be entirely reasonable that most images would have an alt attribute but no caption or description. However, this means that your only searchable field is the image title. " joedolson Future Releases 9257 EXIF GPS data Media 2.7 normal normal Awaiting Review enhancement assigned dev-feedback 2009-03-01T19:30:17Z 2024-03-06T16:33:55Z "Attached patch adds GPS longitude and latitude to image meta data. Changed: wp_read_image_metadata function (file: wp-admin/includes/image.php). It complies with exif standard: [http://www.exif.org/Exif2-2.PDF] (page 46) Commented on wp-hackers list: [http://comox.textdrive.com/pipermail/wp-hackers/2009-March/025093.html]" B-Scan Future Releases 40415 Imagick resize filter hook Media 4.7.3 normal normal Future Release enhancement new reporter-feedback 2017-04-11T16:57:07Z 2022-04-12T13:14:37Z "As of ticket #33642, WordPress 4.5 introduces the `thumbnail_image()` function within the `WP_Image_Editor_Imagick` class. This function uses the default imagick filter `FILTER_TRIANGLE` to assists the image resizing process. Within the `thumbnail_image()` is even declared a list of allowed filters that actually are absolute unsued due to the fact that wordpress uses only the default filter `FILTER_TRIANGLE`. The filter list is {{{ 'FILTER_POINT' 'FILTER_BOX' 'FILTER_TRIANGLE' 'FILTER_HERMITE' 'FILTER_HANNING' 'FILTER_HAMMING' 'FILTER_BLACKMAN' 'FILTER_GAUSSIAN' 'FILTER_QUADRATIC' 'FILTER_CUBIC' 'FILTER_CATROM' 'FILTER_MITCHELL' 'FILTER_LANCZOS' 'FILTER_BESSEL' 'FILTER_SINC' }}} Resizing image using the default filter often gives as a result a softly blurry thumbnail image. this blur effect became more visible as the thumbnail size increase. Using filter like `FILTER_HAMMING` or `FILTER_SINC` the blur effect disappear, giving a great resizing result. To better improve the use of the resizing process and to give any users the ability to choose which type of filter to use, I think that could be implemented the following filter hook: {{{ $filter_name = apply_filters('image_resize_filter', $filter_name); }}} that will give an opportunity to change this filter before the resizing process will perform. This filter should be implemented at the beginning (line 1) of the `thumbnail_image()` function. This way everyone can, optionally, change the imagick resize filter easily." virgodesign Future Releases 39963 MIME Alias Handling Media normal normal Future Release enhancement reopened has-patch 2017-02-24T19:47:12Z 2022-06-08T12:42:49Z "WordPress currently only supports a single MIME type for a given extension. This is good enough in many cases, but begins to cause problems like #39550 when a library references an alternative MIME type (like audio/mpeg vs audio/mp3). We probably don't want to introduce changes to the basic MIME functions as that could have crazy-far-reaching consequences, but we could add a `wp_check_mime_alias($filename, $mime, $allowed_mimes)` function, and query it in places where validation-by-MIME is happening. This would require a comprehensive collection of MIMEs, past, present, vernacular, etc. I am actually already maintaining such a database for another PHP library that combines results from Nginx, Apache, freedesktop.org, and IANA. So let's start from the assumption that the necessary data already exists for retrieving all possible MIME types for a given extension. I can whip up a patch with the added functionality, but wanted to first get some feedback on where/how the data should be incorporated (it is a rather big list, a PHP array would go on for miles.. I'm keeping it in a JSON file currently), and what existing areas might need to plug into that. @joemcgill, do you have any initial thoughts?" blobfolio Future Releases 58416 Media Title field should soft wrap in Media Modal: For better readability/editing of long titles. Media 3.5 normal normal Awaiting Review enhancement new needs-unit-tests 2023-05-26T20:48:37Z 2023-06-13T11:08:12Z "**Usability Issue:** - In the **Media Modal** the **Title** field currently is an `<input type=text>` and as such is single line only. - Scrolling a ~50 character long title within a ~20 char text field sucks. - Soft wrapping would really benefit longer media titles in terms of instant readability and easy editing. **Solution Approaches:** 1. Leaving it a `<input type=text>` and tweak it to soft wrapping with CSS only. - I found the [https://stackoverflow.com/questions/5286663/wrapping-text-inside-input-type-text-element-html-css exact same request on StackOverflow] for HTML in general (CMS agnostic) - Pure [https://stackoverflow.com/a/31814539/199400 CSS solutions for this] which once worked, became unsupported around 2016 in major browsers. - Bottom line: `<input type=text>` is single line only and always, user agents allow no circumventions. 2. Alternative approach: Use a `<textarea>` with its built in soft-wrapping and resize-ability, integrated with contemporary responsive web design techniques, and ensure that the user can not unintentionally insert linebreaks. - This seems to be the viable solution. - Googled & DuckDuck'ed CMS-agnostic, but by coincidence found [https://wordpress.org/support/topic/textarea-disable-line-breaks/ WordPress specific solution] even. - JS which intercepts ENTER control characters. - To be ultra safe (does it need to be?) this would also need server-side validation (in case JS is bypassed somehow (un)intentionally). " abitofmind Future Releases 37840 Optimize full size images enshrined Media normal normal Future Release enhancement assigned has-patch 2016-08-26T15:12:04Z 2023-03-13T16:26:19Z "Many users upload unoptimized full size images to the media library, which can result in unnecessarily large downloads for users when the full size image is inserted in post content or when the full size image is added to `srcset` attributes. We could potentially improve things by adding a new image size to WordPress that is an optimized version of the original image and use that on the front end instead of the original uploaded image. Some considerations: * We should not modify the original uploaded file. * Consider potential server implications of adding an additional size. * Can we determine if a file is already optimized so we don't end up increasing the file size in those cases?" joemcgill Future Releases 40774 Refine error message when embedding invalid Video (URL) Media 4.8 normal normal Awaiting Review enhancement new has-patch 2017-05-16T02:11:00Z 2017-09-14T19:00:17Z "like in #40771 you get the following error when your link is invalid: {{{ Sorry, we can’t display the video file type selected. Please select a supported video file (...) or stream (YouTube or Vimeo) instead. }}} When posting an incomplete youtube link for example it's not the file type but a character wrong or missing. I propose to change the error message like in the patch attached: {{{ Sorry, either the selected file type is not supported or the video stream is invalid. Please make sure to select one of the following video file types (%1$s) or a valid stream (YouTube or Vimeo) instead. }}} " Presskopp Future Releases 54738 Unable to upload images with URL over API when the image doesn’t have a filetype in the filename Media normal normal 6.6 enhancement new has-patch 2022-01-04T15:37:53Z 2024-02-14T16:59:53Z "**Problem**: It’s not possible to upload images with URL per API when the image doesn’t have a filetype in the filename. **Elaboration**: There are some websites which don’t put filetypes inside the URL for images. For example: https://img.ricardostatic.ch/t_1800x1350/pl/1187743940/3/1/ Or: https://media.istockphoto.com/photos/coppersmith-repair-copper-kettle-on-fire-in-kashgar-in-xinjiang-picture-id1298102169?s=612x612 The format of the image is set and recognized by the browser with the MIME-Type. In theory WordPress could handle this, but unfortunately it never gets to the point where the correct MIME type is read out of the image signature. **Reason**: At the function wp_check_filetype type will always be defined as false - if there is no filetype set inside the filename. Call of the function: https://github.com/WordPress/WordPress/blob/266c58518846201a7e98cd7995ce2c7429caf1db/wp-includes/functions.php#L2984 Further down there would be a function to get back the real mime type from the signature of the image. However, the function is never called since type at this point is always false in that give case: https://github.com/WordPress/WordPress/blob/266c58518846201a7e98cd7995ce2c7429caf1db/wp-includes/functions.php#L2999 **Possible Bug**: If the filename has no filetype the function wp_get_image_mime should always be called to get the type from the signature of the image. **Following Bug**: After changing this, the filename at the upload should be extended with the filetype: https://github.com/WordPress/WordPress/blob/266c58518846201a7e98cd7995ce2c7429caf1db/wp-admin/includes/file.php#L924 Since it’s only really showing up in the library with the correct filetype." masteradhoc Future Releases 37773 Update get_avatar() to support native and registered image sizes. Media 2.5 normal normal Awaiting Review enhancement new dev-feedback 2016-08-22T21:41:26Z 2021-03-31T16:55:15Z "The get_avatar() method currently allows developers to retrieve a user's avatar of a particular size by passing in an integer value, such as `get_avatar( 'jeremy@example.com', 80 )`. In some cases, it might be useful to instead retrieve an avatar by passing in an image size registered with WordPress (e.g., thumbnail, medium, large). See attached patch. " jmichaelward Future Releases 40370 "add_image_sizes does not create the ""crop position"" versions of the image" Media 2.9 normal normal 6.6 enhancement reopened dev-feedback 2017-04-05T13:29:32Z 2024-02-12T09:04:43Z "I wanted to introduce 3 different version of post thumbnails - each with different cropping position (top, center, left) , so i added them like this: {{{#!php add_image_size( 'newscentered', 400, 400, array( 'center', 'center') ); add_image_size( 'newstop', 400, 400, array( 'center', 'top' ) ); add_image_size( 'newsbottom', 400, 400, array( 'center', 'bottom' ) ); }}} Now, whenever i use the the_post_thumbnail() with the name of my custom image size i always get the same image, cropped to the default WordPress crop position of ('center', 'center') . Why is that happening? I did 'refresh' the thumbnails and tried also uploading fresh image files and still i can't get 3 differently cropped versions of the image. I noticed that when i set the cropping defaults using the following function and set the cropping there, then it works: {{{#!php set_post_thumbnail_size( 400, 400, array('center', 'bottom')); }}} ... but it affects the cropping of all of my thumbnails, so i can only get one ""crop position"" for all my images. Guys, is this some kind of bug or do i configure something in a wrong way? I'm using the newest official WordPress version" piejesus Future Releases 43305 Accessibility Issue in Arranging the Menu Items: I need a combobox for selecting the parent item and a combobox for selecting the item position rcreators Menus normal normal 6.6 defect (bug) assigned dev-feedback 2018-02-13T07:03:23Z 2024-03-16T14:06:20Z "Hello I shall firstly thank WordPress team for their utmost attention to accessibility standards, which makes WordPress unique among all CMSs. All WordPress core features are fairly Accessible for me as a blind person who uses screen reader (JAWS), but I always have problems with rearranging the menu items. Although the menu-items are also very accessible for a blind person and I can re-arrange them very well, this process is very time consuming for me, because; for example, if I want to send a menu-item from position 16 to position 11, I have to press “Move Up” 5 times. The problem is: I don’t have any combobox that assigns the mother-item and the item-position. Therefore, I have to adjust the positions by moving each item one by one, level by level. Suppose I have a menu with lots of sub-menus and sub-items. Now, I want to add 6 new sub-items to the different menus. Of course, when I add them to the menu, they are at the end of menu. If I want to bring each item to a certain position near the center of menu, I have to click “Move up” and “Move down” one by one for many many times over and over. It takes me about 2 hours to rearrange those menu items. I hope I could explain clearly. Solution: Beside each menu item, there is a link called “Edit Menu Item”. When I click on the link, a set of options open up: move up, move down, name, etc. I would like to have two other options as well: mother-item, and position. For example, I adjust the mother-item of “Audio Translation” as “Translation”, and I adjust its position to “2”, which means subitem number 2 under “Translation”. I hope I could explain clearly what I mean. If I can adjust the menu positions with comboboxes, I will not have to click “move up” and “move down” many many times. " javad2000 Future Releases 60672 Improve menu toggle accessible name in admin menus joedolson Menus normal normal 6.6 defect (bug) assigned has-patch 2024-03-02T03:29:57Z 2024-03-12T15:08:54Z "Follow up from #32728 The Customizer accessible name format is ""Edit menu item: {item title} ({item type})"". The admin accessible name format is ""{item title} Menu item n of n"". It doesn't include the purpose of the control or the type, so the Customizer is providing better information; the admin menu needs to be updated. " joedolson Future Releases 13822 Menu items that get unpublished still appear nacin Menus 3.0 normal normal Future Release defect (bug) reopened has-patch 2010-06-10T16:30:12Z 2021-06-01T13:11:46Z "We need to properly account for menu items linked to unpublished/pending post type objects. My thought is they should probably be hidden from the frontend with an indication on the backend (like ""(Pending)"") that they are are unpublished/pending. We need to properly handle private posts too." nacin Future Releases 24146 Menu items with blank labels are removed on saving SergeyBiryukov* Menus 3.5.1 normal normal Future Release defect (bug) accepted dev-feedback 2013-04-20T22:10:09Z 2019-12-22T16:49:36Z "Hello, When edit an item of menu leaving the label in blank, the item is auto deleted. There are two problems in that: 1. I could need an item with blank title to add some class with an background image 2. When this item has subitems with two or more depth, all subitems are moved to first depth loosing submenus hierarchy. Moreover if i try to drag the subitems to make the hierarchy again, after save, all subitems come back to first depth. While i not change the depth of first item this issue occurs again. Best regards" rodrigo@… Future Releases 36202 Menus screen: fix persistence of toggles for displayed nav menu item properties ryankienstra Menus 4.4 normal normal Future Release defect (bug) assigned has-patch 2016-03-10T21:33:41Z 2018-01-03T08:13:36Z "Splitting this out from #35273. The Screen Options in nav-menus.php would need a similar treatment as the one used for the options in the Customizer. When quickly clicking on the checkboxes, multiple separate AJAX requests fire and there's no guarantee about the order they will be processed. This could lead to a non-synchronized state of the options in the Menus Screen and in the Customizer. To consider: maybe do this for all the screen options in all the admin screens? For details, see #35273 and the solution implemented in [36908]. " afercia Future Releases 39077 Navigation menu items should be defined as being hierarchical Menus 3.0 normal normal Future Release defect (bug) new dev-feedback 2016-12-04T21:20:29Z 2019-01-14T06:07:22Z "Menu items are hierarchical in nature, as each menu item can be attached as a child to a parent item. This is what allows one to build submenus at differing levels. These hierarchical relationships are persisted into the database using the `post_parent` column to attach parent IDs to child IDs. However, when the `nav_menu_item` is registered during the bootstrapping process, it is defined as being `hierarchical => false`, which is conceptually wrong. It just happens to be irrelevant, because the user interface for menus is a custom implementation that considerably differs from standard post list tables. As these `nav_menu_item` elements might need to be iterated over through other means than the menu UI, they should be correctly represented as being hierarchical in nature (and thus making use of the `post_parent` database table column)." schlessera Future Releases 39196 When saving large menus the JSON encoded string was not used. related to #14134 Menus 4.5 normal normal Awaiting Review defect (bug) new has-patch 2016-12-09T09:24:44Z 2017-07-05T00:06:02Z "This is a follow-up to #14134. The solution proposed in #14134 is not properly working. This is because the values of the JSON string are replacing $_POST but later on $_REQUEST was being used. The only reason it seemed to still work is because the post action of the form was populating all the variables, but still failed when the apache, php or suhosin were reached. In the proposed solution only the JSON string, menu ID and action are submitted by post and then $_POST and $_REQUEST are populated with the data. " budaned Future Releases 38486 current_page_parent class wrongly added to menu item williampatton Menus 4.6.1 normal normal Awaiting Review defect (bug) assigned needs-unit-tests 2016-10-25T15:46:20Z 2020-07-31T16:06:44Z "If the current page being viewed is either of the following: - a custom post type archive - a custom post type single item a {{{current_page_parent}}} class is added to the menu item assigned as the {{{page_for_posts}}}. I believe this is wrong because the page assigned as the {{{page_for_posts}}} is associated with ''posts'' only. It has nothing to do with CPTs." henry.wright Future Releases 38057 'wp_update_nav_menu' action returns inconsistent number of arguments johnbillion Menus 4.6 normal normal Future Release enhancement reviewing has-patch 2016-09-14T16:13:56Z 2023-02-09T13:31:46Z "The 'wp_update_nav_menu' action is fired in two places with a different amount of arguments. - [https://core.trac.wordpress.org/browser/branches/4.6/src/wp-includes/nav-menu.php#L348 wp-includes/nav-menu.php] `do_action( 'wp_update_nav_menu', $menu_id, $menu_data );` - [https://core.trac.wordpress.org/browser/branches/4.6/src/wp-admin/includes/nav-menu.php#L1070 wp-admin/includes/nav-menu.php] `do_action( 'wp_update_nav_menu', $nav_menu_selected_id );` The first one passes along the menu id and menu data, where the second one only returns the menu id. " barryceelen Future Releases 59522 Bug handling multisites where main site URL and main blog URL are different Networks and Sites 6.3 normal normal Awaiting Review defect (bug) new has-patch 2023-10-03T10:34:20Z 2024-01-30T17:00:13Z "WordPress 6.3 and up appear to break handling of multisites where the `BLOG_ID_CURRENT_SITE` and the domain and path for the network in the `wp_site` table do not point at the same blog. It treats the the site configured in `wp_site` as if it is also the main blog in the network (over-riding `BLOG_ID_CURRENT_SITE`). This results in image paths being broken on the site set in `wp_site` if it is not in the root directory. How to recreate the bug: 1. In WordPress 6.2 or below, create a directory-based multisite, with 2 sites in the network, site 1 at just `http://localhost` and site 2 at `http://localhost/foo`. In `wp-config.php`, set both `SITE_ID_CURRENT_SITE` and `BLOG_ID_CURRENT_SITE` to `1`. In the `wp_site` table (which should only contain 1 entry, with ID `1`), set the domain to `localhost` and the path to `/foo/`. 2. Upload an image to the media library of `http://localhost/foo`. It should display correctly in the library, and have a URL of `http://localhost/onsblog/wp-content/uploads/sites/foo/[year]/[month]/[your-filename]`. 3. In the network site list, at `http://localhost/foo/network/sites.php`, `localhost` should be marked as the main site, reflecting the `BLOG_ID_CURRENT_SITE` constant. 4. Upgrade to WordPress 6.3 or 6.3.1. 5. In the media library of `http://localhost/foo`, the uploaded image will no longer display. If you view the image properties, it will report an image URL of `http://localhost/onsblog/wp-content/uploads/[year]/[month]/[your-filename]`, i.e. the subsite part of the path is missing. 6. In the network site list, `localhost/foo` is now marked as the main site, which does not reflect the `BLOG_ID_CURRENT_SITE` setting. This bug also results in all images uploaded via the classic editor prior to 6.3 404-ing in the frontend on the affected subsite post-upgrade. This behaviour was introduced in this commit: https://github.com/WordPress/WordPress/commit/05f19b1ed76af6d60855a1d44b8c15a166c5e36f, presumably unintentionally given the commit message. This line specifically is the issue: https://github.com/WordPress/WordPress/commit/05f19b1ed76af6d60855a1d44b8c15a166c5e36f#diff-254cbb80547c44f4b3a7ef37746bb5eb9f42bf29f0de5215034a8d1015928fecR242. When the `WP_Network` object is populated via the `WP_Network::get_instance()` method, the `$id` property is populated via a WPDB query: https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-network.php#L106. This returns the `id` from the database as a string (normally `'1'`), which is then passed into `WP_Network::__construct()`, resulting in the `id` property being populated as a string. Therefore this check: {{{#!php ( defined( 'SITE_ID_CURRENT_SITE' ) && (int) SITE_ID_CURRENT_SITE === $this->id ) }}} will always return false, as `$this->id` will be a string. Either `$this->id` should also be cast as an integer, or the `WP_Network::__construct()` method should perform type enforcement, e.g. by calling the same class's `__set()` method to set properties. " robdxw Future Releases 53694 Multisite: Capability check isn't strict enough when hard deleting a site Networks and Sites normal normal Awaiting Review defect (bug) new has-patch 2021-07-19T19:52:29Z 2021-11-19T18:16:11Z "If the second argument passed to {{{wpmu_delete_blog()}}} is {{{true}}}, then a site can be hard deleted. By hard deleted I mean the site's database table will be dropped. My understanding is, the {{{delete_sites}}} capability is granted to super administrators only. {{{delete_sites}}} will let the super administrator hard delete a site. Administrators don't have this capability. Instead, administrators have the {{{delete_site}}} capability. In wp-admin/network/sites.php, {{{wpmu_delete_blog()}}} is called with {{{true}}} as the second argument. The capability check in this case is {{{delete_site}}}. Should this be {{{delete_sites}}}?" henry.wright Future Releases 52464 The value of argument passed to the update_option_new_admin_email() is not a valid email. SergeyBiryukov Networks and Sites normal normal Awaiting Review defect (bug) reviewing needs-unit-tests 2021-02-07T12:08:54Z 2022-09-29T17:38:21Z "While creating a patch for ticket #43706, I found out that the function `update_option_new_admin_email()` is responsible for the template. It does accept two parameters, however, the first parameter `$old_value` does not seem to get the correct value. When checking the value, it holds the value `new_admin_email` instead of the old email address. Thanks!" tremidkhar Future Releases 46550 Uncaught TypeError: setcookie() expects parameter 5 to be string, bool given in... Networks and Sites 5.2 normal minor 6.6 defect (bug) new has-patch 2019-03-18T05:18:36Z 2024-02-17T13:42:20Z "https://github.com/WordPress/WordPress/blob/5e62e6b2034516c0bb366f808673752030d2d2b7/wp-includes/default-constants.php#L303 {{{#!php <?php /** * @since 2.0.0 */ if ( ! defined( 'COOKIE_DOMAIN' ) ) { define( 'COOKIE_DOMAIN', false ); // The value maybe '', not boolean } }}} " kmvan Future Releases 53355 "wp-signup.php with `new` in the query string results in a ""site does not exist"" message even if the site does exist" SergeyBiryukov Networks and Sites normal normal Future Release defect (bug) reviewing has-patch 2021-06-07T21:37:07Z 2022-10-07T21:30:03Z "Steps to reproduce: 1. Visit example.com/wp-signup.php?new=sport where `sport` is the address of an existing site in your network. Note I'm using `sport` as an example. You should replace `sport` with the address of an existing blog in your network. You will get the following message appear on the page: > The site you were looking for, https://sport.example.com/, does not exist, but you can create it now!" henry.wright Future Releases 13743 Ability to choose a network default theme Networks and Sites 3.0 normal normal Future Release enhancement reopened dev-feedback 2010-06-06T05:44:12Z 2018-03-28T09:11:24Z As stated in summary. I use WP 3.0 RC and I've found out that there is no way to set up a theme which should be used by default for newly created sites in network. Even then I disable all the themes except the one I want to be used, WP still set thentyten as theme for newly registered site. The only solution I was able to find is to change theme description and name to twentyten and delete all other themes. It's so simple to let administrator choose default network theme, and this option is present in many other CMS. fuwaneko Future Releases 51358 Add a clearer warning message before deleting a site from a network joedolson* Networks and Sites 3.0 normal normal 6.6 enhancement accepted has-patch 2020-09-19T20:52:28Z 2024-02-21T16:38:05Z "Deleting a site from the Network Admin -> Sites screen is the most destructive single action that a user can take on a WordPress installation. After clicking the `Delete` link the user is shown a screen requesting confirmation, but this screen doesn't convey the permanence of the action they're about to take. There is no trash or undo when deleting a site. It drops the database tables for the site, empties its uploads directory of all files, and removes the roles for that site from all users. Let's add an extra warning to this confirmation screen which explains this." johnbillion Future Releases 39318 Assign a theme when creating a site (Multisite) Networks and Sites 3.0 normal normal Future Release enhancement new has-patch 2016-12-17T18:13:46Z 2019-03-13T20:50:42Z "This is a serie of multisite focus enhancements for themes, the major one is from #13743 that add a network default theme (I used this network option in this following patch). This ticket ""Assign a theme when creating a site"" was a shared idea discussed on WCUS, WC Cologne, etc. So here a first patch that just add a select input containing the activated themes of the current network. By default, the selected theme is WP_DEFAULT_THEME constant or the new default network option for theme. After the form is submited, we add stylesheet and template name to the $meta array, and {{{wpmu_create_blog}}} function makes an automatic update option with the right theme." Mista-Flo Future Releases 59173 Improve optimizations of get_site_url by not using switch_to_blog Networks and Sites normal normal Awaiting Review enhancement new has-patch 2023-08-23T14:15:11Z 2023-08-24T20:57:33Z "I belive a better approach would be to use the `WP_Site_Query` query, as in: {{{#!php <?php function get_site_url( $blog_id = null, $path = '', $scheme = null ) { if ( empty( $blog_id ) || ! is_multisite() ) { $url = get_option( 'siteurl' ); } else { // Use WP_Site_Query to get the site URL. $site = get_site( $blog_id ); $url = $site->domain . $site->path; // If the network has a custom domain, use that instead. if ( $site->domain !== \get_network()->domain ) { $url = get_network()->domain . $site->path; } } $url = set_url_scheme( $url, $scheme ); if ( $path && is_string( $path ) ) { $url .= '/' . ltrim( $path, '/' ); } /** * Filters the site URL. * * @since 2.7.0 * * @param string $url The complete site URL including scheme and path. * @param string $path Path relative to the site URL. Blank string if no path is specified. * @param string|null $scheme Scheme to give the site URL context. Accepts 'http', 'https', 'login', * 'login_post', 'admin', 'relative' or null. * @param int|null $blog_id Site ID, or null for the current site. */ return apply_filters( 'site_url', $url, $path, $scheme, $blog_id ); } }}} " PerS Future Releases 39334 Network administrators should be able to enable themes on the site level Networks and Sites normal normal Awaiting Review enhancement new has-patch 2016-12-19T18:42:12Z 2017-12-03T17:13:59Z "At the WordCamp USA, a suggested idea about themes in a multisite context was to allow network administrators (that have manage_network_themes cap) to network enable themes on the site level. So I have made a patch to handle this. You can now activate a theme on a site on two actions (first network activate, then activate for the site) on the same page. Maybe it could be better to handle this in just one action, and just network activate the theme if it's not yet activated before site activation." Mista-Flo Future Releases 43233 Network transients Networks and Sites 2.9 normal normal Future Release enhancement new dev-feedback 2018-02-06T09:28:25Z 2020-05-12T17:03:35Z "Currently site (network) transients do not support multi network. For sites with object caching it stores the transient as a global and for sites without object caching, it stores it on the current networks options. This is a strange behavour, as object cached sites act very differet from none. The behaviour should be the same on both types of site and how type of store a network transient should be better defined. Is it a global store or a network level store. " spacedmonkey Future Releases 52723 Admin options.php default value to NULL for option_value may lead to MySQL Integrity constraint violation error, potential other bugs Options, Meta APIs 2.7 normal normal 6.6 defect (bug) new needs-unit-tests 2021-03-05T14:26:35Z 2024-02-27T12:01:48Z "It looks like `wp-admin/options.php` set a `null` value by default for any unchecked option: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/options.php#L306 Now, this leads to execute queries like this by `update_option`: UPDATE `wp_options` SET `option_value` = NULL WHERE `option_name` = 'default_pingback_flag' Which is wrong, given the schema explicitly set `option_value` to `NOT NULL`: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/schema.php#L144 This would trigger an integrity constraint violation error by MySQL when in (default) strict mode: Error! SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'option_value' cannot be null To get around this (and for other reasons too, I presume), WordPress currently tries to disable any MySQL strict mode in the `$wpdb` class, with the effect that MySQL silently ""fix"" the error itself: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/wp-db.php#L567 https://core.trac.wordpress.org/browser/trunk/src/wp-includes/wp-db.php#L826 But **not every environment support this**, so there are people out there who cannot save options and they are confused about the reason why, for example: https://www.reddit.com/r/Wordpress/comments/l61rvs/cannot_disable_avatars/ https://wordpress.org/support/topic/discussion-comment-settings-saved-changes-are-not-taking-effect-at-all/ https://wordpress.org/support/topic/wordpress-database-error-column-option_value-cannot-be-null/ A simple solution would be to set a different default value (`0` or even an empty string) in `wp-admin/options.php` and, ''better yet'', **cast any `NULL` value to the same different default value in both `update_option` and `add_option`**. Please note that, without a fix, **this bug may also lead to other nasty side effects**. As a quick fix/test, I successful got around this with this simple filter: {{{#!php <?php add_action( 'init', 'p_options_fix' ); function p_options_fix() { add_filter( 'pre_update_option', 'p_options_fix_not_null', 10, 3 ); function p_options_fix_not_null( $value, $option, $old_value ) { // The fix: cast NULL values to 0 $value = ( is_null($value) ) ? 0 : $value; return $value; } } }}} But I think this is something that should be really fixed in the core. Thank you. " pinoceniccola Future Releases 35379 update_network_option changes stored option value if sanitize_option detects error jeremyfelt Options, Meta APIs 3.0 normal normal Future Release defect (bug) assigned has-patch 2016-01-08T23:48:50Z 2017-09-05T16:57:14Z "If you make a call like {{{ update_network_option( null, ""admin_email"", ""this.is.not.an.email.address"" ); }}} then the value of the `admin_email` ''network'' option will be changed to the value of the `admin_email` ''site'' option in the database. Expected behaviour would be that the option value in the database is not changed. The reason is that `update_network_option` calls {{{ sanitize_option( ""admin_email"", ""this.is.not.an.email.address"" ); }}} and writes its return value to the database. However, `sanitize_option` will return the value of `get_option( ""admin_email"" )`, instead of `get_network_option( null, ""admin_email"" )`. See [https://core.trac.wordpress.org/browser/tags/4.4/src/wp-includes/formatting.php#L3863 lines 3863ff. in formatting.php]." thomaswm Future Releases 21989 update_option() calls sanitize_option() twice when option does not exist Options, Meta APIs normal normal Future Release defect (bug) new dev-feedback 2012-09-25T05:04:34Z 2024-02-22T06:16:56Z " I just spent several hours tracking down an issue when using the Settings API where `sanitize_option()` is called twice which is unnecessary execution especially if sanitization includes calling an external API for username/password authorization ''(this was how another developer set it up for a plugin I was debugging.)'' What happens is that a call to `update_option()` will call `sanitize_option()` and then if the option wasn't previously in the options table `update_option()` will delegate to `add_option()` which calls `santize_option()` a second time. This would normally be easy to workaround by first calling `get_option()` and testing for `false` and calling `add_option()` instead of `update_option()` if `false`, but not when the Settings API chooses how to call it. I've looked at the problem and can envision several different ways to solve it such but don't know which the core developers would choose ''(or if they'd choose yet another option I haven't envisioned)'' so I didn't submit a patch: - Adding a 3rd parameter `$mode` to `sanitize_option()` that identifies the mode ''('add', 'edit', default = 'unknown')'' and thus allow the hook to ignore one of the options ''(this would be more backward compatible but would put the onus on the developer to know to do this)'', - Adding a 5th parameter `$bypass_sanitize` to `add_option()` defaulted to `false` that is only passed as `true` in `update_option()` allowing `update_option()` to disable the call to `sanitize_option()` found in `add_option()` ''(this would be less backward compatible and hacky, but seemless to the developer)'' - Adding a 3rd parameter `$bypass_sanitize` to `update_option()` defaulted to `false` that is only passed as `true` from `/wp-admin/options.php` allowing `update_option()` to bypass the call to `sanitize_option()` if an `add_option()` will happen ''(this would be less backward compatible and hacky, but seemless to the developer)'' - Have `/wp-admin/options.php` test for no pre-existing option and then call `add_option()` or `update_option()`, respectively ''(this would be seemless to the developer but less backward compatible and not hacky, and it wouldn't handle the general case.)'' So is this worth fixing to save other users and developers debugging time, and to reduce the chance of subtle errors in new code? If yes, how best to approach?" MikeSchinkel Future Releases 34848 Add support for updating post meta in bulk chriscct7 Options, Meta APIs normal normal Future Release enhancement assigned close 2015-12-04T19:43:48Z 2023-08-29T15:59:31Z "A limiting factor in performance of inserting posts into the database is postmeta. I've been running a patch locally which adds functions for adding postmeta in one function call instead of calling add_post_meta multiple times over and over. add_post_meta creates a single SQL insert query, when adding 20 post metas that is 20 SQL inserts all run separately. This can be greatly improved by combining these into a single SQL insert. There is a problem where updating meta in bulk would likely be impossible or very painful. At the very least I have not been able to find a way to do this. Deleting I haven't developed a function but I imagine it would be fairly easy. {{{#!php /** * Add metadatas to a post. * * @since x.x.x * * @param int $post_id Post ID. * @param string $meta_data Metadata as an key/value pair array * * @return bool Was the data inserted */ function add_post_metas( $post_id, $meta_data ) { // Make sure meta is added to the post, not a revision. if ( $the_post = wp_is_post_revision($post_id) ) $post_id = $the_post; return add_metadatas('post', $post_id, $meta_data); } /** * Add multiple metadatas for the specified object. Similar to calling add_metadata for each metadata individually, * and is only applicable for unique meta data. If a meta key already exists for an object it will not be stored. * * @since x.x.x * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $meta_type Type of object metadata is for (e.g., comment, post, or user) * @param int $object_id ID of the object metadata is for * @param array $meta_data Metadata as an key/value pair array * * @return bool If the metadata was stored successfully. */ function add_metadatas($meta_type, $object_id, $meta_data) { global $wpdb; if ( ! $meta_type || ! is_array( $meta_data ) || ! is_numeric( $object_id ) ) { return false; } $object_id = absint( $object_id ); if ( ! $object_id ) { return false; } $table = _get_meta_table( $meta_type ); if ( ! $table ) { return false; } $column = sanitize_key($meta_type . '_id'); /** * Filter whether to add metadatas of a specific type. * * The dynamic portion of the hook, `$meta_type`, refers to the meta * object type (comment, post, or user). Returning a non-null value * will effectively short-circuit the function. * * @since x.x.x * * @param null|bool $check Whether to allow adding metadata for the given type. * @param int $object_id Object ID. * @param string $meta_key Meta key. * @param mixed $meta_value Meta value. Must be serializable if non-scalar. * @param bool $unique Whether the specified meta key should be unique * for the object. Optional. Default false. */ $check = apply_filters( ""add_{$meta_type}_metadatas"", null, $object_id, $meta_data ); if ( null !== $check ) return $check; $_meta_data = array(); foreach( $meta_data as $key => $value ) { if ( 0 == absint( $wpdb->get_var( $wpdb->prepare( ""SELECT COUNT(*) FROM $table WHERE meta_key = %s AND $column = %d"", $key, $object_id ) ) ) ) { $key = wp_unslash( $key ); $value = wp_unslash( sanitize_meta( $key, $value, $meta_type ) ); $_meta_data[ $key ] = maybe_serialize( $value ); /** * Fires immediately before meta of a specific type is added. * * The dynamic portion of the hook, `$meta_type`, refers to the meta * object type (comment, post, or user). * * @since 3.1.0 * * @param int $object_id Object ID. * @param string $meta_key Meta key. * @param mixed $meta_value Meta value. */ do_action( ""add_{$meta_type}_meta"", $object_id, $key, $value ); } } $rows = array(); if( ! empty( $_meta_data ) ) { $sql = ""INSERT INTO {$table} ({$column}, meta_key, meta_value) VALUES ""; $comma = false; foreach( $_meta_data as $key => $value ) { if( true == $comma ) { $sql .= ','; } $sql .= ""({$object_id}, '{$key}', '{$value}')""; $comma = true; } } $result = $wpdb->query( $sql ); if ( ! $result ) return false; wp_cache_delete($object_id, $meta_type . '_meta'); return true; } }}} " patrickgarman Future Releases 44958   character in title generates a permalink (and slug) with space Permalinks 4.8 normal normal 6.6 defect (bug) assigned has-patch 2018-09-17T20:44:22Z 2024-02-12T16:22:54Z "If a title has an   character copy pasted or if the permalink has a   copy pasted It will generate a permalink and slug with an space breaking some elements on the site I generated an empty wordpress install without any plugins to test it, and it has the same problem" ace2_heart Future Releases 40032 Automatic redirects with _wp_old_slug won't mantain GET parameters if present Permalinks 2.1 normal normal Awaiting Review defect (bug) new has-patch 2017-03-04T15:05:27Z 2021-03-09T06:31:59Z "If for example links come up with GET parameters, for example utm parameters for analytics, they get stripped before the redirect. post_name = 'new-slug' _wp_old_slug = 'old-slug' http://example.org/old-slug/?utm_source=test1&utm_medium=test2&utm_campaign=test3 Wordpress will build the link for the redirect to the new slug without any GET parameter: http://example.org/new-slug/ I think it should mantein them instead: http://example.org/new-slug/?utm_source=test1&utm_medium=test2&utm_campaign=test3 I'm not even sure if this should be classified as a bug, if it's the correct behaviour or not. I'll let you judge." DrLightman Future Releases 32322 Custom permalink structure incorrect for Future posts kdoole Permalinks 4.2 normal normal Future Release defect (bug) assigned has-patch 2015-05-09T10:01:55Z 2019-10-15T14:33:52Z "From V4.2 there is a bug with custom permalink structures used for Future posts that are visible on the front end. Example: - You have your custom permalink structure set up as ""Post name"". - ""Published"" posts show up with the correct permalink structure i.e. mysite.com/single-post/ - ""posts marked as ""Future"" but visible in the front end (i.e. if you're wanting to show posts that are scheduled) show up with the default permalink structure i.e. mysite.com/?p=618 Rolling back through the versions of WordPress, all was working correctly in v4.1.5 and then stopped working from v4.2" greencode Future Releases 58722 Fix RTL display in Optional grouping on Permalinks Settings page Permalinks normal normal Future Release defect (bug) new has-patch 2023-07-05T23:58:44Z 2023-07-11T23:49:18Z "//splitting from #47755 (props rachid84, johnbillion, SergeyBiryukov, costdev, joedolson, afercia, ryokuhi, oglekler)// For the Category/Tag Base fields, subdirectory network installations can show a `/blog` prefix before the input field. In RTL languages, the slash is on the wrong side. Also, the example URL can wrap awkwardly to the next line. In any language, the text is stacked above the field with little space between them on smaller screens. 1. Create a multisite network with subdirectories. 2. Open the main site. 3. Visit Settings -> Permalinks. 4. Scroll down to the Optional section." sabernhardt Future Releases 9102 Inverse proxy breaks permalinks Permalinks 2.7 normal normal Future Release defect (bug) assigned needs-unit-tests 2009-02-12T01:58:37Z 2019-03-15T00:29:35Z "I have a WP installation at my university's webspace (on an apache server), say http://myuni.ac.at/mydir/wordpress/ , and an inverse proxy domain http://mydomain.at/ for it. This means that any request to the latter, eg for http://mydomain.at/2009/02/12/inverse-proxy-trouble/ , is forwarded to http://myuni.ac.at/mydir/wordpress/ , which in turn means that the REQUEST_URI there becomes /mydir/wordpress/2009/02/inverse-proxy-trouble/ . My ''home'' variable is of course set to http://mydomain.at/ (''siteurl'' is set to http://myuni.ac.at/mydir/wordpress/ -- otherwise I wouldn't be able to login to WP). Unfortunately, when analyzing REQUEST_URI, wordpress chops off the ''home'' path, not the ''siteurl'' one. This may be okay for some purposes, but in the inverse proxy case, permalinks break. For a fix, I had to hack two wordpress core files, namely wp-includes/classes.php in function parse_request: change line 162 from {{{ $home_path = parse_url(get_option('home')); }}} to {{{ $home_path = parse_url(get_option('siteurl')); }}} and wp-includes/rewrite.php, in function get_pagenum_link, line 987, same modification. This is a dirty hack, of course; so I wonder if in general, using the ''siteurl'' path is valid in any case where the ''home'' host differs from the ''siteurl'' host. If so, I suggest changing the affected files in such a manner." Bernhard Reiter Future Releases 50233 Limit pagination for comments SergeyBiryukov Permalinks 5.4.1 normal minor Future Release defect (bug) reopened dev-feedback 2020-05-23T21:53:08Z 2022-04-26T03:30:27Z "you can look? please https://wordpress.org/support/topic/wordpress-infinite-link-problem/ Hello. WordPress has endless link problems for many years. Note: This problem happens when we paged comment example: Others: https://perishablepress.com/wordpress-infinite-duplicate-content/comment-page-2/ https://perishablepress.com/wordpress-infinite-duplicate-content/comment-page-2754/ others https://www.wpbeginner.com/beginners-guide/how-to-properly-ask-for-wordpress-support-and-get-it/comment-page-2754/ https://www.wpbeginner.com/beginners-guide/how-to-properly-ask-for-wordpress-support-and-get-it/comment-page-5754/ others https://www.isitwp.com/best-wordpress-404-error-plugins/comment-page-3754/ https://www.isitwp.com/best-wordpress-404-error-plugins/comment-page-5754/ Attention! There are no comments on these pages. But the links are entering the article. This is the problem for google search console. If there is no comment, that link should not work. How can I fix this? Paged comments from your admin panel. And you try too If we do not paginate, this is no problem. This problem happens in paginations.. If the setting is like this. screen shot: https://prnt.sc/smhi90" devrekli Future Releases 52737 Allow 301 redirect on _wp_old_slug to be filterable Permalinks normal normal Awaiting Review enhancement new has-patch 2021-03-09T06:52:29Z 2021-03-22T05:01:16Z "While the URL on `old_slug_redirect_url` is filterable the same should be true for the redirect status. It currently is hardcoded as a 301. Allowing any status code will allow for 302 or other status to be used. https://core.trac.wordpress.org/browser/trunk/src/wp-includes/query.php#L1082 " brookedot Future Releases 10483 Change post_name's length from 200 to 400 SergeyBiryukov Permalinks normal minor Future Release enhancement reviewing dev-feedback 2009-07-25T06:31:52Z 2023-12-29T16:39:52Z "Hello, guys! Thank you very much for providing such a great piece of software! I love WordPress very much! :) I use WordPress in Russian language and the URLs on my [http://www.ielnur.com blog] consist of Russian characters. There is a [http://www.ielnur.com/blog/2009/05/снова-бросить-курить-30-тидневное-испытание/ post] with not such a long URL in Russian, but since it gets encoded to special characters it becomes too long to get fit into `post_name` field of `post` table. I've found what code needs to be changed to increase the length. I make these changes every time a new version is released. I think it would be better to submit a patch here so that others people can benefit from it and I will not need to make those changes every release. I'm attaching the patch to this ticket and asking you to apply it to the code. Thank you very much again, guys! You do a great job! :) Cheers, Elnur" elnur Future Releases 49871 REST API post link should be permalink for scheduled posts Permalinks 4.7 normal normal Future Release enhancement new dev-feedback 2020-04-10T19:13:25Z 2020-07-02T13:35:48Z "Scheduled posts now return something like this: {{{ { ""id"": 34, ""date"": ""2039-12-09T20:19:00"", ""slug"": ""message-from-the-past"", ""status"": ""future"", ""link"": ""https://example.com/?p=34"", } }}} But I believe it makes more sense to actually return the permalink as link: {{{ { ""id"": 34, ""date"": ""2039-12-09T20:19:00"", ""slug"": ""message-from-the-past"", ""status"": ""future"", ""link"": ""https://example.com/2039/12/09/message-from-the-past"", } }}} The only caveat is that we will need to create 301 redirects in case the slug changes (which is the case for published posts already). For example. if the slug becomes `old-message` the new link would be `https://example.com/2039/12/09/old-message`, but visiting `https://example.com/2039/12/09/message-from-the-past` should redirect to the new URL. There has been some discussion about this over here: https://github.com/WordPress/gutenberg/pull/21410#issuecomment-612132635" Jules Colle Future Releases 15953 when category slug is changed, old uri also should redirect to new, as post uris do SergeyBiryukov Permalinks normal normal Future Release feature request reviewing dev-feedback 2010-12-22T18:51:10Z 2023-05-25T14:45:21Z when category slug is changed, old uri also should redirect to new, as post uris do qdinar Future Releases 43791 Add the call to pingback_url to core instead of themes Pings/Trackbacks 4.9.5 normal normal Awaiting Review enhancement new dev-feedback 2018-04-17T20:03:24Z 2021-01-13T19:44:19Z "The `<head>` section contains a lot of `<link>` items that WordPress core generates. Why should themes be responsible for outputting the `pingback_url()` `<link>`? The core code should remove this burden from the theme and ensure that it is handled every time and correctly. Currently, the theme needs code like this: {{{ function mytheme_pingback_header() { if ( is_singular() && pings_open() ) { echo '<link rel=""pingback"" href=""', esc_url( get_bloginfo( 'pingback_url' ) ), '"">'; } } add_action( 'wp_head', 'mytheme_pingback_header' ); }}} and a lot of themes don't even have it, so then there are core options that don't work correctly. This logic belongs in core. " joyously Future Releases 46982 Avoid loading dot files in the mu-plugins directory. Plugins 2.8 normal normal Awaiting Review defect (bug) new has-patch 2019-04-18T19:08:07Z 2022-03-10T21:41:15Z "In some circumstances, metadata files are generated in the `mu-plugins` directory. For example, editing a plugin file `my-mu-plugin.php` folder using a Mac via SMB can result in a metadata file `._my-mu-plugin.php` being created. Because of the way `wp_get_mu_plugins()` works, this metadata file will be loaded as a valid plugin and the contents of the file will be output in the page header. I'm attaching a small patch to avoid loading `._` files in the unfortunate event that they are created." dcavins Future Releases 38112 Deleting an Active Plugin via Bulk Actions Fails Silently Plugins normal normal Future Release defect (bug) assigned has-patch 2016-09-20T17:43:26Z 2022-09-21T12:03:20Z "With the introduction of shinier updates in 4.6, it appears that the error messaging around deleting an activated plugin wasn't ported into the new system properly. '''To reproduce:''' 1. On Plugins Screen, select an activated plugin. 2. From ""Bulk Actions"" select ""Delete"" 3. Click Apply '''Result:''' Nothing happens. Silent failure (to delete). '''Expected Result:''' Error message explaining that you can't delete activated plugins. In one case, I actually saw the expected error message after refreshing the plugins page, but I haven't been able to replicate that since." mrwweb Future Releases 38211 Interference of AJAX search with input field auto-complete adamsilverstein Plugins 4.6 normal normal Future Release defect (bug) assigned has-patch 2016-10-02T12:09:55Z 2021-10-29T19:23:00Z "In WordPress 4.6 new feature was introduced in ""Add Plugin"" page - user input in ""Search Plugin"" field triggers AJAX search. That's great but it also makes browser's auto-complete of this field to disappear (at least in Chrome). Therefore it's difficult to select an already existing option of plugin name that browser's auto-complete offers because AJAX search gets triggered very soon after you type a letter in input field. So, in most cases I need to type full name of the plugin or try to select auto-complete option before AJAX gets triggered. I'm not sure what the solution for this would be but I don't think it's difficult to press Enter or tap Search button after you have written everything you wanted without system interfering with the process without user wanting it. In addition, the fact that button Search disappeared some time ago made it impossible to add a plugin on touch devices. I see that AJAX search perhaps tries to fix this but it breaks auto-complete as I mention above." armandsdz Future Releases 14060 "Misleading ""You do not have sufficient permissions to access this page.""" SergeyBiryukov Plugins 3.0 normal normal Future Release defect (bug) reviewing has-patch 2010-06-23T14:46:16Z 2019-03-29T23:35:02Z "When accessing a page of a plugin in the admin that does not exists any longer, you're told by an error message, that: > You do not have sufficient permissions to access this page. This message is a little misleading, because there is no such page. A message that better reflects the decision to display it would be less misleading, e.g.: > The requested page is not accessible. " hakre Future Releases 41638 Must-Use Plugin File Still Available With a dot at the beginning of a filename (aka supposedly hidden) Plugins 4.8.1 normal normal Awaiting Review defect (bug) new dev-feedback 2017-08-14T22:35:52Z 2022-02-18T19:14:43Z "If you place a dot in front of a must-use plugin file, I believe it shouldn't be included as part of your Must-Use arsenal and the code shouldn't be available as well. Perhaps I'm doing it the wrong way, but when I place a dot in front of something (e.g., folder, file), I expect that file to no longer be available. " ronalfy Future Releases 44884 "Notice something like ""Notice: Constant WP_UNINSTALL_PLUGIN already defined in testsite\wp-admin\includes\plugin.php on line 1016"" appears when try to delete multiple plugins by ""delete_plugins()"" function" Plugins 4.9.8 normal normal Awaiting Review defect (bug) new has-patch 2018-09-03T06:18:33Z 2018-09-10T21:48:13Z "When i try to uninstall multiple plugins, I am getting warning like ""Notice: Constant WP_UNINSTALL_PLUGIN already defined in testsite\wp-admin\includes\plugin.php on line 1016"". To demonstrate this issue i have developed testcode. Issue reproduce steps: * Please ensure that debug mode is on in your WordPress setup by ensuring below constant is on root/wp-config.php file: {{{#!php <?php define('WP_DEBUG', true); }}} * Install these plugins: Contact Form 7, Gutenberg, Jetpack by WordPress.com, WooCommerce and Yoast SEO * Please make new file as wp-content/mu-plugins/test.php and pate below code in it: {{{#!php <?php add_action('admin_init', function() { if (isset($_GET['t']) && 1 == $_GET['t']) { $uninstallable_plugins = array( 'contact-form-7/wp-contact-form-7.php', 'gutenberg/gutenberg.php', 'jetpack/jetpack.php', 'woocommerce/woocommerce.php', 'wordpress-seo/wp-seo.php', ); var_dump(delete_plugins($uninstallable_plugins)); die; } }); }}} * Open browser and open the address ""yoursite.com/wp-admin/?t=1"" and you will see error https://photos.app.goo.gl/BHeCDSF4uB2Eh4HNA" pmbaldha Future Releases 59402 Plugin cannot be uninstalled if uninstall crashes swissspidy Plugins 2.7 normal normal 6.6 defect (bug) assigned has-patch 2023-09-20T06:59:37Z 2024-02-19T09:31:50Z "If a plugin register the ""register_uninstall_hook"" conditionally (e.g. only on activation,...) a plugin cannot be uninstalled anymore if it exits (e.g. timeout,...) during uninstall. This is because the uninstall file/callback is removed from the option before the actual uninstall happens: https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-admin/includes/plugin.php#L1253 https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-admin/includes/plugin.php#L1269 " kkmuffme Future Releases 42670 Symlinked plugin makes plugin_basename function return wrong basename brianhenryie Plugins 4.9 normal normal 6.6 defect (bug) assigned has-patch 2017-11-23T11:36:11Z 2024-02-26T16:59:49Z "Symlinked plugin makes plugin_basename function return wrong basename for plugins which goes after the symlinked plugin. If symlinked plugin name is substring of WP root directory name. For instance, plugin name is feedback-plugin and WP root directory is feedback-plugin-wp. Cause of such a behavior is condition: {{{#!php // wp-includes/plugin.php plugin_basename function (line 658). if ( strpos( $file, $realdir ) === 0 ) { $file = $dir . substr( $file, strlen( $realdir ) ); } }}} Solution: {{{#!php $pattern = '/^' . str_replace('/', '\/', $realdir) . '\//'; if ( preg_match( $pattern, $file ) ) { $file = $dir . substr( $file, strlen( $realdir ) ); } }}} " sergiienko Future Releases 42637 Wrong button text for plugin installation failed! Plugins normal normal Awaiting Review defect (bug) new close 2017-11-20T07:42:07Z 2022-02-10T01:08:13Z "Button text should be `Installation Failed!` instead of `Update Failed!` if plugin installation failed. Check below gif: Latest version: http://bsf.io/yola3 After applied patch: http://bsf.io/rblas" Mahesh901122 Future Releases 52405 activate_{$plugin} not passing $network_wide boolean to action handler Plugins 3.0 normal normal Awaiting Review defect (bug) new has-patch 2021-01-31T07:19:07Z 2021-02-23T01:04:05Z "When using {{{register_activation_hook}}}, the {{{""activate_{$plugin}""}}} action doesn't pass the {{{$network_wide}}} boolean as the parameter for the callback. Instead, the parameter gets substituted with an empty string, breaking the page when using strict typing, as it expects a boolean. Looking at how it's done when activating plugins, it uses {{{is_network_admin()}}} as the parameter https://core.trac.wordpress.org/browser/trunk/src/wp-admin/plugins.php?rev=49683#L124 Same thing should happen here: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/plugins.php?rev=49683#L193 {{{do_action( ""activate_{$plugin}"", is_network_admin() );}}} " noplanman Future Releases 32422 add_menu_page() returns incorrect $hookname when using plugin filename as $menu_slug Plugins 4.2.2 normal normal Awaiting Review defect (bug) new reporter-feedback 2015-05-17T05:06:29Z 2017-07-01T04:02:45Z "When using `add_menu_page()` and `add_submenu_page()` with filenames in the $menu_slug parameter, the resulting hookname does not match the expected `do_action('load-' …)` hookname. In the following examples the expected hookname from `do_action( 'load-' . $plugin_page );` (in ''wp-admin/admin.php'') is: '''load-myplugin/admin/resources.php'''. However, the hookname returned by `$hookname = get_plugin_page_hookname( $menu_slug, $parent_slug);` (from `add_submenu_page()` in ''wp-admin/includes/plugin.php'') is '''myplugin_page_myplugin/admin/resources'''. The result is, this code does not work: {{{ $hookname = add_submenu_page(""myplugin/dashboard.php"", 'Resources', 'Resources', 'edit_pages', ""myplugin/resources.php""); add_action($hookname, 'add_resources_options' ); function add_resources_options() { add_screen_option('per_page', array( 'label' => 'Resources', 'default' => 10, 'option' => 'resources_per_page' )); } }}} However, the hooknames do match when using `add_menu_page()` and `add_submenu_page()` with a callback slugname. This code works (notice only the first line has been changed to use callback slugs instead of filename slugs): {{{ $hookname = add_submenu_page('dashboard', 'Resources', 'Resources', 'edit_pages', 'myresources', 'myresources'); add_action($hookname, 'add_resources_options' ); function add_resources_options() { add_screen_option('per_page', array( 'label' => 'Resources', 'default' => 10, 'option' => 'resources_per_page' )); } }}} The solution is either: * Modify `function get_plugin_page_hookname() …` to return a hookname that is caught by `do_action( 'load-' . $plugin_page );`. * Or modify `do_action( 'load-' . $plugin_page );` to use the hookname currently returned by `get_plugin_page_hookname()`. " quinncom Future Releases 56221 Add download URL to plugins REST create (install) endpoint TimothyBlynJacobs* Plugins 5.5 normal normal Future Release enhancement accepted dev-feedback 2022-07-14T21:51:39Z 2023-06-27T07:04:57Z "The `wp-json/wp/v2/plugins` endpoint allows installing plugins by POSTING the `slug` parameter. It then queries the .org plugin repo for the download link and proceeds to download and install that zip file using `Plugin_Upgrader`. I would like to be able to specify the download URL so I can install plugins from outside the .org plugin repo. My plan is to install plugins to my site when a I create a new release on GitHub, i.e. use GitHub Actions to POST the new download URL to my site, then serve the plugin to other sites using SatisPress. I tried unsuccessfully to find past related tickets that maybe discussed if omitting this functionality was intentional. It looks like a relatively easy change. I'll make PR for it soon. https://github.com/WordPress/WordPress/blob/4c265b66297074f09d66c17d9f14d11a5fffdb00/wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php#L289-L313" brianhenryie Future Releases 31136 Allow plugin authors to register an additional 'Uninstall Notification' plugin header and to display back to the user during plugin uninstall flow Plugins normal normal Future Release enhancement new needs-unit-tests 2015-01-26T06:14:19Z 2017-02-05T09:58:14Z "In wp-admin/plugins.php wordpress displays to the user information about the plugins you are attempting to uninstall. Currently it only displays the name of the plugin name ($plugin[ 'Name' ]) and the plugin author ($plugin[ 'AuthorName' ]). In V4.1 this output is generated around lines 289-304. Is it possible to add another field that contains a short piece of information from the plugin author, that can be presented to the user for each plugin? The plugin would need to register this information with wordpress when it was installed or updated. Specifically, I envisage this being used for details that the user might need to follow to preserve any data that they might have before they actually delete the plugin. An example string that I can see being used by a plugin: If you wish to uninstall <b>without losing your data</b>, see the details at <a href=""http://example.com/plugin-uninstall"">http://example.com/plugin-uninstall</a>. Notes: - Such a string should of course be optional to preserve backward compatibility. - Appropriate filtering and length checks should be done on the string to ensure that the uninstall plugin UI isn't easily broken or disturbed. This avoids the plugin author filling the field with a string that stops the user from being unable to uninstall the plugin." cefiar Future Releases 37656 Improve plugin bootstrapping processes Plugins normal normal Awaiting Review enhancement new dev-feedback 2016-08-14T11:32:28Z 2019-12-13T19:04:03Z "I recently thought about if we could make bootstrapping plugins easier and take away some common tasks that (should) happen in every plugin. It would also be nice to have a general plugin class registry. What I was thinking of is to introduce an abstract class `WP_Plugin` that plugin developers can extend for their plugin's main class. Then they would call a new function `register_plugin( __FILE__, $plugin_class_name )` to register that class with WordPress. We could take some regular processes away from the developer and, by doing that, also make sure that they don't implement it the wrong way. For example, we could take care of plugin installation routines: If the class implements a static method `install()`, the base class `WP_Plugin` would register an activation hook to an internal function that takes care of whether the plugin is activated network-wide. The actual `install()` method would only contain those steps necessary for the setup on the current site (`WP_Plugin` would take care of switching sites as appropriate). Many plugin developers overlook Multisite in their setup routines, causing the plugin to only install on the main site although being network-activated. We could also deal with other tasks, like hooking the `bootstrap()` method of the plugin class in `plugins_loaded` or `muplugins_loaded` (detected by the base class). I think this whole concept could improve the way plugins initialize themselves. It would not be mandatory (since several plugins don't even use classes), but it would become a best practice. This is just an idea that I wanted to throw on Trac to discuss about it. If we get to the point that we agree this is a good idea, we would need to come up with actual details (of which I don't have any yet)." flixos90 Future Releases 42910 Default Post Format doesn't apply on post created from Quick Draft Post Formats 4.9.1 normal normal Awaiting Review defect (bug) reopened has-patch 2017-12-15T09:09:31Z 2018-04-15T07:24:06Z "Default Post Format doesn't keep selected while submitting posts using Quick Draft option of dashboard. '''Steps To Reproduce:''' 1. Login into the WordPress admin 2. Navigate to the Settings > Writing 3. Change the Default Post Format to any format 4. Clicked on ‘Save changes’ button 5. Now navigate to the Dashboard 6. Inside Quick Draft block Add post title and description and Clicked on ‘Save Draft’. 7. Now check the post format of added post. Note: ''it is working after 2-3 attempt but when you again change the post format then it will not work as expected.'' '''Expected result:''' default post format should be applied on post created from ""Quick Draft"" option." aiyaz Future Releases 56599 """All"" view not selected for all relevant views for custom post type" Posts, Post Types 4.2 normal trivial Awaiting Review defect (bug) new has-patch 2022-09-19T10:58:34Z 2022-09-19T14:24:10Z When the screen options get saved, the parameter `mode=list` gets appended to the URL. For the posts table, the “All” view gets the `.current` HTML class, since `\WP_Posts_List_Table::is_base_request()` returns `true`. For all other post types—including pages—it returns `false`. alpipego Future Releases 40585 'Update' vs 'Schedule' Posts, Post Types normal normal Awaiting Review defect (bug) reopened has-patch 2017-04-27T16:48:26Z 2017-05-08T18:44:30Z "Hi, today i work with WordPress and i noticed a problem. My timeline event is: 1) I have an article ""X"" published of the 26 april at 20.00. 2) Today, 27 april at 18.02 i start the edit the article 3) At 18.15 finish edit article and modified date of article in pubblication in 27 april at 18.15 4) Now i don't look button ""Update"" but i look button ""Planning"". I have feeling that WordPress don't check date in this moment (18.15) but check date open edit article (18.02). The article is pubblished in all cases but theoretically the article is deleter on the google serp for some minutes. Sorry for my english :)" micheleconversano Future Releases 13972 Add new category link - capability check needed Posts, Post Types 3.0 normal minor Future Release defect (bug) new has-patch 2010-06-18T09:01:43Z 2018-01-23T03:26:40Z "/wp-admin/link-add.php If user doesn´t have ""manage_categories"" capability, add new link page, will show ""add new category"" link and form, it should be hidden. " wjm Future Releases 44524 Allow Users to View Custom Post Type Admin Page Posts, Post Types normal normal Future Release defect (bug) new dev-feedback 2018-07-05T19:39:48Z 2020-02-21T00:26:01Z "Creating a custom post type and giving it custom capabilities, a user who can `edit_posts` but cannot `create_posts` cannot access the admin page: `/wp-admin/edit.php?post_type=cpt`. " wpsmith Future Releases 50002 Hack in get_sample_permalink() can cause filters like post_link, and pre_post_link to have inaccurate post_status in admin Posts, Post Types 5.4 normal normal Awaiting Review defect (bug) new needs-unit-tests 2020-04-24T20:07:13Z 2020-04-26T12:35:32Z "For context: https://github.com/aubreypwd/WordPress/issues/5 When editing a post (that is a draft) in the admin, add a filter to `post_link` you'll notice that the pass for `get_sample_permalink()` shows that `$post->post_status` is set incorrectly (un-truthfully) to `publish`. This is because of a 12 year old block of code in `get_sample_permalink()`: {{{ // Hack: get_permalink() would return ugly permalink for drafts, so we will fake that our post is published. if ( in_array( $post->post_status, array( 'draft', 'pending', 'future' ) ) ) { $post->post_status = 'publish'; $post->post_name = sanitize_title( $post->post_name ? $post->post_name : $post->post_title, $post->ID ); } }}} In order for `post_link` and even `pre_post_link` filters to pass accurate info about a post, the patch I have attached is my first attempt at ensuring `get_sample_permalink()` still gets the same result, while not affecting `post_status`. Obviously I tested this, but I still feel some more testing will need to be done. " aubreypwd Future Releases 32295 Pagination on preview/scheduled posts Posts, Post Types 4.2.2 normal normal Future Release defect (bug) new has-patch 2015-05-07T18:47:45Z 2024-02-22T16:22:35Z "The option to add a NextPage (Pagination) is not functioning in page previews or when a post/page is scheduled to be published. <!--nextpage--> The expected outcome is when adding the code for nextpage, you get links to Page 1, 2, etc. and when you click those links, you are taken to more content. However, when a page/post is not PUBLISHED but is in Preview or Scheduled, the Pagination does not function as expected. Clicking on Page 2 refreshes the page and shows the content on page 1 again. When the page is published, everything works as expected, but for someone who is trying to preview their post before publishing, this is not helpful." jacklyn.jade Future Releases 42323 Posts vs CPT user permissions issue Posts, Post Types 4.9 normal normal Awaiting Review defect (bug) assigned needs-unit-tests 2017-10-24T14:51:56Z 2017-10-24T15:10:29Z "We have the following use case: 1. User does not have access to create new ""Posts"" 2. User does have access to create new Product Submissions (CPT post type) With these prerequisites, when the user clicks on ""New Product Submission"" from the list view (or the edit view), they get the No access message. This happens because in core we check for `edit.php` no_priv instead of `edit.php?post_type=product_submission`." bor0 Future Releases 41226 "Static ""posts page"" preview not working" Posts, Post Types normal normal Awaiting Review defect (bug) reopened needs-unit-tests 2017-07-03T09:41:05Z 2019-02-17T13:21:59Z "My site has both a static front page and a static posts page. The former is intended to be the site's home page, the latter the blog section home page. The static posts page is a regular page, created through the admin interface. Some parts of it are editable by admin - this is a design choice driven by project needs. Whenever I update the static posts page through the editor, the preview doesn't work: '''clicking on the ""preview"" shows the preview of the ""front page"" instead.''' Apart from that, everything works on the front-end side, and I can edit and save the posts page as needed. Unfortunately, as the project is being currently developed, I can't publicly publish urls or screenshots at the time." emross Future Releases 54983 The post has already been deleted. Posts, Post Types 5.4 normal normal Future Release defect (bug) new dev-feedback 2022-01-29T04:22:49Z 2022-10-07T21:37:04Z "Hi, One big issue on 5.9 . when i have deleted post then still on post page & getting error message ""The post has already been deleted."". So i think after delete post need to redirect page on post list? More infomation you can see below mentioned quick video. https://www.loom.com/share/616020077274422c8d90771034d22aff" sumitsingh Future Releases 56590 TypeError error in get_the_content when $elements['page'] and $elements['pages'] are null Posts, Post Types 6.0.2 normal normal Awaiting Review defect (bug) new changes-requested 2022-09-16T21:24:27Z 2022-09-23T01:03:57Z "`if ( $elements['page'] > count( $elements['pages'] ) )` in file `wp-includes/post-template.php` (currently on line 319) throws the following error when those array items are null: `Fatal error: Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given in /wp-includes/post-template.php:319` A case where they would be null is a search request with no results where a plugin like Timber is used to assign $post a non-WordPress-core value. Adding the condition `if ( ! is_null( $elements['page'] ) && ! is_null( $elements['pages'] ) )` solves the problem." cantbelieveitsnotbutter Future Releases 52738 Use of get_object_vars() in sanitize_post() and WP_Post constructor does not handle null byte Posts, Post Types 5.6.2 normal normal Awaiting Review defect (bug) new changes-requested 2021-03-09T14:56:39Z 2023-10-04T08:36:17Z "In places where get_object_vars is used to loop over an objects properties and then trying to access them null bytes are not handled. There is an old bug-report (from me) for map_deep #47164 but now we are experience this in other places too; in sanitize_post and in the constructor of class-wp-post. This is totally destroying our business and I don't know what to do. Since I reported the issue for map_deep I have had to manually patch formatting.php every time there is a WordPress update. But now, trying to handle all the places get_object_vars is used in hopeless. Best approach to handle this would be to always filter the return values from get_object_vars. Something like: {{{#!php <?php $properties = array_filter( fn( $var ) => ord( $var ) !== 0, get_object_vars( $object )); }}} " bitcomplex Future Releases 11207 WordPress may display incorrect message when post is saved/published/etc Posts, Post Types 2.9 normal normal Future Release defect (bug) assigned has-patch 2009-11-20T20:23:23Z 2023-11-30T01:24:00Z When post is saved, WP calls `wp_insert_post_data` filter. Plugin can use it to change post status. But even post status has been changed via plugin, WP still displays message basing on action originally executed by user. Need to change this and take into account final post status too. sirzooro Future Releases 49478 get_post_type_object has the wrong type of validator for its parameter Posts, Post Types 5.3.2 normal normal Awaiting Review defect (bug) new dev-feedback 2020-02-19T18:43:03Z 2020-02-19T20:08:32Z "https://core.trac.wordpress.org/browser/tags/5.3/src/wp-includes/post.php?rev=46727#L1228 get_post_type_object expects a post type as a string as its parameter, however it checks if the parameter is scalar or not and returns null if it is not a number." kamilkecki Future Releases 19958 "Allow custom post types as ""home"" and get_posts() to return results for more than one post type" pbearne* Posts, Post Types 3.3.1 normal normal Future Release enhancement accepted has-patch 2012-02-04T00:59:13Z 2023-11-10T16:27:20Z "In {{{ Wordpress admin > Settings > Reading }}} there is an option to define what the home page or the front page should be {{{ Front page displays }}} Radio button {{{ A static page (select below) }}} is followed by a dropdown containing a list of all pages. I would request that custom page types be allowed in this dropdown. This way, I could make my bbPress forums or my All-in-one event calendar, etc my homepage. " sooskriszta Future Releases 25349 Can't retrieve calculated excerpt bound by <!--more--> on single page view Posts, Post Types 3.6.1 normal normal Future Release enhancement new has-patch 2013-09-18T05:22:53Z 2021-06-01T13:35:00Z "Submitting as Mr. Nacin suggested would be a good idea. The issue in words I understand is: when you use the_excerpt() on (for instance) a custom page template, it ignores the <!-- more --> comment that you might have carefully placed in your content. I would expect it to honor this, since that is kind of the point of that special comment. the_content() will honor it when used on non-single-pages, but in the case of a custom page template, the_content() will of course spit out the entirely of the content. Andrew gave me this code which does the trick: https://gist.github.com/nacin/ab97d4b0e57b169d26d5 but is apparently hacky and not for public consumption. This is my lame visual of where I was running into the issue: http://glui.me/?i=5bcy8yr99pl7xel/2013-09-17_at_4.28_PM_2x.png/ Also apparently I'm not the only one who's had this come up recently: https://twitter.com/ShaneHudson/status/380105193419186176" chriscoyier Future Releases 43740 Filter WP_Post methods (vs. removing final/'get_post' filter) Posts, Post Types normal normal Awaiting Review enhancement new dev-feedback 2018-04-11T21:33:26Z 2020-02-27T11:09:37Z "There has been a lot of demand to remove `final` from `WP_Post` and to add a `get_post` filter, for good reason. There as also be a lot of pushback on those actions, also for very good reason. Both sets of reasons can be found in ticket #24672 and #12955, respectively. In a nutshell for, there are many valid use-cases where being able to extend `WP_Post` would make for more robust and maintainable code. In the against case, removing `'final'` could easily resolve in an explosion of incompatible child classes making plugin interoperability challenging, and backward compatibility almost impossible if code decided to evolve WP_Post in any way. And the `'get_post'` filter would be almost as bad as removing `final`, and I am one who advocated for both for years. However, we actually already have an extensibility mechanism that has shown the test of time and that is the use of filter hooks. Given a judicious use of filter hooks we could actually allow developers to extend `WP_Post` in a compossible manner thus minimizing plugin integration problems and also safeguarding core's ability to add enhancements in the future. The proposal is basically to add filter hooks in the methods of `WP_Post`, and to add a `__set()` and `__call()` magic method as a companion to the existing `__get()` magic method. Here are the filters I am proposing: ||= Filter Hook=||=Method=|| || `'wp_post_supports_instance'` || `__construct()`|| || `'pre_wp_post__isset'` ||`__isset()`|| || `'wp_post__isset'` ||`__isset()` || || `'wp_post__call'` || `__call()` || || `'wp_post__set'` || `__set()` || || `'pre_wp_post__get'` || `__get()` || || `'wp_post_filter'` ||`filter()` || || `'wp_post_to_array'` || `to_array()` || And then this action hook: * `'wp_post__construct'` in `__construct()` I have attached a patch for `class-wp-post.php` that would implement these hooks." MikeSchinkel Future Releases 30188 Introduce utility functions to check constants chriscct7 Posts, Post Types normal normal Awaiting Review enhancement assigned dev-feedback 2014-10-29T23:31:14Z 2017-09-22T10:40:31Z "At the moment it's pretty obnoxious to check the various DOING_* constants throughout core and within plugins and elsewhere. The annoyance is compounded whenever we need to verify multiple constants, for example on the save_post hook: {{{#!php function do_some_post_stuff_the_current_way() { // Bail if doing autosave if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) { return; } // Bail if doing AJAX if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) { return; } // Bail if running cron if ( defined( 'DOING_CRON' ) && DOING_CRON ) { return; } // Maybe some other checks... // Do my stuff.. } add_action( 'save_post', 'do_some_post_stuff_the_current_way' ); }}} I initially set out to solve this problem exclusively for saving posts, but became waylaid just in naming such a function (What are we checking exactly? The environment state/context? The mechanism that triggered save_post? etc). I spent the whole day thinking about it and realized the solution reaches beyond just saving post. Enter `wp_check_constants()` and `is_constant_true()`. The former accepts a single or array of constants, the latter only validates one. In these we confirm first that the constant is defined and then that it is explicitly set to `true`. Full stop. I've written a few different tests to support that the function works as advertised. If the general consensus here is that these functions are useful I'd also be happy to submit patches that introduce them throughout core in place of the current `defined( 'FOO' ) && FOO` conditions. Related: #25669 " rzen Future Releases 8592 Private Pages not listed in the Parent dropdown SergeyBiryukov Posts, Post Types normal critical Future Release enhancement reopened has-patch 2008-12-12T16:22:24Z 2023-12-06T17:33:31Z "Private pages are not available as a choice in the Parent dropdown of the Attributes module. You should be able to create a hierarchy of private pages if you want to. Tested with r10194." mtdewvirus Future Releases 39603 The more posts with similar names you have, the slower you save the next one Posts, Post Types normal normal Awaiting Review enhancement new has-patch 2017-01-16T14:51:13Z 2021-06-16T13:09:56Z "Hello, developers! Thank you for your work on Wordpress! While using Flamingo for saving Contact Form 7 submissions, I encountered a huge slowdown after more than 11 000 submissions had been saved. I thought it was a Flamingo problem, but it appears that all autogenerated post-types in Wordpress can cause this problem. Contact Form 7 saves submissions as posts with 'flamingo_inbound' type, and uses 'your-subject' slug when a form doesn't have a subject (which is my case). So, in all saved form submissions I have 'your-subject, your-subject-2, ..., your-subject-N' slugs generated by wp_unique_post_slug(). The problem is that for every new 'your-subject-N' slug wp_unique_post_slug() issues N-1 SELECT queries. In other words, wp_unique_post_slug() bruteforces a new possible slug, generating a lot of SQL queries fetching all previously saved similar posts. You can see it if you run the attached 'generate-many-posts.php' script from your Wordpress root (more and more queries will be used for saving every new post). Also, let me suggest a solution. With the attached patch we don't bruteforcing the slug suffix. We just get the last appropriate slug, increment it's suffix, and than use this suffix in a new unique slug." bisyarin Future Releases 45035 "allow register_post_type() arg to control whether a CPT's counts are added to the ""At a Glance"" Dashboard widget" Posts, Post Types normal normal Awaiting Review enhancement new has-patch 2018-10-03T15:38:28Z 2019-08-16T19:02:06Z "It would be nice if there an arg to `register_post_type()` that controlled whether the CPT's counts were added to the ""At a Glance"" Dashboard widget, e.g. {{{#!php <?php register_post_type( 'mycpt', array( ..., 'at_a_glance' => true, ... ) ); }}} Ideally, I think it should default to the value of `show_in_menu`, but as current behavior is the equivalent of `false` I'd be OK with that as the default as well. Another ""nice to have"" would be to allow the param to take a string value that would be interpreted as a `post_status` to show the count for, e.g., show counts for custom post_status = `mycustompoststatus` instead of `publish`. I have code that does all of the above, but it would have to be refactored a little bit to submit as a patch (especially to account for the `_builtin` post_types that already appear in AAG). If folks think this would be a good enhancement I'd be glad to work on that refactoring and submit a patch." pbiron Future Releases 7231 wp_link_pages: option next_and_number sorich87* Posts, Post Types normal normal Future Release enhancement accepted has-patch 2008-07-03T09:25:43Z 2019-03-15T00:33:27Z "with the next_or_number option of the wp_link_pages() function, it would be nice to have the option to use both. it gives the user the opportunity to easily go to the next/previous page, without loosing the other option of going immediately to a certain page example: __next__ __1__ 2 __3__ __4__ __5__ __6__ __previous__ " jan831 Future Releases 41564 Search for hyphenated post templates for post types with underscores Posts, Post Types normal normal Awaiting Review feature request new dev-feedback 2017-08-04T17:16:29Z 2017-08-13T15:54:10Z "Custom post type names adhere to the rules within sanitize_key() (lowercase alphanumeric characters, dashes, and underscores). This means registering a post type `some_post_type` is perfectly fine. The archive and single templates would be be `archive-some_post_type.php` and `single-some_post_type.php`. These file names do not adhere to the core standard for file names. Files should be named descriptively using lowercase letters. Hyphens should separate words. Searching for `archive-some-post-type.php` in addition to `archive_some_post_type.php` would allow this standard to be followed better." desrosj Future Releases 12706 Custom post status bugs Posts, Post Types 3.0 normal normal Future Release task (blessed) reopened needs-unit-tests 2010-03-25T14:41:39Z 2022-06-02T13:42:36Z "A developer should be able to register a custom post status using `register_post_status()`. The admin UI (including post submit box and quick edit) should reflect this new custom post status. Furthermore, there are many hard-coded references to 'draft' and 'pending' statuses in core that should properly use the post status API. All existing arguments to `register_post_status()` should be fully implemented, should also support per-post-type arguments. As things get implemented across core, there will likely be a need for supporting capabilities and bits of API. Related: #23169 (register_post_status_for_object_type), #23168 (unregister_post_status)." ptahdunbar Future Releases 44550 The confirmaction page should also be in the user language garrett-eclipse Privacy 4.9.6 normal normal Future Release defect (bug) assigned has-patch 2018-07-09T20:51:37Z 2020-07-20T19:00:16Z "We have the ticket [https://core.trac.wordpress.org/ticket/43985 Privacy: The user request email should be sent in the user language] #43985 so it seems reasonable to also have the ""User action confirmed"" page, in the same user language as the email. Namely the page the user sees after clicking: https://example.com/wp-login.php?action=confirmaction&request_id=...&confirm_key=... from the ""Confirm Action"" email. See screenshot below:" birgire Future Releases 43923 Add a step to the Data Removal/Erasure UX for deleting a user account Privacy normal normal Future Release enhancement new has-patch 2018-05-01T23:19:09Z 2020-07-06T20:18:14Z "In the ERASURE.md file over on #43602, it is mentioned that processing an erasure request does not actually remove the user's account, as that should be a separate step. However, this isn't mentioned anywhere in the UX, and may not match the expectations of some admins who are trying to fulfill a request to completely remove a user. Perhaps the request could include a row action that initiates the process of deleting a user account? Or at least a blurb at the top explaining that account deletion is a separate step over on the Users table." coreymckrill Future Releases 43880 Add functionality to add an anonymous user an get its ID for anonymization of data related to a WordPress user. tz-media Privacy normal normal Future Release enhancement assigned needs-unit-tests 2018-04-27T14:05:28Z 2018-07-09T17:58:08Z "When we need to anonymize data that is (or can be) associated with a WordPress user, we anonymize it by changing the user ID of that data to a user that represents anonymized content. But currently no such user exists, so we set the ID to 0. In order to display an actual user name (at least for posts), we would need an actual user 'Anonymous' that we can re-assign the content to. This might be created on WordPress install by default (maybe even with a User ID of `0` that we can then hardcode into the anonymized functions), or by calling a function like `_wp_privacy_get_anonymous_user_id()` that creates the user if not already created and returns the user ID (that might be stored in a site_option)." TZ Media Future Releases 43809 Add personal data from posts to personal data export tz-media Privacy normal normal Future Release enhancement assigned has-patch 2018-04-19T12:35:02Z 2019-12-18T17:32:24Z Add personal data from posts to the personal data export infrastructure built in #43438 and #43546. TZ Media Future Releases 43879 Add tools for anonymizing of post authors tz-media Privacy normal normal Future Release enhancement assigned needs-unit-tests 2018-04-27T13:46:24Z 2020-09-07T08:30:09Z "Logged-in users that post content can request the removal of their personal data. So we should add functionality to add the posts to the erasure infrastructure that is already committed to trunk. See #43442 for reference (anonymize commenters)." TZ Media Future Releases 43437 Add way for registered users to request deletion or anonymization of their private data Privacy 4.9.6 normal normal Future Release enhancement new dev-feedback 2018-02-28T16:04:55Z 2020-10-17T07:54:02Z "All registered users can edit or delete most of their data in WordPress like name, nickname, email, site, etc. The only exception is they cannot delete or anonymize their own account. Generally a registered user can contact an admin and request this, but it would be better to have a standard ""procedure"" to do that. It will need to be confirmed to avoid misuse. A good way to do that would be to have a simple button on the user profile screen where the user can request anonymization. Clicking it will email the user a confirmation link, similar to the password reset link. When clicked, it will load wp-admin again and will send email to the site admin. " azaozz Future Releases 43738 Make the personal data Export/Delete functionality available in network-wide for super admins Privacy normal normal Future Release enhancement new has-patch 2018-04-11T10:30:27Z 2020-10-07T18:41:05Z "There are approaches where single sites in a network are not independent, but integral parts of one website, interdependent in some way, or should be handled together for other reasons. Therefore a view for GDPR export and delete similar to the one in a single site would be needed to manage network-wide requests in addition to the site-wide requests that should still work as expected if the site is part of a network. This should gather the data from all sites in a network, and export them in one file. Common use cases are: * Site utilizing network installs using plugins like Multilingual Press for different language versions of one site * Network installs where different sites in a multisite behave like one website to the end-user (same design, shared functionality, shared user base)" TZ Media Future Releases 44500 Mark data requests failed when an expired link is clicked Privacy 4.9.6 normal normal Future Release enhancement new has-patch 2018-07-03T15:44:54Z 2018-09-06T22:10:47Z "When a user data request expires (the user does not click the confirmation link within the specified timeframe), it is transitioned to the `request-failed` status. Currently, data export/erasure requests are only marked as `request-failed` when an administrator visits the Export/Erase Personal Data pages (which will be pretty infrequent). #44498 aims to move transitioning of expired requests to `request-failed` with a cron, but a request could also be marked as expired when a user clicks an expired link." desrosj Future Releases 49602 New design for Privacy settings page and hooks Privacy normal normal Awaiting Review enhancement new dev-feedback 2020-03-08T19:15:39Z 2020-12-16T07:55:25Z "I proposed a year ago some changes on privacy settings page Hereattached are the updated screenshots Can it be possible to add a hook on this page for plugins to add some simple settings. Thank you" arena Future Releases 44267 Privacy Request List Table: A way to show the time of request when it's older than 24 hours. Privacy 4.9.6 normal normal Future Release enhancement new has-patch 2018-05-29T18:41:09Z 2019-01-27T07:21:19Z "When the request is older than 24 hours, then we can't see time of the request. An example: {{{ May 18, 2018 }}} The related methods are: - {{{WP_Privacy_Requests_Table::get_timestamp_as_date()}}}. - {{{WP_Privacy_Requests_Table::column_default()}}}. For comparison, here's an example from the ''posts'' list table in ''list'' view: {{{ <abbr title=""2018/05/14 8:41:52 am"">2018/05/14</abbr> }}} and in the ''excerpt'' view: {{{ Published <br/> 2018/05/14 8:41:52 am }}} Here's an example from the ''comments'' list table: {{{ 2018/04/20 at 5:35 pm }}} I'm not sure the {{{<abbr>}}} is suitable here, after reading: https://stackoverflow.com/a/32892825/2078474 " birgire Future Releases 44179 Use wp_update_comment instead of $wpdb->update $wpdb->comments when anonymizing comments Privacy 4.9.6 normal normal Future Release enhancement new has-patch 2018-05-21T20:13:59Z 2020-10-16T22:44:17Z "During the course of the development on #43442 we switched from `wp_update_comment` to a direct `$wpdb->update( $wpdb->comments, $anonymized_comment, $args );` Unfortunately, plugins that do things with comments when they change are more likely to hook wp_update_comment - so plugins like that are unaware when comments are anonymized Let's switch back to wp_update_comment (as it was in earlier diffs on that ticket) cc @azaozz" allendav Future Releases 18408 Can't wp_reset_postdata after custom WP_Query in an admin edit page audrasjb Query 4.7.2 normal normal Future Release defect (bug) assigned needs-unit-tests 2011-08-15T02:38:07Z 2024-02-19T22:14:25Z "While on an edit post page (or any post type), if you create a custom WP_Query object before the editor has been output, the post data from the custom WP_Query will fill out the edit post form, not the original content of the post that is actually trying to be edited. I found this out when trying to create a custom metabox in the 'side' context. You can reproduce this by inserting this code into a plugin: {{{ add_action( 'add_meta_boxes', 'myplugin_add_custom_box' ); function myplugin_add_custom_box() { add_meta_box( 'myplugin_sectionid', __( 'My Post Section Title', 'myplugin_textdomain' ), 'myplugin_inner_custom_box', 'post', 'side' ); } function myplugin_inner_custom_box() { global $post; $a = new WP_Query('post_type=page'); while($a->have_posts() ) : $a->the_post(); endwhile; wp_reset_postdata(); } }}} This happens because $wp_query->post is never defined in the admin load, which wp_reset_postdata relies on to reset the original post data. I am attaching a patch that defines $wp_query->post after the $post global has been defined. " ericlewis Future Releases 39428 Die fast in get_posts if get_user_by returns false Query 4.7 normal normal Future Release defect (bug) new has-patch 2016-12-30T14:35:06Z 2019-03-15T00:52:08Z "In case a username in the URL or passed to WP_Query via any other way is invalid - such a user is not in database - the code currently casts the `false` value returned from `get_user_by` to 0 via `absint` - see https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-query.php#L2126 Instead of trying to query unassigned posts (with `post_author` equal to `0`) for all invalid usernames, the query should die fast and return no posts." david.binda Future Releases 55917 Fatal error in WP6.0 when calling get_current_screen on the pre_get_posts action Query 6.0 normal normal Future Release defect (bug) new has-patch 2022-06-04T10:37:52Z 2023-09-23T13:31:50Z "In 5.9 and earlier versions, it's possible to call `get_current_screen` from within a function that runs on the `pre_get_posts` hook. But in version 6.0 it causes a fatal error `Call to undefined function get_current_screen()`. {{{ add_action( 'pre_get_posts', 'abcdef_sort_posts' ); function abcdef_sort_posts( $query ) { if ( wp_doing_ajax() ) { return; } if ( ! is_admin() ) { return; } $screen = get_current_screen(); if ( 'edit-page' == $screen->id ) { $query->set( 'orderby', 'post_title' ); $query->set( 'order', 'DESC' ); } } }}} I came across the issue on two sites, I can reproduce it by installing 5.9 with no plugins enabled, adding the above code in a plugin or `functions.php`, everything works fine, then upgrading to 6.0 and visiting any admin screen causes the fatal error. Front-end is fine." lumpysimon Future Releases 39945 WP_Query::get_posts fails to correctly sanitize 'posts_per_page' Query 4.7.2 normal normal Awaiting Review defect (bug) new dev-feedback 2017-02-22T21:34:01Z 2020-03-03T22:32:24Z "WP_Query::get_posts fails to correctly sanitize the 'posts_per_page' argument when a negative value in range (-2, -1) is supplied. == Example == The following get_posts query causes an exception: {{{ get_posts(array('posts_per_page' => '-1.5')); }}} Exception: WordPress database error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-1' at line 1 for query SELECT wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'post' AND ((wp_posts.post_status = 'publish')) ORDER BY wp_posts.post_date DESC LIMIT 0, -1 made by get_posts, WP_Query->query, WP_Query->get_posts == Cause == Incomplete sanitization in WP_Query::get_posts(), line 1775 - 1779: {{{ $q['posts_per_page'] = (int) $q['posts_per_page']; if ( $q['posts_per_page'] < -1 ) $q['posts_per_page'] = abs($q['posts_per_page']); elseif ( $q['posts_per_page'] == 0 ) $q['posts_per_page'] = 1; }}} == Impact == Some plugins (e.g. Woocommerce) initialize the posts_per_page argument with user supplied values and may suffer from an information disclosure vulnerability, depending on the webserver configuration. Confirmed on the latest Wordpress version 4.7.2. First reported at 19.02.2017 to security[at]wordpress.org without response (not nice!), so I assume you do not consider this security relevant in accordance with e.g. https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-there-path-disclosures-when-directly-loading-certain-files" biisent Future Releases 56311 Week query variable is not being sanitized correctly audrasjb Query normal normal Future Release defect (bug) assigned has-patch 2022-07-30T09:44:25Z 2023-10-04T00:43:54Z "If you add a ""w"" query variable to the URL of a WordPress website, for example ... http://localhost/?w=1234 ... the following PHP error notice is generated ... PHP Notice: Function WP_Date_Query was called <strong>incorrectly</strong>. Invalid value <code>1234</code> for <code>week</code>. Expected value should be between <code>1</code> and <code>53</code>. Please see <a href=""https://wordpress.org/support/article/debugging-in-wordpress/"">Debugging in WordPress</a> for more information. (This message was added in version 4.1.0.) in /wp-includes/functions.php on line 5831 This is because the `w` query string is not being correctly sanitized before being added to WP_Query. It should be checked that it is a number between 1 and 53 before being added to the query. Oliver" domainsupport Future Releases 24142 Zero value for posts_per_page value in wp_query custom instance and for 'Blog pages show at most' option SergeyBiryukov Query normal normal Future Release defect (bug) reviewing dev-feedback 2013-04-20T09:04:16Z 2024-02-18T16:12:32Z "To show no posts if the posts_per_page value is 0. Currently for custom instances of wp_query, if the value is 0 then this is changed with the value from posts_per_page option from the database. ""get_options( 'posts_per_page' )"" For home page if we set value 0 on the settings page, in wp-admin/options-reading.php, after the saves are changed, this value is changed to 1. I think for both cases if the posts per page value is 0 then no posts should not display. " alexvorn2 Future Releases 37530 is_front_page() is based on wrong data -> gives wrong results Query 4.5.3 normal normal Future Release defect (bug) new needs-unit-tests 2016-07-31T14:28:49Z 2020-01-07T20:25:04Z "1) is_front_page() is based on the SQL query, so it always gives back false when you try to use it eg at pre_get_posts. If it has no way to figure it out if it's the front page or not, it should return null instead 2) is_front_page() in themes gives the wrong result false back when you set an static page for the front page and then modify the main query on start page to posts or any other custom post type except page. This forces you to make an additionally SQL query instead of using the main query to build a custom front page. Both is because of this: https://core.trac.wordpress.org/browser/tags/4.5.3/src/wp-includes/query.php#L4458 . This does not really make sense to get the front page." TheInfinity Future Releases 20899 is_home() should be able to be true when is_feed() Query normal normal Future Release defect (bug) reviewing dev-feedback 2012-06-10T19:28:36Z 2017-05-19T15:04:27Z "is_feed() is a special query flag that can be combined with other query flags — for example, `is_author() && is_feed()` for /author/admin/feed/. But it can't be combined with is_home(), because is_home() is the fallback that is only set to true when a lot of other things are true — including is_feed(). This appears to be incorrect — is_home() should still be able to be true despite is_feed(). I tracked this down to [1449]. What kind of breakage could occur with this?" nacin Future Releases 57416 Do not split query if requesting one post spacedmonkey Query 3.0 normal normal Future Release enhancement assigned needs-unit-tests 2023-01-03T13:49:30Z 2023-11-16T12:36:42Z When using WP_Query and requesting posts_per_page = 1, there is little to no value in splitting the query and priming posts using _prime_post_caches. This results in one query to get the posts and another to prime it. This means two database queries when this could simply be one. spacedmonkey Future Releases 48193 Improve the WordPress loop Query normal normal Awaiting Review enhancement new dev-feedback 2019-10-01T18:53:57Z 2024-01-20T15:01:13Z "Currently, there are a number of ways that the ""loop"" can be handled in WordPress. Each depends on whether you are using the WP_Query global, a custom WP_Query instance, or an array of posts. I propose that we add a PHP 5.6+ compatible generator function called `wp_loop()` that will simplify all of these use cases into a single, more modern approach. See [https://wpscholar.com/blog/creating-better-wordpress-loop/]" wpscholar Future Releases 40434 Optimize SQL in Admin - In the Post/CPT List `wp-admin/edit.php` > the function get_posts() Query 4.7.3 normal normal Awaiting Review enhancement new has-patch 2017-04-13T09:00:56Z 2018-01-17T20:31:06Z "When we list a post, a page or a custom-post-type the default query is {{{ SELECT SQL_CALC_FOUND_ROWS en_posts.ID FROM en_posts WHERE 1=1 AND en_posts.post_type = 'post' AND (en_posts.post_status = 'publish' OR en_posts.post_status = 'moderation' OR en_posts.post_status = 'refusal' OR en_posts.post_status = 'future' OR en_posts.post_status = 'draft' OR en_posts.post_status = 'pending' OR en_posts.post_status = 'private') ORDER BY en_posts.post_date DESC LIMIT 0, 20 }}} This query cause slow queries. The operation `OR` is not appropriate and not optimize. It is better to use the operation `IN`. I propose to change lines in the `clasw-wp-query.php` line 2348: Today : {{{#!php <?php } elseif ( !$this->is_singular ) { $where .= "" AND ({$wpdb->posts}.post_status = 'publish'""; // Add public states. $public_states = get_post_stati( array('public' => true) ); foreach ( (array) $public_states as $state ) { if ( 'publish' == $state ) // Publish is hard-coded above. continue; $where .= "" OR {$wpdb->posts}.post_status = '$state'""; } if ( $this->is_admin ) { // Add protected states that should show in the admin all list. $admin_all_states = get_post_stati( array('protected' => true, 'show_in_admin_all_list' => true) ); foreach ( (array) $admin_all_states as $state ) { $where .= "" OR {$wpdb->posts}.post_status = '$state'""; } } if ( is_user_logged_in() ) { // Add private states that are limited to viewing by the author of a post or someone who has caps to read private states. $private_states = get_post_stati( array('private' => true) ); foreach ( (array) $private_states as $state ) { $where .= current_user_can( $read_private_cap ) ? "" OR {$wpdb->posts}.post_status = '$state'"" : "" OR {$wpdb->posts}.post_author = $user_id AND {$wpdb->posts}.post_status = '$state'""; } } $where .= ')'; } }}} The proposition : {{{#!php <?php } elseif ( !$this->is_singular ) { $where_status[] = 'publish'; // Add public states. $public_states = get_post_stati( array('public' => true) ); foreach ( (array) $public_states as $state ) { if ( 'publish' == $state ) // Publish is hard-coded above. continue; $where_status[] = $state; } if ( $this->is_admin ) { // Add protected states that should show in the admin all list. $admin_all_states = get_post_stati( array('protected' => true, 'show_in_admin_all_list' => true) ); foreach ( (array) $admin_all_states as $state ) { $where_status[] = $state; } } if ( is_user_logged_in() ) { // Add private states that are limited to viewing by the author of a post or someone who has caps to read private states. $private_states = get_post_stati( array('private' => true) ); foreach ( (array) $private_states as $state ) { $where_status[] = $state; $where_post_author = current_user_can( $read_private_cap ) ? """" : "" OR {$wpdb->posts}.post_author = $user_id""; } } $where .= "" AND ( {$wpdb->posts}.post_status IN ('"" . implode(""','"",$where_status) . ""')""; $where .= $where_post_author; $where .= ')'; } }}} And the result is better : {{{ SELECT SQL_CALC_FOUND_ROWS en_posts.ID FROM en_posts WHERE 1=1 AND en_posts.post_type = 'post' AND ( en_posts.post_status IN ('publish','moderation','refusal','future','draft','pending','private')) ORDER BY en_posts.post_date DESC LIMIT 0, 20 }}} It would be interesting to do the same work on other parts of get_posts where the `OR` is used." lriaudel Future Releases 56689 Use WP_Query in get_page_by_path spacedmonkey Query normal normal Future Release enhancement reopened dev-feedback 2022-09-29T10:35:58Z 2023-02-07T04:15:36Z Use `WP_Query` in `get_page_by_path`, this this correctly primes caches and is cached itself. spacedmonkey Future Releases 53450 [WP_Meta_Query] Add faster LIKE based 'STARTSWITH' and 'ENDSWITH' compare modes for value query Query normal trivial Future Release enhancement new needs-docs 2021-06-18T15:57:59Z 2022-09-20T14:56:48Z "Currently the ""LIKE"" compare mode for meta value compares is only usable for ''contains'' queries as it always adds wildcards around all queries {{{LIKE '%query%'}}}. This makes one use the more complex REGEXP compare mode for queries which easily could be written with {{{LIKE '%query'}}} or {{{LIKE 'query%'}}}. As LIKE is faster than REGEXP it is preferable to use LIKE. See: http://billauer.co.il/blog/2020/12/mysql-index-pattern-matching-performance/ In addition people don't have to use the much more complex regex. Which tends to introduce errors in my experience as most people just copy & paste but do not understand how regex really works (not meant as an offense). So REGEXP should be avoided if possible. I would suggest naming the new compare types {{{STARTSWITH}}} and {{{ENDSWITH}}}. Also adding their {{{NON ...}}} counter parts to match up the ''LIKE'' behaviour. **Maybe** also add an alias for ''LIKE'' named {{{CONTAINS}}} as the current naming ''LIKE'' suggests that you could pass in the wildcards yourself. Which is not the case and thus misleading. But this is just for the sake of the tickets completenes. The pull request only contains code and tests for the new modes. As an alternative I thought about reworking the current LIKE mode to allow custom wildcard passing. But this will clearly break backward compat and thus I discarded this approach." janthiel Future Releases 17019 add hooks for Media Library attachment counts SergeyBiryukov Query 2.5 normal normal Future Release enhancement reviewing has-patch 2011-04-02T16:48:24Z 2022-03-03T11:07:24Z "The Media Library attachments listing and edit links can be filtered via existing WP_Query and has_cap hooks. However, corresponding attachment counts are not cleanly filterable. The submitted ticket adds the following filters: * function wp_count_attachments() - result filter 'count_attachments' * WP_Media_List_Table::get_views() - query filter 'attachment_orphans_query' * function update_gallery_tab() - query filter 'gallery_attachment_count_query'" kevinB Future Releases 43842 get_children() function enhancement. Query normal normal Awaiting Review enhancement new has-patch 2018-04-24T12:06:31Z 2019-01-16T06:50:09Z This `get_children` function can be rewritten this way. And I think this is cleaner and better. rnaby Future Releases 39186 Bulk actions not correctly applied when selecting bulk actions in both the top and bottom bulk actions dropdowns engelen Quick/Bulk Edit 4.7 normal normal Future Release defect (bug) assigned needs-unit-tests 2016-12-08T14:48:44Z 2023-02-28T16:25:04Z "In `WP_List_Table` objects, the bulk actions dropdown and ""Apply"" button is displayed twice: once below the table and once above the table. The `name` attribute of the bulk actions dropdown element is always set ""action"". This wouldn't be a problem if the top and bottom actions were two in different forms. However, both dropdown elements are in the `posts-filter`-form. You can start to see the problem here. Two form elements both have the same name, which yields unexpected behaviour when trying to apply bulk actions. Take the following use case, for example: - Select some posts from the posts list in `/wp-admin/edit.php`. - Select ""Edit"" from the bulk actions dropdown above the list table. - Select ""Move to Trash"" from the dropdown below the list table. - Click the apply button next to the dropdown on the bottom of the list table. - The submit request is sent. You would expect the posts to be moved to the trash, but instead, nothing happens. Screencast of bug: http://recordit.co/EjHAbw2KNr The solution I see would rename the dropdowns for the top and bottom dropdowns (they already have different names) and name the ""Apply"" buttons. Then, when one of the buttons is pressed, execute the corresponding bulk action. In any case, we shouldn't have any two form elements with the same name in a single form." engelen Future Releases 25696 Double clicking update on list table inline edit removes row from dom Quick/Bulk Edit 3.1 normal normal Future Release defect (bug) assigned has-patch 2013-10-25T10:09:29Z 2018-10-12T15:31:29Z "**Steps to reproduce: ** Open ""Quick Edit"" -> Save the category(or tag) by double-click on save-button. ( or press twice ). **Expected behaviour:** Save the category(or tag) , and refresh the table-row. **Actual behaviour:** Save the category(or tag), But disappear the table-row." mt8.biz Future Releases 39946 Private posts can be sticky when bulk editing them from wp-admin/edit.php Quick/Bulk Edit normal normal Awaiting Review defect (bug) new reporter-feedback 2017-02-22T22:10:00Z 2023-02-07T19:11:34Z "[[Image(https://cldup.com/ZsJC4iH0GM.png)]] Although it's not possible to inline-edit a Private post to be sticky or to Publish a private post as sticky from the Publish meta box, as shown on the above screen capture, it's possible to do it using the Bulk edit action of the `wp-admin/edit.php` screen." imath Future Releases 58479 Add notice if no posts are selected in Bulk Edit quadthemes Quick/Bulk Edit 6.2.2 normal normal 6.6 enhancement assigned has-patch 2023-06-08T07:13:01Z 2024-02-18T16:10:37Z "On the Posts screen(s), clicking the bulk actions Apply button without selecting any posts does not show an error message. 1. Visit the Posts screen. 2. Choose ""Edit"" in the Bulk actions dropdown. 3. Without checking any checkboxes, click the Apply button. Nothing seems to happen. 4. Choose ""Move to Trash"" in the Bulk actions dropdown. 5. Click the Apply button. The page reloads but cannot move anything to Trash. 6. Choose ""Bulk actions"" at the top of the Bulk actions dropdown. 7. Click the Apply button. The page reloads with a query string in the URL. I have checked and it should be a message on the page/post list as per added notice message on the plugin page. For more information, you can see mentioned quick video. Thank you" sumitsingh Future Releases 12684 Add Edit to Bulk Actions menu on Categories screen dipalidhole27gmailcom Quick/Bulk Edit 3.0 normal normal Future Release feature request assigned has-patch 2010-03-23T17:04:15Z 2023-02-08T19:38:29Z On edit-tags.php?taxonomy=category the only bulk action is Delete, because we never got around to adding Edit. We should add Edit to the bulk actions menu so people can change category parents easily. Has been requested on the Ideas forum a number of times, so am starting a ticket. If there's a technical reason not to add Edit to the bulk actions on this screen, then we should get rid of the menu and just have a Delete button. Adding Edit would be preferable, though, for consistency and usefulness. jane Future Releases 54516 Full site editing/REST-API: modify permission checks to use post type. REST API 5.9 normal normal Future Release defect (bug) assigned needs-unit-tests 2021-11-25T23:39:15Z 2024-02-19T20:33:19Z "The new `wp_global_styles` post type is registered to use `edit_theme_options` in the capability settings. The `WP_REST_Global_Styles_Controller` class's permission checks methods use the capability in a hard coded form rather than using `$post_type->cap->edit_posts`, etc, for the primitives and `edit_post, $post_id` for the meta caps. To allow theme and plugin developers to modify the capability used for editing global styles via a filter, it would be good to defer to the post types setting. At the moment, such code would cause a conflict between the permission checks in the API and those in `wp_insert_post()`. I'll put this on the 5.9 milestone for visibility as the endpoint was introduced during the current cycle." peterwilsoncc Future Releases 43681 Incorrect HTTP status code in 'posts' query. REST API 4.4 normal normal Future Release defect (bug) new has-patch 2018-04-02T23:43:41Z 2019-05-24T19:33:58Z "I am using the WordPress (v4.9.4) JSON API, specifically this URL: {{{ http://.../wp-json/wp/v2/posts }}} This works great. When I request a 'status': {{{ http://.../wp-json/wp/v2/posts?status=draft }}} I get this error: {{{ { ""data"": { ""status"": 400, ""params"": { ""status"": ""Status is forbidden."" } }, ""code"": ""rest_invalid_param"", ""message"": ""Invalid parameter(s): status"" } }}} It took me a bit to realize that the problem is not that the request (or `status` keyword) is in valid, but that requesting drafts requires authentication. I'd like to request that HTTP status 401 (unauthorized) be returned instead of 400 (bad request). The request is not bad, just requires authentication." demitrimuna Future Releases 50012 "REST API: Fields filter does not work with ""object"" collection responses" REST API 4.8 normal normal Future Release defect (bug) new has-patch 2020-04-25T22:10:43Z 2023-09-19T21:36:31Z "As reported in [https://wordpress.slack.com/archives/C02RQC26G/p1587758552319200 #core-restapi], trying to use the `_fields` parameter with the `wp/v2/taxonomies` route does not return the expected result. Instead, an empty set is returned. `http://trunk.test/wp-json/wp/v2/taxonomies?_fields=name` Looking into it, this happens with both the `taxonomies` and `types` route because they return an ""object"" collection response. That is, instead of returning an array, they return an object keyed by the taxonomy or post type slug. {{{ { ""category"": { ""name"": ""Categories"", ""slug"": ""category"" } } }}} instead of... {{{ [ { ""name"": ""Categories"", ""slug"": ""category"" } ] }}} This means that the `wp_is_numeric_array` check in `rest_filter_response_fields` to try and determine whether this is a collection response fails and it treats the response as a single object, and then ends up removing all the properties. It appears that the `_fields` check inside of the controller itself work, it is just the ""fallback"" filtering that doesn't work and ends up corrupting the response. A possible fix would be to somehow mark that a response has already been filtered, and `rest_filter_response_fields` does not need to be run. This would probably also be a performance benefit." TimothyBlynJacobs Future Releases 41358 Shutdown hooks can significantly slow down REST API responses REST API normal normal Awaiting Review defect (bug) new dev-feedback 2017-07-18T16:36:56Z 2019-01-30T16:09:27Z "If you have a site with some slow, maybe deferred actions hooked into `shutdown`, these actions will slow the response from the REST API unnecessarily. To test, simply add the following then do a request to the WP Rest API: {{{#!php <?php add_action( 'shutdown', 'delay_shutdown' ); function delay_shutdown() { sleep( 3); } }}} The response will not be sent out until all of these shutdown hooks are completed. In our case, we found that some heavy sync functions ran on shutdown would cause our API calls to WooCommerce API timed out, when really the response could have been sent much earlier so these calls could run afterwards. This is semi-related to https://core.trac.wordpress.org/ticket/27122 in that the fix could be along those lines. This isn't a solution we feel should be merged into WooCommerce itself because it would be more consistent to have it in WP itself, but see https://github.com/woocommerce/woocommerce/pull/16158/files So on shutdown, it ends any sessions, uses `fastcgi_finish_request` if available, and falls back to flushing. The response is sent and received, and shutdown continues on in the background. The response is sent before the `sleep(3`) in this test case. This could be applied to just REST API requests, or everywhere, depending on everyones feedback. If REST API only, it may make sense to fire an action after the response is sent to avoid `shutdown` hook altogether. " mikejolley Future Releases 43502 `WP_REST_Posts_Controller::prepare_item_for_response()` doesn't reset postdata after calling setup_postdata() REST API 4.9.4 normal normal Future Release defect (bug) new has-patch 2018-03-08T16:45:41Z 2023-06-09T11:19:36Z "Hi all, I seem to have stumbled upon a small oversight in `WP_REST_Posts_Controller::prepare_item_for_response()` , where it doesn't reset postdata after calling `setup_postdata()`, rendering this part of the API useless for developers who want to use this API in their custom code. Ran into it while writing a custom function, that uses this part of the API to convert a regular post object into an object that matches the json scheme of the API. I’ve fixed it temporarily by doing setting `$GLOBALS[ 'post' ] = $original_post_id` in my function (and by passing `original_post_id` as parameter to my function) - but it seems to me that this should be fixed in core. {{{#!php function convert_post_object_to_rest_response($post) { global $wp_rest_server; $post_type = get_post_type_object($post->post_type); $request = WP_REST_Request::from_url(rest_url(sprintf('wp/v2/%s/%d', $post_type->rest_base, $post->ID))); $request = rest_do_request($request); $data = $wp_rest_server->response_to_data($request, isset($_GET[ '_embed' ])); return $data; } }}} It returns the right data, which is great - but when i in turn use this function to supply a field in one of my endpoints with this dat, all fields below it seem to inherit the ID i’ve passed. i’ve traced this back to `WP_REST_Posts_Controller::prepare_item_for_response`, where it’s doing a `setup_postdata` call without resetting it later. For now i’ve fixed it by setting `$GLOBALS[ 'post' ] = $original_post_id` in my function (and by passing `original_post_id` as parameter to my function), but I figured i'd report it here so it can be fixed from the core. " gerbenvandijk Future Releases 50493 more detailed notice for register_rest_route REST API 5.4.2 normal normal Future Release defect (bug) new has-patch 2020-06-28T10:27:20Z 2020-07-26T22:29:53Z "After a few plugins on my website have received updates recently, I started seeing hundreds of these notices on my backend: {{{ Notice: register_rest_route was called incorrectly. Namespace must not start or end with a slash. Please see Debugging in WordPress for more information. (This message was added in version 5.4.2.) in /var/www/vhosts/bibleget.io/httpdocs/wp-includes/functions.php on line 5167 }}} Sure I can try disabling the plugins one at a time to find which one is the culprit, but it would be helpful to know who is trying to call register_rest_route() , it would make life that much easier and I can contact the plugin author to let them know. Would it be possible to give a little bit more of a stacktrace when giving these notices? " Lwangaman Future Releases 56350 Allow exact search in REST API REST API 4.7 normal normal Future Release enhancement new has-patch 2022-08-08T14:53:25Z 2022-11-25T09:51:07Z "Wordpress only allows full text search when using the REST API but doesn't allow exact search. Yet, the exact search is possible using a search query like: {{{ http://website.com/?s=keyword&exact=1 }}} When you have tens of thousands of posts, being forced to do a full text search can take several seconds and impacts the performance of the website. It would be an improvement to allow exact search in the WP_REST_Posts_Controller in order to allow REST API requests like: {{{ http://website.com/wp-json/wp/v2/posts?s=keyword&exact=1 }}} " jimmyh61 Future Releases 20746 Accessing non-existing theme folder in Network install gives 500 error Rewrite Rules 3.3.2 normal normal Future Release defect (bug) reopened dev-feedback 2012-05-25T10:28:39Z 2023-08-30T15:49:37Z Accessing non-existing theme folder in Network install gives 500 error and following error in error log: ''Request exceeded the limit of 10 internal redirects due to probable configuration error.'' arkimedia Future Releases 43746 Custom post type single post feed returns a 404 if has_archive is set to false when calling register_post_type() SergeyBiryukov Rewrite Rules 4.9.5 normal normal Future Release defect (bug) reviewing needs-unit-tests 2018-04-12T13:58:17Z 2019-01-16T03:58:48Z "When using {{{register_post_type()}}}, the single post feed returns a 404 if {{{has_archive}}} is set to false. This seems to happen regardless of the value of {{{feeds}}} in the {{{rewrite}}} array. For example: {{{ register_post_type( 'example', array( 'rewrite' => array( 'slug' => 'my-custom-post-type', 'feeds' => true ), 'has_archive' => false ) ); }}} {{{ $ curl -IL https://example.com/my-custom-post-type/some-text/feed/ HTTP/1.1 404 Not Found }}} I'd expect a feed for the post to be built if {{{feeds}}} is set to {{{true}}}. Note I have flushed permalinks." henry.wright Future Releases 40525 apply_filters_deprecated() in WP_Rewrite SergeyBiryukov Rewrite Rules normal normal Future Release enhancement reviewing has-patch 2017-04-22T10:20:36Z 2021-06-01T13:55:01Z Use apply_filters_deprecated() for deprecated filters. sebastian.pisula Future Releases 42404 Introduce singular capabilities for managing individual plugins Role/Capability normal normal Future Release enhancement new needs-unit-tests 2017-11-01T22:11:24Z 2018-04-18T20:37:39Z "In #38652, singular capabilities were added for activating and deactivating individual plugins. The same should be added for other management actions for plugins: * `edit_plugin` (ability to adit plugin via the Plugin Editor) * `delete_plugin` (ability to outright delete the plugin) * `update_plugin` (ability to update a plugin) Network activation and deactivation will be handled in #42403" johnbillion Future Releases 41990 wp_add_inline_script() does not print if the handler has already processed Script Loader 4.5 normal normal Future Release defect (bug) new dev-feedback 2017-09-26T06:05:37Z 2023-04-12T04:51:08Z "If the wp_add_inline_script() function (with 'after' position set) is called after the head scripts have already been printed and the handler specified on wp_add_inline_script() is part of the head printed scripts, the code is not added later in the footer. Probably it should. Example a plugin which implements a shortcode needs to add some jquery inline statement only when the shortcode is executed (to add the js code only on relevant pages). It enqueues jquery to be added in the footer and a piece of inline script. But another plugin or the theme enqueues jquery in the header (as many do): the above inline code is not printed but it actually does not need to be exactly after the jquery inclusion. Stefano." satollo Future Releases 22249 Add ability to set or remove attributes on enqueued scripts and styles. Script Loader normal normal Future Release enhancement assigned has-patch 2012-10-21T23:29:13Z 2022-06-02T10:08:08Z "I think it should be easier to customize the loading of scripts and styles (easier to customize the markup generated by the script/style system). Proposed solutions: '''Solution 1:''' Allow `wp_enqueue_script`, `wp_enqueue_style`, `wp_register_script`, `wp_register_style` to accept an array of attributes as the `$src` parameter. For example: {{{ wp_enqueue_script( 'my-plugin', array( 'src' => 'http://example.com/js/app.js' 'defer' => '' 'data-my-plugin' => 'custom data attr value' ), array('jquery'), null, true ); }}} '''Solution 2:''' Add a filter before the markup is generated that allows devs to filter the attributes while they are in array format. For example: {{{ add_filter('script_loader_attrs', function ($attrs, $handle) { unset ( $attrs['type'] ); 'my-plugin' === $handle and $attrs['data-my-plugin'] = 'plugin data'; $attrs['src'] = remove_query_arg( $attrs['src'] ); return $attrs; }, 12, 2); }}} In class.wp-scripts.php it might look something like: {{{ $attrs = (array) apply_filters('script_loader_attrs', $attrs, $handle); }}} and/or: {{{ $attrs = (array) apply_filters(""{$handle}_script_loader_attrs"", $attrs ); }}} ---- I imagine that solution '''2''' would be easier to implement than '''1''', and '''2''' allows for themes/plugins to modify scripts/styles w/o re-registering resources. The key feature of both solutions is the ability to modify the attrs while in array format. There are other ways that one could achieve the same results, but the array is '''by far the cleanest'''. Dirty alternatives include: * Use `preg_replace()` on the markup after it is generated (see #22245) * Use output buffers and PHP's DOMElement interface * Filter away the ""print_scripts_array"" and regenerate the markupmanually.)" ryanve Future Releases 48880 Using JSON.parse instead of an actual object literal when localizing scripts Script Loader normal normal Awaiting Review enhancement new has-patch 2019-12-05T00:34:18Z 2019-12-06T20:17:43Z "As the V8 team at Google stated in their ""The cost of JavaScript in 2019"" [https://v8.dev/blog/cost-of-javascript-2019#json]"" blog post using {{{JSON.parse()}}} is generally faster (~18%) for configuration object literals such as the output of the localize method of the WP_Scripts class. As the output of the localize method is already rendered using {{{wp_json_encode()}}} the change would be quite trivial and backward compatible. Added a diff with additional changes to the block editor init script using the same method." naxvog Future Releases 40485 Add function for retrieving metadata from registered script Script Loader 4.2 normal normal Awaiting Review feature request new has-patch 2017-04-19T17:15:32Z 2017-06-07T21:13:49Z "There is currently a function for adding metadata to a registered script (`wp_script_add_data()`), but no function for retrieving that metadata. '''My use case''' I am trying to write a unit test for a function in my plugin that generates data and calls `wp_localize_script()` to ensure the expected data is passed for localization. '''Other Use Cases''' I could see other use cases where a plugin could change a metadata value or add a new key if a certain value is assigned to a certain key." desrosj Future Releases 24907 Escape admin_url() when used for ajax_url in admin header Security 2.7 normal normal Awaiting Review defect (bug) reopened has-patch 2013-07-31T21:43:07Z 2019-06-04T13:51:37Z As `admin_url()` is filtered right before returning, it should be escaped when output for use as the ajax_url in the admin. jeremyfelt Future Releases 16483 Visibility: password-protected exposes multiple pages Security 3.0.4 normal normal Future Release defect (bug) new dev-feedback 2011-02-07T19:02:15Z 2022-01-30T16:40:27Z "1. password protect a page ('protected') with a password 2. password protect another page ('thistoo') with the SAME password 3. visit 'protected' and enter the password. Page is visible 4. visit 'thistoo'; expected: prompt for password. What happens: Page is visible Regardless of whether someone with a password has the right to try it in as many pages as they want (and would therefore successfully see the page if the passwords were the same), the user should still be prompted on a page-by-page basis. Global authentication to multiple pages is possible with user accounts and roles. It should not be possible with visibility: password-protected pages." monkeyhouse Future Releases 21022 Use bcrypt for password hashing; updating old hashes Security 3.4 normal major Future Release enhancement new dev-feedback 2012-06-20T01:34:26Z 2023-05-08T14:34:44Z "Hi, following recent discussions on password security and how to best prevent any hackers can leverage password table they might have got I looked into the phpass used for WordPress. While I in principle understand why WordPress uses the compatibility mode of it, I would like to see some flexibility for those who don't need the compatibility. Thus I would propose to change in wp-includes/pluggable.php all occurances of {{{ $wp_hasher = new PasswordHash(8, true); }}} to {{{ $wp_hasher = new PasswordHash(8, apply_filters('phpass_compatibility_mode', true)); }}} This would allow users to easily change via plugin from the ""not so secure"" compatibility mode (only salted MD5) of phpass to a more secure setting (bcrypt) in case no compatibility with other applications is required. The plugin changing the encryption methog could then as easy as {{{ function phpass_bcrypt() { return false; } add_filter('phpass_compatibility_mode', 'phpass_bcrypt'); }}}" th23 Future Releases 38474 wp_signups.activation_key stores activation keys in plain text SergeyBiryukov Security 4.6.1 normal normal Future Release enhancement reviewing has-patch 2016-10-24T16:17:29Z 2019-01-08T04:04:42Z "== Steps 1. Visit /wp-admin/user-new.php (on a multisite installation - I haven't tested on single site) 2. Fill out the ""Add New User"" form but do not check the ""Skip Confirmation Email"" checkbox 3. The user will be sent an email containing a link to /wp-activate.php?key=7259c714857ef009 == Actual behaviour This key is stored in the database unencrypted: {{{ mysql> select activation_key from wp_signups where signup_id=4; +------------------+ | activation_key | +------------------+ | 7259c714857ef009 | +------------------+ 1 row in set (0.00 sec) }}} == Expected behaviour wp_users.user_activation_key contains a timestamp and a hash of the key. wp_signups.activation_key is no less important to security and so should include these security features too." tomdxw Future Releases 58366 Shortcode Support Regained but Content Filters are messing with Shortcode HTML Shortcodes 6.2.2 normal normal 6.6 defect (bug) new needs-unit-tests 2023-05-20T15:45:26Z 2024-02-22T20:41:52Z "I am extremely grateful that the Security Team were able to quickly regain support for shortcodes in the Block Theme templates. However, whatever change has been agreed and pushed out means that the filters to automatically inject `<br>` and `<p>` tags into the content are now affecting shortcodes and we are seeing text being automatically wrapped in `<p>` tags and carriage returns replaced with `<br>` tags. Rather than revert to the insecure v6.2.1 we are going through shortcodes to remove any carriage returns. Please advise. Oliver" domainsupport Future Releases 50683 Parse content for shortcodes instead of using regex johnbillion Shortcodes normal normal Future Release enhancement reviewing has-patch 2020-07-16T16:02:50Z 2023-11-26T23:15:48Z "Shortcodes are currently ""parsed"" out of content using a regular expression and a call to `preg_replace_callback()`. This causes some issues like the inability to use a square bracket in a shortcode attribute. I've written and attached to this ticket a lexer/parser that steps through the content character by character, finding shortcodes and calling `do_shortcode_tag()` for each one as soon as it's completely parsed. It passes every existing shortcode unit test, as well as six additional tests I've added. It fixes tickets #49955 and #43725 and may possibly fix others that deal with shortcode edge cases. This method has the advantage of being able to deal with content that wouldn't be properly extracted by a regular expression. Take this string for example: {{{ [shortcode1][shortcode2 att=""[/shortcode1]"" /][/shortcode1] }}} The current implementation would parse this as a single shortcode: * `[shortcode1]` with inner content `[shortcode2 att=""` The parse I've attached properly recognizes it as two shortcodes: * `[shortcode1]` with inner content `[shortcode2 att=""[/shortcode1]"" /]` * `[shortcode2]` with attribute `att=""[/shortcode1]""` " cfinke Future Releases 47352 Take into account the current admin email address when rate limiting the recovery mode email Site Health 5.2 normal normal Future Release defect (bug) new dev-feedback 2019-05-22T20:28:27Z 2022-09-19T17:02:17Z "Here's a process which I've seen occur twice in the last few days: * A change to a site was deployed and a fatal error gets triggered somewhere. * The recovery mode email was sent out. * The developer checks the current value of the admin email address and discovers it belongs to someone who left the company years ago. * They change the admin email address to their own email address and re-trigger the fatal error, but the recovery mode email doesn't get re-sent to the new address because there's a one day rate limit in place. This prevents the user from enabling recovery mode for at least a day. The option that acts as the ""last sent"" record for the recovery mode email (`recovery_mode_email_last_sent`) should take into account the admin email address, for example by hashing it and including it in the option key. Aside: Is there a reason an option is used instead of a transient?" johnbillion Future Releases 47528 Site Health: Add test for file checksums Site Health normal normal Future Release enhancement new has-patch 2019-06-12T09:14:05Z 2023-09-08T23:40:42Z "For a while now there has been [https://github.com/wp-cli/checksum-command a WP-CLI command] to verify the current installation's integrity by comparing checksums. This makes it easy to detect suspicious modifications to core files and even plugins (if the plugin is hosted on WordPress.org) I think Site Health would be a good place to possibly add such a checksum verification to WordPress core itself. If a user is presented with a warning that core files have been modified, they could be offered the opportunity to re-install WordPress (just like you can do under Dashboard -> Updates) The same goes for plugin checksums." swissspidy Future Releases 58087 Fix the 'data' dynamic property in WP_Term hellofromTonya* Taxonomy 6.3 normal minor 6.6 defect (bug) accepted changes-requested 2023-04-04T18:13:54Z 2024-02-23T09:36:08Z "The `WP_Term` class employs the `__get` magic method to compute the object data. However, since PHP 8.2 does not support dynamic properties, it is better to eliminate this approach and explicitly declare the `WP_Term::data` class property to store the object's data instead." antonvlasenko Future Releases 46350 "If a term is '0' clicking on its ""Count"" value displays all posts" Taxonomy 3.1 normal normal Future Release defect (bug) new has-patch 2019-02-26T15:12:09Z 2019-04-26T22:21:47Z "To replicate: * Create a post category named ""0"" (just the number without quotes). * Assign a few posts to this category. * Go to WP-Admin > Categories and the ""Count"" column in the ""0"" row will display the number of posts assigned to this category. Click on this number. Now instead of displaying posts with the category ""0"", all posts are displayed irrespective of the category. This issue isn't unique to post categories. It happens with custom taxonomies too." jesin Future Releases 55358 Passing int term term_exists parent param not respected Taxonomy normal normal Future Release defect (bug) new has-patch 2022-03-09T18:31:11Z 2024-02-05T21:30:21Z "If a developer calls terms_exists, with an int as term and parent as an int, the parent value is not respected. So example this will not work. {{{#!php $term = term_exists( 123, 'category', 1); }}} The code will check to see if term 123 exists, but will ignore parent value. This may result in correct / unexpected results. " spacedmonkey Future Releases 32942 Taxomony term list counts do not respect post_type parameter Taxonomy 3.1 normal normal Future Release defect (bug) new reporter-feedback 2015-07-09T13:57:48Z 2023-08-02T09:06:40Z "Assuming you have a shared taxonomy, when viewing the post_type specific manage terms page, the post_type is not respected in the term counts. So if you have 6 posts for post_type 1 and 5 posts in post_type 2 assigned to the same taxonomy term (category->news for example), the post count for the news term will be 11 even if you are viewing the edit-tags page with the post_type set to a specific type. So whether you go to wp-admin/edit-tags.php?taxonomy=category or go to: wp-admin/edit-tags.php?taxonomy=category&post_type=example The term count for each term is the same. When calculating term counts, it should take into account the post_type parameter and return counts for just that post_type. The link in the edit-tags.php list behaves as expected. It links to wp-admin/edit.php?category=news&post_type=example which shows just the list of example posts in the news category. Its misleading to the user because in the taxonomy term list under a specific post type it says there are X posts assigned to that term, but when they click the link there displays a different number of posts. This is because the term list is displaying the count of all posts, regardless of type, that have that term assigned." stueynet Future Releases 26268 Add UI to Category page to indicate default category helen Taxonomy 4.8 normal normal Future Release enhancement reviewing has-patch 2013-11-26T16:25:15Z 2019-05-06T17:34:15Z "Currently, the default category is set in Settings->Writing and it only indicated on the Category page (Posts->Categories) via the lack of a checkbox to delete. 1. Add a visual indicator on the Categories page to indicate the default category. 2. Add an option to change the default on the Categories page. " kraftbj Future Releases 57586 term_exists() return type not consistent regarding wp_insert_term() Taxonomy 3.0 normal normal Future Release enhancement new dev-feedback 2023-01-30T10:14:03Z 2023-09-15T03:57:43Z "`term_exists()` returns an array of strings containing `term_id` and `term_taxonomy_id`. Although `wp_insert_term()` as well as `wp_update_term()` return an array of integers. For consistency, it'd be better to return alway the same type. Also, it'd be less error prone." hugod Future Releases 44891 Activate button showing after theme activated Themes 4.9.8 normal normal Awaiting Review defect (bug) new has-patch 2018-09-05T06:24:28Z 2018-09-06T15:17:33Z "How to get bug:- First go on Appearance - > Theme After that active theme i will go on next page add new theme on this page my activated theme showing again active button." anilhada Future Releases 58164 Background overlay on theme page has layout issues audrasjb Themes normal normal 6.6 defect (bug) reopened has-patch 2023-04-20T11:38:56Z 2024-02-29T12:10:51Z "In a fresh 6.2 installation (and with a big monitor) I see some layout issues if open the theme details modal. When the modal is open, the fly out-menus are below the background overlay. Additionally the overlay is not ending at the end of the page but earlier." zodiac1978 Future Releases 55691 New site editor uses WP_SITEURL instead of WP_HOME audrasjb Themes 5.9 normal normal Awaiting Review defect (bug) reviewing reporter-feedback 2022-05-06T19:10:55Z 2023-03-01T16:39:35Z "For my development environment I just installed a fresh copy of WordPress using Bedrock and Docker. With this combination, my WP_HOME (http://wordpress.localhost) is different from my WP_SITEURL (http://wordpress.localhost/wp). When I want to run the new Editor under ""Appearance"" I get the error message ""The editor is unable to find a block template for the homepage."" Further debugging revealed, that the URL http://wordpress.localhost/wp/?_wp-find-template=true is requested which results in a 404 response. For this setup, the URL http://wordpress.localhost/?_wp-find-template=true should be called instead as the whole site is reached under the URL http://wordpress.localhost and therefore can supply the requested information." saijsaij Future Releases 56908 The result of locate_block_template function might be wrong Themes 5.8 normal normal Awaiting Review defect (bug) new has-patch 2022-10-26T03:21:29Z 2023-03-01T20:35:01Z "Referring to [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/block-template.php#L66 locate_block_template], if the `$template` found by [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/template.php#L699 locate_template] is given, this function will call `array_slice` to shorten the list of candidate templates. However, the `array_search` might not find a located template from candidate templates, and it leads to the return value, `$index`, becoming `false`. Therefore, when we run the following codes, we will always get the incorrect result. {{{#!php $templates = array_slice( $templates, 0, $index + 1 ); }}} **Why we might not be able to find the located template from candidate templates?** The reason is the [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/template.php#L699 locate_template] function tries to use `STYLESHEETPATH` and `TEMPLATEPATH` to make the path and those two are defined by [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/default-constants.php#L392 wp_templating_constants] but the [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/block-template.php#L66 locate_block_template] function uses `get_stylesheet_directory` and `get_template_directory` to make the relative template path. As we're able to hook the returned value of both `get_stylesheet_directory` and `get_template_directory`, the result might be different from `STYLESHEETPATH` and `TEMPLATEPATH` respectively if the developer adds the hook after the [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/default-constants.php#L392 wp_templating_constants] calls. **Possible Solutions** One way is to check the `$index` before doing `array_slice` as followed to ensure the `array_slice` works expected. {{{#!diff + if ( false !== $index ) { $templates = array_slice( $templates, 0, $index + 1 ); + } }}} The other way is to avoid using different variables. We have to use ""`STYLESHEETPATH` and `TEMPLATEPATH`"" or ""`get_stylesheet_directory` and `get_template_directory`"" in both places For example {{{#!diff function locate_template( $template_names, $load = false, $require_once = true, $args = array() ) { ... - if ( file_exists( STYLESHEETPATH . '/' . $template_name ) ) { + if ( file_exists( get_stylesheet_directory() . '/' . $template_name ) ) { ... } }}} What do you think? --- BTW, there is something weird in [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/block-template.php#L66 locate_block_template]. At the end of the function, it says ""**This file will be included instead of the theme's template file.**"". However, it will return the template file immediately on [https://github.com/WordPress/wordpress-develop/blob/ec91ec56be44d8cdbc611758b9721860aae60491/src/wp-includes/block-template.php#L96 L96] if we have a located template. Is it the correct behavior? " arthur791004 Future Releases 38563 Theme installed state does not persist after installation and refined search Themes normal normal Future Release defect (bug) reviewing has-patch 2016-10-30T00:16:26Z 2021-08-11T15:48:59Z "After installing a theme an 'Installed' flag is displayed above the theme. If you refine the search results, and the same theme is in the results the theme does not display the 'Installed' flag. '''Steps to reproduce:''' (Exact steps assumes the WordPress installation does not have the theme Twenty Twelve installed) 1. In the WordPress Administration, go to Appearance -> Themes -> Add New 2. Search for 'Twenty' 3. Install theme 'Twenty Twelve' and wait for installation to complete. The 'Installed' flag will appear above the installed theme. 4. Refine search results by changing search term to 'Twenty T' 5. The theme 'Twenty Twelve' will appear in the search results but will not have the 'Installed' flag. If you attempt to install the theme again you receive an error message stating 'Installation failed: Destination folder already exists.' '''The specifics ...''' Installed themes are stored in a JavaScript array - _wpThemeSettings.installedThemes The array is being created when the page loads and needs to be updated when a theme is installed so that new search results (which use Ajax and do not reload the page) have the complete list of installed themes. '''The solution ...''' Once the installed theme is successfully installed, push the theme slug into the array. e.g. {{{ _wpThemeSettings.installedThemes.push( response.slug ); }}} Attached patch with how I would see this being done." ovann86 Future Releases 57141 WP_Theme cannot locate a parent block theme Themes 6.0 normal normal Awaiting Review defect (bug) new needs-unit-tests 2022-11-18T04:02:53Z 2022-11-21T23:37:35Z "As reported here: https://github.com/WordPress/gutenberg/issues/45811 after a discussion in slack: https://wordpress.slack.com/archives/C02QB8GMM/p1668569269811889 On wp-themes.com we're running into a use-case where the Parent theme cannot be located when both the parent and child theme are block themes, and the parent does not have an index.php file. (See screenshot attached below, where the parent theme is 100% most definitely installed) This appears to work on some installations, but not on others. I believe it working might be down to caching, I haven't figured that out. The attached PR updates the code in WP_Theme to support the same theme files as supported via [53416] for themes in parent themes. " dd32 Future Releases 33388 WP_Theme should use get_file_data() for retrieving page templates SergeyBiryukov Themes normal normal Future Release defect (bug) reviewing has-patch 2015-08-17T08:40:06Z 2022-04-19T05:53:40Z "Currently WP_Theme::get_page_templates() uses a direct regular expression on the result of `get_file_contents()`, it should instead use the `get_file_data()` helper method we have to interact with file header data. Currently switching will result in a back-compat break, as some themes have been using headers such as `<?php // Template Name: Something ?>` as the header, which get_file_data() doesn't like - See #33387 See r21117 for where we previously did use it temporarily during the 3.4 cycle, but broke due to #33387" dd32 Future Releases 31620 get_raw_theme_root does not resolve custom theme folder when is the unique Themes 3.1 normal normal Awaiting Review defect (bug) new has-patch 2015-03-13T02:54:50Z 2019-04-25T07:22:57Z "`get_raw_theme_root` (https://developer.wordpress.org/reference/functions/get_raw_theme_root/) does this check: {{{ if ( count($wp_theme_directories) <= 1 ) return '/themes'; }}} It means that if there is just one theme directory it is always assumed to be the `/themes` folder inside content directory. If an user wants to register a custom theme folder via `register_theme_directory()` (in a MU plugin) that user is forced to keep `WP_CONTENT_DIR/themes` folder (even empty) otherwise the custom directory registration does not work and WP will try to load a theme from a folder that doesn't exist. That is an edge case, but can be easily solved by picking the unique folder if there is only one: {{{ $count = count($wp_theme_directories); if ( 0 === $count ) { return '/themes'; } if ( 1 === $count ) { $path = reset($wp_theme_directories); $real = realpath($path); $content = realpath(WP_CONTENT_DIR); return strpos($real, $content) === 0 ? substr($real, strlen($content)) : $path; } }}} If there is only one folder and it is inside content directory, the code above also takes care of returning the relative path. That, according to #17597, is necessary to obtain a correct theme url." giuseppe.mazzapica Future Releases 33600 Add `theme_mods_{$stylesheet}` option during `populate_options()` Themes normal normal Future Release enhancement new has-patch 2015-08-29T20:04:59Z 2018-04-17T17:27:01Z "After `switch_theme()`, a `theme_mods_{$stylesheet}` option is created if one doesn't exist to avoid extra database queries (if I understand #14828 correctly). No similar option is currently created during installation, so a fresh install can includes those queries if the default theme looks for the mods before the option is added. The attached patch would add the option during `populate_options()`. I included a unit test, although I'm not sure where the best location for it would be." dlh Future Releases 40508 Add new do_action after load template files Themes 5.0 normal normal Future Release enhancement new has-patch 2017-04-21T06:42:24Z 2018-12-05T17:08:30Z "Could not perform action after get_header loads. get_header hook only perform before template part loads. So we can add new do_action after template files loads ''' do_action( 'get_header_after', $name );''' {{{ function get_header( $name = null ) { /** * Fires before the header template file is loaded. * * The hook allows a specific header template file to be used in place of the * default header template file. If your file is called header-new.php, * you would specify the filename in the hook as get_header( 'new' ). * * @since 2.1.0 * @since 2.8.0 $name parameter added. * * @param string|null $name Name of the specific header file to use. null for the default header. */ do_action( 'get_header', $name ); $templates = array(); $name = (string) $name; if ( '' !== $name ) { $templates[] = ""header-{$name}.php""; } $templates[] = 'header.php'; locate_template( $templates, true ); do_action( 'get_header_after', $name ); } }}}" rajanit2000 Future Releases 54829 Allow classic themes to be optionally block themes if 'templates' and 'parts' folders exists Themes 5.9 normal normal Future Release enhancement new dev-feedback 2022-01-15T18:37:03Z 2022-09-13T08:02:23Z "Hello! I have created folders 'templates' and 'parts' inside classic WordPress theme folder (and 'index.html' file) as noted here: [https://developer.wordpress.org/block-editor/how-to-guides/themes/block-theme-overview/]. This automatically converts classic theme to a block theme. But I want to this conversion was optionally - depending of theme's settings. I was able to create two filters. First filter will disable 'Appearance -> Editor' admin menu item and return 'Appearance -> Customize' menu item. {{{ if ( ! function_exists( 'disable_block_dirs' ) ) : function disable_block_dirs( $path, $file ) { //Custom logic to check settings to make block theme from classic theme here: if ( 'templates/index.html' === $file ) { $path = 'SOME_NOT_EXISTING_PATH'; } return $path; } endif; add_filter( 'theme_file_path', 'disable_block_dirs', 10, 2 ); }}} This filter is used in the '**wp-includes/class-wp-theme.php**' in the **public function get_file_path**, which is used in the **public function is_block_theme** Can we patch this file to add some filter **public function is_block_theme** that we could hook to before returning true or false? Second filter is more harmful. It will disable using custom HTML block templates on the front end. But it can be potentially very harmful because it's changing theme_root folder for the WordPress itself. {{{ if ( ! function_exists( 'disable_block_dirs_second' ) ) : function disable_block_dirs_second( $path ) { //Custom logic to check settings to make block theme from classic theme here before return: return 'SOME_NOT_EXISTING_PATH'; } endif; add_filter( 'theme_root', 'disable_block_dirs_second'); }}} This filter is used in the '**wp-includes/block-template-utils.php**' in the **function get_block_theme_folders** Can we patch this file to add some filter to the **get_block_theme_folders** function to filter array that this function is returning that we could hook to? --- Anyway now '**get_block_theme_folders**' and '**wp_get_theme()->is_block_theme**' are working independent from each other that does not make any sense. This should be fixed, I guess. Hope this make sense. Best regards! " exstheme Future Releases 47002 Create wp_theme_directory_constants() function and dynamic WordPress Themes folder Themes normal normal Awaiting Review enhancement new has-patch 2019-04-20T14:05:24Z 2019-04-25T07:24:49Z "One of the needs of WordPress users is to dynamically modify the themes folder. For Change themes folder name in (wp-content dir) you can added this code in wp-config.php : {{{ define( 'WP_THEMES_DIR', ""template"" ); }}} also for change complete path and url : {{{ define( 'WP_THEMES_PATH', ABSPATH . ""/public/template"" ); define( 'WP_THEMES_URL', WP_SITEURL . ""/public/template"" ); }}} This item works for WordPress Multi-site without problems. " mehrshaddarzi Future Releases 41362 Make locate_template() filterable to change the template locations Themes 4.8 normal normal Awaiting Review enhancement new dev-feedback 2017-07-19T02:07:03Z 2019-10-04T20:58:40Z "Right now WordPress expects all templates to reside in the root of your theme directory. We have all come across a theme with dozens of templates and well, that can get messy. With 6 lines of code we can easily, and vastly enhance the templating system. This would provide a number of benefits: 1) This would allow developers to logical group functionally similar files / separates functional dissimilar files 2) It allows the root of the theme directory to be cleaned up and used for ""resources"" such as the functions.php and style.css files 3) By having the ability to pick and choose which templates go where, we can turn WordPress into an MVC application framework (personally what I use this technique for) 4) Related - this plays really nice with Timber 5) This lays the groundwork for future enhancements which I also use and plan to introduce shortly = Examples = == Moving all templates with the {{{""templates_path""}}} filter == Say I wanted to move all my templates into a directory named ""templates"" because as mentioned, this theme I inherited has dozens of templates, maybe one for each page. A good start would be to just move all the templates into a directory named ""templates"": {{{#!php <?php function move_templates($path){ return 'templates'; } add_filter('templates_path', 'move_templates'); }}} This filter would move ALL templates to the ""templates"" directory (and has the added effect of also moving the location of the header, footer ect ect files as well) . So now the root of our theme is nice and clean: {{{ /twentyseventeen/ |-- /assets/ |-- /inc/ |-- /templates/ |-- functions.php |-- index.php |-- README.txt |-- rtl.css |-- screenshot.png |-- style.css }}} Now obviously just moving dozens of templates into a different directory just moves the mess out of site, but that directory is still a mess and just a stew of unrelated templates. == Group related templates together with the {{{""{$type}_templates_path""}}} filter == To clean things up even more. Imagine if 10 of these templates were all children of the page ""team"". You could group them all together into a subdirectory of ""templates"" called ""team"" like so: {{{#!php <?php function move_team_pages($path = '', $type = null){ $parent = get_page_by_title( 'team' ); $parent_id = $parent->ID; $obj = get_queried_object(); if($obj->post_parent == $parent_id) $path = rtrim($path, '/') . '/' . 'team'; return $path; } add_filter('page_templates_path', 'move_team_pages'); }}} Now your theme might look something like: {{{ /twentyseventeen/ |-- /assets/ |-- /inc/ |-- /templates/ |-- index.php |-- single.php |-- /team/ |-- page-mortimer.php |-- page-biff.php }}} As we see, the two filters can (and perhaps should) be used together, but can also be used alone. == Timber == As mentioned before, I use something like this on every project. I generally put all my templates into a directory called ""controllers"" and my twig files (if using Timber) into a directory called ""views"" so I have something akin to an MVC application. My functions file sets Timber to look for twig files in a directory called ""views"" which is right inside the theme directory (next to ""templates""): {{{ $timber = new \Timber\Timber(); Timber::$dirname = array('views'); }}} so my {{{ templates/index.php}}} could set up my Timber context and pass it all the way to the {{{ index.twig }}} file in the ""views"" directory: {{{ $context = Timber::get_context(); $context['posts'] = Timber::get_posts(); Timber::render('index.twig', $context); }}} " kylejennings83 Future Releases 52294 add_editor_style: Allow replacing a style with an RTL version Themes 5.6 normal normal Future Release enhancement new has-patch 2021-01-14T09:54:31Z 2024-02-12T14:56:51Z "The editor-styles in Twenty Twenty-One do not have an RTL version. This causes major style issues in the editor when in RTL mode. For example, this is how a nested ordered list looks like: [[Image(editor-styles-broken.png)]] Notice all items are on the same horizontal level. This is how it looks with the theme editor styles turned off: [[Image(editor-styles-disabled.png)]] === Details of the problem Currently `add_editor_style` RTL support is pretty limited. It will, if the file exists, load a `style-editor-rtl.css` file, **in addition** to the main `style-editor.css` file (similarly to how rtl.css is loaded for themes). The problem with this method is that we don't currently have the tooling to generate that addon rtl file, which only overwrites the necessary CSS declarations. With the complexity of Twenty Twenty-One `style-editor.css` file (~2500 lines, SASS generated), creating a manual addon file is not reasonable. === Possible solutions Any solution should start by generating a fully mirrored `style-editor-rtl.css` file automatically, using rtlcss. I considered a couple of possible solutions - and I'd be happy to hear opinions on this: 1. We could use the Twenty Twenty method in `twentytwenty_block_editor_styles` - it doesn't use `add_editor_style` and instead calls `wp_enqueue_style`, and then uses `wp_style_add_data` to define that the RTL version should **replace** the ltr version. 2. We could update `add_editor_style` to support loading an additional parameter. I'm attaching an example of how this could be done. " yoavf Future Releases 49964 Support asynchronously loading TinyMCE TinyMCE 5.0 normal normal Future Release enhancement new dev-feedback 2020-04-20T22:05:18Z 2020-08-13T14:19:40Z "In order to facilitate [https://github.com/WordPress/gutenberg/issues/21738 asynchronously loading TinyMCE in Gutenberg] we need to be able to prevent WordPress from automatically enqueueing `wp-tinymce` and injecting inline i18n initialization scripts. (There's plenty of context in the Gutenberg issue including related tickets, so I'll try not to repeat any of that here.) I'd like to propose wrapping [https://developer.wordpress.org/reference/classes/_wp_editors/print_tinymce_scripts/ _WP_Editors#print_tinymce_scripts] in an action that Gutenberg could use for when the editor is loading." sarayourfriend Future Releases 28983 Admin bar length or Admin bar on two line KZeni Toolbar 4.3 normal normal Future Release defect (bug) assigned has-patch 2014-07-22T11:24:47Z 2023-07-19T04:28:38Z "On some sites I see the bad admin bar. [[Image(http://f.cl.ly/items/2Y372s072P0k2t1H142q/Screen-Shot-2014-07-22-at-14.58.10.png)]] And this without any external plugins stuff (Jetpack Statistic for example), except that buddy press notification counter. The possible solutions, if screen too small: 1. Leave only icons (like on mobile screens). 2. Crop user name: * Hello, Kolya Korobochkin [avatar] * Hello, Kolya [avatar] * Hello [avatar] * [avatar] 3. Admin bar on two lines (maybe hard to do, because #wpadminbar have static height and position: fixed). 4. Add horizontal scroll without visible scrollbar (scrolling with mouse press and pull). All options required JS and I'm sorry." korobochkin Future Releases 28117 Admin bar shouldn't use dynamic styles on frontend for logged out visitors Toolbar 3.3 normal normal Awaiting Review defect (bug) new has-patch 2014-05-04T14:49:33Z 2021-09-02T19:50:50Z "Admin bar gets styles depending on current user's browser. Problem is that when you using admin bar on front end for logged out users with full page cache turned on, visitor with IE or mobile might be the first one so everyone else with get that specific style. See #26221 for similar problem." dimadin Future Releases 52939 Frontend toolbar CSS conflict with some themes Toolbar normal normal Future Release defect (bug) new has-patch 2021-03-30T13:33:34Z 2021-11-13T22:24:04Z "There are themes available that add some global styling that could interfere with the WP toolbar on the frontend. This could be fixed by adding some reset/basic CSS for the toolbar. Example theme: Mesmerize https://wordpress.org/themes/mesmerize/ This theme adds various CSS in the toolbar that might affect some menu items. For example `::before` CSS for all items that sets the display as a table. This could cause some indentation issues when adding elements like form types or icons to menu items. Same with text color. A simple `color: inherit` for the `#wpadminbar * {}` selector would fix any color overwrites for global elements like `label` etc." keraweb Future Releases 32678 Audit toolbar links and content helen Toolbar normal normal Future Release enhancement assigned has-patch 2015-06-17T19:56:43Z 2020-02-27T10:24:40Z "We've done some tweaks here and there in the toolbar, such as changing where links go or adding/removing some, but I don't think we've really taken a wider view of its general contents since 3.2 in #17705. Right now, some links take you into the customizer context without warning (as do a couple in the admin menu), which is quite jarring. We need context for each link to be clearer, and a good hard look at how the toolbar actually gets used and if it's really working to help get users to where they need to go more quickly. At the very least, for 4.3, we need to resolve the issue of mixing customizer links in with dashboard links." helen Future Releases 36823 """TypeError: wp.updates is undefined"" when installing a plugin" Upgrade/Install 4.9.2 normal normal Future Release defect (bug) reopened has-patch 2016-05-12T10:15:11Z 2018-01-22T14:04:40Z "When I install a new plugin that has a translation pack for my current language (which is not `en_US`), I get the following error: > TypeError: wp.updates is undefined > `if ( wp && wp.updates.decrementCount ) {` Patch will follow soonish." tfrommen Future Releases 46040 Broken symlinks prevent updates Upgrade/Install 5.0.3 normal normal Awaiting Review defect (bug) new has-patch 2019-01-18T21:36:58Z 2022-10-16T01:50:32Z "Soon after cPanel updated EasyApache 4 (EA4) (ea-php-cli-1.0.0-3.3.1.cpanel.x86_64) to use caching (a faster way to select the PHP executable, such as php-cli), I noticed some failed plugin updates. If appears that updated cPanel servers now create "".ea-php-cli.cache"" broken symbolic links in the directory where a PHP script was executed by CLI (such as a CRON job or manual call). The links are to a fake target (such as ""ea-php71""), which is used by the perl script to select the executable. I already submitted https://github.com/CpanelInc/php-cli/issues/2 to cPanel, and already received a response. The author of the pull request https://github.com/CpanelInc/php-cli/commit/883e8f1f3f37998d4501de4d4276c8a9d290fae3 may be changing how it caches; possibly creating the cache files in the ""~/.cpanel"" directory and cleaning up the littered files in the users' web directories. I have a working fix for WordPress, that I will attach in a moment. The cause and effect is not limited to cPanel and WordPress, and the issue should be fixed on both sides. To replicate: 1. Have WordPress 5.0.3 installed on a cPanel server that has ea-php-cli-1.0.0-3.3.1.cpanel.x86_64 installed. -- You can check using `rpm -q ea-php-cli-1.0.0-3.3.1.cpanel`. Also '/usr/local/bin/php' is a text (perl) file, and not a binary/executable. 1. Login into SSH/CLI and call any PHP file in a plugin, such as `php wp-content/plugins/akismet/class.akismet-cli.php`. a. You should then see a broken symlink in the ""wp-content/plugins/akismet/"" directory. 1. Change the version number in the main plugin file ""wp-content/plugins/akismet/akismet.php"" to something lower, such as ""4.0"". 1. Go to the WordPress >> Updates page and try to update the plugin. a. You will see an error ""An error occurred while updating Akismet: The update cannot be installed because we will be unable to copy some files. This is usually due to inconsistent file permissions. .ea-php-cli.cache"" 1. You can delete the symlink or apply the patch, and the update will be successful. " joemoto Future Releases 54546 Fatal error receive while updating WP 5.8.2 to WP 5.9. Upgrade/Install 5.9 normal normal Future Release defect (bug) new dev-feedback 2021-12-01T06:07:41Z 2022-08-30T10:11:49Z "After updating to 5.9-beta1 via the [https://wordpress.org/plugins/wordpress-beta-tester/ Beta Tester plugin], I got the below error https://content.screencast.com/users/ApekshaShah/folders/Capture/media/8b2bed1a-ca74-4ebc-83c0-c2bb7d0c0eb3/LWR_Recording.png {{{ Fatal error: Uncaught Error: Class 'Requests_Exception' not found in C:\Users\User\Local Sites\first-localhost\app\public\wp-includes\Requests\Transport\cURL.php on line 443 }}} I also updated a few other sites on my local machine and I'm getting that error on the other sites. Full information: {{{ Unpacking the update... Verifying the unpacked files... Preparing to install the latest version... Enabling Maintenance mode... Copying the required files... Disabling Maintenance mode... Upgrading database... Fatal error: Uncaught Error: Class 'Requests_Exception' not found in C:\Users\User\Local Sites\first-localhost\app\public\wp-includes\Requests\Transport\cURL.php on line 443 Error: Class 'Requests_Exception' not found in C:\Users\User\Local Sites\first-localhost\app\public\wp-includes\Requests\Transport\cURL.php on line 443 }}} Call Stack: ||= # =||= Function =||= Location =|| || 1 || `{main}{}` || ..\update-core.php:0 || || 2 || `do_core_upgrade()` || ..\update-core.php:1106 || || 3 || `Core_Upgrader->upgrade()` || ..\update-core.php:887 || || 4 || `update_core()` || ..\class-core-upgrader.php:172 || || 5 || `wp_remote_post()` || ..\update-core.php:1409 || || 6 || `WP_Http->post()` || ..\http.php:179 || || 7 || `WP_Http->request()` || ..\http.php:608 || || 8 || `Requests->request()` || ..\class-http.php:394 || || 9 || `Requests_Transport_cURL->request()` || ..\class-requests.php:381 || || 10 || `Requests_Transport_cURL->process_response()` || ..\cURL.php:179 ||" apeksha10 Future Releases 49286 Function get_core_updates() in update-core.php can return an empty array Upgrade/Install normal normal Future Release defect (bug) new has-patch 2020-01-24T15:37:36Z 2022-10-16T05:56:58Z "The function **get_core_updates()** in ''update-core.php'' can return an empty array. The problem is mostly that in core_upgrade_preamble(), the array is immediately assumed to exist, e.g.: {{{#!php $updates = get_core_updates(); if ( ! isset( $updates[0]->response ) || 'latest' == $updates[0]->response ) { }}} The results show up in an error: Notice: Trying to get property 'locale' of non-object in /usr/share/wordpress/wp-admin/update-core.php on line 40 Call Stack # Time Memory Function Location 1 0.0027 404456 {main}( ) .../update-core.php:0 2 0.1087 2873240 core_upgrade_preamble( ) .../update-core.php:695 3 0.1117 2966944 list_core_update( ) .../update-core.php:230 I believe the assumption that **get_core_updates()** returns a non-empty array is made in other core files as well. A check an empty variable seems useful and non-intrusive, since this is an update check and not a critical function. ''**Conditions:** WordPress 5.2.2, Ubunutu 19, apache, mysql packaged install with multi-site active, with the wp-content and wp-config-*.php files located in outside directories.''" citizenrepresentative Future Releases 50849 Incorrect action passed to hooks when updating plugin/theme by uploading ZIP file Upgrade/Install 5.5 normal normal Future Release defect (bug) new has-patch 2020-08-04T19:55:26Z 2021-06-11T12:08:54Z "When a plugin or theme is being upgraded or downgraded by uploading a new zip file as added in #9757, the `action` passed in `$hook_extra` to the `upgrader_process_complete` action hook is always `install`, regardless of the action being taken. " desrosj Future Releases 44628 Repair DB rehashes password to md5 Upgrade/Install normal normal Future Release defect (bug) new has-patch 2018-07-23T17:33:29Z 2020-01-14T10:39:53Z "How to replicate: Corrupt the database: {{{ truncate $wpdb->options; insert into $wpdb->options (option_name, option_value) values('siteurl', 'http://localhost'); }}} Navigate to http://localhost/ and repair the database. Observe user_pass for all users in $wpdb->users it is now md5 hash." yani.iliev Future Releases 40241 Showing wrong Core current version on the update page. Upgrade/Install 4.7.3 normal normal Awaiting Review defect (bug) new has-patch 2017-03-23T15:47:43Z 2023-12-06T20:43:34Z "I am using development version '''4.8-alpha-40312''' but in the update page it shows stable version. '''4.7.3''' ''If you need to re-install version 4.7.3, you can do so here:'' I checked in the '''wp-admin/update-core.php''' and found this {{{#!php <?php foreach ( (array) $updates as $update ) { echo '<li>'; list_core_update( $update ); echo '</li>'; } }}} This line '''$updates''' should be '''$updates[0]''' to get latest version on wordpress. {{{ array ( 0 => stdClass::__set_state(array( 'response' => 'development', 'download' => 'https://wordpress.org/nightly-builds/wordpress-latest.zip', 'locale' => 'en_US', 'packages' => stdClass::__set_state(array( 'full' => 'https://wordpress.org/nightly-builds/wordpress-latest.zip', 'no_content' => false, 'new_bundled' => false, 'partial' => false, 'rollback' => false, )), 'current' => '4.8-alpha-40312', 'version' => '4.8-alpha-40312', 'php_version' => '5.2.4', 'mysql_version' => '5.0', 'new_bundled' => '4.7', 'partial_version' => '', 'dismissed' => false, )), 1 => stdClass::__set_state(array( 'response' => 'latest', 'download' => 'https://downloads.wordpress.org/release/wordpress-4.7.3.zip', 'locale' => 'en_US', 'packages' => stdClass::__set_state(array( 'full' => 'https://downloads.wordpress.org/release/wordpress-4.7.3.zip', 'no_content' => 'https://downloads.wordpress.org/release/wordpress-4.7.3-no-content.zip', 'new_bundled' => 'https://downloads.wordpress.org/release/wordpress-4.7.3-new-bundled.zip', 'partial' => false, 'rollback' => false, )), 'current' => '4.7.3', 'version' => '4.7.3', 'php_version' => '5.2.4', 'mysql_version' => '5.0', 'new_bundled' => '4.7', 'partial_version' => '', 'dismissed' => false, )), ) }}} " thamaraiselvam Future Releases 44118 WordPress performs some unnecessary plugin update checks francina Upgrade/Install normal normal Future Release defect (bug) assigned has-patch 2018-05-17T01:50:49Z 2023-03-23T15:25:02Z "In the function `wp_update_plugins()`, it seems clear that the intent is not to check for updates if there has already been an update check recently (e.g., on the wp-admin/plugins.php page, ""recently"" means within the last hour). However, in some cases it will check for updates anyway because of subtle issues in the implementation. The easiest way to reproduce the issue is to install the [https://wordpress.org/plugins/query-monitor/ Query Monitor] plugin (to view HTTP requests) and then perform the following steps: 1. Visit the admin section ""Updates"" page (wp-admin/update-core.php). Look at Query Monitor's ""HTTP API Calls"" - you should see a call to https://api.wordpress.org/plugins/update-check/1.1/ to check for plugin updates. (You might also see additional HTTP API calls for theme and core update checks.) Note: if you don't see the plugin update check, it's possible that there was already a check for updates in the last minute - update-core.php is supposed to check for updates no more than once per minute. Try waiting a minute and reloading the page. 2. Once you have seen the plugin update check being made, visit the ""Plugins"" page (wp-admin/plugins.php). Look at ""HTTP API Calls"" - you will see another plugin update check being made. This doesn't make much sense, because WordPress just checked for plugin updates on the update-core.php page. 3. Note that the additional update check in only occurs once. Try reloading the plugins.php page and look at ""HTTP API Calls"" again - this time there will be no plugin update check (which is the expected behavior, since WordPress just checked for plugin updates). Looking at the code for `wp_update_plugins()`, it seems that the `update_plugins` transient is sometimes stored with a `checked` property, sometimes not. This doesn't make sense to me - when the `checked` property is not stored in the transient, the next call to `wp_update_plugins()` will always check for updates regardless of how recently the last update check occurred." siliconforks Future Releases 15134 WordPress should not try to remove themes or plugins recursively if the directory is a symlink pbiron* Upgrade/Install normal normal Future Release defect (bug) accepted dev-feedback 2010-10-16T11:46:29Z 2023-07-05T18:13:59Z "Consider the situation: there is a server with multiple WordPress blogs hosted in it. Some plugins are common for all/many blogs and to save several (hundreds in our case) megs of the disk space, shared plugins are stored somehwere else (say, /var/www/wp-plugins) and there are symbolic links to /var/www/wp-plugins/<plugins> from /home/<user>/wp-content/plugins/<plugins>. The onwer of the blog (user1) may not know these details and wants to update one of the plugins (plugin1) using automatic update feature. WordPress will then try to remove /home/user1/wp-content/plugins/plugin1/ recursively although /home/user1/wp-content/plugins/plugin1 is a symlink to /var/www/wp-plugins/plugin1. The obvious solution is to add a check to the filesystem classes that checks if the file is a symlink and if so, remove symlink with unlink() instead of trying to follow it and remove everything it sees. The advantage of this approach is that if the user symlinks a plugin to other user's data, those data will not be removed by WordPress (this can be very good for those hosts where all users are served by the same Apache user etc). " vladimir_kolesnikov Future Releases 59712 `WP_Ugrader` doesn't check source and destination variable types, is missing a string. peterwilsoncc Upgrade/Install normal normal 6.6 defect (bug) assigned has-patch 2023-10-24T01:55:57Z 2024-02-29T21:48:37Z "As discovered by @costdev, @jipmoors and @karlijnbok while working on #54245 the `WP_Ugrader` class: * fails to accurately check the source and destination directories are valid strings * is missing the `no_package` string: `Package not available.` These fixes were initially included in [https://github.com/WordPress/wordpress-develop/pull/3044 PR #3044] but went uncommitted as the tests were committed during the release candidate phase of the release cycle." peterwilsoncc Future Releases 34986 Add Upgrade Notice for Themes Upgrade/Install normal normal Future Release enhancement new has-patch 2015-12-10T17:19:17Z 2023-06-21T04:26:30Z "There is upgrade notice for plugins that displays on the core update page if `$transient->upgrade_notice` is set in the `pre_set_site_transient_update_{plugins|themes}` filter, but there is no corresponding upgrade notice used or available for themes. I propose adding a similar usage for themes as currently exists for plugins. Use case, when theme upgrades are pending a notice of what changes, etc. will be available from the main update page." afragen Future Releases 17301 Keep the connection open when doing upgrades or long-running operations dd32 Upgrade/Install normal normal Future Release enhancement assigned has-patch 2011-05-02T06:27:39Z 2021-06-01T22:01:28Z "When we do long-running operations like upgrades-over-FTP, we may go a while without sending any data, which may cause the connection to be closed. We should investigate whether we can send some ""hey, still here"" dummy data down the pipe to keep the connection from being unceremoniously closed on us. For example, Rackspace Cloud Sites runs behind load balancers that cut the connection after 30 seconds of no data. I was able to defeat it by manually flushing some dummy data like so: {{{ <?php for ( $i = 1; $i < 46; $i++ ) { echo ""$i...<br />\r\n""; flush(); sleep( 1 ); } echo ""DONE""; }}}" markjaquith Future Releases 53323 Place Hello Dolly in containing folder afragen Upgrade/Install 5.8 normal normal Future Release enhancement assigned has-patch 2021-06-03T00:25:35Z 2023-03-14T16:19:51Z "Currently Hello Dolly is installed as a single file plugin during a WP core installation. According to Plugin Handbook Best Practices, plugins should be in containing folders. https://developer.wordpress.org/plugins/plugin-basics/best-practices/#folder-structure This is a simple PR to fix this issue with Hello Dolly. Having this means that things like r51064 are not necessary. Related #49338" afragen Future Releases 58281 Rollback Auto-Update (Rollback part 3) afragen Upgrade/Install 6.3 normal normal 6.6 enhancement assigned dev-feedback 2023-05-10T02:31:58Z 2024-02-21T18:22:14Z "This is Rollback part 3. It began with `move_dir()` in WP 6.2 for part 1. Part 2 was completed with #51857 in WP 6.3. This brings us to part 3. Part 3 is Rollback for auto-updates. When manually updating plugins if the plugin has a fatal error on reactivation, the plugin is prevented from reactivating. Unfortunately, during an auto-update, this reactivation check doesn't occur and the the next time the site runs users will see the WSOD. Rollback Auto-Update performs a similar re-activation check and if there is a fatal error it is captured in an error handler and the previously installed plugin is restored. If this occurs an email will be sent notifying the site admin of the failed update and rollback. After the rollback, the pending auto-updating for core and theme updates are restarted. This code is currently running for everyone who has the [https://wordpress.org/plugins/rollback-update-failure/| Rollback Update Failure] feature plugin installed. I personally have been testing this using a plugin that will fatal if the update occurs. The plugin is on my test site, active, and set to auto-update. I have been running like this since the beginning of the year. The PR is slightly different than the code in the feature plugin. Please test, run the feature plugin on your site, and review the code in the PR. Mostly give us your comments and feedback. props @costdev and @pbiron for continuing code review, rubber ducking, and sanity checks." afragen Future Releases 18289 Direct link to plugin installation should have admin chrome Upgrade/Install normal normal Future Release task (blessed) reviewing has-patch 2011-07-29T06:02:19Z 2022-08-02T19:37:24Z "We should be able to provide a direct link to the page to install a plugin, based on the plugin's slug. This does it: wp-admin/plugin-install.php?tab=plugin-information&plugin=log-deprecated-notices. However, there's no admin chrome, no real indication which site you're on, and no name of the plugin. If we're not loading that page inside an iframe request, it needs the admin around it, as well as a heading. Probably new styling too. This would serve as a replacement for [http://coveredwebservices.com/wp-plugin-install/ Jaquith's bookmarklet], which broke in 3.2 (frame busting), as well as allow us to integrate a link on extend/plugins for plugin installation. Related, #16923, which is now closed." nacin Future Releases 16191 Uploaded files with quote marks in the filename are undisplayable in MS Upload normal normal Future Release defect (bug) reopened dev-feedback 2011-01-11T19:28:49Z 2019-11-03T18:40:43Z "If you upload a file with quote marks in the filename, e.g. `""Test"".jpg`, WordPress records the filename as `%22test%22.jpg` but the file is called `""Test"".jpg` (on 'nix-like systems anyway) so is undisplayable. I'm unsure about the implications (security and otherwise) of my suggested patch (attached), so please give feedback. (I guess the other approach would be to retain the url-encoded characters and ensure that the file is named with the URL encoded version of the filename.)" simonwheatley Future Releases 25449 wp_upload_dir() doesn't support https Upload 3.8 normal major Future Release defect (bug) reopened has-patch 2013-09-30T13:11:15Z 2020-11-25T12:40:50Z "The wp_upload_dir() function does not support https. I have added a simple is_ssl() check and a string replacement to serve the correct URL type. '''Background behind what prompted me to write the patch:''' I read a blog post by Kaspars Dambis in which he discussed fixing this problem via his own plugin, but it seems to me that since WordPress outputting an incorrect URL, that it would make most sense to fix it there. http://kaspars.net/blog/wordpress/minit-plugin-ssl-https " ryanhellyer Future Releases 48477 Add a hook before creating image sub-sizes Upload 5.3 normal normal Future Release enhancement new dev-feedback 2019-10-31T22:49:49Z 2020-02-10T18:21:29Z "Since things are moving for media thumbnails lately, it could be a good time to add a hook that fires right before thumbnails are created. It would allow plugins to perform operations on the main file for example." GregLone Future Releases 45725 Unable to use the UPLOADS constant with WordPress in a different directory Upload normal normal Awaiting Review enhancement new needs-docs 2018-12-20T13:07:46Z 2019-01-16T06:50:09Z "=== The problem === When WordPress is installed in a different directory (you can achieve that by following [[https://codex.wordpress.org/Giving_WordPress_Its_Own_Directory|these instructions]]), the **UPLOADS** constant is unable to function correctly in some cases according to the **wp_upload_dir()**'s output. Occasionally the constant accepts a relative path what will be appended to the **ABSPATH** constant to determine the **basedir** and to the **site_url()** function to determine the **baseurl** for the uploads location. Although WordPress does let you move the CMS (it actually can be anywhere on the filesystem), however the uploads directory will always be relative to the CMS directory (**ABSPATH** constant) when using the **UPLOADS** constant. === The use case === There are multiple use cases which will be affected by this but let's consider the next few parameters: * Website URL: example.com * Website DIR: /foo/bar * WordPress URL: example.com/wordpress * WordPress DIR: /foo/bar/wordpress Our goal is to store uploads at: * Uploads URL: example.com/uploads * Uploads DIR: /foo/bar/uploads However when we defining the UPLOADS constant as 'uploads', will result in the following: * Uploads URL: example.com/wordpress/uploads * Uploads DIR: /foo/bar/wordpress/uploads You might wonder what will happen when we use an absolute value for the constant instead, in this case '/foo/bar/uploads' is used: * Uploads URL: example.com/wordpress//foo/bar/uploads * Uploads DIR: /foo/bar/wordpress//foo/bar/uploads === The solution === Possible solutions where I could came up with are, the two following: * Add another constant like **ABSPATH** to the index.php, this could be tricky for some people to update but the benefits of it are very useful. It will allow you to use one WordPress installation for all your WordPress websites. How you might wonder? [[https://stackoverflow.com/a/39195424/3157038|This is how]], I've been using this already for years! * Another solution could be to introduce a new constant specifically for the uploads directory path and only use the current **UPLOADS** constant for the url. Both of these solutions require to be implemented into the **_wp_upload_dir()** function [[https://core.trac.wordpress.org/browser/tags/5.0/src/wp-includes/functions.php#L1972|on line 1972 in wp-includes/functions.php]] Have a look at the patch attached to this ticket, with the patch WordPress will introduce both the **UPLOADS_DIR** and **INDEX_ABSPATH** constant. According to some tests I did it should also be backward compatible." Fleuv Future Releases 51792 Add Home URL to New User emails Users normal normal Awaiting Review defect (bug) new has-patch 2020-11-17T03:09:13Z 2020-11-18T22:33:59Z "Back when we all had one website and we jolly well liked it, it was easy to know ""Oh someone signed up at my site!"" Now that people manage multiple sites, some with similar names, it can be confusing as to which site, exactly, did the new user join. We can save headaches in this one cool trick ... add the Home URL to the emails." Ipstenu Future Releases 45714 Allow all valid email formats when editing accounts in the dashboard Users normal normal 6.6 defect (bug) new changes-requested 2018-12-19T22:14:32Z 2024-02-19T20:17:58Z "When updating an email address in the dashboard wp-admin/includes/user.php:80 uses sanitize_text_field which strips out a substring like ""%ed"" even though that is valid in the local part of an email address. Eg, the valid email address ""user%edition@site.com"" is saved as ""userition@site.com"". This ticket requests to using sanitize_email instead, similar to the REST API that checks using is_email. (A related, fixed issue is in #18039 which also recommended using sanitize_email)" chrisl27 Future Releases 52256 Default hide password field. Users 5.6 normal normal Awaiting Review defect (bug) reopened dev-feedback 2021-01-08T09:39:32Z 2023-10-20T01:13:17Z "Generate password not working when the first click on generate password button. Check different behavior in the below URLs **{siteurl}/wp-admin/user-new.php {siteurl}/wp-admin/profile.php {siteurl}/wp-admin/user-edit.php?user_id={user_id}** Check the video for a better understanding. https://www.loom.com/share/2b91de25ab1447e3bb069738c0d318b8" dilipbheda Future Releases 55456 Double escaping wp_user-settings Users 2.7 normal normal Future Release defect (bug) new dev-feedback 2022-03-24T09:27:13Z 2022-05-02T10:41:08Z "Fresh install of WordPress with no plugins and using default Twenty Twenty Two theme. Either directly insert test data; {{{ INSERT INTO wp_usermeta (user_id, meta_key, meta_value) VALUES (1, 'wp_user-settings', 'foo=1&bar=1'); }}} Or activate this plugin; {{{ <?php /* Plugin Name: Ampersand Test */ register_activation_hook( __FILE__, function(){ set_user_setting( 'foo', 1 ); set_user_setting( 'bar', 1 ); } ); }}} The name of the attributes and their values are completely arbitrary and have no impact on the behaviour. Now go to your ""Profile"" page (/wp-admin/profile.php) and press ""Update Profile"". Wait 5 seconds and repeat. The value of wp-user_settings in the database and COOKIE is being double escaped (escaped on read and escaped on write). Therefore the value of wp-user_settings does this; - foo=1&bar=1 - foo=1&bar=1 - foo=1&ampbar=1 - foo=1&ampampbar=1 - and so forth Once the value of wp-user_settings becomes too long and/or combined with a user using the same browser with multiple logins, the length of the COOKIE(s) will become too large and the request header will be rejected by Apache/Nginx. " phatkoala Future Releases 58917 Email Sending validation doesn't occur when password reset is sent from the Users page Users normal normal Awaiting Review defect (bug) new has-patch 2023-07-26T16:29:48Z 2023-08-15T04:37:20Z "Suppose my site isn't configured to send emails. So, when a user tries to reset his password from the public login page, he gets the below error. https://prnt.sc/q_Z3IIC1f_dy This is expected, but now, if I log in as an admin account, navigate under the Users page, and try to send the reset link for that user, I can see no validation error. The email doesn't get sent in real, but I can't see the error that my site isn't configured for sending emails. https://prnt.sc/O9k_QpycwCfh I think this type of behaviour is kind of confusing for users. We should show that validation error in the admin panel as well." rajinsharwar Future Releases 20774 Flagging a user with any role on a subsite as spam leads to flagging the site as spam Users 3.0 normal major Awaiting Review defect (bug) new has-patch 2012-05-29T12:25:52Z 2020-11-16T11:37:37Z "Hi, Since many weeks, many WangGuard users were contacting me because they say WangGuard were flagging the sub sites as spam. Thats not a WangGuard bug, is a WordPress issue. Steps: - Create a Subsite, you can add the Super Admin like site admin. - Add a user like subscriber. - Flag that user as spam in /network/users.php That site will be flagged as spam although the owner were the Super Admin. I think WordPress has to look for the user rol and only flag the sub site as spam if the rol is Administrator. This issue is in WP 3.3.1 and 3.4" j.conti Future Releases 48221 Improve punctuation consistency for labels on Add New User and Edit User screens Users normal normal Awaiting Review defect (bug) reopened has-patch 2019-10-05T09:44:53Z 2022-09-25T06:33:47Z " In the WordPress dashboard in Users->Add New -> Send User Notification. There is one checkbox in at last (. dot ) there is not suitable please follow the link https://monosnap.com/file/OWnvrbDahfTn93eh1NaRodpuQJy4Mb" sarvarshaikh Future Releases 16293 In multisite installs, users with id 1 can't be deleted Users normal normal Future Release defect (bug) reopened needs-unit-tests 2011-01-19T00:21:34Z 2024-02-08T20:18:09Z "You can't delete a user with user id of 1. See: source:trunk/wp-admin/network/edit.php@17326#L359" PeteMall Future Releases 38711 Invalid Cookie domain for wp-settings-time-* Users normal normal Awaiting Review defect (bug) new reporter-feedback 2016-11-08T14:58:21Z 2019-03-26T12:54:02Z "I have set cookie domain {{{#!php <?php define( 'COOKIE_DOMAIN', '.example.com' ); }}} but '''wp-settings-time-*''' have invalid cookie domain." sebastian.pisula Future Releases 40477 REST API: Does NOT Trigger New User Notifications! Users 4.7 normal normal Awaiting Review defect (bug) new needs-unit-tests 2017-04-19T07:35:19Z 2017-12-04T05:11:43Z "If you create new users with WP REST API. The notification for new WordPress users via email does NOT get triggered. I tried it on a fresh install. Used the [Email log](https://wordpress.org/plugins/email-log/) WP plugin to test that no emails were sent. " mrahmadawais Future Releases 44921 User nicename discovery is slow to return Users 2.0 normal normal Awaiting Review defect (bug) new has-patch 2018-09-08T12:12:26Z 2019-01-07T01:51:33Z "In the function `wp_insert_user` it checks to is if the user nicename is in use by another user before saving. This is because, a nicename should is required to be unique. Unlike usernames, however, that rejects already in use usernames, if first checks to see if the nicename is in uses, then runs a while loop to try and find the next available nicename with a suffix. So nicename jonny becomes jonny_2 if jonny is already in use. The behaviour is fine, however it uses a while loop to find the next available nicename, which can result in an extremely high number of queries. Take the following use case. You have a script that generates 10000 test users for a site. The call to wp_insert_user, passed `'user_nicename' => 'test_user'`. Within the function call, it will run the while loop and find next available nicename. By the 9999th call, it would have to loop around 9999 to find the next slot, making the return of wp_insert_user extremely slow. For testing scripts and sites with lots of registered users, this could make `wp_insert_user` almost unusable. " spacedmonkey Future Releases 22367 "Usernames with ""@"" char are assumed email addresses, causing incorrect look-up in several places" johnjamesjacoby Users normal normal Awaiting Review defect (bug) reviewing has-patch 2012-11-06T00:45:19Z 2022-08-01T19:50:23Z "'''Problem''' Usernames containing the ""@"" character are mistakenly assumed to be email addresses when: * wp-login.php - Resetting passwords * /wp-admin/user-new.php - Adding an existing user to a site, in multisite * /wp-includes/user.php - Searching for a user ---- '''Duplicate''' * Create a user with the login ""@testing"" * Verify the account, etc... '''Bug in Search''' * Visit: wp-admin/network/users.php - attempt to search for: ""@testing"" * Result: no users found * What should happen: find the user '''Bug in Add New''' * Visit: wp-admin/wp-admin/user-new.php - attempt to add: ""@testing"" * Result: no users found * What should happen: add the user '''Bug in Reset Password''' * Visit: wp-login.php - attempt to reset password for: ""@testing"" * Result: retrieve_password() accidentally succeeds, because strpos() check returns 0, which is the correct position of the ""@"" character. If the username was ""testing@"" this test would fail ---- '''Solution''' The attached patch fixes these bugs by using is_email() instead of an strpos() for an @ character." johnjamesjacoby Future Releases 52976 user emails comparison should be case insensitive Users 4.3 normal normal Awaiting Review defect (bug) new has-patch 2021-04-06T00:08:20Z 2023-06-29T03:39:02Z "In [https://core.trac.wordpress.org/browser/tags/5.7/src/wp-includes/user.php#L2188 user.php] for WordPress 5.7, email update comparisons are case sensitive. Is there a specific reason for this? Because emails are case insensitive. Here is the line that does that: {{{ #!php if ( isset( $userdata['user_email'] ) && $user['user_email'] !== $userdata['user_email'] ) }}} Can the function: {{{ #!php strcasecmp }}} be used instead? The problem is that there is a plugin that uses the function: {{{ #!php wp_update_user }}} And it would send a notification for email change even if it was the casing of the characters only. Thanks for your time and consideration" asaifm Future Releases 39370 wp_insert_user() appends suffix to nicename when updating already existing user Users 4.6.1 normal normal Future Release defect (bug) new needs-unit-tests 2016-12-22T14:11:21Z 2020-03-12T02:58:27Z "wp_insert_user() appends suffix to nicename when updating already existing user, even though the user_nicename prop is set to exactly the same value as it currently has. Steps to reproduce: - Asuming you have a user in your wordpress database with the ID 1 and user_nicename set to 'test-nicename'. - If you then make an update using wp_insert_user() of that user and in the update set the user_nicename to 'test-nicename', then wordpress will update the user, but append -2 as a suffix to the nicename. This happens because of a check located on line 1597 - 1609 in wp-includes/user.php {{{#!php <?php $user_nicename_check = $wpdb->get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $user_nicename, $user_login)); if ( $user_nicename_check) { $suffix = 2; while ($user_nicename_check) { // user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix. $base_length = 49 - mb_strlen( $suffix ); $alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . ""-$suffix""; $user_nicename_check = $wpdb->get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $alt_user_nicename, $user_login)); $suffix++; } $user_nicename = $alt_user_nicename; } }}} This code is there to make sure that there are no duplicate nicenames in the wp_users table, which is fine. However it does not take into account updating the nicename of a user with the same value as it currently has. The way to solve it is very easy, only simply changes the if() statement to check the id fethced in $user_nicename_check against the ID of the user currently being updated, like so: {{{#!php <?php $user_nicename_check = $wpdb->get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $user_nicename, $user_login)); if ( $user_nicename_check && $ID != $user_nicename_check) { $suffix = 2; while ($user_nicename_check) { // user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix. $base_length = 49 - mb_strlen( $suffix ); $alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . ""-$suffix""; $user_nicename_check = $wpdb->get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $alt_user_nicename, $user_login)); $suffix++; } $user_nicename = $alt_user_nicename; } }}} This makes prevents the code from appending the suffix when the $user_nicename_check ID matches the ID of the user currently being updated " alfhen Future Releases 39242 Add caching to count_user_posts() whyisjake* Users 3.0 normal normal Future Release enhancement accepted needs-unit-tests 2016-12-11T23:24:32Z 2023-01-17T18:46:29Z "The `count_user_posts()` function does not cache the results of its query. On the surface, this seems easy enough, but since it accepts multiple parameters and intersects with page/post editing, it starts to get complex quickly as authors change, posts are transitioned from public to private, and custom post types do more elaborate things. Since some themes use this directly (Twenty Fourteen, et al) and the REST API exposes this data too, there's at least a small win from not hitting the database for each and every check. Eventually, `count_many_users_posts()` may be able to check for cached counts for existing users, and only query for (and prime the caches of) users who do not already have cached counts." johnjamesjacoby Future Releases 43680 Add new filter to WP_User_Query SergeyBiryukov Users 3.1 normal normal Future Release enhancement reviewing has-patch 2018-04-02T22:19:50Z 2018-10-24T17:56:36Z Add a new filter to filter the value of results returned from the WP_User_Query. This brings the WP_User_Query class inline with other query classes, like WP_Query, which already has `posts_results` filter. This filter is a powerful one, that will allow for third party code, to hook in and change the results of the query. spacedmonkey Future Releases 53889 Adding Pronouns field on the user meta Users normal normal Awaiting Review enhancement new has-patch 2021-08-06T17:40:21Z 2021-09-21T03:33:55Z "I see that @jonoaldersonwp [https://wordpress.slack.com/archives/C02QB8GMM/p1628268515048400 mentioned about adding Pronouns for profiles on core] after [https://meta.trac.wordpress.org/ticket/5852 I created the meta ticket for adding on Profiles], so decided to create a new ticket for core as I fully agree that it would make sense. As I mentioned on the other ticket, the same applies here: I see that we have added a pronouns' field on the Make WordPress Slack workspace, and I believe it would be great to have something like that on the user meta for the WordPress core. Personally, I believe that's even more relevant when speaking some languages like Portuguese that don't have a neutral pronoun (not even a singular use of they/them). Additionally, I believe that's something that we could add automatically to the ""Display name"" for new WordPress installations, at least the same way that we had ""First name"" and ""Last name"". Not sure if adding already some default options (with an ""Other"" option) on a select field would make it less inclusive or not, but mentioning as a possibility as it's something that came to my mind. " felipeloureirosantos Future Releases 49258 Improper Session Termination Users 5.1.1 normal normal Awaiting Review enhancement new dev-feedback 2020-01-21T09:45:13Z 2023-08-23T05:37:46Z After Logout into wordpress back-end when we press “Back” button of the browser an authenticated page got displayed without entering any valid credentials. vishal05 Future Releases 12295 More support to customize user profile edit page nacin* Users 3.0 normal normal Awaiting Review enhancement accepted dev-feedback 2010-02-19T21:14:01Z 2022-06-23T14:29:20Z "Right now I can edit the contact methods via the user_contactmethods filter, but I can not modify or remove the Personal Options or the Name Options. I want to keep the interface as simple as possible for my users, and I don't think that they need to edit this settings at all. If wp wants to be a cms, it should give me control over this aspect as well. At least, give me custom css-ids, so I can remove it via css!" pampfelimetten Future Releases 58103 Show user roles when deleting users audrasjb Users normal normal Future Release enhancement reviewing changes-requested 2023-04-07T11:02:27Z 2024-02-12T20:50:24Z "When deleting an admin user, who has published something before, you will be asked to transfer the ownership of posts: {{{ Attribute all content to: }}} Then there's a list with ALL users of the site, having all sorts of roles and therefore it can be huge. My proposal is to somehow differenciate between user roles here so one can easily pick another admin." Presskopp Future Releases 44347 WP allows creating username that is already used email address Users normal normal Awaiting Review enhancement new needs-unit-tests 2018-06-10T22:43:02Z 2019-03-02T02:03:26Z "As reported in Support Forum (https://wordpress.org/support/topic/wp-allows-creating-username-that-is-already-used-email-address/) it seems I can create a user with wp_create_user where the user's ""username"" is set as a value that is an existing Email Address for another user in the WordPress system. (I have not submitted a bug here before, so let me know if more info is needed on this and what to do next)." phillipburger Future Releases 50561 Links Widget display: Image alt text and link name are redundant for screen readers sabernhardt Widgets normal minor Future Release defect (bug) assigned has-patch 2020-07-04T20:32:08Z 2022-08-17T03:37:31Z "When using the Links Widget to display links with an Image and a Name (""Show Link Image"" and ""Show link Name"" are both selected in the widget settings), the alt text on the image will be identical to the link name. For example: {{{ <a href=""https://eatingrules.com/how-to-make-chocolate/""> <img src=""https://eatingrules.com/wp-content/uploads/2012/10/finished-homemade-chocolates-128x128.jpg"" alt=""How to make Chocolate"" /> How to make Chocolate </a> }}} Since the image and the link name are both wrapped in the same anchor tag, this violates accessibility guidelines. It's redundant and would be annoying when using a screen reader. If a Link Description is added, it will use that for the alt text instead, which is a little bit better, since it's at least not redundant. However, I think a better solution would be to use an empty/null alt text instead, since in this case the image is decorative. https://www.w3.org/TR/WCAG20-TECHS/H2.html Another option might be to add `aria-hidden=""true""` to the <img> if both the alt and link text are the same?" eatingrules Future Releases 44284 Remove e.preventDefault(); code line from widgets.js file Widgets 4.9.6 normal normal Awaiting Review defect (bug) new has-patch 2018-05-31T17:00:16Z 2019-07-29T16:43:09Z "In wp-admin/js/widgets.js file we have some of this function that stops to display form validation errors on the page for widgets inputs... We need to remove these function. " alexvorn2 Future Releases 27307 Text Widget size spill over the side of Widget Container in random width. Widgets 3.8.1 normal normal Awaiting Review defect (bug) new dev-feedback 2014-03-06T22:41:03Z 2017-05-26T13:45:11Z "About 75 percent of the time when I add a text widget item to a widget area. The widget spills over the left side of the area. See Screenshot http://cl.ly/image/3Y363s242a3y What is odd about this is that it only happens sometimes and it has randomly width that it spills over as well. See additional screenshot. http://cl.ly/image/3H3X371R0n3l If you expand the browser window the widget size actually expands as well. But seems to keep what ever margin it had on the left constant. Have another screenshot here from my trunk build. http://cl.ly/image/3E203q083Z3V I tried a search in Widgets for trac and couldn't find anything related. If this is proper UI for widgets it does seem a little random to me. " RDall Future Releases 41081 Improve Custom Menu widget, show notification if menu is empty or no menu selected mdifelice Widgets 4.9 normal normal Future Release enhancement assigned dev-feedback 2017-06-16T13:33:58Z 2022-06-08T19:34:41Z "If you choose a menu for Custom Menu widget and we remove all items in that menu OR the menu is not selected -> nothing shows on the page. Maybe we should add a text message that will inform the user that the menu is empty or is not selected?" alexvorn2 Future Releases 53816 Overview: Refactor the widgets read/write logic Widgets normal normal Future Release enhancement new needs-docs 2021-07-28T15:36:57Z 2023-09-29T16:24:36Z "This is an overview/epic issue that serves as the place to have a discussion and also points to many smaller sub-issues. Widgets-related logic in core got quite confusing over the years. As a result, we've dealt with problems such as [https://github.com/WordPress/gutenberg/issues/33335#issuecomment-879903958 Blocks moving to ""Inactive widgets"" after saving] (temporarily solved by adding an unexpected [https://github.com/WordPress/wordpress-develop/pull/1498 wp_get_sidebars_widgets();] call). There are a few problems there: * We have multiple, closely related global variables (`$sidebars_widgets`+`$_wp_sidebars_widgets`, `$wp_registered_widgets`, `$wp_registered_sidebars`). If we update one, we should also update the others for consistency. Sometimes we don't and we run into [https://github.com/WordPress/gutenberg/issues/33335#issuecomment-879903958 undefined behaviors]. * We use a function called `retrieve_widgets` as a mean to fix any discrepancies in the stored sidebar-to-widget mapping. It's called `retrieve`, but it actually does some writing. This is a source of confusion in itself so I [https://core.trac.wordpress.org/ticket/53811 proposed renaming it]. * We [https://github.com/WordPress/wordpress-develop/pull/1433 we have to call retrieve_widgets in GET API endpoints] which makes it read-write, not read-only. This breaks HTTP caching and is also a [https://github.com/WordPress/gutenberg/issues/33335#issuecomment-879903958 source of bugs]. I don't think we're able to address the proliferation of global variables – it seems like a major BC break. However, we should still be able to improve the `retrieve_widgets` situation. Ideally it would: ☐ Be less monolithic and have a clear, encapsulated flow of logic (as suggested by @helloFromTonya) ☐ [https://core.trac.wordpress.org/ticket/53811 Have a name suggesting a write, e.g. `remap_widgets`] ☐ [https://github.com/WordPress/wordpress-develop/pull/1525 Always be called **after** a write] ☐ Always be called **after** a theme change ☐ Never be required to perform a read ☐ Never be called in GET request handlers cc @TimothyBlynJacobs @noisysocks @andraganescu @talldanwp @hellofromTonya @desrosj " zieladam Future Releases 49588 "Cannot remove <div class=""textwidget custom-html-widget"">" Widgets normal minor Awaiting Review feature request new needs-unit-tests 2020-03-06T18:02:23Z 2020-03-07T19:52:07Z "I cannot remove wrapping class in html widget: <div class=""textwidget custom-html-widget""> ... </div> It is defined here: https://github.com/WordPress/WordPress/blob/master/wp-includes/widgets/class-wp-widget-custom-html.php I think it is job for some `apply_filters`. Do we really need another `<div>` wrap? There can be `<div>` wrap added by `register_sidebar` or using `widget_text` filter" jasom Future Releases 39699 Filter to check XML-RPC data before any DB insertion XML-RPC 4.8 normal normal Future Release enhancement new has-patch 2017-01-26T11:03:08Z 2017-10-03T03:39:32Z "After searching into XML-RPC server class code, I realized that it seems that there isn't way to check XML-RPC input data before starting to insert/update any rows to database nor to return an `IXR` custom error message. For example for new post, in order to check custom fields, a possible workaround is to use `wp_insert_post_empty_content` filter, but we are unable to customize the error message. Moreover at this point some DB rows are inserted, so inside the filter above we have to call `wp_delete_post` manually in order to clean DB (taking care to check `auto-draft` post status). In the case of editing post, things get a bit more complicated, so we could use transactions with the help of `xmlrpc_call`/`wp_insert_post` actions. So, the patch aims to add a new filter named `xmlrpc_before_insert_post` that allows to do this check in a more robust manner (for `wp.newPost` and `wp.editPost` XML-RCP methods). Typical usage: {{{#!php <?php if ( defined( 'XMLRPC_REQUEST' ) ) { add_filter( 'xmlrpc_before_insert_post', 'my_filter_xmlrpc_before_insert_post', 10, 3 ); } function my_filter_xmlrpc_before_insert_post ( $post_data, $content_struct, $user ) { // do checks with $post_data, i.e: if ( title_contains_stop_words( $post_data['post_title'] ) ) return new IXR_Error( 500, 'Post title contains invalid words' ); return $post_data, } }}} The filter is placed inside `_insert_post` helper function before `get_default_post_to_edit()` that isthe first statement that adds a new DB row. Regards" enrico.sorcinelli Future Releases 28821 Admin page registered with add_menu_page() allows access through wrong URls and hightlights wrong top level menu item Administration 3.9.1 normal normal defect (bug) new dev-feedback 2014-07-10T21:05:19Z 2019-06-04T19:26:10Z "'''Steps to reproduce:''' * Add a top level admin menu page (with the plugin provided below). * Access the new top level admin menu via the menu item (bottom of menu) * Try to access it via one of the following URLs {{{ http://example.com/wp-admin/options-general.php?page=trac http://example.com/wp-admin/tools.php?page=trac http://example.com/wp-admin/admin.php?page=trac http://example.com/wp-admin/edit-comments.php?page=trac http://example.com/wp-admin/edit.php?post_type=page&page=trac http://example.com/wp-admin/upload.php?page=trac http://example.com/wp-admin/edit.php?page=trac http://example.com/wp-admin/index.php?page=trac ... etc ... // Sub menu items that have the same behavior http://vagrant.local/wp/wp-admin/plugin-install.php?page=trac http://vagrant.local/wp/wp-admin/themes.php?page=custom-header&page=trac http://vagrant.local/wp/wp-admin/themes.php?post-new.php?post_type=page&page=trac ... etc ... }}} '''Bug description:''' Every of the above links will (falsely) work and bring you to the registered page. The top level menu item will be hightlighted while the sub menu item does not exist. The following URls will work (with above bug) as well, but ''not'' highlight any menu item: {{{ http://example.com/wp-admin/edit-tags.php?taxonomy=post_tag&page=trac http://example.com/wp-admin/edit-tags.php?taxonomy=category&page=trac }}} I would not really consider this a ''""feature""''. ---- '''Test Plugin''' {{{ <?php /** Plugin Name: (Trac) Add Top Level Test Menu Page */ add_action( 'admin_menu', function() { add_menu_page( 'Hello Trac', 'Trac', 'manage_options', 'trac', function() { ?> <h1>Hello Trac!</h1> <?php settings_errors(); ?> <form action=""options.php"" method=""post""> <label for=""trac"">Enter Trac ID</label> <input type=""text"" name=""trac"" /> </form> <?php } ); } ); }}}" F J Kaiser Future Releases 28273 Multisite sites without a path redirect to signup page chriscct7 Administration 3.9 normal normal defect (bug) reviewing has-patch 2014-05-15T21:52:36Z 2019-06-04T19:25:38Z "From https://wordpress.org/support/topic/after-update-to-39-one-sub-site-directs-to-wp-signupphpnew?replies=4&view=all Pre 3.9, WordPress would treat an empty 'path' variable for the site as a / As of 3.9, this is no longer the case, and a blank path will act as if the site does not exist. It's a simple fix in the admin section, but this is a regression from 3.8" Ipstenu Future Releases 19085 Removing First Submenu Page in Admin Menu breaks URL for Menu Page Administration 3.1 normal normal defect (bug) new has-patch 2011-10-29T18:44:19Z 2019-06-04T19:22:46Z "If you attempt to remove the Post Type Submenu Page in the Admin it breaks the Menu Page URL; it causes the Menu Page URL to be the same as the new first Submenu Page URL: [[Image(http://screenshots.newclarity.net/skitched-20111029-142108.png)]] Here is a simple class you can drop into the theme's `functions.php` file to experience this bug. This example is a minimum to trigger the error ''(I simplified the `register_post_type()` call so the example code would have fewer lines):'' {{{ <?php class Trigger_Admin_Menu_Bug { static function on_load() { add_action( 'init', array( __CLASS__, 'init' ) ); add_action( 'parent_file', array( __CLASS__, 'parent_file' ) ); } static function init() { global $wpdb; register_post_type( 'test-cpt', array( 'label' => 'Test CPT', 'show_ui' => true, )); } static function parent_file( $parent_file ) { remove_submenu_page( 'edit.php?post_type=test-cpt', 'edit.php?post_type=test-cpt' ); return $parent_file; } } Trigger_Admin_Menu_Bug::on_load(); }}} I'd provide a patch but the admin menu code is more complex than I can fully understand. Maybe the person who originally wrote it could fix it? Note: Sadly, this is a blocker for one of my client projects. The client wants the admin menus simplified to reduce the conceptual load on their end users because we are adding many other submenu pages. Plus I've traced through the core WP code with a debugger for many hours looking for hooks that would allow me to get around this issue, but there simply are no hooks where it would be needed to hack a fix for this." mikeschinkel Future Releases 19487 Remove useless calls to set_time_limit() westi Bootstrap/Load 1.5 normal normal defect (bug) new has-patch 2011-12-09T14:53:08Z 2019-06-04T19:22:47Z "Calls to set_time_limit() were introduced in http://core.trac.wordpress.org/changeset/1812 and have remained in core ever since. The call occurs in code that makes network connections and is designed to allow time for the network calls to complete before the script execution stops. But set_time_limit() won't take network time into account, so it actually will not do what it seems designed to do. From php docs: The set_time_limit() function and the configuration directive max_execution_time only affect the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), stream operations, database queries, etc. is not included when determining the maximum time that the script has been running. Further, calls to set_time_limit() can cause unexpected results in code that relies on any functions that call set_time_limit(). For example, if some code (in a cron job, say) sets the time limit to 0 (unlimited) because it knows it needs some time complete, then a subsequent call to a function that resets the time limit will halt the long-running execution once the new limit has been reached. Also from php docs: When called, set_time_limit() restarts the timeout counter from zero. In other words, if the timeout is the default 30 seconds, and 25 seconds into script execution a call such as set_time_limit(20) is made, the script will run for a total of 45 seconds before timing out. Since the call to set_time_limit() does not here do anything useful, it should be removed." dllh Future Releases 17661 Appending date & author based query vars to a permalink overrides the permalink Canonical 3.1 normal normal defect (bug) new needs-unit-tests 2011-06-02T11:05:05Z 2019-06-04T19:22:31Z "Some canonical code branches are not properly accounting for extra query variables being specified via the url. For example, these url's are not handled properly: {{{ /2008/?author=1 redirects to /author/admin/ /author/admin/?year=2008 redirects to /year/2008/ /category/uncategorized/?year=2008 redirects to /2008/ }}} This happens with most date based branches, as once a higher priority canonical rule is hit, the permalink component is ignored. The canonical code includes a branch to add any ""forgotten"" `$_GET` variables back onto the url, however this doesn't help when it's the rewritten variables are being lost." dd32 Future Releases 16133 "Pagination issue with tag ""rss""" Canonical 3.0 normal normal defect (bug) new dev-feedback 2011-01-07T09:39:10Z 2019-06-04T19:22:09Z "When posts use ""RSS"" as a tag, and the /tag/rss/ page has more posts than it is set to display on one single page, the link to page 2: /tag/rss/page/2/ is redirected to: /category/page/2/ Tested on Paolo Belcastro test WordPress.org : http://test.belcastro.com/tag/rss/ Running 3.1-RC2-17229 with only Debug Bar plugin activated This is not theme related, same behaviour with TwentyTen or Thematic on this install." paolal Future Releases 20902 redirect_canonical() on using permalink: Not all $_GET being redirected chriscct7 Canonical 3.4 normal normal defect (bug) reviewing has-patch 2012-06-11T09:30:08Z 2019-06-04T19:23:06Z "Using permalink, I suppose that all query_var entered manually on URL or using $_GET will be redirected to proper permalink. Apparently not all being redirected at all. AFAIC: 1. /?post_format=image : should be redirected to /type/image/ 2. /?pagename=blog : should be redirected to /blog/ 3. /?author_name=admin : should be redirected to /author/admin/ Unfortunately, they are not. It can be done by filtering redirect_canonical() but it will be better if it's being done by default as we can see that /?category_name=cat will be redirected to /category/cat/" arieputranto Future Releases 34631 Extra compat for mbstring: mb_strpos() Charset 4.4 normal normal enhancement new has-patch 2015-11-09T12:00:50Z 2019-06-04T19:33:04Z "Hello, I noticed a missing compat function within compat.php, regarding mb_strpos. The use of this function within a plugin will result in a fatal error if the server doesn't support mbstring. So I made a function that will take over the function if it does not exist. I also implemented debugging errors based on PHP 5.5 source: https://github.com/php/php-src/blob/PHP-5.5/ext/standard/string.c#L1824 {{{#!php if ( ! function_exists( 'mb_strpos' ) ) { function mb_strpos( $haystack, $needle, $offset = 0, $encoding = null ) { return _mb_strpos( $haystack, $needle, $offset, $encoding ); } } /* * Only understands UTF-8 and 8bit. All other character sets will be treated as 8bit. * For $encoding === UTF-8, the $str input is expected to be a valid UTF-8 byte sequence. * The behavior of this function for invalid inputs is PHP compliant. */ if ( ! function_exists( '_mb_strpos' ) ) { function _mb_strpos( $haystack, $needle, $offset = 0, $encoding = null ) { if ( null === $encoding ) { $encoding = get_option( 'blog_charset' ); } // The solution below works only for UTF-8, // so in case of a different charset just use built-in strpos() if ( ! in_array( $encoding, array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) ) ) { return $offset === 0 ? strpos( $haystack, $needle ) : strpos( $haystack, $needle, $offset ); } $haystack_len = mb_strlen( $haystack ); if ( $offset < (int) 0 || $offset > $haystack_len ) { trigger_error( 'mb_strpos(): Offset not contained in string', E_USER_WARNING ); return false; } if ( !is_string( $needle ) ) { $needle = (string) $needle; if ( !is_string( $needle ) ) { trigger_error( 'mb_strpos(): Array to string conversion', E_USER_WARNING ); return false; } } if ( empty( $needle ) ) { trigger_error( 'mb_strpos(): Empty needle', E_USER_WARNING ); return false; } // Slice off the offset $haystack_sub = mb_substr( $haystack, $offset ); if ( _wp_can_use_pcre_u() ) { // Use the regex unicode support to separate the UTF-8 characters into an array preg_match_all( ""/./us"", $haystack, $match_h ); preg_match_all( ""/$needle/us"", $haystack_sub, $match_n ); $pos = key( array_intersect( $match_h[0], $match_n[0] ) ); if ( empty( $pos ) ) { return false; } return (int) $pos; } $regex = '/( [\x00-\x7F] # single-byte sequences 0xxxxxxx | [\xC2-\xDF][\x80-\xBF] # double-byte sequences 110xxxxx 10xxxxxx | \xE0[\xA0-\xBF][\x80-\xBF] # triple-byte sequences 1110xxxx 10xxxxxx * 2 | [\xE1-\xEC][\x80-\xBF]{2} | \xED[\x80-\x9F][\x80-\xBF] | [\xEE-\xEF][\x80-\xBF]{2} | \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3 | [\xF1-\xF3][\x80-\xBF]{3} | \xF4[\x80-\x8F][\x80-\xBF]{2} )/x'; /** * Place haystack into array */ $match_h = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_h ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $haystack, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_h = array_merge( $match_h, $pieces ); } while ( count( $pieces ) > 1 && $haystack = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Place haystack offset into array */ $match_hs = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_hs ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $haystack_sub, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_hs = array_merge( $match_hs, $pieces ); } while ( count( $pieces ) > 1 && $haystack_sub = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Put needle into array */ $match_n = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_n ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $needle, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_n = array_merge( $match_n, $pieces ); } while ( count( $pieces ) > 1 && $needle = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Compute match of haystack offset with needle * If passed, find the array key number within the full haystack. */ $pos = in_array( $match_n[0], $match_hs ) ? key( array_intersect( $match_h, $match_n ) ) : ''; if ( empty( $pos ) ) { return false; } return (int) $pos; } } }}} `if ( ! function_exists( '_mb_strpos' ) ) {` could probably be removed since it could be a core function. To test this, I've used the following lines of code: {{{#!php var_dump( _mb_strpos( '象形指事', '指', 0 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 1 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 2 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 3 ) ); // false var_dump( _mb_strpos( '象形指事', '指', -1 ) ); // false WARNING var_dump( _mb_strpos( '象形指事', '指', 4 ) ); // false var_dump( _mb_strpos( '象形指事', '指', 5 ) ); // false WARNING echo PHP_EOL.PHP_EOL; var_dump( mb_strpos( '象形指事', '指', 0 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 1 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 2 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 3 ) ); // false var_dump( mb_strpos( '象形指事', '指', -1 ) ); // false WARNING var_dump( mb_strpos( '象形指事', '指', 4 ) ); // false var_dump( mb_strpos( '象形指事', '指', 5 ) ); // false WARNING }}} Feel free to contribute your thoughts :) Thanks!" Cybr Future Releases 30909 Allow passing ID for comment_form container and title Comments normal normal defect (bug) new dev-feedback 2015-01-05T13:01:56Z 2019-06-04T19:27:27Z "Right now, there's a `div` hardcoded with `#respond` and a `h3` hardcoded with `reply-title`. These make it hard for the comment form to be used on archive pages, as they assume the comment form is only ever output on single pages. (There are other IDs output in the form, however these are controllable through `id_form` and `id_submit`)" rmccue Future Releases 16612 WordPress should return nocache headers for requests with comment cookies Comments normal normal enhancement new dev-feedback 2011-02-21T22:45:21Z 2019-06-04T19:22:17Z "Most themes, when displaying the comment form, change the HTML to pre-fill username, email address, and website when comment cookies are received in the HTTP request. Since the response does not have explicit nocache headers, per RFC2616 (http://www.ietf.org/rfc/rfc2616.txt) intermediate caches can use heuristics to determine the cache TTL for the response. Since there is 0 freshness data in the response, it is not really possible to perform good heuristics, but in practice, caches will assign a default TTL to this type of response. The result is that private information input by user A when submitting a comment can be returned to user B when making a request for the same URL. To protect ourselves against this, we should call nocache_headers() when comment cookies are sent and the comment form is being displayed. Alternatively, we can send nocache headers for all requests with comment cookies regardless of the comment form being displayed or not (probably easier and maybe safer). http://humboldtherald.wordpress.com/2011/01/27/gremlins/ is a story likely caused by an aggressive cache and the lack of nocache headers." barry Future Releases 16576 comment_form() fields being displayed only for non logged in users Comments 3.0.5 normal normal enhancement new has-patch 2011-02-16T18:15:44Z 2019-06-04T19:22:16Z "I've just noticed this - When using the '''comment_form()''' function and adding some comment meta fields,using the fields array in the $args, these fields are being showed in the front-end only for non logged in users. In this case, the registered users can never use these comment fields. Look at wp-includes/comment-template, lines 1561-1573 (WP 3.0.5), it parse the $args['fields'] in the else block - {{{ <?php if ( is_user_logged_in() ) : ?> <?php echo apply_filters( 'comment_form_logged_in', $args['logged_in_as'], $commenter, $user_identity ); ?> <?php do_action( 'comment_form_logged_in_after', $commenter, $user_identity ); ?> <?php else : ?> <?php echo $args['comment_notes_before']; ?> <?php do_action( 'comment_form_before_fields' ); foreach ( (array) $args['fields'] as $name => $field ) { echo apply_filters( ""comment_form_field_{$name}"", $field ) . ""\n""; } do_action( 'comment_form_after_fields' ); ?> <?php endif; ?> }}} I think it is better that added meta fields should be displayable for all users (logged in and not logged in), or even to add a parameter to let the developer decide which extra fields are shown to logged or not logged users. " maorb Future Releases 27076 double newlines inserted before captions Editor 2.6 normal normal defect (bug) new dev-feedback 2014-02-09T13:35:31Z 2019-06-04T19:25:02Z "Steps to reproduce: - Upload some picture in the library and add some caption to it - Edit a post/page using the visual editor and, after some text, insert the picture using the add media button, so a ""caption"" shorttag is created - Go into text editing - Suppress the two newlines that appeared before the ""caption"" shorttag - Go into visual mode - Go into text mode: the newlines reappeared It is important to put something before the picture inserted in order to reproduce the bug, because the two newlines are not inserted if it is at the very beginning of a post/page. This is annoying for example in a table with top-aligned cells, if in a cell you have some text, and in the cell just to the right you have a ""caption"", then the two won't be aligned, since the newlines are converted to an empty paragraph during the rendering. From what I saw, the issue could be fixed by just removing the line n° 124 in wp-admin/js/editor.js: {{{content = content.replace( /\s*\[caption([^\[]+)\[\/caption\]\s*/gi, '\n\n[caption$1[/caption]\n\n' );}}}" arupqfjm Future Releases 21753 Feed excerpts are missing important filter formatting Feeds 3.4.1 normal normal defect (bug) new needs-unit-tests 2012-08-31T14:20:56Z 2020-11-17T05:27:18Z "Excerpts included in feeds are missing important formatting because the relevant filters are not applied (e.g. wpautop). In file wp-includes/feed.php, function the_excerpt_rss() does not apply the same filters as the_excerpt() whilst results in lost formatting instructions. By comparison, function the_content_feed() ensures that the same filters declared for the_content() are applied. A suggested patch is attached. Note that for symmetry between the_excerpt_rss() and the_content_feed() this patch also removes the (unnecessary?) filter ent2ncr() from the_excerpt_rss() and retains the (controversial?) escaping for CDATA blocks (see #3670). A few related issues are worth mentioning. Firstly, shortcodes are still not applied to excerpts (see #7093). Also, the (obsolete?) RDF feed does not make use of a CDATA block unlike those for RSS, RSS2 and Atom (see #20888). Finally, a similar problem occurs with comment text in feeds (see #16466)." mdgl Future Releases 19643 Allow array for $extra_fields in request_filesystem_credentials dd32 Filesystem API 3.0 normal minor defect (bug) reviewing dev-feedback 2011-12-22T07:47:38Z 2019-06-04T19:43:38Z The current implementation for passing extra fields through request_filesystem_credentials() does not allow for an array of data to be passed. I came across this issue when trying to process a bulk installation of plugins with my plugin installation class. My patch fixes this from what I can tell and doesn't break anything that I can see from my testing. griffinjt Future Releases 25021 Improve sanitize_title_with_dashes % removal Formatting 1.5 normal normal defect (bug) new has-patch 2013-08-13T11:45:00Z 2019-06-04T19:44:51Z "The current method of % removal involves placeholders to prevent stomping on escape sequences: {{{ // Preserve escaped octets. $title = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '---$1---', $title); // Remove percent signs that are not part of an octet. $title = str_replace('%', '', $title); // Restore octets. $title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title); }}} This leads to `sanitize_title_with_dashes('---aa---')` producing `%aa` instead of just `aa`. [2189]" duck_ Future Releases 26674 The get_tag_regex() function is a too greedy when searching for a closing tag. Formatting 3.9 normal normal defect (bug) new has-patch 2013-12-18T20:57:31Z 2019-06-04T19:45:13Z "At its current state, the get_tag_regex() function is a too greedy when searching for a closing tag. This causes content with more than one of the same media tag (e.g iframe followed by an iframe) to be grouped together as one value, with the content between in that value. This patch, while lazier, makes the regex function as expected." kopepasah Future Releases 22330 Optimize regexes to remove protocol from URL Formatting 3.4.2 normal normal enhancement new needs-unit-tests 2012-10-31T09:30:48Z 2019-06-04T19:44:10Z "Regexes used to chop off the protocol of a URL should be anchored to the start of the string. 1. The regex fails faster and thus avoid useless work. No need to look further down the URL for strings like `""http://""`. 2. The regex should not alter any URLs that might be contained in the query string." GeertDD Future Releases 12084 allow preserving HTML in the_excerpt (specify allowed tags for strip_tags in wp_trim_excerpt) Formatting 3.0 normal normal enhancement new has-patch 2010-01-29T22:36:40Z 2019-06-04T19:42:50Z Right now, `wp_trim_excerpt` is destructive. You can filter it, but once tags are stripped, you can't get them back without recreating the excerpt from the raw input. It would be nice if theme developers had an option to preserve at least some of the HTML formatting when using excerpts as post teasers (see #9260). sillybean Future Releases 28801 Walker::walk makes an incorrect assumption if $top_level_elements is empty. General 3.8 normal normal defect (bug) new needs-unit-tests 2014-07-09T16:02:56Z 2019-06-04T19:46:05Z "A colleague of mine was generating a sidebar sub-navigation for one of his projects. The subnavigation contained second-level and third-level navigation elements. The problem my colleague was having was that occasionally third-level elements would not be nested underneath their parent element (also in the list of elements) on some pages. My colleague was calling wp_list_pages with an array of page IDs that he wanted to render in the sub-navigation, wp_list_pages then turned the list of page IDs into a list of Page objects, and it sorted the page objects by their 'menu_order' attribute; the third-level navigational elements all had their 'menu_order' set to 0, whereas the second-level navigational elements all had 'menu_order' set to something more than 0 - causing the third-level elements to be the first elements in the list. wp_list_pages later made a call to Walker::walk, passing along that list of pages. Here is a relevant code snippet from Walker::walk: {{{ /* * When none of the elements is top level. * Assume the first one must be root of the sub elements. */ if ( empty($top_level_elements) ) { $first = array_slice( $elements, 0, 1 ); $root = $first[0]; $top_level_elements = array(); $children_elements = array(); foreach ( $elements as $e) { if ( $root->$parent_field == $e->$parent_field ) $top_level_elements[] = $e; else $children_elements[ $e->$parent_field ][] = $e; } } }}} '''The bug is this code's assumption that the first item in $elements is a suitable root-element for the entire list''' (sentence emboldened for anybody not wanting to read the wall of text). wp_list_pages ordered our list by 'menu_order' which put our 3rd-level elements at the top of the list - causing a 3rd-level element to be treated as the navigation's root. I wrote up a quick fix for this (I'm not sure if it's the best fix, I'm not overly experienced in Wordpress), and for our project we'll use wp_list_pages with a custom walker class that implements my fix. Here is the patch of my fix: {{{ Index: public_html/wp-includes/class-wp-walker.php IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- public_html/wp-includes/class-wp-walker.php (date 1404915904000) +++ public_html/wp-includes/class-wp-walker.php (revision ) @@ -217,12 +217,34 @@ /* * When none of the elements is top level. - * Assume the first one must be root of the sub elements. + * ~~Assume the first one must be root of the sub elements.~~ Disregard - RJ CGIT 2014-07-09 + * + * ---------- + * + * Modified by Rob Jackson, Castlegate IT; 2014-07-09: + * Do not assume the first element is root, instead loop through the elements + * until we find one whose parent is _not_ in the list of elements. If that fails, + * just fall back to the default behaviour of using the first element. */ if ( empty($top_level_elements) ) { + $root = false; + $element_ids = array_map(function($element){ return $element->ID; }, $elements); + foreach($elements as $element) + { + if (!in_array($element->post_parent, $element_ids)) + { + $root = $element; + break; + } + } + unset($element); + + if ($root === false) + { - $first = array_slice( $elements, 0, 1 ); - $root = $first[0]; + $first = array_slice( $elements, 0, 1 ); + $root = $first[0]; + } $top_level_elements = array(); $children_elements = array(); }}} Kind regards, Rob " rob-castlegate Future Releases 23482 Fix improper use of comment_exists() in some importers maxpagels Import normal normal defect (bug) assigned has-patch 2013-02-15T18:49:18Z 2019-06-04T20:05:02Z "Background: #20494 DotClear Importer and TextPattern Importer treat the returned comment post ID as a comment ID: [[BR]] http://plugins.trac.wordpress.org/browser/dotclear-importer/trunk/dotclear-importer.php#L416 [[BR]] http://plugins.trac.wordpress.org/browser/textpattern-importer/trunk/textpattern-importer.php#L429" SergeyBiryukov Future Releases 12885 LiveJournal importer uses GMT date/time as local date/time Import normal normal defect (bug) new has-patch 2010-04-07T02:07:25Z 2019-06-04T20:02:01Z "The LiveJournal importer takes a comment's date/timestamp, which is in GMT, and inserts it into the database as the comment's local date/timestamp. In my timezone (U.S. Central, DST), a comment posted at 12:00pm local time (5:00pm GMT) will be imported to the database as having been posted at 5:00pm local time (10:00pm GMT). I've attached a patch that I've successfully tested on Wordpress 2.9.2, and it appears to be easily ported to trunk. One caveat: it appears that there are two timezone settings in the Wordpress database (timezone_string and gmt_offset), but as my database has no value for gmt_offset, I don't know if I need to account for that, nor can I test that." kurtmckee Future Releases 30227 Inaccurate wording when creating a user with a reserved email address Login and Registration 3.3.2 normal normal defect (bug) new has-patch 2014-11-01T06:16:43Z 2020-02-06T19:47:07Z "If you try to create a user on multisite using an email address that is tied to an unconfirmed user, you'll get this notice That email address has already been used. Please check your inbox for an activation email. It will become available in a couple of days if you do nothing. ""Please check ''your'' inbox"" seems to imply that the logged in user should check their own inbox for an activation email. Not sure of the best way to reword that so it's clear without being overly wordy. Possibly something like That email address is reserved pending activation. It will become available in a couple of days if left unconfirmed. or That email address is reserved. An activation email has been sent to that address. If left unconfirmed it will become available in a couple of days. Also, ""couple of days"" could be any time less than 2 days, so perhaps a dynamic value could be used here giving a better approximatation of the time remaining till the unconfirmed address will be freed up. ''This is referenced in #20817''" trepmal Future Releases 20116 Welcome User Email in Multisite Can't Be Changed Login and Registration 3.3 normal normal defect (bug) new has-patch 2012-02-24T21:44:28Z 2019-06-04T20:03:14Z "Reproduced this on 3.3 and 3.4-aortic. Go to /wp-admin/network/settings.php Add 'New' to the sentance 'Welcome User' to make it 'Welcome New User' Hit update. Page refreshes, text does not change." Ipstenu Future Releases 28059 Inline image attachments with wp_mail() Mail normal normal enhancement new needs-unit-tests 2014-04-29T13:28:10Z 2019-06-04T20:07:27Z "To insert inline images in an email the `phpmailer_init` action hook has to be used like this. {{{ add_action( 'phpmailer_init', 'embed_images' ); function embed_images( &$phpmailer ) { $phpmailer->AddEmbeddedImage( '/path/to/image1.png', 'image1.png' ); $phpmailer->AddEmbeddedImage( '/path/to/image2.png', 'image2.png' ); $phpmailer->AddEmbeddedImage( '/path/to/image3.png', 'image3.png' ); } }}} Why not implement this in `wp_mail()` itself?" jesin Future Releases 26992 Failing to make new yyyy/mm for uploads affects existing URLs (WP_CONTENT_URL, wp_get_attachment_url and GUID) Media 2.7 normal normal defect (bug) new has-patch 2014-02-02T17:53:13Z 2019-06-04T20:06:42Z "What happens: - I have the `WP_CONTENT_DIR` and `_URL` pointing somewhere, not where the WP is installed. - There was an error creating upload folder `yyyy/mm` (permission issues) - `wp_get_attachment_url()` could not go through the `if ( ($uploads = wp_upload_dir()) && false === $uploads['error'] )` block and came to the ""not recommended to rely upon"" `$url = get_the_guid( $post->ID );` The GUID returned completely ignored my settings. It started with the default `/wp-content/`. Obviously. Those attachments were made before I moved the wp-content, and nobody fixed the GUIDs. Result: all images broken. I believe, something has to be changed here, so '''when the upload directory for new attachments cannot be created, it won't affect the existing attachments'''. ---- Code Path: `wp_get_attachment_image_src -> image_downsize -> wp_get_attachment_url`" tivnet Future Releases 27139 Image caption disappears if images are rearranged immediately after adding the caption. Media 3.5 normal normal defect (bug) new has-patch 2014-02-16T05:13:04Z 2021-02-09T04:52:37Z "**Steps to reproduce (screencast here: http://youtu.be/MF2SEn_lMeQ):** 1. While editing a post, open the Add Media dialog. 1. Upload (or select) two images and choose ""Create Gallery."" 1. Click ""Create New Gallery"". 1. Add a caption to the first image in the text field underneath the image preview in the main ""Edit Gallery"" area. 1. Drag the second image so that it is reordered in front of the first image. **What I expected:** The images would be reordered and the image captions would not be changed. **What actually happened:** The images were reordered, but the image caption I had just entered reverted to its previous state. Clicking in any other text field before reordering images seems to ""cement"" the caption, but you can click on multiple images before dragging an image, and the caption will still revert." cfinke Future Releases 23398 "Media Gallery - Clicking ""Restore Original Image"" in ""Scale Image"" pane loses 'Thumbnail Settings' pane." Media 3.4 normal normal defect (bug) new dev-feedback 2013-02-05T21:11:36Z 2019-06-04T20:04:54Z "Reproduce the problem thusly: Click ""Edit image"" in the ""Edit Media"" interface for any image. `/wp-admin/post.php?post=1119&action=edit` Scale the image a couple times in the 'Scale Image' pane. Update. Click ""Restore Original Image"" in the 'Scale Image' pane. Try to crop just the thumbnail. The 'Thumbnail Settings' Pane is '''''gone'''''. The image has to be deleted and re-uploaded to gain thumbnail control once again." gr33nman Future Releases 31945 Deleting a user without reassigning should have clearer messaging about the implications Media 4.2 normal normal enhancement new has-patch 2015-04-10T18:53:18Z 2019-06-04T20:12:36Z "Just this morning, a client deleted a user and elected to NOT reassign the user's content, as the user had no posts assigned to them. This resulted in a mass-deletion of attachments which that editor had uploaded. There should at least be some language that indicates the danger of deleting a user without reassigning. Even when you click to 'permanently delete' an attachment, you get a javascript alert. The current terminology ""What should be done with content owned by this user?"" is too innocuous. Ideally, WordPress would indicate which post types would be deleted with that user (by checking the `delete_with_user` post_type object parameter), along with a count of the number of items in that post type." jtsternberg Future Releases 29727 Porting self-hosted Wordpress to HTTPS: mixed content Media 4.0 normal normal enhancement new has-patch 2014-09-22T13:57:04Z 2019-06-04T20:09:16Z "When moving a self-hosted Wordpress blog from HTTP to HTTPS (by editing the site URL at /wp-admin/options-general.php), I run into trouble because image links embedded in existing posts still point to HTTP, even though those images are hosted by my Wordpress blog and now support HTTPS. It would be great if Wordpress could automatically rewrite images in existing posts when site URL is changed to HTTPS." jsha Future Releases 36916 Refactor EditAttachments frame to work outside Media Library admin page Media 4.5.2 normal normal enhancement new has-patch 2016-05-23T02:26:26Z 2019-06-04T20:25:21Z "The EditAttachments frame/modal is used on the Media Library page to display and edit meta data of attachments. This modal could be useful for plugin/theme developers but a few things tightly couple it to the Media Library: 1. The frame requires a router. This is easily remedied by feeding it a dummy object with two functions it seems to need but I can see this easily refactored using event listeners 2. When opened, the code in the modal deletes all mediaelement.js instances on a page. Not a problem in the media library but if you want to use it on a page with video and audio elements (which I do) it deletes them all from the DOM" Funkatronic Future Releases 22100 Treat built-in image sizes the same as custom image sizes Media normal normal enhancement new has-patch 2012-10-04T15:39:44Z 2019-06-04T20:03:57Z "Goals: 0. Have a solid API for working with intermediate image size definitions. 1. Don't hardcode default image sizes; register them like any other. 2. ~~Introduce a 'pregenerate' arg, which will allow defining an image size that will not be automatically generated right after upload.~~ Related tickets: #15311, #21810" scribu Future Releases 28908 Adding a menu custom link during autocompletion does not add the full text in firefox Menus 3.0 normal normal defect (bug) new dev-feedback 2014-07-15T09:59:51Z 2019-06-04T20:08:33Z "Tested on Firefox 30.0 In Appearance => Menus, creating a menu and adding custom links does not save the full link text under the condition that you have selected an auto complete value and hit the enter key. Presumably, the auto complete value should be inserted, then the field should be saved with that value. Entering: [[Image(http://s.nessworthy.me/2014071509500201.png)]] Submitting/Saving (via enter key): [[Image(http://s.nessworthy.me/20140715095111549.png)]] Result: [[Image(http://s.nessworthy.me/20140715095033870.png)]] This applies to both the link URL and the link name. Didn't add the link URL screenshots to save screen space." Nessworthy Future Releases 23902 Classes set with nav_menu_css_class are not accessible in walker_nav_menu_start_el Menus 3.5.1 normal normal defect (bug) new has-patch 2013-03-29T20:46:33Z 2019-06-04T20:05:18Z "Hello, If you use the filter hook nav_menu_css_class to add classes to a menu item, those classes are not available in other menu filter hooks like walker_nav_menu_start_el. This can be found in the start_el function in wp-includes/nav-menu-template.php. I would think line 75: {{{ $class_names = join( ' ', apply_filters( 'nav_menu_css_class', array_filter( $classes ), $item, $args ) ); }}} Should merge those $class_names back into $item. Thanks" jamesmehorter Future Releases 21773 Scheduled pages/posts should not appear in custom menus Menus 3.0 normal normal defect (bug) new reporter-feedback 2012-09-02T14:30:48Z 2019-06-04T20:03:42Z "When I add a '''scheduled page/post''' in a custom menu the page/post immediately appears in the front-end menu. I think these scheduled pages/posts should only be visible in the front-end navigation when their scheduled time is reached (as it is the case with automatic menus). Otherwise the ""Schedule"" functionality makes no sense with custom menus, especially for pages. Here is another forum post regarding this issue: http://wordpress.org/support/topic/custom-menu-support-for-scheduled-pagesposts" Lorangeo Future Releases 34839 Wrong attribution of current_page_parent for menus when on single/archive CPT Menus 3.0 normal normal defect (bug) new has-patch 2015-12-03T16:21:15Z 2019-06-04T20:18:39Z "- When on a single CPT page, the menu item receiving the class '''current_page_parent''' is the blog archive page, and not the archive CPT page. - When on an archive CPT page that is in a submenu, the menu item receiving the class '''current_page_parent''' is the blog archive page, and not the parent menu item. Also, the parent menu item doesn't have the '''current-menu-parent''' and '''current-menu-ancestor''' classes. This plugin has some functions that deal with this issue, but it's probably something that should be fixed in core now since archive CPT page are available by default. [https://wordpress.org/plugins/sf-archiver/]" tabrisrp Future Releases 32918 "_wp_menu_item_classes_by_context does not generate ""current-menu-ancestor"" class when the menu structure was changed by e.g. a plugin" Menus 4.2.2 normal normal defect (bug) new has-patch 2015-07-08T08:50:27Z 2019-06-04T20:14:49Z "I am the developer of Category Posts in Custom Menu. My plugin extends Walker_Nav_Menu_Edit in order to change the menu structure. At the end of the edit loop, my plugin calls _wp_menu_item_classes_by_context on the resulting new menu structure. In a particular case, this results in a missing ""current-menu-ancestor"" class, because _wp_menu_item_classes_by_context retrieves the ancestors from the database (i.e. the unchanged menu structure) instead of from the $menu_items array that was passed in and may now reflect a different structure. Steps to reproduce with my plugin: - Appearances > Menus - Add to the menu a Page - Add to the menu, as child of Page, a Category that has posts - Check ""Create submenu containing links to posts in this category."" This will result in my plugin editing the menu structure, and adding all posts to the menu instead of a link to the Category. Now navigate to one of these posts. You will see that the Page does not receive the ""current-menu-ancestor"" class. I have performed a quick change in nav-menu-template.php that I have only tested with my plugin so far, so it will obviously need a rewrite. I'm attaching it nonetheless because it will quickly show in a few lines of code what took me a few paragraphs to explain here... :)" anaid Future Releases 18232 wp_nav_menu - Setting walker parameter affects fallback_cb Menus 3.2 normal normal defect (bug) new has-patch 2011-07-24T08:14:35Z 2019-06-04T20:02:49Z "When using the walker parameter with wp_nav_menu and there is no menu present, wp_nav_menu falls back by default (set with fallback_cb) to wp_page_menu. It appears that the set walker also affects wp_page_menu, which in most cases breaks the output. wp_nav_menu usage: {{{ <?php wp_nav_menu(array('walker'=> new Walker_Nav_Menu)); ?> }}} Output when no menu is present (falling back on wp_page_menu): {{{ // Formatted for readability <div class=""menu""> <ul> <li id=""menu-item-1"" class=""menu-item-1""><a></a></li> <li id=""menu-item-2"" class=""menu-item-2""><a></a></li> <li id=""menu-item-3"" class=""menu-item-3""><a></a></li> </ul> </div> }}} Expected output: {{{ // Formatted for readability <div class=""menu""> <ul> <li class=""page_item page-item-1""><a href=""/first/"" title=""First"">First</a></li> <li class=""page_item page-item-2""><a href=""/second/"" title=""Second"">Second</a></li> <li class=""page_item page-item-3""><a href=""/third/"" title=""Third"">Third</a></li> </ul> </div> }}} As you can see, the output from wp_page_menu is getting filtered through the walker, but since the walker was designed for menus specifically, it renders the default output from wp_page_menu useless (empty tags..etc)." bryanjwatson Future Releases 29728 Could be very useful 'wp_remove_nav_menu_item' Menus 3.0 normal normal feature request new has-patch 2014-09-22T17:38:57Z 2019-06-04T20:09:21Z "Hello there, I was developing a plugin that need to manage dynamically wordpress navigation menu. During develop I needed a function that remove a specific item by item ''''id'''' or ''''title'''' {{{ wp_remove_nav_menu_item( $menu_id, $item_id or $item_title ). }}} I googled for this but I don't have found a good solutions that work with API. I think that Wordpress could be better if you had this function in the next wp update. I hope this help to make Wordpress a better services. Thanks for developing this extraordinary CMS. Best regards Jonathan " JonathanBesomi Future Releases 24411 New site email being sent despite registrationnotification set to no Networks and Sites 3.5.1 normal normal defect (bug) new has-patch 2013-05-24T14:34:06Z 2019-06-04T20:05:34Z "When a new site is created in wp-admin/network/site-new.php it sends an e-mail to the admin email address to say the site has been created (line 92 in WP 3.5.1). I had assumed that the registrationnotification setting in wp-admin/network/settings.php would control this but it sends the e-mail regardless of this setting. I believe that sending this email should respect the registrationnotification setting or a new configuration option should be added to prevent sending out these e-mails." tomk-m Future Releases 32956 Adding Extra Table Navigation To Multisite Site list Networks and Sites 4.3 normal normal enhancement new has-patch 2015-07-10T10:05:31Z 2019-06-04T20:14:53Z "This is related to #26580. I thought it would be nice to add support for extra_tablenav() to the multisite table list. I'm not quite sure how this should be done, I used the same format other tables use, i created the ""restrict_manage_sites"" action. I think this may not be the best naming since if a ""sites"" post type exists it may conflict with this. If anyone has any ideas that would be awesome. " danielpataki Future Releases 31240 Combine domain and path UI in Add New Site flow jeremyfelt Networks and Sites 3.0 normal normal enhancement assigned has-patch 2015-02-05T19:10:46Z 2019-09-04T19:37:43Z We're planning on fixing the Edit Site flow in #22383. After that sits for a release, let's change the Add New Site flow to reflect this change as well. ericlewis Future Releases 37040 Enhancement: new function to validate a transient exists, and isn't expired without extra query Options, Meta APIs 4.6 normal normal enhancement new has-patch 2016-06-06T23:34:51Z 2019-06-04T20:59:56Z "Currently calling get_transient makes 2 queries, the first to validate if the transient exists & is not expired, the second to get the transient value. I propose creating a new function that does the job of the first query only. It should validate that the transient exists and hasn't expired returning a boolean. The get_transient should then be modified to call that function rather than get_option. The purpose here is to allow plugin / theme developers to minimize queries even further. Example: If all I need to do is check for a valid transient that only requires 1 query, I don't always need the value, just need to know whether it should be refreshed. In that case I could call valid_transient( 'transient' ). Since that value can be cached if I later need the full value then only one additional query would be needed. " danieliser Future Releases 20338 Slugs and special chars Permalinks 3.3 normal normal defect (bug) new has-patch 2012-03-31T16:18:03Z 2019-06-04T20:43:01Z "When Wordpress generates a slug, the apostrophe mark is stripped. Examples : ""I'm open"" > im-open[[BR]] ""L'équipe"" > lequipe[[BR]] ""Suzy's Place"" > suzys-place[[BR]] If the apostrophe is changed to ""-"" the auto generated slug will be more ""readable"" (and better for seo) : ""I'm open"" > i-m-open[[BR]] ""L'équipe"" > l-equipe[[BR]] ""Suzy's Place"" > suzy-s-place[[BR]] Maybe a constant to define what strategy to adopt ? " amirhabibi Future Releases 24241 Whitelist trackbacks/pingbacks from own site Pings/Trackbacks 3.5.1 normal normal enhancement new has-patch 2013-05-01T18:50:16Z 2019-06-04T20:44:10Z "Currently, if a user has only ""Comment author must have a previously approved comment"" selected in Settings->Discussion, pingbacks from their own blog are still held for moderation every time. Users would expect that, given those discussion settings, once they'd approved one self-ping, all future self-pings would appear without requiring moderation. There is a past ticket about this here: #999" eurello Future Releases 28226 menu_page_url does not return correct URL on network admin Plugins 3.0 normal normal defect (bug) new dev-feedback 2014-05-12T18:54:57Z 2019-06-04T20:47:00Z the `menu_page_url` function calls `admin_url` to build the URL returned. it should check for network admin first and use `network_admin_url` if present norcross Future Releases 15784 Contributors can't easily view others' posts in a certain term Posts, Post Types 3.0 normal normal defect (bug) new has-patch 2010-12-12T11:38:39Z 2019-06-04T20:41:39Z "As a contributor, the default tab is 'Me', not 'All'. But you can go to 'All' and see a list of all posts. At that time, you can also search for posts, and filter by category, date, etc. Those all work fine. You can also filter by category or tag by clicking a term in those columns, but this doesn't work -- all_posts=1 gets removed, and you end up seeing the 'Me' tab again. You can manually append all_posts=1, but there's no way to actually filter by term viewing all posts via the UI. Interestingly, the author query var works. That'd be bad if it didn't. But it doesn't append all_posts=1, so it's done internally." nacin Future Releases 11697 Keep private posts in the admin area / Was: Make private posts a canonical plugin Posts, Post Types 2.9 normal normal defect (bug) assigned has-patch 2010-01-02T21:33:21Z 2021-09-08T14:44:42Z "Said Matt: > Also, a lot of the complexity of private posts could be avoided by a relatively simple change: saying they're only viewable in the dashboard. (Which I think is close to how people use them already.) ---- There are quite a few tickets related to private posts that can be viewed by users who should, and even more tickets related to private comments that can be viewed by users who aren't authorized to view the post. There also is at least one ticket that highlights a performance issue related to private posts. http://core.trac.wordpress.org/search?q=private Would it be an option to turn this into a canonical plugin and begone with the problems?" Denis-de-Bernardy Future Releases 22957 get_boundary_post Only works from a single page Posts, Post Types 2.8 normal normal defect (bug) new has-patch 2012-12-16T00:36:35Z 2019-06-04T20:43:33Z "I was trying to use `get_boundary_post` in my theme to display a link to the first and last posts, but it does not work from the homepage. Unless called from a single post, `get_boundary_post` will return NULL. I can't see any reason for this behavior, or any good way around it." pathawks Future Releases 10230 get_pages function: number and child_of parameters conflict Posts, Post Types 2.8 normal normal defect (bug) assigned has-patch 2009-06-21T19:26:29Z 2021-01-15T23:31:39Z "Passing both number and child_of parameters to get_pages will produce nonsensical results. Within the function number is used first to limit the number of results, then child_of is used to establish results within a certain hierarchical scope. So with a structure of: {{{ Parent 1 Parent 2 Parent 3 Child 1 Child 2 Child 3 }}} passing a number=2 and child_of=(parent 3 id) will not give the expected output. In this case, the result will first be limited to only include: {{{ Parent 1 Parent 2 }}} so the child_of will be ignored. To produce a more logical result, child_of should be evaluated first, then number should be evaluated to limit the result set." ortsaipekim Future Releases 27326 wp_list_pages - exclude parameter changes behaviour depending on depth Posts, Post Types 3.8.1 normal normal defect (bug) new has-patch 2014-03-08T15:01:38Z 2019-06-04T20:46:05Z "Let's say I have four top level pages with IDs 1,2 and 3 and each has three children, say, (11,12,13), (21,22,23) and (31,32,33). If I run {{{ <?php wp_list_pages(); ?> }}} on that I'll get all the pages shown. So it'll be a list like: {{{ 1 11 12 13 2 21 22 23 3 31 32 33 }}} If I run {{{ <?php wp_list_pages(exclude=3); ?> }}} then page 3 will not be shown and the hierarchy will collapse so 31,32,33 appear in the top level of the hierarchy. So what I'll get is: {{{ 1 11 12 13 2 21 22 23 31 32 33 }}} Given the existence of a separate ''exclude_tree'' argument, that is pretty much what I'd expect to happen, after all it has to show the child pages somehow. If I now introduce a ''depth'' argument so it is: {{{ <?php wp_list_pages(depth=3&exclude=3); ?> }}} I'd expect the same thing to happen as the ''depth'' shouldn't make any difference. What actually happens is that the ''exclude'' now behaves similarly to ''exclude_tree''. What I actually get is: {{{ 1 11 12 13 2 21 22 23 }}} Now that to me doesn't make sense." nosnurg Future Releases 10219 """Older Entries"" and ""Newer Entries"" links are wrong when entries displayed in ascending order" Posts, Post Types normal normal enhancement new has-patch 2009-06-19T16:41:02Z 2019-06-04T20:40:45Z "I added ""?order=ASC"" to a tag URL I was sending out to some people, because I wanted them to view a set of blog postings in ascending chronological order, and I noticed that the ""Older Entries"" and ""Newer Entries"" links at the bottom of the page were reversed. I fixed this with the attached changes to the default theme. I don't know if this is the ""right"" fix, but it worked for me, and if it isn't quite wrong, perhaps at least it will give a more experienced WordPress developer than I an idea for how to fix it properly. " jikamens Future Releases 36237 Add filter for post statuses in quickedit Posts, Post Types 4.4.2 normal normal enhancement new has-patch 2016-03-14T16:53:31Z 2019-06-04T20:55:48Z "To make changes to the quick edit status list, one has to use JS or action ''quick_edit_custom_box'' to add extra fields. In instances where some of the statuses need to be removed, JS is required. [[BR]] I propose that the statuses in ''wp-admin/includes/class-wp-posts-list-table.php (line 1284-1300)'' be stored in an array then filtered using ''quick_edit_statuses'' before the array is iterated through to create the select options.[[BR]] I'm available to submit a patch that does this " kakomap Future Releases 12726 Add get_post_by_*() functions Posts, Post Types 3.0 normal normal enhancement assigned dev-feedback 2010-03-27T05:57:13Z 2019-06-04T20:41:11Z "Current there are get_page_by_path() and get_page_by_title() function but they hardcode the post_type of 'page'. With support for new custom post types I'm finding a need for functionality to look up posts of custom post types: {{{ $args = array('post_type','my_custom_post_type'); $path = 'foo-bar'; $post = get_post_by_path($path,$args); $title = 'Foo Bar' $post = get_post_by_title($title,$args); }}} Another option would be a simple get_post_by(): {{{ $args = array('post_type','my_custom_post_type'); $path = 'foo-bar'; $post = get_post_by('path',$path,$args); $title = 'Foo Bar' $post = get_post_by('title',$title,$args); }}} This code is not hard to write but looking at the functions in post.php there's not one consistent style so I'm not sure what the best approach would be to write it. Further, I don't completely understand the significance of all the code in get_page_by_path() so wouldn't want to start with it (although I could see it being modified to use the more generic functions that I propose.) I can make these updates if I get enough direction from the core team, or I'd happily just see them get done. :) " mikeschinkel Future Releases 25787 wp_page_menu function is very inefficient Posts, Post Types 3.7.1 normal major enhancement new has-patch 2013-10-31T13:28:11Z 2019-06-04T20:45:05Z "I use wp_page_menu() to build my site's primary menu. The MySQL query this creates, selects all the columns from the wp_posts table. One of these columns is '''post_content'''. This means that when I create a menu, I am pulling massive amounts of data (the body text) from the DB which I will never (or very unlikely to) use. This adds a massive overhead which is killing my bandwidth. Through my own investigations I have found that a menu can be built using only these columns from wp_posts {{{ ID, menu_order, post_title, post_name, post_parent, post_type }}} This is much more efficient, but I do not feel I know the WordPress code base well enough to contribute to the core." whawker Future Releases 30184 Author page and category Query 3.1 normal normal defect (bug) new needs-unit-tests 2014-10-29T19:20:41Z 2019-06-04T20:47:56Z "Got errors like next in debug.log PHP Notice: Undefined property: stdClass::$ID in /www/test1/wp-includes/query.php on line 4074 PHP Notice: Undefined property: stdClass::$nickname in /www/test1/wp-includes/query.php on line 4076 PHP Notice: Undefined property: stdClass::$user_nicename in /www/test1/wp-includes/query.php on line 4078 In wp-includes/query.php we have the method {{{ public function is_author( $author = '' ) { if ( !$this->is_author ) return false; if ( empty($author) ) return true; $author_obj = $this->get_queried_object(); $author = (array) $author; if ( in_array( $author_obj->ID, $author ) ) return true; elseif ( in_array( $author_obj->nickname, $author ) ) return true; elseif ( in_array( $author_obj->user_nicename, $author ) ) return true; return false; } }}} But if we query a author page with category param queried_object actually will be the category term object, so next patch prevent such problems {{{ public function is_author( $author = '' ) { if ( !$this->is_author ) return false; if ( empty($author) ) return true; $author_obj = $this->get_queried_object(); if ( ! is_a( $author_obj, 'WP_User' ) ) return false; $author = (array) $author; if ( in_array( $author_obj->ID, $author ) ) return true; elseif ( in_array( $author_obj->nickname, $author ) ) return true; elseif ( in_array( $author_obj->user_nicename, $author ) ) return true; return false; } }}} " dimitrov.adrian Future Releases 16706 "Queries using ""category__and"" are slow on large databases" chriscct7 Query 3.1 normal normal enhancement assigned has-patch 2011-02-28T22:20:52Z 2019-06-04T20:41:52Z "Summary: Using ""category!__and"" in query_posts() generates a dependent subquery in MySQL with extremely poor performance (""Using temporary, Using filesort"") when one of the categories has a large number of posts. The result is so slow that WordPress appears to completely hang. Changing the query structure avoids the filesort and solves it. Details: We have a customer doing this as part of a theme in WordPress 3.1: {{{ query_posts(array( ""category__and"" => array(1, 461), ""posts_per_page"" => 6 )); }}} The database is fairly large. There are 45,610 posts in category 1, and 167 posts in category 461. The resulting database query runs for so long that it effectively hangs (it doesn't finish within 30 minutes). The generated MySQL query looks like: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.* FROM wp_posts WHERE 1=1 AND ( wp_posts.ID IN ( SELECT object_id FROM wp_term_relationships WHERE term_taxonomy_id IN (1,461) GROUP BY object_id HAVING COUNT(object_id) = 2 ) ) AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 6; }}} An ""explain"" on this query shows that it generates a dependent subquery that devolves to a filesort: {{{ +----+--------------------+-----------------------+-------+------------------+------------------+---------+-------------+-------+-----------------------------------------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+--------------------+-----------------------+-------+------------------+------------------+---------+-------------+-------+-----------------------------------------------------------+ | 1 | PRIMARY | wp_posts | ref | type_status_date | type_status_date | 44 | const,const | 8177 | Using where; Using index | | 2 | DEPENDENT SUBQUERY | wp_term_relationships | range | term_taxonomy_id | term_taxonomy_id | 8 | NULL | 25665 | Using where; Using index; Using temporary; Using filesort | +----+--------------------+-----------------------+-------+------------------+------------------+---------+-------------+-------+-----------------------------------------------------------+ }}} I've tried adding indexes, optimizing, and so on to get the filesort to go away, but I can't get it to do so, at least not with MySQL 5.0.x. The filesort comes from the ""GROUP BY ... HAVING"". Changing the query to avoid those fixes this. For example, this appears to produce the same results: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.* FROM wp_posts WHERE 1=1 AND ( SELECT COUNT(1) FROM wp_term_relationships WHERE term_taxonomy_id IN (1,461) AND object_id = wp_posts.ID ) = 2 AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 6; }}} But it finishes in a fraction of a second and generates cleaner ""explain"" output with no filesort: {{{ +----+--------------------+-----------------------+------+--------------------------+------------------+---------+----------------------+------+--------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+--------------------+-----------------------+------+--------------------------+------------------+---------+----------------------+------+--------------------------+ | 1 | PRIMARY | wp_posts | ref | type_status_date | type_status_date | 44 | const,const | 8177 | Using where | | 2 | DEPENDENT SUBQUERY | wp_term_relationships | ref | PRIMARY,term_taxonomy_id | PRIMARY | 8 | database.wp_posts.ID | 1 | Using where; Using index | +----+--------------------+-----------------------+------+--------------------------+------------------+---------+----------------------+------+--------------------------+ }}} So my suggestion is that the ""category!__and"" query be changed to something like this that avoids filesorts. (I could provide a patch if people agree that this change is a reasonable approach.)" tigertech Future Releases 28326 List Tables don't update properly after Quick Edit Quick/Bulk Edit normal normal defect (bug) new dev-feedback 2014-05-21T15:06:40Z 2023-02-17T09:19:06Z "Scenario: I have 2 sticky posts. I go to the Post list table and click the ""Sticky (2)"" link. I see my 2 stickies. I Quick Edit one of them and make it no sticky. What do I see? (drumroll): Both posts + a link that says ""Sticky (2)"" " wonderboymusic Future Releases 22236 edit.php: Apply when Bulk Actions selected forgets tag= filter Quick/Bulk Edit 3.4.2 normal normal defect (bug) new has-patch 2012-10-20T22:54:28Z 2019-06-04T21:07:50Z "Using WordPress 3.4.2, go to Posts, and click on one of the tags on one of your posts. The URL now contains tag=<tag>, and the screen shows the first 20 posts with that tag. Now click the Apply button just next to the ""Bulk Actions"" drop-down at the top left. I expect this to reload the page but otherwise have no effect. Instead, it reloads the page without the tag=<tag> URL parameter, and shows the first 20 posts (irrespective of tag). This is surprising and confusing - it's easy to accidentally hit ""Apply"" without having chosen an action, but at first glance it looks like nothing has happened. The user can then go on to do a bulk action (e.g., add category) without realising the tag they previously had selected is now no longer selected. Note that filters (e.g., by category) that are set up using the Filter button *are* preserved when Bulk Actions / Apply is chosen - it's just tags that are lost." kw217 Future Releases 25194 Filtered IIS rewrite rules not added to web.config Rewrite Rules 3.6 normal normal defect (bug) new has-patch 2013-08-30T16:13:20Z 2019-06-04T21:09:02Z "If using IIS and web.config, appending rules via the filter 'iis7_url_rewrite_rules' will not add the filtered content if a rule for 'wordpress' already exists in the web.config file. Expected behavior: Even after WP has added its rule to web.config we should be able to influence the rules content in the web.config via the filter. Steps to reproduce: 1. Use a system running IIS that supports rewriting in the web.config 2. Visit permalinks page so WP generates the 'wordpress' rule in the web.config 3. Add a filter to 'iis7_url_rewrite_rules' and append the following rule: '<rule name=""testrule"" stopProcessing=""true""><match url=""readme.html""/><action type=""Rewrite"" url=""foo.html""/></rule>' 4. Visit the permalinks page 5. Rule will not be appended to web.config file Correct behavior: 1. Repeat steps 1-3 above 4. Remove the 'wordpress' rule from web.config file 5. Visit permalinks page 6. Filtered rule text will be present in this case" pat@… Future Releases 33521 manage_${post_type}_posts_columns parameters shifted Taxonomy 4.3 normal minor defect (bug) new reporter-feedback 2015-08-23T21:28:05Z 2019-06-04T21:16:27Z "Hello, manage_${post_type}_posts_columns requires three parameters, however, as shown in the link below, it only uses 2. https://core.trac.wordpress.org/browser/tags/4.2.2/src/wp-admin/includes/class-wp-posts-list-table.php#L978 The paremeters are also shifted. The example below shows the var dump outputs in render_column_with_bug(): {{{ <?php class Example_Class { public function __construct() { add_action( 'admin_init', array( $this, 'init_columns') ); } public function init_columns() { $supported_post_types = array( 'posts' => 'posts', 'pages' => 'pages', 'category' => 'edit-category', 'post_tag' => 'edit-post_tag', ); foreach ( $supported_post_types as $slug => $type ) { add_action( ""manage_{$type}_columns"", array( $this, 'add_column'), 10, 1 ); // Add 3rd parameter because of bug add_action( ""manage_{$slug}_custom_column"", array( $this, 'render_column_with_bug'), 10, 3 ); } } // Add new column name here public function add_column( $columns ) { $columns = array_merge( array( 'my_column_name' => 'column_slug', ), $columns ); return $columns; } // Output column contents here here public function render_column_with_bug( $column, $post_id, $tax_id = '' ) { $status = ''; var_dump ( $column ); /* Outputs: column name on posts/pages Outputs: empty string on taxonomies */ var_dump ( $post_id ); /* Outputs: post id posts/pages Outputs: column name taxonomies */ var_dump ( $tax_id ); /* Outputs: empty string on posts/pages Outputs: taxonomy id on taxonomies */ if ( $column == 'my_column_name' ) $status = $this->post_status(); echo $status; } // Output column contents here here public function render_column_bug_fixed( $column, $post_id, $tax_id = '' ) { $status = ''; $type = get_post_type( $post_id ); if ( !empty ( $tax_id ) && ! $type ) { $column = $post_id; $screen = get_current_screen(); $type = $screen->id; } if ( $column == 'my_column_name' ) $status = $this->post_status(); echo $status; } public function post_status() { // render output } } new Example_Class(); }}}" Cybr Future Releases 18448 wp_insert_category() is Not Properly Abstracted chriscct7 Taxonomy 3.0 normal normal defect (bug) assigned has-patch 2011-08-16T17:43:09Z 2019-06-04T21:07:06Z "If you look in http://core.trac.wordpress.org/browser/trunk/wp-admin/includes/taxonomy.php there is still a note that says ""The 'taxonomy' key was added in 3.0.0."" However, this function calls category_exists() and cat_is_ancestor_of(), which never recognized the taxonomy argument." miqrogroove Future Releases 24837 querying optimization for category AND searching Taxonomy 3.6 normal normal enhancement new has-patch 2013-07-25T15:28:20Z 2024-03-13T21:26:13Z "querying category with an AND for two term_id's plus having a 50,000 + posts site causes the query produced by get_sql in wp-includes/taxonomy.php to take excessive amount of time. On my site the current query in trunk takes 200 + seconds and the optimizes query takes 100 to 200 milliseconds. Sub selects in mysql are not optimized on the server very well. Example code to utilize query {{{ query_posts(array('category__and' => array($term0_id,$term1_id))); }}} affected code starts on line 724 of wp-includes/taxonomy.php Potential problems. 1. I simply added the temp table to the $join variable not knowing if this will cause problems on other queries 2. Clean up of the temporary tables may be needed after query is executed with a persistent connection but in my case they can be left there as mysql will garbage clean them after script disconnects. Attached is a patch to wp-includes/taxonomy.php " robertv123 Future Releases 23669 Allow front page template to fall back to home template when site displays blog posts index on front page Themes 3.5.1 normal normal enhancement new close 2013-03-02T21:15:25Z 2019-06-04T21:08:23Z "The `front-page.php` template file is intended to define custom, static front page content. However, this template file takes precedence, regardless of whether `get_option( 'show_on_front' )` is set to `'posts'` or `'page'`. If the user sets the front page to display the blog posts index, this choice is effectively superseded by `front-page.php`, and the blog posts index is not displayed unless the Theme specifically accounts for this setting in the template file, using something like so: {{{ if ( 'posts' == get_option( 'show_on_front' ) ) { get_template_part( 'home' ); } else { // front page markup goes here } }}} But requiring all Themes to include such a conditional in `front-page.php` essentially defeats the purpose of the the `front-page.php` file in the template hierarchy. Instead, WordPress should consider `get_option( 'show_on_front' )`, and should return ''either'' `front-page.php` (for `'page'`) ''or'' `home.php` (for `'posts'`) on the site front page. Attached patch modifies `get_front_page_template()` accordingly. Impact to current Themes is almost certainly minimal to none, for Themes that already properly use `front-page.php` and `home.php`." chipbennett Future Releases 19579 Make get_search_form() more filterable/extensible Themes 3.3 normal normal enhancement new has-patch 2011-12-16T15:16:17Z 2019-06-04T21:07:18Z "I notice that a lot of the time when Themes include custom search form markup via `searchform.php`, they are making very minor changes to the default markup. (A common on is adding onfocus/onblur attributes to the input.) Unfortunately, I've also noticed that custom search form markup tends to be... forgotten, and ends up becoming more insecure over time. So, in the interest of encouraging/facilitating use of the core markup, I propose making `get_search_form()` more extensible, similar to the extensibility of `comment_form()`. This patch replaces `$echo = true` with `$args = array()` as the parameter passed to `get_search_form()`, while retaining backward compatibility with `$echo = true`. Also, a (self-explanatory) `search_form_defaults` filter is added. Also addresses #16538 Does '''not''' address #16541, which is potentially related. Probably '''conflicts''' with #14851 Also related: #19321" chipbennett Future Releases 35707 On installation page, autocompleted password should not be visible. Upgrade/Install 4.3 normal normal defect (bug) new dev-feedback 2016-02-03T22:03:17Z 2020-02-15T17:48:03Z "We have a development server where new installations of WordPress are regularly created on the same domain. On the WP installation page, if you enter a username used elsewhere on the domain, the password field will be autocompleted if you have set the browser to remember it. The fact the autocomplete occurs is not a problem - however, the password appears in plain text. If anybody else is watching the screen, seeing a brand new random password for a brand new installation is OK (and you can click hide and change it if necessary) - but seeing a saved password from elsewhere is not. Autocompleted passwords should never appear in plain text. Removing autocomplete is one option, though some people may find it useful - but I think the ideal solution is that any changes to the password field should hide it automatically." smerriman Future Releases 16156 update-core is oblivious to api.wp.org being unreachable Upgrade/Install normal normal defect (bug) new dev-feedback 2011-01-08T09:51:38Z 2020-09-17T18:31:46Z "A server running 3.0.4 had trouble reaching *.wordpress.org for some unknown reason. (This wasn't during the brief api.wp.org outage, and it worked otherwise.) Problem is, update-core was completely oblivious to this. It's even worse when running 3.1, because the 'Check Again' button will refresh the page and tell you we last checked for updates *just now*. Try Again or Check Again should reflect that the API is unreachable when this can be determined. Claiming that we checked for updates is also really lame, so we should see if the transient tells us how long it's been since the last one. Side note, the plugin install et al. HTTP error messages are rather cryptic, and we should also make those more user friendly." nacin Future Releases 31127 Can't add a new user to two sites before they've accepted their account jeremyfelt Users 3.0 normal normal defect (bug) assigned needs-unit-tests 2015-01-25T18:57:47Z 2019-06-05T06:40:34Z "In multisite, when adding a new user to a site, the user account isn't created immediately. Their info is stored in the `wp_signups` table until the user checks their email and clicks their sign-up acceptance link. If an admin attempts to invite the user to a second site before the person has accepted their user account for the first, they'll get this message: > That username is currently reserved but may be available in a couple of days. > That email address has already been used. Please check your inbox for an activation email. It will become available in a couple of days if you do nothing." ericlewis Future Releases 15001 Duplication and incompatibilities in register_new_user() and wp_insert_user() Users 3.0 normal normal defect (bug) new needs-unit-tests 2010-09-30T19:16:11Z 2019-06-05T06:37:31Z "As a result of [12778], the commit of a patch that was part of #11644 (the MU-merge ticket), `wp_insert_user()` was modified to introduce user verification checks. The addition of these checks also introduced a number of duplications and incompatibilities between it and `register_new_user()`. (Bear in mind that `register_new_user()` calls `wp_create_user()` which calls `wp_insert_user()`.) These issues include: * Duplication (both run-time execution and code): both functions perform `username_exists()` and `email_exists()` checks. Ideally, we should only perform each check once, and from a single piece of code. * Whereas both functions perform `username_exists()` and `email_exists()` checks, `register_new_user()` performs more checks (empty_username, invalid_username, empty_email, invalid_email). If the former 2 are being checked, all 6 criteria should be checked. * `wp_insert_user()` can now return a WP_Error object, but `register_new_user()` can't handle it (I reported this in #14290) * `register_new_user()` generates a new generic error if `wp_create_user()` (via `wp_insert_user()`) returns an error (assuming proper patch #14290), rather than passing along the more specific error it was told about If an error is returned by `wp_create_user()`, `register_new_user()` throws a generic 'registerfail' error (`'<strong>ERROR</strong>: Couldn’t register you... please contact the <a href=""mailto:%s"">webmaster</a> !'`). However, most likely it received a more informative WP_Error object. * `register_new_user()` allows errors to be suppressed via filters, but `wp_insert_user()` does not `register_new_user()` has the filter 'registration_errors' which allows plugins to suppress any encountered errors. Having done so, `register_new_users()`'s subsequent call to `wp_create_user()` can generate an error (of the type already suppressed) which is then un-suppressable. This renders the 'registration_errors' filter useless for the username_exists and email_exists errors (and possibly other in the future). ---- These different issues may warrant separate tickets, but cumulatively I think they point to the need to refactor `register_new_user()` and `wp_insert_user()` to be more efficient and compatible. This is a rare instance where I don't include an immediate patch for a ticket, but I wanted to get it out there and see if we can try and get these fixed for 3.1. " coffee2code Future Releases 37202 the_archive_title() doesn't output the author's display name if that author hasn't posted Users 4.5.3 normal normal defect (bug) new has-patch 2016-06-27T18:25:38Z 2021-11-19T18:10:30Z "In my archive.php template, if I do this: {{{ get_header(); the_archive_title( '<h1>', '</h1>' ); // Rest of code... }}} and then take a look at example.com/author/joebloggs, I expect to see: = Author: Joe Bloggs = The problem is if joebloggs hasn't posted yet, I see this: = Author: =" henry.wright Future Releases 22921 Allow get_users() to return array of values via 'fields' parameter Users 3.5 normal normal enhancement new dev-feedback 2012-12-13T17:39:24Z 2021-04-14T13:24:16Z "Currently, the `'fields'` parameter in the arguments array for `get_users()` only accepts either an array of user data fields, or the string `'all'`. Both of these options cause `get_users()` to return an array of object comprised of the specified user data. Passing any other string value to `'fields'` causes `get_users()` to return an array of user IDs. Per the Codex: > Array of objects, '''except when fields specifies a single field to be returned, then an array of values is returned'''. If fields is set to all_with_meta, it will return an array of WP_User objects. This statement appears to be untrue, but would be incredibly useful if it were true. Patch adds this functionality to `get_users()`. Potentially related: #18581" chipbennett Future Releases 12960 Number of posts on the Users page should include drafts and pending review Users 2.9.2 normal normal enhancement new has-patch 2010-04-11T02:35:03Z 2020-04-08T13:38:43Z "The numbers of posts on the Users page currently only include published posts, which I think is not good enough. For example, I have a contributor who has only written a few drafts and submitted a few articles for review. If I decide to delete him and base my decision on what I see on the Users page, I would probably just go with the ""Delete the user and all his posts"" option, which would delete more than I would expect." archon810 Future Releases 14460 New Permission for no_user_edit so users with edit_users can't edit it Users 3.0 normal normal feature request new dev-feedback 2010-07-29T23:28:18Z 2019-06-05T06:37:28Z "I recently experienced a problem where I have an administrator role with full access and a site administrator role with most access including the ability add, edit, and delete users. However, I don't want the Site Administrator to be able to delete users of the role Administrator. The change I'm proposing is a new permission or marker which states that if enabled, this user can't be changed by another user who isn't the same role. If possible, I might try to add the patch myself. This is a fairly important issue which would is interfering with WordPress' use as a content management system, and the only work around I've found is to edit core file." brandon.wamboldt Future Releases 40862 Partially visible controls within a pane do not scroll into view jpurdy647 Customize low normal Future Release enhancement assigned has-patch 2017-05-25T13:51:57Z 2020-11-25T19:39:42Z "If the widget pane has many widgets, sometimes the widget dialogue will not be visible when the edit shortcut icon is clicked on the page. If any part of the control is visible, it does not fully scroll into view even though the focus is properly set. A few notes: - If the widget is not in view at all wihtin the pane, it properly scrolls it into view and focuses. - The problem also occurs if the pane is not currently visible when the edit shortcut is clicked. Clicked edit shortcut on a widget in view in the sidebar: https://cldup.com/EPHX4omF81.png Clicked edit shortcut on a widget with part of the header visible in the pane: https://cldup.com/gOsa9rovWG.png" desrosj Future Releases 31798 Editor: switch undo and redo in RTL Editor low normal Future Release defect (bug) new has-patch 2015-03-29T11:35:54Z 2021-06-01T13:46:56Z "The undo and redo icons in RTL should we switched. LTR: https://cloudup.com/cHOxlUfHbAp Current RTL: https://cloudup.com/cizBcGBMkCa Proper RTL: https://cloudup.com/cSCyiF_HxMA " yoavf Future Releases 43990 Use wp_delete_file instead of unlink Filesystem API low normal Future Release enhancement assigned has-patch 2018-05-07T14:35:43Z 2018-05-14T19:44:35Z Use `wp_delete` instead of `unlink` as much as possible throughout the codebase. macbookandrew Future Releases 56262 WP_List_Util::pluck doesn't support a null $field General 3.1 low minor Awaiting Review enhancement new has-patch 2022-07-20T20:28:53Z 2022-07-26T17:45:51Z "[https://www.php.net/manual/en/function.array-column.php array_column()] accepts a `null` value for the `$column_key` parameter. When passed `null`, it returns the complete array, which is a useful trick for reindexing database results, etc. {{{#!php $array = [ [ 'id' => 123, 'name' => 'Joe' ], [ 'id' => 345, 'name' => 'Sally' ] ]; array_column( $array, null, 'id' ); // [ 123 => [ 'id' => 123, 'name' => 'Joe'] ... }}} `wp_list_pluck()` doesn't work when using that on an object, though: > Warning: Undefined property: stdClass::$ in wp-includes/class-wp-list-util.php on line 185 It seems like `array_column()` has had support for objects since PHP7, so one way to achieve this might be something like: {{{#!php if ( version_compare( ... ) { return array_column( $this->output, $field, $index_key ) } // existing code remains as fallback for older versions }}} It might be good to use something like `7.0.7` to skip a few bugs that were fixed." iandunn Future Releases 44236 Maintain consistency between privacy export report and archive filenames GripsArt Privacy 4.9.6 low minor Future Release defect (bug) assigned needs-unit-tests 2018-05-26T00:03:07Z 2019-01-27T09:03:40Z "Prior to r43180, the export `.zip` filename changed every time it was regenerated; after that commit, it was reused to ensure links aren't broken (see #43905). That commit didn't do anything to the `.html` filename, though, so after the initial regeneration, the value of `$obscura` will not match between the two filenames. I don't think this presents any issues for Core, and might not for plugins either, but it seems like they should be consistent, just to be safe. If a plugin hooks into `wp_privacy_personal_data_export_file_created`, it may reasonably assume that the filenames to match, and do something like `str_replace( '.html', '.zip', $foo )`. That seems unlikely, since both filenames are passed to the callback, but it's better to be safe than sorry." iandunn Future Releases 41757 Add action inside of add_new_user_to_blog() function Users 3.0 low minor Future Release enhancement new has-patch 2017-08-30T02:26:16Z 2017-09-26T07:59:07Z "When adding a new user to a site in multisite, the full `$meta` array is passed in from the relative entry in the `wp_signups` database table, but it's impossible to do anything with it here because no action exists in this function. * A similar action does already exist in `add_existing_user_to_blog()`. * We could use the `wpmu_activate_user` hook, but we'd need to reconfirm if the user was added to the site again, which is not ideal because some complex blog switching may need to occur to do so I'll attach a patch shortly that adds an action to match `add_existing_user_to_blog()`." johnjamesjacoby Future Releases 25419 Add icon support for widgets on the admin page and customize screens Widgets 3.9 low minor Future Release enhancement new dev-feedback 2013-09-25T17:05:07Z 2018-03-05T20:34:27Z With the incorporation of live widget previews (widget customizer), an available widget browser is displayed which lists all widgets along with a dashicon for each. These icons should be incorporated into the widgets admin page now, as well. westonruter Future Releases 23290 When using switch_to_blog() with a persistent object cache that lacks wp_cache_switch_to_blog() support, non-persistent groups are not maintained Cache API 3.0 low normal defect (bug) new needs-unit-tests 2013-01-25T05:28:44Z 2019-06-04T19:41:33Z If you're using a persistent object cache that lacks the new `wp_cache_switch_to_blog()` support, WordPress core `else`s into a complete cache clobbering branch. It is smart about grabbing the global groups and re-adding those after `wp_cache_init()` is called, but it doesn't do the same for non-persistent groups. Those are a hardcoded array. So if you call `switch_to_blog()`, you would lose any custom-added non-persistent groups. markjaquith Future Releases 31599 White space between visual editor content and status bar Editor 4.1 low normal defect (bug) new has-patch 2015-03-11T18:55:56Z 2019-06-05T06:52:53Z Happens when the 'path' is hidden. iseulde Future Releases 12769 Disappearing posts/pages (in quickedit mode) Quick/Bulk Edit 2.9.2 low minor defect (bug) new has-patch 2010-03-30T08:53:39Z 2023-02-17T08:48:36Z "Steps to reproduce: 1. Quickedit a post. 2. Click save and instanly click quick-edit on another post. When the ajax-request completes the first quick-edited post will disappear from the posts table. This is only a display bug." catahac Future Releases 56499 count() used in the loop condition Comments lowest normal Awaiting Review defect (bug) new has-patch 2022-09-02T12:40:53Z 2022-09-21T15:22:51Z The use of count() inside a loop condition is not allowed; assign the return value to a variable and use the variable in the loop condition instead. krunal265 Future Releases 33405 "Pagination - use of helip / ""..."" not logic in some cases" Themes 4.2.4 lowest trivial enhancement new has-patch 2015-08-18T16:40:31Z 2019-06-04T21:27:45Z "Hi there, I believe there is some improvement potential in the logic of the pagination. The ""..."" indicator does not really serve its purpose, in case you have it only hiding one page link - see attached screenshot. Would propose to change the function generating the pagination to only use it in case it at least covers 2 page links." th23