ticket summary owner workflow __group__ _version priority severity milestone type _status _created modified _description _reporter Comments 2691 HTML comments in posts aren't handled properly. adamsilverstein* needs-unit-tests Formatting 2.8.5 normal normal Future Release defect (bug) accepted 2006-04-25T03:16:37Z 2024-01-10T10:11:05Z "When an HTML comment is added in a post, autop adds paragraph (

) tags around the comment and for multi-line comments line breaks (
) are added after every line. This should not happen in HTML comments. This ticket is similar to #712 which was closed with wontfix. I would like to know why this isn't seen as an issue? It prevents the addition of RDF and other metadata, not to mention just plain old HTML comments in posts." gord 36 2833 wpautop breaks style and script tags dev-feedback Formatting 2.0.3 low normal Future Release defect (bug) reopened 2006-06-17T20:36:00Z 2022-03-29T01:38:54Z "When I create a post in which I want to include Javascript or some styles, WordPress 'breaks'when showing those posts, because all newlines in the SCRIPT and STYLE tag are converted into BR tags. Example: {{{ }}} Becomes: {{{
}}} And: {{{ }}} Becomes {{{
}}} This happens because wpautop adds those BR tags to the post. (As it should, just not within STYLE or SCRIPT tags.) I've made a (temporary?) workaround for this by creating a pre and post event for wpautop, which substitute the necessary newlines by a temporary value in the pre event and placing them back in the post event. Although I think this should be incorporated in wpautop itself. See also: http://wordpress.org/support/topic/76433 and http://wordpress.org/support/topic/76297 While searching trac I also found ticket #2346, which is about the same problem, but which was for 2.0 and self-closed by the submitter? P.S. I have TinyMCE turned of." Nazgul 37 3260 XML output (rss, atom, rdf ...) should always use UTF-8 or CDATA for user input stevenkword has-patch Feeds 2.8.2 normal normal Future Release defect (bug) assigned 2006-10-18T02:33:58Z 2024-02-11T12:23:24Z "If none UTF-8 is used, user generated text like titles or categories may contain unallowed entities. The elements , <tagline>, <dc:subject>, <category> (there may be more) are not protected width <![[CDATA ]]>. The conversion can be done width the PHP MulitByte function. If MB is not available, the <![[CDATA should be used instead. Please contact me for development help." deremder 16 3329 Need to strip % from the auto-permalink in the editor. pishmishy* needs-unit-tests Permalinks 2.0 normal normal Future Release defect (bug) accepted 2006-11-04T20:41:06Z 2023-02-02T12:43:17Z "I made an article with ""x = 18,98 * y - %10"" as title, and this generated http://www.example.com/blog/2006/11/03/x-1898-y-%10/ which doesn't work." Heyneken 20 3451 Page URI canonization markjaquith close Permalinks 2.1 normal normal Awaiting Review defect (bug) reopened 2006-12-07T04:46:08Z 2023-02-20T16:05:43Z "The nice permalink URIs for posts or categories are case-insensitive, but the page URIs are not. e.g. http://matt.wordpress.com/about/ cannot be reached via http://matt.wordpress.com/About/ This results in 404s being returned when a user incorrectly gets the case of the URI wrong. This is particularly a problem for weblogs that have migrated old pages to WordPress, and have external pages pointing to them with varying case applied to the URIs." pah2 18 3670 Removing CDATA close tag ( ]]> ) unbalances the CDATA block andy needs-unit-tests Posts, Post Types 2.1 normal minor Future Release defect (bug) new 2007-01-25T05:55:47Z 2023-02-10T03:00:14Z "I'm not sure if this is a bug per se, but it breaks included JS in my posts that are escaped with a CDATA section. I've basically commented out the following line in the_content() every time I upgrade: //$content = str_replace(']]>', ']]>', $content); A user on the wp-testers list indicated that this was part of making sure that included CDATA blocks didn't break RSS feeds. I don't use CDATA sections directly in my RSS feeds, so I haven't tested this. In my particular case, the JS is used to embed Flash movies (e.g. YouTube videos) in an XHTML compliant way (without embed tags). I have a custom plugin I've written that strips out the JS and replaces it with the embed tag in the RSS feed. Perhaps we should use a flag to activate this when the app is going through a feed. Ideally, though, it would simply be removed. Odds are that the CDATA block is being used for a JS block in a post body, and since most RSS aggregators don't allow JS by default, it would be safe to simply remove CDATA blogs if is_feed() is set." scenic 83 4328 Redirect Old Slugs feature needs to redirect slugs for pages, not just posts, and redirect old permalink structure SergeyBiryukov needs-unit-tests Canonical 2.2 normal normal Future Release enhancement reviewing 2007-05-24T01:52:44Z 2022-01-25T14:30:12Z "Create a page, browse to it, edit it, change its slug, WP redirects to the old page's slug and serves a 404. Wasn't WP 2.1 or WP 2.2 supposed to make the redirect old slug feature built-in? Along the same lines, it would be sweet if instead of simply redirect old slugs, WP would redirect old urls. When the date changes, when the page parent changes, or when the permalink structure changes, the url changes but neither of WP, the redirect old slug plugin, the permalink redirect plugin, or anything else catches this." Denis-de-Bernardy 49 4463 Pretty permalink on search aristath* has-patch Permalinks 2.3 normal normal 6.6 enhancement accepted 2007-06-14T03:00:49Z 2024-02-14T15:11:21Z "Ryan: {{{ In trunk, with cruft free links, I get stuff like this: http://foo.blog/page/3/?s=test That's not right. Maybe we should revert back to pre [5454] to fix the trunk problems. }}} [5454] was the commit for #3930 If at all possible, I'd like to work with the new code." markjaquith 25 4969 Make wp_list_* functions all behave similarly... igmoweb has-patch Themes 2.3 normal normal Future Release enhancement assigned 2007-09-13T14:18:22Z 2018-06-06T23:11:56Z "The sidebar template typically uses lists of lists to prettily display lists of pages, categories and bookmarks. Lists of pages, categories and bookmarks are forced to be items of lists themselves as the functions wp_list_pages(),wp_list_categories() and wp_list_bookmarks() wrap the output of functions in <li>..</li> tags by default. Lists are intended to indicate something about the structure of the document where as these forced <li> tags appear to be intended to provide pretty indentation. Nested-lists can also provide confusion for non-visual readers. wp_list_bookmarks() provides the ability to override this with category_before and category_after options. wp_list_pages() and wp_list_categories() should offer similar options. Ideally the accessible approach would be the default for these options but I don't believe this is possible without breaking existing themes." pishmishy 19 5130 Linking to multiple posts on your site breaks pingback due to comment flooding needs-unit-tests Pings/Trackbacks 2.3 normal normal Future Release defect (bug) new 2007-10-01T17:36:13Z 2023-03-22T11:30:42Z "http://scott.sherrillmix.com/blog/programmer/web/wp_pingpreserver/ is this useful in WP 2.3?" Denis-de-Bernardy 19 5250 wpautop() issue with lists needs-unit-tests Formatting 2.3 normal normal Future Release defect (bug) reopened 2007-10-24T00:32:38Z 2023-02-02T13:34:08Z "First of all, my sincere apologies if this is a duplicate. The problem, in short: WordPress inserted a number of unclosed `<p>` tags into my post. It should either insert correctly closed tags, or none at all. I honestly would prefer the former. In detail: I had HTML code very similar to this: {{{ <ul> <li>text<ul> <li>subtext</li> </ul>more text</li> </ul> }}} This was automatically converted to: {{{ <ul> <li>text<ul> <li>subtext</li> </ul><p>more text</li> </ul> }}} Note the extra `<p>` tag in the above, which is unclosed (making the W3C validator choke on my website). Also note, I was not using the WYSIWYG editor (turning it off was the first thing I did), so it's unlikely to be due to that. As a workaround, manually inserting properly closed `<p>` tags works just fine: {{{ <ul> <li>text<ul> <li>subtext</li> </ul><p>more text</p></li> </ul> }}} Since this workaround exists, the bug is not very prioritary, but it should also (hopefully) be easy to fix." Narc0tiq 5 5358 Queried object on multiple tag query holds only first tag has-patch Taxonomy 2.3.1 normal normal Future Release defect (bug) assigned 2007-11-15T05:17:21Z 2023-03-22T11:39:28Z "On tag page results when two or more tags are queried ('''/tags/foo,bar''' -or- '''/tags/foo+bar'''), only the first tag is in the queried object. So a simple: {{{ print_r($wp_query->get_queried_object()); }}} outputs a single associative array of the first tag referenced in the query. One would expect to find an array of all tags in the queried object." Kafkaesqui 14 5678 Respectfully strip newlines in some importers hansengel* Import 2.5 normal normal WordPress.org enhancement accepted 2008-01-16T11:20:02Z 2019-03-15T00:39:32Z "Filing this as an enhancement because it could do with some discussion and insight from wiser and more experienced heads before being labelled ""defect"". :-) I noticed while helping some users import their blogs that importers of HTML content (such as the RSS importer) don't tidy up superfluous newlines in the import format, which results in unnecessary {{{<br/>}}} elements after {{{wpautop()}}} filtering for display. They turn up in the editor too, which reinforces the problem. I've adapted one of the filter functions to strip superfluous newlines, and changed my RSS importer to use it. The results have been warmly welcomed by users, who no longer have to clean up their imported blog content. ;-) {{{strip_newlines()}}} should probably go into {{{wp-includes/formatting.php}}}, if there isn't already a function that already serves this purpose. I couldn't find one, so I adapted this. Given that similar HTML block/inline-savvy string-replacement code exists in other formatting functions, perhaps there's an opportunity for some refactoring here? I feel kind of silly proposing a function that is almost entirely duplicated from other code in the core. I've used it immediately before the ""Clean up content"" section in {{{wp-admin/import/rss.php}}}'s {{{get_posts()}}}, and in an Advogato importer that I've written (which also uses HTML as the content format). {{{ function strip_newlines($text) { // Respectfully strip unnecessary newlines $textarr = preg_split(""/(<[^>]+>)/Us"", $text, -1, PREG_SPLIT_DELIM_CAPTURE); $stop = count($textarr); $skip = false; $output = ''; // loop stuff for ($ci = 0; $ci < $stop; $ci++) { $curl = $textarr[$ci]; if (! $skip && isset($curl{0}) && '<' != $curl{0}) { // If it's not a tag $curl = preg_replace('/[\n\r]+/', ' ', $curl); } elseif (strpos($curl, '<code') !== false || strpos($curl, '<pre') !== false || strpos($curl, '<kbd') !== false || strpos($curl, '<style') !== false || strpos($curl, '<script') !== false) { $next = false; } else { $next = true; } $output .= $curl; } return $output; } }}} Thoughts?" jdub 9 5918 Allow non-ASCII usernames has-patch Users 2.3.3 normal normal Future Release enhancement new 2008-02-19T11:35:20Z 2019-03-15T00:39:49Z "Hello ... I can't make New username with arabic characters ... who i can apply an arabic characters in usernams ? Thank you ..." marshosh 25 5942 Add Owner role Role/Capability 3.1 normal normal Awaiting Review feature request reopened 2008-02-21T10:13:08Z 2017-11-06T17:05:19Z "This patch adds a new 'owner' role. The owner is an administrator who cannot be demoted, deleted or edited by other administrators. Owner is a secondary role - the user is both an administrator and an owner. In the current implementation there is only one owner at a time. The current owner can transfer ownership of the blog to another administrator on the Transfer Ownership tab (under Users). I implemented this as a plugin because some site owners won't want the feature there at all. This is of most interest for MU, but it's also probably useful for some regular WordPress blogs with multiple users. This would be particularly useful in conjunction with the user_role table from #5541, but it works fine with or without it." tellyworth 14 6269 RSS Import Doesn't Properly Strip CDATA Tags dev-feedback Import 2.3.3 normal normal WordPress.org defect (bug) new 2008-03-18T00:58:13Z 2019-03-15T00:40:20Z "When importing an RSS feed that uses the <description> tag as opposed to <content:encoded>, I noticed that WP's RSS import doesn't strip the CDATA tags as it does for the <content:encoded>. =========Code Lines (83-87)=============== {{{ if (!$post_content) { // This is for feeds that put content in description preg_match('|<description>(.*?)</description>|is', $post, $post_content); $post_content = $wpdb->escape($this->unhtmlentities(trim($post_content[1]))); } }}} ===================================== I tweaked the code to solve the problem (see below) ==========Tweaked Code=============== {{{ if (!$post_content) { // This is for feeds that put content in description preg_match('|<description>(.*?)</description>|is', $post, $post_content); $post_content = str_replace(array ('<![CDATA[', ']]>'), '',$wpdb->escape($this->unhtmlentities(trim($post_content[1])))); } }}} ====================================== I'd be happy to submit a patch, except I'm not quite that savvy yet. It would be great it someone could incorporate it. Thanks." sweetdeal 16 6286 "Proposed changes to ""E-mail me whenever"" Discussion Options" Comments 2.5 normal normal Future Release enhancement new 2008-03-18T19:14:55Z 2019-03-15T00:40:35Z "WRT the ""E-mail me whenever"" options on the Discussion options page: [[Image(http://img132.imageshack.us/img132/4215/picture1vf1.png)]] 1. For ""a comment is helf for moderation,"" the ""me"" is ambiguous. It should specify that it means the blog admin e-mail address. 1. For ""anyone posts a comment,"" again, ""me"" is ambiguous. In this case ""me"" means the author of the post. The comment notification setting is personal, and therefore should be set in the profile options (where it can retain the ""me""). Some authors may want e-mail notification, others might not." markjaquith 33 6297 Unbalanced tags across more and nextpage tags Formatting 2.5 normal normal Future Release defect (bug) reopened 2008-03-19T09:55:50Z 2019-03-15T00:40:50Z "It's easy to produce broken front page markup by including a --nextpage-- tag that breaks an enclosing bold or italic tag. There's some code in get_the_content that fixes this for --more-- tags, but it doesn't handle --nextpage--, and it'd be more efficient to do it at post save time. The enclosed patch fixes this by splitting the content into slices at those boundaries and separately balancing each slice. Balancing happens in the content_save_pre action. No filtering is needed on the output side for posts saved after this filter. It was a bit of a struggle figuring out where to fit this but I think the solution is fairly clean. It includes a new split_nextpage() function that can be used instead of ad-hoc regexps for splitting a post into pages. " tellyworth 18 6342 "Rapidly spamming/deleting comments can break ""infinite river"" feature on comment moderation pages" Comments 2.5 low minor Future Release defect (bug) assigned 2008-03-21T22:05:16Z 2019-03-15T00:41:30Z "Comment moderation pages have an ""infinite river"" feature whereby when you remove one comment (spam/delete), it'll load a new one at the bottom. Unfortunately, it doesn't seem to catch up if you click more rapidly than about once every 2 or 3 seconds, and you'll ""lose"" comments. At the end, you may just have one comment that, when dealt with, will be replaced by only one comment. This may have to do with doubleclicking the ""spam"" link, or maybe clicking the ""spam"" link of the next comment before the river action has finished." markjaquith 6 6393 Export & import blogroll with categories Import normal normal Future Release enhancement new 2008-03-26T17:01:38Z 2019-03-15T00:36:00Z "I have attached a patch which will export Blogroll OPML file having a category attribute in it. It is valid to have a category attribute in outline tag. Generated OPML file by wp-links-opml.php has been validated by http://validator.opml.org/. I have also updated link-import.php and link-parse-opml.php files in wp-admin to parse category attribute and create link_category in database if it does not exist and assign link to that category. This enhancement will automatically export and import link-categories with links." jayminkapish 5 6425 Support for RTL in feeds close Feeds normal normal Awaiting Review enhancement assigned 2008-03-27T20:56:51Z 2023-02-02T13:42:09Z "In the current state of most Feed readers, the only surefire way to make RTL content display properly is to have directionality enforced inside the content - that is, either with {{<div dir=""rtl"">}}} tags inside CDATA or with Unicode directionality characters (for e.g., RLE and PDF, or ‫ and ‬, or U+202B and U+202C.) for excerpts or titles. While we currently have pretty good support for RTL languages, there is no support for RTL in feeds - all is left up up to the feed reader. I suggest adding a mechanism to automatically insert these tags/characters for blogs that have text_direction set to RTL - much in the same way RTL css style sheets are loaded for these blogs. I have attached a patch that modifies the feed templates to insert these tags/characters. Note that there is no checking of blog directionality here - this is just an example of how to enforce RTL in feeds, not how to enforce it conditionally. This relate to a previous ticket I submitted (#5517), regarding adding an option to set the feed language - which currently just defaults to EN. Certain feed readers know to display RTL text in proper directionality according to feed language (for e.g., feeds that have their feed language set to HE (Hebrew), will get displayed from Right to Left). While setting feed language is not a comprehensive solution, it is a step in the right direction." RanYanivHartstein 8 6492 Guids No Longer Have Permalink Format Database 2.5 normal normal Future Release enhancement reopened 2008-03-31T06:03:30Z 2019-08-30T01:26:43Z "When you create a new post using WordPress 2.5 the GUID is created in the http://siteurl/?p=<PostId> format even when permalinks are enabled. This is because the _transition_post_status function in /wp-includes/post.php now checks if the guid is empty (which it never is) before resetting/creating it with the proper permalink structure. Line 2841 should be removed. " brianwhite 72 6619 permalink field misleading in page editor: it displays the erroneous values Editor 2.5 normal normal Future Release enhancement new 2008-04-06T14:48:15Z 2021-09-22T13:30:43Z "if you create a sub-page, the permalink field should display the proper permalink. currently, if you have: site.com/page/ and when you create: site.com/page/subpage/ the permalink shows: site.com/subpage/ until it gets saved the expected behavior would be for it to show the correct permalink. the same remark applies when you then change the permalink. if the parent is no longer page, but rather page-2, then the permalink should update accordingly." Denis-de-Bernardy 9 6778 Detect when the config will cause infinite loop dev-feedback Permalinks 2.5 normal normal Future Release enhancement reopened 2008-04-19T13:46:14Z 2019-03-15T00:34:39Z "Behavior: If you put in http://www.domain.com in the ""Wordpress Address"" setting, then Wordpress will automatically do a redirect from http://domain.com to http://www.domain.com. Many hosting packages allow the user to deal with www and non-www versions of their domain. This will cause an infinite redirect loop if, for example, the ""Wordpress Address"" is set to http://www.domain.com and the hosting setting is set remove the www from the domain address-- to redirect http://www.domain.com to http://domain.com. Expected behavior: When setting the ""Wordpress Address"" setting, it should detect if the canocical code will cause an infinite redirect loop and warn/correct the mistake" Analogpoint 21 6814 Async media crunching adamsilverstein dev-feedback Upload 2.5 normal normal Future Release enhancement assigned 2008-04-23T00:19:05Z 2022-08-24T14:14:22Z "The upload part of the new multi-uploader is pretty nice now, but it blocks on the ""crunching"" phase, which can sometimes take 20-60 seconds, I assume to create medium thumbnails and such. The crunching part of the upload should not block the next file beginning the upload process, it should happen asynchronously with the rest of the process." matt 18 6984 wpautop() formats the the contents of shortcodes Shortcodes 2.6 normal normal Future Release defect (bug) new 2008-05-17T10:34:02Z 2019-04-01T10:04:10Z "`wpautop()`, the bane of my existence as a plugin developer, is at it again. Here's an example of some PHP wrapped in a valid shortcode in a post of mine: {{{ [code lang=""php""]$text = str_replace( array('<p><p>', '</p></p>'), array('<p>', '</p>'), $text);[/code] }}} The content that gets passed to my shortcode function is this: {{{ $text = str_replace( array(' <p>', '</p> </p> <p>'), array(' <p>', '</p> <p>'), $text); }}} Expected result: it shouldn't touch the insides of valid shortcodes (like adding line breaks or anything as it is doing now)." Viper007Bond 18 7098 Multiple entity codes in POT file for the same character chriscct7 dev-feedback I18N 2.5.1 normal normal Future Release enhancement reviewing 2008-06-05T11:33:12Z 2019-05-26T15:33:37Z "In the wordpress.pot file, two characters are represented by both their numbered and lettered HTML entities. These are: '''Em-dash:''' the POT file contains both — and — '''Right angle quote:''' the POT file contains both » and » I'm not sure if it matters but it certainly is a little inconsistent. " leuce 11 7231 wp_link_pages: option next_and_number sorich87* has-patch Posts, Post Types normal normal Future Release enhancement accepted 2008-07-03T09:25:43Z 2019-03-15T00:33:27Z "with the next_or_number option of the wp_link_pages() function, it would be nice to have the option to use both. it gives the user the opportunity to easily go to the next/previous page, without loosing the other option of going immediately to a certain page example: __next__ __1__ 2 __3__ __4__ __5__ __6__ __previous__ " jan831 6 7745 Private posts cannot have unpublished or pending review status Posts, Post Types 2.6.1 low minor Future Release enhancement new 2008-09-15T16:32:19Z 2019-03-15T00:32:37Z "Posts with private ticked are immediately set to published, and cannot be reverted to unpublished or pending review while private is ticked. Given the default use of private posts, this behavior is understandable, but it seems far simpler if the behavior remained consistent with public posts. In our particular case, we are using Role Manager to allow subscribers to read private posts. A simple solution that suits our particular needs well. But we really need the full draft/review process, just as with public posts." nyoungman 15 7795 Activate and Deactivate Theme hooks Themes 2.7 normal normal Future Release enhancement assigned 2008-09-26T20:40:53Z 2019-03-15T00:32:18Z Currently, there is no standard way of checking whether of theme is activated, deactivated and uninstalled. Plugins have this capability and themes should also have the same to ensure that both share similar functionality. jacobsantos 26 7797 Consolidate iframe headers Administration 2.7 normal normal Future Release enhancement assigned 2008-09-26T23:35:46Z 2019-03-15T00:31:49Z "Currently iframes are being used in multiple locations (ie. thickbox, plugin re-activation, etc) and in each case, theres generally a function for the header and footer, or its inline. What i suggest, Is to create a standard set of admin templates which print the headers out for the pages. And a side suggestion:[[BR]] As an added bonus, It should probably be possible to automatically detect if it was loaded via thickbox ($_GET[TB_iframe] shouldnt be set) and serve the correct header (ie. Full admin side menu if no thickbox)" DD32 6 7813 export function does not preserve encoding tott has-patch Export 2.7 normal minor Future Release defect (bug) new 2008-09-30T20:07:25Z 2019-03-15T00:31:35Z "when exporting strings are always converted to utf-8 while header and encoding is set to encoding used in blog. this causes trouble when importing later." tott 2 7965 Database upgrade complete message should be an admin notice has-patch Upgrade/Install normal normal Future Release enhancement new 2008-10-25T18:53:28Z 2019-03-15T00:31:03Z When a database upgrade is complete we should just take you to the page you wanted to see and should an upgrade_complete admin notice instead of requiring another button click westi 7 8107 get_next_post, get_previous_post do not work for posts posted within same second dev-feedback Posts, Post Types 2.7 normal normal Future Release defect (bug) new 2008-11-08T12:34:22Z 2018-12-09T21:00:15Z "if you have posts that are published shortly one after the other (e.g. through a script or plugin that posts several posts at once) several of them may end up having the same post_date in the wordpress database table. this is due to the fact that mysql datetime seems to only maintain a precision of one second (see also this discussion: http://bugs.mysql.com/bug.php?id=8523). the problem now is that wordpress functions like get_next_post/get_previous_post (get_adjacent_post resp.) will no longer work correctly if something like this happens as they solely rely on a comparison of the post_date field and they don't treat the case where these timestamps are the same for several posts. the result is that e.g. get_next_post will pick one of the posts having the same timestamp and ""jump"" over the others, so the user will never see them. i see two possibilities around this 1.) treat cases with the same post_date by e.g. looking also at the post id (assuming it is always strictly increasing) or probably preferably 2.) make sure that no two posts have the same post_date timestamp by e.g. increasing post_date artificially when publishing the post and if another post already has the same timestamp. " whoismanu 12 8578 Blogger import incorrectly reports saved user information Import normal normal WordPress.org defect (bug) new 2008-12-11T16:53:52Z 2019-03-15T00:30:30Z "I installed a fresh copy of WordPress 2.7 and was importing content from a Blogger site. Before beginning to import, the page claimed that Blogger account information was saved in the database and that I could restart the process. Even after pressing the ""Clear account information"" button, the message still appeared." covert215 2 8592 Private Pages not listed in the Parent dropdown SergeyBiryukov has-patch Posts, Post Types normal critical Future Release enhancement reopened 2008-12-12T16:22:24Z 2023-12-06T17:33:31Z "Private pages are not available as a choice in the Parent dropdown of the Attributes module. You should be able to create a hierarchy of private pages if you want to. Tested with r10194." mtdewvirus 210 8828 Tags and Categories are undifferentiable in Atom and RSS feeds has-patch Feeds 2.7 low minor Future Release enhancement new 2009-01-09T11:48:18Z 2018-02-08T16:03:00Z "In RSS feeds this can be achieved using the 'domain' attributes of the category element. This is already done in WordPress export through the wxr_post_taxonomy function, so we just have to do the same in RSS feeds. In Atom feeds this can be achieved using the 'scheme' attributes of the category element. The Atom standard is not explicit about what to put in this scheme attributes. There is [http://edward.oconnor.cx/2007/02/representing-tags-in-atom an interesting topic on Edward O’Connor blog]. In my proposed patch, i decided to use the 1st representation and i also considered seriously the 2nd. In the patch, i'm also adding the 'label' attribute to the atom category element and changed the 'term' attribute to be the tag slug. Seems this are currently the best practices in the Atom community." znarfor 6 8857 Make WP MySQL strict mode compliant Database 6.4.2 lowest normal enhancement reopened 2009-01-14T11:25:26Z 2024-01-22T08:45:43Z "Incorrect Mysql scheme during WordPress installation on DBMS with strict date/datetime format settings will result in errors and will be unable to finish succesfully. Existing default date and datetime values are '0000-00-00' and '0000-00-00 00:00:00' which are not supported any more. Please see official Mysql dev documentation for more information: {{{ The DATE type is used when you need only a date value, without a time part. MySQL retrieves and displays DATE values in 'YYYY-MM-DD' format. The supported range is '1000-01-01' to '9999-12-31'. }}} http://dev.mysql.com/doc/refman/5.0/en/datetime.html " ghostks 21 8905 Category pagination broken with certain permalink structures Permalinks 2.7 normal normal Future Release defect (bug) assigned 2009-01-21T07:26:31Z 2021-01-27T10:17:49Z "If one uses a permalink structure with %category% followed by %postname%, accessing pagination can cause a 404, as WordPress attempts to look for a post called ""page"". As per http://barefootdevelopment.blogspot.com/2007/11/fix-for-wordpress-paging-problem.html Presumably can occur with other permalink structures too." rmccue 13 8924 autoload should be boolean in add_option() Database lowest normal Awaiting Review enhancement reopened 2009-01-22T23:51:48Z 2019-03-15T00:30:00Z "Regarding: CREATE TABLE `wp_options` (`autoload` varchar(20) NOT NULL DEFAULT 'yes', Why not boolean binary, or one character long? " jidanni 7 8994 Incorporate MediaRSS Plugin into core technosailor dev-feedback Feeds normal normal Future Release feature request new 2009-01-29T18:00:20Z 2021-02-07T22:38:35Z Per conversation on the hackers list, this ticket is a working area for incorporation of the MediaRSS plugin (http://wordpress.org/extend/plugins/mrss) into core for WP 2.8. technosailor 21 9102 Inverse proxy breaks permalinks needs-unit-tests Permalinks 2.7 normal normal Future Release defect (bug) assigned 2009-02-12T01:58:37Z 2019-03-15T00:29:35Z "I have a WP installation at my university's webspace (on an apache server), say http://myuni.ac.at/mydir/wordpress/ , and an inverse proxy domain http://mydomain.at/ for it. This means that any request to the latter, eg for http://mydomain.at/2009/02/12/inverse-proxy-trouble/ , is forwarded to http://myuni.ac.at/mydir/wordpress/ , which in turn means that the REQUEST_URI there becomes /mydir/wordpress/2009/02/inverse-proxy-trouble/ . My ''home'' variable is of course set to http://mydomain.at/ (''siteurl'' is set to http://myuni.ac.at/mydir/wordpress/ -- otherwise I wouldn't be able to login to WP). Unfortunately, when analyzing REQUEST_URI, wordpress chops off the ''home'' path, not the ''siteurl'' one. This may be okay for some purposes, but in the inverse proxy case, permalinks break. For a fix, I had to hack two wordpress core files, namely wp-includes/classes.php in function parse_request: change line 162 from {{{ $home_path = parse_url(get_option('home')); }}} to {{{ $home_path = parse_url(get_option('siteurl')); }}} and wp-includes/rewrite.php, in function get_pagenum_link, line 987, same modification. This is a dirty hack, of course; so I wonder if in general, using the ''siteurl'' path is valid in any case where the ''home'' host differs from the ''siteurl'' host. If so, I suggest changing the affected files in such a manner." Bernhard Reiter 5 9117 Spam queue doesn't distinguish between filter sources Comments 2.7 normal normal enhancement new 2009-02-12T22:50:51Z 2019-06-04T19:21:30Z "1. On the Settings / Discussion tab, go to the Comment Blacklist box, and add the string ""the"". 2. Post a comment containing the word ""the"". It will be caught as spam. 3. Visit the Comments / Spam tab. Your comment is there, but there is nothing to indicate whether it was caught by the Comment Blacklist, or by Akismet, or by another spam filter. Result: neither the user nor WordPress knows how to prevent that comment from being caught in future. Many users will forget about the Blacklist feature and assume their spam filter plugin is faulty. Suggested fix: comments caught as spam should record the reason. This should be displayed to the user, and used internally by spam filter plugins to decide how to handle false positives. " tellyworth 11 9257 EXIF GPS data dev-feedback Media 2.7 normal normal Awaiting Review enhancement assigned 2009-03-01T19:30:17Z 2024-03-06T16:33:55Z "Attached patch adds GPS longitude and latitude to image meta data. Changed: wp_read_image_metadata function (file: wp-admin/includes/image.php). It complies with exif standard: [http://www.exif.org/Exif2-2.PDF] (page 46) Commented on wp-hackers list: [http://comox.textdrive.com/pipermail/wp-hackers/2009-March/025093.html]" B-Scan 26 9296 Settings API & Permalink Settings Page Bug jfarthing84 Permalinks 2.7.1 normal major Future Release defect (bug) reopened 2009-03-07T05:33:55Z 2020-09-25T23:12:01Z Although there is a hook in the options-permalink.php to insert custom settings, it does not actually save any custom setting which is added to that page. Instead of posting to options.php like all the other options pages, it posts to itself and only handles the form data which is built into the wordpress core. It should be implemented on that page to also store custom settings that may be hooked onto that page. jfarthing84 38 9510 Multiple feed fixes and enhancements dev-feedback Feeds 2.7.1 normal major enhancement new 2009-04-11T09:36:47Z 2019-06-04T19:42:32Z Currently, the feed always returns the same subtitle, self link, alternate link and replies link no matter what the page type is. I think they should be different for each page type. peaceablewhale 26 9547 Taxonomy - interesting 'unused' term_order column in table term_relationships. dev-feedback Taxonomy 2.8 high normal Future Release enhancement assigned 2009-04-16T15:19:42Z 2023-11-28T19:15:17Z "During development of plugin [http://wordpress.org/extend/plugins/xili-language/ xili-language], and to sort term by term list of languages in a taxonomy, I discover unused column '''term_order''' in ''term_relationships'' table and lack of functions in core about this column. Like medias in post, here the user can define languages list with first, second, third,... languages for his website (and xml header). Taxonomy tools are here very powerful without adding tables or annoying coding. ([http://plugins.trac.wordpress.org/browser/xili-language/tags/0.9.8.2/xili-language.php see code here line 1309-1370]). Before to complete these very basic functions,… Is it forecast to have more basic / generic functions using '''term_order''' in taxonomy.php ? [http://core.trac.wordpress.org/ticket/9546 Related ticket]" michelwppi 36 9611 Make comment feeds fail with an error code when comments are closed dev-feedback Feeds 2.8 normal normal enhancement new 2009-04-21T14:12:42Z 2019-06-04T19:42:34Z "This is mostly a suggestion as an enhancement. When you close a post's comments and pings, it should no longer output an rss feed. Instead, it should return a not found (404) or gone (410) error and die. Likewise, if all posts and pages on a site disallow comments and pings, the comments feeds should not be broadcast, and should return the same error code. Thoughts?" Denis-de-Bernardy 9 9716 WordPress Theme/Plugin editor adds blank lines has-patch Administration 2.7.1 normal normal Future Release defect (bug) reopened 2009-05-03T20:32:01Z 2022-07-13T19:45:44Z "When I edit theme css in theme editor in WP admin !WordPress reformats my CSS and adds a blank life between entrys in css. it adds a cr and line break .... In other words if you have a 100 line css download with FTP look at in text editor it is now 200 lines as WP added blank lines to css it should not be adding things to the CSS? It may only do this when it wraps window but I think not it appears to add blank lines. Imagine the damage to a 1000 line CSS it spaces every entry by 1 line!!!!!!!!!!!!!! It stiil works but it messes it up. THAT IS COFIRMED ONE EDIT DOUBLE SPACE ENTIRE CSS... VERY BAD Here is part of the problem but not the double space in total. When you down load the file in FTP and it is in windows encoding the line endings. So you ftp back and all is fine. Now you are at the coffee shop and what a quick change, so you login to WP admin and theme editor edit CSS. Now you get home and download in ftp to continue your work on CSS. The file is now mac formatted (or thinks it is) so when you edit the line endings do not contain the right line breaks for windows OR WP theme editor as it ignores them. This explains the wierd spacing though not the double spacing .... why is it converting to mac and yet ignores mac?! weird.. it adds a CR tag must be bug again though its still double spacing on edit IN windows line ending though if you down load cSS its tagged mac format... Use notepad 2 or Note pad plus to see the error. When ever you edit with !WordPress editor it adds cr and says css is now mac formatted. FTP download the file and now see all the extra CR's it adds. So it likes CR only so I convert to CR only and it beaks CSS it wants CR LF to work but if that is the case why does the online editor add CR only????????????????????????? " Vistronic 26 9824 make better use of stubs when verbose rules should apply needs-unit-tests Rewrite Rules normal normal task (blessed) reopened 2009-05-15T01:03:56Z 2019-06-04T21:05:28Z "Related to: http://core.trac.wordpress.org/ticket/6603#comment:27 Problem fixed is: > posts show up as www.apexprd.org/page/2 and not /news-and-events/page/2 as it should. with permalinks set to /something/$postname%/ we arguably don't necessarily need verbose rules here, since there is a stub." Denis-de-Bernardy 16 9825 Enforce permalink history, outright needs-unit-tests Permalinks 2.8 normal normal enhancement assigned 2009-05-15T01:06:37Z 2019-06-04T20:40:43Z "currently, we enforce old slugs and www pref (not even sure that works, since I ended up fixing it in a plugin). canonical doesn't work for pages, or hardly. we should enforce permalink history, outright. store it in a a db field, and query against it to optimize url2post()." Denis-de-Bernardy 13 9968 dynamically adding/removing filters breaks plugins needs-unit-tests Plugins low normal Awaiting Review defect (bug) reopened 2009-05-28T23:43:11Z 2020-03-02T15:43:22Z "noticed this while doing something similar to this: {{{ add_action('foo', 'bar1', 10); add_action('foo', 'bar2', 20); function bar1() { remove_filter('foo', 'bar1', 10); } }}} in the above, bar2() doesn't get called. it is because of the usage of next()/current() to loop through filters. attached patch uses a foreach loop instead, to make it work." Denis-de-Bernardy 17 9978 Sticky Posts are not ordered correctly after selection has-patch Query 2.8 normal normal enhancement assigned 2009-05-29T23:14:06Z 2019-06-04T20:40:44Z "In WP_Query, sticky posts are added/moved to the top of the posts array after everything else is selected and ordered according to the query parameters. Sticky posts are loaded as a list of post_IDs from the database, according to the order they were marked as sticky. Sticky posts that were not originally part of the returned posts are queried and added into the collection of sticky posts separately. None of the handling of sticky posts, or the handling of the entire post array after stickies are added, is date ordered by date/title/whatever was requested. Stickies need to be loaded/extracted into a separate array, ordered (independently) according to the original query, then added to the top of the post array." beaulebens 8 9993 Rss and atom feeds are dropping some characters stevenkword has-patch Feeds 2.7.1 normal normal defect (bug) assigned 2009-05-31T23:54:40Z 2019-06-04T19:42:35Z "Blog post with title: {{{ & > test < }}} has the less than ( < ) is stripped from the atom and rss feed. " pm24601 25 10033 wpautop problems with html comments and object tags needs-unit-tests Formatting 2.8 normal minor defect (bug) new 2009-06-04T12:06:35Z 2019-06-04T19:42:36Z "Bumped into this one when upgrading my mediacaster plugin to use swfobject 2.1 (which is not 1.5 compatible), as documented here: http://code.google.com/p/swfobject/wiki/documentation I take it I'm not the only one who is going to need to upgrade a plugin. It's minor, since I'll just move the filter further down in the queue, but it's still worth reporting: {{{ <object id=""m544cf9700db147f751dc34ea1241d8bd"" classid=""clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"" width=""320"" height=""260""> <param name=""movie"" value=""http://www.youtube.com/v/_nkZ3eHeXlc"" /> <!--[if !IE]>--> <object type=""application/x-shockwave-flash"" data=""http://www.youtube.com/v/_nkZ3eHeXlc"" width=""320"" height=""260""> <!--<![endif]--> <p><a href=""http://www.macromedia.com/go/getflashplayer"">Get Flash 9.0</a> to see this player.</p> <!--[if !IE]>--> </object> <!--<![endif]--> </object> <script type=""text/javascript""> //swfobject.registerObject(""m544cf9700db147f751dc34ea1241d8bd"", ""9.0.0""); </script> }}} Gets turned into the following mess: {{{ <object id=""m544cf9700db147f751dc34ea1241d8bd"" classid=""clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"" width=""320"" height=""260""><param name=""movie"" value=""http://www.youtube.com/v/_nkZ3eHeXlc"" /><!--[if !IE]>–><br /> <object type=""application/x-shockwave-flash"" data=""http://www.youtube.com/v/_nkZ3eHeXlc"" width=""320"" height=""260""><br /> <!--<![endif]--></p> <p><a href=""http://www.macromedia.com/go/getflashplayer"">Get Flash 9.0</a> to see this player.</p> <p><!--[if !IE]>–><br /> </object><br /> <!--<![endif]--><br /> </object><br /> <script type=""text/javascript""> //swfobject.registerObject(""m544cf9700db147f751dc34ea1241d8bd"", ""9.0.0""); </script> }}} So, two/three issues: - wpautop should also ignore double object tags, and html comments - wptexturize should ignore html comments" Denis-de-Bernardy 10 10219 """Older Entries"" and ""Newer Entries"" links are wrong when entries displayed in ascending order" has-patch Posts, Post Types normal normal enhancement new 2009-06-19T16:41:02Z 2019-06-04T20:40:45Z "I added ""?order=ASC"" to a tag URL I was sending out to some people, because I wanted them to view a set of blog postings in ascending chronological order, and I noticed that the ""Older Entries"" and ""Newer Entries"" links at the bottom of the page were reversed. I fixed this with the attached changes to the default theme. I don't know if this is the ""right"" fix, but it worked for me, and if it isn't quite wrong, perhaps at least it will give a more experienced WordPress developer than I an idea for how to fix it properly. " jikamens 5 10230 get_pages function: number and child_of parameters conflict has-patch Posts, Post Types 2.8 normal normal defect (bug) assigned 2009-06-21T19:26:29Z 2021-01-15T23:31:39Z "Passing both number and child_of parameters to get_pages will produce nonsensical results. Within the function number is used first to limit the number of results, then child_of is used to establish results within a certain hierarchical scope. So with a structure of: {{{ Parent 1 Parent 2 Parent 3 Child 1 Child 2 Child 3 }}} passing a number=2 and child_of=(parent 3 id) will not give the expected output. In this case, the result will first be limited to only include: {{{ Parent 1 Parent 2 }}} so the child_of will be ignored. To produce a more logical result, child_of should be evaluated first, then number should be evaluated to limit the result set." ortsaipekim 7 10249 Page slug in cyrillic = Error 404 - Not Found! westi needs-unit-tests Permalinks 4.9.5 normal normal Future Release defect (bug) reopened 2009-06-23T19:44:34Z 2022-06-22T01:20:33Z "When I create a page with page slug for example ""киро"" then when I try to open domain/киро - Error 404 - Not Found The permalinks are %postname% Post slug with this slug is working just fine, the same BUG exists in 2.7, 2.7.1 and 2.8" kalifi 60 10269 wysiwyg bug with shortcodes miqrogroove Formatting 2.8 low normal defect (bug) assigned 2009-06-25T11:29:42Z 2019-06-04T20:01:14Z "When inserting two consecutive shortcodes on separate lines, the wysiwyg editor will change the post's contents on save. {{{ [caption /] [caption /] }}} gets turned into: {{{ [caption /] [caption /] }}} the odd thing is that only genuine shortcodes get changed, too. the following is left alone: {{{ [notashortcode /] [notashortcode /] }}} " Denis-de-Bernardy 12 10275 Filter logic has been put into the template loader while it not belongs there. dev-feedback Themes 2.8 normal normal defect (bug) reopened 2009-06-25T20:22:34Z 2019-06-04T21:05:33Z "Some time ago, filter logic has been introduced in the template-loader. Looks like a fix for the inability to handle attachments propperly (WP misses more and more a strict request parsing so that newer features tend to introduce more and more bugs). The code has not been removed yet. It should be removed there or put into a more appropriate location. The code in question is: {{{ remove_filter('the_content', 'prepend_attachment'); }}} in /wp-inclueds/template-loader.php around line 30." hakre 2 10384 Make IIS Permalink support enabled based on capability not on version number westi Permalinks 2.8 normal normal enhancement new 2009-07-11T08:37:44Z 2019-06-04T20:40:48Z "At the moment we enable the IIS permalink support based on checks for IIS7 and then some capabilities. We should remove the version checking and work solely on capabilities so that we don't have to revisit when IIS8 is released." westi 10 10390 attachments should store the WP uploads path that was configured when they were uploaded dev-feedback Media 2.8.1 normal normal enhancement reopened 2009-07-12T10:34:51Z 2019-06-04T20:01:48Z "When you upload an image, currently, the uploads path (defaults to wp-content/uploads) is not stored. If you change this later on to something else, previously inserted galleries no longer work, among multitudes of other problems." Denis-de-Bernardy 13 10404 dbDelta creates duplicate indexes when index definition contains spaces has-patch Database 2.8.1 normal normal enhancement reopened 2009-07-14T10:59:54Z 2023-01-21T16:01:09Z "I was adding a much needed index in wp_object_term_relationships, and testing revealed it was getting added multiple times. This works as intended: {{{ CREATE TABLE $wpdb->term_relationships ( object_id bigint(20) unsigned NOT NULL default 0, term_taxonomy_id bigint(20) unsigned NOT NULL default 0, term_order int(11) NOT NULL default 0, PRIMARY KEY (object_id,term_taxonomy_id), UNIQUE KEY reverse_pkey (term_taxonomy_id,object_id), KEY term_taxonomy_id (term_taxonomy_id) ) $charset_collate;""); }}} This doesn't: {{{ CREATE TABLE $wpdb->term_relationships ( object_id bigint(20) unsigned NOT NULL default 0, term_taxonomy_id bigint(20) unsigned NOT NULL default 0, term_order int(11) NOT NULL default 0, PRIMARY KEY (object_id,term_taxonomy_id), UNIQUE KEY reverse_pkey (term_taxonomy_id, object_id), KEY term_taxonomy_id (term_taxonomy_id) ) $charset_collate;""); }}} the only difference between the two is a space in the reverse_pkey column list. we should remove spaces in there to avoid potential bugs." Denis-de-Bernardy 21 10425 Improvements to IIS7 Rewriting Code dev-feedback Permalinks 2.8.1 low normal enhancement assigned 2009-07-16T14:12:09Z 2019-06-04T21:03:34Z "#8974 introduced a set of functions and changes which allow to automatically generate Rewrite Rules for Wordpress installs running on IIS7. There are some issues with that implementation that I think are worth being written down and discussed somewhere so here we go: 1) There's no '''""Verbose"" option''' for IIS rules; while I can't say when it would make sense to have a verbose listing of all WordPress rewrite rules in `.htaccess`/`web.config` it might be something that should be available for both systems? 2) IIS does not add '''non wordpress rules''' (`$non_wp_rules`) to the `web.config` file (`iis7_url_rewrite_rules()`) which means that any custom rewriting which plugins/users can do on apache don't work on IIS. 3) At the moment it's assumed that there is only ONE single rule needed for IIS. Especially when looking at the merge with WPMU this is going to become a problem because WPMU uses '''multiple rules'''. Every rule has to have a unique name and functions like `iis7_rewrite_rule_exists()` and `iis7_delete_rewrite_rule()` only look for one rule with name ""wordpress"". Custom Rules (see 2) also won't work without a change here. For a partial fix see misc.php in [http://trac.mu.wordpress.org/attachment/ticket/991/991-webconfig.patch Patch on MU #991]) Any comments?" bforchhammer 9 10432 Dynamic classes for current blog post item, current term item Themes 2.8.1 normal normal enhancement new 2009-07-17T14:35:33Z 2019-06-04T21:05:34Z "wp_list_pages() produces a class .current_page_item for the page you are currently viewing. This makes it possible to style the current page item different from the other page items in the list. But there are several other places the same functionality would come in handy: There should be equivalent ways to style the current blog post item in the Recent Posts widget, the current category in wp_list_categories(), and the current tag in wp_tag_cloud('format=list')." dnusim 3 10483 Change post_name's length from 200 to 400 SergeyBiryukov dev-feedback Permalinks normal minor Future Release enhancement reviewing 2009-07-25T06:31:52Z 2023-12-29T16:39:52Z "Hello, guys! Thank you very much for providing such a great piece of software! I love WordPress very much! :) I use WordPress in Russian language and the URLs on my [http://www.ielnur.com blog] consist of Russian characters. There is a [http://www.ielnur.com/blog/2009/05/снова-бросить-курить-30-тидневное-испытание/ post] with not such a long URL in Russian, but since it gets encoded to special characters it becomes too long to get fit into `post_name` field of `post` table. I've found what code needs to be changed to increase the length. I make these changes every time a new version is released. I think it would be better to submit a patch here so that others people can benefit from it and I will not need to make those changes every release. I'm attaching the patch to this ticket and asking you to apply it to the code. Thank you very much again, guys! You do a great job! :) Cheers, Elnur" elnur 52 10511 Enclosure Custom Fields are automatically deleted has-patch Feeds 2.8 high major Future Release defect (bug) reopened 2009-07-29T14:20:16Z 2024-03-15T06:49:23Z "This bug was introduced by Ticket [http://core.trac.wordpress.org/ticket/6840 6840]. I and many other people only wanted specific fields added as an enclosure (like media files for podcasting) and have added those enclosures as custom fields. Now any time we edit those hundreds of posts, or create a new post, those custom fields are deleted by this ""bug fix"" and there is no way around it without changing code in the functions.php file and then having to redo it anytime an update comes out. Was there no thought put into the great idea of ""let's delete any enclosure field that doesn't have a link in the body of a post""? Wasn't the whole idea of custom fields originally for things like enclosures?" animepulse 27 10535 _wp_filter_build_unique_id issues with the first time a filter is hooked by a class has-patch Plugins 2.9 normal normal defect (bug) reopened 2009-08-02T12:22:18Z 2019-06-04T20:40:50Z "Ref #8723 The first time _wp_filter_build_unique_id is used to generate an ID the ID returned is different to the second time it is called. This presents a problem if the first ID is used when adding a filter which then needs to be removed later in the app flow... as the IDs don't match the filter is unremovable. One workaround proposed is to set a wp_filter_id property before add the filter, and this will cause _wp_filter_build_unique_id to bypass the problem code and effectively forces the ""unique"" ID which is generated... this workaround feels unpoetic. ;)" simonwheatley 27 10543 Incorrect (non-UTF-8) character handling in tag's name and slug westi* needs-unit-tests Charset 2.8.2 normal normal defect (bug) accepted 2009-08-04T05:26:11Z 2019-06-04T19:21:33Z "Incorrect (non-UTF-8) character tag's name and slug are handled in different way: name is truncated on 1st such character, and in slug they are just removed (no truncation). WP should handle both in the same way - drop invalid characters, instead of truncation. I found this issue recently. One of the Polish programs for adding posts to the Wordpresses does not encode tags in UTF-8 - it left them in ISO-8859-2. I notified author of this bug. Unfortunately there are many copies around, so it may take a long time before everyone upgrade." sirzooro 20 10631 "wp-admin/users.php does not show pages under ""posts"" column" dev-feedback Users 2.8.4 normal normal Awaiting Review defect (bug) reopened 2009-08-16T18:51:20Z 2022-05-13T22:07:25Z "For some reason, the SQL query in '''wp-includes/user.php''' that gets the count of a user's posts excludes pages, so '''/wp-admin/users.php''' will not show an accurate picture of a user's contributions. This makes no sense at all: 1. posts and pages are first-class content types in WordPress and 2. they are both stored in the same table. Proposed solution: remove {{{ AND post_type = 'post' }}} from '''function get_usernumposts''' in '''wp-includes/user.php'''. This defect could result in incorrect interpretation of user activity, so marked as major severity." novasource 9 10653 Update comment_author when display_name changes SergeyBiryukov dev-feedback Comments 5.1 normal normal Future Release enhancement reviewing 2009-08-19T19:43:29Z 2021-04-05T12:31:54Z One thing that has bothered me recently is the fact that your previous comments doesn't get updated when your display_name is being updated. Which could cause some confusion. I wrote a function (see attached file for further reference) that takes care of this but I would love to see a similiar feature in the WordPress core. mptre 15 10660 Time zone suggester based on nascent WordPress.org API call rmccue dev-feedback Date/Time 2.8.4 normal normal Future Release feature request assigned 2009-08-20T05:59:42Z 2019-09-02T06:45:02Z "The attached patch uses a new API call to http://api.wordpress.org/core/ip-to-zoneinfo/1.0/ to retrieve a suggested time zone based on client (not server) IP address. A button is added next to the existing dropdown list of time zones providing the option to ""Suggest a time zone"". This calls the API using an AJAX/JSONP request which then auto-selects a time zone for the user from the dropdown. Visual feedback is via a spinner when fetching and then a text response. Additionally the Date and Time settings have been split out to a new settings page. Related ticket: #10324" sambauers 20 10663 Category name handling wrong function is_category has-patch Query 2.8.4 normal normal defect (bug) new 2009-08-20T15:40:46Z 2019-06-04T20:40:51Z "When putting numbers in front of the category names, Wordpress uses them as basis for the function is_category which leads to problems with e.g. plugins using this function. Example: - 3 Categories: ""News"" (id 1), ""1st Release"" (id 2), ""2nd Release"" (id 3) - Trying to check the category with is_category(1) works for news, but also returns true for the category ""1st Release"" - Trying to check the category with is_category(2) returns true for both, ""1st Release"" and ""2nd Release"" This behaviour is not expected. It might be interesting when you explicitely give the category numbers as names (e.g. ""1"", ""2"", ""3""). Changing the in_array function to a simple equal comparison makes everything work as expected." Azaroth 11 10690 WordPress does not support non-ascii characters in the domain name markjaquith needs-unit-tests Canonical 2.8.4 normal normal defect (bug) reopened 2009-08-26T18:26:13Z 2019-06-04T19:21:34Z WordPress' clean_url() strips out most characters, which are non-ascii for security reasons. This is causing problems, if you want to run a WordPress blog on a domain containing non-ascii-characters (e.g. müller.com), because WordPress generates wrong URLs on redirects. paddya 36 10762 Bulk editing creates invalid URIs Quick/Bulk Edit 2.8.4 normal normal Future Release defect (bug) assigned 2009-09-09T16:53:30Z 2018-12-16T02:57:02Z They simply get too long for example if you move 999 posts to trash. It might be helpfull to switch to the post form method. hakre 20 10823 Bad handling of ampersand in post titles has-patch Formatting 2.8 normal normal defect (bug) new 2009-09-21T10:59:50Z 2019-06-04T19:42:39Z "Titles with ampersand (&) are not correctly handled:[[BR]] 1/ the_title_attribute() doesn't transform & to & causing XHTML validation errors[[BR]] 2/ titles with & followed by ; generate truncated post name (slug) e.g. ""Test this & believe ; what ?"" => ""test-this-what""" Commeuneimage 17 10883 db-error.php not used for all DB failures Database 2.8.4 normal normal enhancement assigned 2009-10-01T02:45:28Z 2023-12-07T13:19:54Z "db-error.php (the optional custom DB error message file to be placed in wp-content) does not get included all the time. Sometimes wp-db.php will use its {{{bail()}}} method to spit out its own message. This code needs to be there too: {{{ if ( file_exists( WP_CONTENT_DIR . '/db-error.php' ) ) { require_once( WP_CONTENT_DIR . '/db-error.php' ); die(); } }}}" markjaquith 5 10931 Verify Comment Email Addresses of Registered Users has-patch Comments 2.8 normal normal Future Release enhancement assigned 2009-10-08T14:34:44Z 2021-05-06T09:05:36Z "When leaving a comment with an email address of a registered user, WordPress should force the visitor to login or change the email address in the comment form. Anyone can impersonate a blog's user if they know the user's email address." mtdewvirus 38 10955 Replace ThickBox dev-feedback External Libraries 2.9 normal normal Future Release enhancement reopened 2009-10-14T14:37:42Z 2023-11-10T16:01:17Z "Have you thought about replacing ThickBox? It is no longer under development (as their site says) and it doesn't conform to standard jQuery plugin practices. For example, I'm trying to use it for a plugin of mine and I'm wanting to tie into the ""onClose"" event for ThickBox which isn't too easily done. I know I could just include one of the other plugins, like colorbox, with my plugin but I think it'd be a great service to other developers if you included a more flexible library. (I would have assigned this to 3.0+ but the option isn't available.)" aaron_guitar 41 10970 Remove 'siteurl' setting from options-general.php has-patch Permalinks normal normal Future Release enhancement new 2009-10-17T18:52:10Z 2023-02-13T19:44:36Z "From #10957: azaozz: > Better to fix the cause for this: ""WordPress address"" (siteurl) shouldn't be changeable from Settings->General at all as it cannot be set safely there. Most users would just break their blogs if they change it. > It is set at install and only needs changing when WordPress is moved to another domain or (sub)directory. This happens very rarely and there are other (better?) ways to set siteurl. Denis-de-Bernardy: > in this case, we need to make sure the www. pref is passed on to the site_url. else we're bound to get massive bugs (e.g. #9873) " scribu 32 10975 comment form nonce Comments normal normal Future Release enhancement new 2009-10-19T06:49:16Z 2020-02-27T17:33:32Z "This adds a nonce to public comment forms, via the comment_form action. " tellyworth 18 10984 If content uses the nextpage tag then only the first page is shown in feeds has-patch Feeds 2.8.4 normal normal defect (bug) assigned 2009-10-20T11:03:11Z 2019-06-04T19:42:43Z "If content uses the nextpage tag then only the first page is shown in feeds if the ""full text"" option is selected in ""Settings > Reading > Show Full Text (in feed)"". No links are displayed to read the full content and no indication is given in the feed that it isn't the full content. I think the behaviour should be to ignore pagination in feeds which are set to ""full text"". I have attached a patch which alters the behaviour of the_content() so that if it is used in the context of a feed it concatenates the pages to form the full content and returns that." simonwheatley 42 11049 Page Preview does not autosave page template nacin* dev-feedback Autosave 2.8.4 normal normal defect (bug) accepted 2009-10-30T21:19:34Z 2019-06-04T19:21:39Z When editing a published page, if you change the page template and then click Preview, the preview does not show the new template choice. janeforshort 16 11160 Inconsistancies in Naming and Using Sidebar Names and IDs. azaozz needs-unit-tests Widgets 2.9 normal normal defect (bug) new 2009-11-17T12:58:55Z 2019-06-05T06:37:18Z "register_sidebar() allows more sidebar names and IDs to be registered than dynamic_sidebar() recognizes as valid names and IDs. For example, register_sidebar() allows me to name a side bar ""1"" with a id of ""first"". I don't know why anyone would choose those values, but register_sidebar() allows it [1]. {{{ register_sidebar( array('name' => 1, id => 'first') ); }}} dynamic_sidebar() will not be able to find the sidebar given its name (1). {{{ if ( is_int($index) ) { $index = ""sidebar-$index""; /// 1 becomes 'sidebar-1' ... }}} The main problem is that dynamic_sidebar() is trying to process both IDs and names through the same variable ($index) while register_sidebar() separates the two with an array ( array('name' => 'Top', 'id' => 'sidebar-1' ). According to the in-line docs for dynamic_sidebar(): It is confusing for the $index parameter, but just know that it should just work. When you register the sidebar in the theme, you will use the same name for this function or ""Pay no heed to the man behind the curtain."" Just accept it as an oddity of WordPress sidebar register and display. It does ""just work"" if you never use your own sidebar IDs. I started looking at this because I wanted to use is_active_sidebar() which tests to see if a dynamic_sidebar() has anything in it. There is no get_dynamic_sidebar(). dynamic_sidebar() sends everything to the browser or returns false. {{{ register_sidebar( array('name' => 'Top') ); // id defaults to ""sidebar-1"" ... if ( is_active_sidebar('Top') ) dynamic_sidebar('Top'); }}} Which fails because is_active_sidebar() just completely skips over searching for an id to go with a name. To get it to work you need to know when it was registered. Not something theme authors and designers are going to follow easily. There's a ticket to fix this: [http://core.trac.wordpress.org/ticket/10440 #10440] {{{ if ( is_active_sidebar(1) ) dynamic_sidebar('Top'); }}} Like dynamic_sidebar(), is_active_sidebar() converts 1 to ""sidebar-1"". Unlike dynamic_sidebar() it assumes everything is entered as an id. unregister_sidebar() assumes its parameter (incorrectly named $name, not $id) is an id. But it wants a literal id, like ""sidebar-1"". unregister_sidebar(1) unregisters a sidebar with an id of 1, while dynamic_sidebar(1) tries to display a sidebar with an id of ""sidebar-1"". === Widgets (Admin Page) === The dynamic_sidebar() function is used by the Widgets management page. So, it is possible to create a sidebar with register_sidebar() that dynamic_sidebar() cannot find. You can populate it with drag and drop [2] and not have it appear on the web site. == After Patch == If committed, this patch would remove the need for tickets [http://core.trac.wordpress.org/ticket/10440 #10440] and [http://core.trac.wordpress.org/ticket/10956 #10956]. It changes the current argument behavior of unregister_sidebar(), but doesn't break backward compatibility. It allows is_active_sidebar(), unregister_sidebar() and dynamic_sidebar() all point to the same sidebar. === Before === These all refer to the same sidebar: {{{ is_active_sidebar(1); unregister_sidebar('sidebar-1'); dynamic_sidebar('Sidebar Top'); }}} In an admittedly contrived case, dynamic_sidebar() would silently fail to allow this sidebar to show: {{{ register_sidebar( array('name'=>'Sidebar Top', 'id' => 1) ); }}} === After === These all refer to the same sidebar (the first two would have broken before the patch): {{{ is_active_sidebar('Sidebar Top'); unregister_sidebar('Sidebar Top'); dynamic_sidebar('Sidebar Top'); }}} After the patch this shows fine: {{{ register_sidebar( array('name'=>'Sidebar Top', 'id' => 1) ); }}} After the patch it is possible to force an argument to be only a name or only an id: {{{ is_active_sidebar(array( 'name' => 'Sidebar Top' )); unregister_sidebar(array( 'name' => 'Sidebar Top' )); dynamic_sidebar(array( 'id' => 1 )); }}} === Notes === [1] register_sidebar() allows the user to override the default setting of: 'id' => ""sidebar-$i"", [2] When you refresh the Widgets management page the widgets will disappear from the sidebar. They are still attached to a sidebar, but dynamic_sidebar() cannot see the sidebar." CharlesClarkson 24 11207 WordPress may display incorrect message when post is saved/published/etc has-patch Posts, Post Types 2.9 normal normal Future Release defect (bug) assigned 2009-11-20T20:23:23Z 2023-11-30T01:24:00Z When post is saved, WP calls `wp_insert_post_data` filter. Plugin can use it to change post status. But even post status has been changed via plugin, WP still displays message basing on action originally executed by user. Need to change this and take into account final post status too. sirzooro 16 11235 "Pages whose ancestors are not all ""published"" cannot be used as parents for other pages." needs-unit-tests Posts, Post Types 2.9 normal normal Future Release defect (bug) new 2009-11-23T01:04:01Z 2019-06-04T18:12:41Z Pages with trashed parents cannot be used as parents for other pages (they do not appear on the list). caesarsgrunt 10 11248 Paged wp_list_comments() should always output something boonebgorges has-patch Comments 2.9 normal normal defect (bug) assigned 2009-11-24T06:00:23Z 2019-06-04T19:21:40Z "Enable comment paging on your blog and visit `http://yourblog.com/a/single/post/comment-page-999999/`. Note no comments will be displayed. There's situations where the comment form will redirect you back to the wrong page (for example if you mess with the type parameter and exclude pings). The Walker should detect if there's no comments to be displayed on the requested page and if that's the case, then display the latest page that actually has comments." Viper007Bond 11 11297 Don't email the admin when they create a user from the backend dev-feedback Users 2.9 low minor enhancement new 2009-12-01T12:05:31Z 2019-06-05T06:44:57Z "I just created the user myself. I already know I did it. I don't need to be told again. Emails should only be sent to the admin when a user registers themselves (if that is enabled). They shouldn't be sent when the admin manually creates a new user." caesarsgrunt 10 11311 kses converts ampersands to & in post titles, post content, and more Posts, Post Types 2.9 normal normal Future Release defect (bug) new 2009-12-03T01:49:32Z 2022-08-03T15:41:48Z "Make a test user that has the ""author"" role (i.e. no `unfiltered_html`) and write a post with a title that has `&` in it. After saving, it will becomes `&` due to `wp_filter_kses()`. It gets saved in the database this way too. It's confusing to the user." Viper007Bond 21 11381 display_page_row() generates boat loads of needless queries pbearne Posts, Post Types normal normal defect (bug) assigned 2009-12-10T12:41:45Z 2024-02-22T22:43:04Z "on sites with many static pages that are spread across multiple parents, display_page_row() triggers multitudes of calls to the db. specifically, it's repeatedly calling get_pending_comments_num(). it's also calling get_editable_user_ids() and wp_dropdown_users(), both of which do not seem to cache their results in case they're used several times on the same page." Denis-de-Bernardy 10 11398 new sort method for query_posts (order by last comment date) Query 2.9 normal normal enhancement assigned 2009-12-11T15:44:42Z 2019-06-04T20:40:57Z "I think we need sorting by latest post comment ability for query_posts. ""Recent comments"" plugins does this but we need this sorting in the core. BBPress is planned as a WP plugin according latest chat logs posted by Matt. We gonna have to need this anyway." erden.ozkan 6 11465 custom field duplicated westi* Editor 2.8.4 normal minor Future Release defect (bug) accepted 2009-12-16T21:09:23Z 2022-06-08T22:40:11Z "When I enter the information for a custom field and click on Preview without first clicking Add Custom Field, the custom field is saved. But then when I click Publish, it is saved again, appearing in the post twice. If I click Add Custom Field before Preview, subsequent Publish does not duplicate the custom field. But it is very convenient and efficient to be able to avoid a separate save of the custom field. " ericr23 11 11472 Should QuickEdit remove posts from lists as needed? Quick/Bulk Edit 2.9 low minor Future Release enhancement new 2009-12-17T10:29:38Z 2019-12-09T17:54:37Z "Create a draft post. Visit Posts / Edit, and quickedit the draft. Set its status to Published and save. It remains around, with the published status, instead of being removed from the list. Reporting this just in case, as it might be a UI feature rather than a bug. " Denis-de-Bernardy 10 11515 Admin needs standardized way of handling messages (notices) displayed to the user Administration 3.0 normal normal Future Release enhancement new 2009-12-19T19:53:03Z 2018-11-16T18:43:03Z "If you try to upload a media item under Media > Add new without an uploads directory, you get the following vague error message: {{{ Error saving media attachment. }}} If you try instead to upload from the post edit page, you get a much more helpful message: {{{ Unable to create directory /path/wp-content/uploads. Is its parent directory writable by the server? }}} In each case, the root error is the same, but the second error message points the way to a solution. Even if the user doesn't know herself what that message means, it's a message that provides the necessary information to someone else who does and is trying to help the user. The first message is completely useless, as it states only what we already know: something went wrong. The reason Media > Add new doesn't offer a helpful message is that the error is generated on one page request, and ''then'' the user is redirected to another page. We need a standard, cross-page-load way of conveying messages in admin. I've thought of a few possible ways of doing this: * Define and use a standardized set of error codes and associated error messages. This is similar to what happens currently on many pages: the unhelpful ""Error saving media attachment."" appears when the message argument is set to ""3."" What I'm suggesting would use a common set of message codes across the admin and be much more detailed. So the above situation would instead produce a message like ""Unable to create the uploads directory."" * Save error messages to a cookie. Unlike the previous method, this would allow messages to be made particular to their event. * Have some kind of user messaging stack. New messages would be pushed into a user's stack (stored in usermeta) and popped off after a certain time, or when read, etc. This has the advantage of lasting across sessions and browsers and being usable for other applications, such as PMs between users. What do you think?" filosofo 23 11538 Unbundle Hello Dolly westi has-patch Plugins 3.0 normal normal enhancement reopened 2009-12-20T22:47:27Z 2024-03-02T21:23:22Z "Now that WordPress is a mature platform, having Hello Dolly as a default plugin is really a bit of an embarrassment. With the impending focus on canonical plugins, this strikes me as a good opportunity to remove Hello Dolly and replace it with a plugin which is actually useful. Hello Dolly could be kept in the repo for the sake of nostalgia if it's wanted by anyone..." caesarsgrunt 29 11585 WordPress should cache failed feed fetches so as to avoid overloading feed sources pbearne has-patch Feeds 2.9 normal normal enhancement assigned 2009-12-24T02:25:17Z 2024-02-22T23:43:57Z "Following up on #11219, which fixed the cause of that particular error, but not the one that related to caching of feed errors. When SimplePie fails to fetch or parse a feed, it should not hammer whichever server the feed came from on every page load. This is bad for two reasons: it disturbs the originating server, and it tremendously slows down page loads when the feed is in an RSS widget on the front end. Instead, we should cache the error for a reasonably long amount of time (15 minutes? An hour? More?) and bypass SimplePie until that duration expires." Denis-de-Bernardy 9 11678 wpautop() fails on uppercase closing tags dev-feedback Formatting 2.9 normal normal defect (bug) new 2009-12-31T11:26:11Z 2019-06-04T19:42:47Z "To reproduce, in a post enter: {{{ <p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</P> }}} View the post (source) and you get: {{{ <p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</P></p> }}} Because I (incorrectly) entered an uppercase closing </P> tag, wpautop() thinks there is no closing tag so adds a </p>, which then often renders as a double <p> tag. Close if this is not a bug, though I thought it may be good to do some sanitizing or something on uppercase tags. " joehoyle 5 11697 Keep private posts in the admin area / Was: Make private posts a canonical plugin has-patch Posts, Post Types 2.9 normal normal defect (bug) assigned 2010-01-02T21:33:21Z 2021-09-08T14:44:42Z "Said Matt: > Also, a lot of the complexity of private posts could be avoided by a relatively simple change: saying they're only viewable in the dashboard. (Which I think is close to how people use them already.) ---- There are quite a few tickets related to private posts that can be viewed by users who should, and even more tickets related to private comments that can be viewed by users who aren't authorized to view the post. There also is at least one ticket that highlights a performance issue related to private posts. http://core.trac.wordpress.org/search?q=private Would it be an option to turn this into a canonical plugin and begone with the problems?" Denis-de-Bernardy 17 11734 trackback_rdf() for IDN (xn--) Domains produces invalid HTML has-patch Comments 3.1 normal normal defect (bug) new 2010-01-06T01:10:55Z 2019-06-04T19:21:42Z "Hello The trackback_rdf() function from wp-includes/comment-template.php wraps the ""<rdf:RDF>...</rdf:RDF>"" output inside ""<!-- ... -->"" HTML comments, probably to be safe as not all Browsers understand them. When using Wordpress 2.9.1 on a site with an international domain name [1] that contains special characters like German ""Umlauts"" like äöü, this domain name is written as e.g. xn--tst-qla.de for täst.de. Now the output of trackback_rdf() suddenly gets a ""--"" which is the SGML/HTML comment separator mark [2]. Firefox 3.5.6 e.g. sees this as the end of the comment and therefore shows the final ""-->"" as text to the user. As the whole RDF tag is supposed to be invisible for the user, it's a bug in Wordpress :-( Here is an real world example output: {{{ <p class=""post-tags""> </p> <p class=""post-info""> </p> <!-- <rdf:RDF xmlns:rdf=""http://www.w3.org/1999/02/22-rdf-syntax-ns#"" xmlns:dc=""http://purl.org/dc/elements/1.1/"" xmlns:trackback=""http://madskills.com/public/xml/rss/module/trackback/""> <rdf:Description rdf:about=""http://xn--bcher-entdecken-zvb.de/wordpress/index.php/wortlieblinge/"" dc:identifier=""http://xn--bcher-entdecken-zvb.de/wordpress/index.php/wortlieblinge/"" dc:title=""Wortlieblinge"" trackback:ping=""http://xn--bcher-entdecken-zvb.de/wordpress/index.php/wortlieblinge/trackback/"" /> </rdf:RDF> --> </div> }}} Sadly I have not yet come up with a solution. PHPs urlencode() does not escape a double dash - which is ok as its usually perfectly valid. Maybe someone with RDF experience has a good idea. bye, -christian- [1] http://en.wikipedia.org/wiki/Internationalized_domain_name#Example_of_IDNA_encoding [2] http://htmlhelp.com/reference/wilbur/misc/comment.html " lathspell 7 11740 Sorting tags and towns does not work well for utf-8 nbachiyski dev-feedback I18N 2.9 normal normal Awaiting Review defect (bug) new 2010-01-06T12:42:24Z 2024-02-28T16:41:53Z "There are problems with sorting special Czech characters: 1) Options - General - Timezone selection. Evropa (Europe) First item should be Amsterdam, but instead of it there is ""Řím"" (Rome in Czech). And this is not right, character Ř should be between R and S. 2) Editing posts - Select from most used tags. You can create tags ""Rome"", ""Amsterdam"" and ""Řím"". Tags are also sorted in a bad way, first is ""Řím"". It is very problematic for Czech users when there are many tags, because it does not help them..." pavelevap 12 11800 doubled execution of cron jobs westi dev-feedback Cron API 2.9.1 normal normal Future Release defect (bug) new 2010-01-07T11:17:53Z 2021-04-04T10:34:28Z "Hi, as I've already mentioned in ticket #11505 , cron-jobs occasionally get executed twice (e.g. daily backup arrives two times). I've changed the code according to the patch attachment:ticket:11505:ticket-11505-stop-gap.patch (which derives from [http://wpengineer.com/ping-problem/]) after my comment:ticket:11505:49 and had no doubles within this time period. This week I've upgraded to WP 2.9.1 and since then backups arrive two, sometimes three times, again. Looking at the changes from 2.9 to 2.9.1, I have no other explanation for this behavior. - Maybe we should consider having a closer look again on this patch attachment:ticket:11505:ticket-11505-stop-gap.patch . Greetz, Berny" neoxx 7 11856 URL for 1st comments page is not canonical markjaquith dev-feedback Canonical 3.0 normal normal Future Release defect (bug) new 2010-01-10T19:17:42Z 2023-10-19T20:04:59Z "When WP generates URL for comments, it always includes comments page number. It should not do this when URL is for 1st comments page - in this case post URL is sufficient. WP should also redirect to canonical URL version when someone will try to load URL like site.com/some-post/comment-page-1." sirzooro 12 11869 Multisite upgrade notice at wpmu-upgrade-site.php isn't steadily visible. Upgrade/Install 3.0 normal minor Future Release enhancement new 2010-01-11T22:03:14Z 2017-04-23T20:39:16Z "When upgrading (Site Admin > Upgrade) wordcamp.org, it started upgrading each site and flashing a list of 5 sites at a time that had been upgraded (too quickly to really be read beyond the first item in each list). When it flashed through all the screens, it showed ""All done!"" and nothing else. Preferred UX would be to list the sites in order as they are upgraded but in a single persistent list rather than in flashing batches of five, and to show the all-done message on the same screen, with the list of everything that has been upgraded. It would be good to have the text appear at bottom of list (in sequence) but to also drop in an alert message at top of screen. " jane 18 11877 Resized Images lose their EXIF data Media 3.0 normal normal enhancement reopened 2010-01-12T10:47:55Z 2019-06-04T20:01:51Z The thumbnail, and medium re-sized images do not keep EXIF data of the original image. thee17 17 11895 Allow more specific image size editing dev-feedback Media normal normal feature request new 2010-01-14T15:12:28Z 2019-06-04T20:01:54Z "Instead of allowing only some combinations of 'thumbnail', 'medium', 'large', 'full' I would like to have the ability to select which of these I would like to crop. So for example, only 'thumbnail' and 'medium'. With the current trunk this is not possible. I created a patch that adds this ability by changing the radio boxes of ""apply changes to"" in the image-edit page to checkboxes for each of the 4 possible sizes." frankgroeneveld 18 11903 insert_with_markers is not threadsafe westi* has-patch Permalinks 2.9 normal major defect (bug) accepted 2010-01-15T06:27:45Z 2019-06-04T20:41:02Z "From wp-admin/includes/misc.php the function insert_with_markers may be called multiple times on a busy server and if the htaccess is already in the process of being written it is possible that two PHP threads could attempt to write to it causing corruption such as the following: {{{ # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress s }}} Notice the dangling 's' at the last line" strings28 18 11931 Day/Month/Year Permalink Structure Fails in Archives Rewrite Rules 2.8.6 normal normal enhancement reopened 2010-01-17T14:53:37Z 2019-04-05T17:40:57Z "If you use a permalink structure with %day%/%monthnum%/%year% then the archives automatically become date/%day%/%monthnum%/%year%. WordPress automatically makes the links to monthly archives date/01/2010 etc (which is good), but if you go to it you get a 404 not found. Reproduce using for example /%post_id%/%postname%/%day%/%monthnum%/%year%/ I ""fixed"" it with this plugin I wrote, but it will probably fail when things like /page/2/ come into play (that wasn't really important yet). " Frenzie 4 11950 Sticky Posts are too aggressive has-patch Query 2.9.1 normal normal enhancement reopened 2010-01-19T15:43:50Z 2019-06-04T20:41:04Z "I don't think the default behavior should be to have sticky posts included every time a query_posts() is used. I realize you can set the 'caller_get_posts' argument to avoid sticky posts from being added, however having to do this everywhere becomes a burden. What are your thoughts on having the WP class add 'include_sticky' var to the_query if it isn't already set and then not include the sticky posts by default?" prettyboymp 13 12056 "target=""_blank"" being stripped from Profile Bio and Category Description" dev-feedback Formatting 2.9.2 normal normal Future Release enhancement new 2010-01-27T16:50:00Z 2019-10-29T11:02:01Z "Many apologies if this is a duplicate. I have searched but did not find it yet posted. I noticed that target=""_blank"" is being stripped from my ""a href"" tags my profile ""Biographical Info"" field even though the ""a href"" with the URL and closing tag still remain. It happens every time I save my profile. This was independently verified. It is a regular wordpress install running 2.9.1 (not wordpressmu, etc.). My original thread can be found here: http://wordpress.org/support/topic/355388?replies=1" lovewpmu 15 12084 allow preserving HTML in the_excerpt (specify allowed tags for strip_tags in wp_trim_excerpt) has-patch Formatting 3.0 normal normal enhancement new 2010-01-29T22:36:40Z 2019-06-04T19:42:50Z Right now, `wp_trim_excerpt` is destructive. You can filter it, but once tags are stripped, you can't get them back without recreating the excerpt from the raw input. It would be nice if theme developers had an option to preserve at least some of the HTML formatting when using excerpts as post teasers (see #9260). sillybean 2 12104 'moderate_comments' capability by itself should grant the user the permission to See/Edit all comments from the Comments menu. has-patch Comments 3.0 normal normal Future Release defect (bug) new 2010-01-31T22:25:24Z 2021-11-08T19:10:31Z "I tried to create a Comment Moderator role today and realized it wouldn't work. My intention was to create a role for people who can't write or edit posts, but can keep an eye on the comment threads. I created the role like so: {{{ #!php add_role('moderator', 'Moderator', array( 'read' => 1, 'moderate_comments' => 1, )); }}} ... then created a new user with that role. When I logged in as my test user, I realized that it was for all intents and purposes a Subscriber. I couldn't see any admin panels but the Dashboard, my profile, and the Tools. I went poking around in edit-comments.php and discovered that it's checking for another capability altogether: {{{ #!php if ( !current_user_can('edit_posts') ) wp_die(__('Cheatin’ uh?')); }}} I double-checked wp-admin/includes/menu.php and it agreed that 'edit_posts' was the minimum capability to see this page, so I tried adding 'edit_posts' to my new role, and I still couldn't get there. Later on in edit-comments.php, when actually trashing a comment, there is a check for 'moderate_comments', but it's a moot point: this screen doesn't even show up in the admin menu, and if you navigate directly to it, you'll get the ""You do not have sufficient permissions to access this page"" message. I thought it was entirely possible I'd missed some finer point of creating roles, so I redid it with Justin Tadlock's excellent Members plugin, and that didn't work either. This behavior might be intentional, but if so, I'm not following the logic. I know roles are due for an overhaul in the next version or two." sillybean 34 12208 Add Quick Edit To Media Library list view dev-feedback Quick/Bulk Edit normal normal Future Release feature request new 2010-02-12T01:45:12Z 2023-02-07T23:15:38Z I am requesting that a quick edit link be added to the media in the media library like what is on the posts page. I would like to quickly be able to edit titles, alts, and captions at least. queenofdiy 13 12257 wpdb Scales Badly Due to Unnecessary Copies of All Query Results dev-feedback Database normal critical defect (bug) assigned 2010-02-17T03:08:06Z 2019-06-04T19:21:45Z "While working on #11726, I encountered a reproducible crash in wpdb::query() The following code causes memory exhaustion on large result sets: {{{ while ( $row = @mysql_fetch_object($this->result) ) { $this->last_result[$num_rows] = $row; $num_rows++; } }}} The memory exhaustion message is error-controlled, causing a white screen of death even in debug mode. I searched wp-db.php for references to $this->last_result, and I found no justification for these object reference copies. $this->last_result '''should''' be maintained as a MySQL resource and properly optimized using the MySQL client layer instead of this PHP nonsense. Tagging for dev-feedback to discuss which Milestone is appropriate." miqrogroove 31 12286 bug and fix when importing from Movable Type Import normal normal defect (bug) new 2010-02-19T13:26:59Z 2019-06-04T20:01:57Z "I'm running WP Mu 2.9.1.1 and had a problem importing a Movable Type blog to WP and found a fix (sort of). Symptom: When importing a blog from Movable Type to a blog in WP, you are asked to assign (or map) WP authors to MT authors. But, it turns out that the first author on the list is assigned to all posts. The other authors selected are neglected. Therefore, all of the posts end up belonging to one author. Fix: I found the problem in wp-admin/import/mt.php. Specifically, ""$mtnames"" is not properly populated with authors from MT. So, I changed the code in function get_authors_from_post() as follows: function get_authors_from_post() { $formnames = array (); $selectnames = array (); $this->mtnames = $this->get_mt_authors(); I just added the last line shown above and then finally the import properly assings authors as intended. (There might be a better place to put the last line, however.) " leyburn888 2 12295 More support to customize user profile edit page nacin* dev-feedback Users 3.0 normal normal Awaiting Review enhancement accepted 2010-02-19T21:14:01Z 2022-06-23T14:29:20Z "Right now I can edit the contact methods via the user_contactmethods filter, but I can not modify or remove the Personal Options or the Name Options. I want to keep the interface as simple as possible for my users, and I don't think that they need to edit this settings at all. If wp wants to be a cms, it should give me control over this aspect as well. At least, give me custom css-ids, so I can remove it via css!" pampfelimetten 34 12363 Comment permalink wrong when only listing one comment type wonderboymusic dev-feedback Comments 3.0 normal normal defect (bug) assigned 2010-02-24T14:31:51Z 2019-06-04T19:21:46Z "If you pass the `type` parameter to `wp_list_comments()` (for example, to show comments only and no pings), then comment permalinks can easily use the wrong page number as they expect there to be pings included. This is apparent after leaving a comment and WordPress attempts to redirect back to your new comment. At first I was thinking you could tell WordPress that you're filtering to a type and it could compensate when determining the page number, but then I realized perhaps it'd just be better for `wp_list_comments()` to check if there were 0 comments returned for the query and if so, see if there are any of that type of comment available. If so, then we know we're on too high of a page number and can instead display the highest existing page. Then again this introduces SEO issues. Ideas on what to do are welcome." Viper007Bond 4 12456 Canonical URL redirect issue with post_id/postname permalink structure SergeyBiryukov has-patch Canonical 2.9.2 normal normal Future Release defect (bug) reopened 2010-03-02T14:06:38Z 2021-08-04T18:32:02Z "The issue: Using /%post_id%/%postname%/ as permalink structure, Most canonical redirects work fine, except: domain.com/post_id/ brings you to the post but does not redirect to the canonical domain.com/post_id/postname/ Additional info: The above permalink structure conforms to best practice as described in the codex: http://codex.wordpress.org/Using_Permalinks#Structure_Tags Therefore I figured this was a bug, given the attention given to redirecting to the canonical url ""So to avoid confusing search engines and to consolidate your rankings for your content, there should only be one URL for a resource."" http://markjaquith.wordpress.com/2007/09/25/wordpress-23-canonical-urls/ " Frank.Prendergast 46 12477 Search with special characters and similar terms nbachiyski dev-feedback I18N normal normal feature request new 2010-03-02T17:42:46Z 2019-06-04T20:01:58Z "I did:Tried searching for terms Metis and Métis I saw:Those two searches turned up different sets of results. I expected:The same set of search results, or at least everything when I searched for Metis. Can search be smarter when special characters are involved?" mrroundhill 2 12567 make post_submit_meta_box more generic Posts, Post Types normal normal enhancement new 2010-03-10T00:46:20Z 2019-06-04T20:41:05Z "Currently there isn't a way to modify the meta boxes which set the post status. The function post_submit_meta_box in wp-admin/includes/meta-boxes.php is a closed function with post statuses hard coded. A new post status registered using register_post_status is available to the query object and plugins but cannot be added to the post status select box in the publish meta box. A lot of the post_submit_meta_box is hardcoded to the default post status types. Consider the use case where you want posts to only be visible to logged in users. A custom post status selectable by the user in add/edit post could be used which is then added or excluded in the query (filtered by posts_where) depending on whether the user is logged in or not. This way core can handle the non-visible posts the way private or future posts are handled. " themattharris 15 12578 import from movable type doesn't import tags or basename Import 3.0 normal normal enhancement assigned 2010-03-11T00:58:46Z 2019-06-04T20:02:00Z The current movable type import script doesn't import tags from movable type and it doesn't import the basename (movable type's version of the post_name, which is necessary for a seemless transition). Adding support for importing these two important bits is not terribly difficult and I'm working on improving the import script to aid in my own upcoming migration. I'll attach a patch against the trunk. stevecrozz 3 12634 Media Library & Permalink Overlap has-patch Permalinks 2.9.1 normal normal defect (bug) assigned 2010-03-18T15:37:23Z 2023-08-24T19:52:27Z "The problem is: upload a media item and give it a name, such as 'test'. Create a new page titled 'test' with a permalink that reads http://www.example.org/test/. The permalink, instead of going to the page, goes to the media item. For most purposes, I would imagine this behavior should be reversed. -Tim-" tmoorewp 17 12671 Installer page doesn't check if MySQL tables were created successfully Upgrade/Install 2.9.2 normal normal Future Release enhancement assigned 2010-03-22T17:47:33Z 2018-12-15T22:52:14Z "When running the web-based setup script - My Mysql user didn't have create permissions so no tables were created but the message (underneath all the MySQL errors) said setup was successful. I think it would be worth doing a check for no MySQL errors before proclaiming the installation a success." thedotproduct 8 12682 Multiple password reset emails can be annoying dev-feedback Users 2.9.2 normal normal Future Release enhancement assigned 2010-03-23T15:51:01Z 2023-11-27T01:33:37Z "There's a security flaw mentioned in #10006: an attacker can bother users with password reset emails. The problem was reported on support forums by a user receiving hundreds of these emails. He proposed to introduce some kind of a timeout for password reset requests. Is it possible?" SergeyBiryukov 13 12684 Add Edit to Bulk Actions menu on Categories screen dipalidhole27gmailcom has-patch Quick/Bulk Edit 3.0 normal normal Future Release feature request assigned 2010-03-23T17:04:15Z 2023-02-08T19:38:29Z On edit-tags.php?taxonomy=category the only bulk action is Delete, because we never got around to adding Edit. We should add Edit to the bulk actions menu so people can change category parents easily. Has been requested on the Ideas forum a number of times, so am starting a ticket. If there's a technical reason not to add Edit to the bulk actions on this screen, then we should get rid of the menu and just have a Delete button. Adding Edit would be preferable, though, for consistency and usefulness. jane 21 12706 Custom post status bugs needs-unit-tests Posts, Post Types 3.0 normal normal Future Release task (blessed) reopened 2010-03-25T14:41:39Z 2022-06-02T13:42:36Z "A developer should be able to register a custom post status using `register_post_status()`. The admin UI (including post submit box and quick edit) should reflect this new custom post status. Furthermore, there are many hard-coded references to 'draft' and 'pending' statuses in core that should properly use the post status API. All existing arguments to `register_post_status()` should be fully implemented, should also support per-post-type arguments. As things get implemented across core, there will likely be a need for supporting capabilities and bits of API. Related: #23169 (register_post_status_for_object_type), #23168 (unregister_post_status)." ptahdunbar 167 12718 Better structure for admin menu dev-feedback Plugins normal normal Future Release enhancement reopened 2010-03-26T01:05:37Z 2018-02-07T09:17:16Z "Currently, the global $menu variable is one big linear array: {{{ $menu = array( [2] => array('Dashboard', ... [4] => array('', 'read', 'separator1', ...), [5] => array('Posts', ...) ... ) }}} To allow plugins to add a menu item at the end of a group, we use a bunch of additional global variables that remember the last element in each group. Also, we use arbitrary numeric indexes to specify the order of the items, instead of being able to position items relative to one another. It's all very low level. Things would be a lot easier if we had an actual API for manipulating the menu items." scribu 87 12720 Delete user and hook confusion when deleting users in Multisite Users 3.0 normal normal defect (bug) new 2010-03-26T12:42:59Z 2019-06-05T06:37:23Z "Currently: The hook ''wpmu_delete_user'' fires when deleting user in Super Admin->Users. The hook ''remove_user_from_blog'' when deleting user under site Users->Authors & Users. In standard WP: The hook ''delete_user'' is called when deleting users it should be the same in MultiSite when deleting from Super Admin->Users. Or add new hooks and deprecate previous. ''delete_user_from_network'' for when deleting a user totally. ''delete_user_from_site'' for when deleting a user from a specific site. This is hook also then fires in non-MultiSite mode since that then corresponds to one site." andreasnrb 5 12726 Add get_post_by_*() functions dev-feedback Posts, Post Types 3.0 normal normal enhancement assigned 2010-03-27T05:57:13Z 2019-06-04T20:41:11Z "Current there are get_page_by_path() and get_page_by_title() function but they hardcode the post_type of 'page'. With support for new custom post types I'm finding a need for functionality to look up posts of custom post types: {{{ $args = array('post_type','my_custom_post_type'); $path = 'foo-bar'; $post = get_post_by_path($path,$args); $title = 'Foo Bar' $post = get_post_by_title($title,$args); }}} Another option would be a simple get_post_by(): {{{ $args = array('post_type','my_custom_post_type'); $path = 'foo-bar'; $post = get_post_by('path',$path,$args); $title = 'Foo Bar' $post = get_post_by('title',$title,$args); }}} This code is not hard to write but looking at the functions in post.php there's not one consistent style so I'm not sure what the best approach would be to write it. Further, I don't completely understand the significance of all the code in get_page_by_path() so wouldn't want to start with it (although I could see it being modified to use the more generic functions that I propose.) I can make these updates if I get enough direction from the core team, or I'd happily just see them get done. :) " mikeschinkel 8 12756 WPMU does not handle files with two or more dots in the filename wpmuguru close Upload 2.9.2 normal minor Future Release defect (bug) reopened 2010-03-29T07:23:50Z 2022-10-14T18:47:54Z "* WPMU does download images that have two or more dots in the file name > E.g., One..jpg One...jpg One....jpg rewrites do work (checked) * this is clearly a WP issue: > /wp-content/blogs.php ... $file = BLOGUPLOADDIR . str_replace( '..', '', $_GET[ 'file' ] ); if ( !is_file( $file ) ) { status_header( 404 ); die('404 — File not found.'); } ... > WPMU removes two dots!!! > workaround: $file = BLOGUPLOADDIR . $_GET[ 'file' ]; // name.ly: workaround for files with two or more dots tested and works fine " Namely 15 12769 Disappearing posts/pages (in quickedit mode) has-patch Quick/Bulk Edit 2.9.2 low minor defect (bug) new 2010-03-30T08:53:39Z 2023-02-17T08:48:36Z "Steps to reproduce: 1. Quickedit a post. 2. Click save and instanly click quick-edit on another post. When the ajax-request completes the first quick-edited post will disappear from the posts table. This is only a display bug." catahac 12 12779 Better support for custom post types in WP_Rewrite has-patch Rewrite Rules normal normal enhancement assigned 2010-03-30T20:04:30Z 2019-06-04T21:05:39Z "See also #12605 and [13773]. We currently use bitmasks in WP_Rewrite, which we should remove and convert to an array of URL types that can be checked using in_array(). We currently do not use bitmask operations in WP_Rewrite that would make them preferable for use. To currently use custom post types with endpoints, a plugin would need to do the following, from [comment:5:ticket:12605 dd32 in #12605]: {{{ define('EP_WIKI', 131072); // 2^17. 2^13 is used by core. register_post_type('wiki', array( 'label' => __('Wiki'), 'public' => true, 'supports' => array('revisions', 'editor', 'title'), 'permalink_epmask' => EP_WIKI, 'hierarchical' => true )); add_rewrite_endpoint('history', EP_WIKI); }}} In particular: > Care would need to be taken that any custom endpoints are in {{{2^x}}} format, and not currently in use by any other plugins loaded. This would need to be backwards compatible with the existing bitmasks. More or less, {{{WP_Rewrite::add_endpoint()}}} would need to still take bitmasks and convert them to the new format." nacin 8 12799 Allow gallery shortcode to accept a maximum number of items close Gallery 2.9 normal normal Future Release enhancement new 2010-04-01T17:55:55Z 2023-10-19T13:09:46Z "A ""would be nice"" feature of the gallery would be to allow for a maximum number of items to be displayed. The main use of this feature would be to allow a page to show a ""preview"" of some of the images contained within one or more subpages, eg: * Some event [gallery link=""file"" columns=""4"" orderby=""rand"" maximum=""4"" id=""164""] * Some other event [gallery link=""file"" columns=""4"" orderby=""rand"" maximum=""4"" id=""200""] " dtorbert 19 12801 Add Info link to plugins management screen chriscct7 has-patch Plugins 3.0 normal minor feature request reviewing 2010-04-01T19:08:40Z 2019-06-04T20:41:12Z "Related to #11050 but instead of the search results, on the regular plugins.php screen. Add ""Info"" link to left of Activate/Deactivate action links, which brings in the tabbed info from the repo. If not from the repo, link does not appear." jane 5 12826 AJAX trash posts has-patch Posts, Post Types 2.9 normal normal enhancement new 2010-04-03T02:57:06Z 2019-07-05T03:15:38Z "Add AJAX to trash posts, like comment moderation. From GSoC ideas list: >Add AJAX Paging to Admin Screens. Something we've never gotten around to is adding AJAX paging to the list-type screens (edit.php, etc). Currently, getting to the next page of items means a screen refresh. For this project, add ajax paging to all the list-type screens in the WordPress admin. We have all the underlying PHP, but it needs some JavaScript love." meheranandk 5 12839 Themes should be sandboxed on activation to prevent fatal errors Themes 3.0 normal normal Future Release enhancement new 2010-04-04T06:16:25Z 2021-01-02T20:23:28Z "I've just made a child theme of TwentyTen by copying the folder over, renaming, and adding a Template: header to the style.css file. Upon activation, I've been thrown to a page with a fatal error due to redefining a twentyten function. Ideally, theme activations should be passed through a sandbox style activation the same as plugins." dd32 14 12877 Modular themes: Apply template hierarchy to folders within a theme dev-feedback Themes normal normal feature request new 2010-04-06T16:26:15Z 2019-06-04T21:05:41Z "Applying template heirarchy to folders within a theme will allow themes to be broken into modules, allowing theme developers to substantially reduce repeated code. This is an automated, complete version of the use of get_template_part() in Twenty Ten. I've written posts on the [http://wp.me/pS0xt-1f justification for modular themes] and [http://wp.me/pS0xt-30 their potential to transform theme organization]. Based on [http://wp.me/pS0xt-3O my tests], these functions should cause no noticeable difference in performance. The patch has the added benefit of creating an accurate global $wp_template_hierarchy object (and a getter method), so any plugin/theme can access the template hierarchy for $wp_query. The patch introduces several new functions: get_template_module($folder), get_template_hierarchy(), update_template_hierarchy(), and 2 private functions. Finally, the patch also add a 'locate_template' filter on $template_names at the beginning of locate_template(), and turns the large conditional in template-loader.php into a function: template_loader()." koopersmith 28 12885 LiveJournal importer uses GMT date/time as local date/time has-patch Import normal normal defect (bug) new 2010-04-07T02:07:25Z 2019-06-04T20:02:01Z "The LiveJournal importer takes a comment's date/timestamp, which is in GMT, and inserts it into the database as the comment's local date/timestamp. In my timezone (U.S. Central, DST), a comment posted at 12:00pm local time (5:00pm GMT) will be imported to the database as having been posted at 5:00pm local time (10:00pm GMT). I've attached a patch that I've successfully tested on Wordpress 2.9.2, and it appears to be easily ported to trunk. One caveat: it appears that there are two timezone settings in the Wordpress database (timezone_string and gmt_offset), but as my database has no value for gmt_offset, I don't know if I need to account for that, nor can I test that." kurtmckee 8 12934 Allow a menu to be added as a menuitem to be a submenu. Menus 3.0 normal normal enhancement assigned 2010-04-08T21:55:32Z 2019-06-04T20:02:03Z "Add capability to add a menu as a menuitem to be a submenu thus allowing multiple menu items to share the same submenus. See reference in April 8 devchat: https://irclogs.wordpress.org/chanlog.php?channel=wordpress-dev&day=2010-04-08&sort=asc#m106225" mikeschinkel 3 12945 Constrain wp_page_menu() technosailor* dev-feedback Menus normal normal defect (bug) accepted 2010-04-09T19:39:51Z 2019-06-04T20:02:04Z "The wp_page_menu() function is the default callback for wp_nav_menu(). IOW, when a user is not using the new menu system, it defaults to this function. While that is good, any number of pages over, say 10, will make a theme puke in many cases. As a workaround, I suggest we make a default of wp_page_menu() to exclude all pages() except home. It's a stupid idea, I think, but something needs to be done to make this manageable so I'm looking for feedback. The Pro of taking this approach is that it encourages customization of menus via the WP menu system. It also does not lock theme devs into a particular approach because this stuff can be overidden via arguments and filters. The con is that the default callback becomes pretty benign and useless. Almost pointless. Ideas?" technosailor 5 12955 Add get_post filter dev-feedback Posts, Post Types normal normal Future Release feature request new 2010-04-10T13:50:07Z 2018-08-28T13:43:50Z This patch filters the return value of the get_post() function. I would find this very helpful for a plugin I'm developing. JohnLamansky 77 12960 Number of posts on the Users page should include drafts and pending review has-patch Users 2.9.2 normal normal enhancement new 2010-04-11T02:35:03Z 2020-04-08T13:38:43Z "The numbers of posts on the Users page currently only include published posts, which I think is not good enough. For example, I have a contributor who has only written a few drafts and submitted a few articles for review. If I decide to delete him and base my decision on what I see on the Users page, I would probably just go with the ""Delete the user and all his posts"" option, which would delete more than I would expect." archon810 6 13041 Canonical redirection will redirect a non-exitant page to a post. dd32 has-patch Canonical 3.0 normal normal defect (bug) reviewing 2010-04-18T06:14:20Z 2019-06-04T19:21:48Z "Following on from #12601 Canonical redirection will kick in for http://localhost/wordpress-commit/apage/something and redirect it to http://localhost/wordpress-commit/2010/02/13/something-else/ #12601 limited redirect_guess_404_permalink() to only searching in the same post_type if one was provided, for posts and pages however, which are builtin, these vars are not set. I'm attaching a patch which will prevent a Page -> Post redirection, but not the other way around. - this patch was originally added to the other ticket." dd32 3 13066 Last-Modified headers for individual comment feeds are incorrect jgci* dev-feedback Feeds 3.0 low normal Future Release defect (bug) accepted 2010-04-21T07:32:34Z 2022-06-28T05:18:27Z "The WP::send_headers function currently uses get_lastcommentmodified() to set the Last-Modified header for all comment feeds. This is a problem when used for individual post comment feeds. The function gets the last modified comment across all blog posts. That means that every time a comment is posted anywhere, the Last-Modified header for ALL comment feeds is refreshed. Issues: 1. This is technically incorrect, since only the global comment feed and one specific post's comment feed have changed with the last comment (not all possible comment feeds); and 2. It means that If-Modified-Since requests for other post comment feeds will not receive a 304 response when they should do (since their content hasn't changed). On blogs with many posts and many comment feeds, this will have a large impact on bandwidth because lots of requests will receive 200 responses where 304's would have done, just because a comment was posted on some other post. If I've understood the flow correctly, $wp_query hasn't been fully set up at the time this function is called, so changing this behaviour would require some change in the flow of things (e.g., the handling of last modified headers for feeds moves into the do_feed() function). But doing so would mean that Last-Modified headers are correct/meaningful and that many more 304 responses can be served. Any thoughts?" solarissmoke 11 13078 Make wp_register_style and wp_enqueue_style consistent has-patch Script Loader 3.0 normal normal defect (bug) new 2010-04-22T01:08:39Z 2019-06-04T21:05:46Z "When fixing #13056, I noticed that wp_register_style and wp_enqueue_style had a few odd differences. 1. Enqueue truncates the $handle variable after the first '?' while register (and all other wp_style functions) accept any string. 2. Register set the default for $media to 'all', while enqueue set it to false. (fixed in the #13056 patch). Moreover, since the two functions are practically the same, I've grouped them together in a private _wp_register_style function with an additional $enqueue boolean. Both enqueue and register call _wp_register_style. I've omitted the truncate behavior mentioned above. If there's any reason for it in one, and not the other, or in both, feel free to correct me. We could also just remove the truncate behavior from enqueue. It's a minor patch, and comes down to coding style." koopersmith 3 13103 """Unknown character set"" during install into database reports successful install." barrykooij has-patch Database 3.0 normal normal defect (bug) assigned 2010-04-24T15:10:23Z 2019-06-04T19:21:49Z "During editing of the wp-config.php, I changed {{{ define('DB_CHARSET', 'utf8'); }}} to {{{ define('DB_CHARSET', 'utf8_general_ci'); }}} Which I thought was valid. After clicking ""Install Wordpress"" I got a page full of: {{{ WordPress database error: [Unknown character set: 'utf8_general_ci'] }}} And at the bottom, ""Success"" with a login prompt, but nothing was actually created in the database. I think WP shouldn't report a successful install if the user happened to accidentally change this value (or another) during install as it would cause confusion. I used a svn checked out version of WP on 2010-04-24 on my local computer using PHP5 and apache2, but I think this is really a problem since 2.6 (or when the current install system was implemented)." MECU 10 13169 Return Dynamic Sidebars with get_dynamic_sidebar Widgets normal normal Awaiting Review enhancement reopened 2010-04-28T18:07:28Z 2019-05-22T07:19:20Z "Currently there is no available function to return the contents of a dynamic sidebar. The following code enables developers to return and assign the contents of a dynamic sidebar to a variable within their code. {{{ function get_dynamic_sidebar($index = 1) { $sidebar_contents = """"; ob_start(); dynamic_sidebar($index); $sidebar_contents = ob_get_contents(); ob_end_clean(); return $sidebar_contents; } }}} " w3prodigy 16 13239 Filter locate_template template_names variable dev-feedback Themes 3.0 normal normal Future Release enhancement reopened 2010-05-03T21:43:05Z 2023-12-29T13:48:26Z "I recently encountered a situation where it would be very helpful to supply alternate template file locations; however, this cannot be accomplished as the locate_template function is being used and that function's arguments are not filterable. So, I created a patch that adds the filter. This patch adds two filters: locate_template and locate_template-TEMPLATENAME. This allows for both general and specific filtering. The following example shows how this could be used to modify the location of a BuddyPress template file. {{{ function filter_member_header_template( $template ) { return dirname( __FILE__ ) . '/buddypress/members/single/member-header.php'; } add_filter( 'locate_template-members/single/member-header.php', 'filter_member_header_template' ); }}} While the value of this example is debatable as BuddyPress could be updated to support alternate template locations, the value of the patch itself is high. This opens up a new ability for plugins to modify template file locations, giving plugins a hook into the content rendering process without requiring themes to be modified." chrisjean 111 13247 Drag/drop for add menu item boxes koopersmith Menus 3.0 normal normal enhancement new 2010-05-04T07:12:03Z 2019-06-04T20:02:06Z Because checkboxes are no fun. This first patch covers dragging from view all and most used. Search still has bugs. koopersmith 3 13273 "Allow ""'non-clickable"" menu items" Menus 3.0 normal normal Future Release enhancement new 2010-05-06T10:58:50Z 2023-11-10T16:19:53Z "In the new menu generator I'm missing the option to create ""non-clickable"" menu items. What I'm after is that I want to create for example a main menu item with the title ""Links"" which is non-clickable (no url attached to it) and basically only acts as an umbrella item for the actual links I want to locate as subitems of the item ""Links"". - Home - Something else - Links (this one should be non-clickable) - external link 1 - external link 2 - etc I think that an optional tickbox in the add link section will do the trick. Basically, all it has to do is to ""disable"" the check whether or not a valid URL format has been submitted and, of course, it has to trigger some modified html output. Hope you guys can add this in the 3.0 release because this would basically complete the menu generator :) Keep up the good work and I'm really looking forward to the 3.0 release!" stgoos 17 13339 Add hook on network admin user forms Users normal normal enhancement new 2010-05-11T11:45:37Z 2019-06-05T06:37:25Z "On WP 3.0 it is possible to add new users as Super Admin, but they do not really assign each instance. So it would be useful when creating the user, if you have a selection of instances that are created and then selecting one with the checkbox where the user should get access. Maybe it is possible to add a hook for add own fields, similar the possibilies on user-edit.php for profile fields." bueltge 5 13363 Edit Comments: Pending > Approving shouldn't make them disappear from screen wonderboymusic has-patch Comments 3.0 normal normal Future Release enhancement assigned 2010-05-11T23:35:45Z 2023-11-16T17:40:18Z "Edit Comments: Pending > when clicking Approve the comments shouldn't just disappear from the screen. They should collapse and have an undo status like when you trash or spam a comment. ENV: WordPress trunk r14573 (3.0-beta2-14565) " lloydbudd 4 13372 Separate Image sizes for different post types close Media 4.6.1 normal normal Awaiting Review enhancement reopened 2010-05-13T07:59:07Z 2020-04-18T04:45:23Z Would be nice, especially moving forward with custom post types to have the ability to set different image sizes using an additional parameter of `add_image_size()` for different post types: Page, Post, and Custom. brandondove 19 13425 Image Gallery of Private Post is publicly displayed dev-feedback Gallery 3.0 normal normal defect (bug) reopened 2010-05-17T20:12:20Z 2019-06-04T19:42:59Z "Might have been forgotten only, I just ran over this inconsistency while beta-testing: '''Description:''' The Image Gallery of a Private Post is displayed (in another post via the Shorttag with id parameter) whereas, when clicking on the images to go to the attachment page, you get a 404 not found. '''Example:''' [http://hakre.wordpress.com/2010/05/17/cui-utils-rev2/#more-1184 Post with Gallery][[BR]] [http://hakre.wordpress.com/2010/05/17/cui-utils-gnu-tools-fur-windows-32-with-a-simple-setup/gnu-win-cui-util-00-setup/ Attachment of that Gallery] '''Steps to reproduce''' Create a new Post, set a title and the Status to private. Save as Draft. Preview it, to get the ID easily from URL. Upload a Bunch of Images. Insert the Gallery Shorttag inside that Post Body. Publish the Post. Create a second new Post Give it a Title and Insert the Gallery Shortcode with the ID from the last Post. Publish. View. Copy the URL. Open another Browser so to have a new User-Session. Visit that URL. '''Expected Behaviour''' You should not see a gallery. '''Behaviour''' You see a gallery. When clicking on a gallery link you get a 404 page. '''Feedback''' I see an inconsitency here but have no Idea how to deal with it. So either the gallery should not be found as well (not found as in 404 but in this case: not output) or the attachment pages should be able to call as well. Related: #11697" hakre 5 13429 Updating Link URL on image within Admin with Gallery dev-feedback Gallery 2.9.2 normal normal Future Release defect (bug) new 2010-05-18T01:43:42Z 2023-08-24T19:53:27Z "Image insertion no longer allows url to off site resource within Gallery. When inserting a gallery you are unable to specify the Link URL. It keep reverting back to the default." vshoward 69 13459 Conflict between post and page slugs/permalinks when permalink setting is set to /%postname%/ petitphp has-patch Permalinks 2.9.2 normal normal Future Release defect (bug) assigned 2010-05-20T04:56:27Z 2023-08-29T21:31:27Z "If Dashboard -> Settings -> Permalinks is set to /%postname%/, it is possible to create both a page and a post with the same slug. When viewing via the frontend, the page is always displayed. I would have thought that WordPress should prevent a post and a page from having the same permalink. Steps to reproduce: 1. Create and publish a page with any slug. eg. http://domain.com/test/. 2. Create and publish a blog post with the same slug. Wordpress says the permalink for the blog post is http://domain.com/test/, but when you visit that URL it displays the page instead. I can reproduce this on my 2.9.2 install, as well as 3.0 trunk. I'm guessing the bug is present in earlier versions of WordPress as well. Possibly related: #11863" jamescollins 71 13473 comment_status should be set to default_comment_status when commentstatusdiv is removed westi Comments normal normal defect (bug) reopened 2010-05-20T23:36:24Z 2019-06-04T19:21:51Z "When the Comment Status box is removed from the Add/Edit Post screens, posts should be created with the comment_status set to the value of the default_comment_status option. ----- I had hidden the Comment Status box via: remove_meta_box('commentstatusdiv','post','normal'); and made sure that default_comment_status was set to open: update_option('default_comment_status', 'open'); After adding a new post it displayed ""Comments Off"" when I was assuming that it should have honored the value of default_comment_status." jimmcq 12 13554 WordPress MU canonical link redirect failure markjaquith Bootstrap/Load 2.9.2 normal normal defect (bug) reopened 2010-05-26T16:30:37Z 2019-11-19T17:04:05Z "This problem manifests itself in Wordpress '''MU''' 2.9.2, but '''not''' in Wordpress 2.9.2. In the MU install where blogs are subdirectories, canonical redirects work correctly for the subdirectory blogs, but not for pages on the root blog. For example, [http://silverwarethief.com/essays/] is a sub-blog in the wordpress MU install. If you alter that link to [http://www.silverwarethief.com/essays/] wordpress MU will correctly redirect the browser to the canonical url. However, this does not work with pages on the root blog. [http://silverwarethief.com/about/] is a page on the root blog. If you go to that link, you will correctly find yourself at the ""About"" page. If you then alter the link to [http://www.silverwarethief.com/about/] you will be redirected to the main page of the root blog, not the ""About"" page. I have seen this behavior manifested on more than one MU install. " rundi 14 13655 Login/Install/User Edit should stripslashes() $_POST data has-patch Login and Registration 3.0 normal normal defect (bug) new 2010-05-31T11:33:17Z 2019-06-04T20:02:12Z "Following on from #13654 All Login/Registration/Install/User Edit functionality should stripslash $_POST data. At present, it seems that we do not stripslash at all. For existing user passwords, we should migrate passwords to their non-stripslashed versions: [5/31/10 6:34:11 AM] Mark Jaquith: We could migrate people.[[BR]] [5/31/10 6:34:13 AM] Dion (dd32): Perhaps oughta just add proper stripslashing in 3.1, and add back-compat to change password from non-stripslashed to stripslashed.. similar to the md5->phpass implementation..[[BR]] [5/31/10 6:35:13 AM] Mark Jaquith: Yep. If the PW doesn't match, addslashes() and compare again. If that matches, set the new PW hash. Right?[[BR]] [5/31/10 6:35:19 AM] Dion (dd32): yep " dd32 4 13691 Make get_template_part() accept multiple template names Themes normal normal enhancement new 2010-06-02T03:19:34Z 2019-06-04T21:05:47Z "This enhancement allows get_template_part() allows to pass several template names, to work in the same way as: locate_template() so, you could call, get_template_part( 'loop', array('category', 'taxonomy', 'archive') ); $names are passed by order of priority." wjm 10 13701 Full support for middle and little endian permalink structures needs-unit-tests Rewrite Rules 2.9.2 normal normal enhancement reopened 2010-06-02T14:34:08Z 2019-06-04T21:05:49Z "This only happened after I switched over to the WordPress 3.0 development version, so I'm inclined to think it's a bug. When I use the traditional wp_get_archives or the dropdown version it shows that posts exist. However, when I click to go to any of those past posts, I only get a 404 Error. This problem is very consistent, happening 100% of the time. Disabling all plugins has no affect on the problem. The only other information that might be helpful is that I've integrated WordPress into a website that I built and I am using a custom theme that I built. It only has the index.php, single.php, and style.css files. Again, the wp_get_archives function worked just fine with the exact same setup that I have now prior to switching to the 3.0 version, so I'm not sure what changed." RevelationTravis 21 13743 Ability to choose a network default theme dev-feedback Networks and Sites 3.0 normal normal Future Release enhancement reopened 2010-06-06T05:44:12Z 2018-03-28T09:11:24Z As stated in summary. I use WP 3.0 RC and I've found out that there is no way to set up a theme which should be used by default for newly created sites in network. Even then I disable all the themes except the one I want to be used, WP still set thentyten as theme for newly registered site. The only solution I was able to find is to change theme description and name to twentyten and delete all other themes. It's so simple to let administrator choose default network theme, and this option is present in many other CMS. fuwaneko 33 13779 Preview doesn’t work - WP installed in its own directory SergeyBiryukov dev-feedback General 2.9.2 normal normal Future Release defect (bug) reviewing 2010-06-08T01:32:04Z 2022-07-13T17:21:56Z "1. Wordpress is installed on /wp/ subdirectory. 2. Then it was set up to be visible from the site root according to http://codex.wordpress.org/Giving_WordPress_Its_Own_Directory 3. Site works fine 4. [BUG] Preview for posts & pages isn’t working. When I press preview it goes to url like: http://example.com/?preview=true&preview_id=235&preview_nonce=aa28f04 and says ""You do not have permission to preview drafts."". 5. If I type subdirectory name “/wp/” in that url by hands, it shows correct preview: http://example.com/wp/?preview=true&preview_id=235&preview_nonce=aa28f04 6. The situation is getting worse if i'm using permalinks. In that case - there is nothing i can do to see preview. ps: I’ve tested that on clean install. " antares19 17 13792 Invalid reply link from comment admin when comment nested level > max needs-unit-tests Comments 2.9.2 normal normal Future Release defect (bug) reopened 2010-06-09T07:05:56Z 2017-07-31T16:17:39Z "I have a blog with nested comments enabled, max depth of 4. When the last level comment is posted, it no longer contains a Reply link. However, in the Comment admin, the Reply link is still present. If used, this new reply will show up at the very bottom of the comment list once posted (even if other newer regular comments are entered, this new reply will still show up at the very bottom). The bug is, basically, that Comment admin doesn't respect the max nested value." archon810 11 13816 There should be built-in index pages for taxonomies dev-feedback Taxonomy normal normal Future Release feature request new 2010-06-10T12:20:29Z 2023-01-31T20:36:11Z "By default, if you enable 'pretty' permalinks, you get URLs like this for categories and tags: /category/slug, /tag/slug. The same pattern is used when adding custom taxonomy types. These URLs often suggest to people that it should be possible to go 'up' one level, and access index pages at /category and /tag which list all of the available categories or tags (or maybe just the top x most popular ones for tags). I'd suggest that we add a new template type of is_archive_index() which uses, in order of preference, taxononmyname-index.php (eg category-index.php), archive-index.php. Within these templates, the 'loop' should return taxonomy items rather than posts. This is all possible already using custom templates and get_terms(), but it'd be handy if it was built-in. " frankieroberto 13 13821 Changing visibility to password-protected without entering a password does not warn user kapeels* has-patch Editor normal normal Future Release defect (bug) accepted 2010-06-10T13:48:48Z 2019-06-05T07:15:00Z "Tested on r15182. If the status of a post is set to Password Protected, and a password is not specified before the user clicks the OK button in visibility and then either publishes, saves, or updates the post, no warning is given to the user that not setting a password forces the post or page to remain Public. In fact, if updating a post, and this is the only change made, the success message (1) for updating the post appears instead, even though no change was made to the post. If the post was previously published as Private, and switched to Password Protected without entering a password, then saved, the post switches to Public on save instead of remaining Private. Either a failure message upon updating or a warning to the user before saving should be displayed to the user to remind them that they didn't properly set a password. To reproduce the last case above: 1. Create a post. Publish it as Private. 2. Edit the post. Change the visibility to Password Protected, but do not enter a password. Click OK. 3. Update the post. 4. The post visibility will be changed to Public." markel 10 13822 Menu items that get unpublished still appear nacin has-patch Menus 3.0 normal normal Future Release defect (bug) reopened 2010-06-10T16:30:12Z 2021-06-01T13:11:46Z "We need to properly account for menu items linked to unpublished/pending post type objects. My thought is they should probably be hidden from the frontend with an indication on the backend (like ""(Pending)"") that they are are unpublished/pending. We need to properly handle private posts too." nacin 45 13867 New filter for comment RSS feed's title killua99 has-patch Feeds 3.0 normal normal Future Release enhancement assigned 2010-06-12T21:53:07Z 2021-11-10T03:51:19Z "I'd like to be able to customize comments titles in RSS feed. Currently it's hardcoded and has no way to be changed, so I added 2 new filters so that plugins can edit them. I've tested and patch is working for me." shidouhikari 31 13874 "Add package argument to ""_deprecated_function"" function" chriscct7 has-patch Bootstrap/Load normal normal enhancement assigned 2010-06-13T23:48:37Z 2019-06-04T19:21:54Z "Got to thinking it would be nice if plugins could use the _deprecated_ API by passing a ""$package"" argument to separate themselves from WP core, and so this patch was born. " johnjamesjacoby 16 13926 Adding 'page-attributes' to a custom post type slows down edit screen in the admin Posts, Post Types 3.0 normal normal defect (bug) new 2010-06-16T20:01:17Z 2019-06-04T20:41:18Z "When I add 'page-attributes' to a custom post type it takes roughly 1.5 to 2 min for the edit screen to load... When I remove 'page-attributes' edit screen load is extremely fast. Under the post type i created I have 5000+ entries." granulr 6 13972 Add new category link - capability check needed has-patch Posts, Post Types 3.0 normal minor Future Release defect (bug) new 2010-06-18T09:01:43Z 2018-01-23T03:26:40Z "/wp-admin/link-add.php If user doesn´t have ""manage_categories"" capability, add new link page, will show ""add new category"" link and form, it should be hidden. " wjm 9 13998 Inconsistency in arguments when wp_nav_menu falls back to wp_page_menu chriscct7 has-patch Menus 3.0 normal normal enhancement reviewing 2010-06-19T15:22:58Z 2019-06-04T20:02:14Z "[http://codex.wordpress.org/Function_Reference/wp_nav_menu wp_nav_menu]'s 'menu_class' parameter applies the class to the <ul>. The default fallback function [http://codex.wordpress.org/Template_Tags/wp_page_menu wp_page_menu] however, applies 'menu_class' to the <div> enclosing the <ul>. This can cause inconsistent styles if the style is applied to ul.<menu class>" Utkarsh 7 14017 "New template ""tag"": get_custom_field()" obenland needs-unit-tests Posts, Post Types 3.0 normal normal Future Release enhancement assigned 2010-06-21T04:13:03Z 2022-08-14T14:59:34Z "It would be helpful to have a way to retrieve a custom field value that is somewhat agnostic of current context. '''Current way to do this''' In the header (i.e., before the Loop), one has to access the currently-queried object to get a custom value, with something like this: `$value = get_post_meta($GLOBALS['wp_query']->get_queried_object_id(), 'field', true);` In the Loop: `$value = get_post_meta(get_the_ID(), 'field', true);` And, lots of tutorials out there tell people to do things like the following, with varying degrees of success (depending on variable scope): `$value = get_post_meta($id, 'field', true);` or `$value = get_post_meta($post->ID, 'field', true);` '''My proposed function (or ""template tag"")''' mixed '''get_custom_field''' ( string ''$fieldname'' [, int ''$post_id'' ] ) `$value = get_custom_field('field');` It picks the current object like so: {{{ Passed post object ID? / \ yes no | | use it | | within Loop? / \ yes no | | use current | Loop ID | | currently queried object is singular? / \ yes no | | use its ID ID = 0 }}}" filosofo 13 14028 Maintenance mode nag persists after successful upgrade Upgrade/Install 3.0 normal minor enhancement new 2010-06-21T18:27:55Z 2021-03-01T09:47:03Z "A number of forum users are reporting that the maintenance nag ""An automated WordPress update has failed to complete"" etc.. persists after failed auto-updates even if they then successfully perform manual updates. Looks like something is leaving $upgrading set." mrmist 20 14050 shortcode_unautop() should also remove the <br /> added after shortcodes aaroncampbell Formatting 3.0 normal normal defect (bug) assigned 2010-06-22T18:15:27Z 2019-06-04T19:43:02Z "Currently `wpautop()` wraps a shortcode in `<p>` tags as well as adding a `<br />` tag after the shortcode. We then use `shortcode_unautop()` to remove the `<p>` tags, but the `<br />` stays. To replicate, just drop a few caption shortcodes into a post and set them all to align left or right. You'll see that even though they all float (assuming that's how your theme handles them) they stair step down because of the extra `<br />` I'm not a regex expert so someone should probably double check my patch, but it seems to work for me." aaroncampbell 27 14060 "Misleading ""You do not have sufficient permissions to access this page.""" SergeyBiryukov has-patch Plugins 3.0 normal normal Future Release defect (bug) reviewing 2010-06-23T14:46:16Z 2019-03-29T23:35:02Z "When accessing a page of a plugin in the admin that does not exists any longer, you're told by an error message, that: > You do not have sufficient permissions to access this page. This message is a little misleading, because there is no such page. A message that better reflects the decision to display it would be less misleading, e.g.: > The requested page is not accessible. " hakre 17 14077 Add support for removal of multiple features from a post type in remove_post_type_support dev-feedback Posts, Post Types 3.0 normal minor enhancement new 2010-06-24T18:10:59Z 2020-01-09T00:34:23Z "From [http://groups.google.com/group/wp-hackers/browse_thread/thread/1843101eba1f29fc this thread] add_post_type_support allows an array to be passed as the 2nd parameter, but remove_post_type_support doesn't. The patch attached adds the functionality." Utkarsh 11 14093 Malformed category hidden from edit-tags, but shows in meta box Taxonomy low normal defect (bug) new 2010-06-25T19:11:49Z 2019-06-04T21:26:33Z "Came from a report in IRC by xomp. In the following example, category 1's parent is category 2, and vice versa. {{{ mysql> select term_taxonomy_id, term_id, taxonomy, parent from wp_term_taxonomy; +------------------+---------+---------------+--------+ | term_taxonomy_id | term_id | taxonomy | parent | +------------------+---------+---------------+--------+ | 1 | 1 | category | 2 | | 2 | 2 | category | 1 | | 3 | 3 | category | 0 | | 4 | 4 | category | 1 | +------------------+---------+---------------+--------+ 4 rows in set (0.00 sec) mysql> select term_id, name from wp_terms; +---------+-----------------+ | term_id | name | +---------+-----------------+ | 1 | Category 1 | | 2 | Category 2 | | 3 | Category 3 | | 4 | Category 4 | +---------+-----------------+ 4 rows in set (0.00 sec) }}} On edit-tags, you'll see only Category 3. In the hierarchical meta box, you'll see: {{{ Category 3 Category 1 - Category 2 - Category 4 }}} If we decide to show corrupted data, we should be consistent. At the very least, edit-tags should reveal more than the meta box, not the other way around." nacin 4 14097 Idea for placeholder text Administration normal normal enhancement new 2010-06-26T06:28:25Z 2019-06-04T19:21:56Z "Placeholder text has a fatal flaw, in my mind: once the field is focused, that placeholder text is gone. This can be confusing, especially if you tabbed into that field or it was selected by default. You can actually use placeholder text instead of labels, for a minimalistic form layout, but only if you correct this flaw. So here's a potential solution: http://txfx.net/files/wordpress/labels/ It uses HTML 5's {{{placeholder}}} attribute (newest Safari and Chrome support it), with a jQuery plugin to handle that support for other browsers. Thoughts?" markjaquith 15 14110 Expose height and width attributes to 'wp_get_attachment_image_attributes' filter adamsilverstein reporter-feedback Media 3.0 normal minor enhancement assigned 2010-06-27T00:54:46Z 2023-10-11T13:51:39Z "The filter 'wp_get_attachment_image_attributes' allows you to alter the attributes of embedded images. However the height and width attributes aren't passed to this filter. These would be useful to have – I'm making a theme with a fluid layout where I have to remove all height and width attributes to ensure that the browser maintains the attribute of images when they're resized. I've attached a patch with a fix. In it I've also changed the function 'get_image_tag' so that I could remove the immensely pointless 'hwstring' function." divinenephron 25 14125 Seperate out non-editable options in edit site sorich87* dev-feedback Options, Meta APIs normal normal enhancement accepted 2010-06-28T04:11:36Z 2019-06-04T20:41:23Z "In the edit site screen, blog options which are arrays are shown as SERIALIZED and the textbox is disabled. The attached patch pulls those options out of the options metabox and displays the option name in another metabox below. Related: #14120" wpmuguru 7 14142 Custom Walker class for navigation menus Menus 3.0 normal normal Future Release defect (bug) reopened 2010-06-29T14:16:18Z 2019-04-19T18:31:41Z "I have tried to extend the Walker_Nav_Menu class, I just needed to overwrite the start_el method. So i added ""walker""=>""My_Walker"" to wp_nav_menu, I've got an error message, that the method ""walk"" could not be accessed statically. After a short look at the code in ""nav-menu-template"", I realized that in the method ""walk_nav_menu_tree"" the object initializer ""new"" is missing. My solution can be found in the attached file. As you can see, I've just added a ""new"" in front of $r->walker And it works" dennis.winter 11 14172 Implement $scheme in site info in ms-sites edit site dev-feedback Networks and Sites 3.0 normal normal enhancement assigned 2010-07-01T22:45:33Z 2021-01-05T16:40:51Z "In WordPress 3.0 with Network enabled, if you were to click: Super Admin -> Sites -> Edit (next to any site) and then change any of the Site Options i.e. wp_2_options the changes don't save. We're running a secure environment and need Siteurl to be HTTPS instead of HTTP. Changing all the parameters to https and clicking Update doesn't save the changes." firmdot 24 14201 Canonical redirect kicks in in case of category/tag base containing other chars then a-z, 0-9, _ and - close Canonical normal normal defect (bug) new 2010-07-05T09:03:39Z 2019-06-04T19:21:57Z "'''Expected behaviour''' Whatever the category base is, if we go to a properly formed category pretty permalink, canonical redirects shouldn't kick in. '''Actual behaviour''' If the category base is non-ASCII (for example: баба), the canonical redirect tries to redirect to the same URL. The redirect sanitizer removes the category base from the URL, because it is non-ASCII and redirects to {{{<root>//category-name/}}}. This prevents endless redirects and usually results in 404. '''Why does it happen?''' Category base is always used verbatim. It can't be URL-encoded, because the percent signs will be interpreted as permalink variables. Because of that the generated urls will be always in the form: {{{<root>/баба/<url-encoded-category-name>/}}}. The contents of {{{$_SERVER['REQUEST_URI']}}} are always URL-encoded, so the requested URI is: {{{<root>/%D0%B1%D0%B0%D0%B1%D0%B0/<url-encoded-category-name>/}}}. Canonical redirect functionality assumes the requested URL would be the same as the generated term URL and since they are different tries to redirect. '''Solutions''' The easiest one is to assume that if we had come to the right category page without any get variables, we don't need the logic for redirecting to the canonical category page. This is valid statement, because that logic relies only on removing get arguments. The only disadvantage with that solution is that doesn't solve the more general problem of discrepancies between generated and requested URLs. But for now it will do a good job." nbachiyski 21 14215 MultiSite: Add new > different username from blog title Networks and Sites 3.0 normal normal Future Release feature request new 2010-07-06T18:09:37Z 2018-05-07T16:58:46Z "I would like to request that the current system for adding a new blog site be expanded so that as admins, we can specify a different username that's unrelated to the blog title. That is, in '''Site Admin -> Add New''', at the bottom of the page, add a new field specifically for the username. For that matter, it would be useful to also have a field to be able to specify the password, and perhaps a little checkbox that allows you to optionally prevent an email from being sent. These features are really useful when you're manually adding sites for employees, students, and the such. I had provided a fix for wpmu 2.8.4 at one point (with a better explanation and details), you can see the thread here: http://mu.wordpress.org/forums/topic/12945 An example of the final result: http://img696.imageshack.us/img696/2551/addblogwordpress.png" Person 8 14254 update_meta_cache fails; query too large? pbearne has-patch Cache API 2.9.2 normal normal Future Release defect (bug) assigned 2010-07-09T19:49:22Z 2024-02-27T17:50:58Z "In the file meta.php, around line 183 in the 'update_meta_cache()' function, it tries to do a query but I noticed this can fail (ie. crash wordpress) if there are too many post id's in the query. The function is being called from query_posts(), with 'posts_per_page' set to -1. An example query that crashed it: {{{ SELECT post_id, meta_key, meta_value FROM wp_postmeta WHERE post_id IN (1009,1006,989,933,902,860,859,858,857,793,838,837,836,827,825,310,780,777,776,775,774,773,770,763,760,759,758,757,728,756,755,754,753,752,751,750,748,746, 732,736,729,726,725,724,723,722,720,719,717,716,715,710,709,503,692,289,625,268,593,583,582,332,32,30,28,26,24,22) }}} Maybe there is some limit associated with queries of this type internal to wordpress, as this query works fine in phpMySql. Apologies if this is already reported or irrelevant in 3.0! " newpixel 15 14331 Tweaks to menu setup page Menus 3.0 normal normal Future Release enhancement new 2010-07-16T21:30:45Z 2020-05-29T19:39:57Z "It would be great if you could select a parent Page and ""Automatically add children"" to the menu. In a similar fashion, it would be great if the Menu could then automatically add any new children Pages created under that Parent." mrmist 13 14363 Atom feed is broken when WordPress is served as application/xhtml+xml has-patch Feeds 3.0 normal normal defect (bug) new 2010-07-20T14:57:52Z 2019-06-04T19:43:04Z "Atom feed is broken when WordPress is served as application/xhtml+xml because of the difference in html_type_rss(). The patch attached also deprecates the_excerpt_rss() with a new function called 'the_excerpt_feed'." peaceablewhale 5 14368 "make the 'orderby' argument in get_posts() accept all ""post"" fields" has-patch Query 3.0 normal normal enhancement reopened 2010-07-20T23:58:41Z 2022-08-01T15:09:02Z "Right now, some post's fields were not accepted when retrieving posts (even though they were documented in codex . for example ""name"" (slug) was missing). this patch sorts the elements in the $allow_keys array (in the same order as the db' s columns) and adds the missing ones, I added every field except the ones that were long text fields (content, excerpt, etc) " wjm 11 14375 Post pagination should have a show all option Posts, Post Types 3.0 normal normal Future Release feature request reopened 2010-07-21T07:03:29Z 2017-06-12T05:22:35Z When people use the nextpage html comment tag to paginate posts we should also have a show all link displayed to make it easier for people to read the whole content without pagination. westi 4 14393 Maintenance mode overkill. Please refine usage of it Upgrade/Install normal normal Future Release enhancement new 2010-07-22T22:12:14Z 2017-03-18T14:52:11Z "Though many tickets have been posted about the Maintenance Mode not resolving, I think that the problem is on a different level. It is unacceptable that even a failed upgrade of an inactive theme can break a complete Site or even Network. Case in point: I just followed the upgrade alert for an inactive theme, hosted on the WordPRess theme repository. (Apparently it had an error (Incompatible Archive. PCLZIP_ERR_BAD_FORMAT (-10) : Unable to find End of Central Dir Record signature.) But the point is, this should not have put the entire network in maintenance mode for 10 minutes. Maybe a check can be done for plugins, themes etc: if they are active, then maintenance mode can be used (though I am definitely not a fan of it anyway)." bike 16 14401 Unable to locate WordPress Content directory (wp-content). Filesystem API 3.0 normal normal defect (bug) reopened 2010-07-23T15:56:19Z 2019-06-04T19:43:05Z "Hi, I encounter this message on one server during plugin install: ""Unable to locate WordPress Content directory (wp-content)."" PHP Version 5.2.0-8+etch1 Another info from Core Control plugin: Direct Not Available SSH2 Not Available PHP FTP Extension Available PHP FTP Sockets Available ABSPATH: /home/www/domain.eu/subdomains/www/ WP_CONTENT_DIR /home/www/domain.eu/subdomains/www/wp-content WP_PLUGIN_DIR /home/www/domain.eu/subdomains/www/wp-content/plugins DOCUMENT_ROOT (from phpinfo) /home/www/domain.eu/subdomains/www I tried some hacks in wp-config.php, but I was not successfull. When I tried ftpsockets, following error appears: Warning: socket_last_error() expects parameter 1 to be resource, null given in /home/www/domain.eu/subdomains/www/wp-admin/includes/class-ftp-sockets.php on line 59 When I tried direct, following error appears: Downloading install package from http://downloads.wordpress.org/plugin/wp-memory-usage.zip… Unpacking the package Could not create directory. /home/www/domain.eu/subdomains/www/wp-content/upgrade/wp-memory-usage.tmp" pavelevap 20 14432 Role-based help text garyc40 Help/About 3.0 normal normal Future Release enhancement assigned 2010-07-27T18:53:00Z 2023-08-24T19:54:11Z The text in the Help tab is based on the screen seen by an admin. We should make it so the role of the logged in user determines the text. jane 12 14439 Unable to get a post associated menu items for a specific menu has-patch Menus 3.1 normal major defect (bug) new 2010-07-28T03:32:06Z 2019-06-04T20:02:17Z "Hello, The actual wp_get_associated_nav_menu_items function works well but gets menu items associated with an object from ANY menu. So a parameter needs to be added to specify a specific menu to get menu items associated with an object from a specific menu. Patch is attached. The use of get_term() is needed because of the bug #14438" DreadLox 4 14460 New Permission for no_user_edit so users with edit_users can't edit it dev-feedback Users 3.0 normal normal feature request new 2010-07-29T23:28:18Z 2019-06-05T06:37:28Z "I recently experienced a problem where I have an administrator role with full access and a site administrator role with most access including the ability add, edit, and delete users. However, I don't want the Site Administrator to be able to delete users of the role Administrator. The change I'm proposing is a new permission or marker which states that if enabled, this user can't be changed by another user who isn't the same role. If possible, I might try to add the patch myself. This is a fairly important issue which would is interfering with WordPress' use as a content management system, and the only work around I've found is to edit core file." brandon.wamboldt 3 14477 get_pages with child_of only works with uninterrupted hierarchies wonderboymusic has-patch Query 3.0 high normal Future Release enhancement reopened 2010-07-30T19:00:50Z 2021-01-15T23:32:11Z "I have a page X with several children and grandchildren. Some of the grandchildren have a certain meta key and value. I now want to fetch all pages under page X that have this meta key. After reading the documentation of ''get_pages'', I expected this to work with a single call of ''get_pages''. But if I use get_pages like this: {{{ get_pages('child_of=X&meta_key=A&meta_value=B'); }}} it returns no pages at all (hierarchical=0 has no effect). It seems that's because ''child_of'' triggers a call of ''get_page_children'' which only returns uninterrupted hierarchies. Since the query returns only some grandchildren and no direct descendants, the function fails. IMHO, that's a bug. " vividvisions 21 14493 do_enclose() can ping the same URL many times, can't filter URLs to ping nacin* Feeds 3.0.1 normal normal enhancement accepted 2010-07-31T18:52:01Z 2019-06-04T19:43:08Z "If the same URL is included in a post several times, do_enclose() can check that URL for inclusion as a possible enclosure several times. Additionally, there's no way to filter what URLs do_enclose() should ping for possible inclusion as enclosures. Attached adds an array_unique() call to do_enclose(). Attached adds a {{{do_action_ref_array( 'pre_enclose', array( &$post_links, &$pung ) )}}} hook to allow filtration of URLs to ping. (Matches the pre_ping hook.) do_enclose() has several more problems this patch addresses. 1. Correct non-functional DELETE FROM postmeta query (bad use of wpdb::prepare()). 2. Use like_escape() in several LIKE queries. 3. Add an {{{apply_filters( 'enclosure_mime_types', array( 'video', 'audio' ) )}}} hook. 4. Currently do_enclose() doesn't allow root URLs as enclosures (e.g. http://example.com/), only URLs with a non-trivial path or query. Move that functionality to the new pre_enclose filter. 5. Efficiency improvements in conditional logic. 6. Clean up code by reducing control structure nesting depth." mdawaffe 7 14502 Enable /post-type/taxonomy/term/ permalinks Rewrite Rules normal normal Future Release enhancement reopened 2010-08-01T22:57:29Z 2019-06-04T13:51:29Z After we get /post-type/ handled (see #13818), it would be nice if we also had /post-type/taxonomy/term/ mapped to ?post_type=post-type&taxonomy=term scribu 8 14513 Time for a wp_post_relationships table? Posts, Post Types 3.0.1 normal normal feature request reopened 2010-08-03T00:10:30Z 2023-05-30T15:04:16Z "Now that we have custom post types the obvious next step for people using them is to start relating post types using parent-child and/or many-to-many relationships. I've implemented a taxonomy-mirrored-posts plugin but am starting to discover [http://lists.automattic.com/pipermail/wp-hackers/2010-July/033510.html many of the problems that @prettyboymp has pointed out on wp-hackers] and think it might be time we consider adding a new table to allow us to relate post and to allow us to build functionality around this table such as related post pickers, etc. I'd like to offer a [http://en.wikipedia.org/wiki/Straw_man_proposal straw man proposal] to start discussions of a potential `wp_post_relationships` table added to WordPress 3.1 with three fields: `parent_id`, `post_id` and `term_taxonomy_id.` This allows us to relate any two post records and optionally associate at taxonomy+term to classify the relationship (here's the SQL to create the table): {{{ CREATE TABLE `wp_post_relationships` ( `parent_id` bigint(20) unsigned NOT NULL, `post_id` bigint(20) unsigned NOT NULL, `term_taxonomy_id` bigint(20) unsigned NOT NULL DEFAULT '0', PRIMARY KEY (`parent_id`,`post_id`,`term_taxonomy_id`), KEY `term_taxonomy_id` (`term_taxonomy_id`), KEY `post_id` (`post_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; }}} Looking forward to your feedback." mikeschinkel 89 14551 menu item : current_page_parent : issue with Front page displays has-patch Menus 3.0 normal normal defect (bug) reopened 2010-08-06T12:46:24Z 2019-06-04T20:02:18Z "Settings > Reading > Front page displays: set to your latest posts Settings > Reading > Posts page: set to anything When the menus are building, they are only checking that something was set by the dropdown for posts page, even though the parent setting says the posts are to be on the home page. The pages on the site have the correct logic, however the menu adds ""current_page_parent"" to the item selected in the ""Posts page"" menu, even though it's not really the parent. The work around is to just remember if you switch from having posts on a different page back to having them on the front, you need to set the ""Posts page"" back to ""select"" and everything works correctly, but getting users in my multi-site install to do that might be asking a bit much." hughestm@… 6 14558 Separate Database Table Support for Custom Post Types dev-feedback Posts, Post Types normal normal Awaiting Review enhancement reopened 2010-08-07T06:55:07Z 2024-03-04T09:51:27Z "While working on custom post types, I felt need for this enhancements. This can be achieved by adding an extra argument to the register_post_type function like below... {{{ register_post_type( 'acme_product', array( 'labels' => array( 'name' => __( 'Products' ), 'singular_name' => __( 'Product' ) ), 'public' => true, /* Database separation */ 'db_tables' => array( 'prefix' => '', //by default, value of $table_prefix will be used. If user sets this value to something, it will be used as prefix for both of following tables 'base_prefix' => '' , //this will control it tables are to be kept sitewide or per blog 'posts_name' => 'acme', 'postmeta_name' => 'acmemeta', ), ); }}} This small enhancement (not from coding perspective) will help more plugins authors go for custom post type. Reasons are - first they will get option to have separate data storage. Second - if some other badly coded plugin manipulates wp_posts table in some wrong way, it won't have sideeffect on third-party data. Third - Plugin authors will get more space to experiment as at any time they will be dealing with their own plugin's data. Of course, one of the goal of this nice feature must be to abstract database layer, but as a developer I feel it would be better if I can have some control over database without loosing power of this new (custom post type) feature." rahul286 41 14561 wp-admin/edit.php tags of post are hard to compare Posts, Post Types normal normal enhancement new 2010-08-08T08:25:02Z 2019-06-04T20:41:26Z "To get an overview about tags used between articles on the post listing in the admin is hard to achieve by the user because they appear not to be ordered. A solution could be to sort them alphabetically. That done, it's easier for the user to compare the usage of tag distribution accross the listing." hakre 1 14569 Assign plugins on a per-site-basis has-patch Plugins normal normal Future Release feature request new 2010-08-09T09:35:55Z 2022-07-15T14:43:01Z It's possible to assign themes per site with WordPress Multisite. However it isn't possible to assign plugins per site. Some plugins are only used for the mainsite and I don't want them to be visible in subsites. ChantalC 16 14584 HTML entities in category and tag elements has-patch Export 2.1 normal normal defect (bug) reopened 2010-08-11T05:47:13Z 2020-07-06T10:53:49Z "The script wp-admin/includes/export.php creates CDATA blocks for category and tag data which contain HTML entities. Normally, these characters should appear un-encoded in the CDATA blocks, see #4321. I suspect this problem may have been considered at some point, but currently the line in question is commented out : http://core.trac.wordpress.org/browser/trunk/wp-admin/includes/export.php?rev=9148#L102 The solution, I think, would be to replace that comment with html_entity_decode($str) " lavamind 4 14682 Privacy leakage: gravatars leak identity information Privacy 3.0 normal normal Awaiting Review defect (bug) reopened 2010-08-24T14:54:42Z 2020-07-01T19:18:00Z "If a commenter on a blog leaves a comment without having a log in to the site, and the ""Comment author must fill out name and e-mail"" preference is enabled for the blog, the author must provide an email address. The form for this says ""Mail (will not be published) (required)"" It's true that the email address itself is not published, but if the site has gravatars enabled, the persistent identity of the commenter is nonetheless revealed. Together with inspection of other posts where the commenter has chosen to reveal their identity, on the same blog or other blogs, or a brute-force approach taking a known email address to find postings attributed to them (using a global search engine) this results in a complete loss of anonymity. At the bare minimum, the user should be aware of this, so that they can choose not to comment; preferably, the software should be changed so that gravatars are not used for these sorts of posts (or made configurable, in combination with the user being made aware)." jmdh 53 14691 Allow commas in tag names Taxonomy 3.0.1 normal normal Future Release defect (bug) new 2010-08-25T09:51:09Z 2023-11-27T09:58:10Z "Adding tags to posts via the web interface involves a lot of what boils down to {{{ explode( ',', join( ',', array( $tag_name, ... ) ) ); }}} both in PHP and JS. We settled on commas so we could have tags with spaces in them (see #10320, for example). It'd be nice if tags (and other taxonomies) could have commas in them, though. Example use case: normalized locations (""Portland, OR""). Admittedly, commas in tag names is an edge case. The attached treats tag inputs as ""real"" CSV strings instead of just exploding by commas. That way, you can enter: {{{ hello, ""hello, world"" }}} in the tags input field and the following tags would be added to the post. * hello * hello, world This addresses commas in tag names but makes entering double quotes in tag names more annoying. If you wanted a tag named {{{double""quote}}}, you'd have to enter the following. {{{ ""double""""quote"" }}} This may also help with #7897." mdawaffe 28 14757 users with no posts are not exported dev-feedback Export 3.1 normal normal Future Release enhancement reopened 2010-09-01T18:14:31Z 2020-07-06T14:48:39Z I just exported a large standalone site and imported into a multisite setup, and I discovered that a number of users who hadn't yet posted anything didn't get moved to the new site. sillybean 7 14767 wp_create_user() does not check for a valid email address has-patch Users 3.0 normal normal defect (bug) new 2010-09-02T21:38:23Z 2019-06-05T06:37:29Z "When creating a new user an invalid email address (for example user@) will result in a zero-length string in the email field of the users table. If another new user is subsequently created with another invalid email address the error returned is ""This email address is already registered."" It would be better for wp_create_user() to check if a valid email address has been given and return a more descriptive error. I attach a patch file for wp-includes/registration.php to include this functionality." mrwiblog 7 14773 Error in slug parsing leads to unlimited URLs for the same article = duplicate content has-patch Canonical 2.5 normal normal Future Release defect (bug) reviewing 2010-09-03T14:20:45Z 2023-10-19T20:10:42Z "an example says more than 1000 words: right url: http://ahmongwoman.wordpress.com/2010/09/02/i-am-not-hmong-and-i-dont-speak-spanish/ wrong urls: http://ahmongwoman.wordpress.com/2010/09/02/i-am-not------hmong-and-i-dont-speak-spanish/ http://ahmongwoman.wordpress.com/2010/09/02/i----am-not-hmong-and-i-dont-speak-spanish/ http://ahmongwoman.wordpress.com/2010/09/02/i-am-not-----hmong-and-i-------dont-speak---------spanish/ Problem: Wordpress returns the article with HTTP status code 200 for the wrong URLs. This is a serious issue for people regarding search engine optimization (duplicate content). Expected results: Wordpress returns HTTP Status code 301 with Location-Header and right URL to the client." thermoman 22 14808 Add Editor Documentation Functions URL for theme-defined functions exthilion has-patch General normal normal Future Release enhancement assigned 2010-09-08T00:57:20Z 2022-07-19T17:25:11Z "Currently, functions that are called within template files shown on the editor are included in the list of functions that you can try and lookup documentation for. (The $ignore_functions array only seems to be for functions defined, not called, in a file.) As the http://api.wordpress.org/core/handbook/1.0/?function=... seems to be hard-coded in, it's not possible for themes to overwrite it for functions they've defined. Is it possible to allow themes to define where the documentation lookup should be for their own functions?" GamajoTech 7 14824 WordPress is not updating Theme option after making a theme a child theme by adding the line 'Template' to the child`s css without refreshing Theem activation Themes 3.1 normal normal defect (bug) new 2010-09-09T23:27:35Z 2019-06-04T21:05:56Z "Situation: If you have 2 Themes on a 2 sites MultiSite install (each site is using one theme) and want to make one of them a child Theme of the other, you will go to one of them and add the line 'Template: NAME OF THE PARENT THEME' and save it. After doing so the Child Theme will not inherit any Template Files from the parent until you deactivate/activate the Child Theme again. Although it says in the ""Themes/Appereance"" section of the Child Themes backend 'CHILD THEME NAME uses templates from PARENT THEME NAME. Changes made to the templates will affect both themes.' even before deactivating/activating the Child Theme. Looks like the template page might be checking the style.css and not update the option." drale2k 7 14876 wp_get_sidebars_widgets() assumes that widgets are enabled Widgets lowest minor defect (bug) reopened 2010-09-15T02:05:43Z 2019-06-05T06:45:15Z "When a theme does not have any sidebars defined, wp_get_sidebars_widgets() will return the database option anyway. This reveals a bug where a theme that does not have any widgets may still get the recent comments CSS injected into it. is_active_widget() is returning true because that widget was active when the sidebar option was last used." nacin 13 14877 Ability to create exclusive custom taxonomies helen* Taxonomy normal minor Future Release feature request accepted 2010-09-15T14:08:25Z 2021-11-20T03:12:10Z "Custom taxonomies should have the option of toggling exclusivity, meaning the user should only be able to select one term at a time. Currently, developers wishing to implement an exclusive custom taxonomy (and thus would prefer radio buttons rather than check boxes on the add/edit post pages) must remove the existing taxonomy meta box completely and build their own, simply to change the input type. This not only duplicates code and development effort, but has the potential to create security vulnerabilities when plugin developers stray from best practices, for example, when recreating the AJAX add term functionality. Exclusive taxonomies are not uncommon in every day life and are even more common when one thinks about typical custom post type implementations (e.g., students->school year, employee->department, car->color, ice cream->flavor). While the best implementation is uncertain, I propose the function register_taxonomy accept an optional 'exclusive' argument (similar to 'hierarchical') that would change the check boxes within the taxonomy meta box to radio buttons and would handle the POST accordingly." benbalter 36 14902 weblogUpdates.extendedPing does not implement standard josephscott Pings/Trackbacks 3.0.1 normal normal defect (bug) reviewing 2010-09-19T23:35:37Z 2019-06-04T20:41:29Z "When a blog post is published or updated, Update Services are notified if they are listed in the Wordpress Writing Settings panel. The services are notified by the weblog_ping() function in comment.php That function first attempts an XMLRPC call to the service's weblogUpdates.extendedPing. If that fails, it attempts to notify weblogUpdates.ping. {{{ if ( !$client->query('weblogUpdates.extendedPing', get_option('blogname'), $home, get_bloginfo('rss2_url') ) ) // then try a normal ping $client->query('weblogUpdates.ping', get_option('blogname'), $home); }}} '''1) The weblogUpdates.extendedPing does not match the published standard.''' See: http://www.google.com/help/blogsearch/pinging_API.html Where 5 parameters are specified: * Name of site * URL of site * URL of the page to be checked for changes * URL of RSS, RDF, or Atom feed * Optional a name (or ""tag"") categorizing your site content. You may delimit multiple values by using the '|' character. The third parameter should be the page to be checked for changes, and not the RSS feed. No 4th or 5th parameter is passed. '''2) The weblogUpdates.extendedPing does not take advantage of notifying the service of the exact page that changed (as is provided in the standard)''' If implemented correctly, this would allow the receiving service (perhaps a search engine) to come directly to the correct page for re-indexing, instead of trying to figure it out from the RSS feed. I am unable to find if pingomatic.com publishes a competing version of the standard. " Scott Schram 2 14913 Multisite Requires Client Information to Load Files filosofo has-patch Bootstrap/Load 3.1 normal normal Awaiting Review defect (bug) new 2010-09-20T20:55:36Z 2022-07-19T19:05:58Z "When installed as multi-site, WP in `ms-settings.php` tries to parse the Host header request to determine which domain is requested. If none, it prints a redirecting Location header and exits. This is problematic if you are loading WP but not using a client that sends headers to the server; for example, if you have another app on the same server that tries to include `wp-load.php` directly. Example: {{{ <?php include '/path/to/wp/wp-load.php'; // let's do some stuff with WP programatically... }}} The above aborts in MS as it tries to redirect the nonexistent requesting client to the main blog's front page. The problems I see with this: * `wp-load.php` is supposed to provide a means of circumventing the template printing, so it shouldn't assume a typical browser client is making the request * `wp-load.php` ''can'' be used this way on non-MS setups * In general, it's a bad jumble of MVC. Currently I'm not sure what the best route is to fix this, but I will try to come back later with a solution." filosofo 12 14949 Login gives false assurance of having logged out rajinsharwar* dev-feedback Login and Registration normal normal Future Release defect (bug) accepted 2010-09-23T10:39:34Z 2023-09-27T19:35:30Z "If you visit `wp-login.php?loggedout=true` while logged in, WordPress falsely tells you that ""You are now logged out."" This is a problem because it could lead you to think, e.g., that a public computer is no longer authenticated with access to your WP admin. Patch redirects a still-authenticated user back to the admin from the login page if she requests the above page without actually having logged out." filosofo 36 14969 "menu element ""all (direct) child pages""" dev-feedback Menus 3.0.1 normal normal feature request new 2010-09-26T20:16:39Z 2019-06-04T20:02:19Z One of the things I am missing in the current menu-system is the ability to assign parts of the page tree to, say, a sub-menu, so, say, all child pages of a parent will be listed instead of having to add them manually to the submenu once the menu has been created. youngmicroserf 1 14981 Provide a context for post statuses rockwell15 has-patch I18N 3.1 normal normal Future Release defect (bug) assigned 2010-09-27T23:21:29Z 2022-09-11T17:40:40Z "1) /wp-admin/nav-menus.php: the ""Most Recent"" string (/wp-admin/includes/nav-menu.php:645) should be separated between the Pages context and the Articles context, since they can take different forms according to the language (i.e.: in French, ""Articles"" is masculine, ""Pages"" is feminine. 2) /wp-admin/edit.php: Same contextual need for ""All"", ""Published"", ""Scheduled"" and the rest of the per-status selector, for posts and articles (and others...). " xibe 35 14986 Make WordPress roles/capabilities more secure (edit_users related) Role/Capability normal normal enhancement new 2010-09-28T20:39:03Z 2022-12-05T12:09:09Z "We've discussed this before, but after some thought, I think we can do this and make it work. Right now, the edit_users capability is the key to the kingdom. Anybody with edit_users can change their role to anything, including to something with more capabilities than they already have. Back in #6908 and #6014, this was thought about in terms of the old user levels system, which of course shouldn't be used and makes no sense. In #8770, an editable_roles filter was introduced, which allows a plugin to limit the roles that a user can change themselves too. This works for one aspect of the problem, but a) it doesn't solve the passwords problem(1), and b) it assumes that the roles are still only in one chain of command. That is to say, that all the roles have an ordering, where each role has all the capabilities of the role ""below"" it. To solve these, I think we need a capability comparison system. To wit, code that implements these two rules: 1. No user can change the role of another user to a role that has capabilities that the changing user does not also have. 2. No user can change either the role or the password of another user who has any capability that the changing user does not also have. For rule 1, this means that if Adam was to try to assign Bob a role, he would only be given the choice of assigning roles that have a subset of the capabilities Adam himself had. For rule 2, if Adam was to try to change the role or the password of Bob, he would not be able to change either unless Bob already had a subset of Adam's own capabilities. This makes the roles have a sort of definable hierarchy, where roles with lesser capabilities can be multi-faceted. I can define more than one chain of roles which are ""above"" each other in hierarchy, allowing me to build a tree of groups and users capable of different things. For things like bbPress-as-a-plugin, this sort of enforcement is going to be a must-have feature. Note 1: The ""passwords problem"" is that any user who can change another users password can easily change the password of somebody of ""higher"" rank, log in as them, and then have their capabilities. It's detectable, but in some cases, may not be so detectable. Admins who don't log in often, say. Note 2: We also need role management in core, but that's a topic for a separate day. I'm speaking only of enforcement of a security model here for now." Otto42 7 14991 extra_rules_top should take priority over extra_permastructs needs-unit-tests Rewrite Rules 3.1 normal normal defect (bug) new 2010-09-29T18:00:08Z 2022-12-05T12:09:28Z Since extra_rules_top are specifically added instead of generated like the those from the extra_permastructs which runs through generate_rewrite_ruls(), shouldn't the extra_rules_top take priority in conflicts? prettyboymp 6 15001 Duplication and incompatibilities in register_new_user() and wp_insert_user() needs-unit-tests Users 3.0 normal normal defect (bug) new 2010-09-30T19:16:11Z 2019-06-05T06:37:31Z "As a result of [12778], the commit of a patch that was part of #11644 (the MU-merge ticket), `wp_insert_user()` was modified to introduce user verification checks. The addition of these checks also introduced a number of duplications and incompatibilities between it and `register_new_user()`. (Bear in mind that `register_new_user()` calls `wp_create_user()` which calls `wp_insert_user()`.) These issues include: * Duplication (both run-time execution and code): both functions perform `username_exists()` and `email_exists()` checks. Ideally, we should only perform each check once, and from a single piece of code. * Whereas both functions perform `username_exists()` and `email_exists()` checks, `register_new_user()` performs more checks (empty_username, invalid_username, empty_email, invalid_email). If the former 2 are being checked, all 6 criteria should be checked. * `wp_insert_user()` can now return a WP_Error object, but `register_new_user()` can't handle it (I reported this in #14290) * `register_new_user()` generates a new generic error if `wp_create_user()` (via `wp_insert_user()`) returns an error (assuming proper patch #14290), rather than passing along the more specific error it was told about If an error is returned by `wp_create_user()`, `register_new_user()` throws a generic 'registerfail' error (`'<strong>ERROR</strong>: Couldn’t register you... please contact the <a href=""mailto:%s"">webmaster</a> !'`). However, most likely it received a more informative WP_Error object. * `register_new_user()` allows errors to be suppressed via filters, but `wp_insert_user()` does not `register_new_user()` has the filter 'registration_errors' which allows plugins to suppress any encountered errors. Having done so, `register_new_users()`'s subsequent call to `wp_create_user()` can generate an error (of the type already suppressed) which is then un-suppressable. This renders the 'registration_errors' filter useless for the username_exists and email_exists errors (and possibly other in the future). ---- These different issues may warrant separate tickets, but cumulatively I think they point to the need to refactor `register_new_user()` and `wp_insert_user()` to be more efficient and compatible. This is a rare instance where I don't include an immediate patch for a ticket, but I wanted to get it out there and see if we can try and get these fixed for 3.1. " coffee2code 4 15006 Closing tag for empty <p> tag is removed Formatting 3.0 normal minor defect (bug) reopened 2010-10-01T13:48:12Z 2019-06-04T19:43:16Z "I have a page post that starts like this: {{{ <p style=""text-align: right;"">Text Here</p> <p style=""text-align: right;""></p> More Text Here }}} The HTML source saves correctly, but the page output omits the closing tag for the second P element, causing the rest of the page to be invalid. If you have any trouble reproducing this I will be happy to debug it on my server." miqrogroove 13 15058 Validate option and transient name lengths needs-unit-tests Options, Meta APIs 3.1 normal normal Future Release enhancement new 2010-10-07T15:37:46Z 2021-06-24T03:58:07Z "The option_name column in the options table holds up to 64 characters yet there aren't any length checks to ensure that the length isn't exceeded. This leads to all sorts of odd behavior as the name will be truncated to fit, saving the option but not allowing it to be retrieved with the same name. This issue affects all uses of the options system. A particular annoyance is transients. A transient that doesn't expire has a max name length of 53 characters yet a transient that does expire has a max name length of 45 characters. When attempting to save an expiring transient of name length between 46 and 53 characters, the transient will store but will be deleted before being used when get_transient is called due to the missing _transient_timeout_ option (since it was too long). The core issues are that the functions don't return any type of failure condition on names that are too long and no warning is created. So, I've created a patch that addresses both of these issues. The patch shows an example of how option and transient name length validation can be added. In order to allow users to modify the option_name column length, a new constant, WP_OPTION_LENGTH, is created with a default value of 64. This constant is checked for all length validation. This is simply an example of how I'd like the validation to function. I'm not attached to the wording of the warnings or the name of the constant." chrisjean 55 15068 merging query objects/arrays Query 3.0 normal normal enhancement new 2010-10-08T04:27:58Z 2019-06-04T20:41:30Z "As multiple post type installations proliferate, I assume more and more people will come across a situation (like me) in which they need to display two (or more) sets of content units, say posts, and post-type ""audio"" in one stream - say on the main blog page. As long as the only condition is the post type itself, that will work fine. However, if those two sets need to be selected using different conditional criteria, say a category in one case, and a custom field in the other, then the current query_posts options will not be sufficient. While it is possible to retrieve multiple arrays via get_posts and merge them, then sort them using cusomt php, such a solution will break the paged navigation. If such situations will - as I assume - become more likely as more people use multiple post types and additional variables to specify content, I think it would be useful to be able to combine multiple queries into a meta query that will sort the combined object according to a common sorting variable, say date, and thus preserve the paged navigation. " youngmicroserf 5 15086 get_template_part() should let you specify a directory westi* needs-unit-tests Themes 3.0 normal normal enhancement accepted 2010-10-10T21:36:45Z 2019-06-04T21:06:02Z "IT would be nice for `get_template_part()` to allow you to specify a directory to look for a file in. Right now you actually *can* do this, but it requires passing a 'slug' to the function like `directory/slug`. Since everywhere else in the code slugs are sanitized, this seems like an unexpected way to allow this functionality (I didn't realize this worked until @nacin pointed it out). Since this slug isn't actually sanitized at all, you can currently do `get_template_part( '../../../test' );` which seems rather unsafe (`get_template_part` should be able to include from outside the themes directory). I suggest sanitizing $slug and adding a third [optional] parameter that allows you to specify the directory to look in. The directory parameter should be sanitized enough to not allow it to start with a . or a / (although this more likely belongs in `locate_template()` as something done to $template_name inside the foreach). What does everyone think about this approach? How many themes do we think are currently using the $slug parameter to specify a directory? Right now the optional $name parameter is set up as a fall through, so if $slug-$name.php doesn't exist $slug.php is used. Should $directory be set up similarly ($directory/$slug-$name.php -> $directory/$slug.php -> $slug-$name.php -> $slug.php)?" aaroncampbell 44 15134 WordPress should not try to remove themes or plugins recursively if the directory is a symlink pbiron* dev-feedback Upgrade/Install normal normal Future Release defect (bug) accepted 2010-10-16T11:46:29Z 2023-07-05T18:13:59Z "Consider the situation: there is a server with multiple WordPress blogs hosted in it. Some plugins are common for all/many blogs and to save several (hundreds in our case) megs of the disk space, shared plugins are stored somehwere else (say, /var/www/wp-plugins) and there are symbolic links to /var/www/wp-plugins/<plugins> from /home/<user>/wp-content/plugins/<plugins>. The onwer of the blog (user1) may not know these details and wants to update one of the plugins (plugin1) using automatic update feature. WordPress will then try to remove /home/user1/wp-content/plugins/plugin1/ recursively although /home/user1/wp-content/plugins/plugin1 is a symlink to /var/www/wp-plugins/plugin1. The obvious solution is to add a check to the filesystem classes that checks if the file is a symlink and if so, remove symlink with unlink() instead of trying to follow it and remove everything it sees. The advantage of this approach is that if the user symlinks a plugin to other user's data, those data will not be removed by WordPress (this can be very good for those hosts where all users are served by the same Apache user etc). " vladimir_kolesnikov 59 15149 image_get_intermediate_size partly ignores 'path' and 'url' fields and has inconsistent return values has-patch Media 3.1 normal normal enhancement new 2010-10-19T13:13:32Z 2019-06-04T20:02:21Z "the current implementations of image_get_intermediate_size and image_downsize in wp-includes/media.php have several inconsistencies. image_get_intermediate_size() returns the following information about an attachment for registered sizes: file, width, height, path, url. for ad-hoc sizes (if the size argument is an array) it returns: file, width, height. in the second case, path and url information that may have been set by a plugin is lost. further, the calling function, image_downsize(), in any case regenerates the url like this {{{ $img_url = str_replace(basename($img_url), $intermediate['file'], $img_url); }}} this means that now also for the registered sizes, the 'url' information is discarded. further, this means that for registered sizes, the url is computed twice, once inside image_downsize as detailed above, once in image_get_intermediate_size() like this {{{ $data['url'] = path_join( dirname($file_url), $data['file'] ); }}} to me, a cleaner approach would be to return the full information (file, width, height, path, url) independent of whether an image size is registered or not. all these fields can then also be directly calculated inside image_get_intermediate_size() and the caller does not have to bother with, e.g., generating paths and urls. further, this would allow to accept path and url information that is already present in the db, also in the case of ad-hoc image sizes. i put together a patch that provides a potential solution. " whoismanu 9 15204 JavaScript Validation should trim values and set focus on invalid field Taxonomy 3.1 normal normal enhancement assigned 2010-10-24T15:46:28Z 2019-06-04T21:06:12Z "If invalid fields are found after validation, focus should be placed on the first invalid field. Field values should be trimmed to check for truly empty values. Also worth noting, the (mostly same) validateForm is located in both common.js and wpAjax.js." batmoo 5 15230 Action hook before the inserting post into the database dev-feedback Posts, Post Types 3.1 normal normal Future Release enhancement new 2010-10-27T09:18:46Z 2021-05-11T12:51:37Z "Something like {{{ do_action( 'pre_post_insert', $data, $postarr ); }}} added to ''wp_insert_post'' function right after the ""else"" statement on line 2501 in .../wp-includes/post.php " johnnypea 14 15249 Filtering get_search_sql for advanced queries needs-unit-tests Query 3.1 normal normal enhancement assigned 2010-10-29T07:00:35Z 2019-06-04T20:41:32Z "Currently in the code for 3.1 (trunk) there are no filters running on the new function get_search_sql which would be useful for plugins to perform more complex MySQL functionality on specific columns. I suggest adding a filter ;)" sc0ttkclark 17 15311 dynamic image resize (on the fly) using already available functions dev-feedback Media 3.1 normal normal Future Release enhancement new 2010-11-03T20:18:44Z 2020-03-12T15:30:08Z "The lack of a dynamic resize function in WordPress forces theme developers to register lots of image sizes for their themes to use. One of the problems with this approach is that the server becomes full of image files that will be never used. Another problem is that when someone changes their theme the image sizes simply doesn't match, forcing people to use a plugin to regenerate all image files, and once again lots of those files will never be used. So theme developers right now are using some sort of image resizing script like timthumb that works outside of wp. I think it has many drawbacks comparing to a native implementation. So I made a function that uses WordPress native image handling capabilities to resize and save those resized images for future use. I use this for attached images as well as standalone files such as custom fields and other images. What I want here is just to share my solution, and maybe we can someday put something like this into core (actually something better then this): {{{ /* * Resize images dynamically using wp built in functions * Victor Teixeira * * php 5.2+ * * Exemple use: * * <?php * $thumb = get_post_thumbnail_id(); * $image = vt_resize( $thumb,'' , 140, 110, true ); * ?> * <img src=""<?php echo $image[url]; ?>"" width=""<?php echo $image[width]; ?>"" height=""<?php echo $image[height]; ?>"" /> * * @param int $attach_id * @param string $img_url * @param int $width * @param int $height * @param bool $crop * @return array */ function vt_resize( $attach_id = null, $img_url = null, $width, $height, $crop = false ) { // this is an attachment, so we have the ID if ( $attach_id ) { $image_src = wp_get_attachment_image_src( $attach_id, 'full' ); $file_path = get_attached_file( $attach_id ); // this is not an attachment, let's use the image url } else if ( $img_url ) { $file_path = parse_url( $img_url ); $file_path = ltrim( $file_path['path'], '/' ); //$file_path = rtrim( ABSPATH, '/' ).$file_path['path']; $orig_size = getimagesize( $file_path ); $image_src[0] = $img_url; $image_src[1] = $orig_size[0]; $image_src[2] = $orig_size[1]; } $file_info = pathinfo( $file_path ); $extension = '.'. $file_info['extension']; // the image path without the extension $no_ext_path = $file_info['dirname'].'/'.$file_info['filename']; $cropped_img_path = $no_ext_path.'-'.$width.'x'.$height.$extension; // checking if the file size is larger than the target size // if it is smaller or the same size, stop right here and return if ( $image_src[1] > $width || $image_src[2] > $height ) { // the file is larger, check if the resized version already exists (for crop = true but will also work for crop = false if the sizes match) if ( file_exists( $cropped_img_path ) ) { $cropped_img_url = str_replace( basename( $image_src[0] ), basename( $cropped_img_path ), $image_src[0] ); $vt_image = array ( 'url' => $cropped_img_url, 'width' => $width, 'height' => $height ); return $vt_image; } // crop = false if ( $crop == false ) { // calculate the size proportionaly $proportional_size = wp_constrain_dimensions( $image_src[1], $image_src[2], $width, $height ); $resized_img_path = $no_ext_path.'-'.$proportional_size[0].'x'.$proportional_size[1].$extension; // checking if the file already exists if ( file_exists( $resized_img_path ) ) { $resized_img_url = str_replace( basename( $image_src[0] ), basename( $resized_img_path ), $image_src[0] ); $vt_image = array ( 'url' => $resized_img_url, 'width' => $new_img_size[0], 'height' => $new_img_size[1] ); return $vt_image; } } // no cached files - let's finally resize it $new_img_path = image_resize( $file_path, $width, $height, $crop ); $new_img_size = getimagesize( $new_img_path ); $new_img = str_replace( basename( $image_src[0] ), basename( $new_img_path ), $image_src[0] ); // resized output $vt_image = array ( 'url' => $new_img, 'width' => $new_img_size[0], 'height' => $new_img_size[1] ); return $vt_image; } // default output - without resizing $vt_image = array ( 'url' => $image_src[0], 'width' => $image_src[1], 'height' => $image_src[2] ); return $vt_image; } }}} " vteixeira 98 15317 My Sites limited to 23 sites on Admin Bar morganestes Toolbar 3.1 normal normal Future Release enhancement assigned 2010-11-04T13:35:21Z 2023-03-12T00:01:26Z "I have a test site with 25 sites. I can only access 23 from the My Sites tab on the admin bar. (This is a minor bug, but I hadn't seen it mentioned.) Ron I'm using latest trunk." ronbme 63 15332 dbDelta($query) - do not create view needs-unit-tests Database 3.0.1 normal normal Future Release feature request reopened 2010-11-07T14:23:52Z 2018-07-30T08:45:42Z "during plugin creation I create few tables with dbDelta($query). that is working without problems. But on the end I create two views on this tables with dbDelta($query) - that is not working. The views are not created. The sql is ok, manually the create works." christian_gnoth 15 15335 register_setting() filter for sanitization callback needs to indicate 2 arguments accepted markjaquith has-patch Options, Meta APIs 3.1 normal normal Future Release defect (bug) reopened 2010-11-08T01:10:46Z 2024-01-15T12:37:58Z "'''register_setting()''' adds the function for sanitization of the option with the following line (wp-admin/includes/plugin.php): {{{ add_filter( ""sanitize_option_{$option_name}"", $sanitize_callback ); }}} For users wanting to declare a function for option sanitization, use of the option name within the function is sometimes desired, and is provided for in the filter application inside the '''sanitize_option()''' declaration as such (wp-includes/formatting.php): {{{ $value = apply_filters(""sanitize_option_{$option}"", $value, $option); }}} With the filter always being applied with the option name as the second argument, I see no reason not to propose that the '''add_filter()''' call in register_setting() include ""2"" as the number of accepted arguments, allowing the option name to be passed." lumination 18 15386 WP_List_Table::get_columns does not work for plugins scribu close Administration 3.1 high major Future Release defect (bug) reopened 2010-11-11T14:42:28Z 2023-02-16T20:06:44Z "Creating a new table based on the WP_List_Table class does not work as the get_columns method is not being called. The problem is when WP_List_Table::get_column_info() calls get_column_headers() instead of $this->get_columns() where all the column data is stored. Moving the filter manage_*_columns from get_column_headers() into WP_List_Table::get_column_info() along with passing $this->get_columns() fixes this issue." ptahdunbar 24 15394 "Ancient ""Are you sure you want to do this"" now confusing" dev-feedback Security 3.1 normal minor Future Release defect (bug) new 2010-11-11T21:51:26Z 2019-05-17T10:48:08Z "The default failing nonce message did not pass the wife test. Asking ""Are you sure you want to do this?"" now that there is no longer ""OK"" and ""Cancel"" buttons is confusing and my wife just asked me ""How do I tell I'm sure?"" Not sure about the best wording, I took the same approach as Twitter's expired OAuth token links with a message that does not let user think there is something to confirm." ozh 17 15448 wp_mail() sets Content-Type header twice for multipart emails SergeyBiryukov has-patch Mail normal normal Future Release enhancement reviewing 2010-11-17T12:15:04Z 2020-09-17T00:43:40Z "When trying to send emails via `wp_mail()` with a Content-Type of multipart/alternative, the Content-Type header will be set with `$phpmailer->ContentType`, and again with `$phpmailer->AddCustomHeader()`, which causes two Content-Type headers in the email: {{{ Content-Type: multipart/alternative; boundary=""example_boundary"" Content-Type: multipart/alternative; charset="""" }}} This appears to cause errors in Outlook, as there is no boundary on the latter. The cause of this is `PHPMailer::GetMailMIME()`, as it does not know that the email is a multipart email. The easiest way to achieve this appears to be to simply allow the user to set the AltBody via `wp_mail()`. In order to achieve backwards compatibility, `wp_mail()` should work out which part is the text/plain one and which is the text/html one based on the boundary. I'll be working on a patch for this." rmccue 59 15467 Multisite with separate users table has-patch Networks and Sites 3.0.1 normal normal feature request reopened 2010-11-18T09:09:03Z 2024-03-02T16:55:21Z "Hi, I'm using WP with the network option since 3.0 has been released. I think that is very cool, but I think that the user management is not at a good level. At the moment, every user must register to the first site and the admin should 'bring' them to the wanted site. Some plugins (I use Multisite User Management) have been created to try to resolve this problem. My experience in wp-networks teach me that there are two ways to intend a network: - something like wordpress.com - a bounch of sites that are together only for administration purpose. The actual implementation does not respond to any of the previous cases. In fact to be able to use wp-network for the first case, you have to install a plugin that brings your new users across any site of your network, and for the second purpose the actual implementation of wp-network has huge problems. I think that the best way to resolve this, is to ask the user what he wants. During the creation of the network the system does ask the user if he prefers a sub-domain install rather than a sub-folder install. I think it should also ask the user if he prefers an installation with a single user db or a user db for each site. I was thinking which was the best way to manage the two things: for the first case, I think, the actual way is very good (it only needs to create the new user on all sites instead of delegating this to the admin/plugin). For the second case, I think, the best way is to have an user db for each site, each one with different values (yes, a person could register himself on site 5 and appear only in the wp_5_users table). As soon as a user is made super-admin he is 'replicated' on each user table. When a new site is created, the user table of that website will be populated only by the super-admins. I think this would make WP the best CMS/blogging platform ever seen :)" fale 35 15499 Add an index for get_lastpostmodified query OllieJones dev-feedback Database 3.0.1 normal normal Future Release enhancement reviewing 2010-11-19T18:20:31Z 2023-09-27T15:38:07Z "I had a friend (Jools Wills) look over a WordPress site recently, to get a fresh view on what might be optimised, and he noticed a query which might benefit from an additional index on `WP_Posts`. The query `SELECT post_modified_gmt FROM $wpdb->posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1` in `get_lastpostmodified` is run for last modified date in GMT, and currently doesn't use an index. This SQL is run whenever certain types of feed are requested as far as I can see. We added `CREATE INDEX type_status_modified ON wp_posts (post_type, post_status, post_modified_gmt);` and `CREATE INDEX type_status_modified_no_id ON wp_posts (post_type, post_status, post_date_gmt);` and the query runs a lot faster now. The following timings were taken running the first query (`post_modified_gmt`) on a 36,362 row posts table. Note that it doesn't use filesort after the index has been added. ''Before:'' {{{ mysql> EXPLAIN SELECT post_modified_gmt FROM slgr_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1; +----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+ | 1 | SIMPLE | slgr_posts | ref | type_status_date | type_status_date | 124 | const,const | 24718 | Using where; Using filesort | +----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+ 1 row in set (0.03 sec) }}} * 0.21290683746338ms * 0.25690102577209ms * 0.230553150177ms * 0.2274341583252ms * 0.23083996772766ms ''After:'' {{{ mysql> EXPLAIN SELECT post_modified_gmt FROM slgr_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1; +----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+ | 1 | SIMPLE | slgr_posts | ref | type_status_date,type_status_modified | type_status_modified | 124 | const,const | 24718 | Using where | +----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+ 1 row in set (0.00 sec) }}} * 0.00082707405090332ms * 0.00072288513183594ms * 0.00074386596679688ms * 0.00066494941711426ms * 0.00066208839416504ms In `get_lastpostmodified` both these queries are run, so the total savings in my case on a quiet server are nearly 0.5 seconds... worth having, I reckon. I've not created a patch for schema changes before, but I think the only place the change would need to go would be `scheme.php`? Suggested patch attached." simonwheatley 50 15551 Custom post type pagination redirect Query 3.1 normal normal defect (bug) reopened 2010-11-23T21:50:06Z 2022-12-28T06:15:12Z "We seem to be having a problem with a redirect on a custom post page (e.g., http://www.example.com/show/slug/). Everything on the page shows correctly. The template pulls in posts with the following query: {{{ <?php query_posts(array('meta_key' => 'show', 'meta_value' => $show->ID, 'paged' => get_query_var('paged'), 'caller_get_posts' => true)); ?> }}} After the posts we display pagination links (e.g., http://www.example.com/show/slug/page/2/). In our rewrite rules, we include the following rule which should handle these URLs: {{{ 'show/([^/]+)/page/([0-9]{1,})/?$' => 'index.php?show=$matches[1]&paged=$matches[2]', }}} Instead of the page displaying and allowing us to pull in the second page of posts, the browser is being redirected back to the original page (http://www.example.com/show/slug/) with a 301. I see that this is happening inside the redirect_canonical function. The following code in wp-includes/canonical.php replaces /page/2/ with / causing the redirect: {{{ // paging and feeds if ( get_query_var('paged') || is_feed() || get_query_var('cpage') ) { if ( !$redirect_url ) $redirect_url = $requested_url; $paged_redirect = @parse_url($redirect_url); while ( preg_match( ""#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#"", $paged_redirect['path'] ) || preg_match( '#/(comments/?)?(feed|rss|rdf|atom|rss2)(/+)?$#', $paged_redirect['path'] ) || preg_match( '#/comment-page-[0-9]+(/+)?$#', $paged_redirect['path'] ) ) { // Strip off paging and feed $paged_redirect['path'] = preg_replace(""#/$wp_rewrite->pagination_base/?[0-9]+?(/+)?$#"", '/', $paged_redirect['path']); // strip off any existing paging $paged_redirect['path'] = preg_replace('#/(comments/?)?(feed|rss2?|rdf|atom)(/+|$)#', '/', $paged_redirect['path']); // strip off feed endings $paged_redirect['path'] = preg_replace('#/comment-page-[0-9]+?(/+)?$#', '/', $paged_redirect['path']); // strip off any existing comment paging } }}}" cbsad 14 15565 More context for clean_post_cache() spacedmonkey dev-feedback Cache API 3.1 normal normal Future Release enhancement assigned 2010-11-24T17:41:07Z 2022-07-12T09:59:26Z "I'd like more context to be available when the clean_post_cache hook is run. Scenario: I have a plugin caches the post_IDs of most post queries that go through WP_Query. Invalidating that cache is done via the clean_post_cache hook, but requires a bunch of fragile hacks to prevent cache invalidation for things like comment inserts, which update the post's comment_count (which could, in theory, affect a WP_Query, but that's another story). Option 1: Add extra actions to provide context. This is the simpler option. Patch 1 does this for the above scenario. Option 2: Add an optional context parameter to clean_post_cache(). This is more general, but I can't think of anyplace else WordPress uses as similar approach. Patch two." mdawaffe 11 15586 movabletype-importer, trivial: fix no index upload_type warning has-patch Import 3.1 normal normal defect (bug) new 2010-11-26T00:43:46Z 2019-06-04T20:02:24Z "movabletype-importer, trivial: fix no index upload_type warning ENV: http://plugins.svn.wordpress.org/movabletype-importer/trunk r315664" lloydbudd 2 15667 wp_list_pages, if it finds no pages to display, shows random child pages instead because of a bug in get_pages() jackreichert needs-unit-tests Query 3.0.2 normal minor defect (bug) assigned 2010-12-03T19:12:46Z 2019-06-04T20:41:37Z "How to reproduce:[[BR]] - About page is published - additionally, there is a number of parent pages[[BR]] - these each have a number of children[[BR]] - when calling wp_list_pages(), the ""exclude"" attr excludes all parent pages, and display only the About page. This works as long as there is at least 1 other page published that is not in the list of excluded IDs. In this example, as soon as the About page is set to ""draft"", wp_list_pages stops working correctly. So... with no other pages besides the excluded ones published, we do this: 1) wp_list_pages('title_li=&depth=1&exclude=3,5,7'); => wp_list_pages SHOULD return nothing, but instead it displays all child pages of the first parent page ID in the ""exclude"" attr (here: 3). Now we now add the ""exclude_tree"" attr just for fun: 2) wp_list_pages('title_li=&depth=1&exclude=3,5,7&exclude_tree=3,5,7'); => should again return nothing, but instead, it displays the first-ever published child page globally (here: a child page of 5). It looked like random behavior at first but I've been able to identify the above pattern. I'm guessing it's a failing condition somewhere in the function." bobsoap 16 15691 Network admin should have its own settings API needs-unit-tests Networks and Sites 3.0 normal normal Future Release feature request new 2010-12-05T19:31:17Z 2017-09-07T10:27:33Z preferably using options.php and the same API as normal admin, this way making a plugin multisite compatible (ie. adding a Network admin screen to it) would be much easier. joostdevalk 25 15706 Allow wildcarded domains in multisite limited email domains westi Login and Registration normal normal enhancement reviewing 2010-12-06T18:59:24Z 2019-06-04T20:02:25Z "Here at blogs.law.harvard.edu, we want to allow all harvard.edu subdomains to create blogs in our multisite install. There are hundreds of domains and it would be difficult to get a complete list because of the complexity of our DNS infrastructure. I propose allowing the inclusion of a single prefix wildcard character in the limited email domains feature. If a limited email domain contains a ""*"", we would create a regex and match that specific entry via a wildcard. So ""*.harvard.edu"" would match ""cyber.law.harvard.edu"", ""fas.harvard.edu"", etc. To match the root TLD, you'd just manually enter ""harvard.edu"". We have a variant of this applied as a core hack to our wordpress install at http://blogs.law.harvard.edu and it's been working fine for years. I will package it up as a patch if there's interest. Thoughts? I don't think it'd make sense to allow embedded wildcards (dom*ain.org)." djcp 34 15729 Better UX after supplying incorrect information to setup-config kapeels* has-patch Upgrade/Install low normal Future Release enhancement accepted 2010-12-08T07:19:24Z 2022-07-12T17:33:57Z "In #15682 I added a 'Try Again' button to step 2 of setup-config.php if the credentials were incorrect. The button is a simple link with a `javascript:history.go(-1)` hack. This should instead be a form with hidden values that submits back to setup-config.php?step=1, and fills out the form so they can try again. Additional enhancement: If the prefix is malformed (can only contain letters, numbers and underscores), we do a wp_die(). We should again have a form with a 'Try Again' button that returns them. As an added bonus, incorrect credentials should be filled out (for reference) but marked as incorrect and potentially with the focus set on that field. Only caveat I can think of: This will require the use of esc_attr(), which we don't have access to yet. Not sure how to solve that without reverting to htmlspecialchars() with some extra work." nacin 9 15760 "LiveJournal Importer mishandles some <lj-cut> and <lj user=""""> expressions" westi dev-feedback Import normal normal WordPress.org defect (bug) assigned 2010-12-10T04:45:17Z 2017-05-23T15:16:47Z "There is a note on plugins.trac ticket 1231 that says this should be handled in core.trac instead, so I'm cross-posting it here. The patch and ticket were originally added by a-bishop: http://plugins.trac.wordpress.org/ticket/1231 Reproduction steps: 1. Create a LiveJournal? entry that has <lj user=""foo"" /> in it. Note that this is XML-ish 2. Try to use the livejournal-importer on this post. Bug The <lj user=""foo"" /> gets ignored because the regular expression is too strict. I've attached a patch that makes LiveJournal? Importer recognize the XML-ish version. Patch:[[BR]] http://plugins.trac.wordpress.org/attachment/ticket/1231/livejournal-importer.patch" designsimply 2 15761 Bulk editing on posts without Javascript enabled results in the post being set to draft garyc40 Quick/Bulk Edit 2.9 normal normal defect (bug) assigned 2010-12-10T09:03:35Z 2019-06-04T21:06:13Z "Currently, Bulk editing is available without JavaScript being enabled. The result of attempting to edit a post, is a redirect back to the posts page with the post being marked as a draft. No UI is offered for bulk editing. This behaviour exists in trunk, 3.0, and 2.9 from my testing (havn't tested earlier versions). The Bulk editing screen appears to work without Javascript for modification submittal, so it's possible that a non-js version would be possible." dd32 6 15784 Contributors can't easily view others' posts in a certain term has-patch Posts, Post Types 3.0 normal normal defect (bug) new 2010-12-12T11:38:39Z 2019-06-04T20:41:39Z "As a contributor, the default tab is 'Me', not 'All'. But you can go to 'All' and see a list of all posts. At that time, you can also search for posts, and filter by category, date, etc. Those all work fine. You can also filter by category or tag by clicking a term in those columns, but this doesn't work -- all_posts=1 gets removed, and you end up seeing the 'Me' tab again. You can manually append all_posts=1, but there's no way to actually filter by term viewing all posts via the UI. Interestingly, the author query var works. That'd be bad if it didn't. But it doesn't append all_posts=1, so it's done internally." nacin 4 15801 Network Admin: Deactivated / Deleted inconsistency dev-feedback Networks and Sites 3.1 normal normal Future Release defect (bug) assigned 2010-12-13T18:12:54Z 2023-06-10T12:03:52Z "Under the Sites screen, there are distinct inline links for Deactivate and Delete. However, when a site is deactivated, it is referred to as deleted in: * Sites screen inline status * Edit Site screen attributes section * Error page for non-admins visiting the site" kawauso 21 15833 Script concatenation fails to take external dependencies into account. Script Loader 3.0 normal normal Future Release defect (bug) new 2010-12-15T17:35:17Z 2019-05-21T10:42:05Z "Script concatenation places the concatenated script include first, before any scripts loaded separately. If one of the scripts in the concatenation relies on a script outside the concatenation the dependency order is ignored. When the dependencies are all internal to the concatenation things work fine (for example script4 relies on script3): * concat=script1,script2,script3,script4,script5 But when script3 is loaded externally, script4 will break: * concat=script1,script2,script4,script5 * external-script3 This becomes apparent if jQuery is loaded from a non-standard location (via a plugin or the [http://codex.wordpress.org/Function_Reference/wp_enqueue_script#Load_a_default_WordPress_script_from_a_non-default_location code from the Codex]) in that the visual editor fails to function correctly because source:/trunk/wp-admin/js/editor.js uses jQuery (which it fails to register as a dependency, see ticket:15830, but when I fixed that locally the results were the same). I'm working around this in [http://wordpress.org/extend/plugins/use-google-libraries/ Use Google Libraries] by globally disabling concatenation, but it would be nice if this was fixed. If possible, it would be nice if the loader was smart enough to do something like: * concat=script1,script2 * external-script3 * concat=script4,script5 Or at least flagged the script with the dependency as unsafe for concatenation: * concat=script1,script2,script5 * external-script3 * script4 " jczorkmid 15855 Dropdown isn't shown when doing a user 'removal' jeremyfelt Users normal normal defect (bug) assigned 2010-12-16T23:38:12Z 2023-04-09T05:27:14Z "Steps to reproduce: 0. Have a MultiSite install 1. Go to wp-admin/users.php and delete a user 2. A confirmation screen appears, with only a ""Confirm"" button. Expected behaviour: The user dropdown is shown, asking to assing the user's posts to a different user. Currently, you end up with authorless posts." scribu 46 15861 Sorting users by post count dev-feedback Users normal normal defect (bug) new 2010-12-17T10:21:24Z 2019-06-05T06:37:48Z "Currently, to enable sorting by post count, there's a JOIN made between the users table and the posts table. This is bad, because users is a global table, which might be stored in a separate database. Short-term solution for 3.1 is to disable sorting. Long-term solution is to avoid the JOIN somehow. " scribu 10 15865 Make it easy to disable options / user settings has-patch Options, Meta APIs normal normal Awaiting Review enhancement reopened 2010-12-17T17:52:29Z 2023-07-27T18:09:44Z "We have a wonderful option white listing system. The one thing it doesn't support is hiding the ui of core options if you don't want them changed. We should have a generic way of doing this." westi 24 15906 validate_plugin needs all_plugins filter has-patch Plugins normal normal defect (bug) new 2010-12-20T03:13:12Z 2019-06-04T20:41:40Z "If a plugin adds plugins to the plugin list in the plugin admin screens using the all_plugins filter, the added plugins will not validate. If the all_plugins filter is added to the validate function, then the plugin validates and activates fine. " wpmuguru 9 15918 wpautop() breaks inline tags on the same line as block tags dunno Formatting 3.0.3 normal normal defect (bug) new 2010-12-20T16:01:31Z 2019-06-04T19:43:17Z "Hi guys! I've got latest WP installation (3.0.3) and found strange bug in posts parser. Create article with following HTML: {{{ <div class=""wassup""><a href=""#"">WP IZ ASSUM</a></div> }}} Browser will get: {{{ <div class=""wassup""><a href=""#"">WP IZ ASSUM</a></div> }}} All seems to be fine! Now get rid of unnecessary div. Create article with following HTML: {{{ <a href=""#"">WP IZ ASSUM</a> }}} Browser will get: {{{ <p><a href=""#"">WP IZ ASSUM</a></p> }}} Dunno why there is extra <p> but who cares. All seems to be OK. Create article with following HTML: {{{ <figure><a href=""#"">WP IZ ASSUM</a> </figure> }}} Browser will get: {{{ <figure><a href=""#"">WP IZ ASSUM</a><br /> </figure> }}} Now isn't that cool? But check what is even cooler! Create article with following HTML: {{{ <figure><a href=""#"">WP IZ ASSUM</a> <figcaption>NO IT'S BUGGY AS HELL</figcaption> </figure> }}} Browser will get: {{{ <figure><a href=""#"">WP IZ ASSUM</a></p> <figcaption>NO IT’S BUGGY AS HELL</figcaption> </figure> }}} Wow! Say hello to invalid markup and rendering problems! Auto-closing of tags turned off. No matter of the settings I still get this nice messed up html. WYSIWYG turned off also." retrib 12 15924 Add 'media_default_link_type' option to parallel 'image_default_link_type' dev-feedback Upload normal normal Future Release enhancement new 2010-12-20T21:12:12Z 2019-05-15T20:48:42Z "It is often recommended that site owners change the 'image_default_link_type' option to ""none"" if they don't plan on linking to full size images often from their posts. The problem is that this also affects the default link type for other media (uploaded zip files, pdfs, etc.) Adding an additional option for 'media_default_link_type' which behaves in the same way would get around this problem. " goldenapples 6 15930 Make trashed posts/pages still readable Posts, Post Types 2.9 normal minor enhancement new 2010-12-21T10:32:30Z 2019-06-04T20:41:42Z "I hoped I was able to see the pages which I delete (in the trashbin) but the all stay dark... So I can't view them! I think it would be a good feature to see them to see if somebody didn't delete the wrong page! Or when you need something form a deleted page that you can still get it without restoring it first" JonezJeA 10 15953 when category slug is changed, old uri also should redirect to new, as post uris do SergeyBiryukov dev-feedback Permalinks normal normal Future Release feature request reviewing 2010-12-22T18:51:10Z 2023-05-25T14:45:21Z when category slug is changed, old uri also should redirect to new, as post uris do qdinar 8 15955 move_uploaded_file mangles non-ascii characters on Windows platforms SergeyBiryukov* close Upload 2.0 normal major Awaiting Review defect (bug) accepted 2010-12-22T22:15:46Z 2018-07-09T19:14:56Z "The `sanitize_file_name` function is not filtering alot of character entities like the degree symbol, this results in invalid media item paths, see the attached images. wp-includes/formatting - Line 677 {{{ $special_chars = array(""?"", ""["", ""]"", ""/"", ""\\"", ""="", ""<"", "">"", "":"", "";"", "","", ""'"", ""\"""", ""&"", ""$"", ""#"", ""*"", ""("", "")"", ""|"", ""~"", ""`"", ""!"", ""{"", ""}"", chr(0)); }}} This array is not dealing with invalid entities that could be used in a filename, and the regular expression further down is not catching these either. wp-includes/formatting - Line 700 {{{ if ( preg_match(""/^[a-zA-Z]{2,5}\d?$/"", $part) ) { }}} See attached images, i used 4 varying names with unusual entities in them(each a copy of a sample jpg image). Using a filter on the valid chars array results in the extension getting stripped off but the file still makes it through the upload routine however(which is worrying). I'm no file validation expert, so i'm not sure if this is a critical problem(marked as normal), i'll leave this for you chaps to decide. '''NOTE:''' Ignore my hostname in the screenies, it's a 3.0.3 installation, i'm just lazy with updating my virtual host settings. See screenshots for steps to reproduce(just create a file with some dodgy character entities and upload it basically)." t31os_ 48 15971 Add ability to rate and report compatibility of plugins from wp-admin Plugins 3.1 normal normal Future Release feature request new 2010-12-24T08:25:27Z 2019-04-08T19:34:03Z "For the millions of downloads some plugins get there are way to few ratings on them. I think the ability to rate and report the compatibility of plugs from the backend dashboard page would dramatically increase participation in rating. This could be accomplished most easily placing a link to the ""details"" of a plug-in (like the one that appears while searching for a plug-in) after it is installed on plugins.php. This could be accomplished even more effectively by showing direct link next to each listing on the plugins.php page link stars/compatibility and link text reading ""rate now or ""report compatibility now""... For reference I point you to the excellent new to FireFox 4 (beta) add-on compatibility reporting features. " jb510 14 15981 Quick edit (and other actions) need to cancel AJAX actions garyc40 has-patch Quick/Bulk Edit 3.1 low normal Future Release defect (bug) assigned 2010-12-26T05:17:36Z 2018-05-14T16:46:46Z "Right after you click to paginate, sort or try to search something, you may be inclined to click another link on the page. This happens often when I'm browsing, and on a server with a relatively slow AJAX round trip, it can happen quite commonly. Problem: If you open Quick Edit, then the ajax results should noop. There might be other actions, but this one in particular does not lead to another page (which obviously would kill the ajax). The reverse is also an issue. You can search, paginate, or sort when Quick Edit is open, and you lose your edit. This might be bad when quick editing a comment, as you could be losing actual content. Searching and paginating might be explicit actions, but it's not difficult to accidentally click a th and trigger a sort, especially if the first row's quick edit (or bulk edit) is open. I'm not sure what to do here, other than a JS popup for any time a Quick/Bulk Edit is open, asking you if you want to lose your changes. So again, two things: - Kill the AJAX action if Quick Edit is opened. I would consider this lower priority. - 'Lose your changes' confirmation for quick edit and bulk edit before an AJAX action. (We can probably fire the AJAX action and trigger the alert simultaneously, but delay processing the results until the confirm() is true.)" nacin 5 15993 Sort arrows improperly wrap on narrow columns Posts, Post Types 3.1 normal normal defect (bug) reopened 2010-12-27T06:14:21Z 2019-06-04T20:41:43Z Specifically, I noticed the 'Posts' column on a taxonomy screen (or 'Links' for link categories, etc). nacin 23 16001 Invited but not activated users can get lost Users 3.0 normal normal Future Release defect (bug) new 2010-12-27T22:37:15Z 2022-02-09T10:01:31Z "Steps to reproduce: * In ''Site Admin'', go to Users > Add New * Add a new user * You get a message to the effect of, said user needs to respond to an invitation. Now the user has disappeared. There's no way for a super admin or anybody to search for that user and add her directly, or delete her, or anything like that. If the user doesn't get the email, she's out of luck: that username and email are now reserved for ""a couple of days.""" filosofo 33 16020 Upload custom avatar for user in Dashboard whyisjake* has-patch Users normal minor Future Release feature request accepted 2010-12-29T08:07:53Z 2023-11-17T17:37:53Z "It would be nice to be able to upload a custom avatar for a user in the WordPress Dashboard rather than making each user sign up for a Gravatar account and upload the image to that account. " computerwiz908 127 16101 Numeric term fields are strings needs-unit-tests Taxonomy normal normal defect (bug) new 2011-01-04T23:25:00Z 2020-11-10T16:15:04Z "The numeric fields (term_id, parent, etc.) on term objects are strings. I only noticed this because term_exists() uses is_int() to determine if the $term value is an ID or slug. Only ticket I could find about this is #5381. sanitize_term() should fix this, but it bails early in the ""raw"" context. sanitize_term_field() sanitizes the numeric fields in every context. I don't see a reason for sanitize_term() to bail early so I made a patch that takes that out. The patch also adds some missing fields to the list of those to be sanitized and changes term_exists() to use is_numeric() (which will correctly identify strings containing only numbers) instead of is_int(). " foofy 12 16126 Multisite name conflict check doesn't check for pages. Permalinks 3.0 normal normal defect (bug) new 2011-01-06T19:11:19Z 2019-06-04T20:41:45Z "Running WP 3.1-RC2 I made a page off my main site called foobar. Then I went in and made a sub-site (using SubFOLDERS) called foobar. The subsite took precedence and there was NO check or warning. I was able to reproduce this on 3.0.4 Then I went the otherway. I have a subsite called camels (don't ask). I went to make a PAGE called camels and it also let me. No conflict check. Basically you have to add the main blog page names into the banned names list manually, which strikes me as a bit odd. I can see why checking that would be onerous if someone had 600 million pages (and we all know they do) but forcing people to do it manually seems like a gap. Need love! :D This is minor, since not a lot of people have bitched, so clearly we're not running into it YET." Ipstenu 5 16133 "Pagination issue with tag ""rss""" dev-feedback Canonical 3.0 normal normal defect (bug) new 2011-01-07T09:39:10Z 2019-06-04T19:22:09Z "When posts use ""RSS"" as a tag, and the /tag/rss/ page has more posts than it is set to display on one single page, the link to page 2: /tag/rss/page/2/ is redirected to: /category/page/2/ Tested on Paolo Belcastro test WordPress.org : http://test.belcastro.com/tag/rss/ Running 3.1-RC2-17229 with only Debug Bar plugin activated This is not theme related, same behaviour with TwentyTen or Thematic on this install." paolal 3 16147 MT Importer truncates double vertical spaces, munging paragraphs together Import 3.2.1 normal normal defect (bug) reopened 2011-01-07T22:25:47Z 2019-06-04T20:02:27Z "Movable Type 3.x-era exports don't use '''<p>''' tags. Like TinyMCE (and WordPress), a '''<p>''' in final rendered code is represented by two '''\n'''s in a row. The importer strips out double '''\n'''s and replaces with a single '''\n'''. This causes paragraphs to lose their distinction upon import. It does this because the '''$line''' variable was created by '''$line = $this->fgets($handle)''' (line 339). Then '''$line = trim($line)''' (line 340) strips out several characters, including '''\n'''. Lines 455 and 456 add back the '''\n''' ''except'' on blank lines: {{{ if( !empty($line) ) $line .= ""\n""; }}} So if a '''$line''' was nothing but a '''\n''', it's stripped by the '''trim''' function and becomes a 0 character line. Then the '''if( !empty($line) )''' declines to add back a '''\n'''. Somehow this needs to be altered so that successive '''\n'''s aren't stripped. Otherwise paragraphs get vertically munged together." novasource 10 16156 update-core is oblivious to api.wp.org being unreachable dev-feedback Upgrade/Install normal normal defect (bug) new 2011-01-08T09:51:38Z 2020-09-17T18:31:46Z "A server running 3.0.4 had trouble reaching *.wordpress.org for some unknown reason. (This wasn't during the brief api.wp.org outage, and it worked otherwise.) Problem is, update-core was completely oblivious to this. It's even worse when running 3.1, because the 'Check Again' button will refresh the page and tell you we last checked for updates *just now*. Try Again or Check Again should reflect that the API is unreachable when this can be determined. Claiming that we checked for updates is also really lame, so we should see if the transient tells us how long it's been since the last one. Side note, the plugin install et al. HTTP error messages are rather cryptic, and we should also make those more user friendly." nacin 20 16165 Media Library Bulk Delete: Error in deleting... nacin dev-feedback Media 3.1 normal normal enhancement assigned 2011-01-09T14:20:39Z 2019-06-04T20:02:28Z "While Bulk Deletion, when a user gets the ""Error in deleting..."" message, there is no information given of how many elements have been deleted so far. Let's say there was a bulk of N deletions, getting this error can mean up to N-1 items have been deleted already. Same is the case if for some item, no permissions are granted to delete it. The number of successfully deleted items is missing as well." hakre 9 16185 Bulk Actions Dropdown Box JS Sync Ajax-Tables has-patch Plugins 3.1 normal normal Future Release enhancement new 2011-01-11T11:15:33Z 2018-04-30T16:56:35Z "It would be an increase in usability - if JS is enabled - to sync the changes between the bulk-action-drop-down on top of the table with the one below the table. In my scenario I increased the amount of entries to over 100. So you need to scroll. So to set the bulk action on top and then you might think twice, need to check something, scroll down to the list to check the last entry and you want to press the bulk submit down below. That combo box is still on the default value right now. To spare additional clicks, it would be nice that it got synched with the one on top. Related: #14579; #15580" hakre 6 16191 Uploaded files with quote marks in the filename are undisplayable in MS dev-feedback Upload normal normal Future Release defect (bug) reopened 2011-01-11T19:28:49Z 2019-11-03T18:40:43Z "If you upload a file with quote marks in the filename, e.g. `""Test"".jpg`, WordPress records the filename as `%22test%22.jpg` but the file is called `""Test"".jpg` (on 'nix-like systems anyway) so is undisplayable. I'm unsure about the implications (security and otherwise) of my suggested patch (attached), so please give feedback. (I guess the other approach would be to retain the url-encoded characters and ensure that the file is named with the URL encoded version of the filename.)" simonwheatley 9 16216 Hide core updater if running an svn checkout has-patch Upgrade/Install normal normal enhancement new 2011-01-13T07:26:33Z 2019-06-04T21:06:21Z The logic with this patch is if you are running an svn checkout, do not display the core updater code and instead display a reminder. johnjamesjacoby 17 16230 Category slugs not cut at 200 characters as it should under some conditions Taxonomy 3.1 normal normal defect (bug) new 2011-01-14T14:10:23Z 2019-06-04T21:06:22Z "When a category name is longer than 200 characters, it is cut to 200 and so is the slug automatically created upon category creation. Now, if you edit the category name or slug afterwards, again trying to set a name longer than 200 characters it is cut again. But, if you edit the name or slug and use a very long string like this one: %d1%85%d1%80%d0%b0%d0%bd%d0%b0/%d1%80%d0%b5%d1%86%d0%b5%d0%bf%d1%82%d0%b8/%d0%b4%d0%b5%d1%81%d0%b5%d1%80%d1%82%d0%b8-%d1%80%d0%b5%d1%86%d0%b5%d0%bf%d1%82%d0%b8-%d1%85%d1%80%d0%b0%d0%bd%d0%b0/%d1%81%d0%bb%d0%b0%d0%b4%d0%ba%d0%b8%d1%88%d0%b8-%d0%b4%d0%b5%d1%81%d0%b5%d1%80%d1%82%d0%b8-%d1%80%d0%b5%d1%86%d0%b5%d0%bf%d1%82%d0%b8-%d1%85%d1%80%d0%b0%d0%bd%d0%b0-%d1%80%d0%b5%d1%86%d0%b5%d0%bf%d1%/ Then the slug ends up being longer than the 200 chars limit. Now if on the Categories list dashboard page you have more categories than visible on one page, and the category you edited above is not on page 1, the page it is on will appear empty (while successive pages will be all right if they contain regular categories) This has been reproduced on 3.1-RC2-17283" paolal 3 16243 Unhelpful error messages when updating default category Taxonomy 3.0.4 normal normal enhancement new 2011-01-15T12:23:36Z 2019-06-04T21:06:24Z "If we try and change the default category slug to one that has already been used we get conflicting error messages between quick edit and full edit. If you use Full Edit you're simply told ''Item Not Updated'' however, if you use quick edit, you are informed that the slug has already been used. The full edit error message is, I think, on line 223 of wp-admin/edit-tags.php - I'm unable to find where the error message for the quick edit functionality is, however. Having correct and useful copy in error messages is vital, especially for relative newcomers to WP. This oversight was found by Relly Annett-Baker (@RellyAB on twitter) - one of the best copy writers and content strategists out there. Perhaps we could look at overhauling the error messages and ask (someone like) Relly to give them a once-over or offer advice on them." iamfriendly 7 16252 Allow comment reparenting to fix poor threading has-patch Comments normal normal Future Release feature request new 2011-01-15T23:12:25Z 2023-11-23T06:26:37Z "For the OCD among us, it would be super nice to be able to edit the comment_parent, to properly thread comments made in the wrong place/threading order. Choose your own UI, but even just a numeric editor in the Quick Edit area would be a huge enhancement." Otto42 25 16293 In multisite installs, users with id 1 can't be deleted needs-unit-tests Users normal normal Future Release defect (bug) reopened 2011-01-19T00:21:34Z 2024-02-08T20:18:09Z "You can't delete a user with user id of 1. See: source:trunk/wp-admin/network/edit.php@17326#L359" PeteMall 37 16365 Comment transition for new comments needs-docs Comments 3.1 normal minor enhancement new 2011-01-24T21:07:46Z 2019-06-04T19:22:11Z "As far as I can tell wp_transitions_comment_status() does not get called for new 'comments' based on my testing and review of comment.php in wp-includes. There is a similar transition for posts that gets called for new 'posts' including hooks like 'new_to_publish' and 'new_to_private'. I feel that there should be a similar hook to this form comments so that plugins can hook into new comments differently from comments moved from one existing status to another (like comment_unapproved_to_approved'." MattyRob 24 16392 Quick Edit API should allow to pick up custom field values automatically Quick/Bulk Edit 3.1 normal normal enhancement new 2011-01-27T22:22:10Z 2019-06-04T21:06:26Z "Attached are two screenshots of the same plugin in 3.0 and 3.1. The plugin code is unchanged between the two. Only WP gets an svn switch. I'm investigating where it's coming from, but as you can note from the screenshots 3.0 lists nada for that plugin on the one hand side, while 3.1 lists actual fields and leaves them blank. The latter causes data loss when Quick-Editing a row. Cross-referencing ticket references: http://code.google.com/p/wp-e-commerce/issues/detail?id=327 Plugin SVN: http://svn.wp-plugins.org/wp-e-commerce/branches/3.8-development " Denis-de-Bernardy 13 16396 Add a hook to the theme editor page when the write is successful Themes 3.1.3 normal normal enhancement new 2011-01-28T17:29:35Z 2019-06-04T21:06:27Z Add a filter to the end of theme-editor.php's processing when the write is successful. scottconnerly 7 16404 WordPress Importer fails to import images reporter-feedback Import 3.0.4 normal normal defect (bug) new 2011-01-29T00:42:28Z 2019-06-04T20:02:31Z "WordPress Importer fails to import images and update image src urls when download and import file attachments is checked. WordPress MS with images in a post via Media using WP image mapping, e.g. image url: http://site.domainname.com/files/2011/01/myimage.jpg Fails to download, import and update image src url. All image src urls remain intact from the old domain name. If you change the image source to specific directory rather than the WP uploads directory: e.g. image url: http://site.domainname.com/images/myimage.jpg Images are downloaded and imported to media but it fails to update image src url in posts. All image src urls in posts remain intact from the old domain name. I tested this on clean install of WP 3.0.4 MultiSite with TwentyTen theme and no other plugins activated." wlpdrpat 7 16413 Settings page needs HTML refactoring and UI improvements joedolson* Administration 3.1 normal normal Future Release enhancement accepted 2011-01-30T20:22:09Z 2023-11-10T16:20:51Z "The settings pages haven't had much attention or improvement in a while. We need to refactor the HTML on the settings pages, as they are still using tables instead of divs. We also want to make some minor UI improvements including: - clearer differentiation between option groupings - using consistent text styles for descriptions and links (including the time zone/date format comment) - restructure for better readability Comment if you have any other" chexee 61 16415 Don't require CPTs to have archives in order to have feeds has-patch Posts, Post Types 3.1 normal normal enhancement new 2011-01-30T22:58:47Z 2019-06-04T20:41:47Z "When archives and feeds were added to custom post types (see #13818) it was set up so you had to have archives (has_archive) in order to have feeds (rewrite[feeds]). There are some situations where it would be nice to have feeds but archives aren't needed." aaroncampbell 16 16418 get_plugin_data() doesn't apply kses when $markup and $translate are false dd32* close Plugins 3.0.4 normal normal defect (bug) accepted 2011-01-30T23:45:23Z 2019-06-04T20:41:49Z "`get_plugin_data()` uses `_get_plugin_data_markup_translate()` to apply kses, but this isn't invoked if $markup and $translate are both false. This behaviour is rather unexpected, since kses application isn't controlled directly by either parameter." kawauso 3 16443 We need a way to programmatically tell if we are in a sidebar dev-feedback Widgets 2.2 normal normal Awaiting Review feature request new 2011-02-02T20:10:28Z 2022-07-15T16:12:27Z There is currently no way to tell if you are in_a_sidebar or doing a widget which makes me a sad stallman lookalike. jorbin 7 16445 Fix incompatibilities with IDs greater than 2^31 Import 3.1 normal normal defect (bug) new 2011-02-03T01:03:24Z 2019-06-04T20:02:33Z "For various reasons, things go bad when you get a post ID greater than 2^31^. When we're importing content and there's an existing ID, I suggest we ignore it if possible if it's too big. Tumblr2WordPress for example maintains the Tumblr IDs and causes problems in WordPress." Viper007Bond 10 16460 Category/tag converter should support all public taxonomies Import 3.0 normal normal Awaiting Review feature request new 2011-02-05T04:56:39Z 2022-07-15T16:27:46Z The category to tag converter should let you convert terms to custom taxonomies, if any are defined. I'm attaching a rewrite of the plugin based on 1.5.2, which included support for post formats. sillybean 8 16478 """Get Shortlink"" button disappears if you edit the permalink" has-patch Editor 3.0 normal normal Future Release defect (bug) reviewing 2011-02-07T08:44:02Z 2021-09-22T13:25:54Z "Go to edit a post and change the permalink. The ""Get Shortlink"" button is overwritten by the AJAX response. I think it's a simple case of moving where the shortlink is added, see patch." solarissmoke 13 16482 Visibility: password-protected breaks with redirected domains dev-feedback Login and Registration 3.0.4 normal normal defect (bug) new 2011-02-07T18:58:45Z 2019-06-04T20:02:37Z "Pre-requisite to reproduce: domain.com must redirect to www.domain.com (haven't tested with other subdomains than www, but I'm sure it would be the same). 1. password protect a page 2. visit domain.com/protected (which redirects to www.domain.com/protected) 3. enter password 4. something about the redirect OR the way the password is stored/checked is broken; you are redirected to the wp-admin (WordPress login) page. Sanity check: 1. password protect a page 2. visit www.domain.com/protected (requiring no subdomain redirect) 3. enter password 4. successful log-in " monkeyhouse 10 16483 Visibility: password-protected exposes multiple pages dev-feedback Security 3.0.4 normal normal Future Release defect (bug) new 2011-02-07T19:02:15Z 2022-01-30T16:40:27Z "1. password protect a page ('protected') with a password 2. password protect another page ('thistoo') with the SAME password 3. visit 'protected' and enter the password. Page is visible 4. visit 'thistoo'; expected: prompt for password. What happens: Page is visible Regardless of whether someone with a password has the right to try it in as many pages as they want (and would therefore successfully see the page if the passwords were the same), the user should still be prompted on a page-by-page basis. Global authentication to multiple pages is possible with user accounts and roles. It should not be possible with visibility: password-protected pages." monkeyhouse 33 16495 Make iso8601_to_datetime a bit more compliant Formatting 3.0.5 normal normal defect (bug) new 2011-02-08T19:37:09Z 2019-06-04T19:43:19Z With a valid ISO 8601 date string with dashes in the date or decimal fractions for seconds, this function will fail to parse it correctly. The attached patch updates the regex to optionally accept dashes and decimal fractions for seconds (which are ignored). It also uses a variable for the regex since it was duplicated. chrisscott 4 16576 comment_form() fields being displayed only for non logged in users has-patch Comments 3.0.5 normal normal enhancement new 2011-02-16T18:15:44Z 2019-06-04T19:22:16Z "I've just noticed this - When using the '''comment_form()''' function and adding some comment meta fields,using the fields array in the $args, these fields are being showed in the front-end only for non logged in users. In this case, the registered users can never use these comment fields. Look at wp-includes/comment-template, lines 1561-1573 (WP 3.0.5), it parse the $args['fields'] in the else block - {{{ <?php if ( is_user_logged_in() ) : ?> <?php echo apply_filters( 'comment_form_logged_in', $args['logged_in_as'], $commenter, $user_identity ); ?> <?php do_action( 'comment_form_logged_in_after', $commenter, $user_identity ); ?> <?php else : ?> <?php echo $args['comment_notes_before']; ?> <?php do_action( 'comment_form_before_fields' ); foreach ( (array) $args['fields'] as $name => $field ) { echo apply_filters( ""comment_form_field_{$name}"", $field ) . ""\n""; } do_action( 'comment_form_after_fields' ); ?> <?php endif; ?> }}} I think it is better that added meta fields should be displayable for all users (logged in and not logged in), or even to add a parameter to let the developer decide which extra fields are shown to logged or not logged users. " maorb 11 16600 AdminMenu rendering code chokes on uppercase Posts, Post Types 3.1 normal minor defect (bug) reopened 2011-02-20T02:43:25Z 2019-06-04T20:41:50Z "When registering custom taxonomies for a custom post type, if the post type name contains uppercase letters, the menu items for the custom taxonomies are not shown. It looks like the post type name is lowercased in some parts of the core code (but no all) and so string comparisons fail. Just isolated this behaviour, so I'm still not sure how much of the core this affects. Moreover, when I saved posts with the intended mixed-case name, they have been saved to the DB with lowercased post_type It it is indeed the intended behaviour, a note should be added to the Codex: ""Custom Post Type names must be lowercase"" The attached sample (real) code reproduces the problem by setting ""post_type_tag"" to ""DomainName"" instead of ""domain_name"". Numbers work properly, however. Tested with latest SVN (RC4 + r17467)" jltallon 14 16612 WordPress should return nocache headers for requests with comment cookies dev-feedback Comments normal normal enhancement new 2011-02-21T22:45:21Z 2019-06-04T19:22:17Z "Most themes, when displaying the comment form, change the HTML to pre-fill username, email address, and website when comment cookies are received in the HTTP request. Since the response does not have explicit nocache headers, per RFC2616 (http://www.ietf.org/rfc/rfc2616.txt) intermediate caches can use heuristics to determine the cache TTL for the response. Since there is 0 freshness data in the response, it is not really possible to perform good heuristics, but in practice, caches will assign a default TTL to this type of response. The result is that private information input by user A when submitting a comment can be returned to user B when making a request for the same URL. To protect ourselves against this, we should call nocache_headers() when comment cookies are sent and the comment form is being displayed. Alternatively, we can send nocache headers for all requests with comment cookies regardless of the comment form being displayed or not (probably easier and maybe safer). http://humboldtherald.wordpress.com/2011/01/27/gremlins/ is a story likely caused by an aggressive cache and the lack of nocache headers." barry 7 16613 Extend Widget API to allow sidebar/widget manipulation Widgets 3.1 normal normal enhancement new 2011-02-21T22:55:17Z 2019-06-05T06:37:51Z "There is currently no easy way to add a widget to a sidebar using code. We should add methods of doing this. A good example usage of such an API could be when a new theme is activated, it could add it's custom widgets to it's sidebar. API should provide support for adding widget X to sidebar Y (or even just the first sidebar) along with setting some options for the widget and where in the sidebar to add it (top vs. bottom)." Viper007Bond 7 16706 "Queries using ""category__and"" are slow on large databases" chriscct7 has-patch Query 3.1 normal normal enhancement assigned 2011-02-28T22:20:52Z 2019-06-04T20:41:52Z "Summary: Using ""category!__and"" in query_posts() generates a dependent subquery in MySQL with extremely poor performance (""Using temporary, Using filesort"") when one of the categories has a large number of posts. The result is so slow that WordPress appears to completely hang. Changing the query structure avoids the filesort and solves it. Details: We have a customer doing this as part of a theme in WordPress 3.1: {{{ query_posts(array( ""category__and"" => array(1, 461), ""posts_per_page"" => 6 )); }}} The database is fairly large. There are 45,610 posts in category 1, and 167 posts in category 461. The resulting database query runs for so long that it effectively hangs (it doesn't finish within 30 minutes). The generated MySQL query looks like: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.* FROM wp_posts WHERE 1=1 AND ( wp_posts.ID IN ( SELECT object_id FROM wp_term_relationships WHERE term_taxonomy_id IN (1,461) GROUP BY object_id HAVING COUNT(object_id) = 2 ) ) AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 6; }}} An ""explain"" on this query shows that it generates a dependent subquery that devolves to a filesort: {{{ +----+--------------------+-----------------------+-------+------------------+------------------+---------+-------------+-------+-----------------------------------------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+--------------------+-----------------------+-------+------------------+------------------+---------+-------------+-------+-----------------------------------------------------------+ | 1 | PRIMARY | wp_posts | ref | type_status_date | type_status_date | 44 | const,const | 8177 | Using where; Using index | | 2 | DEPENDENT SUBQUERY | wp_term_relationships | range | term_taxonomy_id | term_taxonomy_id | 8 | NULL | 25665 | Using where; Using index; Using temporary; Using filesort | +----+--------------------+-----------------------+-------+------------------+------------------+---------+-------------+-------+-----------------------------------------------------------+ }}} I've tried adding indexes, optimizing, and so on to get the filesort to go away, but I can't get it to do so, at least not with MySQL 5.0.x. The filesort comes from the ""GROUP BY ... HAVING"". Changing the query to avoid those fixes this. For example, this appears to produce the same results: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.* FROM wp_posts WHERE 1=1 AND ( SELECT COUNT(1) FROM wp_term_relationships WHERE term_taxonomy_id IN (1,461) AND object_id = wp_posts.ID ) = 2 AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 6; }}} But it finishes in a fraction of a second and generates cleaner ""explain"" output with no filesort: {{{ +----+--------------------+-----------------------+------+--------------------------+------------------+---------+----------------------+------+--------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+--------------------+-----------------------+------+--------------------------+------------------+---------+----------------------+------+--------------------------+ | 1 | PRIMARY | wp_posts | ref | type_status_date | type_status_date | 44 | const,const | 8177 | Using where | | 2 | DEPENDENT SUBQUERY | wp_term_relationships | ref | PRIMARY,term_taxonomy_id | PRIMARY | 8 | database.wp_posts.ID | 1 | Using where; Using index | +----+--------------------+-----------------------+------+--------------------------+------------------+---------+----------------------+------+--------------------------+ }}} So my suggestion is that the ""category!__and"" query be changed to something like this that avoids filesorts. (I could provide a patch if people agree that this change is a reasonable approach.)" tigertech 40 16747 'feedtype_enclosure' hooks not triggered without custom field needs-unit-tests Feeds 1.5 normal normal defect (bug) new 2011-03-04T13:42:07Z 2019-06-04T19:43:20Z "file: '''wp-includes/feed.php''', functions: '''atom_enclosure()''' and '''rss_enclosure()''' If a ""enclosure"" custom field is not provided, the ''atom_enclosure'' and ''rss_enclosure'' filters are never triggered (because they're inside an if statement). Wouldn't it make sense to replace this ... {{{ function atom_enclosure() { if ( post_password_required() ) return; foreach ( (array) get_post_custom() as $key => $val ) { if ($key == 'enclosure') { foreach ( (array) $val as $enc ) { $enclosure = split(""\n"", $enc); echo apply_filters('atom_enclosure', '<link href=""' . trim(htmlspecialchars($enclosure[0])) . '"" rel=""enclosure"" length=""' . trim($enclosure[1]) . '"" type=""' . trim($enclosure[2]) . '"" />' . ""\n""); } } } } }}} ... with this ... {{{ function atom_enclosure() { if ( post_password_required() ) return; $output = ''; foreach ( (array) get_post_custom() as $key => $val ) { if ($key == 'enclosure') { foreach ( (array) $val as $enc ) { $enclosure = split(""\n"", $enc); $output = '<link href=""' . trim(htmlspecialchars($enclosure[0])) . '"" rel=""enclosure"" length=""' . trim($enclosure[1]) . '"" type=""' . trim($enclosure[2]) . '"" />' . '\n'; } } } echo apply_filters('atom_enclosure',$output); } }}} ... so that those functions can be hooked via plugins, even if the custom field doesn't exist? ''In my particular case, I wanted to use a different--already existing--custom field name to pull the url from, but I couldn't hook '''atom_enclosure()''' because '''apply_filters()''' is only triggered if the ""enclosure"" custom field name exists.''" tcloninger 1 16784 Introduce post_type_archive_description() needs-unit-tests Posts, Post Types 3.1 normal normal enhancement new 2011-03-07T10:36:40Z 2021-04-24T16:12:27Z "if using the standard archive.php page, the common function for getting archive page name (e.g. single_tag_title) or description (e.g. tag_description) do not work - the best now is to use get_queried_object()->name resp. get_queried_object()->description Also it is not obvious, that when you create a custom post type and taxonomy (with public=true) they are not visible on menu navigation page - you must make them visible using the top View menu (it took me a while to realize it) " thomask 10 16788 Ampersands in e-mail address become invalid dev-feedback Users 3.0.5 normal normal Awaiting Review defect (bug) reopened 2011-03-07T20:01:38Z 2019-06-04T13:51:31Z "When an e-mail address contains an ampersand, WordPress improperly escapes the ampersand invalidating the e-mail address. Example: h&f@domain.com becomes h&amp@domain.com First of all, the proper HTML entity for ""&"" is '''&'''. Where did the extra '''amp''' come from? Also, an ampersand is a valid character in an e-mail address and should not be escaped. Escaping it could be a completely different e-mail address. I have not dug into the code to find out where this is happening but I'd assume in '''sanitize_email()'''." jfarthing84 11 16808 Insufficient permissions for custom post type management and custom role/caps Role/Capability 3.1 normal normal defect (bug) reopened 2011-03-09T19:54:04Z 2023-01-27T05:59:30Z "I asked a question over at [http://wordpress.stackexchange.com/questions/11508/permission-error-on-custom-post-type-add-new-action StackExchange] about this. Went into their chat room to talk to a few people and came to the conclusion I need to post this ticket. --- When accessing an admin page located at post-new.php with a custom post type on a user that's in a custom role that has the available permission to ""Add New"", you get ""You do not have sufficient permissions to access this page."" {{{ $post_caps = array( 'delete_post' => 'argus_admin', ); $visitor_caps = $post_caps; $visitor_caps = array_merge( $visitor_caps, array( 'edit_post' => 'argus_visitors', 'read_post' => 'argus_visitors', 'edit_posts' => 'argus_visitors', 'edit_others_posts' => 'argus_visitors', 'publish_posts' => 'argus_visitors', 'read_private_posts' => 'argus_visitors', )); $v_args = array( 'labels' => array ( 'name' => 'Visitors', 'singular_name' => 'Visitor', 'add_new_item' => 'Register New Visitor', ), 'public' => true, 'publicly_queryable' => false, 'exclude_from_search' => true, 'show_ui' => true, 'show_in_menu' => 'argus', //'show_in_menu' => false, 'hiearchical' => false, 'supports' => array( '' ), 'capabilities' => $visitor_caps, 'register_meta_box_cb' => array ( &$this, '_wp_visitor_meta_box_cb' ), ); register_post_type( 'visitor', $v_args ); }}} I've tested it with 3.0.4 and it worked flawlessly. However, when in 3.1, it doesn't want to work." Genesis2001 11 16817 All updates have been completed has-patch Upgrade/Install normal normal defect (bug) new 2011-03-10T09:41:22Z 2020-09-17T18:30:25Z "I tried to update 12 plugins at once, one of them ended with red error message ""An error occurred while updating PLUGIN_NAME: Could not remove the old plugin."" But in the end of Update page is message ""All updates have been completed."" And that is not right, because one plugin was not updated." pavelevap 3 16828 Add filter on initial_meta_boxes for nav menu dev-feedback Menus normal normal Future Release enhancement new 2011-03-10T21:08:40Z 2020-07-27T17:25:27Z "When you create a custom post type with `show_in_nav_menus = true` the metabox in Appearance->Menus is hidden to all new users. This is especially annoying for multi-site setups. The issue is in `wp_initial_nav_menu_meta_boxes()` where it sets the initial meta boxes: {{{ $initial_meta_boxes = array( 'nav-menu-theme-locations', 'add-custom-links', 'add-page', 'add-category' ); }}} I'd settle for a filter on that, but it seems like a more complete fix would be to add the filter with a default function hooked into it which would add post types with `show_in_nav_menus = true` to the list." aaroncampbell 14 16830 url_to_postid() doesn't resolve attachments when rewrite rules are disabled needs-unit-tests Rewrite Rules 1.2 normal normal enhancement reopened 2011-03-11T01:09:14Z 2019-06-04T21:06:33Z "The code of {{{url_to_postid()}}} is pretty clear in the case of disabled rewrite rules: all URLs not using the {{{p=N}}}, {{{page_id=N}}} or {{{attachment_id=N}}} forms are not parsed and the function return 0. That make sense. Now there is a special case for attachments. Attachments can be saved under a the {{{/wp-content/uploads/year/month/}}} folder structure while rewrite rules are disabled at the same time. This means there is a missed opportunity for {{{url_to_postid()}}} to resolve attachment's URLs of the long-form when rewrite rules are disabled. This was tested and reproduced on WordPress 3.1." anonymized_154007 10 16832 Trouble if the slug of a custom taxonomy is the same as the url of page/post Rewrite Rules 3.1 normal normal defect (bug) new 2011-03-11T11:50:43Z 2019-06-04T21:06:35Z "I got some troubles with the 3.1 version of WordPress concerning the slug of custom taxonomy. '''An example that work in 3.0.5'''[[BR]] www.example.com/agency (url of a page)[[BR]] www.example.com/agency/john-smith (url of a custom type's detail) Apparently having the same ""folder"" 'agency' only works for one or the other url but not both. Hope I made myself clear." LucasHantz 12 16833 Signup mechanism shortens usernames without warning dev-feedback Users 3.0 normal normal Future Release defect (bug) new 2011-03-11T15:09:23Z 2017-07-10T16:18:37Z "When a user signs up for an account on a wordpress blog, if their chosen username is longer than the limit, wordpress chops of the end of the username, without warning the user, and without offering the user the opportunity to choose again. Steps to reproduce: Go to a wordpress blog, sign up with a long username, and read the confirmation email. An example: forum.xbmc.org, which has a limit of 15 characters." hughcharlesparker 4 16838 Excluding Akismet from Future WordPress Releases / Plugin Directory Plugins 3.1 normal normal Awaiting Review enhancement reopened 2011-03-12T02:49:31Z 2024-03-02T21:23:45Z "This issue was more mute prior to the shift in Akismet's 'keying', which previously just required you to have a free WP.com account to hook up to the API. Since Akismet now charges for access, or solicits fees by default for Personal website activations (when you go through the sign up process, it defaults at something like $5 with a slider that lets the person choose how much they want to pay). It's not immediately apparent that 'free' is an option within the slider, but that's not the primary issue here - I digress :) The issue is that Akismet is no longer free for EVERYONE. It's only an option for Personal sites, and in certain cases. What if someone has multiple personal sites? They click that option and they are categorized into a Professional plan, which has a fee associated to it. Since the plugin directory itself has officially been described (and in practice) to have a restriction that explicitly prohibits functionality be disabled from a plugin behind a Paywall, why wouldn't that apply in this case? I certainly don't mean to rock the boat, but this brings up a number of important questions. The plugin has a potentially confusing signup process that does lead people otherwise categorized as Personal site owners, to pay for the service while it's advertised under the plugin description that it's 'free' for Personal use. This produces a grey area of sorts, which puts this plugin under a sort of Paywall, which could be alleviated in a minor way by modifying the signup process. It still doesn't clear the air on how the Paywall for professional sites can be officially allowed versus a full Paywall. Perhaps someone who officially represents the WP.org Plugin Directory or WP.org can clarify the undocumented (not shown at http://wordpress.org/extend/plugins/about/) Paywall restriction for future reference. Besides the plugin itself now finding itself in this grey area, it's bundled with WordPress by default and presents what could be described as an unfair market advantage for Automattic's product offering, sort of like anti-competitive business practices. I feel weird saying that, but I'm not throwing stones here. Just saying what it feels like, even if the core developers say it should be included, I'd say it now doesn't cover the 70/30 rule (or whatever the amount is). If Akismet is allowed to remain in the plugin directory as is, and within WP core, then would other plugins be allowed to be included in the plugin directory that follow the same Paywall model and signup process?" sc0ttkclark 45 16839 Category Base Should be Slugified SergeyBiryukov* needs-unit-tests Rewrite Rules 3.1 normal normal Future Release defect (bug) accepted 2011-03-12T21:42:52Z 2023-03-02T15:52:09Z "Vanilla install of 3.1. Change category base to Foo Bar. Link generated is example.com/Foo Bar/cat (note the %20/space). Clicking link tries to access /FooBar/cat and 404's. I see there are a few other tickets regarding categories, including #16662 but no specific mention of custom category base. " miklb 9 16843 wp_unique_post_slug() doesn't check pagination base when CPT has archive needs-unit-tests Posts, Post Types 3.1 normal minor defect (bug) new 2011-03-13T06:22:22Z 2019-06-04T20:41:56Z Title says it all. scribu 12 16853 Error 500 when a user has too many sites dev-feedback Networks and Sites 3.0.1 normal minor Future Release enhancement assigned 2011-03-14T11:15:57Z 2019-04-08T16:52:29Z "'''My installation''' [[BR]] 3.0.1 multi-site installation with more than 7500 blogs, with one user each. I also have one moderation user that can administer each of the blogs. [[BR]] [[BR]] '''The issue''' [[BR]] In the admin interface, when I go to Super-Admin -> Users, and when I display the page that contains my moderation user, I get ""''An error (500 Internal Server Error) has occured in response to this request''"". The page tries to display all the sites administered by him (around 7500 of them), hence the error. [[BR]] [[BR]] Updating to 3.1 didn't resolve the problem. [[BR]] [[BR]] '''Recommended enhancement''' [[BR]] For each user in the list, display only a certain number of sites, with a possibility to see all of that user's sites, if needed." luuzan@… 29 16858 Usage of HTTP_HOST in the administration dd32 has-patch Administration 3.1 normal normal Awaiting Review defect (bug) reviewing 2011-03-15T13:33:47Z 2022-08-08T05:22:05Z "In some files like wp-admin/includes/class-wp-list-table.php (there are more files I think), some links are created by using the HTTP_HOST variable. It's better to use the defined wordpress URL to create those links. In our case, we have a wordpress running behind a Squid cache. When you check for HTTP_HOST you get the *real* HOST and not the one with the Squid server. To bypass the problem, I added in the main config.php a line like this : {{{ $_SERVER['HTTP_HOST'] = 'www.my-visible-http-host.com'; }}} Without this setting and in our case, some links in the admin (next, previous page, re-ordering...) where pointing to the wrong server. " amirhabibi 21 16883 "Add check for ""Template Version"" on theme activation" dev-feedback Themes 3.1 normal normal enhancement new 2011-03-18T03:28:36Z 2019-06-04T21:06:36Z "Related: #16395 In addition to adding Template Version to the standard meta information extracted from style.css in `get_theme_data()`, I think that for this information to be useful, a child theme shouldn't be able to be activated unless the template template the child theme uses (parent theme) meets the minimum version requirement identified in ""Template Version"". A polite and graceful failure, with an error notice, would be preferable :-) Reason: many times child themes utilize functionality that only exists in the latest version of a parent theme. They're stuck either writing backward compatibility into into their code, or risking whitescreens. This not only prevents that, but it could be used to gently encourage the user to update the parent theme. Certainly not a candidate for 3.1.1, but perhaps 3.2?" nathanrice 6 16910 Lazy evaluation for WP_Query Query normal normal feature request new 2011-03-21T01:04:39Z 2019-06-04T20:41:58Z "Suppose we have a 'city' post type, which is associated with a 'country' post type, such that each 'city' post has a 'country' parent post. Then the 'country' CPT has a 'language' taxonomy associated to it. Now, let's say we want to find all the cities which speak a certain language. Let's assume we already have the `'post_parent__in'` query var: #13927 We could construct a two-step query, like this: 1) Get all the countries with that language: {{{ $country_ids = get_posts( array( 'fields' => 'ids', 'post_type' => 'country', 'language' => 'french', 'nopaging' => true ) ); }}} 2) Get all the cities belonging to that country: {{{ $cities = get_posts( array( 'post_type' => 'city', 'post_parent__in' => $country_ids ) ); }}} No custom SQL queries; fantastic! But, if you have many many countries (not a good example, I know), you waste a lot of time passing the IDs back and forth from PHP to SQL. Final query: {{{ SELECT * FROM wp_posts WHERE post_type = 'city' AND post_parent IN (1, 2, 3, ...) }}} It would be a lot more scalable to put the first query into the second, directly, as a subquery. So, it would now look like this: 1) Get all the countries with that language: {{{ $country_ids = get_posts( array( 'fields' => 'ids', 'post_type' => 'country', 'language' => 'french', 'nopaging' => true, 'lazy' => true' ) ); }}} 2) Get all the cities belonging to that country: {{{ $cities = get_posts( array( 'post_type' => 'city', 'post_parent__in' => $country_ids ) ); }}} $country_ids would now be a WP_Lazy_Query object, which would just contain the subquery SQL. It would be appended to the second query, when needed: Final query: {{{ SELECT * FROM wp_posts WHERE post_type = 'city' AND post_parent IN ( SELECT ID FROM wp_posts WHERE post_type = 'country' INNER JOIN wp_terms ... ) }}}" scribu 2 16980 Empty Values are ignored by class-ixr.php needs-unit-tests XML-RPC 3.1 normal normal Future Release defect (bug) assigned 2011-03-27T12:34:47Z 2020-09-30T18:41:01Z "I tried to fix the following bug #10599 Found out when you send and empty value via xmlrpc it converts it to null value. Say you send and array of arguments for mw_editpost, set {{{ $content_struct[mt_keywords] = ''; }}} IXR client passes a null value instead of an empty value. In mw_post method consider this statement {{{ $tags_input = isset( $content_struct[mt_keywords] ) ? $content_struct[mt_keywords] : null; }}} Even if you send an empty value this statement fails because {{{ $content_struct[mt_keywords] }}} is set to null by IXR client." nprasath002 26 17019 add hooks for Media Library attachment counts SergeyBiryukov has-patch Query 2.5 normal normal Future Release enhancement reviewing 2011-04-02T16:48:24Z 2022-03-03T11:07:24Z "The Media Library attachments listing and edit links can be filtered via existing WP_Query and has_cap hooks. However, corresponding attachment counts are not cleanly filterable. The submitted ticket adds the following filters: * function wp_count_attachments() - result filter 'count_attachments' * WP_Media_List_Table::get_views() - query filter 'attachment_orphans_query' * function update_gallery_tab() - query filter 'gallery_attachment_count_query'" kevinB 53 17020 Some comment queries are not filterable needs-unit-tests Comments 3.1 normal normal enhancement new 2011-04-02T16:56:32Z 2019-06-04T19:22:21Z "Although WP_Comment_Query::query() is fully filterable, some supplemental comment queries are still unfilterable. The submitted patch adds the following hooks: * function get_approved_comments() - query filter 'get_approved_comments_query' * function wp_dashboard_recent_comments() - query filter 'dashboard_recent_comments_query'" kevinB 2 17039 the_excerpt() - <!--more--> handling Formatting 3.1 normal normal defect (bug) new 2011-04-03T22:15:48Z 2019-06-04T19:43:23Z "If a post has a manually inserted <!--more--> ''before'' the default break at the excerpt length, then the_excerpt() fails to generate any [...] or call the ""excerpt_more"" filter. Thus, there is no indication that there is more content to the post." wpweaver 4 17047 Not following spec for REQUEST_URI sterlo has-patch Rewrite Rules 3.1 normal normal Future Release defect (bug) reviewing 2011-04-04T20:11:00Z 2020-12-13T14:26:22Z "Possibly related: #16932 Spec: http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.1.2 Structure: http://en.wikipedia.org/wiki/URI_scheme#Examples The spec for REQUEST_URI: {{{ Request-URI = ""*"" | absoluteURI | abs_path | authority }}} The specs for REQUEST_URI in Apache are such that it allows for absolute paths to a given resource. Given that throughout WordPress there are concatenations like: {{{ $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] }}} These are intended to generate ""mysite.com/resources"" But in certain cases will generated ""mysite.com/mysite.com/resources"" Case Study: {{{ GET http://subdomain.mydomain.com/ HTTP/1.1 }}} This should be allowed. Apache in this case sets the URI to ""http://subdomain.mydomain.com/myfile.php"" Solution: Do not assume that URI is not an absolute path. A quick fix is something like the patch attached." sterlo 16 17061 media_sideload_image() allows upload of 301-redirected non-images chriscct7* Media 3.1.1 normal normal defect (bug) accepted 2011-04-06T14:39:09Z 2019-06-04T20:02:39Z "When you give {{{media_sideload_image()}}} URLs that are not images, an error is raised. If for example I do: {{{ media_sideload_image(""http://google.com"", $post_id, $img_desc); }}} then I get this error: {{{ Sorry, this file type is not permitted for security reasons. }}} And this is absolutely normal and expected. But there is a case when {{{media_sideload_image()}}} do not detect non-images. This case is when the URL given to the function looks like an image but is redirected by Apache to another place. For example, on my server, this URL: {{{ http://coolcavemen.com/e107_plugins/autogallery/Gallery/default.jpg }}} redirects to: {{{ http://coolcavemen.com/photos/ }}} Now if in some PHP code I do: {{{ media_sideload_image(""http://coolcavemen.com/e107_plugins/autogallery/Gallery/default.jpg"", $post_id, $img_desc); }}} then no error is raised and I end up with the HTML served at {{{http://coolcavemen.com/photos/}}} being uploaded to my WordPress site as-is: {{{ kevin@kev-laptop$ file ./wp-content/uploads/2011/04/default.jpg ./wp-content/uploads/2011/04/default.jpg: HTML document text }}} Of course this upload appears broken in the media manager, as you can see in this screenshot: http://twitpic.com/4hlyks" anonymized_154007 2 17077 Page parent li elements in nav menus not always given current-page-parent class Menus 3.1 normal minor defect (bug) assigned 2011-04-07T09:53:45Z 2019-06-04T20:02:40Z "Using a fresh WP3.1.1, 2010 theme, Theme Unit Test data, adding a navigation menu with Parent Page as an item without any child items and then navigating in the browser to Child Page 1. The <li> for the parent menu item doesn't get assigned the current-page-parent class. It does get the current-page-ancestor class, and none of my themes demand the current-page-parent class specifically so I've tagged this as trivial." andymacb 8 17078 is_active_sidebar() doesn't work with Numeric sidebar ID's close Widgets 2.8 normal normal defect (bug) new 2011-04-07T10:06:54Z 2020-05-20T21:00:56Z "This needs a small fix: Function is_active_sidebar( $index) converts $index to a string then uses wp_get_sidebars_widgets() to see if the sidebar is active ..but keys in the array wp_get_sidebars_widgets() generates can be integers if the ID's of the registered sidebars are integers" lanceo 7 17115 Publishing an empty post results in success dev-feedback Posts, Post Types 3.1 normal normal Awaiting Review defect (bug) new 2011-04-12T11:32:50Z 2020-05-03T23:40:21Z "'''Steps to reproduce:''' 1. Go to Add New post screen 1. Publish post 1. Success message is displayed with link to initial auto-draft of post The issue can be traced back to the `editpost` switch case in `post.php` (line 204), which calls `edit_post()` and `redirect_post()`. `edit_post()` saves any meta values passed with the post to the auto-draft, which isn't necessarily desirable, and returns the auto-draft post ID. `redirect_post()` then defaults to status message code 6 which incorrectly reports success in publishing." kawauso 32 17133 Code Editor: Register ctrl + s event for plugin/theme editor has-patch Plugins 3.1 high normal Future Release enhancement new 2011-04-14T12:20:34Z 2023-11-28T19:29:05Z Often when modifying code or writing a post using the wordpress editor I instinctively hit ctrl + s to save it. Up pops the save website dialog which I then have to close. In Gmail when I hit ctrl+ s it saves the email to drafts. I think a similar thing would be useful for wordpress. jcnetsys 21 17146 Don't limit screen meta tab CSS to content within #screen-meta koopersmith has-patch Help/About 3.1 normal normal Future Release enhancement new 2011-04-15T20:36:40Z 2021-10-18T19:21:31Z "Currently, the styles for screen meta tabs are limited to items within #screen-meta. I think we should use the .screen-meta-toggle class instead, so these styles can be used elsewhere in the admin without duplicating the CSS. I ran into this problem when working on the fullscreen plugin and adding a help tab, but not inside #screen-meta." koopersmith 4 17164 More elegant handling of site 'archive' options for MultiSite Networks and Sites 3.1 normal normal Future Release enhancement new 2011-04-18T15:08:50Z 2023-03-22T14:32:22Z "Right now you have a few options with MultiSite blogs 1) Spam 2) Deactivate 3) Archive 4) Delete Spam is easy to understand, and should be marking the admin and site as spam. Delete ditto, hi. Deactivate and Archive are weird though and almost seem backwards. Deactivate means to turn OFF (like deactivating a plugin). Archive implies that you're making a site read-only. Right now, if you change a site to 'deactivated' it actually shows up as DELETED and the front end has the message ""This user has elected to delete their account and the content is no longer available."" Clearly the verbage on the network/sites.php page needs to be updated (and perhaps the front end to 'This site has been deactivated.' to be consistant). If you 'Archive' a site it kicks it to a paler pink in the sites.php page (though the 'Archived' text is white and nigh impossible for me to read) and the front end says ""This site has been archived or suspended."" It's rather illogical there. Archive SOUNDS like it should be making things read-only (and turning off commenting and posting if possible). Otherwise it should just be 'Suspend', and at that point, why have two options that pretty much do the same thing from the front-end perspective?" Ipstenu 16 17170 Attachment slugs are not unique dev-feedback Permalinks 2.8 normal major defect (bug) new 2011-04-18T21:02:52Z 2019-06-04T20:41:59Z "From wp_unique_post_slug() and #9726: {{{ Attachment slugs must be unique across all types. }}} It's true that attachment slugs are checked for uniqueness against all other object types, however, when inserting an object of another type any uniqueness checks do not include attachments. This means that #9539 isn't actually fixed if you attempt the steps in the order described (insert attachment first followed by conflicting page). Fix would be to add 'attachment' to the `post_type IN` clause for hierarchical types. See attachments-hierarchically-unique.diff. Still puzzling out why/if attachments need to be unique against non-hierarchical types since there shouldn't be collisions as attachment URLs are subpage style. However, if attachment slugs do need to be globally unique then see attachments-globally-unique.diff (not tested so much). Related: #9726, #9539, #6437, [11467]" duck_ 1 17183 previous_comments_link and next_comments_link return wrong url with PATHINFO permalinks needs-unit-tests Permalinks 1.5 normal normal defect (bug) new 2011-04-19T20:13:15Z 2019-06-04T20:42:01Z "When using PATHINFO permalinks, previous_comments_link() and next_comments_link() return a wrong link, which renders paged comments useless. Steps to reproduce: Set permalinks to: /index.php/%post_id%/%postname%/ The functions return URLs similar to: /comments-page-1/#comments This URL results in a file not found (if no rewrite rules are available, which should not be necessary if the PATHINFO permalink structure is used). Expected URL: /index.php/comments-page-1/#comments Manual opening the URL results in the expected/correct paged comments page." FireMotion 8 17201 dynamic_sidebar performance has-patch Widgets 3.1 normal normal enhancement reopened 2011-04-21T07:48:22Z 2019-06-05T06:37:57Z "I've got a few dynamic sidebars (say 6 or 7) and the dynamic_sidebar function spends 1/4 of a second only calling sanitize_title. See the piece of code on wp-includes/widgets.php: {{{ if ( is_int($index) ) { $index = ""sidebar-$index""; } else { $index = sanitize_title($index); foreach ( (array) $wp_registered_sidebars as $key => $value ) { if ( sanitize_title($value['name']) == $index ) { $index = $key; break; } } } }}} That's occurs evenf if you provide an id, and not the sidebar name. We could avoid that by checking before trying to use the sidebar name if a sidebar exists with that id. Like so... {{{ if ( is_int($index) ) { $index = ""sidebar-$index""; } elseif ( empty($wp_registered_sidebars[$index]) || !array_key_exists($index, $sidebars_widgets) || !is_array($sidebars_widgets[$index]) || empty($sidebars_widgets[$index]) ) { $index = sanitize_title($index); foreach ( (array) $wp_registered_sidebars as $key => $value ) { if ( sanitize_title($value['name']) == $index ) { $index = $key; break; } } } }}}" mrubiolvn 10 17255 More statuses (like draft and/or private) for media files Media 3.1 normal normal Future Release defect (bug) new 2011-04-27T11:48:11Z 2023-10-25T15:39:32Z "It's weird that media files don't carry any concept of pub status. If someone wants to upload files (either attached to a post or directly into the library), they should be able to keep them hidden via 'draft' status just like any other content. The fact that people can link to things that haven't been explicitly published is bizarre. Media files should have a pub status. If uploaded as post attachment, should inherit publish on post publish. Would then need a workflow for if a post becomes unpublished containing media, as it then lives in library for use by other content, so would need to ask if user wants to unpub media files as well. This would be a big shift, so would make most sense as part of a media redux with a long notice period for plugin and theme authors. " jane 24 17301 Keep the connection open when doing upgrades or long-running operations dd32 has-patch Upgrade/Install normal normal Future Release enhancement assigned 2011-05-02T06:27:39Z 2021-06-01T22:01:28Z "When we do long-running operations like upgrades-over-FTP, we may go a while without sending any data, which may cause the connection to be closed. We should investigate whether we can send some ""hey, still here"" dummy data down the pipe to keep the connection from being unceremoniously closed on us. For example, Rackspace Cloud Sites runs behind load balancers that cut the connection after 30 seconds of no data. I was able to defeat it by manually flushing some dummy data like so: {{{ <?php for ( $i = 1; $i < 46; $i++ ) { echo ""$i...<br />\r\n""; flush(); sleep( 1 ); } echo ""DONE""; }}}" markjaquith 11 17370 Screen options and meta box settings can lose per-blog meta box positions Users 3.1 normal normal Future Release defect (bug) new 2011-05-10T21:13:37Z 2022-10-03T12:10:08Z "User preferences for admin interface appearance of the Dashboard and the Edit/Add New pages are stored in per-user options in `wp_usermeta`: `closedpostboxes_$page`, `metaboxhidden_$page`, `meta-box-order_$page`, and `screen_layout_$page`, where `$page` is one of 'post', 'page', or 'dashboard'. Users can customize the order of the Dashboard and editing meta boxes to better suit their workflow using the drag-and-drop AJAX interface to move the meta boxes into ordered columns and the Screen Options tab to show and hide the boxes. Many plugins add custom meta boxes to the Edit/Add New Post page. In a multisite installation, with different plugins active on different blogs, users who rearrange an Add New Post page on a blog with a custom meta box and then rearrange it on a different blog without that meta box will lose the position of the custom meta box. Blogs can have different features and workflows implemented, and having per user options for the appearance instead of per user, per blog options limits the ability of a user to customize the interface. The expected behavior for moving things around is that it changes on one blog, not on all blogs." jmdodd 4 17374 get_pages() with child_of forgets sort DrewAPicture dev-feedback Posts, Post Types 3.1.2 normal normal defect (bug) assigned 2011-05-11T10:06:17Z 2023-04-18T12:45:36Z "If you call {{{get_pages()}}} with both the {{{child_of}}} and {{{sort_column}}}, the sorting is not applied. {{{child_of}}} makes it select all pages (sorted) and later applies a subselect via {{{get_page_children()}}}. This subselect can mess up the sort order. An example was reported on http://wordpress.stackexchange.com/questions/16921/get-pages-not-ordering-as-it-should Related: #12821" janfabry 8 17376 Multisite Subfolders and bunk /wp-admin areas needs-unit-tests Bootstrap/Load normal normal defect (bug) new 2011-05-11T15:07:38Z 2021-06-24T18:50:17Z "On a multisite installation with subfolders, navigating to: www.mysite.com/i-dont-exist/wp-admin loads a dashboard and maintains the i-dont-exist in the url. That part exists if i navigate to themes and/or plugin pages. However, I'm actually altering the base site. This can be quite confusing if someone makes a typo in a sitename and they end up changing the base site (like happened to us) :(" MadtownLems 30 17382 XMLRPC wp_getUsersBlogs Scalability XML-RPC 3.0 normal normal defect (bug) new 2011-05-11T20:32:15Z 2019-06-05T06:38:07Z "If there is a root blog with many sub blogs on it and a user that is an admin on each sub blog, then when the when the XML RPC method wp_getUsersBlogs() is called it does not scale very well. My PHP memory_limit setting was 128MB, and the XML RPC request died when a user was a member of 230+ blogs. I noticed that the number of queries made to the database for a single user that has many blogs that they are an admin is very high. Affected line: http://core.trac.wordpress.org/browser/tags/3.0.1/xmlrpc.php#L443 I don't know exactly how the code would have to change so I am not providing a patch." bmorneau 4 17394 Network Admin -> Sites -> Users not report correctly Users 3.1.2 normal normal Future Release defect (bug) reopened 2011-05-12T14:10:29Z 2020-09-30T19:43:43Z "The Network Admin -> Sites -> Users screen does not list all users in the site. I see the symptom of this issue has been reported before, but I have found the cause (in my case anyway). '''Example Scenario:''' In my set up I have added plugins that add user roles: a registration plugin that adds ""Registration Admin"" and a event management plugin that adds ""Office"" and ""Committee"". I have the registration plugin installed in all sites (root and test), but the event plugin in only installed in the test site. When I add a user to the root site, I can choose the normal roles or ""Registration Admin"", when I add a user to the test site I can choose the normal roles or any of the 3 new roles that have been added. '''Problem:''' When I view the list of users on the Network Admin, not all users are displayed in the list. It appears the Network Admin screen works in the context of the root site, where the event plugin is not installed. As a result, the Office and Committee roles are not available in the root site, and users of the sub-site with the those roles do not show in the user list. The filters show the correct total number of users beside All, but the additional roles unique to the sub-site are not listed. In the sub-site Dashboard, they show correctly, and if I install the other plugin to add the Office and Committee roles to the root site they will show in the Network Admin -> Sites -> Users screen for the sub-site. It would appear the user list for a sub-site will ignore users that are assigned a role that doesn't exist in the root site, even though they are assigned a valid role in the site displayed. This bug is reproducible by adding roles to sub-sites. I would a happily help with more clarification or resolving this issue as needed. I know it's not critical, but it is very frustrating when administering a large multi-site network." whiteatom 13 17433 localhost is not accepted as email domain has-patch Formatting 3.2 normal normal Future Release defect (bug) new 2011-05-14T16:55:52Z 2018-03-20T09:10:25Z "Hi. Tried to install WordPress on a Debian machine not connected to Internet, only for testing purposes, so when the setup procedure asked me for an email address, I used mylogin@localhost. The setup procedure, however, rejected this as ""invalid"". I think the bug is exactly in wp-includes/formatting.php, where it says: {{{ // Assume the domain will have at least two subs if ( 2 > count( $subs ) ) { return apply_filters( 'is_email', false, $email, 'domain_no_periods' ); } }}} So: Could you please special-case ""localhost"" in is_email() so that it's allowed as email domain? I guess the probability of someone using @localhost for email ""by mistake"" is extremely low, so this change will unlikely harm the average user. Thanks." sanvila 12 17450 Almost pretty permalinks with non-ASCII characters do not work in Apache westi needs-unit-tests Permalinks 3.1 normal normal defect (bug) reopened 2011-05-16T05:53:14Z 2019-06-04T20:42:05Z Almost pretty permalinks (using PATH_INFO) with non-ASCII characters do not work in Apache; a not found error is returned. The same permalink works in IIS when UTF-8 is used for server variables. It also works when mod_rewrite is used. peaceablewhale 10 17451 Unify plugin update notices and include changelog data nacin* dev-feedback Upgrade/Install normal normal enhancement accepted 2011-05-16T09:23:25Z 2019-06-04T21:07:00Z "Currently the after_plugin_row hook is only used on plugins.php which is used by the Changelogger plugin to show plugin changelogs inline. If the hook is also added to the bottom of list_plugin_updates in update_core.php then changelogs could also be displayed on that page too. It's only a single line change so not sure how/if it's worth me attaching a patch for this?" dempsey 11 17491 Make is_email() compliant with RFC5322 (updated by RFC6854) needs-unit-tests Formatting 3.1.2 normal minor Future Release defect (bug) reopened 2011-05-18T14:48:52Z 2023-04-14T13:59:42Z is_email('toto.@toto.com') returns true arena 27 17520 cite element used incorrectly has-patch General normal normal Future Release enhancement new 2011-05-20T17:47:14Z 2022-07-05T15:43:55Z "Here's what the HTML5 specification says about the cite element: The cite element represents the title of a work (e.g. a book, a paper, an essay, a poem, a score, a song, a script, a film, a TV show, a game, a sculpture, a painting, a theatre production, a play, an opera, a musical, an exhibition, a legal case report, etc). […] A person's name is not the title of a work — even if people call that person a piece of work — and the element must therefore not be used to mark up people's names. (In some cases, the b element might be appropriate for names; e.g. in a gossip article where the names of famous people are keywords rendered with a different style to draw attention to them. In other cases, if an element is really needed, the span element can be used.) http://www.whatwg.org/specs/web-apps/current-work/multipage/text-level-semantics.html#the-cite-element The element is used plugins/hello.php correctly to mark up the title ""Hello, Dolly"". But many more places it is used incorrectly to mark up an author's name. The obvious fix would be to replace all but the one correct instance of the cite element with spans with an appropriate class." holizz 8 17541 Blogger-XMLPRC API does not work with Multisite/SSL/DMZ combination westi* has-patch XML-RPC 3.2 normal major defect (bug) accepted 2011-05-23T07:26:29Z 2019-06-05T06:38:11Z "I have the following setup: My WordPress Blogs (multisite) are set up behind a firewall that exposes the public address via SSL. Inside my DMZ I'm only using HTTP, so that's what WordPress sees. When I now try to access the blogger.getUsersBlogs XMLPRC-API, I get an empty result back. I analyzed the WordPress source code and found out that the blogger.getUsersBlogs method in the file wp-includes\class-wp-xmlrpc-server.php uses another XMLRPC call to the wp.getUsersBlogs method in case of the multisite. I further checked and found out that this appears to be the only case in which WordPress executes a remote call itself to sevice the request. I then replaced the logic in _multisite_getUsersBlogs with the multisite part from wp_getUsersBlogs and it worked. I aso found an issue that might be related: http://core.trac.wordpress.org/ticket/16402 But since the source code in the trunk still uses the regular IXR_Client, I'm not sure if this would fix the issue. I attached my fix as a patch, but it's not refactored to remove code duplication since I don't have a dev-environment set up for WordPress. Michael" michael_k 6 17619 Soft 404 at /wp-content/plugins/ dev-feedback General normal normal Future Release enhancement new 2011-05-30T16:31:30Z 2019-09-24T19:39:34Z "/wp-content/plugins/index.php would be better written with a proper 404. {{{ <?php header('HTTP/1.0 404 Not Found'); // Silence is golden. ?> }}}" miqrogroove 11 17653 Canonical Redirect when space(s) are used instead of hyphens when requesting a page SergeyBiryukov* Canonical 3.0 normal normal Future Release enhancement accepted 2011-06-02T01:25:08Z 2018-08-19T03:31:39Z "Create a page with a slug that contains a hyphen (eg. /page-name/). If you then visit /page name/ (ie. use a space instead of a hyphen), WordPress currently manages to locate and display the page-name page. This could cause duplicate content issues. The same issue occurs if multiple spaces are used instead of a hyphen. As an example, this is the original page: http://jamesc.id.au/test-page/ This page is accessible via: * http://jamesc.id.au/test%20page/ * http://jamesc.id.au/test%20%20page/ * http://jamesc.id.au/test%20%20%20page/ * http://jamesc.id.au/test%20%20%20%20page/ and so on. WordPress should either output a 404 error, or redirect to /page-name/. Tested using the latest 3.2 trunk (r18110)." jamescollins 9 17661 Appending date & author based query vars to a permalink overrides the permalink needs-unit-tests Canonical 3.1 normal normal defect (bug) new 2011-06-02T11:05:05Z 2019-06-04T19:22:31Z "Some canonical code branches are not properly accounting for extra query variables being specified via the url. For example, these url's are not handled properly: {{{ /2008/?author=1 redirects to /author/admin/ /author/admin/?year=2008 redirects to /year/2008/ /category/uncategorized/?year=2008 redirects to /2008/ }}} This happens with most date based branches, as once a higher priority canonical rule is hit, the permalink component is ignored. The canonical code includes a branch to add any ""forgotten"" `$_GET` variables back onto the url, however this doesn't help when it's the rewritten variables are being lost." dd32 2 17704 Automatically enqueue necessary scripts when custom meta boxes are used Administration normal normal enhancement new 2011-06-06T05:53:43Z 2019-06-04T19:22:32Z Right now if you add_meta_box() to a custom page, like using add_submenu_page() and then calling do_meta_boxes(), the screen options and post box JS don't work automagically. They should. mitchoyoshitaka 4 17763 comments_popup_link() need a get_* version Comments 3.2 normal normal enhancement new 2011-06-11T06:20:09Z 2019-06-04T19:22:34Z "Currently `comments_popup_link($zero = false, $one = false, $more = false, $css_class = '', $none = false)` has no get_*() version. Usage situation: Where the link needs to be used within a larger string being concatenated." dd32 18 17771 URL-encoded comment_author_url gets broken by MySQL varchar 200 length limit SergeyBiryukov dev-feedback Comments 3.2 normal normal Future Release defect (bug) reviewing 2011-06-12T03:46:44Z 2017-03-18T17:38:56Z "!WordPress sometimes pings back with long permalinks that exceed comment_author_url column length limit of 200, which results in generating unusable broken links to the post. It easily reaches to the limit, especially if the permalink contains url-encoded multibyte title as postname. (e.g. 23 characters of UTF-8 Japanese become a 207 characters long url-encoded string. Incomplete url-encoded string may trigger 400 Bad Request too.) '''Solution:''' In pingback(), use shortlink instead of regular permalink if the URL is longer than 200 characters. It seems to work ok with wp.me shortlinks." tenpura 16 17793 No explanation on invalid characters on registration form chriscct7 has-patch Users 2.1 normal normal defect (bug) reviewing 2011-06-14T08:46:22Z 2019-06-05T06:38:12Z "When a user tries to register with a username containing special characters (e.g. accented letters), WP shows an error message saying ""This username is invalid because it uses illegal characters. Please enter a valid username."". However, this doesn't really help the user because the message does not explain how to fix the problem, i.e. which characters are allowed. Please consider adding a brief listing of allowed characters." molnarm 2 17821 wp_get_nav_menu_object() doesn't check when passing to get_term() has-patch Menus 3.1.4 normal normal defect (bug) new 2011-06-17T00:02:14Z 2019-06-04T20:02:43Z `wp_get_nav_menu_object()` initially passes the menu string to `get_term()` to see if it's an ID. However, `get_term()` expects an integer or object and type-casts any non-objects passed into integers. This results in a menu name i.e. '10-ton elephant' being reduced to '10', which it then uses as a term ID, potentially producing unexpected results. kawauso 8 17857 WP_Embed - Split shortcode() function into two for increased flexibility dev-feedback Media 2.9 normal normal enhancement new 2011-06-21T01:52:41Z 2019-06-04T20:02:44Z "Currently, the WP_Embed class is restricted to posts; it takes a post ID as a parameter and checks the post meta table. What I'd like to propose is to apply a filter to the post ID and split WP_Embed::shortcode() into two functions (at http://core.trac.wordpress.org/browser/trunk/wp-includes/media.php#L1177). In a nutshell, let the link parsing be one function and if the link is oEmbed-worthy send it to the second function for parsing. The second function could then be easily extended for usage in 3rd-party plugins not using WP posts (like BuddyPress). Also, the patch checks the URL against each registered WP oEmbed provider's URL scheme if oEmbed discovery is false. This is designed to prevent unnecessary external pinging of an oEmbed provider and avertible meta caching for failed attempts. Andy Peatling primarily wrote this part of the code, which he sent to me awhile ago. Attached patch is against r18324." r-a-y 1 17904 Multisite has more restrictions on user login character set needs-unit-tests Login and Registration 3.0 normal normal Future Release defect (bug) assigned 2011-06-27T11:09:12Z 2024-02-27T07:08:40Z "Multisite has more restrictions on the characters allowed in a user's login name compared to single site. This seems unnecessary and confusing. It was also the root of a recent bug in the importer, see [http://wordpress.org/support/topic/invalid-author-importing-single-wordpress-to-mulitsite-wordpress?replies=21#post-2186667 this forum thread] and the [http://plugins.trac.wordpress.org/changeset/401649 workaround]. I haven't worked up a patch yet since there seem to be a few locations where these restrictions are enforced and I don't know if I have found them all yet: - wpmu_validate_user_signup() uses the regex `/[a-z0-9]+/` - ms-default-filters.php adds `strtolower` to `sanitize_user` Relevant: http://mu.trac.wordpress.org/changeset/1689 [12948]" duck_ 81 17905 Multisite doesn't delete a user's posts/links upon removal jeremyfelt has-patch Users 3.0 normal normal defect (bug) assigned 2011-06-27T12:59:43Z 2020-04-03T18:28:35Z "When the ""Delete all posts and links."" radio is selected all that happens is the user is deleted but their posts are left in tact but without a visible user. The posts should be moved to trash as well. This is caused by removal from the blog in `network/edit.php` before the user is actually deleted where trashing of posts occurs. Since the user no longer has any assigned blogs wpmu_delete_user() doesn't call wp_delete_post(). Patch attached also cleans up confirm_delete_users slightly by using the array passed as an argument instead of $_POST['allusers']. Related: [13918]" duck_ 3 17913 Site-level comment options may override individual post settings. Improve help/docs. has-patch Comments normal normal Future Release enhancement new 2011-06-27T20:46:43Z 2019-11-18T18:11:40Z "Post comments may be automatically closed for a site's posts if site option 'close_comments_for_old_posts' is true and the post was published before 'close_comments_days_old' days ago. These two options are set in options-discussion and override the 'comment_status' of an individual post. The edit posts screen's comment meta box displays comments open/close status, allowing publishers to open or close comments for a single post. It's possible the site-level discussion settings will override the individual post yet we still might display a different post comment status than the site settings allow. 1. Enable site-level option to close comments on articles ( wp-admin/options-discussion.php#close_comments_for_old_posts ) 1. Enter a days value of 1 for maximum impact 1. Edit a post published over a day ago 1. View the Discussion meta box ( #commentstatusdiv ) 1. Interact with the 'comment_status' field I would like to better communicate expected failure and let the post author or editor know this particular setting has been overridden at the site options level. If the current user can manage options I might you could link to the override in the options page. I created a new test blog, set comments to auto-close after a day, and checked allow comments in the post screen. I was wondering why comments_open() was false for the post when I was looking at a checked box on the post screen." niallkennedy 10 17916 Enqueued styles are only printed on login_footer in wp-login.php dev-feedback Script Loader 3.2 normal normal Future Release defect (bug) reopened 2011-06-28T00:29:48Z 2018-08-10T19:29:53Z "In my plugin I have this include: wp_register_style(""cimy_uef_register"", $cuef_css_webpath.""/cimy_uef_register.css"", false, false); now independently where and when I use the above css, even if I never enqueue or print it... it basically forces the admin panel to be always left instead of the right. In particular it changes the admin panel menu #adminmenu to stick to the left, also other little things. The question is: why this happens even if the CSS is not included at all? Browsing the documentation quickly on that function I didn't find anything useful, please help me." Cimmo 38 17923 add_query_arg() should encode values has-patch Formatting 3.2 normal normal defect (bug) reopened 2011-06-28T22:55:50Z 2019-08-20T23:16:59Z "One (or me at least) would expect that the result of {{{ add_query_arg( 'foobar', 'this&that', 'index.php' ) }}} would be {{{ index.php?foobar=this%26that }}} since the whole purpose of the function is to build a URL. However the actual result is {{{ index.php?foobar=this&that }}} You're asking to the function to create a URL in which `foobar` is `this&that` but instead it creates a URL in which `foobar` is set to only `this`. You shouldn't have to pre-encode values -- the function should take care of it for you. The function to ""blame"" for this is our `build_query()` which for some reason does not encode by default. Semi-related: #16943" Viper007Bond 22 17924 Make Integrating Multiple Roles Per User Easier for Plugin Authors dev-feedback Role/Capability 2.0 normal major Awaiting Review enhancement new 2011-06-28T23:40:48Z 2021-07-20T16:41:38Z "WordPress supports multiple role per user, however to use this feature is very difficult for plugin authors to integrate well, and often requires adding plugin admin pages instead of integrating with the pre-existing user-edit.php. Due to the difficulty of this, and the fact that most plugins that allow this aren't very user-friendly, I believe users are staying away from multiple roles. This ticket aims to change how easy it is to work with the current role management system, as well as to add a couple role-based filters and actions, while still keeping the front-end of the administrative interface single-role only. (Because it seems to be the prevailing opinion the multiple roles per user is plugin territory.) In addition, I completely agree that the vast majority of sites can best function with one role per user, however in some cases (such as the site I'm working on now) you simply need to be able to choose multiple roles. = Changes = == First Patch File == attachment:Replace_Admin_Role_Dropdown.patch The first patch file moves the code for the role dropdown off of /wp-admin/user-edit.php, /wp-admin/includesclass-wp-users-list-table.php, /wp-admin/users-new.php, /wp-admin/options-general.php and into /wp-admin/includes/template.php where two new functions are created: === {{{wp_get_dropdown_roles()}}} === This function does what {{{wp_dropdown_roles}}} used to do, but it returns the value instead of echoing it. (Note that {{{wp_dropdown_roles()}}} now acts as a wrapper for {{{wp_get_dropdown_roles()}}}. (The old function is still in place for backwards compatibility.) === {{{wp_user_role_selector()}}} === This function creates the full dropdown and applies a new {{{'user_role_selector'}}} filter to the markup before echoing it out. This way the default dropdown can be overridden by something else (perhaps checkboxes). == Second Patch File == attachment:Create_Role_Update_Actions_Filters.patch The second patch file changes the functions that handle user creation and updating so they can be hooked into and a developer could make this work with multiple roles. This file affects /wp-admin/includes/users.php and /wp-includes/user.php. === {{{wp_sanitize_user_role()}}} === A new {{{sanitize_user_role}}} filter was created and sanitation of {{{$_POST['role']}}} in /wp-admin/includes/user.php when user-edit.php is submitted was moved there. The new function is called {{{wp_sanitize_user_role()}}}. (This is so that if user-edit.php is submitted and {{{$_POST['role']}}} were to contain a value other than a string (perhaps an array of roles) it can be sanitized and worked with accordingly. === {{{pre_user_role}}} === A new {{{pre_user_role}}} filter was added to {{{wp_insert_user()}}} in /wp-includes/user.php. This was mainly done because almost every other field that this function processes has a matching filter like this, and I thought maybe {{{$roles}}} felt left out as it did not. :( I supposed somebody could also use it for something useful as well. === {{{apply_user_role}}} === A new {{{apply_user_role}}} action was added to {{{wp_insert_user()}}}. The function itself no longer uses {{{$user->set_role()}}}, instead saving user role changes is now handled by this new action. A matching function {{{wp_apply_user_role()}}} was added to set the user role like {{{wp_insert_user()}}} used to do. This way however, a plugin author could simply hook into {{{apply_user_role}}} to apply multiple roles to a user. = Conclusion = All in all, this patch was designed so that the average user would never even notice that a change has been made to user management, however a plugin author looking to add an easy way for people to select multiple roles for a user can quickly hook into this and have a nice, easy, well integrated and WordPress-like plugin. I have done a few tests adding users and changing roles around with these patches applied on a fresh installation with no plugins and the only changes to WordPress being those that are in the attached patches, and everything seems to work seamlessly. By the way, I am quite new to WordPress, so I added the needs-testing tag, because it does, but I also want to make sure I've done everything the 'WordPress' way and I want to make sure I havn't missed anything that is broken because of these small changes." mobius5150 31 17948 Enhancements to the login and registration forms wpdavis Login and Registration 3.2 normal normal Future Release enhancement new 2011-06-30T16:25:01Z 2017-10-06T16:23:13Z "I would like to propose a significant overhaul of the registration and login forms for 3.2, which I'd be happy to take on. A few things that I think would be helpful: Combine registration processes for multisite and single-user into one form on one page. Allow the registration and login to be templatized — no reason this should be for MS only. Standardize filters, actions and variables between MS and single-user when at all possible. A few related tickets: #17904 #17306 #17085 #16866 #16411 #17630" wpdavis 20 18035 ignore_sticky_posts fails to remove sticky class johneckman dev-feedback Query 3.2 normal normal Future Release enhancement reopened 2011-07-08T10:03:44Z 2023-09-20T03:13:41Z "When setting the query_posts parameter: ignore_sticky_posts = 1 all sticky posts are returned as normal posts and placed accordingly in the flow. However the sticky posts keep their sticky class, which means that an additional filtering of post_class is necessary to avoid any css rules defined for the .sticky selector taking effect. is this intended, or could it be considered an enhancement if it was patched? " mikkelbreum 22 18043 Uploaded images disappear after loading if using compression w/Apache dev-feedback Upload 3.2.1 normal major Future Release defect (bug) new 2011-07-08T22:49:15Z 2019-05-15T21:02:03Z "I have found an issue between WordPress (Multisite) + Google Chrome (Mac) which I think appeared on my sever when I enabled compression a few months ago, but could never reproduce because it only happens with images managed by a Multisite WordPress install, not static images. With images that are static Apache sends the file and calculates the Content-Length its self so these images work fine but if you access a file uploaded to WordPress it uses the .htaccess redirect so the image requests are sent via ms-files.php for what ever reason. The problem is that WordPress decides to calculate its own Content-Length header in the HTTP Response which means that security conscious browsers like Google Chrome freak out when the data they receive is less than they we're told by Apache and they resultantly disable the image. The Content-Length calculation comes on line 43 of ms-files.php I don't know why its needed because Apache seems to sort it out automatically if you don't send your own header, in fact most of the file seems like an unnessisary load of processing, perhaps it needs reviewing but this is a major issue as it is a growing browser, on a growing platform. Here is a great video of it in action: http://www.screencast.com/t/cUYKSegW0N This issue has been repeatedly reported on the forum: http://wordpress.org/support/topic/disappearing-images http://wordpress.org/support/topic/multisite-images-broken http://wordpress.org/support/topic/image-not-show-in-google-chrome-timthumbphp Please fix this asap!" ctsttom 20 18088 Network Admin Email setting in wp-admin/network/settings.php fails silently flixos90 has-patch Networks and Sites 3.2 normal normal Future Release defect (bug) reviewing 2011-07-12T19:56:26Z 2022-01-30T16:42:24Z "'''Steps to reproduce:''' 1. Go to wp-admin/network/settings.php 1. Try setting your email to support@localhost 1. Page reports success but email remains the same The check in wp-admin/network/edit.php consists of: {{{ if ( is_email( $_POST['admin_email'] ) ) update_site_option( 'admin_email', $_POST['admin_email'] ); }}} which doesn't account for anything not passing `is_email()` I know network admins should know what they're doing, but failing silently is a pretty sure-fire way to generate confusion." kawauso 32 18146 Add user-level & front end timezone display flexibility according to a fixed time [GMT:0] Date/Time normal normal Future Release feature request assigned 2011-07-17T06:25:21Z 2023-05-30T04:01:59Z "Timezone can currently only be set on the blog level. This makes sure that the blog displays times in the timezone chosen by the blog's owner. It would also make sense to add a timezone setting for registered users, so we can show times in their own timezone, or use that setting as a default for new blogs or other features in a multi-site setting." RanYanivHartstein 57 18161 Bulk action: Add user to multiple sites Users 3.2 normal normal Future Release feature request reopened 2011-07-18T19:07:04Z 2021-04-27T20:01:18Z "Currently, to add a single user to multiple sites, the super admin has to edit each site, add the user to the site, and then go on to the next site. To improve this workflow, it would tremendously useful to be able to add a single user to multiple sites in the network admin. This ticket could have scaling problems to solve." danielbachhuber 14 18163 "Include more usermeta fields in the Network Admin's ""Add User"" view" has-patch Networks and Sites normal normal Future Release feature request new 2011-07-18T19:17:51Z 2021-08-15T10:24:31Z "The view for adding a new user in single site instances includes many useful fields (e.g. first name, last name, a checkbox for whether the user should be emailed the password, etc.) We should replicate this in the network admin to keep the super admin from having to edit each individual profile. Relevant views: * /wp-admin/network/user-new.php" danielbachhuber 24 18209 Capabilities with misplaced dependencies in edit_theme_options has-patch Menus 3.2.1 normal normal Awaiting Review defect (bug) assigned 2011-07-22T06:33:07Z 2022-08-04T10:00:18Z "When setting capabilities for other groups, the user is unable to add to theme options with just '''edit_theme_options''' if they do not also have '''edit_posts''' capabilities. The user will be able to delete things like menu elements, but may not add them without this flag. == How to reproduce; == Edit capabilities of group removing all '''POSTS''' to hide the Posts Dashboard pages (works by just removing '''edit_posts''' as well). Give group '''edit_theme_options''' capabilities to edit their own menus. Users may now access the Theme Options, and may delete objects. User can add menu items to the preview, but once they Save these, the changes are not committed without the edit_posts permission." Clorith 9 18232 wp_nav_menu - Setting walker parameter affects fallback_cb has-patch Menus 3.2 normal normal defect (bug) new 2011-07-24T08:14:35Z 2019-06-04T20:02:49Z "When using the walker parameter with wp_nav_menu and there is no menu present, wp_nav_menu falls back by default (set with fallback_cb) to wp_page_menu. It appears that the set walker also affects wp_page_menu, which in most cases breaks the output. wp_nav_menu usage: {{{ <?php wp_nav_menu(array('walker'=> new Walker_Nav_Menu)); ?> }}} Output when no menu is present (falling back on wp_page_menu): {{{ // Formatted for readability <div class=""menu""> <ul> <li id=""menu-item-1"" class=""menu-item-1""><a></a></li> <li id=""menu-item-2"" class=""menu-item-2""><a></a></li> <li id=""menu-item-3"" class=""menu-item-3""><a></a></li> </ul> </div> }}} Expected output: {{{ // Formatted for readability <div class=""menu""> <ul> <li class=""page_item page-item-1""><a href=""/first/"" title=""First"">First</a></li> <li class=""page_item page-item-2""><a href=""/second/"" title=""Second"">Second</a></li> <li class=""page_item page-item-3""><a href=""/third/"" title=""Third"">Third</a></li> </ul> </div> }}} As you can see, the output from wp_page_menu is getting filtered through the walker, but since the walker was designed for menus specifically, it renders the default output from wp_page_menu useless (empty tags..etc)." bryanjwatson 3 18264 Future private posts listed as already published with future date specified Posts, Post Types normal normal Awaiting Review defect (bug) new 2011-07-27T00:05:27Z 2019-05-23T19:33:38Z "Setting a post to private, and scheduling it for some future date or time, results in the stamp that the post was ""Published on (future date)"" in the publish module. The discussion on tickets #5608 and #9136 suggests that all private posts are published immediately (and privately), and that this is intentional. So, it's misleading and confusing to report that it already was published on some future date. In source:trunk/wp-admin/includes/meta-boxes.php#L163, I suggest we replace: {{{ else if ( 'publish' == $post->post_status || 'private' == $post->post_status ) { // already published $stamp = __('Published on: <b>%1$s</b>'); } }}} with: {{{ else if ( 'publish' == $post->post_status ) { // already publicly published $stamp = __('Published on: <b>%1$s</b>'); } else if ( 'private' == $post->post_status ) { // published privately $stamp = __('Published privately'); } }}}" chrisrudzki 16 18271 Item hierarchy should be maintained when adding to menu Menus 3.2.1 normal minor Future Release defect (bug) new 2011-07-27T20:13:35Z 2023-11-17T10:54:16Z "Situation: Create a hierarchy of categories or pages and go to create a custom menu. In the meta boxes on the left hand side, the categories and pages are shown in hierarchical arrangement. Select all categories (for example) and add to menu. Expected behaviour: All links are added to custom menu and the hierarchy is maintained appropriately Actual behaviour: Hierarchy is lost and all menu items are top-level This was originally raised by Jane in #17029 however the changeset in the ticket only applies to showing hierarchy in the meta boxes and doesn't cover maintaining hierarchy when adding to menu." JohnONolan 21 18275 Can't get perfect thumbnail sizes with image editor Media 3.2.1 normal normal Future Release defect (bug) new 2011-07-28T02:37:16Z 2017-06-27T16:14:27Z "In the media settings, I have the thumbnail set to a fixed size (218x145), and set to crop to these exact dimensions. Sometimes the automatic thumbnail crops off people's heads, etc, so I use the Image Editor to manually adjust the thumbnail. I select a rectangle, set the aspect ratio to 218x145, click crop, apply to thumbnail only, and save. However, sometimes that results in an image slightly off in dimensions - for example, 215x145. I expect this is a rounding error. However, it happens even if I select an area much bigger than this when cropping in the Image Editor - eg 300x200. After I click crop and see the 300x200 image, I would expect the thumbnail to be automatically be created at 218x145 like it does normally based on this adjusted image - however, it appears the checkbox for using exact dimensions doesn't apply here. (In fact, if I select, say 300x300, it will make my thumbnail 145x145). This feels like a bug to me, and makes it very hard to generate thumbnails at the size I want." smerriman 4 18282 Issue with admin page hierarchy in Menu admin Menus 3.2.1 normal critical Awaiting Review defect (bug) reopened 2011-07-28T14:38:17Z 2023-08-12T10:15:28Z "Under Appearance > Menus in the left column under Pages, if I have more than 50 pages, the hierarchy view gets messed up. The issue seems to be related to paginate. If I change the ""50"" on lines 589 and 809 of wp-admin/includes/nav_menu.php to ""955"" the hierarchal admin menu works with 50+ pages. Attached are two XML files. One contains 50 pages and the other contains 53 pages. I've loaded them into fresh installs of 3.2.1 using the twenty eleven theme and no plugins. Paginate is great if it works right, if it won't work, just increase the number per page to something very high and people can scroll. I'd rather scroll than not have hierarchy work right. Link to 50 page XML -- http://cloud.hcc.me/0g3X3O310s3l3i2N363n Link to 53 page XML -- http://cloud.hcc.me/302e0c391A14193m2V2e Pastebin of wp-admin/includes/nav_menu.php -- http://pastebin.com/0FRAmMkS" hcceast 75 18287 wp-login.php - Logo URL should be relative (affects MultiSite) has-patch Login and Registration 3.2 normal normal Future Release enhancement new 2011-07-29T00:31:49Z 2020-01-06T17:40:30Z "If you go to your domain.com/wp-login.php page it has a WP logo that links back to domain.com If you're using multisite and go to subsite.domain.com/wp-login.php, it links back to domain.com If you're using multisite and you MAP a domain and go to mappeddomain.com/wp-login.php, it links back to domain.com I can see why this would have been done. It points to network_home_url() which is perfectly sensible for MOST situations. But maybe we should just honor the site on which people are trying to login, so that it's all relative. Given the link on the bottom (back to...) goes to the relative site, this is a logical change. I would say to keep the EMAILS for password resets as is, since the network is in charge of it all, but the front end interface should be consistant. I did a quick test and this works fine on Single and Multi (as expected). So ... here's my first diff!" Ipstenu 20 18289 Direct link to plugin installation should have admin chrome has-patch Upgrade/Install normal normal Future Release task (blessed) reviewing 2011-07-29T06:02:19Z 2022-08-02T19:37:24Z "We should be able to provide a direct link to the page to install a plugin, based on the plugin's slug. This does it: wp-admin/plugin-install.php?tab=plugin-information&plugin=log-deprecated-notices. However, there's no admin chrome, no real indication which site you're on, and no name of the plugin. If we're not loading that page inside an iframe request, it needs the admin around it, as well as a heading. Probably new styling too. This would serve as a replacement for [http://coveredwebservices.com/wp-plugin-install/ Jaquith's bookmarklet], which broke in 3.2 (frame busting), as well as allow us to integrate a link on extend/plugins for plugin installation. Related, #16923, which is now closed." nacin 15 18301 Activating a new theme on multisite is very long-winded DrewAPicture* Themes 3.1 normal normal Future Release enhancement accepted 2011-07-30T23:38:48Z 2023-08-29T15:29:18Z "Scenario: I've just uploaded a new theme to my theme directory and I now want to activate it on a site. I head to the Appearance › Themes menu for that site and, whoops, I forgot to activate it on the network first. Now I need to: 1. Click my name in the header 2. Click Network Admin in the dropdown menu 3. Click Sites 4. Find the site and click Edit 5. Click Themes From there I can enable the theme. We're not done yet though. We need to traverse a minimum of two screens to get back to the Themes menu of the site (even more if the admin bar isn't enabled) in order to activate it. Two things would make this process easier: 1. A link from the Themes screen to the Themes tab of the site in network admin, so five clicks become one. 2. The ability to activate a theme from the Themes tab of the site in network admin. " johnbillion 30 18315 Add an index to the GUID column in the posts table dev-feedback Database 3.2.1 normal normal enhancement reopened 2011-08-02T04:31:01Z 2019-06-04T19:22:38Z "Running queries on the GUID column in the posts table is slow because the column is not indexed. The attached patch adds an index. Note, this affects ticket #18286 - I will update that ticket with appropriate patches to reflect this request." alexkingorg 11 18322 The Road to Magic Quotes Sanity jorbin dev-feedback Bootstrap/Load 3.2.1 normal normal Future Release defect (bug) reopened 2011-08-03T20:26:25Z 2023-06-26T20:19:27Z For back compat reasons, wp_magic_quotes() performs addslashes() on GPCS data. This is a pain, especially given that some core API expects slashes and some doesn't. In hopes of someday losing the automatic GPCS slashing, let's introduce a flag to turn off the slashing as well as slash and unslash functions that consult the flag. If slashing is on, these functions add and strip slashes. If slashing is off, they return data unchanged. Plugin authors can start using these functions and testing their code with GPCS slashing turned off and on. Eventually, GPCS slashing would default to off and all calls to the slash and unslash functions could be removed from core. ryan 39 18330 Add a Class functionality to wpautop() has-patch Formatting normal normal enhancement reopened 2011-08-04T20:17:29Z 2023-07-25T16:42:17Z "It would be nice to be able to add a class to <p> with wpauto as an optional arg. " wpsmith 6 18385 "Canonical redirections not suited for Queries with multiple query vars and ""pretty permalinks"" in general" dev-feedback Canonical 3.2 normal normal enhancement new 2011-08-12T09:05:03Z 2019-06-04T19:22:40Z "When the Canonical code was originally written, it served it's purpose quite well. However, over the years the number of Query vars which can be used to access content via has increased, and so have the number of archive views. This has lead to increased complexity in the Taxonomy canonical code which has needlessly caused bugs. What I'm proposing, is that it might be time to lay to rest the current `if.. elseif.. elseif..` style checks, It's not possible for 1 if branch to handle every single access point without duplicating another branch. As a result, I've put a half-finished together alternate version of Canonical, It's based on tallying up which query vars have been used/accounted for and removing any duplicates.. It's certainly not the best, but it's fairing better with the unit tests so far. {{{ Unit Testing: http://unit-tests.trac.wordpress.org/browser/wp-testcase/test_includes_canonical.php Before: FF.......FFFF..FFF.....F......FFFFFF.F....F.....FF....FF... After: FF...........FFF..................FF..................F.... }}} It's a work in progress, but it's worth considering IMO. Attaching a diff, and the full file (since the diff is going to be rather unreadable in some sections)" dd32 1 18395 Non-URL GUIDs are stripped on post update Posts, Post Types 3.2.1 normal normal defect (bug) new 2011-08-13T18:31:48Z 2019-06-04T20:42:09Z "The post guid is run through several filters before the post is saved. the esc_url_raw() call will end up setting a GUID to an empty string if the GUID does not begin with a known/accepted protocol. If a plugin/etc. wants to use the GUID column to store an external ID for an item brought in from another system (say a Flickr photo ID), then updating a post that has the Flickr ID as its GUID through the WP admin will end up setting the GUID for that post to ''. This would need to be changed if the move was made to UUIDs for GUID values as well. Related: #6492. A very basic patch for this specific issue is attached, but a larger discussion around how this should work is likely needed. Related: #18315" alexkingorg 2 18400 "Suggested label change for ""Stick this post to the front page""" dev-feedback Posts, Post Types normal normal Future Release enhancement new 2011-08-14T01:19:53Z 2020-02-06T19:45:40Z "In the Publish meta box, it would be more clear to say ""Stick this post to the top of the front page"" compared to saying ""Stick this post to the front page""." designsimply 12 18408 Can't wp_reset_postdata after custom WP_Query in an admin edit page audrasjb needs-unit-tests Query 4.7.2 normal normal Future Release defect (bug) assigned 2011-08-15T02:38:07Z 2024-02-19T22:14:25Z "While on an edit post page (or any post type), if you create a custom WP_Query object before the editor has been output, the post data from the custom WP_Query will fill out the edit post form, not the original content of the post that is actually trying to be edited. I found this out when trying to create a custom metabox in the 'side' context. You can reproduce this by inserting this code into a plugin: {{{ add_action( 'add_meta_boxes', 'myplugin_add_custom_box' ); function myplugin_add_custom_box() { add_meta_box( 'myplugin_sectionid', __( 'My Post Section Title', 'myplugin_textdomain' ), 'myplugin_inner_custom_box', 'post', 'side' ); } function myplugin_inner_custom_box() { global $post; $a = new WP_Query('post_type=page'); while($a->have_posts() ) : $a->the_post(); endwhile; wp_reset_postdata(); } }}} This happens because $wp_query->post is never defined in the admin load, which wp_reset_postdata relies on to reset the original post data. I am attaching a patch that defines $wp_query->post after the $post global has been defined. " ericlewis 44 18446 Widget removes fields w/ default HTML on initial save in IE8 and 9 dev-feedback Widgets 3.2.1 normal normal defect (bug) new 2011-08-16T15:51:02Z 2019-06-05T06:38:17Z "Weird problem, testd in IE8/9, Chrome, and Firefox. If you have a widget, with HTML in the default value, IE8/9 will remove the field entirely. However, if you then paste the HTML back into the field and save, it works fine. This ONLY happens after the initial drag/drop then save of the widget. It even happens if you drag/drop the widget, change the field and click save. Example Plugin: http://wordpress.org/extend/plugins/ft-calendar/ Widget: Upcoming Events Widget The Event Template (event_template) is set by default to: {{{ <a href=""%URL"">%TITLE%</a> }}} The event_template source for the Available Widget is: {{{ <input type=""text"" value=""<a href="%URL%">%TITLE% (%TIME%)</a>"" name=""widget-ft_cal_event_list[__i__][event_template]"" id=""widget-ft_cal_event_list-__i__-event_template"" class=""widefat"" /> }}} The event_template source for the widget after it is dragged to a widget area is: {{{ <input type=""text"" value=""<a href="%URL%">%TITLE% (%TIME%)</a>"" name=""widget-ft_cal_event_list[8][event_template]"" id=""widget-ft_cal_event_list-8-event_template"" class=""widefat"" /> }}} The source for the widget after it is first saved is: {{{ <input type=""text"" value=""<a href="%URL%">%TITLE% (%TIME%)</a>"" name=""widget-ft_cal_event_list[8][event_template]"" id=""widget-ft_cal_event_list-8-event_template"" class=""widefat"" /> }}} I setup a test to output $new_instance and $old_instance during the ""update"" process. Step 1: Moving widget from Available Widgets to Widget Area (in IE): {{{ NEW INSTANCE: Array ( [title] => [date] => [number_of] => 1 [date_types] => Month [limit] => 0 [timeformat] => g:i a [dateformat] => jS [date_template] => %DATE% [monthformat] => F Y [month_template] => %MONTH% ) OLD INSTANCE: Array ( ) }}} Step 2: Saving widget in Widget Area: {{{ NEW INSTANCE: Array ( [title] => [date] => [number_of] => 1 [date_types] => Month [limit] => 0 [timeformat] => g:i a [dateformat] => jS [date_template] => %DATE% [monthformat] => F Y [month_template] => %MONTH% ) OLD INSTANCE: Array ( [title] => [show_rss_feed] => off [show_ical_feed] => off [date] => [span] => +1 Month [number_of] => 1 [date_types] => Month [calendars] => [limit] => 0 [dateformat] => jS [timeformat] => g:i a [monthformat] => F Y [event_template] => [date_template] => %DATE% [month_template] => %MONTH% [hide_duplicates] => ) }}} Step 3: Pasting HTML code back into Event Template and saving Widget: {{{ NEW INSTANCE: Array ( [title] => [date] => [number_of] => 1 [date_types] => Month [limit] => 0 [timeformat] => g:i a [dateformat] => jS [date_template] => %DATE% [monthformat] => F Y [month_template] => %MONTH% [event_template] => <a href=""%URL%"">%TITLE% (%TIME%)</a> ) OLD INSTANCE: Array ( [title] => [show_rss_feed] => off [show_ical_feed] => off [date] => [span] => +1 Month [number_of] => 1 [date_types] => Month [calendars] => [limit] => 0 [dateformat] => jS [timeformat] => g:i a [monthformat] => F Y [event_template] => [date_template] => %DATE% [month_template] => %MONTH% [hide_duplicates] => ) }}} Here is a screenr showing the problem not working in IE9 and working in Chrome: http://www.screenr.com/mkhs " layotte 5 18448 wp_insert_category() is Not Properly Abstracted chriscct7 has-patch Taxonomy 3.0 normal normal defect (bug) assigned 2011-08-16T17:43:09Z 2019-06-04T21:07:06Z "If you look in http://core.trac.wordpress.org/browser/trunk/wp-admin/includes/taxonomy.php there is still a note that says ""The 'taxonomy' key was added in 3.0.0."" However, this function calls category_exists() and cat_is_ancestor_of(), which never recognized the taxonomy argument." miqrogroove 5 18450 New safe action to add rewrite rules on dev-feedback Rewrite Rules 3.2.1 normal normal Awaiting Review enhancement new 2011-08-16T19:56:10Z 2018-09-21T18:07:32Z "Currently I don't believe it's possible to meet the following two criteria: * Not flush rewrite rules on every page load * Ensure that you always have your rewrite rules available The problem arises when Plugin A has not yet added it's rewrite rules, but Plugin B calls ```flush_rewrite_rules```. Plugin A is a good citizen, and doesn't call ```flush_rewrite_rules``` unless it needs to and so now it's rewrite rules are no longer present. (See http://wordpress.stackexchange.com/questions/26029/when-to-call-add-rewrite-rule-for-safety for more.) Westi suggested that hooks on delete_option and get_option of 'rewrite_rules' might work. This covers almost all situations, except the one where permalinks are off and then get turned on again when neither the delete_option or get_option actions/filters are fired. Devs could hook the new action for their ```add_rewrite_rule``` calls, and use their own methodology to determine when to call ```flush_rewrite_rules```. Two attachments: * Example plugin, showing (hopefully) the problem with the existing situation * Diff showing where the hook might be added " simonwheatley 34 18474 Misleading error message when theme ZIP exceeds post_max_size dev-feedback Upload 3.2 normal normal Awaiting Review defect (bug) reopened 2011-08-18T16:16:03Z 2019-05-15T21:05:41Z "''post_max_size'' is 32MB, now try to uploading a 40MB big ZIP. You will get the ''Are you sure you want to do this? Please try again.'' message. But ''try again'' will not help. Notice: ''Warning: POST Content-Length of 47774864 bytes exceeds the limit of 33554432 bytes in Unknown on line 0''" ocean90 4 18489 Create constants in default-constants.php for the uploads folder to allow better custom uploads location eddiemoya Upload 3.2.1 normal normal Awaiting Review enhancement reopened 2011-08-19T20:11:41Z 2019-05-15T21:10:46Z "There are cases in which a the uploads directory might need to be divorced WP_CONTENT_DIR, currently the only thing we can use is the UPLOADS constant, which works but is relative to ABSPATH and as such limits where the uploads directory can be moved to. In default-constants.php we have constants for the wp-content, and plugins folder - the uploads folder is a natural addition to this. Currently there is only a poorly documented UPLOADS override in wp_uploads_dir, which can be overridden in wp-config.php. I also think there should be a similar constant for the themes folder, but I would that would be a bit more complex of a change. I have create a new function in default-constants.php which introduce WP_UPLOADS_DIR and WP_UPLOADS_URL, which are called after wp_plugins_directory_constants() in wp-settings.php - because that function create WP_CONTENT_URL, which is needed in order to create WP_UPLOADS_URL. It is important to note that I have not changed any of the precedent in terms of what overrides what - the uploads_path option still overrides the default location (or now, the potentially custom location) defined by the new constant, ''the old UPLOADS constant will still override either of them if it is set''. Thats the way it worked before and that behavior has been preserved. Additionally, I have patched /wp-includes/function.php wp_uploads_dir to make use of these new constants as well as a little clean up of some related logic. First patch to core - go easy." eddiemoya 19 18499 User count / roles inconsistency if roles no longer exist but users still do Users 3.2.1 normal normal defect (bug) new 2011-08-23T13:53:43Z 2019-06-05T06:38:18Z "The count_users logic (from line 833 onwards in wp-includes/user.php) is based on user roles. If the roles were created by a theme or plugin which is then deactivated, wordpress loses count of the users, but still lists them. The behaviour is confusing and inconsistent. See attached screenshot. 1) the user count total at the top (all) ignores the users with no 'active' role, however users are all listed (the users are shown as 'no role' in the list) 2) the old roles are shown in the dropdown selection however are not listed in the totals Suggestions: 1) the total user count should at the very least be correct wrt to the list. 2) Perhaps a total of 'no role' users could/should be shown (since the users are listed anyway ?) 3) If the old roles are shown in the dropdown, perhaps they should be flagged as inactive in some way?" anmari 3 18501 plugin_dir_path() returns unsanitized path on Windows installs dev-feedback Plugins 2.8 normal normal defect (bug) new 2011-08-23T18:40:29Z 2019-06-04T20:42:11Z "Currently plugin_dir_path() only returns the result of dirname( $file ), which can produce mixed results on local Windows installations. Attached patch takes pieces from plugin_basename() and plugins_url() to guarantee a working and accurate plugin directory path is returned in all operating systems. See #BB1596 (and associated revisions) for back-story." johnjamesjacoby 5 18513 Searching with explicit post types unsets page post type needs-unit-tests Query 3.2.1 normal normal defect (bug) new 2011-08-24T22:13:08Z 2022-02-12T20:43:32Z "Tested on WP 3.2.1, Twenty Eleven with no plugins, multisite. If I explicitly limit a search query via a GET request using an array of post_type values, the post_type for page is automatically excluded. To reproduce: * Do a search on a WP install (perhaps through a modified search form), such that the URL is like: http://example.com/?post_type[]=post&post_type[]=page&post_type[]=attachment&s=Test or http://example.com/?post_type[]=post&post_type[]=page&post_type[]=book&s=Test That's searching for ""Test"" on post, page and attachment/book post types. * Adding the following to a theme's functions.php: {{{ add_filter( 'pre_get_posts', 'wpcpt_search' ); /** * * @param array $query */ function wpcpt_search( $query ) { if ( ! $query->is_search ) return $query; print_r( $query->query_vars ); return $query; } }}} That spits out (and seemingly confirmed via the values shown in the Debug Bar plugin) the following at the beginning: {{{ Array ( [s] => Test [post_type] => Array ( [0] => post [2] => attachment ) }}} and only returns results for posts and attachments (or books). The fact that key 1 is missing makes me think that page was in the array at some point, but it's been unset, but I can't see where, or why, this might be done. (When no post_type is set, giving a post_type of 'any', which in turn gives all of the non-excluded_from_search post types, then page is one of the array values, and the search results correctly include pages.) " GaryJ 8 18523 Can't change page permalink if slug metabox is removed helen Permalinks 3.0 normal normal Future Release defect (bug) assigned 2011-08-26T14:42:56Z 2021-01-07T17:19:03Z "If the slug metabox is removed from the ""Edit Page"" page, it is not possible to change permalinks, using the edit permalink function at the top of the page. Slug and other metaboxes are removed by the karma theme, in its admin/theme-functions.php (but only if 'ka_hidemetabox' in the wp_options table is 'true'): {{{ remove_meta_box('slugdiv','page','normal'); }}} Technically, without the slug box, the ""post_name"" field containing the new slug is not sent with the form data when you click the ""Update"" button. I believe this is bug was introduced after version 3.1.3. " dankod 30 18525 "zlib.output_compression ""on"" in server conflicts with autoupdate" dev-feedback Bootstrap/Load 3.2.1 normal normal Awaiting Review defect (bug) reopened 2011-08-26T20:11:45Z 2024-02-07T18:30:58Z "If zlib.output_compression is ""on"" in server (my vps server), then auto-update works, but without verbose output or any indication that install has succeeded. This error is consistent for all auto-updates WordPress Application and all plugins. It is NOT a plugin conflict. Occurs on different servers. Testing has confirmed that when zlib.output_compression is returned to ""off"", then updates work as expected. In my opinion this is a minor bug and probably a note in the readme file will suffice. Thank You, Neil Miller zx@avidre.net" avidre 32 18546 Add index.php to wp-includes and wp-admin/includes SergeyBiryukov* dev-feedback Bootstrap/Load 3.2 normal normal Future Release enhancement accepted 2011-08-30T11:42:40Z 2021-01-21T22:46:03Z "In [comment:ticket:17601:15], dd32 suggested an idea of adding `index.php` to `wp-includes`: > /wp-includes/index.php doesnt exist however, leading to that entire folder being indexed by google in some cases (which [http://www.google.com/search?hl=en&client=opera&hs=4Ba&rls=en&q=intitle%3A%22Index+Of%22+inurl%3Awp-includes&aq=f&aqi=&aql=&oq= does happen]), this will cause Search Engines to index the contents of these files, leading to the errors being logged. The patch adds `index.php` to `wp-includes` and `wp-admin/includes`. " SergeyBiryukov 35 18549 wp_texturize incorrectly curls closing quotes after inline HTML end tags miqrogroove has-patch Formatting 3.2.1 normal normal defect (bug) assigned 2011-08-30T21:54:26Z 2023-08-18T07:21:04Z "The following source HTML: {{{ The word is ""<a href=""http://example.com/"">quoted</a>"". The word is '<a href=""http://example.com/"">quoted</a>' The word is '<a href=""http://example.com/"">quoted.</a>' The word is '<a href=""http://example.com/"">quoted</a>'. The word is '<a href=""http://example.com/"">quot</a>'d }}} Gets incorrectly transformed by wp_texturize() as: {{{ The word is “<a href=""http://example.com/"">quoted</a>“. The word is ‘<a href=""http://example.com/"">quoted</a>‘ The word is ‘<a href=""http://example.com/"">quoted.</a>‘ The word is ‘<a href=""http://example.com/"">quoted</a>‘. The word is ‘<a href=""http://example.com/"">quot</a>‘d }}} '''Note:''' all the double/single quotes in the above examples that should be closing are instead opening) This renders in the browser like this: {{{ The word is “quoted“. The word is ‘quoted‘ The word is ‘quoted.‘ The word is ‘quoted‘. The word is ‘quot‘d }}} The problem here is that wp_texturize splits the text on all start/end tags, which makes sense for block-level tags, but not inline-tags like {{{<em>}}} and {{{<a href="""">}}}. formatting.php line 67: {{{ $textarr = preg_split('/(<.*>|\[.*\])/Us', $text, -1, PREG_SPLIT_DELIM_CAPTURE); }}} However if you change it to only split the content on block-level tags, you'll need something more sophisticated/complex than a regular expression to avoid curling quotes within html." justincwatt 33 18553 Counting of categories doesn't work without refreshing? has-patch Taxonomy 3.2.1 normal normal Future Release defect (bug) new 2011-08-31T11:39:03Z 2017-10-08T08:28:44Z "If you add a new category or delete one the number of total categories stays on the original number. For exemple, when you have 7 categories then in the corner it says '7 items'. When you delete one, you have 6 items but '7 items' is still displayed. (Chrome 15.0.816) 1) Go to your categories 2) Add one and look to the number of items, IT WILL NOT CHANGE! So this count for adding normal categories and child ones..." jonezjea 7 18556 Toolbar dropdowns when dragging items drecodeam* has-patch Toolbar 3.2.1 normal normal Future Release defect (bug) accepted 2011-08-31T19:15:17Z 2021-11-16T14:16:57Z "When dragging metaboxes, widgets, menu items, etc to the top of the window in order to scroll to drop the item on a portion of the UI that's above the viewing window, the toolbar interferes and produces dropdowns, etc. If dragging an item, can we disable toolbar actions? " chexee 20 18563 Disallowing editing of .php files in the plugin editor blocks access to allowable extensions Plugins 2.8 normal normal defect (bug) new 2011-09-01T04:12:29Z 2019-06-04T20:42:15Z "By using the editable_extensions filter, a user can disallow the editing of php files (more accurately: files with a php extension...) {{{ add_filter( 'editable_extensions', 'disallow_php_file_editing' ); function disallow_php_file_editing( $editable_extensions ) { unset( $editable_extensions[0] ); return $editable_extensions; } }}} However, the file selected when first clicking on the Editor link in the menu is always a php file, so the user is given the ""Files of this type are not editable"" wp_die() message without being presented with a chance to select a file with a different/allowable extension." trepmal 10 18565 Scheduled or Published. Still confuses us. General 3.2.1 normal critical Awaiting Review defect (bug) reopened 2011-09-01T08:26:21Z 2021-08-10T05:13:54Z "It is impossible to move a post from Scheduled to Published. Posts -> Edit - change Status to ""Published"" and Save -- nope, still Scheduled Posts -> Quick Edit - change Status to ""Published"" and Save -- nope, still Scheduled Posts -> Edit change Scheduled Time to less than one hour in the future -- doesn't publish Posts -> Edit change Scheduled Time to more than an hour in the future -- posts on time. This is repeatable on vanilla instances of WordPress 3.2.1 with no plugins. The *ONLY* functional way to take a schedule post and make it Published right now is cut/paste to a new post." jorhett 16 18584 Nav menus need more hooks for extensibility (on admin page & in customizer) close Menus 3.3 normal normal Future Release enhancement new 2011-09-04T02:38:16Z 2021-05-22T17:25:59Z "I'm trying to add some additional fields to the nav menu blocks but sadly there are no hooks for doing so. Zero. We should add some and get in a better habit of just doing so when the code is written. My specific suggestions are before the Remove/Cancel links (i.e. for adding standard stuff), one above the ""original"" field, and one after those action links (to add more actions). We need to account for both extending the menus admin page and menus in the customizer. Depends on: #38072" Viper007Bond 81 18602 Media Library imported, but all items Unattached reporter-feedback Import 3.2 normal normal defect (bug) new 2011-09-06T10:10:18Z 2019-06-04T20:02:51Z "Export XML file from one site, import into another site. By checking ""Download and import file attachments"", files from wp-content/uploads are downloaded correctly to the new site, and added to Media Library. However all items in the Media Library are now ""Unattached"", and for example posts using [gallery] are broken on the new site. " awallin 4 18613 get_adjacent_post() doesn't find private posts has-patch Posts, Post Types normal normal enhancement new 2011-09-07T15:52:25Z 2019-06-04T20:42:17Z The status is always 'publish'. scribu 6 18630 Custom Comment Validation Error has-patch Comments 3.3 normal minor Awaiting Review feature request new 2011-09-09T19:49:33Z 2022-07-15T15:49:43Z "One of the things that bugs me about WordPress is not being able to customize the wp_die() function that is called on comment form validation. I have seen some people sugget core hacks, eek. I'm hoping that a hook is added to allow overriding of the default wp_die(). Maybe even a new template file wp_error.php that would be called first. I haven't found a lot of discussion on this in trac just #11286 and #10551" bandonrandon 9 18660 Enhance rel_canonical function, add filter joostdevalk has-patch Canonical 3.3 normal normal Future Release enhancement assigned 2011-09-14T15:59:03Z 2019-10-16T10:07:49Z "I think it's a bit shortsighted to think that only singular pages need the canonical tag output in the `<head>`. Considering the fact that just about any page on your site can be accessed with a malformed URL, I think it's time to enhance this function. The attached patch is just a first pass. But I think it gets us started in the right direction. There's also a filter before output, so themes and plugins can further enhance the output of this plugin (related #14458). Patch is against [438126]." nathanrice 36 18672 "Implement rel=""prev"" and rel=""next"" for archives" joostdevalk Permalinks 3.3 normal normal Future Release enhancement new 2011-09-15T12:37:23Z 2020-02-29T17:21:40Z "As can be seen here: http://googlewebmastercentral.blogspot.com/2011/09/pagination-with-relnext-and-relprev.html Google now uses rel=""prev"" and rel=""next"" to navigate paginated archives. As we already do a lot of these types of links (rel=""index"", rel=""start"" etc.) I think we should add these. I'll come up with a first version of a patch." joostdevalk 11 18701 """hierarchical"" argument for get_pages() does nothing" DrewAPicture* Posts, Post Types 3.0 normal normal defect (bug) accepted 2011-09-19T06:48:32Z 2019-06-04T20:42:19Z "The `hierarchical` argument for `get_pages()` is never actually used. It is in an `if` statement, but one that requires `child_of` to also be set: {{{ if ( $child_of || $hierarchical ) $pages = & get_page_children($child_of, $pages); }}} Props Vynce Montgomery for pointing this out to me." Viper007Bond 5 18730 media_sideload_image() doesn't handle dynamic image url's well has-patch Media 2.9 normal normal defect (bug) new 2011-09-21T10:49:11Z 2020-06-04T17:22:40Z "Example URL: http://www.tumblr.com/photo/1280/10464566223/1/tumblr_lrum2xzkpC1r3z8e3 As a result, the preg_match() for the file extension fails and issues a notice (no file extension in that url, although the redirection location does have). The handling of a download failure also seems hairy, upon failure, it still attempts further importing before loading - I haven't looked into that too far." dd32 4 18734 Subcategory archive does work with any name as parent category in URL dev-feedback Canonical 3.0.1 normal normal Future Release defect (bug) new 2011-09-21T15:10:46Z 2022-05-16T02:25:51Z "Parent category is ''parentcategory'' and his sub category is ''subcategory''. The URL will be ''domain.com/category/parentcategory/subcategory''. The problem is, that you will get the same page if you use any words as ''parentcategory''. Examples: - ''domain.com/category/xxx/subcategory'' - ''domain.com/category/subcategory'' - ''domain.com/category/foo/bar/subcategory'' IMO {{{redirect_canonical}}} should do his work here (and sometimes it does). In 3.1 it does redirect. In 3.1.4 it doesn't redirect; after r17549. In 3.2.1 it doesn't redirect. Duck_ found that it does redirect before r18079. In current trunk it doesn't redirect. " ocean90 14 18743 Persistent redirect_to For Login, Registration, and Lost Password Login and Registration 3.3 normal normal enhancement new 2011-09-22T07:04:39Z 2019-06-04T20:02:54Z "Currently, if redirect_to is passed in to the login screen and then a user clicks Register or Lost Password, the redirect_to gets lost. I think that the redirect_to should be persistent and honored whether the user logs in, registers or gets a lost password. I've written a hacky filter to do this, but I think this ought to be included in the core. Here's what I did: {{{ //Keep redirect_to in URL add_filter('site_url', 'foxyshop_add_registration_redirect', 5); function foxyshop_add_registration_redirect($path) { if ((strpos($path, ""action=register"") !== false || strpos($path, ""action=lostpassword"") !== false) && isset($_REQUEST['redirect_to'])) return $path . '&redirect_to='.urlencode($_REQUEST['redirect_to']); if (substr($path, strlen($path)-12) == ""wp-login.php"" && isset($_REQUEST['redirect_to'])) return $path . '?redirect_to='.urlencode($_REQUEST['redirect_to']); return $path; } }}} (I know 3.3 is in freeze now, but there wasn't another version option)" sparkweb 6 18769 Admin should not break if URL changes Administration normal normal Awaiting Review enhancement new 2011-09-24T22:58:42Z 2022-02-06T14:07:17Z "We manage a lot of users who have WordPress blogs, and probably the number one user support request we have to field comes out of this situation: 1. User decides they want to move their WordPress, 2. They move the folder to a new URL, 3. Their admin page stops working, because it still had the old URL hard-coded. This is silly and should be fixed." AmbushCommander 5 18777 Support filtering of domain validation on Add New Site. Networks and Sites normal normal enhancement new 2011-09-26T11:41:32Z 2020-10-16T18:28:34Z "I've a client who wanted to add subdirectory sites in a multisite install e.g.: example.com/department1/johnjoe example.com/department2/fredbloggs etc. But to do this, they had to add the site without the slash, then go back, and edit the sites URL. So to allow support for this, ( coupled with the obligatory custom sunrise.php ) and to allow error checking ( e.g. not allowing depoortment1, and only allowing a preset number of subfolders ), I added a filter. You'll find attached a small patch to site-new.php adding this filter" TJNowell 9 18790 add_theme_support with post type doesn't add theme support but overwrites it has-patch Themes 3.2.1 normal normal defect (bug) new 2011-09-27T12:17:13Z 2019-06-04T21:07:09Z "The function add_theme_support has an optional second parameter, which allows you to add support for post thumbnails for certain post types. You would expect this function to add the theme support for that post type, but instead it overwrites the theme support for that feature, which results in the theme support being set for just the post type(s) that were passed. Reproduce: {{{ function add_thumbnails_support() { add_theme_support('post-thumbnails', array('my_post_type')); print_r(get_theme_support('post-thumbnails')); add_theme_support('post-thumbnails', array('another_post_type')); print_r(get_theme_support('post-thumbnails')); } add_action('after_setup_theme', 'add_thumbnails_support'); }}} " Jesper800 3 18791 Add custom post type support for Author Template functions needs-unit-tests Users 3.2.1 normal normal enhancement new 2011-09-27T12:32:48Z 2019-06-05T06:38:28Z "Functions defined in `wp-includes/author-template.php` assumes that post type == post. It will be good to enhance them so they will be able to work with specified post type. At first sight following functions will need update: {{{ get_the_author_link() the_author_link() get_the_author_posts() the_author_posts() the_author_posts_link() get_author_posts_url() wp_list_authors() }}} I suspect there will be other updates needed, to support new `post_type` argument added to author's url." sirzooro 12 18801 Accessibility Enhancements to Settings API joedolson* has-patch Options, Meta APIs 3.2.1 high normal Future Release enhancement accepted 2011-09-28T14:59:44Z 2023-03-24T15:16:10Z "I've only started working with the Settings API, but right off the bat I noticed two fairly major, but should be not too difficult to fix, accessibility issues. 1) The label/input field pairs are missing the HTML <label> tags that link the two. Example: Field One <input id=""field_one"" name=""field_one"" type=""text""> Should be rendered: <label for=""field_one"">Field One</label> <input id=""field_one"" name=""field_one"" type=""text""> 2) The settings pages themselves are laid out using a table. Tables should be reserved for tabular data, and not for page layout. CSS should be used for layout instead. Thanks for your attention." taupecat 24 18816 Add 'offset' parameter and 'ancestral' boolean to wp_nav_menu dev-feedback Menus normal normal enhancement new 2011-09-29T16:13:42Z 2019-06-04T20:02:57Z Since we can now call wp_nav_menu multiple times and there is the very useful 'depth' parameter, I believe adding an 'offset' parameter would be very beneficial in many situations. This would allow you to start at the children of the main pages for example and combined with depth it becomes very powerful. An 'ancestral' => 'true' option could output only menu items that the current page is a descendant of. Currently if you want to display a main menu in the header and then a submenu on page.php you either need a tricky custom walker or terrible CSS 'visibility:hidden' or 'display:none' situations. signyourbikeout 3 18833 Pass raw data into save_post/wp_insert_post rmccue has-patch Posts, Post Types normal normal enhancement new 2011-10-01T09:15:14Z 2019-06-04T20:42:21Z "Almost all tutorials about custom metaboxes (in addition to post meta) use `$_POST` to get the data that was submitted. Unfortunately, this breaks if a plugin uses anything that calls `wp_insert_post()` in the same request. The patch attached here includes the `$postarr` array, which is the raw data passed in, and which is `$_POST` from `wp-admin/post.php`. This allows one to use the third parameter to the callback to set meta data instead of having to use `$_POST` directly." rmccue 17 18836 ORDER BY RAND() is slow pbearne has-patch Query normal minor enhancement assigned 2011-10-01T16:59:04Z 2024-03-12T17:55:53Z "WP_Query currently accepts 'orderby' => 'rand' which translates to ORDER BY RAND(). This is very slow when you have many posts, since it effectively calls RAND() for each row. A faster way would be to call RAND() only once and put it in the LIMIT clause. The only thing is that we have to make sure that the generated number is smaller than (total number of posts - number of posts to fetch). So, this would require to do an extra query to calculate the total. It should still be faster than the current method. If we want to get more than one post, we can get them in any order and then call shuffle() on the resulting array." scribu 10 18842 wp_nav_menu confuses new developers when it falls through to page listing Menus 3.2 normal normal Awaiting Review defect (bug) reopened 2011-10-02T10:54:12Z 2017-09-20T19:42:00Z "It appears that when wp_nav_menu() falls through to a page listing, many menu-specific args are not passed to the page listing, which ultimately confuses new developers. I seem to answer this at least weekly in #wordpress One example is the 'container_class' arg, if it falls through to the fallback_cb, the container_class is not applied. Ideally, template-related arguements should be passed to the fallback (And with pages as the default callback, it should handle these) or wp_nav_menu() should output any extra wrapping divs if appropriate." dd32 4 18857 get_plugin_page_hookname uses menu_title to construct subpage load-hooks chriscct7 has-patch Plugins 3.1.4 normal normal Future Release defect (bug) assigned 2011-10-04T15:16:33Z 2024-02-27T22:04:37Z "The load-hook for PluginSubPages isn't working anymore if the PluginPage is translated. The reason seems to be that the get_plugin_page_hookname function uses the menu_title instead of the menu_slug to create the hookname. I attached a possible fix." apocalip 37 18877 DRY up rewrite rule matching ericlewis has-patch Rewrite Rules normal normal Future Release enhancement assigned 2011-10-06T22:24:34Z 2022-10-10T07:19:48Z "Currently, the whole rewrite matching loop is duplicated: once in WP::parse_request() and once in url_to_postid(). Re-posting the patch from #16687 for consideration." scribu 25 18897 query_posts / WP_query parameter 'offset' should play nicely with 'paged' wonderboymusic has-patch Query 3.2.1 normal normal enhancement reopened 2011-10-10T22:18:29Z 2019-06-04T20:42:27Z " Setting the offset parameter with WP_query ignores the paged parameter. Thus offset can only be used as if on page 1. This is unfortunate and seems worth fixing. See prior #2558 ""query_posts() should support offset""" here 26 18909 Bundled jQuery UI should have CSS close External Libraries 3.3 normal normal Future Release enhancement assigned 2011-10-11T18:53:57Z 2022-10-04T06:37:42Z "Now that all of jQuery UI is in core, matching CSS should also be included for use in the admin in both color schemes. Related: #17952" helen 67 18947 get_intermediate_image_sizes() should also contain width/height/crop values as sub array dev-feedback Media 3.2.1 normal normal Future Release enhancement assigned 2011-10-14T14:48:05Z 2020-01-05T03:57:42Z "Currently the function [http://core.trac.wordpress.org/browser/branches/3.2/wp-includes/media.php#L580 get_intermediate_image_sizes()] only displays a combined list of built-in/default & (via {{{add_image_size()}}}) registered image size ''names''. In lot's of cases it would be pretty handy to also have the height, width & crop values attached as sub array as you can see it in {{{$GLOBALS['_wp_additional_image_sizes']}}}. ''I currently do not have a working dev version of wp installed, so I put it here as plain code:'' Change for [http://core.trac.wordpress.org/browser/branches/3.2/wp-includes/media.php#L580 get_intermediate_image_sizes()]: {{{ function get_intermediate_image_sizes() { global $_wp_additional_image_sizes; $image_sizes = array('thumbnail', 'medium', 'large'); // Standard sizes foreach ( $image_sizes as $size ) { $image_sizes[ $size ]['width'] = intval( get_option( ""{$size}_size_w"") ); $image_sizes[ $size ]['height'] = intval( get_option( ""{$size}_size_h"") ); // Crop false per default if not set $image_sizes[ $size ]['crop'] = get_option( ""{$size}_crop"" ) ? get_option( ""{$size}_crop"" ) : false; } if ( isset( $_wp_additional_image_sizes ) && count( $_wp_additional_image_sizes ) ) $image_sizes = array_merge( $image_sizes, $_wp_additional_image_sizes ); return apply_filters( 'intermediate_image_sizes', $image_sizes ); } }}} The only two other affected lines in core are pretty a simple fix: Use the {{{array_keys()}}} only: [http://core.trac.wordpress.org/browser/branches/3.2/wp-admin/includes/image.php#L106 wp_generate_attachment_metadata()] and [http://core.trac.wordpress.org/browser/branches/3.2/wp-includes/post.php#L3824 wp_delete_attachment()]: {{{ foreach ( array_keys( get_intermediate_image_sizes() ) as $s ) { }}} I'm not really shure how the {{{crop}}} works, so this could maybe add additional DB calls if the option wasn't set - currently I only see {{{thumbnail_crop}}} added to the autoloaded options. ''The links are to the 3.2 branch of the repo.''" F J Kaiser 20 18954 Automatically whitelist screen options added via add_screen_option() has-patch Plugins normal normal enhancement new 2011-10-14T22:54:08Z 2019-06-04T20:42:29Z "{{{set_screen_options()}}} currently maintains a hardcoded whitelist of screens that can set options. The list is extendable via the filter: {{{ apply_filters('set-screen-option', false, $option, $value); }}} but that's sort of a pain. If a plugin calls {{{add_screen_option()}}}, it should be added to the whitelist automatically. Also note that {{{set_screen_options()}}} is called so early, there's no convenient place for plugins to add to the {{{set-screen-option}}} filter. The best workaround I've been able to come up with is to manually call {{{set_screen_options()}}} again inside the page's {{{load-$hook}}}. Example naive plugin code that does not work in <=3.3. {{{ # Inside a menu page's load-$hook // Display per-page settings in screen options add_screen_option( 'per_page', array( 'label' => __( 'Things' ) ) ); }}}" mdawaffe 8 19031 Category view incorrectly counting custom posts Posts, Post Types 3.2 normal normal defect (bug) new 2011-10-24T02:40:31Z 2019-06-04T20:42:32Z "If you define a custom post-type something like this: {{{ Array ( [taxonomies] => Array ( [0] => category [1] => post_tag ) [label] => Book [rewrite_slug] => [query_var] => [public] => [show_ui] => 1 [show_in_nav_menus] => 1 [publicly_queryable] => [exclude_from_search] => 1 ) }}} Even if the post-type is NOT public or NOT publicly_queriable (see above), the counts of the posts in each category still shows, totally ignoring the settings of the post-type. == Expected Output == I would expect the count to be related to the results displayed. If there are no visible results for that category (i.e. the user can't see them due to public settings), I would expect the count to go to zero. == Actual Output == The count of posts in the given category seems to have nothing to do with the visible results. This is related to this bug: #18950" fireproofsocks 4 19085 Removing First Submenu Page in Admin Menu breaks URL for Menu Page has-patch Administration 3.1 normal normal defect (bug) new 2011-10-29T18:44:19Z 2019-06-04T19:22:46Z "If you attempt to remove the Post Type Submenu Page in the Admin it breaks the Menu Page URL; it causes the Menu Page URL to be the same as the new first Submenu Page URL: [[Image(http://screenshots.newclarity.net/skitched-20111029-142108.png)]] Here is a simple class you can drop into the theme's `functions.php` file to experience this bug. This example is a minimum to trigger the error ''(I simplified the `register_post_type()` call so the example code would have fewer lines):'' {{{ <?php class Trigger_Admin_Menu_Bug { static function on_load() { add_action( 'init', array( __CLASS__, 'init' ) ); add_action( 'parent_file', array( __CLASS__, 'parent_file' ) ); } static function init() { global $wpdb; register_post_type( 'test-cpt', array( 'label' => 'Test CPT', 'show_ui' => true, )); } static function parent_file( $parent_file ) { remove_submenu_page( 'edit.php?post_type=test-cpt', 'edit.php?post_type=test-cpt' ); return $parent_file; } } Trigger_Admin_Menu_Bug::on_load(); }}} I'd provide a patch but the admin menu code is more complex than I can fully understand. Maybe the person who originally wrote it could fix it? Note: Sadly, this is a blocker for one of my client projects. The client wants the admin menus simplified to reduce the conceptual load on their end users because we are adding many other submenu pages. Plus I've traced through the core WP code with a debugger for many hours looking for hooks that would allow me to get around this issue, but there simply are no hooks where it would be needed to hack a fix for this." mikeschinkel 10 19100 Introduce esc_color() dev-feedback Formatting normal normal Future Release enhancement new 2011-11-01T12:16:14Z 2020-03-04T06:27:35Z Currently there is no way to escape a color in hexadecimal notation before printing it to a block of css or saving to the database. Many themes like to introduce functionality, whether it be core-supported or completely custom, to change the color of various parts of the templates. I believe that a function such as `esc_color()` would promote best practices while ensuring that unintended values do not get stored as colors and thus echoed in css blocks potentially breaking display. mfields 17 19173 Issues with wp_editor() when used inside of a meta box. azaozz has-patch Editor 3.3 normal normal Awaiting Review defect (bug) reopened 2011-11-06T07:16:40Z 2021-07-07T18:20:53Z "I ran into a couple of obscure issues when adding an editor inside of a meta box. Errors are generated when moving the meta box around and then switching between the Visual and HTML editors. Also, the resize handle (.mceResize) is a bit too low when viewing the Visual tab when our custom editor has been added within a meta box. Tested in FF7 7.0.1 WPv3.3beta2 I'm adding the Editor within a meta box because it's the easiest way to add an Editor field type within the meta box/ CPT plugin I've made. It seems like it will be a common use case. Here's a simple plugin that adds an editor within a meta box. {{{ <?php /** * Plugin Name: WP Editor in a Meta Box * Plugin URI: * Description: Demonstration of WP Editor in a meta box. * Version: 1.0 * Author: goto10 * Author URI: * License: */ // file name: wp_editor-in-meta-box-test.php /* Meta box code based on http://codex.wordpress.org/Function_Reference/add_meta_box */ /* Define the custom box */ add_action( 'add_meta_boxes', 'myplugin_add_custom_box' ); /* Do something with the data entered */ add_action( 'save_post', 'myplugin_save_postdata' ); /* Adds a box to the main column on the Post and Page edit screens */ function myplugin_add_custom_box() { add_meta_box( 'wp_editor_test_1_box', 'WP Editor Test #1 Box', 'wp_editor_meta_box' ); } /* Prints the box content */ function wp_editor_meta_box( $post ) { // Use nonce for verification wp_nonce_field( plugin_basename( __FILE__ ), 'myplugin_noncename' ); $field_value = get_post_meta( $post->ID, '_wp_editor_test_1', false ); wp_editor( $field_value[0], '_wp_editor_test_1' ); } /* When the post is saved, saves our custom data */ function myplugin_save_postdata( $post_id ) { // verify if this is an auto save routine. // If it is our form has not been submitted, so we dont want to do anything if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) return; // verify this came from the our screen and with proper authorization, // because save_post can be triggered at other times if ( ( isset ( $_POST['myplugin_noncename'] ) ) && ( ! wp_verify_nonce( $_POST['myplugin_noncename'], plugin_basename( __FILE__ ) ) ) ) return; // Check permissions if ( ( isset ( $_POST['post_type'] ) ) && ( 'page' == $_POST['post_type'] ) ) { if ( ! current_user_can( 'edit_page', $post_id ) ) { return; } } else { if ( ! current_user_can( 'edit_post', $post_id ) ) { return; } } // OK, we're authenticated: we need to find and save the data if ( isset ( $_POST['_wp_editor_test_1'] ) ) { update_post_meta( $post_id, '_wp_editor_test_1', $_POST['_wp_editor_test_1'] ); } } }}} '''Case 1:''' Steps to reproduce error:[[BR]] Activate test plugin.[[BR]] HTML tab is selected in our custom editor instance.[[BR]] Drag meta box containing editor around (ensuring the jQuery UI Sortable drop placeholder shows up, but the box does not need to be docked to a new location)[[BR]] Release the box[[BR]] Switch to the editor's Visual tab[[BR]] '''The following error occurs:''' j is null In file: /wp-includes/js/tinymce/wp-tinymce.php?c=1&ver=345-20110918 The top row of tinymce icons is also duplicated. Once the error occurs, we can no longer switch between tabs. '''Case 2:''' Steps to reproduce error:[[BR]] Activate test plugin.[[BR]] Visual tab selected.[[BR]] Drag meta box containing editor around.[[BR]] Release the box.[[BR]] switch to the editor's HTML tab.[[BR]] '''The following error occurs:''' Component returned failure code: 0x8000ffff (NS_ERROR_UNEXPECTED) [nsIDOMHTMLDocument.implementation] In file: /wp-includes/js/tinymce/wp-tinymce.php?c=1&ver=345-20110918 Note: It may take a couple of tries when switching between visual/HTML tabs to trigger the errors. Sometimes the errors won't happen, but usually they do." goto10 32 19264 Add get_nav_menu_item_children() has-patch Menus 3.0 normal normal enhancement reopened 2011-11-16T19:09:23Z 2019-06-04T20:02:58Z Just as get_page_children() exists, it would be good to have get_nav_menu_item_children(). Since the object is different the code get_page_children() needs to be slightly modified. wpsmith 2 19272 Add Filter to Nav Menu Support Themes Text bhargavbhandari90 needs-docs Menus normal trivial Future Release enhancement assigned 2011-11-16T22:47:52Z 2022-07-01T09:51:33Z "Frameworks could use a filter here to customize the message: `_n('Your theme supports %s menu. Select which menu you would like to use.', 'Your theme supports %s menus. Select which menu appears in each location.', $num_locations )`. For example, it may be the child theme that doesn't support the menus. Also, if none are supported (say via add_theme_support), then when it's zero, it says: ""Your theme supports 0 menus. Select which menu appears in each location."" (which doesn't make much sense). So adding a filter can enable theme developers to further customize. An example use case: {{{ add_filter( 'nav_menu_theme_support_text' , 'wps_nav_menu_theme_support_text' ); function wps_nav_menu_theme_support_text ( $num_locations ) { if ( $num_locations == 0 ) $text = 'Your child theme does not support custom menus.'; else $text = _n('Your theme supports %s menu. Select which menu you would like to use.', 'Your theme supports %s menus. Select which menu appears in each location.', $num_locations ); return $text; } }}}" wpsmith 10 19288 Erroneous custom taxonomy screen menu behaviour johnbillion has-patch Taxonomy 3.0 normal minor Future Release defect (bug) reviewing 2011-11-18T11:36:26Z 2018-06-06T23:11:56Z "I don't think this could get any more edge case and it's of trivial severity, but I thought I'd report it for completeness' sake. If a user has the ability to manage terms on a post type, but not the ability to edit posts of that post type, and the post type has more than one taxonomy, then the post type menu doesn't expand as expected when viewing one of the term management screens for that post type. Steps to reproduce: * Register a custom post type that uses its own capability mapping (resulting in `edit_foos` etc). * Register at least two custom taxonomies for this post type, with or without its own capability mapping. * Give a user (or role) the ability to manage the taxonomy terms but not the ability to edit posts of the post type. When viewing one of the term management screens for the given post type, the menu doesn't expand as expected (although the new 3.3 fly-outs do show). " johnbillion 3 19307 "Need ability to export ""All content"" but limited to date range" Export 3.1 normal normal enhancement new 2011-11-20T23:19:43Z 2019-06-04T19:43:35Z "Need ability to export ""All content"" but limited to date range ==== ENV ==== WP 3.3-beta3-19254 (trunk r19367) ==== Additional Details ==== For a larger site is a common scenario to need to export all content, but because of resource limitations or time constraints it cannot be done in a single export. Exporting individual post types is not a work around, further you lose attachments on posts when exporting just ""posts"", and that breaks features including Featured Images. ==== Also Consider ==== Another common scenario for media and enterprise customer is wanting to export a period of time to further analysis that content, or stage it in their development environment for debugging an issue, or developing new designs and features." lloydbudd 19 19373 wp_insert_post() should not contain current_user_can() checks has-patch Taxonomy 3.0 normal major Future Release enhancement new 2011-11-27T17:02:31Z 2023-11-18T00:53:23Z "wp_insert_post() is a utility function, it should not have a reliance on user capabilities. There are only two places in this function where there is a current_user_can() check - for updating custom taxonomies and for setting post slugs. All other checks (can user publish posts, etc.) are properly handled outside of the utility function. wp_insert_post() should be safe to use in code that is run without a user context, for example via CRON. With the current code, this is the case *except* for the custom taxonomy feature. This inconsistency can cause a BrilliantDeveloperTM to lose a good deal of time debugging why the same data being passed in is coming back with different results. For 3.4 (please!), perhaps we can figure out a way to move the checks for user capabilities on taxonomies out of the utility function and into the controller/procedural code. I'm happy to author and submit a patch once an approach has been determined. For other developers who run into this and need to work around it, either of these 2 options work: 1. call wp_set_post_terms() to add your taxonomies after calling wp_insert_post() 2. set up a ""current user"" in your script before calling wp_insert_post()" alexkingorg 40 19388 plugin_basename returns full directory in URL needs-unit-tests Plugins 3.3 normal normal enhancement new 2011-11-29T00:36:36Z 2019-06-04T20:42:35Z "If a trailing slash is specified on either then WP_PLUGIN_DIR or WPMU_PLUGIN_DIR settings, the plugin_basename function returns the whole directory path in the URL. The documentation does state not to use a trailing slash, however I think this function could be improved. By removing the explicit / in the preg_replace the correct plugin name will be returned even if a trailing slash is specified on the WP_PLUGIN_DIR or WPMU_PLUGIN_DIR constants. This should not affect the relative path as the trim before the return takes care of stripping off the first slash if it exists (effectively duplicating the remove in this case). While this is a very trivial change that won't affect most people (who read the docs properly) it was quite annoying to track down. Please see the attached diff." damianzaremba 5 19392 Add auto-suggest support for all flat taxonomies in Bulk Edit. dev-feedback Quick/Bulk Edit 3.0 normal normal enhancement new 2011-11-29T18:37:18Z 2019-06-04T21:07:15Z "Auto-suggest in the Bulk Edit area for post_tag's was fixed in 3.3. Let's add support for all other non-hierarchy tax's in 3.4. See [http://core.trac.wordpress.org/ticket/19176#comment:11 #19176] for more info." scottbasgaard 4 19415 wp_nav_menu showing private/conctepts posts without rights has-patch Menus 3.0 normal major defect (bug) new 2011-12-02T18:11:06Z 2019-06-04T20:03:00Z "when you are using wordpress menus and you got your post/page in a menu (e.g. using Automatically add new top-level pages) and then change the post/page to concept or set it private, the link to post/page stays in the menu for all users, what may have some negative security concerns this error in all versions, including todays nightly IMO it should show only visible posts (if someone disagrees and need it for some backward compatibility, there may be some parameter, but imo hidding private/concept should be default)" thomask 4 19487 Remove useless calls to set_time_limit() westi has-patch Bootstrap/Load 1.5 normal normal defect (bug) new 2011-12-09T14:53:08Z 2019-06-04T19:22:47Z "Calls to set_time_limit() were introduced in http://core.trac.wordpress.org/changeset/1812 and have remained in core ever since. The call occurs in code that makes network connections and is designed to allow time for the network calls to complete before the script execution stops. But set_time_limit() won't take network time into account, so it actually will not do what it seems designed to do. From php docs: The set_time_limit() function and the configuration directive max_execution_time only affect the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), stream operations, database queries, etc. is not included when determining the maximum time that the script has been running. Further, calls to set_time_limit() can cause unexpected results in code that relies on any functions that call set_time_limit(). For example, if some code (in a cron job, say) sets the time limit to 0 (unlimited) because it knows it needs some time complete, then a subsequent call to a function that resets the time limit will halt the long-running execution once the new limit has been reached. Also from php docs: When called, set_time_limit() restarts the timeout counter from zero. In other words, if the timeout is the default 30 seconds, and 25 seconds into script execution a call such as set_time_limit(20) is made, the script will run for a total of 45 seconds before timing out. Since the call to set_time_limit() does not here do anything useful, it should be removed." dllh 3 19493 post and archive pagination don't work with custom endpoints Rewrite Rules 2.1 normal normal Awaiting Review defect (bug) new 2011-12-09T23:55:09Z 2018-01-25T20:22:02Z "Archive pagination and post pagination are not endpoint-aware, so they break when endpoints are added to them. The following example code creates an endpoint, and then uses a filter to add that endpoint to various links on the rendered page: {{{ add_action( 'init', function() { global $wp_rewrite; add_rewrite_endpoint( 'foo', EP_ALL ); $wp_rewrite->flush_rules(false); } ); add_filter( 'post_link', 'gist_add_endpoint_to_url', 99 ); add_filter( 'get_pagenum_link', 'gist_add_endpoint_to_url', 99 ); function gist_add_endpoint_to_url( $url_base ) { $endpoint = 'foo'; $url_parts = parse_url( $url_base ); $url = ( isset($url_parts['scheme']) && isset($url_parts['host']) ) ? $url_parts['scheme'] . '://' . $url_parts['host'] : ''; $url .= isset($url_parts['path']) ? $url_parts['path'] : ''; $url = user_trailingslashit( $url ); if ( '' === get_option('permalink_structure') ) { $url .= isset($url_parts['query']) ? '?' . $url_parts['query'] : ''; $url = add_query_arg( $endpoint, 'true', $url ); } else { $url .= $endpoint . '/true'; $url = user_trailingslashit( $url ); $url .= isset($url_parts['query']) ? '?' . $url_parts['query'] : ''; } $url .= isset($url_parts['fragment']) ? '#' . $url_parts['fragment'] : ''; return $url; } }}} You'll see that it works perfectly using the theme unit test, except that paginated posts produce URLs like this: http://example.com/2008/09/layout-test/foo/true/2/ ...which doesn't work. The inverse -- http://example.com/2008/09/layout-test/2/foo/true/ -- also doesn't work, and produces a 404 on top of it. Also, the older posts / newer posts produce this format of link: http://example.com/page/2/foo/true/ .. .which also doesn't work. If you change gist_add_endpoint_to_url() to add a querystring param, older posts/newer posts links work fine, but post pagination still breaks: {{{ function gist_add_endpoint_to_url( $url_base ) { $endpoint = 'foo'; $url_base = add_query_arg( $endpoint, 'true', $url_base ); return $url_base; } }}} If you don't use a permalink structure at all, it works fine, since the pagination params are passed directly in the URL. I'm not sure if the fix lies in modifying add_rewrite_endpoint() so that it creates pagination urls in wp_rewrite, or modifying the way _wp_link_page() and get_next_posts_link() work. " mintindeed 8 19512 wp_read_image_metadata includes bitmap in description has-patch Media 3.3 normal normal defect (bug) new 2011-12-12T13:47:40Z 2019-06-04T20:03:02Z "After uploading a photo that includes (photoshop) bitmaps in the image data, the bitmap data is copied into the image description. " macbrink 2 19514 Add per-page filter for nav menu post type meta box has-patch Menus normal normal enhancement new 2011-12-12T15:40:53Z 2019-06-04T20:03:04Z Currently, there is a default (50) for paginating Post Type Entries on the wp_nav_menu_item_post_type_meta_box(). While there are other ways to filter this, it would be great for larger sites or larger number of post objects to be able to increase this for UX reasons. wpsmith 4 19541 wp_admin_bar_new_content_menu does not respect menu_position nacin* has-patch Toolbar 3.1 normal normal Future Release defect (bug) accepted 2011-12-14T02:19:30Z 2021-03-24T19:41:09Z "'''What is happening:''' When registering a custom post type, you can specify the position in the left-hand admin menu by using 'menu_position' to move it up or down in the list. However, the admin bar ""new content"" list does not use this same order, instead it will always display ""Post"", ""Media"", ""Link"", ""Page"" (in that order) before any custom post. '''What should be happening:''' The admin bar ""new content"" list should respect the menu_position attribute." davistobias 5 19556 Make wp_term_checklist() available as a template tag has-patch Taxonomy normal normal Future Release enhancement new 2011-12-14T22:58:07Z 2017-06-26T18:14:20Z "Currently, wp_term_checklist() is defined in wp-admin/includes/template.php, which means it's not available as a template tag for themes. Note that {{{wp_dropdown_categories()}}} is defined in {{{wp-includes/category-template.php}}}. We should move wp_term_checklist() there too." scribu 5 19572 switch_to_post() stack implementation (similar to switch_to_blog()) Posts, Post Types 3.3 normal normal enhancement new 2011-12-15T21:54:57Z 2019-06-04T20:42:36Z "One of the challenges themes and plugins have is the balance between utilizing the core APIs that rely on global variables, while leaving things in a ""clean"" state for the next worker in the chain. For example, I might have a shortcode that pulls content from another post, outputs a title or some other data, then needs to restore the previous post environment. The attached patch provides APIs for doing just this - using the same stack approach that switch_to_blog() takes in a multi-site instance. To set up a post context, call: switch_to_post($post_id); This can be called multiple times, diving deeper into the stack. Then each process is responsible for restoring the $post context by calling: restore_post(); This goes back to the stack, bumps out the current post and restores the previous post's context. There is some test code for demonstration here: https://gist.github.com/1309915" alexkingorg 9 19579 Make get_search_form() more filterable/extensible has-patch Themes 3.3 normal normal enhancement new 2011-12-16T15:16:17Z 2019-06-04T21:07:18Z "I notice that a lot of the time when Themes include custom search form markup via `searchform.php`, they are making very minor changes to the default markup. (A common on is adding onfocus/onblur attributes to the input.) Unfortunately, I've also noticed that custom search form markup tends to be... forgotten, and ends up becoming more insecure over time. So, in the interest of encouraging/facilitating use of the core markup, I propose making `get_search_form()` more extensible, similar to the extensibility of `comment_form()`. This patch replaces `$echo = true` with `$args = array()` as the parameter passed to `get_search_form()`, while retaining backward compatibility with `$echo = true`. Also, a (self-explanatory) `search_form_defaults` filter is added. Also addresses #16538 Does '''not''' address #16541, which is potentially related. Probably '''conflicts''' with #14851 Also related: #19321" chipbennett 9 19590 Warnings when unregistering core taxonomies and post types Taxonomy 3.3 normal normal defect (bug) new 2011-12-17T18:40:49Z 2019-06-04T21:07:20Z "'''number_format_i18n''' (/wp-includes/functions.php, line 155) will raise a warning when the first parameter ''$number'' is not a double/float, which happens when it receives the value 0. The error only shows up in the dashboard with a locale active (es_ES) in this case, screenshot attached. The fix would be to cast the received value to float. Current function, {{{ function number_format_i18n( $number, $decimals = 0 ) { global $wp_locale; $formatted = number_format( $number, absint( $decimals ), $wp_locale->number_format['decimal_point'], $wp_locale->number_format['thousands_sep'] ); return apply_filters( 'number_format_i18n', $formatted ); } }}} Fix, {{{ function number_format_i18n( $number, $decimals = 0 ) { global $wp_locale; $formatted = number_format( (float) $number, absint( $decimals ), $wp_locale->number_format['decimal_point'], $wp_locale->number_format['thousands_sep'] ); return apply_filters( 'number_format_i18n', $formatted ); } }}} It's the first bug i report here, so correct me if I'm doing it wrong. " xmarcos 18 19627 Themes should be able to opt-in to a static front page Themes normal normal feature request assigned 2011-12-21T01:42:05Z 2019-06-04T21:07:22Z "A theme should be able to register that they are designed to have a static front page by default. Core should then pick up on this as part of the activation process and allow them to pick or create a page, or ignore it and show posts on the front. Twenty Twelve will most likely need this (http://wpdevel.wordpress.com/2011/12/20/default-theme-twenty-twelve/)." nacin 51 19643 Allow array for $extra_fields in request_filesystem_credentials dd32 dev-feedback Filesystem API 3.0 normal minor defect (bug) reviewing 2011-12-22T07:47:38Z 2019-06-04T19:43:38Z The current implementation for passing extra fields through request_filesystem_credentials() does not allow for an array of data to be passed. I came across this issue when trying to process a bulk installation of plugins with my plugin installation class. My patch fixes this from what I can tell and doesn't break anything that I can see from my testing. griffinjt 17 19653 Order by meta field forces ignore of null records needs-unit-tests Query normal normal Future Release enhancement new 2011-12-23T15:11:45Z 2019-03-29T18:34:21Z "When doing a sort on posts with a meta value, the way the SQL is currently generated in meta.php creates a condition where records that DO NOT have the queried meta value are excluded from the results. This may or may not be the desired behaviour, but we don't give developers the choice without resorting to custom queries or manual rewrites of large swathes of the $clauses array. The issue: the way WP_Meta_Query->get_sql() creates the join on the meta key is by setting an inner join on wp_postmeta and then adding the key test to the where clause. I would suggest writing an outer (left) join on wp_postmeta, with the key condition in the join. This would also eliminate any potential future ambiguity if, for example, you are sorting on one meta key but filtering on another, since the key condition would be within the join clause, not the where clause: {{{ LEFT JOIN wp_postmeta ON wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = 'my_custom_field_name' }}} Related to ticket #18158 is the question of how we expose this to the developer in the query API. {{{ 'meta_key' => self::get_meta_key( 'my_custom_field_name' ), 'orderby' => 'meta_value', 'exclude_empty_meta' => false }}} If this gets any traction I would be happy to submit a patch." tomauger 8 19686 404 - File or directory not found dev-feedback Permalinks 3.3 low normal defect (bug) new 2011-12-29T19:47:45Z 2019-06-04T21:03:41Z "We are running Wordpress using multiuser with Buddypress. Users are getting the 404 error after they click the save button in their settings. I'm opening this ticket to report the source of the problem. Wordpress 3.x Buddypress 1.5 Windows 2008 R2 (IIS 7.5) Themes installed are all Buddypress compatible and all themes seem to be affected. All option pages are affected. Settings are updated when the user returns to the page - despite the error. A screen shot of the error can be seen at http://blogs.cnc.bc.ca/gagel/?attachment_id=38 The source of the problem appears to be in the wp_get_referer() function on line 164 in options.php. With the variables passed to the function it should redirect the user to the page they just submitted when they updated options. Instead they get the 404 error. The page they're redirected to appears to be the absolute path of the submitted page appended to the absolute path again (minus the domain). So it looks like this: userblog/wp-admin/userblog/wp-admin/options-general.php?settings-updated=true When I switch out the wp_get_referrer() function with the variable $parent_page then the redirect worked as expected. I'm uncertain about leaving it like this as my change may have introduced issues elsewhere... This issue is discussed at http://wordpress.org/support/topic/recuring-404-file-or-directory-not-found-error?replies=8#post-2527566" kwgagel 9 19691 Cannot modify admin messages for /wp-admin/edit.php dev-feedback Administration 3.3 normal normal enhancement new 2011-12-30T02:10:01Z 2019-06-04T19:22:50Z "The admin console messages output on line `264` of WordPress 3.3's file `/wp-admin/edit.php` are not filterable. This causes problems when added row actions need to HTTP GET from to WordPress to modify a post and then display an appropriate message complete with a revert link ''(like the ""Trash"" link does.)'' An example use-case could be for a custom post type used for both quotes and invoices where a row action might be ''""Convert Quote to Invoice""'' where you'd want a message and link displayed at the top of the admin after similar to this: - ''Quote #{$post_id} converted to Invoice. __Revert__'' Currently the only way to accomplish this is to pick hooks before and after the messages are output and use PHP's output buffering; clearly not a ''""best practice""'' approach. In order to address this I'm proposing an '''`'admin_messages'`''' filter hook to run just before the messages are output: {{{ $messages = apply_filters( 'admin_messages', $messages ); }}} However, since messages are output in numerous locations in the WordPress admin it seemed best to add the hook in every location where messages are output, which is what my patch does. Thus a hook can look at `$pagenow` or `get_current_screen()` to decide it is needs to do anything. Also while searching for places in the admin code that echo messages I found `$messages` are sometimes an array of HTML where the entire array is echoed and other times the $messages are an array with an index passed via `$_GET` and only one message will be displayed. For those cases I created another hook '''`'admin_message'`''' ''(note that this hook name is singular)'': {{{ $message = apply_filters( 'admin_message', $message, $messages, $_GET['message'] ); }}} I really only found a specific need for `/wp-admin/edit.php` today, but it seemed that it would be better for consistency if all messages were made hook filterable. That's why I created a larger patch when all my use-case needs is one new line. Looking forward to your feedback. " mikeschinkel 7 19707 admin-ajax.php requests via http regardless of force_ssl_admin() state Administration normal normal Awaiting Review enhancement reopened 2012-01-01T00:53:52Z 2018-03-06T13:31:02Z "Noticing these requests failing: ""NetworkError: 403 Forbidden - http://HOSTNAMEwp-admin/admin-ajax.php"" My server explicitly denies http to wp-admin. SSL only. Looks like admin_url() is giving http rather than https. I suspect this bug actually lies somewhere in get_site_url(), but I don't have time to triage this right now. This is technically a security bug since WP should always obey force_ssl_admin(), but I don't think anything is being leaked or compromised. You don't get access to anything, and nothing being sent over the wire is sensitive since it still obeys the rules of the protocol (cookie is secure). It's just a nuisance." robertaccettura 6 19711 Posts edit list window display no information about filtering chriscct7 has-patch Posts, Post Types normal normal enhancement assigned 2012-01-02T16:39:30Z 2019-06-04T20:42:39Z "The ""All Posts"" page lists the available posts. It can filtered by authors or terms, for example by clicking on a category name or the author name next to a post. The URL will change to apply the filtering, but there's no other visual indication of the filtering, nor a link to quickly disable filtering. This can lead to confusion when users are accessing filtered lists directly or via links in other part of the dashboard. " yoavf 15 19724 Sites with IDN domains can't be created (bug #15554 continuation) Networks and Sites 3.3 normal normal defect (bug) new 2012-01-03T17:44:08Z 2019-06-04T20:03:05Z "registration of new site with idn domain by unknown/new users themselves is not possible. (though creation of new site in wp-admin/network/site-new.php page is possible, by patch given in bug #15554 , i have just now tested it.) also let i mention that site domain is written (and would be requested to enter, if would be fixed without punycode to unicode conversion) in punicode form in wp-signup.php page, that is not acceptable for wordpress. i have attached differences i made to wp 3.0.4 to make idn domains working and also to show and accept them in human readable format in wp-signup.php page . link to the differences file i attached to/in previous bug report on/to this topic: http://core.trac.wordpress.org/attachment/ticket/15554/diff304-blogo.txt ." qdinar 9 19736 Add default body_class classes for Theme Names dev-feedback Themes 3.3.1 normal minor Future Release enhancement reopened 2012-01-04T16:58:07Z 2021-07-08T16:02:55Z "Although this may be more pure enhancement and quite possibly Mallory-Everest in nature, the idea of having a default `body_class` output for the Theme name seems to be a reasonable one. IF this is implemented it should also include a default class for a Child-Theme name as well as the Parent-Theme name. To that end, I am suggesting the following patch to the `body_class` function." cais 10 19738 meta_query should check for wildcards when using LIKE operator Query 3.2 normal normal enhancement reopened 2012-01-04T18:35:04Z 2019-06-04T20:42:41Z "This seems intentional, but when using the LIKE operator in a meta query, the % wildcards are automatically added to the start and end of the value when generating the SQL. I think a more robust way of doing this would be to only add said wildcards if one cannot be found within the value itself. " ejdanderson 13 19739 Filters to allow comments on draft & trash post_status posts needs-unit-tests Comments 3.3 normal normal Future Release enhancement new 2012-01-04T19:01:18Z 2023-03-02T15:52:31Z "I'd like to use comments on draft posts as part of an editorial workflow. Will this be as easy as adding a filter to fire before the current comment_on_draft action that can be checked before exiting? I'll try that and add a patch if it looks good. Related #13276. Not relevant to #18630, I think." cyberhobo 16 19747 Roles add_cap should call update_user_level_from_caps() Role/Capability 3.3.1 normal normal Awaiting Review defect (bug) reopened 2012-01-05T11:17:32Z 2022-05-13T22:08:51Z "Hey guys, I've created a new user role, which didn't appear in the Author drop down list due to #16841. The workaround is to add a level_1 capability to that user, but because wordpress doesn't call update_user_level_from_caps() function when you add_cap, that isn't actually applied to existing users on the role, and you have to move them to a different role and back again if you want to apply the changed user role. I'd suggest adding a call to update_user_level_from_caps() to add_cap (and remove_cap) to fix this in wp-includes/capabilities.php" lgladdy 7 19764 Invalid JSON in custom fields meta value after export Import 3.3 normal normal defect (bug) new 2012-01-06T17:13:07Z 2019-06-04T20:03:07Z "Hey there, I exported a working copy of my online WordPress site to a local copy and noticed that the code gets changed; The backslash is removed which causes the json format to be invalide. Original code in the custom fields meta {{{ {""videos"":{""0"":""<iframe width=\""480\"" height=\""360\"" src=\""http://www.youtube.com/embed/YAozOaxXYx4\"" frameborder=\""0\"" allowfullscreen></iframe>""}} }}} Becomes in the local site after import {{{ {""videos"":{""0"":""<iframe width=""480"" height=""360"" src=""http://www.youtube.com/embed/YAozOaxXYx4"" frameborder=""0"" allowfullscreen></iframe>""}} }}} " abdessamad idrissi 3 19826 Error behavior for deleting trashed posts is different for Bulk Delete versus Empty Trash piontkowski has-patch Posts, Post Types 3.1.2 normal minor Future Release defect (bug) assigned 2012-01-13T18:38:00Z 2018-06-06T23:11:56Z "Bug testing a custom blog build, but I may have located a bug with core (wp-die) Trash error messages. Background: *The blog has different users, with different roles. *Issue occurs on trash page of a custom post type (post status = trash .../edit.php?post_status=trash&post_type=subject) *Trash contains posts by both an admin role (who can add/edit/delete all custom posts) and an author role (who can add/edit/delete his/her own posts). *Logged in as an author. *Using Capability Manager Plug-in. (Tested bug without plugin too) *Issue is specific to behavior after normal WP-error is thrown. Issue: Same WP error. Two different behaviors. Different functionality occurs between using the Bulk Actions (Delete Permanently) > ""Apply"" button and the ""Empty Trash"" button, after a normal WP error is thrown. In the first case (Bulk Actions > Apply [1a below]), after I return from the error page and refresh the Trash page, all of the selected author pages have been deleted. No admin pages have been deleted. In the second case (""Empty Trash"" [1b below]), after I return from the error page and refresh the Trash page, all of the selected author pages have NOT been deleted. No admin pages have been deleted. Behavior: 1a. When I am logged in as an author and I highlight posts by both author and admin, and I attempt to delete using Bulk Actions (Delete Per.) > ""Apply"", I receive the WordPress error ""You are not allowed to delete this item."" ///After I return from the error page and refresh the Trash page, all of the selected author pages have been deleted. No admin pages have been deleted. 1b. When I am logged in as an author and I highlight posts by both author and admin, and I attempt to delete using ""Empty Trash"" button, I receive the WordPress error ""You are not allowed to delete this item."" ///I return from the error page and refresh the Trash page, all of the selected author pages have NOT been deleted. No admin pages have been deleted. returning to the Trash page. Tested both scenarios. 1. I hit back on the browser, and return to the Trash page. I refresh the page. 2. Move to a different WP admin page, not the Trash page, then return to the Trash page. Question, because the same text/error is thrown for both buttons, why is the functionality different? Both single functions seem appropriate, however, having both functions exist together instead of picking one behavior seems problematic." jpbellona 9 19834 More Robust Capabilities for Attachments Media normal normal Awaiting Review feature request new 2012-01-15T00:43:40Z 2020-09-10T14:05:33Z "Attachments/files should have their own set of capabilities mirroring those of posts, in addition to upload_files. Specifically: - read_attachments - edit_attachments - edit_others_attachments - delete_attachments - delete_others_attachments Currently, attachments rely on the edit_posts capability, which can create complications if you don't want your users to see the ""Posts"" sidebar item, or don't want them to be able to delete the attachments they upload. " walkinonwat3r 39 19859 """Bulk Edit"" Missing The Ability To Edit Tags" oglekler Quick/Bulk Edit normal normal Future Release enhancement reopened 2012-01-20T02:56:24Z 2024-02-12T09:21:55Z "Though I can add, remove and edit ""categories,"" I cannot do such actions to ""tags"" inside of /wp-admin/edit.php So basically, I'm interested in a ""bulk tag editing"" GUI for the WordPress admin. === I was hoping to find out the status of this feature (planned, not planned, etc) but it appears that no one has spoken about this feature on the WordPress Trac. Is there any interest in adding this feature? And could the respondent please provide any details on why or why not? Thank you for your time." ademos 66 19864 Abstract export_wp() for use by CLI scripts Export 3.3.1 normal normal enhancement reopened 2012-01-20T18:16:17Z 2019-06-04T19:43:40Z "Need to be able to execute an export from the PHP CLI for the purpose of running cron / maintenance scripts that write out exports. This would include writing additional hooks that allow the arguments to be pulled from the cli as well as hooks that allow the output to redirected from the output buffer to a file. Related ticket: #19863, extra hooks for manipulating content and arguments of an export" scottconnerly 5 19867 wp_dropdown_users() still not scalable Users 3.3.1 normal normal Future Release enhancement assigned 2012-01-20T22:04:27Z 2024-03-12T17:47:49Z #14572 made huge improvements to the performance of wp_dropdown_users(), however, on certain sites that have an unusually large set of authors, wp_dropdown_users() still isn't usable. It either causes a memory error on the server, or potentially crashes the client browser due to content size. prettyboymp 98 19885 Feed wfw Namespace no longer valid close Feeds 3.3.1 normal normal Awaiting Review defect (bug) reopened 2012-01-24T16:00:06Z 2021-12-06T15:46:39Z "Related to this post [http://wordpress.org/support/topic/rss-feed-wellformedweborg-offline?replies=2] A broken link scan of our website revealed that the link in the feeds to http://wellformedweb.org/CommentAPI/ (for the wfw namespace) is invalid. Going to that website reveals that the site has been taken down by the hosting company. I found 2 references to that namespace in /wp-includes/feed-rss2.php and /wp-admin/includes/export.php and removed them, and the instances to the wfw namespace within the feed content. This fixed my issue. This begs the larger question: should this be removed/replaced in the core if the site that references the namespace is no longer available? Verified here: [http://ww2.aaronwagner.net/feed/]" ajwagner777 7 19896 Non-WP rewrites not saved on a multisite install Rewrite Rules 3.0 normal normal Awaiting Review defect (bug) new 2012-01-25T16:14:20Z 2017-08-22T14:29:46Z "The following code adds a rewrite rule which is classed as a non-WP rewrite rule because its redirect doesn't begin with `index.php`, and is stored in the `non_wp_rules` member variable of the `WP_Rewrite` class. {{{ function my_rewrite() { add_rewrite_rule( 'login/?$', 'wp-login.php', 'top' ); } add_action( 'init', 'my_rewrite' ); }}} On a single site install, this rewrite rule gets saved directly to the .htaccess file rather than being added to WordPress' internal rewrite array. On a multisite install, this doesn't happen and the rewrite rule has no effect (probably because once a site is multisite-d WordPress no longer writes to .htaccess). The rule has to be manually added to .htaccess. Likely introduced in 3.0, reproduced in 3.3 and trunk." johnbillion 7 19958 "Allow custom post types as ""home"" and get_posts() to return results for more than one post type" pbearne* has-patch Posts, Post Types 3.3.1 normal normal Future Release enhancement accepted 2012-02-04T00:59:13Z 2023-11-10T16:27:20Z "In {{{ Wordpress admin > Settings > Reading }}} there is an option to define what the home page or the front page should be {{{ Front page displays }}} Radio button {{{ A static page (select below) }}} is followed by a dropdown containing a list of all pages. I would request that custom page types be allowed in this dropdown. This way, I could make my bbPress forums or my All-in-one event calendar, etc my homepage. " sooskriszta 43 19998 Feeds can contain characters that are not valid XML needs-unit-tests Feeds 3.3.1 normal normal Awaiting Review defect (bug) new 2012-02-09T16:28:47Z 2020-06-19T00:25:59Z "It is possible for any of the feeds to contain control characters which are not valid in XML e.g. http://www.fileformat.info/info/unicode/char/1c/index.htm When outputting user supplied content in an XML context we should strip these control characters - they are unprintable and just break feed parsers. http://en.wikipedia.org/wiki/Valid_characters_in_XML has a good list of what is and isn't valid. I guess we need a {{{strip_for_xml()}}} function or something." westi 16 20019 wpmu_validate_blog_signup(): Allow '.' and '-' in blog names dev-feedback Login and Registration 3.0 normal normal enhancement reopened 2012-02-10T23:04:29Z 2019-06-04T20:03:10Z "Canonical uses Wordpress 3.x multisite as part of voices.canonical.com, for employees who do not have or wish to list their personal blog. The code is stock, except for one patch we maintain, which allows blog names (currently in WP as lowercase alphanumeric only) to also include '.' and '-'. This matches our global username format. Attached is a patch extending wpmu_validate_blog_signup() to allow '.' and '-', with a tweak for the error text. We have been running the patch for awhile, and have not run across any problems with the rest of the code accepting this." fo0bar 21 20044 Enable search for pages by slug Query 3.7 normal normal enhancement new 2012-02-14T22:17:58Z 2019-06-04T20:42:51Z "Would be nice to be able to search a page by its slug. Might need to be a bit different depending on the permalink-strategy. Steps to reproduce(with Post name-permalinks enabled): 1. Create a new page with a specific slug 2. Save page 3. Search for the exact slug-name " ekitomat 13 20057 Media upload for multi-webserver setups introduces a nasty race condition that could corrupt uploaded files Media 3.3.1 normal normal defect (bug) new 2012-02-17T05:46:40Z 2020-02-26T20:25:24Z "I am in the process of scaling a Wordpress blog with several million monthly pageviews, and I have designed a plan to scale it in the highest availability manner possible. '''The setup''' Each web server that hosts HTML/PHP, static files, and uploads will be replicated via rsync from time to time and sitting behind a load balancer. Rsync will run every 5min to 1 hour, and to mitigate the 404s in the uploads, I put together an nginx setup that automatically tries a different upstream server in its configuration when it encounters 404s. This allows any web server to go down at any time, and the system to run as if nothing happened. This also gives me freedom for rsyncing periodically rather than immediately and avoids 404s completely. '''The problem''' Now, the bug (note, I'm using Windows Live Writer which automatically names uploads image.png, but I could see this potentially happen without WLW too since WP seems to automatically name files on disk in case of collisions). Let's say we have server A and B. The site name is foo.com. Let's also say B is out of date by an hour and a bunch of files got uploaded to A that aren't on B. Say, A has image.png and image2.png and B has only image.png. Now, the issue is that if the load balancer directs the new post uploader (the new post contains a single image) to server B, the file that it will create on disk will be named image2.png rather than image3.png. So now B will have a file that's different from A's but is named the same way. The main problem is that the file name is given based on what's available on the disk rather than according to the database. It's easy for this race condition (between rsyncs) to destroy the integrity of the files. Furthermore, and I've experienced this first hand), if you delete the attachment from the Wordpress UI, it could actually delete the wrong file from the wrong server as a result. Seeing this, I can't continue with my scaling plan until file names are assigned by the database rather than the file system or I figure out how to mitigate that. I don't want to force all writers to use only server A for uploads using its direct IP, as I want HA (high availability). Thank you." archon810 20 20070 Deprecate Blogger XML-RPC Methods dev-feedback XML-RPC 3.3 normal normal Future Release enhancement new 2012-02-18T18:32:26Z 2020-09-21T19:41:58Z "The XML-RPC API supports the legacy Blogger API methods, but these methods have apparently not been very well tested or maintained. Given that the `wp.*` XML-RPC namespace now covers everything that the Blogger API does, I suggest the blogger methods be officially deprecated with an eye towards removing them in a future version. At the very least, the MetaWeblog API should be used by clients instead, as it was explicitly designed to enhance and supersede the Blogger API." maxcutler 4 20109 Valid htaccess rule causes 404 after upgrade to 3.3.1 Rewrite Rules 3.3.1 normal normal defect (bug) new 2012-02-24T06:26:42Z 2019-06-04T21:07:25Z "On 2/18/2012, I upgraded WP from 3.2.1 to 3.3.1. on www.denverhomevalue.com. I later noticed that Google webmaster tools started reporting 404 errors on lots of pages that were fine before. WP was still returning the proper pages and content, not my custom 404 page, so the issue was not readily apparent except in WMT reports. Running http header response checkers confirmed 404 responses, despite good contents being returned. Deleting sections of the htaccess file until the problem went away, the issue was isolated to two rules meant to escape following rewrite rules on certain urls: {{{ RewriteRule ^city(.*) - [L] RewriteRule ^areas(.*) - [L] }}} These were the same family of urls that started returning 404s after 3.3.1 upgrade. These rules were in place since 12/5/2011, with WP 3.2.1 and never caused a problem. I was able to revert a backup of the site to 3.2.1, on the same exact server environment, and confirm that these same valid htaccess rewrite rules were not a problem in that release." ronnieg 4 20116 Welcome User Email in Multisite Can't Be Changed has-patch Login and Registration 3.3 normal normal defect (bug) new 2012-02-24T21:44:28Z 2019-06-04T20:03:14Z "Reproduced this on 3.3 and 3.4-aortic. Go to /wp-admin/network/settings.php Add 'New' to the sentance 'Welcome User' to make it 'Welcome New User' Hit update. Page refreshes, text does not change." Ipstenu 13 20140 Ask old password to change user password dev-feedback Security normal normal Future Release feature request reopened 2012-02-29T12:55:38Z 2024-03-06T07:00:58Z "I have experienced this in various sites and i think it adds extra security. We must ask for the old password when the user tries to change the password" nprasath002 21 20152 Multisite simplify option name to user_roles Role/Capability 3.3.1 normal normal Future Release enhancement new 2012-03-01T21:44:28Z 2018-09-18T16:24:40Z "Currently each blog in a MS install of WP stores an array of user roles in it's [prefix]_[$blog_id]_options table as an entry with the key [prefix]_[$blog_id]_user_roles This makes it much harder to migrate MS install of WP to a different db prefix, etc. because not only do you need to change the table prefixes you need to go into each blog's options table and then properly update that option's key. Because the table itself is sufficiently unique there isn't a need for this. The user roles array could be stored in an option called ""user_roles"" for each blog." colind 23 20167 Add wp_pages_checklist for creating checklist of pages on site has-patch Posts, Post Types normal normal enhancement new 2012-03-04T04:57:00Z 2019-06-04T20:42:54Z "Per conclusion of [http://core.trac.wordpress.org/ticket/20156#comment:15 ticket #20156] ""If someone does write a patch that implements wp_posts_checklist() and uses it in nav-menus.php, please open a new ticket."" The attached patch: - extends Walker with Walker_Page_Checklist - adds wp_pages_checklist() and wp_pages_checklist() functions functionality structure was modeled after wp_category_checklist and wp_dropdown_pages to keep with WP standards. If this patch is accepted my intention is to finish the request and implement it into nav-menus.php." jackreichert 4 20171 Categories/Tags links are broken in WP 3.3.1, with multisite/subfolder install has-patch Permalinks 3.1 normal normal defect (bug) new 2012-03-04T07:10:35Z 2019-06-04T20:42:55Z "All the default categories/tags links are not working, showing error.. ""This is somewhat embarrassing, isn’t it?"" Steps to reproduce: ------------------- 1. Install WP 3.3.1 on domain, e.g. http://blog.example.com 2. Enable multi-site features, using subfolder instead of subdomain 3. Create a site, e.g. http://blog.example.com/test1 4. Create a post, e.g. http://blog.example.com/test1/2012/03/04/test1/ 5. Enter the default category link, e.g. http://blog.example.com/test1/category/uncategorized/ Now you will see the message: ""This is somewhat embarrassing, isn’t it?"" Fix: ---- 1. Enter this link: http://blog.example.com/test1/wp-admin/options-permalink.php 2. Change nothing, press ""Save Changes"" 3. Now you can view the link correctly: http://blog.example.com/test1/category/uncategorized/ The above issue also apply to tags" tszming 14 20194 Add Description meta to General Settings General 3.3 normal minor Awaiting Review feature request new 2012-03-07T20:59:05Z 2021-08-10T05:46:44Z "Add a description field to General Settings b/c these days with themes doing all kinds of kooky things, the automatic excerpt is often not representative of the site content. All the SEO-lovers will be happy, searchers will get more accurate results, and it's a nice end-user feature without high overhead. Could have sworn I made a ticket like this once before, but can't find it in search, so if anyone remembers it/is better at searching trac than I just was, go ahead and close this as duplicate." jane 32 20205 Add the ability to filter wp_get_attachment_image() Media 3.4 normal normal enhancement new 2012-03-08T20:21:16Z 2019-06-04T20:03:15Z "i'm working on a plugin that lets users define any image to serve as the thumbnail for any PDF document. I'm storing the ID of the image as post_meta for the PDF attachment. Instead of showing the default icon with wp_get_attachment_image() I'm quite close to being able to do this by filtering image_downsize. the trouble is that the image_downsize filter it run ''after'' {{{ if ( !wp_attachment_is_image($id) ) return false; }}} so the PDF image fails the test and I never have a chance to run my filter. " helgatheviking 33 20214 Pingback discovery doesn't strip fragment identifiers from URL dev-feedback Pings/Trackbacks 3.3 normal normal defect (bug) new 2012-03-11T08:34:46Z 2019-06-04T20:42:58Z "To reproduce: 1. Insert a link containing a fragment identifier into a post, e.g., `http://localhost/wp/helloworld/#comments`. 2. Save post. 3. Observe the URL which !WordPress attempts to retrieve in `discover_pingback_server_uri()` - the requested path contains the `#fragment_identifier`, which it shouldn't, and in most cases will result in a 404, thus the pingback fails." solarissmoke 1 20241 make it possible for plugins to activate other plugins needs-unit-tests Plugins normal normal Future Release enhancement assigned 2012-03-15T12:48:59Z 2022-08-05T22:43:52Z "When creating a plugin that depends on other plugins, i would like to enable those plugins during activation of the main plugin. This is currently not possible, as updates to active_plugins done by the other plugins get overwritten. Please apply the attached patch to fix this." magnus78 13 20275 wp_update_nav_menu hook is not fired when nav menu item is auto-added dev-feedback Menus normal normal defect (bug) new 2012-03-21T19:30:59Z 2019-06-04T20:03:18Z "WP calls the action hook 'wp_update_nav_menu' when a navigation menu is updated. For example, go to Site Design -> Custom Menus -> Click the ""Save Menu"" button on a menu. Next to the Menu title, the Custom Menus provide the user to ""Automatically add new top-level pages"". When this option is checked, and a new top-level page is created, the 'wp_update_nav_menu' hook is not fired. So the attached nav-menu-hooks.diff patch fixes that. I would also suggest that we do not use the same hook 'wp_update_nav_menu' twice (as it is currently being done) with different amount of arguments, because this causes a PHP Warning {{{ PHP Warning: Missing argument 2 for x_save_footer() in /var/www/branches/x.trunk/wp-content/themes/x/functions.php on line 815, referer: http://x.com/x/wp-admin/nav-menus.php }}} for code: {{{ add_action('wp_update_nav_menu', 'x_save_footer', 10, 2); }}} So, the hook call at nav-menu.php:255 has 2 parameters and the call at nav-menus.php:383 has 1 parameter. As a fix, the action hook in nav-menu.php should be named something else, like 'wp_update_nav_menu_object' (because it is updating the object), as done in the attached nav-menu-hooks.diff patch. This will also prevent the same hook from being fired twice when updating the nav menus." inderpreet99 3 20283 Create new variable or function in $wp_query object to get canonical URL of any site's page dev-feedback Canonical 3.3.1 normal normal enhancement new 2012-03-22T14:42:36Z 2019-06-04T19:22:53Z "For the sake of Search Engine Optimization it's recommended to set canonical URL inside <link rel='canonical'> tag in any site's page. Incorrect URL can exist in search engine index. For example: http://example.com?some_param=some_val&cat=3,4. URL points to categories with id equals 3 and 4, but we have another unnecessary parameter 'some_param'. It's malicious! We must set canonical URL to http://example.com?cat=3,4. So It's advance to have canonical URL generated some way. I propose to set function or variable inside WP_Query class to retrieve canonical URL to any opened page. In WP_Query we have variable WP_Query::query which consists of all necessary parameters for that propose. But we must use $wp_rewrites also. Any thoughts? " egorpromo 3 20289 wp_nav_menu container is not set when menu isn't defined dev-feedback Menus 3.3 normal normal defect (bug) new 2012-03-23T10:27:03Z 2019-06-04T20:03:19Z "When you use wp_nav_menu in your theme, but the actual menu isn't set via the backend menu interface, the container provided in the args is ignored and falls back to 'div'. Attached diff always uses container provided in args, if 'div' or 'nav' is provided. If no container arg is provided, falls back to using 'div'. {{{ wp_nav_menu( array( 'theme_location' => 'main_menu', 'container' => 'nav', 'menu_class' => 'main-menu-navigation', ) ); }}} To test this: Use this function in your theme, without assigning a menu to this theme_location." dannydehaan 2 20302 Allow comment_form() to add attributes to <form> tag has-patch Comments 3.3.1 normal normal enhancement new 2012-03-25T15:48:53Z 2019-06-04T19:22:55Z "The standard method to allow Google Analytics to track comment submissions as a 'goal' is to add a piece of JavaScript code wrapped in an 'onsumbit' attribute: http://www.optimisationbeacon.com/analytics/track-blog-comments-in-google-analytics/ http://code.google.com/apis/analytics/docs/tracking/eventTrackerGuide.html We want something like the following: {{{ <form action=""http://www.example.com/wp-comments-post.php"" method=""post"" id=""commentform"" onsubmit=""_gaq.push(['_trackEvent', 'Comments', 'Submit', 'POST TITLE']);""> }}} However the current arguments submitted to comment_form() do not provide for adding attributes to <form> http://codex.wordpress.org/Function_Reference/comment_form I was forced to perform a workaround in which the onsubmit code was inserted by JavaScript on the fly at runtime. So this is request to alter comment_form() such that arguments accepted provide for 'onsubmit' or other custom attributes to be appended on the <form> tag." psbook 10 20325 Menu item parent classes for page_for_posts (home.php) not properly set on single.php Menus normal normal defect (bug) new 2012-03-29T12:50:06Z 2019-06-04T20:03:21Z If one has set page_for_posts (Settings => Read), on single.php wp_nav_menu() will set current_page_parent for the accordant menu item, but it will not set any parent or ancestor classes for its parent menu items as expected. [tested with 3.3.1] ptietz 3 20338 Slugs and special chars has-patch Permalinks 3.3 normal normal defect (bug) new 2012-03-31T16:18:03Z 2019-06-04T20:43:01Z "When Wordpress generates a slug, the apostrophe mark is stripped. Examples : ""I'm open"" > im-open[[BR]] ""L'équipe"" > lequipe[[BR]] ""Suzy's Place"" > suzys-place[[BR]] If the apostrophe is changed to ""-"" the auto generated slug will be more ""readable"" (and better for seo) : ""I'm open"" > i-m-open[[BR]] ""L'équipe"" > l-equipe[[BR]] ""Suzy's Place"" > suzy-s-place[[BR]] Maybe a constant to define what strategy to adopt ? " amirhabibi 2 20352 Use str_getcsv() to parse search terms in WP_Query needs-unit-tests Query normal normal enhancement new 2012-04-03T23:05:25Z 2019-06-04T20:43:04Z "We use an [http://core.trac.wordpress.org/browser/tags/3.3.1/wp-includes/query.php#L2183 ugly regex] to split search terms like these: {{{ term1 term2 ""exact match"" }}} We could use str_getcsv() instead, for better readability." scribu 3 20368 htmlspecialchars() returns empty string for non-UTF-8 input in PHP 5.4 needs-unit-tests Formatting normal major defect (bug) new 2012-04-05T12:43:23Z 2019-06-04T19:43:43Z "The default value of the input `$encoding` parameter for `htmlspecialchars()` changed to UTF-8 in PHP 5.4. The prior default was ISO-8859-1. The function's UTF-8 handler checks the input, returning an empty string if the input isn't valid UTF-8. WordPress will see the UTF-8 validator kicking because most of the `htmlspecialchars()` calls don't use the `$encoding` parameter. This will cause major problems for sites that have a `DB_CHARSET` other than `utf8`. [http://article.gmane.org/gmane.comp.php.devel/71783 Posting 58859 to php-internals] by Rasmus gives a clear example of the problem. Here is a link to [http://thread.gmane.org/gmane.comp.php.devel/71777 view the whole thread], starting with posting 58853). Creating two centralized functions is an approach for resolving this problem. This route is simpler and easier to maintain than adding the parameters to each `htmlspecialchars()` call throughout the code base. 1. `wp_hsc_db()` for safely displaying database results. Uses `DB_CHARSET` to calculate the appropriate `$encoding` parameter. MySQL's character set names are not equivalent to the values PHP is looking for in the `$encoding` parameter. Please see the `hsc_db()` method in the [http://plugins.svn.wordpress.org/login-security-solution/trunk/login-security-solution.php Login Security Solution plugin] for a mapping of the valid options. 2. `wp_hsc_utf8()` for safely displaying strings known to be saved as UTF-8, such as error messages written in core. Uses `UTF-8` as the `$encoding` parameter. Some calls in core use the `$flags` parameter, so these new functions will need the parameter too. The default should be `ENT_COMPAT`, which works under PHP 5.2, 5.3 and 5.4. It may be suggested that WP use `htmlspecialchar()`'s auto-detection option (by passing an empty string to the `$encoding` parameter). This is not advisable because it can produce inconsistent behavior. Even the PHP manual says this route is not recommended." convissor 7 20386 "Year permalinks ""win"" against category permalinks" needs-unit-tests Canonical normal normal defect (bug) new 2012-04-07T05:20:55Z 2019-06-04T19:22:56Z "We need to decide whether category permalinks should take priority over year permalinks. e.g. /2008/?category_name=cat-a Should that stay the same, or redirect to: /category/cat-a/?year=2008 We have a unit test which is failing." markjaquith 4 20388 ?cpage=N URLs do not have canonical redirection has-patch Canonical normal normal defect (bug) new 2012-04-07T05:43:02Z 2019-06-04T19:22:58Z ?cpage=N URLs aren't redirected to their pretty URL counterparts. They should be. markjaquith 4 20419 get_sample_permalink() passes the wrong post_status to wp_unique_post_slug() boonebgorges has-patch Permalinks 3.3 normal normal defect (bug) reviewing 2012-04-11T23:15:38Z 2019-06-04T20:43:05Z "get_sample_permalink() fakes a 'publish' post_status so that it can create a pseudo-permalink for drafts and scheduled posts. Also wp_unique_post_slug() bails when the post_status is 'draft', 'pending', or 'auto-draft', so faking a 'publish' post_status helps there too. However, that means the incorrect post_status is passed to the 'wp_unique_post_slug' filter at times, creating unexpected behaviour -- namely sometimes the $post_status parameter of the wp_unique_post_slug filter will report a non-published post is published. The best approach here seems to be to let the wp_unique_post_slug() function know when a fake $post_status is being passed to it, what that status is so it can be passed to the wp_unique_post_slug filter. That way anybody using the filter will always get the actual post status all the time without having to do anything special. Related: #14111" mintindeed 18 20437 WP Upgrader filter to allow plugins to upload to existing directory reporter-feedback Upgrade/Install 3.3.1 normal normal enhancement new 2012-04-13T16:52:30Z 2019-06-04T21:07:27Z "Our plugin for WP uses various elements of the WP upgrader class to manage plugins for our plugin. ;) This has worked great except when we went to extend it further and allow uploading of plugins through the WP Upgrader class much like you can with WP plugins. The issue is that currently, the WP Upgrader class is coded to expect the upload destination to be empty - EXCEPT if the upload destination (the base directory) is one of these hard coded locations: in_array( $destination, array(ABSPATH, WP_CONTENT_DIR, WP_PLUGIN_DIR, WP_CONTENT_DIR . '/themes') ) So since our plugin storage location is not one of those, it fails since there may already be some plugins there. Sure would be nice if that array of locations that does not have to be empty (the important base dirs which allow dropping down a directory level)... a simple filter would accomplish this... Hope its not too late in 4.3 for a simple filter..." usermrpapa 2 20438 Custom Post Types with Post Format support aren't registered against post_format taxonomy Posts, Post Types normal normal Awaiting Review defect (bug) reopened 2012-04-13T16:56:40Z 2022-05-13T22:06:11Z "When a custom post type adds support for {{{post-formats}}}, this doesn't actually register the {{{post_format}}} taxonomy for the post_type. Here's a quick test: {{{ add_action( 'init', function() { register_post_type( 'not-post', array( 'supports' => 'post-formats' ) ); global $wp_taxonomies; var_dump( 'post supports post_format:', in_array( 'post', $wp_taxonomies[ 'post_format' ]->object_type ) ); var_dump( 'not-post supports post_format:', in_array( 'not-post', $wp_taxonomies[ 'post_format' ]->object_type ) ); } ); }}} The {{{post_format}}} taxonomy doesn't get returned when {{{get_object_taxonomies}}} is called for the custom post type and one side-effect of this is that the {{{post_format_relationships}}} cache does not get flushed by {{{clean_object_term_cache}}} leading to stale values when a post format is changed. (The {{{post}}} post_type is immune to this because core registers the {{{post_format}}} taxonomy with it.) When a post_type adds support for post-formats, an explicit association should be made between the post_type and the {{{post_format}}} taxonomy." batmoo 11 20459 Super admin should be able to bypass banned/limited domains when creating users dev-feedback Users normal minor enhancement new 2012-04-16T16:12:25Z 2019-06-05T06:38:31Z "The function `wpmu_validate_user_signup()` is run whenever a new user is created, either through self-registration (wp-signup.php) or through manual user creation by an admin. `wpmu_validate_user_signup()` does two different kinds of validation: (1) validation that is more or less technically required by WP, like spaces in usernames, email/login uniqueness, etc. (2) checks against some admin-set membership restrictions, namely, email domain whitelist (limited_email_domains) and blacklist (`is_email_address_unsafe()` and banned_email_domains). The second kind of validation is problematic in the following use case: An MS install might restrict open membership based on email domains, but the admin might occasionally want to make exceptions to the rule and manually create an account. Currently, there are two ways to bypass the built-in checks: to temporarily remove the domain restrictions at Network Admin > Settings, or to filter `'wpmu_validate_user_signup'` and remove the error messages. Having to manually change settings for this purpose is pretty hackish. The filter method works, but my experience (from consulting with a fairly large number of MS network admins) is that this is a pretty common use case, so it seems like it should be supported by default. So I'm proposing that the domain checks be skipped when `is_super_admin()`. Patch attached." boonebgorges 7 20487 Comment search isn't customizable has-patch Comments 3.2.1 normal normal enhancement new 2012-04-18T23:32:07Z 2019-06-04T19:23:01Z "*cross-posted to the wp-hackers mailing list last night* I work on a large news oriented WP site and first off, it actually scales remarkably well. We keep users, comments, and actual posts all in WordPress. However, due to our size, administering comments is causing us issues at the moment. Our last outage was caused by one of our comment moderators doing a simple comment search in the admin. The query took 16 seconds to execute, the next query locked, and, with our traffic, the DB couldn't handle the resulting queued traffic. Staying away from discussions of ""you should use Disqus"" or, ""you need more X for your mysql server,"" I think there is significant opportunity to improve the way WP handles comment searching. Every comment search takes the following form: SELECT * FROM wp_comments WHERE ( comment_approved = '0' OR comment_approved = '1' ) AND (comment_author LIKE '%TERM%' OR comment_author_email LIKE '%TERM%' OR comment_author_url LIKE '%TERM%' OR comment_author_IP LIKE '%TERM%' OR comment_content LIKE '%TERM%') ORDER BY comment_date_gmt DESC LIMIT #; As we can all see, this is a beast of a query. Even when the term is clearly an specific term (say an email or IP), or when the intent of the admin is known (e.g. clicking the IP link on a specific comment). Furthermore, there are no hooks activated in this process for plugins to use to say create an advanced comment search plugin. One might expect hooks like those activated in post search to be activated here, like ""parse_request"" and ""get_search_query."" Waxing philosophical, as posts, comments, and users are the three basic types of data to be stored and displayed in WP, one would expect them to have similar interfaces and functionality. They each have basic functionality of being able to retrieve a single item, a list (in full or in part), search for an element, or edit a single entry. For this reason I don't understand why each of their functionality isn't derived from something like an abstract class or an interface. The architecture here is also difficult in that you are not able to replace or extend a single class to change the functionality. Back on target. I propose that we add functionality by which we'll be able to search by exact match in addition to the existing full wildcard (left, right, or full wildcard is probably excessive) as well as specifying the field to search. This would allow my earlier use case of searching by IP to look for an exact match in the ""comment_author_IP"" field only, not searching the fulltext of every comment. This functionality can be created simply by: 1. Adding ""search_type"" and ""search_field"" to the WP_Comment_Query::query_vars data structure in wp_includes/comment.php 2. Replacing WP_Comment_Query::get_search_sql with something more robust, able to understand these new properties and construct the query on their basis 3. Upgrading WP_Comments_List_Table::prepare_items to accept the new queries and add them to the data structure it creates 4. Either modifying WP_List_Table::search_box to have some options of advanced search, or dropping a hook so that a plugin can easily modify it 5. Modifying the WP_Comments_List_Table::column_author to supply the correct query string to indicate an IP search If I can figure out a way to make this more similar to the signature of posts and users, or at least add some hooks at the right places, I can do that as well. This will add efficiency for everyone--particularly those who have lots of comments. I modified our core for this functionality today and we will fully QA it tomorrow. I made it on 3.2.1 as that is what we're running right now, and there are minimal changes in the affected files and functions between 3.2.1 and 3.3.1 and even the nightly. I can submit a patch as long as it passes our QA--how should I do that, off the nightly? Thanks, -Kenton Jacobsen" brokentone 22 20520 Author Page Pagination Broken When Removing /author/ Slug Rewrite Rules 3.3 normal normal defect (bug) new 2012-04-23T04:16:03Z 2019-06-04T21:07:29Z "WP 3.3.1 Multisite Permalink setup: /author/post-name - If the request is ""domain.com/authorname"" the authors page pagination link is broken. - If the request is ""domain.com/author/authorname"" the authors page pagination link works fine." rbaccaro 1 20558 allow wp_localize_script data to be added to existing objects dev-feedback Script Loader 3.3 normal normal enhancement new 2012-04-27T16:44:03Z 2019-06-04T21:07:31Z "Re: WP_Scripts::localize() located in wp-includes/class.wp-scripts.php Currently when `WP_Scripts::localize()` handles the printing of wp_localize_script data to JavaScript, it starts the string with a `var` declaration, like this: {{{ $script = ""var $object_name = "" . json_encode($l10n) . ';'; }}} Because this is printed in the global scope, it becomes a global variable regardless of whether it's preceded by `var`. As far as JavaScript is concerned the above string would be equivalent to: {{{ $script = $object_name . ' = ' . json_encode($l10n) . ';'; }}} or {{{ $script = 'this.' . $object_name . ' = ' . json_encode($l10n) . ';'; }}} or {{{ $script = 'window.' . $object_name . ' = ' . json_encode($l10n) . ';'; }}} But I suppose it's possible thru hooks to make it so that the localization data prints outside of the global scope, in which case you might want the `var` to be there (if it we're wrapped in a closure). So I think the '''overall best solution''' would to check if the `$object_name` contains a period `.` character. If it does, omit the `var`. In other words, make it so that: {{{ wp_localize_script('myplugin', 'myPluginData', $object ) }}} would print: {{{ var myPluginData = {...}; }}} but that: {{{ `wp_localize_script('myplugin', 'myPlugin.data', $object )` }}} would print: {{{ myPlugin.data = {...}; }}} By default the localization data runs before any enqueued scripts, in which case `myPlugin` would not yet be defined, but we should leave that for the JavaScript dev work out. My point is that the flexiblity should be there. Another route would be to apply a filter on that line but I don't think a filter is necessary if the above change is made." ryanve 6 20578 Allow users to delete a plugin without uninstalling Plugins normal normal Future Release enhancement reviewing 2012-05-01T01:18:35Z 2021-08-27T15:40:46Z Sometimes, a user may need to delete plugin files without deleting all the plugin data. scribu 47 20596 Adding more actions to a widget dev-feedback Widgets normal normal enhancement new 2012-05-02T00:14:28Z 2019-06-05T06:38:33Z "On the Widget UI, there is a ""Close"" button, aside with the ""Delete"" button, and I that developers should have a way to add more of those. For exemple, I would see as a good use case when you have a way of previewing the widget. Because right now the only way is by JS which is kinda of lame. Thanks," webord 3 20597 Allow WP_Comment_Query::query to filter by category needs-unit-tests Comments 3.4 normal normal enhancement new 2012-05-02T03:35:35Z 2019-06-04T19:23:03Z "The attached patch allows WP_Comment_Query::query to accept three additional arguments: * `cat` * `category__in` * `category__not_in` The resulting comments are then filtered by these category arguments as well as any other arguments. These arguments work the same way as their `WP_Query` counterparts. I would appreciate advice on the appropriateness of using `INNER JOIN` (as I have done here) to join in the taxonomy tables to the query." sambauers 2 20602 Replace media Media 3.3.1 normal normal enhancement reopened 2012-05-02T13:29:45Z 2023-10-18T23:58:59Z "I have been developing themes for clients lately that require the same image across the theme in varying places. A good example is an event site where the image is a badge/sticker showing the price of the tickets. This gets output on various pages in varying locations. get_attachment_link is perfect as I can plugin a single ID and use the graphic wherever. However, the ticket prices change as the event gets closer and the graphic needs to be updated which breaks the theme in production when my client does so as a new ID is generated. This doesn't make too much sense to me. I've worked with and developed CMSs of all kinds and usually the ID is preserved. I would at least like the option, perhaps a checkbox, to indicate I want to reupload a new image. I think it's more common that an update on a media item would be to modify the same logical graphic rather than just replacing it with something entirely new. I found the following plugin but I feel this really ought to be core. http://wordpress.org/extend/plugins/enable-media-replace/ Thanks for your consideration." PorridgeBear 26 20634 dbDelta is unforgiving about field declarations dev-feedback Database 1.5 normal normal enhancement new 2012-05-08T03:27:05Z 2019-06-04T19:23:05Z "the variable type is case sensitive: int(22) != INT(22) the mysql type BOOL or BOOLEAN comes back from the db as tinyint(1): tinyint(1) != BOOLEAN Not a huge issue, just annoying. Makes dbDelta fire off unnecessary sql. " SidHarrell 8 20652 Install plugins with FTP upload, virtual subdomain, bad base dir? dd32 Filesystem API 3.3 normal normal defect (bug) reopened 2012-05-10T12:02:48Z 2019-06-04T19:43:46Z "Hi anybody! I have problem with install plugins with FTP module in WP. Everything show as OK, but plugin directory is bad. I have subdomain sub.something.com - this is virtual subdomain from mod_rewrite dirs are /www/something.com/something.com[[BR]] /www/something.com/sub.something.com - here is WP installation, subdomain is virtual from rewrite in httpd.conf After install - WP say everything OK - but one thing is bad.[[BR]] Upload is in bad directory - plugin I can found in[[BR]] /www/something.com/something.com/plugins[[BR]] no in /www/something.com/sub.something.com/plugins[[BR]] Is here some way to fix it automatticaly or I can must edit config and basedir of ftp? Why is here this bug? Thank you ! Pavel " rajcz 12 20716 Control how and when request_filesystem_credentials outputs creds form dd32 has-patch Filesystem API 3.4 normal normal enhancement assigned 2012-05-21T02:02:08Z 2019-06-04T19:43:49Z "When using WP_Filesystem in a plugin or other external app, you can initialize it this way: {{{ if ( false == ( $creds = request_filesystem_credentials( $url, $method, false, false, $form_fields ) ) ) { return true; } }}} Makes sense. If the method isn't direct or we don't have the credentials we need, `request_filesystem_credentials` outputs a form and returns false. Then we check again to make sure the credentials can be verified, and it not, we continue to output the form until the credentials are good. {{{ if ( ! WP_Filesystem( $creds ) ) { request_filesystem_credentials( $url, $method, true, false, $form_fields ); return true; } }}} `request_filesystem_credentials` arbitrarily outputs the form whether you want it to or not, unless you explicitly filter the `request_filesystem_credentials` function itself. Using this in conjunction with Ajax, you have to use output buffering to catch the output and return it to the Ajax script for processing or else you get errors. This definitely isn't ideal. I'd suggest storing the form in a variable and possibly pass a parameter that determines whether or not we want to actually output the form or not. Or, if there is another (better) way, that's cool too. Just some way to help `request_filesystem_credentials` determine how we want to interact with credentials should we need them. " griffinjt 5 20717 Filter For Requiring Post Password has-patch Posts, Post Types normal normal enhancement new 2012-05-21T03:37:43Z 2019-06-04T20:43:08Z "I've had the need to conditionally disable the password on a post based on criteria that I define in a plugin. In order to do this, I added a filter in the post_password_required() function in wp-includes/post-template.php. This is helpful to allow search engines to crawl password protected pages or allow certain users to view the page without typing in the password. It would be great if this could get included in the core. Thanks for your time." BrandonGodwin 3 20739 Improve Excerpt generation for non-english locales I18N 3.4 normal normal Future Release enhancement new 2012-05-23T21:09:45Z 2024-02-28T16:40:01Z "This is a follow on from #16079 to further improve the code. While we improved it in 3.4 we can do a better job to more fully support the customisation for all different locales. For known issues see the comments on the previous ticket." westi 1 20746 Accessing non-existing theme folder in Network install gives 500 error dev-feedback Rewrite Rules 3.3.2 normal normal Future Release defect (bug) reopened 2012-05-25T10:28:39Z 2023-08-30T15:49:37Z Accessing non-existing theme folder in Network install gives 500 error and following error in error log: ''Request exceeded the limit of 10 internal redirects due to probable configuration error.'' arkimedia 58 20748 Include CPT Posts in Author Count & Archive Page Posts, Post Types normal normal enhancement new 2012-05-25T17:59:48Z 2019-06-04T20:43:09Z "For whatever reason, the default behavior is to only count the number of 'post' that an author has published. With the advent of custom post types, they should be included as well if the CPT has the 'author' capability. Currently, the author archive can include CPTs if you manually alter the query - this should be enabled by default if authorship is allowed." iridox 2 20774 Flagging a user with any role on a subsite as spam leads to flagging the site as spam has-patch Users 3.0 normal major Awaiting Review defect (bug) new 2012-05-29T12:25:52Z 2020-11-16T11:37:37Z "Hi, Since many weeks, many WangGuard users were contacting me because they say WangGuard were flagging the sub sites as spam. Thats not a WangGuard bug, is a WordPress issue. Steps: - Create a Subsite, you can add the Super Admin like site admin. - Add a user like subscriber. - Flag that user as spam in /network/users.php That site will be flagged as spam although the owner were the Super Admin. I think WordPress has to look for the user rol and only flag the sub site as spam if the rol is Administrator. This issue is in WP 3.3.1 and 3.4" j.conti 23 20810 Add disable arg or attributes arg to wp_dropdown_categories() & wp_dropdown_pages() has-patch Posts, Post Types 2.1 normal normal enhancement new 2012-06-01T19:27:07Z 2019-06-04T20:43:12Z "It would be beneficial to be able to add disabled=""disabled"" attribute to the select tag or add multiple attributes to the select tag. Related: #20156, #20167" wpsmith 4 20846 Multisite: Network Users can post comments without being members of the site Comments 3.0 low minor Future Release defect (bug) new 2012-06-05T14:35:41Z 2020-05-05T16:27:27Z "This is probably an 'ever since inception' issue and I can replicate it on 3.4 Setup: Have a user added to your network but '''not''' to a site (domain.com/test). Set up domain.com/test to only allow registered users to comment. Remember, we've not added this new user to the site, just the network. Log in as that user and go to domain.com/test Oh look! You can comment as a 'registered' user. This should be check for 'Is this a user ''and'', if multisite, is this user a member of the site?' It's that or the wording needs to be clearer that anyone registered on the network can comment." Ipstenu 16 20853 get_post_custom show directly serialized data from the post_meta arrays. dev-feedback Options, Meta APIs 1.5 normal normal defect (bug) assigned 2012-06-06T05:39:23Z 2019-06-04T20:43:13Z "get_post_custom show directly serialized data from the post_meta arrays. For example: If I save a data with: {{{ update_post_meta( $post_id, 'camp', array( 'some' => $var, 'thing' => $var_2 ) ); }}} When I use get_post_meta(); : {{{ $var_get = get_post_meta($post_id, 'camp', true); echo $var_get['some']; // Fine.. Print: $var content. }}} but, when I use get_post_custom() : {{{ $var = get_post_custom($post_id); echo $var['some']; Metod, (Not work because ""Returns a multidimensional array"" with all values, and 0 is the first or the unique value). echo $var['some'][0]; /* Metod, >:( , Not work. Print: a:2:{i:some;s:4:""this"";i:thing;s:7:""content"";} */ }}} Instead of display ""array"", and can not handle sub arrays." shadowhck 7 20854 PHP warning caused by missing 'spam' and 'deleted' fields in a custom user table Nikolaos Raftopoulos Users 3.3.2 normal normal Future Release defect (bug) reopened 2012-06-06T12:45:29Z 2020-09-30T19:40:38Z "In my network dashboard I get the following error message : Warning: number_format() expects parameter 1 to be double, string given in /home/tklighth/public_html/wp-includes/functions.php on line 155" leondari 10 20859 Theme Installer: Preview should be scrollable on iPad and Kindle Fire Themes 3.4 normal normal defect (bug) new 2012-06-06T21:51:09Z 2019-06-04T21:07:35Z "Related to #20805. We've added techniques for smoothly scrolling iframes when they're the only frame on the page, but the theme installer still uses the overlay technique. We may be able to iron this out in a similar fashion. Given that the old installer also used an overlay technique, this is not a regression." koopersmith 1 20888 RDF Feed validation problems. needs-unit-tests Feeds 3.3.2 normal normal defect (bug) reopened 2012-06-08T11:05:19Z 2019-06-04T19:43:51Z "The RDF feed produced by feed-rdf.php produced validation errors due to description either not encoded correctly or not wrapped in CDATA tags. To reproduce view a RDF feed: http://en.blog.wordpress.com/feed/rdf/ To see the validation errors: http://validator.w3.org/feed/check.cgi?url=http%3A%2F%2Fen.blog.wordpress.com%2Ffeed%2Frdf%2F Attached is a patch to fix this issue. " hootbah 3 20899 is_home() should be able to be true when is_feed() dev-feedback Query normal normal Future Release defect (bug) reviewing 2012-06-10T19:28:36Z 2017-05-19T15:04:27Z "is_feed() is a special query flag that can be combined with other query flags — for example, `is_author() && is_feed()` for /author/admin/feed/. But it can't be combined with is_home(), because is_home() is the fallback that is only set to true when a lot of other things are true — including is_feed(). This appears to be incorrect — is_home() should still be able to be true despite is_feed(). I tracked this down to [1449]. What kind of breakage could occur with this?" nacin 23 20902 redirect_canonical() on using permalink: Not all $_GET being redirected chriscct7 has-patch Canonical 3.4 normal normal defect (bug) reviewing 2012-06-11T09:30:08Z 2019-06-04T19:23:06Z "Using permalink, I suppose that all query_var entered manually on URL or using $_GET will be redirected to proper permalink. Apparently not all being redirected at all. AFAIC: 1. /?post_format=image : should be redirected to /type/image/ 2. /?pagename=blog : should be redirected to /blog/ 3. /?author_name=admin : should be redirected to /author/admin/ Unfortunately, they are not. It can be done by filtering redirect_canonical() but it will be better if it's being done by default as we can see that /?category_name=cat will be redirected to /category/cat/" arieputranto 7 20903 Exporter gets stuck in a loop a loop/break in the category hierarchy westi has-patch Export 3.1 normal normal defect (bug) new 2012-06-11T11:26:07Z 2019-06-04T19:43:53Z "Ideally it should be impossible for a loop/incorrect parentage in a category hierarchy to exist. But sometimes they do. If one does exist then {{{export_wp()}}} gets stuck :( It gets stuck in this code: {{{ // put categories in order with no child going before its parent while ( $cat = array_shift( $categories ) ) { if ( $cat->parent == 0 || isset( $cats[$cat->parent] ) ) $cats[$cat->term_id] = $cat; else $categories[] = $cat; } }}} Similar to #20635 but different." westi 3 20947 feature request: one-click update for core, themes and plugins (all in one) dev-feedback Upgrade/Install normal normal Awaiting Review feature request new 2012-06-13T22:48:50Z 2018-08-13T17:00:35Z I'd love to have the one-click update be truly one-click so that you can click once and update core, themes and plugins all at once as opposed to having to initiate three different updates. jkudish 7 20974 Remove obsolete locale-specific files on upgrade dd32 close I18N 3.4 low normal Future Release defect (bug) assigned 2012-06-15T14:06:43Z 2024-02-28T16:49:36Z "We used to have `wp-content/languages/ru_RU.css` file in ru_RU package. Since #19603, it's no longer needed, but is still left over on upgrade. We should probably include it in `$_old_files`. I suppose the same applies to zh_CN and he_IL packages ([19825])." SergeyBiryukov 18 20977 Add Dynamic Comment Statuses dev-feedback Comments 3.4 normal normal Future Release enhancement new 2012-06-15T17:12:07Z 2020-01-14T02:35:50Z It would be great to add some filters/actions that would allow plugin developers to add additional statuses to comments. supercleanse 9 21022 Use bcrypt for password hashing; updating old hashes dev-feedback Security 3.4 normal major Future Release enhancement new 2012-06-20T01:34:26Z 2023-05-08T14:34:44Z "Hi, following recent discussions on password security and how to best prevent any hackers can leverage password table they might have got I looked into the phpass used for WordPress. While I in principle understand why WordPress uses the compatibility mode of it, I would like to see some flexibility for those who don't need the compatibility. Thus I would propose to change in wp-includes/pluggable.php all occurances of {{{ $wp_hasher = new PasswordHash(8, true); }}} to {{{ $wp_hasher = new PasswordHash(8, apply_filters('phpass_compatibility_mode', true)); }}} This would allow users to easily change via plugin from the ""not so secure"" compatibility mode (only salted MD5) of phpass to a more secure setting (bcrypt) in case no compatibility with other applications is required. The plugin changing the encryption methog could then as easy as {{{ function phpass_bcrypt() { return false; } add_filter('phpass_compatibility_mode', 'phpass_bcrypt'); }}}" th23 128 21062 Add a 'template_file' hook to load_template() johnbillion has-patch Themes 3.4 normal normal Awaiting Review enhancement reviewing 2012-06-24T21:04:50Z 2018-03-05T20:28:36Z "Please consider adding a `'template_file'` hook in `load_template()` to enable the capture of the template filename. I have built a panel for the Debug Bar to be able to show template files loaded but I need this `'template_file'` hook to capture the template file names. This would be super useful for developers who are building sites with the complex template loading logic found in various theme frameworks et. al. With the hook added the code for `load_template()` might look like this: {{{ function load_template( $_template_file, $require_once = true ) { global $posts, $post, $wp_did_header, $wp_did_template_redirect, $wp_query, $wp_rewrite, $wpdb, $wp_version, $wp, $id, $comment, $user_ID; if ( is_array( $wp_query->query_vars ) ) extract( $wp_query->query_vars, EXTR_SKIP ); $_template_file = apply_filters( 'template_file', $_template_file, $require_once ); if ( $require_once ) require_once( $_template_file ); else require( $_template_file ); } }}} Here's a screenshot showing the Theme Template Files panel I implemented so you can see the use-case. This plugin requires the hook I'm proposing in order to work and I have attached the plugin for other's review. {{{ #!html <img src=""http://screenshots.newclarity.net/skitched-20120624-165532.png"" /> }}} This hook could also allow the loading of the template file from other directories such as a shared directory on a server, as appropriate, but that's not the reason I found the need today. The source for `load_template()` is found in `/wp-includes/template.php`. " mikeschinkel 14 21070 Added a filter to the sub-menu class attribute dev-feedback Menus 3.4 normal normal enhancement reopened 2012-06-25T12:47:34Z 2019-06-04T20:03:26Z "The sub-menus are hard coded with ""sub-menu"" as the only CSS class. This may cause bad performing CSS with maintainability issues, like when you're targeting the third level sub menu. I've added a filter, so CSS classes like ""sub-menu-level-$depth"" can be added." bjornjohansen 4 21077 Add support for custom ports in multisite site addresses has-patch Bootstrap/Load 3.4 normal normal Future Release enhancement reopened 2012-06-26T07:55:39Z 2024-02-07T20:57:56Z This patch enables MultiSite to be used with a custom port, what must be defined as WP_CUSTOM_PORT in wp-config.php. djzone 37 21096 Filter on is_front_page return value Query normal normal enhancement new 2012-06-28T10:32:03Z 2019-06-04T20:43:16Z "When you set a page (as 'placeholder' with same slug) as front page which is actually a post type archive to front page, is_front_page() will always return false on that page. The return value of the is_front_page() function is not filterable. Attached patch adds this filter in the most basic way." CoenJacobs 4 21132 "List tables' ""select all"" should let you really select all, regardless of screen options" Posts, Post Types normal normal Awaiting Review enhancement new 2012-07-02T04:38:38Z 2017-06-08T06:51:24Z "The select all checkbox in list tables selects all the items in your current view. Usually what I really want is to select all the items on all the pages. As a hack, I'll often leave the screen options setting for items per page on something really high, like 1,000. Unfortunately this means the tables are often really slow for no benefit (most of the time I don't need them all). A better solution would be a way to intelligently select all items without needing to show them on the page. The best example of this that I know of is Gmail, which adds a line above the list of emails when you click the select all box that looks something like this: ""All 50 conversations on this page are selected. Select all 653 conversations in Spam"". The second sentence is a link that, as expected, selects all of your emails that fit the current view, regardless of paging. Screenshot attached." evansolomon 6 21165 Make categories widget work with custom taxonomies wonderboymusic has-patch Widgets normal normal enhancement reopened 2012-07-05T14:15:13Z 2019-06-05T06:38:38Z "The tag cloud widget already has a taxonomy dropdown. We should add one for the categories widget as well." scribu 28 21171 jQuery Events for Metaboxes Administration normal minor enhancement new 2012-07-05T21:35:47Z 2019-06-04T19:23:09Z "Currently, when a plugin adds a metabox with complex objects (like TinyMCE, Maps, CodeMirror etc) care must be taken to refresh the objects when the elements are moved (including hidden/shown). After some digging, I've found that this seems to works in most cases: {{{ var context = ""#custom_meta_box_id""; $( '#adv-settings' ).on( 'click', context + '-hide, ', refresh ); $( context ).on( 'click', '.hndle, .handlediv', refresh ); $('.meta-box-sortables').bind( ""sortstop"", refresh ); }}} which isn't terrible, but seems fragile if core changes in the future, and there should just be a better way :-) Two ideas from dev chat are triggering custom events or the (coming soon) ""js actions"" which would be more robust (like php actions)." WraithKenny 2 21211 Alter how settings_errors are output in options.php dev-feedback Administration 3.4.1 normal normal defect (bug) new 2012-07-10T23:44:37Z 2019-06-04T19:23:12Z "The `*_settings_error(s)` and `settings_error` functions are used mainly as part of the Settings API, but with the way that options.php currently handles the settings errors, it assumes that people will use this functionality exclusively with the Settings API. Notice options.php, starting at line 153: {{{ /** * Handle settings errors and return to options page */ // If no settings errors were registered add a general 'updated' message. if ( !count( get_settings_errors() ) ) add_settings_error('general', 'settings_updated', __('Settings saved.'), 'updated'); set_transient('settings_errors', get_settings_errors(), 30); }}} This simply assumes that no other outside source has registered any sort of setting error other than the current options page. TwentyEleven does this, and so if any other source has registered any notices via these functions, the ""Settings saved."" message will not be output because the first bit of logic will fail. I don't think this assumption can (nor should) be warranted, so there needs to be another way to handle this so that themes like TwentyEleven who only call `settings_errors` at the top of their options page don't get unknowingly hijacked by other sources. I always suggest registering your own errors at the end of the sanitization callback for your setting, and then output those specific errors within settings_errors to avoid any internal conflicts like this. Just looking for some ways to approach this. :-) " griffinjt 2 21221 Image title and alt attribute content should be texturized. dev-feedback Media 3.4.1 normal normal enhancement new 2012-07-11T19:49:18Z 2019-06-04T20:03:28Z " gallery_shortcode() texturizes the caption shown underneath images in galleries. For consistency, alt and title tags content should also be texturized. This is also valuable for developers extending the gallery shortcode or output, such as with the WordPress.com (and Jetpack) [http://en.blog.wordpress.com/2011/11/08/new-photo-carousel/ Gallery Carousel feature], as it provides i18n'd texturization, for EG. See attached patch, which: * uses wptexturize() in wp_get_attachment_image() directly (/wp-includes/media.php), which makes it work with gallries, attachment pages, etc. * also uses wptexturize() in get_image_tag() (/wp-includes/media.php), for consistency. * uses wptexturize() in wp_get_attachment_link() (/wp-includespost-template.php), for consistency" stephdau 16 21234 Recursive directory creation & get_calendar() for custom post types Posts, Post Types 3.4.1 normal normal defect (bug) new 2012-07-12T12:31:28Z 2019-06-04T20:43:17Z "Hello! I made two patches, and sent the pull request on githab. https://github.com/WordPress/WordPress/pull/12 https://github.com/WordPress/WordPress/pull/14 And I want to join to contributers team. How can I do it? Irc chanel is Terminated :(" avaddon 3 21256 New theme feature - add_theme_support( 'content-width', $defaults ) chriscct7 dev-feedback Themes 3.4.1 normal normal Awaiting Review feature request assigned 2012-07-13T10:08:34Z 2018-11-22T22:16:27Z "Themes use '''$content_width''' variable to set the content area width, they use: {{{ if ( ! isset( $content_width ) ) $content_width = 500; }}} This method has two flaws, it's not flexible and it does not support different sizes for different post-types. WordPress has to make the content-width to be a builtin theme feature using '''add_theme_support()''', and make it more flexible and easy to update. I want to update this value using the Theme Customizer rather editing the function.php file. The code needs to be easy to set and to support CPT, some thing like this: {{{ $defaults = array( 'post' => '500', 'page' => '500', 'attachment' => '650', 'artist' => '300', 'movie' => '400' ); add_theme_support( 'content-width', $defaults ); }}} Just an idea for 3.5." ramiy 33 21273 Automatically open help panel dev-feedback Help/About normal trivial Future Release enhancement new 2012-07-14T19:04:20Z 2021-10-18T19:07:40Z "The help screen is highly inaccessible. Developers are not able to link to content in the help panels if you need to point users to specific directions for your plugin. This patch is a quick stab at it to see if it's worth while. What it does it allow direct links to the help panel. Upon pageload, it'll automagically open up to the correct panel. Usage: 1. Install the patch 2. Click http://wordpress.dev/wp-admin/index.php#tab-panel-help-layout Again, this is a quick stab. The concept could definitely be improve/abstracted and DRYed up. Let me know your thoughts :-)" ptahdunbar 16 21292 XML-RPC: wp_upload_bits should act like wp_handle_upload has-patch XML-RPC 3.0 normal normal defect (bug) assigned 2012-07-17T07:01:23Z 2023-03-02T15:07:16Z "At this moment there isn't a check for file size when uploading an image through the XML-RPC. The reason is that the method wp_upload_bits is used. This only checks it does is if the file size is to big for a network installation. The function check_upload_size() is something what you want except that it will use wp_die() if there is an error like this. The function is used as a filter: wp_handle_upload_prefilter. Which only get applied in the function wp_handle_upload. We should probably change check_upload_size() a bit so it doesn't use wp_die() but does it somewhere else. related: #6559 and #21085" markoheijnen 21 21352 wp_lostpassword_url() on multisite Login and Registration 3.3 normal normal Future Release enhancement new 2012-07-23T15:58:23Z 2021-10-20T15:03:43Z "The wp_lostpassword_url() function on Multisite outputs the link to the primary domain not the current domain. Although it works its not what should be expected if a user is registered to use blog ID 2 but not Blog ID 1. The lost password email generated also links back to the primary domain not the current domain. " philly max 30 21374 Add core support for letting custom permalink structure for different post types Rewrite Rules 2.9 normal normal enhancement new 2012-07-25T14:42:15Z 2019-06-04T21:07:39Z "By default, custom post types uses only the'' %postname%'' permalink structure (if using pretty links and not default query variables). Currently there is no native way to easily have different permastructs for different CPT. This features should be added to the '''register_post_type()''' function, letting different permalink structure be defined to each post_type being registered. I sugget adding another new key to the '''rewrite''' array that can be passed to the '''register_post_type()''' function. i.e. - {{{ register_post_type('event',array( ...... 'rewrite' => array('slug' => 'events', 'permastruct' => '%year%/%monthnum%/%event%' ), ..... )); }}} The register_post_type function should be changed, a suggestion for such a change may be that instead of this line in the function - (post.php line#1075) {{{ add_permastruct( $post_type, ""{$args->rewrite['slug']}/%$post_type%"", $args->rewrite ); }}} This example could be used - {{{ if ( $args->rewrite['permastruct'] ) { $perma_structure = $args->rewrite['permastruct']; $wp_rewrite->add_rewrite_tag(""%{$post_type}%"", '([^/]+)', ""{$post_type}=""); $wp_rewrite->add_permastruct($post_type, $archive_slug.'/'.$perma_structure, false); } else { add_permastruct( $post_type, ""{$args->rewrite['slug']}/%$post_type%"", $args->rewrite ); } }}} In order that the structure can interpret the permastruct tags, I added also this function to filter post_type_link, it is adapted from '''get_permalink''' function in ''wp-includes/link-template.php'' - {{{ add_filter('post_type_link', 'tc_permalink', 10, 3); function tc_permalink($permalink, $post_id, $leavename) { $post = get_post($post_id); $rewritecode = array( '%year%', '%monthnum%', '%day%', '%hour%', '%minute%', '%second%', $leavename? '' : '%postname%', '%post_id%', '%category%', '%author%', $leavename? '' : '%pagename%', ); if ( '' != $permalink && !in_array($post->post_status, array('draft', 'pending', 'auto-draft')) ) { $unixtime = strtotime($post->post_date); $category = ''; if ( strpos($permalink, '%category%') !== false ) { $cats = get_the_category($post->ID); if ( $cats ) { usort($cats, '_usort_terms_by_ID'); // order by ID $category = $cats[0]->slug; if ( $parent = $cats[0]->parent ) $category = get_category_parents($parent, false, '/', true) . $category; } // show default category in permalinks, without // having to assign it explicitly if ( empty($category) ) { $default_category = get_category( get_option( 'default_category' ) ); $category = is_wp_error( $default_category ) ? '' : $default_category->slug; } } $author = ''; if ( strpos($permalink, '%author%') !== false ) { $authordata = get_userdata($post->post_author); $author = $authordata->user_nicename; } $date = explode("" "",date('Y m d H i s', $unixtime)); $rewritereplace = array( $date[0], $date[1], $date[2], $date[3], $date[4], $date[5], $post->post_name, $post->ID, $category, $author, $post->post_name, ); $permalink = str_replace($rewritecode, $rewritereplace, $permalink); } else { // if they're not using the fancy permalink option } return $permalink; } }}} On a basic check this seems to be working, but ofcourse needed to be more deubgged.. I will be happy to here if you think such a feature should be added to core." maorb 11 21386 XML-RPC needs a user permission method XML-RPC normal normal enhancement new 2012-07-25T18:33:24Z 2019-06-05T06:38:43Z "At this moment when calling a XML-RPC method you will receive a error when the user can't do that method. What would be better if there is a way an app can retrieve the user permissions and act on that without the need to call the method." markoheijnen 15 21396 Categories widget reports categories without posts when they have custom posts Widgets 3.4 normal normal defect (bug) new 2012-07-27T02:36:46Z 2019-06-05T06:38:44Z "This problem may be related to #14084, but this report is specific to the behaviour of the Categories Widget. - Create a custom post type eg. ""Products"" - Create a category eg. ""Photographs"" - Add some posts of type Products, assign them to category Photographs - go to the blog page and the Categories widget lists Photographs as a category - click on Photographs - the ""Nothing Found"" post is shown. There are no normal posts of category Photographs, but the widget lists a category that returns nothing. I would have expected the widget not to list a category that has no normal posts. " pkwooster 1 21432 Deprecate *_blog_option() dev-feedback Options, Meta APIs 3.4.1 normal normal Future Release defect (bug) assigned 2012-07-31T21:53:06Z 2017-06-26T17:58:41Z "Deprecate get_blog_option(), add_blog_option(), update_blog_option(), and delete_blog_option(). The regular *_option() functions wrapped with switch_to_blog() and restore_current_blog() should be used instead. Previous discussion: http://core.trac.wordpress.org/ticket/21270#comment:11" ryan 11 21520 Prevent recursive script dependencies in wp_enqueue_script Script Loader normal normal defect (bug) new 2012-08-08T17:21:43Z 2019-06-04T21:07:42Z "If a script sets itself as a dependency, we should catch that, strip out the dependency, and throw a {{{_doing_it_wrong}}}: {{{wp_enqueue_script( 'my-script', '/path/to/file.js', array( 'my-script' ) );}}} This may need to be done at the lowest level possible, i.e. {{{_WP_Dependency}}}" batmoo 11 21521 Audit use of set_time_limit() dev-feedback Bootstrap/Load 3.4.1 normal normal enhancement new 2012-08-08T17:28:21Z 2019-06-04T19:23:14Z Core calls this half a dozen times. The call in wp_get_http() interferes with unit tests. Unit tests will terminate 60 seconds after wp_get_http() is called. Let's justify each use of set_time_limit() and remove what we can. ryan 6 21537 Email address sanitisation mangles valid email addresses dev-feedback Formatting 3.4.1 normal normal defect (bug) new 2012-08-10T11:24:50Z 2022-10-23T14:32:55Z "If you change your email address to one including an ampersand then we mangle the address with html entities. For example: * This - peter&paul@sitting.in.a.tree.com * Becomes - peter&paul@sitting.in.a.tree.com This is due to the call to {{{wp_filter_kses}}} on {{{pre_user_email'}}} in {{{default-filters.php}}}. The was added in [5906] for #4546. I'm not sure if we need kses filtering for emails - if we do which should probably revert this conversion of the & => & afterwards." westi 9 21546 Site Settings page is a hot mess Options, Meta APIs 3.0 normal normal enhancement reopened 2012-08-10T21:44:07Z 2019-06-04T20:43:21Z "I found out just how bad this page is when debugging an issue related to {{{WPLANG}}}. {{{WPLANG}}} is an option for a blog in your network (overrides {{{WPLANG}}} in {{{wp-config.php}}}), but if you delete the option on purpose or accidentally, there is no way of restoring it in the admin. Site Settings just loads your options table and POSTs back to itself. The only reference to the original options map (the defaults) is in schema, which WP has zero access to outside of upgrade. I have abstracted the default options and the default ""fat"" options into functions in {{{ms.php}}}. Also, when loading your Site Settings options - if a default option is missing, I display it in the admin so you can save it (it is populated with its default value). I have also streamlined and condensed some code that was happening in and around {{{populate_options()}}}" wonderboymusic 5 21569 Filter gallery styles with access to $attr has-patch Media 3.5 normal normal enhancement new 2012-08-13T21:18:25Z 2019-06-04T20:03:33Z "Currently you can replace the entire output, but that's all or nothing — if you decide to do that, you also need to parse the attributes array, decide on good defaults, etc. You can also filter the styles, but you don't have access to the attributes array. Use case: In my theme, I'd like to use the number of columns as more of a suggestion. I could set min-width to what `$itemwidth` is currently and it would be more responsive. If the page shrinks too small, it would only load 1 image per line instead of being locked into the right number of columns." betzster 9 21573 NOBLOGREDIRECT interfering with 404 errors Bootstrap/Load 3.4.1 normal normal Future Release defect (bug) new 2012-08-14T07:32:06Z 2019-09-07T10:10:12Z When the `NOBLOGREDIRECT` constant is defined, 404 pages on the main site will not work and instead redirect to URL defined in `NOBLOGREDIRECT`. This is the cause of the `maybe_redirect_404` action/function, which is not needed and should be removed. bungeshea 22 21583 Improve discoverability and visual design of Screen Options and Help Panels Help/About normal normal Future Release enhancement new 2012-08-14T22:34:05Z 2023-12-19T19:25:49Z "The Screen Options and Help panels are not very discoverable and, in part because of this, aren't very helpful to our users. Here are the problems with them right now: * Most users are blind to these tabs. * The labels and positioning give little indication as to what these tabs actually do. * For a lot of users, Help is not that helpful. *They’re position in the admin creates yet another point of navigation for users to be aware of (and per #1, most of them aren’t). * The very wide container for text makes a lot of the help text difficult to read. Here are some proposals to improve the design and discoverability of these tabs (related images and mockups are here: http://make.wordpress.org/ui/2012/08/06/we-did-some-brainstorming-at-dev-day-today/) : * Adding icons to these tabs would (hopefully) both make these tabs more visible and give a better indication as to what these tabs too. * Moving these to the right side of the toolbar would give even more context to what these do, as they would be grouped with other user-specific settings. * (6) The toolbar dropdown would allow for a slimmer content area for better readability. * (7) The slimmer content area would let us make screen options read like a list for better scannability. * (4/5) Putting the gear on the upper right would standardise with several other web apps (Twitter, etc). Related: #21326" chexee 49 21597 WordPress Importer $base_url index failed has-patch Import 3.4 normal normal defect (bug) new 2012-08-15T18:30:11Z 2019-06-04T20:03:35Z "When XRS file without the site url tag is imported, it throws a notice. This patch allow people to upload hand-made and not-attached-to-any-site XRS file. I came across creating a XRS file to import names of cities from Portugal to a specific custom taxonomy to some sites. This can reflect the necessity of this patch." lightningspirit 1 21602 redirect_canonical can lead to infinite loop on index navigation if site url is not all lower case needs-unit-tests Canonical normal blocker Future Release defect (bug) assigned 2012-08-15T21:31:17Z 2023-04-29T00:09:21Z "The function redirect_canonical in wp-includes/canonical.php (WordPress 3.4.1) on line 406 and 422 makes the following check: {{{ if ( !$redirect_url || $redirect_url == $requested_url ) return false; }}} This ensures that it does not attempt to redirect you to the page you requested in the first place. However this function is not case sensitive so if the redirect URL is in a different case than the requested URL then the user can enter an infinite redirect loop. (For example if the Site Address (URL) of the site is set to be in all upper case.) This function should do a case-insensitive string comparison since domain names are case-insensitive. The issue only appears to happen with certain plugins installed (ShareThis and PilotPress both led to this issue,) I haven't figured out yet why it's only an issue with certain plugins but it should still be fixed in WordPress to make the proper string comparison. " sreedoap 28 21627 Filter for custom-background CSS selector peterwilsoncc needs-unit-tests Customize 3.4.1 low minor Future Release enhancement assigned 2012-08-18T11:46:55Z 2021-05-22T17:41:50Z "There should be an easier way for changing the css selector from body to html or any other then making your own callback. " Horttcore 28 21650 replace serialize() with print_r() in stats() function in wp-includes/cache.php needs-unit-tests Cache API 3.4.1 normal normal Future Release defect (bug) new 2012-08-21T13:42:29Z 2022-10-10T19:46:05Z "In PHP 5.3 it is no longer possible to serialize data that contains a SimpleXMLElement object. It produces a fatal error. See https://bugs.php.net/bug.php?id=49800 The stats() function attempts to determine the allocated space for objects in the cache by using strlen() of the serialized object. This can fail for the reason above. Given that the figure returned is simply an estimation of the space I propose that the code is changed to use print_r( $cache, true ) instead of serialize( $cache ) ie. to become `echo ""<li><strong>Group:</strong> $group - ( "" . number_format( strlen( print_r( $cache, true ) ) / 1024, 2 ) . 'k )</li>';` This TRAC was raised after a longish chain of events starting with #18488 and the final response (today) which led to another chance discovery of a similar problem in the debug-bar plugin. http://wordpress.org/support/topic/plugin-debug-bar-fatal-error-uncaught-exception-serialization-of-simplexmlelement-is-not-allowed " bobbingwide 15 21666 Customizer Revisions (previously reset/undo/revert) melchoyce Customize 3.4.2 normal normal Future Release feature request assigned 2012-08-23T10:09:49Z 2021-05-24T14:32:56Z "It would be useful to be able to reset the settings to the defaults as specified in the add_setting() class method when setting up each setting. These could be reset on a section by section basis and/or for ALL settings." dgwyer 49 21669 "Make ""Home"" option persistent in Pages box on Menus screen" Menus 3.4 normal normal defect (bug) new 2012-08-23T16:57:08Z 2019-06-04T20:03:36Z "If you have some pages, or even a page, then on nav-menus.php in the Pages box, View All, it will display Home as an option. However, if you do not have any pages at all (mostly Blog on front page scenarios), then it just says ""No items."" in the Pages box. It should always be populated with at least the Home option. Oversight on our part that we didn't uncover this behavior before. " jane 1 21679 media_handle_upload does not provide a way to change the file's name has-patch Media 2.5 normal normal Future Release enhancement new 2012-08-24T04:00:30Z 2018-10-18T22:23:36Z "`wp-admin/includes/media.php` has two operations that I believe should be reversed. Basically, `$name` is set based on the name of the raw uploaded file ( `$_FILES[$file_id]['name']`), however in the `wp_handle_upload` function you are able to use `wp_handle_upload_prefilter` to adjust the file's name - but when after the `wp_handle_upload` returns the changes will not show up in the title of the media dialog field even though the file has been renamed properly: {{{ $name = $_FILES[$file_id]['name']; $file = wp_handle_upload($_FILES[$file_id], $overrides, $time); if ( isset($file['error']) ) return new WP_Error( 'upload_error', $file['error'] ); $name_parts = pathinfo($name); $name = trim( substr( $name, 0, -(1 + strlen($name_parts['extension'])) ) ); }}} In short, uploading a file named Picture.png and changing the name to test3.png using the `wp_handle_upload_prefilter` filter does in fact allow the file's name to be changed before it is saved, but the ""title"" is then incorrectly displayed in the media uploader dialog box. [[Image(http://img24.imageshack.us/img24/3679/pictureyp.png)]] This would be relatively easy to fix using this patch: {{{ --- media.php 2012-08-23 23:57:02.000000000 -0400 +++ media-patch.php 2012-06-06 12:00:08.000000000 -0400 @@ -209,8 +209,8 @@ $time = $post->post_date; } + $name = $_FILES[$file_id]['name']; $file = wp_handle_upload($_FILES[$file_id], $overrides, $time); - $name = $file['name']; if ( isset($file['error']) ) return new WP_Error( 'upload_error', $file['error'] ); }}}" Willshouse 9 21682 Rewrite endpoints are lost if a custom category or tag base is defined DrewAPicture dev-feedback Rewrite Rules 3.4 normal normal defect (bug) reviewing 2012-08-24T15:57:04Z 2019-06-04T21:07:44Z "== Problem == So this little bug was winding me up for a while. The standard approach according to the codex for adding rewrite endpoints is to call the `add_rewrite_endpoint()` function within the init hook. So far so good. The problem occurs whenever `WP_Rewrite::init()` is called ''after'' the init hook. It resets the endpoints array and so when rewrite rules are subsequently generated through the options-permalink.php admin page the rewrite rules are unknown to the system and hence don't work. `WP_Rewrite::init()` is called within `WP_Rewrite::set_category_base()`, `WP_Rewrite::set_tag_base()` and `WP_Rewrite::set_permalink_structure()`. In the latter it is only called if the permalink structure has changed so on first save of a change endpoints are lost. In the other 2 it is called every time if the slug doesn't match the default so rewrites are always lost. == Solutions: == 1. add an action hook to the start of `WP_Rewrite::rewrite_rules()` where endpoints should be added 2. store the endpoints at the start of `WP_Rewrite::init()` and restore them at the end 3. don't reset them at all I think solution 3 would make sense, the endpoints could be defaulted to an empty array and I can't see any reason to want to reset them anyway. I've attached a simple patch that works (for me at least). '''NB.''' this problem may also affect the `$extra_rules` and `$non_wp_rules` but I haven't tested that theory yet." sanchothefat 7 21700 Problem obtaining the Feed of an archive of tag “RSS” Canonical 3.4.1 normal normal defect (bug) new 2012-08-27T10:40:33Z 2019-06-04T19:23:18Z "I'm using RSS as a tag for some of my blog posts, and I was using them without any problem. '''myblog.com/tag/rss/''' But I've just realised that Google Webmaster Tools gives me some related errors. The issue is this: when trying to retrieve the feed of this tag, from '''myblog.com/tag/rss/feed/''' it gets redirected to '''myblog.com/tag/feed/''' And this gives an error." xavivars 12 21714 Enable Intermediate choice in UI if Full Size Image is exact match to Intermediate Image Media 3.4.1 normal normal enhancement new 2012-08-28T15:56:09Z 2020-01-15T01:49:54Z " This is simply a minor usability enhancement for Media Gallery. If an image is uploaded that is exactly the same size as an intermediate image (300x300 = Medium for example) it is not a choice when inserting that image into a post. It would be nice if it was a choice pointing to the full/original image since full is the same size as the intermediate. It seems to be caused in the image_downsize function in /wp-includes/media.php because image_get_intermediate_size returns false. I believe image_downsize can be updated as such to provide this enhancement: Line 162 (if statement) Currently: {{{ if ( !$width && !$height && isset($meta['width'], $meta['height']) ) { // any other type: use the real image $width = $meta['width']; $height = $meta['height']; } }}} could be updated to read the intermediate width and height and set intermediate to true if it is an exact match to the original image: {{{ if ( !$width && !$height && isset($meta['width'], $meta['height']) ) { // any other type: use the real image $width = $meta['width']; $height = $meta['height']; // add check for real image being exact match to intermediate image to enable intermediate choice in UI if (isset($_wp_additional_image_sizes[$size])) { $goal_width = intval($_wp_additional_image_sizes[$size]['width']); $goal_height = intval($_wp_additional_image_sizes[$size]['height']); } else { $goal_width = get_option($size.'_size_w'); $goal_height = get_option($size.'_size_h'); } if ($width == $goal_width && $height == $goal_height) $is_intermediate = true; } }}} Thanks for considering, and hope I put this in the right place, Andrew " andrewteg 4 21730 More modular and reusable email validation functions needs-unit-tests Users normal normal enhancement new 2012-08-29T16:04:04Z 2019-06-05T06:38:46Z "Email validation, especially as it's handled in Multisite (most of which is verbatim from MU), is pretty messy. We have some functions like `is_email_address_unsafe()` for checking banned domains, but we don't have a parallel function for checking against limited_email_domains. There are no filters outside of `wpmu_validate_user_signup`, which means that if you want to use email validation outside of the normal MS registration workflow and want to tweak the way that it works (see eg #15706, #20459), you pretty much have to roll your own. And there's no single function that a plugin like BuddyPress can use to do all relevant email checks in one fell swoop. The attached patch suggests the following changes: - Put the limited_email_domains check into a function, `is_email_address_allowed()`. - Put filters on the output of this new function as well as `is_email_address_unsafe()`. - Introduce function wp_validate_email_address(), which wraps the following four checks: is_email(), email_exists(), is_email_address_allowed(), is_email_address_unsafe(). - Rearranges `wpmu_validate_user_signup()` a bit so that all email checks (as opposed to username checks) happen together. I'm not married to anything in this particular implementation (the way that wp_validate_email_address() sends back error messages is not particularly beautiful, but I didn't want to introduce a ton of overhead), but I would really like to see some sort of treatment along these lines, to make things more modular and reusable. If something like this gets approved by the devs, I would like to further suggest the following: - Give a similar treatment to username validation - Move the generic validation functions out of ms-functions.php (with function_exists() checks on the MS-specific stuff) I'm happy to work more on this kind of patch, but didn't want to go too far in case it's a non-starter for some reason." boonebgorges 6 21744 WP_User_Query does not support post type has-patch Users 3.4.1 normal normal Awaiting Review enhancement reopened 2012-08-31T00:13:59Z 2019-03-27T11:40:11Z "unfortunately WP_User_Query only support 'post' right now. i've attached my modified user.php" AliMH 7 21753 Feed excerpts are missing important filter formatting needs-unit-tests Feeds 3.4.1 normal normal defect (bug) new 2012-08-31T14:20:56Z 2020-11-17T05:27:18Z "Excerpts included in feeds are missing important formatting because the relevant filters are not applied (e.g. wpautop). In file wp-includes/feed.php, function the_excerpt_rss() does not apply the same filters as the_excerpt() whilst results in lost formatting instructions. By comparison, function the_content_feed() ensures that the same filters declared for the_content() are applied. A suggested patch is attached. Note that for symmetry between the_excerpt_rss() and the_content_feed() this patch also removes the (unnecessary?) filter ent2ncr() from the_excerpt_rss() and retains the (controversial?) escaping for CDATA blocks (see #3670). A few related issues are worth mentioning. Firstly, shortcodes are still not applied to excerpts (see #7093). Also, the (obsolete?) RDF feed does not make use of a CDATA block unlike those for RSS, RSS2 and Atom (see #20888). Finally, a similar problem occurs with comment text in feeds (see #16466)." mdgl 6 21758 Do not require a file in comments_template() Comments 3.4.1 normal normal enhancement new 2012-08-31T20:22:16Z 2019-06-04T19:23:20Z "comments_template() is a very useful and reliable way to set up comments for a page, but it has a major downfall: it forces a file to be included when, in reality, one does not need to be. Numerous times it has been the case that I needed comments to be setup in the wp_query object, but did not want to output anything at that time. The hack I have used is simply to include an empty comments.php file. This method is less than desirable for obvious reasons. So, I propose that we simply add a parameter I'm calling $require that will control whether or not a file is included at all." mattonomics 4 21762 Storing a multidimensional array using register_setting double-serializes subarrays identified with a string sekatsim Database 3.4 normal normal defect (bug) new 2012-08-31T22:43:16Z 2019-06-04T19:23:21Z "Storing a multidimensional array, such as `$options['my-option'][$id] = ""value""`, into the database using register_setting results in the ""my-option"" string getting double serialized. The option_value is stored as: `s:9:""'my-option'"";a:1:{s:9:""option-id"";s:5:""value"";}` The my-option array is encased in both single and double quotes, so that `isset($options['option-id']` evaluates false, but `isset($options[""'option-id'""]` evaluates true." sekatsim 3 21773 Scheduled pages/posts should not appear in custom menus reporter-feedback Menus 3.0 normal normal defect (bug) new 2012-09-02T14:30:48Z 2019-06-04T20:03:42Z "When I add a '''scheduled page/post''' in a custom menu the page/post immediately appears in the front-end menu. I think these scheduled pages/posts should only be visible in the front-end navigation when their scheduled time is reached (as it is the case with automatic menus). Otherwise the ""Schedule"" functionality makes no sense with custom menus, especially for pages. Here is another forum post regarding this issue: http://wordpress.org/support/topic/custom-menu-support-for-scheduled-pagesposts" Lorangeo 9 21790 When set a static front page WP main query isn't set correctly SergeyBiryukov Query 3.4.1 normal normal Future Release defect (bug) assigned 2012-09-04T13:50:26Z 2017-05-05T09:34:57Z "In my project I use on several places pre_get_posts filter. When setting a static frontpage and blog page I get several notices on my screen. When I var_dump the main query the only value that is set it the page_id. Even the post_type isn't set." markoheijnen 26 21810 Improve intermediate image size handling Media 3.5 normal normal enhancement new 2012-09-05T20:28:14Z 2019-06-04T20:03:44Z "When discussing the new media workflows on #21390, the need to improve our image size API became apparent. A quick overview of the improvements that should be made: * All image attachments have an original, or ""golden master"", which is never altered. * An image size creates a new image and stores all transformations applied to the image as metadata. Transformations are described relative to the golden master. An image size has a unique slug (which means a set of dimensions does *not* have to be unique). * Image attachments have a ""master"" image size, which is used to create any automatically generated image sizes. * Automatically generated image sizes can be overridden with manual transformations. Would love for someone to step up on this ticket, as the media modal editing UI will benefit greatly from these improvements." koopersmith 15 21834 Comment History has-patch Comments normal normal feature request new 2012-09-07T20:30:47Z 2021-11-07T21:35:36Z "This ticket provides a simple patch for comment history in core. ''The Problem'': In at least a few places: ([comment:ticket:9117:10], [comment:ticket:15534:4], [comment:ticket:9495:3]) Nacin has mused about the desirability of introducing comment history to core, citing Akismet’s implementation as a model for how this might be done. There are good reasons for wanting this, as comment history could serve as a solid underpinning for a variety of other features such as more informative moderation emails, some indication of why a message was marked as spam, and even comment versioning. The idea is that to implement any of that, we really should have basic comment versioning in core, a la Akisment. ''The Solution'': Our goal was to expand the API so as to reproduce and streamline the basic history functionality provided by Akismet, port and tweak Akismet’s nice history UI, and keep the change set minimal. Comment history API: * added simple functions to /wp-includes/comment.php to get and update comment history. These in turn use existing comment_meta functions. UI: * there’s now a comment history meta box on the comment edit screen. It looks just like Akismet’s. This was implemented as a real meta box. A sorting function is also included. History Events: * this patch supports the following history events, each of which has a nice, plain-english (internationalizable) history message, which always includes the user responsible for the action and a timesince. * edit_comment (“edited by user”) * trashed_comment (“trashed by user”) * untrashed_comment (“un-trashed by user”) * comment_unapproved_to_approved (“user approved this comment”) * comment_approved_to_unapproved (“user unapproved this comment”) * spammed_comment (“user marked this comment as spam”) * unspammed_comment (“user marked this comment as ham”) ''Next steps'': Here’s what we’d think of doing next if this were to be introduced into core: * support more history events and provide more detail. In particular, support events where the comment is spammed as a result of a blacklist word or other reason. * include some of this detail in moderation emails ''Note'': * the Akismet plugin should be updated to use this new API instead of its own history functions * meta boxes on edit comment did not work properly until this: http://core.trac.wordpress.org/ticket/21499 (in 3.5) ''Who we are'': This patch comes from [http://profiles.wordpress.org/bbrooks Ben Brooks], [http://profiles.wordpress.org/mattoperry Matt Perry] and [http://profiles.wordpress.org/natebot Nathan Letsinger]. Enjoy" mattoperry 7 21859 Import blog and media library is not working Import 3.4 normal normal defect (bug) new 2012-09-10T08:02:25Z 2019-06-04T20:03:47Z "Hi, I have problems (due to hosting php timeout) to import all my blog at once. I tried doing it by months, but it's also not working. Blog posts are imported, but nothing of the media library is imported. I can describe too what happens when trying to import everything at once. I've just 200 photos and every 90 secs the connection is reseted trying to import them. If you try to retry using browser, photos begin to duplicate, or triplicate, or more... After all this, then you finish, there is no attachments related to their post. I've tried importing by months, which would not spend more than 60 secs importing photos, but then the photos are not imported. Please, fix the import/export by months or by splitting files every 10 post (or configurable). I would suggest too to allow any mechanism to import photos first, doing it in groups of 20 (or by configuration) and later, after that, importing post and attaching files to each post. I set it as critical as moving a blog it's impossible without a huge amount of work. I could try to help debugging if needed. Version 3.4.1 is also affected. Thanks and regards" don_ousian 5 21910 wpmu_create_user() standardization Users 3.0 normal normal enhancement new 2012-09-17T18:03:24Z 2019-06-05T06:38:47Z "There seems to be some inconsistencies between wpmu_create_user(), create_user(), and wp_insert_user(). The former two are wrappers, and do different things but potential to consolidate and clean up some old code. Per Nacin: >nacin: wpmu_create_user() should probably just go away. >nacin: fairly useless function >nacin: by default, it looks like wp_insert_user() would create a role-less user. >nacin: as would wp_create_user() Looking at wp_insert_user() it sets the default role if none is provided, where wpmu_create_user() would actually delete the default roles and caps. Although, I'm not really sure there's a use case where you'd be using both the wpmu_new_user and user_register hooks simultaneously so possibly depreciate the former in favor of the latter. One real issue with wpmu_create_user is that it returns false instead of the WP_Error object which is probably not desired since the error could be useful. The false return is used in wpmu_activate_signup() to either set the returned ID or create it's own WP_Error. Lastly... documentation for create_user says it returns the ID, but it looks like it could potentially also return a WP_Error object. Didn't test, but possible documentation fix there. " ryanduff 4 21912 Add return filter to current_theme_supports() has-patch Themes 3.4 normal normal enhancement new 2012-09-17T18:39:29Z 2019-06-04T21:07:46Z "current_theme_supports() makes it hard for plugins to affect whether a theme supports a certain feature. The use case I have is that I am building a plugin that utilises bbPress (and soon, BuddyPress)-style template compatibility parts. In those template parts, I display something very, very similar to a post thumbnail or custom header. I want to use the ""Featured Image"" metabox on the Post screen to set that image. If I use the plugin on a theme that doesn't support post thumbnails, the metabox correctly doesn't appear, and so users have no way of choosing a featured image. While there are ways around this -- manual conditional registering of the Featured Image metabox, creating my own metabox, or calling add_theme_support/remove_theme_support like a toggle -- none of them are particularly elegant. While current_theme_supports has a return filter, it's not reached by all code execution paths. The attached patch reworks the function so that the return value is always passed through the filter." DJPaul 5 21913 Detecting MIME Types in WXR Files dev-feedback Import 3.4.2 normal normal enhancement new 2012-09-17T21:09:07Z 2019-06-04T20:03:48Z "In the process of creating a service to convert TypePad data to WXR formatted files, we've encountered some unique problems with TypePad data. Namely, many TypePad files are saved without file extensions, which prevents the existing importer from importing those files into the wp-content/uploads folder. In order to import and rename these otherwise ignored files, we've created a patch for the WordPress importer that does the following: 1. If there is an attachment in the WXR and the importer is not able to determine the file type from the file name (ie missing extension), the patched version will make a light (body-less) request to the web server where the file is hosted for information we can use about the file. The things we're interested in are file type, size, and filename. 2. If the importer is processing an attachment under the above situation, and it is able to determine the file type, then it will rewrite the local version of the file to have the appropriate file extension. This is a simple bit of code, but it makes a huge difference as TypePad saves without file extensions quite regularly. We've attached our patch and a sample WXR file from ragsgupta.com, the Brightcove co-founder's blog." ReadyMadeWeb 7 21981 Securing the uploads directory Upload normal normal Awaiting Review enhancement reopened 2012-09-24T04:35:11Z 2023-06-25T07:15:26Z "Look at implementing something similar to an .htaccess file in the uploads directory with: {{{php_flag engine off}}} This may not work in every server scenario, but let's open the conversation, and some scenarios is probably better than none anyway." japh 15 21989 update_option() calls sanitize_option() twice when option does not exist dev-feedback Options, Meta APIs normal normal Future Release defect (bug) new 2012-09-25T05:04:34Z 2024-02-22T06:16:56Z " I just spent several hours tracking down an issue when using the Settings API where `sanitize_option()` is called twice which is unnecessary execution especially if sanitization includes calling an external API for username/password authorization ''(this was how another developer set it up for a plugin I was debugging.)'' What happens is that a call to `update_option()` will call `sanitize_option()` and then if the option wasn't previously in the options table `update_option()` will delegate to `add_option()` which calls `santize_option()` a second time. This would normally be easy to workaround by first calling `get_option()` and testing for `false` and calling `add_option()` instead of `update_option()` if `false`, but not when the Settings API chooses how to call it. I've looked at the problem and can envision several different ways to solve it such but don't know which the core developers would choose ''(or if they'd choose yet another option I haven't envisioned)'' so I didn't submit a patch: - Adding a 3rd parameter `$mode` to `sanitize_option()` that identifies the mode ''('add', 'edit', default = 'unknown')'' and thus allow the hook to ignore one of the options ''(this would be more backward compatible but would put the onus on the developer to know to do this)'', - Adding a 5th parameter `$bypass_sanitize` to `add_option()` defaulted to `false` that is only passed as `true` in `update_option()` allowing `update_option()` to disable the call to `sanitize_option()` found in `add_option()` ''(this would be less backward compatible and hacky, but seemless to the developer)'' - Adding a 3rd parameter `$bypass_sanitize` to `update_option()` defaulted to `false` that is only passed as `true` from `/wp-admin/options.php` allowing `update_option()` to bypass the call to `sanitize_option()` if an `add_option()` will happen ''(this would be less backward compatible and hacky, but seemless to the developer)'' - Have `/wp-admin/options.php` test for no pre-existing option and then call `add_option()` or `update_option()`, respectively ''(this would be seemless to the developer but less backward compatible and not hacky, and it wouldn't handle the general case.)'' So is this worth fixing to save other users and developers debugging time, and to reduce the chance of subtle errors in new code? If yes, how best to approach?" MikeSchinkel 35 21994 Subdomains may not exceed 63 characters in length has-patch Networks and Sites 3.4 low normal enhancement new 2012-09-25T22:31:44Z 2019-06-04T21:03:47Z "According to section 3.1 ""Name space specifications and terminology"" of [http://www.faqs.org/rfcs/rfc1034.html RFC1034], domain names are nodes in a tree structure and ""Each node has a label, which is zero to 63 octets in length."" WP should help to correctly enforce this requirement, so I've attached a patch that adds a maxlength=""63"" attribute on the input field on line 126 of wp-admin/network/site-new.php. This should help sites and network admins prevent the creation of blogs hosted on subdomain installs that will not resolve properly, and at the same time allow for maximum length subdomains." humanshell 10 22003 Saving custom fields goes to post-new.php rather than post.php Posts, Post Types 2.5 normal normal defect (bug) reopened 2012-09-26T15:57:01Z 2019-08-09T00:46:50Z "Create a new post or page. Add a title and message. Add a custom field (click ""Add Custom Field"") The post is saved, but as you are taken to post-new.php rather than post.php, it looks as if your post has disappeared! All is well - it is actually saved - but it's confusing. Tested on 3.5-alpha-21989" curiousdannii 4 22022 Can’t properly add pages of type edit.php?post_type=xxx as submenu items to arbitrary parent menus Posts, Post Types 3.0 normal normal defect (bug) new 2012-09-27T20:22:43Z 2019-06-04T20:43:26Z "The following code illustrates the problem. {{{ add_menu_page('My Pages', 'My Pages', 'edit_posts', 'parentslug', array(class, func)); add_submenu_page('parentslug', 'Settings', 'Settings', 'edit_posts', 'mysettings', array(class, func)); add_submenu_page('parentslug', 'Custom Post Type', 'Custom Post Type', 'edit_posts', 'edit.php?post_type=xxx'); }}} When you click on the first submenu item, the menu stays open, displaying the submenu items as it should. When you click on the item for the custom post type, the parent menu is closed and submenu pages are not displayed. The root of the problem is how $parent_page is handled for pages of type edit.php?post_type=xxx. In get_admin_page_parent(), $parent_file is always set to $submenu[$parent], which may cause the submenu slug to be different from $parent_file. But in _wp_menu_output, if the submenu slug and parent slug are not equal, the 'wp-has-current-submenu wp-menu-open' classes do not get added which means the menu gets displayed as being closed. Since there are no actions called between get_admin_parent_page() and the output of the menu, the only workaround I can see is some ugly JS that fixes up the classes. It seems like the least intrusive fix would be to just move the call to apply_filters(""parent_file) in menu-header.php to after the call to get_admin_page_parent() so that $parent_file can truly be overridden. This also seems inline with the intent of the filter. " jjharr 6 22037 Customizer: Live preview fetches page but does not display (show error message) Customize 3.4.2 normal normal Future Release defect (bug) new 2012-09-28T15:14:54Z 2021-05-22T18:03:28Z "I just set-up a plain installation of 3.4.2. Configured it for multisite use. Set-up two sites, both working fine. When going into a sites Appearance settings to customize the theme (TwentyEleven), the Customizer shows the control panel on the left, but the preview remains blank. Firebug shows no Javascript errors. '''It also shows, that a POST request is sent to fetch the front page and that the page is actually returned in the response. It appears the response is just not added to the right-hand preview area.''' ---- Per duplicate #28227: > When Customizer can't load due to an error, there's no indication as to what's going on. It would be nice if some information was presented instead of seeing a blank screen on the right side." marcoliverteschke 31 22041 Importer dies silently when multisite upload limit is reached Import normal normal enhancement reopened 2012-09-28T17:58:57Z 2019-06-04T20:03:50Z "The scenario: You're importing a WXR file into a site on a multisite network and the WXR includes a number of large attachments. For whatever reason, the upload capacity for each site is set at 100MB. If the upload capacity is reached during the import process, the import will look like it's hanging forever. Instead, it would be nice to show an alert that the upload capacity was reached or similar." danielbachhuber 6 22075 Allow custom attributes to be set in `wp_get_attachment_link` needs-unit-tests Media 3.4 normal normal enhancement new 2012-10-02T04:29:05Z 2019-06-04T20:03:52Z "I answered a [http://wordpress.stackexchange.com/questions/65982 question] not so long ago on [http://wordpress.stackexchange.com/ WordPress StackExchange]. There I saw the need on a filter for `wp_get_attachment_link()` to allow the developer to add or remove attributes to the HTML without having to use a regex on it or creating the `a` tag again. So I've done this small patch with changes to apply this enhancement to the function." webord 5 22076 WP Upgrader: update_bulk_plugins_complete_actions and update_bulk_theme_complete_actions should pass information about all plugins/themes to the filter Upgrade/Install 3.0 normal normal enhancement new 2012-10-02T07:56:19Z 2019-06-04T21:07:48Z "In class-wp-upgrader.php, line 1214 there is this line: {{{ $update_actions = apply_filters('update_plugin_complete_actions', $update_actions, $this->plugin); }}} When adding a filter to it like this: {{{ add_filter('update_bulk_plugins_complete_actions','test_filter',99,2); function test_filter( $update_actions, $plugins ) { echo print_r( $plugins, 1); return $update_actions; } }}} Only the last updated plugin info will be printed. However, it should contain information about all the plugins that were updated (since we are dealing with a bulk upgrade here)." ragulka 4 22082 WordPress Import Tool loses the complete category hierarchical structure Import 3.4.2 normal normal defect (bug) new 2012-10-03T01:53:05Z 2019-06-04T20:03:54Z "I have exported from my local laptop wordpress installation the posts I had. They have the following structure with categories: {{{ language --> main category, parent - source language --> for example AF -- target language --> for example AFAR for Africans to Arabics --- lessons ----- lesson 1 --> up to 100 lessons entries -- next target language }}} and so on this complete structure is lost after import - they are all changed to parent categories no single child category. I will attach the export file." christian_gnoth 3 22100 Treat built-in image sizes the same as custom image sizes has-patch Media normal normal enhancement new 2012-10-04T15:39:44Z 2019-06-04T20:03:57Z "Goals: 0. Have a solid API for working with intermediate image size definitions. 1. Don't hardcode default image sizes; register them like any other. 2. ~~Introduce a 'pregenerate' arg, which will allow defining an image size that will not be automatically generated right after upload.~~ Related tickets: #15311, #21810" scribu 17 22114 Propagating password on change chriscct7 has-patch Users 3.4.2 normal normal feature request assigned 2012-10-06T08:30:47Z 2019-06-05T06:38:48Z "After creating an account or changing profile information, it is possible to intercept the changed data in a hook. However, this is not possible for the cleartext psasword, and this is a useful feature especially when propagating a password change over different accounts spanning across different systems (in contexts such as updating the password for phpBB, Prestashop, or any PAM thingie when the WordPress password is changed). Since this feature is by no means possible to implement without core hacks, I am submitting a patch to include this feature in the WP core. This patch proves useful if we are to integrate other software bricks without having to implement SSO using WordPress' architecture. In my context, I need to be able to log-in through WordPress or directly through the business specific back-end. Proposed patch is attached." ChloeD 10 22116 bug in dynamic_sidebar function has-patch Widgets 3.4.2 normal normal defect (bug) new 2012-10-06T12:19:48Z 2019-06-05T06:38:50Z "In the dynamic_sidebar function is for displaying the right sidebar, by id, but in the code it is searched by name: {{{ function dynamic_sidebar($index = 1) { global $wp_registered_sidebars, $wp_registered_widgets; if ( is_int($index) ) { $index = ""sidebar-$index""; } else { $index = sanitize_title($index); foreach ( (array) $wp_registered_sidebars as $key => $value ) { if ( sanitize_title($value['name']) == $index ) { $index = $key; break; } } } }}} must be changed to : {{{ function dynamic_sidebar($index = 1) { global $wp_registered_sidebars, $wp_registered_widgets; if ( is_int($index) ) { $index = ""sidebar-$index""; } else { $index = sanitize_title($index); foreach ( (array) $wp_registered_sidebars as $key => $value ) { if ( sanitize_title($value['id']) == $index ) { $index = $key; break; } } } }}} " alexvorn2 12 22128 Adding upload mimetype in Multisite does not work if mimetype is not already defined Upload 3.0 normal minor Awaiting Review defect (bug) new 2012-10-08T13:13:54Z 2019-05-15T21:11:42Z "'''Description''' We would like to add 3gp to the list of file types to be uploaded in the sites of our network install. We've tried to add 3gp to the Network Settings->Upload File Types setting for this. However after having saved the setting we were still not able to upload 3gp. It seems the user setting is being overruled by the list of global settings. '''Steps to reproduce issue:''' 1. Use WordPress Network install (aka Multisite) 2. Add the file extension 3gp to the upload file types setting in Network Settings 3. Save Settings 4. Try to upload a 3gp file using the Media Library, it will fail with the message: 'Sorry, this file type is not permitted for security reasons.' It seems the upload file types defined in the Network Settings cannot overrule / add new file types if this file type has not already been defined in the function wp_get_mime_types() (see file: wp-includes/functions.php). '''Expected behaviour''' Changing the Upload File Types by adding a new extension results in WordPress accepting files ending in this extension. Or warn the admin that this extension is unknown and more info (such as the full mime type) is needed. '''Proposed solution''' We are aware of the hook 'upload_mimes' to fix this with a plugin, but we suggest that the superadmin Network Settings->upload file type overrules WordPress' built-in defaults instead of the other way around." BjornW 21 22150 Customizer: Remove Image doesn't remove from Media Library Upload 3.4 normal normal Awaiting Review defect (bug) new 2012-10-10T05:35:15Z 2019-05-15T21:12:16Z "After uploading an image using the Theme Customizer, a ""Remove Image"" link appears - this seems to imply that clicking it will cause the image to be deleted entirely, rather than just hidden from the current view. " pento 4 22164 "Move comment ""keyboard shortcuts"" setting to comments -> screen options" dev-feedback Comments normal normal enhancement new 2012-10-11T14:14:23Z 2019-06-04T19:23:27Z "Seems like it would make more sense to move the comment ""keyboard shortcuts"" setting from ""Your Profile"" to the screen options pane of edit-comments.php. Something like: [[Image(http://f.cl.ly/items/1k210Z2V1o0b350I1n0V/keyboard-shortcuts.jpg)]]" lessbloat 8 22192 update_option() strict checks can cause false negatives joemcgill needs-unit-tests Options, Meta APIs normal normal Future Release defect (bug) assigned 2012-10-15T03:19:23Z 2023-10-16T21:22:18Z "Given this: {{{ add_option( $option_name, 1 ); update_option( $option_name, 1 ); }}} The update should not work, because they are the same. However, the meta cache will have ""1"" as a string, and then it will strict compare it to 1 as an integer. Thus, an unnecessary update will run. It is quite common to use integers and booleans directly into these functions. They should be smart enough to recognize that ""1"" == 1 == true and ""0"" == 0 == false, and that any numeric string is also equal to a properly cast integer. The new changes need unit tests. Ticket from which this was spun: #22189, saving navigation menus is slow." nacin 107 22198 Realigning the Discussions Settings page chriscct7 has-patch Comments 3.4.2 normal normal enhancement assigned 2012-10-15T14:50:34Z 2019-06-04T19:23:31Z "[I looked for some tikets for this but didn't find any directly related, so hopefully I haven't missed a big one out there floating around.] The Discussions Settings page (options-discussion.php) always trips me up when setting up a new site. There's a lot of options, descriptions, directions, etc on that page — much of which is probably unavoidable. When I visit it, I always think that the hierarchy isn't quite right. To help with this, I thought of two half-measures. 1. A very simple solution: Put the ""Allow people to post comments on new posts"" at the top of the options list, with a little space below it. That would make that option the most prominent on the page, without making it stand out too much. Like this: [[Image(http://f.cl.ly/items/3e0c062W0N1l3J2D0q0Y/Screen%20shot%202012-10-15%20at%2011.56.02%20AM.png)]] 2. A more involved solution: I really like the new click-to-reveal-the-options at work in the ""Page on Front"" (#16379) workflow and thought it might work well here. *Something* in this direction: [[Image(http://f.cl.ly/items/022A1G3k0O3q0g1u380L/Screen%20shot%202012-10-15%20at%2012.12.09%20PM.png)]] The first could be accomplished for 3.5, but the second re-working could be a further down the line item. " saltcod 9 22225 WordPress does not localize ordinal suffixes in dates has-patch I18N 3.4.2 normal normal Future Release enhancement reviewing 2012-10-19T08:39:08Z 2021-07-21T22:16:39Z "In wp-includes/functions.php function date_i18n(), elements like month, month abbreviation, weekday etc.. are localized but not the ordinal suffixes (e.g. st, nd, rt, th) effect: when using the ordinal suffixes for dates e.g. {{{ <?php the_time('F jS, Y'); ?> }}} on translated/localized page page, the month name is translated (F) but the ordinal suffix no. Not browser/OS/environment dependent." mihaimihai 13 22236 edit.php: Apply when Bulk Actions selected forgets tag= filter has-patch Quick/Bulk Edit 3.4.2 normal normal defect (bug) new 2012-10-20T22:54:28Z 2019-06-04T21:07:50Z "Using WordPress 3.4.2, go to Posts, and click on one of the tags on one of your posts. The URL now contains tag=<tag>, and the screen shows the first 20 posts with that tag. Now click the Apply button just next to the ""Bulk Actions"" drop-down at the top left. I expect this to reload the page but otherwise have no effect. Instead, it reloads the page without the tag=<tag> URL parameter, and shows the first 20 posts (irrespective of tag). This is surprising and confusing - it's easy to accidentally hit ""Apply"" without having chosen an action, but at first glance it looks like nothing has happened. The user can then go on to do a bulk action (e.g., add category) without realising the tag they previously had selected is now no longer selected. Note that filters (e.g., by category) that are set up using the Filter button *are* preserved when Bulk Actions / Apply is chosen - it's just tags that are lost." kw217 3 22239 wp_ob_end_flush_all() tries to destroy non-destroyable output buffers has-patch Bootstrap/Load trunk normal normal Future Release defect (bug) new 2012-10-21T03:20:47Z 2024-02-07T20:08:18Z "`wp_ob_end_flush_all()` currently tries to flush & destroy every PHP Output buffer that is enabled on the current installation. However, not every type of PHP Output buffer can be destroyed, which will cause a PHP Notice when attempts to do so are made. An example of this is PHP extensions such as New Relic, or PHP output buffers created with the `$erase` flag set to false in `ob_start()` An example is when New Relic is installed on a host, also [https://newrelic.com/docs/php/php-agent-faq#rum-obclean see New Relics FAQ entry] on the issue. {{{ ( ! ) Notice: ob_end_flush(): failed to send buffer of New Relic auto-RUM (1) in ../trunk/wp-includes/functions.php on line 2641 Call Stack # Time Memory Function Location 1 0.8510 4328360 shutdown_action_hook( ) ../load.php:0 2 0.8510 4328440 do_action( ) ../load.php:556 3 0.8510 4329856 call_user_func_array ( ) ../plugin.php:406 4 0.8510 4329888 wp_ob_end_flush_all( ) ../plugin.php:406 5 0.8511 4330064 ob_end_flush ( ) ../functions.php:2641 }}} Somewhat similar to #18239 I'm not sure of what the ideal solution for this would be for !WordPress, but wanted to record the issue being known." dd32 10 22249 Add ability to set or remove attributes on enqueued scripts and styles. has-patch Script Loader normal normal Future Release enhancement assigned 2012-10-21T23:29:13Z 2022-06-02T10:08:08Z "I think it should be easier to customize the loading of scripts and styles (easier to customize the markup generated by the script/style system). Proposed solutions: '''Solution 1:''' Allow `wp_enqueue_script`, `wp_enqueue_style`, `wp_register_script`, `wp_register_style` to accept an array of attributes as the `$src` parameter. For example: {{{ wp_enqueue_script( 'my-plugin', array( 'src' => 'http://example.com/js/app.js' 'defer' => '' 'data-my-plugin' => 'custom data attr value' ), array('jquery'), null, true ); }}} '''Solution 2:''' Add a filter before the markup is generated that allows devs to filter the attributes while they are in array format. For example: {{{ add_filter('script_loader_attrs', function ($attrs, $handle) { unset ( $attrs['type'] ); 'my-plugin' === $handle and $attrs['data-my-plugin'] = 'plugin data'; $attrs['src'] = remove_query_arg( $attrs['src'] ); return $attrs; }, 12, 2); }}} In class.wp-scripts.php it might look something like: {{{ $attrs = (array) apply_filters('script_loader_attrs', $attrs, $handle); }}} and/or: {{{ $attrs = (array) apply_filters(""{$handle}_script_loader_attrs"", $attrs ); }}} ---- I imagine that solution '''2''' would be easier to implement than '''1''', and '''2''' allows for themes/plugins to modify scripts/styles w/o re-registering resources. The key feature of both solutions is the ability to modify the attrs while in array format. There are other ways that one could achieve the same results, but the array is '''by far the cleanest'''. Dirty alternatives include: * Use `preg_replace()` on the markup after it is generated (see #22245) * Use output buffers and PHP's DOMElement interface * Filter away the ""print_scripts_array"" and regenerate the markupmanually.)" ryanve 55 22251 Helper function to simplify checking for constants dev-feedback Bootstrap/Load normal normal Future Release enhancement new 2012-10-22T00:32:27Z 2018-05-31T23:46:31Z "Love 'em or hate 'em, WordPress uses lots of constants. As a result, this pattern is all over core and plugins, and occasionally themes: `if ( defined( 'CONSTANT_NAME' ) && CONSTANT_NAME )` Right now on trunk, it's used 57 times (excluding 2 in Akismet). {{{ ~/code/wptrunk $ ack ""defined\( ?('|\"")([^'\""]+)\1 ?\) \&\& \2"" -h --ignore-dir=wp-content/plugins/ | wc -l 57 }}} How about a new function to make that verbose logic a little bit less repetitive. {{{ function wp_constant( $constant ) { return defined( $constant ) && constant( $constant ); } }}}" evansolomon 28 22261 Recent comments widget makes additional queries when pagination is enabled Comments normal normal defect (bug) new 2012-10-23T14:19:59Z 2019-06-04T19:23:35Z A continuation of #15400. nacin 1 22277 Admin (not just superadmin) should be able to add user without confirmation email in multisite morganestes dev-feedback Users 3.4.2 normal normal enhancement assigned 2012-10-25T18:04:19Z 2019-06-05T06:38:51Z I don't know why admins would be restricted from adding existing users without sending them a confirmation, but they are in multisite. You have to be a superadmin to get that option. I think that is lame, and would like to see admins have that admin option. Is there is a reason why it is that way (security etc)? Since neither @markjaquith nor I could remember a reason, making this ticket and hoping we fix it. jane 12 22279 WordPress Export/Import deletes carriage returns dev-feedback Export 3.4.2 normal normal defect (bug) new 2012-10-25T20:02:42Z 2019-06-04T19:44:09Z "WordPress export does not translate or escape bare CR characters in a CR/LF pair. They show up unfiltered in the WXR export file. I see this both in post_content and in strings that were serialized into a post_meta field. The CR characters are in the WXR file, unfiltered. Then, WordPress import loses these CR characters. They are simply erased. It may be because SimpleXMLParser can't or won't open the XML file in binary mode, so line ending translation can & does happen. That's just a theory, but if it's true then this behavior might *not* happen on all platforms or with all PHP versions. (I'm seeing this on OS X 10.6.8, PHP 5.4.4.) In the worse case -- mine -- the munged string is a small component of a complex datastructure that is serialized in a postmeta record. In this case, the entire meta_value field is deleted on import, because the data won't unserialize, because its length has changed. It seems to me that WP Export should escape any character that might be threatened in transit. I'm no XML lawyer, but some sources claim that unescaped CR characters are invalid XML. To reproduce: * store a carriage return in a post. * export it to a WXR file. * examine the WXR file for the raw carriage return (`^M`). * import that file. * search for the carriage return." mykle 4 22287 Plugin in another plugin folder causes Activate link to be wrong on Download dev-feedback Upgrade/Install 3.4 normal normal Awaiting Review defect (bug) new 2012-10-26T15:30:52Z 2020-09-17T21:35:15Z "I am not sure if shipping a plugin within another plugin is officially supported, but there is an inconsistency between the activate links in the Manage Plugins page, and the Activate Plugin on the Plugin Downloaded success page. This is because on the Manage Plugins page, the `get_plugins()` is going to scan the plugins dir and all dirs within it, however, on the Upgrade page, it calls `get_plugins()` specifying the plugin dir as the base (see https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/class-wp-upgrader.php#L579) That will cause the ""embedded"" plugin to be picked up, and if it's alphabetically above the main plugin file (presumably) see code comment "" //Assume the requested plugin is the first in the list""" joehoyle 19 22301 Performance problem with Recent Comments widget has-patch Comments 2.8 normal normal defect (bug) new 2012-10-29T06:07:14Z 2019-06-04T19:23:37Z "When a comment is posted (or the status of a comment changes), the `widget_recent_comments`cache item is invalidated, which the Recent Comments widget uses to populate the widget content. On the next widget display, it will call `get_comments()` to repopulate the cache. The problem occurs when you have a very large number of comments, the MySQL query will use the `(comment_approved, comment_date_gmt)` index, but if MySQL has to scan too many rows in an index, it'll switch to table scan instead. As the `comment_approved` column is mostly the same value, this will almost always happen. This is compounded by the query occurring on every page load until the cache is re-populated - if the query takes 60 seconds to run, there could potentially be hundreds of instances of the same query running. So, we need a solution that either hides or eliminates how slow this query can be, and only runs it (at most) once per new comment. After discussing this with @matt, we have a couple of ideas: 1. Move this query to a `wp_schedule_single_event()` call, which has the bonus of ensuring only one is scheduled at any given time. The downside is that it may cause the cache to be outdated on a low traffic site. 2. Keep a queue of recent comments in cache, and push a new one onto the queue when posted. This avoids the query entirely, but there would be a race condition if two comments were posted at nearly the same time - one of them could be left out of the queue entirely." pento 8 22310 wp_insert_user bit ilogical with rich_editing Users 4.9.5 normal normal Awaiting Review enhancement new 2012-10-30T09:08:56Z 2018-05-12T18:51:54Z "when you do wp_insert_user with rich_editing = TRUE it actually set rich_editing to ""1"" what is then interpreted as FALSE. I know (after searching why it does not work for me), that for actually setting true you need to set rich_editing to empty value, but anyway i think it is not optimal" thomask 2 22325 Abstract GPCS away from the superglobals dev-feedback Bootstrap/Load normal normal enhancement new 2012-10-30T21:15:41Z 2019-06-04T19:23:39Z "As discussed at #wpcs, it looks like we want to move away from directly using the GPCS superglobals. This gives us a way to handle slashing backwards compatibility moving forward. This is still a heap of versions away, but this is a way to keep any notes central." rmccue 39 22328 Pass reset password URI to retrieve_password_message filter Users 2.8 normal normal enhancement new 2012-10-30T23:34:17Z 2019-06-05T06:38:53Z "The arguments for the <code>retrieve_password_message</code> filter are the message itself and the reset key. However the URI requires the user login as well in order to be valid, thus we cannot regenerate the password reset link without it. Proposed solution - pass the reset URI instead of just the key." ejdanderson 4 22330 Optimize regexes to remove protocol from URL needs-unit-tests Formatting 3.4.2 normal normal enhancement new 2012-10-31T09:30:48Z 2019-06-04T19:44:10Z "Regexes used to chop off the protocol of a URL should be anchored to the start of the string. 1. The regex fails faster and thus avoid useless work. No need to look further down the URL for strings like `""http://""`. 2. The regex should not alter any URLs that might be contained in the query string." GeertDD 1 22355 Template stack - Beyond parent/child theme relationships has-patch Themes normal normal enhancement new 2012-11-03T21:45:25Z 2019-06-04T21:07:52Z "'''Problem''' Robust plugins (!BuddyPress, bbPress, et all) are unable to break out of the parent/child restrictions that !WordPress imposes on template output. For these plugins to include their own template parts, elaborate code must be written to hook into several different execution points, requiring an intimate knowledge of the inner workings of !WordPress's template loading system. ---- '''Solution''' Create a stack of template locations, and allow !WordPress to transverse this array following the same STYLESHEETPATH/TEMPLATEPATH order it always has, while also enabling additional paths to be added with a priority (similar to the filters API.) ---- '''Details''' The attached patch includes two new functions in wp-includes/template.php: * register_template_stack() * get_template_stack() Register template stack is a wrapper for the 'template_stack' filter. get_template_stack() is a variation of apply_filters() that returns the array of filtered template locations. A modification to wp-settings.php calls register_template_stack() two times, passing get_stylesheet_directory() and get_template_directory() as callbacks, to initialize the core parent/child relationship, ensuring complete backwards compatibility. ---- '''Result''' This allows for plugins to register additional paths in the template loader hierarchy, and enables plugins that may come with their own default template parts the option of registering a fallback template location. This works with both locate_template() and get_template_part(), and has the added benefit removing duplicate items inside of get_template_stack(), resulting in avoiding an additional file system check should the parent and child themes be the same." johnjamesjacoby 35 22367 "Usernames with ""@"" char are assumed email addresses, causing incorrect look-up in several places" johnjamesjacoby has-patch Users normal normal Awaiting Review defect (bug) reviewing 2012-11-06T00:45:19Z 2022-08-01T19:50:23Z "'''Problem''' Usernames containing the ""@"" character are mistakenly assumed to be email addresses when: * wp-login.php - Resetting passwords * /wp-admin/user-new.php - Adding an existing user to a site, in multisite * /wp-includes/user.php - Searching for a user ---- '''Duplicate''' * Create a user with the login ""@testing"" * Verify the account, etc... '''Bug in Search''' * Visit: wp-admin/network/users.php - attempt to search for: ""@testing"" * Result: no users found * What should happen: find the user '''Bug in Add New''' * Visit: wp-admin/wp-admin/user-new.php - attempt to add: ""@testing"" * Result: no users found * What should happen: add the user '''Bug in Reset Password''' * Visit: wp-login.php - attempt to reset password for: ""@testing"" * Result: retrieve_password() accidentally succeeds, because strpos() check returns 0, which is the correct position of the ""@"" character. If the username was ""testing@"" this test would fail ---- '''Solution''' The attached patch fixes these bugs by using is_email() instead of an strpos() for an @ character." johnjamesjacoby 25 22369 get_transient() do not call delete_transient() when deleting one close General 2.8 normal normal defect (bug) reopened 2012-11-06T01:27:01Z 2024-03-18T09:11:56Z "Hello i was wondering why get_transient() is not calling delete_transient when deleting a timeouted transient. Piece of code from get_transient() {{{ $transient_option = '_transient_' . $transient; $transient_timeout = '_transient_timeout_' . $transient; if ( get_option( $transient_timeout ) < time() ) { delete_option( $transient_option ); delete_option( $transient_timeout ); return false; } }}} but i need to trigger the ""deleted_transient"" hook. Can we do that: {{{ $transient_option = '_transient_' . $transient; $transient_timeout = '_transient_timeout_' . $transient; if ( get_option( $transient_timeout ) < time() ) { delete_transient( $transient_option ); return false; } }}} " juliobox 4 22377 Add filter to wp_update_plugins() rmccue has-patch Upgrade/Install 3.4 low minor enhancement assigned 2012-11-07T12:01:26Z 2019-06-05T06:45:03Z "'''Background''' Certain plugins (paid plugins, etc) may not wish to use WordPress' built-in upgrading functionality. As such, they may implement their own update checking code. WordPress' code runs every 12 hours via wp-cron, so hooking into the native system for checking would be the best way to avoid duplicating tonnes of code. '''Problem''' Currently, filtering this result is somewhat unintuitive. There are no filters in `wp_update_plugins()` to filter the result of the API call, so you have to fall back to `pre_set_site_transient_update_plugins`. WordPress, however, sets this transient twice, [https://core.trac.wordpress.org/browser/trunk/wp-includes/update.php?rev=21996#L193 once before updating] ""to prevent multiple blocking requests if request hangs"" and then once afterwards with the actual result. This is only a minor inconvenience, but it appears to be somewhat fragile. Ensuring that a plugin's custom code doesn't run on the first `set_transient()` requires setting a flag, and this is prone to breaking if `wp_update_plugins()` changes internally. '''Solution''' Introduce a new filter to change the API result before saving. This filter should only run once, with the actual result of the API call. Patch attached." rmccue 13 22402 Stripping non-alphanumeric multi-byte characters from slugs dev-feedback Formatting normal normal enhancement new 2012-11-10T05:07:10Z 2019-06-04T19:44:12Z "`sanitize_title_with_dashes()` strips non-alphanumeric characters from a title to create a slug. Unfortunately it only strips ASCII non-alphanumeric characters. Apart from a few exceptions, all multi-byte characters are preserved. This means all non-Western (and plenty of Western) non-alphanumeric characters end up in the slug as they're treated just like any other multi-byte character. As an example, here are some common non-alphanumeric Chinese characters which would ideally be stripped from slugs, but are not: * 。 (U+3002, Ideographic Full Stop, %E3%80%82) * , (U+FF0C, Fullwidth Comma, %EF%BC%8C) * ! (U+FF01, Fullwidth Exclamation Mark, %EF%BC%81) * : (U+FF1A, Fullwidth Colon, %EF%BC%9A) * 《 (U+300A, Left Double Angle Bracket, %E3%80%8A) * 》 (U+300B, Right Double Angle Bracket, %E3%80%8B) Obviously it would be impractical to make a list of ''all'' the non-ASCII characters we want to strip from slugs. The list would be gigantic. So the question is, would it be possible to use Unicode ranges to blacklist (or whitelist) whole ranges of characters to be stripped from (or preserved in) slugs? Is this practical or even desirable? Or would it make more sense to continue using a list of just the most common multi-byte characters to be stripped? The latter makes a whole lot more sense, but the former is a more complete solution. Thoughts?" johnbillion 1 22414 validate_current_theme() should validate cached theme roots Themes normal normal defect (bug) new 2012-11-11T21:57:54Z 2019-06-04T21:07:55Z See ticket:22252#comment:14. To handle edge cases like the same theme being in multiple roots, validate_current_theme() should validate the cached theme roots, and update or delete them as appropriate. nacin 1 22435 Export API dev-feedback Export normal normal Future Release enhancement new 2012-11-13T16:41:55Z 2017-12-13T21:26:06Z "From experience and from tickets (#19864, #19307, #17379) it's evident that we need to update the export API. High level goals: * To be usable from different parts of the code. From the web backend, from a CLI script, from an async job. * To allow more control of the output format – serve over HTTP, write a single XML file to disk, split it and write many smaller XML files, write a big zip with many XML files, etc. * To allow exporting the data without querying all the posts at once, so that we can fit the exports to memory. * Keep {{{export_wp()}}} for backwards compatibility without the need to keep all (even any) of its code. Here's my idea for the part of the API 99% of the developers touching export would use and be happy: {{{ #!php <?php // WP_WXR_Export is an aimmutable representing all the data needed for the export and allows us to have it in multiple formats $export = new WP_WXR_Export( array( 'start_date' => '2011-10-10', 'post_type' => 'event', … ) ); backup( $export->get_xml() ); // string $export->export_to_xml_file( 'mom.xml' ); send_to_mom_to_import( 'mom.xml'); $export->serve_xml(); // with all the headers and stuff $export->export_to_xml_files( '/files/exports-for-my-awesome-website/', 'export-%02d.wxr.xml', 5 * MB_IN_BYTES ); }}} Before I dive into implementation details (in the comments, not to pollute the ticket), I'd like to hear what use cases for extending this code you have in mind and where should we draw the line. Adding more output writers? Adding custom export data? Adding formats different from WXR? " nbachiyski 48 22511 Taxonomy manage screen checks for manage_terms and edit_terms, instead of just manage_terms. Taxonomy 3.0 normal normal defect (bug) new 2012-11-19T23:13:56Z 2019-06-04T21:07:57Z "I'm trying to set up permissions so the Contributor role can add terms but not edit or delete terms. I setup my taxonomy so it looks like this: {{{ register_taxonomy( 'custom_taxonomy', array( 'post' ), array( ... 'capabilities' => array ( 'manage_terms' => 'edit_posts', 'edit_terms' => 'manage_options', 'delete_terms' => 'manage_options', 'assign_terms' => 'edit_posts' ) ) ); }}} However, when logged in as a contributor I get the error ""You are not allowed to edit this item."" In edit-tags.php there are two checks for caps, one is for manage_terms and one is for edit_terms. I don't believe the second one should be there, because looking at the other code it should be like this: * User with manage_terms can access the main taxonomy page * They can also add terms * There are checks in WP_Terms_List_Table to restrict showing the Edit/Quick Edit/Delete links for users without those capabilities (edit_terms/delete_terms). * There is even plenty of other checks on edit_terms in edit-tags.php to include/change the content shown to the user.. if the entire page is restricted for users without edit_terms, why are any of those necessary? Even if I'm wrong on the fact that roles with edit_terms can't add new terms (it's not completely clear anywhere, it seems like manage_terms should be enough), I still think that this page should be viewable at the very least considering the other code in that page and the list table. Recommended solution: move the edit_terms check back into case 'edit' (line 121 of edit-tags.php in trunk, currently) as it was before [15491]. This was introduced in: [15441] and [15491]. Related: #14343." andrewryno 7 22530 garbage query strings on URLs are not sanitized or removed reporter-feedback General 3.4.2 normal normal defect (bug) reopened 2012-11-21T15:52:50Z 2019-06-04T19:44:14Z "Here is an interesting problem I ran into, a bug / feature that appears to be used by malicious people to cause Google to see your site as full of duplicate content. If you visit a wordpress site, and add a garbage query string to the end of the URL, that garbage gets carried forward. Example: yourblog.here/page/2?ssdlfkjsdlkfjsdfs When you scroll down, the ""previous"" and ""next"" links will automatically carry that query string forward. Normally, this would not be a big issue. However, some people appear intent on specifically creating these sorts of links to wordpress sites, and Googlebot is finding those links on remote sites. Those links are followed, and then the ""previous - next"" situation perpetuates the problem through every page on the site. If you have 1000 posts, at 10 per page, Google just indexed 100 duplicate content pages. So the bug is the following: Passed query strings need to be sanitized, and junk removed - there is no reason to pass it on. In the case of a junk passed string, there should be an http 301 or 302 reply and the user / bot redirected to the proper page without the query string. Further, query strings should not be perpetuated forward through the ""previous - next"" links on the pages unless they are relevant to that page change. As an example, a valid search string might be worth moving forward with. Other passed items may not be worth carrying forward. Potentially, any unsanitized input accepted in a query is a vector for other attacks. Having that query carry forward is a real issue. As an example, full select * from queries are not accepted and not dealt with, and perpetuated forward. No, they are not currently actually causing anything to happen, but a failure to sanitize these inputs suggests a vector for a future attack, such as an input overflow or similar." rawalex 9 22558 Attachment term counts feels/are inaccurate dev-feedback Media normal normal Awaiting Review defect (bug) new 2012-11-23T16:21:26Z 2021-03-03T17:04:28Z "For posts: * Assign a term to a post, save as draft. Term count returns 0. * Publish the post. Term count returns 1. * Change post status back to draft. Term count returns 0. For attachments: * Upload an image, assign a term. Term count returns 0. * Create a new post and insert the image in a published post. Term count returns 0. * Create a new post, use the insert media modal and upload an image. Then go the the media edit screen and assign a term to the image. Term count returns 1. * Change the post status back to draft. Term count returns 1. * Upload an image, assign a term, attach the attachment to a published post. Term count returns 0. The default term update callback is `_update_post_term_count`. The function includes a special case for attachments, that's the reason why we have the 1 in step 3. IMO the term count for attachments shouldn't rely on the parent post status. We should just force `_update_generic_term_count`. Also noted here: comment:ticket:21391:41" ocean90 10 22579 Confusion of WP admin Discussion settings Comments normal normal Future Release enhancement new 2012-11-24T20:46:05Z 2019-11-05T13:26:24Z "On the ""Settings>Discussion"" page: 1) ""'''Default article settings'''"" should be replaced by ""'''Default comment settings'''"" (because these important settings do not only apply to posts (''articles'')), but also to pages! 2) ""'''Allow people to post comments on new articles'''"" should be replaced by: --> ""'''Allow people to post comments'''"" (best option in my opinion) or --> ""Allow people to post comments on new pages and posts"" Sorry if this is not the right place to make such suggestions." Lorangeo 15 22589 Network Admin + Ajax requests jeremyfelt has-patch Networks and Sites normal normal enhancement reviewing 2012-11-26T09:12:18Z 2019-06-04T20:04:01Z "Currently there is no Network admin based ajax handler, forcing plugins which exist solely within the Network Admin to either use `wp-admin/admin-ajax.php` or using the `load-{$page_hook}` hook to perform any actions. This is primarily a problem when the plugin only includes code on a conditional such as `is_network_admin()`, which would be false for a `/wp-admin/admin-ajax.php` request, as a result, only the `load-{$page_hook}` option above is viable for those.[[BR]] As a work around, plugins can include code on `is_network_admin() || DOING_AJAX` to allow the usage of admin-ajax.php. Of course, the User Admin also suffers the same issue. I didn't see any previous tickets, and kind of want to say the existing 'workaround' is appropriate, but recording it here so we can at least close it as wontfix if appropriate." dd32 13 22601 Make post content autosave work more generically Autosave normal normal enhancement new 2012-11-27T04:00:31Z 2019-06-04T19:23:41Z "The JS for autosave/AYS looks for the contents of `#post #content`. While we should fix the other JS issue related to targeting `#content` in #22600, it seems that autosave/AYS should be looking for the textarea (or whatever type of input) with the name of content instead, since having that data in the form will save to the post content. That way, if somebody does choose to use a different ID but the right input name, the autosave benefits will kick in. Discovered while working on #22491." helen 2 22623 Some string tweaks - duplicity, context, mistake has-patch Administration 3.0 normal normal defect (bug) new 2012-11-28T20:56:41Z 2021-11-15T20:57:01Z "1) String ""Path"" has a little different meaning for TinyMCE (HTML position) and Multisite list sites column (subdirectory address). Can we have a context? 2) When you click ""Deactivate"" action link bellow any site (in Multisite admin), site is marked as ""Deleted"" instead of ""Deactivated""? You can ""Activate"" deleted site? Strange... 3) We have strings ""No results found."" (twice) and ""No matches found."" One string would be better instead of three similar strings? 4) String ""Show header text with your image."" is not accurate. You can show header text without header image." pavelevap 27 22660 "Admin bar in multisite: mobile tap on ""My Sites"" dropdown in back-end doesn't work" Toolbar 3.4.2 normal normal Future Release defect (bug) new 2012-11-30T20:40:17Z 2021-06-14T20:50:25Z "Quick steps here to reproduce an issue where the ""My Sites"" dropdown (multisite networks) will drop down and show the ""Network Admin"" link and the list of your sites. But, clicking on a site (to expand and see ""Dashboard"", ""New Post"", etc.) does not happen. Tapping the blog name just closes the dropdown. I'm not sure what's different but I can consistently reproduce this when in the admin back-end (but works OK on front-end admin bar when viewing a site): From /wp-admin/ on a mobile device (tested on iOS 6, iPhone 5, iPad) with a multisite network: 1. Tap ""My Sites"" in admin bar 2. See ""Network Admin"" and list of sites below 3. Tap one one of the site names Expected: Site name expands to show ""Dashboard"", ""New Post"", etc. (same behavior as front-end when viewing site). Screenshot: http://d.pr/i/reOi Actual: Tapping site name simply closes the ""My Sites"" dropdown, does not browse anywhere nor expand menu" devinreams 11 22772 Introduce HOMEPATH Filesystem API 3.5 normal normal enhancement new 2012-12-06T03:05:42Z 2019-06-04T19:44:19Z "I was poking around with get_home_path() and wondering if there's any reason to not set a constant HOMEPATH (like ABSPATH) in the root index.php I'd seem to be more reliable then get_home_path() and that function could simply return the new constant. get_home_path has it's origins 8 years ago when the code was very different: [1567]" WraithKenny 5 22798 "Invalid URLs not giving 404 with ""Default"" permalink settings" dev-feedback Rewrite Rules 3.4 normal normal enhancement new 2012-12-06T23:39:35Z 2019-06-04T21:08:11Z "'''Steps to reproduce:''' - Set up Wordpress with the default .htaccess - Select the ""Default"" option under Permalink Settings - Enter an invalid URL eg 'http://blogroot.com/garlbeflax.abc' '''Expected Behaviour:''' - 404 page is displayed '''Observed Behaviour:''' - No 404 page is ever shown, no matter what the request string is - Instead, Wordpress behaves as if no path was requested, eg displaying the homepage/posts lists. - If requested url has any of the standard params in it, those params ARE executed, eg http://blogroot.com/foo?paged=2 would properly show the 2nd page of the posts. '''Suspected cause:''' In line 620 of wp-includes/class-wp.php (in WP->parse_request), there is a conditional which means the only time the request can be marked as a 404 error is if the array of rewrite rules is NOT empty: {{{ $rewrite = $wp_rewrite->wp_rewrite_rules(); if ( ! empty($rewrite) ) { ... }}} If the ""Default"" permalink is selected, and no other rewrite rules are set up elsewhere (for reasons I didn't investigate, adding a add_rewrite_rule to the theme didn't affect anything), then the $rewrite array IS empty and the request can not be checked to see if it's a 404. Therefore, execution of the request continues as if no path info were submitted. This prevents the showing of the theme's 404 page, and can get a website flagged as spam/exploitative in Google's index. '''Workaround:''' Define a permalink redirect (eg pick one of the options other than Default). Server info: {{{ Apache/2.2.16 (Debian) (w/ mod_rewrite) PHP Version 5.3.3-7+squeeze3 (mod_php5) }}} .htaccess contents: {{{ <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> }}}" vanchuck 7 22810 Support for theme changelogs Themes normal normal Future Release enhancement new 2012-12-07T14:39:22Z 2022-02-24T03:43:23Z "Plugins' changelogs are shown in the WordPress plugin repository in tabs, eg. http://wordpress.org/extend/plugins/events-manager/changelog/. Plugins' changelogs are also linked to when viewing available updates in WP-admin, so the siteadmins can know if the update could mess with their customizations. Theme changelogs are not visible in either place. They should be supported in both places. Also http://codex.wordpress.org/Theme_Review should be updated to reflect that the theme changelogs are much recommended if not mandatory to use and to specify the exact format for them. Currently it uses language that is not clear for those who don't speak English as their first language: ""In lieu of..."" and then ""...Themes are recommended to include a changelog"", which doesn't let the theme author know what format should the changelog be in. At the moment I've seen changelogs for themes in different formats, but none of them is supported. Summary of the issues: 1. Add support for theme changelogs on https://wordpress.org/extend/themes/ theme pages in tabs. 2. Add support for theme changelogs in wp-admin theme list views. 3. Clarify Theme Review codex page on the supported format(s) and use more simple English than ""in lieu of""." Daedalon 28 22812 Tweak the media modal styles for longer strings in ru_RU close I18N 3.5 normal normal Awaiting Review defect (bug) new 2012-12-07T15:38:16Z 2020-09-14T20:05:31Z "1. In Attachment Display Settings, the Alignment dropdown is a bit off. 2. In Gallery settings, the Random checkbox is misaligned. See the screenshots." SergeyBiryukov 2 22837 "WP Needs to Set ""Sender"" and ""Reply-To"" or DKIM/DMARC will not work using wp-mail (via PHPMailer)" close Mail 3.4.2 high major Awaiting Review defect (bug) new 2012-12-09T17:23:48Z 2023-11-28T19:33:30Z "I notice that for DKIM to function (while using DMARC) correctly for outgoing mail the PHPMailer object needs to make sure the Sender and Reply-To fields match the ""From"" field otherwise the ""Return-Path"" header uses the server it is sending from causing a mismatch. When this happens DKIM fails authentication on the receiver side because it is not added to outgoing mail. I tried adding the reply-to and sender header manually to wp_mail() but it did not work. One had to do the following: Right now i have to manually modify the /wp-includes/pluggable.php file in the wp_mail() function to include: {{{ if (strlen($phpmailer->Sender)==0) { $phpmailer->Sender = $phpmailer->From; $phpmailer->AddReplyTo($phpmailer->From); } }}} This resolves the problem and DKIM works again. " kellogg9 12 22845 On 32-bit systems, with post IDs higher than PHP_INT_MAX (2147483647) wordpress does not run fine Posts, Post Types 3.4.2 normal normal enhancement assigned 2012-12-10T09:13:01Z 2019-06-04T20:43:30Z "Logging all the MySQL queries I discovered that the queries that should pick my posts were all doing something like this: SELECT post_id, meta_key, meta_value FROM wp_postmeta WHERE post_id IN (2147483647,2147483647,2147483647,2147483647,2147483647,2147483647,2147483647,2147483647,2147483647,2147483647) This 2147483647 number clearly has something in it: it's the PHP_INT_MAX value on 32-bit operating systems, while on 64-bit machines it's 9223372036854775807 http://php.net/manual/en/language.types.integer.php So, the problem is divided in 2 parts: I run on a 32 bit system, and I have my IDs a bit too high. I know that 2147483647 is a bit high for a post ID, but I discovered this the hard way. Now, I would have preferred an error message in the administrator interface. Do you think it's a good idea?" copesc 3 22869 Large Image Uploads Don't Error Well Media 3.4 normal normal defect (bug) assigned 2012-12-12T05:10:10Z 2019-06-04T20:04:18Z "Related to #22849 but not restricted to the new uploader. Happens on 3.4 and 3.5 in different ways. To Reproduce: Upload https://objects.dreamhost.com/ipstenu-images/sunset_2_22_11_by_kenshinkyo-d3a6slk.jpeg to your WP install in the media-new.php page Note: Image is 12600x9450 and 4.9MB Expected Outcomes: * Shared hosted without a lot of memory: Failure, not enough memory, no image uploaded. * VPS/Dedicated with tons of memory: Success Actual outcomes: * VPS as expected. * Shared not so much. You get the errors as expected however the failure is not correct. The image actually does upload, contrary to the errors, however no thumbnails are made, which then causes a memory problem as the full size image shows when you go to any media library view (in lieu of actual thumbnails). This crashed Chrome (as @markjaquith saw when we were testing Monday night) until I deleted the large images. The actual issue is on thumbnail creation, so the best 'fix' I can think of is if on failed thumbnail gen, it nukes the master image, but I don't know if that would make sense since some of the thumbnail gen might be on extra image sizes set by themes/plugins. Then again, do you want those if all fail? " Ipstenu 6 22879 Canonical Link Missing on Front Page Canonical 3.4.2 normal normal defect (bug) new 2012-12-12T11:03:05Z 2019-06-04T19:23:43Z "Canonical links are provided for posts, so if someone links to /2012/12/my-post/?whatever then Google will know it is a duplicate of /2012/12/my-post/ But if someone links to /?whatever there is no canonical address." miqrogroove 6 22880 Customize Themes without activation Customize normal normal Future Release enhancement new 2012-12-12T11:34:51Z 2021-05-22T18:12:20Z "Add a posibility to customize deactivated themes with the Theme-Customizer without activating them by default. Useful for Blogs running multiple Themes between which the frontend user can switch." kkkrys 13 22889 Reconsider no-JS ?replytocom= links SergeyBiryukov* dev-feedback Comments normal normal Future Release enhancement accepted 2012-12-12T15:13:20Z 2023-03-03T07:03:13Z "We have a no-JS fallback for comment replies. Normally JS moves the comment form around. For people with JavaScript disabled, they follow the `?replytocom={123}` link. This results in a lot of extra crawling by search engines (potentially an additional crawl per reply-able comment!) in exchange for enabling an awkwardly executed, likely underused, and non-essential feature for non-JS users. I'd like to consider making comment reply JS-only." markjaquith 30 22894 Need WordPress Media Uploader Stop or Cancel Button in WP Version 3.5 Media 3.5 normal normal enhancement reopened 2012-12-12T17:34:01Z 2023-10-18T16:05:38Z "Today I was testing the new media uploader of WP 3.5 from post editor by clicking 'Add Media'. I clicked 'upload files' and I choose a big file from my computer by a mistake. But I did not want to upload that file. Then I wanted to cancel the uploading, but there is no stop or cancel button . Then I close the popup window and open again by clicking 'Add Media' button. I see the previous file is being uploaded yet. I choose another small file and both files upload are running. [[Image(http://onetarek.com/wp-content/uploads/2012/12/stop-media-uploader.jpg)]]" onetarek 9 22895 user_can_admin_menu() is Type-Insensitive for Users who Can't Create Pages johnbillion* dev-feedback Role/Capability 3.5 normal normal Future Release defect (bug) accepted 2012-12-12T18:32:53Z 2023-02-19T01:20:07Z "Utilization of the new separation edit_posts /create_posts capability separation reveals a flaw in admin menu privilege checking. The issue occurs when: 1. For any post type other the ""post"", the user has $type->cap->edit_posts but not $type->cap->create_posts 2. User also does not have a manage_terms capability for any associated taxonomies In that situation, access to ""edit.php?post_type=whatever"" fails unless the user has the ""edit_posts"" cap for the ""post"" type. This occurs because: 1. '''wp-admin/includes/menu.php''' removes solitary submenus that have the same destination as the parent 2. '''get_admin_page_parent()''' returns nullstring if there is no $submenu item 3. '''user_can_access_admin_page()''' performs a type-sensitive capability check only if get_admin_page_parent() returns an existing $submenu key. For now, my plugin workaround is to hook into 'admin_menu' and add a dummy submenu with nullstring caption. " kevinB 37 22921 Allow get_users() to return array of values via 'fields' parameter dev-feedback Users 3.5 normal normal enhancement new 2012-12-13T17:39:24Z 2021-04-14T13:24:16Z "Currently, the `'fields'` parameter in the arguments array for `get_users()` only accepts either an array of user data fields, or the string `'all'`. Both of these options cause `get_users()` to return an array of object comprised of the specified user data. Passing any other string value to `'fields'` causes `get_users()` to return an array of user IDs. Per the Codex: > Array of objects, '''except when fields specifies a single field to be returned, then an array of values is returned'''. If fields is set to all_with_meta, it will return an array of WP_User objects. This statement appears to be untrue, but would be incredibly useful if it were true. Patch adds this functionality to `get_users()`. Potentially related: #18581" chipbennett 16 22937 Bulk Actions > Edit could allow batch-assignment of taxonomies to Media following the WP 3.5 media changes Media normal normal feature request new 2012-12-14T13:59:37Z 2023-10-18T15:53:15Z "[First and foremost the media improvements in WP 3.5 are wonderful, thanks to all involved.] Now that you can assign taxonomies to media easily, it would be extremely useful if you could also use Bulk Actions > Edit (as you can with posts / pages / custom post) to assign them to multiple images more quickly. Real world case: we added a taxonomy to media yesterday for a client, so they could categorise their ~500 images into sitewide categories, and they immediately replied to ask if there was a way of doing it in batches..." yeswework 2 22938 Presentation of hierarchical taxonomy in Media modal should be checkboxes rather than comma-separated tag list wonderboymusic Media 3.5 normal normal Future Release enhancement assigned 2012-12-14T14:10:16Z 2018-09-24T08:07:27Z Since 3.5, using register_taxonomy_for_object_type on attachments, if the taxonomy used is hierarchical, whereas in the edit attachment UI you see the normal list of checkboxes, in the corresponding modal it is presented as a comma-separated list of slugs, as if it were a non-hierarchical taxonomy (tags rather than categories). I'm sure this is not a bug / mistake / oversight, but at best it's a little unintuitive (you need to have memorised the category slugs to add new ones) and worst a bit dangerous (risk of adding unwanted categories), and it would be great if in future it was presented here too as a list of checkboxes. yeswework 24 22940 Adding term checklist to Media modal has undesired results Media 3.5 normal normal defect (bug) new 2012-12-14T14:59:27Z 2019-06-04T20:04:30Z If you use '''attachment_fields_to_edit''' to add a term checklist to the media modal, there is no way to know when a term is unchecked. I propose that when a checkbox is clicked in the compat section, all the checked boxes of the same name are passed in the POST request. jfarthing84 2 22942 Remove Post by Email chriscct7 has-patch Mail 3.5 normal normal Future Release enhancement assigned 2012-12-14T16:48:46Z 2020-10-15T19:03:15Z "We said last year that we'd remove the post by email functionality from core as it was better suited for plugins. The Jetpack plugin has already added this functionality and, honestly, includes better functionality than the core version. We should move forward with our plans to remove this feature. I recommend ''deprecating'' it similar to the way the link manager was removed in 3.5. Essentially: * New WordPress installations will never see the core feature * Existing installations that aren't using it won't see it any more * Existing installations that ''are'' using it will see a notice explaining they should switch to a plugin instead as the feature will be completely removed in the future Basically, I want the option to go away, but I don't want anyone to start a riot if we remove a tool they're actively using." ericmann 29 22957 get_boundary_post Only works from a single page has-patch Posts, Post Types 2.8 normal normal defect (bug) new 2012-12-16T00:36:35Z 2019-06-04T20:43:33Z "I was trying to use `get_boundary_post` in my theme to display a link to the first and last posts, but it does not work from the homepage. Unless called from a single post, `get_boundary_post` will return NULL. I can't see any reason for this behavior, or any good way around it." pathawks 2 22966 Show admin-cropped thumbnails instead of WordPress-cropped thumbnails Media normal normal Awaiting Review enhancement new 2012-12-16T22:22:59Z 2023-08-29T15:35:39Z "Used to be able to see which images have been cropped (and which ones haven't) in image search results. Now have to click 'edit image' and check the image individually. It's valuable for the publisher to see what his/her readers will see on the front end of the site when the 'thumbnail' function is called (either publisher's hard-cropped image or full un-cropped image). Useful especially for publishers that are pulling images from a time before 'thumbnails' existed in WP. Main reason this is an issue is that when an un-cropped thumbnail is selected as the featured image, it will be stretched/distorted to dimensions of thumbnail settings in function.php." beerpulse 11 22976 Remove reference to category to tag converter from the tools page Import normal normal enhancement new 2012-12-17T16:02:00Z 2019-06-04T20:04:32Z It has been such a long time since version 2.3, does anybody really need a reminder for the existence of this tool on that relatively high profile page? mark-k 5 23008 Add a Hook To Hide Inactive Widgets dev-feedback Widgets 3.5 normal normal enhancement new 2012-12-19T19:59:12Z 2019-06-05T06:38:58Z "Hello, This is my first feature request so hopefully I'm going through the process correctly. Onto the request... Adding a hook to remove or hide the Inactive Widgets sidebar on the WordPress Admin Widgets page would be very useful for developers who don't use the area and want to be able to hide it for better UX. If this is approved I would love to submit a patch. :)" BFTrick 2 23020 wp.getPageList should act like wp.getPages dev-feedback XML-RPC 2.2 normal normal defect (bug) new 2012-12-20T13:47:13Z 2019-06-05T06:39:01Z "I know that wp.getPageList is obsolete, but I think it should act like wp.getPages At the moment wp.getPageList returns even the trashed pages and doesn't return the status of the page. The weird behavior i've seen with wp.getPageList on a third-party client is shown below: - Refresh the pages list. - The Page 'A' is in the list. - Select the page 'A' and delete it. - Refresh the pages list and the page is still there. Doh!" daniloercoli 1 23023 Touch UI Menu Code doesn't address flyout menus two-levels deep. Menus 3.5 normal normal defect (bug) new 2012-12-20T15:21:17Z 2019-06-04T20:04:37Z "The code we did in #20614 only addressed the single dropdowns you normally see in a single site install. A multisite install will have flyouts coming out of the dropdowns that we need to account for as well. Related: http://wordpress.org/support/topic/wp-admin-bar-doesnt-play-well-with-touch-device-in-wp-35" georgestephanis 3 23040 Deprecate magic methods __isset() & __get() method of WP_Theme object has-patch Themes 3.4 normal normal Future Release enhancement assigned 2012-12-21T20:11:54Z 2021-08-11T15:44:26Z "Currently, a user can do the following: {{{ $theme = wp_get_theme(); $version = $theme->Version; $name = $theme->Name; $author = $theme->Author; $version = $theme->Version; }}} So, when I tried to get the other data in the same method, I was getting nothing. However, to get the other data, one must do this: {{{ $theme->{'Author URI'}; // per Codex; $theme->get( 'AuthorURI' ); // $theme->AuthorURI doesn't work $theme->get( 'ThemeURI' ); // $theme->ThemeURI & $theme->{'Theme URI'}; doesn't work $theme->get( 'TextDomain' ); // $theme->TextDomain & $theme->{'Text Domain'}; doesn't work }}} get() is a great method to get the other data; however, shouldn't we make this consistent for developers?" wpsmith 3 23044 adjacent_image_link() needs optimization needs-unit-tests Query 3.5 normal normal enhancement new 2012-12-22T05:04:20Z 2019-06-04T20:43:34Z "`adjacent_image_link()` is really slow and stupid. It queries for '''all''' of the images attached to that post. And then it picks the previous or next one in PHP. And there's no caching, so you'll typically get this happening '''three times''' on an attachment page, (image [linked to next], prev link, next link). We should actually just make the query grab the ONE image we want." markjaquith 12 23049 Template hierarchy for 404 johnbillion* dev-feedback Themes normal normal Future Release enhancement accepted 2012-12-22T17:19:05Z 2017-09-27T16:09:23Z "load 404-{post-type}.php when url structure matches post permalink structure but there is no post at that address. load 404-{taxonomy}.php when url structure matches taxonomy permalink structure but doesn't match any specific taxonomy tag URL. And so on.... The idea is to have different 404 pages based on the context to which the URL refers. For example if a site has a blog and a shop it might be better to show a blog specific 404 page when the URL might be interpreted as a post and a shop specific 404 page when the URL might be interpreted as a product." mark-k 10 23050 make_clickable incorrectly formats anchors with URL's and spaces in them in comments Formatting 3.4.2 normal normal defect (bug) new 2012-12-23T00:32:30Z 2019-06-04T19:44:24Z "When posting a comment, if an anchor tag contains both a URL and some words, make_clickable formats the output incorrectly. To duplicate, post the following content in a comment: {{{ Hey! <a href=""http://wordpress.org"">http://wordpress.org is awesome</a> in case you didn't know! }}} When viewing the comment, you'll get: {{{ Hey! <a href=""#"" rel=""nofollow""></a> <a href=""http://wordpress.org"" rel=""nofollow"">http://wordpress.org</a> is awesome in case you didn't know. }}}" johnjamesjacoby 9 23060 Throw 404 if URL Rewriting is Used With Default Permalinks dev-feedback Permalinks 3.5 normal normal Awaiting Review enhancement reopened 2012-12-26T20:54:55Z 2019-04-19T15:21:06Z "Suddenly I discovered that my blog is not returning error 404 page. My blog permalink is set as default style http://test.onetarek.com/?p=123 Now I am trying to create 404 error by using this url http://test.onetarek.com/adsfjkasjdd , it showing home page. Then I tested http://test.onetarek.com/?p=123654 now it shows 404 page. Then I tried to load a not existing image http://test.onetarek.com/wp-content/themes/twentyeleven/images/headers/not-image.jpg it shows my home page instead of 404 page. I changed my permalink settings to ""Day and name"" then it show 404 page. I tested this problem in my another blog, this blog is return 404 page but that is not generated by wordpress. Wordpress 404 theme page is not being loaded. A blank page is being loaded with a message by Apache Server ""Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request...."" So what is the problem with permalink settings and 404 page." onetarek 4 23074 Changing post's URL and then setting it back causes redirect loop (wp_old_slug_redirect) has-patch Canonical 3.5 normal major Future Release defect (bug) reopened 2012-12-29T00:44:50Z 2024-02-17T14:30:35Z This morning, I changed the URL of one of my posts, but then changed my mind and set it back. When you change the URL of your post, WP automatically creates a redirect from the old page to the new page, which is good, but in this case it led to an unintended consequence: after I changed the link from A to B and then back to A, it set up a redirect from A to B and a redirect from B to A, causing anyone trying to access A or B to end up in a redirect loop between the two (or possibly it created a redirect loop from A to A; I'm not sure). It should check for such loops when you update the URL to avoid this problem. vbuterin 16 23088 Multisite, Subdomains and www has-patch Bootstrap/Load 3.0 normal normal defect (bug) new 2012-12-30T20:05:33Z 2019-06-04T19:23:47Z "I installed a WordPress Multisite network (in subdomain mode) on Zend's PHPCloud.com. Zend does not provide an IP address, recommending a CNAME instead. CNAME records are not allowed on the root of a domain, so they recommend using the www subdomain, with a redirect from the root domain to www. This site can NEVER be accessed on the naked domain; it will always be accessed via the www subdomain. So, I setup wildcard DNS for *.mydomain.com, then created a network on www.mydomain.com. Then, I went to a non-existant subdomain on my network, nonexistant.mydomain.com, and WordPress redirected to www.mydomain.com/wp-signup.php?new=nonexistantwwwmydomaincom. The correct behavior is to redirect to www.mydomain.com/wp-signup.php?new=nonexistant The fix for this is in wp-includes/ms-settings.php, replace line 89 with: {{{ $site_domain = preg_replace( '|^www\.|', '', $current_site->domain ); $destination = 'http://' . $current_site->domain . $current_site->path . 'wp-signup.php?new=' . str_replace( '.' . $site_domain, '', $domain ); }}} Also, on the registration page at the bottom it says: ""The site you were looking for, http://nonexistant.www.mydomain.com/ does not exist, but you can create it now!"" The fix is in ms-blogs.php, line 53: {{{ $url = preg_replace( '|^([^\.]+://)(?:www\.)?|', '$1' . $blogname . '.', $url ); }}}" jkhoffman 2 23117 permalink failed on IIS7 and Reserved Proxy for wordpress 3.5 Permalinks 3.5 normal normal defect (bug) new 2013-01-04T06:30:33Z 2019-06-04T20:43:38Z "it seems to work fine on local but get into a canonical redirect loop when we deploy to production after we upgrade to wordpress 3.5. We did a little debug and found the issue with permalink in file .\wp-includes\canonical.php at line 42 with new coded ""&& !iis7_supports_permalinks()"" added in 3.5. the issue is iis7 does support permalink and so it go into create and redirect to pretty link which use the website URL in wp-admin settings which is the site URL. when it hits the site URL, our reserved proxy write back to the wordpress site on diff server with port and canonical.php think that's incorrect, so it redirect back to the website URL and the loop go on and on. we found a temp workaround but not desirable, add this ""remove_filter('template_redirect', 'redirect_canonical');"" in the function.php file in the theme folder you are using. or add a wordpress plugin or simply remove the additional codes in canonical.php file that was added in 3.5. but may cause issue in future upgrade." romeoqngo 1 23127 Media Upload hangs on Crunching on too big image sizes. Media 2.7 normal normal Future Release defect (bug) new 2013-01-05T22:56:14Z 2023-12-26T12:46:32Z "If the uploaded file is too big for the Max Memory Limit Setting, then the upload is executed, but the image isn't resized to the set image sizes and the frontend gets stuck on ""Crunching"". I tracked the error down into the core and found out, that the main problem is in the GD library class ( wp-includes/class-wp-image-editor-gd.php ) in the load() function. Everything works fine before line 91: {{{ $this->image = @imagecreatefromstring( file_get_contents( $this->file ) ); }}} So imagecreatefromstring fails because of a lack of memory. But as a chain reaction everything else fails afterwards. The library is not loaded and sent back, and so on. As a result no id is sent back to the frontend and the Loader hangs. Maybe there should be any error catching and sending back before this GD function, that the frontend receives any error messages and that the upload is deleted in case of error. Just my thoughts: As this error is a Fatal one, you can`t use any Exception stuff, cause there will not be any memory left to execute it. Maybe some checking if the id is present before sending the image back to crunching?" clubdesign 24 23148 Add hook in wp_ajax_save_attachment for additional attachment fields audrasjb needs-docs Media 3.5 normal normal Future Release enhancement reopened 2013-01-08T19:25:07Z 2023-06-21T15:15:05Z "As of now, `wp_ajax_save_attachment` only looks for the attachment title, caption, description and alt text fields. Without a hook, there is no way to extend the new media system properly and take advantage of the save functionality. There should be a hook provided at the end of this function (before the JSON response is sent back) that allows devs to update any additional attachment fields that have been rendered by extending the `media.view.Attachment.Details` subview." griffinjt 52 23165 Admin validation errors on form nonce element IDs (_wpnonce) has-patch Security normal normal Awaiting Review enhancement new 2013-01-10T02:25:17Z 2021-02-08T23:28:07Z "The `wp_nonce_field()` method has a design flaw in that the `name` parameter is optional, but its default value (""_wpnonce"") is used for the field element `id`. This wouldn't be bad if only one form is used on each page, but that is rarely the case in the admin panel. Currently, this only results in harmless HTML validation errors in admin, and in very rare situations (depending on plugins installed), can result in javascript scope-related issues breaking forms. This is an issue that keeps being reported and fixed several times (see #5962, #6564, r14737 from #13383, and the latest [http://core.trac.wordpress.org/ticket/22712#comment:11 #22712]) by simply specifying the name in all locations that don't at the time in core. There's at least three different approaches that I can see where we could prevent this from popping back up in the future and encourage better coding habits. == A: Require the Name Parameter == The most obvious approach is to simply adds a `_doing_it_wrong()` call (though it could just be `_deprecated_argument()` instead) for any calls to `wp_nonce_field()` that don't specify the `name` parameter, forcing everyone to give nonce fields unique IDs (and names). A side-effect of this change is that it will also warn developers they are doing it wrong if they use `wp_nonce_field()` without the (also currently optional) `action` parameter, which is actually a good thing since the docs already warn that this is a security hole. There are 46 locations in core that would need updated with this change that make this mistake, and the fix for each of them with this change is exactly the same as what every other commit to fix this problem has always done: just specify the `name` to give a unique ID. The downside to this approach is that this pushes for an immediate change not only to all calls to `wp_nonce_field()`, but also their corresponding `check_admin_referer()` calls (to update the changed field name) in a single WP release, and considering how frequently it's called this way in core, I don't even have to look at plugins to see how often it happens there (it's going to be too many to count). This approach still results in an explicitly named ID that really doesn't need to be on the field in the first place in most locations. I gave this approach a shot anyway, and started on a patch just to see how much work it would be at least in core, but I started to find a few locations that could benefit from unique IDs, but similar field names. I also found myself already spending hours updating and testing just 9 of the 46 locations (unit tests don't cover this stuff) where I was forced to make changes to IDs that would be best left alone for now. I have attached this unfinished patch anyway if anyone is curious to see how it works, what it does, and to see what kinds of changes it ends up requiring. It's still possible to just pass ""_wpnonce"" as the `name` with this change, so the rest of the locations could simply use that to progressively work towards unique IDs, but I just don't see this as a good solution overall, and it seems like a lot of work for very little gain on a minor issue. == B: Use Action for ID or Remove ID Entirely == Another option might be to remove ID entirely, or use (and require) the action parameter as the ID. This would improve results with unique IDs fixing most locations where `wp_nonce_field()` is used without requiring a change to each one individually for most uses (except for nonces used with ajax calls). All locations in core at least use `action` already, so the case for using `action` as ID instead seems better than using `name`. Unfortunately, either removing or using the action parameter for ID (changing the ID) would obviously break a few plugins that made the mistake of relying on the default `_wpnonce` (or the current `name` value) value for `id` from within JavaScript code for existing form endpoints. In the WP.org plugin repo, this appears to happen in the following plugins (searching up through plugins starting with 'r') for forms using the default value: {{{ automatic-youtube-video-posts buddypress buddypress-backwards-compatibility canalblog-importer community-submitted-news eyes-only-plus facepress-ii globalfeed lazyest-gallery lazyest-maps maven-member pagely-reseller-management pluginbuddy-yourls post-event2 qtranslate-separate-comments repostus ... }}} There's likely way more plugins that post to core forms using a non-default `name` that would break though as well, and even though I think ID should have never been added to the nonce field attributes and was never necessary in the first place, compatibility rules would need to be broken if this approach was used. This of course means this option is most likely not really an option at all. == C: Use an Option Array Parameter in Place of Name == To keep this concise, this last approach basically involves changing `wp_nonce_field()` to: {{{ function wp_nonce_field( $options = array() ) { ... } }}} The `options` parameter is a standard arguments array used with `wp_parse_args()`. This accomplishes not just one, but two different goals. First, if `$options` is not an array or the method was called with anything other than 1 parameter, we know this is an older call that needs to use the `name` parameter for both `name` and `id`, using `func_get_args()` for the original arguments, and can do so for full 100% backwards compatibility. Second, unrelated to this issue, the function has been refactored to adhere to coding standards in regards to [http://codex.wordpress.org/WordPress_Coding_Standards#Self-Explanatory_Flag_Values_for_Function_Arguments self-explanatory flag values] as far as the `referrer` and `echo` options are concerned. The `options` array can then be made to accept the following settings: - action: The same unique name included in the nonce hash as is the case now. - name: The field name (and *only* used for the name attribute). (Default: ""_wpnonce"") - id: The field ID if this really is still desired, and can even be different than the name, but by default, the field won't have an ID at all. - referrer: Whether to set the referer field for validation. (Default: true) - echo: Whether to display or return hidden form field. (Default: true) The only downside here is that each `wp_nonce_field()` call will be more verbose in most cases, especially if they do need to use an ID. For example, this: {{{ wp_nonce_field('add-tag', '_wpnonce_add-tag'); }}} Will now become this: {{{ wp_nonce_field( array( 'action' => 'add-tag', 'name' => '_wpnonce_add-tag' ) ); }}} I see plenty of benefits to this last solution though, and it requires very few changes up front, so I think it comes down to this approach ultimately. Please see attached patch." bpetty 17 23168 Introduce remove_post_status Posts, Post Types normal normal enhancement new 2013-01-10T08:32:49Z 2019-06-04T20:43:39Z Plugins and themes should be able to remove the default post statuses defined by core. kovshenin 9 23169 Introduce register_post_status_for_object_type Posts, Post Types normal normal enhancement new 2013-01-10T08:35:46Z 2019-06-04T20:43:41Z Similar to what `register_taxonomy_for_object_type` does with taxonomies. kovshenin 3 23179 New avatar related option - use gravatar only for registered users dev-feedback Comments normal normal enhancement new 2013-01-11T15:40:59Z 2019-06-04T19:23:48Z "The use of gravater is problematic because there is no attempt to verify that a comment with which an email was used was actually left by the owner of the email (AFAICT gravatar doesn't even have an API for authentication). This makes impersonating to someone else that have a gravatar in a wordpress site comments much too easy. IMO non autogenerated gravatars should be displayed by default only for users for which it is known that they actually own the email address, which are usually only the registered users." mark-k 4 23188 Hardcoded relative url 'async-upload.php' in plupload/handlers.js Upload 3.5 normal normal Awaiting Review defect (bug) new 2013-01-12T11:47:48Z 2018-01-18T20:34:04Z "On line 127 in plupload/handlers.js you can find relative path to 'async-upload.php'. It rather should use wpUploaderInit.url (or something like that), so you could use WP Plupload in front-end for example or with your custom uploading scripts. Now you can write your custom uploader script and provide it via wpUploaderInit, but on that line in handlers.js it is ignored (and if you run it in front-end, bad request to ./async-upload.php is made)." drozdz 1 23197 wp-activate.php, without explanation, does not load site plugins Login and Registration 3.0 normal normal Future Release defect (bug) reopened 2013-01-14T12:54:26Z 2022-06-14T01:36:09Z "I am the developer of a Wordpress plugin that modifies the Registration process. I am porting my code to Wordpress Multisite and am running into an odd obstacle. During the signup process, I store meta data in the signups table. I intend to restore that data after the user has activated their account using hooks located in wp-activate.php. I learned the hard way that wp-activate is altering the load sequence with the following flag. define( 'WP_INSTALLING', true ); The preceding comment says ""Define ABSPATH as this file's directory"", which to me does not entirely jive up. Regardless, with this flag in place, when Wordpress would normally determine what plugins to load in wp_get_active_and_valid_plugins, instead it returns an empty array. I do not believe this is the desired behavior. My solution has to been to create a small ""must-use"" plugin simply for my activation related code. This however, is not a desirable solution since must-use plugins must be manually installed. I cannot determine much of an alternate solution; I cannot modify that flag in a plugin at any level since my plugin would never be loaded for it to get a chance to modify the flag. It is a bit of a chicken and the egg problem." radiok 18 23205 New Media Uploader slow for sites with many images dev-feedback Media 3.5 normal normal enhancement new 2013-01-15T17:17:02Z 2019-06-04T20:04:40Z "The new media uploader added in 3.5 looks very nice. Unfortunately, its functionality is worse for sites with thousands of images. I think this can be combated by allowing us to select the ""Upload Files"" page as our default after clicking ""Add Media,"" and rather than ""All Media Items"" be the page it jumps to after the image is uploaded, instead have it jump to ""Uploaded to this Post."" Is there any way the WordPress team can make this default? Or add the option to make it default? It's made posting on my site 10 times more annoying, especially for those posts with 40-50 images. And I'm sure there are others who feel the same." salromano 28 23207 Add $labels argument to register_post_status() dev-feedback Posts, Post Types 3.0 normal normal enhancement reopened 2013-01-15T19:32:54Z 2019-06-04T20:43:43Z "WordPress functions '''register_taxonomy()''' and '''register_post_type()''' has '''labels''' argument. Why not add labels to '''register_post_status()'''? The current way to add status: {{{ $args = array( 'label' => __( 'draft', 'text_domain' ), 'label_count' => _n_noop( 'Draft (%s)', 'Drafts (%s)', 'text_domain' ), 'public' => false, 'show_in_admin_all_list' => true, 'show_in_admin_status_list' => true, 'exclude_from_search' => true, ); register_post_status( 'draft', $args ); }}} The new way (using labels): {{{ $labels = array( 'name' => __( 'Draft', 'text_domain' ), 'singular_count' => __( 'Draft (%s)', 'text_domain' ), 'plural_count' => __( 'Drafts (%s)', 'text_domain' ), 'any_other_label' => __( 'Any Other Label', 'text_domain' ) ); $args = array( 'labels' => $labels, 'public' => false, 'show_in_admin_all_list' => true, 'show_in_admin_status_list' => true, 'exclude_from_search' => true, ); register_post_status( 'draft', $args ); }}}" ramiy 8 23221 Multisite in subdirectory with root site address dev-feedback Bootstrap/Load 3.5 normal normal Awaiting Review defect (bug) reopened 2013-01-16T22:48:52Z 2018-01-21T01:31:19Z "I have seem to have found a url bug in the multisite. = How to replicate = 1. Install WordPress in a subdirectory 2. Change the the url from the subdirectory to the root by adding index.php to the the root and changing the following code. {{{ /** Loads the WordPress Environment and Template */ require('./subdirectory/wp-blog-header.php'); }}} 3. Change the site url in the settings to the root. 4. Start the process to convert the site to a multisite. = Affect = Then it should cause the network dashboard url to be incorrect. You will get http://example.com/wp-admin/network/ instead of http://example.com/subdirectory/wp-admin/network/. " grapplerulrich 36 23229 Pagination Links Broken Permalinks normal normal defect (bug) new 2013-01-17T23:11:04Z 2019-06-04T20:43:46Z "Currently, if the request URL ends with ""page/[\d]+/?"" it will always assume that it is the pretty version of the paged parameter, and rewrite that section of the URL. This breaks in any condition where a numeric value follows that string at the end of a URL. An example that can be easily reproduced is as follows: 1) Set theme to TwentyEleven 2) Modify the theme to output the results of get_pagenum_link(2) anywhere. 3) Change permalink structure to ""/daily-page/%year%/%monthnum%/%post_id%/"" 4) Go to a year archive for the permalink structure above. 5) The result of the get_pagenum_link will look like this: ""/daily-/page/2/"", breaking pagination within this context. I've attached a patch against current trunk code that addresses this, providing the following features: 1) Pagination links functional in the scenario above, along with custom rewrite rules. 2) Updated to allow numeric post names for hierarchical post types (currently always rewritten with ""-2"") 3) Updated get_pagenum_link filter to include pagenum parameter as it was passed in. " ssmathias 1 23233 Radio Button instead of Checkboxes on Comment Moderation option? has-patch Comments 3.5 normal normal enhancement reopened 2013-01-18T16:26:23Z 2019-06-04T19:23:51Z "Hi! I've been a loyal Wordpress user for years. This is nothing urgent, but something that may improve the user experience. In Settings > Discussion > Before a comment appears, there are two options: ""An administrator must always approve the comment "" and ""Comment author must have a previously approved comment"" Perhaps I have missed something here, but aren't these options pretty much either/or? If the first box is checked, it's rather irrelevant if the second box is checked, because the first checkbox would override it? If I'm correct, shouldn't this be changed from a both/and checkbox to an either/or radio button?" danielmount 12 23243 "wp_mail() not working with ""Name <email>"" format in buggy PHP versions on Windows" Mail 3.5 normal minor defect (bug) new 2013-01-20T15:59:30Z 2019-06-04T20:04:42Z "As a result of ticket #17305, wp_mail() accepts the $to parameter in the format ""Name <email@domain.com>"". There exists a PHP bug in versions below 5.2.11 and in 5.3, on Windows. This bug occurs when addresses are passed to the PHP mail() function in the ""Name <email>"" format and prevents e-mails from being sent. I believe this bug in fixed in 5.3.1 and above. (see https://bugs.php.net/bug.php?id=28038) I don't believe this affects any core functionality, but may affect some plugins which pass $to in the above format. I tested in PHP 5.2.4 on Windows with the following code: {{{ wp_mail(""email@ext.com"", ""Test"", ""Test""); wp_mail(""Name <email@ext.com>"", ""Test 2"", ""Test 2""); }}} The first email is received; the second isn't. When removing error suppression from the mail() calls in class-phpmailer.php, the following warning is outputted: Warning: mail() [function.mail]: SMTP server response: 501 <Name <email@ext.com>>: ""@"" or ""."" expected after ""Name"" in C:\xampplite\htdocs\wp-includes\class-phpmailer.php on line 771" bbosh 3 23253 Lack of a do_settings_section (singular) function has-patch Plugins normal normal Awaiting Review enhancement reopened 2013-01-21T19:20:06Z 2021-02-27T18:30:24Z "After considerable research I have found that plugin authors, including myself, have to go to great lengths to put options into tabs on a plugin settings page. The majority use JavaScript to modify the DOM in order to achieve this, others have broken their options into several settings arrays instead of the recommended single array to facilitate the creation of tabs using the traditional WordPress nav-tab-wrapper class approach. To get my own options into tabs in a fully scoped css jquery ui theme I ended up adding my own hacky function to my plugin: myplugin_do_settings_section( $page, $sectionid ) - which is just a copy of the core function do_settings_sections( $page ) with an additional parameter for the section id and an added conditional to only output the section with the requested id. This allows me to wrap each section in the appropriately classed tags for either jquery ui tabs or traditional WordPress nav-tabs. This however, is not an acceptable long-term solution as the core code will undoubtedly change, I already see tickets and revisions relating to the removal of those nasty tables... This functionality should be in the core code. A settings section is a ''section'' and it should be possible to output them one at a time to allow for styling. Thanks for considering my proposal. (Also, the Iris color picker does not play nice with jquery-ui - it needs its own css scope or something - that will be a separate ticket once I have a better understanding of what is wrong with it and have searched for existing tickets on the subject.) " auniquename 6 23257 Add plural versions of Post Format strings Post Formats 3.5 normal normal Future Release enhancement new 2013-01-22T00:59:30Z 2017-07-17T16:37:15Z "To make it easier for theme authors to create meaningful titles for post format archive pages, we could extend `get_post_format_strings()` to also provide a standardized set of plurals. I'm not entirely sure whether the plurals I used in the diff are the ones we actually want to go with (apparently there is no plural of 'Audio'?), but the change is fairly simple and is backwards compatible. See [https://github.com/Automattic/_s/pull/137 this discussion] for additional context." obenland 12 23275 WordPress Importer: line-ending mismatch corrupts serialized meta has-patch Import normal normal defect (bug) new 2013-01-23T16:56:04Z 2019-06-04T20:04:44Z "A possible solution: {{{ if ( $key ) { // export gets meta straight from the DB so could have a serialized string if ( ! $value ) $value = maybe_unserialize( $meta['value'] ); // Occationally, line-endings break unserialize() if ( empty( $value ) ) // Try normalizing... $value = maybe_unserialize( str_replace( array(""\r\n"", ""\r"", ""\n""), ""\r\n"", $meta['value'] ) ); if ( empty( $value ) ) // Adjust string length if needed $value = maybe_unserialize( preg_replace( // e flag deprecated in PHP 5.5.0 I think '!s:(\d+):""(.*?)"";!se', ""'s:'.strlen('$2').':\""$2\"";'"", $meta['value'] ) ); add_post_meta( $post_id, $key, $value ); do_action( 'import_post_meta', $post_id, $key, $value ); // if the post has a featured image, take note of this in case of remap if ( '_thumbnail_id' == $key ) $this->featured_images[$post_id] = (int) $value; } }}}" WraithKenny 5 23276 WordPress Importer: Update existing navs instead of new has-patch Import normal normal WordPress.org defect (bug) new 2013-01-23T17:00:06Z 2020-10-01T19:25:32Z "A possible solution (reuses logic present in the code): {{{ $menu_item_db_id = (int) $item['post_id']; $original_object = get_post( $menu_item_db_id ); if ( is_null( $original_object ) ) { $post_parent = (int) $item['post_parent']; if ( $post_parent ) { // if we already know the parent, map it to the new local ID if ( isset( $this->processed_posts[$post_parent] ) ) { $post_parent = $this->processed_posts[$post_parent]; // otherwise record the parent for later } else { $this->post_orphans[intval($post['post_id'])] = $post_parent; $post_parent = 0; } } // map the post author $author = sanitize_user( $item['post_author'], true ); if ( isset( $this->author_mapping[$author] ) ) $author = $this->author_mapping[$author]; else $author = (int) get_current_user_id(); $postdata = array( 'import_id' => $item['post_id'], 'post_author' => $author, 'post_date' => $item['post_date'], 'post_date_gmt' => $item['post_date_gmt'], 'post_content' => $item['post_content'], 'post_excerpt' => $item['post_excerpt'], 'post_title' => $item['post_title'], 'post_status' => $item['status'], 'post_name' => $item['post_name'], 'comment_status' => $item['comment_status'], 'ping_status' => $item['ping_status'], 'guid' => $item['guid'], 'post_parent' => $post_parent, 'menu_order' => $item['menu_order'], 'post_type' => $item['post_type'], 'post_password' => $item['post_password'] ); $menu_item_db_id = wp_insert_post( $postdata, true ); if ( is_wp_error( $menu_item_db_id ) ) { $post_type_object = get_post_type_object( $item['post_type'] ); printf( __( 'Failed to import %s “%s”', 'wordpress-importer' ), $post_type_object->labels->singular_name, esc_html($item['post_title']) ); if ( defined('IMPORT_DEBUG') && IMPORT_DEBUG ) echo ': ' . $post_id->get_error_message(); echo '<br />'; } } $id = wp_update_nav_menu_item( $menu_id, $menu_item_db_id, $args ); }}}" WraithKenny 5 23279 Add templates to style registration, signup, activation, login and password reset pages has-patch Login and Registration normal normal Awaiting Review enhancement new 2013-01-23T22:20:58Z 2017-02-22T09:54:26Z "As [https://irclogs.wordpress.org/chanlog.php?channel=wordpress-dev&day=2013-01-23&sort=asc#m539267 discussed in IRC], the ability to override the various user-related pages would be a great ability for themes to have. At the moment, it's pretty tedious to style these and there's very little control over the content of the page (some for good reason, others not so much). Related: #1155, #3123, #22139" rmccue 13 23290 When using switch_to_blog() with a persistent object cache that lacks wp_cache_switch_to_blog() support, non-persistent groups are not maintained needs-unit-tests Cache API 3.0 low normal defect (bug) new 2013-01-25T05:28:44Z 2019-06-04T19:41:33Z If you're using a persistent object cache that lacks the new `wp_cache_switch_to_blog()` support, WordPress core `else`s into a complete cache clobbering branch. It is smart about grabbing the global groups and re-adding those after `wp_cache_init()` is called, but it doesn't do the same for non-persistent groups. Those are a hardcoded array. So if you call `switch_to_blog()`, you would lose any custom-added non-persistent groups. markjaquith 10 23308 "make_clickable problem with multiple ""Punctuation URL character""" dev-feedback Formatting 3.5.1 normal normal defect (bug) new 2013-01-28T15:09:59Z 2019-06-04T19:44:27Z "make_clickable problem with multiple ""Punctuation URL character"" E.g. {{{ http://www.wordpress.org/some-(parentheses).html }}} Results in this html code: {{{ <a href=""http://www.wordpress.org/some-(parentheses)"" rel=""nofollow"">http://www.wordpress.org/some-(parentheses)</a>.html }}} But obvious should be: {{{ <a href=""http://www.wordpress.org/some-(parentheses)"" rel=""nofollow"">http://www.wordpress.org/some-(parentheses).html</a> }}} I suggest to replace: wp-includes/formatting.php:1603 {{{ [\'.,;:!?)] # Punctuation URL character }}} with {{{ [\'.,;:!?)]{1,} # Punctuation URL character }}}" DrPepper75 4 23309 Not all WP_Query::query_vars get updated during WP_Query::get_posts() needs-unit-tests Query normal normal defect (bug) new 2013-01-28T15:40:56Z 2019-06-04T20:43:47Z "There is a lot of logic within the WP_Query::get_posts() method that fills in missing query vars with defaults and manipulates others based on the rest of the query. However, some of the final states for many of the variables aren't updated in the WP_Query::query_vars array. For example, the post type is lost as a local variable and post_status is used for building compiling mysql expressions, but never directly updated. The result is that any plugins that want to recreate the query for another system, (ie, an external search provider) must directly copy much of the business logic that WP_Query::get_posts() has embedded in it in order to fill in for the incomplete query_var array. " prettyboymp 4 23311 Enable internationalization in PHPMailer has-patch I18N 3.5 normal normal Future Release enhancement new 2013-01-28T16:37:06Z 2020-09-14T19:17:20Z Per the discussion in #23291, we should enable PHPMailer's internationalization feature so that any error messages returned by it and displayed to the user will be translated. iandunn 7 23314 Allow published posts to be revised without being updated immediately has-patch Revisions normal normal Future Release enhancement new 2013-01-29T19:39:01Z 2020-01-10T21:02:19Z Two things. Let's allow contributors to submit changes for review to their published posts. Let's also allow users to make changes to their posts and pages and save those changes, without updating the published post or page. kovshenin 29 23318 Plugins Admin Showing Details for Wrong Plugin Plugins normal normal WordPress.org enhancement new 2013-01-29T22:41:54Z 2022-08-23T17:46:47Z "I just set up a new site with some plugins, none of them activated yet. The plugins screen says: ""There is a new version of Google XML Sitemaps available. View version 4.1 details or update now."" I know for a fact there is no such version of this plugin. When I click details link, it tells me to install some other plugin called page-list?!" miqrogroove 28 23327 Cache incrementors for get_bookmarks() has-patch Cache API 3.5.1 low normal enhancement new 2013-01-30T18:24:08Z 2022-01-18T13:48:04Z "Make use of a caching incrementor and store queries in individual cache buckets to avoid memory exhaustion. Pattern this after #23167, which does the same thing for get_pages(). See #23173 for an explanation of the motivation behind this." ryan 7 23330 Allow autoloading all options, not just autoload = yes options has-patch Cache API 3.5.1 normal normal Awaiting Review defect (bug) new 2013-01-30T21:12:57Z 2022-09-30T14:40:54Z "For 5 years on wordpress.com we have ignored the autoload field for options. In wp_load_alloptions(), autoload = yes is not part of the query. Why? Because wordpress.com has a persistent cache. Thus, the transients that constitute the bulk of autoload = no options are stored in cache, never in the options table. Querying autoload=yes makes the query slower for no reason. Having autoload = no options also complicates notoptions caching. Core has a notoptions cache that would be unnecessary if you can assume that wp_load_alloptions() loads every option. If an option is not in alloptions, then it does not exist. Other large sites that use a persistent cache might also like to ignore the autoload flag. Core could automatically switch to ignoring autoload when an external object cache is being used, but administrators might want to control this so they can clean out old transients from options tables and do whatever other housekeeping is desired. So, let's add a filter that allows toggling this. When autoload is being ignored the wp_load_alloptions() query does not include autoload=yes and notoptions is not used." ryan 13 23336 Sticky Posts lack sanity bounding. If used too much, can severely degrade performance. Query normal normal defect (bug) reopened 2013-01-31T05:09:37Z 2019-06-04T20:43:50Z "Came across an issue where a site was using sticky posts for a slider on the front page. The rest of the front page used custom taxonomy queries. As such, they'd mark items as sticky, have the slider grab the first three. Over years, they accumulated thousands of sticky posts, which, as you can imagine, made the front page of their site absurdly slow, as it was querying those thousands of posts every time. Should we establish some sort of sanity limit here, to keep people from shooting themselves in the foot? I found this a REALLY hard issue to diagnose. Even with debug bar, there is no indication that sticky posts are being queried. There's just a giant WP_Query call that does a giant `IN()` query. Something like a limit of 100 with FIFO would keep things from getting too crazy, without restricting people too much. If you have a need for more than that, you need to be using a taxonomy query." markjaquith 21 23361 "Deleting a user in Network Admin still defaults to ""Delete all posts""" Users 3.5 normal normal Future Release defect (bug) new 2013-02-01T19:02:55Z 2021-09-17T12:53:27Z "Background: #20045, #23224 We should either do what those tickets suggested in Network Admin as well for consistency, or redo/remove the form, since the attribution only works for the main site, as noted in [comment:ticket:20045:14]." SergeyBiryukov 9 23373 Limiting get_users() results by meta value with LIKE wildcards has-patch Users 3.5 normal normal enhancement new 2013-02-03T03:07:03Z 2019-06-05T06:39:02Z "I want to limit the results returned by get_users() to a subset of the users based on some criteria that will be stored in the User Meta table (e.g. all users whose first name begins with M). Here arr the args I am passing to get_users(): {{{ ( [include] => [exclude] => [fields] => all_with_meta [meta_key] => last_name [meta_value] => M% [meta_compare] => LIKE ) }}} This is the query the WordPress constructs for me: {{{ [01-Feb-2013 16:01:08 UTC] WP_User_Query Object ( [query_vars] => Array ( [blog_id] => 1 [role] => [meta_key] => last_name [meta_value] => M% [meta_compare] => LIKE [include] => [exclude] => [search] => [search_columns] => Array ( ) [orderby] => login [order] => ASC [offset] => [number] => [count_total] => [fields] => all_with_meta [who] => ) [results] => Array ( ) [total_users] => 0 [query_fields] => wp_users.ID [query_from] => FROM wp_users INNER JOIN wp_usermeta ON (wp_users.ID = wp_usermeta.user_id) [query_where] => WHERE 1=1 AND ( (wp_usermeta.meta_key = 'last_name' AND CAST(wp_usermeta.meta_value AS CHAR) LIKE '%M\\%%') ) [query_orderby] => ORDER BY user_login ASC [query_limit] => }}} ---- As you can see, the LIKE clause is escaped and wrapped with SQL wildcard operators. I can't figure out how to prevent this from happening as what I want is ""LIKE 'M%'"" to be my actually query. Andrew Nacin wp@andrewnacin.com via lists.automattic.com 11:24 am (1 day ago) to wp-hackers Currently, ""LIKE"" prepends and appends wildcards, as in %term%. We could add ""%LIKE"" and ""LIKE%"", though that would not help with the situation where you want LIKE taken literally, potentially without % wildcards at all. (Such as using _ as a single-character wildcard, or looking for case insensitive matching.) Probably the best way to add to this API would be to allow for a 'like_escape' => false; that would accept your value as provided. If you'd like to submit a ticket (and patch), this can definitely find its way into 3.6. Nacin ---- I have prepared a patch to meta.php which allows escaped LIKE and NOT LIKE meta compares to work properly. " mpwalsh8 23391 User in contributor role can add images to post only via the text editor Role/Capability normal normal Awaiting Review enhancement new 2013-02-05T07:34:26Z 2018-10-03T12:18:01Z "1. Create a user with contributor role 2. start new post with it 3. notice there is no ""add media"" button anywhere 4. switch to text editing 5. use the img button to insert a URL to a valid img on the web 6. request approval for the post 7. let admin/editor approve it 8. go the the post's URL and notice that the image is shown So, it is not that contributors are not allowed to use images, it is just that WP makes it hard to do so. Either HTML needs to be sanitized and have all img tags removes for contributors, or access to the media library should be allowed for contributors denying only access to uploading. I vote for the second option." mark-k 5 23398 "Media Gallery - Clicking ""Restore Original Image"" in ""Scale Image"" pane loses 'Thumbnail Settings' pane." dev-feedback Media 3.4 normal normal defect (bug) new 2013-02-05T21:11:36Z 2019-06-04T20:04:54Z "Reproduce the problem thusly: Click ""Edit image"" in the ""Edit Media"" interface for any image. `/wp-admin/post.php?post=1119&action=edit` Scale the image a couple times in the 'Scale Image' pane. Update. Click ""Restore Original Image"" in the 'Scale Image' pane. Try to crop just the thumbnail. The 'Thumbnail Settings' Pane is '''''gone'''''. The image has to be deleted and re-uploaded to gain thumbnail control once again." gr33nman 4 23413 Provide query result data to custom user columns dev-feedback Users normal normal enhancement new 2013-02-07T15:22:53Z 2019-06-05T06:39:04Z "When the filter manage_users_custom_column is triggered, it sends an empty string for the value field. Since it's easy enough to extend the WP_User_Query with extra fields, it would be good to have those fields passed through if they exist to save having to requery the database with the user_id parameter to get the data. I have attached a patch to show what I mean." JohnC28 3 23421 Add sortable to taxonomy column dev-feedback Taxonomy normal normal Future Release enhancement assigned 2013-02-08T12:34:20Z 2021-08-11T15:48:50Z "Following on from the #21240 ticket which introduced the show_admin_column functionality one limitation is the 'as easy' way to make that column sortable. It's possible to do it through the 'manage_edit-{$post_type}_sortable_columns' filter but the column_key is different for 3.5+. A standardisation as for adding the column may be advantageous: a register_taxonomy argument and / or new filter. argument: show_column_sortable, boolean default false, requires show_admin_column to be set and true. In the same way that the get_columns function uses the new ""manage_taxonomies_for_{$post_type}_columns"", filter to add a taxonomy column there could be a ""manage_taxonomies_for_{$post_type}_sortable_columns"" filter in the get_sortable_columns function of the post-list class: i.e. {{{ function get_sortable_columns() { $default = array( 'title' => 'title', 'parent' => 'parent', 'comments' => 'comment_count', 'date' => array( 'date', true ) ); return apply_filters( ""manage_taxonomies_for_{$post_type}_sortable_columns"", $default ); } }}} The developer could then set the filter as normal {{{ add_filter( ""manage_taxonomies_for_{$post_type}_columns"", 'add_sortable_column' ); function add_sortable_column ( $columns ) { $columns[ taxonomy-tax_name ] = 'Taxonomy Label'; return $columns; } }}}" tifosi 14 23422 Add query filter argument to register_taxonomy needs-unit-tests Taxonomy normal normal enhancement new 2013-02-08T12:38:35Z 2019-06-04T21:08:16Z "Following on from the #21240 ticket which introduced the show_admin_column functionality I would like to suggest an additional argument to easily add the select list query filter for a taxonomy to the post-type list. Currently a taxonomy query can be added via the 'restrict_manage_posts' action and 'parse_query' filter. It would be useful to add an additional register_taxonomy argument of 'show_column_filter' to define a standard select option list of the taxonomy terms. Things like default option and hierarchy could be optional settings is an array is passed instead of boolean. " tifosi 11 23423 sanitize_title() in dynamic_sidebar() restricts the use of specific characters for sidebar IDs chriscct7 needs-unit-tests Widgets 2.2 normal normal defect (bug) reopened 2013-02-08T13:25:00Z 2019-06-05T06:39:05Z "In the dynamic_sidebar() function in wp-includes/widgets.php uses sanitize_title() on the given index when it looks for a sidebar with a name that matches the index. After that it leaves the index value sanitized making it impossible to use characters not allowed by sanitize_title() in a sidebar ID. By not overwriting the given index value with the sanitized version it would still be possible to use any character for the ID. To achieve this, lines 847-853 {{{ $index = sanitize_title($index); foreach ( (array) $wp_registered_sidebars as $key => $value ) { if ( sanitize_title($value['name']) == $index ) { $index = $key; break; } } }}} should be replaced with {{{ $sanitized_index = sanitize_title($index); foreach ( (array) $wp_registered_sidebars as $key => $value ) { if ( sanitize_title($value['name']) == $sanitized_index ) { $index = $key; break; } } }}}" paulvandermeijs 10 23424 WP_Image class for handling images from the media library dev-feedback Media 3.5 normal normal enhancement new 2013-02-08T15:41:24Z 2019-06-04T20:04:57Z "Since 3.5 we have the class WP_Image_Editor. This needs a file path to be able to manipulate an image. Currently you would have to use something like wp_get_image_editor( _load_image_to_edit_path( $post_id ) ). What is wrong since you are using a ""private"" function. Currently I'm working on this idea and you can find the code here https://github.com/markoheijnen/WP_Image/blob/master/wp-image.php. What it does now is getting the filepath, be able to get the image editor, add an image size on the fly and getting/updating the metadata. We really miss something like a WP_Image class in WordPress. However I'm not sure what kind of functionality is needed for it. I like the current class mainly because it gives you the power to create an image size for a specific media image and stores it in the sizes array. When a user removes the media image then also the custom sizes will be removed." markoheijnen 6 23430 sanitize_user() disallows + in usernames causes problem for email as username has-patch Users 3.5.1 normal minor enhancement new 2013-02-09T08:48:31Z 2019-06-05T06:39:07Z "I want to use email addresses as usernames which seems to work fine, except sanitize_user() doesn't allow a + in the username and my email addresses have + in them. Google/gmail allows one to use a + modifier on emails like so: user+admin@gmail.com, user+editor@gmail.com, user+author@gmail.com, etc... I often use this to get around WordPress's requirement for unique email addresses but it's also intended for and useful in filtering: user+blog1@gmail.com, user+blog2@gmail.com, etc... Is there a reason we can't allow +'s in usernames or could it be moved to the strict case only? See formatting.php:892 " jb510 5 23431 [embed] shortcode doesn't work with do_shortcode() needs-unit-tests Embeds 3.5 normal normal Future Release feature request new 2013-02-09T15:05:02Z 2022-07-15T15:43:20Z It would be preferable to use the [embed] shortcode through do_shortcode rather than apply_filters( 'the_content',... in order to avoid sharing plugins, related posts plugins etc appending content to something that could simple be post meta, i.e. looking to convert a youtube url to a video. jtsternberg 8 23432 "Review usage of target=""_blank"" in the admin" sabernhardt* Administration 3.2 normal normal Future Release task (blessed) accepted 2013-02-09T15:26:25Z 2023-11-17T17:54:28Z "Some links in the Setting Pages (General, Discussion, Permalink) pages open in same window, which sometime can be awful. [[BR]] While the users can press cmd/ctrl + click and click the link to open it in new tab but If the user does not open the link in new window, options (which are not saved) will be lost and one have to go through them again.[[BR]] Also links in the Edit Profile page and all the links in the help tab open in new window except a few.(so it is possible that users may just click it thinking them to alike other links which open in new window)[[BR]] So a consistency will be there and ux can be a little better." theadityajain 56 23436 Media Gallery - Cropping Image and then Cropping a thumbnail from that crop doesn't work. joedolson* close Media 3.5 normal normal Awaiting Review defect (bug) accepted 2013-02-10T17:20:00Z 2022-12-07T16:05:48Z "'''A recipe for repeating the bug behavior:''' Navigate to Library in the admin sidebar. Click ""Add new"". Drag the 800x480 copy of this or any image to the drag and drop area: http://en.wikipedia.org/wiki/File:Cheese_platter.jpg (I suggest this image for ease of recipe duplication and best explanation.) After the blue status bar has completed, ""Edit"" to bring the media edit window up in a new tab. Click ""Edit Image"" below the actual image. Drag anywhere inside the image to create a cropping box. In the ""Image crop"" pane, set the crop area to 500px width, 100px height. Drag the cropping box so that the fancy toothpick is as far left as possible along the horizontal axis of the cropping box, but centered vertically. Click the ""Crop"" icon. Click ""Save"". Click ""Update"". Click ""Edit Image"" once again. Drag inside the newly-cropped image again to create a new cropping box. In the ""Image Crop"" pane, change the cropping dimensions to 150 x 100. Drag the box so the fancy toothpick is somewhere in the left third within the crop boundary. '''Important:''' In the thumbnail settings pane, set ""Apply Settings to:"" '''Thumbnail'''. Click the ""Crop"" icon. Click ""Save"". Click ""Update"". Click ""Library"" in the admin sidebar. The newly preferred thumbnail for our previously-cropped image does not save. Thumbnail remains default, based on center of previously-cropped image. Instead, you will see a small wheel of cheese sliced into six wedges with garnishes for the thumbnail, even though we chose the part with the fancy toothpick." gr33nman 8 23454 _deprecated_function Messages chriscct7 has-patch General 3.5 normal normal enhancement assigned 2013-02-12T11:20:39Z 2019-06-04T19:44:32Z "Unlike ''_deprecated_file'' and ''_deprecated_argument'', the ''_deprecated_function'' function has no option to append a message to the triggered notice. I propose adding this to make it consistant with the other 2 functions. Patch to follow." mikejolley 3 23464 WXR importer: Poor UX when creating new user to import to Import normal normal enhancement new 2013-02-13T07:05:33Z 2019-06-04T20:04:59Z "When importing WXR you are prompted to assign a user to which of the existing users the imported content will be assigned, but it is also possible to provide a name of a new user which will be created and the content then will be associated with it. The new user functionality sucks 1. No email or password is required therefor the user for a while is missing data which is assumed to always exist for a user. In the end of the import there is a small notice about updating the user data, but it gets lost in all the output being generated during import 2. Processing does not stop if user creation had failed (I used hebrew characters for user name) and the imported content is assigned to the current user. WTF? " mark-k 1 23482 Fix improper use of comment_exists() in some importers maxpagels has-patch Import normal normal defect (bug) assigned 2013-02-15T18:49:18Z 2019-06-04T20:05:02Z "Background: #20494 DotClear Importer and TextPattern Importer treat the returned comment post ID as a comment ID: [[BR]] http://plugins.trac.wordpress.org/browser/dotclear-importer/trunk/dotclear-importer.php#L416 [[BR]] http://plugins.trac.wordpress.org/browser/textpattern-importer/trunk/textpattern-importer.php#L429" SergeyBiryukov 2 23483 Incorrect image URL for subsites when using UPLOADS constant on multisite subdirectory installation Upload 3.5.1 normal normal Awaiting Review defect (bug) new 2013-02-15T18:56:54Z 2017-07-08T00:41:31Z "If the UPLOADS constant is used on a Wordpress Multisite installed to subdirectory, using subdirectory mode, then image URLs for subsites are incorrect. Example: * WP MS installed to www.domain.com/wordpress, subdirectory not subdomain * UPLOADS set to 'assets' Main site uploads images to /wordpress/assets/... [[BR]] Main site image URL is www.domain.com/wordpress/assets/... 1. Create subsite called 'subsite'; 2. Subsite uploads images to /wordpress/assets/sites/2/... 3. Subsite image URL is www.domain.com/subsite/assets/sites/2/... when it should be www.domain.com/assets/sites/2/... This is because wp_upload_dir() uses get_option('siteurl') to derive the URL. It is probably right for subdomain multisite but wrong in this use case." creativeinfusion 7 23487 is_blog_installed gives erroneous result on moved database dev-feedback Upgrade/Install 3.0 normal normal defect (bug) new 2013-02-16T13:11:37Z 2021-03-30T14:02:15Z "I resently moved my blogs to a new database, but when I tried it out, on of the blogs wanted a new install. Of course I did not want to do an install and overwrite my blog. I indirectly found the reason in is_blog_installed, which suppresses database errors. Thus I did not see this error. SELECT command denied to user 'techblog'@'localhost' for table 'wp_options' Of course it was my fault, but I virtually had to take the wordpress code apart to find out why my migration failed. Of course this is not a big problem on new installs, but very likely to happen on moving databases. " Kjeld Flarup 1 23498 wp_list_authors ignores 'exclude_admin' arg when admin account has a display_name other then 'admin' SergeyBiryukov dev-feedback Users 3.1 normal normal Future Release defect (bug) reviewing 2013-02-18T09:37:59Z 2023-12-15T00:50:09Z "Line 293 of author-template.php should be changed from: {{{ if ( $exclude_admin && 'admin' == $author->display_name ) }}} to: {{{ if ( $exclude_admin && 'admin' == $author->user_login ) }}} Thanks." raphaabreu 21 23562 Using Speech Recognition Software with the Add Media Panel joedolson* reporter-feedback Media 3.5.1 normal normal Future Release defect (bug) accepted 2013-02-20T16:06:02Z 2023-08-24T13:36:57Z "Linked to #23560 this ticket specifically concerns the speech recognition user's accessibility experience of the Add Media functionality. I'm using Dragon Naturally Speaking with IE9 on Windows 7 - a typical setup as Dragon works best with IE. Within the Edit Post screen I can use Dragon to action the Add Media link successfully. The command in Dragon for such an action is ""Click Add Media"". This works, but then I run into the following problem: * With the exception of Set Featured Image, none of the other links on the panel appear to be directly accessible with Dragon. * If I select Set Featured Image I can't action any of the other links. Dragon users can use voice commands to replicate pressing the tab key. The experience then mirrors that outlined in #23560 - but of course this cannot be used to select the images or other files. It is possible for Dragon users to interact with screens using mouse commands but it is an incredibly laborious and time consuming process - used only as a last resort. If one of the images is selected, the information panel for that images opens to the right. Unfortunately none of the input fields (for title, alt, etc) are directly available to Dragon. Ironically, the Insert Into Post button can be accessed directly with a voice command. Some investigation needs to be done as to why most of the links and input fields cannot be directly accessed by Dragon when the panel is opened. This is a parallel with the situation on the Theme Customizer panel. It is interesting that the Set Featured Image link and the Insert Into Post button '''can''' be directly accessed. What is different about them? " grahamarmfield 26 23602 "Incorrect canonical redirect if p=123 query argument present in ""paged"" archives" needs-unit-tests Canonical 3.5 normal normal defect (bug) new 2013-02-25T08:34:19Z 2019-06-04T19:23:57Z "URLs that include `page/n` AND `p=n` query variable, such as: http://example.com/page/3/?p=123 will issue a 301 redirect to the homepage. This is being reported as incorrect behaviour in Google Webmaster Tools, because: The target URL does not exist and your server is not returning a 404 (file not found) error. Your server is redirecting requests for a non-existent page, instead of returning a 404 response code. This creates a poor experience for searchers and search engines. A fix would be to strip the `p=` query variable and redirect to the paged archive. From: http://example.com/page/3/?p=123 to: http://example.com/page/3/ " kasparsd 2 23616 General Handler for Whitelisted Options' Submissions Options, Meta APIs normal normal feature request new 2013-02-26T03:06:55Z 2019-06-04T20:43:51Z As stated over on #18285 WordPress should move away from posting to options.php. In order to do that, the Settings API needs a general purpose function that can be safely called on all Settings Pages that can handle posts to itself (generally referred to as 'take_action' in various places) and can handle what options.php currently does. WraithKenny 1 23634 New hook for adding content after each comment chriscct7 has-patch Comments normal normal Future Release enhancement assigned 2013-02-26T19:29:57Z 2017-10-23T14:56:06Z "Similar to #18561 (which is for a new ""after post"" hook) add a hook that fires after each comment output with {{{wp_list_comments}}}." lancewillett 8 23635 get_objects_in_term - identify matching terms has-patch Taxonomy 3.5.1 normal normal enhancement new 2013-02-26T21:29:54Z 2021-04-09T16:17:23Z "`get_objects_in_term` is great for viewing taxonomy relationships for non-posts. However the return value is too limited for certain use cases. For When fetching object_ids for multiple terms the return value doesn't inform as to the matching term. For instance this query: {{{ #!php $object_ids = get_objects_in_term(array(55, 66, 77, 88, 99), ""my_custom_taxonomy""); }}} Might return an array of object_ids as follows: {{{ #!php array(101, 202, 303, 404); }}} However there's no way to tell '''which''' term a particular object_id matched. Did object 101 match term 77? Or maybe it was term 99? Or both? I've created a modified version of `get_objects_in_term` which will addresses this issue. I'll submit a patch, but am wondering if there's another way to achieve this functionality. " leepowers 3 23637 wp-signup.php has overly aggressive CSS Login and Registration 3.0 normal normal Future Release defect (bug) new 2013-02-27T14:33:46Z 2020-03-04T06:25:13Z The CSS added through wp_head by wp-signup.php stops Multisite form fields from being styled through inheritance. Allowing inheritance will result in more consistent styling with the active theme (for example, field font-size). kwight 8 23669 Allow front page template to fall back to home template when site displays blog posts index on front page close Themes 3.5.1 normal normal enhancement new 2013-03-02T21:15:25Z 2019-06-04T21:08:23Z "The `front-page.php` template file is intended to define custom, static front page content. However, this template file takes precedence, regardless of whether `get_option( 'show_on_front' )` is set to `'posts'` or `'page'`. If the user sets the front page to display the blog posts index, this choice is effectively superseded by `front-page.php`, and the blog posts index is not displayed unless the Theme specifically accounts for this setting in the template file, using something like so: {{{ if ( 'posts' == get_option( 'show_on_front' ) ) { get_template_part( 'home' ); } else { // front page markup goes here } }}} But requiring all Themes to include such a conditional in `front-page.php` essentially defeats the purpose of the the `front-page.php` file in the template hierarchy. Instead, WordPress should consider `get_option( 'show_on_front' )`, and should return ''either'' `front-page.php` (for `'page'`) ''or'' `home.php` (for `'posts'`) on the site front page. Attached patch modifies `get_front_page_template()` accordingly. Impact to current Themes is almost certainly minimal to none, for Themes that already properly use `front-page.php` and `home.php`." chipbennett 13 23709 Relax wildcard restrictions for populate_network() when installing in subdomain mode Upgrade/Install 3.5 normal normal enhancement assigned 2013-03-06T20:03:49Z 2019-06-04T21:08:25Z "I ran into the issue while trying to use wp-cli install-network command with --subdomains support. Underlying core issue is that populate_network is trying to check if wildcard subdomain is accessible. This makes sense for large networks, but might not work with certain setups, or not needed for small sites. Proposed solution is to add extra arg for populate_network() $wildcard_check with default to true. See attached patch" rinatkhaziev 11 23749 Post Format Archive Conditional Tag danielpataki has-patch Post Formats normal normal Future Release enhancement assigned 2013-03-12T20:27:04Z 2020-06-26T13:39:59Z "As far as I know there is no conditional tag for detecting when a post format archive is shown. I bumped into this problem while creating a theme for quick-blogging and realized that I couldn't create a menu (easily) and style the 'current' post format menu item differently. I will try and submit a diff if I can although I've never done it before so it may take me a while :) " danielpataki 12 23779 Can't insert large image if it's smaller than media setting but larger than theme setting dev-feedback Media 3.0 normal normal defect (bug) new 2013-03-15T00:47:08Z 2019-06-04T20:05:06Z "If you upload an image that is larger than $content_width but not larger than the ""large"" setting in settings->media, the option to insert a ""large"" image into the post isn't available even though the image is large enough. It looks like it must use $content_width as the actual width of the large image that's inserted, and the large_size_w setting to decide whether to show that option or not." aaroncampbell 12 23781 New Post Publishes to Wrong URL Permalinks 3.4.2 normal critical defect (bug) new 2013-03-15T04:59:52Z 2019-06-04T20:43:54Z "The ""Permalink"" displayed in the editor for new posts may be wrong, and changes (surprise!) when the Publish button is clicked. Steps to reproduce this: 1. Start typing a title in a new post. 1. Wait for an auto-save and Permalink to appear. 1. Make the title longer. 1. Type a post body. 1. Click Publish. Expected result: The new post should be published at the Permalink being displayed on the post editor. Actual result: A completely different permalink is generated based on the current title. The new page gets cached at the ""wrong"" URL before any changes can be made. General pandemonium ensues. Etc. (It's not a blocker bug, but it is so completely annoying!)" miqrogroove 6 23794 load_plugin_textdomain fails if plugin is loaded from mu-plugins close I18N 3.5.1 normal normal Awaiting Review enhancement assigned 2013-03-16T09:48:38Z 2024-02-28T16:43:40Z "load_plugin_textdomain is realative to WP_PLUGIN_DIR, so it fails to load localization files if plugin keeps them in its directory. The function should check if is called from mu-plugins and use WP_MUPLUGIN_DIR in that case. I can fix this in my own plugin by adding '../mu-lugins/' like this: {{{ load_plugin_textdomain( 'tiny_tribuna', false, '../mu-plugins/'.dirname( plugin_basename( __FILE__ ) ) . '/languages/'); }}} but this is not a good option for other plugins. " ideag 15 23805 wp_ajax_add_menu_item() closed to user-created menu item types has-patch Menus normal normal enhancement new 2013-03-18T01:41:52Z 2022-01-18T13:47:54Z "I'm building a new Menus meta box, that can add a new type of menu item, lets call it 'foobar'. The conditional inside `wp_ajax_add_menu_item()` is slightly off. It checks that the menu item type is not 'custom', then proceeds to assume that it's either post-type or taxonomy so it can do some DB look-ups and create an `$_object` variable which is then used. This means it's closed to other types of menu items. I've chosen 'foobar', so I can distinguish those items later on when walking through the front-end output." GaryJ 11 23845 Install new theme via FTP failed Filesystem API 3.5.1 normal normal defect (bug) new 2013-03-22T12:19:03Z 2019-06-04T19:44:34Z "New theme installation via FTP has failed when we specified custom FTP_BASE folder. If we try this theme installation , wordpress shows error message: ""Unable to locate WordPress theme directory"". This was because search_for_folder method do not respect FTP_BASE setting and allows to walking on parent directories. All solutions I found in google is ugly hacks who only mask the problem but does not resolved it I attached patch example who resolve this problem. I hope is useful and will help to repair this bug." Przemyslaw Plewa 4 23857 Delete User Should Delete Comments Users 3.5 normal normal enhancement new 2013-03-25T07:10:55Z 2019-06-05T06:39:10Z The delete user function should also delete that user's comments or attribute that users comments to the person specified. That way, deletion of accounts goes a lot smoother. jamcat22 3 23862 Clean up old WP->public_query_vars and WP->private_query_vars nacin has-patch Query normal normal defect (bug) reopened 2013-03-25T19:20:07Z 2022-11-30T23:45:05Z "There are some old non-working public_query_vars still in the WP class that should be cleaned up. * posts - broken 10 years ago http://core.trac.wordpress.org/changeset/182/trunk/blog.header.php * search - hasn’t done anything since wp_query was created * calendar - don’t see support since ‘b2’ * pb - don’t see support since ‘b2’ * static - only used in determining if is_page, though it no longer works correctly, added http://core.trac.wordpress.org/changeset/1527/trunk, but functionality was partially changed the next commit Also, since 'post_type' is now a public_query_var, it can be removed from the private_query_vars. " prettyboymp 7 23863 Post Formats: allow filtering content_width per format in wp-admin dev-feedback Post Formats normal normal defect (bug) new 2013-03-25T20:55:33Z 2019-06-04T20:43:59Z "On front-end a theme can filter {{{$content_width}}} like so: {{{ function twentythirteen_content_width() { if ( has_post_format( 'image' ) || has_post_format( 'video' ) ) { global $content_width; $content_width = 724; } } add_action( 'init', 'twentythirteen_content_width' ); }}} But ... functions called in wp-admin that use the global {{{$content_width}}} variable won't be changed. For example, using trunk and Twenty Thirteen theme: 1. Create a new post, set to Image post format 2. Click Add Media to insert an image 3. Upload an image at least 800 px wide 4. You'll see in ""Attachment Display Settings"" that width for the ""large"" size to insert to the post is 604 pixels and not 724. Also, even if detecting a Post Format this way worked correctly on edit, it wouldn't work on first post creation because of how the UI uses JS to switch between the formats." lancewillett 7 23866 WordPress xmlrpc wp_getPosts filter for slug dev-feedback XML-RPC 3.4 normal normal enhancement new 2013-03-26T20:09:31Z 2019-06-05T06:39:12Z "When using the Wordpress xmlrpc, it is sometimes very useful to get posts based off of slugs rather than post id. A use case for this would be synchronizing or migrating two Wordpress sites with the same posts, but with different databases and post ID's. " SunWaves 2 23867 add_rewrite_endpoint causes front-page.php template to be ignored reporter-feedback Rewrite Rules 3.5.1 normal normal defect (bug) new 2013-03-26T21:49:18Z 2019-06-04T21:08:27Z "I have a front-page.php template in my theme folder, as per the template hierarchy this is used regardless of whether I am showing posts or a page as the front page. However, when I add a rewrite endpoint (on the init hook), index.php is used for the front page template when I add my query var to the URL. It makes no difference if I set the front page to show posts or a page. If I do not add the query var, front-page.php is correctly used. i.e. http://domain.com correctly uses front-page.php, http://domain.com/nl wrongly uses index.php This happens whether I use EP_ALL or EP_ROOT as the places parameter. All other template files are fine, it's only the homepage with the problem as far as I can see." lumpysimon 9 23895 Max upload size 0 when post_max_size = 0 johnbillion dev-feedback Upload 3.5.1 normal normal Future Release defect (bug) reviewing 2013-03-29T15:01:32Z 2017-11-29T14:29:56Z "As a convention, post_max_size can be set to 0 to disable any limitation on max post size. Quote from php.ini: {{{ ; Maximum size of POST data that PHP will accept. ; Its value may be 0 to disable the limit. It is ignored if POST data reading ; is disabled through enable_post_data_reading. ; http://php.net/post-max-size }}} WordPress does not take this into account in wp-admin/includes/template.php " moscar09 5 23902 Classes set with nav_menu_css_class are not accessible in walker_nav_menu_start_el has-patch Menus 3.5.1 normal normal defect (bug) new 2013-03-29T20:46:33Z 2019-06-04T20:05:18Z "Hello, If you use the filter hook nav_menu_css_class to add classes to a menu item, those classes are not available in other menu filter hooks like walker_nav_menu_start_el. This can be found in the start_el function in wp-includes/nav-menu-template.php. I would think line 75: {{{ $class_names = join( ' ', apply_filters( 'nav_menu_css_class', array_filter( $classes ), $item, $args ) ); }}} Should merge those $class_names back into $item. Thanks" jamesmehorter 3 23909 Widgets settings loaded and instances registered unnecessarily Widgets 3.5.1 normal normal defect (bug) new 2013-03-30T16:02:05Z 2019-06-05T06:39:14Z "The settings for all registered multi-widgets get loaded with each request in `widgets_init`, and all widgets get registered even if they are never used (e.g. inactive ones). As the total number of inactive widgets tend to grow over time, the result is slower and slower page loads across all of a WordPress install. Ideally only the widgets returned by `wp_get_sidebars_widget()` would only get loaded and registered, though this would have an impact on how the widgets in the Customizer work." alex-ye 7 23915 discover_pingback_server_uri cases an error when discovery URI sets multiple Content-type headers dd32 needs-unit-tests Pings/Trackbacks 2.7 normal normal defect (bug) assigned 2013-04-01T14:25:25Z 2019-06-04T20:44:00Z "Line 1673 in wp-includes/comment.php uses preg_match() on the output of wp_remote_retrieve_header(). When multiple headers are set of the same name, wp_remote_retrieve_header() returns an array. Thus occasionally the following error occurs: PHP Warning: preg_match() expects parameter 2 to be string, array given in xxxxxxx/wp-includes/comment.php on line 1673 I have no idea how to make pingbacks happen so to reproduce, add this line to functions.php: discover_pingback_server_uri('http://localhost:8080/'); And in a terminal window run this (you may need to install the netcat-openbsd package in Debuntu): `while true; do echo -en 'HTTP/1.1 200 OK\r\nContent-type: text/html\r\nContent-type: text/plain\r\n\r\n' | nc -lp 8080; done` Then visit your WP installation and you shall get the aforementioned error message." tomdxw 4 23922 make_clickable() breaks when colon in hash Formatting normal normal defect (bug) new 2013-04-03T00:41:39Z 2019-06-04T19:44:36Z "`make_clickable()` doesn't like this string: {{{ <a href=""http://en.wikipedia.org/wiki/URI_scheme#tel:"">http://en.wikipedia.org/wiki/URI_scheme#tel:</a> }}} It results in this HTML: {{{ <a href=""http://en.wikipedia.org/wiki/URI_scheme#tel:""><a href=""http://en.wikipedia.org/wiki/URI_scheme#tel"" rel=""nofollow"">http://en.wikipedia.org/wiki/URI_scheme#tel</a>:</a> }}} Specifically it's the colon that is causing the issue. It can be a part of the URL too, it doesn't have to be a part of an anchor." Viper007Bond 5 23931 wp_insert_comment should require comment_post_ID close Comments 2.0 normal normal defect (bug) new 2013-04-03T18:41:58Z 2023-02-21T20:07:06Z "At this moment there is no check for example comment_post_ID. Not sure if there are more checks needed. Reason I asked are a few notices on the unit tests caused by WP_UnitTest_Factory_For_Comment. Those comments don't add a post ID what should change. Currently, if a null comment_post_ID is passed, the comment isn't connected to a post. This can create confusion. Also Unit tests should run with WP_Debug on." markoheijnen 14 23975 force_balance_tags in get_the_content breaks non-HTML formats Formatting 2.8 normal normal defect (bug) new 2013-04-07T10:05:44Z 2019-06-04T19:44:38Z "The change in r11398 (to fix #9765) breaks Markdown formatted articles that use angle bracket links: `<http://example.com/>` turning it into `<http: //example.com></http:>`. If we call force_balance_tags after adding the more link, we need to establish filter hooks for formatters. This should have happened before r11398 already, but because balancing tags wasn't forced, this issue has not affected sites that disable balancing tags in their preferences. Typically formatters attach to the `the_content` filter (among others). This should probably change into a `get_the_content` filter (similar to `get_the_excerpt`) that is called early on the full content of the post. I haven't yet decided where the best place for the new filter would, or if it would be better to undo the force_balance_tags call. Thoughts? I could work on the change, but would rather prefer some input first." ruckus 2 24026 No /themes/ folder causes strange behaviour Themes 3.1 normal normal defect (bug) new 2013-04-10T07:05:04Z 2019-06-04T21:08:29Z "I know, that it's a tricky behaviour, but the problem exists. 1. Unzip WordPress files to appropriate place 2. Go to /wp-content/ and delete /themes/ folder 3. Install WordPress using it's wizard (ignore error in Dashboard that no theme activated) 4. Go to Plugins page in admin area 5. Install BuddyPress (this plugin register the theme BP Default that is situated in plugin folder - '''this is very important''') 6. Activate BuddyPress and complete its wizard to make BP functional 7. Go to Themes page in wp-admin 8. You will now see BP Default Theme. Try to activate it 9. Ta-da! You've just unlocked a new badge for catching an error." slaFFik 4 24040 "Use ""posts"" instead of ""topics"" (in tagcloud tooltips)" close Taxonomy low normal Awaiting Review enhancement new 2013-04-11T01:56:36Z 2023-05-14T19:17:14Z "Hello, I suggest use ''post(s)'' instead of ''topic(s)'' [http://core.trac.wordpress.org/browser/trunk/wp-includes/category-template.php#L563 here]. ""Topics"" is very related to forums (bbPress), while ""Posts"" are more general term I think? Thanks" Dianakc 12 24131 Fix post previews for multisite with domain mapping has-patch Posts, Post Types normal normal defect (bug) new 2013-04-18T22:51:54Z 2019-06-04T20:44:05Z Currently when previewing latest changes we create a nonce in the admin, then redirect to the front-end and check that nonce on 'init' before showing the preview. This fails sometimes on multisite with domain mapping as they may use JS redirects to log the user in on the front-end. azaozz 9 24142 Zero value for posts_per_page value in wp_query custom instance and for 'Blog pages show at most' option SergeyBiryukov dev-feedback Query normal normal Future Release defect (bug) reviewing 2013-04-20T09:04:16Z 2024-02-18T16:12:32Z "To show no posts if the posts_per_page value is 0. Currently for custom instances of wp_query, if the value is 0 then this is changed with the value from posts_per_page option from the database. ""get_options( 'posts_per_page' )"" For home page if we set value 0 on the settings page, in wp-admin/options-reading.php, after the saves are changed, this value is changed to 1. I think for both cases if the posts per page value is 0 then no posts should not display. " alexvorn2 26 24143 When define('WP_CONTENT_DIR', 'your-dir') twentythirteen - The theme directory does not exist. needs-unit-tests Themes 3.4 normal normal defect (bug) reopened 2013-04-20T10:08:16Z 2021-04-20T06:02:42Z "If you use either of following in you wp-config.php you'd automatically get a Broken Themes. {{{ define('WP_CONTENT_DIR', 'your-dir'); define('WP_CONTENT_URL', 'your-url'); }}} The following themes are installed but incomplete. Themes must have a stylesheet and a template. Name Description twentythirteen The theme directory does not exist." azizur 16 24146 Menu items with blank labels are removed on saving SergeyBiryukov* dev-feedback Menus 3.5.1 normal normal Future Release defect (bug) accepted 2013-04-20T22:10:09Z 2019-12-22T16:49:36Z "Hello, When edit an item of menu leaving the label in blank, the item is auto deleted. There are two problems in that: 1. I could need an item with blank title to add some class with an background image 2. When this item has subitems with two or more depth, all subitems are moved to first depth loosing submenus hierarchy. Moreover if i try to drag the subitems to make the hierarchy again, after save, all subitems come back to first depth. While i not change the depth of first item this issue occurs again. Best regards" rodrigo@… 16 24152 Use JSON as alternative to CSS file headers Themes normal normal Awaiting Review feature request reopened 2013-04-21T19:06:42Z 2023-08-13T09:21:37Z Themes are [http://codex.wordpress.org/Child_Themes#How_to_Create_a_Child_Theme required] to include style.css for its header info. Plugins are [http://codex.wordpress.org/Writing_a_Plugin#File_Headers required] to contain header info in their main file. It makes more [http://en.wikipedia.org/wiki/Single_responsibility_principle sense] to store package info in [http://en.wikipedia.org/wiki/JSON JSON]. A filename like theme.json or plugin.json (or an all-encompassing wordpress.json) seems viable. When present, the JSON file would be favored over the headers. This would make it possible to have a theme without a style.css file. ryanve 25 24157 safecss_filter_attr doesn't allow rgb() in inline styles has-patch Formatting 2.8.1 normal normal Future Release defect (bug) assigned 2013-04-22T16:30:45Z 2022-09-11T18:47:17Z "I thought there should be a ticket somewhere, but I couldn't find it! So, `safecss_filter_attr` (which is used in `wp_kses` etc, does not allow inline styles that include rgba() etc, like his: {{{<span style=""background: rgb(0,0,0)""></span>}}} I am not sure if this is intended, though not sure why it would be, there is a comment in `safecss_filter_attr` {{{if ( preg_match( '%[\\(&=}]|/\*%', $css ) ) // remove any inline css containing \ ( & } = or comments}}} " joehoyle 11 24173 Unit tests: Support subdirectory multisite installs has-patch Networks and Sites normal normal defect (bug) new 2013-04-24T05:57:49Z 2019-06-04T20:05:22Z "I have unit tests set up at: localhost/wordpress-tests/ And have set: `define( 'WP_TESTS_MULTISITE', true );` However, currently, unit testing doesn't support subdirectory multisite installs. It fails when installing multisite. Attached patch addresses this and introduces a new constant called `'WP_TESTS_PATH'`. If this is set in `wp-tests-config.php`, this will make sure that PHPUnit can install WP for subdirectory multisite installs." r-a-y 13 24225 Improve regular expressions when matching attributes miqrogroove needs-unit-tests Formatting 3.6 normal normal enhancement assigned 2013-04-29T15:37:56Z 2019-06-04T19:44:41Z "When working with HTML attributes in various functions we use something like `[\'""](.+?)[\'""]` to match the attribute value. Although not used much in attribute values, such an approach breaks when a single or double quote is intentionally part of the value: * `attr=""val'ue""` * `attr='val""ue'` Some of these are new 3.6 functions, mostly around media." kovshenin 19 24241 Whitelist trackbacks/pingbacks from own site has-patch Pings/Trackbacks 3.5.1 normal normal enhancement new 2013-05-01T18:50:16Z 2019-06-04T20:44:10Z "Currently, if a user has only ""Comment author must have a previously approved comment"" selected in Settings->Discussion, pingbacks from their own blog are still held for moderation every time. Users would expect that, given those discussion settings, once they'd approved one self-ping, all future self-pings would appear without requiring moderation. There is a past ticket about this here: #999" eurello 3 24248 'guid' not properly escaped has-patch Posts, Post Types 2.5 normal normal defect (bug) new 2013-05-02T14:03:35Z 2022-10-04T20:12:24Z "Probably related issues: #18274 #19248 'guid' being saved in database not properly escaped, example: {{{http://www.wordpress.dev/?post_type=changeset&p=57}}} , see the ampersand encode {{{&}}} It supposed to be {{{&}}} or at least {{{&}}} Once 'auto-draft' saved, 'guid' is correct: {{{http://www.wordpress.dev/?post_type=changeset&p=57}}} Once post is saved as 'draft' or published (triggered 'update post' on auto-draft), 'guid' gets malformed. Source of issue: inappropriate usage of {{{get_post_field()}}} function in the {{{wp_insert_post()}}} {{{get_post_field()}}} defaults to 'display' context, we not specify context while obtaining field, and in the {{{wp_insert_post()}}} we are not going to display it anywhere, just get, check, and save again, correct? Attached patch adds the 'raw' context to usage of {{{get_post_field()}}} with 'guid' " meloniq 13 24251 Reconsider SVG inclusion to get_allowed_mime_types dev-feedback Upload normal normal Awaiting Review enhancement reopened 2013-05-02T19:36:57Z 2023-03-27T19:24:23Z "There are some who think SVG should be included in core as an allowed mime type. Makes fine enough sense to me, since there is a good argument for it, and we have support for WordPerfect documents...so there's that. Related: #20990" JustinSainton 98 24283 is_active_widget() incorrect logic dev-feedback Widgets normal normal defect (bug) new 2013-05-08T07:07:41Z 2019-06-05T06:39:17Z "`is_active_widget()` only returns 'true' only if widget used inside sidebar. But there is a provision to use widget directly using `the_widget()` function. I believe there is a need of alter the logic of just checking inside sidebars." valllabh 1 24284 is_multi_author() should query by specific post type and status needs-unit-tests General normal normal enhancement new 2013-05-08T08:18:58Z 2019-06-04T19:44:43Z "Current is_multi_author() function only checks by the 'post' post-type and 'publish' post-status.. I think the function should be able to query by custom-post-type and custom-post-status" alex-ye 2 24354 get_cat_id() fails with category names containing ampersand boonebgorges has-patch Taxonomy 3.5.1 normal normal defect (bug) assigned 2013-05-17T08:25:08Z 2019-06-04T21:08:36Z "{{{ echo get_cat_id('News'); results in 3 (as expected); echo get_cat_id('Test OtherName'); results in 8 (as expected); echo get_cat_id('Test&OtherName'); Results in 0 echo get_cat_id('News & Media'); Results in 0 }}} All the category names were created in the Category Edit page, category names were copied from the text box directly into the code to allow no formatting issues. I tracked the code to get_term_by and I think the ampersand in category name screws up possibly after being added into the prepared SQL statement. " Kenshino 12 24380 Missing Compression Parameter in WP_Image_Editor_GD wonderboymusic dev-feedback Media 3.5.1 normal normal enhancement reopened 2013-05-21T02:37:06Z 2019-10-05T10:24:33Z "Setting the image quality parameter has no effect on png files. Going through the wp-includes/class-wp-image-editor-gd.php I noticed that the compression parameter for the imagepng function call is missing. the current quality parameter only affects jpeg files. for jpeg, quality goes from 0->100 from bad to good for png, from 0->9 from good to bad. in the elseif block starting at line 337 i have added a variable called compression and changed the code as follow: {{{ elseif ( 'image/png' == $mime_type ) { // convert from full colors to index colors, like original PNG. if ( function_exists('imageistruecolor') && ! imageistruecolor( $image ) ) imagetruecolortopalette( $image, false, imagecolorstotal( $image ) ); $compression = -((9/100*$this->quality)-9); if ( ! $this->make_image( $filename, 'imagepng', array( $image, $filename, $compression ) ) ) return new WP_Error( 'image_save_error', __('Image Editor Save Failed') ); } }}} This convert the scale 0->100 into a 0->9 scale that matches the parameters from imaging. This gives back control to the user on image quality for png files..." MuViMoTV 39 24386 Make _pad_term_counts work for non-post type objects and attachments needs-unit-tests Taxonomy normal normal enhancement new 2013-05-22T18:23:31Z 2020-11-05T15:55:22Z "If you register a hierarchical taxonomy against a non-post object (such as users), or attachments that aren't associated with another post, _{{{pad_term_counts}}} does bubkus, due to the INNER JOIN on {{{$wpdb->posts}}}, and the check for 'publish' status (which is relevant for attachment post types). I'm suggesting an alternative approach would be to use $term->count, and eschew going back to the database altogether." TomAuger 5 24398 Bulk Deleting Sites from Network Admin, No Confirmation message has-patch Networks and Sites 3.1 normal normal defect (bug) new 2013-05-23T18:35:22Z 2019-06-04T20:05:31Z "When you delete a single site from /wp-admin/network/sites.php you're presented with the message ""You are about to delete the site SITENAME"" and you have to click ""confirm"" to complete the deletion of the site. However, if you bulk delete sites (selecting 2 or more sites) from the same location you are not presented with a confirmation message. Instead, the sites immediately delete. This can be quite hazardous, especially if you're expecting to see a confirmation message. " professor44 4 24411 New site email being sent despite registrationnotification set to no has-patch Networks and Sites 3.5.1 normal normal defect (bug) new 2013-05-24T14:34:06Z 2019-06-04T20:05:34Z "When a new site is created in wp-admin/network/site-new.php it sends an e-mail to the admin email address to say the site has been created (line 92 in WP 3.5.1). I had assumed that the registrationnotification setting in wp-admin/network/settings.php would control this but it sends the e-mail regardless of this setting. I believe that sending this email should respect the registrationnotification setting or a new configuration option should be added to prevent sending out these e-mails." tomk-m 1 24415 The 'show_in_admin_all_list' argument for the 'register_post_status' function is ignored when the argument 'public' is set to 'false' dev-feedback Posts, Post Types 3.5.1 normal normal defect (bug) new 2013-05-25T00:06:51Z 2023-05-24T16:08:16Z "Hello, I stumbled upon a bug in the admin section of WordPress. I'm currently running the latest release (3.5.1) without any third-party plugins. After creating some custom post statuses via the 'register_post_status' function, I noticed that posts with them do not appear in the default (all) post listing in the admin section, despite me setting the 'show_in_admin_all_list' argument to 'true'. I narrowed this problem down only to the 'public' argument of the same ('register_post_status') function: if the 'public' argument of custom post status is set to 'true', then everything works as expected and the posts with a custom post status appear in the default (all) post listing in the admin section — but this also makes posts with that custom post status appear to the regular users, making them public, hence the name of the argument. It's worth noting that the 'public' argument has no such buggy effect on the 'show_in_admin_status_list' argument of the same ('register_post_status') function: it doesn't matter to what the 'public' argument is set — the links to the appropriate post statuses are showed at the top of the post listing only based on the 'show_in_admin_status_list' argument, just like it should." XyntaMan 4 24430 inconsistent icon_dir/icon_dirs use in wp_mime_type_icon and wp_get_attachment_image_src has-patch Media 2.5 normal normal defect (bug) new 2013-05-27T04:33:52Z 2019-06-04T20:05:35Z "/wp-includes/post.php function wp_mime_type_icon allows for multiple icon image directories by applying the ""icon_dirs"" filter: {{{ if ( !is_array($icon_files) ) { $icon_dir = apply_filters( 'icon_dir', ABSPATH . WPINC . '/images/crystal' ); $icon_dir_uri = apply_filters( 'icon_dir_uri', includes_url('images/crystal') ); $dirs = apply_filters( 'icon_dirs', array($icon_dir => $icon_dir_uri) ); $icon_files = array(); while ( $dirs ) { ... }}} However, /wp-includes/media.php function wp_get_attachment_image_src does not apply the ""icon_dirs"" filter: {{{ if ( $icon && $src = wp_mime_type_icon($attachment_id) ) { $icon_dir = apply_filters( 'icon_dir', ABSPATH . WPINC . '/images/crystal' ); $src_file = $icon_dir . '/' . wp_basename($src); @list($width, $height) = getimagesize($src_file); } }}} The base filename is always combined with the default Wordress directory path and passed to getimagesize. This means that any additional directories will never be passed to getimagesize(), and an incorrect size or no size at all will be used for any icon image files not sourced from the WordPress default directory. " dglingren 7 24447 Avoid losing data after nonces expire iseulde early Administration normal major Future Release defect (bug) assigned 2013-05-29T07:55:35Z 2020-05-14T19:23:54Z "Happens when an admin page containing a form is left open for more than 24 hours and the user decides to submit the form. This is quite rare for most admin pages as the users typically spend short time there. However this can happen on the Edit Post screen too despite that we refresh the basic nonces every `wp_nonce_tick` (12 hours): - The user starts new post. - At some point the Internet connection is lost. - The user decides to finish later and puts the computer to sleep (closes the laptop, etc.). - The user decides to continue writing more than 24 hours after that. At this point all nonces have expired and cannot be updated as we've missed the previous nonce_tick update." azaozz 31 24465 Introduce filter for user password on registration dev-feedback Login and Registration normal normal enhancement new 2013-05-30T17:12:35Z 2020-08-12T14:17:39Z We should introduce a filter within {{{register_new_user}}} on the auto-generated password to make it easier for plugins to handle setting custom passwords. jfarthing84 2 24487 is_email() does not recognize IDN domains has-patch Formatting 3.5.1 normal minor Future Release defect (bug) new 2013-06-03T08:24:36Z 2021-04-28T09:58:52Z "Insufficient validation of the domain name in function is_email of wp-includes/formatting.php. !WordPress 3.5.1 > , including trunk. Test for invalid characters does not test Unicode symbols in international domain, such as Cyrillic domains and other Unicode domains." OlegCorner 7 24548 _wp_menu_item_classes_by_context assumes $queried_object->ancestors is an array dev-feedback Menus normal normal defect (bug) new 2013-06-09T19:08:16Z 2019-06-04T20:05:40Z "Recently, on a site using [http://wordpress.org/plugins/cpt-onomies/ CPT-onomies], I ran into an interesting error with _wp_menu_item_classes_by_context(). In this function, when setting the parent class, there is a large if statement that assumes that `$queried_object->ancestors` and `$possible_taxonomy_ancestors[ $parent_item->object ]` are arrays." wpsmith 4 24552 Taking over a locked post does not always load the most recent revision Autosave 3.6 normal major defect (bug) new 2013-06-10T10:33:44Z 2019-06-04T19:24:06Z "Steps to reproduce: 1. Open up a post for editing, and make some changes to it. Do not save the changes. 2. Open up the same post for editing using a different user account (in a different browser![1]) and click the 'Take over' button when you get the post lock modal. 3. Note that the post that loads is not the most recent autosave of the post, but equally importantly you are not shown the message stating this. 4. Reload the editing screen and you'll be presented with the ""There is an autosave of this post that is more recent than the version below."" message. Related: #23697 ---- ![1] The simplest way to do this is to use an Incognito browser window (and [http://wordpress.org/plugins/user-switching/ User Switching]) so you can be logged in as two accounts simultaneously. " johnbillion 3 24567 Add help to media modals dev-feedback Help/About 3.5 normal normal Awaiting Review enhancement new 2013-06-12T08:06:29Z 2023-03-12T18:17:27Z They are far from simple screens but there is no help available for them. mark-k 10 24572 Should be able to unlock a post outside of ajax handler dev-feedback Posts, Post Types normal normal enhancement new 2013-06-12T20:28:37Z 2019-06-04T20:44:25Z "Right now you can programmatically lock a post for editing using wp_set_post_lock, but you can't unlock it in a similar fashion. The only unlocking code is found in the ajax handler wp_ajax_wp_remove_post_lock. I've created a function wp_unset_post_lock in the style of wp_set_post_lock that unlocks a post with a given ID. I've also refactored wp_ajax_wp_remove_post_lock to use this function. The only resulting difference is that we use the current user's ID instead of the one supplied in the ajax call, but since we're unlocking the post instead of locking it, it doesn't really matter who's ID is in the meta. This change was requested by Joey Kudish of the VIP team." bbrooks 4 24579 Add Drag'n'Drop UI to plugin and theme manual uploaders Upgrade/Install normal normal Future Release enhancement new 2013-06-14T17:03:38Z 2023-12-18T16:24:54Z "We have this nice looking easy to use drag-n-drop UI for our media, is there anything stopping us from having it for our plugin and theme uploaders? I know most people use the search that goes through the .org repo, but it's foolish to think that's the only place people ever get their products. This would help facilitate a consistent user experience throughout the entire WP Admin. Edit: If possible, support multiple uploads too." tw2113 42 24672 Remove final from WP_Post class dev-feedback Posts, Post Types 3.5 normal normal Awaiting Review enhancement reopened 2013-07-02T03:48:03Z 2018-04-18T19:44:22Z "After discussing it with stephdau and reading through #21309, I think a discussion should be had on the validity of using the final keyword on the class. While I agree that a decorator pattern is probably best for building the class, there is still no reason for the keyword to be used. If someone wants to extend the class then they should be allowed to do so." carlalexander 23 24686 Introduce generic filter on transient return value johnbillion dev-feedback Cache API 2.8 normal normal Awaiting Review enhancement reviewing 2013-07-04T16:53:45Z 2021-06-07T09:59:39Z "The `get_transient()` and `get_site_transient()` functions have a filter on their return value, but the filter name contains the transient key: `transient_{$transient}`. This means it's not possible to hook into the return value for ''every'' transient in order to do something like logging transient hits and misses." johnbillion 10 24688 Memory exhaustion caused by very many unattached media has-patch Media 2.5 normal normal Future Release defect (bug) new 2013-07-04T18:20:09Z 2018-10-08T09:35:20Z "A blog with over 30,000 unattached images was exhausting available memory on unattached attachment pages. The exhaustion occurred in `previous_image_link() -> adjacent_image_link() -> get_children()` due to the large number of rows selected with `post_parent=0`. This is not the only place where `get_posts()` might be called with `post_parent=0`. A similar query appears in `twentythirteen_the_attached_image()` but the effect is wisely mitigated by `fields=ids`. Earlier, `twentyten/loop-attachment.php` called `get_children()` with `post_parent=0` on unattached image pages which is horribly inefficient when there are many unattached images. Attached patch depends on #24687. The change to `adjacent_image_link()` creates a MySQL query which selects only the desired row. This fixes the memory exhaustion error on the blog with 30,000 unattached images. The once-only filters would be unnecessary if WP_Query accepted arbitrary extra WHERE strings." andy 11 24689 Improve error wp-admin page chriscct7 has-patch Administration normal normal Awaiting Review enhancement reviewing 2013-07-04T19:45:38Z 2017-11-06T17:24:31Z """You do not have sufficient permissions to access this page."" this is the only content on the error page, It would be nice to have a link to a Dashboard page if the user is logged. Maybe we can integrate this error message into a wp-admin dashboard. " alexvorn2 10 24705 wp_link_pages() does not showing active current element dev-feedback Posts, Post Types 2.2 normal major Awaiting Review enhancement new 2013-07-07T22:19:44Z 2018-12-09T22:00:39Z "By full analogy of all wp functions, wp_link_pages must generate active class element too. {{{ 1 <a href=""/2"">2</a> <a href=""/3"">3</a> <a href=""/4"">4</a> }}} but should be {{{ <span class=""current"">1</span> <a href=""/2"">2</a> <a href=""/3"">3</a> <a href=""/4"">4</a> }}} " Alexufo 6 24712 Get errors from wp_oembed_get has-patch Embeds 3.5.2 low normal enhancement new 2013-07-08T19:23:44Z 2019-06-04T20:01:26Z "Would it be possible to add error collection to the oEmbed class? It would be more useful to provide a helpful error when a remote oEmbed source is not available rather than a generic ""there was an issue"". As an example, if you try to use wp_oembed_get() on a YouTube video that is not allowing embedding, plugins (and/or WP itself) would have the option of returning a specific error: ""The requested video doesn't not allow for embedding""." slushman 4 24713 Compression in load_styles.php does not always work, causing inability to use the admin Script Loader 3.5.2 normal normal defect (bug) new 2013-07-08T22:59:05Z 2019-06-04T21:08:47Z "I think this is quite important, because it sometimes prevents using wp-admin pages altogether. Server environment: Debian Linux 6.0.5, apache 2.4.2, mysql 5.5.27, php 5.4.5. I have discovered that sometimes my admin Console pages are not rendered properly, as though a style sheet is not loaded. This does not depend on a browser and client operating system. I tried IE, Firefox, Chrome, Opera, I tried client browser in Windows XP, Windows Vista, Android 4.1.2, and the problem could be seen in all these cases. The problem is random. Through some magick and without any special activity on my side, wp-admin pages sometimes stop working as described, and after 10 minutes it randomly fixes itself (or does not), again without any action on my side. Further investigation showed that when I manually try to open a link containing load-styles.php as referred to from the console page (I copy and paste the link including all GET request variables into a new browser window), then sometimes garbage is shown for the load-styles.php. Encoding is UTF-8 (I have added .htaccess just in case to make sure this is not an issue). But when garbage is shown, then admin pages do not work (their stylesheet obviously does not get loaded). When there is no garbage in load-styles.php (i.e. normal stylesheet, good visible text), then all is good. I had a faint idea that this was because I mechanically moved my site from one URL (approx. localhost) to a ""production-level"" URL (copied all files + database), I thought this could be related (even though I changed all URLs in Settings/General afterwards), but this did not hold water. So looked into load-styles.php and noticed there is some conditional content encoding out there. What I did I disabled this content encoding altogether like this: {{{ if ( $compress && ! ini_get('zlib.output_compression') && 'ob_gzhandler' != ini_get('output_handler') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) ) { header('Vary: Accept-Encoding'); // Handle proxies if ( false !== stripos($_SERVER['HTTP_ACCEPT_ENCODING'], 'deflate') && function_exists('gzdeflate') && ! $force_gzip ) { // header('Content-Encoding: deflate'); // $out = gzdeflate( $out, 3 ); } elseif ( false !== stripos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('gzencode') ) { // header('Content-Encoding: gzip'); // $out = gzencode( $out, 3 ); } } }}} and now everything works. All fine and all good, problem solved. No garbage anymore. Would please bother to disable this worse than useless content compression in load-styles.php for the time being before you find a solution that works for all? I believe I might be not the only one to experience these random issues with Console stylesheet. I expect that 99% of website admins have fast connections to manage their websites, and for those who do not, Opera Mini is still there and still working. And I also mean that the problem, once it shows up, is persistent, i.e. it does not disappear through a trivial full page reload (Ctrl-Shift-R in FF, for instance). If pages (stylesheet) stop working, then nothing helps: not clearing the browser cache, not restarting the browser, not starting a new instance of the browser, not starting another browser from another vendor. So the problem is not on the client side, it is on the server side." cfeet77 1 24722 get_post_statuses() and get_page_statuses() are hardcoded chriscct7 has-patch Posts, Post Types normal normal defect (bug) assigned 2013-07-10T10:46:10Z 2019-06-04T20:44:28Z "Despite the support for registering custom post/page statuses in core, both `get_post_statuses()` and `get_page_statuses()` are hardcoded. Both of these functions are only used in the XML-RPC API in core, however this may affect plugins. (Somewhat related to the editorial-flow component, although that's on hiatus at the moment.)" rmccue 5 24726 New filter hook for get_metadata() has-patch Options, Meta APIs normal normal enhancement new 2013-07-11T14:04:35Z 2019-06-04T20:44:32Z The `get_metadata()` function has one filter hook: `get_{$meta_type}_metadata`. While this filter can be used to override or short-circuit the return of `get_metadata()`, it can't easily be used to filter the meta value. In the options API, `get_option()` has two hooks: `pre_option_$option` and `option_$option`. The `get_{$meta_type}_metadata` corresponds to the former, but it would be useful to have something similar to `option_$option` that will filter the actual meta value. Maybe `get_{$meta_type}_metadata-{$meta_key}`? JD55 12 24766 Title attributes galore. They serve no useful purpose. sabernhardt* Administration normal normal Future Release task (blessed) accepted 2013-07-16T00:29:25Z 2024-02-14T19:05:13Z "This is a full list of methods, including what files they're from, where HTML title attributes are in use. The title attribute provides a tooltip on certain browsers. Other than that, it is essentially useless. As provided in WordPress, the title attribute is both redundant and useless, because in most cases, it is a complete duplicate of the link's text. Therefore the tooltip provided is of no value whatsoever. For users of assistive technologies, the title attribute is useless at best and sometimes an annoyance. Users of text-to-speech software who have configured their software to do so will hear the title attribute twice. Essentially the extensive use of title attributes throughout WordPress Core amounts to unnecessary code bloat. I recommend eliminating the title attributes from all of the methods below: {{{ // user.php wp_authenticate_username_password() // post-template.php wp_page_menu() wp_get_attachment_link() // media.php get_image_tag() // media-template.php wp_print_media_templates() // link-template.php edit_term_link() edit_post_link() edit_comment_link() edit_bookmark_link() get_adjacent_post_rel_link() the_shortlink() // default-widgets.php widget() // comment-template.php comments_popup_link() comment_form() // class-wp-theme.php markup_header() // class-wp-editor.php wp_fullscreen_html(). There is one title attribute here on what I think is a TinyMCE button. If that looks like a button, it should actually be a button. // class-wp-customize-section.php render() // category-template.php get_category_parents() get_the_category_list() wp_generate_tag_cloud() start_el() // bookmark-template.php _walk_bookmarks() // author-template.php get_the_author_link() the_author_posts_link() wp_list_authors() // rss.php wp_rss() get_rss() // general-template.php get_calendar() // class-wp-admin-bar.php _render_item() }}} * Note: Ignored: All Third party classes " karlgroves 61 24776 Need Filter Hooks on Creating Slug - Check Availability of Slug if That is Used for Post, Page, Taxonomy or any Plugin dev-feedback Permalinks normal normal Awaiting Review feature request new 2013-07-16T21:06:09Z 2022-02-14T05:01:30Z "I did not find any '''filter hook''' for choosing slug for any object. I have a plugin that creates its own URLs. eg. example.com/my-campaign . If someone hits on this url then he will see my plugin generated page. But if there is already a page ""'''My Campaign'''"" then WP is unable to show that page because that '''permalink''' already taken by my plugin. So Before creating my plugin slug I need to check '''WP posts, pages and taxonomies''' if any of those already used my slug. I also need to check Root directory of WordPress installation if there is a '''directory with same name''' of my slug. WP Core checks available slug in its own database and reserved words. But it doesn't check slugs those are used by any plugin. If there is a post name ""'''my-campaign'''"" then my plugin don't let to chose this slug but If my plugin took this before and user want create a page ""my-campaign"" then WordPress will take the same slug. And here is the main problem. In the same way my plugin is conflicting with other plugins. My plugin can check WordPress core slugs but not other plugins. ""'''Pretty Link'''"" is one of the most popular plugin. It also creates its own url. It also checks available slug in wordpres db but not in other plugin. Any plugin may have custom rewrite rule, then my plugin can not handle that. So I think we need a standard rule that will be followed by WordPress core and all plugins. I have three different plugins those need own slugs. I made a universal process that I am using in all of my plugins. I am explaining my process bellow. I am using a filter hook ''''onetarek_is_slug_available'''' all of my plugin use this filter before choosing a slug. MY CODES: {{{ <?php function otk_filter_available_slug( $slug, $id=false) { if($slug==false)return false; global $wpdb; #Check if this slug already being used for any posts, pages or categories $has_postname = $wpdb->get_var($wpdb->prepare(""SELECT post_name FROM {$wpdb->posts} WHERE post_name=%s LIMIT 1"",$slug)); $has_taxonomy = $wpdb->get_var($wpdb->prepare(""SELECT taxonomy FROM {$wpdb->term_taxonomy} WHERE taxonomy=%s LIMIT 1"",$slug)); if( $has_postname or $has_taxonomy )return false; #Check if any same named file or directory exists in the root of wordpress installation $root_directory = opendir(ABSPATH); $slug_lower=strtolower($slug); #we consider wp-content and Wp-ContENT and WP-CONTENT are same. while (($file = readdir($root_directory)) !== false) { $filename = strtolower($file); if($filename == $slug_lower) return false; } #Check same slug is exists in click jacker database. #if same slug exists and associate for given id then return slug . We allow this if($id){$id=intval($id);} if($id) { $SQL = $wpdb->prepare(""SELECT slug FROM "".CLICK_JACKER_CAMPAIGN_TABLE."" WHERE slug=%s AND id =%d"", $slug, $id); $has_slug = $wpdb->get_var($SQL); if( $has_slug == $slug ){return $slug;} } #if same slug exists and no id given then we don't accept this. $SQL = $wpdb->prepare(""SELECT slug FROM "".CLICK_JACKER_CAMPAIGN_TABLE."" WHERE slug=%s"", $slug); $has_slug = $wpdb->get_var($SQL); if( $has_slug == $slug )return false; return $slug; } add_filter('onetarek_is_slug_available', 'otk_filter_available_slug', 10, 2); ?> }}} I am calling above filter where I need {{{ <?php $campaign_slug='my-campaign'; $myslug=apply_filters('onetarek_is_slug_available', $campaign_slug); if($myslug) { #use $myslug } else { #chose another slug } ?> }}} My technique is limited. In my filter function I run 2 SQL query to check WP slugs , but that is limited. WordPress has reserved words also, those are not being checked in this process. And my other 2 plugins also run the same. Now if any website uses my 3 plugins then same process will be run 3 times and 6 SQL query will be run to check WP slugs. My function is unable to check the slug of ""Pretty Links"" plugin. But if '''WORDPRESS core''' would have a '''FILTER HOOK''' and run a function with this filter to check any kind of WP slugs then my plugins would search only its own database once. AND other plugin developer would attach a function with this filter. And they would check only their own database. Plugins don't need to check WP slugs because core function already fired with this FILTER HOOK. In the same way WP core should respect other plugin slugs and '''custom url rewrite rules'''. When WP check available slug for post, page, taxonomies then it should use this FILTER also. I THOUGHT THIS WAY BECAUSE I DON'T FIND ANY WAY. IF ANYTHING ALREADY EXISTS IN WP PLEASE LET ME KNOW. Regards Jahidul Islam (oneTarek) [http://onetarek.com] " onetarek 4 24780 Use error handlers rather than the error suppression operator Filesystem API normal normal Future Release defect (bug) new 2013-07-17T01:14:56Z 2023-09-07T09:39:17Z "In various places in core (and included libraries, such as pclzip, FTP and phpass), the error suppression operator is used to suppress warnings and notices. However, this also suppresses fatal errors, which makes it a huge pain for debugging. The big one here is `fopen`, where it is used to suppress warnings when opening a handle fails. For normal files, this is fine since the only errors generated are warnings. When using streams and custom stream handlers, these can generate errors which are really hard to find with this. (I ran into this with the App Engine plugin, where the SDK method generates a fatal error if the mode is `a`, which is used with error suppression in `win_is_writable()`.)" rmccue 8 24791 Map audio/video shortcode IDs on import Import normal normal task (blessed) new 2013-07-17T21:39:47Z 2019-06-04T20:05:43Z See #24458. nacin 24795 OS X Treatment has-patch Administration 3.6 normal trivial Future Release enhancement new 2013-07-18T15:54:01Z 2017-02-05T14:09:10Z "Just a minor annoyance. Certain things are inherently different about using a Mac over any other Operating system. Specific to my case is keymappings. While I suspect most Mac users are smart enough to read ""Ctrl + A"" and translate that to ""CMD + A"", we should be explicit when we can. This patch inrtroduces pluggable function is_osx() that is really basic. Sadly, relies on User Agents and so is inherently flawed, but mainly useful anyway. Using this function, the Permalinks Options screen uses Command A instead of CTRL A when .htaccess is not writable. A little thing but annoying enough to warrant a patch." technosailor 11 24815 get_the_post_thumbnail() fetches full sized image if 'post-thumbnail' custom size not defined in theme has-patch Media 2.9 normal normal defect (bug) new 2013-07-22T09:43:42Z 2019-06-04T20:05:46Z "In wp-includes/post-thumbnail-template.php the $size default value is set as 'post-thumbnail' in the following function: - get_the_post_thumbnail() '''Expected behaviour''' Expected behaviour would be to return the image at 'post-thumbnail' dimensions - however, if this is not set in the theme via: - set_post_thumbnail_size() function - add_image_size() function it returns the full sized sized image begin displayed. I'd expect this to return the image at standard 'thumbnail' size, as some people will just add add_theme_support( 'post-thumbnails' ) and not set (or even need) custom dimensions. '''Proposal and patch''' $size default value should default back to 'thumbnail' for normal expected function behaviour if 'post-thumbnail' specific dimensions have not been set. I'm not sure if it would be more efficient to test against the global variable that holds these values, or use get_intermediate_image_sizes() as I've used in the patch attached - 2nd opinion please?" Jonnyauk 5 24837 querying optimization for category AND searching has-patch Taxonomy 3.6 normal normal enhancement new 2013-07-25T15:28:20Z 2024-03-13T21:26:13Z "querying category with an AND for two term_id's plus having a 50,000 + posts site causes the query produced by get_sql in wp-includes/taxonomy.php to take excessive amount of time. On my site the current query in trunk takes 200 + seconds and the optimizes query takes 100 to 200 milliseconds. Sub selects in mysql are not optimized on the server very well. Example code to utilize query {{{ query_posts(array('category__and' => array($term0_id,$term1_id))); }}} affected code starts on line 724 of wp-includes/taxonomy.php Potential problems. 1. I simply added the temp table to the $join variable not knowing if this will cause problems on other queries 2. Clean up of the temporary tables may be needed after query is executed with a persistent connection but in my case they can be left there as mysql will garbage clean them after script disconnects. Attached is a patch to wp-includes/taxonomy.php " robertv123 17 24844 get_theme_mods doesn't return the theme customizer preview's new values. Customize 3.5.2 normal normal Future Release defect (bug) new 2013-07-26T13:41:52Z 2017-02-14T18:44:32Z "Using the theme customizer API, you can call get_theme_mod($option) to return the value for a specific theme option. In the case of the user interacting with the theme customizer, if they have changed an option, the theme customizer replaces the saved option with the previewed / new setting by hooking onto the {{{theme_mod_$name}}} filter applied in {{{get_theme_mod}}}. However, should the user need or desire to retrieve all theme mods at once, the filter is not applied, and the new settings are never injected into the saved settings array. There's a workaround to simply loop through the settings and manually apply the filter, but it would be better if {{{get_theme_mods}}} had an argument like {{{$use_filter}}} and could add the filter in the core functionality. {{{get_theme_mods}}} is in [source:tags/3.5.2/wp-includes/theme.php#L746 wp-includes/theme.php] on line 746. {{{get_theme_mod}}} is in [source:tags/3.5.2/wp-includes/theme.php#L776 wp-includes/theme.php] on line 776. {{{theme_mod_$name}}} filter is applied in [source:tags/3.5.2/wp-includes/theme.php#L780 wp-includes/theme.php] on lines 780 and 785. {{{ theme_mod_$name}}} filter is added in [source:tags/3.5.2/wp-includes/class-wp-customize-setting.php#L72 wp-includes/class-wp-customize-setting.php] on line 72." nessworthy 6 24846 Usage of a shortcode disables wpautop filter Formatting 3.6 normal normal defect (bug) reopened 2013-07-27T12:28:03Z 2019-06-04T19:44:48Z "In WP3.6 RC1 when I do this: {{{ Some text. Some text. Some text. Some text. Some text. Some text. Some text. }}} it works just fine. It creates a paragraph. But when I do this (both in ""Visual"" and ""Text"" editors): {{{ [symple_highlight color=""gray""]Some text[/symple_highlight]. Some text. Some text. Some text. Some text. Some text. Some text. }}} it doesn't wrap the text in anything. Paragraph is skipped. The plugin that was used: http://www.wpexplorer.com/symple-shortcodes/ (but I bet it isn't plugin's bug)." Looimaster 7 24853 Add endpoint support to CPT archives Rewrite Rules normal normal enhancement new 2013-07-28T19:25:06Z 2019-06-04T21:08:52Z #16303 aimed to introduce an endpoint mask for CPT archives. However, the way that CPT rewrite rules are set up means that there isn't actually support for endpoints. duck_ 2 24856 Authors widget to highlight authors has-patch Widgets 3.8 normal normal Future Release enhancement new 2013-07-28T20:31:03Z 2019-03-14T22:35:22Z "Add a new widget to display a grid or list of Authors in a widget. Linking to their published posts. This is slated for 3.8. Development will occur in a plugin first." lancewillett 20 24865 Allow plugins to hook into autosave and include field data from the autosave with the package. Autosave normal normal enhancement new 2013-07-28T22:55:43Z 2019-06-04T19:24:10Z "== Why? == Autosaves currently only save ""blessed"" data (post_title and post_description?). Plugin authors may want to add their own data in the autosave package so if they hook into `save_post` they can handle/save that data as needed. == How this works == Metaboxes are generated with an id already on the page. So what we do is add an extra parameter to the `add_meta_box()` function (`do_autosave` bool) so that when a plugin uses add_meta_box() they can set that flag. We set a javascript object that contains the ids of the metaboxes that have had that flag set and then `wp.autosave.getPostData` in `autosave.js` has been modified to loop through the metaboxes matching those ids and return the fields in those metaboxes as an object attached to the data param. Added a new jquery plugin (serializefullarray) as it will handle nested pseudo arrays set as the ""name"" values in inputs (i.e. somedata[one][two]) and create proper objects from them. " nerrad 12 24867 Feeds for custom posts type can not be set independently of has_archive and supports => comments nacin Posts, Post Types 3.8 normal normal defect (bug) assigned 2013-07-29T00:12:27Z 2019-06-04T20:44:35Z "I was testing the patch for ticket (Feeds or Feed - add_permastruct missunderstanding: #23302) and discovered a few things (I'm using trunk rev 19712). Turning of feeds for custom post types only works if supports feeds & has_archive are set to either false or true. If you, e.g. set the argument feeds in rewrite to true and has_archive to false then the rewrite rules for feeds do not get created (some happens of you switch true & false around in both arguments). This happens due to this condition in /wp-includes/post.php, line 1242: {{{ if ( ! isset( $args->rewrite['feeds'] ) OR ! $args->has_archive ) $args->rewrite['feeds'] = (bool) $args->has_archive; }}} Another problem I run into is that: With the patch for ticket (#23302) you can not enable/disable the comments feed independent of the main feed of the custom post type. It also does not get disabled if you do not enabled comments via supports. Rewrite rules for feeds seem to always get created. I've attached an example to showcase what I wrote above." marcosf 3 24879 Sourcemaps should be provided for use with minified javascript libraries dev-feedback Build/Test Tools normal normal Future Release enhancement new 2013-07-29T15:49:33Z 2017-02-19T10:42:42Z "Sourcemaps make it possible to debug minified files. Supported in Chrome: https://developers.google.com/chrome-developer-tools/docs/javascript-debugging#source-maps Landing in Firefox in v23: https://wiki.mozilla.org/DevTools/Features/SourceMap When this feature is enabled, the Chrome console currently shows a 404 when the script specifies a sourcemap file and it isn't found." jblz 12 24888 In image editor, cropping scale gets applied off by 0.4% Media 3.5 normal normal defect (bug) new 2013-07-30T13:55:51Z 2019-06-04T20:05:48Z "When you scale the crop preview, the editor does not keep the right ratio. To reproduce this error: - Upload an image with 4608 x 3072 - On the crop feature, create an selection with 1680 x 560 - Hold shift and scale to fit all image width (4608px) - The height result was 1544px, that is wrong, the correct is 1536px. " diegomarangoni 4 24907 Escape admin_url() when used for ajax_url in admin header has-patch Security 2.7 normal normal Awaiting Review defect (bug) reopened 2013-07-31T21:43:07Z 2019-06-04T13:51:37Z As `admin_url()` is filtered right before returning, it should be escaped when output for use as the ajax_url in the admin. jeremyfelt 5 24925 Improve no disk space error handling when updating plugins dev-feedback Filesystem API normal minor Awaiting Review enhancement new 2013-08-02T11:25:24Z 2021-07-20T23:02:17Z "I received the following uninformative error message when trying to update a plugin (roughly translated from Finnish): {{{ Error on updating BulletProof Security. Cannot create folder. /[WPDIR]/wp-content/upgrade/bulletproof-security.tmp. }}} The error was caused by not having enough disk space. The plugin update should check if that's the reason for the error and then display a more informative error message." Daedalon 2 24934 More flexible response reporting in wp-plupload.js Upload 3.6 normal normal Future Release enhancement assigned 2013-08-03T00:30:06Z 2019-05-15T21:13:41Z "The wp-plupload.js wrapper to the plupload library only returns server responses to bound callbacks in the case of a well formed error (the server responds with {{{ { success: false } }}}). Sometimes it may be useful to receive additional information from the server on ''successful'' upload. I have prepared a patch that allows for the {{{success}}} and {{{error}}} callbacks to receive server responses." ippetkov 4 24958 Large number of revisions cause memory exhaustion adamsilverstein dev-feedback Revisions 3.6 low normal Future Release defect (bug) assigned 2013-08-05T17:17:59Z 2021-05-06T11:20:18Z "This may be a edge case, but if you have a a large number of revisions, a number of things can break. Right now the post in question has about 1,055 revisions. Noticeably, two things are happening: Calling wp_update_post from a plugin fails with the following error: {{{PHP Fatal error: Allowed memory size of 41943040 bytes exhausted (tried to allocate 16384 bytes) in /path/wp-includes/wp-db.php on line 1228}}} Using the new revisions API to view earlier revisions returns ""Sorry, something went wrong. The requested comparison could not be loaded."" and the error log contains the same memory exhaustion error. I can seem to update from the post edit screen. This is happening with the latest stable of 3.6 and only began happening after an update, so I suspect it's something in the new revision core/api. I haven't had a huge amount of time to investigate but my guess is it's trying to load too much revision data at one time? Maybe it should only try to load X amount of revisions at once?" jshreve 17 24963 IIS Multisite, Suspected bug in web.config code for URL Rewrite (404 wp-login) has-patch Rewrite Rules 3.5 normal normal Future Release defect (bug) new 2013-08-06T06:17:40Z 2017-10-06T14:58:07Z "Hello. I believe I've found a bug in WordPress 3.52 and 3.6 (and possible older versions, but these are the versions I've used). I'm running a WordPress Multisite website in a Windows IIS environment (yes, I'm a minority!). The issue is with the web.config code which WordPress provides to configure the URL Rewrite module, specifically with rule 4: {{{ <rule name=""WordPress Rule 4"" stopProcessing=""true""> <match url=""^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*)"" ignoreCase=""false"" /> <action type=""Rewrite"" url=""'''{R:1}'''"" /> </rule> }}} I believe that the last line should say {R:2}, not {R:1}. With the web.config file configured as documented, I am unable to access the dashboard for any sub-sites, and no styling loads for the sub-sites either (presumably it cna't find it's CSS and other associated files). I've had this working without issues previously (last year), so I dug up an older web.config file. There were two differences. The first was that the newer file does not have a line referencing ms-files.php (I'm guessing it's been obsoleted), and the second change was that this rule used to say {R:2} (which works), while it now says {R:1}. WordPress provides the code for the web.config file in the Settings > Network Setup Page. Hope this helps :)." ShaunLeeClarke 19 24972 wp_dropdown_roles() multiple pre-selected options has-patch Users 3.6 normal normal Awaiting Review enhancement new 2013-08-06T18:24:31Z 2018-07-30T16:49:27Z "Hi, I would like to suggest a patch to wp_dropdown_roles() to enable multiple pre-selected options. Below you'll find the diff and the full featured function. I'm not sure whether Trac is the right place to put this. If not, please let me know how to procede {{{ diff -r e185f8cbbec5 wp-admin/includes/template.php --- a/wp-admin/includes/template.php Tue Aug 06 11:50:50 2013 +0100 +++ b/wp-admin/includes/template.php Tue Aug 06 19:11:37 2013 +0100 @@ -751,9 +751,19 @@ /** * Print out <option> html elements for role selectors * + * <code> + * // call with a single pre-selected option + * wp_dropdown_roles( 'editor' ): + * + * // call with multiple pre-selected options + * wp_dropdown_roles( array( 'editor', 'administrator' ) ): + * </code> + * * @since 2.1.0 * - * @param string $selected slug for the role that should be already selected + * @param string|array $selected list of role slugs that should be already + * selected + * @return string list of HTML <option> elements with user roles */ function wp_dropdown_roles( $selected = false ) { $p = ''; @@ -761,10 +771,14 @@ $editable_roles = get_editable_roles(); + // For backwards compatibility + if ( is_string($selected) ) + $selected = array( $selected ); + foreach ( $editable_roles as $role => $details ) { $name = translate_user_role($details['name'] ); - if ( $selected == $role ) // preselect specified role - $p = ""\n\t<option selected='selected' value='"" . esc_attr($role) . ""'>$name</option>""; + if ( is_array($selected) AND in_array($role,$selected) ) // preselect specified role + $p .= ""\n\t<option selected='selected' value='"" . esc_attr($role) . ""'>$name</option>""; else $r .= ""\n\t<option value='"" . esc_attr($role) . ""'>$name</option>""; } }}} {{{ /** * Print out <option> html elements for role selectors * * <code> * // call with a single pre-selected option * wp_dropdown_roles( 'editor' ): * * // call with multiple pre-selected options * wp_dropdown_roles( array( 'editor', 'administrator' ) ): * </code> * * @since 2.1.0 * * @param string|array $selected list of role slugs that should be already * selected * @return string list of HTML <option> elements with user roles */ function wp_dropdown_roles( $selected = false ) { $p = ''; $r = ''; $editable_roles = get_editable_roles(); // For backwards compatibility if ( is_string($selected) ) $selected = array( $selected ); foreach ( $editable_roles as $role => $details ) { $name = translate_user_role($details['name'] ); if ( is_array($selected) AND in_array($role,$selected) ) // preselect specified role $p .= ""\n\t<option selected='selected' value='"" . esc_attr($role) . ""'>$name</option>""; else $r .= ""\n\t<option value='"" . esc_attr($role) . ""'>$name</option>""; } echo $p . $r; } }}}" PauloASilva 15 24975 Scheduled Page on Menu showing before Schedule time chriscct7 has-patch Menus 3.6 normal normal defect (bug) reviewing 2013-08-07T02:23:55Z 2019-06-04T20:05:51Z "Hi all, I think I have found a bug. Wordpress 3.6 on Xampp server Scenario: I create a page (today) and schedule it (example tomorrow, 1 month, several months). When I go to Menus, the page is not in 'Most Recent' or 'View All' tabs. When I search by Page Title I can locate the page & add the page to the Menu. The page is now on the menu and set to schedule on the Dashboard. Should the page be showing on the menu when it is set to Schedule? Or should the 'Search' only search published pages?" nellyshark 8 24990 Nested Shortcode Inside [caption] needs-unit-tests Shortcodes 3.6 normal normal defect (bug) new 2013-08-08T09:38:06Z 2021-05-08T23:37:35Z "Nested shortcodes inside caption observation: {{{ [caption]<a href=""""><img alt=""[shortcode]"" title=""[shortcode]""></a> Caption Text [shortcode][/caption] }}} 1. shortcode inside alt and title processed. 2. Caption Text doesn't" prionkor 26 24995 Importer does not check to see if DOM is available Import 3.6 normal normal WordPress.org defect (bug) new 2013-08-08T20:55:34Z 2017-02-21T09:11:58Z "I have a WordPress network with many blogs. I exported a few posts from one blog (export file attached with some details sanitized). I then imported the posts into another blog. Not only does the import probably do nothing, the '''/''blogname''/wp-admin/import.php''' page stops rendering after: {{{ <h2>Import WordPress</h2> }}} That is, if you do a view source on the page, the above '''h2''' element is the last thing you see. Expected behavior: execution does not stop mid-page, and if there is an error, it is displayed for logged-in administrative users. I am logged in as a network administrator." novasource 5 25006 Display date pages from categories with permalinks close Permalinks normal normal feature request new 2013-08-10T00:46:10Z 2019-06-04T20:44:39Z "When permalinks are not set up we can view posts from a specific category from a specific year (date), but if the permalinks are set up we can view only date pages or category pages. This works: `site.com/?cat=1&m=201307` (works) This does not work: `site.com/category/uncategorized/2013/07` (does not work)" alexvorn2 2 25016 "XMLRPC method ""wp.getUsers"" not working correctly in Multisite" XML-RPC 3.5 normal normal defect (bug) assigned 2013-08-12T18:53:13Z 2019-06-05T06:39:20Z "Hi, I have been testing some functionality in our app which uses XMLRPC, and it appears that I've found a bug with how the ""wp.getUsers"" method works on WordPress.com blogs. Basically, the blog I'm testing this on has 3 administrators. Regardless of which one of those administrators' credentials I use, whenever we call the ""wp.getUsers"" method we ONLY get details for the SAME user back. So, if we have 3 admins ('admin1', 'admin2', 'admin2'), whenever 'admin1' queries for all users, they only get back 'admin1'. I also tried adding a different type of user, specifically an author, and then used any of the above-mentioned administrator credentials to try and retrieve info on that author, but nothing is returned. It should be noted that all the above functionality works as it should on self-hosted blog, just NOT on WordPress.com blogs. " dinomic 9 25021 Improve sanitize_title_with_dashes % removal has-patch Formatting 1.5 normal normal defect (bug) new 2013-08-13T11:45:00Z 2019-06-04T19:44:51Z "The current method of % removal involves placeholders to prevent stomping on escape sequences: {{{ // Preserve escaped octets. $title = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '---$1---', $title); // Remove percent signs that are not part of an octet. $title = str_replace('%', '', $title); // Restore octets. $title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title); }}} This leads to `sanitize_title_with_dashes('---aa---')` producing `%aa` instead of just `aa`. [2189]" duck_ 5 25037 XML-RPC : Can't remove all the categories from a post by using metaWeblog.editPost XML-RPC 3.6 normal normal defect (bug) assigned 2013-08-14T17:41:00Z 2019-06-05T06:39:22Z "Seems that you can't remove all the categories from a post by calling mw_editPost. I tried both passing an empty array, or skipping the entry 'categories', in the content struct, but none of them worked. The post still has the previous categories attached to it." daniloercoli 6 25060 Quick Edit Comments inline edit save breaks the alternating table row backgrounds helen has-patch Quick/Bulk Edit 3.1 normal normal Future Release defect (bug) assigned 2013-08-16T23:09:09Z 2019-03-14T22:30:24Z "Related: #24951 Related: #25059 When quick editing comments and saving the single_row method always uses the same classes ""even thread-even"". Additionally a css background color gets added to the table row inline. This patch fixes the class issues. Still need a patch for the background color." c3mdigital 12 25070 Add filter to use do_accordion_sections for post metaboxes dev-feedback Editor 3.6 normal normal enhancement new 2013-08-18T15:44:46Z 2019-06-04T19:24:15Z "It'd be really cool to be able to use the new do_accordion_sections to render post metaboxes. Adding a filter to allow devs to do that, will also make easier to render custom styles (tabs or whatever). Attached patch is a really quick proof of concept. " MZAWeb 5 25076 CSS issue with native video player and flash fallback on full screen wonderboymusic Media 3.6 normal minor defect (bug) assigned 2013-08-18T21:02:34Z 2019-06-04T20:05:52Z "Hi, I noticed there's a bug with the CSS and the new native video player introduced in v3.6. This is how it looks when not using full screen: [[Image(http://img11.imageshack.us/img11/1374/g0n.png)]] And this is how it looks when using full screen: [[Image(http://img823.imageshack.us/img823/7278/qna.png)]] It automatically changes the color of the bar. This is the shortcode I'm using to show the video: {{{ [video src=""video.mp4"" width=""640"" height=""360"" autoplay=""true"" loop=""true""] }}} I tested this on a fresh WP 3.6 installation with Twenty Thirteen theme. This is the CSS: {{{ .mejs-container, .mejs-embed, .mejs-embed body { background: #464646; } .mejs-controls .mejs-time-rail .mejs-time-loaded { background: #21759b; } .mejs-controls .mejs-time-rail .mejs-time-current { background: #d54e21; } .me-cannotplay { width: auto !important; } }}} I also tested it on a post and on a page, happens the same on both." leandroprz 10 25103 Submit buttons on form fields in the Add Media panel joedolson* Media 3.5 normal normal Future Release defect (bug) accepted 2013-08-20T21:23:11Z 2021-05-21T15:57:23Z "Splitting this out from #23561 There is no Go or Search button available to trigger the action for the search and filter input fields in the Add Media screen - both of which change the content of the panel below. For accessibility reasons the user should be in control of triggering the filtering." johnbillion 14 25106 web.config for multisite configurations on IIS7 needs-unit-tests Rewrite Rules 3.5 normal normal defect (bug) new 2013-08-21T00:43:28Z 2019-06-04T21:08:57Z "The code that WordPress gives me for the web.config is incorrect. I downloaded the new 3.6 and this issue happened. I found the issue and solved it but wanted to let you know of this error as not many people run multisites on IIS7. So the rewrite code that was the issues is the following and was Rule 2 {{{ <rule name=""WordPress Rule 2"" stopProcessing=""true""> <match url=""^wp-admin$"" ignoreCase=""false"" /> <action type=""Redirect"" url=""wp-admin/"" redirectType=""Permanent"" /> </rule> }}} what i can tell this is trying to do is if a user types in just ""domain.com/wp-admin"" that it would redirect them to ""domain.com/wp-admin/"" but the desired results did not happen. the above code would redirect you to ""domain.com/domain.com/wp-admin/"" which obviously would cause issues after the user logs in as the redirect_to would point to http://domain.com./domain.com/wp-admin/ which would cause an endless loop. To fix this problem you need to add a / to the beginning of the rewrite like so {{{ <rule name=""WordPress Rule 2"" stopProcessing=""true""> <match url=""^wp-admin$"" ignoreCase=""false"" /> <action type=""Redirect"" url=""/wp-admin/"" redirectType=""Permanent"" /> </rule> }}} that extra / before the wp-admin/ forces it to the root of the site.. now i am not sure what this would do to a site in a sub directory but im not in a sub directory so not an issue for me." mrevets 16 25108 is_email() function validates email with domain that just has 1 character after dot has-patch Formatting 3.6 normal normal defect (bug) new 2013-08-21T09:03:48Z 2019-06-04T19:44:52Z "is_email() function validates an email address that has domain name extension of just 1 character. I am not sure if there are any domains with just 1 character after. To Test I used below code: {{{ <?php if ( is_email( 'email@domain.c' ) ) { echo 'email address is valid.'; } ?> }}}" hchouhan 5 25113 non-latin CPT rewrite slugs fail `wp_safe_redirect` Posts, Post Types 3.6 normal normal defect (bug) new 2013-08-21T20:37:36Z 2019-06-04T20:44:40Z "If you localize your custom post type rewrite slugs in non-latin language and pass it to `wp_safe_redirect` it will strip all non-latin characters and attempt to redirect to stripped location. This can be easely reproduced if your custom post type supports comments and you submit a comment from post type single page as `wp_safe_redirect` is called after comment submission." entr 3 25117 The distribution build process should be fully available to anyone. has-patch Build/Test Tools normal normal Future Release feature request reopened 2013-08-22T14:36:33Z 2019-07-04T11:42:38Z "The wordress build environment for each version should be specified in enough detail for third parties to be able to run a build process and get the same distribution as generated by wordress.org. See discussion about maintaining and documenting the build environment in #24977" mark-k 10 25122 First nav menu automatically adds all pages (including sub pages) but doesn't preserve page hierarchy nacin Menus 3.6 normal normal enhancement reopened 2013-08-23T06:20:33Z 2020-10-20T04:59:46Z "When you first visit {{{/wp-admin/nav-menus.php}}} in WordPress 3.6, if you don't already have a menu defined it automatically creates a new menu with all published pages in the menu. On sites with many published pages and particularly sites with multiple levels of pages (child/parent pages), all of those pages are added as top level nav menu items. (After the first menu is created, subsequent new menu requests create empty menus with no menu items in them). The functionality was introduced in [23441]. Previous versions (such as 3.5) didn't automatically create a new menu. Instead, when the first nav menu is automatically created I think we should either: 1. only add all top level pages by default, or 2. add all pages (including sub pages) but preserve the page hierarchy into the nav menu. My preference would be option 1." jamescollins 14 25180 Make it possible to select only posts with comment_count > 0 Query 3.6 normal normal enhancement new 2013-08-29T17:03:00Z 2019-06-04T20:44:44Z May need this when #11398 goes in. wonderboymusic 3 25190 Improve name/pagename query variable mapping needs-unit-tests Query normal normal enhancement new 2013-08-30T08:12:13Z 2019-06-04T20:44:46Z `WP_Query` performs some mappings from custom query variables to `pagename` and `name` for custom post types. This could be improved so that `pagename` is not used for hierarchical post types when a top-level item has been requested. We could also do some mappings between `pagename` and `name` in case the incorrect query variable was used (see #16323). duck_ 1 25192 Leverage signup_id when working with $wpdb->signups Login and Registration normal normal enhancement new 2013-08-30T14:32:59Z 2019-06-04T20:06:00Z Followup to #15004 — we should leverage the new primary key where possible, when working with $wpdb->signups. nacin 2 25194 Filtered IIS rewrite rules not added to web.config has-patch Rewrite Rules 3.6 normal normal defect (bug) new 2013-08-30T16:13:20Z 2019-06-04T21:09:02Z "If using IIS and web.config, appending rules via the filter 'iis7_url_rewrite_rules' will not add the filtered content if a rule for 'wordpress' already exists in the web.config file. Expected behavior: Even after WP has added its rule to web.config we should be able to influence the rules content in the web.config via the filter. Steps to reproduce: 1. Use a system running IIS that supports rewriting in the web.config 2. Visit permalinks page so WP generates the 'wordpress' rule in the web.config 3. Add a filter to 'iis7_url_rewrite_rules' and append the following rule: '<rule name=""testrule"" stopProcessing=""true""><match url=""readme.html""/><action type=""Rewrite"" url=""foo.html""/></rule>' 4. Visit the permalinks page 5. Rule will not be appended to web.config file Correct behavior: 1. Repeat steps 1-3 above 4. Remove the 'wordpress' rule from web.config file 5. Visit permalinks page 6. Filtered rule text will be present in this case" pat@… 4 25219 DISALLOW_FILE_MODS shouldn't remove update notifications Upgrade/Install normal normal Future Release enhancement new 2013-09-02T20:09:11Z 2019-05-27T16:43:23Z "I think there are valid use cases where an admin would want to set `DISALLOW_FILE_MODS`, but still want to get the notifications when core/plugins/theme updates are available. Instead of using the built-in updater, some installs are setup to use svn:externals (or Git submodules) for updates, and others prefer to use wp-cli. In those cases, it's still very useful to get the notifications, because without them an admin has to remember to manually check for updated. That inevitably leads to situations where important security updates are missed for weeks or months, which makes the site vulnerable. I understand the logic behind removing the notifications -- because the admin can't actually take action on them through WordPress -- but I think that incorrectly assumes that the notices have no purpose if they can't be acted on from inside WordPress. The notifications are still very useful, even if the admin chooses a different method of actually installing the updates. My proposed solution is to introduce new meta capabilities for `view_core_updates`, `view_plugin_updates`, and `view_theme_updates`. This would add some granularity to the current approach, so we could distinguish between being able to ''know'' that updates are available, and being able to ''install'' them. The new meta caps would default to `manage_options`, so that all administrators could see them, regardless of `DISALLOW_FILE_MODS`. If that's undesirable, though, then they could map to their corresponding meta caps (`update_core`, etc) instead (and then be overridden via the `map_meta_cap` filter in order to enable the notifications)." iandunn 21 25293 Switch_to_blog not switching the siteid dev-feedback Networks and Sites 3.0 normal minor Future Release defect (bug) new 2013-09-12T09:11:20Z 2017-06-08T20:17:36Z "When having multiple network on multisite making the following: {{{ switch_to_blog(1); $options = get_site_option( 'my_option' ); restore_current_blog(); }}} The options retrieved are the options of the current siteid and not the siteid of the switched blog. One of the options is to make something like this : {{{ global $wpdb; // Get the previous siteid $previous_site_id = $wpdb->siteid; $previous_blog_id = $wpdb->blogid; // Go to site 1 switch_to_blog(1); // Set the blog siteid to 1 $wpdb->set_blog_id( 1, 1 ); // Get the options $options = get_site_option( 'my_option' ); restore_current_blog(); $wpdb->set_blog_id( $previous_blog_id , $previous_site_id ); }}} Or {{{ // Get the previous siteid $site_id = $wpdb->siteid; // Set the blog siteid to 1 $wpdb->set_blog_id( $wpdb->blogid, 1 ); // Get the options $options = get_site_option( 'my_options' ); $wpdb->set_blog_id( $wpdb->blogid , $site_id ); }}} The thing is that the switch_to_blog function does not specify the switched siteid on the method $wpdb->set_blog_id if the network is not the same as the current blog." Rahe 20 25333 Can't remove theme support for certain custom header arguments has-patch Customize 3.4 normal normal Awaiting Review defect (bug) new 2013-09-16T18:10:17Z 2017-02-14T18:44:16Z "While working on a ticket I tried to `remove_theme_support` the `custom-header` feature and add it back with a different default image, which did not work. Removing theme support *does* remove the feature array from the features global, but adding anything back resurrects the old values ignoring the new ones for: * header-text * height and width * default-text-color * default-image This seems to be happening because of the back-compat code that works with the older constants. It defines the constants if they were not defined, and uses the values next time `add_theme_support` is called, bringing back the values from the first call to `add_theme_support`. The workaround would be to not use `remove_theme_support` and instead call `add_theme_support` with the needed values *before* the call you're trying to override, which was sort of intended for child themes, because they run earlier, so this issue is far from major, but still lame. Run this during theme setup to reproduce: {{{ add_theme_support( 'custom-header', array( 'default-image' => '%s/foo.png', ) ); var_dump( get_theme_support( 'custom-header', 'default-image' ) ); // foo.png remove_theme_support( 'custom-header' ); add_theme_support( 'custom-header', array( 'default-image' => '%s/bar.png', ) ); var_dump( get_theme_support( 'custom-header', 'default-image' ) ); // expected bar.png but got foo.png }}} Excuse my debugging skills ;)" kovshenin 9 25338 Comments of password-protected posts should not be shown to logged-in users without edit capability Comments normal normal enhancement new 2013-09-17T02:30:31Z 2019-06-04T19:24:16Z "Currently, if an user creates a password-protected post, Authors and lower roles cannot view the post neither on the front end nor in the backend, unless it was their own post (or they have the password). However, they can see comments of those posts while viewing edit-comments.php. Suggested that comments of password-protected posts should not be displayed to users without ability to view/edit the post in the admin." kraftbj 2 25349 Can't retrieve calculated excerpt bound by <!--more--> on single page view has-patch Posts, Post Types 3.6.1 normal normal Future Release enhancement new 2013-09-18T05:22:53Z 2021-06-01T13:35:00Z "Submitting as Mr. Nacin suggested would be a good idea. The issue in words I understand is: when you use the_excerpt() on (for instance) a custom page template, it ignores the <!-- more --> comment that you might have carefully placed in your content. I would expect it to honor this, since that is kind of the point of that special comment. the_content() will honor it when used on non-single-pages, but in the case of a custom page template, the_content() will of course spit out the entirely of the content. Andrew gave me this code which does the trick: https://gist.github.com/nacin/ab97d4b0e57b169d26d5 but is apparently hacky and not for public consumption. This is my lame visual of where I was running into the issue: http://glui.me/?i=5bcy8yr99pl7xel/2013-09-17_at_4.28_PM_2x.png/ Also apparently I'm not the only one who's had this come up recently: https://twitter.com/ShaneHudson/status/380105193419186176" chriscoyier 18 25419 Add icon support for widgets on the admin page and customize screens dev-feedback Widgets 3.9 low minor Future Release enhancement new 2013-09-25T17:05:07Z 2018-03-05T20:34:27Z With the incorporation of live widget previews (widget customizer), an available widget browser is displayed which lists all widgets along with a dashicon for each. These icons should be incorporated into the widgets admin page now, as well. westonruter 13 25435 Introduce alternative to do_shortcode( '[shortcode]' ) rmccue has-patch Shortcodes normal normal Future Release feature request assigned 2013-09-28T20:47:26Z 2017-09-27T16:24:01Z "There are times when we want to call a shortcode programmatically. Currently, the easiest way to do this is `do_shortcode( '[shortcode]' )`. But that does lots of unnecessary work. A developer has two alternatives: 1. Manually search through the source and find the function that handles the shortcode, and call it directly. The only problem is that this doesn't offer a very forward-compatible solution, especially when the shortcode is being offered by a plugin. 1. Search through `$shortcode_tags` to find and call the function. That's more forward-compatible, but it kind of seems hacky. I'd like to request that we offer a core function that does number 2 rather than each developer having to implement it themselves. Example: {{{ call_shortcode_func( 'shortcode', $atts, $content ); }}} (We can change the name of the function.) Patch forthcoming." jdgrimes 31 25449 wp_upload_dir() doesn't support https has-patch Upload 3.8 normal major Future Release defect (bug) reopened 2013-09-30T13:11:15Z 2020-11-25T12:40:50Z "The wp_upload_dir() function does not support https. I have added a simple is_ssl() check and a string replacement to serve the correct URL type. '''Background behind what prompted me to write the patch:''' I read a blog post by Kaspars Dambis in which he discussed fixing this problem via his own plugin, but it seems to me that since WordPress outputting an incorrect URL, that it would make most sense to fix it there. http://kaspars.net/blog/wordpress/minit-plugin-ssl-https " ryanhellyer 34 25471 Allow wp_link_dialogue to open in contexts outside of the editor Editor 3.6.1 normal normal Future Release enhancement new 2013-10-02T22:35:38Z 2019-06-05T07:08:55Z "I use wp_link_dialogue within metaboxes to provide a nicer way for users to enter URL's. Its handy for say slideshows, or profiles that point to external sites. wp_link_dialogue works perfectly on pages where an editor instance exists, but on pages that don't have editor instances it fails due to wplink.js looking for the global wpActiveEditor var, which of course doesn't exist as there is no editor. Aside from the js error, invoking the dialogue on pages with no editor involves calling _WP_Editors::wp_link_dialog(); directly to output the required html which isn't ideal, or calling wp_editor and using css to hide it, which just seems lame. Ideally wp_link_dialogue should function independently of the editor. Approaches 1. Amend wplink.js to allow wpActiveEditor to be undefined and pass in a seperate value for textfield to the open method. Con is that wp_link_dialog() still has to be invoked with a call to _WP_Editors::wp_link_dialog() 2. Move wp_link_dialog into a seperate class, amend _WP_Editors to call this class and allow for a user defined textfield within wplink.js " we_tell 1 25493 Sorting posts in ascending order of date at admin side wonderboymusic Posts, Post Types 3.1 normal normal defect (bug) reopened 2013-10-06T08:57:14Z 2019-06-04T20:44:49Z Posts are displayed in descending order of date in the admin side but if we click on date column header to sort it then again it is sorted in descending order of date instead it should be sorted in ascending order of date. vinod dalvi 15 25582 Ping status always disabled when quick editing a post type that doesn't support trackbacks has-patch Pings/Trackbacks normal normal Awaiting Review defect (bug) new 2013-10-13T04:24:29Z 2022-08-04T20:03:51Z "There isn't much useful documentation for the ""trackbacks"" post type feature. I expected it to function similar to the ""comments"" feature, however, it appears to be for enabling the ""Send Trackback"" meta box on the edit screens. That being the case, it's currently being used to prevent the ""ping_status"" check box from displaying in quick edit and bulk edit if a post type doesn't have the trackback feature support, causing the ""ping_status"" to be closed whenever a page is edited in one of those modes. Steps to reproduce: 1. Display the ""Discussion"" meta box on a page and allow trackbacks, but disable comments and update. 2. Go back to the page list table and quick edit the same page (only the comments checkbox is available). Enable comments and save. 3. Visit the edit screen again and trackbacks have been disabled. Considering there aren't any instances in core where ""default_ping_status"" relies on a post type supporting the trackback feature, the ""ping_status"" checkbox should probably always be visible in quick edit and bulk edit modes." bradyvercher 2 25585 Arabic stopwords comparison needs-unit-tests I18N 3.7 normal normal Future Release enhancement reopened 2013-10-13T14:49:30Z 2024-02-28T16:39:42Z "WordPress uses simple string comparison in WP_Query->parse_search_terms() function, which is fine for many languages but Arabic need more than that to provide a really smart search! There are some chars need to removed before the string comparison, like: Hamza http://en.wikipedia.org/wiki/Hamza Diacritics http://en.wikipedia.org/wiki/Arabic_diacritics Tāʼ marbūṭah http://en.wikipedia.org/wiki/Taw If this cannot be in core, Could you at least add some filters to do it ?!" alex-ye 16 25616 Add a content length filter to wp_dashboard_recent_drafts() dev-feedback Administration normal normal enhancement new 2013-10-17T01:41:34Z 2019-06-04T19:24:26Z It would be nice to be able to change the length of the recent drafts content via a filter. The fixed value of 10 is too short for character count based users. tenpura 1 25644 strip_shortcodes always removes text between shortcode tags, should be optional dev-feedback Shortcodes 3.6.1 normal normal enhancement new 2013-10-20T19:24:40Z 2019-06-04T21:09:05Z "strip_shortcodes will always remove all of the content between shortcode tags. So, for example, if I have a shortcode tag which wraps a link or a style around some text the text is lost when the shortcode is removed. Example: ''Lorem ipsum [highlight]dolor[ /highlight] sit amet, consectetur adipisicing elit'' becomes ''Lorem ipsum sit amet, consectetur adipisicing elit'' It should become ''Lorem ipsum '''dolor''' sit amet, consectetur adipisicing elit'' Removing the content between shortcodes may often be desirable behaviour, but there should be some way to retain the content. The easiest way would be for strip_shortcodes() to take a second parameter which defaults to true to remove the content, but if it is false then it leaves the content between the tags Example change to wp-includes/shortcodes.php Before {{{ function strip_shortcodes( $content ) { global $shortcode_tags; if (empty($shortcode_tags) || !is_array($shortcode_tags)) return $content; $pattern = get_shortcode_regex(); return preg_replace_callback( ""/$pattern/s"", 'strip_shortcode_tag', $content ); } function strip_shortcode_tag( $m ) { // allow [[foo]] syntax for escaping a tag if ( $m[1] == '[' && $m[6] == ']' ) { return substr($m[0], 1, -1); } return $m[1] . $m[6]; } }}} After {{{ function strip_shortcodes( $content, $strip_between = true ) { global $shortcode_tags; if (empty($shortcode_tags) || !is_array($shortcode_tags)) return $content; $pattern = get_shortcode_regex(); if($strip_between==true) return preg_replace_callback( ""/$pattern/s"", 'strip_shortcode_tag', $content ); else return preg_replace_callback( ""/$pattern/s"", 'strip_shortcode_tag_notbetween', $content ); } function strip_shortcode_tag( $m ) { // allow [[foo]] syntax for escaping a tag if ( $m[1] == '[' && $m[6] == ']' ) { return substr($m[0], 1, -1); } return $m[1] . $m[6]; } function strip_shortcode_tag_notbetween( $m ) { // allow [[foo]] syntax for escaping a tag if ( $m[1] == '[' && $m[6] == ']' ) { return substr($m[0], 1, -1); } return $m[1] . $m[5] . $m[6]; } }}} It's probably possible to do this with slicker code, but this is fairly simple and works. An example of when this problem is encountered in the real world is with the [http://wordpress.org/plugins/rb-internal-links/ RB internal links plugin] being used in post content. When the post is displayed by the [http://wordpress.org/plugins/popular-widget/ popular widget plugin] any text which was internally linked is lost, leaving a snippet of the post which makes no sense to a human reader. For an example on a live site see the first entry under the '''Most popular (all time)''' section on the right hand side of [http://diymediahome.org DIY Media Home]" jonscaife 5 25648 plugin.php causes infinite loop and gigabytes of warning messages in error logs Plugins 3.6.1 normal normal defect (bug) reopened 2013-10-21T12:12:22Z 2019-06-04T20:45:02Z "We host several wordpress instances in a multi-user environment on our servers. Some installations cause regulary massive error log files with warnings like these: PHP Warning: next() expects parameter 1 to be array, boolean given in [...]/html/wordpress/wp-includes/plugin.php on line 408 PHP Warning: current() expects parameter 1 to be array, boolean given in [...]/html/wordpress/wp-includes/plugin.php on line 404 After some googling I found out, that this behaviour is known for more than 10 month. So, if you could fix that, that'd be great." ticktoo 19 25650 When switching between blogs, wp_upload_dir 'baseurl' and 'url' may be pointing to the current blog not the switched one has-patch Upload 3.6.1 normal normal Awaiting Review defect (bug) new 2013-10-21T14:36:08Z 2023-05-19T13:20:48Z "Only tested on subfolder multisite (I don't have a way to test on a subdomain install right now). It seems very similar to ticket #23483 but I'm not sure if it should be treated the same: Example with two blogs in a network: - www.mydomain.com/my-source-blog (ID:5) - www.mydomain.com/my-destination-blog (ID:15) I discover this while trying to move a post with images from a blog to another. The post is copied and images inside the post are copied too. Starting point: The current blog ID is 15 (my-destination-blog). I'm trying to get upload URLs from the current blog: {{{ switch_to_blog( 5 ); $source_upload_dir = wp_upload_dir(); $source_upload_baseurl = $source_upload_dir['baseurl']; restore_current_blog(); $destination_upload_dir = wp_upload_dir(); $destination_upload_baseurl = $destination_upload_dir ['baseurl']; }}} At this point, $source_upload_baseurl is: {{{ http://www.mydomain.com/my-destination-blog/wp-content/uploads/sites/5 }}} Where should be: {{{ http://www.mydomain.com/my-source-blog/wp-content/uploads/sites/5 }}} $destination_upload_baseurl is fine. It seems that if get_option( 'upload_url_path' ) returns false, wp_upload_dir() makes use of WP_CONTENT_URL constant that is set to the current blog URL at the beggining of the execution (in default-constants.php): {{{ define( 'WP_CONTENT_URL', get_option('siteurl') . '/wp-content'); }}} This value obviously does not change when switching a blog. " igmoweb 20 25666 Pass perpetrating $handle to enqueue_script's _doing_it_wrong() call Script Loader normal normal enhancement new 2013-10-22T21:15:03Z 2019-06-04T21:09:11Z So the debug message for enqueueing resources at the proper time is helpful, but finding out which one of a site's plugins or theme can be a tedious task. I suggest we pass the $handle that triggered the warning to the output, so we know exactly where to look (since it references back to wp-includes/functions.php). bigdawggi 4 25671 get_theme_mods does not have a filter reporter-feedback Themes normal normal enhancement new 2013-10-23T15:38:08Z 2019-06-04T21:09:15Z "I am making use of the Theme Modifications API for the first time and using it to store theme customisation options controlled via the theme customiser. I hit an issue when previewing customisation changes using the refresh transport. The theme modifications functions are not aware of the `$_POST'd` changes coming from the theme customiser. Let's say a user has changed a heading colour from red to blue and not yet hit save. The `get_theme_mod('heading_colour')` function is still returning red in the preview panel. This bug does not overly concern me (it may be that way by design) but to get around it it would be handy to be able to filter get_theme_mods (see patch). For now I have gone higher up in the API and used a filter on `get_option`: {{{ add_filter( 'option_theme_mods_' . $theme_slug) }}}" scottsweb 10 25693 blog_charset should be checked for null values Charset 3.8 normal major defect (bug) new 2013-10-25T04:10:29Z 2019-06-04T19:24:29Z "We've encountered an error wherein a blog in a multisite network's `blog_charset` was nuked. This led to posts entered from the editor (visual and text) having random bits eaten. This was particularly pronounced when using text copied from Word documents. This is related to #23688, I think. It seems as though PHP 5.4 makes some weird assumptions when you have a blank/null charset. Suggest we check for null values and fall back to, say, UTF-8 if none is found. @grantlandram, @dkotter and I found this one under duress." ZaMoose 7 25696 Double clicking update on list table inline edit removes row from dom has-patch Quick/Bulk Edit 3.1 normal normal Future Release defect (bug) assigned 2013-10-25T10:09:29Z 2018-10-12T15:31:29Z "**Steps to reproduce: ** Open ""Quick Edit"" -> Save the category(or tag) by double-click on save-button. ( or press twice ). **Expected behaviour:** Save the category(or tag) , and refresh the table-row. **Actual behaviour:** Save the category(or tag), But disappear the table-row." mt8.biz 20 25714 Notices with translation upgrade Upgrade/Install 3.7 normal normal defect (bug) new 2013-10-26T15:51:56Z 2019-06-04T21:09:22Z "Hello, There are some php notices when WordPress tries to upgrade translations if the file does not exist. As a result, the upgrade fails. {{{ Warning: copy(/volume1/web/screenfeed/wp-content/languages/themes/twentyeleven-fr_FR.po): failed to open stream: Permission denied in /volume1/web/screenfeed/wp-admin/includes/class-wp-filesystem-direct.php on line 217 }}} In this case, these are the upgrades for TwentyTen and TwentyEleven: while the themes exist in the folder ''wp-content/themes'', the .po and .mo files in the folder ''wp-content/languages/themes'' don't. Regards. Greg" GregLone 8 25741 Broken WP_Filesystem methods Filesystem API normal normal defect (bug) new 2013-10-28T03:18:03Z 2019-06-04T19:44:55Z "The following methods of WP_Filesystem do not work as intended, as they're called with absolute paths, and fail to find those absolute paths within the relative paths returned from the listing functions: * WP_Filesystem_FTPext * owner() * getchmod() * group() * WP_Filesystem_ftpsockets * owner() * getchmod() * group() It's worth noting that the following FTP methods are available but don't actually hit the filesystem, and are just there to match the `WP_Filesystem_Direct` methods: * is_readable() * is_writable() * atime() * touch() Attached is a patch I had locally from during 3.7 development, not thoughly tested, I believe WP_Filesystem_FTPext::owner() at least needs extra work. The patch also removes the above methods from the FTP classes and relies upon the `WP_Filesystem_Base` versions - as a result, the is_writable() and is_readable() methods changed to assume things are readable/writable." dd32 1 25748 Delay when sending many images to the editor Media 3.7 normal normal defect (bug) new 2013-10-28T17:04:23Z 2019-06-04T20:06:13Z "Clicking the ""insert into post"" button after uploading many images can result in a really long delay before the image markup is added to the editor. Here is an example on my local installation: http://screencast.com/t/ja8cqXyHSw So you can imagine that the same issue on a remote server could result in a painfully long delay (I've seen it take 30+ seconds). It looks like the cause of the delay is in the individual post request that happens for each image when sending them to the editor. What is the purpose of these requests? Isn't all the data needed to send the image markup to the editor available to the javascript when the button is clicked? If not, and those requests have to happen in their current form, there should be some sort of ""loading..."" indicator on the editor screen letting the user know something is happening, because currently the assumption would be that the insertion failed. And regarding the likelihood of someone inserting that number of images into a single post, photographers will regularly upload 30, 40, 50 or more images to a post after a shoot." matthewdietsche 2 25765 Directory of users, listing with the role Users normal normal enhancement new 2013-10-30T00:35:07Z 2019-06-05T06:39:33Z It took me a list of users, with a large site with many levels to know what are administrators, a simple list and still continue seeing the other functions. valeriosza 4 25769 import vs DISALLOW_FILE_MODS has-patch Import 3.7.1 normal normal Awaiting Review defect (bug) new 2013-10-30T11:08:21Z 2017-02-05T14:30:45Z "When DISALLOW_FILE_MODS is set to true, you cannot install an importer from the plugin repo. Visiting Tools / Import yields the following screen: {{{ If you have posts or comments in another system, WordPress can import those into this site. To get started, choose a system to import from below: No importers are available. }}} That first line should be changed to explain that file mods are disabled and that the plugins must be installed manually. Better yet, the list should point to the relevant plugins in the repo and highlight that they need to be installed accordingly. " Denis-de-Bernardy 4 25777 Two update nags shown in multisite if all blogs aren't updated before the next release has-patch Upgrade/Install 3.6.1 normal minor defect (bug) new 2013-10-30T19:24:46Z 2019-06-04T21:09:24Z "On a multisite install, the user can be shown two update nags (see attached screenshot). As you can see, one nag is asking the user to update to the latest version, while the other is asking them to upgrade their other sites. This happens on a site on the network that the user updated, but didn't update all of the other sites on the network. If the other sites don't get updated before the next release, they will be shown both nags. The first nag is being shown by the `update_nag()` function ([http://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/update.php#L198 /wp-admin/includes/update.php#L198]), the second by `site_admin_notice()` ([http://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/ms.php#L606 /wp-admin/includes/ms.php#L606])." jdgrimes 3 25785 Unexpected Paragraph Formatting Within a Div Container needs-unit-tests Formatting 3.7 normal normal defect (bug) new 2013-10-31T02:01:15Z 2019-06-04T19:44:59Z "Though HTML mode in WordPress allows for the user to add in their own CSS styling and HTML content formatting if necessary, its normal behavior also makes it auto-format paragraph breaks without the user's input of paragraph tags. This is EXPECTED behavior. I have discovered that in this specific manner of formatting when writing a post or page (note the LACK of spacing between the div tag and the content and the multiple paragraphs): {{{ <div>Insert FIRST PARAGRAPH here. Insert SECOND PARAGRAPH here.</div> }}} The end result (both visually and looking at the source code) is that there is a MISSING opening paragraph tag at the beginning of the first paragraph right after the opening div tag. IF the user adds their own spacing between the divs and the content, paragraph formatting with happen on its own, but if the user doesn't add in the spacing and starts the paragraphed content right after the div like in the example above, the first paragraph tag isn't automatically added in. For a screenshot of the end result source code that is generated (with the missing opening paragraph tag), please see the attached file. Cheers!" EMG 3 25787 wp_page_menu function is very inefficient has-patch Posts, Post Types 3.7.1 normal major enhancement new 2013-10-31T13:28:11Z 2019-06-04T20:45:05Z "I use wp_page_menu() to build my site's primary menu. The MySQL query this creates, selects all the columns from the wp_posts table. One of these columns is '''post_content'''. This means that when I create a menu, I am pulling massive amounts of data (the body text) from the DB which I will never (or very unlikely to) use. This adds a massive overhead which is killing my bandwidth. Through my own investigations I have found that a menu can be built using only these columns from wp_posts {{{ ID, menu_order, post_title, post_name, post_parent, post_type }}} This is much more efficient, but I do not feel I know the WordPress code base well enough to contribute to the core." whawker 3 25798 Certain single CPT items result in 404 since 3.7 needs-unit-tests Posts, Post Types 3.7 normal normal defect (bug) new 2013-11-01T14:58:10Z 2019-06-04T20:45:08Z "Related: #25749 The changes in [25182] to the query_var mapping of hierarchical post types have broken single permalinks in some cases, when Permalink setting is set to ""Post name"". To reproduce: 1. Register a post type as follows: {{{ register_post_type( 'bbg_test', array( // ... 'hierarchical' => true, 'public' => true, 'rewrite' => true, // any value other than false 'query_var' => false, // ... ) ); }}} 2. Set permalink settings to ""Post name"" (and flush) 3. Create a new post of the type above, and attempt to visit at the url `http://example.com/bbg_test/foo` (or whatever). Result: 404. 4. Change to any other permalink setting. Result: page loads as expected. Cause: When the CPT is registered with `'rewrite'` other than `false`, it passes the test at http://core.trac.wordpress.org/browser/tags/3.7/src/wp-includes/post.php#L1275. When it's hierarchical, it passes the test at line 1293. When, because `'query_var'` is set to `false`, the rewrite tag set on line 1294 is of the form 'post_type=bbg_test&pagename=foo' (instead of 'bbg_test=foo'). Then, when an item is loaded, during `WP::parse_request()`, it passes the `preg_match()` test here http://core.trac.wordpress.org/browser/tags/3.7/src/wp-includes/class-wp.php#L198, but a page (ie, an item with `post_type` 'page') is not found by `get_page_by_path()`, and as a result the correct rewrite rule is not matched. As noted, this is a regression in 3.7 [25182], before which `preg_match( '/pagename=\$matches...` wouldn't have matched. Obviously it's an edge case that (a) a post type is hierarchical AND has query_var set to false, and also (b) permalinks are set to ""Post name"", but it is a change in behavior that broke one of my plugins, and has been a bit of a bear to track down :) I'm going to set `query_var` to true for my purposes (no harm done on my end) but that may not be possible for others." boonebgorges 3 25819 """ms_files_rewriting"" site option is not created during upgrades" Upgrade/Install 3.5 normal normal defect (bug) new 2013-11-04T20:04:24Z 2019-06-04T21:09:27Z "While testing an upgrade for a MU era multisite install from 3.1.4 -> 3.6.1 I discovered that the ""ms_files_rewriting"" site option was not being created. The attempt in `upgrade_network()`... {{{ if ( $wp_current_db_version < 21823 ) update_site_option( 'ms_files_rewriting', '1' ); } }}} ... is failing. I believe this has gone unnoticed since the default value is forced to `true` in wp-includes/ms-default-filters.php: {{{ // If the network upgrade hasn't run yet, assume ms-files.php rewriting is used. add_filter( 'default_site_option_ms_files_rewriting', '__return_true' ); }}} " gradyetc 4 25820 [embed] shortcode can't be escaped like others Shortcodes normal minor defect (bug) new 2013-11-04T21:36:58Z 2019-06-04T21:09:30Z "WordPress allows the use of double brackets to escape shortcodes, so that entering `[[foo]]` in your page or post displays `[foo]`. This works great for most shortcodes, and is used in the following way on enclosed shortcodes: `[[foo]Hello![/foo]]` However, this feature fails when trying to use it with core's 'embed' shortcode. To replicate: Enter the following in a page or post: `[[embed]http://www.youtube.com/watch?v=YLO7tCdBVrA[/embed]]` What I expect to see: `[embed]http://www.youtube.com/watch?v=YLO7tCdBVrA[/embed]` What I really see: `(null)` (Apologies for the weird mix of [, ], and special characters here. had a hard time with getting the markup to render as I wanted.)" MadtownLems 9 25840 Feature Request: WP_ACCESSIBLE_HOSTS as option has-patch HTTP API 3.7.1 normal normal Future Release enhancement new 2013-11-05T21:46:14Z 2020-09-16T17:40:10Z "Currently WP_ACCESSIBLE_HOSTS is defined as a constant. It would be great if this is a wordpress option (or something equivalent) so you can change it at runtime. If you have a multisite installation and need to add domains to the whitelist you must reload the whole installation to enable them. Writing a simple plugin for this is also not possible since constants can not be redefined. My suggestion: 1) Store a site_option for mutlisites. This should contain a general whitelist for all blogs 2) Store a option per blog to contain additional whitelists for this single blog 3) Make it configurable via the admin interface (single textbox to enter the domains) 4) In the block_request function (https://github.com/WordPress/WordPress/blob/master/wp-includes/class-http.php#L507) the 2 options should be merged and handled like the constant This way you could manage the whitelist at runtime. What do you think about this? Chris" xFireFartx 13 25851 post_content lost when inserting Posts with large base64-encoded images Formatting 3.8 low critical defect (bug) new 2013-11-06T18:15:11Z 2019-06-04T20:01:31Z "post_content will be silently blanked-out during a wp_insert_post() call that contains large base64-encoded images within Post HTML content. I've found the source of this problem to be the wp_pre_kses_less_than() function. In the scenario described above, the call to preg_replace_callback() fails, causing a NULL to be returned from wp_pre_kses_less_than(), instead of a string. In this case preg_replace_callback() returns NULL because of a PREG_BACKTRACK_LIMIT_ERROR. The error can be worked around by setting a higher pcre.backtrack_limit in php.ini, but I still consider this to be a bug because the wp_pre_kses_less_than() should at least emit a warning to the debug.log informing someone that there was an internal PHP error (silent in this case, regardless of error_reporting settings). Beyond this, the function should check the return value of preg_replace_callback(), and if it is NULL, perhaps consider returning the original string as it was passed by the caller, so the caller does not end up with unexpectedly empty post_content. Another option would be to look in to tweaking the regex so that it does need exceed the default resources as configured by pcre.backtrack_limit, which is 100000 by default. More info: http://www.php.net/manual/en/pcre.configuration.php#ini.pcre.backtrack-limit I have attached a file that shows how to re-produce this bug. Run the file via WP-CLI like so: wp eval-file wp_pre_kses_less_than_bug_repro.php I'm setting the Severity of this bug to critical, since it results in unexpected data loss." ctayloroomphinc 2 25856 debug of wpautop function with Unit Tests Formatting 3.8 normal normal enhancement new 2013-11-07T03:04:23Z 2019-06-04T19:45:03Z "== Cleanup / Refactor of wpautop function == Upon review of the WordPress Trac needs-unit-test filter I saw that the wpautop function was needing both cleanup and unit tests. I have created a comprehensive test suite for the function that covers in my opinion the full breadth of use cases for the function. During this process I have been working on modifying the wpautop function to resolve out open defects and remove ''fix'' code that was placed to resolve an issue without resolving the underlying cause of the error. I've attached the following files for support of the changes. ''autop-20622.out'' --> OUTPUT from running the unit tests against current code base (revision 20622) ''autop-diff.out'' --> OUTPUT from running the unit test against modififed wpautop function as given in the diff. ''Autop.diff'' --> diff of changes made to the Autop test class :: Unit Tests ''formatting.diff'' --> diff of changes made to the formatting.php function file :: wpautop changes ''As a note I've added a trim call to the end of wpautop as it was always appending a new line, which I did not think was needed. This causes a good amount of test cases to fail as the expected output is not containing the additional new line given by current implementation.'' ---- == Enhancements / Fixes to wpautop function == 1. Corrected core logic to identify when double new lines wrap open or close block element tags due to nested block level elements. Original Logic adds \n\n before open tags and \n\n after close tags which allows for output of <p><div> TEXT</p> that is not correct, and had several patches implemented to attempt to fix. *Fixes :: Formatting of Lists, Nested Lists, orphaned <p> tags 2. Added logic to not add <br/>tags after comments 3. Added logic to not convert \n for svg, math, style, select or script codes 4. Added logic to not format audio, video or object elements. This is implemented as the elements are in-line but can contain block level content for displaying in browsers that don't support the HTML5 elements. 5. case insensitive recognition of block tags 6. inclusion of variable re-naming as outlined in #25516 ---- == Overview of Tickets reviewed and covered by the Unit Tests == Ticket : Current Status : Summary #6877 : Closed : large posts causes empty return #3476 : Closed : Improper formatting of Object elements, additional <br/> and no ending </p> #3669 : Closed : Don't insert <p> tags inside of block elements that only contain inline elements/text #6809 : Closed : wpautop correctly handles auto <p> of basic text #11024 : Closed : Incorrect handling of div tags with nested inline tags #1305 : Closed : Handling of <code> blocks> #1706 : Closed : <p> tags with attributes introduce additional <br/> #2285 : Closed : Strip excessive <br /> in content #2813 : Closed : <br> elements added instead of <br /> #3007 : Closed : Spacing of text in block elments reveals improper handling of nested elements #3035 : Closed : Extra <br/> tags introduced in Object tags. #3238 : Closed : Dangling <p> tags, no closing #3621 : Closed : Don't format new lines in Script and Object tags #3854 : Closed : Don't format new lines in Script and Style tags #3935 : Closed (wf) : Erroneous </p> tags added to the content '''has fix''' #3952 : Closed : Don't autop hr tags #5250 : OPEN : incorrect handling of lists + nested Lists '''has fix''' #7937 : Closed : incorrect handling of inline tags #7988 : Closed (wf) : incorrect handling of nested tags '''has fix''' #8644 : Closed : HTML5 block elements #10033 : OPEN : autop does not handle Comments '''has fix''' *also contains wptexturize details that I am not sure are fully closed out. #11257 : Closed : autop errors out on large content #11678 : OPEN : autop does not recognize upper tags '''has fix''' #13340 : OPEN : nested MATH tag handling '''has fix''' #2833 : OPEN : No formating Style and Script tags '''has fix''' #4298 : Accepted : handling of tags with attributes on new lines '''fix already existed''' #3833 : OPEN : incorrect </p> tags in block elements (explicitly blockquote) '''has fix''' #6041 : Closed : incorrect handling of DL lists and DT,DD elements #9437 : OPEN : dont modify SVG content '''has fix''' #10247 : Closed : no new lines in Video, Audio, Source #4857 : OPEN : incorrect autop logic '''has fix''' #15918 : OPEN : incorrect handling of nested tags '''has fix''' #16456 : Closed : input is not block level #3054 : Closed : input is not block level #16790 : Reviewing : functional specifications '''can close''' #18534 : Closed : noscript are block level #20444 : OPEN : Single line handling (nested block level issue) '''has fix''' #18136 : OPEN : extra </p> tags being added due to white space '''has fix''' #23135 : OPEN : block element filter '''close as won't fix''' #18807 : Closed : samp is not block level #25516 : OPEN : variable name changes '''changes included''' #9305 : Closed : handling of empty content #6218 : Closed : handling of empty content #11947 : Closed : no formating of select options '''has fix''' #12335 : Closed : HTML5 Block Elements == Tickets concerning ShortCode handling == Ticket : Current Status #12061 : OPEN #6984 : OPEN #21689 : OPEN #24085 : OPEN #24846 : OPEN ''Currently the wpautop function does not concern itself with shortcodes. I suggest that 12061 remain open as a future enhancement and that other tickets can be closed referending 12061 unless there is issues with '''shortcode_unatop''' or other functions used.'' == Tickets Reviewed but Ignored/ Not Tested/ Duplicate == '''Ticket''' : '''Current Status''' : '''Summary''' #11249 : Closed : standalone function #10490 : Closed : Duplicate of #10082 #9218 : Closed : Duplicate of #4298 #19934 : Closed : Duplicate of #16456 #18330 : Rejected : Enhancement #18514 : Rejected : Enhancement #23858 : Closed : Duplicate of #18807 #23375 : Closed : Duplicate of #18807 " mdbitz 19 25872 WXR export tool generates XML which is not well-formed Export 3.7.1 normal normal defect (bug) new 2013-11-07T21:41:11Z 2019-06-04T19:45:08Z "1. Paste a form feed character (aka \f or U+000C) into a post 2. Tools > Export > Download Export File 3. Validate the exported file (i.e. xmlstarlet validate --well-formed ~/Downloads/test.wordpress.2013-11-07.xml) The resulting file is not well-formed XML because WordPress has failed to strip characters which are not allowed by the XML specification ( http://www.w3.org/TR/REC-xml/#charsets )." tomdxw 3 25886 Sortable items gets stuck when dragging over TinyMCE Editor normal normal Awaiting Review defect (bug) new 2013-11-08T22:37:45Z 2020-11-24T06:09:01Z "When dragging a metabox over an active TinyMCE instance in a post/page edit screen, the metabox can get ""stuck"" (i.e., it stopping moving with the mouse). This only happens with TinyMCE and not the ""Text"" textarea. '''To reproduce:''' 1. Uninstall plugins 1. Install a default theme (I used Twenty Thirteen) 1. Go to ''Pages > Add New'' 1. If it is not activated already, click the ""Visual"" tab to activate the TinyMCE instance 1. Grab the featured image metabox to activate the sortable (i.e., drag and drop) functionality 1. Move the box over the TinyMCE area 1. Continual movement over the area will cause it to get stuck The following screen grab shows how the cursor separates from the metabox as it gets stuck: [[Image(http://f.cl.ly/items/0j2s0f2f2D3M2e393P3K/Screen%20Shot%202013-11-08%20at%202.33.36%20PM.png)]] It's kinda hard to understand it with that image, so here's a movie that shows the issue: http://f.cl.ly/items/1B151E3N0i3j092Z062m/broken-drag-and-drop.mov I have tested this in Safari, Firefox, and Chrome on OS X. All browsers produce the same issue. The issue persists with MP6 as well." tollmanz 5 25899 Adding mediaelement CSS links outside of head tags breaks HTML5 validation has-patch Media 3.6 normal minor defect (bug) new 2013-11-09T18:15:34Z 2019-06-04T20:06:17Z "Medialement CSS links are added by default outside of the head element. It seems to come from /wp-includes/class.wp-styles.php: {{{ function do_footer_items() { // HTML 5 allows styles in the body, grab late enqueued items and output them in the footer. $this->do_items(false, 1); return $this->done; } }}} Indeed style elements are allowed in the body in HTML5, provided it is a '''style''' element - not link element - and provided it has the scoped attribute. See http://www.w3.org/TR/2011/WD-html5-author-20110705/the-style-element.html#the-style-element Here are the medialements genetared tags in the body: {{{ <link rel='stylesheet' id='mediaelement-css' href='http://mydomain/wp-includes/js/mediaelement/mediaelementplayer.min.css?ver=2.13.0' type='text/css' media='all' /> <link rel='stylesheet' id='wp-mediaelement-css' href='http://mydomain/wp-includes/js/mediaelement/wp-mediaelement.css?ver=3.7.1' type='text/css' media='all' /> }}} But this breaks W3C's HTML5 validation. According to http://www.w3.org/TR/2011/WD-html5-author-20110705/the-link-element.html : Link elements must be used in metadata content. According to http://www.whatwg.org/specs/web-apps/current-work/multipage/semantics.html#the-link-element : If the rel attribute is used, the element is restricted to the head element. When used with the itemprop attribute, the element can be used both in the head element and in the body of the page, subject to the constraints of the microdata model. " AlphaK 9 25927 Remove the theme information from style.css and add a theme manifest file dev-feedback Themes 3.7.1 normal normal feature request reopened 2013-11-12T17:31:31Z 2019-06-04T21:09:32Z "Currently the metadata related to a theme is store in a comment at the top of style.css. I argue this is not a clean separation of concerns, yes .css files can contain semantic information to help the reader navigate the file, but using it to store metadata is bad practice. I propose creating a theme manifest file that sits at the root of the theme directory and contains all the metadata related to the theme that's currently at the top of style.css, things like the name, author, etc. but it could also contain a file list for the theme with a few lines about the files usage. Externalising the metadata and adding more contextual information will greatly improve developers ability to hack on top of others themes and understand their rationale for certain decisions." jolyonruss 8 25939 add_options_page(..., 'options.php') and 1000 vars limit SergeyBiryukov dev-feedback Administration normal normal Awaiting Review defect (bug) reviewing 2013-11-13T15:00:43Z 2023-03-08T16:36:53Z "(Related to the discussion in #14134) There is a ""common knowledge"" in the wilderness, suggesting having this for seeing all options at once, and I guess many admins have that enabled: {{{ add_options_page('All Settings', 'All Settings', 'administrator', 'options.php'); }}} At some point, the list grows to more than 1,000 variables, and: {{{ PHP Warning: Unknown: Input variables exceeded 1000. To increase the limit change max_input_vars in php.ini. in Unknown on line 0 }}} The '''option table is corrupted''' then. In the best scenario, the tail of the table is occupied with transients. The worst - real settings. ''(having a separate table for transients sounds like a good idea to me, BTW) '' '''Now, to the point: the ""All Settings"" panel should NOT have the [Save] button. It must be read-only. ''' Alternatively - AJAX save, similar to phpMyAdmin - for each option separately. " tivnet 4 26050 Continual Admin Page POST (HeartBeats?) Can Cause SQL Connection Issues Administration 3.6 normal normal defect (bug) new 2013-11-15T19:14:10Z 2019-06-04T19:24:36Z "The admin pages (/wp-admin/widget.php, /wp-admin/index.php, etc..) will continually POST to admin-ajax.php ever 2.5-3 min. If multiple admin pages are open for long periods of time(ex. over night) the SQL Connections associated with the POSTs will begin to progressively have longer sleep times. I have seen MYSQL Connecitons Sleep upwards of 45 seconds from these POSTs. This ultimately cause my Server/Account to be shutdown by my host due to the long sleep time taking up connections for no reason. I wouldn't expect the Connections to progressively sleep longer. I was surprised to find that the pages were Sending POSTs even when they were not being used(before I knew about the heartbeat api). Is this the expected experience/results? Should there be a sleep setting on these POSTs to stop after a given time frame? Or can all of these be rolled into 1 POST? To Reproduce: Open up the following in their own tabs: /wp-admin/widgets.php, /wp-admin/index.php, /wp-admin/theme.php, /wp-admin/theme-edit.php, /wp-admin/plugins.php, /wp-admin/post.php Verify they are making post requests ever 2.5-3min, I use Tamper Data add-on for firefox, but fiddler or any other http collector will do. In MYSQL watch the connections by using the command: show full processlist; run the SQL command as soon as you see the POST occur in tamper data or fiddler. Notice the Sleep and time is 0 for the POST request. you might not see it in the process list at first since it is so quick. Once POSTs are occuring ever few min and MySQL is setup to view processes/connections leave the pages open over night. Then test again in the morning by viewing the processlist once you see a POST submitted. It usually easiest to see when post are submitted around the same time. You will notice the sleep time has increased and you will also notice that the response times for the POSTs have increased. I reproduced this on twenty-thirteen theme with all plugins deactivated and using firefox." optimized-marketing.com 16 26056 Database is not upgraded in multisite if loopback is disabled Upgrade/Install 3.0 normal major defect (bug) new 2013-11-15T21:17:06Z 2021-07-25T09:22:20Z "If on a server that disables loopback connections (like several shared hosting companies have implemented) when attempting to upgrade a WordPress Multisite the database is never upgraded from the normal upgrade process. The normal upgrade process fails on the Network Upgrade wp_remote_get call with {{{ Warning! Problem updating http://domain/subsite. Your server may not be able to connect to sites running on it. Error message: couldn't connect to host }}} The intent seems to be that logging in to the site(s) would fix it as the help on the Upgrade Network page (/network/upgrade.php?action=upgrade) says {{{ If this process fails for any reason, users logging in to their sites will force the same update. }}} but although logging in attempts the update, that also fails (but silently) as it also fails on the wp_remote_get. There's nothing that indicates the database version is out of step with the code and so no prompt. At least manually going to /wp-admin/upgrade.php and all /subsite/wp-admin/upgrade.php does fix it. To replicate: 1) Get a server where loopback is disabled (or perhaps simulate it using the pre_http_request filter) 2) Install multisite using WP 3.0 3) Create a subsite 4) Upgrade to latest WP version using the link in the admin 5) Check the database version in the wp_options, wp_x_options table - or use this code to add the version into dashboard rightnow {{{ add_action('rightnow_end','dbversion'); function dbversion(){ $dbv = get_option('db_version'); echo ""DB Version: $dbv""; } }}} 6) Log in/out to main site and subsite - database version remains at the old level 7) Manually visit the /subsite/wp-admin/upgrade.php page and upgrade it's database. The subsite db version will now be correct, but the main site will not until /wp-admin/upgrade.php is also visited" creativeinfusion 6 26112 Available widgets drag-and-drop causes trouble on touch devices Widgets normal normal enhancement new 2013-11-19T15:57:32Z 2019-06-05T06:39:35Z "Now that we have click-to-add for available widgets, I think it makes sense to disable the drag-and-drop for available widgets on touch devices. The interaction tends to cause troubles on touch devices when you intend to scroll through the list of widgets, and instead initiate the draggable. Since active and inactive widgets don't have any alternative for reordering, we can keep the draggable interaction there on touch devices — but maybe we should think of a new way of reordering these widgets without requiring drag-and-drop." shaunandrews 2 26113 Create a WordPress-specific, dependable reference to the WP-bundled jQuery object. Script Loader normal normal defect (bug) new 2013-11-19T16:46:11Z 2019-06-04T21:09:37Z "When enqueueing jQuery for use on the front end of a site in a plugin or theme, a common concern is that the theme or another plugin has injected its own version of jQuery (probably an older version). This causes no end of support headaches for me as a plugin author. I've recently taken drastic measures in one of my plugins: I'm hooking in to `wp_enqueue_scripts` at -9999 and starting a buffer, then collecting it at `wp_head` 9999. I'm looking for the WP-included jQuery script tag, and then inserting this immediately after it: `<script>jQueryWP = jQuery;</script>` Then in my JS, I do: {{{ ;(function (w) { var jQ = w.jQueryWP || w.jQuery; // my jQuery code here, using jQ })(window); }}} I think that having a dependable reference to WP's jQuery object would be quite useful. One way to solve it would be to just add the line to our copy of jQuery. But that will cause issues with people who use well-behaved CDN plugins to swap out WP's jQuery for a Google-hosted copy of jQuery (note: THE SAME VERSION). So maybe a better way to do it would be to create a way to append inline JS code immediately after the inclusion of a particular script handle. We could then do what I'm doing in my plugin, but without the nasty PHP output buffers. " markjaquith 2 26135 Running get_space_used() on multisite can be dangerously slow on large installs Filesystem API 3.5 normal normal defect (bug) new 2013-11-21T03:23:17Z 2019-06-04T19:45:09Z "We're finally upgraded off 3.4 after a few frustrating attempts at an upgrade. You see, we have almost an exact replica staging environment — database, caching, etc. — and everything worked fine when we tested the upgrade on it. But then, trying to push the upgrade live things kept timing out inexplicably. We got a few false flag errors, and were pulling our hair out, until we finally realized the one thing that isn't replicated on staging: our media. Turns out, running get_dirsize() on a few hundred gigs worth of media can take a little while. Starting in 3.4, that function is called anytime the media options are included, and even with caching it could read the assets as often as once an hour. I understand why this is done, but I also think running filesize() on every file in a WordPress install can cause some scary situations. The filter added in #21181 is a great enhancement, but I still think WordPress could be more proactive to avoid some potentially crippling scenarios. A few options: * For new installs, make upload usage tracking opt-in for network admins rather than opt-out. I'd be interested to see stats from the WordPress survey, but anecdotally most of the people using networks are more enterprise than creating open hosting networks. The option to turn off tracking requires serious digging and may not be apparent to admins if the scanning causes problems. * Run a timer in recurse_dirsize() and kill the function if time > x seconds, then disable size checks and alert the network admin. Could be helpful for network admins to track inefficient file systems. * Do an initial size scan and store it in the options table, then increment the option during file upload (or delete). WordPress already stores term counts in the term_taxonomy table, and it's worth discussing how precise the storage scan really needs to be. And, you could always revert using a filter. Related: #19879" wpdavis 2 26195 Deleting users asks for reassigning posts even when there is no post/comment dev-feedback Users 3.7.1 normal normal enhancement new 2013-11-24T14:35:55Z 2019-06-05T06:39:36Z "When deleting a single user or bulk deleting users, the confirmation page asks what should be done with the posts of the user. However, this question should not be displayed, if the sum of the posts of these user(s) is 0. Then, the delete button should become immediately active. This change would make deletion safer, as ""real"" users would be less likely to be deleted in error. Recommended user interface: - No posts present: ""This user/these users have no post"", followed by an active ""delete users"" button - Posts present: ""This user/theses users have a total of [number] posts"", followed by the current delete/assign query. " MarcelWaldvogel 5 26247 Importer fails when importing from a server on a private network Import normal normal WordPress.org defect (bug) new 2013-11-25T22:18:00Z 2018-03-02T17:08:23Z "WordPress import (using the wordpress-importer plugin) does not work correctly if both machines are on the same private network. Text content imports, but all media imports fail. I have traced the problem down to a test that is done in wp-includes/http.php. Though i am not deeply familiar with the WordPress code base, the test seems unnecessary to me, and if it is commented out then the import function will behave as expected. I have included a patch against WordPress 3.6.1 that demonstrates where the problematic test is and resolves the issue." dramaley 2 26268 Add UI to Category page to indicate default category helen has-patch Taxonomy 4.8 normal normal Future Release enhancement reviewing 2013-11-26T16:25:15Z 2019-05-06T17:34:15Z "Currently, the default category is set in Settings->Writing and it only indicated on the Category page (Posts->Categories) via the lack of a checkbox to delete. 1. Add a visual indicator on the Categories page to indicate the default category. 2. Add an option to change the default on the Categories page. " kraftbj 39 26311 Updated (responsive) Tools -> Export admin screen Export 3.8 normal normal Awaiting Review enhancement new 2013-11-29T05:02:40Z 2019-02-26T02:25:27Z "Updated Tools -> Export admin screen Switched from un-ordered lists based html to tables based HTML based on Permalinks admin screen. ''No javascript was harmed in this patch...'' " netweb 7 26317 Ad filter for changing the 'New Site Created' email sent to site's admin email has-patch Mail 3.0 normal normal Future Release enhancement new 2013-11-29T11:59:53Z 2020-09-16T19:44:21Z "While doing my WordPress work, I found the need of disable all the WordPress Multisite notification emails that are sent to the administrator. But one mail keep being sent: ""[Sitename] New Site Created"". I decided to analyse the core's code, and found that the email was being sent on line 91, of wp-admin/network/site-new.php, and there was no filter to disable it (it was just a wp_mail call). {{{ #!php $content_mail = sprintf( __( 'New site created by %1$s Address: %2$s Name: %3$s' ), $current_user->user_login , get_site_url( $id ), wp_unslash( $title ) ); wp_mail( get_site_option('admin_email'), sprintf( __( '[%s] New Site Created' ), $current_site->site_name ), $content_mail, 'From: ""Site Admin"" <' . get_site_option( 'admin_email' ) . '>' ); }}} Since I guess that this should be filtered, I decided to create a new filter, by replacing that lines with a single function call: {{{ #!php $user_name = $current_user->user_login; $address = get_site_url( $id ); wpmu_admin_new_site_notification( $user_name, $address, $title ); }}} The new `wpmu_admin_new_site_notification` that I created, is declared on wp-includes/ms-functions.php and it as simple as a function that send an email to the administrator, and that have three filters: `wpmu_admin_new_site_notification` that can be used to bypass the email; `update_new_site_notification_email` that can change the content of the emaiil; and `update_new_site_notification_subject` that can be used to change the subject of the email. You can see more details of this on the .patch file I submitted, with commented code." vaurdan 7 26318 XMLRPC wp.uploadFile fails to place media in sub blogs XML-RPC 3.7.1 normal normal defect (bug) new 2013-11-29T12:02:39Z 2019-06-05T06:39:38Z "Using an XMLRPC call to mw_newMediaObject, uploaded files do not land in the media library of the target blog, for example blog_id 2. The uploaded files always land in the wp-content/uploads/yyyy/mm folder. And they also appear in the media library for that blog too, via the UI. If you trace the blog_ID to class-wp-xmlrpc-server.php you can see the method is receiving the correct value (eg. 2) at that point. This affects (at least) a subdomain-type of installation. The htaccess is standard from the WP codex. Occurs when blog_ID is passed to the rpc thus: {{{ require_once 'IXR_Library.php'; $client = new IXR_Client('http://my-site.com/xmlrpc.php'); $params = array('name' => 'imgfile.png', 'type' => 'image/png', 'bits' => new IXR_Base64($bits), 'overwrite' => false); $client->query('wp.uploadFile',2, 'admin', 'password', $params); }}} The xmlrpc returns a packet containing this data: {{{ array ( 'id' => '30', 'file' => 'test2_889047515_2.png', 'url' => 'http://my-site.com/wp-content/uploads/2013/11/imgfile.png', 'type' => 'image/png', ) }}} " daki-san 5 26365 map_meta_cap() should use parent post status when post has a post status of inherit needs-unit-tests Role/Capability 3.8 normal normal defect (bug) new 2013-12-02T19:38:49Z 2019-06-04T21:09:43Z "When a post has a status of inherit `map_meta_cap()` fails to use the parent's status and so logic that uses the status to determine the mapping doesn't behave as expected. For example `read_post()` will often fail when it should pass. Similarly for `delete_post()` and `edit_post()`. This has recently caused a variety of difficulties in a project I've been working on where we have a custom post type that uses the inherit post status on children so authors only need to manage the post status of the main parent post. The fix is two parts. One a fix to `get_post_status()` that causes it to check the parent status so it'll work backwards to the first post that has a valid (not 'inherit') post status. The second is a fix to `map_meta_cap()` that checks for a post status of inherit on the post object and then uses `get_post_status()` on the post_parent id value. A couple related/similar issues: #23458 (these patches would fix the root issue) #17668 (fixed) " methnen 8 26402 Add option to DB if option is only present in cache when updating option needs-unit-tests Cache API 3.8 normal normal Future Release defect (bug) new 2013-12-04T17:57:07Z 2017-03-17T17:45:33Z "In very rare circumstances some options may not be in DB but in cache. On update if updating DB fails remove from cache and try to add option. This would eventually fix cache inconsistencies if they occur. Both update_option and update_site_option are affected." codix 3 26409 Non-Editors can create (non-hierarchical) terms even though they can't manage_terms Taxonomy 3.0 normal normal Future Release defect (bug) new 2013-12-04T20:44:05Z 2018-02-03T13:38:48Z "When a taxonomy is registered, the `$default_caps` are: {{{ 'manage_terms' => 'manage_categories', 'edit_terms' => 'manage_categories', 'delete_terms' => 'manage_categories', 'assign_terms' => 'edit_posts', }}} This should mean that Authors and Contributors should not be able to create new terms because they (normally) do not have the `manage_categories` capability. For hierarchical taxonomies (like categories), the UI for creating new terms is removed from the metabox. However, for non-hierarchical taxonomies (like tags), the UI does not change based on whether the they can `manage_categories` or not: they can still enter arbitrary terms and add them, and when saving the post, the new terms get created. This seems wrong. There should be `current_user_can( $taxonomy->caps->manage_terms )` checks done when saving a post, and the UI should be updated to prevent new terms from seeming to be accepted. The `ajax-tag-search` could be used to determine if the entered tag exists, and only allow it to be added if it does." westonruter 9 26474 Add Filter to Username/Password Fields on Login Form? dev-feedback Login and Registration 3.8 normal normal Awaiting Review enhancement new 2013-12-07T18:06:49Z 2017-05-13T21:39:09Z "As a state institution, we are required to remain PCI-compliant. One of the areas we've been dinged in scans in the past, albeit an area that they consider ""low risk"", is the fact that the username and password fields allow autocomplete. I understand that it's probably not preferable for everyone using WordPress to have autocomplete turned off on those fields, but it would be nice if it was simple to at least filter those fields to turn it off (or, at the very least, add that as one of the ""args"" that are used when the form is built). This should obviously be used both in wp-login.php and in the `wp_login_form` function within wp-includes/general-template.php I'm happy to work up a patch for this if this is something that might be supported. Thanks." cgrymala 5 26475 Hierarchical meta box display issues when messing around with new terms has-patch Taxonomy 3.8 normal normal defect (bug) new 2013-12-07T18:20:08Z 2019-06-04T21:09:46Z "There are some bugs with the hierarchical taxonomy box, especially when the post is related to only some terms in a hierarchical chain. Attaching video of the bug. Steps to reproduce: 1. Create a new post 2. In the taxonomy meta box, create an `old testament` term. 3. Create a `Job` term as a child of `old testament`. 4. Uncheck `old testament`. 5. Add a new term `genesis` as a child of `old testament`. 5. Add a new term `numbers` as a child of `old testament`." ericlewis 6 26504 Semantic elements for non-link links joedolson* Administration 3.8 normal normal Future Release task (blessed) accepted 2013-12-09T14:29:18Z 2024-01-30T15:12:56Z "Using the [http://heydonworks.com/revenge_css_bookmarklet/ revenge.css bookmarklet] on the dashboard gives a very [http://d.pr/i/yVYh clear indication] that some of the links on there are semantically incorrect - they should be buttons, even if they should look like links. The Actual Buttons Are Actual section of this [http://coding.smashingmagazine.com/2013/08/20/semantic-css-with-intelligent-selectors/ article] sums it up nicely why. Unless the accessibility team have indicated otherwise, each of the 74+ occurrences (only counting PHP files, more in JS files) of links with `href=""#""` should probably be a `<button>`, so that screen readers interpret it as a button that does something, rather than a link that takes you somewhere. It also reduces the number of links that can be pulled out of context. Appearance isn't a problem either - taking the ""See 3 more…"" from the screenshot: {{{ // Original: <a href=""#"">See 3 more…</a> // New (might benefit from ARIA attribute): <button class=""no-button"">See 3 more…</button> // Basic CSS: .no-button { background: none; border: none; color: #0074a2; } .no-button:hover { color: #2EA2C9; cursor: pointer; } " GaryJ 52 26516 Make it easier to check theme support obenland dev-feedback Themes 2.9 normal normal enhancement assigned 2013-12-10T02:02:22Z 2019-06-04T21:09:49Z "Currently we don't make it too easy for plugins (and themes I suppose) to get access to the information passed in the second argument to `add_theme_support()`. To get more information about a theme's support for post thumbnails for example, a plugin would have to assign the return value of `get_theme_support()` to a variable and then access the value stored in the first key of the returned array: {{{ #!php <?php $support = get_theme_support( 'post-thumbnails' ); $actual_support = $support[0]; }}} While this is not ideal for core features that themes need to register support for, it gets painful quickly when themes and plugins want to deal with information coupled to a custom feature." obenland 3 26524 Quick edit form looks strange for localized version Quick/Bulk Edit 3.8 normal normal defect (bug) new 2013-12-10T18:32:50Z 2024-02-25T19:47:57Z Please see attached screesnhot. pavelevap 4 26530 Unnecessary database requests and untidy code in do_enclose has-patch Feeds 3.8 normal normal enhancement new 2013-12-11T02:05:39Z 2019-06-04T19:45:12Z "The function do_enclose in wp_includes/functions.php is 62 lines long with up to 8 levels of intendation, and begins with the comment {{{ //TODO: Tidy this ghetto code up and make the debug code optional }}} The single biggest problem of this code might be that it unnecessarily asks the database if links are referenced as enclosures or not for the current post, once for every new link. {{{ foreach ( (array) $post_links as $url ) { if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( ""SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)"", $post_ID, like_escape( $url ) . '%' ) ) ) { }}} This information is already available through $pung, {{{ $pung = get_enclosed( $post_ID ); }}} do_enclose also always uses extension guessing to determine the mime type of a link, even when there is header information available. Bad naming of variables and bad separation of tasks makes the workings this function difficult to grasp." joakimf 3 26546 themes.php Buttons Randomly Appear/Disappear on iPad reporter-feedback Themes 3.8 normal normal defect (bug) new 2013-12-11T20:31:24Z 2019-06-04T21:09:53Z This was patched for #26481 but that patch didn't work. miqrogroove 3 26571 "Increase flexibility of ""At a Glance"" Dashboard Widget to match ""Right Now"" Widget" chriscct7 needs-docs Administration 3.8 normal normal Future Release enhancement reviewing 2013-12-12T18:00:27Z 2021-06-01T13:48:46Z "Following the changes in #26495, the ""At a Glance"" Dashboard widget is now much less flexible for extending. Primarily, the issue is the new `dashboard_glance_items` filter which is significantly less flexible than the previous collection of actions. Two main issues: 1. The filter forces all items to be in a single list along with the core ""glance items."" 1. The filter does not add any classes to added list items, making them impossible to style. This last issue is particularly bad, since a class is required to change the icon associated with a list item in the ""At a Glance"" list. Here's a use case for why a more flexible filter or an action following the list but before Version and Privacy info is important from my plugin Post Status Menu Items: [[Image(http://mrwweb.com/files/wp-trac/at-a-glance-statuses.png)]] Note the separate list and list-item icons. To get that at the present time, I had to hack out of the existing list with an empty list item in the first list and a new empty list with one empty item at the end: {{{ ...</li> <li class=""comment-count""><a href=""edit-comments.php"">28 Comments</a></li> <li></li> </ul> <h4>Post Statuses</h4> <ul class=""ps-post-statuses""> <li class=""publish-status-post-count"">... }}} {{{ ...<a href=""http://localhost/wp3.6/wp-admin/edit.php?post_status=trash"">1 Trash</a></li> </ul> <ul><li></li></ul> }}} At a bare minimum, the filter should allow for classes, and the ability to create multiple lists would be even better. There is a `rightnow_end` action, but it comes after the version and privacy information which feels like a ""footer"" to me. The easiest solution for allowing separate lists and wouldn't require reverting #26495 would be to simply add an action following the closing tag of the At a Glance list. Then the `dashboard_glance_items` could just be extended a bit to add unique classes for styling." mrwweb 18 26575 Dashboard widgets should be able to specify a min-width at which they span two columns Administration 3.8 normal normal defect (bug) new 2013-12-12T19:34:01Z 2019-06-04T19:24:39Z Some dashboard widgets [http://imtheirwebguy.com/dont-hit-update-just-yet-wp-3-8-overhauls-ui-breaks-dashboard-widgets/ don't do well in skinny columns]. Maybe we should let them specify a min-width. If breached, they could span two columns. Certainly would be useful for stats/traffic widgets. markjaquith 5 26596 Edit comments from wpAdmin don't process well radio button fields has-patch Comments 2.7 normal normal defect (bug) new 2013-12-13T08:38:04Z 2019-06-04T19:24:43Z "I'm filtering for 'wp_comment_reply' to add a custom radio button selector in the wpAdmin comments. Then the ajax request don't send this field value, always send the last one, checked or not. wp-admin/js/edit-comments.js process all INPUT fields as a text (except type button) I attach the patch to allow radio buttons but doesn't works for checkbox." corretge 4 26605 Appearance of recent/future posts in dashboard looks off on mobile. has-patch Administration 3.8 normal normal Future Release enhancement new 2013-12-13T13:24:18Z 2019-07-22T18:22:30Z "When viewing the dashboard on a small screen device, the layout of the date and post title in the recent/future post section of the layout of the site activity widget looks funny when the title is fairly long. I think it might be better to have the date on a separate line. [[Image(https://dl.dropboxusercontent.com/s/h8jpr8305isg0gy/2013-12-13%20at%2013.17%202x%20%281%29.png)]] " mattheu 10 26626 WP_Upgrader::unpack_package() can overflow path name length limits dev-feedback Upgrade/Install 2.7 normal normal defect (bug) new 2013-12-14T17:16:10Z 2021-05-18T17:50:48Z "I had no idea that in 2013, there were still operating systems with pathname length limits of only 256 characters. But, apparently there are - I've had 3 reports of it in the last week (which came after I included an SDK in one of my plugins that had a lot of sub-directories). Two of the victims got hit when unpacking the plugin through a normal update. To prevent this in future, I restructured my plugin. The other victim was running Bitnami WAMP, with PHP 5.4.22 (Windows NT AFLAPTOP 6.1 build 7601 (Windows 7 Business Edition Service Pack 1) i586), and he was accessing WP_Upgrader::unpack_package() via a restore operation in UpdraftPlus Backup/Restore (http://wordpress.org/plugins/updraftplus), which uses this method to unpack zip files. See http://wordpress.org/support/topic/restore-fails-could-not-create-directory for more information on that. Basically, it boiled down to ""WP_Upgrader::unpack_package() uses the basename of the zip file to create a directory in WP_CONTENT_DIR/upgrade/"". So, if the zip file name is very long, then a meaningful amount of the potential 256-character limit can be lost. The guy running Bitnami lost 80 characters to reach his upgrade folder: `C:\Program Files\BitNami WAMP Stack\apps\wordpresslucid\htdocs\wp-content/upgrade`. That leaves 176 characters. The plugin he was unpacking needed 98 characters for its longest pathname: `/plugins/<slug>/opencloud/symed/Symfony/Component/EventDispatcher/EventDispatcherInterface.php`. That leaves 78 characters to spare. Should be plenty... except for WP_Upgrader::unpack_package() wanting to use basename($zipfile) to create a directory for unpacking into. The zipfile did indeed have a filename of over 78 characters long. Boom! To prevent other scenarios in which someone might get hit by this, we can just change this line: {{{ $working_dir = $upgrade_folder . basename($package, '.zip'); }}} to: {{{ $working_dir = $upgrade_folder . substr(md5(basename($package, '.zip')), 0, 8); }}} The use of md5() to prevent collisions might be over-cautious (especially given that WP_Upgrader::unpack_package() already tries to empty out the upgrades directory), but it's also harmless." DavidAnderson 11 26636 There Is No Filter For get_sidebar() has-patch Themes 1.5 normal normal Awaiting Review enhancement new 2013-12-16T07:29:12Z 2018-05-15T17:04:08Z "Because there is no filter for get_sidebar it is not possible to change which sidebar is called conditionally from a plugin and there is no good way to do it in a theme. Here is an example use for the filter I am proposing to add: {{{ function slug_mobile_sidebar( $name ) { if ( wp_is_mobile() ) { $name = 'mobile'; } return $name; } add_filter( 'the_sidebar', 'slug_mobile_sidebar' ); }}} Yes, I could go through a theme and wrap every instance of get_sidebar() in some conditionals or create my own sidebar function. Both of these solutions are inadequate because they require modifying theme files that I might not want to modify. For example, if I was creating a child theme, I would have to add every template to it for either of these solutions to work. They also make my code much less portable. Adding a filter to get_sidebar would enable plugin developers to write similar functions to add mobile sidebars, to stick with the same example. If implemented from a plugin that function would of course require a template redirect so WordPress could load sidebar-mobile.php from the plugin if it didn't exist in the theme directory. " shelob9 9 26640 Performance Increase in apply_filter() (~11%) has-patch Plugins 1.5 normal normal enhancement new 2013-12-16T10:57:32Z 2019-06-04T20:45:11Z "Currently apply_filter() simply calls `call_user_func_array()`. This is a fairly expensive way to call dynamic functions, especially compared to `$foo = 'funcName'; $foo()` — the issue is variable arguments. It is quicker however to do a switch on the number of params and call the equivalent `$foo()` with a fallback to the old behavior. Additionally, the loop used is inefficient: {{{ do { foreach( (array) current($wp_filter[$tag]) as $the_ ) ... } while ( next($wp_filter[$tag]) !== false ); }}} The `next()` call here returns the same value as `current()` in the `foreach`; by simply assigning the return to a variable in the conditional, we remove that extra unnecessary `current()` call entirely. {{{ } while ( $current = next($wp_filter[$tag]) !== false ); }}} We have to call `current()` before the `do` however to assign a value to `$current` on the first iteration." dshafik 13 26649 escaped shortcodes should not be expanded during 'get_the_excerpt' needs-unit-tests Shortcodes 3.7.1 normal normal defect (bug) reopened 2013-12-16T15:13:48Z 2019-06-04T21:10:00Z "It is possible for ""the_content"" filter to be invoked while processing ""get_the_excerpt"". If the do_shortcodes() filter hook is attached to both ""the_content"" and ""get_the_excerpt"" then this can lead to an unexpected expansion of an escaped shortcode. This can lead to unwanted side effects, as reported here. http://www.oik-plugins.com/2013/12/escaped-shortcodes-unexpectedly-expanded-get_the_excerpt/ This minor problem can be alleviated by a simple change to strip_shortcode_tag(), returning the HTML code [ as the first character rather than the left square bracket. {{{ function strip_shortcode_tag( $m ) { // allow [[foo]] syntax for escaping a tag if ( $m[1] == '[' && $m[6] == ']' ) { return ""["" . substr($m[0], 2, -1) ; } return $m[1] . $m[6]; } }}} I don't believe that it's necessary to make the same change in do_shortcode_tag(). " bobbingwide 5 26667 Improve filter in single_term_title() has-patch Taxonomy 3.8 normal normal enhancement new 2013-12-17T19:20:47Z 2019-06-04T21:10:01Z "There are some oddities to how taxonomy titles are handled in `wp_title()`. For categories and tags, the title is set to the current term title, which is desirable in my opinion: {{{ if ( is_category() || is_tag() ) { $title = single_term_title( '', false ); } }}} But for all other taxonomies, the taxonomy label is injected into the title: {{{ if ( is_tax() ) { $term = get_queried_object(); if ( $term ) { $tax = get_taxonomy( $term->taxonomy ); $title = single_term_title( $tax->labels->name . $t_sep, false ); } } }}} This seems oddly specific and not the typical WordPress way, in my opinion. It seems to assume a lot in terms of what users will want. Ideally I'd take this block completely out and simply add is_tax() to the first block. Being a pragmatist though, I will assume no one will take me up on that particular solution. :) This really gets messy when you get into `get_term_title()`. The filters provided in this function do not filter the result of the operations but rather the input, which is a bit curious given the normal usage of filters. The code: {{{ function single_term_title( $prefix = '', $display = true ) { $term = get_queried_object(); if ( !$term ) return; if ( is_category() ) $term_name = apply_filters( 'single_cat_title', $term->name ); elseif ( is_tag() ) $term_name = apply_filters( 'single_tag_title', $term->name ); elseif ( is_tax() ) $term_name = apply_filters( 'single_term_title', $term->name ); else return; if ( empty( $term_name ) ) return; if ( $display ) echo $prefix . $term_name; else return $prefix . $term_name; } }}} So, my recommended solution is to simply add a filter here for the result which passes in the `$prefix` in case we would like to remove it. Like so: {{{ function single_term_title( $prefix = '', $display = true ) { $term = get_queried_object(); if ( !$term ) return; if ( is_category() ) $term_name = apply_filters( 'single_cat_title', $term->name ); elseif ( is_tag() ) $term_name = apply_filters( 'single_tag_title', $term->name ); elseif ( is_tax() ) $term_name = apply_filters( 'single_term_title', $term->name ); else return; if ( empty( $term_name ) ) return; $result = apply_filters( 'single_term_title_result', $prefix . $term_name, $term_name, $prefix ); if ( $display ) echo $result; else return $result; } }}} The attached patch accomplishes this. However, I think more sweeping changes might be warranted here. Clif" clifgriffin 2 26674 The get_tag_regex() function is a too greedy when searching for a closing tag. has-patch Formatting 3.9 normal normal defect (bug) new 2013-12-18T20:57:31Z 2019-06-04T19:45:13Z "At its current state, the get_tag_regex() function is a too greedy when searching for a closing tag. This causes content with more than one of the same media tag (e.g iframe followed by an iframe) to be grouped together as one value, with the content between in that value. This patch, while lazier, makes the regex function as expected." kopepasah 9 26691 Admin Color Schemes: generic classes for colors Administration 3.8 normal normal Future Release enhancement new 2013-12-20T15:59:01Z 2020-09-19T06:53:21Z "Our team is trying to adapt our plugin to the new admin color schemes. It would be great if we could have generic CSS class declarations that allow us to apply the current scheme's background/text colors to our elements. Something like .admin-color-flat .sidebar-background-color{ background-color: #.... } .admin-color-vineyard .sidebar-background-color{ background-color: #.... } This would allow plugin developers to leverage those schemes without having to reinvent the wheel every time, and would make their plugins adapt to any third-party color scheme people may be using on their site. WordPress already adds the current color schema class to the body tag. But then I don't see anything in the CSS that I could use to recycle, let's say, the admin sidebar current background color and use it as the background color for my metabox headers. Yes, I could do this in jQuery, but I was hoping for a pure CSS approach. " coolmann 9 26695 Themes: add support for multiple screenshots in themes dev-feedback Themes 3.8 normal normal Future Release enhancement new 2013-12-20T20:08:43Z 2020-08-14T05:06:12Z "We left this out from the THX merge due to priorities. Let's bring them back. Previously: #20546. * Method to get an array with all the screenshots with a maximum of 5. * Pass this data to {{{wp_prepare_themes_for_js}}}. * Adjust template to loop through all the screenshots (if available) and render them. * Set up a simple JS gallery with thumbnails on the detailed view of a theme. Array begins with screenshot.png as the first item, then continues with screenshot-2.png." matveb 15 26710 Wrong redirect URL after core update when WP is in subdirectory Upgrade/Install 3.8 normal normal defect (bug) new 2013-12-24T11:05:58Z 2019-06-04T21:10:06Z "When updating WP 3.7.1 to 3.8 on a WP install that is located in a subdirectory (using the ""Giving WordPress Its Own Directory"" method), after the update, the browser forwards to a non-existing URL which causes a 404 error. In this configuration, in the wp-config file, WP_SITEURL is set to example.com/wp and WP_HOME to example.com. The update is triggered from the admin area located at example.com/wp/wp-admin/update-core.php When the update finishes, instead of forwarding to example.com/wp/wp-admin/about.php?updated, it sends the user to example.com/wp-admin/about.php?updated. Because of the missing subdirectory, this displays a 404 error. Upon returning to the dashboard, the user will notice that the update has been correctly applied, but he won't ever see the ""Welcome to 3.8"" page." tar.gz 6 26723 Twenty Fourteen: Hatom Errors Bundled Theme 3.8 low normal Future Release defect (bug) reopened 2013-12-26T14:50:13Z 2022-07-08T17:17:26Z "Greetings. Getting this on Google's Structured Data Testing tool. Extracted structured data hatom-feed hatom-entry: Error: At least one field must be set for HatomEntry. Error: Missing required field ""entry-title"". Error: Missing required field ""updated"". Error: Missing required hCard ""author"". The 1st two are caused by using WordPress with a static home page, this started with the 3.8 release. I am using a theme designed in Artisteer that worked fine before the 3.8 release. Artisteer is no help pointing the finger at WordPress. Activating WP 2014 theme solves the 1st 2 errors but the below still shows. Error: Missing required field ""updated"". Error: Missing required hCard ""author"". The second two have been present showing as ""Warnings"" in self hosted WordPress sites for a long time. However since a recent Google algorithm chance those warnings are now Errors. An announcement from Google. http://googlewebmastercentral.blogspot.com/2013/12/structured-data-dashboard-new-markup_12.html Below is a screen shot of one of my sites Google webmaster tools accounts. http://www.doc1952.com/hatom-errors.jpg All of my sites structured data thumbnails have disappeared from search results. I have posted about this situation in the WordPress forums with no help so far. http://wordpress.org/support/topic/google-structured-data-missing-required-field-authorship-thumbnails-gone?replies=10 Thanks for your help with this. Ed Koon www.doc2014.com " fidosysop 19 26735 Plugin bulk deletion attempts to define WP_UNINSTALL_PLUGIN constant multiple times has-patch Plugins 2.7 normal normal Future Release defect (bug) new 2013-12-28T15:22:37Z 2017-09-09T12:35:26Z "The `WP_UNINSTALL_PLUGIN` constant is defined by `uninstall_plugin()` before the plugin's `uninstall.php` file is included (if the plugin has one). When deleting multiple plugins with `uninstall.php` files, the function attempts to define this constant each time, which will result in a notice. >`PHP Notice: Constant WP_UNINSTALL_PLUGIN already defined` The notice will never be noticed by most users, because it will be silenced by default, but this could be an issue if plugins are checking for the value of `WP_UNINSTALL_PLUGIN`, as recommended [http://wordpress.stackexchange.com/questions/25910/uninstall-activate-deactivate-a-plugin-typical-features-how-to/25979#25979 here] (which is linked to [http://codex.wordpress.org/Function_Reference/register_uninstall_hook#Discussions from the codex]), and not just whether it is defined. I don't have a good solution, sorry." jdgrimes 9 26759 New Generic Sanitize Functions for Core dev-feedback Formatting 3.8 normal normal enhancement new 2014-01-02T17:54:48Z 2019-06-04T19:45:16Z "Core currently supplies a number of sanitize functions: {{{ sanitize_email() sanitize_file_name() sanitize_html_class() sanitize_key() sanitize_meta() sanitize_mime_type() sanitize_option() sanitize_sql_orderby() sanitize_post_field() sanitize_text_field() sanitize_title() sanitize_title_for_query() sanitize_title_with_dashes() sanitize_user() }}} They all sanitize by usage, not by data type. As such, I (and I suspect others) wind up using these to escape things they weren't initially meant for -- for the sake of brevity, and it's just quicker and leads to tidier code. I believe it could result in better and simpler sanitizing if we were to include sanitize-by-format functions in core. For example, {{{ wp_sanitize_numeric( $raw ); // [\d] wp_sanitize_numeric_float( $raw ); // [\d\.,] allowing both commas and periods as decimal indicator and thousands seperator wp_sanitize_hex( $raw ); // [\da-f] case-insensitive wp_sanitize_alphanumeric( $raw ); // [\da-z] case-insensitive wp_sanitize_letters( $raw ); // [a-z] case-insensitive wp_sanitize( $raw, $regex ); // uses passed in regex to determine what to strip. }}} The specific functions to use are up for discussion. I'm just hoping to make it simpler for users to sanitize data by expected type. As a side note, this will let folks use `wp_sanitize_numeric()` to sanitize integers larger than `PHP_INT_MAX` -- which tumblr and twitter IDs often happen to be for imports and feeds and the like (as casting to `(int)` isn't a good idea)." georgestephanis 3 26764 Welcome panel - misleading text chriscct7 has-patch Administration 3.5 normal minor Future Release enhancement reviewing 2014-01-03T17:12:32Z 2021-09-26T08:04:37Z "Welcome panel shows: - ""Write your first blog post"" - I have many posts... It should be ""Add a blog post""? - ""Add an About page"" - I have ""About"" page and also many other pages... It should be ""Add additional pages""?" pavelevap 8 26788 Improve dbDelta fields match has-patch Database 3.8 normal normal enhancement reopened 2014-01-07T12:12:19Z 2019-06-04T19:24:49Z Sometimes plugin authors use multiple spaces between the field name and type rather than a single space when using dbDelta, small change to the regex to stop this producing unnecessary alter queries. pollett 1 26798 While inserting a post some values for 'post_date' throw a PHP exception has-patch Date/Time 3.5 normal normal Future Release defect (bug) new 2014-01-08T23:30:53Z 2022-07-14T21:16:57Z "If you try and insert a post with a date that does not have leading zeros (eg `2012-01-8` or `2012-1-08` or `2012-1-8`) a PHP error is thrown in [source:/trunk/src/wp-includes/functions.php#L4015]: `A non well formed numeric value encountered` due to the checkdate() call. Minimum code to reproduce: {{{ #!php $post_data = array( 'post_title' => 'some title', 'post_content' => 'some content', 'post_status' => 'publish', 'post_date' => '2012-01-8 12:00:00', ); wp_insert_post( $post_data ); }}} Two possible solutions: 1. Get strict about date formatting: ie: require leading zeros. If a date comes in without leading zeros a WP_Error() should be returned, an error should not get thrown. 2. Allow non-leading zeros. Either way using `substr()` in [source:/trunk/src/wp-includes/post.php#L2805] is at fault. I've attached a diff that uses a regex to parse the date using capture groups. Its much cleaner and will detect a badly formatted date and handle it gracefully. The regex does not require leading zeros. If leading zeros are required the regex should be changed to: `/^(?P<year>\d{4})-(?P<month>0[1-9]|1[012])-(?P<day>0[1-9]|[12][0-9]|3[01])/`" mobius5150 11 26802 WordPress FTP component fails to update core on IIS7+ dd32* Filesystem API 3.7.1 normal major defect (bug) accepted 2014-01-09T21:35:50Z 2019-06-04T19:45:19Z "Update fails with this error : Could not copy file.: wp-admin/update-core.php Steps to reproduce : * Clean install of Windows 2012R2 in a virtual machine * PHP version 5.4.23 installed, configured, and tested as per Microsoft Instructions * Granted FTP user full control of entire web root * Granted web server user read access to web root * Verified the ability to connect with a remote FTP client, create a folder, upload a file, delete the file, delete the folder * Installed wordpress 3.7.1 * Logged into wordpress admin, clicked on 3.8 upgrade link * prompted for FTP credentials, supplied same credentials as in my test above * wordpress update failed with the following message {{{ Downloading update from https://wordpress.org/wordpress-3.8-new-bundled.zip… Unpacking the update… Verifying the unpacked files… Preparing to install the latest version… Enabling Maintenance mode… Copying the required files… Disabling Maintenance mode… Could not copy file.: wp-admin/update-core.php Installation Failed }}} I then verified that the update could be done manually via an FTP client * Manually downloaded wordpress-3.8-new-bundled.zip form wordpress.org * Manually unzipped into temporary directory * Manually uploaded contents of entire zip file to server * ran wp-admin/update-core.php * Updated the database as prompted Wordpress successfully updated to 3.8 using this manual FTP upload method. The only difference is that I used my own FTP client (Filezilla) instead of the wordpress FTP component. I think its fair to say at this point that there is a potential bug in the FTP component which manifests itself on IIS servers. WWW, FTP, and PHP Log files are available upon request. " WinWPAdmin 10 26805 Email with Apostrophe May Not Update in Multisite has-patch Users 3.8 normal normal Awaiting Review defect (bug) reopened 2014-01-10T07:40:41Z 2019-06-04T18:11:11Z "From what I understand, an apostrophe is allowed in an email address before the @ sign. The is_email function does not validate this and fails, returning false if there is an apostrophe" contrid 13 26806 Add support for custom SHORTINIT handlers dev-feedback Bootstrap/Load 3.8 normal normal enhancement new 2014-01-10T14:30:43Z 2019-06-04T19:24:57Z "I'm building ajax caching for a plugin and need a handler to '''conditionally''' determine whether to continue loading WP (based on whether a cached version exists). Example handler file: https://gist.github.com/mgibbs189/8345521 The `SHORTINIT` constant along with `wp-load.php` isn't an option because it forces WP to exit early. Drop-ins like advanced-cache.php, object-cache.php, or db.php won't work because only 1 plugin at a time can use them. I need for my caching to work in combination with these other plugins (e.g. W3 Total Cache)" mgibbs189 4 26807 Comments on private posts should also be private in admin depending on role Role/Capability 3.1 normal normal defect (bug) new 2014-01-10T14:54:51Z 2019-06-04T21:10:07Z "Repro: 1. As user X, create a private post. 2. As user X, add a comment to the private post. 3. As user Y with Contributor role, go to the comment listing screen. Actual Result: Contributor user Y can see the post in the listing. Expected: Comments on private posts should not be visible to users who don't have elevated capabilities. There's a potential here for information disclosure, as when a comment quotes content from the private post. There's already a cap check in `WP_Comments_List_Table::single_row()`, so it seems like we could suppress display as well based on that check (in fact, I did so to test), though working out the counts for display above the table and for pagination will likely be a little more involved." dllh 2 26809 Errors from wp_update_post obscured in edit_post has-patch Posts, Post Types 3.9 normal normal defect (bug) new 2014-01-10T20:00:59Z 2019-06-04T20:45:19Z "A sample reproduction of a bug that illustrates the general case I'd like to document: 1. Activate a theme that has page templates (e.g. twentyeleven). 2. Enable Jetpack and configure the Sharing module, which does things on `save_post` (or set up something else that does things on `save_post`). 3. Write a post and select a template (e.g. `single-page.php`). 4. Switch to a theme (e.g. twentythirteen) that doesn't have page template UX in the page editing screen. 5. Toggle the ""Show sharing buttons"" setting in the relevant metabox (or do something else that will occur on `save_post` that's easily detected after saving). 6. Save the post. Expected Result: If there's a failure saving any piece of the data, the user'll be notified, and possibly the whole save will be postponed until any errors are corrected. Actual Result: Changes to the main post fields are saved, but things that would have fired on `save_post` do not happen, resulting in a partial save of the data (e.g. sharing status is not saved). The code in `wp-includes/post.php` that checks for a valid page template returns before several actions (including `save_post`) fire because the valid template check fails. The failure is essentially silent because `edit_post()` doesn't check the return of `wp_update_post()`. In the particular case I outline above, the issue arises because post meta for the page template existed and lives in `$postarr` based on a save when the old theme was activated. When saved under a theme with no page template UX, the value from meta is used but is not a valid value for the new theme. So it correctly errors, but the early return causes later actions not to fire properly, wreaking havoc that's tricky to spot. Optimally, it seems like WP would at least check the return of `wp_update_post( $foo, true )` for `is_wp_error()` in `edit_post()` and would fail gracefully (or at least `wp_die()` as in other cases) if an error was returned, but then there are other issues as well, such as the fact that some meta values are saved in `edit_post()` before the `wp_update_post()` executes, and theoretically these'd need to be rolled back as well on failure. The template check in `wp-includes/post.php` should also be moved to higher up in the code than where it currently lives so that the check would bail prior to the database update. I imagine that there might be much larger architectural issues that would subsume any changes to the way `edit_post()` works, so rather than providing a fix for the specific issue that'd likely be rejected anyway, I wanted to raise the general issue for discussion/rejection/whatever. Possibly relevant: #21963." dllh 4 26822 During upgrade, no errors thrown when file permissions are wrong Upgrade/Install normal normal defect (bug) new 2014-01-13T10:58:08Z 2019-06-04T21:10:10Z "I am, for the first time, attempting a Wordpress auto-upgrade. I was quite shocked to immediately see an FTP credentials dialog, as these credentials I treat as secret and do not wish to randomly spew them into the system that theoretically should simply be able to modify itself -- if filesystem permissions were proper. I wish to see an error message ""tried X, failed, exact failure error message, now trying FTP"" A number of current chatters in #wordpress on FreeNode state that this is actually not an error -- a position I vehemently disagree with. If _any_ operation fails, in the due-course of a program, SOMETHING should elaborate this within the normal course of execution for the task, especially the app itself that cannot write its own files. I would much rather like to see this from within the app updating itself, and not have to deduce it via any number of other, less-obvious methods, such as error logs on the server, filesystem access denial audits, etc. " mystica555 4 26829 Use of strpos() in extract_from_markers() and insert_with_markers() can target wrong BEGIN and END markers. has-patch Rewrite Rules 2.0 normal normal Future Release defect (bug) assigned 2014-01-14T06:16:21Z 2019-04-08T06:02:01Z "While working on a plugin, I came across the need to have two sections of `BEGIN` and `END` markers in the `.htaccess` file. The most important marker section is located at the end of the file with the marker `""e3r""`, while the second marker section is at the beginning of the file with the marker `""e3r_query_redirects""`. Now when I call `extract_from_markers` while passing `""e3r""` as the marker, the contents between the `""e3r_query_redirects""` markers are returned. Here are steps you can take to see this issue with the function `insert_with_markers()`: 1. Open the `.htaccess` file 2. Add `# BEGIN WordPress_Foo` to the top of the file, add a couple of newlines, and add `# END WordPress_Foo` 3. Save the `.htaccess` file and close it 4. Log into the WordPress Dashboard and navigate to '''Settings''' -> '''Permalinks''' 5. Press the '''Save Changes''' Button 6. Reopen the `.htaccess` file 7. Notice that the marker section originally labeled `WordPress_Foo` is now a duplicate `WordPress` marker section You can continue to repeat those steps to generate more duplicate `WordPress` marker sections. This issue is caused by the use of the `strpos()` function, which looks for the position of a substring in a string. So when you have a marker section labeled `WordPress_Foo` above the section labeled `WordPress`, the `WordPress_Foo` section is found by `strpos()`, which stops the `WordPress` section from being found. I already wrote a solution that has worked for me so far and I'm including a diff file with the changes. Basically, instead of using the function `strpos()`, which looks for the position of a substring and causes the aforementioned bug, I use the following statement: `if ( ""# BEGIN {$marker}"" === $markerline )`. Since this is my first patch to core, I would definitely appreciate all feedback :) Thanks, Faison" Faison 13 26842 Contenteditable, multiple spaces,  , and U+00A0 needs-unit-tests Formatting 4.7 normal normal Future Release defect (bug) new 2014-01-15T17:03:31Z 2020-09-04T18:52:17Z "In contenteditable mode when the user types multiple spaces (ASCII char 32, U+0020) they are preserved. The browsers insert ` ` as every other character, the string is `      ` etc. In WordPress TinyMCE is set to {{{ 'entities' => '38,amp,60,lt,62,gt', 'entity_encoding' => 'raw', }}} Anything other than the three basic ""htmlspecialchars"" `&`, `<` and `>` is outputted as UTF-8 when serializing the DOM. This outputs the (multiple) ` ` as U+00A0 which in PHP shows as `0xC2 0xA0`([http://en.wikipedia.org/wiki/Non-breaking_space reference]). A problem with `0xC2 0xA0` is that in PHP the regex `\s` matches `0xA0` in certain cases, fails to match the ""white space"", breaks the UTF char, and sometimes leaves an `Â` behind. One example is wptexturize(), see #22692. Another problem is that the user is not aware there are multiple ` ` when looking in the Text editor or the html source, as U+00A0 are ""invisible""." azaozz 38 26848 Image thumbnail on large images with ratio of 4:1 markoheijnen Media 3.8 normal minor defect (bug) assigned 2014-01-16T16:12:43Z 2019-06-04T20:06:26Z "I have been running into this issue on WordPress 3.7.1 and 3.8. I haven't tested it in older versions. I'm uploading an image that's 2000px x 500px. The theme uses add_image_size for a variety of different thumbnail sizes but the only one that's an issue is 480px. The URL to the thumbnail is being retrieved with wp_get_attachment_image_src( $thumbnail_id, 'mobile' ) for use with some CSS. Chrome is recognising it as a 1px x 1px image with a MIME type of image/png. When you open the image URL it appears correctly. '''Steps to reproduce:''' add_image_size( 'mobile', 480, 0, true ); in functions.php Upload a blank image at 2000px x 500px I also found in Chrome that when going to my uploads folder and selecting the image that's 480px x 120px I can't save the image with CMD SHIFT S yet I can with any of the other images. I have tried removing all plugins and using the default theme. The only modification I made was to add the image size. I changed the image library from libgd to imagemagick. Changing the image size from 480px to 479px works." nathan_dawson 4 26858 Comment duplicate check has a slow query has-patch Database 2.0 normal normal Future Release defect (bug) assigned 2014-01-17T04:38:22Z 2022-11-29T13:38:39Z "When checking for duplicate comments, the query is pretty slow: {{{ SELECT comment_ID FROM wp_comments WHERE comment_post_ID = '1' AND comment_parent = '0' AND comment_approved != 'trash' AND ( comment_author = 'foo' OR comment_author_email = 'foo@bar.com' ) AND comment_content = 'some content' LIMIT 1; }}} This will use the comment_post_ID index, which means it will scan all comments on that post. For a post with thousands of comments, this starts to get slow. Instead, we should change `KEY comment_post_ID (comment_post_ID)` to `KEY comment_post_ID (comment_post_ID,comment_content(255))`, to cover this case. Props [http://www.mysqlperformanceblog.com/2014/01/16/analyzing-wordpress-mysql-queries-query-analytics/ MySQL Performance Blog] for finding this." pento 6 26861 Too easy to delete a site in Multisite flixos90 has-patch Networks and Sites normal minor Awaiting Review enhancement reviewing 2014-01-17T14:49:07Z 2017-07-18T17:22:31Z "Currently, deleting a site in Multisite is very easy. There is no warning what deleting a site actually means, and nothing to show a user they are about to perform a destructive action. Just the ability to confirm, not even cancel! I'm not sure what the prompt should actually say, or if there is a better way to do a prompt, or if the button should just be red, but there's for sure something we can change here to make a better experience." bradparbs 14 26868 Function 'make_clickable()' doesn't make hyperlinks from explicit URLs using the `mailto:`, `tel:` and other schemes that do not start with `//` needs-unit-tests Formatting 3.8 normal normal enhancement new 2014-01-18T16:00:14Z 2019-06-04T19:45:21Z "Function `make_clickable()` tries to recognise URLs and convert these into clickable hyperlinks. The function is by default configured as a filter for comment text. Unfortunately, the function assumes that all explicitly declared URLs begin with the string `//` after the scheme and colon parts which is not the case for the `mailto:`, `tel:` and many other schemes. Such URLs could usefully be made clickable, especially for use on smartphones and tablets. This also leads to inconsistencies between explicitly and implicitly declared URLs. For example, the string `myemail@mydomain.com` is converted into a clickable hyperlink whilst the string `mailto:myemail@mydomain.com` is not. By contrast, the TinyMCE post editor correctly and automatically makes both implicit and explicit `mailto:` links clickable but does nothing with `tel:`. For reference, the syntax of URLs is defined by http://tools.ietf.org/html/std66, the `mailto:` scheme by http://tools.ietf.org/html/rfc6068 and that for `tel:` by http://tools.ietf.org/html/rfc3966. As #16892 has illustrated, parsing URLs can be hard. The use of `wp_allowed_protocols()` may help in detecting which strings we wish to make clickable. Found whilst testing #22946." mdgl 2 26885 Path Based Multisite Rewrite rule absolute path without trailing slash Rewrite Rules 3.8 normal normal defect (bug) new 2014-01-20T16:06:31Z 2019-06-04T21:10:12Z "The .htaccess rewrite rules generator output the absolute path to the files, but there is missing a slash at the begining to use it as absolute. I've seen the same problem at http://wordpress.stackexchange.com/questions/77818/multisite-configuration-fails-with-css-js-files The solution is to make it relative, or to add a ""/"" at the beggining of the two rewrite rules. I think the .htaccess code generated can be fixed for future users." skalex 2 26895 Deprecate recently_edited option dev-feedback Options, Meta APIs 3.8 normal minor enhancement new 2014-01-21T08:33:53Z 2019-06-04T20:45:22Z "recently_edited option is being set when a plugin or a theme file is edited by the builtin Editor. A search, in the WordPress 3.8 source code, tells me that the option is never being read. I suggest that we deprecate that option and replace it by an action where plugins can hook and get the value of the edited file." yani.iliev 4 26905 Follow CSS coding standards for SASS/SCSS files netweb Build/Test Tools 3.8 normal normal Future Release defect (bug) assigned 2014-01-22T04:10:35Z 2017-04-07T03:17:11Z "My first glance at `_mixins.scss` caught my eye with formatting that doesn't match the existing [http://make.wordpress.org/core/handbook/coding-standards/css/ CSS Coding Standards]. If we start the files out with the right formatting now while they're relatively small and few in number, they'll be easier to maintain as we start breaking up the CSS files into smaller module SASS files. This might seem nitpicky now, but catching it early will help out in the long run." morganestes 9 26935 Add empty submenu page to hide menu page title in list Menus 3.8 normal normal enhancement new 2014-01-25T07:46:30Z 2019-06-04T20:06:31Z "My question has to do with `add_menu_page()` and `add_submenu_page()`. If we add a menu page, and one sub_menu page.. we end up with the main menu page being duplicated in the sub pages list. If we have ""Main"" as our main page, and ""Sub"" as our sub page... {{{ add_menu_page('Main', 'Main', 'manage_options', 'main_options', array($this, 'main_do_page')); add_submenu_page('main_options', 'Sub', 'Sub', 'manage_options', 'sub_options', null); }}} This will create a menu structure such as: * Main * Main * Sub The ""Main"" page is duplicated in the sub list. Now, we can hide that duplication with a slight adjustment to the code: {{{ add_menu_page('Main', 'Main', 'manage_options', 'main_options', array($this, 'main_do_page')); add_submenu_page('main_options', 'Sub', 'Sub', 'manage_options', 'main_options', null); }}} By changing the fifth argument to match the ""Main"" page slug.. it will successfully hide the submenu; resulting in: * Main * Sub However... the issue with this... is a menu item still gets created in the generated html. The inner html is blank.. so no title is actually displayed.. but the outer html is still there. It appears in the submenu html output as such (with the second snippet above): {{{ <li class=""wp-first-item current""> <a class=""wp-first-item current"" href=""admin.php?page=main_options""></a> </li> <li> <a href=""admin.php?page=sub_options"">Options</a> </li> }}} See how the top item has the html for a list item.. but has no inner html? This creates a space, about 4 or 5 pixels.. in between the main item and the sub menu items. Now, I know this is trivial when there is only one menu item. But, now that I know it exists.. it is driving me nuts. 1. It results in unnecessary html output. 2. It results in a space in the menu item list.. which is faint, but unattractive... and hinders the visual appeal of the new admin panel. Could we perhaps first check if the `add_submenu_page()` fifth argument ($menu_slug) matches the `add_menu_page()` first argument ($page_title)... then the outer html wrapper doesn't get rendered? With space example(http://joshlobe.com/testsite/images/trac1) Without space example(http://joshlobe.com/testsite/images/trac2) Thank you for reading." josh401 2 26937 get_adjacent_post() should use WP_Query rather than build its own SQL query nacin Query 3.7 normal normal Future Release enhancement reopened 2014-01-25T18:51:47Z 2018-01-31T20:33:04Z "With the introduction of the `WP_Date_Query` through r25139, `get_adjacent_post()` no longer needs to build its own SQL to retrieve adjacent posts. By switching to `WP_Query`, we gain the benefit of its performance improvements, including native caching. The trickiest part of this change is maintaining support for the `get_{$adjacent}_post_join` and `get_{$adjacent}_post_where` filters currently applied to the SQL built in `get_adjacent_post()`." ethitter 60 26940 Toolbar Search: Drop down instead of expanding Toolbar 3.8 normal normal Future Release enhancement new 2014-01-26T01:10:45Z 2021-06-09T15:30:41Z "Stop sliding the entire menu bar contents needlessly, when it would be simpler (and possibly better for accessibility -- less needless movement on the screen) to just drop down a field the way the search field works in twentyfourteen. This also makes the search more usable on a cluttered adminbar that's already prone to wrapping onto a second line. Patch is not intended as the final version -- final version would use admin-bar.js to attach the onfocus and onfocusout events -- this is just intended as a proof of concept for UX testing." georgestephanis 5 26953 "Network Admin ""Site Edit"" page needs Settings trimmed down" Networks and Sites normal normal enhancement new 2014-01-28T23:16:41Z 2019-06-04T20:06:39Z "Piggybacking off of The UI/UX settings revamp, the Edit Sites pages needs a reskin as well. Most important is the Settings page, which is a massive list of options.php and really most of this should never be edited by anyone, not even a network admin. This proposal (which was suggested by Nacin) would be to change this to be not a massive dumping ground but a list of items that only the network/super admin can and should change. Anything that is editable by the site-admin (such as Blogname and Blogdescription) would not be displayed. Items that should be shown: * Fileupload Realpath * Fileupload Url * Permalink Structure (nb: see #12002 - this is the only way around that at this time) * Uploads Use Yearmonth Folders (questionable - Nacin says no) But really other than those, there's no need to have that whole ""Settings"" page and it could be folded into the main ""Info"" tab, making life much smaller and easier for everyone. Related to #15800 " Ipstenu 9 26960 Audit extraneous HTML/CSS for the admin menu has-patch Administration low normal enhancement new 2014-01-30T05:56:16Z 2019-06-04T19:41:55Z In working on #18380, I've noticed quite a bit of cruft that has built up over time, some of it directly related to the split between colors and structure. For example, the .wp-menu-arrow is no longer visible in the 3.8 redesign, but the HTML and CSS remain. Once #18380 and #26669 are complete, we should take a closer look at this. helen 3 26962 in wp-admin/profile.php no restoration filled if an error occurs fields. Users 2.0 normal normal enhancement new 2014-01-30T11:55:59Z 2019-06-05T06:39:41Z "I just saw that if the fields are filled and that we delete such a required fields (or causing an error in the syntax of email for example), no mechanism is in place to restore the information specified by the user, everything is reset. This mechanism is however in place in the ""wp-admin/user-new.php"" when we disable javascript." QuarkSEO 4 26968 Theme Administration Screen: Not enough themes displayed at high resolutions Themes 3.8 normal normal defect (bug) new 2014-01-31T06:18:18Z 2019-06-04T21:10:22Z "I run a high resolution display (2560x1600) and not enough themes are displayed when you first visit the Themes page in the admin area. If you watch carefully, you can see them there and then they quickly disappear when the page finishes loading. It initially made me think that some of my themes weren't being recognized. If there are still more themes to load and display, then why are we showing the ""Add New Theme"" item? A tiny scroll makes them show up. Screenshot attached. There are actually more themes to be displayed than those shown in the screenshot. (Sorry if this is a dupe, I had trouble finding specific enough keywords to search on.)" Viper007Bond 5 26969 Incorrect WP path set when creating a new site with wp in a subfolder Upgrade/Install 3.0 normal normal defect (bug) reopened 2014-01-31T09:10:01Z 2019-06-04T21:10:25Z If you create a site at / with wp located in /wp/, the installer creates the site with example.com/wp as the home url instead of the expected example.com. Denis-de-Bernardy 14 26980 the_modified_date is lower than the_date when post is scheduled has-patch Date/Time 3.8 normal normal Awaiting Review defect (bug) reopened 2014-02-01T08:38:41Z 2021-05-05T21:43:34Z "I scheduled a post on 30th Jan for 1st Feb. When the post was published, the modified date shows lower than the published date. I am using {{{<?php the_date('F j, Y'); ?>}}} for first part & {{{<?php the_modified_date('F j, Y'); ?>}}} for the second part. [[Image(https://dl.dropboxusercontent.com/u/1830109/wp-381-date.jpg)]] This should show the_modified_date = the_date in case of scheduled posts? Thoughts?" tushonline 8 26985 Use network_site_url in includes_url has-patch Permalinks 3.6 normal normal enhancement new 2014-02-01T18:37:38Z 2019-06-04T20:45:30Z "The `includes_url` function is used in several places for getting the path to `wp-includes`. For example, `class-wp-editor.php` is using it to get the `$baseurl` variable and load other related scripts (such as TinyMCE) accordingly. On a multisite, `includes_url` relies on `site_url` which leads to a similar path if ran on a subsite in a network: {{{ site.com/subsite/wp-includes/... }}} If a server like nginx doesn't have a working rewrite for a given version, across the site we could use hooks such as `script_loader_src` or `style_loader_src` to work around the problem, and we could also filter `includes_url` to set the correct paths (as workarounds). I suggest switching to `network_site_url` instead as it fallbacks to `site_url` for single sites. " nofearinc 6 26988 Need a Button to Cancel/Revert Page/Post Edits in Progress Editor 3.8 normal normal Future Release enhancement new 2014-02-01T22:21:17Z 2021-02-10T14:29:28Z "Currently, if you start editing a page or a post and change your mind, there is no way to easily revert those changes and it leads to a lot of confusion as as if you leave the page and come back, it will tell you that there is an auto save version. Sending to Trash makes no sense because it trashes your whole page. This is VERY confusing and user unfriendly, especially for new users of WP. There should be a ""revert"" or ""cancel"" button when editing that will get rid of current edits and take you back to the last, unedited version of the page/post." tomdryan 5 26992 Failing to make new yyyy/mm for uploads affects existing URLs (WP_CONTENT_URL, wp_get_attachment_url and GUID) has-patch Media 2.7 normal normal defect (bug) new 2014-02-02T17:53:13Z 2019-06-04T20:06:42Z "What happens: - I have the `WP_CONTENT_DIR` and `_URL` pointing somewhere, not where the WP is installed. - There was an error creating upload folder `yyyy/mm` (permission issues) - `wp_get_attachment_url()` could not go through the `if ( ($uploads = wp_upload_dir()) && false === $uploads['error'] )` block and came to the ""not recommended to rely upon"" `$url = get_the_guid( $post->ID );` The GUID returned completely ignored my settings. It started with the default `/wp-content/`. Obviously. Those attachments were made before I moved the wp-content, and nobody fixed the GUIDs. Result: all images broken. I believe, something has to be changed here, so '''when the upload directory for new attachments cannot be created, it won't affect the existing attachments'''. ---- Code Path: `wp_get_attachment_image_src -> image_downsize -> wp_get_attachment_url`" tivnet 10 27002 Scheduling not working when editing posts Posts, Post Types 3.8.1 normal normal defect (bug) new 2014-02-04T00:56:19Z 2019-06-04T20:45:34Z "I didn't see this the list but I have had this happen to me more than once. I have posts scheduled 2-3 weeks in advance to work on them and set for Feb 22 at 14:00 posting time. While working on the post the button that should be ""schedule"" says ""publish"" If you click the publish butting it will publish it immediately rather then que it for posting via scheduling. I have to go in change the time or date, click the ok button below scheduling and then change it back. This has happened more than once for me. If the post does publish it is still listed as the original date rather than the date it publishes. I have to double check them but I don't always catch them. This has happened on both firefox and Safari. Today is February 3 but the post says it was posted on February 22, 2014. It is now set to private " timgoleman 2 27015 WP_Query::get_queried_object() does not always work in 'pre_get_posts' needs-unit-tests Query 3.8 normal normal Future Release defect (bug) new 2014-02-05T00:58:42Z 2021-07-10T07:37:03Z "Related: #26627 The referenced ticket fixes the situation for categories. Inline docs indicate the method returns objects for the following query types: '''category, tag, taxonomy, posts page, single post, page, author'''. Some of these work, some do not. This became apparent from the forums: http://wordpress.org/support/topic/get_queried_object-no-longer-working-with-pre_get_posts-and-pretty-permalinks/ Props jeich Test setup. Trunk at r27067 used. (and 3.7 for regression check) Default setup of fresh install except for the following as plugin: * Hook 'pre_get_posts' and dump get_queried_object return if it is_main_query * Add custom taxonomy and associate with posts * Register CPT Change permalink setting to complete CPT rewrite registration Also modify the DB as follows to test various query types: * Add a tag to the Hello World post. * Add a custom taxonomy term to the Hello World post. * Add a CPT post The site was browsed through various pages using the default (none) permalink, then the month and name permalink. The result of getting a queried object was recorded: || ||=no permalink =||=month and name=|| ||uncategorized category ||stdClass object ||stdClass object|| ||tag archive ||NULL ||NULL|| ||taxonomy term archive ||stdClass object ||stdClass object|| ||CPT archive ||stdClass object ||stdClass object|| ||single post ||NULL ||NULL|| ||single CPT ||NULL ||NULL|| ||page ||NULL ||WP_Post object|| ||author archive ||WP_User object ||False|| ||posts page ||WP_Post object ||WP_Post object|| NULLs indicate failure of `get_queried_object()`. Except for tag archive, all NULLs returned are due to regression prior to 3.7. Why the tag archive failed in 3.8 is unclear, but the proposed patch addresses this issue as well as all other NULL returns. For those that don't know, the reason for different results with pretty permalinks enabled is different query vars are defined when rewrite rules are applied. The default no pretty permalinks does not use rewrite rules and the query vars can only be what is parsed from the request. " bcworkz 16 27019 Redirect by page slug does not work in permalink structure /%category%/%postname%/ Permalinks 3.8.1 normal normal defect (bug) new 2014-02-05T08:44:36Z 2019-06-04T20:45:36Z "Wordpress has a feature to redirect by page slug. For ex. site with two pages: {{{ yoursite.com/pageone/pagetwo }}} With default permalink settings redirect works like this: {{{ yoursite.com/pagetwo -> yoursite.com/pageone/pagetwo yoursite.com/randomtext/pagetwo -> yoursite.com/pageone/pagetwo }}} With permalink structure '''/%category%/%postname%/''' redirection from root stops working: {{{ yoursite.com/pagetwo - 404 error }}} , but from non root ok: {{{ yoursite.com/randomtext/pagetwo -> yoursite.com/pageone/pagetwo }}} How to reproduce. Clean wordpress install. Create pages: ""pageone"", ""pagetwo"" with parent page ""pageone"". Try to open url: {{{ yoursite.com/pagetwo - 301 moved }}} Set custom permalink structure to '''/%category%/%postname%/'''. Try to open url: {{{ yoursite.com/pagetwo - 404 error, but 301 expected }}} I think, permalink structure is for post, not for pages. Am I right? After investigations I found, ""pagetwo"" in url ""yoursite.com/pagetwo"" detected as category name in class-wp.php/'''parse_request()'''. And later canonical.php/'''redirect_guess_404_permalink()''' does not try to find page by category name, only by get_query_var('name'), that is blank." dimagsv 7 27048 Export: Allow multiple post types to be selected needs-unit-tests Export 3.8 normal normal enhancement new 2014-02-07T09:39:39Z 2022-05-18T16:49:01Z The export tool currently only allows for all post types to be exported, or for only one to be exported. I propose fixing this so that the selection is made via checkboxes and any number of post types can be exported. This will be beneficial in many use cases. hlashbrooke 34 27060 WP_User_Query using deprecated method of finding author Users 3.0 normal normal defect (bug) new 2014-02-07T21:59:29Z 2019-06-05T06:39:43Z "WP_User_Query uses {{{ if ( isset( $qv['who'] ) && 'authors' == $qv['who'] && $blog_id ) { $qv['meta_key'] = $wpdb->get_blog_prefix( $blog_id ) . 'user_level'; $qv['meta_value'] = 0; $qv['meta_compare'] = '!='; $qv['blog_id'] = $blog_id = 0; // Prevent extra meta query } }}} When PREFIX_user_level is deprecated. A better check is checking to see if that user has the ability to edit_posts, as that would be one who can write." Ckeboss 3 27076 double newlines inserted before captions dev-feedback Editor 2.6 normal normal defect (bug) new 2014-02-09T13:35:31Z 2019-06-04T19:25:02Z "Steps to reproduce: - Upload some picture in the library and add some caption to it - Edit a post/page using the visual editor and, after some text, insert the picture using the add media button, so a ""caption"" shorttag is created - Go into text editing - Suppress the two newlines that appeared before the ""caption"" shorttag - Go into visual mode - Go into text mode: the newlines reappeared It is important to put something before the picture inserted in order to reproduce the bug, because the two newlines are not inserted if it is at the very beginning of a post/page. This is annoying for example in a table with top-aligned cells, if in a cell you have some text, and in the cell just to the right you have a ""caption"", then the two won't be aligned, since the newlines are converted to an empty paragraph during the rendering. From what I saw, the issue could be fixed by just removing the line n° 124 in wp-admin/js/editor.js: {{{content = content.replace( /\s*\[caption([^\[]+)\[\/caption\]\s*/gi, '\n\n[caption$1[/caption]\n\n' );}}}" arupqfjm 1 27079 Very long waiting if we have a lot taxonomy terms. Taxonomy normal normal enhancement new 2014-02-09T20:10:10Z 2019-06-04T21:10:31Z "I've observed a very very long waiting if we have a lot taxonomy terms (8K in my case) when i open a new post, my browser (Chrome 32) froze while 50 sec before to generate all <li> categories. Other problem, in my category taxonomy page who lists 20 first items per default (excellent for fast loading) BUT in same time, it generates the parent drop-down with ALL cats ! Same thing above, browser froze a few seconds.. Maybe would be interesting to use ajax instead ?" QuarkSEO 2 27086 Make auth-check logins work with 1Password Login and Registration normal normal defect (bug) new 2014-02-10T15:51:22Z 2019-06-04T20:06:45Z "After some conversation on Twitter, I've been testing 1Password's browser extensions against WordPress. It works fine when logging in normally, but when you get logged out and need to log in from an iframe, it fails pretty hard. Specifically, 1Password decides to fill *every* text input — even those that are hidden, that have content, or that aren't in the same form — with the login name. This is despite the web form fields being configured, present, and matching up perfectly. (By hidden I'm referring to type=""text"" that is visually hidden, not type=""hidden"".) Basic steps to trigger the issue: * Have a login saved from wp-login.php (making sure that your web form details are for ""log"", ""pwd"" and optionally ""rememberme""). * Edit a post. * Hit the 1Password global shortcut, ⌘\. It will fill in every text input, including the title, the tags meta box input, the slug meta box input, etc. It's a mess. Steps to reproduce with a real login form: * Have a login saved from wp-login.php, etc. * Edit a post. * Delete your login cookies. Wait three minutes, or speed things up by calling `wp.heartbeat.connectNow()` in your console. * An iframe should pop up (assuming you're not cross-domain, at least). Log in using ⌘\. * It'll log into the iframe and submit it, which closes it. * Note that the title field and all other text fields. Steps to reproduce to comedic results: * Have a login saved from wp-login.php, etc. * Visit Settings > General. * Delete your login cookies. Wait three minutes, or speed things up by calling `wp.heartbeat.connectNow()` in your console. * An iframe should pop up (assuming you're not cross-domain, at least). Log in using ⌘\. * It'll log into the iframe and submit it, which closes it. * Note that every single settings field is filled with your login. Here's a dead-simple HTML page to try that involves two different forms. Doesn't matter where the focus is when ⌘\ is invoked. Doesn't matter if it's one form, multiple forms, an iframe, whether the other inputs are even wrapped by form. {{{ <!DOCTYPE html> <head> <meta charset=""utf-8"" /> </head> <body> <form> <input type=""text"" name=""log"" /> <input type=""password"" name=""pwd"" /> <input type=""submit"" /> </form> <form> <input type=""text"" name=""title"" /> <input type=""text"" name=""foo"" /> <input type=""text"" name=""bar"" /> <input type=""text"" name=""baz"" /> </form> </body> </html> }}} It seems that ""If the fields saved in a Login item don’t match the ones on the page I try to fill what I can"" ([https://twitter.com/1Password/status/432687921154371584 source]) is inaccurate. It doesn't matter whether the fields match; and ""fill what I can"" actually means ""randomly stomp on all fields"". This reminds me of #24364. Possible solutions: * Disable all other inputs when the iframe is open, and re-enable them when closed. (Need to be careful to not re-enable previously disabled fields.) * Convince 1Password to release a fix for this. They happen to be WordPress users themselves, so it's not out of the question. There are numerous options here, as well — not filling in outside of an iframe is probably pretty safe, especially when fields also match 1:1. But one question would be how quickly they'd make a fix. I'd tend to think we'd be able to release 3.9 first. I filed an unrelated report of a simple, annoying, and straightforward bug about two months ago; their last bug fix release was about a month ago." nacin 5 27088 Allow per-query filtering of post status objects needs-unit-tests Query 3.8.1 normal normal enhancement new 2014-02-11T05:32:31Z 2019-06-04T20:45:40Z "There comes a time where queries need to pull in posts (or CPTs) that have a non-public post status. Unfortunately, there are no filters on `get_post_status()` or `get_post_status_object()` to allow this kind of atomic control within `WP_Query::get_posts()`. To rectify this, we should add (at a minimum) filters on: - `get_post_status()` - `get_post_status_object()` Additionally, a filter within `WP_Query::get_posts()` (on the return of `get_post_status_object()` with the query passed along for context) will allow per-query filtering of the status object if it needs to be overridden for specific reasons." ericmann 6 27094 get_boundary_post() doesn't work for custom post types has-patch Query 3.8.1 normal normal enhancement new 2014-02-11T14:59:06Z 2019-06-04T20:45:44Z "[https://core.trac.wordpress.org/browser/tags/3.8.1/src/wp-includes/link-template.php#L1318 Here the function] I'd suggest a very little change in order to open use of the function to CPTs: {{{ function custom_get_boundary_post( $in_same_term = false, $excluded_terms = '', $start = true, $taxonomy = 'category', $post_type = 'post' ) { $post = get_post(); if ( ! $post || ! is_single() || is_attachment() || ! taxonomy_exists( $taxonomy ) ) return null; $query_args = array( 'post_type' => $post_type, 'posts_per_page' => 1, 'order' => $start ? 'ASC' : 'DESC', ); [snip] }}} The order of $taxonomy and $post_type arguments isn't ideal imho, but would be absolutely backward compatible." PioneerSkies 5 27122 Optimization for PHP FPM dev-feedback General 3.8 normal normal enhancement new 2014-02-13T22:59:21Z 2019-06-04T19:45:25Z "This patch make {{{ wp_ob_end_flush_all }}} calling {{{ fastcgi_finish_request }}} instead of {{{ ob_end_flush }}} when php-fpm is used. {{{ fastcgi_finish_request }}} flush the buffers '''and''' close the connection. This tweak increases page speed. It also allows to run heavy tasks such as sending mail, writing logs or making complex calculations after the end of the request without slowing down the whole page load. Symfony uses this tweak too, see this PR FOR further details: https://github.com/symfony/symfony/issues/1180" dunglas 13 27127 Improve plugin search on installed plugins page Administration 3.8 normal normal Awaiting Review enhancement new 2014-02-14T17:16:53Z 2023-04-12T16:18:45Z "If you have lots of plugins installed trying to find one in the installed plugin page is not quick. The search box is quite slow ( requires a page refresh ). Adding some JavaScript that transforms the current search box into a quickfind box would help solve this problem. As the user types a keyword the JavaScript searched across the displayed text for the plugin, only displaying the plugins that contain that keyword." enej 8 27139 Image caption disappears if images are rearranged immediately after adding the caption. has-patch Media 3.5 normal normal defect (bug) new 2014-02-16T05:13:04Z 2021-02-09T04:52:37Z "**Steps to reproduce (screencast here: http://youtu.be/MF2SEn_lMeQ):** 1. While editing a post, open the Add Media dialog. 1. Upload (or select) two images and choose ""Create Gallery."" 1. Click ""Create New Gallery"". 1. Add a caption to the first image in the text field underneath the image preview in the main ""Edit Gallery"" area. 1. Drag the second image so that it is reordered in front of the first image. **What I expected:** The images would be reordered and the image captions would not be changed. **What actually happened:** The images were reordered, but the image caption I had just entered reverted to its previous state. Clicking in any other text field before reordering images seems to ""cement"" the caption, but you can click on multiple images before dragging an image, and the caption will still revert." cfinke 6 27148 comments in page code converted to displayed text upon submission Editor 3.8 normal normal defect (bug) new 2014-02-18T18:02:15Z 2019-06-04T19:25:09Z "When editing a WP page in code/text view, comments inserted with ""<!-- comment -->"" display correctly (not shown) in the visual view, but when posted (submit or preview) get parsed to ""<!-- comment -->"" and are displayed publicly." wchapin 7 27158 do_enclose() throws warnings when content_type is text/html and not audio or video needs-unit-tests Pings/Trackbacks 3.8.1 normal normal defect (bug) new 2014-02-19T17:25:58Z 2019-06-04T20:45:45Z "cron calls do_pings()/do_all_pings() which in turn goes on to do_enclose(). PHP Warning: strpos() expects parameter 1 to be string, array given in /var/vhost/site/wp-includes/functions.php on line 505 $url is valid, $type is ""text/html; charset=UTF-8"", $len is valid as well. $allowed_types is array(0=>video, 1=>audio) server environment: PHP 5.5.3-1ubuntu2.1 Apache 2.4.6 running WP 3.8.1, no multisite " tamas_dxw 1 27162 Don't store admin messages in transients Administration 3.0 low normal defect (bug) new 2014-02-20T02:52:23Z 2019-06-04T19:42:03Z "The settings errors API (`add_settings_error`/`get_settings_errors`) in core uses transients to store messages across requests. Unfortunately, this is a misuse of transients, as [http://journal.ryanmccue.info/296/youre-using-transients-wrong/ transients are not guaranteed to exist] for any length of time. I've noticed this issue appear in two separate scenarios: * When flushing the cache (after a deploy, e.g.): If you happen to flush the object cache between a `add_settings_error` call and the next page load, the message will disappear forever * When disabling caching for testing purposes, the error will never be set/read (depending on how you disable it) ---- There's a few options I can see to fix this: * Store them in options/usermeta: This keeps all the logic on the backend, but causes potentially costly writes to the database * Store them in cookies (session data): This avoids the database write, but means we have to send extra data via the HTTP server, which might be filtering cookies (inbound and outbound). It also means we need to set a hash using a secret key to avoid allowing users to edit their cookies." rmccue 4 27165 Incorrect nonce supplied when authenticated session expires has-patch Login and Registration 3.8.1 normal minor defect (bug) new 2014-02-20T11:55:44Z 2019-06-04T20:06:52Z "I was using a nonce (with action name) for a nopriv ajax request and found nonce supplied via page load was invalid, whereas nonce supplied via ajax request was valid. This only occurs when admin area prompts to re-authenticate current user. In my system, a nonce (action 'xyz', say) is given via localize script to the client on page load. This nonce is then used to verify a subsequent nopriv ajax request. This request then responds with the latest nonce (for 'xyz') (which may be the same, of course) for any further ajax requests. However, I suddenly found that upon page reload, the nonce provided via localize script was invalid. Assuming this was a bug in my code, I commented out nonce verification in my action function. I then discovered that the ""new"" nonce being supplied in the ajax response was always different to the initial nonce despite the same action name being used in its creation. On further experimentation it became apparent that the nonce supplied by ajax response was valid and did verify with further ajax requests. I then found I had the admin area open in a separate tab and it was prompting me to re-authenticate. Upon logging back in the nonces realigned and worked again. tl;dr: Requests by ajax consider current user differently to fresh page load (for nonces at least) when in logged in limbo. The bug is that it shouldn't. It's a very minor issue but it was very confusing and took me quite some time to find the somewhat non-intuitive solution." joe_bopper 2 27177 Child themes should inherit parent theme customizer settings on activation / switching has-patch Themes 3.8 normal normal Awaiting Review enhancement new 2014-02-21T20:37:01Z 2020-03-28T14:05:52Z "Currently, if you install a parent theme and utilize the theme customizer, and then create a child theme and live preview or activate it, it does not inherit any of the settings previously set for the parent theme. If a child theme doesn't have any existing values from the customizer setting, then it should look for and import those from the parent theme if they exist (perhaps on the switch_theme hook). The current setup is a discouragement to using a child theme if the user has already invested time using the customizer with their parent theme." krogsgard 28 27180 Remove Hidden Widget UI Widgets 3.8 normal normal defect (bug) new 2014-02-21T22:09:25Z 2019-06-05T06:39:44Z "I have come up with a issue with the new widget enhancements. The fact that we have to drag the widget a long way to move it to inactive status. On most screens this is below the visual area of the screen. Yet the only UI to collapse and expand the available widget area is hidden and you don't see it until your hover over text that doesn't appear or look like something you would hover over to see a user interaction. This makes it hard to us or even know it is their or available. The other UI issue also have to do with the widget placement as well. When you go to add a widget it asks you if which area do you want it added to. (For example: Main Widget Area or Secondary Widget Area) But when removing the widget the only options you have (without dragging them) is close and delete. There is no ""Move to Inactive"" Once a widget is in the Inactive Widgets area you can't add the widget via the button you once could in the new widget area. Can we have just one experience for both New and Inactive Widgets? I also have a Screencast which you can see here: http://f.cl.ly/items/0a293y0P363W1p0V2A11/Widget-Screen-Recording.mov " RDall 4 27188 deactivated_plugin behaves improperly dev-feedback Plugins 2.9 normal normal defect (bug) new 2014-02-23T05:36:00Z 2023-10-22T09:59:16Z "Currently, if someone were to hook into `deactivated_plugin`, one should expect that the `$plugin` actually be deactivated. So if, for example, I hook into it with the following code, deactivating Addthis, I don't get the expected behavior. {{{ add_action( 'deactivated_plugin', 'dtat_deactivate_self', 10, 2 ); /** * Deactivate ourself if Premise is deactivated. */ function dtat_deactivate_self( $plugin, $network_deactivating ) { if ( 'addthis/addthis_social_widget.php' == $plugin ) { die( 'Addthis: ' . print_r( is_plugin_active( $plugin ), 1 ) ); } } }}} The plugin still shows that it is active. So if I hook in here to check if plugin has been deactivated, then it fails. Instead, the `deactivated_plugin` hook should appear after the `update_option` call, which is where the plugin is actually deactivated. OR, the docs are wrong and should be updated. Attached is a sample addthis plugin extension that deactivates after Addthis is deactivated by being forced to use `update_option_active_plugins` and `update_option_active_sitewide_plugins`. See [https://gist.github.com/wpsmith/26c2e07370ee8b4c3e3f Github Gist sample plugin] for [http://wordpress.org/plugins/addthis/ Addthis]." wpsmith 11 27224 Multisite upload settings are inconsistent jeremyfelt* dev-feedback Networks and Sites normal normal enhancement accepted 2014-02-27T19:22:04Z 2023-07-02T11:16:33Z """Site upload space"" is indicated in MB whilst ""Max upload file size"" is indicated in KB. It would be useful to standardize on MB." danielbachhuber 8 27236 Custom Widgets lost when theme is re-activated while the widget plugin is inactive Widgets 3.8.1 normal normal defect (bug) new 2014-02-28T15:27:29Z 2019-06-05T06:39:46Z "It could be a rare issue for others, but it's a regular process for my use-case. Custom Widgets are no longer shown in the widget area when theme is de-activated and re-activated while the plugin that provided one of the widgets is inactive. Steps: (Assumes, twenty fourteen is active) 1. Install Slim Jetpack plugin (or any other plugin that provides a widget). I enabled the Extra Sidebar Widgets from Settings > Slim Jetpack. 2. Add one of the Slim Jetpack widgets to the ""Primary Sidebar"" for example ""Gravatar Profile (Jetpack)"". 3. De-active Slim Jetpack. 4. Activate ""Twenty Thirteen"" theme. 5. Activate ""Twenty Fourteen"" theme. 6. Activate ""Slim Jetpack"". Unfortunately, the custom widget is lost. If you had normally de-activated and re-activated Slim Jetpacks, the Primary Sidebar would be fine. If you had done 4 and 5 without 3, everything would be good. But doing the steps as above, the widget is no longer in the sidebar - not even under Inactive Widgets. " asadkn 1 27239 Registration email not sent (multisite subdirectory) Users 3.8.1 normal normal defect (bug) new 2014-02-28T17:59:42Z 2019-06-05T06:39:48Z "I am trying to add new user: - wp-admin/user-new.php When I add new user from site administration, there is no notification email sent to activate account. - wp-admin/network/user-new.php When I add new user from network administration, information email is sent. But then I have to add this user to specific site and there is another notification email sent. Everything works well." pavelevap 10 27244 'Restore This Autosave' immediately updates a published post Revisions normal normal Awaiting Review defect (bug) new 2014-02-28T23:43:29Z 2024-02-25T19:29:55Z "The ""Restore This Autosave"" button on the revisions screen immediately replaces the post with the autosave without making it clear that that is the case. Steps to reproduce: 1. Publish a post. 2. Edit the content of the post and trigger an autosave (either by waiting two minutes or by clicking the 'Preview Changes' button). 3. Navigate away from the post editing screen. 4. Return to the post editing screen and note the message stating ""There is an autosave of this post that is more recent than the version below"". Click ""View the autosave"". 5. On the revisions screen, click ""Restore This Autosave"". 6. Note that the autosave has been published rather than simply being restored to the editing screen." johnbillion 6 27253 Enhancement Request: direct link to Drafts under Posts and Pages on the sidebar chriscct7 Posts, Post Types 3.8.1 normal normal enhancement assigned 2014-03-02T04:32:36Z 2019-06-04T20:45:53Z "It would be awesome if there were a link under posts and pages to get directly to Drafts. So, for example the sidebar would have: {{{ Pages All Pages Drafts Add New }}}" imanilea 16 27266 Front end search for attachment title cannot succeed has-patch Query 2.9 normal normal defect (bug) new 2014-03-03T20:58:32Z 2022-01-18T13:48:15Z "This is somewhat related to ticket #22556 but affects all queries that use the keyword search parameter, 's'. Typing an attachment's title into the ""front end"" search box generated this query: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND (((wp_posts.post_title LIKE '%Guatemala%') OR (wp_posts.post_content LIKE '%Guatemala%')) AND ((wp_posts.post_title LIKE '%IRF3%') OR (wp_posts.post_content LIKE '%IRF3%'))) AND wp_posts.post_type IN ('post', 'page', 'attachment') AND (wp_posts.post_status = 'publish' OR wp_posts.post_author = 1 AND wp_posts.post_status = 'private') ORDER BY (CASE WHEN wp_posts.post_title LIKE '%Guatemala IRF3%' THEN 1 WHEN wp_posts.post_title LIKE '%Guatemala%' AND wp_posts.post_title LIKE '%IRF3%' THEN 2 WHEN wp_posts.post_title LIKE '%Guatemala%' OR wp_posts.post_title LIKE '%IRF3%' THEN 3 WHEN wp_posts.post_content LIKE '%Guatemala IRF3%' THEN 4 ELSE 5 END), wp_posts.post_date DESC LIMIT 0, 2 }}} Although the `post_type` clause includes `attachment`, the `post_status` test always fails because attachments have a `post_status` of `inherit`." dglingren 11 27270 Validation for leading/trailing periods, or consecutive periods in email addresses is only done on the domain section has-patch Formatting 2.7 normal normal defect (bug) new 2014-03-04T10:34:51Z 2019-06-04T19:45:29Z "WordPress valids that the domain portion of the email address (after the @) doesn't have leading or trailing periods, or more than one period consecutively, but the same check isn't done on the portion before the @. This means that the following email addresses validate: .name@email.com name.@email.com first..last@email.com The attached patch will resolve this, although it might need a little refactoring to deal with the duplication in trimming periods and whitespace." scruffian 7 27272 WP meta queries comparing apples to oranges has-patch Query 3.8.1 normal normal defect (bug) reopened 2014-03-04T16:22:44Z 2019-06-04T20:45:59Z "As seen when hooking into the `posts_selection` hook while debugging a site: {{{ ( (ts_wp_postmeta.meta_key = 'financial_max_annual' AND CAST(ts_wp_postmeta.meta_value AS SIGNED) <= '100000') ) }}} The thing that led to that was: {{{ $meta_query[] = array( 'key' => $meta_key, 'value' => $max_fee, 'compare' => '<=', 'type' => 'NUMERIC', ); }}} Can I suggest that, when we CAST, we do so on both sides?" Denis-de-Bernardy 21 27276 wp_rewrite_rule does not update option when it's empty Rewrite Rules 3.7 normal normal defect (bug) new 2014-03-05T09:18:38Z 2019-06-04T21:10:32Z "This bug report about possible problems with situation when deleted options still present in cache. I'm using memcache so my cache is transistient. i've been adding rewrite_rule {{{ function duke_add_endpoints() { add_rewrite_rule('...','...'); global $wp_rewrite; $wp_rewrite->flush_rules(); } add_action( 'init', 'duke_add_endpoints'); }}} and discovered that i can't get it work because of it completely absence in further $wp_rewrite references. Intrigued by that fact (especialy with hard flushing) i've been lead to ''parse_request''of class-wp and due to it's {{{ $rewrite = $wp_rewrite->wp_rewrite_rules(); }}} i guided to '''wp_rewrite_rules''' method of wp-includes/rewrite.php where discovered that rewrite_rules option is loaded from wp_options but if it's not there - it loaded from cache (bacause of get_option behaviour). {{{ $alloptions = wp_load_alloptions(); if ( isset( $alloptions[$option] ) ) { $value = $alloptions[$option]; } else { $value = wp_cache_get( $option, 'options' ); if ( false === $value ) { $row = $wpdb->get_row(.... }}} Wondering why it was not overriden by flush_rules both in wp_options and in cache i've dig into '''flush_rules''' and discovered that it operates the same method {{{ function flush_rules($hard = true) { delete_option('rewrite_rules'); $this->wp_rewrite_rules(); ....... }}} but wait... IF THE REWRITE_RULES IS NOT IN THE WP_OPTION then it still taken from cache with previous value. {{{ function wp_rewrite_rules() { $this->rules = get_option('rewrite_rules'); ///at this point the value already deleted from table but still remains in cache so get_option returns OLD value till it remain in cache for indefinite time if ( empty($this->rules) ) { $this->matches = 'matches'; $this->rewrite_rules(); update_option('rewrite_rules', $this->rules); } return $this->rules; } }}} so if your rewrite rules not in table but in cache - they probably stuck there forever till cache gets cleared. i guess it has something to infere with delete_option and situation when cache is not cleared. but i guess it's next bug to catch. " mainpart 2 27282 WP_Query returns more results when there are sticky posts has-patch Query normal normal Future Release defect (bug) new 2014-03-05T17:49:13Z 2017-01-01T00:51:00Z "When doing a WP_Query like the one below it can return more then 3 post depending if there are sticky posts and if there are returned. {{{ $query = new WP_Query( array( 'orderby' => 'post__in', 'post__in' => $post_ids, 'posts_per_page' => 3 ) ); }}}" markoheijnen 16 27286 create menu page for custom post types dev-feedback General 3.8 normal normal enhancement new 2014-03-05T21:13:20Z 2019-06-04T19:45:30Z Currently, there are dedicated functions for adding new items to a top-level navigation item, such as `add_posts_page`, `add_media_page`, `add_links_page`, and so on. These all act as a wrapper for the `add_submenu_page`. However, there is no dedicated function for custom post types. I am proposing to add a new function called `add_post_type_page` that works in the same way. It's basically a copy of `add_posts_page` with an additional parameter for the registered CPT. norcross 3 27287 siteurl is missing WordPress path when creating a new site needs-unit-tests Networks and Sites normal normal defect (bug) new 2014-03-06T00:03:35Z 2019-06-04T20:06:59Z "Our setup is a single subdomain network. WordPress is installed to `/wp`, and we don't have rewrites configured to mask the subdirectory. On the initial install, `wp_install()` sets the value of `siteurl`based on `wp_guess_url()`. The main site ends up with these expected values: * `siteurl`: domain.com/wp * `home`: domain.com On subsequent creation of a new site, `install_blog()` incorrectly sets the option values for the new site to: * `siteurl`: domain.com * `home`: domain.com This means the admin loads, but CSS and resources are broken, until I update the `siteurl` option value to be ""domain.com/wp"". I'd expect `install_blog()` to follow the same behavior as `wp_install_blog()`. #23221 is related, although this suggested fix doesn't also fix that." danielbachhuber 4 27289 Add populate_network action reporter-feedback Networks and Sites normal normal enhancement new 2014-03-06T04:31:42Z 2019-06-04T20:07:02Z "At the moment, `populate_network_meta` is the only hook available to do extra work when a new network is created. However, this is called before the initial site is created when installing the first network. This means it's impossible to do certain things on network creation, such as creating new sites. (I want to be able to create a new site on network creation so that the network always starts with two sites: the migrated main site and another site.)" rmccue 2 27299 Order the available widgets in the Widgets admin page has-patch Widgets normal normal enhancement new 2014-03-06T17:11:24Z 2019-06-05T06:39:49Z "The list of available widgets is always sorted alphabetically. Adding a hook would allow us to prioritize the order. Sample patch attached." nofearinc 5 27303 "Make the ""Plugins bubble-link"" only show plugins that have an update available" has-patch Plugins 3.8.1 normal normal Awaiting Review enhancement new 2014-03-06T19:03:20Z 2020-09-23T19:51:37Z "If I click on ""Plugins"", I get the full list of plugins. (plugins.php) If I click on the bubble, I get the plugins with an update available. (plugins.php?plugin_status=upgrade) It's a very small enhancement, but it will save me a click every time I go to update my plugins. :) [[Image(https://i.cloudup.com/7UkYAUAV38.png)]]" Fredelig 6 27307 Text Widget size spill over the side of Widget Container in random width. dev-feedback Widgets 3.8.1 normal normal Awaiting Review defect (bug) new 2014-03-06T22:41:03Z 2017-05-26T13:45:11Z "About 75 percent of the time when I add a text widget item to a widget area. The widget spills over the left side of the area. See Screenshot http://cl.ly/image/3Y363s242a3y What is odd about this is that it only happens sometimes and it has randomly width that it spills over as well. See additional screenshot. http://cl.ly/image/3H3X371R0n3l If you expand the browser window the widget size actually expands as well. But seems to keep what ever margin it had on the left constant. Have another screenshot here from my trunk build. http://cl.ly/image/3E203q083Z3V I tried a search in Widgets for trac and couldn't find anything related. If this is proper UI for widgets it does seem a little random to me. " RDall 3 27316 Add search for favourite plugins has-patch Plugins 3.8 normal normal enhancement new 2014-03-07T13:20:45Z 2022-03-11T09:05:10Z "Many magicians (and me) have a lot of favorite plugins on wordpress.org. So this is the enhancement in order to have the search feature in favorite plugins too. Actually it's a workaround on the plugins_api, if there were the 's' (search) argument.. it would be better. But that's it and it works." mirkolofio 5 27326 wp_list_pages - exclude parameter changes behaviour depending on depth has-patch Posts, Post Types 3.8.1 normal normal defect (bug) new 2014-03-08T15:01:38Z 2019-06-04T20:46:05Z "Let's say I have four top level pages with IDs 1,2 and 3 and each has three children, say, (11,12,13), (21,22,23) and (31,32,33). If I run {{{ <?php wp_list_pages(); ?> }}} on that I'll get all the pages shown. So it'll be a list like: {{{ 1 11 12 13 2 21 22 23 3 31 32 33 }}} If I run {{{ <?php wp_list_pages(exclude=3); ?> }}} then page 3 will not be shown and the hierarchy will collapse so 31,32,33 appear in the top level of the hierarchy. So what I'll get is: {{{ 1 11 12 13 2 21 22 23 31 32 33 }}} Given the existence of a separate ''exclude_tree'' argument, that is pretty much what I'd expect to happen, after all it has to show the child pages somehow. If I now introduce a ''depth'' argument so it is: {{{ <?php wp_list_pages(depth=3&exclude=3); ?> }}} I'd expect the same thing to happen as the ''depth'' shouldn't make any difference. What actually happens is that the ''exclude'' now behaves similarly to ''exclude_tree''. What I actually get is: {{{ 1 11 12 13 2 21 22 23 }}} Now that to me doesn't make sense." nosnurg 5 27350 Invalid HTML Output has-patch Formatting 3.8 normal normal Future Release defect (bug) assigned 2014-03-11T08:19:48Z 2021-03-17T17:15:29Z "Paste into editor's Text tab: {{{ <div>hello <pre>test</pre> world</div> }}} Preview output: {{{ <div>hello</p> <pre>test</pre> <p>world</p></div> }}} Seen in 3.8 and in trunk. Doesn't seem to be an editor bug because switching tabs will improve the output. Something wrong with wpautop()? " miqrogroove 36 27365 Upgrader bulk_upgrade() functions do not return the correct data aaroncampbell has-patch Upgrade/Install 2.9 normal normal defect (bug) assigned 2014-03-11T22:20:28Z 2019-06-04T21:10:35Z "In the bulk_upgrade() function of Language_Pack_Upgrader, Plugin_Upgrader, and Theme_Upgrader the values returned are not set properly, resulting in very poor feedback from the function on success or failure. For instance, take the following code sample from Plugin_Upgrader: {{{#!php $result = $this->run( array( 'package' => $r->package, 'destination' => WP_PLUGIN_DIR, 'clear_destination' => true, 'clear_working' => true, 'is_multi' => true, 'hook_extra' => array( 'plugin' => $plugin ) ) ); $results[$plugin] = $this->result; }}} Notice how the result is stored in the `$result` variable yet the `$results` variable, which is used as the return value, stores the `$this->result` variable. While the `$this->result` variable does contain some data, it's not very relevant as a return value for these functions. This issue causes a loss of most, if not all error feedback (I have yet to test every possible combination of result possibilities) and fails to provide any useful success condition responses. In most of my test cases, this issue results in each package having a response value of `null`. This same issue can be found in the Language_Pack_Upgrader and Theme_Upgrader classes. My solution is to simply change `$this->result` to `$result` as found in the supplied patch and as shown below: {{{#!php $results[$plugin] = $result; }}}" chrisjean 17 27404 Widget Customizer: Allow adding inactive widgets to widget areas melchoyce Widgets 3.9 normal normal Future Release feature request assigned 2014-03-13T21:24:35Z 2018-12-09T21:05:49Z "Currently a user may add new widget instances to widget areas in the customizer, and they may remove these widgets to send them to the inactive widgets area (aka widget trash). However, there is currently no way to restore these inactive widgets to widget areas without leaving the customizer and going to the widgets admin page. The widget addition panel should be extended to also list out inactive widgets. Originally reported at https://github.com/x-team/wp-widget-customizer/issues/46 Related: #39693" westonruter 78 27405 Widget Customizer: Fade out sidebar sections that lack any rendered widgets Widgets 3.9 normal normal Awaiting Review enhancement new 2014-03-13T21:44:19Z 2017-06-07T00:24:28Z "Currently when there is a widget that is not rendered in the current URL being previewed (e.g. via Widget Visibility), the widget control in the customizer will become semi-transparent to indicate it is not being rendered. The same semi-transparent indicator would be useful for sidebars that are empty or which lack any rendered widgets. Originally reported in https://github.com/x-team/wp-widget-customizer/issues/76" westonruter 3 27412 Category meta box: cannot see chosen subcategory if many items in subcategory Taxonomy 3.8 normal normal defect (bug) new 2014-03-14T06:34:02Z 2019-06-04T21:10:38Z "Hi there, if you have many items in a subcategory then you are not able to see that selected item in the meta box in admin unless it's alphabetically in the top 10 (or thereabouts) of the subcategorie items. The meta box only shows the parent, you will have to scroll down a lot to find the child too. In my eyes it would make sense to move the chosen items in subcategories directly under their parents, ignoring the alphabetical ordering, so that you are able to see what has been chosen. " landwire 8 27421 Escape madness in meta API has-patch Options, Meta APIs 3.8.1 normal normal defect (bug) reopened 2014-03-15T16:20:46Z 2019-06-04T20:46:10Z "I was trying to come up with a reasonably sane wrapper around the WP meta API so as to no longer need to call it directly, and I'm somewhat bemused by the slashing insanity in there... As I read through the code: - get_post_meta() expects key and value to be unslashed - add_post_meta(), update_post_meta() and delete_post_meta() expect key and value to be slashed - WP uses wp_unslash() to strip slashes in add_metadata(), update_metadata(), and delete_metadata() - the codex suggests to use wp_slash() to add slashes before storing data This could all work in the best of worlds, but then: 1. the codex is mysteriously silent on the need to slash keys as well 2. wp_unslash() will dutifully unslash objects, but wp_slash() doesn't slash them to begin with 3. wp_slash() and wp_unslash() would not be able to slash private variables (short of using Reflection, perhaps) even if they wanted to 4. wp_slash() and wp_unslash() will not bother processing array keys that could have been sent from e.g. a POST request. Admittedly, it's not every day where $_REQUEST keys are inserted as is the database, so there's likely little room for SQL injections with respect to that last point, and array keys are typically without slashes, leaving little room for quirky keys that lose their slashes while getting stored. Still, I'm left scratching my head as to if/when we'll actually allow objects to get stored using the meta API without running the risk of seeing their data unslashed at arbitrary points in time." Denis-de-Bernardy 5 27425 Templates For Posts Formats dev-feedback Post Formats normal normal enhancement new 2014-03-15T18:16:18Z 2019-06-04T20:46:12Z "If I opt to use Custom Post Templates, then I can easily put a custom post template by putting a file named single-[name of the custom post], but that same feature is not available for the post formats. I love the post format feature in WordPress, and people just don't want to use that for some reasons, but this would really attract some of the audience to use the post formats. For example, a post with Audio format will first look for single-audio.php or single-audioformat.php or anything cuz it single-audio.php may effect the Audio Custom post type. What do you guys think of this idea?" hardeepasrani 4 27427 Edit Gallery view does not display images in original aspect ratio Media 3.5 normal normal defect (bug) new 2014-03-15T18:38:26Z 2019-06-04T20:07:06Z "Тhe new gallery preview does display thumbnails in their original aspect ratios, although the modal for creating and editing the gallery does not. The goal is to show the thumbnails in their original ratio which happens when the thumbnails are not square. This happens, for example, if the thumbnail size in Media Settings is 200 (W) x 400 (H), ""Crop thumbnail to exact dimensions"" is not checked. Placement of a certain thumbnail within the gallery often depends on the orientation, and it is very difficult if we show a square shape instead of the real shape. More details: https://core.trac.wordpress.org/ticket/26959 http://wordpress.org/support/topic/edit-gallery-square-thumbnails-vs-portrait-and-lanscape?replies=2" Greybox 2 27473 Thickbox width and height parameters are ignored when using TB_iframe Administration 3.8 normal normal Awaiting Review defect (bug) new 2014-03-21T18:18:19Z 2021-12-17T21:11:56Z "I tried to load a thickbox with custom width and height parameters, like the codex says: ?TB_iframe=true&width=450&height=120 anyway regardsless of what values I use, custom with and height values are ignored. I debugged /wp-includes/js/thickbox/thickbox.js and parameters are read in correctly, anyway it does not have any effect when setting them for iframe-tag on line 198: jQuery(""#TB_window"").append(""<div id='TB_title'><div id='TB_ajaxWindowTitle'>""+caption+""</div><div id='TB_closeAjaxWindow'><a href='#' id='TB_closeWindowButton' title='""+thickboxL10n.close+""'><div class='tb-close-icon'></div></a></div></div><iframe frameborder='0' hspace='0' src='""+urlNoQuery[0]+""' id='TB_iframeContent' name='TB_iframeContent""+Math.round(Math.random()*1000)+""' onload='tb_showIframe()' style='width:""+(ajaxContentW + 29)+""px;height:""+(ajaxContentH + 17)+""px;' >""+thickboxL10n.noiframes+""</iframe>""); I tried to add the following code to check if resize is possible: jQuery(""#TB_window"").css(""width"",""450""); jQuery(""#TB_window"").css(""height"",""120""); this failed generally (although it worked when executing the command in the browser console) " harmr 17 27494 Posts page appears into search results close Posts, Post Types 3.8.1 normal normal Future Release defect (bug) new 2014-03-23T14:27:23Z 2020-03-03T22:50:07Z "Hi, if you set a static home page, so then a page for posts, this page is just a virtual page, because it doesn't have any content, just the title. But, if you search on the site for this title, the virtual page will be shown as search result. In my opinion this should be hidden." SGr33n 4 27507 get_posts() not honoring post_status criteria Query 3.8.1 normal normal defect (bug) new 2014-03-25T05:49:53Z 2019-06-04T20:46:17Z "Toss in the following in a mu-plugin file to reproduce: {{{ $posts = get_posts(); var_dump($posts); }}} You'll get auto-drafts in the returned result set, instead of the expected published posts only (i.e. the default as set by `get_posts()`). I've traced the problem to this loop that calls `get_post_stati()` in the `WP_Query#get_posts()` method: {{{ foreach ( get_post_stati() as $status ) { if ( in_array( $status, $q_status ) ) { if ( 'private' == $status ) $p_status[] = ""$wpdb->posts.post_status = '$status'""; else $r_status[] = ""$wpdb->posts.post_status = '$status'""; } } }}} `get_post_stati()` latter relies on a global that isn't set yet. I'm suspicious that we should be calling it here to begin with. Assuming we should, I definitely don't think WP should silently return an empty array. It should cough a `_doing_it_wrong()` notice, and quite possibly even a warning. That being said: why aren't the built-in post statuses registered by the time plugins get loaded? Can't we register them earlier? (And: does the same apply to custom post types?)" Denis-de-Bernardy 6 27511 "Upper ""Select All"" checkbox for list of plugins to update on update-core.php does not work on first click" Upgrade/Install 3.8.1 normal minor Awaiting Review defect (bug) reopened 2014-03-25T13:41:24Z 2018-03-05T14:02:43Z "(Minor annoyance) On the admin page: {{{ update-core.php }}} when there is a list of plugins with Updates Available, the first time you click on the ""Select All"" checkbox, it does not actually affect any of the checkboxes in the list. The first time it happened, I just thought it might be a one-time or install-specific occurrence. Then, I had to update a different WordPress install on the same cPanel server, in a different account. In both cases, I went to the equivalent ""Select All"" checkbox at the bottom of the list, and it worked on the first click. I then had to do updates on a VPS with a multisite install of Wordpress, and again the upper box did not work at first. However, I kept clicking it, and after about clicking it on, then off, then on again, the upper checkbox started affecting all the checkboxes in the list again. " vanjwilson 5 27514 Weird focus/color behavior on touch devices (like iOS) Administration normal normal defect (bug) new 2014-03-25T16:50:00Z 2019-06-04T19:25:12Z "Using an iOS device, when you scroll and click on the sidebar, you can get buggy color behavior in the sidebar. Apparently Android works too. STR: * Open the admin interface on iOS * Touch to open the menu * Touch to navigate to the Comments screen * Touch to open the menu again * Touch ""Posts"" to open the sub menu At this point, I have three highlighted items: Dashboard, Posts, and Comments. In other scenarios, I can get sub menu items (like ""All Posts"") to be highlighted as well, mostly from scrolling up and down a bit. Screenshot of the worst case scenario attached (four highlighted things)." samuelsidler 2 27543 Flyout submenu items can be hidden on Windows touch devices Administration 3.8 normal normal defect (bug) new 2014-03-27T06:08:29Z 2019-06-04T19:25:19Z "Spin out of #26482, specifically comment 5 and the related screenshot. The fly out submenus are broken on Surface. The patch in #26482 fixes that issue for iOS, but we should circle back and fix it for Surface." samuelsidler 1 27606 """Add Existing User"" form does not preserve input in case of an error" has-patch Users low minor Awaiting Review defect (bug) new 2014-03-31T10:43:42Z 2019-05-03T10:39:43Z "Background: #27006 In single site, ""Add New User"" form preserves entered values in case of an error. In Multisite, ""Add New User"" form preserves the values, but ""Add Existing User"" does not. In network admin, ""Add New User"" form does not preserve the values." SergeyBiryukov 6 27623 "Search results for "" "" text appearing on every plugin activation or deactivation" has-patch Plugins 3.8.1 normal normal defect (bug) reopened 2014-04-01T15:01:03Z 2019-06-04T20:46:23Z "When I activate or deactivate a plugin via the plugins page in WP admin, I get the following text appear at the top of the page next to the Plugins heading: {{{Search results for “ ”}}} The URL looks like: {{{wp-admin/plugins.php?activate=true&plugin_status=search&paged=1&s=+}}} As you can see from the URL, {{{$s}}} or {{{$_REQUEST['s']}}} is set which results in the following line (around 414) in wp-admin/plugins.php executing: {{{printf( '<span class=""subtitle"">' . __('Search results for “%s”') . '</span>', esc_html( $s ) );}}} Why is {{{$_REQUEST['s']}}} being set in this situation? Does it need to be?" henry.wright 6 27632 `wp_registration_url()` doesn't have a redirect argument chriscct7 has-patch Login and Registration 3.6 normal normal defect (bug) reviewing 2014-04-02T12:05:53Z 2019-06-04T20:07:13Z "There is a redirect argument for each of the login, logout, lostpassword url functions, but for the registration url function. Omission or done on purpose?" Denis-de-Bernardy 3 27670 Plugin Information tab - inaccesible without install_plugin capability dev-feedback Role/Capability 3.8.1 normal normal defect (bug) new 2014-04-04T14:01:03Z 2019-06-04T21:10:44Z "Hello, if I understand it correctly through the '''Plugin information tab''' you can also install/update plugins. But if you permit installing plugins with f.e. with add_cap(""install_plugins"", FALSE) to some user, whole '''Plugin information tab''' is '''unusable''' for him, so you cant view details, install update even if you are allowed to. I suppose the problem is in wp-admin/plugin-install.php where is {{{ if ( ! current_user_can('install_plugins') ) wp_die(__('You do not have sufficient permissions to install plugins on this site.')); }}} so maybe extending the condition above to something like this {{{ if (( ! current_user_can('install_plugins') ) && plugin_not_installed($plugin_name)) }}} could help? Thanks Jozef Repáň " FolioVision 5 27683 wp_insert_post_empty_content filter issues with auto-drafts and/or fix auto-draft duplicates dev-feedback Posts, Post Types 3.5.1 normal normal defect (bug) new 2014-04-05T07:15:22Z 2019-06-04T20:46:27Z "I have explained the issue at http://wordpress.stackexchange.com/a/140326/31794 The 'wp_insert_post_empty_content' filter can have adverse effects on getting the draft for New Posts (new-post.php) resulting in numerous PHP Noticesand failure to get the auto-draft record properly. My suggestion for an intermediate fix would be to replace: {{{ if ( apply_filters( 'wp_insert_post_empty_content', $maybe_empty, $postarr ) ) { if ( $wp_error ) return new WP_Error( 'empty_content', __( 'Content, title, and excerpt are empty.' ) ); else return 0; } }}} with: {{{ if ( $id = apply_filters( 'wp_insert_post_empty_content', $maybe_empty, $postarr ) ) { if ( $wp_error ) return new WP_Error( 'empty_content', __( 'Content, title, and excerpt are empty.' ) ); else return $id; } }}} That way we can use the filter to prevent duplicates instead of having to resort to extending the db class. Though ideally a native method to prevent auto-draft duplicates (along the same lines of my code) in wp_insert_post seems best. I don't know who came up with the cleanup later idea, but it's far from an ideal practice, and as per previous tickets, doesn't always work." hexalys 2 27733 wpautop(): \s in regex destroys some UTF-8 characters needs-unit-tests Formatting 0.71 normal major defect (bug) new 2014-04-09T09:17:39Z 2022-01-18T13:48:21Z "\s in preg_replace() incorrectly targets some UTF-8 characters. '''Steps to reproduce:''' 1. Create a post with {{{ ム new line }}} as a content. 2. It will be output as {{{ <p>�<br> new line</p> }}} '''Quick Test:''' {{{ $pee = ""<p>ム\n""; $pee = preg_replace('|(?<!<br />)\s*\n|', ""<br />\n"", $pee); echo $pee; // outputs <p>�<br />\n }}} '''Solution:''' Use [\r\n\t ] rather than \s." tenpura 9 27736 Save one query when inserting a new post has-patch Posts, Post Types 3.0 normal normal enhancement new 2014-04-09T13:31:34Z 2019-06-04T20:46:31Z "The workflow when inserting a new post is the following : 1) `wp_insert_post()` sets a few vars (post type, post status, ...), updates `$wpdb->posts`, then calls `wp_set_post_categories()` 2) first thing `wp_set_post_categories()` wants to know is `$post_type` and `$post_status`, for which it performs an SQL query, instead of getting this info from caller function Same things goes for `wp_insert_attachment()` Patch passes extra optional parameters `$post_type` and `$post_status` to `wp_set_post_categories()`, to save one query when adding a post, or a whole bunch when importing a batch." ozh 4 27740 Passwords consisting of spaces are valid at install time has-patch Upgrade/Install 3.8.2 normal normal Awaiting Review defect (bug) new 2014-04-09T19:27:17Z 2018-10-18T03:00:28Z "Steps to reproduce: 1. Install a fresh copy of Wordpress (after initial database information page) 2. Fill out the relevant fields (username, email, site title) 3. On the password fields, press the spacebar once (so your password is one space) 4. Submit The install completes and prompts you to log in, using your single-space password The login page returns an error: Error: The password field is empty. ..rendering login impossible I believe this is similar to #24973. Preferably there would be a check during install to see if the password consists of just spaces (or other characters that would be stripped). " nfreader 7 27743 """Change role to..."" omitted from bottom of users table shown to single site admin in multi-site" Users 2.7 normal normal defect (bug) assigned 2014-04-09T21:01:48Z 2019-06-05T06:39:53Z "For more background, see multisite forum discussion [https://wordpress.org/support/topic/how-can-a-multisite-site-admin-change-a-users-role?replies=6#post-5437492] where the mod thought this might be worth a ticket. Browsing the current sources for trunk, I can see that the problem is present at line 206: [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/class-wp-users-list-table.php#L206] My personal feeling is that even for filtering controls, having them present in the line of controls at the top of tables but absent in the line at the bottom of the tables is not a good idea, but I'll concede that it's debatable. However, I believe that for this case of showing the ""Change role to..."" bulk action at the top of the users shown to single-site admins in a multi-site network, but omitting it from the bottom of the table, where it clearly ought to be present beside the Bulk Actions control, is a bug. The attached screenshot shows the problem (using 3.7.1). Deleting these lines from the trunk version of {{{class-wp-users-list-table.php}}} fixes the problem (tested in 3.7.1). " sootsnoot 9 27747 Inconsistent type default between `submit_button()` and `get_submit_button()` dev-feedback Administration 3.5 normal normal Awaiting Review defect (bug) new 2014-04-10T08:03:52Z 2023-12-06T11:23:51Z "One defaults to `$type = 'primary'` while the other defaults to `$type = 'primary large'`. Shouldn't that last one be `$type = 'primary'` too?" Denis-de-Bernardy 4 27758 WP_Error data is false in _unzip_file_ziparchive Upgrade/Install 3.7 normal normal defect (bug) new 2014-04-11T14:25:07Z 2019-06-04T21:10:49Z "This is a follow-up to #22704, and the short version because after my long version crashed on 'continue to preview' :( {{{ return new WP_Error( 'mkdir_failed_ziparchive', __( 'Could not create directory.' ), substr( $_dir, strlen( $to ) ) ); }}} `substr( $_dir, strlen( $to ) )` results in false for the 'upgrade' folder and the zipfile folder itself. For the other folders the 'data' is simply not very informative and could be even confusing. Before [25780], it used to be just `$_dir`; isn't that a much more informative feedback? " ruud@… 4 27776 WordPress API timeouts should be cached to avoid slowing down the admin Administration 3.3 normal normal defect (bug) new 2014-04-12T16:23:04Z 2019-06-04T19:25:25Z "The admin does several calls to the WordPress API, such as from the wp_check_browser_version function. These calls don't cache timeouts, which means if the API is consistently timing out the admin is slow on every load as all of these calls must timeout before the page can load. I propose we cache timeouts using transients, for a day. This behavior has been present since at least 3.3 and is still the behavior on trunk." brandon.wamboldt 3 27804 bug when updating after domain change settings dev-feedback Administration 3.8.2 normal normal defect (bug) new 2014-04-14T22:07:08Z 2019-06-04T19:25:28Z "I have found the following bug that affects for sure wordpress 3.8.2 and the latest 3.8.3. I have noticed this bug when I changed my domain settings: WordPress Address (URL) and Site Address (URL) from a domain say www.mydomain.org to www.mydomain.com. In the admin panel, when I get notified of new updates to be installed, installation of wordprewss, plugins and themes seems successful but is not performed. After a bit of banging my head on the problem, for curiosity decided to switch back to www.mydomain.org and all updates were installed! It's a bit annoying doing this procedure for every new updates. Can anybody reproduce this?" robomotic 1 27814 Automatic updates should not be silently disabled if I have .hg in file system root Upgrade/Install 3.7 normal normal enhancement new 2014-04-15T09:17:56Z 2019-06-04T21:10:55Z "My WordPress does not apply updates automatically, although it is told to via define('WP_AUTO_UPDATE_CORE', 'minor');. WordPress did not send any mail with an error report, so I had no idea how to debug that issue. I then found http://wordpress.org/plugins/background-update-tester/ which told me that all conditions pass except for {{{ FAIL: The folder / was detected as being under version control (.hg). }}} '''What?''' Yes, indeed, I am managing system configuration files via Mercurial. The repo is placed in the root of my file system. This is *'''completely'''* unrelated to my WordPress installation. I see the rational (http://make.wordpress.org/core/2013/09/24/automatic-core-updates/): {{{ If the install is running as a SVN or GIT checkout, automatic updates are disabled }}} But the way it is currently detected is in my opinion strongly over-generalized: {{{ It looks for .svn, .git, .hg, and .bzr folders in ABSPATH, and every directory above that up to / }}} It is fine if WordPress makes assumptions about its own eco system. However, the current implementation assumes that any DVCS placed in any directory when going up the file system hierarchy up to the root is controlling WordPress. What is this assumption based on? That WordPress should be the only thing running on a Linux box? :-) Seriously, this is not a good way to detect if the current ""''install is running as a SVN or GIT checkout''"". I think everybody agrees that I should not be forced to get rid of my system configuration repository in order to make automatic updates work again. I think WordPress should change this behavior. What are other good ways of determining ""if the install is running as a SVN or GIT checkout""? One could also question the rational behind this: ''If it is a SVN/GIT/... checkout then *'''most likely'''* it is a development version and the developer *'''most likely'''* does not want automatic updates to be enabled?'' Too many assumptions in this for my taste, even if we could reliably determine whether the current WP installation is a DVCS checkout. Could that whole thing be done more explicitly? What would be a quick workaround for me, if I really want to have automatic updates without getting rid of /.hg? " jgehrcke 5 27832 All sites automatically marked as archived after upgrade Networks and Sites 3.7 normal normal Awaiting Review defect (bug) new 2014-04-16T10:47:37Z 2018-12-08T15:08:06Z "Strange thing, all sites were automatically marked as archived after automatic upgrade to 3.8.3. Maybe it is not related, but it was the last thing which is time-related to this problem. I checked database tables and all sites had archived = 1 in wp_blogs, but last_update column was not changed. So, it suggests, that it was not done by administrator. Administrator can archive primary site? Then it is not possible to access administration... I repaired it by setting 0 for all sites, but I am not sure, how could it happen? Do you have any ideas? There are no plugins which could cause it. I searched code and did not find any clue. Also hosting company is used for many other Multisite installations without problems. There are also some posts from different forums (usually somehow related to WordPress upgrade), but they are only talking about fixing problem and not about finding why... http://wordpress.org/support/topic/site-automagically-archived-or-suspended-on-multisite http://wordpress.org/support/topic/after-install-site-has-been-suspended-or-archived http://wpgarage.com/tips/unarchive-archived-suspended-site-wordpress-multisite/ Not sure, if it is some kind of bug, incompatibility or security hole..." pavelevap 9 27860 Media Upload: Incorrect renaming increment for retina files Upload 3.9 normal normal Future Release feature request new 2014-04-17T12:23:40Z 2019-05-15T21:14:35Z "If a file is uploaded `myimgage.png` and then a second image is uploaded with the same name the file is renames `myimgage.png` to `myimgage1.png` this is fine. However if a Retina image is uploaded using the Apple retina standard @2x i.e. `myimage@2x.png` The increment is `myimage@2x1.png` this is not correct and should be `myimage1@2x.png` Should be `myimage[[prefex]]@2x.png` NOT `myimage@2x[[prefex]].png` " phillbooth 2 27888 Feature request: `get_current_admin_url()` and `get_current_admin_hook()` lucatume needs-unit-tests Administration 3.9 normal normal Awaiting Review feature request assigned 2014-04-18T12:22:45Z 2019-12-11T20:16:46Z "It would be sweet if to be able to get the current page's url using some kind of API. And its hook, for that matter. For instance: {{{ public function get_current_admin_page_url() { if (!is_admin()) { return false; } global $pagenow; global $typenow; global $taxnow; global $plugin_page; $url = $pagenow; if (!empty($plugin_page)) { $url .= '?page='.$plugin_page; } elseif (!empty($typenow)) { $url .= '?post_type='.$typenow; } elseif (!empty($taxnow)) { $url .= '?taxonomy='.$taxnow; } return $url; } }}} And something similar for `get_current_admin_hook()`." Denis-de-Bernardy 16 27896 wordpress-importer's lack of understanding of XML Namespaces causing compatibility issues has-patch Import 3.9 normal normal Awaiting Review defect (bug) new 2014-04-18T15:02:18Z 2017-06-13T21:27:26Z "This plugin doesn't understand namespaces when parsing XML. Correct me if I'm wrong but I think the following XML documents are equivalent: {{{ <rss xmlns:wp=""http://wordpress.org/export/1.2/""> <channel> <wp:wxr_version>1.2</wp:wxr_version> </channel> </rss> }}} {{{ <rss> <channel> <wxr_version xmlns=""http://wordpress.org/export/1.2/"">1.2</wxr_version> </channel> </rss> }}} {{{ <rss> <channel> <wp:wxr_version xmlns:wp=""http://wordpress.org/export/1.2/"">1.2</wp:wxr_version> </channel> </rss> }}} {{{ <rss xmlns:ns1=""http://wordpress.org/export/1.2/""> <channel> <ns1:wxr_version>1.2</ns1:wxr_version> </channel> </rss> }}} Importing the first document leads to the next step with the ""Download and import file attachments"" checkbox and the ""Submit"" button. The other documents produce ""This does not appear to be a WXR file, missing/invalid WXR version number"". This bug makes it difficult to write tools which generate WXR files (for instance when migrating content from an existing site into a WordPress installation)." tomdxw 9 27914 Information about image is jumping in media modal joedolson* has-patch Media 3.5 normal normal 6.6 defect (bug) accepted 2014-04-19T11:58:57Z 2024-03-01T22:03:35Z "When changing title or caption, changes are saved automatically, but information about image is jumping and it is very distracting. It is caused by ""Saved."" message which is displayed for a sec. See attached screenshots." pavelevap 12 27916 Add New Post screen nonce failure should redirect to Edit Post screen Administration normal normal Future Release enhancement new 2014-04-19T13:27:55Z 2017-05-12T19:19:25Z "Last night I added a new post, but I didn't publish it, I just left the Add New post screen open. I did a few other things and then put the computer to sleep. This morning I got up, checked the draft, and then hit publish. But the nonces had expired, so I was shown the ""Are you sure you want to do this?"" screen. I hit ""try again"", but I was returned to the Add New Post screen. I really thought I had lost the post. (Oh, the agony.) Fortunately, I really hadn't, because it was saved as a draft. But it really scared me. Instead of causing folks to have a heart-attack, we could direct them to the Edit Post screen with the draft they were working on loaded, instead of the Add new post screen." jdgrimes 2 27919 Similar strings for media modal joedolson* has-patch Media 3.9 normal normal 6.6 defect (bug) accepted 2014-04-19T18:10:24Z 2024-02-29T12:09:45Z "There are some strings which we use for the same action from different modal windows: - ""Attachment Display Settings"" x ""Display Settings"" - same settings from different windows - ""Edit Image"" x ""Edit Original"" - same link from different windows - ""There are no associated subtitles."" - should be ""items"", I guess (can be inserted also other things then subtitles)." pavelevap 10 27938 Restore This Autosave does not work for custom post types that don't support 'revisions' chriscct7 has-patch Revisions 3.8 normal normal Future Release defect (bug) reviewing 2014-04-20T13:42:49Z 2019-06-04T18:13:25Z "If you have a custom post type that doesn't support revisions but you manage to create an autosave which is more recent than the current version then you get offered the opportunity to restore it, but the restore action doesn't complete. You end up in an annoying(*) loop. Expected result: CPT restored to the autosave. Actual result: Redirected to edit.php for the CPT Steps to create the problem. 1. Ensure your CPT doesn't support 'revisions' 2. Create a new post and publish it 3. Create an update but don't publish it... just let it autosave 4. When you see the ""Draft saved"" message just quit 5. Edit the post again. 6. You will be shown the message: There is an autosave of this post that is more recent than the version below. 7. Click on the View the autosave link 8. Click on Restore This Autosave button 9. End up at the list of posts for this CPT. 10. go to step 5. Introduced by: #23497, change [23769] Note: Fixing this bug by simply reinstating the test on !wp_is_post_autosave( $revision ) leads to #27244 being applicable. In my opinion, this follow on problem is preferable to the current behaviour. Workaround for developers: Define 'revisions' support for your CPTs... especially those which support 'editor'. (*) What's annoying is that you get to see the autosaved version but it's not just a simple case of copying and pasting the text since the two versions get merged. " bobbingwide 6 27957 Revisit the Tag/Category Converter mention on the Tools Page General 3.9 normal normal enhancement new 2014-04-21T18:59:04Z 2019-06-04T19:45:42Z "Core's tools.php page specifically calls attention to the ""Categories and Tags Converter"" plugin. I'd suggest eliminating reference to this completely. It looks to be a relic from years ago that just kind of came along for the ride, and doesn't really have a place in modern Core. I think it's a perfect example of functionality that falls into 'Plugin Territory' - which, luckily, is how it's currently implemented. There are also a large number of similar, more well-maintained plugins that can accomplish this and more for a larger number of taxonomies. If it's decided that the reference should stay, then I believe the logic surrounding the output needs to be modified, more along the lines of this psuedocode: (As currently, if a user can Manage Terms, they're instructed to go install a plugin, even if they may lack that capability.) {{{ if ( current_user_can($cats->cap->manage_terms) || current_user_can($tags->cap->manage_terms) ) { if ( $tag_category_converter_is_installed //TODO: this check ) { // provide link for actually using it. TODO: this link } else { if ( current_user_can( 'install_plugins') ) { ?> <div class=""tool-box""> <h3 class=""title""><?php _e( 'Categories and Tags Converter' ) ?></h3> <p><?php printf( __('If you want to convert your categories to tags (or vice versa), use the <a href=""%s"">Categories and Tags Converter</a> available from the Import screen.'), 'import.php' ); ?></p> </div> <?php } } } }}} " MadtownLems 6 27994 Erroneous plugin deactivation should be a manual action Plugins 2.5 normal normal enhancement new 2014-04-23T16:00:01Z 2019-06-04T20:46:44Z """The plugin `foo.php` has been deactivated due to an error: Plugin file does not exist."" This seemingly harmless behaviour on the Plugins screen can end up being a royal pain for developers. Consider the scenario where you've renamed your plugins directory or any of the plugins within it (ie. to do some debugging with plugins disabled), and then you visit the Plugins screen. BAM, your plugins have been deactivated. I think this behaviour should be removed, and instead a list of erroneous plugins displayed, with the option to manually deactivate them. Thoughts?" johnbillion 7 27996 Show/Hide Postbox doesn't work if dynamically added has-patch Administration 3.9 normal normal enhancement new 2014-04-23T17:23:23Z 2019-06-04T19:25:33Z "If you have a plugin which adds a metabox to the page at runtime, the ""handlediv"" button which shows/hides the contents of that metabox doesn't work. To fix it, the code (on line 12 of postbox.js and also in postbox.min.js) should change from: {{{ $('.postbox h3, .postbox .handlediv').bind('click.postboxes', function() { }}} To: {{{ $(document).on('click.postboxes', '.postbox h3, .postbox .handlediv', function() { }}} P.S. I have tried to submit a patch in the past but my entire computer had a meltdown and scattered files from here to Mordor to the Shire because I have no idea how to do it properly. This after spending a couple weeks reading up on how to it properly. So, unfortunately, I am not able to submit a patch due to the incredibly difficult-for-me-to-understand SVN system. My Apologies." johnstonphilip 8 28006 Add visual cues when viewing drafts on the frontend Posts, Post Types normal normal Awaiting Review feature request assigned 2014-04-24T08:07:28Z 2019-04-22T16:46:38Z "This is a relatively minor issue, but I've often had the problem where I think a post is published because I can view it on the frontend and there is nothing on the page that indicates that I am viewing a draft. If this happens to me from time to time then I'm sure it happens to other users too. I propose adding a few unobtrusive visual cues to the single post page that indicates that you are viewing a draft. I have attached my changes here - they include: * Adding ""(Draft)"" to the end the 'edit post' text in the admin bar * Adding ""(Draft)"" to the end of the default link generated by {{{ edit_post_link() }}} * Adding a new body class to single post pages: {{{ single-status-{status} }}} These changes are minor enough to not break the existing display, yet significant enough to clearly show that you are currently viewing a draft. The addition of the post status to the body class will also help with customising the page according to the current status." hlashbrooke 16 28013 WP_Filesystem_FTPext::exists($filename) returns false when file exists on FTP Service ( IIS/6.0 Microsoft & Linux/vsftp ) dd32 close Filesystem API 3.9.2 normal normal Future Release defect (bug) reopened 2014-04-24T15:33:56Z 2024-01-04T21:18:58Z "I'm having trouble using the update/upgrade functions of WordPress on a Windows IIS/6.0 server. The .maintenance file is never deleted. I have to use the FTPext method of updating and I've found that `WP_Filesystem_FTPext::exists('.maintenance')` returns false even though the file exists. Since the fix for #10060 that function uses `ftp_nlist()` which returns invalid results on the IIS/6.0 Microsoft FTP Service. I did some more testing and it turns out that the current function has issues with ""dotfiles"" '''Work correctly''' `WP_Filesystem_FTPext::exists('index.php')` `WP_Filesystem_FTPext::exists('wp-content/debug.log')` '''Fail''' `WP_Filesystem_FTPext::exists('.maintenance')` `WP_Filesystem_FTPext::exists('wp-content/.maintenance')` (yes, I made sure those files actually existed ;-) For this particular purpose, couldend `WP_Upgrader::maintenance_mode()` be modified to test for the existence of .maintenance using `is_file( ABSPATH . $file )` and if so execute `$wp_filesystem->delete($file, false, 'f');` (setting the f bypases all the tests)?" joostdekeijzer 26 28017 Slug conflict with hierarchical Custom Post Types Posts, Post Types 3.9 normal normal defect (bug) new 2014-04-24T20:32:46Z 2019-06-04T20:46:48Z "To Replicate, create a '''hierarchical ''' custom post type and make sure it has support for page attributes, lets call it ""items"" Publish 3 ""items"" posts with the following slug and content ( IN THIS ORDER! ) Post 1: Slug - samsung , No Parent , content : ""Welcome to Samsung"" Post 2: Slug - cell-phones , No Parent , content : ""Welcome to cell phones"" Post 3: Slug - samsung , Parent: cell-phones , content : ""Welcome to cell phones by Samsung"" Navigate to http://localhost/items/samsung/ , You will see the content for Post 3. The correct content should be from Post 1. http://localhost/items/cell-phones/samsung/ works just fine. To get the correct results: Modify wp-includes/query.php , line 2340: {{{ // ORIGINAL LINE if ( ! $ptype_obj->hierarchical || strpos($q[ $ptype_obj->query_var ], '/') === false ) { // MODIFIED LINE if ( ! $ptype_obj->hierarchical ) { }}} " internetrnd 3 28026 previous_post_link returns incorrect post when posts have the same published date has-patch Themes 3.8.3 normal normal defect (bug) new 2014-04-25T14:16:39Z 2019-06-04T21:11:05Z "Version: 3.8.3 Overview: previous_post_link does not return the correct link when posts have exactly the same published date. Instead it, skips the post with the same published date and returns the next found post. Steps to reproduce: 1) Publish a post. Post A 2) Using wp-admin create 2 draft posts. Draft B, Draft C 3) Switch to the post list view /wp-admin/edit.php 4) Switch to the link showing draft posts /wp-admin/edit.php?post_status=draft&post_type=post 5) Click the checkbox to select all draft posts, then in the Dropdown select Edit then Apply. 6) Change status dropdown to ""Published"" and then Update. 7) In single.php add a <?php previous_post_link() ?> 8) View Draft C, link should point to Draft B, instead it points to Post A. Fix: Quick look indicates that in link-template.php 1179 should be <= and >= " deplorableword 4 28033 post_categories_meta_box on non-hierarchical custom taxonomy rufein Taxonomy 3.9 normal normal Future Release defect (bug) assigned 2014-04-25T20:50:54Z 2019-06-04T18:11:14Z "Slightly based on the work done in #14206 Using a non-hierarchical custom taxonomy in combination with meta_box_cb 'post_categories_meta_box'. Creates a new term with the id name of the selected term_id on submission. (See attached file) First time added term ""Custom"", selected it Published post. (It auto added the term ""207"") Published post. (It auto added the term ""208"")" ByronicEntity 12 28053 Fields with same name added to new media modal using 'attachment_fields_to_edit' do not pass as an array when saving. joedolson* has-patch Media 3.5 normal normal Awaiting Review defect (bug) accepted 2014-04-28T11:44:53Z 2021-03-03T17:55:07Z "If you use the 'attachment_fields_to_edit' to add a set of checkboxes to the media modal attachment details (to implement a better UI for taxonomies for example) the save method of media.view.AttachmentCompat doesn't cater for fields with the same name to be passed as an array, it just passes the last field of that name that is found. When getting the fields to save, if multiple fields with the same name are found they should be passed as an array. I have attached a visual of the custom UI with checkboxes and a patch for testing." husobj 24 28058 Taxonomies defined with UTF8 encoded names cause notices when adding a new term Taxonomy 3.9 normal normal Future Release defect (bug) new 2014-04-29T12:18:43Z 2017-09-15T13:15:01Z "This one is easy to reproduce as follows: 1. Register a new taxonomy with UTF8 in the name, e.g. pa_資料庫版本. This is in particular possible in WC for its attribute system. 2. Add a term via the admin panel 3. You get notices like: {{{ Notice: Trying to get property of non-object in /Users/patrick/Documents/woothemes/woocommerce/wp-includes/link-template.php on line 685 }}} I traced it back to https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/screen.php#L413 After adding any term, this sanitize key turns pa_資料庫版本 into just 'pa', which results in the taxonomy not being loaded because 'pa' doesn't exist. Removing the sanitize_key fixes the issue so sanitisation could be removed, modified, or moved after the taxonomy checks. This was originally logged at https://github.com/woothemes/woocommerce/issues/5314." mikejolley 5 28059 Inline image attachments with wp_mail() needs-unit-tests Mail normal normal enhancement new 2014-04-29T13:28:10Z 2019-06-04T20:07:27Z "To insert inline images in an email the `phpmailer_init` action hook has to be used like this. {{{ add_action( 'phpmailer_init', 'embed_images' ); function embed_images( &$phpmailer ) { $phpmailer->AddEmbeddedImage( '/path/to/image1.png', 'image1.png' ); $phpmailer->AddEmbeddedImage( '/path/to/image2.png', 'image2.png' ); $phpmailer->AddEmbeddedImage( '/path/to/image3.png', 'image3.png' ); } }}} Why not implement this in `wp_mail()` itself?" jesin 3 28077 Use exif_imagetype instead of getimagesize in file_is_displayable_image has-patch Media 2.5 normal normal enhancement new 2014-04-30T17:14:33Z 2019-06-04T20:07:29Z "From http://us3.php.net/manual/en/function.exif-imagetype.php: > exif_imagetype — Determine the type of an image > When a correct signature is found, the appropriate constant value will be returned otherwise the return value is FALSE. The return value is the same value that getimagesize() returns in index 2 but exif_imagetype() is much faster. For whatever reason, `getimagesize` also fails to read the type from a Custom Stream Wrapper, whereas `exif_imagetype` reports that correctly." joehoyle 7 28081 Do a canonical redirect for pages when query var 'paged' is set SergeyBiryukov* needs-unit-tests Canonical normal normal Future Release defect (bug) accepted 2014-04-30T19:53:12Z 2023-03-22T13:28:23Z "Example: http://make.wordpress.org/core/features-as-plugins/page/2323/ You can append /page/{any number} to a page and still get the same content as http://make.wordpress.org/core/features-as-plugins/ The same doesn't happen for posts. [source:/trunk/src/wp-includes/canonical.php#L274]: Seems like l274 and l276 should be !is_singular() as it was before [6115]. (Block was changed in [9697].) Want to use this ticket to get some reasons for [6115]. Currently I only can think of custom page templates which are using a custom pagination, so maybe wontfix." ocean90 44 28085 "Add a ""Recently Updated"" Plugins' view" has-patch Plugins 3.9 normal normal Future Release enhancement assigned 2014-05-01T00:04:19Z 2021-08-11T15:45:06Z "Hello I will propose a new ""view"" in the plugins list. Like ""Recently Active"", a ""Recently Updated"" can be useful to know which plugins have been .... recently updated, obviously. I did this as a plugin, but i think it could be logical to get this in core, here come my (first) core patch. Also, i add you this snippet, i don't know where to put this function i use each time before the 'upgrader_process_complete' hook. {{{ function wp_set_recently_updated( $array ) { $recently_updated = get_option( 'recently_updated' ); foreach ( $array['plugins'] as $plugin ) { $recently_updated[ $plugin ] = time(); } update_option( 'recently_updated', $recently_updated ); } }}}" juliobox 9 28094 Add action hook after getting template part has-patch Themes 3.9 normal normal enhancement new 2014-05-01T15:43:45Z 2019-06-04T21:11:09Z "I think it should be nice to have the possibility to execute actions after getting a template part, not only before doing it, as it is now. I find this can be particularly useful to deal with output buffering, allowing to do things like this: {{{ <?php add_action( 'get_template_part_content', 'catch_template_part_output' ); /** * Start output buffering for template part. */ function catch_template_part_output( $slug, $name = null ) { if ( '' == $name ) { ob_start(); } } add_action( 'after_get_template_part_content', 'release_template_part_output' ); /** * End output buffering for template part and print modified output. */ function release_template_part_output( $slug, $name = null ) { if ( '' == $name ) { $output = ob_get_contents(); $output = '[Something before the original output ...]' . $output; $output .= '[Something after the original output ...]'; ob_clean(); echo $output; } } }}} I'm thinking this particular method could give an extra option to theme developers who need to modify a very simple piece of output without having to create a new template or new functions to be embedded into an existing template. I know maybe some people won't consider this to be a recommended practice (I'm actually a little divided here), but you'd still have the possibility to trigger any other functionality you want on such hook." andrezrv 4 28101 "Menus screen: add ""Menus"" heading and ""Add New"" button" has-patch Menus 3.6 normal normal enhancement new 2014-05-01T23:40:16Z 2019-06-04T20:07:33Z "This is to make the Menus screen consistent with others in admin. The patch does the following: - adds the standard h2 header, in this case, ""Menus"" - adds the standard .add-new-h2 ""Add New"" button but only when it's necessary: in Edit Menus tab, when there are more than 1 menu. - removes the link to add a new menu in natural language, next to ""Edit your menu below..."" and ""Select a menu to edit...""" eliorivero 3 28117 Admin bar shouldn't use dynamic styles on frontend for logged out visitors has-patch Toolbar 3.3 normal normal Awaiting Review defect (bug) new 2014-05-04T14:49:33Z 2021-09-02T19:50:50Z "Admin bar gets styles depending on current user's browser. Problem is that when you using admin bar on front end for logged out users with full page cache turned on, visitor with IE or mobile might be the first one so everyone else with get that specific style. See #26221 for similar problem." dimadin 6 28118 category sort bug Taxonomy 3.9 normal normal Future Release defect (bug) new 2014-05-04T15:21:11Z 2019-04-22T16:50:29Z I've noticed when creating categories with subcategories in the admin category page, that when you try and sort the Name, Slug or Posts it works great, however any subcategories that had a - next to them are now gone, and they will not come back after page refresh. The subcategories are still attached to the proper main category, it just lacks the visual - or -- before the name. slickremix 10 28122 Themes - RTL: add support for fully mirrored css files Themes normal normal enhancement new 2014-05-04T19:51:57Z 2019-06-04T21:11:14Z "RTL support in themes is achieved through the creation of an rtl.css file, which is loaded (if it exists) in addition to the main theme css file. The rtl.css file should overwrite only those css properties from the main file that affect the horizontal layout. The creation of an rtl.css file is mostly a manual process, and keeping it up to date with the main theme style.css file is a difficult task. I propose that WordPress support loading of fully mirrored css files instead of the original theme css file, in a similar way to what was done for core/wp-admin css files in #24977. '''How will this work?''' - '''Backwards compatibility:''' If an {{{rtl.css file}}} is found in the theme root, it will be loaded as usual (in addition to {{{style.css}}}). Otherwise - Load {{{./rtl/style-rtl.css}}} if it exists '''instead''' of {{{style.css}}} - For any additional css file in the theme folder enqueued using wp_enqueue_style (i.e. {{{css/grid.css}}}), look for a filename-rtl.css file in an rtl subdirectory (i.e {{{css/rtl/grid-rtl.css}}}) and load it if it exists instead of the original file. While theme developers will be able to chose their tool of choice to create an rtl css file, we'll make it easier for them by updating grunt-cssjanus to work when run in a theme directory." yoavf 3 28138 Updating menu item requires passing all of a menu item's data to wp_update_nav_menu_item() has-patch Menus 3.0 normal normal defect (bug) new 2014-05-05T18:59:53Z 2019-06-04T20:07:37Z "When using `wp_update_nav_menu_item()` to updating an existing menu item, you need to pass all data associated with a menu item in order to have the data persist. This is because the `$defaults` are set to default values, instead of the existing menu item values ([https://core.trac.wordpress.org/browser/tags/3.9/src/wp-includes/nav-menu.php#L323 ref]). If the menu item exists, the defaults should be set to the existing menu item values. Discovered in https://github.com/wp-cli/wp-cli/pull/1182" danielbachhuber 8 28139 WP MU legacy problems: missing database tables Database 3.0 normal normal defect (bug) new 2014-05-05T19:15:30Z 2019-06-04T19:25:36Z "Helo there. We have found that WordPress Multisite sites updated from former WordPress MU are not working as expected. There are some missing tables that give problems with some plugins. The lack of tables doesn't allow you to access to the network configuration either. === '''Steps to reproduce''' === 1. Install WP MU 2.9.2 (last WP MU release - works as expected) 2. Update to WP 3.0 or directly to WP 3.9. (tested in 3.0, 3.0 and then 3.9, and 3.9 directly) 3. Try to access /wp-admin/network.php. You will have the message `The Network creation panel is not for WordPress MU networks.`, which is odd in a WP 3.9 Multisite. 4. Look for the source of the message in wp-admin/network.php {{{ if ( ! defined( 'MULTISITE' ) ) wp_die( __( 'The Network creation panel is not for WordPress MU networks.' ) ); }}} 5. Add `define ('MULTISITE', true);` to wp-config.php. You will need to repair the database. 6. Add `define('WP_ALLOW_REPAIR', true);` and proceed to repair the database. Assuming a `testing` database, you will get this message: {{{ wp_posts: Table 'testing.wp_posts' doesn't exist wp_comments: Table 'testing.wp_comments' doesn't exist wp_links: Table 'testing.wp_links' doesn't exist wp_options: Table 'testing.wp_options' doesn't exist wp_postmeta: Table 'testing.wp_postmeta' doesn't exist wp_terms: Table 'testing.wp_terms' doesn't exist wp_term_taxonomy: Table 'testing.wp_term_taxonomy' doesn't exist wp_term_relationships: Table 'testing.wp_term_relationships' doesn't exist wp_commentmeta: Table 'testing.wp_commentmeta' doesn't exist }}} === '''Problems found''' === 1. The lack of the `wp_options` table is especially problematic with plugins (Jetpack is unable to work with its new multisite option - thanks kraftbj for the help) 2. The message assumes `wp_links` as a needed table " bi0xid 28140 Position for first menu item on menu is 0 when it should be 1 has-patch Menus normal normal Future Release defect (bug) new 2014-05-05T19:25:36Z 2017-10-01T18:52:03Z "When the first menu item is added to a menu and no position is explicitly set, its position is set as 0 instead of 1. Offending line: https://core.trac.wordpress.org/browser/tags/3.9/src/wp-includes/nav-menu.php#L344" danielbachhuber 6 28145 wp_terms_checklist() returns all non-hierarchical terms even with $descendants_and_self parameter has-patch Posts, Post Types 3.9 normal normal defect (bug) new 2014-05-06T07:55:51Z 2019-06-04T20:46:52Z "Granted, I know that `wp_terms_checklist()` is meant for hierarchical terms, but I am also using it on non-hierarchical terms in my Radio Buttons for Taxonomies plugin. I was trying to use all core scripts/ajax-callbacks for the ""add new term"" feature in a posts taxonomy metabox, but it turns out that `WP_Lists` calls `_wp_ajax_add_hierarchical_term` via ajax which returns `wp_terms_checklist()` as part of the result. For hierarchical terms the `descendants_and_self` parameter limits the size of the returned checklist. For non-hierarchical terms, however, I found that it simply returns *all* terms in addition to the new term. {{{ wp_terms_checklist( $post_id, array('descendants_and_self' => $term_id )); }}} Obviously this isn't major, but it seems to me that if `descendants_and_self` is set, but there are no descendants... it should just return the single term. I've gotten around this by unhooking that ajax callback for non-hierarchical terms and substituting my own that returns just a single input. Here's the pertinent part of `wp_terms_checklist()`: {{{ if ( $descendants_and_self ) { $categories = (array) get_terms($taxonomy, array( 'child_of' => $descendants_and_self, 'hierarchical' => 0, 'hide_empty' => 0 ) ); $self = get_term( $descendants_and_self, $taxonomy ); array_unshift( $categories, $self ); } else { $categories = (array) get_terms($taxonomy, array('get' => 'all')); } }}} I think if for non-hierarchical terms we skipped the `get_terms()` call we could limit the returned checklist to a single term. {{{ if ( $descendants_and_self ) { $categories = is_taxonomy_hierarchical( $taxonomy ) ? (array) get_terms($taxonomy, array( 'child_of' => $descendants_and_self, 'hierarchical' => 0, 'hide_empty' => 0 ) ) : array(); $self = get_term( $descendants_and_self, $taxonomy ); array_unshift( $categories, $self ); } else { $categories = (array) get_terms($taxonomy, array('get' => 'all')); } }}}" helgatheviking 5 28146 Export Filter for Post IDs has-patch Export 2.1 normal normal enhancement assigned 2014-05-06T10:47:48Z 2019-06-04T19:45:46Z "I know there is an action hook '''export_wp''' we can use to create our own export function for custom post queries. The idea is to apply filters for the $post_ids at wp-admin\includes\export.php line 87 {{{ $post_ids = $wpdb->get_col( ""SELECT ID FROM {$wpdb->posts} $join WHERE $where"" ); }}} to {{{ $post_ids = apply_filters( 'export_post_ids', $wpdb->get_col( ""SELECT ID FROM {$wpdb->posts} $join WHERE $where"" ) ); }}} so we can do custom post queries to generate the post id(s). " zourbuth 18 28156 In date-containing permalink structures, /dddd/dd/comment-page-d/ urls don't work needs-unit-tests Permalinks 3.9 normal normal defect (bug) new 2014-05-06T22:42:17Z 2019-06-04T20:46:56Z "I was in the process of writing a plugin to allow people to test their rewrite rules as they develop a site, and when I setup examples of core rewrite rules, one of them was failing. If you set your permalink structure to one containing dates, e.g. ""Day and Name"", one of the generated rewrite rules for posts is: {{{ '([0-9]{4})/([0-9]{1,2})/([0-9]{1,2})/([^/]+)(/[0-9]+)?/?$' => 'index.php?year=$matches[1]&monthnum=$matches[2]&day=$matches[3]&name=$matches[4]&page=$matches[5]' }}} And later on, another rule is: {{{ '([0-9]{4})/([0-9]{1,2})/([0-9]{1,2})/comment-page-([0-9]{1,})/?$' => 'index.php?year=$matches[1]&monthnum=$matches[2]&day=$matches[3]&cpage=$matches[4]' }}} The URI /2014/5/6/comment-page-2/ would end up matching the earlier rule, looking for a post named ""comment-page-2"" published on 2014-05-06, instead of looking for comment page 2 in the... I actually don't even know what the comment-page URLs do. For me, the ones that work just redirect to the date archive. I'm happy to patch this, but would like to hear from someone else on what exactly should be done done. Do the comment-page-n rules do anything? Can they just be removed?" mboynes 2 28160 Get authors user query in-efficient when dealing with large numbers of users. Users 3.9 normal major Awaiting Review enhancement new 2014-05-07T09:11:21Z 2022-04-08T12:45:56Z "When in WordPress admin the following query is run: {{{ SELECT wp_users.ID, wp_users.user_login, wp_users.display_name FROM wp_users INNER JOIN wp_usermeta ON (wp_users.ID = wp_usermeta.user_id) WHERE 1=1 AND ( ( wp_usermeta.meta_key = 'wp_user_level' AND CAST(wp_usermeta.meta_value AS CHAR) != '0' ) ) ORDER BY display_name ASC; }}} This is getting a list of authors for the current site. Now this query is fine for small sites but is incredibly slow when dealing with large WP installations with thousands of users. For example one of our largest WP installations has over 225K Users with over 7M usermeta records and the above query takes, on our server, over 34 seconds to complete. This is long enough for connections to timeout and the resulting data to not be cached and run over and over until the database queue is so long that PHP starts to crash. Now the above query is generated deep within the WP_User_Query class and understand that the query is generated in such a way that allows a number of queries to be built dynamically, but the above query is very in-efficient. I've re written the query and my new query only takes 700 milliseconds to run. {{{ SELECT wp_users.ID, wp_users.user_login, wp_users.display_name FROM wp_usermeta LEFT JOIN wp_users ON (wp_users.ID = wp_usermeta.user_id) WHERE wp_usermeta.meta_key = 'wp_user_level' AND wp_usermeta.meta_value != '0' HAVING wp_users.ID IS NOT NULL ORDER BY display_name ASC; }}} I'm looking into how I can improve the queries in the WP_User_Query class but thought it would be good to bring this to the attention of some core devs." l3rady 15 28163 function email_exists() check without removing umlauts has-patch Users 3.8.3 normal normal defect (bug) new 2014-05-07T14:17:20Z 2022-07-26T15:45:54Z "But with wp_insert_user() the umlauts got removed. A littel bit confusing." hpr78 1 28172 edit_post() should call {un}stick_post() before calling wp_update_post() needs-unit-tests Posts, Post Types 4.0 normal normal Future Release enhancement new 2014-05-08T01:37:34Z 2023-01-26T17:48:29Z "In a plugin I'm writing I have a need to hook into the `save_post` action and decide whether to allow a given post to be sticky based on postmeta associated with that post (and possibly other posts). However, if the function I attach to the `save_post` action calls `{un}stick_post()` it doesn't have the desired effect because of the way `edit_post()` is written. In particular, lines 320-332 of [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/post.php#L320] are: {{{ wp_update_post( $post_data ); // Now that we have an ID we can fix any attachment anchor hrefs _fix_attachment_links( $post_ID ); wp_set_post_lock( $post_ID ); if ( current_user_can( $ptype->cap->edit_others_posts ) ) { if ( ! empty( $post_data['sticky'] ) ) stick_post( $post_ID ); else unstick_post( $post_ID ); } }}} The `save_post` action is fired within `wp_update_post()` (technically, it is fired by `wp_insert_post()` which is called by `wp_update_post()`). Since `edit_post()` calls `{un}stick_post()` '''after''' it calls `wp_update_post()`, anything I do in my `save_post` function with regard to whether the post should be sticky is undone! Hence, I suggest changing the relevant portion of `edit_post()` to {{{ if ( current_user_can( $ptype->cap->edit_others_posts ) ) { if ( ! empty( $post_data['sticky'] ) ) stick_post( $post_ID ); else unstick_post( $post_ID ); } wp_update_post( $post_data ); // Now that we have an ID we can fix any attachment anchor hrefs _fix_attachment_links( $post_ID ); wp_set_post_lock( $post_ID ); }}} Is there a specific reason why `edit_post()` currently calls `wp_update_post()` before `{un}stick_post()`? (it isn't apparent to me) Another option I investigated was whether it was possible to have my plugin change `$post_data` via a filter but I couldn't find one. If others agree that this change would be good and wouldn't break anything else, I'll submit a patch. [Note: I went back and forth on whether to call this a bug or an enhancement. It's a bug in the sense that there is certainly an unexpected result ({un}sticking a post in a `save_post` action is undone...I lost about an hour trying to figure out why my `save_post` function wasn't doing the right thing); But it is an enhancement in the sense that core, itself, is not broken]." pbiron 12 28185 Expose image attachment title and/or filename in the image details modal dev-feedback Media 3.9 normal normal enhancement new 2014-05-08T23:46:33Z 2019-06-04T20:07:41Z "I ran into a case where I had a post with an image I wanted to set as the featured thumbnail. My Media library is very large and I didn't know the file name so I clicked the edit icon on the image to view the Image Details. Nowhere within the image details does it show either the image title, or file name. My suggestion would be to place it next to the words ""Image Details"", but i'm not married to the idea. The search field in the media library looks for these attributes to filter the library list, it would be convenient if it were clearly labelled within the ""Image Details"" modal. Additionally, once you do find the image in the media library, both the file name and image title are clearly visible. I created an annotated video to clearly explain the issue: https://www.youtube.com/watch?v=lS55abTV7qc" drrobotnik 13 28188 Make Natively-Outputted .widget_rss CSS Selector HTML5-Appropriate Widgets 3.9 normal normal enhancement new 2014-05-09T05:57:31Z 2019-06-05T06:40:00Z "In regards to the natively outputted RSS Widget entitled `.widget_rss`, the post Author's name is currently outputted as wrapped in a `<cite>` tag. An example of a natively outputted RSS feed block looks something like this for reference: `<a class='rsswidget' href='http://blah.net/2014/04/14/blahblah/'>Example RSSed Post</a> <span class=""rss-date"">April 14, 2014</span> <div class=""rssSummary"">This is the space where the RSSed information appears. […]</div> <cite>Author</cite>` Please note that the author of the RSSed post is being natively outputted as wrapped in the `<cite>` tag. As per #27944 (ocean90's comment in particular) which references #24522 (re: proper way to tag comment authors), the natively outputted CSS selectors for the `.widget_rss` widget probably ought to be wrapped in something like: `<span class=""comment-author"">` as opposed to `<cite>`. Reiterating what ocean90 said: The `<cite>` tag is supposed to be used for a cited block of text (like a citation) rather than used to tag the/an author. Additionally, changing the `<cite>` to `<span class=""comment-author"">` will provide additional sitewide code uniformity (there's a word or phrase I am looking for and I can't remember it!) for a natively/vanilla outputted WordPress site (and especially if using a default WordPress theme) re: how author names are wrapped in tags. Thanks!" EMG 3 28197 Fallback Languages swissspidy I18N 4.0 normal normal Future Release enhancement assigned 2014-05-09T20:53:44Z 2024-02-28T14:38:59Z "We should do a better job of loading translation files in the user's language if they are available. For instance, if a Spanish speaker has their locale set as es_MX (Spanish Mexico) it would be preferable to load any available Spanish translations files (es_ES, es_CO, etc) before returning the default (generally English). I wrote up a quick patch, tester plugin, and plugin that demonstrate this idea. If a $mofile is not available in the user's current locale, it will search for and return the first available translation that is also in the same language. A better option might be to create a filterable stack rank of locales for WordPress to search for within the language before returning the default. Other suggestions are also welcome. This idea was also discussed in an ""ideas"" thread: http://wordpress.org/ideas/topic/fallback-to-generic-language-file-when-specific-locale-file-absent" downstairsdev 60 28205 XMLRPC should probably expose Sideloading of images for shared hosts. has-patch XML-RPC 2.6 normal normal enhancement new 2014-05-10T18:24:37Z 2019-06-05T06:40:03Z "Useful for hosts with small MAX_POST_SIZE configurations. Example of usage: https://gist.github.com/georgestephanis/d38e7d855e9bb6c7b98e" georgestephanis 2 28212 determine_current_user filter with priority <10 gets overridden has-patch Login and Registration 3.9 normal normal Awaiting Review defect (bug) new 2014-05-12T01:35:55Z 2020-10-24T03:56:24Z "Introduced in #26706. `wp_validate_auth_cookie` was shoehorned into this filter, and as such, doesn't return what the filter expects. On any error at all, it returns `false`, even if the ""error"" is that the cookie isn't set. If a function hooked into a lower priority (i.e. <10) returns a user ID, this will then be overridden by the built-in auth cookie." rmccue 6 28226 menu_page_url does not return correct URL on network admin dev-feedback Plugins 3.0 normal normal defect (bug) new 2014-05-12T18:54:57Z 2019-06-04T20:47:00Z the `menu_page_url` function calls `admin_url` to build the URL returned. it should check for network admin first and use `network_admin_url` if present norcross 17 28232 Custom Taxonomy filter on post listing pages Taxonomy normal normal Future Release enhancement new 2014-05-13T00:49:42Z 2018-11-05T23:17:31Z Currently core adds a category dropdown filter to the admin post listing pages. I propose that there ought to be a parameter passed in to `register_taxonomy` similar to the `show_admin_column` (#21240) that would enable a filter dropdown for your custom taxonomy. Maybe `'taxononomy_filter' => true`. I was sure a ticket would probably exist for this feature request, but was unable to find one. jtsternberg 13 28238 Add filter to value returned from get_space_used() has-patch Upload 3.5 normal normal Awaiting Review enhancement new 2014-05-13T18:20:06Z 2019-05-15T21:15:11Z It would be helpful to have an additional filter to modify the returned value from the get_space_used() function in order to add additional space quantities without having to recreate the entire function by only having the 'pre_get_space_used' filter. hereswhatidid 4 28273 Multisite sites without a path redirect to signup page chriscct7 has-patch Administration 3.9 normal normal defect (bug) reviewing 2014-05-15T21:52:36Z 2019-06-04T19:25:38Z "From https://wordpress.org/support/topic/after-update-to-39-one-sub-site-directs-to-wp-signupphpnew?replies=4&view=all Pre 3.9, WordPress would treat an empty 'path' variable for the site as a / As of 3.9, this is no longer the case, and a blank path will act as if the site does not exist. It's a simple fix in the admin section, but this is a regression from 3.8" Ipstenu 2 28288 New Post overwriting a previously published post Posts, Post Types 2.5 normal normal defect (bug) new 2014-05-17T01:03:45Z 2019-06-04T20:47:04Z "This was seen on wordpress.com, a user had multiple draft windows open. At one point when saving one draft, it wrote over another previously published post. I believe that it was caused by a race condition that has to do with the environment being hosted on multiple servers. '''To reproduce:''' 1. Open in quick succession multiple draft windows. 2. Check in developer tools for post_id duplicate. I believe that a possible solution would be to enhance post-locking to include if a post is open in duplicate windows by the same user." jackreichert 8 28297 Losing custom nav menu data while importing / exporting XML Import 3.9.1 normal normal Awaiting Review defect (bug) new 2014-05-18T03:19:46Z 2018-02-26T15:52:39Z "I have added few fields to the menu for mega menu functionality: https://gist.github.com/mharis/150f43e09adf72d7d0bb This works fine and when I tried to export the site content which did have all the navigation items and the custom fields and its values in the XML file (https://www.dropbox.com/s/7i2l3x2mvpgup58/xml-test.xml) which is perfectly fine. The problem happens when importing, only the keys are imported for the custom navigation menu fields and not its value. The values are stripped even through the data seems correct in the XML file. Any thoughts over it? " isharis 2 28300 Two issues in the code for auto-uploading to subfolders Upgrade/Install 3.9.1 normal normal defect (bug) new 2014-05-18T17:05:26Z 2023-03-15T18:21:55Z "There are two issues in the code for auto-uploading to subfolders within a change rooted FTP (wp-admin/includes/class-wp-filesystem-base.php). First, it adds a ""/"" to the replacement expression when the source replacement already contains a ""/"" (Note that ABSPATH has a trailing slash): {{{ $potential_folder = preg_replace( '#^' . preg_quote( $dir, '#' ) . '/#i', trailingslashit( constant( $constant ) ), $folder ); }}} This should be: {{{ $potential_folder = preg_replace( '#^' . preg_quote( trailingslashit($dir), '#' ) . '#i', trailingslashit( constant( $constant ) ), $folder ); }}} Second, it checks that the directory exists. This is not the case during theme and plugin installs, where the not existing directory is specified. Instead, only the parent should be checked. After: {{{ if ( $this->is_dir( $potential_folder ) ) { $this->cache[ $folder ] = $potential_folder; return $potential_folder; } }}} Adding: {{{ else { $potential_parent_folder = trailingslashit(preg_replace('#[^/]*/$#', '', $potential_folder)); if ( $this->is_dir( $potential_parent_folder ) ) { $this->cache[ $folder ] = $potential_folder; return $potential_folder; } } }}} Would test for a valid parent, instead. (E.g. wp-content/themes instead of wp-content/themes/newtheme)" wiziapp 1 28314 cancel_comment_reply_link() is unflexible - respond_id & post check has-patch Comments 3.9.1 normal major defect (bug) new 2014-05-20T13:03:57Z 2019-06-04T19:25:49Z "There are two found problems with the function {{{ cancel_comment_reply_link() }}} 1. You cannot define a custom respond id like #respond-POSTID. The respond id (#respond) is hardcoded. So the anchor is not working anymore, if you use a custom respond_id in your theme. 2. If you include the comments on the blogs page (loop) you have comment areas as much as posts. Now you answer to a comment of a specific comment (for example: http://example.com/blog/?replytocom=210#respond-821). This is working fine, just that the cancel_comment_reply_link() is going active for all posts and shows a cancel message under each comment area. It should check for the specific comment area/post and return the message just for the affected comment area/post. If you want I can create a patch for this two bugs :-) Best regards, Ninos" Ninos Ego 5 28321 Media uploader confuses user with description, caption, alt and title, without explanation Media 3.5 normal normal enhancement new 2014-05-21T08:07:21Z 2023-10-18T16:08:48Z "After a decade using WordPress, I still scratch my head when confronted by the media uploader, with its offer for me to enter for each of my images a ""Title"", a ""Caption"", some ""Alt Text"" and a ""Description"". As a developer, I can just about figure that out - title and alt text correspond to the HTML attributes. Playing with caption shows that it adds a visual caption. Description? Not sure what that gets used for. Admittedly, I don't work a lot on content creation. I work more on internals. On the other hand, someone who does work on content creation might not have the knowledge of HTML attributes, so they might be worse off. There's no help that appears if you mouse around the labels, that explains what they're for. In summary: the bug is that there are four separate ways to describe your media upload, and no obvious link to any help to explain how these four are distinguished." DavidAnderson 13 28324 Add primary and secondary color definitions to admin color schemes and add function to retrieve color scheme info reporter-feedback Administration 3.8 normal normal feature request new 2014-05-21T14:31:36Z 2019-06-04T19:25:50Z "I'd like to be able to implement a user's selected admin color scheme into my plugin admin UI design but, at this point in time, using wp_admin_css_color() to register a color scheme only asks for an array of colors and then depends on a stylesheet to use said colors so there's no way for me to, at the very least, detect a primary and secondary color to use in my design. From what I can tell, most color schemes have what they consider to be the primary and secondary color, and they use those colors for primary buttons and admin menu links and such, but there's no way for someone else to detect those color values. It would also be nice if there was a function to retrieve the color scheme info. Perhaps something like this: {{{ function get_user_admin_color() { global $_wp_admin_css_colors; if ( ( $user_admin_color = get_user_option( 'admin_color' ) ) && isset( $_wp_admin_css_colors[ $user_admin_color ] ) ) { return $_wp_admin_css_colors[ $user_admin_color ]; } return false; } }}} But the big request is changes to the wp_admin_css_color() function so, at the very least, a primary and secondary color can be defined and stored in $_wp_admin_css_colors. Perhaps something like this? {{{ function wp_admin_css_color( $key, $name, $url, $colors = array(), $icons = array(), $primary_color = NULL, $secondary_color = NULL ) { global $_wp_admin_css_colors; // If a primary color is not defined, use first color from $colors array if ( ! isset( $primary_color ) && count( $colors ) >= 1 ) $primary_color = $colors[0]; // If a secondary color is not defined, use second color from $colors array if ( ! isset( $secondary_color ) && count( $colors ) >= 2 ) $secondary_color = $colors[1]; if ( ! isset( $_wp_admin_css_colors ) ) $_wp_admin_css_colors = array(); $_wp_admin_css_colors[$key] = (object) array( 'name' => $name, 'url' => $url, 'primary_color' => $primary_color, 'secondary_color => $secondary_color, 'colors' => $colors, 'icon_colors' => $icons, ); } }}} " bamadesigner 5 28326 List Tables don't update properly after Quick Edit dev-feedback Quick/Bulk Edit normal normal defect (bug) new 2014-05-21T15:06:40Z 2023-02-17T09:19:06Z "Scenario: I have 2 sticky posts. I go to the Post list table and click the ""Sticky (2)"" link. I see my 2 stickies. I Quick Edit one of them and make it no sticky. What do I see? (drumroll): Both posts + a link that says ""Sticky (2)"" " wonderboymusic 10 28351 New filters in wp-signup.php has-patch Login and Registration 3.0 normal normal enhancement new 2014-05-25T06:20:01Z 2019-06-04T20:07:48Z "Added two new filters in wp-signup.php `confirm_user_signup` and `confirm_blog_signup`, they allow a user to filter the message being printed on signup confirmation after successful user or blog registration. Currently the wp-signup.php file does not provide enough flexibility to display a custom confirmation message, although it should be a easy thing. " UmeshSingla 7 28352 New filters in wp-activate.php voldemortensen has-patch Login and Registration 3.0 normal normal enhancement assigned 2014-05-25T08:54:00Z 2019-06-04T20:07:52Z "Added two new filters to filter content being displayed on activation confirmation or error. `signup_activation_success` and `signup_activation_error`, it allows to change the default activation message being displayed" UmeshSingla 9 28364 WordPress Entry Points (wp-load.php occurrences) Bootstrap/Load 3.9.1 normal normal defect (bug) new 2014-05-26T12:16:56Z 2019-06-04T19:25:53Z "I was looking for entry point by searching for wp-load.php for plugin refactoring. I mean conditionally use require(). 1. There are easy to identify entry points like admin-ajax.php but there are no defines e.g in async-upload.php, wp-loging.php or wp-comments-post.php 2. wp-trackback.php uses a strange way to detect the core `if (empty($wp))` 3. xmlrpc.php uses alone `include()` all others `require()` 4. How to distinguish between admin.php and admin-post.php? === Proposal === - There should be a uniform way requiring wp-load. - All entry point should be distinguished by '''different''' defines == List of entry points and ways to detect them == 1. frontend: wp-blog-header.php:12 {{{!is_admin()}}} 1. admin GET request: wp-admin/admin.php:30 {{{is_admin()}}} 1. admin POST request: wp-admin/admin-post.php:15 {{{is_admin()}}} 1. admin upload: wp-admin/async-upload.php:16 {{{@$_SERVER['SCRIPT_FILENAME'] === ABSPATH . 'wp-admin/async-upload.php'}}} 1. AJAX call: wp-admin/admin-ajax.php:20 {{{defined('DOING_AJAX') && DOING_AJAX}}} 1. WordPress cron webserver/CLI: wp-cron.php:26 {{{defined('DOING_CRON') && DOING_CRON}}} {{{php_sapi_name() === 'cli'}}} 1. XML-RPC protocol: xmlrpc.php:29 {{{defined('XMLRPC_REQUEST') && XMLRPC_REQUEST}}} === Frontend low priority === 1. wp-comments-post.php:16 {{{@$_SERVER['SCRIPT_FILENAME'] === ABSPATH . 'wp-comments-post.php'}}} 1. wp-trackback.php:12 {{{1 === get_query_var('tb')}}} === Dashboard low priority === 1. wp-login.php:12 1. wp-signup.php:4 1. wp-activate.php:12 1. wp-mail.php:11 === Exclude from profiling === 1. wp-links-opml.php:15 1. wp-includes/ms-files.php:12 1. wp-includes/js/tinymce/wp-mce-help.php:9 1. wp-admin/install.php:36 1. wp-admin/install-helper.php:39 1. wp-admin/upgrade.php:18 1. wp-admin/maint/repair.php:10 1. wp-admin/moderation.php:10 Total: '''21 entry points''' as of version 3.9.1 [https://github.com/szepeviktor/WPHW/blob/master/wp-entry-points.md from WPHW] " szepe.viktor 6 28367 Video upload failure is a dead end Upload 3.9.1 normal normal Awaiting Review enhancement new 2014-05-26T15:41:46Z 2019-05-15T21:15:44Z """VID_1234.mp4 exceeds the maximum upload size for this site."" That's what you see on most hosts when trying to upload a video, even one only a few seconds long. This is a dead end that could be so much more helpful. Just a link to a codex page on how to bump upload_max_filesize and post_max_size or install a video plugin would be welcome, but this seems a place where we should aspire to greater smoothness." ryan 4 28369 Replace @ with a hyphen in user_nicename Users low minor defect (bug) new 2014-05-26T18:50:08Z 2019-06-05T06:45:04Z "If you register with `john.smith@gmail.com` as a username, your `user_nicename` (displayed in author archive URL) will be `john-smithgmail-com`. `sanitize_user()` should probably replace `@` with a hyphen, not remove it completely." SergeyBiryukov 3 28375 export posts/pages query chriscct7 Export 3.1 normal normal enhancement assigned 2014-05-27T14:11:42Z 2019-06-04T19:45:51Z "In wp-admin/includes/export.php on line 75 the following check has been done: {{{ if ( 'post' == $args['content'] || 'page' == $args['content'] ) { } }}} This can be removed so the check can be done foreach post? " alcowink 2 28376 Improve error message seen by user in update.php Upgrade/Install 3.9.1 normal normal Awaiting Review enhancement new 2014-05-27T15:33:57Z 2017-11-02T13:40:23Z "Line 117 of update.php {{{ $response = wp_remote_post( $url, $options ); if ( $ssl && is_wp_error( $response ) ) { trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href=""https://wordpress.org/support/"">support forums</a>.' ) . ' ' . __( '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)' ), headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); $response = wp_remote_post( $http_url, $options ); } }}} The message ""Something may be wrong with WordPress.org or this server's configuration. If you continue to have problems, please try the support forums"" could be better. Right now if wordpress.org is up (which code can check?) then the problem is with their host. If they post to the Support forums there is no easy answer there. While there is a solution to this mentioned in #27091 that solution is not suitable for most users. I would suggest a longer timeout and a message that they could copy to their webhost to assist the host if a connection is being blocked." podz 10 28381 Filter for unattached attachments count has-patch Media 4.0 normal normal enhancement new 2014-05-28T14:22:53Z 2019-06-04T20:07:59Z "There is a filter available for modifying attachment counts (wp_count_attachments) but no filter for modifying unattached attachments count. Therefore I am suggesting this be added via a new filter, wp_count_unattached_attachments, see attached patch. The attached patch is against trunk." khromov 3 28454 Inconsistent front page option behavior Options, Meta APIs 3.4 normal normal defect (bug) new 2014-06-04T16:44:57Z 2019-06-04T20:47:09Z "'''Correct/expected behaviour:''' If you change your settings in ''Settings'' > ''Reading'' > ''Front page displays'' as follows: ''From:'' A static page (select below) -- Front page: home -- Posts page: blog ''To:'' Your latest posts then the `Show_on_front` setting is correctly changed to `posts` and the `Page_on_front` setting correctly gets reset to `0`. '''Incorrect behaviour:''' If instead you change the same settings from ''Appearance'' > ''Customize'', the `Show_on_front` setting is correctly changed to `posts`, but the `Page_on_front` setting is not reset and remains set to the previous setting's page ID. '''Testing done:''' I replicated this behaviour with several themes, including twenty fourteen, with all plugins deactivated. '''Why this is a problem:''' This is inconsistent and may cause errors--e.g. if a theme or plugin author checks the `Page_on_front` setting without also checking the `Show_on_front` setting. This is how I encountered it, in Polylang; plugin author had to work around it; details here: http://wordpress.org/support/topic/wrong-front-page-showing-in-appearance-customize-with-polylang-loaded). '''Solution (indicative; I'm not an expert):''' Re-use the ""Settings > Reading > Front page displays"" code in the ""Appearance > Customize"" functions. " ElectricFeet 8 28461 Add a fallback parameter to get_the_post_thumbnail() to find images Post Thumbnails 3.9 normal normal Awaiting Review enhancement new 2014-06-05T06:55:46Z 2017-02-06T12:42:44Z "In the 3.6 cycle, there was a lot of talk about grabbing various media types from the content for post format handling. #22960 is basically the end of that conversation, and includes a lot more stuff. #23593 is also related, but ended up getting closed in favor of #22960, which died with the post format UI. Within that realm, the `get_the_image()` function from Justin Tadlock's Get The Image (https://github.com/justintadlock/get-the-image) plugin came up a bit. It's a super handy function. Although, it was mostly discussed as a piece of post formats. You can see it's got a whole bunch of functionality, but I'm mostly interested in its ability to find a fallback image in the content. I'd like to see something like `get_the_image()` be able to be called via some kind of parameter within `get_the_post_thumbnail()` and therefore `the_post_thumbnail()`. Justification: There are times in building out a theme where you'd want the **exact** featured image or none at all (like a big wide header banner or something), but other times it's great to have any 'ole fallback, like a more traditional square thumbnail on blog archives. In these situations, often which are theme driven, and not custom site driven, it'd be great for the theme developer to be able to assign fallback rules when they call `the_post_thumbnail` itself. Whether that's through a new parameter, or maybe just an additional key / value for 'fallback' to the `attr` parameter... I don't know. But for a theme (where most image sizes are registered anyway) to be able to define fallback behavior for those same image sizes would be powerful." krogsgard 5 28463 Need core concept of the first publication of a post/comment. dev-feedback Posts, Post Types normal normal Awaiting Review feature request new 2014-06-05T17:21:56Z 2022-07-15T14:35:48Z "Because status transitions are permitted to occur in a cyclic fashion, it is possible to publish a post/comment more than once. The first publication event has unique significance, e.g. to push-based subscription delivery systems, but this concept is not represented anywhere in WordPress. Restricting status transitions to a directed acyclic graph is a non-starter. What I have done in plugins (and Nacin also suggests) is to mark the initial publication in meta: if transitioning to publish/approved, try adding the meta; if the add succeeds, this is the initial publication. I suspect that a significant number of plugins duplicate this. It would be even more useful to keep the history of changes to post_status in revisions rather than put ""inherit"" in that field. This would have repercussions in the already complex system for revisions, which has no facility for dealing with changes to non-content fields. It may also conflict with the existing uses of the ""inherit"" status, such as calling get_post_status() on a revision with the intention of getting the parent's status. Status revisions may have other uses as well (see #23314, #12706) but comment revisions don't exist yet. Ultimately what I want is a hook that fires only on the initial publication of a post or comment. The add_post_meta/add_comment_meta system can accomplish this much more easily." andy 2 28473 wp_mail incorrectly parses multiline From header has-patch Mail 3.9.1 normal normal Awaiting Review defect (bug) new 2014-06-06T19:08:32Z 2020-09-16T19:37:01Z "`wp_mail` tries to parse `From:` header when it is contained in headers. It fails when the header is multiline. Multiline headers are common when non-ascii characters are used and quoted-printable escaping kicks in. Example input: {{{ From: =?UTF-8?Q?=D0=92=D0=B7=D0=B3=D0=BB=D1=8F=D0=B4=20=D0=BD=D0=B0=20=D0=BE?= =?UTF-8?Q?=D0=BA=D1=80=D1=83=D0=B6=D0=B0=D1=8E=D1=89=D0=B8=D0=B9=20=D0=BC?= =?UTF-8?Q?=D0=B8=D1=80?= <live-positive@yandex.ru> }}} Parsed email in `$from_email`: {{{ =?UTF-8?Q?=D0=92=D0=B7=D0=B3=D0=BB=D1=8F=D0=B4=20=D0=BD=D0=B0=20=D0=BE?= }}}" arty.name 4 28474 WordPress destroys animation in animated GIF when it resizes has-patch Media 3.9.1 normal normal Future Release defect (bug) assigned 2014-06-06T20:12:39Z 2023-12-07T16:43:11Z When uploading animated GIFs to WordPress and then resizing them, the end result is the resized versions lose all frames and become static. This is a bug and should be fixed to allow animated GIFs to be resized properly. archon810 50 28488 get_post_type_object on CPT in _count_posts_cache_key after a wp_insert_post returns null has-patch Posts, Post Types 3.9.1 normal normal defect (bug) new 2014-06-08T19:44:45Z 2019-06-04T20:47:17Z "After running a {{{wp_insert_post}}} in one of my plugins I got the following notices because {{{get_post_type_object}}} in {{{_count_posts_cache_key}}} returns null. I've added a simple not equals null check to the function to prevent these notices. Backtrace: {{{ Backtrace from warning 'Trying to get property of non-object' at /vagrant/latest/wp-includes/post.php 2188: /vagrant/latest/wp-includes/post.php 5484 calling _count_posts_cache_key() calling _transition_post_status() /vagrant/latest/wp-includes/plugin.php 470 calling call_user_func_array() /vagrant/latest/wp-includes/post.php 3665 calling do_action() /vagrant/latest/wp-includes/post.php 3200 calling wp_transition_post_status() /vagrant/latest/wp-content/plugins/my-plugin/core/classes/class-connection-manager-core.php 34 calling wp_insert_post() /vagrant/latest/wp-content/plugins/my-plugin/core/classes/class-connection-manager-core.php 271 calling add() /vagrant/latest/wp-content/plugins/my-plugin/core/classes/class-admin-menu.php 117 calling save() calling handle_post() /vagrant/latest/wp-includes/plugin.php 470 calling call_user_func_array() /vagrant/latest/wp-admin/admin.php 144 calling do_action() Backtrace from warning 'Trying to get property of non-object' at /vagrant/latest/wp-includes/post.php 2188: /vagrant/latest/wp-includes/post.php 5484 calling _count_posts_cache_key() calling _transition_post_status() /vagrant/latest/wp-includes/plugin.php 470 calling call_user_func_array() /vagrant/latest/wp-includes/post.php 3665 calling do_action() /vagrant/latest/wp-includes/post.php 3200 calling wp_transition_post_status() /vagrant/latest/wp-content/plugins/my-plugin/core/classes/class-connection-manager-core.php 34 calling wp_insert_post() /vagrant/latest/wp-content/plugins/my-plugin/core/classes/class-connection-manager-core.php 271 calling add() /vagrant/latest/wp-content/plugins/my-plugin/core/classes/class-admin-menu.php 117 calling save() calling handle_post() /vagrant/latest/wp-includes/plugin.php 470 calling call_user_func_array() /vagrant/latest/wp-admin/admin.php 144 calling do_action() Backtrace from warning 'Cannot modify header information - headers already sent' at /vagrant/latest/wp-includes/pluggable.php 1121: /vagrant/latest/wp-includes/pluggable.php 1121 calling header() /vagrant/latest/wp-content/plugins/my-plugin/core/classes/class-admin-menu.php 119 calling wp_redirect() calling handle_post() /vagrant/latest/wp-includes/plugin.php 470 calling call_user_func_array() /vagrant/latest/wp-admin/admin.php 144 calling do_action() }}}" barrykooij 5 28517 Logic error in WP_Rewrite flush_rules dev-feedback Rewrite Rules 3.7 normal normal Future Release defect (bug) new 2014-06-12T20:42:02Z 2017-05-18T15:06:04Z "The current logic in flush_rules of WP_Rewrite is flawed: {{{ if ( ! $hard || ! apply_filters( 'flush_rewrite_rules_hard', true ) ) { return; } }}} Given the four possible scenarios: $hard has two unique values: * true (by default) * false Casting apply_filters( 'flush_rewrite_rules_hard', true ) to a boolean also has two unique values: * true (by default) * true (a filter returns a value that evaluates to true) * false (a filter returns a value that evaluates to false) ============================================= If $hard is true and either no filters are added, or a filter is added that returns true: {{{ ! true || ! true = false || false = false }}} {{{ #!html <span style=""color: red; font-weight: strong;"" >UNINTENTIONAL FAILURE</span> }}} ============================================= If $hard is true and a filter is added that returns false: {{{ ! true || ! false = false || true = true }}} {{{ #!html <span style=""color: orange; font-weight: strong;"" >UNINTENTIONAL SUCCESS</span> }}} ============================================= If $hard is false and either no filters are added, or a filter is added that returns true: {{{ ! false || ! true = true || false = true }}} {{{ #!html <span style=""color: orange; font-weight: strong;"" >UNINTENTIONAL SUCCESS</span> }}} ============================================= If $hard is false and a filter is added that returns false: {{{ ! false || ! false = true || true = true }}} {{{ #!html <span style=""color: red; font-weight: strong;"" >UNINTENTIONAL FAILURE</span> }}} ============================================= As seen above, 50% of the unique scenarios give an unexpected response. While the other 50% of the scenarios give the expected response, but for the wrong reason." numis 8 28521 FORCE_SSL constant for really forcing SSL adamsilverstein Security normal normal Future Release enhancement assigned 2014-06-12T22:50:16Z 2023-06-08T14:04:15Z "Previously: #27954. As per [https://make.wordpress.org/core/2014/06/11/ssl-taskforce/ this post on make/core and its comments], we should introduce a new constant which becomes the iron-fisted ruler of HTTPS, imposing its might everywhere it can. If this constant is set, we will: * Force `https` connections (pretty much covered by #27954) * Force local URLs within content to `https` * Force local enqueued scripts and styles to `https` * Force non-local enqueued scripts and styles to `https` * Set the `secure` flag on all cookies What we won't do: * Force non-local URLs within content to `https` * Force the `https` version of oEmbeds just yet - see #28507 * Send an HSTS header - see #28520 What I'm not sure on: * Should we force `https` connections for XML-RPC? See #28424." johnbillion 22 28528 Action in wp-login.php has-patch Login and Registration normal normal enhancement new 2014-06-13T13:28:21Z 2019-06-04T20:08:10Z "Hi, I was thinking that wp-login should have some do actions, and more customization possible, like filtering username and password inputs. Is it in program? Thanks :)" SGr33n 9 28530 WPMU Creating new user does not use welcome notification template dev-feedback Networks and Sites normal normal defect (bug) reopened 2014-06-13T16:36:27Z 2019-06-04T20:08:14Z "In a multisite setting adding a new user to the network should send a welcome notification to the user with a template defined in '''Settings > 'Welcome User Email''''. But the template is not used. When creating a new user via {{{/network/user-new.php}}} the method {{{wp_new_user_notification}}} gets called. Instead {{{wpmu_welcome_user_notification}}} should get called." jokr 11 28563 Dashicons transition General 3.9.1 normal normal defect (bug) new 2014-06-17T12:03:47Z 2019-06-04T19:45:54Z "In /wp-includes/css/dashicons.css there is: {{{ .dashicons, .dashicons-before:before { display: inline-block; width: 20px; height: 20px; font-size: 20px; line-height: 1; font-family: ""dashicons""; text-decoration: inherit; font-weight: normal; font-style: normal; vertical-align: top; text-align: center; -webkit-transition: color .1s ease-in 0; transition: color .1s ease-in 0; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; } }}} The `-webkit-transition: color .1s ease-in 0; transition: color .1s ease-in 0;` part should be removed because it's not related to what this block of code is supposed to do. There can be another CSS class like `.dashicons-animation-color { -webkit-transition: color .1s ease-in 0; transition: color .1s ease-in 0; }` for that. Some plugins and themes may want some kind of animation on icons, not necessarily color animation though but most don't want animations. They have to overwrite this to `transition: none;` in most cases now. This project did it OK, they have perfect classes in their CSS file: http://fortawesome.github.io/Font-Awesome/" Looimaster 2 28566 "Add our own ""Are you sure you want to leave this page?"" message when possible" Editor normal normal enhancement new 2014-06-17T16:03:30Z 2019-06-04T19:25:58Z "We could do that by listening for clicks on the page that would unload it. Unfortunately it's not possible to display our own dialog when navigating away with the browser, but I think having our own dialog half of the time is better than nothing. I quite like how FaceBook has done something similar. For the editor, we could have an extra button to save the post. See also the usability test @designsimply has done for the front-end editor. http://make.wordpress.org/ui/2014/03/05/front-end-editor-usability-test-2/#comment-24315 " iseulde 6 28568 Can't get private posts/pages via WP_Query when not logged in as administrator Query 3.9 normal normal Awaiting Review defect (bug) reopened 2014-06-17T18:44:59Z 2019-03-22T14:10:01Z "I want to use WP_Query to display content of one private page on some place in a template. {{{ // ... theme template sidebar.php, for example <?php $the_query = new WP_Query( array( 'page_id' => 25, 'post_status' => 'private' )); // page #25 is set to ""private"" if ($the_query->have_posts()) { // ... nope, no posts for you today while ($the_query->have_posts()) { $the_query->the_post(); the_content(); } wp_reset_postdata(); } ?> }}} But it only works when I am logged in as administrator. When I am not logged in, and print_r() the $the_query, there is ""request"" index filled with: {{{SELECT wp_posts.* FROM wp_posts WHERE 1=1 AND wp_posts.ID = 25 AND wp_posts.post_type = 'page' AND ((wp_posts.post_status = 'private')) ORDER BY wp_posts.post_date DESC}}} Querying database with it directly in PHPMyAdmin, it returns one row as expected (page ID 25 row). But template loop does not anything. ""Posts"" index in $the_query is empty. I have expected WP_Query works like ""just give me anything I want (defined by the arguments)"" ... and I want page with ID 25. " mklusak 7 28569 Calling show_admin_bar( false ) should dehook toolbar entirely davidbaumwald needs-unit-tests Toolbar normal normal Future Release enhancement reviewing 2014-06-17T20:14:16Z 2021-11-05T05:21:30Z "Because I'm only hiding the toolbar in certain contexts, I'm calling `show_admin_bar( false )` right before `get_header()`. #16249 was closed suggesting the function should only be called on `init`. #21746 suggests calling after `plugins_loaded` However, I think calling it after the query is set and the template is picked is a valid use case. As such, I'd propose calling `show_admin_bar( false )` should run `remove_action('wp_head', '_admin_bar_bump_cb');` and similar setup callbacks." danielbachhuber 12 28591 dbDelta Non-literal DEFAULT not working (CURRENT_TIMESTAMP) Database normal normal defect (bug) new 2014-06-19T19:38:03Z 2019-06-04T19:25:59Z "Using dbDelta and any internal SQL values like CURRENT_TIMESTAMP won't work because dbDelta matches based on this regex: {{{ ""| DEFAULT '(.*?)'|i"" }}} The block current looks like this: {{{ if (preg_match(""| DEFAULT '(.*?)'|i"", $cfields[strtolower($tablefield->Field)], $matches)) { $default_value = $matches[1]; if ($tablefield->Default != $default_value) { // Add a query to change the column's default value $cqueries[] = ""ALTER TABLE {$table} ALTER COLUMN {$tablefield->Field} SET DEFAULT '{$default_value}'""; $for_update[$table.'.'.$tablefield->Field] = ""Changed default value of {$table}.{$tablefield->Field} from {$tablefield->Default} to {$default_value}""; } } }}} I'm not sure what the best solution is for this, but perhaps it should be: 1. Check if there is a default to change, if there is -- store default alter query, don't add to $cqueries[] yet 2. Check if there is a field type change OR a default non-literal found, if there is -- use this CHANGE COLUMN query instead of the 'default' changing query in point 1 Does that sound like a good solution here?" sc0ttkclark 1 28607 Make wpautop()'s $allblocks variable filterable has-patch Formatting normal normal Awaiting Review enhancement new 2014-06-21T04:51:59Z 2017-01-18T22:58:34Z "'''The problem''': I'd like <img> tags to ''not'' be wrapped by <p> in the_content(). I used to use a regex filter on the_content to achieve this, but looking at the source for wpautop(), I think it would be much cleaner to ''prevent'' <img>s from being wrapped in the first place by making $allblocks filterable. The <p><img /></p> issue commonly causes formatting issues, and making the block list filterable would let theme/plugin authors change this without and other blocks without breaking stylesheets configured for images in paragraphs. Additionally, I think it's semantically cleaner for a standalone image, since ""The HTML <p> element (or HTML Paragraph Element) represents a paragraph of text."" https://developer.mozilla.org/en-US/docs/Web/HTML/Element/p" walkinonwat3r 7 28616 ftp_fput should have a retry threshold needs-unit-tests Filesystem API 3.9 normal normal defect (bug) new 2014-06-23T18:27:07Z 2019-06-04T19:45:56Z "In class-wp-filesystem-ftpext.php in put_contents(), ftp_fput() is called to transfer a file to the FTP server. The first problem is that warnings are suppressed, so the user never knows that this is the location where something went wrong. The broader problem is that a single transient network failure between the web server and FTP server causes this call to fail. Well, that would be not a big problem if the user's operation were a single call. However, this function is used by Wordpress auto-upgrade when direct file access fails. For each file in the Wordpress distribution, this function is called to transfer it to the FTP server. As the default Wordpress distribution gets more and more bloated, the number of calls increases proportionally, and the likelihood of at least one FTP transaction failing increases. A single failure aborts the entire Wordpress upgrade. It seems reasonable to at least retry up to (say) three times the ftp_fput() call before returning an error to the higher level and aborting a large process such as Wordpress upgrade which is using FTP as backing for the filesystem abstraction layer." runderwo 3 28618 Allow PHPMailer class to be reliably overriden has-patch Mail 4.0 normal normal Future Release enhancement new 2014-06-23T21:46:29Z 2020-10-08T11:43:22Z "The WordPress unit test suite currently overrides the global $phpmailer variable with its own MockMailer class. (See https://core.trac.wordpress.org/browser/trunk/tests/phpunit/includes/bootstrap.php#L48) This achieves the desired effect, but is potentially unreliable. If the global $phpmailer object gets unset, or overridden (For example by a buggy, or otherwise badly behaving plugin), then the code in wp-includes/pluggable.php will create a new instance of PHPMailer without any way for code to override that - see https://core.trac.wordpress.org/browser/trunk/src/wp-includes/pluggable.php#L264 The end result would be that a site that shouldn't be sending emails will potentially become one that will. Potential patch attached. This includes the change to pluggable.php to filter the object after creation, and addition to the test suite to use it. " leewillis77 4 28619 Add more filters to tune audio and video shortcode library Media 3.9.1 normal normal enhancement new 2014-06-24T08:42:25Z 2019-06-04T20:08:19Z "`wp_video_shortcode_library` and `wp_audio_shortcode_library` allow a plugin author to replace the default mediaelement.js library by another Audio/Video js library. But then, possibilities to modify the html rendering are very limited. I have identified 2 points where a filter/action is needed : 1. L1782 in wp-includes/media.php (https://github.com/WordPress/WordPress/blob/3.9.1/wp-includes/media.php#L1792) {{{ $html = ''; if ( 'mediaelement' === $library && 1 === $instances ) $html .= ""<!--[if lt IE 9]><script>document.createElement('video');</script><![endif]-->\n""; }}} 2. L1820 in wp-includes/media.php (https://github.com/WordPress/WordPress/blob/3.9.1/wp-includes/media.php#L1820) {{{ if ( 'mediaelement' === $library ) $html .= wp_mediaelement_fallback( $fileurl ); }}} Plugin author should be able to add arbitrary HTML code before and inside the `<video>` tag as easily as this is done for mediaelement. This could be done by replacing the previous lines with an filter call, and doing the mediaelement stuff inside the filter callback that can be unregistered and replaced by plugins. " Fab1en 5 28625 Enhancement: Add constants to support SSL connections for mysqli needs-unit-tests Database 4.0 normal normal Future Release enhancement assigned 2014-06-24T22:39:12Z 2023-06-24T12:22:46Z "In order to support SSL'ed MySQL connections with the `mysqli_*` functions introduced in WordPress 3.9 / PHP 5.5 `mysqli_ssl_set()` must be called to set the path to the SSL certs and keys to be used by the MySQL client before `mysqli_real_connect()` is called. We should add the following optional constants to allow for users to configure secure connections to the database. * `MYSQL_SSL_KEY` * `MYSQL_SSL_CERT` * `MYSQL_SSL_CA` * `MYSQL_SSL_CA_PATH` * `MYSQL_SSL_CIPHER` In addition this should only be set if the feature flag `MYSQLI_CLIENT_SSL` is set for the existing `MYSQL_CLIENT_FLAGS` constant." hypertextranch 18 28630 "wordpress ""check for updates"" fails silently behind proxy server with https POST 501 Error" Upgrade/Install 3.8.1 normal major defect (bug) new 2014-06-25T14:58:24Z 2019-10-18T14:01:46Z "I was running wordpress 3.8.1 on a webserver inside a LAN where wordpress needs to use a proxy to access the web. This is taken care of by defining WP_PROXY_HOST and WP_PROXY_PORT in wp-config.php, so Wordpress and plugins worked correctly. When checking the dashboard for updates, Wordpress and all plugins were always shown as up-to-date even as WP 3.9 and 3.9.1 were out. I checked the network traffic when forcing an update check, and it turns out that in wp-includes/update.php, if ssl is available, the url used to check for updates is transformed from http url to https url. This happens in three places, e.g. : {{{ $url = $http_url = 'http://api.wordpress.org/themes/update-check/1.1/'; if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) $url = set_url_scheme( $url, 'https' ); }}} Thus a HTTPS POST request is sent, and the proxy we have here (Squid) answers with an error 501 “Unsupported Request Method and Protocol” It seems HTTP GET and POST works, I know HTTPS GET works with the proxy, but not HTTPS POST from WP. After that, WP display that everything is up-to-date, no error message, even with WP_DEBUG set to true. I commented the lines that switch to ssl if it is available, and everything worked fine : the updates were detected and installed with no further problem. Unfortunately my 'fix' isn't one as I will have to do it again after each WP update. Fixing this: - At the minimum : If the update check fails (error 501 here) WP should NOT say there is no update, but display an error message to let the user know there may be updates available but that it could not check for it (displaying the error itself would be even better). - Better : Maybe this is due to the way WP connects to the server using the proxy, as SQUID should work with HTTPS POST (at least it does from my browser). It seems a similar problem is described in [http://www.perlmonks.org/?node_id=78114] and is due to the connection : apparently it should be : ''create TCP connection to proxy, send ""CONNECT xyz\r\n"", and only then establish SSL connection.''. If this can be fixed in proxy support for https (not sure this is the problem), that's the best solution. - fast and unsecure fix: There could be a way (a wp-config var ?) to disable SSL when checking for updates but there are security implications as I assume SSL is used to confirm that the server is getting the updates from a legitimate WP server. " manikb 4 28634 Upload images. does not clear Thumbnails metadata (+30kb from camera for each thumbnails) joemcgill has-patch Media normal normal Future Release enhancement reopened 2014-06-25T17:22:08Z 2019-06-04T13:51:49Z " add {{{ add_image_size( 'thumb100x100', 100, 100, true ); add_filter( 'jpeg_quality', create_function( '', 'return 30;' )); }}} to function.php upload picture to library. look at upload folder. https://dl.dropboxusercontent.com/u/3013858/P1030174-100x100.jpg How can will be 30kb file size with visible jpg artifacts? I look like save twice. With 30% compression and with 100% quality" alexufo 53 28635 Add status codes and hooks to wp-cron.php chriscct7 has-patch Cron API normal normal Future Release feature request reopened 2014-06-25T18:06:05Z 2023-07-14T11:09:06Z "I've been debugging a site problem which turned out to be one of the cron actions resulting in a memory limit breach, and so PHP did a fatal error in the middle of the cron loop. (It's a high-traffic site so it has `DISABLE_WP_CRON` with system cron pinging wp-cron.php every minute.) There is currently very little debugging hooks provided in `wp-cron.php` to help diagnose why and where a scheduled event hook is failing. Some ideas for how `wp-cron.php` could be improved to facilitate debugging (and also to help with general logging): * Return a status message pinpointing at which point `wp-cron.php` exited * Return relevant HTTP status codes * Allow `die` behavior to be overridden, similarly to how `wp_die()` is used elsewhere * Add hooks before before and after each level in the triple-nested crons loop. " westonruter 4 28643 Improve the wp_die experience General 3.9.1 normal normal enhancement new 2014-06-26T09:20:26Z 2019-06-04T19:45:59Z "Improve the wp_die experience passing an 'action' argument (possibly as a variable) that will let a user to better recognize which 'action' is executing the wp_die function. This would be let a user improve better the wordpress wp_die page such as adding specific content or action buttons. The most wp_die calls, inside wordpress core, pass only a message string, without any reference about action that wordpress has executed before." virgodesign 2 28664 "wp_load_alloptions() fails to set object cache when persistent alloptions cache is ""0""" needs-unit-tests Cache API normal normal Awaiting Review defect (bug) new 2014-06-28T17:44:57Z 2022-07-08T14:55:25Z "When alloptions persistent object cache is set to `0`, `wp_load_alloptions()` fails to reset it with appropriate values. This results in every use of `get_option()` to produce the load alloptions query `SELECT option_name, option_value FROM wp_options WHERE autoload = 'yes'` because the object cache never gets appropriately populated. Specifically, `wp_cache_add()`won't set the alloptions value when it's already seen to be set. The end result is a massive impact on site performance when the object cache backend failboats. I'd expect WordPress to handle this scenario a bit more gracefully, possibly falling back to its internal object cache if it detects failures with the persistent object cache. However, it's debatable as to whether the solution lies within a drop-in, or whether it's the responsibility of core. `wp_cache_add()` is used over `wp_cache_set()` for performance reasons with *external* object caches — it doesn't matter one way or another for the internal object cache (genesis #4138). One option is to distinguish between them, and offer different behaviors. However, the most technically appropriate solution is likely to check that the data coming from `wp_cache_get()` is as expected. To answer your question before you ask it, I'm not sure how the Memcached persistent object cache value gets set to zero. It seems to come and go, sometimes occurring regularly when I restart Memcached, and I've seen the issue reproduce with both Ryan Boren's and Zack Tollman's drop-ins (meaning real bug is most likely outside of WordPress)." danielbachhuber 7 28694 Provide a clean way for Plugins to run update scripts for MultiSite Networks and Sites 3.9.1 normal normal enhancement new 2014-06-30T18:54:34Z 2019-06-04T20:08:25Z "It's commonly accepted that, if a plugin needs to run a script after updating (such as to modify the database or its settings stored within), that it should do so hooking into admin_init, checking its version number against a database-stored version number, and making adjustments if needed. This works relatively well for single site, only temporarily failing when the plugin is updated through SVN /ftp, and immediately being addressed as soon as any dashboard page is visited. However, this can often be a much larger issue in MultiSite. In many MultiSite instances, there will be sites who won't have their dashboards logged into for extended periods of time (sometimes even years), meaning that using admin_init to check for running such an update is impractical. While hooking onto admin_init AND init would likely solve the issue, it feels like an excessive amount of additional processing (by EVERY plugin on EVERY page load). I believe that this is an issue that MultiSite needs to address, as currently, plugin authors who use the suggested admin_init method to maybe_update are at risk of major failings in sites using their plugins as part of a network. (The closest related ticket I found was https://core.trac.wordpress.org/ticket/14912, and it's 4 years old and has no mention of the more serious MultiSite implications.)" MadtownLems 3 28701 Deleted option is not deleted if value was ever null needs-unit-tests Options, Meta APIs 2.2 normal normal Awaiting Review defect (bug) new 2014-07-01T04:15:03Z 2021-02-16T10:34:38Z "If an autoloaded option ever contains `null`, it will cease to be autoloaded after this. It will then be stored in the individual option cache (`wp_cache_get('optname', 'options')`), rather than the autoloaded options. The autoloaded option cache will then contain `optname` with the value `null` (and `isset(null) === false`). Typically, this would be fine, but `delete_option` checks the database autoload value directly. It then only attempts to delete this from the autoload options cache (which again fails because of an isset check). After deleting, the value is still stored in the object cache (!!!), causing it to return a value despite not existing in the database. As far as I can tell, this has existed since r4855 (WP 2.2). ---- To reproduce (requires external object cache to be enabled): {{{ // Add the option with initial value set to null add_option( 'testingkey', null ); // Update to real value update_option( 'testingkey', 'realvalue' ); // Delete the option completely delete_option( 'testingkey' ); // Check the value var_dump( get_option( 'testingkey', 'default' ) ); }}} Expected result: {{{ string(7) ""default"" }}} Actual result: {{{ string(9) ""realvalue"" }}}" rmccue 6 28727 plugin editor content empty when source contains an invalid character Plugins 3.9.1 normal normal defect (bug) new 2014-07-03T11:39:43Z 2019-06-04T20:47:22Z "I happened to create a plugin source file which contained a pound sterling character (£) copied and pasted from a web page, and which therefore appeared in my Windows text editor as lower case u acute ( hex A3, ascii 163 ). esc_textarea() makes a call to htmlspecialchars() which returns a null value for safe text. {{{ $safe_text = htmlspecialchars( $text, ENT_QUOTES, get_option( 'blog_charset' ) ); }}} Note: blog_charset is UTF-8 So the plugin editor displayed nothing at all for the source. Question: Is this really the expected behaviour? The documentation for htmlspecialchars says If the input string contains an invalid code unit sequence within the given encoding an empty string will be returned, unless either the ENT_IGNORE or ENT_SUBSTITUTE flags are set. Shouldn't the plugin editor pass ENT_IGNORE OR otherwise issue a message to the user at least advising not to save the empty file when the safe content is nothing like the original. " bobbingwide 5 28734 Back button doesn't work when in the theme previewer Themes 3.9 normal normal defect (bug) new 2014-07-03T15:35:53Z 2019-06-04T21:11:44Z "To reproduce: * Go to theme-install.php; * Go to ""popular"", then to ""featured"" (clicking the back button here works); * Click on ""Details and Preview"" for a theme; * Click next; * Click the browser's back button and you'll be pointed to theme-install.php." iseulde 4 28747 $.wpColorPicker cannot duplicate elements Widgets 3.9.1 normal normal defect (bug) new 2014-07-04T09:26:00Z 2019-06-05T06:40:07Z "I can't `clone()` wrap `div` when I use with `wpColorPicker`. If I just running the `$.wpColorPicker` method again, I see two instance about this. What I can to do for duplicate?" KingYes 4 28750 Media modal: preview images Media normal normal enhancement new 2014-07-04T21:00:03Z 2019-06-04T20:08:29Z "I'm not sure if this has been talked about before, but with FileReader we could preview images in the media modal. https://developer.mozilla.org/en-US/docs/Web/API/FileReader I've made a quick patch to try it, but it's far from perfect... It sometimes flickers and the reading seems to block js from executing further, so not ideal for uploading a ton of images at the same time. Still, I'm sure we can get this to work smoothly somehow. I'll attach a screenshot. I think this would be a really cool experience. :)" iseulde 2 28759 Cache API unit tests should verify public function, not WP_Object_Cache methods has-patch Cache API normal normal Future Release enhancement new 2014-07-05T20:03:51Z 2022-07-08T15:06:37Z "The public API for the WP object cache uses the global `wp_cache_*` functions. Traditionally, these functions are mapped to a class, `WP_Object_Cache`, that provides the logic for the cache through different class methods. The public API is then a wrapper for these methods. I think we should transition our unit tests to test the public API, especially as this makes it easier to test 3rd party caches against these tests. 3rd party object caches ''shouldn't'' be required to implement the `WP_Object_Cache` methods; they should only be required to implement the public functions. Additionally, having these tests test the public API will help should we ever decide to change the `WP_Object_Cache` internals." tollmanz 4 28774 Hooking into wp_ajax_upload_attachment dev-feedback General 4.0 normal normal enhancement new 2014-07-07T15:20:25Z 2019-06-04T19:46:04Z "If you want to do something before/after an attachment has been uploaded - or replace the upload function entirely -- there doesn't seem to be a way to do that: For other `wp_ajax_* calls`, you can unhook them and then hook in your own. This doesn't work for `wp_ajax_upload_attachment` because it ends up getting called directly from async-upload.php. If we replace the direct call with another set of `do_action/add_action` (like admin-ajax has) you can now hook into upload like the other ajax actions. See the proposed patch." jshreve 2 28798 htaccess and protected option Posts, Post Types 4.0 normal normal Awaiting Review enhancement reopened 2014-07-09T08:50:25Z 2021-10-15T13:25:45Z "I already tried to solve this problem in the forum and was told that it is a matter of the core. So here is not a bug but my suggestion for an improvement of the following matter: For security reasons I use htaccess to protect my wp-login.php. Now I'd like to protect a single page by using the WordPress password protected option. Unfortunately the /wp-login.php?action=postpass is needed by this option. In the consequence all the visitors that want to see my password protected page need as well my htaccess password for wp-login or I can't use htaccess to protect my wp-login. Would it be possible to use the password protection for single pages and posts without using wp-login.php. Maybe by creating an extra transfer page for protected content naming differently as wp-login? I'm no developer and just talking from the perspective of a WordPress user. In case this idea is foolish I excuse myself in advance. " YU.Design 4 28801 Walker::walk makes an incorrect assumption if $top_level_elements is empty. needs-unit-tests General 3.8 normal normal defect (bug) new 2014-07-09T16:02:56Z 2019-06-04T19:46:05Z "A colleague of mine was generating a sidebar sub-navigation for one of his projects. The subnavigation contained second-level and third-level navigation elements. The problem my colleague was having was that occasionally third-level elements would not be nested underneath their parent element (also in the list of elements) on some pages. My colleague was calling wp_list_pages with an array of page IDs that he wanted to render in the sub-navigation, wp_list_pages then turned the list of page IDs into a list of Page objects, and it sorted the page objects by their 'menu_order' attribute; the third-level navigational elements all had their 'menu_order' set to 0, whereas the second-level navigational elements all had 'menu_order' set to something more than 0 - causing the third-level elements to be the first elements in the list. wp_list_pages later made a call to Walker::walk, passing along that list of pages. Here is a relevant code snippet from Walker::walk: {{{ /* * When none of the elements is top level. * Assume the first one must be root of the sub elements. */ if ( empty($top_level_elements) ) { $first = array_slice( $elements, 0, 1 ); $root = $first[0]; $top_level_elements = array(); $children_elements = array(); foreach ( $elements as $e) { if ( $root->$parent_field == $e->$parent_field ) $top_level_elements[] = $e; else $children_elements[ $e->$parent_field ][] = $e; } } }}} '''The bug is this code's assumption that the first item in $elements is a suitable root-element for the entire list''' (sentence emboldened for anybody not wanting to read the wall of text). wp_list_pages ordered our list by 'menu_order' which put our 3rd-level elements at the top of the list - causing a 3rd-level element to be treated as the navigation's root. I wrote up a quick fix for this (I'm not sure if it's the best fix, I'm not overly experienced in Wordpress), and for our project we'll use wp_list_pages with a custom walker class that implements my fix. Here is the patch of my fix: {{{ Index: public_html/wp-includes/class-wp-walker.php IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- public_html/wp-includes/class-wp-walker.php (date 1404915904000) +++ public_html/wp-includes/class-wp-walker.php (revision ) @@ -217,12 +217,34 @@ /* * When none of the elements is top level. - * Assume the first one must be root of the sub elements. + * ~~Assume the first one must be root of the sub elements.~~ Disregard - RJ CGIT 2014-07-09 + * + * ---------- + * + * Modified by Rob Jackson, Castlegate IT; 2014-07-09: + * Do not assume the first element is root, instead loop through the elements + * until we find one whose parent is _not_ in the list of elements. If that fails, + * just fall back to the default behaviour of using the first element. */ if ( empty($top_level_elements) ) { + $root = false; + $element_ids = array_map(function($element){ return $element->ID; }, $elements); + foreach($elements as $element) + { + if (!in_array($element->post_parent, $element_ids)) + { + $root = $element; + break; + } + } + unset($element); + + if ($root === false) + { - $first = array_slice( $elements, 0, 1 ); - $root = $first[0]; + $first = array_slice( $elements, 0, 1 ); + $root = $first[0]; + } $top_level_elements = array(); $children_elements = array(); }}} Kind regards, Rob " rob-castlegate 2 28816 HTML entities in post titles break feeds Feeds 3.9.1 normal normal defect (bug) new 2014-07-10T17:08:55Z 2019-06-04T19:46:09Z "If the title of a blog post contains escaped HTML entities, like &ndash; or &rsaquo; the feed containing that title becomes invalid XML. To repro: 1. Start a new post 2. Use a title of Broken &ndash; Escaping 3. Publish the post 4. Load up the /feed/ url for the blog, notice the feed is invalid due to an unknown entity reference. It appears the culprit is calling ent2ncr followed by esc_html as part of the the_title_rss filter. esc_html turns the & into an actual &, which in the replaced string appears as an entity reference. Reversing the calling order of those two filter calls outputs the entity as an XML-style numeric reference, which fixes the feed, but is also wrong. The title should be output as ""Broken &amp;ndash; Escaping"". Had the title been ""Broken – Escaping"" it should be output as ""Broken &ndash; Escaping""." blowery 3 28821 Admin page registered with add_menu_page() allows access through wrong URls and hightlights wrong top level menu item dev-feedback Administration 3.9.1 normal normal defect (bug) new 2014-07-10T21:05:19Z 2019-06-04T19:26:10Z "'''Steps to reproduce:''' * Add a top level admin menu page (with the plugin provided below). * Access the new top level admin menu via the menu item (bottom of menu) * Try to access it via one of the following URLs {{{ http://example.com/wp-admin/options-general.php?page=trac http://example.com/wp-admin/tools.php?page=trac http://example.com/wp-admin/admin.php?page=trac http://example.com/wp-admin/edit-comments.php?page=trac http://example.com/wp-admin/edit.php?post_type=page&page=trac http://example.com/wp-admin/upload.php?page=trac http://example.com/wp-admin/edit.php?page=trac http://example.com/wp-admin/index.php?page=trac ... etc ... // Sub menu items that have the same behavior http://vagrant.local/wp/wp-admin/plugin-install.php?page=trac http://vagrant.local/wp/wp-admin/themes.php?page=custom-header&page=trac http://vagrant.local/wp/wp-admin/themes.php?post-new.php?post_type=page&page=trac ... etc ... }}} '''Bug description:''' Every of the above links will (falsely) work and bring you to the registered page. The top level menu item will be hightlighted while the sub menu item does not exist. The following URls will work (with above bug) as well, but ''not'' highlight any menu item: {{{ http://example.com/wp-admin/edit-tags.php?taxonomy=post_tag&page=trac http://example.com/wp-admin/edit-tags.php?taxonomy=category&page=trac }}} I would not really consider this a ''""feature""''. ---- '''Test Plugin''' {{{ <?php /** Plugin Name: (Trac) Add Top Level Test Menu Page */ add_action( 'admin_menu', function() { add_menu_page( 'Hello Trac', 'Trac', 'manage_options', 'trac', function() { ?> <h1>Hello Trac!</h1> <?php settings_errors(); ?> <form action=""options.php"" method=""post""> <label for=""trac"">Enter Trac ID</label> <input type=""text"" name=""trac"" /> </form> <?php } ); } ); }}}" F J Kaiser 8 28845 Better error messages when uploading theme as plugin and vice versa pbiron Upgrade/Install normal normal enhancement assigned 2014-07-11T22:36:14Z 2023-03-15T18:29:52Z "When uploading a plugin package in the theme upload section, you will get an error message like: {{{ Unpacking the package… Installing the theme… The package could not be installed. The theme is missing the style.css stylesheet. Theme install failed. }}} You get a similar message when you try uploading a theme as a plugin. Because a plugin or a theme package is detectable, the error message should be more helpful. It should point the user where to go to upload the package. Ideally, we could just detect have the package installed anyone as the correct package type; however, for now, improved messaging could be really helpful." tollmanz 1 28855 Commented add_actions and unused functions in wp-admin/includes/theme-install.php chriscct7 has-patch Themes 3.9 normal normal defect (bug) assigned 2014-07-12T16:59:42Z 2019-06-04T21:11:52Z "Only {{{install_themes_upload()}}} is used in`wp-admin/theme-install.php:134` {{{ mike@mike:~/Sites/wordpress-svn$ grep -r '// add_action' src/ src/wp-admin/includes/theme-install.php:135:// add_action('install_themes_dashboard', 'install_themes_dashboard'); src/wp-admin/includes/theme-install.php:147:// add_action('install_themes_upload', 'install_themes_upload', 10, 0); src/wp-admin/includes/theme-install.php:179:// add_action('install_themes_search', 'display_themes'); src/wp-admin/includes/theme-install.php:180:// add_action('install_themes_featured', 'display_themes'); src/wp-admin/includes/theme-install.php:181:// add_action('install_themes_new', 'display_themes'); src/wp-admin/includes/theme-install.php:182:// add_action('install_themes_updated', 'display_themes'); mike@mike:~/Sites/wordpress-svn$ grep -r install_themes_dashboard src src/wp-admin/includes/theme-install.php:96:function install_themes_dashboard() { src/wp-admin/includes/theme-install.php:135:// add_action('install_themes_dashboard', 'install_themes_dashboard'); mike@mike:~/Sites/wordpress-svn$ grep -r install_themes_upload src src/wp-admin/includes/theme-install.php:137:function install_themes_upload() { src/wp-admin/includes/theme-install.php:147:// add_action('install_themes_upload', 'install_themes_upload', 10, 0); src/wp-admin/theme-install.php:134: <?php install_themes_upload(); ?> mike@mike:~/Sites/wordpress-svn$ grep -r install_themes_search src src/wp-admin/includes/theme-install.php:179:// add_action('install_themes_search', 'display_themes'); mike@mike:~/Sites/wordpress-svn$ grep -r install_themes_featured src src/wp-admin/includes/theme-install.php:180:// add_action('install_themes_featured', 'display_themes'); mike@mike:~/Sites/wordpress-svn$ grep -r install_themes_new src src/wp-admin/includes/theme-install.php:181:// add_action('install_themes_new', 'display_themes'); mike@mike:~/Sites/wordpress-svn$ grep -r install_themes_updated src src/wp-admin/includes/theme-install.php:182:// add_action('install_themes_updated', 'display_themes'); }}} `display_themes` is used only in the same file `wp-admin/includes/theme-install.php`, but in the commented add_actions. Should that function be deprecated? {{{ mike@mike:~/Sites/wordpress-svn$ grep -r display_themes src src/wp-admin/includes/theme-install.php:122:function display_themes() { src/wp-admin/includes/theme-install.php:132:// add_action('install_themes_search', 'display_themes'); src/wp-admin/includes/theme-install.php:133:// add_action('install_themes_featured', 'display_themes'); src/wp-admin/includes/theme-install.php:134:// add_action('install_themes_new', 'display_themes'); src/wp-admin/includes/theme-install.php:135:// add_action('install_themes_updated', 'display_themes'); }}}" michalzuber 2 28904 custom header stores full URL in database dev-feedback Themes 3.9.1 normal normal defect (bug) new 2014-07-14T21:43:16Z 2019-06-04T21:11:53Z "set_header_image is storing the full URL to the custom header in the database. It should only store the relative path in the database and get_header_image should prepend the relative path with get_bloginfo('url'). This makes migrating your site easier. Or you can have a develop and live environment with an easy database sync (my particular issue). '''set_header_image''' Replace: {{{ $choice['url'] = esc_url_raw( $choice['url'] ); }}} With: {{{ $choice['url'] = str_replace( get_bloginfo('url'), '', esc_url_raw( $choice['url'] ) ); }}} or find another method of getting the relative URL '''header_image''' then add the bloginfo URL to header_image (and probably a few other places). {{{ function header_image() { echo esc_url( get_bloginfo('url').get_header_image() ); } }}}" tverlaan 2 28908 Adding a menu custom link during autocompletion does not add the full text in firefox dev-feedback Menus 3.0 normal normal defect (bug) new 2014-07-15T09:59:51Z 2019-06-04T20:08:33Z "Tested on Firefox 30.0 In Appearance => Menus, creating a menu and adding custom links does not save the full link text under the condition that you have selected an auto complete value and hit the enter key. Presumably, the auto complete value should be inserted, then the field should be saved with that value. Entering: [[Image(http://s.nessworthy.me/2014071509500201.png)]] Submitting/Saving (via enter key): [[Image(http://s.nessworthy.me/20140715095111549.png)]] Result: [[Image(http://s.nessworthy.me/20140715095033870.png)]] This applies to both the link URL and the link name. Didn't add the link URL screenshots to save screen space." Nessworthy 3 28956 Moving taxonomy metabox chriscct7 has-patch Taxonomy normal normal Future Release enhancement reviewing 2014-07-19T12:34:20Z 2018-06-06T23:11:56Z "As far as I know, if you want to move a taxonomy meta box, you must currently use ""remove_meta_box"" and then use ""add_meta_box"" with the context and priority as parameters. Take this link for instance: http://stackoverflow.com/questions/14512203/wordpress-custom-taxonomy-move-meta-box Shouldn't this rather be an option inside $args using ""register_taxonomy""? It would be so much easier and intuitive. You could e.g. write: {{{ $args = array( 'context' => 'normal', 'priority' => 'high' ); }}} There should also be a ""move_meta_box"" function for already created taxonomies such as ""tags"", where you simply pass these paramters along with the taxonomy name. It could look like this: {{{ move_meta_box( $id, $page, $context, $priority ); }}} I just think that removing and then adding a meta box only to move its location is so hacky and unintuitive, and this would make it easier so we can create better UIs for our customers!" RIISdesign 6 28959 Comments: improve comment moderation text and default style for better UX Comments normal normal enhancement new 2014-07-19T18:31:55Z 2019-06-04T19:26:13Z "The comment moderation email confirmation isn't as helpful as it could be: ""Your comment is awaiting moderation"" doesn't completely suggest the comment went through successfully. (This feedback originally suggested by Scott Berkun, I'm paraphrasing a bit.) ""When a commenter replies, the new comment appears in the middle of the screen, but buried inside the comment area is the message: ""Your comment is awaiting moderation"" -- often in very small text. Suggested improvements: 1. Provide a better default visual indicator that the comment reply succeeded -- this confirms to the commenter that they did everything right. 2. Improve the text to say '''""Your comment was submitted successfully and is awaiting moderation.""''' Attached are before / after screenshots to illustrate (with Twenty Fourteen as an example theme since styles could be theme-specific.)" lancewillett 4 28983 Admin bar length or Admin bar on two line KZeni has-patch Toolbar 4.3 normal normal Future Release defect (bug) assigned 2014-07-22T11:24:47Z 2023-07-19T04:28:38Z "On some sites I see the bad admin bar. [[Image(http://f.cl.ly/items/2Y372s072P0k2t1H142q/Screen-Shot-2014-07-22-at-14.58.10.png)]] And this without any external plugins stuff (Jetpack Statistic for example), except that buddy press notification counter. The possible solutions, if screen too small: 1. Leave only icons (like on mobile screens). 2. Crop user name: * Hello, Kolya Korobochkin [avatar] * Hello, Kolya [avatar] * Hello [avatar] * [avatar] 3. Admin bar on two lines (maybe hard to do, because #wpadminbar have static height and position: fixed). 4. Add horizontal scroll without visible scrollbar (scrolling with mouse press and pull). All options required JS and I'm sorry." korobochkin 45 28988 Detect Time Zones automatically at installation dev-feedback Date/Time normal normal Awaiting Review enhancement new 2014-07-22T19:19:50Z 2021-05-05T19:04:34Z "Currently, upon installing WordPress, one of the steps I always take is to go to Settings > General > Timezone to manually set my time zone. I've been using Wordpress for eight years, so I know to do it and how to do it, and it's just a minor inconvenience. However, I have seen people new to this platform be confused and/or not know how to change this. Is it technologically possible to use a geolocation service to query the IP address of the computer installing Wordpress and automatically set that service's best guess as to time zone, perhaps during the setup process? I would envision the UI option remaining in settings, in case, for example, a developer in one time zone builds a site for a client in another. But automatic detection would be perfect for the average new user. It would be one more element that just works out of the box for those who aren't particularly tech savvy. I did some searching in Trac to see if I could find a similar ticket and couldn't find any." danielmount 9 28989 AJAX in the media library sometimes fails to load data Media 3.5 normal normal defect (bug) new 2014-07-22T20:23:57Z 2019-06-04T20:08:35Z "I added video and want to replace it now and since AJAX failed (only on this single page, there are no errors when I hit F12 and go to ""Console"" though) I have no other option then to refresh entire page: [[Image(http://i.gyazo.com/6379480b489e206bfe0b06b06288579b.png)]] I'm using 4.0-beta2-20140722. I think it wasn't happening that often in 3.9.1 but I may be wrong." Looimaster 2 28997 Adding additional classes to image captions via UI dev-feedback Media normal normal enhancement new 2014-07-23T09:25:29Z 2019-06-04T20:08:39Z "This is a follow-up to #25295. In the ""Advanced Settings"" of an image, you can already set the classes of the image and the link, but not the caption. Although you can now add a class to the caption manually under the ""code"" tab, there is no UI in the ""Image Details/Advanced Options"" of the image that actually allow you to add the class as you would expect. The reason why I've escalated this to a feature request, rather than an arbitrary hack or plugin is this; for the end user, if you can add classes to the image and the link, you'd expect to be able to add classes for the caption, since this is a ""caption"" shortcode we're talking about here. Although issue #25295 does now permit classes in the shortcode, it does not add a user interface." jpswade 4 29005 Small Improvements of text in setup-config.php Upgrade/Install 4.0 normal normal enhancement new 2014-07-23T14:45:15Z 2020-02-06T19:41:49Z Just a couple of tweaks to text on install to make it a-little clearer and more friendly. Also small grammatical correction - add colon before list of database details required. Jonnyauk 7 29009 "There should be a capability for ""publish private posts""" dev-feedback Role/Capability 3.9.1 normal normal enhancement reopened 2014-07-23T15:48:00Z 2019-06-04T21:12:02Z "I've been working on a simple membership site with only two membership levels: logged in and logged out, which is a situation that theoretically could be easily managed in WP without any plugins. However, logged in members should not be able o post publicly, while they are allowed to post whatever they want inside the membership walls, so the review system doesn't help in this situation either. Currently, I have to use a custom post type and force the status to private on publishing with a plugin to achieve the intended scenario. But I think the most parsimonious solution would be to include a capability that would allow people to ""publish_private_posts"" yet not ""publish_posts""." t.schwarz 3 29014 Normalization of template tag filters Posts, Post Types 3.9 normal normal enhancement new 2014-07-24T04:42:14Z 2019-06-04T20:47:26Z "The filters for the template tags, specifically, title, content and excerpt, are not very uniform. Some of them have a filter for their `get_the` variant, but not others. Only `the_title` sends the post id through the filter while the others do not. The included patch does the following: - Add `get_the` filters to the proper functions for `get_the_title`, `get_the_content`, `get_the_excerpt` - Added post_type specific variants of the filters ( ex. `the_title_{$post->post_type}` - All filters now pass the post id as a second argument" Funkatronic 1 29023 Galleries: add pagination option Gallery 3.9.1 normal normal enhancement new 2014-07-25T08:28:03Z 2019-06-04T19:46:13Z "Galleries are great, but if you add a lot of images to a single gallery the page will take a while to load. I think it would be nice to add a new option, maybe just a new gallery shortcode parameter at first, that would allow post authors to define a number of images per page, thus breaking galleries into different pages, much like we do with [https://codex.wordpress.org/Function_Reference/wp_link_pages single post pagination] today. " jeherve 3 29030 Screen Options Poor Update/Rendering Causes Many things to Break dev-feedback Administration 3.9.1 normal normal Awaiting Review defect (bug) new 2014-07-26T01:21:46Z 2018-08-08T19:15:02Z "Screen options dont work properly in many different situations. I noticed the first issue when trying to create a sticky header plugin for the wp_list_table. When scrolling down the page the headers stick to the top by cloning the header with javascript and hiding the other original at the same time. However, If screen options are updated the tables break completly even after the plugin is disabled. Wordpress checks the current table headers to determine which ones are hidden and should be added to the `manageedit-{$post_type}columnshidden` field in the `user_meta` table. So since the cloned table header the plugin created is hidden visually while scrolling up, wordpress thinks that all columns aredisabled and adds all the columns to `manageedit-{$post_type}columnshidden`. [[Image(http://i.stack.imgur.com/wrYin.png)]] This is poor practice because it doesn't seperate presentation well enough from the logic used to render screen options. Any user who has access to `wp-admin/edit.php`can completly break their tables if any html/css visually hides the `<thead>` or a column-header perhaps by a plugin, or maybe the browser doesn't load a certain script, or perhaps they are just messing with the dev-tools. Beginers that don't know how to properly [remove columns][5], could run into this issue if they ever try to use css instead. `manageedit-{$post_type}column` should not rely on the visibility of <thead> and only the actual checked input fields. Also `cb` and `title` should not be allowed to be added to the `manageedit-{$post_type}column`. They should only be able to be removed with `unset`. ---------- **To recreate this issue:** 1. open up firebug/chrome dev tools/etc. on http://www.example.com/wp-admin/edit.php 2. add `thead {display: none;}` to the style editor 3. On the page screen options uncheck at least one column ( this is to ensure `manageedit-{$post_type}columnshidden` is a database field for the current user and if not it creates it ) 4. Hit apply to refresh the page *The tables will now be broken....* ---------- To chck the columns I used the `get_user_meta();` function to print the array of `hiddencolumns` on each post types `edit.php` admin screen notices: {{{ <?php function get_current_post_type() { global $post, $typenow, $current_screen; if ($post && $post->post_type) return $post->post_type; elseif ($typenow) return $typenow; elseif ($current_screen && $current_screen->post_type) return $current_screen->post_type; elseif (isset($_REQUEST['post_type'])) return sanitize_key($_REQUEST['post_type']); return null; } function get_current_user_manageedit_pagecolumnshidden() { $current_ptype = get_current_post_type(); $user_id = get_current_user_id(); $key = 'manageedit-'.$current_ptype.'columnshidden'; $single = true; if(get_user_meta($user_id, $key, $single)) return get_user_meta($user_id, $key, $single); } function echo_current_user_manageedit_pagecolumnshidden() { global $pagenow; if ( $pagenow !== 'edit.php' ) return; $columnshidden= get_current_user_manageedit_pagecolumnshidden(); echo '<pre>'; print_r( $columnshidden ); echo '</pre>'; } add_action('all_admin_notices', 'echo_current_user_manageedit_pagecolumnshidden'); }}} **Output for the broken tables :** {{{ Array ( [0] => cb [1] => title [2] => [3] => ) }}} ---------- After determining that `cb` & `title` were in fact added to the `$meta_value`you need to fix the table. This will do the trick: {{{ function delete_current_user_manageedit_pagecolumnshidden() { $user_id = get_current_user_id(); $meta_key = 'manageedit-pagecolumnshidden'; if( get_user_meta($user_id, $meta_key) ) delete_user_meta( $user_id, $meta_key ); } add_action ('admin_init', 'delete_current_user_manageedit_pagecolumnshidden'); }}} ''Side-Notes:'' *`columnshidden` appears [`wp_ajax_hidden_columns()`][1] & [`get_hidden_columns()`][2] *client-side functionality appears to be here in [`common.js`][3] which checks for the [hidden table headers][4] ---------- Similar issues with the screen options can be recreated for different situations that have nothing to do with the tables. **Recreate similar issue on nav-menus.php** 1. Go to http://example.com/wp-admin/nav-menus.php 2. Uncheck all the fields in the *""Show advanced menu properties""* Screen-Options tab 3. Add the screen options filter to hide them from display: `add_filter('screen_options_show_screen', 'remove_screen_options_tab');` 4. Reload http://example.com/wp-admin/nav-menus.php All of the hidden advanced menu properties will now be broken and are all visible even though they were unchecked. I'm not sure if this is the same issue, but it appears that overall screen options have a high change of not working properly ---------- ---------- **Other-Notes** These issues of broken tables might also have to do with the same functionality problem of how screen options update/render: http://wordpress.stackexchange.com/questions/31154/wp-list-table-custom-quick-edit-box-post-meta-data-missing-and-columns-change http://wordpress.stackexchange.com/questions/123182/custom-admin-column-disappearing-when-using-quick-edit?lq=1 http://wordpress.stackexchange.com/questions/144361/wordpress-admin-wp-table-list-show-incorrectly #21016 [1]: https://github.com/WordPress/WordPress/blob/448275cce483138f53ccfa586b2d28b7fe8b0785/wp-admin/includes/screen.php#L55 [2]: https://github.com/WordPress/WordPress/blob/270a57075c290736387b6551670fde34fb3f1851/wp-admin/includes/ajax-actions.php#L1307 [3]: https://github.com/WordPress/WordPress/blob/448275cce483138f53ccfa586b2d28b7fe8b0785/wp-admin/js/common.js#L29 [4]: https://github.com/WordPress/WordPress/blob/448275cce483138f53ccfa586b2d28b7fe8b0785/wp-admin/includes/screen.php#L17 [5]: http://codex.wordpress.org/Plugin_API/Filter_Reference/manage_$post_type_posts_columns" codecandid 6 29040 Customizer: Header Image not Updating when using static front page Customize 3.9 normal normal Future Release defect (bug) reopened 2014-07-27T15:56:39Z 2019-11-29T21:07:37Z "Using WordPress 4.0 Beta 2. Steps to reproduce: only happens if theme has default header image (with twenty fourteen) - Open Customizer - Open Header image section - Click on previously uploaded, theme default, or new uploaded image - current header updates in customizer controls and preview - changing header image activates the save and publish button, but after pressing it and closing customizer the header image is not changed - when returning to the customizer the newly uploaded image is not present, however it does appear in the media library - after switching themes and the switching back all images do show up (in another theme which has several default images and no header text) - Open Customizer - Open Header image section - Click on previously uploaded, theme default, or new uploaded image - current header updates in customizer controls - customizer preview does not update image, even after triggering a preview refresh with another control - changing header image activates the save and publish button, but after pressing it and closing customizer the header image is not changed Tried on Google Chrome and Safari on both Windows and Mac Is not always reproducible with every theme, inconsistent results." zhalsey 11 29051 get_raw_theme_root : Windows paths Themes 3.9.1 high critical Awaiting Review defect (bug) new 2014-07-29T01:46:10Z 2024-03-14T13:37:39Z "I believe, this problem exists only if there are more than one theme directories. For example, in my code I have: {{{ register_theme_directory( ABSPATH . 'wp-content/themes/' ); }}} Then, on Windows, the options table has: {{{ INSERT INTO `xxx_options` VALUES (678,'template_root','C:\\the\\path\\to\\www.mysite.com\\wp/wp-content/themes/','yes'); INSERT INTO `xxx_options` VALUES (869,'_site_transient_theme_roots','a:2:{s:14:\""twentyfourteen\"";s:57:\""C:\\the\\path\\to\\www.mysite.com\\wp/wp-content/themes/\"";s:8:\""wpglobus\"";s:7:\""/themes\"";}','yes'); }}} On UNIX, of course, I see {{{ INSERT INTO `wpg_options` VALUES (678,'template_root','/the/path/to/www.mysite.com/wp/wp-content/themes/','yes'); INSERT INTO `wpg_options` VALUES (869,'_site_transient_theme_roots','a:2:{s:14:\""twentyfourteen\"";s:55:\""/the/path/to/www.mysite.com/wp/wp-content/themes/\"";s:8:\""wpglobus\"";s:7:\""/themes\"";}','yes'); }}} And what happens is: when I `mysqldump` my database on Windows and load it on UNIX, WordPress gives me White Screen (no errors even in the error log). I believe, '''always storing UNIX paths would solve this problem'''. They work the same on Windows and UNIX." tivnet 7 29066 Grunt clean:dynamic task does not delete file/s from /build during grunt watch task Build/Test Tools 3.7 normal minor Awaiting Review defect (bug) new 2014-07-30T04:10:15Z 2019-02-25T01:44:52Z "When running the Grunt task `grunt watch` a file that is modified and saved should be cleaned from the /build folder and the modified file copied from the /src folder to the /build folder as part of the `watch:all` task: {{{ tasks: [ 'clean:dynamic', 'copy:dynamic' ], }}} Currently the `clean:dynamic` task does not actually 'clean' (delete) the file from the /build folder, the `copy:dynamic` task overwrites the existing file. Workaround: Do nothing and continue to have the file overwritten without cleaning first. Options: 1. Fix the `clean:dynamic` task to actually 'clean' (delete) the file from /build 2. Remove the `clean:dynamic` task from the `clean` and `watch:all` tasks list To reproduce: * Temporarilly remove `copy:dynamic` from the `watch:all` task tasks list * Run `grunt watch` * Edit a file from /src and save Expected Results: * Edited file should be 'cleaned' (deleted) in /build folder Actual results: * File remains in /build folder " netweb 29071 Make it easier to include an instance of the Customizer outside of customize.php Customize 3.4 normal normal Future Release enhancement reopened 2014-07-30T20:27:19Z 2021-05-22T19:29:30Z "A lot of the bootstrapping of the customizer goes on either in customize.php or in function calls that are hardwired to this instance. We should make this code more modular, so there isn't so much boilerplate required to load a customizer instance on a different page." ericlewis 24 29082 Pass $meta_id into sanitize_meta() and subsequently into the filter for register_meta callback chriscct7 has-patch Options, Meta APIs 3.3 normal normal enhancement reviewing 2014-08-01T09:59:57Z 2019-06-04T20:47:28Z "To use Post Type based sanitization for specific meta keys, currently register_meta adds the filter but while the 'auth' filter gets access to the Post ID, the 'sanitize' filter does not. We would need to add $object_id in the cases of add/update_metadata, and in the case of update_metadata_by_mid we'd need to pass the Post ID into that function as well, which would then pass along to sanitize_meta() usage. Is anyone against this proposal? If so, a patch can be drawn up." sc0ttkclark 1 29117 Custom Field metabox shows table header information even though it has no data to show. has-patch Posts, Post Types 2.9 normal normal Awaiting Review defect (bug) new 2014-08-05T13:33:42Z 2019-06-20T12:36:47Z This can be verified by adding a post and then submitting an empty meta key and meta value. A validation error occurs but at the same time the table header information is displayed. Ankit K Gupta 6 29118 Registering rewrite rules is hard, so let's introduce remove_rewrite_rule. has-patch Rewrite Rules normal normal Awaiting Review enhancement new 2014-08-05T15:20:27Z 2017-11-19T10:25:38Z "A plugin cannot use the current Rewrite API to register/deregister rewrite rules on plugin activation/deactivation elegantly, without being extremely hacky. Current best practice is to add rewrite rules via init, and flush properly on activation/deactivation hooks in your plugin: {{{ #!php function add_some_rewrite_rules() { add_rewrite_rule( ... ); } add_action( 'init', 'add_some_rewrite_rules' ); register_activation_hook( __FILE__, function() { add_some_rewrite_rules(); flush_rewrite_rules(); } ); register_deactivation_hook( __FILE__, function() { flush_rewrite_rules(); } ); }}} However, there is a race condition on the deactivate request: init triggers first, adding your rewrite rule, so when you flush rewrite rules in the deactivation function, the rewrite rule persists. You have some dirty options: checking the script being run in add_some_rewrite_rules() to sniff for a request for the plugin being deactivated comes to mind, I'm sure there are others. This would be much easier if we had a remove_rewrite_rule() function we could hit on deactivation, and probably read better. " ericlewis 20 29124 missing icons in editor on windows 7 phone General 3.9.1 normal normal defect (bug) new 2014-08-05T20:37:30Z 2019-06-04T19:46:16Z "The icons don't show up in the editor on a Windows 7 phone. This is on a clean install of WordPress with no plugins and the default 2014 theme. This problem was reported as fixed in 3.8: #26369. The problem has reappeared in version 3.9.1." joneiseman 1 29128 Number of pages owned by a user is not shown under Users >>> All Users Users 3.9.1 normal normal enhancement new 2014-08-06T07:52:28Z 2019-06-05T06:40:08Z "This would be very useful in case you'd like to delete a user and want to keep some of the content that the user created. Right now you only have the possibility to see the number of posts so it would be great if another column with pages can be added. Thanks" bflo 3 29155 Widgets: is_active_widget returns true even when the widget is not displayed on specific page Widgets 2.3 normal normal enhancement new 2014-08-08T17:51:22Z 2021-11-23T15:55:22Z "Steps to reproduce: 1. Activate Twenty Eleven 2. In Appearance > Widgets, add a widget to the Showcase widget area (only displayed on pages using the Showcase Page Template) 3. Load your home page. {{{is_active_widget}}} will return true for that widget, even if it is not displayed on the home page. It seems like it would be nice if {{{is_active_widget}}} only returned true when the widget was actually displayed on the page. I'm not sure how to do that, though." jeherve 2 29159 Classic editor: Visual editor is disabled when user agent is obscured by a proxy needs-unit-tests Editor 2.0 normal normal Future Release defect (bug) new 2014-08-08T23:54:26Z 2020-11-24T04:56:39Z "user-agent checking is removing visual editor in function user_can_richedit. It took us many days to find a problem, which is described here: http://www.benjaminhorn.se/code/wordpress-visual-editor-not-visible-because-of-user-agent-sniffing/ It is not sensible to use user-agent as a check whether to show visual editor. Hopefully this check can be amended or removed in future WP versions. There are various hosting environments where this check fails. Plus you would constantly need to manually add new strings over time. We need to write plugins or theme hacks to circumvent this problem (that is after spending days of struggling to pinpoint the problem)." vmuryginIB 9 29161 $pagenow variable not set in admin pages on Windows systems reporter-feedback Administration 3.9.1 normal normal Awaiting Review defect (bug) new 2014-08-09T10:59:05Z 2021-12-27T21:25:33Z "In the most recent version of WordPress: `vars.php`, starting line 25: {{{#!php if ( is_network_admin() ) preg_match('#/wp-admin/network/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); elseif ( is_user_admin() ) preg_match('#/wp-admin/user/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); else preg_match('#/wp-admin/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); }}} The ""/"" character does not match the ""\"" character found as the directory separator on Windows systems. This causes various issues throughout the entirety of the administration pages, notably that ""add_meta_box"" ceases to function correctly. Would recommend it be changed to something like this: {{{#!php $ds = preg_quote(DIRECTORY_SEPARATOR); if ( is_network_admin() ) preg_match('#'.$ds.'wp-admin'.$ds.'network'.$ds.'?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); elseif ( is_user_admin() ) preg_match('#'.$ds.'wp-admin'.$ds.'user'.$ds.'?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); else preg_match('#'.$ds.'wp-admin'.$ds.'?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); }}} Thanks for the wonderful software!" Craxic 4 29178 Using WP_Query only for result of SQL_CALC_FOUND_ROWS Query normal normal enhancement new 2014-08-11T15:56:32Z 2019-06-04T20:47:33Z "For certain web hosts who reject direct SQL queries and push for use of `WP_Query` everywhere, it would be nice if you could use `WP_Query` only for the result of `SQL_CALC_FOUND_ROWS` My use case is that I'm added limited faceting support to a search interface. For each facet, I'd like to indicate the number of matching results. Using `update_post_meta_cache => false` and `update_post_term_cache => false` means using `WP_Query` still produces two queries. Also, it would be interesting to compare the performance of `SQL_CALC_FOUND_ROWS` vs `COUNT(*)` when all you care about is the total count." danielbachhuber 5 29187 .notdef glyph (when copying text from a PDF in the excerpt) breaks the /feed Feeds 1.0 normal normal defect (bug) new 2014-08-12T00:14:44Z 2019-06-04T19:46:17Z "I created a post where the excerpt was copy&pasted from a pdf document. When pasting the text, the ""fi"" glyph disappears (e.g. ""specification"" is copied over as ""specication"", this is a common problem, see for instance: [http://superuser.com/questions/375449/why-does-the-text-fi-get-cut-when-i-copy-from-a-pdf-or-print-a-document]). To be more precise, the ""fi"" glyph is replaced with the .notdef glyph. The .notdef glyph is not visible in the Edit Post screen nor when viewing the post but it is stored in the database (rendered as a white square, the most common representation for this glyph). The problem is that, while the glyph is properly filtered when viewing the post, it is not when creating the RSS feed so it breaks it. For instance, when trying to access it with Google Chrome I get: This page contains the following errors: error on line 29 at column 25: Input is not proper UTF-8, indicate encoding ! Bytes: 0x0C 0x66 0x69 0x63 I've been able to reproduce the problem on several sites. " softmodeling 4 29213 Introduce capability for access to nav-menus.php johnbillion needs-unit-tests Menus 3.0 normal normal Future Release enhancement assigned 2014-08-14T16:22:16Z 2022-01-30T16:44:01Z "Management of the nav menus currently requires `edit_theme_options` capability, a capability associated with administrators which grants the power to make many wide sweeping changes. There should be a discrete capability `edit_nav_menus` just for managing menus, one that is inherited for anyone who has `edit_theme_options` by default. This was done for Customizer access in #28605 with the introduction of a `customize` capability. Originally brought up in #14386. For introducing a `manage_widgets` capability, see #31020." westonruter 20 29247 Crucial caches are not cleared when deleting site dev-feedback Cache API normal normal Future Release defect (bug) new 2014-08-18T03:10:13Z 2022-07-08T15:07:55Z "`clean_blog_cache` clears a bunch of caches, but does not clear any of the options caches. The worst of these is the `alloptions` cache, which allows some behaviour to continue working on deleted sites. For example, `switch_to_blog` will continue to work without error, whereas if the cache is cleared, a `Table 'wordpress.{$prefix}_options' doesn't exist` error will be generated (helping in debugging). Another one that's problematic is the `is_blog_installed` cache. On that note, is there a reason we aren't checking site existence in `switch_to_blog`? (Still investigating this one.)" rmccue 8 29260 Update site transients response differences Upgrade/Install 2.8 lowest normal enhancement new 2014-08-19T06:18:59Z 2019-06-05T06:45:21Z "Why do the update_themes and update_plugins have a different response type, one is an stdObject another is a simple array. That being said the plugin and theme upgrader have the same discordance. Please make them so they are consistent with one another. " krotz 1 29261 Enqueue script in Widget has-patch Widgets 3.9.1 normal normal defect (bug) new 2014-08-19T07:46:11Z 2020-10-13T15:28:39Z I am trying to use wp_enqueue_script inside function widget of the Widget class. But it seems like when I print html it doesn't use the javascript functions which I enqueue before. This enqueue script works well if I use for shortcode inside shortcode and later print html. Is this a bug or there is any workaround for using enqueue inside widget function that will properly handle my html also? zishanj 5 29276 Ability to edit and preview any revision, not just autosaves Revisions 3.9.2 normal normal Awaiting Review enhancement new 2014-08-20T14:30:38Z 2020-01-10T21:02:56Z "It would be great if the revision management functionality could include a way to preview any revision. From a quick look at the source code, wp-includes/revision.php declares a function called {{{ _set_preview($post) }}} By default it loads the most recent autosave with: {{{ $preview = wp_get_post_autosave($post->ID); }}} I would like to propose that that line be changed into: {{{ $preview = !empty($_GET['preview_id'])?get_post($_GET['preview_id']):wp_get_post_autosave($post->ID); }}} The nonce has already been verified in `_show_post_preview()`, so there should be no security implications of this change. With this change, the Revisions meta box (Edit Post screen) could display a ""preview"" icon/link that includes the appropriate nonce and does the same thing as the main ""Preview"" button." coolmann 8 29288 Settings updated within the Customizer Preview are not synced up to main app Panel Customize 3.4 lowest normal Future Release enhancement new 2014-08-20T20:05:43Z 2021-05-22T19:32:28Z "The Customizer has two copies of models for the registered settings: one set in in the Customizer panel parent frame, and changes to these result in the settings getting copied over to the preview either via postMessage or via a refreshing the preview entirely. Updating a setting model from within preview directly, however, does not propagate up to the model. There is currently a one-way-sync from the panel to the preview. As a workaround, the preview can send messages to the panel for which handlers can apply the updates to the settings, but it would be good if this was automatic. By implementing a bi-directional syncing of settings between the panel and preview, there would be lots of opportunities for inline front-end editor controls to more easily be added into the preview directly. See also https://twitter.com/bradyvercher/status/502163462990995456" westonruter 8 29299 Plural forms not available for some strings SergeyBiryukov dev-feedback Options, Meta APIs normal normal Future Release defect (bug) reviewing 2014-08-21T09:55:42Z 2020-02-06T19:46:51Z "There are several strings which do not allow specific plurals in Settings - Reading. `<?php _e( 'posts' ); ?>` `<?php _e( 'items' ); ?>` It looks strange when somebody inserts for example number 4 and our plural form is translated only for number 5. Best solution would be probably some kind of string ""Number of posts on page"" (without ending ""posts"" string). But I am not sure about it... See: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/options-reading.php#L126" pavelevap 15 29312 No recommended nonce refresh functionality in Heartbeat. dev-feedback Administration 3.6 normal normal enhancement new 2014-08-22T07:49:19Z 2019-06-04T19:26:31Z "Oddly enough it seems there isn't an obvious way to refresh nonces that may be needed on the page after heartbeat-api login dialog. For example, go to wordpress plugins listing page, notice the activate, deactivate links all have a nonce part in the request. In a second tab, log out of the site, and go back to plugin listing page. After awhile, the page realizes it's not logged in, and pops up a log in screen. Log in, and click an ""activate"" or ""deactivate"" button. Notice it gives the nonce-failure message, ""are you sure you want to do this""? Because the previous session's nonces don't work. Why does Wordpress not know to refresh these nonces? I thought new nonces would be sent back as a heartbeat-ajax, but it looks like there isn't an ajax request with the login screen. It seems $(document).on('heartbeat-nonces-expired') can be used to detect when this situation happens, but it happens many times after login successful, is not just triggered once." programmin 5 29316 Need more value and preview hooks for WP_Customize_Settings Customize 3.4 low normal Future Release enhancement new 2014-08-22T11:57:04Z 2018-03-20T01:22:38Z "There should have more filters to handle settings. for example: add {{{ apply_filters( 'customize_value', $this->defaults, $this); }}} or {{{ apply_filters( 'customize_value_'.$this->type, $this->default, $this); }}} before {{{ apply_filters( 'customize_value_' . $this->id_data[ 'base' ], $this->default ); }}} add {{{ do_action( 'customize_preview_setting', $this ); }}} before {{{ do_action( 'customize_preview_' . $this->id, $this ); }}} " dedepress 14 29319 filter dayswithposts in widget calendar SergeyBiryukov needs-unit-tests Widgets 3.0 normal normal Future Release enhancement reviewing 2014-08-22T14:28:53Z 2020-10-20T04:57:51Z "Hello here is Konrad, WPML developer. We are fighting now with bug related WordPress calendar widget: it always displays all posts, and we want to filter its results regarding to language of post. Steps to reproduce: 1. install WPML 2. publish some post in En language July 1st 3. translate this post July 2nd to Polish language 4. activate calendar widget Result: calendar will show that there are posts in July 1st and 2nd. Expected result: when user displays English posts, calendar should display only July 1st. When user switches to Polish language, calndar should display only July 2nd. We want to fix this in WPML but we need filter inside of get_calendar() function. Wordpress gets days with posts by this query inside of get_calendar(): {{{ $dayswithposts = $wpdb->get_results(""SELECT DISTINCT DAYOFMONTH(post_date) FROM $wpdb->posts WHERE post_date >= '{$thisyear}-{$thismonth}-01 00:00:00' AND post_type = 'post' AND post_status = 'publish' AND post_date <= '{$thisyear}-{$thismonth}-{$last_day} 23:59:59'"", ARRAY_N); }}} The result should be able to filter, then WPML will hook here. I am attaching proposed diff file. (I see that we can hook into get_calendar filter but this variable has full html output of calendar. This will unefficient to parse this HTML) " kkarpieszuk 24 29320 Bulk edit on custom post types without title support Quick/Bulk Edit 3.9.2 normal normal enhancement reopened 2014-08-22T14:48:13Z 2019-07-24T14:35:02Z "I have a custom content type that does not support titles. When I want to use bulk edit on this custom post type on edit.php, the area where the post titles should show up stays empty (instead of showing something like ""auto draft""). This is due to includes/class-wp-posts-list-table.php:925 where it is checked whether the post type supports titles. However I have a custom filter for the_title, which generates post titles dependent on custom fields. In order to let them show up in the bulk edit form, one would have to change for one class-wp-posts-list-table.php to allow post types without title support and one would additionally have to change includes/template.php:311 to use get_the_title($post->ID) instead of $post->post_title to insert the correct titles into the hidden fields in the edit.php-table. Of course I could also store my custom titles in post_title and hide the title field from view in my custom post type, but I think this to be a rather hackish way..." alexfecke 4 29341 Raise default value for WP_MEMORY_LIMIT in wp-includes/default-constants.php dev-feedback Bootstrap/Load 4.0 normal normal Awaiting Review enhancement new 2014-08-23T19:45:21Z 2024-03-17T04:33:21Z "wp-includes/default-constants.php currently has a default value for WP_MEMORY_LIMIT of 40Mb (or 64Mb for multisite). The effect of this constant is that if the current value of ini_get( 'memory_limit' ) is less, then ini_set() is used to raise it to at least WP_MEMORY_LIMIT. This default is fine, if your site has few plugins. When the constant was brought in (looks like 3.0, from the comment in the code), sites tended to have fewer plugins, and need less memory. It is not clear exactly what the rationale behind the default choice for WP_MEMORY_LIMIT is, and what data it is based upon. Nevertheless, I get to read a lot of log files through support for one of my plugins, and it is not uncommon for me to see sites where PHP memory use has exceeded 40Mb. It is not uncommon for me to have to advise someone on how to raise their PHP memory limit, because they are trying to clone their site into something like MAMP, which apparently has a lower limit than this (can't verify: I have no Mac), and the WP default is too low to then load their site successfully. Based on my (admittedly anecdotal) experiences, I would recommend 64Mb or 80Mb as a much more suitable default in 2014 (and a corresponding increase for multisite), if the aim is for users to not be surprised by a lack of memory. I don't think that hosting companies will have a problem with this. I have extensive data on default settings of the PHP memory limit, and 99.8% of web hosting companies in that data have 64Mb or more. 99.5% have 96Mb or more." DavidAnderson 14 29351 Add a function for stampedes transient caching Cache API 4.0 normal normal Awaiting Review enhancement new 2014-08-24T20:04:51Z 2022-07-08T15:09:55Z "A common caching pattern that's used by WordPress and developers everywhere look something like this: {{{ if ( false === ( $value = get_transient( $cache_key ) ) ) { // A // Bunch // Of // Code // $value = ... set_transient( $cache_key, $value, 300 ); } }}} The downside of this approach is when the cache is cold or when the cache expires there's a stampede effect as multiple requests try and refresh the cache at the same time. Instead if we had a function that allowed for soft expirations we could do something like the following: {{{ $some_slow_func = function() { // A // Bunch // Of // Code // $value = ... return $value; } $value = get_set_soft_transient( $cache_key, $some_slow_func, 300, 'Some fake initial stale value' ); }}} This approach abstracts out the cache refresh logic into another function which can result in slightly cleaner code and can be used to prevent cache stampedes. Some other optimizations / changes that we could do with this approach that's not yet implemented in the patch: * Run all cache refresh functions async via wp_cron so even the unlucky winner that gets to trigger the cache refresh will get stale data (fast). * Better locking so that only one request will refresh the cache. (Right now a couple requests could happen to refresh at the same time on a very busy site.) * Perhaps prevent caching of a `false` value or one that equates to the default passed in? * Use filters instead of PHP callbacks to make this more WordPress like. * Also build out `get_set_soft_site_transient()`. This is inspired by the stampedes cache @gibrown wrote for some of WordPress.com and the @mboynes talk at WordCamp Boston. /cc @betzster" hypertextranch 2 29359 No error message is displayed when a user with an Admin role tries to publish code on Multisite Editor normal normal defect (bug) new 2014-08-25T03:45:12Z 2019-06-04T19:26:36Z "If you are a user with an editor role you do not have capability to publish script tags in the post editor or within a text widget. When you post script tags into a post and click publish, the code is striped with a ""Page updated. view page"" message. An error message should be displayed explaining that you do not have sufficient privileges to publish script tags in a post and the code has been removed from the post. " lachlanj 7 29368 Pasted media do not appear in the library Media 3.9.2 normal normal feature request new 2014-08-25T17:49:15Z 2019-06-04T20:08:45Z "So I don't know if this is a bug or a feature request, but when I paste an image into a post, i would assume that it goes into the media library (where else would it live?). But when I go to then chose that image as my featured image, surprise, surprise - it's not in the library. " Matt McLaughlin 10 29370 wp_get_attachment_image() returning unexpected image size Media 3.9.2 normal normal defect (bug) new 2014-08-25T18:40:16Z 2019-06-04T20:08:49Z "I have a 'thumbnail' size image of 150x150 px and a 'thumb-250' size image of 166x250 px. {{{ add_image_size('thumb-250', 0, 250, false); }}} I am using wp_get_attachment_image() to get the best image fit for a 133x200 format. {{{ wp_get_attachment_image( $id, array(133,200) ); }}} this returns the 'thumbnail' size which has an area that's smaller than the requested size, as well as a different aspect ratio. I would expect the 'thumb-250' size image to be returned, which has a bigger area and the exact aspect ratio that was requested. I tracked this down to the first condition in the following line: https://core.trac.wordpress.org/browser/tags/3.9.2/src/wp-includes/media.php#L599 Why is the 'thumbnail' image size preferred in the selection process? This means the thumbnail is always returned if it's next in row even if it's area is smaller and the aspect ratio is off." martinleopold 2 29379 Add a hook to filter gallery classes has-patch Gallery 3.9.2 low normal Future Release enhancement new 2014-08-26T15:35:45Z 2022-07-12T19:01:32Z "Hi, it would be really great to be allowed to filter the gallery classes. Here's what I suggest : instead of : {{{ $size_class = sanitize_html_class( $atts['size'] ); $gallery_div = ""<div id='$selector' class='gallery galleryid-{$id} gallery-columns-{$columns} gallery-size-{$size_class}'>""; }}} rather use {{{ $classes_str = null; $classes = array( 'gallery', 'galleryid-'.$id, 'gallery-columns-'.$columns, 'gallery-size-'.sanitize_html_class( $atts['size'] ) ); $classes = apply_filters('gallery_classes',$classes,$attr); if (!empty($classes)){ $classes = array_filter($classes); $classes_str = "" class='"".implode(' ',$classes).""'""; } $size_class = sanitize_html_class( $atts['size'] ); $gallery_div = ""<div id='$selector' $classes_str>""; }}}" grosbouff 2 29386 Autosave message should disappear when the next autosave happens has-patch Autosave normal normal defect (bug) new 2014-08-26T21:17:58Z 2019-06-04T19:26:37Z An autosave overwrites the previous autosave, so the message is no longer relevant. It will just display the same content as the current editor. iseulde 15 29390 add filter for get_date_from_gmt() has-patch I18N 1.2 normal normal defect (bug) new 2014-08-27T08:53:24Z 2019-06-04T20:08:52Z "Please add filter for i18n date`s in get_date_from_gmt(); Buddypress use this function in admin section for display posts time, and we can't change dates via i18n and filters for Persian dates (Jalali Calendar). get_date_from_gmt() is located in wp-includes/formatting.php Thank you" zakrot 1 29408 Symlinked themes and plugins should not be updatable Upgrade/Install 3.9 normal normal defect (bug) new 2014-08-28T01:06:12Z 2021-05-11T17:47:57Z "Hi. Symlinked themes and plugins should not be updatable nor editable. I don't know if I'm the only one it happens but every time I try to update a symlinked plugin, WP try to update it and... simply delete it >_< (yeah, I forget every time). I guess the problem is the same if I try to edit the plugin via the plugin editor." GregLone 5 29411 Add multi-network helper functionality Networks and Sites normal normal Future Release enhancement new 2014-08-28T06:32:46Z 2017-08-16T09:51:56Z "While WP core supports multi-network, there are some pieces of critical functionality missing. Currently, I'm using JJJ's [http://wordpress.org/plugins/wp-multi-network/ WP Multi Network] plugin to provide this, but the utility functions should probably be included with core. These are: * `network_exists` * `switch_to_network` * `restore_current_network` * `add_network` * `update_network` * `delete_network` * `move_site` * `user_has_networks` Personally, I'd be in favour of integrating the entirety of [https://plugins.trac.wordpress.org/browser/wp-multi-network/trunk/wpmn-functions.php wpmn-functions.php] verbatim." rmccue 10 29418 Taxonomy archive query not including all of its post types. SergeyBiryukov dev-feedback Taxonomy 3.9.2 normal normal Awaiting Review defect (bug) reviewing 2014-08-28T15:37:46Z 2020-05-06T21:00:39Z "I've noticed this in a project i'm working on. I did some digging in '''wp-includes/query.php''' file, and found that this is the issue. In '''3.9.2 files''', in line '''2501''' there's this {{{ foreach ( get_post_types( array( 'exclude_from_search' => false ) ) as $pt ) { }}} Not sure if this is intended or not, maybe yes, but the query var name is missleading in this case, which is also excluding the post type from its taxonomies archives too. In any case, if this is to be fixed, and in fact is not supposed to be here, just changing the line for this should work, as we should expect. {{{ foreach ( get_post_types( array() ) as $pt ) { }}} Hope this helps, thanks." msaggiorato 10 29424 Query argument 'orderby' makes duplicated parameters possible; does not support some available columns johnbillion has-patch Query 2.5 normal normal Future Release enhancement reviewing 2014-08-29T10:22:06Z 2020-02-05T01:06:12Z "In your newest post in [http://make.wordpress.org/core/2014/08/29/a-more-powerful-order-by-in-wordpress-4-0/ make-blog] there a serveral errors in code. 1. Duplicated parameters are possible. Following Code will output the ""error"": {{{ $query = new WP_Query( array( 'orderby' => array( 'title' => 'DESC', 'post_title' => 'ASC' ) ) ); //ouputs: ORDER BY post_title DESC, post_title ASC }}} 2. Why is * ""title"" equal to ""post_title"" * ""name"" to ""post_name"" * ""author"" to ""post_author"" and so on? 3. By the way, ""date_gmt"", ""post_status"", ""modifed_gmt"", ""content_filtered"", ""mime_type"", ""type"" are missing... 4. there are some columns missing in ""orderby""." ChriCo 11 29429 Support frame-ancestors directive over X-Frame-Options dev-feedback Security normal normal Future Release enhancement reopened 2014-08-29T14:25:35Z 2019-07-29T00:18:23Z "According to MDN, `X-Frame-Options` is deprecated: https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options `frame-ancestors` should be used instead. Previously #12293" danielbachhuber 3 29458 No longer able to catch click event of dashicons edit/delete reporter-feedback Media 3.9 normal normal defect (bug) new 2014-09-01T19:55:53Z 2019-06-04T20:08:56Z "In WP4 RC it's no longer possible to catch the dashicons edit button click through the tinyMCE onclick event. For example: {{{ tinymce.activeEditor.on('click', function() {alert('clicked')} ) }}} Never alerts. Is there a reason something's doing preventdefault or preventBubble? 3.9 was not affected by this. Are all shortcodes now '''required''' to do wp.mce.views.register(shortcodename, object) and include edit: function in the object? Related: (#28169)" programmin 8 29462 comment pagination in reverse order should display a full number of the latest comments dev-feedback Comments 3.9 normal normal Future Release defect (bug) reopened 2014-09-02T07:12:47Z 2021-03-16T16:01:41Z "set the following discussion setting: break comment into pages with 5 top level comments per page and the last page displayed by default Comments should be displayed with the newer comments at the top of each page have a post with 6 comments only the last comment made is displayed by default instead of the expected 5 last comments." mark-k 29 29513 Move heavy lifting of wp_mail() to child class of PHPMailer dev-feedback Mail 4.0 normal normal Future Release enhancement new 2014-09-04T18:10:10Z 2020-09-16T18:59:53Z "If a plug-in is sending an e-mail, the class `PHPMailer` has a lot of useful methods (e.g. `addStringAttachment()`), but these are not available when using `wp_mail()`, which is a requirement to work with numerous other plug-ins owing to the hooks it triggers. `wp_mail()` does a number of things: 1. Instantiates a `PHPMailer` instance 2. Sets default values (e.g. ""from"" headers, charset, content type etc. ) 3. Parses the passed arguments and feeds it to the `PHPMalier` instance. 4. Executes a ""pre-send"" routine, (e.g. triggering hooks `wp_mail_from`, `phpmailer_init` etc) 5. Sends the e-mail The attached patch does a number of things: 1. Defines a `WPMailer` class ( a child of `PHPMailer`) 2. Defines a `WPMailerFactory` class which creates an instance with appropriate default values 3. Defines 'helper' methods which do the 'heavy lifting' of (3) above 4. Overrides the preSend method of PHPMailer to execute the 'pre-send routine' present in `wp_mail()` (i.e. (4) above) 5. Refactors `wp_mail()` to ""operate"" `WPMailer()` instance The result is that developers can either use `wp_mail()` or `$wpmailer = WPMailerFactory::getMailer()` to send e-mails, and both will behave identically (in terms of default values, and hooks being triggered), while maintaining backwards compatibility. This would also effectively close tickets #28407, #28059, #23291, #15539 , #11376 and maybe others. == Remarks == '''Why just not use `phpmailer_init`?''' This hook is very useful, but offers no context in which `wp_mail()` is called. As an example, suppose a plug-ins sends an e-mail with an ""on-the-fly"" purchase receipt attached. At `phpmailer_init` I don't know the purchase ID from which to generate and attach the receipt. '''Class/method naming standards''' I've used PHPMailer's naming standards which I understand conflicts slightly with WordPress' naming standards. A future iteration of this patch could well change this if that is deemed best. '''Global $phpmailer''' The global `$phpmailer` is redundant, as the factory creates a fresh instance for each request. Or at least it ''would''. The ''only'' reason the patch still uses this global, is that all the relevant unit tests pass without any further changes. Subject to this ticket being accepted in principle, these tests should be updated along with the patch. '''Backwards compatability''' Assuming `wp_mail()` hasn't been overriden by a plug-in/theme, then the is no change in behaviour. If it has been overridden, it's clear from the original function that the `$_GLOBAL['phpmailer']` should not be expected to exist, nor even the required classes to be loaded. As such they can be expected to operate independently of the changes made here, which are non-destructive. '''Uni tests''' For me, the mail group unit tests pass with 1 skipped. For some reason some tests failed (e.g. `Tests_DB::test_bail()`), but these failed even without this patch." stephenharris 13 29536 Toggle excerpt/list view buttons appear on users list page in network admin Networks and Sites 3.0 normal normal enhancement new 2014-09-05T13:22:03Z 2019-06-04T20:09:08Z "The buttons to toggle list/excerpt view show up on the Users list page in the Network admin. I suppose they shouldn't. When you click excerpt view, the registered time appears. I'll submit a patch to remove them from this view. As an alternative, I wonder if it would be useful to show the user bio in excerpt view? [[Image(https://www.evernote.com/shard/s3/sh/b564ac68-b0dc-409c-86df-ad0121b0f3df/ef7c8306fd439a62351a623e26b63259/deep/0/Screenshot-2014-09-05-07.54.53.png)]] " pauldewouters 2 29539 Plugin viewer not displaying video tutorials. dev-feedback Plugins 4.0 normal normal Future Release defect (bug) new 2014-09-05T16:19:32Z 2017-05-05T20:25:17Z "In the WordPress 4.0 plugin page viewer, my video tutorials for my plugins are not displaying. [[Image(http://www.redeemerdanceacademy.ca/wp-content/uploads/2014/09/Ticket.png)]]" kidsguide 11 29544 WP_Filesystem_MockFS permissions support has-patch Build/Test Tools 3.7 normal normal Future Release enhancement new 2014-09-05T18:52:31Z 2019-02-25T01:45:03Z "At Event Espresso, we are starting to use WP_Filesystem_MockFS to unit test some of our filesystem-related code. One of the things our code was checking for was the permissions on a file, but currently that isn't supported by WP_Filesystem_MocksFS. Actually, when WP_Filesystem_MocksFS::gethchmod() (please note the ""h"" between ""get"" and ""chmod"") is called, a method-not-declare fatal error is thrown, because WP_Filesystem_Basegethchmod() calls the undefined method getchmod() (note the absense of the ""h"" between ""get"" and ""chmod""), which all the other children of WP_Filesystem_Base declare, except WP_Filesystem_MocksFS. I have a patch for this I will try to submit" mnelson4 10 29555 Theme details allowed HTML dev-feedback Themes 3.9 normal normal defect (bug) new 2014-09-06T11:50:17Z 2019-06-04T21:12:13Z "Theme authors can use some HTML in their theme's style.css Description (and Theme Name and Author). If I'm not wrong, sanitize_header() in WP_Theme class sets the allowed HTML tags and attributes and for Description they are: {{{ 'a' => array( 'href' => true, 'title' => true ), 'abbr' => array( 'title' => true ), 'acronym' => array( 'title' => true ), 'code' => true, 'em' => true, 'strong' => true, }}} This works in the installed themes browser, where theme details are grabbed from the theme's style.css. But in the theme install views, where theme details come from WordPress.org API, some HTML tags (for example ""a"") are completely stripped out (don't know if this is intentional) while others (for example ""abbr"") are not unencoded before being used as HTML in the view and they end up being displayed as plain text, even in the WordPress.org site (see the last two screenshot). I've found the someway related #27641 but please notice HTML is returned by the API already encoded so even using triple braces `>` etc. will still be `>` Installed themes browser: [[Image(http://i.imgur.com/B9TdIUa.png)]] Themes install: [[Image(http://i.imgur.com/JoP1yjp.png)]] WordPress.org themes site: [[Image(http://i.imgur.com/fyYmdeK.png)]]" afercia 3 29581 Scheduled Posts do not work in WordPress 4.0 Cron API 4.0 normal normal Awaiting Review defect (bug) new 2014-09-08T04:56:28Z 2019-06-04T18:13:38Z "The post says ""missed schedule"" after the scheduled time has passed. We have to manually force the publishing by changing the date and updating from the admin. We've done it on installs with no conflicting plugin and replicated the issue on different installs as well. All show the same behavior. This was not the case through 3.9.2." pro99 6 29586 Sync get_the_category_list with get_the_term_list needs-unit-tests Taxonomy 2.5 normal normal enhancement new 2014-09-08T13:39:35Z 2019-06-04T21:12:17Z "It would be great to have {{{get_the_term_list()}}} support the same features {{{get_the_category_list()}}} has. I created a proof of concept patch what works. The only thing I hate is the part I need to specify that I want to have a list instead of a separator because when it's empty {{{get_the_category_list()}}} assumes to show a list but {{{get_the_term_list()}}} will then just show only the links." markoheijnen 2 29594 Basic Cookie Authentication from External Database Role/Capability 4.0 normal normal defect (bug) new 2014-09-09T05:42:46Z 2019-06-04T21:12:21Z "Several bridges (WP plugins) linking different forum software packages rely on the wp_set_auth_cookie($user_id,0,0) to get the user logged into WordPress. With the change in WP 4.0, this single line no longer works. Instead, the user is logged into the site but can no longer publish a post or page, nor update a plugin etc. Whereas the same user would be able to do all those things in 3.9.2 and below. I've come across this issue for three different bridges. The change is the addition of the token. [Suggestion] Maybe there needs to be some instruction in the documents on how WP developers want the external authorization to happen for login plus capabilities to post. Is this a bug with just the single line (wp_set_auth_cookie) not functioning as intended or do devs expect plugin developers to use other lines of code to get the user logged in .. and authorized to publish, post, etc. ?" LPH2005 9 29619 Make WP_HTTP_BLOCK_EXTERNAL more easy to use dev-feedback HTTP API 2.8 normal normal enhancement new 2014-09-10T17:46:54Z 2019-06-04T19:46:22Z "Currently when defining WP_HTTP_BLOCK_EXTERNAL it blocks all requests which would mean that WordPress itself becomes unusable because it then will also blocks it own requests to WordPress.org. Also oEmbeds stop working because they can't get their data. My idea is to make an if statement like the localhost check to allow those requests. I do get that this constant is mainly for local development but would be great to have a easy way to have a semi locked down installation. So I'm curious what you guys think about this." markoheijnen 1 29621 Export post title with markup has-patch Export normal normal defect (bug) new 2014-09-11T08:04:25Z 2019-06-04T19:46:25Z "The Theme Unit Test data includes a post [http://wpthemetestdata.wordpress.com/2013/01/05/markup-title-with-markup/ Title With Markup]. However, the current exporter filters the post titles with `the_title_rss`, which has `strip_tags` hooked to it, so it always needs fixing up after importing. The content and excerpt blocks of the export are uniquely filtered with `the_content_export` and `the_excerpt_export`, and **not** `the_content_rss` and `the_excerpt_rss`. Attached is a patch which changes the exporter from using `the_title_rss` to a new `the_title_export` filter, and wraps the output in CDATA tags, as per content and export blocks. Advantages: * Unique filter for handling post titles during export. * Fixes stripped tags issue. * Filter name that is consistent with other filters in that context. * Use of `wxr_cdata()` for consistency with other blocks of output in that context. Disadvantage: * Backwards-incompatibility - applying a filter to `the_title_rss` thinking it would also apply to exports would no longer work. There are no [https://core.trac.wordpress.org/browser/trunk/tests/phpunit/tests/export un-skipped unit tests] in place for testing the exporter so I've not included any here." GaryJ 2 29634 gallery bulk upload Media 4.0 normal normal defect (bug) new 2014-09-11T22:38:24Z 2019-06-04T20:09:10Z when i am uploading alot 500 images, and then some error happens... i don't have any way to retry uploads on queue , showing a list with numbers would help to verify how many elements are loaded and if are the same that we have selected. joxxxe 1 29643 Ordered List Problem When Switiching between Visual Editor and HTML editor Editor 4.0 normal normal Awaiting Review defect (bug) new 2014-09-12T14:24:40Z 2021-07-05T17:13:00Z "1. I create an ordered list in the Visual Editor. 2. I switch to the HTML editor so I can add a paragraph of text (or an image) within the ordered list, but NOT inside a list tag. 3. I return to the Visual Editor and notice something doesn't look right. 4. I go back to the HTML editor and see that my ordered list is now all messed up. Extra ordered list tags have been added that I don't want. Here's the code from the HTML editor BEFORE I switched back to the Visual Editor: {{{ <ol> <li>Ordered list item 1</li> Block of text inserted into list but not inside an li tag. <li>Ordered list item 2</li> <li>Ordered list item 3</li> <li>Ordered list item 4</li> </ol> }}} Here's the code after switching to the Visual Editor and then back to the HTML editor: {{{ <ol> <ol> <li>Ordered list item 1</li> </ol> </ol> Block of text inserted into list but not inside an li tag. <ol> <li>Ordered list item 2</li> <li>Ordered list item 3</li> <li>Ordered list item 4</li> </ol> }}}" pavankumarp 7 29661 Should Shortcode Attributes Allow HTML Special Characters? Shortcodes 3.8 normal normal enhancement new 2014-09-13T17:51:52Z 2019-06-04T21:12:23Z "This question has a history of going unanswered. In the Codex at http://codex.wordpress.org/Shortcode_API there is no mention of using HTML elements or any special characters within shortcode attributes. I added a section about syntax and left this feature as ""unofficially allowed."" In the unit tests under the Tests_Shortcode class, there are no tests that mention any HTML special characters inside of shortcodes. In #28564 we agreed it would make sense to not break HTML elements where they are already being used inside of attributes. In #29608 and #29658 we are seeing reports of unencoded angle braces and ampersands being used inside of shortcode attributes, which were broken in 4.0. In #29557 the shortcode HTML filter will likely be removed to fix this and other problems in 4.0.1. So the issues involve documentation, unit tests, and questions about how this is supposed to work in the visual editor." miqrogroove 4 29664 Support font embedding and word break for Burmese in core. has-patch I18N normal major Future Release enhancement assigned 2014-09-14T03:33:15Z 2017-09-25T10:54:41Z "I explained current issues and changes in Burmese/Myanmar Package on polyglot. [http://make.wordpress.org/polyglots/2014/09/05/nacin-is-it-possible-to-embed-language-specific/ here] and [http://make.wordpress.org/polyglots/2014/09/05/concerning-with-my-mm-some-of-you-might/ here]. Since future release of WordPress language pack will be automatic, it is better to include language specific changes in core or in language pack. [http://i18n.svn.wordpress.org/my_MM/trunk/dist/wp-content/languages/my_MM.css here] is current css file in WordPress 4.0 Myanmar Package [http://www.google.com/fonts/earlyaccess here] is google's earlyaccess webfont. [https://github.com/andjc/jquery.mymr/ here] is jquery library for proper wordbreak and Myanmar script support. " herzcthu 5 29669 Static base in permalink_structure unexpectedly sets $wp_rewrite->front value Permalinks normal normal Future Release enhancement new 2014-09-14T17:44:11Z 2020-07-02T17:46:14Z "When I use a permalink structure like `/story/%post_id%/%postname%/`, the author and date URLs inherit the same `/story/` base (e.g. `/story/author/danielbachhuber/`). I'd expect my author and date URLs to remain unchanged, unless I explicitly specify a base. There appears to be some crude `%post_id%` conflict resolution for date which forces this. It's not clear why the `front` value is applied to `author_structure`. This code is 9 years young (#2433), so probably too late to make a breaking change. It would be nice to have a filter around `$wp_rewrite->front` in `$wp_rewrite->init()` so I don't have filter both rewrite rules and links." danielbachhuber 4 29683 Live Preview shortcodes Shortcodes 4.0 normal normal enhancement new 2014-09-16T01:25:18Z 2021-02-26T21:57:10Z With WP 4.0, we got live preview oembed endpoints. Is it possible that we could do the same on some level for shortcodes? Is it even possible for this type of thing? tw2113 5 29687 Original image should be visible in media-library after image-processing Media 4.0 normal normal enhancement new 2014-09-16T16:46:47Z 2019-06-04T20:09:15Z "After editing an image in the library, e.g. after cropping and saving the resulting image will be shown in the library. At this time the original-image was not deleted or overwritten, because it could be used before the processing. It would be very fine if this original-image appears again: 1. someone could use the whole (uncropped) version again. 2. you are not able to delete this image completely from the server without using FTP" arkonisus 2 29717 wp_check_invalid_utf8 - pcre tricks and failsafes, +mb_convert_encoding, iconv fix, performance needs-unit-tests Formatting normal normal Awaiting Review enhancement new 2014-09-20T17:18:13Z 2019-05-18T07:49:17Z "Used in core in these 4 functions. * esc_attr() * esc_js() * esc_html() * sanitize_text_field() It's the first function to execute for all 4, and especially for sanitize_text_field it gets called quite a bit and is pretty important. It's purpose is to check a string for invalid utf. It utilizes preg_match with the '/u' modifier to parse both the pattern and subject for utf. PCRE automatically checks both the pattern and subject for invalid utf, upon which it will exit with an error code/constant. The changes here: Normally pcre is compiled with utf support. It can also be compiled to disallow utf support, and it can be compiled without utf support. If utf is compiled and enabled the '/u' modifier for preg_match is available which turns on the automatic utf validation. For older dists or those with utf support turned off at compile, there is a trick to enable the same functionality as the '/u' provides. http://www.pcre.org/pcre.txt In order process UTF-8 strings, you must build PCRE to include UTF-8 support in the code, and, in addition, you must call pcre_compile() with the PCRE_UTF8 option flag, or the pattern must start with the sequence (*UTF8). When either of these is the case, both the pattern and any subject strings that are matched against it are treated as UTF-8 strings instead of strings of 1-byte characters. So the first change to this function was to allow a fallback to that pattern option trick in case '/u' wasnt supported. 1. `@preg_match( '//u', '' ) !== false` 2. `@preg_match( '/(*UTF8)/', '' ) !== false` 3. Fallback to a regex that doesn't require UTF support, instead of using pcre utf validation it searches for it I also wanted it to have better performance, especially due to its use in those 4 core functions I use often. I benchmarked it pretty thoroughly to try and gain more speed. This patch is about 10-20% faster. Many gains were from refactoring the logic and control structures, chaining within if statements using bools, and utilizing the static variables to the fullest. This is especially crucial since this function gets called repeatedly. I also gained some cycles by replacing an in_array() check with a `stripos`. One of the bigger gains came from replacing the `strlen( $string ) == 0` that ran on every run with. Since the $string variable was already casted to a string, that should always work and keep things a little cheaper. {{{ $string = (string) $string; // if string length is 0 (faster than strlen) return empty if ( ! isset( $string[0] ) ) return ''; }}} The final change was to the 2nd parameters $strip, which if true is supposed to strip the invalid utf out of the string and return the valid. In core nowhere is that parameter being used (yet), which explains the deprecated looking iconv. Also added a fallback to use mb_convert_encoding in case iconv is missing. {{{ // try to use iconv if exists if ( function_exists( 'iconv' ) ) return @iconv( 'utf-8', 'utf-8//ignore', $string ); // otherwise try to use mb_convert_encoding, setting the substitue_character to none to mimic strip if ( function_exists( 'mb_convert_encoding' ) ) { @ini_set( 'mbstring.substitute_character', 'none' ); return @mb_convert_encoding( $string, 'utf-8', 'utf-8' ); } }}} Here are some of the test strings I used, I also used the utf-8-test file at http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt. I did testing on 4.0 using php 5.6, 5.4, 5.3, and 5.4. I verified the output and the strip feature as well. For all tests I had php error_reporting set to the max: {{{ ini_set( 'error_reporting', 2147483647 ); }}} {{{ $valid_utf = array( ""\xc3\xb1"", // 'Valid 2 Octet Sequence' ""\xe2\x82\xa1"", // 'Valid 3 Octet Sequence' => ""\xf0\x90\x8c\xbc"", // 'Valid 4 Octet Sequence' => ""\xf8\xa1\xa1\xa1\xa1"", //'Valid 5 Octet Sequence (but not Unicode!)' => ""\xfc\xa1\xa1\xa1\xa1\xa1"", //'Valid 6 Octet Sequence (but not Unicode!)' => ""Iñtërnâtiônàlizætiøn\xf0\x90\x8c\xbcIñtërnâtiônàlizætiøn"", // valid four octet id 'Iñtërnâtiônàlizætiøn', // valid UTF-8 string ""\xc3\xb1"", // valid two octet id ""Iñtërnâtiônàlizætiøn\xe2\x82\xa1Iñtërnâtiônàlizætiøn"", // valid three octet id ); $invalid_utf = array( ""\xc3\x28"", //'Invalid 2 Octet Sequence' => ""\xa0\xa1"", //'Invalid Sequence Identifier' => ""\xe2\x28\xa1"", //'Invalid 3 Octet Sequence (in 2nd Octet)' => ""\xe2\x82\x28"", //'Invalid 3 Octet Sequence (in 3rd Octet)' => ""\xf0\x28\x8c\xbc"", //'Invalid 4 Octet Sequence (in 2nd Octet)' => ""\xf0\x90\x28\xbc"", // 'Invalid 4 Octet Sequence (in 3rd Octet)' => ""\xf0\x28\x8c\x28"", //'Invalid 4 Octet Sequence (in 4th Octet)' => chr(0xE3) . chr(0x80) . chr(0x22), // Invalid malformed because 0x22 is not a valid second trailing byte following the leading byte 0xE3. http://www.unicode.org/reports/tr36/ chr(0xF8) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Invalid UTF-8, overlong 5 byte encoding. chr(0xD0) . chr(0x01), // High code-point without trailing characters. chr(0xC0) . chr(0x80), // Overlong encoding of code point 0 chr(0xF8) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Overlong encoding of 5 byte encoding chr(0xFC) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Overlong encoding of 6 byte encoding chr(0xD0) . chr(0x01), // High code-point without trailing characters ""Iñtërnâtiôn\xe9àlizætiøn"", // invalid UTF-8 string ""Iñtërnâtiônàlizætiøn\xfc\xa1\xa1\xa1\xa1\xa1Iñtërnâtiônàlizætiøn"", // invalid six octet sequence ""Iñtërnâtiônàlizætiøn\xf0\x28\x8c\xbcIñtërnâtiônàlizætiøn"", // invalid four octet sequence ""Iñtërnâtiônàlizætiøn \xc3\x28 Iñtërnâtiônàlizætiøn"", // invalid two octet sequence ""this is an invalid char '\xe9' here"", // invalid ASCII string ""Iñtërnâtiônàlizætiøn\xa0\xa1Iñtërnâtiônàlizætiøn"", // invalid id between two and three ""Iñtërnâtiônàlizætiøn\xf8\xa1\xa1\xa1\xa1Iñtërnâtiônàlizætiøn"", // invalid five octet sequence ""Iñtërnâtiônàlizætiøn\xe2\x82\x28Iñtërnâtiônàlizætiøn"", // invalid three octet sequence third ""Iñtërnâtiônàlizætiøn\xe2\x28\xa1Iñtërnâtiônàlizætiøn"", // invalid three octet sequence second ); }}} ---- Notes and more info: {{{ In order process UTF-8 strings, you must build PCRE to include UTF-8 support in the code, and, in addition, you must call pcre_compile() with the PCRE_UTF8 option flag, or the pattern must start with the sequence (*UTF8). When either of these is the case, both the pattern and any subject strings that are matched against it are treated as UTF-8 strings instead of strings of 1-byte characters. UTF-8 was devised in September 1992 by Ken Thompson, guided by design criteria specified by Rob Pike, with the objective of defining a UCS transformation format usable in the Plan9 operating system in a non- disruptive manner. Char. number range | UTF-8 octet sequence (hexadecimal) | (binary) --------------------+--------------------------------------------- 0000 0000-0000 007F | 0xxxxxxx 0000 0080-0000 07FF | 110xxxxx 10xxxxxx 0000 0800-0000 FFFF | 1110xxxx 10xxxxxx 10xxxxxx 0001 0000-0010 FFFF | 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx A UTF-8 string is a sequence of octets representing a sequence of UCS characters. An octet sequence is valid UTF-8 only if it matches the following syntax, which is derived from the rules for encoding UTF-8 and is expressed in the ABNF of [RFC2234]. UTF8-octets = *( UTF8-char ) UTF8-char = UTF8-1 / UTF8-2 / UTF8-3 / UTF8-4 UTF8-1 = %x00-7F UTF8-2 = %xC2-DF UTF8-tail UTF8-3 = %xE0 %xA0-BF UTF8-tail / %xE1-EC 2( UTF8-tail ) / %xED %x80-9F UTF8-tail / %xEE-EF 2( UTF8-tail ) UTF8-4 = %xF0 %x90-BF 2( UTF8-tail ) / %xF1-F3 3( UTF8-tail ) / %xF4 %x80-8F 2( UTF8-tail ) UTF8-tail = %x80-BF }}} * http://www.pcre.org/pcre.txt * http://us1.php.net/manual/en/pcre.constants.php * http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 * http://en.wikipedia.org/wiki/Unicode * http://unicode.org/faq/utf_bom.html * http://www.unicode.org/versions/Unicode6.1.0/ch03.pdf * http://www.pcre.org/pcre.txt * http://tools.ietf.org/rfc/rfc3629.txt * http://www.unicode.org/faq/utf_bom.html * http://www.unicode.org/versions/Unicode5.2.0/ch03.pdf * http://www.unicode.org/reports/tr36/ * http://tools.ietf.org/rfc/rfc3629.txt Related Tickets: * https://core.trac.wordpress.org/ticket/11175 * https://core.trac.wordpress.org/ticket/28786 " askapache 23 29719 Connection error to WordPress.org when HTTP calls disabled Upgrade/Install 4.0 normal minor defect (bug) new 2014-09-20T22:00:25Z 2019-06-04T21:12:30Z "When the HTTP calls are disabled with either the filter or constant there is an connection error on `/wp-admin/update-core.php` {{{ add_filter( 'pre_http_request', '__return_true', 100 ); define( 'WP_HTTP_BLOCK_EXTERNAL', true ); }}} The error comes from [https://github.com/WordPress/WordPress/blob/master/wp-includes/update.php#L457 wp-includes/update.php#L457] " grapplerulrich 11 29727 Porting self-hosted Wordpress to HTTPS: mixed content has-patch Media 4.0 normal normal enhancement new 2014-09-22T13:57:04Z 2019-06-04T20:09:16Z "When moving a self-hosted Wordpress blog from HTTP to HTTPS (by editing the site URL at /wp-admin/options-general.php), I run into trouble because image links embedded in existing posts still point to HTTP, even though those images are hosted by my Wordpress blog and now support HTTPS. It would be great if Wordpress could automatically rewrite images in existing posts when site URL is changed to HTTPS." jsha 5 29728 Could be very useful 'wp_remove_nav_menu_item' has-patch Menus 3.0 normal normal feature request new 2014-09-22T17:38:57Z 2019-06-04T20:09:21Z "Hello there, I was developing a plugin that need to manage dynamically wordpress navigation menu. During develop I needed a function that remove a specific item by item ''''id'''' or ''''title'''' {{{ wp_remove_nav_menu_item( $menu_id, $item_id or $item_title ). }}} I googled for this but I don't have found a good solutions that work with API. I think that Wordpress could be better if you had this function in the next wp update. I hope this help to make Wordpress a better services. Thanks for developing this extraordinary CMS. Best regards Jonathan " JonathanBesomi 2 29786 read_post_meta should be a meta capability Options, Meta APIs normal normal enhancement new 2014-09-29T11:19:31Z 2019-06-04T20:47:44Z "Right now, we have `edit_post_meta`, `delete_post_meta`, and `add_post_meta`. In order to be able to expose metadata publicly, we need to be able to check if we can access individual keys. `is_protected_meta` only controls whether it's prefixed and should default to being protected (by default, prefixed with `_`). This isn't adequate to check for read permission on a key, because it's not filterable." rmccue 3 29790 Widgets don't know the widget area context they're in dev-feedback Widgets normal normal enhancement new 2014-09-29T12:44:45Z 2019-06-05T06:40:16Z "If you have a widget in a widget area (both on the admin side and front-end side) it does not know in which widget area it is in. Use cases for this would be: - custom filtering and/or styling on the front-end of a widget based on its location. - having some editor options turned on/off based on widget-area." ruud@… 12 29792 Grunt: Add a stylelint precommit task to check for CSS syntax errors netweb Build/Test Tools normal normal Future Release enhancement assigned 2014-09-29T13:07:40Z 2021-11-11T21:59:32Z "We need to do a better job of catching sad syntax errors and problems in our CSS before commit - things like parse errors, empty rules, units on zero values, and possibly duplicate properties (when alone, not as a part of a group). There may also be a thing or two that we could enforce per our own standards, such as requiring a comment to follow any declaration with `!important`. CSSLint seems to do most of these, provided we turn off the majority of its checks. Many of those checks (vendor prefixes, selector specificity, etc.) either are not relevant to our set up (due to Autoprefixer, for example) or are just not feasible given our current CSS and possibly not desirable for this project. Interested to know if there are any other tools out there that perhaps fit the job better, and defining the parameters of what we would like to check." helen 63 29795 Set JPEG quality for individual image_size dev-feedback Media normal normal Awaiting Review enhancement new 2014-09-29T14:20:54Z 2017-11-10T12:24:43Z "Based on this idea I would like to work on this topic: https://wordpress.org/ideas/topic/jpeg-compression-factor-for-different-image_size Usecase: If a theme use an image as a full screen background image the image quality doesn't need to be as high as for a featured image or thumbnail. The difference in file-size would benefit the webspace and the speed on page load. I can think of two ways to solve it: 1. Add a argument to add_image_size: {{{ add_image_size( $name, $width, $height, $crop, $quality ); }}} 2. Add filter for it: {{{ apply_filters( 'jpeg_quality_for_image_size', $quality, $size ); }}} In both cases the information about the current image size needs to be added to the set_quality or get_quality functions to be available." Drivingralle 6 29798 unified theme and plugin uploader has-patch General normal normal Future Release feature request new 2014-09-29T15:35:12Z 2022-07-15T16:33:11Z "Hi, many users try to install plugins as themes and than they get a message stylesheet missing. ""The theme is missing the style.css stylesheet"" The same with installing themes as plugins. ""The package could not be installed. No valid plugins were found."" I think it would make it much easier for the people to make the upload unified and check the header to find out if its a theme or plugin and than just redirect to the correct page after the instal. Or at least add a message ""This is a plugin please go to this page to install it"" and ""This is a Theme please go to this page to install it"" " svenl77 4 29807 add support for picture element and srcset attribute on img in wp_kses has-patch Formatting normal normal Future Release defect (bug) new 2014-09-30T12:39:10Z 2024-03-11T21:03:26Z "Related to #28993 - (<img> srcset attribute is stripped when switching from text to visual tab in the editor) If support for srcset attribute and picture element (and source element) is to be added to tinyMCE, they should also be allowed in wp_kses. " mattheu 36 29821 bulk_edit_custom_box hook causes tags to display within created fieldset Quick/Bulk Edit 4.0 normal normal Awaiting Review defect (bug) new 2014-10-01T23:04:40Z 2023-02-07T18:53:00Z "I have a custom post type that I am trying to add some fields to for bulk editing. My fieldset displays, but the tags field somehow is getting inserted into the fieldset being generated. It's extremely strange. Bulk Edit panel without my fieldset: [[Image(https://www.dropbox.com/s/fg3tcowz25rdqu1/Screenshot%202014-10-01%2018.53.56.png?dl=1)]] Bulk Edit panel with my fieldset: [[Image(https://www.dropbox.com/s/mlb4zr6mbvkbnmq/Screenshot%202014-10-01%2018.54.38.png?dl=1)]] My code to generate the bulk edit custom box: {{{ /** * Display the custom bulk edit box * * @since 3.0 * @access public * @action bulk_edit_custom_box */ public function bulk_edit_custom_box( $column_name, $post_type ) { if ( $post_type != MP_Product::get_post_type() || $column_name != 'product_price' ) { return; } ?> <fieldset id=""bulk-edit-col-product-price"" class=""inline-edit-col-left"" style=""clear:left""> <div class=""inline-edit-col clearfix""> <label class=""alignleft""><span class=""title""><?php _e('Price', 'mp'); ?></span><span class=""input-text-wrap""><input type=""text"" name=""product_price"" style=""width:100px"" /></span></label> <label class=""alignleft"" style=""margin-left:15px""><span class=""title""><?php _e('Sale Price', 'mp'); ?></span><span class=""input-text-wrap""><input type=""text"" name=""product_sale_price"" style=""width:100px"" /></span></label> <input type=""hidden"" name=""bulk_edit_product_nonce"" value=""<?php echo wp_create_nonce('bulk_edit_product'); ?>"" /> </div> </fieldset> <?php } }}} This is the code that is being generated in my debugger: {{{ <fieldset id=""bulk-edit-col-product-price"" class=""inline-edit-col-left"" style=""clear:left""><label class=""inline-edit-tags""> <span class=""title"">Product Tags</span> <textarea cols=""22"" rows=""1"" name=""tax_input[product_tag]"" class=""tax_input_product_tag""></textarea> </label> <div class=""inline-edit-col clearfix""> <label class=""alignleft""><span class=""title"">Price</span><span class=""input-text-wrap""><input name=""product_price"" style=""width:100px"" type=""text""></span></label> <label class=""alignleft"" style=""margin-left:15px""><span class=""title"">Sale Price</span><span class=""input-text-wrap""><input name=""product_sale_price"" style=""width:100px"" type=""text""></span></label> <input name=""bulk_edit_product_nonce"" value=""5e55f56276"" type=""hidden""> </div> </fieldset> }}} Notice how the tags field is being inserted into my fieldset. It seems as thought the tags field is being inserted via javascript into whatever the last fieldset in the panel is. Here's the same fields in the quick edit panel: [[Image(https://www.dropbox.com/s/haju5pkzu4f80ih/Screenshot%202014-10-01%2019.02.36.png?dl=1)]] This is how it ''should'' show up." webgeekconsulting 7 29823 WP_Date_Query across tables boonebgorges* Query normal normal enhancement accepted 2014-10-02T00:29:17Z 2019-06-04T20:47:50Z "The changes proposed in #29822 will make it possible to think about cross-table date queries. Things like: all posts from 2011 that have comments from 2013 or later. Using this ticket as a placeholder for ideas regarding syntax (do we allow table names to be passed as a param? or perhaps a 'type' argument like `WP_Meta_Query` has, which is then translated into table names?) and other discussion." boonebgorges 3 29838 Post editing area: keyboard accessibility, tab order and focus joedolson* Editor 4.0 normal normal 6.6 defect (bug) accepted 2014-10-02T16:27:31Z 2024-02-20T12:42:59Z "This ticket aims to focus on a specific area of the UI, let's call it ""Post editing area"", the one that starts with the ""Title"" field and ends with the editor area, both in ""Visual"" and ""Text"" mode. Related: #27553 while researching we noticed: > '''joedolson''': outstanding issues surrounding tab order, but this are long-standing and not relevant to this specific patch and issue; that needs to be raised separately. There's room for accessibility improvements here, especially when it comes to tab order and focus management. To fully understand what's going on you should stop for a while being a ""nervous clicker"" :) and: - apply the patch from #27553 - unplug your mouse and disable your trackpad :) - use just your keyboard - tab around, both forwards and backwards It would be great to test also switching off your display and using a screen reader, I would recommend Firefox and NVDA. Two main issues: Focus. When you're in the ""Title"" field and then you tab forwards, focus is moved directly inside the editor area skipping all what's in between. While this *may* be useful for sighted keyboard users (they save a few key presses, say 1 second?), it's a very critical experience for screen reader users: when they tab forwards, they get that right after the title there's the editor. But when they tab backwards, they get many more elements that ""weren't there before"". [https://core.trac.wordpress.org/ticket/27553#comment:17 more details on 27553 comments]. Tab order. The ""tabbing experience"" in Visual and Text mode should match as much as possible. Ideally, there should be a better [http://www.w3.org/WAI/GL/2014/WD-WCAG20-TECHS-20140902/G59 logical sequence in the markup]. When editing the title, the next logical step is editing the content, all the other controls (Add Media button, additional buttons provided by plugins and themes, etc.) should not be placed between the Title and the editor. The CEUX project proposed something similar at some point. There is ongoing research and development on the editing experience, see for example Editor Focus/DFW in #29806 and the idea to review relevant parts of the UI, see [https://make.wordpress.org/core/2014/10/01/agenda-for-october-1st-dev-chat/#comment-19392 explore moving the Publish | Save | Preview buttons out of the metabox, etc.] so it would be a great opportunity to explore this ticket too." afercia 30 29849 Better human_time_diff() Rarst* has-patch Date/Time normal normal Awaiting Review enhancement accepted 2014-10-03T10:54:41Z 2020-09-25T19:40:01Z "Given #9272 #18495 and #27271 I think it's time for a better alternative to `human_time_diff()`. My proposal is an entirely new function which: * Should be simple - no bazillion-dimensional arrays for arguments * Should not lack context in translatable strings - ""from now"", ""ago"" should be part of the resulting strings * Should have consistent strings, no abbreviations such as mins, yrs, hrs, secs * Should assume all timestamps have no offsets" kovshenin 9 29852 wp_update_term() should use wp_insert_term() internally Taxonomy 2.3 normal normal enhancement new 2014-10-03T16:59:38Z 2019-06-04T21:12:37Z "`wp_update_term()` and `wp_insert_term()` have a large amount of overlapping functionality. Things like argument sanitization, `term_exists()` checks, parent and alias_of validation, and even some hook names are shared between the two. Having the logic separate means twice the unit tests and twice the bug fixes for shared functionality. (See #29848 for an example.) This, in turn, has the potential to hold up future refactoring (#5809). As much as possible, the duplicate logic should be pulled out of `wp_update_term()`. Update-specific validation should take place there, and then call `wp_insert_term()` with a `term_id` or `term_taxonomy_id` param. (Suggestions for syntax are welcome.) In `wp_insert_term()`, break out the logic specific to the creation of new terms, and only run it when no existing term ID is passed to the function. Then, choose whether to run `$wpdb->update()` or `$wpdb->insert()` as appropriate." boonebgorges 2 29882 wptexturize: quotes inside quotes curling incorrectly has-patch Formatting 1.5 normal normal defect (bug) new 2014-10-08T01:43:48Z 2019-06-04T19:46:32Z "I've been looking through Trac a bit, but couldn't find a ticket reporting this problem. When you use quotes inside quotes, this happens: {{{ bad: ‘”…” …’ }}} {{{ bad: ‘… “…”‘ }}} {{{ good: “‘…’ …” }}} {{{ bad: “… ‘…'” }}}" iseulde 8 29890 Make menu descriptions available to be displayed on the front-end helen has-patch Menus 3.0 normal normal enhancement assigned 2014-10-08T13:29:52Z 2019-06-04T20:09:27Z "When the refreshed menu UI was introduced in r14248, it came with the possibility to add a description to each menu item. When that description textarea is displayed, [https://core.trac.wordpress.org/browser/tags/4.0/src/wp-admin/includes/nav-menu.php#L182 it's accompanied by the help text]: {{{The description will be displayed in the menu if the current theme supports it.}}} Yet there is currently no way for themes (that I'm aware of) to actually display these descriptions. Let's change that! Added incentive would be one less callback in #29799 Twenty Fifteen." obenland 31 29892 get_available_languages() can alternately too and not enough permissive ocean90 has-patch I18N 4.0 low normal Future Release defect (bug) reviewing 2014-10-08T15:03:45Z 2022-08-02T17:47:40Z "Since 4.0, it's possible to switch site languages from the language dropdown in options-general.php. This is a great feature. But i think there can be cases when get_available_languages() is too permissive and others not enough. 1/ Too permissive If for some reason, a theme or plugin language file is added at the root of {{{WP_LANG_DIR}}}, then the theme or plugin language file will be listed in the dropdown because it names does not start with 'continents-cities' or 'ms-' or 'admin-'. It can be confusing for the site admin. 2/ Not enough (might be an edge case) {{{get_available_languages()}}} accepts a {{{$dir}}} param. So although it's not used in core, i guess plugins/themes can use this function to list language files of a given directory. In this case, if one of the file starts with 'continents-cities' or 'ms-' or 'admin-' then it won't be listed. The attached patch is suggesting a way to be sure only site language files will be listed if the $dir param is null or == {{{WP_LANG_DIR}}} else to list all language files." imath 9 29904 Make images viewable while editing a gallery Media normal normal defect (bug) new 2014-10-09T14:37:07Z 2019-06-04T20:09:33Z "Ordering images in a gallery can be very difficult when you are limited to thumbnails. Users must switch back and forth between their post and their camera roll to identify each image and make sure each is in the proper place. Click/tap to view an image is a common pattern that is missing here. Some use it elsewhere to reassure themselves that they uploaded the right images and put them in the right order. First reported in: https://make.wordpress.org/flow/2014/06/02/kibble-viewing-images-while-editing-a-gallery/" obenland 2 29910 esc_attr does not properly deal with json_encode Formatting normal normal Awaiting Review enhancement new 2014-10-09T17:54:32Z 2017-05-07T03:11:39Z "Current doing something like esc_attr( json_encode( $data ) ); doesn't work properly. Since the input to json_encode() above can contain '"'. And for calls to json_encode() lacking the JSON_HEX_AMP option, that '"' is left unaltered. Running '"' through esc_attr() also leaves it unaltered since esc_attr() does not double-encode. This means we end up with an attribute like {{{ data-gallery=""{"foo":"""} }}} which is interpreted by the browser as {{{ {""foo"":""""""} }}} which results in a JSON decoded error. The preferred workaround is to include the JSON_HEX_AMP (and friends) options, but these are not available until 5.3.0. Alternatively, we can use _wp_specialchars( , , , true ) instead of esc_attr(), which will double-encode. Since we can't rely on JSON_HEX_AMP, we do both. I would like to see a function like {{{ esc_json_encode( $data ) }}} That you can use to encode json data and pass it to the html. I have included a file that includes a functions that does just that. " enej 2 29913 wptexturize should handle broken HTML consistently needs-unit-tests Formatting 1.5 normal minor defect (bug) new 2014-10-10T00:38:40Z 2019-06-04T19:46:35Z "Spunoff from ticket:29557#comment:93 because it's not that important. When encountering broken HTML, `wptexturize()` should match web browser behavior, without getting too complicated. This bug is for: 1. unclosed comments: `<!-- foo ... texturize those dots?` 2. unclosed tags: `<a ... texturize those dots?` 3. valid terrible HTML that WP probably does not need to support: `<div data-cycle-slides=""> .slides"">`. It's encouraged by the popular jQuery Cycle2 plugin, and its examples. Currently: 1. unclosed comments are handled like a browser: WP thinks it is a comment, so does not texturize the dots (turn them into `…`). 2. unclosed tags are not considered a tag, so the dots are texturized. A browser treats it as a tag, by contrast, and we don't normally texturize inside tags. The browser also hides it since it's a tag, so whatever we do is hidden. It's not that important, though it could have side effects on other parsing, plugins, etc. 3. valid terrible HTML is not parsed as a tag by WP. Fully parsing valid HTML would slow down WP. Some of this is already covered by unit tests or may be soon. Fixing (2) to be consistent with (1) would be easy." kitchin 5 29920 Autosave breaks if post revision fields contains a value that isn't a string has-patch Revisions normal normal Awaiting Review defect (bug) new 2014-10-10T14:11:32Z 2019-06-04T18:12:47Z "This isn't exactly a bug... Its possible to filter '_wp_post_revision_fields' to add more fields. I am using this to track revisions for some meta fields. However the value of this must be an string otherwise you get notices when trying to create an autosave - as this calls `normalize_whitespace` on an array. It would be nice if this didn't completely break things. I've added a patch that only calls normalize whitespace if both values are strings - otherwise just do a simple comparison. If you think i'm doing_it_wrong - feel free to tell me so! I guess this is related to #20564 and any other meta revision fields." mattheu 6 29923 Improve the writing experience on mobile dev-feedback Editor normal normal Future Release enhancement new 2014-10-11T01:01:50Z 2019-06-05T07:06:53Z "Maybe something like the screenshot attached. Problems: * In iOS, position fixed doesn't work when the keyboard is open. And that's exactly when we need it. But there are workarounds. We can absolute position everything and make only the iframe scrollable. Oh wait... * `overflow: hidden;` doesn't work on `html` and `body`. Can be worked around by using `#wpwrap` instead. We can also block scrolling completely with JS since the content we want to scroll is in an iframe. But... * For some reason Apple decided to automatically adjust the height of iframes to its content. So for this we'll need to force a specific height on the iframe, `html` and `body` tags, and make the `body` scrollable. Seems to work. * There are no events fired when the keyboard shows or hides. Also no resize event. The keyboard kind of floats over the window. This means that the window height doesn't change and that we can't detect the height of the visible area and keyboard. But it's possible to work around that too. :) The screenshot is from a working prototype. Ideally there should be a left and right arrow on the toolbar so you can browse the tools. The post.php screen stays mostly the same, with a preview of the content. When you click on it, it goes ""fullscreen"". When you hide the keyboard or tab away, it goes back to the original screen. The alternative is to leave things as they are, with the toolbar unpinned on top of the editor, but we could still move all the buttons to one row with arrows to browse them." iseulde 8 29931 "Broken attachment page links for files attached to ""Auto Draft"" posts" Media 3.4.2 normal normal defect (bug) new 2014-10-11T18:06:08Z 2019-06-04T20:09:34Z "'''Steps to Replicate''' 1. Create a new post without a title. 2. Use the Add Media button within the post editor to upload files, but do not insert the files into the post. 3. Close the post editor without saving the draft. 4. Go to the Media Library 5. Notice the files show as being uploaded to a post called Auto Draft. 6. Try to view the attachment page, but get a “404 Page Not Found” error. '''Recommended fix:''' Do not attach files to a post that has a blank title and body. Leave the files unattached until text has been entered into the title or body of the post." dcoleonline 1 29938 mysqli_query and multiple resultsets needs-unit-tests Database 3.9 normal normal enhancement new 2014-10-12T10:24:20Z 2019-06-04T19:26:52Z "The WordPress Database API does not expose a way to work with multiple resultsets. Multiple resultsets are returned by queries that have several sets of results available and this is often the case with stored procedures and the usual way is to call {{{next_result}}} and {{{use/store_result}}} on the mysqli connection, however the connection is abstracted away behind the undocumented {{{$wpdb->dbh}}} field. {{{ -- Test procedure for out of sync mysqli commands DROP PROCEDURE IF EXISTS `mysqli_procedure_test`; DELIMITER ;; CREATE PROCEDURE `mysqli_procedure_test`() BEGIN SELECT * FROM `wp_posts` LIMIT 1; SELECT * FROM `wp_posts` LIMIT 1; END;; DELIMITER ; }}} When calling this procedure (apart from the issues outlined in ticket #28155) you can only access the first resultset using the documented APIs. To fetch the second one one would have to use the mysqli API directly. Need to come up with additional public methods to work with these via the Database API instead. There must be a way for a user to fetch the next resultset if there's one, or make this transparent somehow, perhaps using a {{{$wpdb->call( $procedure, $arguments )}}} invocation in the case of procedures? And something like {{{$wpdb->next_results}}} for everything else? Needs brainstorming." soulseekah 2 29948 Use contextual controls (active_callback) API for conditionally-displayed core contextual controls Customize 4.0 lowest normal Future Release enhancement new 2014-10-13T18:18:28Z 2017-02-20T18:33:50Z See `wp-admin/js/customize-controls.js`, near the bottom. Rather than doing some unstructured JS to show/hide controls based on the values of other settings, this should use custom callbacks for the active_callback argument when adding the control (in php). celloexpressions 9 29956 Paragraphs within list items disappear in the editor when switching from text to visual and back needs-unit-tests Formatting 4.0 normal normal defect (bug) new 2014-10-14T16:42:07Z 2019-06-04T19:46:37Z "On a fresh wordpress 4.0 in the editor when I enter <ol> <li>a<p>b</p> </ol> or <ol> <li>a b </ol> and switch from text to visual and back, I get <ol> <li>ab</li> </ol> " brunni 4 29972 Split pagination calculations and HTML in paginate_links has-patch General 4.0 normal normal enhancement new 2014-10-15T04:22:28Z 2019-06-04T19:46:40Z "The current implementation of paginate_links has a number of issues. It has been improved significantly in the latest version, however there is still room for more improvements. Currently, the function forces you to use the HTML as it has been returned. If you want to add a class onto something, there is no easy way to do it - you're stuck with the defaults as they are hard-coded. The first step towards fixing this is to split the pagination calculations from the HTML. Sort out what's going to go where, and then go and build the HTML and return it. My reasoning is below, take a look and see what you think. I'm not necessarily advocating my particular fix, but I believe at the very least it needs some discussion. This change will make it easier to create features such as custom classes for elements, and will make the code easier to read and maintain. Also this is my first time creating a ticket on WordPress Trac, so go easy :) '''Return raw array data''' If you want to write your own completely custom HTML, you currently have to either copy+paste the function and modify it to suit your needs, or write a whole new one from scratch. The function should be able to return an array containing these values for each pagination item: - type (next/prev/dots/page) - link (where the item links to) - text (the text to be displayed within the link) - active (so you can apply your own active class) This allows for more flexible use of the function within the template. '''Customize the default output''' Sometimes, you might just want to add an extra class to an item or two. Now, you could add these features to the current code, but the section for the active element is split from the normal elements which means you'd have to duplicate code to do it. '''Change the currently selected page element''' I've added a new arg 'link_current' so you can change the default element of the selected page to an A tag instead of the SPAN. I needed this for our specific design, but thought other people might find it useful as well." dylanj 2 29999 update post overwrites slug if current_user is contributor dev-feedback Posts, Post Types 4.0 normal minor Awaiting Review defect (bug) new 2014-10-16T08:09:04Z 2024-03-07T21:30:46Z "The [http://codex.wordpress.org/Function_Reference/wp_update_post/ wp_update_post] function calls [http://codex.wordpress.org/Function_Reference/wp_insert_post/ wp_insert_post] which is located in [https://core.trac.wordpress.org/browser/tags/4.0/src/wp-includes/post.php#L3068/ wp-includes/post.php] in posts.php at lines 3168 - 3171 there is this code: {{{ // Don't allow contributors to set the post slug for pending review posts. if ( 'pending' == $post_status && !current_user_can( 'publish_posts' ) ) { $post_name = ''; } }}} this will remove post_name if the current user is a contributor without any message or notification. This creates an issue because scripts/plugins that uses wp_upadate_post usually don't handle this case (the documentation doesn't cover this also - I would update the documentation but I'm wondering if there's no other solution). I don't see the issues that a contributor changing the slug would create (a contributor vs an editor) anybody does?" jnhghy 16 30017 Many automated tests are unnecessarily slow wonderboymusic Build/Test Tools normal normal Future Release task (blessed) assigned 2014-10-17T02:07:19Z 2021-03-24T14:47:08Z "Our test suite is getting bigger (that's good!). But many of our tests are, of necessity, integration and functional tests that require lots of setup: creating factory data, resetting globals, etc. This process can be slow (that's bad!). Poking around in the tests, it looks like some of the worst offenders are those who create lots of database content in the `setUp()` method. Creating more dummy data than is absolutely necessary to test an assertion is - at best - wasteful. At worst, it actually introduces unnecessary variables into what is supposed to be a narrowly defined test. (Fake but illustrative example: if you create 25 posts to test some default value in `WP_Query`, you now have to worry about pagination in addition to whatever value you're testing.) Changing existing tests is a tedious and potentially dangerous task - you don't want to introduce regressions into our regression-preventing tests. But if we can shave 10-20% off of the execution time of our suite (which I think is a pretty conservative estimate), it'd be a huge step toward getting more people to actually run the dang things, as well as things like continuous integration. Opening this ticket for discussion and/or patches." boonebgorges 69 30023 Chrome autofill password keeps showing after wp_attempt_focus clears password field dev-feedback Login and Registration 4.0 normal normal Future Release defect (bug) new 2014-10-17T17:30:50Z 2020-02-15T17:45:27Z "Chrome's autofill of remembered passwords causes an issue with wp_attempt_focus (defined in wp-login.php). The JavaScript function clears the password field, but Chrome still displays the field as filled out. Submitting the form results in the following error (obviously): * ERROR: The password field is empty. If people want to have Chrome autofill their password, I strongly suggest not to intervene. Not only are we going to annoy users by trying to hack around it (see ticket [ticket:24364]), but the hacks will also likely cause even more issues in a future Chrome release." Robbert S 6 30036 Add some escaping to $handle when printing styles. Script Loader normal normal defect (bug) new 2014-10-18T22:58:04Z 2019-06-04T21:12:39Z "There's a number of instances where we're currently printing out the dependency handle without any sort of escaping. We should probably do something about that. https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class.wp-styles.php#L87 `WP_Styles::do_item()` Things can currently get somewhat mucked up if someone enqueues a script or style with a single quote in it, that breaks out of the id attribute. I'm not sure what the best fix for this is, attached are some starting point unit tests to demonstrate the varied types of handles that work currently, that we'll want to at least take into consideration." georgestephanis 2 30039 Email validation not working correctly Formatting 4.0 normal normal defect (bug) new 2014-10-19T07:22:52Z 2019-06-04T19:46:42Z "When creating new users with wp_insert_user or when changing user's email address in UI. Emails such as 'joe@com' or 'jill@sometld' are not accepted as valid email addresses. Those email addresses are rarely used, but they are valid email addresses. " BigWhale 2 30044 Use subqueries for AND clauses in WP_Meta_Query Query 4.1 normal normal Future Release enhancement new 2014-10-19T19:04:07Z 2022-11-02T15:50:32Z "See #24093, starting about here, for background: https://core.trac.wordpress.org/ticket/24093#comment:10 When multiple clauses are passed to `WP_Meta_Query` under the scope of an AND relation, a new table JOIN is required for each clause. With very large meta tables, this can lead to poor performance. We should investigate the performance implications of using subqueries for some of these queries to avoid the joins, much like what happens in `WP_Tax_Query` for NOT IN and AND operators. Note that the improvements to OR queries in [29953] probably mean that subqueries will not be faster in most cases where relation=OR. First step toward this would be to see some benchmarks using data of different kinds: small databases; large sets of posts with relatively small postmeta tables; large sets of posts with large amounts of postmeta. As pento notes here https://core.trac.wordpress.org/ticket/24093#comment:30, we'll also need to look at how performance differs between supported versions of MySQL." boonebgorges 12 30049 wp_load_translations_early does not without WPLANG defined I18N 4.0 normal normal Awaiting Review defect (bug) reopened 2014-10-20T14:24:48Z 2019-05-01T18:27:18Z "In the Hungarian WP 4.0 the maintenance text appears in english. " szepe.viktor 14 30052 Add New Media Drag and Drop Hangs on Crunching Media 4.0 low normal defect (bug) reopened 2014-10-20T19:28:52Z 2019-06-04T20:27:30Z "When using the drag-and-drop feature of ""Media -> Add New"" the upload hangs at ""Crunching..."". After extensive testing, I have determined this occurs when the auto_increment primary key (ID field) on the ""wp_posts"" table reaches 1000. If I delete content and reset the key to 999 or below ""Add New"" works but, when the key hits 1000 ""Add New"" get stuck at ""Crunching..."". I can find no errors in any logs or by using the ""backtrace-errors.php"" debugging file. I have been able to duplicate this issue on multiple WordPress servers. Note - Images do get uploaded and processed and the entries are placed correctly in the database. The problem is that the upload screen gets stuck displaying ""Crunching..."" along side the primary key number." Gregory_Lang 13 30105 css defining protocol Themes 3.8.2 normal normal defect (bug) new 2014-10-26T06:41:59Z 2019-06-04T21:12:42Z "{{{when switching between http & https css breaks. css has the protocol defined rather than using // it uses http:// or https://}}} to produce the problem load in apache and localhost:80, then localhost:443. one or the other will be broken. sane: {{{<link rel=""stylesheet"" id=""open-sans-css"" href=""//fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&ver=4.0"" type=""text/css"" media=""all"">}}} insane: {{{<link rel=""stylesheet"" id=""kadence_bootstrap-css"" href=""http://localhost/wordpress/wp-content/themes/virtue/assets/css/bootstrap.css?ver=224"" type=""text/css"" media=""all"">}}}" 666threesixes666 4 30128 Allow to use associative arrays beside indexed arrays in wp_mail $headers needs-unit-tests Mail 2.3 normal normal Future Release enhancement new 2014-10-27T21:15:12Z 2020-09-16T18:57:17Z "eg: {{{ $headers = [ 'From' => 'Me Myself <me@example.net>', 'Cc' => 'John Q Codex <jqc@wordpress.org>', ]; }}} beside: {{{ $headers = [ 'From: Me Myself <me@example.net>', 'Cc: John Q Codex <jqc@wordpress.org>', ]; }}} and also (because why not): {{{ $headers = [ 'From' => 'Me Myself <me@example.net>', 'Cc' => [ 'John Q Codex <jqc@wordpress.org>', 'iluvwp@wordpress.org', ], ]; }}}" marsjaninzmarsa 4 30150 apply_filters( 'image_size_names_choose' ) should be provided a named context has-patch Media normal normal Future Release enhancement new 2014-10-28T23:18:08Z 2018-05-24T20:17:48Z It's used in a variety of places, some that you may want to filter and others that you don't. Each instance of `apply_filters( 'image_size_names_choose' )` should be passed a named context danielbachhuber 7 30169 show available languages in theme details dev-feedback Themes normal normal feature request new 2014-10-29T11:22:41Z 2019-06-04T21:12:44Z "Hi! WordPress reads it from the header of the theme style.css the data for the theme-details. There, but an additional line can be added. Languages​​: with the available languages ​​(en, fr, it, de, etc) This could in theme details are made visible and at the wordpress.org themes in the discription. This would facilitate users to find a theme that does not speak English. When looking on wordpress.org theme would be an additional criterion in the Theme selection." Kniebremser 7 30170 """Start Date""/""End Date"" are confusing in the exporter" has-patch Export normal normal Awaiting Review enhancement new 2014-10-29T11:40:47Z 2017-07-22T04:03:42Z "I've been running a lot of post exports lately, and for some reason I'm constantly screwing up ""Start Date"" vs ""End Date"" when selecting an export range. The ''right'' way is Start Date == Older Date, and End Date == Newer Date. But, because my memory is pathetic (at best), I constantly forget this and end up downloading empty exports. I think there are a few potential fixes: 1) Change the wording, to something like ""Start Date (Older)"" and ""End Date (Newer)"", or different text entirely 2) Use some JS to alert the user/prevent the download if they chose a more recent month as the Start Date 3) Try to guess the user's intentions and download the export even if they screw up the order (Or perhaps some combination of the three.)" chrisvanpatten 6 30172 Request: Filter for get_post_format Post Formats 4.0 normal normal enhancement new 2014-10-29T15:43:33Z 2019-06-04T20:47:52Z "Would it make sense to create a filter in get_post_format()? Then instead of having to write this a few times (in each template) {{{ $format = get_post_format(); if ( false === $format ) { $format = 'standard'; } }}} there could be just one filter in the functions file that does return 'standard' when false is returned: {{{ // Apply filter add_filter('post_format', 'my_filter'); function my_filter($format) { if ( false === $format ) { $format = 'standard'; } return $format; } }}} Or something along those lines..... Just an idea, Sascha" landwire 1 30175 In multisite, on a site with only subscribers, wp_dropdown_users returns empty string jeremyfelt has-patch Users normal normal defect (bug) assigned 2014-10-29T16:57:07Z 2019-06-05T06:40:19Z "This becomes a problem when editing posts on sites with no capable users. Technically, an empty string is the expected result, as the site has no users with adequate capabilities to assign as the author of a post. (I'll propose 1 solution in a comment below.) To duplicate: * Setup multisite * Create a second site * Add a user to it as a Subscriber * Remove yourself from that site, if necessary * Edit the ""Hello World"" post * Notice the ""Author"" metabox is empty" johnjamesjacoby 2 30177 Eliminate deprecated pointers dev-feedback Administration normal normal enhancement new 2014-10-29T17:19:33Z 2019-06-04T19:26:56Z "While working on #30158 @nacin suggested that we eliminate the now irrelevant pointers (anything before 3.9). Initially I followed the existing convention: blanking, but leaving, the internal pointer method. @nacin also mentioned that we should eventually removing those blanked methods and that they were only left behind because we hadn't considered the full ramifications of straight removing them. I spent a few brain cycles on exactly that these past several hours and below are my findings. **Option The First:** We can completely remove these methods with no negative impact whatsoever. Reason: The pointer class is Final and cannot be extended (so there are no inheritance concerns) and these static methods themselves are completely useless in isolation. There is no reasonable explanation for a person ever calling these methods directly, and calling remove_action() on them does not depend on their existence, either. **Option The Second:** We remove the methods and register a new `get_deprecated_pointers()` method to be used in tandem with a `__callStatic()` magic method in order to inform the fringiest fringe-case developer that they've done something abhorrently wrong (in the most polite way possible). My vote is for Option 1 because I can't fathom a world in which someone would have a productive reason to statically call one of these pointer methods in isolation. Option 2 gives us a new list to maintain fairly unnecessarily and succeeds in adding more lines of code than it removes. I've provided patches for each option so all that is left is for someone else to weigh in with their opinions. @jjj likes option 2 @aaroncampbell likes option 1" rzen 1 30180 wp_get_attachment_image_src does not return alt or meta antpb Media normal normal Future Release enhancement assigned 2014-10-29T18:42:55Z 2023-07-21T15:37:32Z "In practical use,wp_get_attachment_image_src is very useful for displaying an attached image - but requires a separate call to get any other image meta or the alt attribute. In addition to making any application that needs alt attr or meta data for display simpler, having the alt attribute present in this function increases the likelihood that developers will use the alt attribute in their ultimate output. " joedolson 82 30181 Add more Underscore.js array methods to wp.customize.Values and re-use _ for Customizer JS methods Customize 3.4 lowest normal Future Release task (blessed) new 2014-10-29T18:53:41Z 2017-03-14T17:02:13Z "Now that the Customizer explicitly uses Underscores.js (#26061), we should re-use Underscore.js as much as possible to eliminate duplicated logic, and to flesh out our Customizer models to have an API consistent with Backbone models. This depends on having QUnit tests (#28579)." westonruter 4 30184 Author page and category needs-unit-tests Query 3.1 normal normal defect (bug) new 2014-10-29T19:20:41Z 2019-06-04T20:47:56Z "Got errors like next in debug.log PHP Notice: Undefined property: stdClass::$ID in /www/test1/wp-includes/query.php on line 4074 PHP Notice: Undefined property: stdClass::$nickname in /www/test1/wp-includes/query.php on line 4076 PHP Notice: Undefined property: stdClass::$user_nicename in /www/test1/wp-includes/query.php on line 4078 In wp-includes/query.php we have the method {{{ public function is_author( $author = '' ) { if ( !$this->is_author ) return false; if ( empty($author) ) return true; $author_obj = $this->get_queried_object(); $author = (array) $author; if ( in_array( $author_obj->ID, $author ) ) return true; elseif ( in_array( $author_obj->nickname, $author ) ) return true; elseif ( in_array( $author_obj->user_nicename, $author ) ) return true; return false; } }}} But if we query a author page with category param queried_object actually will be the category term object, so next patch prevent such problems {{{ public function is_author( $author = '' ) { if ( !$this->is_author ) return false; if ( empty($author) ) return true; $author_obj = $this->get_queried_object(); if ( ! is_a( $author_obj, 'WP_User' ) ) return false; $author = (array) $author; if ( in_array( $author_obj->ID, $author ) ) return true; elseif ( in_array( $author_obj->nickname, $author ) ) return true; elseif ( in_array( $author_obj->user_nicename, $author ) ) return true; return false; } }}} " dimitrov.adrian 5 30188 Introduce utility functions to check constants chriscct7 dev-feedback Posts, Post Types normal normal Awaiting Review enhancement assigned 2014-10-29T23:31:14Z 2017-09-22T10:40:31Z "At the moment it's pretty obnoxious to check the various DOING_* constants throughout core and within plugins and elsewhere. The annoyance is compounded whenever we need to verify multiple constants, for example on the save_post hook: {{{#!php function do_some_post_stuff_the_current_way() { // Bail if doing autosave if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) { return; } // Bail if doing AJAX if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) { return; } // Bail if running cron if ( defined( 'DOING_CRON' ) && DOING_CRON ) { return; } // Maybe some other checks... // Do my stuff.. } add_action( 'save_post', 'do_some_post_stuff_the_current_way' ); }}} I initially set out to solve this problem exclusively for saving posts, but became waylaid just in naming such a function (What are we checking exactly? The environment state/context? The mechanism that triggered save_post? etc). I spent the whole day thinking about it and realized the solution reaches beyond just saving post. Enter `wp_check_constants()` and `is_constant_true()`. The former accepts a single or array of constants, the latter only validates one. In these we confirm first that the constant is defined and then that it is explicitly set to `true`. Full stop. I've written a few different tests to support that the function works as advertised. If the general consensus here is that these functions are useful I'd also be happy to submit patches that introduce them throughout core in place of the current `defined( 'FOO' ) && FOO` conditions. Related: #25669 " rzen 6 30210 WordPress generates unnecessary RSS feeds has-patch Feeds 4.0 normal normal Future Release defect (bug) assigned 2014-10-31T10:01:30Z 2020-09-20T17:02:32Z "Examples: http://ma.tt/blog-content/feed/ http://ma.tt/blog-content/plugins/feed/ http://ma.tt/blog-content/themes/feed/ Bug? Feature?" sergej.mueller 34 30227 Inaccurate wording when creating a user with a reserved email address has-patch Login and Registration 3.3.2 normal normal defect (bug) new 2014-11-01T06:16:43Z 2020-02-06T19:47:07Z "If you try to create a user on multisite using an email address that is tied to an unconfirmed user, you'll get this notice That email address has already been used. Please check your inbox for an activation email. It will become available in a couple of days if you do nothing. ""Please check ''your'' inbox"" seems to imply that the logged in user should check their own inbox for an activation email. Not sure of the best way to reword that so it's clear without being overly wordy. Possibly something like That email address is reserved pending activation. It will become available in a couple of days if left unconfirmed. or That email address is reserved. An activation email has been sent to that address. If left unconfirmed it will become available in a couple of days. Also, ""couple of days"" could be any time less than 2 days, so perhaps a dynamic value could be used here giving a better approximatation of the time remaining till the unconfirmed address will be freed up. ''This is referenced in #20817''" trepmal 8 30233 Replace or rewrite domain_exists() for more accurate usage dev-feedback Networks and Sites 3.0 normal normal enhancement new 2014-11-02T01:47:25Z 2019-06-04T20:09:42Z "`domain_exists()` was added in [https://mu.trac.wordpress.org/changeset/543 MU:543] in almost its current form. The enforcement of trailing slashes on paths was added in #20589 and a filter was added in #21442. A few notes: * The lookup for a domain and path combination is restricted to one network. This allows the same domain and path combination to be used on multiple networks, which should not be default behavior. * The name, `domain_exists()`, implies a check for domain. It is really checking for a full site URL. * While it is entirely possible to ignore the result by providing your own in the filter, it would be nice to not always require this for multi-network configurations. My **guess** is that the original intent was to ensure a subdomain or path was not present when creating a site on an open network. In thinking of how to address this, these two possibilities came to mind. * Deprecate `domain_exists()` and wrap a new function that does a larger check. `wp_get_site()` could work alongside `wp_get_sites()` and support domain/path lookup. * Allow the current `$site_id` argument to be `null` (for all), or an array (for many), in addition to the current `int` expectation. " jeremyfelt 5 30243 Media Library cached, does not update when other users add images Media 3.5 normal normal defect (bug) new 2014-11-03T22:28:26Z 2019-06-04T20:09:47Z "When you open a post or page in the editor, and you click Add New, the media library pops up a grid with the n most recent images. If you upload something new, it's added to the list. However, if a colleague uploads something new (via another computer or browser), then you don't see the image the colleague uploaded in the media library — unless you search for it. " paulschreiber 1 30250 Add filter for query used in `wp_count_posts()` Posts, Post Types normal normal enhancement assigned 2014-11-04T18:04:59Z 2019-06-04T20:47:58Z "Use case: if my list table is filtering to a specific taxonomy term, I'd like my view counts to reflect that filter. The existing filter added in #16603 still means I need a lot of duplicate code, and two queries." danielbachhuber 4 30262 Combine wp_terms and wp_term_taxonomy tables Taxonomy low normal enhancement new 2014-11-05T19:01:10Z 2019-06-04T21:27:07Z "The two database tables `wp_terms` and `wp_term_taxonomy` are designed to facilitate ""shared terms"": single ""terms"" that are shared by multiple ""term-taxonomy"" pairs. In 4.1 we've begun the process of phasing out shared terms (#5809, #21950), and at some point we'll be able to guarantee that items in `wp_terms` are in one-to-one correspondence with those in `wp_term_taxonomy` (#30261). Once this has happened, we have no more need for two tables. So let's get rid of one of them. The primary benefit of merging the two tables is that, over time, we can simplify the internals of much of our taxonomy API. No more JOINS will be necessary in `get_terms()`. There will be no need for `WP_Tax_Query::transform_query()`. And so forth. This will make the component easier to maintain, and will improve cachability and overall performance. A subsidiary benefit is that it makes the system a bit more sane for developers who are learning it for the first time. The main concern in the process of merging the two tables is backward compatibility. As [https://make.wordpress.org/core/2013/07/28/potential-roadmap-for-taxonomy-meta-and-post-relationships/ outlined by nacin in 2013], we have a pretty good plan for how we can maintain close to 100% backward compat. Two parts: 1. The table aliases `$wpdb->terms` and `$wpdb->term_taxonomy` should point to the same merged table, which will include all columns from both existng tables. This will provide support for anyone using these aliases to perform taxonomy queries. 2. Create a [https://dev.mysql.com/doc/refman/5.0/en/views.html MySQL view] that replicates the deprecated table. This will provide support for anyone querying the table with syntax like `$wpdb->get_blog_prefix( $blog_id ) . 'terms'`. We can't do the migration for at least a version or two after #30261 is complete - we have to give time to all installations to get their shared terms cleared out before we can think about putting the tables together. A viable patch for this ticket will include: a schema change to introduce the view, the migration logic to move the old columns into the new combined table, and the necessary changes to `$wpdb`." boonebgorges 5 30274 "wp-login.php Logo Image Use ""img"" tag rather than CSS background" Login and Registration 4.0 normal normal Awaiting Review enhancement reopened 2014-11-06T14:49:32Z 2017-02-19T17:53:28Z "The fact that the logo image that displays on www.website.com/wp-login.php is a background image rather than an ""img src"" html tag often makes it problematic, because support for resizing CSS backgrounds is more complicated than using ""img src"" tags. For example, it seems like every time I use a plugin or try to alter the logo image on wp-login.php it in some way, it takes some combination of the perfect image size and css hacks to make it responsive. Conversely, if it was an ""img"" tag, I could just apply ""width:100%; height:auto;"" or something like that. So, in conclusion, I propose switching from a background image to an ""img src"" html tag. [[Image(http://i.imgur.com/C5qwZtq.png)]]" themightymo 3 30277 Split up Customizer JS into separate files and remove self-booting jQuery.ready call Customize 3.4 normal normal Future Release enhancement new 2014-11-06T20:11:45Z 2018-06-13T16:28:06Z "The `customize-controls.js` file is huge and is named incorrectly now with #28709 and the fleshed-out models for Panels and Sections. The file should be broken up into `customize-sections.js`, `customize-panels.js`, and `customize-utils.js`. The last of which should include the private function exposed as public methods off of `wp.customize.utils`. This may also include the `wp.customize.init()` mentioned in #29071. We need to stop booting the Customizer inside of these JS libraries with a direct `jQuery.ready` call, and instead let the including page invoke that. This is critical for code reusability and for unit testing. For instance, the `customize.php` page could do in the footer: {{{#!php <script> jQuery(function () { wp.customize.init( _wpCustomizeSettings ); }); </script> }}} For `wp.customize.utils`, see existing patch at: https://github.com/xwp/wordpress-develop/pull/47" westonruter 18 30285 url_to_postid on FORCE_SSL_ADMIN takes https path instead of http reporter-feedback General 4.0 normal normal defect (bug) reopened 2014-11-07T17:59:53Z 2019-06-04T19:46:47Z "A server has FORCE_SSL_ADMIN set to TRUE, which makes its wp-admin load under SSL, though the public pages are still on http. Now, I have a plugin which runs in the admin area. When I call url_to_postid with a post permalink under http (http://www.domain.com/post) the function always returns 0. What happens is that url_to_postid uses site_url to parse the permalink, but site_url with FORCE_SSL_ADMIN returns the path with https, thus not finding it in the http permalink. I think url_to_postid should always take the public settings even when called from an admin context, as it will take in input public paths." Ste_95 3 30300 setUserSetting js function only removes first unwanted character dev-feedback Administration 2.7 normal normal defect (bug) new 2014-11-09T17:08:15Z 2019-06-04T19:26:58Z "The function comments of the function setUserSetting in `wp-includes/js/utils.js` says the following: ""Both name and value must be only ASCII letters, numbers or underscore (...)"". The function removes the unwanted characters with the js `replace` function, in the current code, it only removes the first occurrence of an unwanted character. This is solved by adding the `g` modifier to the replace regex. See the attached patch. How to reproduce: * Open your browsers console while you are logged in to your WordPress installation. * Run the following command: `setUserSetting('test--', 'bad-value-')` (note that the - character is not allowed) * The console will return `""test-""` (not `""test""` as expected). * Run `getUserSetting('test-')`. * The console returns `""badvalue-""` (not `""badvalue""` as expected). * You may want to delete the setting by executing `deleteUserSetting('test-')`. " TV productions 2 30325 WP List Table: allow filtering view switcher modes has-patch General 4.0 normal normal enhancement new 2014-11-12T19:21:48Z 2019-06-04T19:46:51Z "I suggest the view mode switcher for post/media/site list views should be filterable, so it's possible to: * add additional, custom view modes (especially for custom post types) * filter available view modes * remove view modes completely (effectively removing the switcher from HTML) This would allow developers to customise the switcher for different custom post types. At the moment, this is impossible - and in some cases the switcher may make no sense or have no effect at all, if a specific mode isn't implemented. " ragulka 11 30377 wp_check_filetype is broken when checking urls with parameters audrasjb Media 4.0 normal normal Future Release enhancement reopened 2014-11-18T05:05:03Z 2022-04-08T04:24:45Z "The function in ./wp-includes/media.php named wp_check_filetype has a bug. It works properly when checking a url such as http://example.org/coolfile.mp4 but as soon as you add parameters to it (a common practice when attempting to embed un-cached or amazon pre-signed urls) like so: http://example.org/coolfile.mp4?extra=true¶ms=true ... it fails to return the extension / content type. The fix for this should be *very* easy. The preg_match in this function that looks like this currently: {{{ $ext_preg = '!\.(' . $ext_preg . ')$!i'; }}} could be adjusted to ignore the query string (if there is one) and just return the true extension like so: {{{ $ext_preg = '!\.(' . $ext_preg . ')(\?.*)?$!i'; }}} I've tested this change in my local environment and it works great. " supercleanse 62 30379 Creating multiple Categories with same name under 1 parent Taxonomy 3.9 normal normal defect (bug) new 2014-11-18T05:50:40Z 2019-06-04T21:12:53Z "At present this structure is allowed: {{{ Parent - C (slug: c) - C++ (slug: c-parent) }}} Attempting to add another 'C' category will fail with `A term with the name and slug already exists with this parent.`. However, you can create this structure: {{{ Parent - C (slug: c) - C++ (slug: c-parent) Parent2 - C (slug: c-parent2) }}} and then move the term: {{{ Parent - C (slug: c) - C (slug: c-parent2) - C++ (slug: c-parent) Parent2 }}} without issue. The question that remains here, is this what is expected?" dd32 2 30384 Cannot hook plupload's JavaScript consistently Upload 4.0 normal normal Awaiting Review enhancement new 2014-11-18T16:03:56Z 2019-05-15T21:15:59Z "Visit /wp-admin/media-new.php and enter the following into the console: window.uploader.bind('FileUploaded', function (){alert(1)}) Upload a file and once that's complete your function will be executed. However if you visit /wp-admin/upload.php or /wp-admin/post-new.php and run that JavaScript you'll find that window.uploader is undefined. I'm trying to prompt users to add additional information about the images they upload, but without access to the Uploader object that appears to be impossible." tomdxw 30402 WordPress does not respect the bit-depth of the original image when resizing Media 3.9.2 normal normal Awaiting Review defect (bug) new 2014-11-19T08:15:02Z 2021-03-04T15:09:12Z "i have uploaded 8 bit depth indexed color png, near 1400x1800 size image in wordpress and inserted it into post , and original image was near 500 kB and the smaller width-height version made by wp is near 1400 kB, because it is 24 or 32 bits per pixel png. (this is useless. i have edited html code to use full version because it is smaller by weight and it is scaled by size so it is ok)." qdinar 19 30430 WP_Object_Cache does not properly cache objects nested in arrays needs-unit-tests Cache API 2.0 normal normal Awaiting Review defect (bug) new 2014-11-21T00:17:31Z 2022-07-08T23:23:03Z "I noticed on a plugin that cached data wasn't coming out the way it was inserted. What was happening is that it was an array of objects. The code would then go and change the original data and the data in the cache is changed. I would expect data retrieved from the cache to be exactly the same as what was inserted. To make sure there was minimal performance impact I did some tests and the test script is attached. Initially I thought unserialize(serialize($data)) would be a good route, but it was twice as slow as rolling your own solution. I tried numerous methods and the function I initially build was always the fastest. The transient/option table doesn't have this problem because it calls maybe_serialize. Another way to fix this would be to call maybe_serialize on the set, and maybe_unserialize on a get but that would spread the cost to both functions and I think it is better to have the set be slightly more expensive than having every set and get take slightly longer. " jamesgol 13 30452 _wp_translate_postdata() redundantly+destructively checks current_user_can( $ptype->cap->edit_others_posts ) on update dev-feedback Posts, Post Types normal normal defect (bug) new 2014-11-21T23:13:46Z 2019-06-04T20:48:03Z "The product use-case is that the creator of a post should always be able to edit the post, even when they've assigned someone else as a byline. To do so, I'm storing their user ID to post meta: {{{ public function action_wp_insert_post_persist_author( $post_id, $post, $update ) { $post_obj = Post::get_by_post_id( $post_id ); if ( $update || ! in_array( $post->post_type, Fusion()->get_post_types() ) || ! $post_obj || ! $post->post_author ) { return; } $post_obj->set_first_author_id( $post->post_author ); } }}} And then filtering `map_meta_cap`: {{{ /** * Filter map meta cap to do whatever custom caps we need */ public function filter_map_meta_cap( $caps, $cap, $user_id, $args ) { switch ( $cap ) { case 'edit_post': $post_obj = Post::get_by_post_id( $args[0] ); if ( ! $post_obj ) { break; } $post_type = get_post_type_object( $post_obj->get_post_type() ); // Allow first authors to always edit the post if ( $post_obj->get_first_author_id() && $user_id == $post_obj->get_first_author_id() ) { // Don't require editing others' posts if ( false !== ( $key = array_search( $post_type->cap->edit_others_posts, $caps ) ) ) { unset( $caps[ $key ] ); } // If the post is published... if ( 'publish' == $post_obj->get_status() ) { $caps[] = $post_type->cap->edit_published_posts; } elseif ( 'trash' == $post_obj->get_status() ) { if ( 'publish' == get_post_meta( $post_obj->get_id(), '_wp_trash_meta_status', true ) ) { $caps[] = $post_type->cap->edit_published_posts; } } else { // If the post is draft... $caps[] = $post_type->cap->edit_posts; } } break; } return $caps; } }}} This approach generally works — except the original author isn't able to save an update to a post because `_wp_translate_postdata()` aggressively checks `current_user_can( $ptype->cap->edit_others_posts )` ([https://core.trac.wordpress.org/browser/tags/4.0.1/src/wp-admin/includes/post.php#L67 ref]). A check for `current_user_can( $ptype->cap->edit_post, $post_data['ID'] )` was added to `_wp_translate_postdata()` in r22950, but the changeset also leaves in the `edit_others_posts` check. Given `current_user_can( 'edit_post' )` falls back to `edit_others_posts` behind the scenes ([https://core.trac.wordpress.org/browser/tags/4.0.1/src/wp-includes/capabilities.php#L1114 ref]), I'd expect we could remove the second check." danielbachhuber 4 30459 is_child_theme() cannot be used during plugin activation as is has-patch Themes 3.0 normal normal defect (bug) new 2014-11-23T00:58:46Z 2019-06-04T21:12:58Z "I was developing a plugin that was based on a specific theme (or any child-theme of the theme) and tried to use `is_child_theme()` as part of the activation/compatibility tests. It appears `is_child_theme()` is trying to use undefined constants at this point, this being the case the easiest solution I am seeing is to use the constant definitions in `is_child_theme()` versus using the constants themselves. With the constants an error is thrown when the plugin is activated, with the function calls no errors are thrown. See simple patch to change `is_child_theme()` from using constants to using the actual function calls." cais 2 30465 Dashboard alert if a plugin/theme was removed from WordPress repo dev-feedback Security normal normal Future Release feature request reopened 2014-11-23T14:12:21Z 2024-02-02T10:24:52Z If a plugin/theme has been removed for security reasons, WordPress users with an installed plugin must be informed. Ideally as dashboard notification (on update check?). Otherwise the user will never know that the plugin has a security leak. sergej.mueller 38 30495 Unicode character U+000B is not removed by sanitize_file_name has-patch Formatting 4.0.1 normal normal Awaiting Review defect (bug) new 2014-11-25T11:37:08Z 2018-08-27T15:59:22Z "It seems that the following expression is true: {{{ json_encode(sanitize_file_name(json_decode('""\u000B""'))) == ""\u000b"" }}} On Google App Engine, for example, a file name with a U+000B character cannot be saved. Since the description of the function states: Removes special characters that are illegal in filenames on certain operating systems and special characters requiring special escaping to manipulate at the command line. ... then I think this is a bug. Thanks!" Craxic 4 30497 Impossible to change upgrader skin when Language_Pack_Upgrader is instanciated via Language_Pack_Upgrader::async_upgrade() Upgrade/Install 4.0 normal normal Awaiting Review defect (bug) reopened 2014-11-25T12:01:48Z 2019-03-28T12:54:40Z "WP-CLI uses its own upgrader skin class (WP_CLI\UpgraderSkin) to remove HTML from the strings that are displayed to the users. But it is not possible to change the upgrader skin when Language_Pack_Upgrader is instanciated via Language_Pack_Upgrader::async_upgrade() resulting in the problem described in the issue below: https://github.com/wp-cli/wp-cli/issues/1501 The attached patch implements a possible solution for this adding a filter to change the upgrader skin class name. I'm not sure if this is the best way to fix this or if we should refactor this method and the way it is called to add the upgrader skin class as a parameter." rodrigosprimo 3 30499 define WP_VERSION, to prevent having to code around plugins which change $wp_version has-patch General normal normal Awaiting Review enhancement new 2014-11-25T14:09:14Z 2021-06-01T13:34:01Z "There are plugins, like this one - https://wordpress.org/plugins/replace-wp-version/ - which over-write $wp_version. Allegedly in the name of security (as if an external probe couldn't work out the WP version in 101 other ways). Unfortunately, their existence means that if another plugin wants to _really_ know the WP version, they have to do something ugly, and re-include wp-includes/version.php, like so: {{{ global $wp_version; include(ABSPATH.WPINC.'/version.php'); }}} The WP version really should not change, and there should be a more elegant way to know it is. The PHP way is via a constant; thus, the attached patch defines WP_VERSION, in order to provide coders with a reliable way of knowing the real WP version without having to use ugly work-arounds. " DavidAnderson 5 30505 Backbone subviews cannot be attached directly to DOM elements Administration normal normal defect (bug) new 2014-11-26T06:22:26Z 2019-06-04T19:27:07Z "Right now, you need selectors to attach subviews. Even if you have a direct reference to an element in the DOM, it's not possible to attach to this directly. This is an issue when you're working with an existing DOM structure to attach views, and the elements don't have unique identifiers for a selector. Backbone itself is happy to let you do this in a lot of places; this is why you can pass in `el` when constructing a view, for example. However, `wp.Backbone.Views` uses `! _.isString` to overload some of the function parameters, which means you can never pass it through." rmccue 8 30527 function to add separator has-patch Administration normal minor Future Release enhancement new 2014-11-27T15:07:32Z 2017-02-05T14:17:36Z "added the function `add_menu_separator( $position )`. Usage: {{{ add_action('admin_menu', 'separator'); function separator() { add_menu_separator(61); } }}} Adds a separator after 'Appearance'. - Just an example. " cfoellmann 5 30530 Enhance privacy by hiding posts of other users reporter-feedback Query normal normal enhancement new 2014-11-27T16:32:54Z 2019-06-04T20:48:05Z "I haven't found an entry in Trac for this, but I know that this is discussed in blogs/stackexchage/... many times: A feature to hide posts of other authors in the admin interface. The proposed solutions mostly include a pre_get_posts or request filter. However, most comments critizise that the post counter is still wrong. Thus, another filter for wp_count_posts is needed, duplicating much of the code of wp-includes/post.php's wp_count_posts(). Moreover, the select query in the original wp_count_posts() is executed anyway, but the result is thrown away. Finally, to make caching work, a third filter for transition_post_status to clear the post counter cache is needed. An all this just to hide the posts of other users... There should be an easy option to achieve this provided by the Core. There could be a 'list_others_*' capability that is honoured by query.php's get_posts() and post.php's wp_count_posts(). One could argue that published posts could be seen anyway, so the capability could also be named 'list_others_protected_*' and hides/shows the posts with a post_status marked as protected (get_posts() includes all posts with these status if we are in the admin). That would be a great feature often requested by users and greatly enhancing the CMS capabilities!" minderdl 2 30531 Make wptexturize the last filter before output azaozz Formatting normal normal enhancement assigned 2014-11-27T20:30:22Z 2019-06-04T19:46:52Z "This will allow it to be simplified/refactored and run faster. Advantages: - Not looking at shortcodes as it will run after do_shortcode(). That will make it less complex and faster. This also avoids all edge cases with shortcodes. - Better detection/handling of quotes around `<p>` tags as it will run after wpautop(). Also, preg_split() will split the text in more chunks which will be easier to process. Disadvantage: the `no_texturize_shortcodes` filter will stop working. " azaozz 3 30556 Modern widgets default wrapper joedolson* Widgets 2.2 normal normal Future Release enhancement accepted 2014-11-30T19:14:31Z 2021-03-26T15:55:57Z "Since 2.2.0, widgets are wrapped in `<li></li>` by default. In my opinion, they should be wrapped in `<div></div>` even if, during the sidebar registration, theme developers should declare how to wrap the widgets in the sidebar. Twentyten theme is the only default theme using this structure and it's declared in functions.php. The patch contains this change. " LeoPeo 47 30559 Plugins and themes translations aren't downloaded when language is changed Upgrade/Install normal normal Future Release enhancement new 2014-11-30T21:48:12Z 2019-05-06T14:19:13Z "When you change language in Settings > General, translations of core for that language are downloaded, but plugins and themes translations aren't. You need to either manually upgrade translations, do any upgrade, or wait until `wp_maybe_auto_update` event fires, which can take couple of hours. I tried to follow same approach as in [30554] and to hook function `wp_maybe_auto_update` after language is changed and cache is cleared, which should update caches and download translations, but it seems that API doesn't give translations links. Since right now I can't investigate it in more details, I want to propose fixing this issue with something simple on WP side as in attached patch." dimadin 6 30575 Twenty Fourteen: Submenu items on dropdown menus nearly impossible to select on some Android mobile tablets has-patch Bundled Theme 4.0.1 normal normal Awaiting Review defect (bug) assigned 2014-12-02T16:01:22Z 2024-03-07T05:01:38Z "On larger Android tablets, it's next to impossible select a submenu item from the dropdown menu, since it appears too quickly to be tapped. Replicated on [http://wp-themes.com/twentyfourteen/ Twenty Fourteen demo] site using: - Samsung Galaxy note 10.1 2014 edition, running Android 4.4.2, using the ""Browser"" app and Chrome. Tester noted that ""When I use my stylus, I am able to hover over the menus so I can choose the correct one."" - Nexus 7 in landscape mode, Android 4.4.2, Chrome Screencast: https://cloudup.com/imicb2EvVyc This does '''not''' seem to affect the mobile menu, which kicks in at smaller screen sizes, such as the Nexus 7 in portrait mode. It only affects screen sizes at which the regular dropdown menu is displayed. Reported in [http://en.forums.wordpress.com/topic/not-functional-drop-down-menus-on-20-14-theme-and-android-platform this forum thread] " zoonini 12 30581 http/https pages have different canonical URLs joostdevalk Canonical 2.9 normal normal Future Release defect (bug) assigned 2014-12-02T22:40:18Z 2019-04-03T12:48:19Z "If you have SSL turned on, but don't force redirect, http and https pages will have different URLs. Ideally, I think the canonical URL should always use http unless `FORCE_SSL` is turned on. Even a filter for `rel_canonical` would be better than what we have now. Unhooking and creating your own version of `rel_canonical()` works, but if multiple plugins do this, you end up with multiple canonical URLs set on every page. Related: #18660, #14458" betzster 10 30587 SVG and PNG Images in UI Should Be Optimized has-patch Build/Test Tools normal normal Future Release enhancement new 2014-12-03T16:19:36Z 2020-11-11T14:20:20Z "While nothing Earth-shattering, perhaps it would be wise to establish a best practice of optimizing images used in the UI of WordPress before committing them? Using ImageOptim (a GUI wrapper for [http://pmt.sourceforge.net/pngcrush/ pngcrush]) and [https://github.com/svg/svgo svgo] I was able to save an average of 8.7% per PNG and an average 15.25% for SVG files. A 11% decrease in SVG file sizes isn't that bad. Maybe more important for higher-traffic sites, but all users would benefit. See Also *https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/image-optimization *http://scribdtech.wordpress.com/2011/09/07/shrink-your-ios-app-by-turning-png-compression-up-to-11/" ckoerner 10 30597 wp_filter_post_kses mangles URLs with colons in them needs-unit-tests Formatting 4.0 normal normal defect (bug) new 2014-12-04T18:34:40Z 2019-06-04T19:46:57Z "Try to save this entirely valid post content: {{{ <a href=""/this/is/a/valid:link"">watch what happens</a> }}} The KSES logic is overly aggressive and strips the URL. It's getting confused by the colon. Might be related to #24663" rkaiser0324 5 30613 Check the return value of wp_json_encode() has-patch General 4.1 normal normal defect (bug) new 2014-12-06T10:08:13Z 2019-06-04T19:47:01Z "It's possible for `wp_json_encode()` to return `false`, same as `json_encode()`. Everywhere in core, this will cause either invalid JS to be produced, or invalid JSON to be returned to an ajax call. We need to sanity check the return value, and switch `false` for an appropriate response. This ticket is branched from discussion in #28786." pento 9 30631 posts_per_page causing infinite duplicate content Canonical 4.0.1 normal normal defect (bug) new 2014-12-08T20:05:26Z 2019-06-04T19:27:15Z "While using the posts_per_page in the pre_get_posts, if you set it to -1. It will output all the posts. The issue is that if you use this with the main query on a taxonomy archive page, then it will create unlimited number of subpages with all the same content as the main page : taxonomy-1/ taxonomy-1/page/2/ taxonomy-1/page/3/ ... taxonomy-1/page/500/ etc... It is probably not really the expected behavior... " firebird75 2 30644 """wpautop"" Enhancements" dev-feedback Formatting normal normal enhancement new 2014-12-09T18:35:14Z 2020-08-11T00:30:02Z "Since there are several problems (e.g. invalid markup) with the current ""wpautop"" function I tried to come up with a new approach. The text gets parsed and a little analyzed in order to generate valid and comprehensible markup. The script is not really compatible with the current implementation since whitespaces and line breaks are added differently. Performance is slightly worse, depending on the input (normal text vs. heavy html) of course. Comments in the code are still missing. I think Shortcodes should also be considered in this markup generation process so the additional use of ""shortcode_unautop"" could be avoided. Please let me know what you think and test it if you like. == Sample === Input {{{ paragraph <!-- comment --> <hr> paragraph <strong>test</strong> <i>italic</i> normal <!-- div --> <div class=""whatever""> <blockquote> paragraph </blockquote> paragraph </div> paragraph <ul> <li>line</li> <li> paragraph <!-- paragraph --> paragraph </li> </ul> paragraph <pre> Honor this whitespace </pre> paragraph <style><!-- Do not alter! --></style> paragraph <p>paragraph</p> <div>text</div> }}} === Output {{{ <p> paragraph <!-- comment --> </p> <hr> <p> paragraph <strong>test</strong> </p> <p> <i>italic</i><br> normal </p> <!-- div --> <div class=""whatever""> <blockquote> <p> paragraph </p> </blockquote> <p> paragraph </p> </div> <p> paragraph </p> <ul> <li> line </li> <li> <p> paragraph <!-- paragraph --> </p> <p> paragraph </p> </li> </ul> <p> paragraph </p> <pre> Honor this whitespace </pre> <p> paragraph </p> <style><!-- Do not alter! --></style> <p> paragraph </p> <p>paragraph</p> <div> text </div> }}}" stefanrz 5 30679 "Clicking ""Restore this Revision"" publishes immediately" Revisions normal normal defect (bug) new 2014-12-11T20:58:35Z 2019-06-04T21:13:03Z "This is the same as #27244, but for non-autosaved posts. The ""Restore This Revision"" button on the revisions screen immediately replaces the post with the autosave without making it clear that that is the case. Desired behaviour: Clicking Restore This Revision puts this revision into the editor, saving it as draft. Example: 1. Create a post with three revisions, and publish it Revision A Revision B Revision C <-- live and published 2. On the post edit screen, click on revision B. 3. On the revisions screen, click Restore This Revision. Revision A Revision B Revision C <-- live and published Revision B' <-- in the editor, saved as a draft " paulschreiber 7 30686 Twenty Fourteen/Thirteen/Twelve Navbar submenu behaviour Bundled Theme 4.0.1 normal normal Awaiting Review defect (bug) assigned 2014-12-12T08:11:58Z 2024-03-07T05:22:09Z "As you all may know, both 2014/13/12 themes require you to hover over a menu item in order to access the submenu item. This isn't a problem for desktops but for touchscreen devices this may pose a problem. I notice this problem has largely been addressed at least for the 2013 and 2012 themes for Android, iOS and Windows Phone devices (see https://core.trac.wordpress.org/ticket/24767#comment:35). However, on my Windows 8 tablet, it still registers the first tap as a click on both Internet Explorer 11 and Mozilla Firefox (Google Chrome works fine). I believe both browsers somehow do not declare whether the device is a touchscreen. In addition, for the 2014 theme, the (partial) fix isn't even implemented (I don't know how it got implemented for both 2013 and 2012 themes but was overlooked for 2014), therefore you will still find it hard to click on sub-menus if you're using an Android device. As for the 2013 and 2012 themes, I know that the Windows 8 tablet userbase is comparatively small, but I believe it will grow over the years. I'm not sure how this can be fixed in the mean time (since the hover/click behaviour seems to rely on a touchscreen detection), but I would like to suggest the following: - In the Twenty Fifteen theme, this issue seems to be fixed once and for all, as the dropbox arrow next to the menu item is a separate link. Clicking on the arrow itself will maximise/minimise the sub-menu, instead of linking you to the menu item itself. - However, the Twenty Fifteen theme's menu is only available at the side, instead of the top. - Thus, if the improvements made in the Twenty Fifteen theme could be backported to Fourteen, Thirteen and Twelve. It would be great! P.S. I'm not sure what to classify this ticket under, but I guess I will leave it as a 'bug' since the hover and click issues have not been completely addressed, especially on the Twenty Fourteen theme. The same behaviour occurs on WordPress 4.0.1 and 4.1 RC." trenzterra 7 30687 Ajax media attachment save has no error handling Media 4.0.1 normal normal enhancement new 2014-12-12T10:23:24Z 2019-06-04T20:10:06Z "When using the ajax media system on adding media in posts. It is not possible to show errors to the users. In the file ajax-actions.php (located wp-admin/includes/) in the function wp_ajax_save_attachment_compat() the feedback of errors is trown away. If this code is further developed with visual feedback, the user understand why data is not saved or imported. Code: (wp 4.0.1 line 2294) {{{ if ( isset( $post['errors'] ) ) { $errors = $post['errors']; // @todo return me and display me! unset( $post['errors'] ); } }}} " Krielkip 2 30691 Removing a featured image does not remove the 'post_parent' value - reproducible dev-feedback Media normal major Awaiting Review defect (bug) reopened 2014-12-12T12:38:49Z 2021-04-28T16:18:49Z "Removing a featured image does not remove the 'post_parent' value in the wp_posts row associated with the attachment. This causes invalid results when using functions like get_children() and get_posts(). 1) install a fresh copy of WordPress 4.0.1 2) edit the first post and add a featured image 3) use phpMyAdmin and look at the wp_posts table. You will see an entry for the attachment and the 'post_parent' column will be set to the ID of the first post 4) Edit the first post and remove the featured image 5) again use phpMyAdmin and look at the wp_posts table. You will see the entry for the attachment and the 'post_parent' column WILL STILL BE SET to the ID of the first post. to see a example of an error with get_children() do the following after doing the above. 1) activate twenty-thirteen and view the site 2) edit twenty-thirteen's 'content.php'. Line 15-19 should be {{{ <?php if ( has_post_thumbnail() && ! post_password_required() && ! is_attachment() ) : ?> <div class=""entry-thumbnail""> <?php the_post_thumbnail(); ?> </div> <?php endif; ?> }}} add the following right after it. {{{ <?php $args = array( 'post_type' => 'attachment', 'numberposts' => -1, 'post_status' => null, 'post_parent' => $post->ID ); $attachments = get_posts($args); if (! empty($attachments)) { echo 'attachment ID ='.$attachments[0]->ID.'<br>'; echo 'attachment post_parent ='.$attachments[0]->post_parent.'<br>'; echo '$post->ID ='.$post->ID.'<br>'; echo '<img src=""' . $attachments[0]->guid . '""/>'; var_dump($attachments); } ?> }}} 3) view the site and you will see the featured image. 4) use phpMyAdmin edit the entry for the attachment and set the 'post_parent' column to '0'. 5) view the site and you will NOT see the featured image. " juggledad 14 30705 Add parameter to get_the_term_list() to allow templating needs-unit-tests Taxonomy 2.5 normal normal enhancement new 2014-12-13T21:32:57Z 2019-06-04T21:13:09Z "Similar to #27238 the parameter $term_template is suggested to allow for user created formatting for get_the_term_list(), as opposed to the previous standard of simply linking to each list in the term. The reasoning for the change is that general linking is not always the desired action for displaying term lists. The method for inclusion is similar to [30209]." davidjlaietta 1 30720 In editor, add a button to refresh/invalidate (oEmbed) embeds cache Embeds 4.0 normal normal Future Release enhancement new 2014-12-15T15:53:31Z 2017-10-20T13:29:18Z "The inline embeds previews in WP4.0 are great, however have one major flaw: One user enters the URL, and preview is generated via oEmbed, the embed code is cached for a day for that URL. There is no way for the author to invalidate it. It generally works well, but not when user wants to experiment with different oEmbed-related plugins or settings. To keep great function, yet make it more straightforward for the user to control the flow, I'd suggest the following. '''Shall we add a button ""reload"" to the inline previews of the embeds? And/or ""reload"" button in the Edit Embed dialog?''' I trust it is a great answer to the problem and fits the user experience well. We are the authors of [https://wordpress.org/plugins/iframely Iframely] plugin. The supports issues we get since WP4.0 mostly relate to oEmbed cache. But such approach will also answer the needs of other devs and users, for example #30282." ivanp 14 30729 Rework Theme Install and Preview Flow in wp-admin Themes 3.8 normal normal Future Release enhancement assigned 2014-12-16T14:37:48Z 2020-12-23T19:47:34Z "Consider making the ""Preview"" the primary button instead of ""Install"" in theme-install.php. See #26899." iseulde 14 30759 If Featured Image is selected, but not saved, editing the image will drop the selection after a save Media 4.0.1 normal normal defect (bug) new 2014-12-18T07:56:17Z 2019-06-04T20:10:14Z "To reproduce: Create a new post. Click on an image to select it. Click on Edit Image link, edit image, and save. Image selection menu has changed dimensions, and the selection state has returned to its prior state. If a featured image has already been assigned to the article, selecting another image, and editing it will return the user to an image selection screen with the prior featured image selected." DavidTheMachine 4 30775 Delete empty post problem wonderboymusic dev-feedback Posts, Post Types 3.3 normal normal defect (bug) reopened 2014-12-19T02:20:16Z 2021-11-27T03:26:30Z "If empty post was created it cannot be deleted Details are here http://arul.ru/pages/writings/delete_post_problem.htm" axdr 12 30784 Subsites won't show 404 with default permalink structure Permalinks normal normal Future Release defect (bug) new 2014-12-19T17:10:49Z 2020-07-02T14:20:26Z "On my Multisite (subfolder) installation, I have every site set to use the default (ugly) permalinks. If I go to a subsite and add extra invalid characters after the site name, it displays the site, not a 404 error page. Example: If I type in domain.tld/sitename/EXTRACHARS it displays the content from domain.tld/sitename, yet keeps the /EXTRACHARS in all the links. I spoke with Andrea Rennick and she said that this happens because WordPress ignores anything after the sitename because pretty permalinks are not enabled. This all came up because our Google appliances were crawling millions of invalid URLs because .tld/sitename/EXTRACHARS returns a 200, instead of a 404. Would it be possible to make it so that an invalid URL would return a 404 instead of ignoring characters beyond the sitename when permalinks are set to default?" danhgilmore 4 30795 Upgrade bug affecting indexing Database 2.1 normal normal Awaiting Review defect (bug) reopened 2014-12-20T16:29:49Z 2019-03-22T13:46:01Z "Every time WordPress is updated I was getting an entry in my error_log as follows: WordPress database error Duplicate key name 'type_status_date' for query ALTER TABLE wp_posts ADD KEY type_status_date (post_type,post_status,post_date,ID) made by wp_upgrade, make_db_current_silent, dbDelta After some heavy back tracking through the code, this is coming from a mismatch between the reported indexing of my database and what WordPress is expecting. in particular to the 'post_status' part. It seems WordPress expects the 'SubPart to be NULL, only in my main site is was '1'. So, my index was reporting as: KEY type_status_date (post_type,post_status(1),post_date,ID) Rather than: KEY type_status_date (post_type,post_status,post_date,ID) This means the upgrade code is called on every update and fails on every update also. I've managed to force through a fixed on my own site by dropping the index and recreating it using SQL in PHPMyAdmin. Googling for the above error message it would seem I'm not the only one affected." MattyRob 6 30797 New function for parent theme stylesheet uri obenland Themes 4.4 normal normal enhancement assigned 2014-12-20T18:36:39Z 2019-06-04T21:13:20Z "= Request I would like to propose a new function to fetch the parent theme. I have attached a patch. {{{ /** * Retrieve URI of current parent theme stylesheet. * * The stylesheet file name is 'style.css' which is appended to {@link * get_template_directory_uri() stylesheet directory URI} path. * * @since 4.2.0 * * @return string */ function get_parent_stylesheet_uri() { $template_dir_uri = get_template_directory_uri(); $parent_stylesheet_uri = $stylesheet_dir_uri . '/style.css'; /** * Filter the URI of the current parent theme stylesheet. * * @since 4.2.0 * * @param string $parent_stylesheet_uri Stylesheet URI for the current parent theme. * @param string $template_dir_uri Stylesheet directory URI for the current parent theme. */ return apply_filters( 'parent_stylesheet_uri', $parent_stylesheet_uri, $template_dir_uri ); } }}} = Background The reason for adding this was there was a discussion how child themes should load the parent styles.css. Using @import is not best solution. The solution would be for the parent themes to load the styles for the child theme. I created a [https://github.com/Automattic/_s/pull/638 PR] to do it in _s. The code looked like this but I realized this was not the best method. The problem with this method is that it is not possible to load a stylesheet between the parent theme and child theme as the order changes when you activate a child theme. My temporary solution for a theme would be add the function `_s_get_parent_stylesheet_uri()` to the theme like this: https://github.com/grappler/_s/commit/3fd84b4179f727bb24a32bfd23fcef9be79033f4 By adding `get_parent_stylesheet_uri()` to WordPress core all themes could use this function and the code in the theme would look like this. {{{ function _s_scripts() { wp_enqueue_style( '_s-style', get_parent_stylesheet_uri() ); if ( is_child_theme() ) { wp_enqueue_style( '_s-child-style', get_stylesheet_uri() ); } } add_action( 'wp_enqueue_scripts', '_s_scripts' ); }}} = Theme Review Requirements On thing to take into account is that the TRT requires that themes use the function `get_stylesheet_uri()`. The requirement needs to be changed when this function gets added." grapplerulrich 18 30798 Ideas for improvements to to wp_die() usages dev-feedback General normal normal enhancement new 2014-12-20T19:34:16Z 2019-06-04T19:47:06Z "When a visitor to or a user of a WordPress powered site encounters a `wp_die()` message (traditionally handled by the `_default_wp_die_handler()` function) it is (likely intentionally) a very jarring experience. Having `wp_die()` produce human readable results is the least amount of assistance we could possibly provide when a not-completely-unanticipated event occurs, and I think in many instances we can provide a more positive experience. Of our current 230 approximate usages, 33 appear to be `Cheatin’; uh?`'s which, while cute and full of personality, aren't particularly helpful to the innocent user who encounters them, nor are they stern enough to deflect any guilty parties from continuing to seek out unauthorized access. The remaining 200 approximate usages typically drop an authorized user into a limbo state where their only option is going back in their browser history and hope their drafted content isn't bungled or lost. Maybe tucking some of these requests behind ajax actions would reduce that redirection? Or maybe enabling themes to have a template hierarchy for handling various error messages would be more user friendly? I don't have a real improvement plan, and don't feel wholly qualified to solve this issue for the entire WordPress community, rather I'm hoping this ticket can foster some discussion about improving this trusted, though somewhat antiquated, piece of WordPress core." johnjamesjacoby 5 30854 `wp_insert_post` doesn't save revision for new published post adamsilverstein Revisions normal normal Future Release defect (bug) assigned 2014-12-28T16:41:25Z 2022-04-19T05:55:17Z "Calling `wp_insert_post` with `post_status` of `publish` or any other status on a new post doesn't save a new revision. The reason for this is the `$update` check at the beginning: https://core.trac.wordpress.org/browser/tags/4.1/src/wp-includes/post.php#L3085 checks whether or not the args include an ID, indicating that we're updating a post. Further down, that update check is what calls `post_updated` https://core.trac.wordpress.org/browser/tags/4.1/src/wp-includes/post.php#L3473 which `wp_save_post_revision` is hooked to. Therefore, if we call `wp_insert_post` in a plugin to insert a post with a`post_status` of `publish`, WordPress doesn't save a post revision. Post revisions are supposed to be up-to-date with the latest post data, but we don't get a revision if we insert a post in this manner. I think the reason we ended up with this is to avoid saving a revision of the auto-draft that is created when opening up post-new.php, but that isn't necessary now, as `wp_save_post_revision` checks whether the `post_status` is an auto-draft. I think the easiest solution is to move the `wp_save_post_revision` to the `save_post` hook, but I'm not sure if there are other places in the codebase this would cause issues." JamesDiGioia 47 30855 wp_get_update_data() calls are not pluggable Administration 4.1 normal normal defect (bug) new 2014-12-28T21:06:10Z 2019-06-04T19:27:21Z "Up to 4.1 I was able to disable core, themes and plugin updates and related HTTP traffic. https://github.com/szepeviktor/wordpress-plugin-construction/blob/7b64d0ca4981b163b2f08adbe14a5b5238800bd8/mu-disable-updates/disable-updates.php In 4.1 new wp_get_update_data() calls are much like hardcoded than pluggable, I wasn't able to disable them all. Especially not the ones in wp-admin/menu.php https://github.com/WordPress/WordPress/blob/master/wp-admin/menu.php#L33-L34 https://github.com/WordPress/WordPress/blob/master/wp-admin/menu.php#L183-L187 Could you make wp_get_update_data() calls pluggable? Or give me an advise to disable them? My current workaround is to fiddle with the transients: https://github.com/szepeviktor/wordpress-plugin-construction/blob/master/mu-disable-updates/disable-updates.php#L98 Thank you! " szepe.viktor 3 30870 Add an $actions array and a filter in inline_edit() function reporter-feedback Quick/Bulk Edit 3.1 normal normal enhancement new 2014-12-31T08:07:42Z 2019-06-04T21:13:29Z "There is no current possibility for the developper not to display part of the form generated by the inline_edit() function. It would be great enhancement to store the filedset in an array, then apply a ""post_inline_edit_fields"" with as parameter the fieldset array and the post, and then echo the fieldset. For the moment, you can add a metabox but not remove any part of the form. Thank you." olivierstern 1 30876 Paste an image into the Media Library Media normal normal Future Release enhancement new 2015-01-01T00:12:16Z 2018-03-30T22:44:19Z Github has some nice UX where you can paste an image into a comment. It would be nice if the Media Library supported something similar. danielbachhuber 4 30887 Imported media relies on GUID for download Import normal normal defect (bug) new 2015-01-02T21:44:05Z 2019-06-04T20:10:23Z "When importing media with the importer plugin, the GUID is used as the URL for downloading the files. If there is more than two levels of sites you're importing between this creates an issue with flow. In example, say you have three sites: http://siteone.com (Original WP install) http://sitetwo.com http://sitethree.com Exporting from http://siteone.com and importing on http://sitetwo.com the files will be downloaded from http://siteone.com. However, if you export from http://sitetwo.com and import into http://sitethree.com, without changing the GUID, the files will be downloaded from http://siteone.com In most cases http://siteone.com would be nonexistent or unreachable at this point, thus the media items cannot be imported. Note that wp_get_attachment_url had this same defect ([ticket:7622])" pathartl 2 30905 Theme Preview - Not working preview when front page setting stevenkword Canonical 4.1 normal normal defect (bug) assigned 2015-01-05T09:24:15Z 2019-06-04T19:27:22Z "I'm sorry if there are already ticket for same problem. Preview is not working well (not live preview/customizer). Is this a bug? or specification? Steps to reproduce: 1. Settings to '''Front page'''(anyting page) and select the '''A static page''' of Front page displays of Reading of Settings. 2. Access the Themes screen of Appearance with Editor(Editor already have capability to switch_themes). 3. Click to the '''preview button''' of per not activated themes. Tested in: Google Chrome 39.0.2171.95 m And I think this happen is affect to following. {{{ wp-includes/canonical.php line 48 - 54 }}} Theme preview is not have post ID. But that it become to have post ID after the Front page settings. And I have tentatively avoiding the problem in this way. {{{ function test_redirect_canonical( $redirect_url , $requested_url ) { if( get_query_var( 'preview' ) && !empty( $_GET['template'] ) && !empty( $_GET['stylesheet'] ) && !empty( $_GET['preview_iframe'] ) ) { if( current_user_can( 'switch_themes' ) ) { $redirect_url = false; } } return $redirect_url; } add_filter( 'redirect_canonical' , 'test_redirect_canonical' , 10 , 2 ); }}}" gqevu6bsiz 2 30907 Rewrite Rules collision Rewrite Rules 4.1 normal normal enhancement new 2015-01-05T11:46:40Z 2019-06-04T21:13:30Z "Step to reproduce: 1. Choose `/%post_id%/` permalink structure 2. Set category prefix `date` 3. Create a category with the title `2015` 4. Write a post under this category Now Archive Widget and Category Widget points to the same place - archive category template. I think ""date"" should be protected from repeat use in the prefix of categories or tags." TempAcc 30909 Allow passing ID for comment_form container and title dev-feedback Comments normal normal defect (bug) new 2015-01-05T13:01:56Z 2019-06-04T19:27:27Z "Right now, there's a `div` hardcoded with `#respond` and a `h3` hardcoded with `reply-title`. These make it hard for the comment form to be used on archive pages, as they assume the comment form is only ever output on single pages. (There are other IDs output in the form, however these are controllable through `id_form` and `id_submit`)" rmccue 8 30911 Overhaul post_status logic in WP_Query needs-unit-tests Query normal normal defect (bug) new 2015-01-05T15:24:11Z 2019-06-04T20:48:22Z "`WP_Query` filters based on post_status in two different places: 1. When building the main SQL query (`SELECT ID FROM $wpdb->posts`...). https://core.trac.wordpress.org/browser/tags/4.1/src/wp-includes/query.php#L2946 This block is responsible for parsing the 'post_status' query var, and rectifying these passed post_statuses with the 'perm' param, the logged-in user's permissions, and whether `is_admin()`. (The ability to query by 'post_status' dates from [5575].) 2. On `single` queries (`is_page()`, `is_single()`), additional filtering happens *after* the query. https://core.trac.wordpress.org/browser/tags/4.1/src/wp-includes/query.php#L3511 The intended purpose of this block is to ensure that Preview works (since posts being previewed generally are not published). The current incarnation of the preview logic (ie, living in `WP_Query`) was introduced in [2523]. These two 'post_status' blocks have two different purposes and two different histories, but they interact in a number of problematic ways. Just a few of the problems: a. Querying posts with 'fields=ids' means that the post ids are returned before the second filter block gets a chance to run. As a result, certain `WP_Query` objects (eg 'p=123&post_status=trash') can return different post IDs depending on whether you request 'fields=ids'. b. Values passed to the post_status parameter of `WP_Query` are sometimes overridden forcibly, based on logged-in user status. In an ideal world, `WP_Query` would not make any essential reference to the logged-in user. Realistically, we can't change some of this behavior for reasons having to do with backward compatibility. But there are places where the current user logic could be reworked so that it provides defaults, which can then be overridden by the params passed to `WP_Query`. Some relevant tickets: #28568, #29167 c. Filtering out non-previewable posts after the main query has taken place means doing more SQL queries than necessary in cases where post_status=draft and `is_single()`. d. Filtering out non-previewable posts after the main query has taken place can result in certain sorts of data leakage. See eg #30910. e. Having two separate blocks that filter results based on post_status makes unnecessarily complicated to fix post_status bugs. See eg #30530, #22001, #23309. My initial thought is that the second block should be removed. Preview logic should either be merged with the first block of post_status parsing logic that runs when building the main post query, or it should be moved into a separate query_var, which would then be passed when making a Preview request. In general, the challenge here is to ensure that the default post_status whitelist is properly sensitive to the permissions of the logged-in user - which sometimes means building clauses like `(post_status = 'publish' OR ( post_status = 'private' AND post_author = 123 ))`. I've started to write some unit tests that describe the (weird and complicated) existing behavior. See #29167 [31047]." boonebgorges 2 30915 Automatic translation update does not trigger notification email Upgrade/Install 4.1 normal normal defect (bug) new 2015-01-05T16:42:41Z 2019-06-04T21:13:34Z "Apparently, my translation files were updated over night (overwriting all my custom translations) and I didn't even get a notification email. I made sure that mail() and wp_mail() works and then found that in '''class-wo-upgrader.php:2803''' the email is only triggered for 'core' type updates, not 'translation' types or any other. A translation update can easily render a site useless, and a notification should be sent for EVERY SINGLE CHANGE that Wordpress decides to do to itself anyway. Also, the dashboard says that only ""security updates"" are installed automatically, and I would have never allowed translations to update automatically. Sure, digging deep in the online documentation later, I found the part about translations, but this '''should be mentioned in dashboard''' much clearer, including options to disable. In the end, I think '''automatic translation updates should be off by default'''. Automatically updating something always bears the risk of breaking the site (even if only semantically). The only time I'd rather risk breaking the side is when otherwise I would risk leaving a critical exploit open, not for some dumb fixed typos. In fact, those are not 'critical' but 'trivial', putting them right on the other end of the criticality scale." ddaum 4 30917 "Add ""Save and Close"" button to page/post edit screen" Posts, Post Types normal normal enhancement new 2015-01-05T19:36:30Z 2019-06-04T20:48:23Z It would be useful to have an additional button in the Publish box of the page/post the edit screen to save the post and then return to the main page/post edit/listing screen. Currently, the Save button reloads the page/post and you then have to click on the menu link to view the page/post main edit/listing screen. Vitzkrieg 1 30922 "Link Manager: Doesn't support relative URLs for ""Image Address""" General 4.1 normal normal defect (bug) new 2015-01-06T00:24:56Z 2019-06-04T19:47:21Z "For links, the ""Edit Link"" page allows be to put in any of * {{{http://blog.hartwork.org/__images/gentoo3-150x30.png}}} * {{{https://blog.hartwork.org/__images/gentoo3-150x30.png}}} * {{{/__images/gentoo3-150x30.png}}} for a working image URL but * it mis-corrects {{{__images/gentoo3-150x30.png}}} to {{{http://__images/gentoo3-150x30.png}}} and * setting it to {{{//blog.hartwork.org/__images/gentoo3-150x30.png}}} remains untouched but results in broken final URL {{{http://blog.hartwork.org//blog.hartwork.org/__images/gentoo3-150x30.png}}} on the blog itself (which is unexpected). Without patching code, what are my options? This behaviour is actually not new in 4.1 btw." hartwork 3 30934 Create a new API to standardize application logging General normal normal Awaiting Review enhancement assigned 2015-01-07T03:30:42Z 2022-08-04T19:35:29Z "There are moments in WordPress' execution that it would be helpful to have application debug logging. One that has bitten me hard is [https://github.com/WordPress/WordPress/blob/4.1/wp-includes/ms-settings.php#L162 multisite redirects when the current blog can't be initialized properly]. It would be great to be able to look at a log somewhere that tells me `[error] No site found for ericandrewlewis.com /srv/www/wordpress/wp-includes/ms-settings.php:162`. This is just one instance, but opens up a discussion of a consistent API that we can use, both internal to core and in plugins / themes for application logs. #28319 was a similar request (Add hook to WP_Error for logging and report purposes), but missed the point that WP_Error is a standardized error return value from a function, and not necessarily an application error. However, from that ticket [https://core.trac.wordpress.org/ticket/28319#comment:30 dd32 proposed] creating a PSR-3 inspired API for logging errors. Let's consider this." ericlewis 12 30942 In quicktags settings, setting buttons to zero-length string doesn't give empty toolbar. has-patch Editor 4.1 normal normal Awaiting Review defect (bug) new 2015-01-07T16:48:15Z 2020-11-24T06:10:52Z "This issue was raised on WordPress stackexchange http://wordpress.stackexchange.com/a/174086/57034. If you set the buttons of the quicktags settings to a zero-length string, eg by using the `'quicktags_settings'` filter {{{ add_filter( 'quicktags_settings', function ( $qtInit ) { $qtInit['buttons'] = ''; return $qtInit; } ); }}} which typically results in the following setting in `tinyMCEPreInit` {{{ qtInit: {'content': id:""content"",buttons:""""},'replycontent': id:""replycontent"",buttons:""""}} }}} then quicktags just ignores it and uses the default buttons, due to this falsey test on line 263 of ""wp-includes/js/quicktags.js"" {{{ if ( settings.buttons ) { use = ','+settings.buttons+','; } }}} This can be worked around by using any non-falsey value in setting `$qtInit['buttons']` but that's somewhat non-intuitive. The proposed simple patch tests for string type so you can use `''` (and also tests for boolean `false` which is nice to have as well). {{{ if ( typeof settings.buttons === 'string' ) { use = ','+settings.buttons+','; } else if ( settings.buttons === false ) { use = ' '; // Any old truthy string. } }}} " gitlost 5 30959 race condition in wp_insert_user() Users 4.1 normal normal defect (bug) new 2015-01-08T22:22:33Z 2023-02-03T07:39:43Z Possibility exists for a user record insert between check if a user name already exists and actual database insert. A unique index on wp_users.user_login would prevent this, and allow the code to operate without a separate database query to check for an existing user. hanelyp 6 30963 Wrong error message when uploading non-zip files on the plugin upload page Plugins normal normal Future Release defect (bug) new 2015-01-09T09:54:54Z 2020-07-02T18:23:00Z "If you go to plugins -> upload plugin and you try to insall a .php file instead of a zip file you get this error message: Abort class-pclzip.php : Missing zlib extensions. This error message is bad, zlib extensions are not missing, the file type is wrong. Also this message is missing translation support (I might be wrong on this)." jnhghy 3 30969 adding theme support for 'custom-header' or 'custom-background' results to duplicate admin menu items dev-feedback Customize 4.1 normal normal Awaiting Review defect (bug) reopened 2015-01-09T21:54:06Z 2021-05-22T19:51:04Z "Wordpress 4.1 shows double 'Header' and 'Background' menu items in admin navigation menu on front-end when using add_theme_support( 'custom-header', $args ); add_theme_support( 'custom-background', $args ); Here is a screenshot of Twentyfourteen theme. http://snag.gy/djDFm.jpg This issue also exists in other themes I tested using the above hooks. This issue is not seen in previous WordPress version using the Twentyfourteen theme. " edville101 5 30976 When selecting multiple plugins and performing deactivate, keep selected for next bulk action (if any) has-patch Plugins 4.2 normal minor Awaiting Review enhancement new 2015-01-11T05:16:01Z 2021-08-08T06:10:37Z aubreypwd 10 30978 Meta Fails for Nav Menu Import 4.1 normal normal enhancement new 2015-01-11T12:39:16Z 2021-05-12T17:00:37Z "Hi, Wordpress Importer Plugin exports all metas but does not import menu meta. Also some other users had the same issue ; https://wordpress.org/support/topic/failure-to-import-post-meta-for-nav-menu-item If that fix won't be included then a hook would be useful. We can ofcourse fix that ourselves and make a fix plugin, but for mega menus you can't say all of your users to use different fixed importer instead of default WordPress Importer. https://wordpress.org/plugins/wordpress-importer/" WPThemeTrends 2 30979 Check for context menu before closing commentReply SergeyBiryukov* has-patch Comments normal normal Future Release enhancement accepted 2015-01-11T14:40:41Z 2021-08-27T13:34:20Z "Login to WP-Admin, go to the comments section and ""Quick edit"" or ""Reply"" to a comment. Bring up the context menu either with a right-click or the menu key, press ESC and the context menu and the comment box will close. [[Image(https://i.imgur.com/xnhrZDr.png)]] I understand that this is the expected behaviour but this can be frustrating at times. If you bring up the context menu while typing a long reply but decide not to autocorrect and press ESC to close the context menu everything you've typed so far is gone :( The ""Compose email"" section of both Gmail and Outlook.com close themselves when ESC is pressed but don't if the context menu is open. So I thought WordPress should also have the same behaviour. The patch checks for a right click or menu key press before doing `commentReply.revert()`." jesin 6 30982 Meta query in pre_get_posts Query 4.1 normal normal feature request new 2015-01-11T20:36:44Z 2019-06-04T20:48:32Z "I don't know if it is already in place, but I want to add in the hook ""pre_get_posts"" custom field. In the page ""search.php"", I want to search ""example"" in post_title, content and custom field in all pages, posts and post-type. But this is the code I put in the hook : {{{ function recherche_avancee( $query ) { if ( !is_admin() && $query->is_search ) { $custom_fields = array( ""introduction"", ""ensavoirplus"" ); $meta_query = array('relation' => 'OR'); foreach($custom_fields as $cf) { array_push($meta_query, array( 'key' => $cf, 'value' => $_GET['s'], 'compare' => 'LIKE' )); } $query->set(""meta_query"", $meta_query); } } add_action( 'pre_get_posts', 'recherche_avancee'); }}} and this is the SQL code I get : {{{ 1. SELECT SQL_CALC_FOUND_ROWS wp_posts.ID 2. FROM wp_posts 3. INNER JOIN wp_postmeta 4. ON ( wp_posts.ID = wp_postmeta.post_id ) 5. WHERE 1=1 6. AND (((wp_posts.post_title LIKE '%exemple%') 7. OR (wp_posts.post_content LIKE '%exemple%'))) 8. AND wp_posts.post_type IN ('post', 'page', 'attachment') 9. AND (wp_posts.post_status = 'publish' 10. OR wp_posts.post_status = 'miseenavant' 11. OR wp_posts.post_author = 3) 13. AND ( ( wp_postmeta.meta_key = 'introduction' 14. AND CAST(wp_postmeta.meta_value AS CHAR) LIKE '%exemple%' ) 15. OR ( wp_postmeta.meta_key = 'en_savoir_plus_page' 16. AND CAST(wp_postmeta.meta_value AS CHAR) LIKE '%exemple%' ) ) 17. GROUP BY wp_posts.ID 18. ORDER BY wp_posts.menu_order ASC 19. LIMIT 0, 10 }}} I want to add the line 13, 14, 15, 16 on the top on the code after the search in the content and the title. And I don't want a '''AND''' before the line 13 but a '''OR'''. But here's the SQL I would need : {{{ 1. SELECT SQL_CALC_FOUND_ROWS wp_posts.ID 2. FROM wp_posts 3. INNER JOIN wp_postmeta 4. ON ( wp_posts.ID = wp_postmeta.post_id ) 5. WHERE 1=1 6. AND (((wp_posts.post_title LIKE '%exemple%') 7. OR (wp_posts.post_content LIKE '%exemple%') 8. OR ( wp_postmeta.meta_key = 'introduction' 9. AND CAST(wp_postmeta.meta_value AS CHAR) LIKE '%exemple%' ) 10. OR ( wp_postmeta.meta_key = 'en_savoir_plus_page' 11. AND CAST(wp_postmeta.meta_value AS CHAR) LIKE '%exemple%' )) 12. AND wp_posts.post_type IN ('post', 'page', 'attachment') 13. AND (wp_posts.post_status = 'publish' 14. OR wp_posts.post_status = 'miseenavant' 15. OR wp_posts.post_author = 3) 16. GROUP BY wp_posts.ID 17. ORDER BY wp_posts.menu_order ASC 18. LIMIT 0, 10 }}} Is it possible to do this now? If this is not the case, is it possible to consider it in the ""future""? Hope this is not already proposed ... Thank you for reading :-)" Spidlace 3 30994 Offset return for wp_get_archives has-patch Query 4.2 normal normal enhancement new 2015-01-12T18:58:28Z 2019-06-04T20:48:34Z "Adding offset to wp_get_archives is simple and can add a helpful feature. Just as the 'limit' paramater allows results to be set to the first 10, for example, the offset parameter could allow the results to be set to 10-20, or from 15 and up. I have some working code that I will submit as a patch. " jefflange 30995 Pass meta_id when retrieving multiple metas needs-unit-tests Options, Meta APIs 2.9 normal normal enhancement new 2015-01-12T20:18:50Z 2019-06-04T20:48:39Z "Hello. In some (edge?) cases we would need a unique identifier when we retrieve metas. For example, `get_post_custom_values( '_yolo', $post->ID )` will return: {{{ Array ( [0] => foo [1] => bar ) }}} while the following, with the `meta_id` as array key, would be helpful imho: {{{ Array ( [1022] => foo [1029] => bar ) }}} The modification is trivial in `update_meta_cache()`, and some other functions would only need something like `metas[0]` => `reset( metas )`." GregLone 3 30996 As a theme developer / user, I want to have the `current-cat` / `current-cat-parent` classes on the built-in Categories widget based on the current post Widgets 4.1 normal normal enhancement new 2015-01-12T21:17:37Z 2019-06-05T06:40:28Z "In order to style the built-in Categories widget according to current post / page, as a theme developer / user, I want to have the `current-cat` / `current-cat-parent` classes on the built-in Categories widget based on the current post (i.e. on single post / page / custom post type). Implementing this feature / enhancement will involve modifying `wp-includes/category-template.php`, specifically `Walker_Category#start_el`. This is my first time submitting a ticket here, please correct me if I'm not following any guidelines. I did a search on existing tickets for such feature / enhancement but couldn't find any. Thank you." LongYC 1 31000 Multiple calls to settings_errors() result in duplicate display of notices Administration 3.9 normal normal defect (bug) new 2015-01-13T09:07:28Z 2019-06-04T19:27:33Z "`settings_errors()` is called by default on options pages and numerous plugins and themes whose pages aren't under the options submenu will also call it. Good, maybe even great, as so many have obviously adopted to using this. The issue arises when, for instance, a plugin uses a call to `settings_errors()` hooked into `admin_notices` to display their notices across all pages. In that case, their message will be displayed twice on any pages also calling `settings_errors()`. Now a plugin can check if they are on an options page and - knowing that the messages will be displayed there anyhow - forgo the call to `settings_errors( 'my-messages' )` there. But there is no way for a plugin to test if another theme/plugin outside of the options pages is also making the `settings_errors()` call. I would suggest unsetting any messages which are displayed from within the settings_errors() call to avoid duplicate messages ever being shown. " jrf 3 31005 wp_send_json(): Filtering of $response prior to passing it to wp_json_encode(). General 4.1 normal normal enhancement new 2015-01-13T22:35:08Z 2019-06-04T19:47:28Z "It would be nice if wp_send_json() allowed $response to be filtered prior to passing it to wp_json_encode() and echo'ing the resulting JSON. I'm working with a theme that uses wp_send_json() while responding to AJAX requests. I'd like to modify/customize the response content, however, without modifying the theme itself (which doesn't appear to have other hooks that could be used). wp_send_json() seems to be a convenient and reasonable place to perform such filtering, but doesn't already appear to support this as of 4.1." ap.0 4 31006 Use classes instead of setting and directly animating background colors in JS Administration normal minor enhancement new 2015-01-14T05:32:10Z 2019-06-04T19:27:37Z "Directly setting hex values in JS doesn't tell us much about what the color is being used for, whereas setting a class name is much more semantic. Also, jQuery UI can animate color changes when using addClass/removeClass/toggleClass/switchClass - no need to use .animate() directly and do things like getting background colors of surrounding elements. This is very tightly related to #25060 and blocks it. I am working on it." helen 4 31010 Frontend / Admin specifications for AJAX General 4.2 normal normal enhancement new 2015-01-14T14:25:34Z 2019-06-04T19:47:31Z "I recently ran into an issue, not sure where this belongs exactly. If you load posts in Twenty Fifteen via AJAX (by detecting pagination clicks) the images will be narrower, take a look: http://cl.ly/image/2M15133q2U1D This happens because when an image is shown, somewhere down the line the image_constrain_size_for_editor() function is called which is in media.php. If a context is not given it uses is_admin() to detect where the request is from. The problem is that admin-ajax.php is always considered to be in the admin, since it technically is. However, the AJAX request comes from the front-end and the response is used on the front end as well. Here is one method to get around this problem: {{{ $posts = new WP_Query( $query_vars ); add_filter( 'editor_max_image_size', 'my_image_size_override' ); if( ! $posts->have_posts() ) { get_template_part( 'content', 'none' ); } else { while ( $posts->have_posts() ) { $posts->the_post(); get_template_part( 'content', get_post_format() ); } } remove_filter( 'editor_max_image_size', 'my_image_size_override' ); }}} This could also be addressed by providing a parameter that is passed to admin-ajax. Just as action is used to transfer the action, another parameter could be added to indicate the origin. I'm not a huge AJAX expert and I'm not sure if this causes any security issues so I am refraining from adding any patches. Aside from the security issue I assume this would affect a lot of functions. " danielpataki 2 31018 Persistent database connections with mysqli needs-unit-tests Database 4.2 normal normal enhancement reopened 2015-01-14T22:37:39Z 2022-08-01T03:57:30Z "WordPress currently does not allow support for persistent database connections. This can be accomplished by prepending ""p:"" to the hostname with mysqli however with its current configuration WordPress will be confused by the "":"" and think the hostname is actually a port if specified in the wp-config.php file. This patch add support for a constant that allows persistent connections to be turned on or off. Why should this be added to core? Because persistent connections are useful :P. But really, we have seen requests for this in other tickets such as #27933. Additionally I am involved in a project where 10,000+ sites are requiring persistent db connection, not an insignificant number. Persistent db connections are also needed to ensure proper performance on IIS and Azure installations. In short a couple lines of code is all it takes to ensure WordPress continues to work well across other platforms and project requirements. Props to awoods and bradparbs for helping identify the issue and solution." blobaugh 15 31020 Introduce discrete capability for managing widgets johnbillion needs-unit-tests Widgets normal normal Future Release enhancement assigned 2015-01-15T07:11:15Z 2022-01-30T16:44:08Z "As with management of nav menus (#29213), managing widgets currently requires `edit_theme_options` capability, a capability associated with administrators which grants the power to make many wide sweeping changes. There should be a discrete capability `manage_widgets` just for managing widgets, one that is inherited for anyone who has `edit_theme_options` by default. This was done for Customizer access in #28605 with the introduction of a `customize` capability. Originally brought up in #14386. The same is proposed for menus in #29213." westonruter 12 31029 Allow 0 columns in gallery settings rhurling has-patch Media 4.1 normal normal defect (bug) assigned 2015-01-15T23:02:38Z 2022-10-26T19:47:56Z "Gallery columns ""0"" is a valid setting and correctly outputs a proper CSS class `class=""gallery galleryid-43 gallery-columns-0 gallery-size-thumbnail"">` Using that CSS class, as a theme author, I could easily build, for example, a grid layout with items displayed inline (or whatever layout other than ""columns""), overriding just a very few CSS rules. I could set `columns=""0""` manually, however, each time I'd edit the gallery settings through the media views UI, `columns=""0""` would be removed and it would fallback to the default 3 columns. [[Image(https://cldup.com/7zoOccOC1H.png)]] I would propose to add and allow a ""none"" columns setting, with value ""0"". P.S. just noticed: same if I want to add a value higher than ""9"". Setting an arbitrary limit to ""9"" is an assumption that, as developers, we shouldn't do. What if I want, say, 10 images per row?" afercia 19 31039 Move retrieve_password() from wp-login.php SergeyBiryukov dev-feedback Login and Registration normal normal Future Release enhancement reviewing 2015-01-16T20:26:08Z 2021-02-02T12:35:36Z Once considered in #20279, I am able to propose a sane way to separate {{{retrieve_password()}}} from {{{wp-login.php}}}. jfarthing84 5 31042 WPDB field_types Variable Too Broad? Database normal normal enhancement new 2015-01-17T03:07:49Z 2019-06-04T19:27:49Z "I was wondering if it might make sense to tie the field_types format definitions to tables and columns instead of just columns. As people use WordPress more there may be situations like the one I encountered today where columns of their enhancement tables overlap with those of WordPress' default tables. In my situation my user_id was more of a guid so it was a string that was being formatted to a decimal. While this might not be a common problem with the overhead it would take to change it to a multidimensional array it might make sense. If this is something others would find useful or practical I would be happy to rework the code." njkrut 2 31049 Hiding Administration Menu Items through remove_menu_page function can create unnecessary margin via the menu separator list item Plugins 4.1 normal normal defect (bug) new 2015-01-18T22:47:53Z 2019-06-04T20:48:43Z "In some situations where the Administration Menu has had menu items removed, the wp-menu-separator <li> may appear first. When the menu separator <li> appears first in the menu, unwanted extra margin is created. This issue occurs when the Dashboard menu item has been disabled, but could occur under other menu reorganizations and configurations." monopine 2 31076 Multisite signup functions don't support SSL Login and Registration normal normal defect (bug) new 2015-01-20T16:21:57Z 2019-06-04T20:10:42Z [source:tags/4.1/src/wp-signup.php#L612 confirm_blog_signup()], [source:tags/4.1/src/wp-signup.php#L361 confirm_another_blog_signup()], and [source:tags/4.1/src/wp-includes/ms-functions.php#L768 wpmu_signup_blog_notification()] use hardcoded `http://` links. SergeyBiryukov 3 31083 WP_date_Query does not validate string values of 'before' or 'after' Query 4.1 normal normal enhancement new 2015-01-21T08:18:57Z 2019-06-04T20:48:45Z "Currently the ''before/after'' values in ''WP_Date_Query'' can be an array or string, which will be parsed by strtotime: {{{ if ( ! is_array( $datetime ) ) { // @todo Timezone issues here possibly return gmdate( 'Y-m-d H:i:s', strtotime( $datetime, $now ) ); } }}} But we don't validate this string in ''validate_date_values'': {{{ if ( array_key_exists( 'before', $date_query ) && is_array( $date_query['before'] ) ){ $valid = $this->validate_date_values( $date_query['before'] ); } }}} ---------------------- Example: {{{ $query_args = array( array( 'before' => 'i am a valid date string!?' ) ); $date_query = new \WP_Date_Query( $query_args ); echo $date_query->get_sql; // AND ( ( post_date < '1970-01-01 00:00:00' ) ) }}}" ChriCo 1 31084 Export capabilities should allow the current user to export their own posts Export normal normal enhancement new 2015-01-21T09:30:53Z 2019-06-04T19:47:38Z "Currently, exporting is restricted to users with the 'export' capability (Admins, Network Admins), which effectively locks Editors, Authors, and Contributors out of the the process. I am proposing that an implicit capability in the exporter be created whereby users without the 'export' capability can choose to export their own posts. The functionality to select a single user's posts for exporting is already built-in for those with the capability, so there is no underlying exporter code that needs to change. Front-facing modifications would include adding a message to the Export screen for non-Admins explaining that they can only download their own posts, specifying the proper single-user form parameters by default, and a few checks on the back-end to avoid any forgery. Functionally, this enhancement would free users to own and control their content, and may help prevent site owners from holding their contributors' content hostage." rileypaulsen 6 31085 CPT selector to “Recent Posts” widget dev-feedback Widgets 4.2 normal normal enhancement new 2015-01-21T11:18:12Z 2019-06-05T06:40:29Z "I think that ""Recent Posts"" widget should support selection to show all posts or only in selected CPT." sippis 4 31092 travis-ci builds skip lots of tests due to environment configuration Build/Test Tools normal normal Future Release defect (bug) new 2015-01-21T19:20:30Z 2020-11-09T19:36:28Z "See #30284. travis-ci builds (eg https://travis-ci.org/aaronjorbin/develop.wordpress/jobs/47713725) are skipping a bunch of tests. I haven't yet looked into it in detail, but I'm guessing it's a combination of the following: - Missing image-related PHP extensions (gd, exif) - ru_RU system domain must be installed (`Tests_DB::test_locale_floats()`) - MySQL versions don't support utf8mb4 - WordPress Importer plugin not available Ideally, the only tests skipped in CI are those that depend on *WordPress* configurations, and we run separate builds for each relevant config. In the case of our current tests, the only WP config that matters is multisite, and we're already running separate multisite tests, so we should expect to see that some tests are skipped on MS, and others skipped on non-MS. All OS, PHP, MySQL, and webserver-related skips should be eliminated. Anyone who's interested in chasing this down, here's how I'd go about it: - Fork https://github.com/aaronjorbin/develop.wordpress and set it up to run on Travis. - Modify the build so that it runs `phpunit -v`. I think you should be able to do just by changing the `script` command in .travis.yml - Check in and push up. The first Travis run should give you a full report of what's being skipped, and why - Start hacking at the `before_script` section as necessary to get the necessary prerequisites installed. http://docs.travis-ci.com/user/languages/php/#PHP-installation and the following sections should be a good starting point." boonebgorges 4 31093 Make $tag argument optional for has_shortcode() dev-feedback Shortcodes normal normal Future Release enhancement new 2015-01-21T19:53:17Z 2017-10-31T09:25:16Z Use case: I'd like to see if my string has ''any'' shortcodes. danielbachhuber 6 31094 Attempt to cache notoptions in database to save queries for non-existent options needs-unit-tests Options, Meta APIs normal normal enhancement new 2015-01-21T23:23:18Z 2019-06-04T20:48:51Z "Coming from #31061, @boone suggested this might be worth exploring, so I took a first pass at it. Idea is to save nonexistent options in options table as `notoptions_cache`. This seems to be working nicely so far. Non existent queries get cached, and gets refreshed when they are added or updated. I am considering the following moving forward: 1) Upon `delete_option()` call, we can add that option to `notoptions_cache` right away but I can imagine cases where we wouldn't want that, so I believe letting it get added on `get_option()` is a better choice 2) Implement it for Multisite functions - Should we? Chances are anyone who is running a multisite is already using a persistent object cache backend. Thoughts? 3) If `object-cache.php` is dropped in, so `notoptions` cache is now maintained over there persistently, all good. But when its moved out, it will try to use the `notoptions_cache` inside option table which may not be accurate anymore, so we need to delete it the moment a persistent object cache backend gets involved. Thoughts? Anything else I should consider?" ashfame 4 31106 Introduce nicename_exists has-patch Users normal normal enhancement new 2015-01-23T16:59:12Z 2019-06-05T06:40:32Z "Currently there are functions for username_exists and email_exists, but none for nicename_exists. Patch introduces nicename_exists with accompanying unit tests. Related: #30647" voldemortensen 5 31127 Can't add a new user to two sites before they've accepted their account jeremyfelt needs-unit-tests Users 3.0 normal normal defect (bug) assigned 2015-01-25T18:57:47Z 2019-06-05T06:40:34Z "In multisite, when adding a new user to a site, the user account isn't created immediately. Their info is stored in the `wp_signups` table until the user checks their email and clicks their sign-up acceptance link. If an admin attempts to invite the user to a second site before the person has accepted their user account for the first, they'll get this message: > That username is currently reserved but may be available in a couple of days. > That email address has already been used. Please check your inbox for an activation email. It will become available in a couple of days if you do nothing." ericlewis 11 31136 Allow plugin authors to register an additional 'Uninstall Notification' plugin header and to display back to the user during plugin uninstall flow needs-unit-tests Plugins normal normal Future Release enhancement new 2015-01-26T06:14:19Z 2017-02-05T09:58:14Z "In wp-admin/plugins.php wordpress displays to the user information about the plugins you are attempting to uninstall. Currently it only displays the name of the plugin name ($plugin[ 'Name' ]) and the plugin author ($plugin[ 'AuthorName' ]). In V4.1 this output is generated around lines 289-304. Is it possible to add another field that contains a short piece of information from the plugin author, that can be presented to the user for each plugin? The plugin would need to register this information with wordpress when it was installed or updated. Specifically, I envisage this being used for details that the user might need to follow to preserve any data that they might have before they actually delete the plugin. An example string that I can see being used by a plugin: If you wish to uninstall <b>without losing your data</b>, see the details at <a href=""http://example.com/plugin-uninstall"">http://example.com/plugin-uninstall</a>. Notes: - Such a string should of course be optional to preserve backward compatibility. - Appropriate filtering and length checks should be done on the string to ensure that the uninstall plugin UI isn't easily broken or disturbed. This avoids the plugin author filling the field with a string that stops the user from being unable to uninstall the plugin." cefiar 9 31139 Allow editing of video embed parameters in the media modal wonderboymusic Media normal normal Future Release enhancement reopened 2015-01-26T18:53:55Z 2017-07-10T17:33:41Z Unsure if this is possible, but it would be pretty sweet if you could adjust available video embed parameters, such as height/width, straight from the media modal. It could fit pretty well on this screen: https://cloudup.com/caoYOVuWM41 melchoyce 27 31154 register_post_type function does not check reserved post_types Posts, Post Types 4.2 normal normal Awaiting Review enhancement new 2015-01-28T11:13:28Z 2022-02-21T15:39:56Z "the function register_post_type() in wp-includes/post.php does not check for reserved post types. But later on this will cause malfunctions or unexpected behaviour and bugs. I wrote a very simple patch that checks if any of the reserved post_types are being registered and if so it notifies the developer by _doing_it_wrong and WP_Error as a fallback. Projects and plugins that are using reserved post_types in the wild will not break. But the developers will be notified via the logs or on their development environments where WP_DEBUG is true. ps. I will submit a similar ticket for taxonomies after this one. " sebastiaandegeus 14 31166 wpmu_signup_user_notification filter is incorrect dev-feedback Login and Registration 3.0 normal normal defect (bug) new 2015-01-28T20:30:03Z 2019-06-04T20:10:50Z "Simple ticket here, The wpmu_signup_user_notification filter seems to be filtering the wrong option {{{ if ( ! apply_filters( 'wpmu_signup_user_notification', $user, $user_email, $key, $meta ) ) return false; }}} If I'm thinking correctly, the filter should be filtering a boolean. If two filters are added to this and the first returns false, there is no way for the second filter to recover the $user variable. This is how I see it working WP4.1, /wp-includes/ms-functions.php line 919 {{{ if ( ! apply_filters( 'wpmu_signup_user_notification', true, $user, $user_email, $key, $meta ) ) return false; }}}" johnrom 4 31177 Captions video not saved with the post and are lost on attachment page postphotos Media 4.1 normal normal Future Release defect (bug) assigned 2015-01-29T16:13:09Z 2024-01-24T17:36:59Z "At the moment you can add srt-captions and a poster image to a video, entering them while embedding a video in a post. When you add a video via Add Media in a post the output will be something like: {{{[video poster=""url-here/image.jpg"" width=""400"" height=""224"" mp4=""url-here/video.mp4""]<track srclang=""en"" label=""English""kind=""subtitles"" src=""url-here/captions.srt"" />[/video]}}} This means that the poster and the captions are not stored with the attachment itself, so on attachment this data is lost pages and it is impossible to add a caption or a poster image via the image library. It would be useful to save srt-captions and the poster with the attachment data itself, like the description and the caption now are. " rianrietveld 14 31183 "Users with ""update_plugins"" capability can not see update details" has-patch Plugins 4.1 normal normal Future Release defect (bug) new 2015-01-30T13:19:09Z 2017-12-05T20:14:19Z "Users with the ""update_plugins"" capability can see available updates for plugins, but see the message ""You do not have sufficient permissions"" when clicking on ""View version x.y.z details"", because that page requires the ""install_plugins"" capability. The details page (with changelog, etc) should also be available with only the ""update_plugins"" capability." michel.weimerskirch 20 31184 Plugin update API times out too easily in practice, and is not handled gracefully Plugins 4.1 normal normal defect (bug) new 2015-01-30T16:54:46Z 2019-06-04T20:48:57Z "In wp_update_plugins() the timeout is set to ""Three seconds, plus one extra second for every 10 plugins"" when not doing a cron job. I did some testing (with reasonable bandwidth) and in practice I need about twice that to be safe. I realize you need to arbitrarily choose something, but the problem is that if timeouts do occur, there are unhandled warnings like Warning: An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href=""https://wordpress.org/support/"">support forums</a>. (WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.) in /media/sf_shared/digipowers/www.digipowers.com/httpdocs/wp-includes/update.php on line 297 which doesn't alert you to the real problem, which is that api.wordpress.com took too long to resolve. To repro this, clear your transients to force an update check, and then force the timeout in class-http.php:96 to something short like 1s: {{{ /** * Filter the timeout value for an HTTP request. * * @since 2.7.0 * * @param int $timeout_value Time in seconds until a request times out. * Default 5. */ 'timeout' => 1, //apply_filters( 'http_request_timeout', 5 ), }}} Recommend you do 2 things: 1) increase the default timeout for the plugin check from say 5 to 10. 2) handle this condition more gracefully by stating what's wrong in this case, e.g., : ""WordPress could not connect to the API server to check for plugin updates; please try again later."". And needless to say, don't throw PHP warnings as they break the headers if you have error_reporting and display_errors set to be loud. " rkaiser0324 2 31186 Get more info about the modified author has-patch Users 4.2 normal normal enhancement new 2015-01-30T19:35:32Z 2019-06-05T06:40:37Z Let's let the developers to have access to all the modified author meta not just the display name.Using the function get_the_modified_author() . alexandruias 3 31188 Very slow query in comments_template -> get_comments -> WP_Comment_Query->query boonebgorges Comments 4.1 normal normal defect (bug) assigned 2015-01-31T02:01:45Z 2019-06-04T19:27:50Z "In my quest to improve performance of core Wordpress functionality (see #31071, #31072, and #31171), I'm back with another optimization that is quite significant for large WP installations with lots of comments on some posts. The query in question: {{{ # Query_time: 25.314234 Lock_time: 0.000074 Rows_sent: 10 Rows_examined: 699220 SET timestamp=1422666393; SELECT wp_comments.* FROM wp_comments WHERE comment_post_ID = '87814' AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 10; }}} As you can see, 25s is not great to say the least. The query isn't using an optimized index, which I've now created, at which point it started running in milliseconds. The index is as follows: {{{ CREATE INDEX `comment_post_ID_approved_date_gmt` ON `wp_comments`(`comment_post_ID`, `comment_approved`, `comment_date_gmt`); }}} I've verified the performance improvements using SQL_NO_CACHE as well as EXPLAIN. The post in question here had over 3000 comments, which isn't uncommon on our site (androidpolice.com). Interestingly, MySQL queries using a different strategy internally which isn't nearly this slow for posts with fewer comments. But at some point, it switches it up because it thinks it's better, and things go sour." archon810 4 31189 Widgets editing screen don't handle expired nonces gracefully Widgets normal normal defect (bug) new 2015-01-31T02:12:19Z 2019-06-05T06:40:38Z "The Widgets screen doesn't handle an expired nonce gracefully, and can result in the user thinking something saved, when in actual fact it was silently discarded. For example - Adding/Removing Widgets appears to work, doesn't take effect - Editing a Text Widget (or any titles of other widgets) and hitting save will result in a spinner, and then disappear the same way a successful save operates, even though the ajax calls returned `-1` to signify a nonce error / not logged in error " dd32 5 31192 "Enable sorting of search results on ""Add Plugins"" admin page" Plugins 4.1 normal normal Awaiting Review enhancement new 2015-01-31T20:59:57Z 2021-07-30T12:19:08Z "Searches on the ""Add Plugins"" page often return thousands of results in no particular order, making it very hard to find high-quality plugins (I generally end up having to use Google to hunt down plugins). Often, plugins that are used by hundreds of thousands or millions of users are placed far below obscure, outdated, unmaintained plugins that are used by a few thousand people. It would be very helpful if there was a dropdown menu that enabled you to sort the search results by things like ""Most Downloads"", ""Highest Rated"", ""Last updated"", etc. This way, I could make sure that widely used, actively maintained plugins were at the top of my list, and quickly find what I need. A great example search if you wish to see the type of problem I'm addressing is ""Content Slider"". The first page of results is populated by many unmaintained/low-quality slider plugins, and then when you get to the second page of results you find several actively maintained high-quality plugins with hundreds of thousands of users (Easing Slider, Meta Slider, etc). Thanks!" tayjes16 14 31199 Potential reference to unset variable in get_bulk_actions (WP_Posts_List_Table) chriscct7* reporter-feedback Administration normal normal Future Release defect (bug) accepted 2015-02-01T16:44:14Z 2019-01-14T04:42:47Z "get_post_type_object can return null in some cases, which causes a notice when current_user_can is called later in the function. Attached a patch to check if delete_posts is set, and to only add actions if it is. Thanks!" sgrant 3 31200 wp_redirect Missing Body - Causes Performance Issues General 4.1 normal normal defect (bug) new 2015-02-01T18:56:15Z 2019-06-04T19:47:42Z "When I changed my site over to a new setup using nginx and Varnish, I noticed some performance issues when doing things like submitting a comment, activating plugins, etc. I narrowed it down to a problem with wp_redirect not providing a body, and thus nginx does not provide a content length. This causes Varnish to hang, waiting for a body, until it hits a time out (which by default is 5 seconds). This makes any action that involves a redirect take a minimum of 5 seconds (or whatever the time out is set to). Adding some output to wp_redirect immediately solved the problem for me. Even though this may relate to a specific nginx/Varnish setup, the HTTP standards also say you should always include some kind of output in the body. Nginx + php-fpm does not do this by default, and given that this is an increasingly common stack it would be useful if it conformed to standards. The issue can also be sidestepped by adding: {{{ header( ""Content-Length: 0"" ); }}} However, this does not conform to RFC specs. See: http://www.ietf.org/rfc/rfc2616.txt under 10.3.2 and 10.3.3 HTTP 301: The new permanent URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s). HTTP 302: The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s)." tripsis 2 31206 Move AJAX action parameters out of the method body and into the declaration. dev-feedback General 4.2 normal normal enhancement new 2015-02-01T23:09:49Z 2019-06-04T19:47:45Z "`admin-ajax.php` has several methods that require an `$action` parameter, then immediately set that parameter in the body of the method to the desired string if it's not set, which seems a bit counter-intuitive. I propose removing the conditional check completely (since it's not checking for a value, just the presence) and move the desired string into the method declaration as a default value." morganestes 3 31210 Problem with WP core function to get user dropdown Role/Capability 4.1 normal normal enhancement new 2015-02-02T12:44:00Z 2020-02-14T02:06:22Z "Why does WP pass the argument 'who' => 'authors' on line 1014 of core file /wp-admin/includes/class-wp-posts-list-table.php. Which then causes WP to check the $dbprefix_user_level meta key in the database for that user, which is as far as I know, is a deprecated method of checking that. This then stops WP from showing authors with enough caps (but level_0 for some reason) in the 'Author' dropdown on the page quick edit function." andyx2v 1 31211 New function for link-category intersection General 4.1 normal normal enhancement new 2015-02-02T14:29:55Z 2019-06-04T19:47:49Z "Maybe passed to wp-includes/bookmark.php... {{{ function link_cat_intersect($input, $args=array() ){ /* $input (string) - Comma separated list of link-category ID-s to find common links. $args (array) - $args for get_bookmarks() function http://codex.wordpress.org/Function_Reference/get_bookmarks Defaults: $args = array( 'orderby' => 'name', 'order' => 'ASC', 'limit' => -1, 'category' => '', 'category_name' => '', 'hide_invisible' => 1, 'show_updated' => 0, 'include' => '', 'exclude' => '', 'search' => '' ); Example: $links = link_cat_intersect('65,75',array('include' => '8' )); Get the common links of link categories 65 and 75, then add the link with id 8 to result. Return Values http://codex.wordpress.org/Function_Reference/get_bookmarks (array) List of bookmark row objects. Each bookmark object may contain the following: 'link_id', 'link_url', 'link_name', 'link_image', 'link_target', 'link_category', 'link_description', 'link_visible', 'link_owner', 'link_rating', 'link_updated', 'link_rel', 'link_notes', 'link_rss' */ $input = explode(',',$input); $input = array_unique($input); // remove duplicates if( count($input)==1 ){ return new WP_Error( 'broke', __( ""One id is not enough..."", ""my_textdomain"" ) ); } $keys=$input; $input = array_combine($keys, array_values($input)); // get the link ids foreach($input as $cat_id => $posts){ $objects = get_objects_in_term($input[$cat_id],'link_category'); if( is_wp_error( $objects ) ) { echo $objects->get_error_message().' !link_category_id: '.$cat_id; return false; }else{ $input[$cat_id]= $objects; } } // thx to Shackrock and outis http://stackoverflow.com/a/8198111 function recursive($inarray,$result){ foreach ($inarray as $inkey => $inval) { if ( is_array($inval) ) { $result = recursive($inval, $result); } else { $result[] = $inval; } } return $result; }; $intersect = function($array){ foreach(array_count_values(recursive( $array, array() )) as $key => $value ){ if( $value == count($array) ){ // intersect $result[] = $key; } } return $result; }; $result = $intersect($input); if( !isset($args['include']) || $args['include']=='' ){ $args['include'] = implode(',',$result); }else if( isset($args['include']) && $args['include'] != '' ){ $args['include'] = explode(',',$args['include']); $args['include'] = array_merge($args['include'],$result); $args['include'] = implode(',',$args['include']); } $result = get_bookmarks($args); if( count($result) == 0 ){ return new WP_Error( 'broke', __( ""No posts in the intersection..."", ""my_textdomain"" ) ); }else{ return $result; } } }}} " krabat1 1 31236 wp_ajax_upload_attachment does not properly handle situation when post_id is set reporter-feedback Media 4.1 normal normal defect (bug) new 2015-02-04T23:13:47Z 2020-02-08T18:33:04Z "In the wp_ajax_upload_attachment function of wp_admin/includes/ajax_actions.php, it appears that the wrong capability is checked by the current_user_can function if post_id is set in the $_REQUEST object. At line 1845, this code exists: if ( ! current_user_can( 'edit_post', $post_id ) ) As far as I can tell, edit_post is not a valid capability. I was building a custom post upload for my site that allowed certain users to add media. I had given them the edit_posts capability and they were still receiving the error message ""You don't have permission to attach files to this post."" Once I changed this line of code in wp-admin to: if ( ! current_user_can( 'edit_posts', $post_id ) ) it worked as expected." johncacpro 9 31240 Combine domain and path UI in Add New Site flow jeremyfelt has-patch Networks and Sites 3.0 normal normal enhancement assigned 2015-02-05T19:10:46Z 2019-09-04T19:37:43Z We're planning on fixing the Edit Site flow in #22383. After that sits for a release, let's change the Add New Site flow to reflect this change as well. ericlewis 18 31252 grid view in media library malfunctioning in Simplified Chinese install Media 4.1 normal normal defect (bug) new 2015-02-06T21:22:33Z 2019-06-04T20:11:07Z "Media library grid breaks in Simplified Chinese install. https://wordpress.org/support/topic/the-grid-view-of-media-gallery-is-malfunctioning-in-simplified-chinese-install?replies=1" kidsguide 10 31254 Post errors show success borders Posts, Post Types 3.7 normal normal Awaiting Review defect (bug) new 2015-02-06T22:38:59Z 2021-01-18T13:47:57Z Similar to #31241 if a post delete/update action fails a green border shows instead of red. I'm not sure what action should be taken here since failures and successes seem to be able to be displayed in the same message box. ninnypants 4 31258 SVG replaced by default image in media library Media 4.1 normal normal defect (bug) reopened 2015-02-07T16:47:13Z 2019-06-04T20:11:11Z "I have enabled svg support for the media library. In Wordpress 3.9 I could nicely upload an svg file and it would show a thumbnail of the svg image in the media library. Now I've updated to Wordpress 4.1 and now all the svg files are replaced with a default image and a text stating the title of the svg file. Although, everything still works (I can still add the svg file and so on), it was very handy to see what the svg file looked like. Is there are reason why this is changed? Is there something I can do to change it back? By the way, I've tried this in a fresh new Wordpress install without any other plugins and using a default theme. " Automatic-rock 14 31270 Unexpected slugs for same-title different-parents term creation boonebgorges needs-unit-tests Taxonomy 4.1 normal normal defect (bug) assigned 2015-02-09T03:35:53Z 2019-06-04T21:13:57Z "When creating a new term which matches an existing terms name, it uses that slugs slug as the slug prefix, which can result in an unexpected term slug. For example, take this: {{{ Foo (slug: foo) - Bar (slug: foo-bar) }}} If we now create a root level ""Bar"" term, it'll get a slug of {{{foo-bar-2}}}, when one would expect it to receive {{{bar}}} since no conflicting slug exists. This is related directly to [28733] / #17689. Unit test attached showing behaviour." dd32 7 31277 Many WP Dashboard-only transients for 'browser version' set to autoload=yes in wp_options Options, Meta APIs 4.1 normal normal defect (bug) new 2015-02-09T23:21:43Z 2019-06-04T20:49:09Z "I've been recently optimizing WP for speed and for various reasons (mostly because it's buggy as hell), we're forced to run without W3TC's object cache on a busy site. Because of that, when wp_options gets bloated, especially with values that have autoload=yes, and every thread ends up transferring that much more data, overall performance decreases, and db traffic goes up. Transients are typically (with few exceptions) added as autoload=no. This keeps performance in check. However, there's one notable exception, and on our server, it's 120 rows all dedicated to a single transient, with over 30KB of data in total that gets transferred for no reason. That transient is `""browser_"" . $key`, and it's only used by `wp_check_browser_version()` in `wp-admin/includes/dashboard.php`. There's no reason at all for it to use autoload=yes." archon810 6 31281 Register JavaScript/Underscore templates using the WP Dependency API has-patch Script Loader normal normal enhancement new 2015-02-10T11:14:43Z 2019-06-04T21:13:58Z "It would be much easier to handle JavaScript templates when they could get registered using `wp_register/enqueue_script()`. This would allow tight binding between (Backbone) scripts and their respective templates. It would also allow to easily switch out single (core or plugin) templates to extend the UI with custom extensions in plugins. Further more it would have the benefit of more fine grained control of what template to load where and therefore a lower memory footprint. For a brief look at the overall concept I'm proposing, please [https://gist.github.com/franz-josef-kaiser/6f5448d83558427c5e7d visit this Gist]. This is pretty much what I'm currently using. So instead of stuffing all templates as endless `<script type=text/template>` list in a single file, we can then split them up into single files (job for a later ticket - plugins can make use of it immediately). This also allows plugin developers to easily pull in core scripts and templates without modification, which should result in a more native and integrated UI and UX (when it comes to animations) without knowing every single bit of what is happening behind the scenes. {{{#!php wp_enqueue_script( 'template', plugin_dir_url( __FILE__ ).'templates/template.tmpl', [ 'underscore', 'backbone', 'jquery', ], @filemtime( plugin_dir_path( __FILE__ ).'templates/template.tmpl' ), true ); }}} In the added patch, there's also a filter named `'allowed_js_template_extensions'` to add custom extensions aside from the default `.tmpl` extension which should ease the usage of third party scripts and templates who might use other extension names. Note to other patchers: The patch makes use of the `\DOMDocument` and `\DOMElement` classes. Please do not try to switch this out for some Regex. The DOM classes are by far the fastest solution and much more reliable and readable than any Regex can ever be. This tickets/patches overall goal is to bring WP JS template handling closer to how native JS applications make use of it. ''Additional Benefits'': This also allows us to run performance optimization like HTML minification on it and further compress the served files (Grunt tasks available). Another option would be to concatenate those scripts on a per screen basis." F J Kaiser 17 31282 finally introduce comments templating Comments 4.1 normal normal enhancement new 2015-02-10T13:18:31Z 2019-06-04T19:27:55Z "after spending several hours with styling my comments, comment form and using a plugin for the error messages, by default wordpress leads to a new unstyled page showing the errors and only leading back to the homepage if one presses the browser's back button, i'm asking myself why there are no templates and functionality for this all day task. please introduce: - a template for the comments ... yes i know there is comments.php but the comments themself must be templated in a callback function which is terrible (e.g. <?php wp_list_comments( array( 'callback' => 'shape_comment' ) ); ?>) - a template for the comment form ... yes i know there is athe possibility to give the comment_form function $args, but this is much more terrible than the comment list ""templating"", having the need to ""template"" the comment form in an array (!!!...........) - a way that wordpress reloads the current post page if a user sends a comment and is missing required fields like the comment itsself or his/her email address. afterwards showing error messages besides (or wherever my template says so) the comment form fields. that would be a fundamental improvement and a must. i can't explain, why everything in wordpress is so easy to template but the comments. best regards" ageibert 3 31283 Setting poster image for videos inside a video playlist is not very intuitive Media 4.2 normal normal enhancement new 2015-02-10T15:43:13Z 2019-06-04T20:11:16Z "This is somehow a follow-up to #27891. When you create a video playlist, it's very hard to understand how to change the poster images of the videos. Here is the workflow : 1. Upload some videos 1. Create a new article and insert one single video 1. Edit the inserted video to open the media modal again, and select a poster image for your video 1. Nice ! 1. Create another article and insert a video playlist 1. When you choose video, the one that was inserted in the previous article is shown with the poster image instead of the default video icon : very nice ! 1. For other videos, there is no way to select a poster image, neither during initial playlist creation, nor after having inserted the playlist :-( 1. To select a poster image, you have to go back to the main Media menu, find the right video and edit its details, and then set the featured image (that you guessed it was the same as the poster image) I see at least three ways to improve that workflow. 1. In the ""Edit video playlist"" modal, add a ""Select poster image"" menu, similar to the one that exists in the ""Video details"" modal for the video shortcode. 1. When browsing videos in the media modal, add a link to set the poster image, in the same manner that the ""Edit image"" link works for images 1. When browsing videos in the main Medias menu, add a link to set the poster image, in the same manner that the ""Edit image"" link works for images 1. Bonus : change ""Featured Image"" title to ""Poster image"" in the video attachment post edition page 1. Big Bonus : when browsing videos in the main Medias menu, add a button ""take a screenshot and set as poster"" when a video is shown. This will load the video into a canvas, generate an image from this canvas, send the image to the server and set it as poster ! " Fab1en 1 31284 List tables with fixed header on scroll Administration normal normal Future Release feature request new 2015-02-10T16:33:44Z 2019-01-14T17:37:47Z "I think it would be interesting, the WordPress through their APIs, allowing fix the header of a table when the scroll action is happening. A page that could make use of this functionality is the Posts list. [[Image(http://i.imgur.com/86AE2x0.png)]] and [[Image(http://i.imgur.com/O7v0Rfg.png)]] When the user has many posts, to scroll down the page, the table header is not more visible. This could also be very useful for plugin authors. That have pages with listings." Apiweb 6 31293 Previously uploaded attachment affects page slug Permalinks 4.1 normal normal defect (bug) new 2015-02-11T06:23:15Z 2019-06-04T20:49:10Z "I have page url: abc.com/products/novus-3 (novus page never create but it add -3 in url) so i check directly where the page exist: abc.com/products/novus So basically i found the banner image i upload only showing in this url as ATTACHMENT ID, So i delete that header image and change my page url ""NOVUS-3 to NOVUS"" and after that i re-add image. Its fine. But the question is when creating new page, for example Page title: New Page so url will be /new-page but before setting page title if we import image with the same name of page title, the Permalink url reserved that desired page url. So everytime first add Page title first then add image. Hope you understand, sorry for my bad english. Thanks" funorang 1 31300 redirect_canonical returns too early dev-feedback Canonical normal normal defect (bug) new 2015-02-11T17:00:31Z 2019-12-06T10:01:04Z "If `$redirect_url` is not set or is not equal to `$requested_url` then `redirect_canonical()` returns early and does not trigger the `redirect_canonical` filter. This prevents plugins from being able to alter the canonical URL. This bug was partially addressed in #8975 (it still returned early when the redirect and requested URL are the same), but this was reverted in #11700 without any indication as to why. The attached patch ensures the filter triggers even when the `$redirect_url` is not set or is the same as `$requested_url`." stephenharris 3 31313 refactor is_email() tests to use separate data files and PHPUnit dataProvider has-patch Build/Test Tools normal normal Future Release enhancement new 2015-02-12T22:06:21Z 2017-02-05T14:14:04Z "There are a number of open tickets involving email validation that seem as though they could benefit from making the tests on {{{is_email()}}} a little more robust. This is my first pass at that. Ultimately, I think moving the dataProvider out of '''IsEmail.php''' would be helpful so it could be re-used when adding tests for {{{sanitize_email()}}}, but I wanted to take this one step at a time. I'm relatively new to automated testing and very open to suggestions. Related: #17433, #17491, #21730, #25108, #30039" salcode 1 31331 $post->post_date displays current time if status is pending or draft Posts, Post Types 4.1 normal normal defect (bug) new 2015-02-14T17:11:45Z 2019-06-04T20:49:15Z "Create a new post and save as a draft or save as 'pending'. On single.php enter these lines of code: {{{ global $post; var_dump(date(""Y-m-d H:i:s"")); //current time var_dump($post); }}} If you wait about 5 minutes to refresh the front-end page after saving the post as draft/pending, you'll notice that the current time and the $post->post_date are the same (accounting for timezone differences). Further more, if you refresh the page after another 5 minutes, the $post->post_date will change. However, the $post->post_date and $post->post_modified are different. When comparing to the database values, the $post->post_modified matches its database value, but $post->post_date will continue to match the current time and '''not''' what is in the database for `post_date`. It seems to me that the post object should reflect what is in the database regardless of the post_status. If a post is draft/pending, it is inconsistent to use post_date to note when the post was originally created. I can see the code that is responsible for this is on wp-includes/query.php on line 3527-3528: {{{ if ( 'future' != $status ) $this->posts[0]->post_date = current_time('mysql'); }}} I apologize if I'm thinking about this wrongly." danbrellis 1 31350 size_format() Displaying Incorrect Unit General 4.1 normal normal Awaiting Review defect (bug) new 2015-02-16T19:32:10Z 2022-05-03T14:29:59Z The `size_format()` function is using binary standards for displaying a human readable version of the file size, shouldn’t we use the IEC standard of KiB, MiB etc for the unit, or convert to SI and use 1000 instead of 1024 as the value of bytes in a kB etc (ref: http://en.wikipedia.org/wiki/Kilobyte)? It was even noted that it was technically incorrect in the comments of the function: https://core.trac.wordpress.org/browser/tags/4.1/src/wp-includes/functions.php#L194 (If we do fix it, we need to take into consideration the whitespace in front of the 'B ' fixed in: [31052]) brashell 4 31354 Compound settings confusing with screen readers (checkboxes) joedolson* Administration 4.1 normal normal Future Release enhancement accepted 2015-02-17T03:08:21Z 2024-01-30T15:19:40Z "There are a number of settings in the admin that are made out of multiple variables. That is, they combine a checkbox/radio button toggle and a value. When you can see it, it makes sense because it forms a logical sentence and everything works out great. When you rely on a screen reader, it doesn't really come across as such and there's no link between the different inputs in the setting. For example: [[Image(http://i.imgur.com/0r0lDSn.png)]] As you tab through the different fields, NVDA (with default settings) will announce: - Break comments into page with - checkbox (not) checked. - top level comments per page and the - edit fifty. - page displayed by default - combo box last collapsed. We need to come up with a pattern that can be applied to split up these toggle/value inputs and clear up confusion this may create. It would be nice if the inputs for the actual values stay disabled until the appropriate toggle is enabled as well (similar to how the home/blog static page selectors work). This issue concerns the following fields: '''On /wp-admin/options-discussion.php:''' - Automatically close comments on articles older than X days - Enable threaded (nested) comments X levels deep - Break comments into pages with X top level comments per page and the X page displayed by default. - Comments should be displayed with the X comments at the top of each page '''On /wp-admin/network/settings.php''' - Limit total size of files uploaded to X MB Could use input from accessibility and UI teams on how to best tackle this. :) " Cheffheid 15 31356 Compound settings confusing with screen readers (radio buttons) joedolson* has-patch Administration 4.1 normal normal Future Release enhancement accepted 2015-02-17T03:50:45Z 2024-02-13T15:46:42Z "Similar to #31354, #31144 - but worth noting separately. As mentioned in #31144, the ""main"" label for radio buttons is never announced which is removing the context for them. Additional issues with this arise when the setting has a ""Custom"" option with an input field. When tabbing from the radio button to the ""Custom"" input field two things happen: - It will automatically set the radio button option to ""Custom"" - It announces the current value of said input field without further context. Ie. 'F j, Y'. The former is not a huge deal, because it automatically updates the input field for ""Custom"" to whatever the value of the previously selected radio button was. The latter is a bit odd and confusing if you have no further context as to why it's being announced or what it's announcing even means. Having the input field inactive/unfocusable unless ""Custom"" is selected would probably help with this and remove unnecessary focus on this field when it's ultimately unwanted. This applies to: '''On /wp-admin/options-general.php:''' - Date Format - Time Format '''On /wp-admin/options-permalink.php:''' - Main permalinks setting Here, too, additional input from accessibility and UI teams more than welcome." Cheffheid 11 31360 Missing active state classes for parent menu items Menus 4.1 normal normal defect (bug) new 2015-02-17T13:59:09Z 2019-06-04T20:11:21Z "wp_nav_menu() currently dont set current_post_parent(or other active state css classes) for all parent pages, when it has a category menu item with current_post_parent state. Steps to reproduce: You have following menu (theme menu): - Level 1.1 (Page) - Level 2.1 (Page) - Level 3.1 (Category: ""Allgemein"") - Level 2.2 (Page) - Level 2.3 (Page) - Level 1.2 (Page) On ""Level 3.1"" you will see blog posts from the category ""Allgemein"". Each blog post is linked to a detail page. (full blog post). When you visit the full blog post page, Level 3.1 will get the class ""current_post_parent"". But Level 2.1 and Level 1.1 dont get any active states. Its missing. i currently use following to fix it in my theme: {{{ function me_fix_category( $menu ) { //parse output of wp_nav_menu $xml = new DOMDocument(); $xml->loadXML( $menu ); do { $fixed = false; //search for li tags $elems = $xml->getElementsByTagName( 'li' ); foreach ( $elems as $el ) { //check if li has a active state if ( strstr( $el->getAttribute( 'class' ), 'current-post-parent' ) ) { //check parent li tag $parent = $el->parentNode->parentNode; $class = $parent->getAttribute( 'class' ); if ( !strstr( $class, 'current-post-parent' ) ) { //no active state for the parent? append class $parent->setAttribute( 'class', $class ? $class . ' current-post-parent' : 'current-post-parent' ); $fixed = true; } } } //do this, till nothing was fixed } while ( $fixed ); return $xml->saveHTML(); } }}} " donkelduffi 1 31365 Improve actions links for current theme on themes.php has-patch Themes low normal enhancement reviewing 2015-02-17T17:39:47Z 2019-06-04T21:27:13Z The links are not escaped in themes.php related #30952 MikeHansenMe 6 31372 media-new.php stops uploading after max_execution_time set in php.ini Upload 4.1 normal normal Awaiting Review defect (bug) new 2015-02-18T19:59:13Z 2019-05-15T21:16:23Z "== Environement == Windows Server 2008 (version 6, build 6002: SP2) IIS Version 7.0.6000.16386 PHP Version 5.4.26 FastCGI == Problem == When uploading a media file to Wordpress the upload only runs for the max_execution_time set in php.ini. When that time has elapsed (for slow connections or a large file) the multi-file uploader displays the generic error ""HTTP error."" The browser uploader stops with the PHP error ""max execution time reached"" Is this behavior by design? == Proposed solutions == 1. '''set `set_time_limit(0)` in media-new.php, so a upload can take as long as it needs''' [[br]] For IIS this solution is preferred, because FastCGI automatically stops script execution when a connection is lost. For Apache the additional code `ignore_user_abort(false);` might be needed to prevent the script from executing after the client has aborted, although that also is the standard behavior for Apache I think. 2. '''Display a more helpful error''' [[br]] ""HTTP error."" could practially mean everything. It took me at least 2 hours to find out what was causing the error. Displaying ""Your upload exceeded the max_execution_time set in PHP"" makes things already a lot more understandable. == Thoughts about limits == File uploads are already limited by max_upload_size and max_post_size, so it should make sense to not also limit them on how long they can take. Some users simply don't have a fast enough connection to complete the file upload in the max_execution_time specified by php.ini" au.merci 1 31375 Image caption with heading adds an empty paragraph at page edits Editor 4.1 normal normal Awaiting Review defect (bug) new 2015-02-19T11:22:17Z 2020-11-24T06:11:30Z "Hi, I'm experiencing a problem when trying to use heading tags within image captions. Upon inserting (or editing) the image on a page, I wrote a heading before a block of text in the caption. The whole thing would look something like this: {{{ <h3>Heading here</h3>A block of text directly following the heading. }}} What happens is that every time I edit the page in any way (not even touching the image or image caption) there is an extra empty paragraph added to the caption text. That means that anything below the caption jumps one line further down at every edit. Just to see if this is some plugin conflict, I created a clean WordPress install without plugins, and tried the same thing. The problem was reproduced. Looking at the html code generated, there is a new <p></p> added at every page edit, and sometimes a couple of <br /> are inserted before the heading tags. Here is a link to my test site: [http://dev.webbkoncept.se/themetest/] I tried it using both themes twenty fourteen and twenty fifteen, experiencing the same bug." sweman 2 31383 Add WP_Tax_Query support to WP_User_Query Query 4.2 normal normal Future Release feature request new 2015-02-19T16:31:15Z 2024-01-02T10:46:44Z "Users like any other object type in WordPress can have taxonomy terms assigned to them. However, there is currently no way to query by taxonomies in WP_User_Query. As far as I could find, the only way to really accomplish this right now is to use get_objects_in_term(), filter out the non user objects, and then use the include parameter. Ideally, I think you should be able to accomplish this by the following: {{{ $user_query = new WP_User_Query( array( 'tax_query' => array( array( 'taxonomy' => 'tax_name', 'field' => 'slug', 'terms' => array( 'term-1', 'term-2' ), ) ) ) ); }}}" desrosj 17 31384 Pingback does not work for schemeless URLs needs-unit-tests Pings/Trackbacks 1.5 normal normal defect (bug) new 2015-02-19T17:03:29Z 2019-06-04T20:49:17Z "I noticed that a pingback will not be send if the target URL is given as a schemeless URL (like {{{//www.example.com/path/file.ext}}}. This is because discover_pingback_server_uri() in comment.php is using the PHP function parse_url() which cannot handle schemeless URLs correctly." tobiaskochsonlinenet 5 31387 New core API for adding Meta tags to the header dev-feedback General normal normal Awaiting Review enhancement assigned 2015-02-19T19:08:23Z 2021-08-11T15:56:09Z "There is often a conflict between one or more plugins about registering meta tags in the header. Meta tags that shouldn't be duplicated, it's difficult to know which one should 'win'. A lightweight framework in core that multiple plugins could use to register meta tags seems like it would be useful. It would need to handle several different attributes for all use cases -- `name` `property` `http-equiv` `charset` -- possibly generic `data-*` attributes? Uncertain. Twitter discussion: https://twitter.com/nacin/status/562109983069061120 (up and down the thread) My first swing at it: https://gist.github.com/georgestephanis/0f0cca2c5f1a6cd4aab2" georgestephanis 10 31391 Make the list of registered nav menus filterable needs-unit-tests Menus 3.6 normal normal enhancement new 2015-02-20T05:33:50Z 2019-06-04T20:11:26Z Adding a filter to the list of registered menu locations before they are displayed in the admin section allows for easy reordering and/or selectively hiding menu locations to none admin users. csschris 2 31395 Indicate difference of two visually equal, but otherwise different images in non-list media views Media 4.0 normal normal enhancement new 2015-02-20T18:19:09Z 2023-10-18T16:17:30Z "As explain in #24566 > [...] if I have two images that look identical the only way to differentiate between them is click each of them and read their properties in the properties section. One possible solution would be to show the title/file name of the image and/or the file size." F J Kaiser 3 31405 upgrade.php fails with mixed HTTPS (SSL) and simple HTTP sites has-patch Upgrade/Install 3.0 normal normal defect (bug) assigned 2015-02-21T19:28:16Z 2019-06-04T21:14:07Z "upgrade.php fails with mixed HTTPS (SSL) and simple HTTP sites The bug is discussed here http://wordpress.stackexchange.com/questions/156642/how-to-use-wordpress-multisite-with-mixed-http-and-https-sites I also add a patch that solves the SSL upgrade issue in my case." intersol 18 31414 Paginating Themes, Plugins, and Media has-patch Networks and Sites 4.1.1 normal normal feature request new 2015-02-22T16:08:13Z 2019-06-04T20:11:36Z "When building a multisite network the lack of pagination on resource screens such as themes, plugins, and media cause b rowser crashes -- too many thumbs to load. " leedman 4 31416 An accessibility issue with the Publish metabox Posts, Post Types 4.1.1 normal normal Awaiting Review defect (bug) new 2015-02-22T22:03:33Z 2018-12-09T20:28:05Z "Taking a closer look at the Publish metabox for posts I realise that it has what I would call a bug. Take a look at the image attached. It tells me a post is published, while it's still asking for confirmation to be published. This screen shows up when first a post is set to private -and so gets published privately- and next is set to public, without hitting the 'Publish' button. The post is actually published privately, which should show up as it's status, as it normally does. It tells me though it's published (which impies it should be published publicly). I stumbled upon this, while I was searching for a more intiutive solution for inexperienced posters on one of my sites to post privately. I found two threads in forums which adress this issue: https://wordpress.org/support/topic/how-to-set-new-post-visibility-to-private-by-default?replies=14 http://wordpress.stackexchange.com/questions/118970/set-posts-of-a-custom-post-type-to-be-private-by-default Neither of threads mention (or seem to be aware?) of this shortcoming, while both try to solve the same issue I'm having. I question whether this problem can be solved, while the Publish metabox has such shortcomings. I hope that by fixing this little bug, it might actually be possible to create a more accessisble Publish metabox for guests on a site, maybe by a hack or plugin, but preferably within the WP core files. [[Image(http://www.basbva.nl/wp-content/uploads/2015/02/publish-metabox-bug.jpg)]]" basbva 8 31419 Vimeo and YouTube video cannot be inserted into a playlist dev-feedback Media normal normal enhancement new 2015-02-23T09:22:58Z 2019-06-04T20:11:41Z "Now that the video playlist feature is working well in core, it could be great to think about supporting Vimeo and YouTube videos inside playlist. For the record, YouTube videos can be played with the MediaElementJS player with this shortcode : {{{ [video src=""http://youtu.be/_YbVJoMYwJ0""] }}} I would like to introduce the possibility to play this video inside a playlist: {{{ [playlist type=""video"" srcs=""http://youtu.be/_YbVJoMYwJ0,http://youtu.be/Fn1iMmSvvhQ""] }}} Now, there are some challenges : 1. Playlist are managed by selecting attachment form the Media library, along with their meta data (title, poster, ...). How to provide meta data for external videos ? 2. MediaElementJS does not build the player in the same way when a YouTube video is embeded, so switching between videos does not rely on the same API, and switching between YouTube and mp4 videos is not possible The first concern could be addressed by registering an attachment post in the database that links to a YouTube URL instead of a video located in the uploads folder." Fab1en 2 31436 Handle conflicts in concurrent Customizer sessions Customize 3.4 normal normal Future Release enhancement assigned 2015-02-24T19:42:44Z 2021-05-22T20:00:44Z "If two users open the Customizer at the same time and modify the same settings, the user who saves their changes last will win out, and the person who saves first will have their changes lost. (The frequency of the problem was reduced in #29983 since now only dirty settings now get POSTed.) The Customizer needs Heartbeat integration to add the “Post Locking” functionality. We don't need to lock the entire Customizer, however, from concurrent users: we need to add locking for individual settings in the Customizer. When a setting becomes dirty, we need to broadcast via Heartbeat to other users that the setting has been changed and thus any controls for this setting should be marked as ""locked"", with any changes prevented. This will become increasingly important as more and more settings are added to the Customizer and users go there more often to make changes. The locking UI could provide a button to copy the other user's change into the other Customizer session, and this could result in the control being editable again, with subsequent changes pushed out to other users as well, who would then also get the corresponding setting automatically updated if it was dirty, but if it was not dirty then it would remain in its clean state but with a locking notification added. This also should apply when a setting is modified by some means other than the Customizer: if someone is in the Customizer and another user changes a setting via an admin page or via XML-RPC or REST API, then this setting update should also be illustrated in the Customizer to note that the settings are stale and should be refreshed. This refresh could be done inline, without having to reload the entire page. For the issue of conflicting auto-incremented widget IDs across user sessions, see #32183. For the previously-reported issue specific for handling conflicts between editing widgets on the widget admin page, see #12722. For the introduction of concurrency locking for options pages (settings API), see #32202. Some enhancements for a feature plugin: The Customizer UI would benefit from having a list of users currently in the Customizer appearing somewhere, with a list of the changes each user has made. If someone left their Customizer session open, this list would also allow an administrator to sign the user out, using something like the [https://wordpress.org/plugins/user-session-control/ User Session Control] plugin; or the Customizer UI could provide a way to boot a user from the Customizer. For use of Heartbeat to keep nonces fresh, see #31897. See also #42191 (Customize: Selectively merge settings from autosave revisions)" westonruter 16 31479 Save custom color palette through refreshes Editor normal normal Future Release enhancement new 2015-02-27T19:47:27Z 2019-07-05T08:48:12Z "When you choose a custom color for your text using the color picker, the custom colors disappear from the palette when the page refreshes, or if the editor is closed and reopened later. This also happens after saving as a draft. Color picker right after changing text color: [[Image(http://cdn2.dropmark.com/74615/a48b9d7e5d6cd1ad5798a7ddfbf2ff20ebbc2086/colorshown.png)]] Color picker after saving draft: [[Image(http://cdn2.dropmark.com/74615/a2c1a5966634e30eb76f2c3c04771f5fbdfa0d2e/colornotshown.png)]] Steps to reproduce: 1. Change text color to a custom color choice. 2. Save post as a draft. 3. Reopen the color palette. Reported in WordPress.com forums: http://en.forums.wordpress.com/topic/custom-color-boxes-in-post-editor" shawnajroberts 4 31483 Improve UI to change Default Category Taxonomy normal normal enhancement new 2015-02-27T22:51:49Z 2019-06-04T21:14:13Z "Spun off of #26268 per chat with @helen https://wordpress.slack.com/archives/core/p1424923581006944 #26268 will focus on UI indicating Default Category. Currently, to change the Default Category, you must visit Settings->Writing. Since this only impacts one taxonomy, it may make more sense to remove the option from there and add it within the Category taxonomy. Attaching modified patch of #26268 that contains only the UI to set the default." kraftbj 5 31496 register_uninstall_hook tries to serialize anonymous functions Plugins normal normal defect (bug) new 2015-03-01T04:56:28Z 2019-06-04T20:49:18Z "`register_uninstall_hook` saves uninstall callback in database. If one passes a closure as uninstall callback WordPress tries to serialize it, causing a ''Serialization of Closure'' Exception. `register_uninstall_hook` already ensures that array callbacks are not allowed if first element of the array is an object (see #13786). The complete check should be something like: {{{ if ( is_object( $callback ) || ( is_array( $callback ) && is_object( $callback[0] ) ) ) { }}} Checking for `is_object` also prevents usage of invokable objects. " giuseppe.mazzapica 3 31504 Add new item gives bunch of errors if disabled Posts, Post Types 4.1 normal normal defect (bug) new 2015-03-02T14:00:00Z 2019-06-04T20:49:24Z "I created new post category 'cars'. But cars are added/deleted via Php code automatically via: wp_insert_post(...) and wp_delete_post(...) So I wanted to remove 'add new car' from navigation menu. And somehow remove the 'delete' capability. So I used this code in plugins register_post_type $args: {{{ array( ... 'capability_type' => 'car', /*'capabilities' => array( 'create_posts' => false, // Removes support for the ""Add New"" function - DOESN'T WORK 'delete_post' => false, 'publish_posts' => false, ), 'map_meta_cap' => true, // Set to false, if users are not allowed to edit/delete existing posts */ ...) }}} Appears the 'add_new' is not shown, but now I got bunch of warnings all over the admin: {{{ Notice: Undefined offset: 0 in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1075 Notice: Trying to get property of non-object in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1077 Notice: Trying to get property of non-object in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1081 Notice: Trying to get property of non-object in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1083 Notice: Trying to get property of non-object in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1084 Notice: Trying to get property of non-object in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1084 Notice: Trying to get property of non-object in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1087 Notice: Trying to get property of non-object in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1087 Notice: Undefined offset: 0 in C:\Program Files (x86)\Zend\Apache2\htdocs\GitHub\*WEB-NAME*\wp-includes\capabilities.php on line 1075 }}} " ozzWANTED 2 31515 Cannot enable plugins with protected function redeclarations (PHP Fatal Error) Plugins 3.9.3 normal normal defect (bug) new 2015-03-03T18:48:17Z 2019-06-04T20:49:25Z "I'm working on a codebase where the theme or plugins concurrently declare the same function inside a function_exists() however the original plugin defines the function without a function_exists check. In this situation, all the declarations can live together at runtime, but attempting to activate (or reactivate) the original plugin causes an error. Since the plugin initialization sandbox occurs after wp is loaded, the other plugins (with their checks) will have filled the function, any additional function declarations will fail. However this is merely an artifact of the initialization system -- as this plugin is being artificially run much later than it will be regularly running. A usecase -- perhaps you are trying to wean yourself off the Advanced Custom Fields plugin so you've implemented the get_field function in the theme's functions file in a function_exists check. After disabling the ACF plugin, you decided to reenable it to adjust a field. Game over, Fatal Error." brokentone 3 31520 wp_cache_get generates fatal error reporter-feedback Cache API 4.1.1 normal normal defect (bug) new 2015-03-04T08:47:40Z 2019-06-04T19:28:04Z " There are timing issues in WP where some code in plugins, specifically wp super cache, make called to wp_cache_get before $wp_object_cache is initiated. This generates a fatal error in php and can often send apache crashing. This only occurs n wp_cache_get() and it seems as if the easiest solution is to check to see if $wp_object_cache is actually initaited and/or an object before calling its get() function. … at /var/sentora/hostdata/zadmin/public_html/freemaal_in/wp-includes/ cache.php (113) …at /var/sentora/hostdata/zadmin/public_html/freemaal_in/wp-includes/ option.php (54) …/public_html/freemaal_in/wp-content/plugins/wp-super-cache/ wp-cache-phase2.php (255)" jatingupta2k 2 31531 Shiny Updates: Updates on update-core.php Upgrade/Install normal normal Future Release task (blessed) assigned 2015-03-05T04:10:58Z 2021-08-11T15:49:10Z "Branched from #29820. There are several improvements that can be made to `update-core.php`. Adding inline update support to each of the sections on the page would be a great start, allowing everything to be updated without leaving the page. Once this is in place, some sort of ""Update Everything"" button would potentially be a nice addition - it would also lay the groundwork for hiding a lot of the UI. If everything can be updated from one button, do we really need to show update buttons for every plugin and theme? Finally, (this has been mentioned a few times since the original shiny updates work was done), this page is the ideal place for allowing admins to opt-in to auto updates for major WordPress releases, plugins, and themes." pento 3 31532 Shiny Updates: Don't activate plugins with PHP errors has-patch Upgrade/Install normal normal enhancement assigned 2015-03-05T04:12:28Z 2020-01-07T23:57:59Z "Branched from #29820. When we try to activate a plugin through shiny updates, we shouldn't do it if it causes PHP errors." pento 12 31534 Shiny Updates: Language pack install support Upgrade/Install normal normal enhancement new 2015-03-05T04:14:59Z 2019-06-04T21:14:19Z "Branched from #29820. With the addition of the FTP credentials screen, it'd be nice if language pack installation could make use of it." pento 3 31559 Meta boxes should have before/after hooks dev-feedback General normal normal enhancement new 2015-03-07T20:38:33Z 2019-06-04T19:47:58Z "Currently there is no way to hook into an existing metabox. If I wanted to modify the featured image metabox (add a checkbox or something), I'd have to unregister the metabox, and re-register w/ my own callback. This is not good for compatibility w/ other plugins, etc. I propose before_callback and after_callback hooks for metaboxes. Basically, we'd replace this: {{{ echo '<div class=""inside"">' . ""\n""; call_user_func($box['callback'], $object, $box); echo ""</div>\n""; }}} with: {{{ echo '<div class=""inside"">' . ""\n""; do_action( 'before_metabox_callback', $object, $box ); do_action( ""before_{$box['id']}_metabox_callback"", $object, $box ); call_user_func($box['callback'], $object, $box); do_action( 'after_metabox_callback', $object, $box ); do_action( ""after_{$box['id']}_metabox_callback"", $object, $box ); echo ""</div>\n""; }}} " jtsternberg 3 31570 Infinite loop when filtering Media Library images by size in a modal (using wp_prepare_attachment_for_js) fuhton dev-feedback Media 4.1.1 normal normal defect (bug) assigned 2015-03-09T13:48:25Z 2019-06-04T20:11:46Z "In an attempt to restrict a post's Featured Image dimensions to imagers wider than 100px I implement the following code in `functions.php`: {{{ function restrict_media_library_by_width($response, $attachment, $meta) { if(isset($response['width']) && isset($response['height']) && $response['width'] > 100) { return $response; } return false; } add_filter('wp_prepare_attachment_for_js', 'restrict_media_library_by_width', 10, 3); }}} I then click ""Set featured image"" and the Media Library modal that appears only loads one empty thumbnail and my Network panel in Chrome Dev Tools reveals it makes continued, repeated, infinite AJAX requests. The only viable alternative I've found was to run a separate query within `ajax_query_attachments_args`, which is needed because the `_wp_attachment_metadata` key contains serialized data and that leaves no way to compare dimensions within a `meta_query`. Obviously running this additional query is inefficient and more resource intensive than it should be. More details here: http://wordpress.stackexchange.com/questions/180500/filter-media-library-items-by-size/." silb3r 4 31573 wp_admin_bar_my_sites_menu should check for super admin capabilities Networks and Sites 4.1.1 normal normal Future Release enhancement new 2015-03-09T15:36:35Z 2017-02-02T15:29:57Z "Currently the ""Network Admin"" segment of the admin bar is only added for super admins. This could be done in a more granular way by using the corresponding super admin capabilities. I am currently adding this myself with code similar to this: {{{ if ( current_user_can( 'manage_network_users' ) ) { $groups[] = array( 'parent' => 'network-admin', 'id' => 'network-admin-u', 'title' => __( 'Users' ), 'href' => network_admin_url( 'users.php' ), ); } }}} To make this useful the suggestions in #16860 would also have to be implemented. With BuddyPress now also using more granular checks for super admin capabilities this would allow for a much more refined access control to the network admin area. In my case I need the possibility to allow individual users the activate and edit user accounts, but have no access to other areas of the network admin in a multisite installation. " thomaslhotta 4 31577 wp.ajax.send JS function should send ajax request with dataType json has-patch General 3.6 normal normal defect (bug) new 2015-03-09T21:29:46Z 2019-06-04T19:48:03Z "Occasionally when using the wp.ajax.send JS function defined in wp-includes/js/wp-util.js:70 the system fails to auto-detect that the response is JSON, even when it is a valid JSON string. Given that the remainder of the code fails if the response is not a valid object it should be safe to add dataType: 'json' to the default options hash defined on line 78 of that file." TikiTDO 2 31581 Images-Links broken after import from wordpress.xml in WordPress 4.1.1 Import 4.1.1 normal normal defect (bug) new 2015-03-10T10:33:19Z 2019-06-04T20:11:51Z "In XML: <wp:meta_value><...""Fotolia_65968659_S-300x205.jpg""...></wp:meta_value> After Import the Image-File is created as Fotolia_65968659_S-300x206.jpg but the img-src still is ...300x205.jpg. The same happend to Fotolia_66268596_S-300x199.jpg. The Filename was changed to ...300x200.jpg, the link did´n change. Seems to be a rounding-issue when recalculating Image-Sizes." WulfP 3 31591 Bug in the author permalink . reporter-feedback Rewrite Rules normal normal defect (bug) new 2015-03-11T01:34:04Z 2019-06-04T21:14:24Z "Hi there :) 1 - register like this http://ahmed.d.pr/19Poz 2 - register a new user like this http://ahmed.d.pr/1eExL 3 - choose permalink >> Post name >> /%postname%/ 4 - the link in the browser must be like this author/name/ 5 - but in this case will not work and give 404 page 6 - so in this case i'm must change the permalink for the users to ?author=id and this not a good for the seo and for the users . Note : the problem if you register the username in arabic . Thanks ," vbegy 2 31593 Conflict of custom post type menu and add_utility_page Administration 4.1.1 normal normal defect (bug) new 2015-03-11T07:00:51Z 2023-11-13T18:56:31Z "I installed a plugin that register_post_type with menu_position 80. Thereafter, I installed a plugin to add a menu by add_utility_page. Then the menu of menu_position 80 is disappeared. Where I examined, I think there is a problem with the count up of `$_wp_last_utility_menu`, but is this correct specification? This is the sample code. {{{ function test_add_utility_page() { add_utility_page( 'test_utility_page', 'test_utility_page', 'edit_posts', 'test_utility_page', '__return_false' ); } add_action( 'admin_menu', 'test_add_utility_page' ); function test_register_post_type() { register_post_type( 'test_post_type', array( 'labels' => array( 'name' => 'test_post_type', ), 'public' => true, 'menu_position' => 80, ) ); } add_action( 'init', 'test_register_post_type' ); }}}" inc2734 3 31596 Make it easier to update TinyMCE TinyMCE low normal Future Release task (blessed) new 2015-03-11T14:07:00Z 2019-09-22T17:29:20Z "* Load from src like the other tests * Automatically add the plugins without overwriting files. * Don't run tests where no plugins are loaded. We're running these test just to test our plugins. * Remove everything we don't use. " iseulde 9 31599 White space between visual editor content and status bar has-patch Editor 4.1 low normal defect (bug) new 2015-03-11T18:55:56Z 2019-06-05T06:52:53Z Happens when the 'path' is hidden. iseulde 4 31600 WP_Object_Cache incr & decr can use a more strict type checking on offset SergeyBiryukov has-patch Cache API 3.3 normal minor Future Release defect (bug) reviewing 2015-03-11T18:58:26Z 2017-03-17T21:35:26Z "While working on improving the unit tests for related ticket #28759 I wrote some tests that could not pass on the current code: passing an non-empty array as offset. Despite of it being an edge case, I want to have my tests pass, so I provide a patch." jipmoors 2 31603 Don't change $_SERVER['REQUEST_URI'] just to filter the current URL query string General normal normal Future Release enhancement new 2015-03-11T22:06:12Z 2021-07-17T14:25:44Z "While working on #23367, I found 14 places in core that overwrite `$_SERVER['REQUEST_URI']`, which causes problems when trying to use it elsewhere and I don't know which version is going to make an appearance. I propose either switching from overwriting `$_SERVER['REQUEST_URI']` to using a local var when we need to, or creating a filter that's accessible everywhere if we need the modified value to use elsewhere." morganestes 7 31614 Add Actions to underscore media-template items Media normal normal enhancement new 2015-03-12T17:01:58Z 2019-06-04T20:11:56Z "Currently, there is no way to override the underscore templates used in media-template.php. It would great if each template item was preceded by a conditional such that: {{{#!php $result = do_action('tmpl-attachment'); //template name as action if (isset($result) && $result !== false) { ?> <script type=""text/html"" id=""tmpl-attachment""> <!-- Existing Template Here --> </script> <?php } }}} Then it would be easy to duplicate the existing template for modification {{{#!php function my_custom_media_attachment_template() { ?> <script type=""text/html"" id=""tmpl-attachment""> <!-- My Custom Template Goes Here --> </script> <?php return false; } add_action(""tmpl-attachment"", my_custom_media_attachment_template); }}} For my current project I'm having to do it, which of course means hacking the WP core. I'd be happy to share." andrewgstreet 3 31615 UI bug using Quick Edit dev-feedback Quick/Bulk Edit 4.1.1 normal normal defect (bug) new 2015-03-12T20:13:47Z 2019-06-04T21:14:25Z "After changing the parent attribute for a page using Quick Edit, the page title is prepended with the child hyphen but the table structure does not change. Refreshing the page fixes the issue. Using latest 4.1.1 with no plugins installed and default theme. '''Steps to replicate:''' 1. Change the parent of a page or post using quick edit '''Browser''' Chrome: 41.0.2272.76 (64-bit) OS X Yosemite 10.10.2. " justingreerbbi 1 31620 get_raw_theme_root does not resolve custom theme folder when is the unique has-patch Themes 3.1 normal normal Awaiting Review defect (bug) new 2015-03-13T02:54:50Z 2019-04-25T07:22:57Z "`get_raw_theme_root` (https://developer.wordpress.org/reference/functions/get_raw_theme_root/) does this check: {{{ if ( count($wp_theme_directories) <= 1 ) return '/themes'; }}} It means that if there is just one theme directory it is always assumed to be the `/themes` folder inside content directory. If an user wants to register a custom theme folder via `register_theme_directory()` (in a MU plugin) that user is forced to keep `WP_CONTENT_DIR/themes` folder (even empty) otherwise the custom directory registration does not work and WP will try to load a theme from a folder that doesn't exist. That is an edge case, but can be easily solved by picking the unique folder if there is only one: {{{ $count = count($wp_theme_directories); if ( 0 === $count ) { return '/themes'; } if ( 1 === $count ) { $path = reset($wp_theme_directories); $real = realpath($path); $content = realpath(WP_CONTENT_DIR); return strpos($real, $content) === 0 ? substr($real, strlen($content)) : $path; } }}} If there is only one folder and it is inside content directory, the code above also takes care of returning the relative path. That, according to #17597, is necessary to obtain a correct theme url." giuseppe.mazzapica 12 31624 $wpdb->prepare() named placeholders needs-unit-tests Database 4.2 normal normal enhancement new 2015-03-13T08:36:52Z 2023-06-22T07:55:03Z "I think it would be handy to add named placeholders to $wpdb->prepare(). The functionality exists in most modern frameworks and cuts out the need for having to worry about the order of variables, (or repetition) in the current vsprint like syntax. What I'm proposing is that the second parameter of prepare() can optionally be an associative array where the $key is the named placeholder and the $value is the value associated with it. This wont affect any existing functionality of prepare() and is fully backwards compatible. If no associative array is passed it will continue to work as always. Patch with the described functionality is attached for testing." ozthegreat 3 31634 Minor UI improvements to bulk editing joedolson* has-patch Quick/Bulk Edit normal normal Future Release enhancement accepted 2015-03-13T18:40:29Z 2023-04-14T15:34:38Z "The bulk editing feature isn't particularly clear. For example, it's odd that you can have a bunch of posts selected, leave ""bulk editing"" selected (the default in the dropdown, and just click the ""Apply"" button and nothing happens. The seems like odd behaviour (related: #11818). The other niggle is the word ""Apply"" on the button. You're not actually applying anything when you click the ""Apply"" button, you're either a) making a selection of things that you are going to go on and apply things to, or b) moving things to trash. The ""Apply"" button doesn't accurately reflect that action (it seems to make more sense in the spam screen as you are actually taking actions in which an application is made. I suggest the following minor improvements: When the default of ""Bulk Actions"" appears in the dropdown the ""Apply"" button is greyed out and not pressable. When the user selects either ""Edit"" or ""Move to Trash"" the button becomes clickable. The terminology on the button is changed from ""Apply"" to ""Go"", or ""OK"" or something other than Apply. I'm scratching my head to try to think of something :)" siobhan 36 31638 Bulk Edit & Quick Edit User Interfaces should be consistent close Quick/Bulk Edit normal normal enhancement new 2015-03-13T19:07:13Z 2019-06-04T21:14:32Z "Bulk edit and quick edit interfaces do pretty much the same thing: they let the user perform a few tasks from edit.php. However, the interfaces for these two panels is inconsistent. Take a look: Quick edit: [[Image(https://cldup.com/2pJ8J1EMxy.png)]] Bulk edit: [[Image(https://cldup.com/ly5tNO3orZ.png)]] The major difference is that items that are checkboxes in Quick Edit are dropdowns in Bulk Edit. It would seem to make sense to make these consistent across both UIs. So, maybe in Bulk Edit change Comments, Pings, and Sticky to checkboxes Or in Quick Edit change Comments, Pings, and Sticky to a dropdown. " siobhan 2 31640 "Menus: hiding all sections from the left column using ""Screen Options"" makes it confusing to add new menu items" has-patch Menus 4.1.1 normal normal enhancement new 2015-03-13T22:18:57Z 2019-06-04T20:12:01Z "Hiding all modules in Appearance > Menus—using the Screen Options at the top—leaves a giant blank column on the left, rendering the UI unusable. Suggestion: Either prevent all modules from being hidden or add a message (when all are hidden) saying that modules have been hidden but can be added again in Screen Options. " melanieharari 2 31643 Allow widget sidebars to be loaded open or closed via filtering dev-feedback Widgets 4.2 normal normal enhancement new 2015-03-14T23:44:54Z 2019-06-05T06:40:41Z This could be useful to allow certain sidebars to always load open or closed. silb3r 2 31664 Multisite network setup for .htaccess Networks and Sites 4.1.1 normal normal defect (bug) new 2015-03-17T09:06:42Z 2019-06-04T20:12:06Z "Hi there, Sorry if this is not the correct place to post it. But I donot know where then..... I have 2 multisite installations that were not working. Dashboard for the Primary site was working. Trying to go to the dashboard for the other sites gave an error code or a loop message. And the other sites where not shown under ""My sites"" (hover function). I was able to have a look at the child site but it had no theme it was just a ""sitemap"" list. What did I wrong? I thougt.... Here what I did: ================ 1st installation (localhost using XAMPP) - install wp 4.1.1 - change config.php to multisite - Copy andPaste ""Network setup"" from Dashboard. Here is the ""problem"", the .htaccess here shows: {{{ RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) D:/Programs/xampp/htdocs/H4Net/$2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ D:/Programs/xampp/htdocs/H4Net/$2 [L] }}} After a long researching, I have found an advice from a long time ago and applied. The advise where to change these 2 lines to: {{{ RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) /H4Net/$2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ /H4Net/$2 [L] }}} After this change it works. ================ 2nd installation web based hosting - install wp 4.1.1 - change config.php to multisite - Copy andPaste ""Network setup"" from Dashboard. Here is ""again"" the ""problem"", the .htaccess here shows: {{{ RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) sites/MYURL/$2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ sites/MYURL/$2 [L] }}} The solution I found is to change it to: {{{ RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] }}} ================================================ My request is: Althought I have seen it was already asked some time ago, Network setup still doesnot come up with the correct .htaccess information. When installing I do follow instructions given. This was the issue..... I am not a technical person, far from that. I am good in copy and paste :-) I have seen / read a lot of people are the same as I am, or have the same issue as I had. So if you could please change it in the next update it would help a lot! BTW Thanks a lot for making wordpress available!!!!! Cheers, Helena PS: sure I can give screenshots of more info if needed. " wph4 4 31665 Duplicate slugs in DB, created for hierarchical terms with long, non-latin names, when the default slug already exists needs-unit-tests Taxonomy 4.1.1 normal normal defect (bug) new 2015-03-17T10:43:33Z 2019-06-04T21:14:42Z "When WP automatically generates a slug for a child term, and if the produced slug (which is normally generated just from the term's name) already exists in that taxonomy, it forms a slug by concatenating all the parent terms' slugs hierarchically For example, in a term structure like: Parent -Child If a term with the name ""Grandchild"" is to be inserted under ""Child"", normally it would get the slug ""grandchild"". However if that slug already exists in the taxonomy, WP generates the slug ""parent-child-grandchild"". When the slugs have long, non-latin names, they are stored urlencoded in wp_terms, and the stored string's length can easily overflow the field's size ( varchar(200) ). Any terms created under that condition end up having the same slug stored in the DB (the produced urlencoded one, truncated to 200 chars). To reproduce the issue: Create a term (e.g. category) with this name (without the quotes): ""Ένα δύο τρία τέσσερα πέντε"" Create another term with the same name, defining the first term as its parent. Create a third term with the same name, defining the second term as its parent. The second and third terms end up having duplicate slugs in the DB, a situation which is normally an error. This issue is also not detected if the same procedure is repeated using wp_insert_term(). Normally an attempt to insert a duplicate slug to the same taxonomy would raise a ""duplicate_term_slug"" WP_Error, which is not the case." nevma 4 31673 Multisite UX: deleting a plugin Networks and Sites 4.1.1 normal normal Awaiting Review enhancement new 2015-03-17T20:27:23Z 2021-05-22T14:59:50Z "'''Better that current:''' Change the wording form the Network Admin Plugin deletion screen from: ""Caution: This plugin may be active on '''other''' sites in the network."" to ""Caution: This plugin may be active on sites in the network."" ... the current wording assumes that your action is tied to one particular website rather than the network as a whole when you are deleting a plugin. With this change, the warning is still there but does not make any assumptions about weather you are deleting it because you are thinking about one site and not the ""others."" '''Best case scenario:''' A check would be run to see if the plugin is actually active and list out which sites it is active on before deletion. " saracannon 6 31682 reg_passmail message on login.php needs filter has-patch Login and Registration 4.1.1 normal normal Awaiting Review enhancement new 2015-03-18T13:22:43Z 2017-03-01T00:30:22Z "reg passwords is hardcoded to the login.php: {{{ <p id=""reg_passmail""><?php _e('A password will be e-mailed to you.') ?></p> }}} So it appears even if you do some other ways of delivering passwords. E.g. i want to first check the registrating person and then send them the password, not immediately, so i need to change this message that would reflect this, and the only option now is to filter global gettext, what is not optimal. Proposed solution - replace this row with {{{ <p id=""reg_passmail""><?php echo apply_filters('reg_passmail',__('A password will be e-mailed to you.')) ?></p> }}} " thomask 4 31686 wp_authenticate_username_password() should check for a WP_Error object reporter-feedback Security 3.7 normal normal Awaiting Review defect (bug) new 2015-03-18T16:29:08Z 2019-08-06T09:19:25Z "This is a follow-up to #19714 and #22516 These were closed, but IMHO, the bug as such is not resolved. wp_authenticate_username_password() does only check whether $user is a WP_Error object when either password or username are empty: {{{ 75 if ( empty($username) || empty($password) ) { 76 if ( is_wp_error( $user ) ) 77 return $user; 78 … }}} However, another plugin that hooks into authenticate might pass a WP_Error even if $username and $password were provided, but the specific authentication mechanism failed. The current implementation completely ignores this. The result is that users who exist locally can log in using a local, possibly older password, bypassing the plugins' additional authentication mechanisms completely. I'd advocate to check for is_wp_error($user) much earlier in wp_authenticate_username_password(), so that the authentication process will fail as soon as one ""authenticate"" filter returns a WP_Error object." kwisatz 6 31689 Media player not working with 302 redirects has-patch Media 4.1.1 normal normal Awaiting Review defect (bug) new 2015-03-19T07:28:04Z 2020-09-15T20:22:12Z "When calling the audio player using `wp_audio_shortcode( array( 'src' => '/path/to/file' ) );` and the path in question is a 302 redirect to an actual audio file, the audio player cannot find or play the file. A prime example of this is with Microsoft's OneDrive - a public link to a file stored with them looks like this: `https://onedrive.live.com/download?resid=###`. Going to that URL ends up in a 302 redirect to the actual file. While OneDrive may not be the best way to store and share media files, it is still a valid use case. Plus, this will affect any file storage where the file is accessed via a 302 redirect. There are alternative audio players that can handle 302 redirected files, so it's not impossible to work around the issue. For reference, this came up in a support ticket for one of my plugins - details here: https://wordpress.org/support/topic/direct-link-to-onedrive." hlashbrooke 2 31691 Taxonomies registered to Attachments post type don't show in media modal if public = false but show_ui = true. Administration 4.1.1 normal normal defect (bug) new 2015-03-19T11:00:37Z 2019-06-04T19:28:16Z "If you register a taxonomy for the `attachment` post type with the parameters: {{{ public => false, show_ui => true }}} If correctly shows the UI meta box when viewing the old-style edit media page. However, if doesn't show fields in the edit media modal. If you set `public` to true then it does show. The media modal should check the `show_ui` value to determine wether taxonomy fields should be shown in the attachment media modal." husobj 2 31695 Enclosing oEmbed using `embed_oembed_html` is generating invalid HTML needs-unit-tests Formatting normal normal defect (bug) new 2015-03-19T16:26:12Z 2019-06-04T19:48:18Z "This bug was detected when trying to preview a post that had a Twitter oembed URL. There was no error on the log, and the previewed content was empty ( `the_content()` was printing an empty string ). After some debugging, I found that something was adding an extra `<p>` and never closing that tag, on the oembed returned markup, right before `<script>`: {{{ <blockquote class=""twitter-tweet"" width=""550""> <p>Lisbon with #WordPressVIP @ Terreiro do Paço http://instagram.com/p/vGw5IchocB/ </p> <p>— Henrique Mouta (@vaurdan) <a href=""https://twitter.com/vaurdan/status/530762912462557185"">November 7, 2014</a></blockquote> <p><script async src=""//platform.twitter.com/widgets.js"" charset=""utf-8""></script></div> }}} I did some tracing and found out that it was `wpautop` fault. Even though `WP_oEmbed::_strip_newlines()` was successfully stripping the new lines from the returned oEmbed HTML, something was adding an extra newline before the `<script>` tag. {{{ $allblocks = '(?:table|thead|tfoot|caption|col|colgroup|tbody|tr|td|th|div|dl|dd|dt|ul|ol|li|pre|form|map|area|blockquote|address|math|style|p|h[1-6]|hr|fieldset|legend|section|article|aside|hgroup|header|footer|nav|figure|details|menu|summary)'; $pee = preg_replace('!(<' . $allblocks . '[^>]*>)!', ""\n$1"", $pee); $pee = preg_replace('!(</' . $allblocks . '>)!', ""$1\n\n"", $pee); }}} And that was happening because `<blockquote>` is on the `$allblocks`, making a newline between `blockquote` and `script`. To fix this, I used the same logic that `wpautop` uses for `<object>`, `<option>`, `<source>`, and `<track>`: have no `<p>` or `<br/>` around the `<script>` tag: {{{ if ( strpos( $pee, '<script' ) !== false ) { // no P/BR around script $pee = preg_replace( '|\s*<script|', '<script', $pee ); $pee = preg_replace( '|</script>\s*|', '</script>', $pee ); } }}} Now the oembed is fully functional and doesn't have that unclosed `<p>` tag: {{{ <blockquote class=""twitter-tweet"" width=""550""> <p>Lisbon with #WordPressVIP @ Terreiro do Paço http://instagram.com/p/vGw5IchocB/ </p> <p>— Henrique Mouta (@vaurdan) <a href=""https://twitter.com/vaurdan/status/530762912462557185"">November 7, 2014</a></blockquote><script async src=""//platform.twitter.com/widgets.js"" charset=""utf-8""></script></div> }}}" vaurdan 16 31696 Better select, multi-select, and autocomplete/suggestion inputs in the admin dev-feedback Administration normal normal Future Release enhancement new 2015-03-19T16:47:15Z 2018-06-06T20:52:02Z "I know this has been brought up before, but can't find the original ticket. That said, a few months ago Helen brought up a potential integration of the Select2 library but, due to licensing issues, we were unable to proceed with it at the time ([https://github.com/select2/select2/issues/2468 GH issue]). The licensing issue has now been resolved and, since I've been unable to find the original ticket, I'm opening a new one along with a preliminary patch to add Select2 to core. At the moment, this patch is based on a new CSS class (select2) being added to any select field that should implement the Select2 library. I've added it to the select fields on the Settings->General page as an example, but didn't want to implement it system-wide until the community had a chance to speak up RE: where does/doesn't Select2 belong, or should it actually be implemented everywhere. The language and timezone fields seemed an obvious choice given their inherent size, but things like the emoji field under Settings->Reading that have a finite number of options seem less obvious. Discuss!" section214 21 31706 wp_list_categories for hierarchical taxonomy return wrong tree if orderby clause is used reporter-feedback General 4.1.1 normal normal defect (bug) new 2015-03-20T11:11:52Z 2019-06-04T19:48:23Z "My taxonomy is e.g. {{{ -term 1 --subterm 1.1 ---subterm 1.1.1 --subterm 2.1 --subterm 3.1 -term 2 -term 3 }}} and lets say i am on the 'term 1' page and i want to return all suterms. But when i run {{{ $args = array( 'style' => 'list', 'title_li' => '', 'echo' => 0, 'hierarchical' => true, 'depth' => 2, 'taxonomy' => 'my_taxonomy', 'orderby' => 'count', 'order' => 'DESC', 'show_option_none' => '' ); $args['child_of'] = $current_term->term_id; }}} it return only {{{ Subterm 1.1.1 }}} Problem is that {{{ 'orderby' => 'count', 'order' => 'DESC', }}} when i put it out, it works as expected BTW IMO wp_list_categories() need some bigger rewrite - it is probably the oldest code in WP :-). No filters, strange classes etc. especially comparing to similar wp_nav_menu. E.g. there is no class to parent LI (and it is often need to change e.g. for Bootstrap), nor any action or filter, the only way are some non-trivial preg_match on the full results or replacing the whole Walker, what is not optimal for forward and plugin compatibility " thomask 1 31711 is_front_page flag affected by frontpage ID and page Title strange conflict has-patch General 3.1 normal normal defect (bug) new 2015-03-20T14:04:03Z 2019-06-04T19:48:24Z "I want to report a strange bug. The ''is_front_page'' flag has incorrect value in cases like described below: Front page in Settings / Reading is set to a static page: http://i.imgur.com/DzrbOVM.png This ''Sample Page'' ID is 2 If you visit any other page, all is fine. For example the ''Lorem ipsum'' page: http://i.imgur.com/n5M0x8R.png However, if you change title of this page to be the same as ID of a frontpage - in my case ''2'', then the ''is_front_page'' flag changes value to incorrect: http://i.imgur.com/KCa1JYo.png It happens for titles like: 2, 02, 000002. Basically always if (int)$page_title == $front_page_id The wrong ''is_front_page'' flag may affect themes/plugins which use it. It's quite rare for the bug to take effect, but it happens, as I got a report from a user of my theme." m_i_n 3 31715 Small UI redesign proposal for media uploader Media 4.1.1 normal normal enhancement new 2015-03-20T17:50:29Z 2019-06-04T20:12:17Z "Right now, when adding images to a post, you get an 'Insert Media' dialog (or 'media grid') where you can drag and drop files to upload. Perfect, so far. However, if you want to ''manually'' select some files via file chooser, you have to click another tab, and then click again on a button to launch the file chooser. If you use it a lot, that extra click can become a bit annoying. My proposal would be to remove that extra 'Upload Files' tab and just add a simple 'Select Files' button on top of the Media Grid dialog. See attached mockup. That would be self-explanatory and quicker to use, and we could get rid of the tabs." jorgetoledo 4 31725 Protect against jQuery being downgraded by poorly coded plugins and themes General normal normal defect (bug) new 2015-03-22T10:15:09Z 2019-06-04T19:48:29Z "I'm sick to death of plugins and themes that replace core's jQuery with their own version or link to Google's CDN but without matching version numbers, or hardcode an additional version that overwrites `jQuery`. It causes so many headaches. I'm willing, at this point, to consider drastic measures. How can core protect against this?" markjaquith 2 31728 Search bug (Cyrillic) reporter-feedback Permalinks 4.1.1 normal normal Awaiting Review defect (bug) new 2015-03-22T15:03:14Z 2020-07-20T12:52:35Z "There is a bug, when I search something in my WordPress site. The correct search link should be: {{{http://site.com/search/word}}}. When I type something in English, the link is correct: {{{http://site.com/search/word}}}. But when I type something in Bulgarian language (Cyrillic), the link is different: {{{http://site.com/?s=абвгд}}}. The structure of my WordPress permalinks is: {{{http://site.com/%post_id%}}}." kazumy 3 31737 Unique identifier for Heartbeat API calls has-patch General 3.6 normal minor Awaiting Review enhancement new 2015-03-23T09:37:50Z 2022-07-06T18:50:48Z "''I chose ''Autosave'' as it is the most close component to the Heartbeat API.'' ---- Currently it seems that the Heartbeat API call made are not differentiated as Heartbeat API calls. The AJAX URL used is the global JS `ajaxurl` variable and the user agent is the same as the user's browser user-agent. This makes it difficult to parse them off general server access logs and so on. ---- Could it be possible to add a query variable (e.g. `admin-ajax.php?heartbeat=1`) or change/append the user-agent to `WordPress Heartbeat API` or something? If a user logs in to `wp-admin` and leaves the session open, Apache's `access.log` files will be filled with unwanted clutter originating from the Heartbeat API requests. With a query variable or a customized user agent server admins could redirect the Heartbeat API traffic logs to a custom log file or even `/dev/null` if they wish to. This could be possible with the following server directive in Apache for instance: {{{ # Determine user agent, set environment variable depending on it. SetEnvIfNoCase User-Agent "".*WordPress Heartbeat API.*"" heartbeatrequest # Normal access log, without user-agent checked heartbeat calls. CustomLog /path/to/access.log combined env=!heartbeatrequest # Heartbeat calls go to another log file. CustomLog /path/to/heartbeat.log combined env=heartbeatrequest }}} I know some Heartbeat API settings can be tinkered with a plugin or a theme using hooks and globals, but I think this addition should be made into the core to keep it consistent across the board." ojrask 8 31744 All PHP files in the root should be dummy files, pointing to wp-includes versions dev-feedback Upgrade/Install normal normal Awaiting Review enhancement new 2015-03-24T01:25:03Z 2017-02-06T12:33:46Z "I'm proposing that all of our PHP files in the WordPress root should be moved to `wp-includes`, and dummy versions put in the root that include the `wp-includes` versions of them. This will make things cleaner, and will open the door for us to do things like install a new version of WordPress in `wp-includes-8fb24cd9`, and pass a `?use-wp-includes=8fb24cd9` switch that loads that version. We could test the updated version of WordPress without touching the old version, and if it fails (WSOD, etc), we don't even have to roll back, because we haven't put the new version in `wp-includes` yet." markjaquith 1 31746 get_blogs_of_user() can be very slow when a user is a member of thousands of sites johnbillion has-patch Users 3.0 normal normal Awaiting Review defect (bug) reviewing 2015-03-24T02:19:45Z 2022-06-03T20:35:46Z When a user belongs to thousands of sites, the array of `$blogs` can become rather large. Considering get_blogs_of_user is called in many places on every page-load when a user is logged in, Some optimization should happen here. Not counting the multisite admin pages, `get_blogs_of_user()` is called from the functions `is_user_member_of_blog()`, `get_dashboard_url()`, and `WP_Admin_Bar::initialize()`. I propose the results of the function to at least be stored to a static variable to prevent multiple lookups to the same information. I also propose that a pre-fetch filter (pre_get_blogs_of_user ?) be added so that a plugin can override that information and provide something more efficient if the need arises. jtsternberg 27 31751 Using PgDn and PgUp keyboard keys in the editor scrolls both post edit box and the whole viewport Editor 4.1.1 normal normal Awaiting Review defect (bug) new 2015-03-24T16:42:26Z 2020-11-24T06:13:57Z "The editor in WordPress 4.1 is great, and the whole sticky sidebar is a great improvement, but editing using Page Down and Page Up keys as part of the workflow is some of the most frustrating experience one can have because they control both the cursor in the post edit box and the page itself. For example, if I go into a short post, put the cursor at the beginning of the post, and press Page Down, I'm going to end up with this: [[Image(http://i.imgur.com/CZr3FXQ.png)]] At this point, I can only see a tiny sliver of the post because the page has scrolled too. This is similar to #30919, except I'm not talking about the distraction-free mode, which I almost never use. Windows 8.1 on Chrome 42 beta, but this behavior has been the same for as long as I can remember." archon810 15 31759 Allow to set $allow_bail when creating new wpdb object to handle connection error silently Database 4.1.1 normal normal enhancement new 2015-03-25T08:49:23Z 2019-06-04T19:28:21Z Class wpdb doesn't allow to set $allow_bail when creating new wpdb object. So there will be always error 500 on connection error. It would be great to have possibility to set $allow_bail at wpdb object creation (by constructor arguments perhaps). szaqal21 31772 Browser unresponsive with long password needs-unit-tests Users 3.7 normal normal defect (bug) new 2015-03-26T00:47:25Z 2019-06-05T06:40:45Z "== Steps to reproduce 1. Login 1. Navigate to profile 1. Click in the text input for ""New Password"" 1. Paste in a long password * E.g. 600 characters: {{{ 123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 }}} 1. Press the ""tab"" key - **Expected behaviour**: - The cursor moves to the ""Repeat New Password"" field. - ""Strength indicator"" changes to ""Strong"" or ""Weak"" (probably should be ""weak""). - **Actual behaviour**: - The cursor does not move. - The cursor stops blinking. - ""Strength indicator"" does not change. - The browser is not responsive. - After several seconds or a minute, the cursor eventually starts blinking, moves to the ""Repeat New Password"" field and the strength indicator changes to ""Strong"" (probably should be ""weak""). 1. Press the ""shift+tab"" keys - **Expected behaviour**: The focus moves to the ""New Password"" field and its content is selected. - **Actual behaviour**: - The cursor does not move. - The cursor stops blinking. - The browser is not responsive. - After several seconds or a minute, the focus eventually moves to the ""New Password"" field and the content is selected. 1. Press the delete/backspace key - As expected, the password is deleted and the browser is immediately responsive. My testing was as an administrator using Chrome on Mac OS X. I think this issue applies to any role and any browser on any OS. I expect the delay is longer with slower hardware. == Solutions == Certainly the strength checker need not run on `focus` events. It should only be necessary on `change`. It could also run after a short timeout (~500 ms) if no other `change` event has occured, so that it only runs when the user stops typing. An elaborate solution might be to make the password strength checking code more efficient. Or only run it on the first N characters. Or alternatively, seek a third party library that checks password strengths more performantly. A simple solution could be to set the `maxlength=""""` attribute on password `<input>`s. Rough testing on Chrome on an 18-month old MacBook Air suggests The limit would probably need to be less than about 64-256 in order to keep the browser responsive (without modifying the unperformant code). The disadvantage of this approach is that long passwords can not be input by the keyboard, or will be truncated if pasted in. This might be an issue for users that use password managing software like OnePassword. We would need to investigate how long the passwords generated by such software is. For reference and comparison; - The server-side limit is currently 4096: https://github.com/WordPress/WordPress/blob/master/wp-includes/class-phpass.php#L217 - If a password is set that is longer than 4096 characters, WP silently fails to save the password." BevanR 22 31775 wp_mail attachments support only ascii symbols Mail 4.1.1 normal normal enhancement new 2015-03-26T12:31:01Z 2021-04-06T11:15:43Z "Hi. Currently `wp_mail()` passes it's attachments directly to PHPMailer, and that results in taking file basename as attachment name. Basename seems to behave not normal on non-ascii symbols, for example `/сontacts.png` (the first 'c' is russian) will be truncated as `ontacts.png`. Apart from that, even if it would be basename'd correctly, it won't be utf8-encoded as required by standard (`=?utf-8?B?base64?=`), and that will probably result in broken mails and/or rejected mails. So i'm proposing to implement functionality for manual attachment naming and/or automatic basenaming filenames and encoding attachment names according to [http://tools.ietf.org/html/rfc2047 standard]. #28407 is tightly bound to this request." Fike 2 31777 "sanitize_text_field() stripping instances ""%ca""" General 4.1.1 normal normal defect (bug) new 2015-03-26T20:20:49Z 2022-08-24T15:40:44Z "Forgive me if this isn't a bug, however I believe it is. But when you try to sanitize the string ""%category%"" with the WordPress native function '''sanitize_text_field()''' it will strip the ""%ca"" leaving the string ""tegory%"". Maybe this is a security precaution but it seems like something that should be fixed. I found this while trying to simulate the custom permalink options in my own custom option and noticed anything containing ""%ca"" is removed. Thanks for your time." lieutenantdan 3 31778 Opening the collapsed admin menu doesn't close toolbar submenus General normal normal defect (bug) new 2015-03-26T20:31:38Z 2019-06-04T19:48:36Z On a narrow touch device, toolbar dropdowns only open one at a time, but opening the admin menu does not close any dropdowns and is shown behind any open dropdowns, making it impossible to get to any of the higher items. This is particularly bad because you can't always close the submenu (see #29906). Opening the admin menu should close any other toolbar dropdowns - it's fine to continue to have toolbar dropdowns open over the admin menu if it's already open. helen 2 31798 Editor: switch undo and redo in RTL has-patch Editor low normal Future Release defect (bug) new 2015-03-29T11:35:54Z 2021-06-01T13:46:56Z "The undo and redo icons in RTL should we switched. LTR: https://cloudup.com/cHOxlUfHbAp Current RTL: https://cloudup.com/cizBcGBMkCa Proper RTL: https://cloudup.com/cSCyiF_HxMA " yoavf 12 31818 Uniform Search Form Display/Experience joedolson* Administration 4.2 normal normal Future Release enhancement accepted 2015-03-31T11:05:37Z 2023-04-28T15:20:54Z "In our recent testing of the search functionality we've found that there are currently five different search types across the admin. A full description of what the tests entailed, their results, and a link to the Slack discussion can be found here: https://make.wordpress.org/accessibility/2015/03/30/usertest-the-search-functions-in-the-admin/ To summarise, these are the five that we've found: * Search input without submit button, no live search (need to press Enter) * e.g. Media Library list mode * Search input without submit button, live search fires “as you type” * e.g. Media Library grid mode, Themes (add new, wp.org API), Network Themes (add new, wp.org API) * Search input no submit button, live search fires “as you type” (more a “filter current collection” than a search) * e.g. Themes (installed themes), Customizer add widget, Plugins (installed plugins) * Search input with hidden submit button, press Enter or tab and submit the hidden button (after the search, the “typeselector” select appears) * e.g. Plugins (add new), Network Plugins (add new) * “Classic” search: search input with submit button, press Enter or submit button * e.g. Posts, Categories, Tags, Pages, Comments, Users, Network index: search users, Network index: search sites, Network Sites, Network Users, Network Themes (installed), Network Plugins (installed) What we'd like to propose is to bring this down to two and ensure they work well. This could then be used as a launchpad to further unify the search experience and use a single type across the board. The lucky two would be: * the classic one, the same for every search, with visible submit button (already commonly used) * the dynamic one, with some improvements like adding wp.a11y.speak to show the results count, and making sure focus doesn’t change dynamically " Cheffheid 47 31821 Make interim login URL filterable johnbillion dev-feedback Login and Registration 4.2 normal normal Future Release enhancement reviewing 2015-03-31T14:36:20Z 2017-08-22T14:40:51Z Currently, there is no clean way to detect and filter the interim login URL, short of using the ''clean_url'' filter. Obviously, this is not ideal. Plugins that modify the login URL, like my plugin, Theme My Login, would definitely benefit from a direct filter on this. jfarthing84 1 31823 Add ESLint integration swissspidy has-patch Build/Test Tools normal normal Future Release task (blessed) assigned 2015-03-31T20:19:57Z 2024-02-23T10:36:37Z "'''Update:''' The JSCS project has merged into ESLint. So now an ESLint config is needed to be developed for core as opposed to a JSCS one. ---- The [http://jscs.info/ JSCS] project has [https://github.com/jscs-dev/node-jscs/issues/1099 added] a [https://github.com/jscs-dev/node-jscs/blob/master/presets/wordpress.json wordpress] preset. This could be useful to be included in Core. All it needs is a `.jscsrc` file located in the root which contains: {{{#!js { ""preset"": ""wordpress"", ""excludeFiles"": [ ""**/vendor/**"", ""**.min.js"", ""**/node_modules/**"" ] } }}} Related: #30153 (PHP_CodeSniffer) #25187 (JSHnt) #28543 (Allow stricter JSHint checks for core files)" westonruter 30 31830 Hard coded wp-login.php url in string Login and Registration 3.0 normal normal Future Release defect (bug) reopened 2015-04-01T06:53:58Z 2023-09-18T20:38:16Z "Hi. I noticed that in [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/ms-functions.php?rev=32064#L1446 wp-includes/ms-functions.php] (`wpmu_welcome_notification`) the login url is hardcoded (wp-login.php) into the string. This will create a problem if a multisite developer has chosen to change the login page url (for security reasons). Thanks in advance Lena" lenasterg 3 31839 Setting error reporting level for wp_debug_mode dev-feedback Bootstrap/Load 4.1.1 normal normal enhancement new 2015-04-01T16:25:34Z 2023-12-12T20:27:56Z "Since PHP 5.4.0 `E_STRICT` errors appear as part of `E_ALL` and headers cannot be sent sometimes - stuff that can lead to a whole set of problems. For me, they are useless and annoying - but for others they can be useful. I just want the possibility to set the `error_reporting` level used in `wp_debug_mode()`. I have applied a small patch to `load.php` as shown below. I have defined a `WP_DEBUG_LEVEL` constant in `wp-config.php` like so: `define( 'WP_DEBUG_LEVEL', E_ALL & ~E_STRICT );` because I do not want to see the `E_STRICT` warnings. Afterwards I modified the `wp_debug_mode` function like so: {{{ #!php function wp_debug_mode() { if ( WP_DEBUG ) { if( !defined( WP_DEBUG_LEVEL ) ) define( 'WP_DEBUG_LEVEL' , E_ALL) ; error_reporting( WP_DEBUG_LEVEL ); if ( WP_DEBUG_DISPLAY ) ini_set( 'display_errors', 1 ); elseif ( null !== WP_DEBUG_DISPLAY ) ini_set( 'display_errors', 0 ); if ( WP_DEBUG_LOG ) { ini_set( 'log_errors', 1 ); ini_set( 'error_log', WP_CONTENT_DIR . '/debug.log' ); } } else { error_reporting( E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR ); } if ( defined( 'XMLRPC_REQUEST' ) ) ini_set( 'display_errors', 0 ); } }}} Here's the [https://gist.github.com/AlexandruIfrim/8e3626f27344f8f28a87 gist] of it." aifrim 10 31880 Expand wp_dropdown_users $show argument to allow custom user meta field Users 4.1.1 normal normal enhancement new 2015-04-03T14:45:57Z 2019-06-05T06:40:48Z "I would love to be able to pass a custom user meta field to the 'show' argument, perhaps with fallback to the default 'display_name' if not present for a user. Thanks!" adambundy 31902 Shiny Updates: Language packs updates Upgrade/Install 4.2 normal normal enhancement new 2015-04-06T10:25:26Z 2023-07-09T16:13:52Z "Installing or updating plugin WP 4.1: There is also language packs update triggered and users are notified what was updated. Current trunk: There is only message ""Updated!"" and nobody knows if language packs update was also triggered and which languages were updated?" pavelevap 8 31924 Use add_theme_support( 'more-tag' ) to control display of More Tag button in TinyMCE Themes normal normal enhancement new 2015-04-07T20:39:08Z 2019-06-04T21:15:00Z "The More Tag (i.e. `<!--more-->`) can be inserted with a button that is in the top row of the TinyMCE editor by default. However, it's possible to build a theme where the More Tag has no functionality: a theme that uses `the_excerpt()` on all archive pages, the page for posts, and search results. It's a bad user experience for WordPress to display a button if it cannot have any effect on the display of content. Therefore, I think the best way to handle this would be to add a new `add_theme_support()` value of `more-tag`. This would still let themes opt-in any time it makes sense, but wouldn't clutter up the editor with pointless buttons." mrwweb 9 31928 Move wp-signup.php functions to a wp-includes directory has-patch Login and Registration normal normal Future Release enhancement new 2015-04-08T01:51:48Z 2022-11-22T00:29:16Z "Right now, all of the functions that deal with multisite registration are located in the `wp-signup.php` file, mixed in with control and template logic. This makes it difficult to reuse any of the registration functionality and makes it harder to create a custom registration experience for a network. I'd propose moving all of the functional logic into a file in the `wp-includes` folder and include that file at the the beginning of the registration page, at minimum. Additionally, we could big and make wp-signup.php a dummy file and put everything into the wp-includes folder, as @markjaquith suggests in #31744. Even so, I think the functional logic should be separated out from the rest." joemcgill 4 31935 is_page() erroneously set to true when loading /feed/ associated with 404 has-patch Feeds 4.0 normal normal defect (bug) new 2015-04-08T21:51:00Z 2019-06-04T19:48:39Z "r29216 changed feeds to never send a 404 status header. This had the unintended consequence of changing the behavior of some internals. A request to the feed associated with a missing page (e.g. `/missing-page/feed/`) will match the rewrite rule for a page and set `is_page == true`. I'd expect WordPress internals to still understand this request as `is_404`" danielbachhuber 4 31945 Deleting a user without reassigning should have clearer messaging about the implications has-patch Media 4.2 normal normal enhancement new 2015-04-10T18:53:18Z 2019-06-04T20:12:36Z "Just this morning, a client deleted a user and elected to NOT reassign the user's content, as the user had no posts assigned to them. This resulted in a mass-deletion of attachments which that editor had uploaded. There should at least be some language that indicates the danger of deleting a user without reassigning. Even when you click to 'permanently delete' an attachment, you get a javascript alert. The current terminology ""What should be done with content owned by this user?"" is too innocuous. Ideally, WordPress would indicate which post types would be deleted with that user (by checking the `delete_with_user` post_type object parameter), along with a count of the number of items in that post type." jtsternberg 13 31946 /wp-admin/user-edit.php fails when using with IDN domain name Users 4.1.1 normal normal defect (bug) new 2015-04-10T19:35:38Z 2019-06-05T06:40:49Z "'''Steps to reproduce the problem:''' in a IDN-based domain site, logon to the admin area, go to Users in the main menu and click on edit any user. '''Domain is:''' gudñus.com.ar '''The exact URL is:''' http://gudñus.com.ar/wp-admin/user-edit.php?user_id=3&wp_http_referer=%2Fwp-admin%2Fusers.php If I reload the page without the wp_http_referer part of the querystring, it works. Other 4.1.1 WP installations I have work properly, the site with IDN domain is the only with problems. The bug results in a page showing next text: '''''Forbidden''''' ''You don't have permission to access /wp-admin/user-edit.php on this server.'' ''Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.'' '''Please notice again''', that if I take out the wp_http_referer part the page works, no ""Forbidden"" page is shown. '''Extra:''' Had similar problem (more severe, couldn't even login to /wp-admin) when installing wordpress in a folder with latin chars (like domain.com/gudñus/) but couldn't check in depth for that issue." aesede 31956 Check empty title after wp_title_parts. Themes 4.1.1 normal normal enhancement new 2015-04-13T04:15:46Z 2019-06-04T21:15:05Z "if use ""wp_title_parts"", There is a case in which the number of parts is changed. So, creating $prefix , I think should check $title_array. " Toro_Unit 1 31957 query fails, when post is queried under specific name Query 4.1.1 normal normal defect (bug) new 2015-04-13T07:28:11Z 2019-06-04T20:49:30Z "i.e., i have custom post type, named ""CARS"", and when i have standard category, named ""CARS"".. when i publish '''standard''' post under ""cars"" category: mysite.com/cars/something-name... worpdress thinks, that it is under custom-post types, and 404 page is displayed.. to fix that, i have made this function: {{{ //example URL: yoursite.com/cars/subcat/TORNADOO add_action( 'pre_get_posts', 'myf' ); function myf( $query ) { if ( $query->is_main_query() ) { //when the PERMALINK was not found, then 404 maybe triggered.. But wait! maybe it is a standard post, under the standard category(which's name is i.e. ""cars"") if (!url_to_postid(currentURL__MLSS)){ $link_array=explode('/','/cars/subcat/TORNADOO'); $k=array_filter($link_array); //remove empty values $k=array_values($k); //reset hierarchy $all_nmb = count($k); //if post exists with the found slug(""TORNADOO""), lets check, if their parents are categories $post=get_page_by_path(basename('TORNADOO'), OBJECT, 'post'); if ($post){ for($i=0; $i<$all_nmb-1; $i++){ $cat = get_term_by('slug', $k[$i], 'category'); if(!(in_category($cat->term_id,$post->ID) || post_is_in_descendant_category(array($cat->term_id),$post->ID))){ $failed=true; break; } } if (!$failed){ //new query $query->init(); $query->parse_query( array('post_type' =>'post') ) ; //others $query->is_home = false; $query->is_single = true; $query->is_singular = true; $query->is_page = false; $query->queried_object_id = $post->ID; $query->set( 'page_id', $post->ID ); } } } //if page exists with the that link, then query will be made correctly.. //$page=get_page_by_path(...., ..., 'page'); } if ( ! function_exists( 'post_is_in_descendant_category' ) ) { function post_is_in_descendant_category( $cats, $_post = null ) { foreach ( (array) $cats as $cat ) { $descendants = get_term_children( (int) $cat, 'category' ); if ( $descendants && in_category( $descendants, $_post ) ) {return true;} }return false; } } }}} " selnomeria 3 31960 Archives widget li should have informative css classes has-patch Widgets 4.1.1 normal normal enhancement new 2015-04-13T13:27:51Z 2019-06-05T06:40:52Z "The archives widget should add classes `m-item` and `m-item-XXXX` to allow better styling and ajax functionality, as well as being consistent with other widgets (e.g. categories widget provides such classes as `cat-item` and `cat-item-XX` with ID). Workaround: it is possible to customize the archive link getter to add the required css classes: {{{#!php add_filter( 'get_archives_link', function($link_html) { preg_match('/m=([0-9]+)/', $link_html, $m); $month= $m[1]; if ($month) { return preg_replace('/<li>/', '<li class=""m-item m-item-' . $month . '"">', $link_html); } else { return $link_html; } }); }}}" basteln3rk 1 31970 Live Preview header image crop is not correct size Customize normal normal Awaiting Review defect (bug) assigned 2015-04-14T15:51:37Z 2017-03-21T18:34:08Z "Steps to reproduce - Activate Twenty Fifteen - Live Preview Twenty Eleven - Add new header image and crop it - See that the image is large and distorted When you first select a new header image and are choosing where to crop it, everything looks good. Once you click crop and it shows the live preview, you can see that the image is the incorrect size." MikeHansenMe 5 31977 "Ping status of pages changes to ""closed"" in quick edit" pareshradadiya dev-feedback Posts, Post Types 4.2 normal normal Future Release defect (bug) assigned 2015-04-15T11:14:50Z 2022-10-14T17:26:39Z "WP version: 4.2-beta4 Every page is created with ping_status set to ""open"". If the page is edited in the ""full"" edit form, the ping_status remains untouched. However, if the page is edited in the quick edit form, the ping_status field is changed to ""closed"" since WP 4.2. Since pages don't support the ping functionality, I suppose it shouldn't change the field. Maybe ""closed"" is the propper one, but it should be set on the creation. It makes testing of our plugin a little bit tricky. Thanks. Jan" JanVoracek 6 31980 Customizer Theme Switcher Details Modal: previous/next/close buttons require double taps on IOS reporter-feedback Customize 4.2 normal normal Future Release defect (bug) new 2015-04-15T14:33:53Z 2021-05-22T20:12:17Z "Per comment:34:ticket:31794, there's an issue where double taps are required to trigger the previous/next/close buttons in the theme details modal. " DrewAPicture 8 31992 Unicode Email Addresses has-patch Formatting normal normal defect (bug) new 2015-04-16T14:08:51Z 2023-10-02T22:00:04Z "Tested against trunk (2015-04-16) '''Test case''' {{{ $target_email = 'dummy-üñîçøðé.y.!#$%@üñîçøðé.gmail.com'; echo $target_email.'<br>'; echo sanitize_email($target_email).'<br>'; echo 'is_email : '.is_email($target_email); }}} '''Return''' {{{ dummy-üñîçøðé.y.!#$%@üñîçøðé.gmail.com dummy-email.y.!#$%@gmail.com is_email : }}} Function is_email @ /wp-includes/formatting.php line 2177 Preg_replace @ line 2211 is not correct. {{{ if ( !preg_match( '/^[a-zA-Z0-9!#$%&\'*+\/=?^_`{|}~\.-]+$/', $local ) ) { }}} Function sanitize_email() @ /wp-includes/formatting.php line 2430 Preg_replace @ line 2460 is not correct. {{{ $local = preg_replace( '/[^a-zA-Z0-9!#$%&\'*+\/=?^_`{|}~\.-]/', '', $local ); }}} " ysalame 15 32012 Crunching doesn't work on some grayscale images Media 4.1.1 normal normal defect (bug) new 2015-04-18T13:46:09Z 2019-06-04T20:12:44Z "No error message, just no thumbnail/smaller sizes crunched on upload of a grayscale image. Some images work, others not. All are similar sizes, 32-bit grayscale, under 2MB with varying dimensions. I have followed the relevant steps at: https://wordpress.org/support/topic/25-imagemedia-uploader-problems?replies=1" nifwlseirff 2 32017 Fix class name typo from 'hndle' to 'handle' has-patch Administration normal normal Awaiting Review defect (bug) new 2015-04-19T15:43:53Z 2020-01-16T21:20:54Z The typo was introduced in [8682] changeset. michalzuber 6 32039 Publish date when publishing a scheduled post in the past Posts, Post Types 4.1.1 normal normal defect (bug) new 2015-04-21T16:04:42Z 2019-06-04T20:49:37Z "Given the following steps: 1. Set a post to be scheduled at a later date, i.e. 20/04/2015 11:30 2. Wait until that time has passed and then click 'Publish', i.e. at 21/04/2015 09:00 The post's published date is set to the date at which it was scheduled to go live, when in reality it was not actually pushed to a published state until the time publish was clicked. `$post->date` was `2014-04-20T11:30` and not the expected `2014-04-21T009:00`, and published date in UI shows the incorrect date. Although this is not necessarily a common occurrence (basically forgetting to click Publish / Schedule) it is possible in the UI and leads to a confusing date, and one that in our case breaks other functionality that relies on a published date." adambarclay 2 32041 Bulk updating selected Plugins with and without updates fails Plugins 4.1.1 normal normal defect (bug) new 2015-04-21T17:54:54Z 2019-06-04T20:49:39Z "In WordPress 4.1.1 (and possibly some earlier releases of 4) there is a bug in the following scenario. Your site has n+ plugins that need updated. You navigate to the general 'installed Plugins' page. You select ALL plugins (including those without updates) and go to Bulk Actions and select 'update'. In prior versions WordPress would only update the plugins in the selected list with updates. Currently it takes you to the updating screen and says it's finished without updating any plugins or listing any plugin updates in the updating screen." gmariani405 4 32048 Uploaded file reserves a name, page can't be named it. Permalinks 4.1.1 normal normal Awaiting Review defect (bug) new 2015-04-22T03:51:57Z 2017-03-09T01:04:29Z "1) Upload a file-name.png file to media library. 2) Publish a page named ""file-name"". 3) Note that (if site is set to post-name permalink) the page is now file-name-2 4) Try to rename the attachment and then give the page the natural name, and it still doesn't work. This might have a similar root cause as bug #13459." programmin 5 32056 wp_dropdown_roles() bug reporter-feedback Role/Capability 2.1 normal normal defect (bug) new 2015-04-22T11:59:25Z 2021-12-03T20:06:06Z "Hello, in the function wp_dropdown_roles() located in wp-admin/includes/template.php there is a bug. More specifically, around line 855 you can find {{{ if ( $selected == $role ) // preselect specified role }}} In this condition you are comparing 2 strings, therefore the correct operator for comparison is ""==="". If compared only with ""=="" then the preselected role is wrong if the site has custom roles. Also the {} brackets are missing, but this is ok... Please consider fixing it in the next version :)" InS0mN1aC 10 32057 fix: allow plugins to access click event in edit inline post Posts, Post Types 2.7 normal normal defect (bug) new 2015-04-22T12:03:58Z 2019-06-04T20:49:45Z "I wanted to add custom functionality to inline post edit, but there is code that prevents me from doing this. ---trunk--- in /wp-admin/js/inline-edit-post.js, line 53 {{{ 51: $('#the-list').on('click', 'a.editinline', function(){ 52: inlineEditPost.edit(this); 53: return false; 54: }); }}} fix: {{{ 51: $('#the-list').on('click', 'a.editinline', function(e){ 52: inlineEditPost.edit(this); 53: e.preventDefault(); 54: }); }}} but first time appered in 2.7 {{{ 82: addEvents : function(r) { 83: r.each(function() { 84: var row = $(this); 85: $('a.editinline', row).click(function() { inlineEditPost.edit(this); return false; }); 86: }); 87: }, }}} " wasikuss 1 32065 Hide entire RSS widget when no items to display has-patch Widgets 4.2 normal normal enhancement new 2015-04-22T16:53:38Z 2019-08-21T02:29:00Z "When a default RSS widget has no items to display, the following text is displayed: ""An error has occurred, which probably means the feed is down. Try again later."" I don't believe that this message is particularly useful to readers and suggest that in the event that an RSS Widget is - for whatever reason - unable to display any items, that the widget just doesn't appear at all, rather than display an unhelpful and ugly message. An alternative implementation is to conditionalize this output with something like current_user_can( 'edit_theme_options' ). This would allow users who can actually control Widgets to still see the output, but standard readers wouldn't have to see it." MadtownLems 4 32067 Remove inline javascript from WP-Core to allow CSP protection Security normal normal Future Release feature request assigned 2015-04-22T20:24:31Z 2020-09-28T13:47:13Z "To avoid catastrophic effects of XSS, it would be safe to allow user to add a Content Security Policy (CSP) header. To be effective, a CSP must at least disallow inline javascript." tdelmas 19 32071 Function to generate safe & trusted URLs has-patch General normal normal Awaiting Review enhancement new 2015-04-22T21:05:18Z 2017-06-13T22:04:26Z "Recent developments around plugins and themes misusing `add_query_arg()` and `remove_query_arg()` got me to thinking about how WordPress has a responsibility to make generating safe and reliable URLs as easy as possible. I'm proposing we introduce a new helper function that all URLs in core would be switched over to use, to lead by example and completely eliminate any margin for errors when it comes to the order of operations of manipulating URLs and outputting them to the browser. Patch imminent." johnjamesjacoby 7 32085 Less ambiguous dashboard access. Suggested new capability: access_dashboard Role/Capability 4.1.2 normal normal enhancement new 2015-04-23T19:15:12Z 2023-11-23T02:52:00Z "Wordpress makes the assumption that the theme (or some plugin) may not provide a place for users to edit their profile, and lets any registered user access the dashboard to do so. It's a decent assumption to make. While it creates a jarring ""did I just leave the site?"" experience, you can't assume the theme or some plugin will accommodate updating profiles. There are a host of other plugins that rely and build upon this assumption. Vendor Products (a paid Woocommerce extension) assumes users of any role have access to the dashboard, to let users identified as vendor admins (by its own means) manage products. There's an LMS which makes the same assumption to let teachers manage quizzes and such. I'm sure many other plugins make that same assumption. I recently discovered that WooCommerce relies upon the `edit_posts` capability to determine if a user should be able to access the dashboard vs getting redirected to ""my account"". This keeps customers on the front-end, which is valuable, but breaks a host of other plugins which assume any registered user can access the dashboard. Overuse of the `edit_posts` capability to determine some level of admin access is a different discussion (worth having!), but it seems obvious to me that a new capability should be introduced to specifically target accessing the dashboard. This is certainly a Woocommerce issue, but I feel an `access_dashboard` capability would remove the ambiguity around... well, accessing the dashboard. This would also let WP admins have refined control over letting their users access the dashboard vs staying on the front-end. Buddypress for example provides a front-end profile editing template. Under Buddypress settings, there could be a checkbox for allowing users to access the dashboard. Unchecking it would keep subscribers on the front-end. WooCommerce also provides front-end account management and could have the same approach. Users without these plugins could also just use a plugin like User Role Editor to remove the `access_dashboard` capability from subscribers to keep users on their front-end, or achieve the same result with 4 lines in their functions.php." archonic 1 32097 Extra margin in `post_submit_meta_box()` on non-public post types Administration 4.2 normal normal defect (bug) new 2015-04-24T06:04:39Z 2019-06-04T19:28:37Z "If you're editing a published or scheduled post in a post type registered with `public => false`, there's now some extra space above ""Status.""" dlh 6 32117 wp_get_attachment_metadata sizes array file misses path if using year/month organizing Media 4.2 normal normal Awaiting Review defect (bug) new 2015-04-24T15:58:51Z 2017-08-14T13:15:29Z "wp_get_attachment_metadata returns array like this: {{{ [""metadata""]=> array(5) { [""width""]=> int(3072) [""height""]=> int(2304) [""file""]=> string(25) ""2015/03/GC702D01_high.jpg"" [""sizes""]=> array(4) { [""thumbnail""]=> array(4) { [""file""]=> string(25) ""GC702D01_high-200x150.jpg"" [""width""]=> int(200) [""height""]=> int(150) [""mime-type""]=> string(10) ""image/jpeg"" } }}} as you can see, ""file"" in the first level of the array contains year and month (as i do have turned on organizing in year/month structure for uploads), but ""file"" in the second level for (e.g. in this case) the thumbnail size is only the file name, without the path. This is at least confusing, make it difficult to get the URL of the file - each size need to be then requested separately by wp_get_attachment_image_src function. IMO optimal solution would be to use full path in both `$metadata['file']` and `$metadata['sizes'][$size]['file']` so the same name would have the same structure. But i do not know if it wouldn't have some compatibility issues. Less optimal imo would be to add there also the path - it can be there only once in the top level, as all sizes are currently always in the same folder, but i think this could lock us from possible changes / plugin modifications etc. E.g. I think that it would be great, if it would be possible (and even default) to have size name, as a folder, so that we would have thumbnails in uploads/thumbnail, medium size in uploads/medium ... - this would highly reduce the number of images in one folder in default settings and would reduce the problems with displaying them on most systems. And also if we would want to delete some defined size, we could simply delete one folder and save space. So the second optimal would be to show the path in `sizes[$size]` subarray, e.g. {{{ [""metadata""]=> array(5) { [""sizes""]=> array(4) { [""thumbnail""]=> array(4) { [""file""]=> string(25) ""GC702D01_high-200x150.jpg"" [""path""]=> string(25) ""2015/03/"" } }}}" thomask 5 32126 XML-RPC stopped working with 4.2 in a cross-domain scenario XML-RPC 4.2 normal normal defect (bug) new 2015-04-24T19:15:36Z 2019-06-05T06:40:55Z "Bug fix #20986 in wp-includes/class-IXR.php unconditionally returns status 405 to all request methods except POST. Additionally, an invalid Allow: header is returned. But OPTIONS is a perfectly valid preflight request sent by XML-RPC clients, especially in a cross-domain scenario, to determine if a subsequent request (like POST) will be allowed - or if a cross-domain request will be allowed. Unconditionally returning 405 prevents those clients from subsequently sending their POST request. This broke my XML-RPC client, which previously worked in 4.1.3. Proposed fix: respond correctly to an OPTIONS request, by examining (any) Access-Control-Request-Methods: header for PUT, and returning an Access-Control-Allowed-Methods: header containing PUT with status 200. Request for enhancement: fully support CORS by adding an admin dialog which defines what hosts (or none, or all) will be accepted for cross-domain requests, and return the appropriate Access-Control-Allow-Origin: header." flymike 2 32130 Export tool should manage users Export 3.1 normal normal enhancement new 2015-04-25T10:26:12Z 2020-07-06T14:50:40Z "I'm migrating a site from a server to another with the export/import tool. Users are not imported but new users are created, consequently users informations (including password) are lost. Export tool shoud export/import users as well as pages, articles, ..." jerome.martin 1 32143 wpLink function getAttrs() missing link-text reporter-feedback Editor 4.2 normal normal Awaiting Review enhancement new 2015-04-27T07:04:06Z 2020-11-24T01:38:12Z "After last update to 4.2 wpLink() was renewed and the title-input was replaced. Instead of title, you can now insert/change the link text. https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/wplink.js?rev=32017 But in function getAttrs() the val of link-text was forgotten. Therfor I proporse to add this line in getAttrs(): linktext: $.trim( inputs.text.val() ), Also it would be nice to populate the link-text field with the document title of a chosed intern element, like it was made with the old title-field before. " xwolf 6 32183 Widget ID auto-increments conflict for concurrent users westonruter* Widgets 2.8 normal normal Future Release defect (bug) accepted 2015-04-29T09:20:46Z 2017-06-07T00:20:40Z "Each WP_Widget 2.0 “multi-widget” gets an index number associated with each instance of a give type. When you add a widget, this number gets incremented (`widget.set( 'multi_number', widget.get( 'multi_number' ) + 1 );`). The initial multi-number is calculated from the `next_widget_id_number()` function which takes the max number currently used, and increments it by one. The same approach is used in the widgets admin page and the Widget Customizer. For frequently-used widgets, the above problem will happen frequently where two users will try to add the same widget at the same time, and thus they will start out with the same initial `multi_number`, resulting in the same widget ID. When they both save their changes, one user's widget will override the other user's widget: whoever saves last. Likewise, it is possible for multiple widgets to be deleted in one session (from the widgets admin page, since Customizer only removes widgets by moving them to the Inactive Widgets sidebar) then new ones added back in other sessions and the initial `multi_number` will not be consistent. In other words, the `multi_number` for each widget type needs to be synced across each Customizer session along with the actual setting values. For concurrent editing of widgets, see: #31436: Handle conflicts in concurrent Customizer sessions #12722: Concurrent editing of widgets (on admin page)" westonruter 3 32192 Add HTML attribute builder helper function has-patch General 4.2.1 normal normal enhancement new 2015-04-29T20:01:30Z 2019-06-04T19:49:00Z "I've seen (and wrote) a lot of plugins which manually build out each HTML attribute as a loop, escaping each value and then removing any attribute that has no value. Wouldn't it be nice if there was a function that does all that for you? This patch introduces a new function {{{html_attributes}}} which accepts an array and builds out a string of attributes whilst sanitising the values and removing any empty attributes. I've also updated any uses in core removing the logic and using the function instead. There's probably a few instances still left to update, but this is a good start." paulwilde 6 32193 Large (custom) resolution emoticons are being shrunk to 12x12 Formatting 4.2 normal normal defect (bug) reopened 2015-04-29T21:21:52Z 2019-06-04T19:49:04Z "I don't know what's different from the latest version of 4.1 to 4.2 but you guys messed with the emoticons in 4.2 and I'm really angry about it! Now I have custom resolution emoticons being shrunk to 12x12! For example my 40x18 emoticon is now being displayed/scaled as 12x12... imagine how it looks! Before the 4.2 series, the custom emoticons were shown as they were! At normal standard resolution so please fix this ASAP!" justatest47 9 32194 Post Locked Notification Dialog is not Responsive has-patch Administration 3.6 normal normal enhancement new 2015-04-29T21:38:27Z 2019-06-04T19:28:44Z When notification dialogs were introduced in r23661, they were only designed for larger screens. iandunn 6 32202 Add support for options page locking (settings API concurrency) dev-feedback Options, Meta APIs 3.6 normal normal enhancement new 2015-04-30T01:18:48Z 2021-08-26T21:18:12Z "If two users access an options page at the same time, the user who saves last will have their settings stick, while the user who saves first will have their settings lost. This is because options pages lack any access concurrency checking. In #31436 we propose to handle conflicts in concurrent Customizer sessions by adding locking to individual controls so that users can't override each others' values. The same functionality is needed for options pages generated generated via the Settings API. At the most basic level, locking could be implemented to block a user from accessing an options page if someone else is already there, presenting the user with the same takeover screen as shown for post locking. A more sophisticated approach would be to allow multiple users to edit an options page at once, either by syncing values across the sessions via Heartbeat, or by disabling a field entirely for other users when one user starts editing it. In this way, the disabled field would not be included when the other users submit the form. This may not work in all cases, however. Another approach, less sophisticated and not using Heartbeat at all, would be to introduce a persistent counter for saves to a given admin page. This would serve as a revision number, and the revision could be included with each settings form. If the submitted form has a setting number that is not the same as what is currently stored, then this would indicate there is a potential conflict and the user could be presented with a screen to resolve any differences." westonruter 11 32215 Image hard crop no longer working as expected Media 4.2.1 normal normal defect (bug) new 2015-04-30T20:37:21Z 2019-06-04T20:12:58Z "Since I upgraded to 4.2.1, hard cropping of images no longer seems to work (resizing always occurs using soft-crop mode, resizing the larger dimension first, then cropping the smaller to size). I am regenerating them using the regenerate thumbnails plugin (which works fine), and am looking at the images directly on the server (FTP) to eliminate the possibility that any CSS might be producing strange results. It is a custom theme that I built, but I switched the site over to Twenty Fourteen to rule out my code and got the same results. I also tried disabling plugins, to no avail. I am running my production site on the same server (which is running 3.8.7) and the crop works fine." WorldWideWebb 1 32233 Improve escaping in /wp-admin/includes/template.php has-patch Administration 4.3 normal normal defect (bug) new 2015-05-02T07:28:44Z 2019-06-04T19:28:46Z "It was brought to my attention that various output in /wp-admin/includes/template.php is missing proper escaping. This includes titles for settings sections and fields, inline Thickbox JS, and various translatable strings (the translations for which might accidentally or intentionally include problematic content). This patch adds various escaping functions where needed. " McGuive7 4 32234 Streamline parameter order of get_user_option() Users 4.2.1 normal normal Awaiting Review enhancement new 2015-05-02T09:23:52Z 2018-02-19T18:37:09Z "`get_user_meta()` expects `$user_id`, followed by `$meta_key`. So do `update_user_meta()`, `delete_user_meta()`, `update_user_option()` and `delete_user_option()`. `get_user_option()` sticks out in that it expects these parameters in reversed order, which just caused me some major frustration even though I had looked it up before. To enable backwards compability, we could test which of the two parameters is an integer and then swap them if necessary (unless of course meta keys can be integers too, I have not checked that, but it seems unlikely)." mechter 3 32235 When searching through installed plugins $context changes to 'all' after an available update has-patch Plugins 4.2.1 normal normal defect (bug) new 2015-05-02T09:33:51Z 2019-06-04T20:49:51Z "Let's search for ""git"" in the installed plugins. There are 3 results and update is available for the second one. The `$context` for the third plugin will chage from ""search"" to ""all"" in `apply_filters( $prefix . 'plugin_action_links' ...` " szepe.viktor 1 32237 Default query args are ignored in menu editor's taxonomy metaboxes has-patch Menus 4.2.1 normal normal defect (bug) new 2015-05-02T13:24:18Z 2019-06-04T20:13:04Z "`wp_nav_menu_item_post_type_meta_box()` merges `$post_type['args']->_default_query` but `wp_nav_menu_item_taxonomy_meta_box` ignores `$taxonomy['args']->_default_query` Please handle default query parameters. I'd like to make the metabox longer than 50." szepe.viktor 3 32238 Enhancement has_filter function has-patch Plugins 4.2.1 normal normal enhancement new 2015-05-02T17:03:48Z 2019-06-04T20:49:56Z "I am optimize has_filter wordpress function. It is simple logic. Code here: [http://pastebin.com/mW0tBstE] I cannot create a path file. So I create this ticket. Hope someone will accepted that." tuanphp 4 32249 Create extendable base classes of WP_Customize_* so that the rest of WordPress can benefit for its API General 4.2.1 normal normal enhancement new 2015-05-04T17:03:41Z 2019-06-04T19:49:06Z "This is a grand plan ticket so bare with me here, but I think it has the potential of changing a lot of WordPress for the better. The Customiser holds a lot of logic for handling form fields that the rest of WordPress could take advantage of. I propose we abstract out these classes so that there's a base class that other parts of WordPress could extend. This would basically be the first step in order to create a consistent API for creating meta box fields (See #), and (eventually) a front-facing API for adding custom fields to taxonomy pages once term meta is in core. This could also be used to update all of the Setting screens away from tables and having all of those fields registered in the same consistent way as well adding/removing widget & user fields and because the base classes would be a public API plugin developers could extend it and use it for front-end forms and such. Here's a breakdown of the current structure, and what I'd suggest for abstracting things out: - {{{WP_Customize_Control}}} holds a lot of logic for rendering form controls that could be used elsewhere inside WordPress for outputting fields by creating a {{{WP_Form_Control}}} class which {{{WP_Customize_Control}}} would extend. - {{{WP_Customize_Setting}}} holds the logic for saving the values of these controls, so this could be abstracted into {{{WP_Form_Setting}}} and then {{{WP_Customize_Setting}}} extends this base class and holds customiser specific logic (mainly just adding theme_mod as an option). - {{{WP_Customize_Manager}}} handles the bulk of the front-facing API of adding/getting/removing sections, panels, controls and registering the default controls associated with the customizer. This could extend a {{{WP_Form_Manager}}} class that would handle the majority of this code. {{{WP_Customize_Manager}}} would then simply handle customizer specific things such as panels and creating all of the default objects. - {{{WP_Customize_Panel}}} and {{{WP_Customize_Section}}} seem to repeat the same code twice except for how each renders the HTML. A separate {{{WP_Form_Group}}} class would be created that moves most of this repetitive code away. Once the abstraction has happened separate classes could be created that handles object specific areas of the admin (post types, taxonomies, settings, etc). Advantages: - As people begin to learn how the customiser API works, once the other parts of WordPress move over to use the same API everything is consistent and easy to pick up. Once you understand how to add fields to the customiser, you automatically know how to do the same everywhere else in WordPress. That currently isn't the case as everything is different. - Once a control type is added to WordPress core (say for example a WYSIWYG editor) all of WordPress could take advantage of that control. There already seems to be some interest in adding several more control types into the customiser (See [http://wptavern.com/redux-and-kirki-frameworks-join-forces-to-provide-better-support-for-the-wordpress-customizer here]). - This would give the opportunity to update all of the Setting screens away from tables (See #16413). - This would pave the way to an API to add fields to post meta boxes, one of the most wanted features by the majority of developers. - The customiser is moving forward faster than the rest of WordPress. If everything else shared the same API then everything would benefit. - Although I haven't really digged into the Javascript side of the Customiser I'm going to assume that if everything were to use this API then some of the Customiser code could also be abstracted out so things like conditional display logic could be possible elsewhere inside the admin. Disadvantages: - This could potentially create a lot of classes in the long run. I'm not sure if this is a disadvantage as such, but it's at least noteworthy. If there's any interest in taking things in this direction (oh please let there be), I'd be interesting in helping drive this thing forward. It would be nice to get the base classes complete in 4.3 (maybe its too late now?) so that 4.4 could then begin to take advantage by beginning to move each part of WordPress (release by release) over to the new API whilst adjusting the existing API to still work for backwards compatibility." paulwilde 2 32282 WordPress image cropping is buggy joedolson* has-patch Media 4.2.2 normal normal 6.6 defect (bug) accepted 2015-05-07T11:10:30Z 2024-02-26T16:51:19Z "see here http://wordpress.stackexchange.com/questions/187577/cropping-image-results-in-image-being-too-small?noredirect=1#comment273421_187577 text copied from there: This is the wordpress version 4.2.2 powell I crop 1500 x 1000 and then press on crop, then save. Resulting image size: 1497 x 1000 I don't know, I somehow hoped that wordpress is able to crop correctly. The original image can be found here: http://img.youtube.com/vi/zXgyoDAuaH0/maxresdefault.jpg What I did is downsize to .... x 1000 then try to crop with selection manually entering 1500 x 1000 You can actually see the bug earlier, when you enter 1500 x 1000 and then click on the selection to drag it around (right, drag the selection, not change size) it results in the number 1500 falling down to 1498." Jossnaz 7 32295 Pagination on preview/scheduled posts has-patch Posts, Post Types 4.2.2 normal normal Future Release defect (bug) new 2015-05-07T18:47:45Z 2024-02-22T16:22:35Z "The option to add a NextPage (Pagination) is not functioning in page previews or when a post/page is scheduled to be published. <!--nextpage--> The expected outcome is when adding the code for nextpage, you get links to Page 1, 2, etc. and when you click those links, you are taken to more content. However, when a page/post is not PUBLISHED but is in Preview or Scheduled, the Pagination does not function as expected. Clicking on Page 2 refreshes the page and shows the content on page 1 again. When the page is published, everything works as expected, but for someone who is trying to preview their post before publishing, this is not helpful." jacklyn.jade 3 32299 Cancel comment reply link broken in AJAX call Comments 2.7 normal normal defect (bug) new 2015-05-08T01:23:46Z 2019-06-04T19:28:51Z "related #31333 and both of that & this could arguably be a dupe of #31100 but there case appears to be a server config issue, not using `cancel_comment_reply_link()` or `get_comment_link()` with AJAX. `cancel_comment_reply_link()` has the same issue as `get_comment_link()` has (#31333) which is that it relies on `$_SERVER['REQUEST_URI']` not the actual post permalink for the post's URL. " Shelob9 1 32302 Filename policy of IMAGE_EDIT_OVERWRITE==true seems to create CDN and browser cache issues Media 2.9 normal normal defect (bug) new 2015-05-08T03:22:59Z 2019-06-04T20:13:12Z "Just something to check, as discussed over at https://deliciousbrains.com/undefined-define-image_edit_overwrite/ It states the behaviour: ""When you add define( 'IMAGE_EDIT_OVERWRITE', true ); to your wp-config.php the behaviour changes. When you edit an image, it still creates a new image and leaves the original image alone. '''But when you edit again, it overwrites the first set of images rather than create a new set.'''"" My comment: ""what about CDN and browser caching? If the ""unique appendage"" didn't change, then readers won't see the updated image until the cache expires, which for our site at least is 'forever'. If the first edit were to be deleted, wouldn't it be more sensible to still generate a new ""unique appendage"", rather than using the same one? But then again, that could break existing references to the first edit... oh my it becomes messy quickly!"" Brad's reply: ""Excellent point! I think you're right. When IMAGE_EDIT_OVERWRITE is set to true, it should create a new unique appendage instead of reusing the old one. You should open up a Trac ticket for this to be looked at and discussed."" Are you able to provide any clarification? Many thanks, Aidan" aidanlane 7 32306 wp-cron throws 500 errors for SSL enabled sites reporter-feedback Cron API 4.2.1 normal critical Awaiting Review defect (bug) reopened 2015-05-08T07:49:05Z 2017-11-14T14:01:53Z "I have several WP installs that are throwing 500 error codes when calling wp-cron.php after a pageview. The error is not consistent - it will sometimes return 200, and sometimes 500. All the installs I see this on use SSL with properly signed certs with SNI in use on the server under Apache. Instances on the same server where do not use SSL have not shown this issue at all. I have managed to reproduce this on a clean WP install running twentyfifteen with no plugins installed so it doesn't appear to be plugin related. Oddly, I don't get any PHP warnings when it happens (though I've tested that if I force a php script in the same pool to throw an error, it does get captured) - I do get the following recorded in the Apache Virtualhost error log (redacted): [Fri May 08 08:29:34.479946 2015] [core:error] [pid 13870:tid 140644332824320] [client xxxx:xxxx:x:xx:xxxx:xx:x:x:57492] AH00524: Handler for fastcgi-script returned invalid result code 32 Apache access log (redacted): xxxx:xxxx:x:xx:xxxx:xx:x:x - - [08/May/2015:08:29:26 +0100] ""POST /wp-cron.php?doing_wp_cron=1431070166.8151741027832031250000 HTTP/1.0"" 500 4066 ""-"" ""WordPress/4.2.2; https://www.domain.com"" System config is as follows: * Fully patched Debian Jessie running on amd64 arch with kernel 3.16.0 * Webserver: Apache/2.4.10 (Debian), mod_fastcgi/mod_fastcgi-SNAP-0910052141, mod_fcgid/2.3.9, mod_python/3.3.1, Python/2.7.9, OpenSSL/1.0.1k * MySQL 5.5.43-0+deb7u1 * PHP 5.6.7+dfsg-1 running under PHP-FPM (seen with and without opcache in place) * Wordpress 4.2.2 fresh install (also seen on 4.2.1) with all plugins removed. The server listens both on IPv4 and IPv6 - I've tried forcing wp-cron to use IPv4 by setting the hostname in /etc/hosts but that makes no difference. Refer also to : https://wordpress.org/support/topic/wp-cron-throwing-500-errors-on-ssl-sites?replies=9" coatesg 11 32313 Image upscale as Media's settings option Media 4.3 normal normal enhancement new 2015-05-08T13:58:11Z 2019-06-04T20:13:19Z "Hello, I had to searching for hours to find image upscale (because unusually keyword for me as non-English). I am creating new school's website and custom featured images are up to 1200px width (in fact ~876px when with sidebar), however old images are only 800px width and I had problem with deal it. I found so simple solution to set image to required width/height if not enought, then crop. {{{ /* Thumbnail upscale /* ------------------------------------ */ function alx_thumbnail_upscale( $default, $orig_w, $orig_h, $new_w, $new_h, $crop ){ if ( !$crop ) return null; // let the wordpress default function handle this $aspect_ratio = $orig_w / $orig_h; $size_ratio = max($new_w / $orig_w, $new_h / $orig_h); $crop_w = round($new_w / $size_ratio); $crop_h = round($new_h / $size_ratio); $s_x = floor( ($orig_w - $crop_w) / 2 ); $s_y = floor( ($orig_h - $crop_h) / 2 ); return array( 0, 0, (int) $s_x, (int) $s_y, (int) $new_w, (int) $new_h, (int) $crop_w, (int) $crop_h ); } add_filter( 'image_resize_dimensions', 'alx_thumbnail_upscale', 10, 6 ); }}} [http://alxmedia.se/code/2013/10/thumbnail-upscale-correct-crop-in-wordpress/] In my opinion it should be included as option for each/globally for image sizes in Media's settings page and also as fifth parameter for add_image_size(), because this can make big headache. Greetings" odie2 2 32316 Caps: Pass cap being checked to the 'user_has_cap' filter General 3.5.1 normal normal enhancement new 2015-05-08T19:19:41Z 2019-06-04T19:49:10Z "Is there a reason why we don't pass the cap being checked from `current_user_can()` to the `'user_has_cap'` filter? It would make things way easier for plugins to do checks." r-a-y 1 32318 Upload fails, wp_insert_attachment returned 0 close Upload 4.1.5 normal normal Awaiting Review defect (bug) new 2015-05-08T22:34:11Z 2022-10-19T15:47:53Z "One specific mp3 file was failing to attach, and it seems wp_insert_attachment is breaking with 0 returned, breaking update-attachment-metadata: wp-admin/includes/media.php, line 360: {{{ // Save the data $id = wp_insert_attachment($attachment, $file, $post_id); if ( !is_wp_error($id) ) { wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) ); } }}} id = 0, caused by these lines in wp-includes/post.php, around line 3351: {{{ if ( false === $wpdb->insert( $wpdb->posts, $data ) ) { if ( $wp_error ) { return new WP_Error('db_insert_error', __('Could not insert post into the database'), $wpdb->last_error); } else { return 0; } } }}} In this case the documentation is wrong, it didn't return the post id." programmin 12 32320 WordPress Importer: WXR_Parser_Regex adds newlines to import data, breaking serialized post meta. Import normal normal defect (bug) new 2015-05-09T08:17:53Z 2019-06-04T20:13:25Z "Original ticket: [https://plugins.trac.wordpress.org/ticket/2317] Our plugin stores a fair amount of serialized data in post meta fields. When using the importer, the WXR_Parser_Regex parser loops through 8192 bytes of the import file at a time, appending a newline to the import data at the end of each loop. When a newline is inserted in the middle of our post meta, it breaks when the time comes to unserialize in the import process, leaving our users with a blank post meta field. The offending code can be seen starting at line 459 of parsers.php... {{{ if ( $in_post ) { $post .= $importline . ""\n""; } }}} Is that newline necessary? I have verified that removing it solves the problem and imports the serialized data correctly. @duck_ has suggested removing rtrim() and the new line which I will submit as a patch. " justinbusa 1 32322 Custom permalink structure incorrect for Future posts kdoole has-patch Permalinks 4.2 normal normal Future Release defect (bug) assigned 2015-05-09T10:01:55Z 2019-10-15T14:33:52Z "From V4.2 there is a bug with custom permalink structures used for Future posts that are visible on the front end. Example: - You have your custom permalink structure set up as ""Post name"". - ""Published"" posts show up with the correct permalink structure i.e. mysite.com/single-post/ - ""posts marked as ""Future"" but visible in the front end (i.e. if you're wanting to show posts that are scheduled) show up with the default permalink structure i.e. mysite.com/?p=618 Rolling back through the versions of WordPress, all was working correctly in v4.1.5 and then stopped working from v4.2" greencode 20 32326 Improve Support for Structured Data Themes normal normal Awaiting Review enhancement new 2015-05-09T14:50:00Z 2019-10-13T00:52:06Z "There has been discussion before on various types of structured data. WordPress has limited support for microformats and it is a long-standing part of WordPress. New standards for structured data continue to appear, and there have been some proposals in support. However, different people want support for different things. I think there is a solution with more general appeal. body_class and post_class add classes to the body and post containers. What if they were superseded by two new functions with a broader scope? body_attributes and post_attributes which could add any attribute from a provided array into the body and post containers? Most of the structured data works on an attribute of the tags it is attached to, be it class or property or otherwise. The body_class and post_classes continue to work as they always have. Newer themes could use the attributes function, which could remove hentry adding by default, for example, and transfer control of structured data back to the theme. There is also the possibility, if it isn't going too far, of adding a similar function for the content container. " dshanske 13 32337 Menu and widget items removal without toggling Widgets normal normal enhancement new 2015-05-11T07:23:29Z 2019-06-05T06:40:57Z "I have a proposal for Widgets and Menu sections in WordPress Dashboard. At first I have posted this in ideas section of wordpress.org and admin told me to post it here, so here it is. I think that it would be great if there is an option to delete (remove) menu or widget item without toggling and opening their content. Maybe an X icon at the end. It would be really useful, much faster and easier to manage big menus and widgets. Here are the screenshots of what i had in mind: [http://s7.postimg.org/9obhywijv/menu_delete.jpg] [http://s17.postimg.org/44ppdp7j3/sidebar_widgets_delete.jpg] I hope this sounds good :) All the best!" cookie_pa 1 32366 wp_count_comments() is hardcoded into /wp-admin/menu.php and queries all comments every single page load within the admin area, regardless of if edt_posts is removed from top menu or not close Comments 4.2 normal normal Future Release defect (bug) reopened 2015-05-12T23:07:12Z 2020-04-16T23:10:53Z "wp_count_comments() is hardcoded into /wp-admin/menu.php and queries all comments every single page load within the admin area, regardless of if edt_posts is removed from top menu or not. This is reproducible with 0 plugins and any core theme, as long as you have a large number of comments. Currently working on a site with 5,000,000+ comments and unless we comment out the following code in /wp-admin/menu.php, the server gets hammered. With multiple people in the admin area at the same time, it's even worse, since it loads on every single page load. The code: /wp-admin/menu.php - Line 94-97 (4.2.2) {{{ $awaiting_mod = wp_count_comments(); $awaiting_mod = $awaiting_mod->moderated; $menu[25] = array( sprintf( __('Comments %s'), ""<span class='awaiting-mod count-$awaiting_mod'><span class='pending-count'>"" . number_format_i18n($awaiting_mod) . ""</span></span>"" ), 'edit_posts', 'edit-comments.php', '', 'menu-top menu-icon-comments', 'menu-comments', 'dashicons-admin-comments' ); unset($awaiting_mod); }}} it's wp_count_comments that causes the large queries, when you have a lot of comments, but I comment out his entire section so that there isnt any errors with removing the creation of $awaiting_mod since it's being called on the next couple lines, before it is unset. Before I found the source, and saw that it was hard coded, I was hoping for some sort of hook to disable this entire function and/or a way for the wp_count_comments() to not be called if the item was removed... but thats not currently possible. I'm new to working on core, so i'm not sure on the best way to attack this issue. I figured it was best to bring up the issue and learn how you guys tackle the code. Open to coding a solution myself if somebody can point me in the right direction. Thanks." justindocanto 16 32386 Draft's Last Modified date incorrect if it is Scheduled obenland Date/Time 4.2.2 normal normal Future Release defect (bug) assigned 2015-05-14T10:03:41Z 2020-10-07T16:59:10Z "Once a Draft is Scheduled, the date of it its most recent revision is not shown under the Date column at Posts > All Posts. Instead, the Draft's scheduled publication date is shown in the Date column, alongside the label 'Last Modified'. Steps to recreate: 1) Create and save a Draft 2) Set a scheduled publication date and time for the Draft 3) Save the Draft 4) Check the 'Date' column at Posts > All Posts If you schedule a Draft for the future, for example, a Last Modified date from the future is shown under Date." lastnode 21 32392 HTML entities in Pingback notifications? General normal normal defect (bug) new 2015-05-14T12:35:30Z 2019-06-04T19:49:15Z "Pingback email notification contains following part: {{{ Comment: […] some text […] }}} But HTML entities are ugly and when I searched for older notifications, I found that there was `[...]` sometimes before." pavelevap 3 32401 Multi step authentication - adding hooks to wp-login.php Login and Registration 4.2.2 normal normal enhancement new 2015-05-14T18:14:20Z 2019-06-04T20:13:47Z "At the moment it's very difficult to add extra steps to wp-login.php. There are several situations where a second step is necessary: * There are TOTP plugins hosted on WordPress.org but they all assume every user will use 2FA and so show the field for the TOTP token in the login form. That's not appropriate for the situation where some users will have it enabled and some won't. * If you send a token to a user via SMS then you need a second step in the form after the user has typed their username/password. * If you use a captcha that doesn't target every user (i.e. it may be based on how many failed attempts there have been in the past hour for each account) that needs a second step too. The whole process of adding a second step to the login process is very hacky and involves copying lots of code from wp-login.php (which as I think we all know leads to very fragile plugins). Note that this ticket is not proposing including any kind of 2FA into WordPress core. This ticket is only about adding hooks to wp-login.php to make it much easier for people writing 2FA (and other authentication-related) plugins." tomdxw 32422 add_menu_page() returns incorrect $hookname when using plugin filename as $menu_slug reporter-feedback Plugins 4.2.2 normal normal Awaiting Review defect (bug) new 2015-05-17T05:06:29Z 2017-07-01T04:02:45Z "When using `add_menu_page()` and `add_submenu_page()` with filenames in the $menu_slug parameter, the resulting hookname does not match the expected `do_action('load-' …)` hookname. In the following examples the expected hookname from `do_action( 'load-' . $plugin_page );` (in ''wp-admin/admin.php'') is: '''load-myplugin/admin/resources.php'''. However, the hookname returned by `$hookname = get_plugin_page_hookname( $menu_slug, $parent_slug);` (from `add_submenu_page()` in ''wp-admin/includes/plugin.php'') is '''myplugin_page_myplugin/admin/resources'''. The result is, this code does not work: {{{ $hookname = add_submenu_page(""myplugin/dashboard.php"", 'Resources', 'Resources', 'edit_pages', ""myplugin/resources.php""); add_action($hookname, 'add_resources_options' ); function add_resources_options() { add_screen_option('per_page', array( 'label' => 'Resources', 'default' => 10, 'option' => 'resources_per_page' )); } }}} However, the hooknames do match when using `add_menu_page()` and `add_submenu_page()` with a callback slugname. This code works (notice only the first line has been changed to use callback slugs instead of filename slugs): {{{ $hookname = add_submenu_page('dashboard', 'Resources', 'Resources', 'edit_pages', 'myresources', 'myresources'); add_action($hookname, 'add_resources_options' ); function add_resources_options() { add_screen_option('per_page', array( 'label' => 'Resources', 'default' => 10, 'option' => 'resources_per_page' )); } }}} The solution is either: * Modify `function get_plugin_page_hookname() …` to return a hookname that is caught by `do_action( 'load-' . $plugin_page );`. * Or modify `do_action( 'load-' . $plugin_page );` to use the hookname currently returned by `get_plugin_page_hookname()`. " quinncom 3 32433 Add registered image sizes in WXR export file has-patch Export normal normal Awaiting Review defect (bug) new 2015-05-18T21:26:41Z 2018-07-17T08:15:01Z "When a WordPress site is exported, attachments are also exported (though only the original image url). If a user then imports that into a new WordPress install, images will be generated for all registered image sizes on the new blog. If however, the exported site was running different image sizes, it will potentially have references to those images in post content (e.g. `image-322x422.png`); however, `322x422` is not a registered image size on the new site. This will produce 404 images in the new post content. This was acknowledged (though I don't think addressed) in #16984: > A problem that might arise is if there are different image size settings on the export and import sites. So an exported post might contain an image img-200x200.jpg but the import site hasn't generated the appropriate size. For the first patch I'm ignoring this and saying that it's up to the user to ensure the settings are consistent. Potential future fixes include importing options or generating the extra sizes on the fly The user will typically not have control over image sizes either way (as they have to be registered in code) - also the recipient of a WXR file does not know the image sizes on the exported site. It therefore seems logical to include image sizes somewhere in the WXR file, so importers (the WordPress importer or otherwise) know what image sizes to generate for all existing attachments." joehoyle 32443 Upload iframe renders pictures in reverse order Media 4.2.2 normal normal defect (bug) new 2015-05-19T18:49:56Z 2019-06-04T20:13:54Z "Attachments are in reverse order when they have menu_order attributes. It is because this code in get_media_items function: {{{ $attachments = get_children( array( 'post_parent' => $post_id, 'post_type' => 'attachment', 'orderby' => 'menu_order ASC, ID', 'order' => 'DESC') ); }}} Generates this query: {{{ …wp_posts.menu_order DESC, wp_posts.ID DESC… }}} It should be: {{{ $attachments = get_children( array( 'post_parent' => $post_id, 'post_type' => 'attachment', 'orderby' => array( 'menu_order' => 'ASC', 'ID' => 'DESC') ) ); }}} Which will generate: {{{ …wp_posts.menu_order ASC, wp_posts.ID DESC… }}} " sapegin 1 32452 Cache optimizations Cache API 4.1 normal normal defect (bug) new 2015-05-20T23:54:50Z 2019-06-04T19:28:59Z "Hi, I've recently been making some custom modifications to wordpress core that reduce the resource load on our object-caching system. I cannot see any drawbacks to these modifications, but I have to defer to the wp-core development team on this one and therefore assume I've missed something. I want to know if there is anything I overlooked while making these modifications. If there are no drawbacks, then perhaps the changes could be rolled into wp-core officially (and then I won't have svn showing files as modified all the time) Explanation: (broken down into sections) 1) I noticed a huge amount of 'extra' queries to the object-cache. Many of them originating from calls to wp_load_alloptions() I believe with my modifications wp_load_alloptions() only needs to be called in one place instead of many, and that is within the definition of the object-cache itself. 2) I've also reduced redundant queries by changing the assumption that a key doesn't exist to a key does exist. Check the cache for the key first instead of checking the 'negative' cache for the key first. 3) Some minor fixes in options.php ---- removed untrailingslashit on line#109 // function does not yet exist if called from within functions.php ---- added ! $result == 0 line#288 // if a database update effects zero rows the cache should still be updated ---- pre-emptively negatively cache (into notoptions) the just deleted option line#477 All file changes (from svn diff) available at this link: http://pastebin.com/5vPGCCt7" Relevad 1 32459 Send custom metadata alongside a file upload via the media uploader Media 4.2.2 normal normal enhancement new 2015-05-21T18:53:13Z 2019-06-04T20:14:00Z "As WordPress has evolved into a very powerful CMS, responsive layouts and high-resolution screens are growing more and more common. It's not uncommon for large sites to register several additional image sizes, and adding 2X support doubles the number of images created behind the scenes. It would be nice for plugins to be able to have more granular control over the sizes that are created when an image is uploaded. An example: a company Team page features portraits for each employee. Only two sizes are needed: 250x250 and 500x500 (2x). Meanwhile, the rest of the site has nearly a dozen custom image sizes. When the portraits are uploaded, a dozen sizes are created, but only two are needed. Similarly, registering these two new sizes registers them for every image uploaded to the site. In a plugin like Advanced Custom Fields, I'd like to be able to tell the uploader to skip all of the built-in sizes and hand-pick the sizes I do want to create. In other words, a new set of sizes would need to be registered that aren't automatically included in the global set of image sizes, but are available for plugins to select and send to the uploader. The uploader could be given a special set of sizes when it's opened, and those special sizes can be fetched from the theme. To be clear, I'm not talking about generating new image sizes when the theme requests them. This request is for overriding the sizes that the uploader applies to a new image. I've explored the built-in functions and hooks and filters, but it doesn't appear there's a way to override the sizes that are created in the way I describe." danphilibin 2 32469 Create wp-include/views directory General normal normal enhancement new 2015-05-23T02:03:02Z 2019-06-04T19:49:16Z "HTML/JS/CSS is currently combined with PHP code. So, this is bad practice. I realize that this is currently used in the entire WordPress code base. Excepting themes, which are loaded on the front-end. Most of the view code is displayed on the admin I believe. Having views part of the PHP increases the function or method size and is confusing since some parts are evaluated after some parts of the view is displayed, so to process what the code is doing, you need to comprehend both the HTML output along with the PHP execution. Furthermore, doing this should allow for customizing even the hardcoded view code in functions and methods. I also propose a helper function that pulls in the views from wp-includes that could probably be extended later to include the current theme file matching the view file name. While **ABSPATH . 'wp-includes/views/{filename}.php'** would be simple, it wouldn't allow future modifications without again modifying all of the view paths. It should be done once and allow for the future modification of accepting another location for changing the views. " jacobsantos 2 32471 There is no proper way to flush rewrite rules at plugin network de-activation Rewrite Rules 3.0 normal normal defect (bug) new 2015-05-23T10:28:02Z 2019-06-04T21:15:18Z "It is considered as best practice for a plugin modifying rewrite rules to flush them at activation and de-activation: http://codex.wordpress.org/Function_Reference/flush_rewrite_rules Plugins should then handle this at network activation and de-activation too. Following a [https://core.trac.wordpress.org/ticket/14170#comment:30 comment] from @nacin on #14170, we can find a way to handle this properly at network activation. We can even make something which scales using for example the plugin [https://wordpress.org/plugins/proper-network-activation/ proper network activation] from @scribu as a basis. However the only proposal I found to handle the network de-activation is: {{{ foreach ($wpdb->get_col(""SELECT blog_id FROM $wpdb->blogs"") as $blog_id) { switch_to_blog($blog_id); flush_rewrite_rules(); restore_current_blog(); } }}} Apart from the fact that it does not scale, it would mess the rewrite rules of all blogs. I am aware of #20171 but fixing it with the proposed patch is not sufficient as other plugins may modify the rewrite rules and we then face the fact that $wp_rewrite->extra_rules_top is shared accross blogs. So the only way I foresee as a potential solution is that the network de-activation is not handled at network level but that each blog runs its own individual de-activation process - in a similar way as @nacin proposed for the activation as indeed, with the current architecture, we must never mix switch_to_blog() and flush_rewrite_rules(). Unless I miss something, it seems that there is currently no way for a plugin to properly flush rewrite rules at network de-activation." Chouby 1 32497 The plugin list table is not very extendable has-patch Plugins 4.3 normal normal enhancement new 2015-05-26T14:14:39Z 2019-06-04T20:50:02Z "The plugin list table in wp-admin is a bit strict. For instance, it would be impossible to create custom views like this: [[Image(https://cldup.com/Qt2BpELMbZ.png)]] In the example above, we use custom plugin statuses 'Updates Automatically' and 'Updates Manually' In order to support custom plugin statuses and lists, we need a few more filters in `wp-admin/includes/class-wp-plugins-list-table.php`" roccotripaldi 3 32498 Media Library and Page Slug conflict Permalinks 4.2.2 normal normal defect (bug) new 2015-05-26T17:56:18Z 2019-06-04T20:50:04Z "This is a follow-up to #18962. Please also check out this thread on the forum - https://wordpress.org/support/topic/41-slug-issue-when-same-title-exists-in-media-library If you have a pre-existing media file with the same slug as a page then a ""-2"" will be added to the page slug. With a custom content type and page or custom content type and media file, this doesn't appear to be happening." m7csat 1 32507 Admin notices remove styling of lists Administration 4.2.2 normal normal enhancement new 2015-05-27T15:50:35Z 2019-06-04T19:29:00Z "Create an admin notice which contains an unordered or odered list and you will see that the list has no bullets or numbers. This is because the notice inherit `list-style-type:none`. " sciamannikoo 2 32508 Action Hooks for empty username and empty password has-patch Login and Registration 4.3 normal normal enhancement new 2015-05-27T16:19:13Z 2019-06-04T20:14:06Z "While you could previously fire an action on ''wp_login_failed'', there were no hooks for an empty username or an empty password. This patch adds ''wp_login_failed_empty_username'' and ''wp_login_failed_empty_password''. ''wp_login_failed_empty_username'' passes no arguments. Similar to ''wp_login_failed'', ''wp_login_failed_empty_password'' will pass the entered username. " jwarren 9 32513 Disabling WYSIWYG tab via the wp_editor_settings filter breaks the editor if it contains a textarea tag Editor 4.2.2 normal normal defect (bug) new 2015-05-28T00:37:31Z 2019-06-04T19:29:06Z "I got the request from a client to disable the WYSIWYG tab so that the site admin could only use html for a custom post type, I was able to do this using a few techniques - CSS, user_can_richedit filter, plugins, etc - but this particular case it was needed to be applied to the default WP editor only - the one I print using the_content() - since the site uses other wp_editors for that custom post type. Anyway I was able to do it using the wp_editor_settings filter, the only problem was that the value in this editor contains a textarea tag, and the editor breaks as soon as it reaches ""<textarea>"", as can be seen in the screenshot attached. I was able to make this work anyway, using a second filter, but I think this should be part of the WP core. I would be more than happy to submit the fix myself if this issue is considered for the next patch." andruxnet 4 32528 Create a new search_form_content hook in get_search_form() General 4.3 normal normal feature request new 2015-05-29T16:22:28Z 2019-06-04T19:49:21Z "The only viable method for creating a custom search form in a plugin or theme is to replace the entire default search form. This runs the risk of introducing possible security issues should a patch be issued in the default search form. More importantly it means more potential deviation from ""the WordPress standard"". Instead of requiring developers to recreate a new feature that mimics the HTML that get_search_form() provides, consider adding a new filter that allows developers to easily add HTML elements to the search form. The current general-template.php get_search_form() snippet: {{{ if ( 'html5' == $format ) { $form = '<form role=""search"" method=""get"" class=""search-form"" action=""' . esc_url( home_url( '/' ) ) . '""> <label> <span class=""screen-reader-text"">' . _x( 'Search for:', 'label' ) . '</span> <input type=""search"" class=""search-field"" placeholder=""' . esc_attr_x( 'Search …', 'placeholder' ) . '"" value=""' . get_search_query() . '"" name=""s"" title=""' . esc_attr_x( 'Search for:', 'label' ) . '"" /> </label> <input type=""submit"" class=""search-submit"" value=""'. esc_attr_x( 'Search', 'submit button' ) .'"" /> </form>'; } else { $form = '<form role=""search"" method=""get"" id=""searchform"" class=""searchform"" action=""' . esc_url( home_url( '/' ) ) . '""> <div> <label class=""screen-reader-text"" for=""s"">' . _x( 'Search for:', 'label' ) . '</label> <input type=""text"" value=""' . get_search_query() . '"" name=""s"" id=""s"" /> <input type=""submit"" id=""searchsubmit"" value=""'. esc_attr_x( 'Search', 'submit button' ) .'"" /> </div> </form>'; } }}} Allow developers to easily insert additional input elements between the search input and submit elements: {{{ if ( 'html5' == $format ) { $form = '<form role=""search"" method=""get"" class=""search-form"" action=""' . esc_url( home_url( '/' ) ) . '""> <label> <span class=""screen-reader-text"">' . _x( 'Search for:', 'label' ) . '</span> <input type=""search"" class=""search-field"" placeholder=""' . esc_attr_x( 'Search …', 'placeholder' ) . '"" value=""' . get_search_query() . '"" name=""s"" title=""' . esc_attr_x( 'Search for:', 'label' ) . '"" /> </label>'. apply_filters( 'search_form_content', '' ) . '<input type=""submit"" class=""search-submit"" value=""'. esc_attr_x( 'Search', 'submit button' ) .'"" /> </form>'; } else { $form = '<form role=""search"" method=""get"" id=""searchform"" class=""searchform"" action=""' . esc_url( home_url( '/' ) ) . '""> <div> <label class=""screen-reader-text"" for=""s"">' . _x( 'Search for:', 'label' ) . '</label> <input type=""text"" value=""' . get_search_query() . '"" name=""s"" id=""s"" />' . apply_filters( 'search_form_content', '' ) . '<input type=""submit"" id=""searchsubmit"" value=""'. esc_attr_x( 'Search', 'submit button' ) .'"" /> </div> </form>'; } }}} There are a number of ways to implement this, including the possibility of passing in the initial label + input fields HTML as a parameter to the filter. The general idea is to keep the form HTML and submit HTML intact to ensure maximum functionality/compatibility with the core search feature. As long as the hook processor does not impart too much overhead, this may be a viable feature to keep more control over the search form and simplify/eliminate many custom searchform.php files that only need to add an extra input element such as ""select a category"" to further refine the search mechanism. " charlestonsw 2 32544 No function exposes all supported MIME types octalmage has-patch Media 4.2.2 low normal enhancement assigned 2015-06-01T04:38:30Z 2019-06-04T20:27:35Z "`wp_get_mime_types()` returns the default WP MIME types, and `get_allowed_mime_types()` returns the default WP MIME types + added MIME types through the `upload_mimes` filter, but the kicker with the latter is that it is filtered based on the currently authenticated user. There needs to be a way to retrieve all MIME types supported, both the default and the ones added through the `upload_mimes` filter, regardless of who is authenticated. I understand there are security reasons for not allowing users to *add* (or write) attachments of a given MIME type, but when a user is reading there needs to be a way to retrieve an unrestricted list of all MIME types. An example use case is below, where all supported MIME types for a service are retrieved from its API and then the subset of types that are both supported by the WordPress install and the service are kept. {{{ function get_service_mime_types() { // the desired function to get un-sanitized MIME types $wp_types = wp_get_all_mime_types(); // get intersection of WP / service MIME types $allowed = array_intersect($wp_types, get_service_mime_types()); $allowed = array_keys($allowed); return $allowed; } }}} As a work-around, I'm currently using the following, but it's flawed -- if a custom MIME type is added conditionally by user type, it won't be included which is not the desired behavior. {{{ array_merge(wp_get_mime_types(), get_allowed_mime_types()) }}}" dan.rossiter 6 32545 "Adding actions before and after ""Add New"" button" dev-feedback Posts, Post Types 4.2.2 normal normal Awaiting Review enhancement reopened 2015-06-01T05:33:27Z 2019-05-30T00:04:12Z "We need a proper action to add new customs options (button, link, information) before and after the ""Add New"" button of post pages. Such as http://stackoverflow.com/questions/29811433/wordpress-add-custom-button-on-post-type-list-page on #wp-admin/edit.php line 281 on #wp-admin/edit-form-advanced.php line 395 This is just a addition of actions to make wordpress more customizable and modular. Few use-case scenarios [[Image(screenshot1.png)]] [[Image(screenshot2.png)]] '''Solution''' We can use the following sample code to solve the problem. {{{#!php /** * Fires before the Add New button is added to screen. * * The before_add_new- hook fires in a number of contexts. * * The dynamic portion of the hook name, `$pagenow`, is a global variable * referring to the filename of the current page, such as 'edit.php', * 'post.php' etc. A complete hook for the latter would be * 'before_add_new-post.php'. */ do_action('before_add_new-'.$pagenow); if ( current_user_can( $post_type_object->cap->create_posts ) ) echo ' <a href=""' . esc_url( admin_url( $post_new_file ) ) . '"" class=""add-new-h2"">' . esc_html( $post_type_object->labels->add_new ) . '</a>'; /** * Fires after the Add New button is added to screen. * * The after_add_new- hook fires in a number of contexts. * * The dynamic portion of the hook name, `$pagenow`, is a global variable * referring to the filename of the current page, such as 'edit.php', * 'post.php' etc. A complete hook for the latter would be * 'before_add_new-post.php'. */ do_action('after_add_new-'.$pagenow); }}} " vivekbhusal 8 32558 More compact handling of the filter bar on small screens General normal normal enhancement new 2015-06-03T01:50:09Z 2019-06-04T19:49:22Z "The ""filter bar"" takes up a lot of vertical space on narrow screens and ends up becoming a point of focus when it is more typically secondary navigation. It's used for theme install, plugin install, and both views of the media library. For themes, it is especially bad because the search input separates the feature filter toggle from the filter controls themselves. Screenshot: [[Image(http://s.hyhs.me/baAS/image.png)]]" helen 7 32565 Adding an underscore prefix meta key with a meta value provides an incorrect error message SergeyBiryukov has-patch Options, Meta APIs 4.3 normal normal Awaiting Review defect (bug) assigned 2015-06-04T13:16:08Z 2022-07-18T19:54:25Z "To reproduce this, use the custom fields section in a post to add a custom field. Add a hidden field (prefix the custom field name with an underscore) and type any value. The error returned is ""Please provide a custom field value."" which is not what the issue is, the issue is that we are trying to add a protected meta key. I've included a fix which I don't particularly like. Perhaps add_meta should return a WP_Error object with the correct error. This would be easy enough to do, but I'm not familiar enough with add_meta(), I'm not sure what this could break. I changed this in all three places the issue could occur, but I'm not sure this is needed. During troubleshooting it was obvious that the issue originates from line 1198. The other two occurrences could be line 1193 and 1281. Hope this helps, Daniel" danielpataki 12 32577 Customizer QUnit tests not cleaning up dlh has-patch Customize 4.3 normal normal Future Release defect (bug) reviewing 2015-06-07T08:54:03Z 2022-07-19T16:29:49Z "Ideally everything should be removed from the DOM after the test or module is done. For now we can hide it to the left instead of top, it just moves down again as more tests are added." iseulde 9 32597 mediaelement.js high CPU usage triggered by the buffering CSS animation External Libraries normal normal Awaiting Review defect (bug) new 2015-06-09T15:37:08Z 2020-09-17T14:14:30Z "Noticed by @iseulde, see discussion here: https://wordpress.slack.com/archives/core-editor/p1433862939000659 Also reproduced on my (very old) machine that makes things very evident. Looks like mediaelement.js audio uses a linear gradient animation on the `mejs-time-buffering` element which triggers a Firefox bug. I remember similiar issues in Firefox reported years ago and probably never fully fixed. Should probably be reported upstream. See screenshot: [[Image(https://cldup.com/tAifYTyqQw.png)]] Removing that element from the DOM makes the CPU usage go down to 0." afercia 8 32602 View Details links for plugins on individual sites on a Multisite Network use the network admin URL Plugins 4.0 normal normal defect (bug) new 2015-06-09T21:05:31Z 2019-06-04T20:50:34Z "To duplicate, make sure you allow the plugins.php page to show on subites. Have (at least) one plugin that is ''not'' network activate and go to an individual site's plugin.php page. The URL for ""View details"" will be for the network admin, not the site. With WP installed at example.com: example.com/subsite/wp-admin/plugins.php links to example.com/wp-admin... subsite.example.com/wp-admin/plugins.php links to example.com/wp-admin... mappeddomain.com/wp-admin/plugins.php links to example.com/wp-admin... This is problematic when you have admin over HTTPS and the cross-site-scripting sanity check stops the view-details page from loading. `/wp-admin/includes/class-wp-plugins-list-table.php` line 628 has `network_admin_url()` in there, which is why it's defaulting to the network domain. https://core.trac.wordpress.org/ticket/17902#comment:31 and https://core.trac.wordpress.org/changeset/29595 appear to be where this issue stems from. To quote @jjj ""It probably just needs a series of `is_multisite()` and `is_plugin_active_for_network()` checks."" The URL should probably just default to whatever the URL of the current site is, to prevent cross-site shenanigans." Ipstenu 2 32609 tinymce gallery preview uses full resolution images Media 4.2.2 normal normal defect (bug) new 2015-06-10T23:59:15Z 2019-06-04T20:14:12Z If a user uploads a batch of ''very'' high-res images, and inserts them as a gallery, the browser will become unresponsive as these giant images are rendered in the TinyMCE gallery preview. The gallery preview should use a thumbnail instead of the original image. leedo 1 32622 Make the text of the Image delete AYS dialog clearer Media 4.3 normal normal Awaiting Review enhancement new 2015-06-12T02:30:01Z 2017-06-15T09:53:56Z "When you delete Images from the Media Library, the warning dialog currently reads: ""You are about to permanently delete the selected items."" This text could be a little clearer, and indicate that, once deleted: - Attached Images will not be visible in any Posts or Pages they are attached to. - Both Attached and Unattached Images will not be available online at all." lastnode 5 32626 List tables CSS: inconsistent alignments Administration 4.2 normal normal Future Release enhancement new 2015-06-12T15:51:24Z 2020-08-26T00:01:19Z "While working on #31654 noticed inconsistencies in the alignments of the checkboxes and also some other small details in the List Tables that would need a bit of love, see the screenshot below for some examples. This would also greatly simplify the List Tables CSS where many (crazy) selectors are just to override exceptions that override other exceptions etc. See also related #29990. [[Image(https://cldup.com/T48AqNGdT0.png)]] A possible plan would be: - stick to a default padding for the cells with checkboxes (10px ?) - the checkbox in the table headers would probably need no padding and `vertical-align: middle` to handle #29990 - handle the special case for comments, plugins and network themes in a consistent way - there's a 1 pixel difference in the vertical alignment of links and normal text in the table headers - images should be consistently aligned" afercia 5 32639 A URL Agnostic Wordpress dev-feedback General normal normal Awaiting Review feature request new 2015-06-13T20:34:32Z 2018-07-25T19:26:45Z "My apologies if this has been discussed before. I've tried digging, but couldn't find a discussion about this. I'm curious why Wordpress has to store the domain (site_url) in the database, and why absolute URLs are used and stored in the DB? It just makes migrations really messy for large DBs, from one domain to another. Plus, in spirit of Wordpress being stateless, wouldn't it be nice just to be able to pick up and move a site from one server to another, on another domain without requiring some regex db scrapping migration plugin? To me, the database should only care about things specific to the Wordpress blog content itself, and I think that link/url building should be happening at runtime within the application. Purely my opinion. I imagine this could be accomplished by using the request headers to determine what domain your on when using functions like `site_url()`. For sites that are not rooted at /, but at locations like /blog, we could leverage the config file for a constant like `define('BLOG_ROOT','/blog')` or something along those lines, that could be appended to the domain found in the request, and together prepended to the relative resource url at runtime. I would vote to keep the `WP_HOME` and `WP_SITEURL` constants, so that if they are present, those values are used instead. But, why store that stuff in the DB when links can be built at runtime? It would also cut down on DB queries. A use case for this would be at the PaaS level, where a hosting provider could offer managed Wordpress hosting. when a client spins up a new Wordpress site, the provider could put that site at a temporary domain like clientid.hosting.com. As the customer builds their site, nothing about that temporary domain is being saved in the DB. Once the customer finally obtains their own domain name, and points to their account with the hosting provider, absolutely nothing should have to change in the customer's database, and the hosting provider shouldn't have to mangle the customer's config file on the server. The site should just be allowed to behave like an application that is listening for requests, and serving content, regardless of domain. Like I said, this might have been discussed at length before, and there might be pitfalls that i'm just not recognizing, I just wanted to submit this request to the community to see what kind of discussion this would produce. Thanks all. Go easy on me if this was a dumb idea to present :) " mattfiocca 5 32642 Add supports argument to register_taxonomy dev-feedback Taxonomy 4.3 normal normal Future Release enhancement new 2015-06-14T12:09:41Z 2018-04-30T15:16:19Z "This patch adds the `supports` argument to `register_taxonomy()`. It allows custom taxonomies to opt out of having the slug and description fields. I've had custom private taxonomies where the only field which would be set is ""Name"", so an enhancement like this would allow taxonomies be more lightweight for clients." paulwilde 8 32651 get_adjacent_post() doesn't return posts with the same date Posts, Post Types 4.3 normal normal Future Release defect (bug) new 2015-06-15T05:48:40Z 2019-06-24T05:28:53Z "When using `get_adjacent_post()` on a post, the query skips posts with exactly same date and time. In a blog context, the problem is rarely encountered, but it's more present when posts are added programmatically." willybahuaud 6 32652 Use `ignore_user_abort()` to avoid some update failures Upgrade/Install normal normal defect (bug) new 2015-06-15T05:50:51Z 2023-03-15T18:42:39Z "As mentioned in [comment:5:ticket:16066] and [comment:5:ticket:29679] we should consider using `ignore_user_abort()` to prevent the potential issue of an upgrade process being aborted mid-way due to a browser cancellation. This could be called before any update activity starts, or perhaps only after actual changes start happening (ie. after the zipfile download, before the file alterations)." dd32 2 32653 Improve Linkback Presentation dev-feedback Pings/Trackbacks normal normal Awaiting Review enhancement new 2015-06-15T12:04:10Z 2017-02-14T20:31:27Z "The current default presentation for linkbacks(pingbacks and trackbacks) does not encourage their use. Currently,the presentation looks something like this: […] A pingback example. […] People have complained that the utility of linkbacks has been overshadowed by their use as a vector for DDOS attacks and spam. The recent improvements to Press This show we can do better in presentation of linked content. The pingback specification is a bit vague in terms of presentation suggestions, stating: ""Bob's blog also retrieves other data required from the content of Alice's new post, such as the page title, an extract of the page content surrounding the link to Bob's post, any attributes indicating which language the page is in, and so forth."" I am proposing by default we switch to a default with improved readability and more consistent with the user experience on other websites. For example, a basic linkback should display the author/site name, the name of the linked content, etc, rather than the summary, and that information stored as comment meta. This would look more like a citation. That display could be (optionally) progressively enhanced by other factors, for example, page markup such as MicroFormats, Microdata, or OpenGraph(popularized by Facebook), etc to add a better experience if the linked site supports it. The basic point is that linkbacks are unusable by people in their current form, but the idea of letting people know you linked to their content is a good one. It encourages conversation and interaction. I think we just need to make it a better experience. Otherwise, everyone just turns it off. I'm aware the above could be done by a plugin(and may start as a 'feature' plugin), however I think the basic structure of this change belongs in core." dshanske 5 32654 Denying upload_files cap makes Customizer and Media modal act oddly wonderboymusic has-patch Media 4.3 normal normal defect (bug) assigned 2015-06-15T17:40:05Z 2019-06-04T20:14:17Z "This is an unusual one, so labeling it as an enhancement rather than a bug. Somebody more familiar with the Customizer classes and Media modal might know the right way to handle this properly. If you disable the upload_files capability, with the intent of not allowing file uploads by anybody (duh), then the customizer acts very odd in the assorted image-related controls. Example code: {{{ add_filter('user_has_cap', 'no_file_uploads'); function no_file_uploads( $caps ) { $caps['upload_files'] = false; return $caps; } }}} The ""Header Image"" section still has an ""Add New Image"" button, which gives you the Media Library popup, with a spinner that never stops spinning. Also, the Upload Files tab still exist. The ""Background Image"" section has a Select Image button, with the same broken Media Library popup as the other one. Expected behavior: Media chooser that works, no Upload Files tab. This may be an issue both with the Customizer showing incorrect buttons, or which more properly belongs to the Media modal in that it should still be possible to select an image even if you cannot upload one. Alternatively, disabling upload_files in this way may be the wrong way to do it, although it is the most obvious approach. " Otto42 4 32655 Don't save screen options (table column) in post edit page and maybe other pages Administration 4.1 normal normal defect (bug) new 2015-06-15T23:53:53Z 2019-06-04T19:29:27Z "I fixed it so... wp-includes/user.php row 364 {{{ if ( $user->has_prop( $option ) ) $result = $user->get( $option ); elseif ( $user->has_prop( $prefix . $option ) ) $result = $user->get( $prefix . $option ); else $result = false; ---- //todo bag user options delete this // if ( $user->has_prop( $prefix . $option ) ) // Blog specific // $result = $user->get( $prefix . $option ); // elseif ( $user->has_prop( $option ) ) // User specific and cross-blog // $result = $user->get( $option ); // else // $result = false; }}} " Juriy 4 32658 Post media attachments should show assigned media by default Media 4.3 normal normal feature request new 2015-06-16T08:56:15Z 2019-06-04T20:14:23Z "When adding the attachments to post, the popup always starts with All media files as default, so that if i want to see attached media, i need to click the select, click the Assigned to post option and wait few secs. I really hate this behaviour, i would like to see assigned media first (if there are some allready asigned). The problem is, that it is not easy to change it, without hacking the core code - the only way is to add some javascript, that changes the value after page load, but theese solutions are not trivial and buggy (http://wordpress.stackexchange.com/questions/76125/change-the-default-view-of-media-library-in-3-5) Maybe other people want different default option (i have seen a post of someone, who wanted ""unassigned""), so I think the best would be, if the script would remember the last selected value, or if there would be some option, which to select by default or (and) if at least there would be some easy filter, which we could use to change the default " thomask 2 32667 Customizer: autofocus should load as soon as the panel/section/control is active Customize 4.3 normal normal Future Release defect (bug) new 2015-06-17T06:06:18Z 2020-11-29T16:34:19Z Currently, autofocusing waits until the preview loads fully, which can take quite a while on a lot of pages and themes. Widgets need to wait for this to determine whether they should be activated, but for most other sections, we should be able to autofocus as soon as the Customizer controls finish loading. For menus, this would shave seconds off of the percieved loading time of the Customizer. See https://make.wordpress.org/flow/2015/06/14/menus-in-the-admin-and-the-customizer-ux-flow-performance-comparisons/. celloexpressions 8 32678 Audit toolbar links and content helen has-patch Toolbar normal normal Future Release enhancement assigned 2015-06-17T19:56:43Z 2020-02-27T10:24:40Z "We've done some tweaks here and there in the toolbar, such as changing where links go or adding/removing some, but I don't think we've really taken a wider view of its general contents since 3.2 in #17705. Right now, some links take you into the customizer context without warning (as do a couple in the admin menu), which is quite jarring. We need context for each link to be clearer, and a good hard look at how the toolbar actually gets used and if it's really working to help get users to where they need to go more quickly. At the very least, for 4.3, we need to resolve the issue of mixing customizer links in with dashboard links." helen 162 32700 Allow media attachments in nav menus dev-feedback Menus 4.7.3 normal normal Awaiting Review enhancement new 2015-06-18T10:00:22Z 2020-06-13T16:40:12Z "I have a requirement to include Media items directly into a menu. Choosing the menu item will display the attachment page. Currently, this is not possible, for two reasons. By default post_type `attachment` has `show_in_nav_menus` set to false. If set true, then the Media metabox is displayed in `wp-admin/nav-menus.php`, but with ""No items"". This is due to _wp_nav_menu_meta_box_object() setting the default query to ""post_status"" = ""publish"". Were the default query for attachment set to ""post_status"" = ""inherit"" then the Media items would be listed. This would allow media items to be easily added to menus. {{{ } elseif ( 'attachment' == $object->name ) { // $object->_default_query = array( 'post_status' => 'inherit', ); }}} === Current workaround === I can very easily programmatically set `show_in_nav_menus`, I can also implement the `nav_menu_meta_box_object` filter to update the value for ""post_status"" as above. But it would be a lot easier if the logic in the filter was in core. " bobbingwide 8 32704 Upload path is not set correctly after switch_blog Upload 3.0 normal normal Awaiting Review defect (bug) new 2015-06-18T15:06:15Z 2019-05-15T21:18:59Z "When blog is switched and still using old multisite upload folders, upload directory is not set correctly, which makes functions like wp_get_attachment_image_src() return the wrong url." ilanco 4 32705 `includes_url` shouldn't use `site_url()` on the frontend dev-feedback Permalinks normal normal defect (bug) new 2015-06-18T15:18:09Z 2019-06-04T20:50:36Z "Multisite / Domain Mapping 1. `site_url()` is your admin, `home_url()` is your frontend 1. The site url is blocked behind a firewall 1. You call `includes_url()` for a script on the frontend: your script is blocked, because it loads your admin domain on the frontend I noticed this because we are trying to upgrade the NYT to 4.2.* and emoji scripts are showing up everywhere. I can remove the action for now." wonderboymusic 2 32729 WP sanitize + (plus) and other mathematic symbols as nothing instead of dash separator Formatting 4.3 normal normal defect (bug) new 2015-06-20T02:20:04Z 2019-06-04T19:49:31Z "If title contains e.g. plus symbol (e.g. title is ""1+1=2"", it creates slug 112, instead of 1-1-2. (and than it brings the other bug reported by me 8 years ago, that is just being to repair - #5305) IMO such mathematical symbols should be considered as word separator (btw ""apple+bannana"" is converted to ""applebannana""), so replaced by dash by default" thomask 4 32750 "If changing the checkbox state ""organize my uploads..."" in the media preferences the thumbnails aren't shown anymore" reporter-feedback Media 4.2.2 normal normal defect (bug) new 2015-06-22T12:20:45Z 2019-06-04T20:14:31Z "Hi i ran into the following issue on WordPress 4.2.2. The steps to reproduce. 1. Inside the media preferences keep the checkbox ""Organize my uploads into month- and year-based folders"" unchecked. 2. Upload one or two images inside the library -> everything is previewed properly in thumbnails as well as all files are properly uploaded when checked via ftp. 3. Now check the ""Organize my uploads into month- and year-based folders"" checkbox. 4. Drag and drop a new image to upload inside the library. 5. The thumbnails for the images aren't shown in the library. You only see questionmark placeholders. 6. But if you check via ftp the source files are actually there inside the designated yearly and monthy subfolders but as mentioned not shown in the library. 7. if you uncheck the checkbox in the media preferences again and upload a new image everything works out again and the previews are shown again. Cheers r. " rkoller 1 32768 Customizer Widgets and Themes search improvements reporter-feedback Customize 4.2 normal normal Future Release enhancement assigned 2015-06-23T18:06:29Z 2021-05-22T20:29:24Z "Widgets and Themes search would need the same improvements done for the Menu Customizer. Widgets: - activating ""Add a Widget"" with the Space bar doesn't prevent the default action, as a result the search field gets a space character and the placeholder text is gone. See https://github.com/voldemortensen/menu-customizer/issues/107 Both: - the search results (or no results) should be announced to assistive technologies, possible use case for wp.a11y.speak see #32720 - a short description of the ""live"" search functionality could help, see the Menu items search in core, i.e.: aria-describedby=""menu-items-search-desc""" afercia 6 32773 You cannot move Private nor Passworded posts to Draft. You must make them public first. Posts, Post Types normal normal Awaiting Review defect (bug) new 2015-06-24T03:30:09Z 2017-07-03T16:32:40Z "This is an odd quirk of the editor and might be a security issue for some. However, there is no option from the main editor to move a post directly to draft status from Private nor from Passworded status. I suspect you can trash the post first and then mark it as draft and maybe you could do it from the quick edit. In any case marking as draft should be able to be done from within the actual editor without the disclosure of private information. NOTE: This kinda is a security issue, but not in the way the check box is asking about. It is procedural. So I'm marking ""I am not reporting a security issue.""" BrianLayman 3 32774 Improve WP_Filesystem::dirlist() format consistency Filesystem API normal minor defect (bug) new 2015-06-24T07:05:58Z 2019-06-04T19:49:36Z "At present the return values of dirlist() between the various methods are scattered between several different formats ||Field||Direct||FTP Ext||FTP Sockets||SSH2|| ||name||Yes||Yes||Yes||Yes|| ||perms||Yes||Yes||Yes||Yes|| ||permsn||Yes||Yes||Yes||Yes|| ||number||`false`||Yes||Yes||`false`|| ||owner||Yes||Yes||Yes||Yes|| ||group||Yes||Yes||Yes||Yes|| ||size||Yes||Yes||Yes or `<DIR>`||Yes|| ||lastmodunix||Unix Timestamp||No||No||Unix Timestamp|| ||lastmod||`Nov 15`||No||No||`Nov 15`|| ||time||`02:12:48`||Unix Timestamp||Unix Timestamp||`02:12:48`|| ||year||No||Maybe||Maybe||No|| ||month||No||`Nov`||`Nov`||No|| ||day||No||`15`||`15`||No|| ||hour||No||`02`||`02`||No|| ||minute||No||`12`||`12`||No|| ||type||`d` or `f`||`d`, `f`, or `l`||`d`, `f`, or `l`||`d` or `f`|| ||isdir||No||Yes||Yes||No|| ||islink||No||Yes||Yes||No|| If the FTP Server was Windows, it'd complicate it further by not returning certain fields, using different data in them, or getting confused and not returning any data. The attached patch boils it down to a consistent result of `[ 'filename.ext' => [...], ...]` with the nested arrays of: ||Field||Value|| ||name||Filename|| ||time||Unix Timestamp of last modified|| ||size||File size or false for Directories|| ||type||`d`, `f`, or `l` for Directory, File, or Link respectively|| ||perms||A formatted human-readable `drwxr-xr-x`|| ||permsn||A octal as string `'0755'` for Back-compat purposes|| ||owner||Owner ID or name|| ||group||Group ID or name|| ||files||If it's a recursive directory lookup, a nested array of files|| A number of these are only got back-compat or to match the FTP output - most of these fields are not used by WordPress at all - Specifically `group`, `owner`, `perms`, `permsn`, and `time` are ignored 100% by WordPress (along with a lot of the methods) Changing this has some back-compat issues for any plugins doing anything special with the fields - however they've had to work around the fields returning random content already, so this shouldn't be a huge issue (or they were already broken)" dd32 32787 make_clickable filter johnjamesjacoby needs-unit-tests Formatting 0.71 normal normal Future Release enhancement assigned 2015-06-25T09:38:02Z 2022-08-02T13:01:09Z "Hi, it could be very usefull to add filters to regex callback functions in make_clickable : _make_url_clickable _make_web_ftp_clickable_cb _make_email_clickable_cb Example : {{{ function _make_email_clickable_cb($matches) { $email = $matches[2] . '@' . $matches[3]; $href = apply_filters( 'make_email_clickable_href', 'mailto:'.$email ); $text = apply_filters( 'make_email_clickable_text', $email ); $html = apply_filters( 'make_email_clickable_html', '<a href=""'.$href.'"">'.$text.'</a>' ); return $matches[1] . $html; } }}} Thank you." tlexcellent 16 32789 Abstract get_category_by_path into get_term_by_path needs-unit-tests Taxonomy normal normal enhancement new 2015-06-25T15:59:01Z 2019-06-04T21:15:41Z "Having a function like `get_term_by_path` would be great as currently you have to fork the `get_category_by_path` function on your own to get a term by path for any other custom taxonomy. Would there be any opposition to a patch for this? The abstracted function wouldn't house the `_make_cat_compat` usage, which would remain in the backwards compatible `get_category_by_path` function after checking to see if $category is not null." sc0ttkclark 3 32796 User deletion API is inconsistent between MS and non-MS needs-unit-tests Users normal normal enhancement new 2015-06-26T12:56:44Z 2019-06-05T06:41:04Z "On non-multisite, `wp_delete_user( $u )` does what you'd expect: it deletes user `$u` from the database. On multisite, the same function basically wraps `remove_user_from_blog()`; if you want to delete a user from the database altogether, you've got to use `wpmu_delete_user()`. I understand the historical reasons behind the divergence, but it's pretty lame from a developer's point of view to have to check `is_multisite()` before removing a user from the database. There's a note in the docblock for `wpmu_delete_user()` that says ` * @todo Merge with wp_delete_user() ?`. Maybe we could actually make this happen? " boonebgorges 2 32803 get_extended() Loses Container Tags When Opening Tag is in [main] Editor 4.2.2 normal normal defect (bug) new 2015-06-27T02:21:14Z 2019-06-04T19:29:59Z "`get_extended($post->post_content)['extended'])` loses container tags that were opened in [main] and completed in [extended]. The missing opening tag should be inserted at the start of the [extended] HTML segment and the missing closing tag should be add at the end. For instance if there is a <blockquote> tag in the [main] section (prior to a <!--more--> comment/tag), and the blockquote completes anywhere within or following [extended], that blockquote element is entirely missing in the [extended] segment. I'm not sure if the Editor section is necessarily where this ticket should go. But it concerns the way the editor modifies the final code." rcgordon 2 32815 Color schemes silently disabled in source checkout of core Administration 4.3 normal normal enhancement new 2015-06-28T13:52:08Z 2019-06-04T19:30:04Z "When using development version of WordPress the admin color scheme feature is silently disabled. There is a check in code for -src in version. This is highly confusing from developer experience perspective. It would make sense to me if there were: - message in profile, informing that color schemes are being disabled - short explanation inline for the reasons check is being made" Rarst 3 32824 Consistent search fields between posts and terms Posts, Post Types normal normal Awaiting Review feature request new 2015-06-29T13:42:54Z 2017-07-23T02:17:53Z Searching for posts [https://core.trac.wordpress.org/browser/tags/4.2.2/src/wp-includes/query.php#L2091 currently checks] the `post_title` and `post_content` fields, while [https://core.trac.wordpress.org/browser/tags/4.2.2/src/wp-includes/taxonomy.php#L1899 searching terms] checks the `name` and `slug` fields. Could `post_name` be added to the where clause for posts, and `description` be added to terms? That way, searching would consistently check an entity's title, slug, and content. ashworthcreative 2 32848 Null values for Update Options does not reset in $all_options needs-unit-tests Cache API 4.2.2 normal normal defect (bug) new 2015-06-30T22:04:47Z 2019-06-04T19:30:18Z "This is a fun, extremely niche case. We were using the Settings API to save out options for a plugin when we came across a really frustrating scenario. Half the time our setting was returning values that were not accurate to the setting that was stored in the database and in cache. Come to find, the value being returned from wp_load_alloptions was incorrect while every other instance was correct. In our case, these values were in the database, memcache, and the single value in wp-object-cache. On [https://core.trac.wordpress.org/browser/tags/4.2.2/src/wp-includes/option.php#L319 ""line 319 of option.php""], we're using isset to check the value in the array. This returns false if the value is NULL. This leads to all kinds of sadness. I would propose we instead use `array_key_exists` here to ensure we're getting true if the key is present in the array at all. " MikeNGarrett 4 32849 Allow option of Grid AND List View of the gallery when inserting media into post Media normal normal enhancement new 2015-07-01T00:24:57Z 2023-10-18T16:27:12Z "I’ve looked around quite extensively for this, but can it appears this feature simply doesn't exist in WP currently. Basically, when you’re on a post and want to either “insert media” or select “featured image”, you cannot view the gallery list on a post using the “list view”. Rather the only option appears to be the default “grid view”. The ""list view"" interface is already available in Gallery, is there any reason why this isn't available in the post editor as well? I've seen a number of requests for this online, especially when there are installations that have a large number of images that are similar (and thus you need to easily see the meta information to differentiate)." ashkas 2 32851 Comment e-mail address of registered user not updated when user's e-mail address is changed dev-feedback Comments normal major Future Release defect (bug) new 2015-07-01T05:13:01Z 2020-09-30T20:17:48Z "when i have register on blog and i have add 4 comment on different post. Now 2'nd day i have change my email address on my profile. now any one comment's reply is email gone my old email address which is not change after profile update on comments. i have fix this issue on one member please review it 2 link for more info. i hope u will understand me. [https://wordpress.org/support/topic/update-old-comments-with-new-registered-user-email-address?replies=6] [https://wordpress.org/support/topic/development-bump] now i have fix this bug using this one code {{{ function user_profile_update($user_id) { $commentarr = array(); global $wpdb; if( !current_user_can( 'edit_user', $user_id ) ){ return false; } if(isset($_POST['email'])): echo $email = esc_attr($_POST['email']); $wpdb->query(""UPDATE $wpdb->comments SET comment_author_email='$email' WHERE user_id=$user_id""); endif; } add_action('personal_options_update','my_profile_update', 10,2); add_action('profile_update', 'user_profile_update', 10,2); }}} " ravipatel 8 32856 wpColorPicker close should check that iris hasn't been destroyed before toggling it. has-patch General 4.2.2 normal normal defect (bug) new 2015-07-01T14:40:25Z 2019-06-04T19:49:42Z "wpColorPicker.close() can be called (via the 'click.wpcolorpicker' event on body) when the internally used iris widget has already been destroyed, which means that when it attempts to toggle iris an exception is thrown. The attached patch just checks that iris still exists before the toggle is attempted. This issue arose in response to the question ""Modify Custom Field in Media Library using JavaScript"" by @Howdy_McGee on Wordpress Development stackexchange http://wordpress.stackexchange.com/questions/193006/modify-custom-field-in-media-library-using-javascript, which can be used to replicate the scenario. If you open the color picker and then, leaving it open, close the Attachment Details modal window, a $.error exception is thrown (or can be - may depend on your system) by jQuery UI Widget, ""cannot call methods on iris prior to initialization""." gitlost 3 32861 Site Icon: Provide display for all existing site-icon cropped images Customize 4.3 normal normal Future Release enhancement reopened 2015-07-01T21:14:10Z 2019-06-04T19:30:23Z "Example: I had a picture and tried to set it up as site icon. I cropped this image and now I have `cropped-image.png` variant of this image 512 x 512 px. Then I tried other images and in the end I wanted to go with the first one. But when I selected this cropped image, I had to crop it once again even if right dimensions. So, now there is another `cropped-cropped-image.png` image in media library and it does not make sense... Also images for site icons should be somehow marked (as for header images in Customizer). How can I find my cropped images for site icon in media library when trying to set up site icon?" pavelevap 10 32863 set_custom_fields function in wp_xmlrpc_server class XML-RPC 4.2.2 normal trivial defect (bug) new 2015-07-02T10:04:32Z 2019-06-05T06:41:07Z "Hi, I was working with wp_xmlrpc_server class to insert and update woocommerce products but i found that my custom fields are not working properly. When i inspected the code of function set_custom_fields , i noticed that we are using wp_unslash to remove underscores from custom field keys. So keys like _price , _quantity and _stock were not working for the product custom post type. Secondly we are using add_post_meta to insert the meta data. Can we change it to the update_post_meta ? I have attached the updated function.Please test it and let me know. {{{ public function set_custom_fields($post_id, $fields) { $post_id = (int) $post_id; foreach ( (array) $fields as $meta ) { if ( isset($meta['id']) ) { $meta['id'] = (int) $meta['id']; $pmeta = get_metadata_by_mid( 'post', $meta['id'] ); if ( isset($meta['key']) ) { $meta['key'] = ( $meta['key'] ); if ( $meta['key'] !== $pmeta->meta_key ) continue; $meta['value'] = ( $meta['value'] ); if ( current_user_can( 'edit_post_meta', $post_id, $meta['key'] ) ) update_metadata_by_mid( 'post', $meta['id'], $meta['value'] ); } elseif ( current_user_can( 'delete_post_meta', $post_id, $pmeta->meta_key ) ) { delete_metadata_by_mid( 'post', $meta['id'] ); } } else{ update_post_meta( $post_id, $meta['key'], $meta['value'] ); } } } }}} Regards, Arif Skype: arifamir33 " marifamir 1 32867 Wordpress replaces HTML entities for angle brackets in titles, breaking HTML validation Formatting 4.2.2 normal normal defect (bug) new 2015-07-02T21:46:56Z 2019-06-04T19:49:47Z "In the scientific field I blog about, the opening and closing angle brackets are technical symbols. Because in valid HTML these symbols must always be escaped, I typically write them in the Wordpress post editor with their HTML entities: `<` and `>`. In the body of a post, Wordpress preserves those HTML entities as HTML entities, so the result is conformant HTML. However, when I enter those HTML entities into the Title field for a post, and then click Save, Wordpress replaces the HTML entity with the actual character. Consequently, the page is not valid HTML, and the W3C validator for instance will throw up an error due to an unescaped angle bracket. Note that this does not happen with the other HTML entities for these particular symbols: `<` and `>`. If those are entered into the Title field of a post, they survive after the user clicks Save. So, `<` and `>` should get the same treatment." CRCulver 1 32868 Consider running utf8mb4 conversion on each database update Database normal normal defect (bug) new 2015-07-03T03:27:55Z 2019-06-04T19:30:29Z "As mentioned in #32127 and elsewhere, we should run the utf8 -> utf8mb4 conversion on each db update. The main reason is that the server environment could change between updates. For example, if someone upgrades MySQL between 4.3 and 4.4's release, at present they'll update to 4.4 and still not have utf8mb4 support, even though WordPress will now be able to support it." dd32 1 32892 List table: Select %s shouldn't be a row header Administration 4.2 normal normal Future Release defect (bug) assigned 2015-07-05T14:59:41Z 2018-10-12T15:31:29Z "See related #31654 and #26167. In all the List Tables in the admin, the ""Select %s"" (where %s is the name of the Post, Attachment, Plugin, User, etc,) is used as row header: {{{ <th scope=""row"" class=""check-column""> }}} This is not correct from a semantics and accessibility point of view for all the reasons mentioned in #31654. The row header should be the cell with the main object the table refers to: the Post title, the Plugin name, etc. We could also consider to use the `abbr` attribute: http://www.w3.org/TR/html5/tabular-data.html#attr-th-abbr that would be consistent with what is currently proposed in [comment:21:ticket:32170 sortable column headers ticket]" afercia 2 32912 Autosaves are generated every other preview if post is unchanged Autosave 4.3 normal normal defect (bug) new 2015-07-07T22:30:03Z 2019-06-04T19:30:34Z "I'm trying to work with revisioned post meta and noticed an interesting quirk in core today that I'd categorize as ""unexpected behavior."" While this probably wouldn't come up very often, I think it can cause a bit of a headache when it does. To replicate: 1. Create a new post, give it a title, and publish it. 2. Once the screen reloads, click ""Preview Changes"". Don't make any changes to the post. * In loading the preview, WordPress created an autosave of this post 3. Return to the WordPress Admin and click ""Preview Changes"" again without making any changes. * In loading the preview, WordPress deleted the autosave it created in step 2 Every other preview will add an autosave and every other one will delete it. If at any point you do change the post, the autosave won't get deleted. In the code, what appears to be happening is, `wp_create_post_autosave()` checks to see if an autosave exists. If it does, the code checks to see if the autosave is different from the post, and if so, it deletes the autosave. If an autosave doesn't exist, the function then creates one (using `_wp_put_post_revision()`) -- *without checking to see if the post has changed*. It seems to me that there should be an intermediate function, e.g. `_wp_maybe_put_post_revision()`, which would check to see if the post has changed, and only then call `_wp_put_post_revision()`. This probably isn't a big deal, because it requires someone to attempt to preview (twice) without making changes. However, it's still a bug and it might come up in other ways. Verified in trunk and 4.2.2." mboynes 32917 Tests_DB_Charset tests don't fully cover wpdb::strip_invalid_text_for_column() needs-unit-tests Charset 4.2 normal normal enhancement new 2015-07-08T00:20:27Z 2019-06-04T19:30:40Z "Related / previously: * #32351 * #32308 * #32127 * #21212 `Tests_DB_Charset` includes a data provider that feeds various charsets into its `wpdb::strip_invalid_text()` test, but not for its `wpdb::strip_invalid_text_for_column()` test, which means it's not being tested fully. It should be." johnbillion 1 32918 "_wp_menu_item_classes_by_context does not generate ""current-menu-ancestor"" class when the menu structure was changed by e.g. a plugin" has-patch Menus 4.2.2 normal normal defect (bug) new 2015-07-08T08:50:27Z 2019-06-04T20:14:49Z "I am the developer of Category Posts in Custom Menu. My plugin extends Walker_Nav_Menu_Edit in order to change the menu structure. At the end of the edit loop, my plugin calls _wp_menu_item_classes_by_context on the resulting new menu structure. In a particular case, this results in a missing ""current-menu-ancestor"" class, because _wp_menu_item_classes_by_context retrieves the ancestors from the database (i.e. the unchanged menu structure) instead of from the $menu_items array that was passed in and may now reflect a different structure. Steps to reproduce with my plugin: - Appearances > Menus - Add to the menu a Page - Add to the menu, as child of Page, a Category that has posts - Check ""Create submenu containing links to posts in this category."" This will result in my plugin editing the menu structure, and adding all posts to the menu instead of a link to the Category. Now navigate to one of these posts. You will see that the Page does not receive the ""current-menu-ancestor"" class. I have performed a quick change in nav-menu-template.php that I have only tested with my plugin so far, so it will obviously need a rewrite. I'm attaching it nonetheless because it will quickly show in a few lines of code what took me a few paragraphs to explain here... :)" anaid 3 32932 WP_Http::request hangs on badly behaving servers HTTP API normal normal defect (bug) new 2015-07-09T00:52:56Z 2022-06-02T14:07:31Z "Some plugin includes a call to ""fetch_feed( 'https://wpml.org/feed/' )"" which takes 300 seconds to complete. The whole backend hangs during this rending of the dashboard widget. Tracing the problem down reveals, that the function WP_Http::request has a problem with the response from the server. The server does answer the HTTP/1.0 request with an HTTP/1.1 response and 300 seconds timeout: {{{ $ openssl s_client -connect wpml.org:443 SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES128-SHA Session-ID: 45...30 Session-ID-ctx: Master-Key: 68...4F Key-Arg : None Start Time: 1436367230 Timeout : 300 (sec) --- GET /feed/ HTTP/1.0 Host: wpml.org HTTP/1.1 302 Found ... [300 seconds to wait until the server closes the connection] }}} The WP_Http::request function does not handle this case correctly. It located in this part of the code: {{{ $header_length = 0; while ( ! feof( $handle ) && $keep_reading ) { $block = fread( $handle, $block_size ); $strResponse .= $block; if ( ! $bodyStarted && strpos( $strResponse, ... $header_length = strpos( $strResponse, ... $bodyStarted = true; } $keep_reading = ( ! $bodyStarted || !... } }}} fread() waits the default 10s timeout and returns nothing (after the initial two reads). The repeats 30 times accumulating to 300 seconds. {{{ Count Avg.Time Tot.Time Name (linenumbers differ from the original) 1 301.201028 301.201028 wp-includes/class-http.php:889 1 0.595707 0.595707 -> 1065 1 0.000048 0.000048 -> 1067 1 0.000008 0.000008 -> 1075 1 0.000007 0.000007 -> 1084 1 0.000006 0.000006 -> 1131 32 0.000033 0.001070 -> 1134 32 9.386880 300.380167 -> 1136 1 0.000025 0.000025 -> 1145 1 0.000030 0.000030 -> 1148 1 0.000109 0.000109 -> 1153 }}} The obvious solution is to stop reading if nothing is returned. {{{ $header_length = 0; while ( ! feof( $handle ) && $keep_reading ) { $block = fread( $handle, $block_size ); $strResponse .= $block; if ( ! $bodyStarted && strpos( $strResponse, ... $header_length = strpos( $strResponse, ... $bodyStarted = true; } $keep_reading = ( ! $bodyStarted || !... + if(strlen($block) === 0) break; } }}} This solves the problem for the badly behaving servers (in this case the one from the plugin). (From #meta1104" Lutz Donnerhacke 1 32940 Add IDs to Admin Hyperlinks dev-feedback Administration 4.3 normal normal Future Release enhancement new 2015-07-09T12:18:59Z 2020-02-15T22:37:53Z "Suggestion: add Ids to the primary admin interface hyperlinks. Adding IDs to primary anchor tags in the admin UI makes it far easier to create and maintain UI test suites such as Selenium IDE. UI testing catches problems that phpUnit is not designed to address. Example: Pages / Add New xpath = /html/body/div/div[1]/div[2]/ul/li[5]/ul/li[3]/a css = html.wp-toolbar body.wp-admin.wp-core-ui.js.edit-php.auto-fold.admin-bar.post-type-page.branch-4-3.version-4-3.admin-color-fresh.locale-en-us.customize-support.sticky-menu.svg div#wpwrap div#adminmenumain div#adminmenuwrap ul#adminmenu li#menu-pages.wp-has-submenu.wp-has-current-submenu.wp-menu-open.menu-top.menu-icon-page ul.wp-submenu.wp-submenu-wrap li a Would be nice to reference key elements with things like a#menu-page-add-new instead. Especially when updates to WP Core change the higher level HTML DOM classesor structures. " charlestonsw 2 32942 Taxomony term list counts do not respect post_type parameter reporter-feedback Taxonomy 3.1 normal normal Future Release defect (bug) new 2015-07-09T13:57:48Z 2023-08-02T09:06:40Z "Assuming you have a shared taxonomy, when viewing the post_type specific manage terms page, the post_type is not respected in the term counts. So if you have 6 posts for post_type 1 and 5 posts in post_type 2 assigned to the same taxonomy term (category->news for example), the post count for the news term will be 11 even if you are viewing the edit-tags page with the post_type set to a specific type. So whether you go to wp-admin/edit-tags.php?taxonomy=category or go to: wp-admin/edit-tags.php?taxonomy=category&post_type=example The term count for each term is the same. When calculating term counts, it should take into account the post_type parameter and return counts for just that post_type. The link in the edit-tags.php list behaves as expected. It links to wp-admin/edit.php?category=news&post_type=example which shows just the list of example posts in the news category. Its misleading to the user because in the taxonomy term list under a specific post type it says there are X posts assigned to that term, but when they click the link there displays a different number of posts. This is because the term list is displaying the count of all posts, regardless of type, that have that term assigned." stueynet 37 32952 Select elements don't have the same size as input elements close Quick/Bulk Edit 3.8 normal normal defect (bug) new 2015-07-09T20:22:56Z 2023-05-14T19:48:31Z "[[Image(https://cldup.com/Daws15AjdJ.png)]] - `select` elements should have the same font size as other `input` elements" sunnyratilal 5 32956 Adding Extra Table Navigation To Multisite Site list has-patch Networks and Sites 4.3 normal normal enhancement new 2015-07-10T10:05:31Z 2019-06-04T20:14:53Z "This is related to #26580. I thought it would be nice to add support for extra_tablenav() to the multisite table list. I'm not quite sure how this should be done, I used the same format other tables use, i created the ""restrict_manage_sites"" action. I think this may not be the best naming since if a ""sites"" post type exists it may conflict with this. If anyone has any ideas that would be awesome. " danielpataki 1 32965 Add new Credit field to media attachment details Media normal normal enhancement new 2015-07-12T05:14:33Z 2023-10-18T16:35:53Z "I propose adding a new form field to the attachment details page to easily add information to credit media files to their original sources. For example, if I upload an image I can use this new field (Credit) to add the photographer and any other related or required information to fulfill copyright or attribution requirements. Currently the attachment details pane has the following fields (from Codex [https://codex.wordpress.org/Inserting_Media_into_Posts_and_Pages]): • Title: the name of this media • Caption: brief explanation - this text will be displayed below the image • Alternative text: text to describe the media - used for accessibility • Description: an explanation of this particular media These fields are not ideal for adding attribution information because doing so would prevent a user from adding information originally intended for those fields. Having a separate field specifically for crediting an attachment would be better because users could still add a caption or description but also add their attribution. Plus, the Credit field could have a CSS class selector (e.g., ""wp-credit-text"") assigned to it to make it easy to style in a theme. '''Why this is important''' Whenever anyone inserts a media file into their post or page they should (or sometimes must) credit the original source. This is important to provide copyright information or to attribute items that are in the creative commons. Because there is currently no specific place to put this information on an attachment, users might not be adding it or are doing so in an inconsistent or makeshift way (e.g., in the caption field or at the end of a post). When a user uploads a media file and sees the Credit field they may be more motivated to add the appropriate information, which can be as simple as the word ""Credit"" with a link to the original source to something more complex. For instance, the Creative Commons says an ideal attribution contains the following: title and author, as well as links to the original source, author's profile, and the Creative Commons license. For example: • ""Creative Commons 10th Birthday Celebration San Francisco"" by tvol is licensed under CC BY 2.0. See [https://wiki.creativecommons.org/wiki/Best_practices_for_attribution] Although some plugins exist that add this feature and developers can add it to their functions file, it would be more beneficial as part of the WordPress Core. It would enhance WordPress for everyone, promote the idea of attributing work, and allow theme developers to easily add or style it in themes. Helpful things to note: • The Credit field should allow HTML • The magic happens in wp-admin/includes/media.php • Current attachment form fields are added in get_attachment_fields_to_edit() (line 1164) • WordPress creates a shortcode for the caption in img_caption_shortcode() (line 843) with <figcaption> tags and CSS class of ""wp-caption-text"" so we may want to do something similar to Credit, like <cite> tags and "".wp-credit-text"" class. I've developed a small plugin that adds the field, but it needs a little work with styling for the attachment editor. See some more specific notes in the plugin. Thank you!" mcuomo2013 2 32979 Password UI: Regenerate PW after clearing field General 4.3 normal normal Future Release enhancement new 2015-07-13T17:49:23Z 2017-12-11T13:25:02Z "Based on https://core.trac.wordpress.org/ticket/32589#comment:20. I think this needs some discussion and focus in it's own ticket. In the new UI a PW gets generated for you. You have to take an action ""Show password"" or ""Generate new password"" to make the field show. Then you can edit that if you would like. At that point you decide you would rather generate one again. There is no clear way to do so. A few things worth noting On user profile you can click ""Generate new password"" again and it will. On new user you can click ""Show password"" and it will regenerate a pw again. (This is not great and where the change needs to happen) Perhaps the easy solution is to change the wording on the button when the field is shown to ""Generate new password"". A small issue that can be taken care of at the same time is the ""Show password"" button shows above the PW field while the ""Generate new password"" button shows below. The button below looks better. " MikeHansenMe 10 32993 get_terms with child_of only works with uninterrupted hierarchies DrewAPicture* Taxonomy 4.2.2 normal normal Awaiting Review defect (bug) accepted 2015-07-14T13:00:45Z 2017-09-23T23:53:42Z "Similar to #14477 - If I use `get_terms()` with both search and child_of, the filtered results are passed to `_get_term_children()`, and if those results don't include an uninterrupted heirarchy, it returns an empty array. Something like... {{{ get_terms(array( 'search'=>$search_term, 'child_of'=>6 )); }}} won't return grandchildren of 6 that match `$search_term`." eclev91 2 32994 invite email from secondary blog does not use network site URL for wp-activate link reporter-feedback Networks and Sites 4.2.2 normal normal defect (bug) new 2015-07-14T14:33:18Z 2019-06-04T20:15:01Z "When inviting a user as an admin from a secondary site, the message uses `site_url('wp-activate.php?key=$key')` to generate the invite link. This is a problem because `wp-activate.php` returns a 404 when accessed outside the network site domain. Instead it should use `network_site_url('wp-activate.php?key=$key')`, as is done elsewhere. Here is the line in question: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/ms-functions.php#L953" leedo 4 33002 List table: avoid redundant Edit links and reduce noise for screen readers Administration 4.2 normal normal Future Release defect (bug) new 2015-07-15T14:01:49Z 2019-06-04T19:30:55Z "Splitting this out from #32254. In all the List Tables (except Comments) there are redundant adjacent ""Edit"" links. They have different text and they point to the same resource (the edit screen). For example, in the screenshot below ""Scheduled"" and ""Edit"" (the row actions one) serve the same purpose. [[Image(https://cldup.com/jY65ziCiL4.png)]] As pointed out in #32254 the row actions ""Edit"" link may represent some sort of feedback given to users about what they can do, specifically if they have permission to edit and I see the potential confusion in removing it. On the other hand, that's completely redundant and confusing for screen reader users who will just hear the same information twice, multiplied for the default 20 items per page makes a total of 40 ""Edit"" links. Considering also the title attributes, screen readers will read out something like this: {{{ Scheduled link Edit “Scheduled” Edit link Edit this item }}} We should try to find a way to hide the redundant link just for assistive technologies. Would be a bit tricky since `aria-hidden` would silence screen readers but wouldn't remove the tab stop. Any thoughts more than welcome. " afercia 8 33009 Alignment of header in category table Administration 4.0 normal normal defect (bug) new 2015-07-15T21:40:28Z 2019-06-04T19:31:14Z In the admin/category page, the header of rightmost column is partially hidden if switching to another language (it_IT in this example, see attached image) probably due to alignment. WP 4.3-beta2-33274, Windows 7, XAMPP, Firefox andywar65 1 33017 Images displayed with page.php instead of index.php needs-unit-tests Themes normal normal defect (bug) reopened 2015-07-16T15:04:19Z 2019-06-04T21:15:50Z "I am developing a theme and currently do not have an `attachment.php` or a `single.php`. When I insert an unattached image into a post and select ""Link to: Attachment Page"", I expect the image to be displayed with `index.php` according to the template hierarchy [https://developer.wordpress.org/files/2014/10/wp-template-hierarchy.jpg]. However, the attachment page is displayed with the `page.php` tempalte instead, and the URL is under my static front page. The issue does not show up with images attached to the post." creon 6 33034 Refactor SCRIPT_FILENAME ending with php.cgi check in load.php Bootstrap/Load 4.3 normal normal enhancement new 2015-07-18T13:40:53Z 2019-06-04T19:31:23Z I found the original check pretty confusing :) wildpeat 2 33053 download_url() includes query string in temporary filenames has-patch Upgrade/Install 4.2.1 normal normal Future Release defect (bug) new 2015-07-20T21:07:47Z 2017-02-21T09:19:34Z "When installing a theme update, I encountered an error traced back to the update file exceeding the Windows path\filename length limit. It turned out the root cause of this was that the download URL contained a query string with access key information, which was also being included in the filename of the temporary file created by $tmpfname = wp_tempnam($url); in the download_url() function. In my case, for example, download URL was: https://s3.amazonaws.com/marketplace-downloads.envato.com/files/140862862/enfold.zip?AWSAccessKeyId=*******************&Expires=1437422162&Signature=*****************-***********%3D&response-content-disposition=attachment%3B+filename%3Dthemeforest-4519990-enfold-responsive-multipurpose-theme-wordpress_theme.zip which resulted in a temporary file called: enfold.zipAWSAccessKeyId*******************Expires1437422162Signature*****************-***********-3Dresponse-content-dispositionattachment-3B-filename-3Dthemeforest-4519990-enfold-responsive-multipurpose-theme-wordpress_theme.tmp rather than the expected enfold.zip I would suggest that downloaded files should probably exclude any query string from the URL as the simplest method of resolving this issue, but will leave that to development team." Hyperopic 10 33054 Better featured image/attachment sanity checks Media 4.2.2 normal normal Awaiting Review enhancement new 2015-07-20T22:19:09Z 2017-06-27T16:16:22Z "Use case: Add a post: If a user uploads a featured image and the file fails to write to disk, the post record contains the url to the image but of course the image is broken. The end state is one where the featured image is simply broken, but the post record references the image. Possible solutions: 1. Do an extra sanity check after write to disk that the image was actually created. If there was a failure alert the user. This is probably the easiest. 2. Or reverse the order of operations, making it transactional in nature. That is, create the image(s) first, check if successful, and then update the post record. If there is a failure show an alert to the page, and don't write the image path to the post record as the file doesn't exist. It is alot cleaner to not have an image than having a broken one. It is also better if the image was successfully written to disk but the post url failed to update for some reason; we can always re choose from the media library. a. Going above and beyond, the sanity check would keep track of thumbnail sizes to be created and make sure they all were successful. If not, don't update the post record and remove the thumbnail sizes that did write to disk. Once again treat as a transaction; all or nothing. Extended impact: Many folks use image compression plugins or tools that compress the images before writing to disk. Currently if those items fail usually by timeout you are left with a broken image and the url is in the meta. I propose that there be a pre-check as to the thumbnails to be created before the image write even occurs (add a new action hook that keeps track of the thumbnails we expect from add_image_size) and then check on the backside to make sure we have the image(s) we expect. After that all sanity check rules proposed above would apply." ShawnLunny 2 33073 "Some strings need ""no HTML entities"" translator comments" has-patch I18N normal normal 6.6 enhancement new 2015-07-22T14:44:59Z 2024-02-12T13:49:08Z "This is a renewal of #10005, which was apparently my first patch to WP 6 years ago, but never got accepted. #10005 was closed as fixed, but it truth it was not (see my last comment there). So, I'm opening a new ticket about this... and updating the description and patch from 6 years :) Here goes! Several strings need to have an indication warning translators against the inclusion of HTML entities within their translation, because of where the strings are user (RSS feeds, e-mails, JavaScript...). Case in point: in French, there should be a non-breaking space ( ) before any double sign (; : ! ?). So, translators would turn ""URL: %s"" into ""Adresse web : %s"". But since it is used in e-mails, it is displayed as-is. And for strings that are used in feeds, it breaks them... Suggestions comment: ""Do not add HTML entities ( , etc): used in [context]"". Patch fixes all strings that I could find. I do hope it is a simple enough patch, and not too close to RC, that it could make it into 4.3. Thanks!" xibe 29 33085 Customizer: controls description inside labels are not real labels nor descriptions Customize 4.2 high normal Future Release defect (bug) reviewing 2015-07-22T22:45:01Z 2023-11-14T04:54:29Z "Splitting this out from #32493 (which changed its scope) I'd propose to investigate about the Customizer controls descriptions. Currently, they're inside the label element. The result is they're not a proper form label, since labels should be short. Longer descriptions should be associated with form controls using `aria-describedby`. As consequence for accessibility: as soon as a form control is focused, its label gets read out. In the following example from the new ""Site Icon"" functionality in 4.3, all the text highlighted in the blue box will be read out but the actual button text ""Select File"" won't. [http://www.w3.org/TR/html5/forms.html#category-label Buttons can have labels], that's correct HTML, but of course the label text will override the button text. Not to mention all the label text is clickable and will activate the button when clicked. [[Image(https://cldup.com/YrBf73CbMo.png)]] Same for input fields, the control description used as label will be read out as... a label. [[Image(https://cldup.com/cgetk_WbNT.png)]] Related: #31540" afercia 48 33095 Background updates: Administration blocked dev-feedback Upgrade/Install 4.2.3 normal normal defect (bug) new 2015-07-23T12:01:49Z 2019-06-05T06:41:12Z A while ago there was background update to 4.2.3 and everything works well. But administration was blocked for users without Administrator capability to update database. Many of our editors could not work until Administrator logged in and updated database. I am not sure if I am missing something or something wrong on our side, but it is a dangerous situation, I guess... Database should be updated automatically in this case of minor update? pavelevap 4 33107 Add a Menu button: when clicked the icon does not rotate around center point dev-feedback Customize 3.9 low normal Future Release enhancement assigned 2015-07-24T01:47:32Z 2021-05-22T21:08:48Z "When clicking the ""Add a Menu"" button in the Menus area of the customizer, the icon doesn't quite rotate around its center point. On some browsers like Chrome and Firefox the icon is also misaligned and pulled up too high. Here's the icon in Firefox for example: [[Image(https://cldup.com/01NjVg0Qh7-3000x3000.png)]] Screenshot of the rotated icon combined with its original position: [[Image(https://cldup.com/uO_3o712gB-3000x3000.png)]] Here's some short videos of how the icon rotates when clicked: Firefox 39 (OS X) https://cloudup.com/cBb9kdrvjNZ Chrome 43 (OS X) https://cloudup.com/ciNZeSgbab7 Safari 8 (OS X) https://cloudup.com/cUmIW81nSht Safari is the only one that looks correct. The issue is partly caused by the ""add"" icon not a perfect square (it appears 1px wider in some browsers). By using the transform-origin CSS property we can improve how the icon rotates. Because of the icon being rendered 1px wider in some browsers it's not possible to get it exact, but it's certainly an improvement. Shown below are some videos of how they would look after some CSS adjustments using the transform-origin CSS property. Best viewed at normal size with the patch, but you get the idea: Firefox 39 (OS X) https://cloudup.com/ca2OWHuGe8q Chrome 43 (OS X) https://cloudup.com/c_5AROy460x Safari 8 (OS X) https://cloudup.com/c1YdWYfyMqd Also tested in IE 11 on Windows. First patch coming." sumobi 8 33112 Suppress calls to ini_set in core General normal normal defect (bug) new 2015-07-24T14:24:43Z 2019-12-30T23:39:03Z "On many shared hosts, the PHP function `ini_set` is disabled for security reasons. Calls to the function when it is disabled generate a warning that is usually not shown to the user because `display_errors` is configured as such. However, this event is still logged and for high traffic sites, this can create a ton of events. You can suppress warnings from this function by prepending an `@` symbol to the beginning of each call. We are already doing this in many places in core. By running `grep -r ""[^@]ini_set"" .` in the root of a WordPress installation, all occurrences will be located. In addition, the following command can be run in the root to patch all occurrences by prepending with an `@` symbol. {{{ find . -type f -exec sed -i 's/@*ini_set/@ini_set/g' {} \; }}} This searches the current directory for all occurrences of `ini_set` with zero-or-more occurrences of `@` prepended. This is an idempotent command in that it should produce the same results if run many times. It could be made part of a build preparation process to clean occurrences of `ini_set` without suppression. I will be attaching a patch that makes these changes! Thanks!" mdwheele 13 33123 Filter on theme mod default value Themes 4.3 normal normal Awaiting Review enhancement new 2015-07-25T15:56:28Z 2018-06-23T19:15:25Z "For those of us using theme mods for storing theme settings, we often need a method for modifying the default theme mod when building child themes. For example, I might build a Christmas-styled child theme and modify the parent theme's default ""primary"" color to green. The only way this is possible is if the parent theme does something like this: {{{ $primary = get_theme_mod( 'color_primary', '' ); add_filter( 'theme_mod_color_primary', 'parent_color_primary', 99 ); function parent_color_primary( $hex ) { return $hex ? $hex : '#00000'; } }}} Then, the Christmas child theme can hook in earlier and modify this if needing to change the default like so: {{{ add_filter( 'theme_mod_color_primary', 'child_color_primary', 10 ); function child_color_primary( $hex ) { return $hex ? $hex : '#cc0000'; } }}} That's kind of a janky way to do things. It'd be far easier to have a filter on the default passed into `get_theme_mod( $mod, $default )`. Something like: {{{ $default = apply_filters( ""theme_mod_{$mod}_default"", $default ); }}} In this scenario, the parent theme merely needs to do this: {{{ $primary = get_theme_mod( 'color_primary', '#000000' ); }}} And, the child theme: {{{ add_filter( 'theme_mod_color_primary_default', 'child_color_primary' ); function child_color_primary() { return '#cc0000'; } }}} I'm attaching a patch that will provide this filter hook." greenshady 2 33134 Complex Nested Shortcodes Inside of Attributes Are Not Processed Left-to-Right Shortcodes 4.2.3 normal normal defect (bug) new 2015-07-27T02:30:38Z 2019-06-04T21:16:00Z "Given the following input pattern, the 4.2.3 update alters the flow of control very slightly, which could give the appearance that shortcodes are ""not working"". {{{[myloop]<html attr=""[dependent]"">[/myloop]}}} The preferred input pattern is the one in which the shortcodes output their own HTML, and this is unchanged by the update to 4.2.3: {{{[myloop][dependent][/myloop]}}} Additional considerations: The Shortcode API does not process nested shortcodes. This only happens when plugins run do_shortcode() recursively. Core devs have not yet considered whether this is a bug, nor to which Milestone it might be assigned. Algorithm required for do_shortcode to partially restore left-to-right processing: 1. Parse HTML. 1. Replace all shortcodes found in attributes with unique, non-shortcode, non-HTML placeholders. 1. Implode HTML. 1. Run shortcode regexp. 1. Before calling each custom handler, the placeholders would have to be undone inside of each wrapping shortcode. 1. Call custom handler. At this point, the custom handler is able to get left-to-right recursion. 1. Escape all shortcodes and placeholders in shortcode output (callback abstraction needed?) 1. Undo all remaining placeholders. 1. Parse HTML (again, from the top) 1. Do shortcodes in attributes. (Not inside wrapping shortcodes). 1. KSES filters the shortcode output. 1. Implode HTML. " miqrogroove 7 33139 Customizer on mobile: 'Save & Publish' button may overflow when translated. dev-feedback Customize normal normal Awaiting Review defect (bug) new 2015-07-27T12:50:16Z 2021-05-23T17:46:38Z iseulde 4 33141 Search form clear button is clipped in Safari (OS X) has-patch General low minor Awaiting Review defect (bug) new 2015-07-27T15:06:53Z 2017-05-23T17:20:12Z "Safari's search boxes have an ""X"" to clear the search terms. It is getting clipped. OS X. The reason for this appears to be the padding on the search box, and that we're doing this: {{{ input[type=""search""] { -webkit-appearance: textfield; } }}} which we HAVE to do in Safari in order to control certain aspects of the display. [[Image(https://cldup.com/J90Zt5PGQW-3000x3000.png)]] There is a pseudo-selector we might be able to use to fix this: `::-webkit-search-cancel-button {}`" markjaquith 4 33147 Updated message on install.php, Username can't be change directly after installation dev-feedback Upgrade/Install normal normal defect (bug) new 2015-07-27T20:03:53Z 2020-01-21T15:25:53Z "On install.php page, Text is wrong, Usernames cannot be changed. " Ankit K Gupta 2 33148 Categories are missing in admin category list when child category linked to non-existant parent id Taxonomy 4.2.3 normal normal Future Release enhancement new 2015-07-27T21:42:51Z 2021-07-13T19:27:17Z "I did a dive into this as our own categories were not showing up and think that this is a user experience nightmare. I have detailed the issue here: http://stackoverflow.com/a/31663554/1361532 A quick google search for ""wordpress missing categories"" shows many threads on wordpress.org with users who never had a resolution since at least 2010. As an additional note though the bug does not impact the actual use of the category when creating new posts, although the categories are not nested correctly, but are still usable. To be clear this bug only impacts category management. My recommended solution to this is for the category list to show all categories in the list even if they are not properly linked AND to show (in red?) ones that are not linked correctly so they can be fixed. " ShawnLunny 16 33158 inline toolbar: incorrect position if link spans over two lines Editor 4.3 normal normal Future Release defect (bug) new 2015-07-28T20:47:41Z 2019-07-04T12:30:16Z iseulde 2 33172 Notice in get_bulk_actions() in certain conditions Quick/Bulk Edit normal normal defect (bug) new 2015-07-29T12:01:16Z 2019-06-04T21:16:11Z "Hi there, When a custom post type declaration is made with custom `capabilities`, the `delete_posts` cap can be missing. If it's the case, the `get_bulk_actions()` function create a PHP Notice saying the following: `Notice: Undefined property: stdClass::$delete_posts in /wordpress/wp-admin/includes/class-wp-posts-list-table.php on line 251` To prevent and avoid this notice, I simply use `isset()` to check the definition. (see patch in attachment) Thank you." CreativeJuiz 1 33180 Widgets not preserved after switching theme and deactivate plugins dev-feedback Widgets 2.8 normal normal defect (bug) new 2015-07-29T17:59:40Z 2019-06-05T06:41:16Z "Steps to reproduce: - Activate any plugin with available widget. - Use this widget in sidebar of actual theme. - Deactivate all plugins. - Switch theme (for example Twenty Fifteen). Note: These steps are frequently used for debugging problems. - Switch back to previous theme. - Activate all plugins. Expected result: Widget is still active and visible. Current result: Widget is missing. When used together with any core widget, then this widget is preserved during workflow above." pavelevap 5 33186 Stop sending password via e-mail when creating a new site in Multisite Networks and Sites normal normal task (blessed) reopened 2015-07-29T18:32:29Z 2019-06-04T20:50:55Z "We should continue on this ""don't e-mail passwords work"" and stop e-mailing passwords when new sites are created. see #33175 and #32428" markjaquith 3 33204 kses $allowedposttags should support microdata Formatting normal normal Awaiting Review enhancement new 2015-07-30T10:30:26Z 2018-11-15T13:27:39Z "It should support more attributes: itemscope, itemprop, itemref, itemtype and itemid check out https://en.wikipedia.org/wiki/Microdata_(HTML)#Global_attributes" wordpressplugindeveloper 4 33209 Inviting a new user to Multisite results in password being emailed dev-feedback Users normal normal Future Release enhancement new 2015-07-30T22:16:59Z 2019-06-11T13:07:41Z "If you add a new user from a site users page (NOT the network one, {{{/sitename/wp-admin/user-new.php}}} ) the flow results in a password being emailed in plaintext. 1) Add new user 2) New user gets email to activate 3) Activate link (ex. {{{example.com/sitename/wp-activate.php?key=5324e8cf2cef143b}}} ) shows the new password 4) The following email is sent: {{{ Howdy anotherstenu, Your new account is set up. You can log in with the following information: Username: anotherstenu Password: 78HoBi6oFSf9 http://local.multisite-pre.dev/blarg/wp-login.php Thanks! --The Team @ Multisite Naked Sites }}} Whoops. It looks like this can be fixed for new sites by updating wp-includes/ms-functions.php, however this is set in the database on Network Activation, which means even changing core doesn't update the myriad sites who are merrily emailing out passwords because this is set (wp admin -> Network settings -> Welcome User Email) {{{ Howdy USERNAME, Your new account is set up. You can log in with the following information: Username: USERNAME Password: PASSWORD LOGINLINK Thanks! --The Team @ SITE_NAME }}} The attached patch addresses new setups and doesn't break existing ones since I'm really not sure what's best here. I want to say we should edit everyone's DB and change the above block to this: {{{ Howdy USERNAME, Your new account is set up. Username: USERNAME To set your password, visit the following address: <RESETLINK> Thanks! --The Team @ SITE_NAME }}} However there are myriad people who have customized that simply because they can, and I fear the damage of breaking them." Ipstenu 23 33213 has_shortcode spec in 4.3 Shortcodes normal normal defect (bug) new 2015-07-31T08:04:52Z 2019-06-04T21:16:16Z "There is a question about the specification of the has_shortcode function. The specification of the do_shortcode function was changed in version 4.2.3, but it doesn't seem that the has_shortcode function is changed. The next contents were tested. source: {{{ function shortcode_abc( $atts, $content='' ) { return 'abc'; } add_shortcode( 'abc', 'shortcode_abc' ); var_dump( has_shortcode( ""<!-- [abc] -->"", 'abc' ) ); var_dump( do_shortcode( ""<!-- [abc] -->"" ) ); var_dump( has_shortcode( ""<![CDATA[ [abc] ]]>"", 'abc' ) ); var_dump( do_shortcode( ""<![CDATA[ [abc] ]]>"" ) ); var_dump( has_shortcode( ""<input value=\""[abc]\"" />"", 'abc' ) ); var_dump( do_shortcode( ""<input value=\""[abc]\"" />"" ) ); var_dump( has_shortcode( ""<div class=\""[abc]\"">Hello.</div>"", 'abc' ) ); var_dump( do_shortcode( ""<div class=\""[abc]\"">Hello.</div>"" ) ); var_dump( has_shortcode( ""[abc]"", 'abc' ) ); var_dump( do_shortcode( ""[abc]"" ) ); }}} result(4.3 RC1): {{{ bool(true) string(14) ""<!-- [abc] -->"" bool(true) string(19) ""<![CDATA[ [abc] ]]>"" bool(true) string(23) ""<input value=""[abc]"" />"" bool(true) string(29) ""<div class=""abc"">Hello.</div>"" bool(true) string(3) ""abc"" }}} (1).I think $ignore_html parameter is also necessary to the has_shortcode function. {{{ function has_shortcode( $content, $tag, $ignore_html = false ) }}} (2).Shouldn't a result of the has_shortcode function make the specification of the do_shortcode function identical? " tmatsuur 3 33215 Main plugin file loaded multiple times under special circumstances on Network Activate Plugins 4.2.3 normal normal defect (bug) new 2015-07-31T10:06:02Z 2019-06-04T20:50:57Z "Consider the following code in the main plugin file: {{{ function test_plugin_install ( $network_wide = null ) { if ( $network_wide ) { trigger_error( 'Please activate individually.', E_USER_ERROR ); } } register_activation_hook( __FILE__, 'test_plugin_install' ); }}} and a multisite setup with * mysite.intern as main site * one.mysite.intern, two.mysite.intern, etc. as blog sites Now, if you first activate the plugin ''individually'' on mysite.intern, and then select ""Network Activate"", the following is logged: {{{ PHP Fatal error: Please activate individually. in test_plugin.php on line 17 PHP Fatal error: Cannot redeclare test_plugin_install() (previously declared in test_plugin.php:15) in test_plugin.php on line 15 PHP Fatal error: Cannot redeclare test_plugin_install() (previously declared in test_plugin.php:15) in test_plugin.php on line 15 }}} and only the last error is displayed on the admin page. If the plugin is first activated on another blog site or isn't activated individually anywhere, only the expected ""Please activate individually"" error is thrown and displayed on network activation, as expected. Wrapping the function test_plugin_install in a conditional only results in the next function in the plugin file triggering the redeclaration error." ccprog 4 33216 Users.php post count is not accurate as it does not include drafts. has-patch Users normal normal defect (bug) new 2015-07-31T11:44:50Z 2019-06-05T06:41:20Z "On Users.php, the post count for users does not include Draft posts. However if you click on the number to view the Users' posts, the view presented does include drafts. I consider this a UX bug. More seriously when, for example, deleting unused users, this number indicates a user has no posts when in fact they may have Draft posts. This can lead to posts being deleted when the users is deleted in the belief they have no (post) content. This is a much more serious UX problem as it can result in loss of content. I have attached a patch to add another variable to get_posts_by_author_sql() and count_many_users_posts() / count_user_posts() to allow the inclusion of drafts. The variable is set to false by default so it does not effect any existing use of the functions. " emirpprime 1 33234 Tags/Categories Count Incorrect dev-feedback Taxonomy normal normal defect (bug) new 2015-08-02T22:31:34Z 2023-05-03T20:24:41Z The tags and categories management pages show inaccurate count when posts are marked private. mikedunn 4 33240 Introduce a capability for previewing posts needs-unit-tests Role/Capability normal normal Future Release enhancement assigned 2015-08-03T11:36:52Z 2017-07-14T19:41:15Z "In order to preview an unpublished post (ie. draft or pending), a user needs the `edit_posts` capability for that post type ([https://core.trac.wordpress.org/browser/tags/4.2.3/src/wp-includes/capabilities.php#L1174 src]). There is a valid use case where a site requires a user role which has the capability to preview unpublished posts but not edit them, for example for editorial review/sign-off, layout review, early access, etc. You can [http://wordpress.stackexchange.com/a/196209/27051 get around this by using a combination of the posts_results and the_posts filters], but this isn't very future-proof because the post results skip a bunch of logic that occurs between those two filters. A `preview_post` meta capability and a `preview_posts` primitive capability could be introduced and implemented wherever the `edit_posts` capability is used in regard to previewing unpublished posts. By default, it will simply map to the `edit_posts` capability. Thoughts?" johnbillion 7 33252 Add a Faster SHORTINIT-like admin-ajax Alternative General 4.2.3 normal normal feature request new 2015-08-04T03:34:47Z 2019-06-04T19:50:21Z "The existing `admin-ajax.php` is slow because it loads the whole Core. Even though that's useful, this makes `admin-ajax.php` slow to use in front-end scenarios where you need fast responses. Some code snippets exist that circumvent this by creating their own ajax handlers that utilize the SHORTINIT constant. Although these solutions would require you to load `wp-load.php` yourself which is not advised. E.g. https://coderwall.com/p/of7y2q/faster-ajax-for-wordpress from 2012 I'd like to propose a feature request for an `admin-ajax.php` likehandler that: * doesn't load the whole core, * loads only some essential functions similar to the functionality given by SHORTINIT Implementation suggestion: The best way to implement this in my opinion is to create 2 new action hooks `wp_ajax_shortinit_{action}` and `wp_ajax_shortinit_nopriv_{action}` that behaves identically with `wp_ajax_{action}` and `wp_ajax_nopriv_{action}` except that the SHORTINIT-like environment is implemented." bfintal 3 33267 Customizer Theme details: too many events has-patch Customize 4.2 normal normal Future Release defect (bug) new 2015-08-04T23:28:42Z 2021-05-23T17:49:12Z "This happen just in the Customizer Theme details modal, not in the Themes screen. To reproduce, go in the Customizer and press the ""Change"" button next to the Active Theme title. Choose one of the themes in the left sidebar and press the ""Theme Details"" button. When the Theme Details modal opens the first time, there's just one `keydown` event attached to the theme overlay: [[Image(https://cldup.com/66ZTntnIuP.png)]] Now, navigate forth and back clicking on the next and previous arrows in the top left to see more themes details. After 10 times, there will be 10 `keydown` events attached: [[Image(https://cldup.com/kNtc6D9dsy.png)]] And so on and on, after 15 times, 15 `keydown` events attached, etc.: [[Image(https://cldup.com/5tgfv95ieb.png)]] What's happening? Every time next and previous are clicked, `api.ThemesSection.showDetails()` will replace the html in the modal to show the new details and it will also call each time `api.ThemesSection.containFocus()`. Then, `containFocus()` will attach a new `keydown` event each time it runs :( and it will also run each time jQuery UI `:tabbable`. At the end, after you navigate a few times in the Themes Details and then you tab inside the modal, it's very easy to run `:tabbable` literally hundreds of times for each ""Tab"" key press. Notice all this doesn't happen in the Themes screen because the div where events are attached to gets completely replaced by jQuery `html()` which removes also any data and events. This is not the case in the Customizer where events are attached to the theme overlay div which doesn't get replaced. To my understanding this should be refactored a bit: * attach the `keydown` event just once, in the attachEvents() function * split containFocus() in two separate functions: * a simplified containFocus() to just check the event keys and move focus * a new getTabbables() to get the tabbable elements just once for each theme details. * store the tabbables in a variable to be updated with getTabbables()" afercia 5 33278 Naming files with dimensions when manually cropping images has-patch Media 4.1.6 normal normal enhancement new 2015-08-05T15:38:27Z 2019-06-04T20:15:16Z "Hi. When I create a new dimension for image file in image editor, I get file with random name. It is more useful to name it like basic files (filename-150x150.ext, filename-300x300.ext). I change for it ""/wp-admin/includes/image-edit.php"". This code first try to use dimension-name before using random. Starting from line 707. My code in a pluses. {{{ // Generate new filename. $path = get_attached_file($post_id); $path_parts = pathinfo( $path ); $filename = $path_parts['filename']; $suffix = time() . rand(100, 999); //++++++++++++++++++++++++++++++++++++++++++++++++ // First try suffix-sizes - mine $suffix_sizes = $img->get_size(); $suffix_sizes = ""-"".$suffix_sizes[""width""].""x"".$suffix_sizes[""height""]; //++++++++++++++++++++++++++++++++++++++++++++++++ if ( defined('IMAGE_EDIT_OVERWRITE') && IMAGE_EDIT_OVERWRITE && isset($backup_sizes['full-orig']) && $backup_sizes['full-orig']['file'] != $path_parts['basename'] ) { if ( 'thumbnail' == $target ) $new_path = ""{$path_parts['dirname']}/{$filename}-temp.{$path_parts['extension']}""; else $new_path = $path; } else { //++++++++++++++++++++++++++++++++++++++++++++++++ // First try suffix-sizes - mine $filename = preg_replace( ""/-e([0-9]+)$/"", """", $filename ); $filename = preg_replace( ""/-([0-9]{1,5})x([0-9]{1,5})$/"", """", $filename ); $filename .= $suffix_sizes; $new_filename = $filename.""."".$path_parts[""extension""]; $new_path = $path_parts[""dirname""].""/"".$new_filename; if ( file_exists($new_path) ){ //++++++++++++++++++++++++++++++++++++++++++++++++ while( true ) { $filename = preg_replace( '/-e([0-9]+)$/', '', $filename ); $filename .= ""-e{$suffix}""; $new_filename = ""{$filename}.{$path_parts['extension']}""; $new_path = ""{$path_parts['dirname']}/$new_filename""; if ( file_exists($new_path) ) $suffix++; else break; } //++++++++++++++++++++++++++++++++++++++++++++++++ } //++++++++++++++++++++++++++++++++++++++++++++++++ } }}}" acbaile 3 33287 Prompt the user before leaving during core upgrade Upgrade/Install 4.1.6 normal normal enhancement new 2015-08-06T05:19:32Z 2024-03-12T19:39:16Z Yesterday I was updating a test site (from 4.1.x to 4.2.x) using update-core.php and I accidentally clicked 'back' button during installation, which aborted the update process when it wasn't finished yet. This resulted in breaking the site completely (call to undefined function wp() ). It could have been easily prevented by simple beforeunload prompt. helium-3 2 33295 Login: Remove decoration from translation strings has-patch Login and Registration 2.5 normal normal enhancement new 2015-08-06T19:13:30Z 2021-07-15T18:41:21Z "In recent default themes we've begun to remove decorative icons like arrows and carets from translatable strings and add them through CSS. We should do the same on the login screen. It would also make it easier to customize styling of the page." obenland 3 33306 Only Query for author ID if user is member of blog needs-unit-tests Query 4.3 normal normal enhancement new 2015-08-07T17:45:42Z 2019-06-04T20:51:04Z In WP_Query if a user is part of the multisite install but is not part of the current blog the query is still altered from only finding public posts to finding public posts and those that are private and from that author_id. While this never has an impact on the returned end results, not having private and author ID as a parameter lets MySQL optimize the queries and in the circumstances this has been tested on (large site, lots of posts lots of users) makes them run faster. On a site without multisite installed this will have the same behavior. sboisvert 12 33307 Lack of any hooks for user registration in case of multisite installation AND BuddyPress Login and Registration 4.3 normal normal enhancement new 2015-08-07T22:02:22Z 2019-06-04T20:15:25Z "Hi there, Recently i get quite a few strange registrations so i wanted to implement a captcha to the registration form. I have WP multisite and BP 2.3.2 installed. One of my sites has no BuddyPress and just a normal registration, for this one it was really easy to get what i wanted: with ""signup_extra_fields"" hook i display the captcha and with ""add_signup_meta"" hook i can validate the captcha before any data is saved to the database. But when BP is enabled on a multisite installation, there is simply no hook defined in wpmu_signup_user function found in ms-functions.php. That way it seems to be impossible to validate the the captcha with add_filter before the user is saved WP's ""signup"" table. This way one can not protect against spam registrations. Please consider adding a proper hook in WP 4.3. It is just a short line of code and can not break anything but that way the signup process would become controllable without modification of a core function." summoner 1 33308 Responsive list tables don't handle primary columns that are not the first non-checkbox one General 4.3 normal normal defect (bug) new 2015-08-08T02:11:05Z 2019-06-04T19:50:28Z "In #25408, we introduced the concept of a primary column for list tables, which is where row actions are placed and the column that appears in the small screen responsive view (see #32395). However, due to the way the toggled columns are handled, any non-checkbox columns before the primary one still appear before the primary, which does not look good. See attached screenshot for an example of defining the ""name"" column for users as the primary instead of username." helen 9 33332 Default ACL entries are not set correctly when file is uploaded to WP Filesystem API 4.1.1 normal major Awaiting Review defect (bug) new 2015-08-10T22:21:08Z 2019-02-07T07:30:14Z "Hello there! We are using ACL permissions on our server in order to isolate all websites from each other. Both nginx and php-fpm has it's own users. Actually, each website has it's own php-fpm user. The ACL permissions are set for new files via default permission set: {{{ getfacl -a ./sitename/wp-content/uploads # file: sitename/wp-content/uploads # owner: www-data # group: www-data user::rwx user:nginx:r-x user:fpm-sitename:rwx group::rwx mask::rwx other::--- default:user::rwx default:user:nginx:r-x default:user:fpm-sitename:rwx default:group::rwx default:mask::rwx default:other::--- }}} So, when I manually create a file, the correct ACL permissions will be set for it by the filesystem itself: {{{ $ sudo -u fpm-sitename touch test $ getfacl ./test # file: test # owner: fpm-sitename # group: fpm-sitename user::rw- user:nginx:r-x #effective:r-- user:fpm-sitename:rwx #effective:rw- group::rwx #effective:rw- mask::rw- other::--- }}} And nginx will be able to read and serve it. However, when I upload a file through the WordPress it has no ACL entries at all. I've looked through the code and the following part of the '''_wp_handle_upload()''' seems to be the culprit: {{{ // Set correct file permissions. $stat = stat( dirname( $new_file )); $perms = $stat['mode'] & 0000666; @ chmod( $new_file, $perms ); }}} After commenting it out uploading works like a charm and proper ACL entries are set as expected. We're using Ubuntu Server 14.04.3 LTS. Cheers!" slavafomin 6 33337 WordPress crashes in Chrome when trying to upload images too quickly into Media Library reporter-feedback Media 4.3 normal major defect (bug) new 2015-08-11T10:30:58Z 2019-06-04T20:15:30Z "Steps to reproduce 1) Use Chrome and a wordpress installation with at least few images, the more images, the easier to reproduce. 2) Create new post 3) Click Add Media 4) Whilst the Media Library is loading all of the images, try to drag new images into the window to upload. The result is that Chrome crashes. It seems as though the trying to drag images into the window before the ""Drag to upload"" function is loaded kills it. " tstania 3 33341 WP_Meta_Query IN operator with empty array does not return expected result dev-feedback Query 3.2 normal critical Awaiting Review defect (bug) reopened 2015-08-11T18:32:26Z 2023-10-17T19:18:10Z "When using the `IN` compare mode in a `WP_Meta_Query` where the value is an empty array, this query is evaluated with an unexpected behavior. For example, I have some posts with a meta field called `'some-textfield'`: {{{ $posts = get_posts( array( 'posts_per_page' => -1, 'post_type' => 'post', 'post_status' => 'publish', 'meta_query' => array( array( 'key' => 'some-textfield', 'value' => array(), 'compare' => 'IN', ), ), ) ); }}} This code returns all posts although I would rather expect it to return no posts at all since the value of `'some-textfield'` (whatever it may be) is not ''in'' those provided in the `value` field. I discovered it when I needed to perform a meta query where the value was an array that was returned by a previous operation. It is obviously a minor issue since we can simply check if the array is empty (and in that case do not make the query at all) - but I thought it's not really the expected result of such a query. The solution would be to: * ignore this condition if the `relation` is set to `OR` and there are other conditions available * evaluate this condition to false otherwise (and thus return no results)" flixos90 6 33344 Do not force draggable elements on touch devices, stop using touch-punch.js General normal normal defect (bug) new 2015-08-11T22:07:01Z 2019-06-04T19:50:32Z "Having draggable elements on touch screen devices doesn't work well in most cases. It interferes with the standard scrolling, dragging an element off the page doesn't scroll it either. Examples: Menus, Widgets, Dashboard (rearranging the layout), Customizer => Menus and Widgets, etc. This is especially bad on Android as drag/drop is disabled for iOS in several places. " azaozz 2 33345 Remove blocking API requests for update checks Upgrade/Install normal normal enhancement new 2015-08-11T23:07:13Z 2019-06-05T06:41:24Z "I'm getting pretty fed up with the blocking HTTP requests to `api.wordpress.org` in the admin area. Core, plugin, and theme update checks are all blocking and can happen on any admin screen once the corresponding transient expires. These update checks should be converted to non-blocking requests, with an AJAX listener which polls the corresponding transients and displays the update count in the admin toolbar (and message in the footer) as necessary. The Plugins screen can already be quite slow with a large number of plugins, and the plugin update check slows it down a ton. On the Plugins screen an AJAX listener should poll the corresponding transient and display the available plugin updates inline once it's completed, and toggle the ""Update Available"" tab (and its count) as necessary. The AJAX listener only needs to be triggered if an update check has been triggered at the start of the page load. Visiting the Updates screen would retain current behaviour." johnbillion 1 33362 Email already exist when changing email case Users 4.2.3 normal normal defect (bug) new 2015-08-13T01:58:05Z 2019-06-05T06:41:27Z "When I want to update my email address from 'john@abc.com' to 'John@abc.com', it will complain the email is already exist. Should the comparison be case insensitive when doing the update? " jliman 1 33371 Undefined Indexes for Movable Type and TypePad Importer. westi* reporter-feedback Import normal normal defect (bug) accepted 2015-08-14T08:25:25Z 2019-12-06T05:07:37Z "Display notice in ""Assign Authors"" ( WP_DEBUG = true ) . {{{ Notice: Undefined index: upload_type in movabletype-importer/movabletype-importer.php on line 233 Notice: Undefined index: id in movabletype-importer/movabletype-importer.php on line 248 }}}" mt8.biz 2 33374 Improvements for the messages visible in the plugin manager Plugins normal normal Future Release enhancement new 2015-08-14T15:41:41Z 2017-07-21T00:44:28Z "Hello, WordPress is more and more popular and I think that it is the time to prepare better security-related messages into plugin manager. Outdated plugins are probably the most popular way to compromise websites based on WordPress. That’s why I suggest that in the plugin manager the following messages should appear too: - “This plugin has not been updated for more than 2 years” - some plugins are no longer developed and can contain vulnerabilities which are not managed by the plugin developer - “Security update” - it would be great to provide the plugin authors a possibility to add a message that the current update is a security update. Then users will know that they should update their plugin immediately (Currently I often check every changelog to make sure that I can made an update in weekend). - “No longer in directory” - some plugins were removed from the repository and of course are no longer maintained - it is a similar issue as the first one. Additionally it will help users to detect plugins which was accepted but breaks the WordPress.org rules. Sending e-mails connected with these messages would be also great for administrators. Yes, I know that there are plugins for the above features, but I think that due a big popularity of WordPress and more and more massive attacks which appears sometimes after few hours (!) after disclosure, WordPress should contain better tools which are built-in into the core code. Because a lot of people currently ignore updates or uses very old and vulnerable extensions. In my opinion “security” is a keyword which forces people for the updates." dziudek 6 33388 WP_Theme should use get_file_data() for retrieving page templates SergeyBiryukov has-patch Themes normal normal Future Release defect (bug) reviewing 2015-08-17T08:40:06Z 2022-04-19T05:53:40Z "Currently WP_Theme::get_page_templates() uses a direct regular expression on the result of `get_file_contents()`, it should instead use the `get_file_data()` helper method we have to interact with file header data. Currently switching will result in a back-compat break, as some themes have been using headers such as `<?php // Template Name: Something ?>` as the header, which get_file_data() doesn't like - See #33387 See r21117 for where we previously did use it temporarily during the 3.4 cycle, but broke due to #33387" dd32 10 33389 posts contains png images via XMLRPC error response XML-RPC 4.2 normal normal defect (bug) new 2015-08-17T08:41:39Z 2019-06-05T06:41:29Z "file: wp-includes/class-wp-image-editor.php line: $result = call_user_func_array( $function, $arguments ); [[Image(http://ww3.sinaimg.cn/large/6dd29ac7jw1ev5p7avr0wj20ne0g9adk.jpg)]] [[Image(http://ww1.sinaimg.cn/large/6dd29ac7jw1ev5p91135lj20m30d0wh7.jpg)]] string(8) ""imagepng"" array(2) { [0]=> resource(167) of type (gd) [1]=> NULL } php function imagepng: filename The path to save the file to. If not set or NULL, the raw image stream will be outputted directly. [[Image(http://ww3.sinaimg.cn/large/6dd29ac7jw1ev5p500okij20aa06wwf9.jpg)]]" zhizuzhefu 4 33405 "Pagination - use of helip / ""..."" not logic in some cases" has-patch Themes 4.2.4 lowest trivial enhancement new 2015-08-18T16:40:31Z 2019-06-04T21:27:45Z "Hi there, I believe there is some improvement potential in the logic of the pagination. The ""..."" indicator does not really serve its purpose, in case you have it only hiding one page link - see attached screenshot. Would propose to change the function generating the pagination to only use it in case it at least covers 2 page links." th23 3 33425 XML-RPC missing options on wp.getOptions reporter-feedback XML-RPC 4.3 normal normal Awaiting Review defect (bug) new 2015-08-19T08:35:27Z 2017-04-14T13:41:05Z "Why the list of options available here https://github.com/WordPress/WordPress/blob/ce557062f4123d8513378cf415b4e8b612c33ccc/wp-includes/class-wp-xmlrpc-server.php#L383 doesn’t match this https://codex.wordpress.org/Option_Reference For example default_category or blog_public fields are not available on XML-RPC." SergioEstevao 8 33461 Allow filtering of meta_value in exporter Export normal normal enhancement new 2015-08-20T08:46:22Z 2020-07-02T15:50:40Z "Hi, There are some filters in the exporter code that allow developers to modify the exported XML data according to their needs. One filter that is missing is the ability to filter the {{{ meta_value }}} field. This can be very helpful ie. to filter out urls or any other data that's being stored there. I'm attaching a patch to be applied to the core. " newkind 1 33466 wpautop breaks multi-line textarea content miqrogroove Formatting normal normal defect (bug) assigned 2015-08-20T14:52:54Z 2019-06-04T19:50:49Z "Applying wpautop() breaks multi-line content of textarea element because it replaces each newline with `<br />`. A textarea can't have HTML in its content. You can reproduce the problem with the following code: {{{ $text = '<textarea name=""test""> Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.</textarea>'; echo wpautop( $text ); }}} " takayukister 9 33468 Add image caption hook SergeyBiryukov dev-feedback Media normal normal Future Release enhancement reviewing 2015-08-20T17:05:05Z 2020-03-04T22:34:29Z "There is currently no proper way to hook into image captions. Image captions are stored into the excerpt of attachments posts but when the caption is retrieved it doesn't go threw any specific filter. I think it would be nice to have a `add_filter ( 'image_caption', 'your_filter' );` or something similar. This was already discussed here : [https://wordpress.org/ideas/topic/add-image-caption-hook#post-28710] Captions are used by multiple themes and plugins. They are fully supported and showed in twenty-fifteen so I think we should be able to properly hook/filter them. " guillaumemolter 7 33469 Customizer Menus: Restore active menu to a location after selecting and unsetting another menu dev-feedback Customize 4.3 normal normal Awaiting Review enhancement new 2015-08-20T18:40:47Z 2021-05-23T17:52:53Z "When a location is specified for a menu and another menu is assigned to that location in the Customizer, the first menu is removed even if the new settings aren't saved. 1. Assign a menu to a location in the customizer. Click ""Save & Publish"". 1. Assign a different menu to that location, but do not save. 1. Uncheck the location from the second menu. Expected: The previously selected menu for that location should be restored. Actual: The location now has no menu assigned to it." morganestes 5 33472 Templating Engine Themes 4.4 normal normal Awaiting Review feature request new 2015-08-20T21:01:36Z 2021-04-28T18:13:54Z "Templating engines are being used everywhere, not just in other languages, but nearly all other PHP frameworks and CMS's that are actively maintained. Even Drupal 8 will be rolling out [https://www.drupal.org/theme-guide/8/twig Twig integration]. I wasn't able to find an actual discussion about this on Trac, so I definitely wanted to open the discussion. Should WordPress integrate a templating engine? The benefits are obvious: * Automatic escaping. No more escaping all the things every single time. * Easier to read. This is sometimes down to personal opinion, but I and many others do find templating engines much easier to read than PHP templates * Better separation of logic from templates. This isn't a guarantee, and depends on how strict the templating engine is, but it does help reinforce this. Cons: * More to learn. I don't know '''how much''' more, but it is something to take into account * Speed? I haven't looked up benchmarks lately, but another thing to potentially keep in mind * Backwards compatibility. However this could be mitigated if plugins/themes had the option to use straight PHP or the templating engine. There are many options available, Smarty isn't widely used anymore, but there is (http://twig.sensiolabs.org/ Twig) which is probably the most adopted, and (http://laravel.com/docs/5.1/blade Blade) has become rather popular." KalenJohnson 20 33473 "Shortcodes + Widgets + Nav Menus. Unified ""component"" API (aka Content Blocks)" Widgets normal normal Future Release feature request new 2015-08-20T21:53:57Z 2018-03-26T16:53:02Z "Looking ahead and seeing that Shortcake is getting a lot of support, I've noticed that shortcodes and widgets are beginning to look fundamentally the same. They are both view components that express some sort of input fields for dynamic ""instance"" data. So I'm wondering what the general feeling would be toward a unified ""Component"" API. Lets say you're a designer implementing a theme and you have a stylized block for displaying an author. At times you might want to express that in a sidebar, and other times you might want to use it inline in page content. The HTML output is fundamentally the same, and differences only deal with where the input data is coming from (shortcode attrs vs. widget data) and minor presentational differences based on context. This could be very simply expressed as a single class or function pattern that does the work of registering the shortcode and widget under the hood for you. A client or someone downloading a theme often won't know that they want a component to work inside a sidebar or inside the content until they realize it isn't available. The benefit of a unified API is that you double the usable components you have to work with. There are great developers making widget bundles and other great developers making shortcodes, but not many doing both. All this to say, it's actually pretty straightforward to implement a class version of this API that handles registering both types of object for you. I have a working version of this in a plugin already. I'm just curious if anyone else thinks this is a problem worth pursuing. Thoughts? Aside: You could make a case that template parts aren't all that different from shortcodes and widgets and might also benefit from input fields (customizer anyone?), at which point you'd have a component that could truly go anywhere." brentjett@… 25 33492 Slightly better add_filter General 4.4 normal normal enhancement new 2015-08-21T17:10:33Z 2019-06-04T19:50:54Z "I want to suggest a small change for `add_filter`, adding a new parameter to explicitly define the `$idx` used. {{{ #!php <?php function add_filter( $tag, $function_to_add, $priority = 10, $accepted_args = 1, $idx = null ) { global $wp_filter, $merged_filters; if($idx === null) $idx = _wp_filter_build_unique_id($tag, $function_to_add, $priority); $wp_filter[$tag][$priority][$idx] = array('function' => $function_to_add, 'accepted_args' => $accepted_args); unset( $merged_filters[ $tag ] ); return true; } }}} I've just made `$idx` explicit and for obvious retrocompatibility reasons this have to be at the end. Why we should do this small change? Well, this will help a lot and will enable a full use of anonymous functions: {{{ #!php add_action('init', function(){ /* some code */ }, 10, 0, 'plugin_domain'); add_action('the_title', function($t){ return $t; }, 10, 0, 'plugin_domain'); }}} Please notice that I've used the domain name as the `$idx`, therefore we can: {{{ #!php remove_action('init', 'plugin_domain'); }}} It would be easier and more efficient if we all follow the convention of set `$idx = $domain_name`, hence if anyone want to remove a specific hook introduced by some plugin, doesn't need to read the code to know it. Also, if we use anonymous functions instead of named, the namespace pollution will decrease by a lot and performance should increase (it doesn't even have to calculate the `$idx`). It will also enable the override of specific hook. Today we need to remove the hook we want to override and add another one, because we cannot redifine a named function. However, with this change all we have to do is: {{{#!php add_action('init', function(){ /* new code */ }, 10, 0, 'plugin_to_override'); }}} A syntactical sugar will be great: {{{#!php function new_add_action($hook, $idx, $callback, $priority = 10, $args_count = 1) { return add_filter($hook, $callback, $priority, $args_count, $idx); } }}} I don't know what the name should be yet, but introducing it is a good compromise between retrocompatibility and good API; in years the first version should be deprecated... Something like that. All in all, a really small change can simplify a good amount of things. I don't really know if this is the correct way to propose this change, but I still haven't found the equivalent of git's pull request on SVN, sorry for that `^^""`" Iazel 4 33498 get_home_path does not stripslashes $_SERVER['SCRIPT_FILENAME'] before using it needs-unit-tests General 4.3 normal normal defect (bug) new 2015-08-21T20:41:38Z 2019-06-04T19:50:58Z "Hello WordPress support, I'm running WordPress on Windows through Webmatrix and IIS Express 8.5 and FastCGI. This function has a bug that appears only on windows due to its different path formatting and causes the web.config to not be writable on PHP 5.5 (error from` DOMDocument::load`). WordPress runs `addslashes` on all `$_SERVER`/`$_GET`/`$_POST` variables which places a burden to remember to stripslashes before using any variable from it. The `get_home_path()` function does not do this before using `$_SERVER['SCRIPT_FILENAME']`. This doesn't cause a problem on Linux because the path format is not modified by `addslashes`, so it works by coincidence. But on Windows, this causes the path to have double slashes (example: `C:\\inetpub\\wordpress`). Then it is passed to trailingslashit which gives a weird result: `C:\\inetpub\\wordpress\` (apologies, trac is messing up the slashes) Now, PHP on windows is very tolerant of such paths, but some APIs such as `DOMDocument::load` (test on PHP 5.5) returns an error and logs that it wasn't able to open the file. This is used by WordPress to save the web.config file when it detects IIS. I have attached a patch that fixes this against WordPress 4.3, but I have seen this in 4.2 as well (didn't test with older)." handsomejack201 2 33521 manage_${post_type}_posts_columns parameters shifted reporter-feedback Taxonomy 4.3 normal minor defect (bug) new 2015-08-23T21:28:05Z 2019-06-04T21:16:27Z "Hello, manage_${post_type}_posts_columns requires three parameters, however, as shown in the link below, it only uses 2. https://core.trac.wordpress.org/browser/tags/4.2.2/src/wp-admin/includes/class-wp-posts-list-table.php#L978 The paremeters are also shifted. The example below shows the var dump outputs in render_column_with_bug(): {{{ <?php class Example_Class { public function __construct() { add_action( 'admin_init', array( $this, 'init_columns') ); } public function init_columns() { $supported_post_types = array( 'posts' => 'posts', 'pages' => 'pages', 'category' => 'edit-category', 'post_tag' => 'edit-post_tag', ); foreach ( $supported_post_types as $slug => $type ) { add_action( ""manage_{$type}_columns"", array( $this, 'add_column'), 10, 1 ); // Add 3rd parameter because of bug add_action( ""manage_{$slug}_custom_column"", array( $this, 'render_column_with_bug'), 10, 3 ); } } // Add new column name here public function add_column( $columns ) { $columns = array_merge( array( 'my_column_name' => 'column_slug', ), $columns ); return $columns; } // Output column contents here here public function render_column_with_bug( $column, $post_id, $tax_id = '' ) { $status = ''; var_dump ( $column ); /* Outputs: column name on posts/pages Outputs: empty string on taxonomies */ var_dump ( $post_id ); /* Outputs: post id posts/pages Outputs: column name taxonomies */ var_dump ( $tax_id ); /* Outputs: empty string on posts/pages Outputs: taxonomy id on taxonomies */ if ( $column == 'my_column_name' ) $status = $this->post_status(); echo $status; } // Output column contents here here public function render_column_bug_fixed( $column, $post_id, $tax_id = '' ) { $status = ''; $type = get_post_type( $post_id ); if ( !empty ( $tax_id ) && ! $type ) { $column = $post_id; $screen = get_current_screen(); $type = $screen->id; } if ( $column == 'my_column_name' ) $status = $this->post_status(); echo $status; } public function post_status() { // render output } } new Example_Class(); }}}" Cybr 9 33542 User preferences API idea dev-feedback Users normal normal Future Release feature request new 2015-08-25T15:39:53Z 2017-02-05T22:49:03Z "When setting up a new site, many site Settings seem at first like user preferences even though they aren't. For sites with 1 user blogging out to the world, this makes sense, but for more robust installations a single set of site settings does not satisfy all users. I'd like to propose a user preferences API be invented. This API would consist of a series of functions that connect usermeta to site & network options, and when invoked, will traverse the user/site/network hierarchy and use the first available setting. Something like: {{{ $language = wp_get_user_preference( $user_id, 'WPLANG' ); }}} Imagine then, that `wp_get_user_preference()` would first look in `wp_usermeta`, then in `wp_options` and then in `wp_sitemeta` if multisite. This is obviously a fuzzy example, and there are less obvious caveats (like what to do when usermeta keys do not match option keys, etc...) which can all be conditionally addressed as we poke holes in the idea. ---- Here are a few settings that could be candidates, taken from their verbiage in various administration screens: General * Timezone * Date format * Time format * Start of week * Language Writing * Formatting * Default Post Category * Default Post Format Reading * Blog pages show at most * Syndication feeds show the most recent Discussion * Default article settings * Email me whenever * Avatar Display" johnjamesjacoby 5 33551 Settings API: Filter sections and fields before displaying them obenland needs-docs Options, Meta APIs 2.7 normal normal enhancement assigned 2015-08-26T06:08:48Z 2019-11-27T18:26:09Z "Once a section or settings field was added, there is currently no good way to remove it or change the order they are displayed in. It would be good to add filters in `do_settings_section()` and `do_settings_fields()` to allow for that to happen. We could also think about providing convenience functions to use in a callback to those filters, along the lines of `remove_option_whitelist()`." obenland 4 33553 Bug with Linebreak before figcaption, fixed and then revert to make a fix elsewhere Formatting 4.2 normal normal defect (bug) new 2015-08-26T10:56:24Z 2019-06-04T19:51:03Z "A linebreak is inserted before <figcation> in the WYSIWYG editor on edit pages. A fix for #25646 was applied in commit 1842c2b on 13 Mar 2104 - Change set was [27527]. This was then reverted to make a fix for #29219 but the dev then caused the original bug to reappear. The commit is 6b84df3 on 16 Jan 2015 - Change set [31186]. A fix for the orignal bug is now needed again." hughie.molloy 33561 get_transient() will always return the value of a broken transient needs-unit-tests Options, Meta APIs 4.3 normal normal defect (bug) new 2015-08-26T17:48:47Z 2019-06-04T20:51:26Z "In 4.2: 1. Create the transient 2. Delete its timeout 3. Call get_transient() FALSE is returned In 4.3: 1. Create the transient 2. Delete its timeout 3. Call get_transient() the value of a broken transient gets returned indefinitely See: [33110] and #30380 Note that a transient can get broken for a number of reasons and not necessary through intentionally deleting its timeout. " deconf 7 33563 Multiple Calls to export_wp() Causes Error has-patch Export 4.3 normal normal Future Release defect (bug) new 2015-08-26T20:06:18Z 2020-11-19T12:02:26Z "The ""export_wp"" function in ""wp-admin/includes/export.php"" makes use of inner functions that cause a ""previously declared"" error when this function is called more than once. These inner functions should be declared outside of the ""export_wp"" function or guarded by, for example, if(!function_exists('wxr_cdata')){} I am trying to make use of this function to perform multiple exports per script execution as part of a MU user management system. <feature request> It would also be help to have the option of saving the export to a function parameter by reference rather than the screen. </feature request>" drzaphod 4 33566 Keyboard shortcuts for all functionality of Dashboard + Admin Menu while in read mode Administration 4.3 normal normal Future Release enhancement reopened 2015-08-26T21:52:34Z 2022-12-07T13:50:13Z "I'm constantly hitting cmd+s (or meta+s) in the appearance file editor. I'm also constantly looking for a short cut to preview or publish a post. Aside from the accessibility assistance, I think an addition like this would make WordPress very ""Power User"" friendly. I know the meta+s command works in the post/page editor but the interaction is so subtle, I'd to do it a few times before I saw the ""Draft saved..."" comment at the bottom. I had a notion that something like meta-key + down arrow might overlay a set of keyboard instructions. Things like ""cmd/ctrl + s = Save Draft, cmd/ctrl + shift + L = Preview Post, cmd/ctrl + p = Publish Post/Page"" etc. Obviously, this needs work. Is this something in the pipeline? If not is this something I can propose?" tady 11 33571 Improvements for plugin upgrades when disk space runs out (or other write failure) francina Upgrade/Install normal normal Awaiting Review defect (bug) assigned 2015-08-27T14:55:52Z 2022-11-15T17:46:52Z "Problem: here's a support issue I see all the time: * User sees a plugin update available, and attempts to update. * The user runs out of disk space (or hosting account quota) half-way though, causing the recursive copy (of the unzipped new plugin into wp-content/plugins/(slug) to fail half-way through... * ... leaving a directory in wp-content/plugins/(slug) that's only half-populated * If the file with the plugin header was not one of the files that got copied in (i.e. the abort happens before reaching that file), then the plugin no longer shows in the ""Plugins"" page in the dashboard. * Problem: user can't de-install the plugin from their dashboard - but attempts to re-install also fail, as the directory wp-content/plugins/(slug) already exists, which WP will complain about. Unless the user has a high level of skills, at this point he is stumped, and raises a support request - usually with the plugin supplier. I'm not sure of the exact conditions for this, as I can see in wp-admin/includes/class-wp-upgrader.php that the destination is cleared first, which in theory should create enough space for copying over the new version. However, the new version could be bigger than the old. I've also seen this inconsistent state left when the copy fails for no obvious cause (succeeds on a second attempt, after clearing out the inconsistent state). To be clear: the real problem is that the update process is not sufficiently atomic. It's too easy for the filesystem to be left in an inconsistent state where the user can neither remove, nor re-install, their plugin without resorting to either FTP or expert skills (e.g. a file manager plugin). Basically, each time we make a new release of UpdraftPlus ( https://wordpress.org/plugins/updraftplus, 500,000 installed users ), I estimate we're likely to handle this support request half-a-dozen times. Multiply that by all the plugin downloads in the WP directory, and all the releases made in a year, and you can get a good picture of how many man-hours could be saved by finding a resolution for this. Possible solutions? a) One cunning/quick work-around would be if the code that copies the new plugin in could always attempt to *begin* with the file that has the plugin header. This way, it maximises the chances of that file being copied before any abort, meaning that the user will be able to see, and delete, the plugin from their 'Plugins' page, should an abort happen. b) Instead of copying directly into wp-content/plugins/(slug), do something more atomic, e.g. use a temporary name - e.g. wp-content/plugins/.(slug).(random-or-special-string), and rename when done. The dashboard ""Plugins"" page could also be trained to recognise this pattern, so that if any such exist, it will hide the ""Activate"" link, and only allow the user to delete (so that they can fix their problem and re-install the plugin). Thoughts? I'd love to not have to see this support request so many times #25576 is sort-of related, in that it deals with checking disk space for core upgrades; but in my anecdotal view, I see the issue more times related to web hosting account quota, which there's no easy way to know from PHP, rather than disk space which can be easily checked with disk_free_space()." DavidAnderson 8 33573 Use the site icon introduced in 4.3 for the My Sites page has-patch Administration 4.3 low normal Future Release enhancement new 2015-08-27T17:27:32Z 2019-05-08T22:01:42Z Now that site icons are available in core, we should be able to use them on the network sites/my sites list. morganestes 13 33574 Add ability to scroll through long toolbar menu items morganestes Toolbar 4.4 normal normal Awaiting Review enhancement assigned 2015-08-27T17:45:49Z 2022-06-24T11:55:06Z "Related to #15317, when a toolbar menu has many items, it cuts off at the window height. We should make long menus in the toolbar (like the New... menu) scrollable by default to enhance UX." morganestes 3 33585 Improve wp_list_categories to support multiple taxonomies Taxonomy 2.3 normal normal Awaiting Review enhancement new 2015-08-28T09:43:16Z 2020-06-04T10:31:18Z "Hi folks, I was working on a plugin feature request and from what I see it's not possible to pass an array on the `taxonomy` param from `wp_list_categories`, which prevents multiple taxonomies to be fetched at once. I wanted to know if I can work on this ""enhancement"" for version 4.4, should be an easy modification since `get_terms` is an easy replacement for `get_categories`." bordoni 3 33589 Using the customizer on wp-login.php (and similar) Customize 4.3 normal normal Future Release defect (bug) new 2015-08-28T15:16:45Z 2021-05-23T17:58:43Z "See related: https://core.trac.wordpress.org/ticket/28650#comment:19 I've been attempting to write a plugin to customize the `wp-login.php` page using the native customizer controls. So far it seems to work fine except that `postMessage` settings/controls do not update. I'm not sure why it doesn't work, as it appears that all of the customizer code is loading (maybe it isn't?), but something is getting messed up at runtime. The `refresh` setting works fine however. Any ideas as to what might be going on? Is this something that I can help get pushed into core? Since `wp-login.php` is sometimes a vital part of some sites, it makes sense that it should be available to edit in the customizer. I'm no expert but it seems that this may just be a missing hook that needs to be added to the `wp-login.php` file?" daronspence 21 33593 Make shortcodes case insensitive dev-feedback Shortcodes normal normal feature request new 2015-08-29T00:10:16Z 2019-06-04T21:16:46Z "Right now, shortcodes are case sensitive. For example, `[thanks]Guy Incognito[/thanks]` works but `[Thanks]Guy Incognito[/Thanks]` doesn't. For me, as a developer, it makes sense. For my writers, who have complained about `[Thanks]` and the like not working, it doesn't. http://wordpress.stackexchange.com/questions/102375/are-shortcodes-case-sensitive shows that shortcodes are indeed case sensitive. But why? Why wouldn't the regex have the `i` modifier and become insensitive for the shortcode name itself (I'm not talking about shortcode parameters, just the name)?" archon810 2 33600 Add `theme_mods_{$stylesheet}` option during `populate_options()` has-patch Themes normal normal Future Release enhancement new 2015-08-29T20:04:59Z 2018-04-17T17:27:01Z "After `switch_theme()`, a `theme_mods_{$stylesheet}` option is created if one doesn't exist to avoid extra database queries (if I understand #14828 correctly). No similar option is currently created during installation, so a fresh install can includes those queries if the default theme looks for the mods before the option is added. The attached patch would add the option during `populate_options()`. I included a unit test, although I'm not sure where the best location for it would be." dlh 2 33602 is_active_sidebar returns true when widget has been deactivated reporter-feedback Widgets 4.3 normal normal defect (bug) assigned 2015-08-30T03:10:32Z 2019-06-05T06:41:30Z "When I activate a plugin (in this case Ultimate Social Media and Share icons) Add the widget to my sidebar area Deactivate the plugin The widget is no longer visible in the sidebar BUT is_active_sidebar still returns true" karlikdesign 4 33627 In-Context Comment Moderation Comments normal normal Future Release enhancement new 2015-08-31T17:24:33Z 2021-01-27T19:20:14Z "One of the more painful points in the comment moderation UX revolves around knowing whether or not a comment is in context. Right now, WordPress says who a person was replying to and offers a link to the frontend of that comment on replies to a comment. However, it can be quite tedious to go view the original comments a bunch of people were replying to to see if the reply was in-context. An easy fix for this would be to offer a ""Show context"" link next to the ""replying to {name} link on replies, that when clicked, would ajax show the comment the pending comment was originally replying to. " chriscct7 22 33629 Post excerpts have become WAY too long after updating to WP 4.3, please fix. has-patch Formatting 4.3 normal normal defect (bug) new 2015-08-31T19:08:30Z 2019-06-04T19:51:08Z "I believe this is a bug in the new WP release. After updating, all my websites are in chaos because the post excerpts have become way too long and most themes were not designed to handle it. I'm not the only one to notice this: [https://wordpress.org/support/topic/excerpts-become-full-of-content?replies=14] One user said ""WP 4.3 seemed to have changed trunctation from '''characters to words'''."" Here's an example of my website before 4.3: [[Image(http://i.imgur.com/gUrUhYZ.jpg)]] and now after 4.3: [[Image(http://i.imgur.com/II5l12g.jpg)]]" MarineKingAizen 9 33640 Unable to add menu items to menus on Ubuntu droplet reporter-feedback Menus 4.3 normal normal defect (bug) new 2015-09-01T00:21:47Z 2019-06-04T20:15:46Z "This is a follow-up to #26047. Although the bug has been reportedly closed, I am posting a bug report because there hasn't been an response in the support forums. This has caused my site to not be public due to the lack of a menu an the inability to add one. My support forum post: >I tried a local installation of WordPress 4.3 on my Windows XAMPP server where everything ran smoothly. I tried adding a custom menu using the default twentyfifteen theme and it worked flawlessly. > >I then followed nearly identical steps on my DigitalOcean Ubuntu droplet running PHP and MySQL and setup everything the same. But now I am not able to add anything to the custom menu. Every time I add anything (page/post/category/custom link) the message under Menu Structure changes from >{{{Add menu items from the column on the left.}}} >to >{{{Drag each item into the order you prefer. Click the arrow on the right of the item to reveal additional configuration options.}}} > >I couldn't find any help online except a reference to a bug that was fixed in 3.8 #26047.. I can't understand why the same install works on my Windows XAMPP but not on the Ubuntu. This menu thing has been the only bug I have seen and have clean installed WordPress nearly 10 times. I have tried repeated clean installs of Wordpress with and without any plugins." znromonk 1 33704 Reduce reliance on wp_is_mobile() has-patch General 3.4 normal normal Future Release enhancement assigned 2015-09-03T09:29:47Z 2023-09-18T17:49:09Z "User agent sniffing is bad. `wp_is_mobile()` isn't very reliable. In core it's actually used to detect if the device is a touch device (so that, among other things, elements that normally appear on hover are shown persistently and JavaScript for touch functionality is loaded). We should audit the use of `wp_is_mobile()` in core to see if replacing it in favour of client-side feature detection is possible. If so, `wp_is_mobile()` should be deprecated. Reported bugs with `wp_is_mobile()`: #24541, #21667, #24252. History: #20014" johnbillion 26 33713 Customizer: allowing to set files other than image for Header background and background image Media 4.3 normal major Future Release defect (bug) new 2015-09-03T18:11:48Z 2021-05-23T18:04:08Z "When we set header background image or background image from customizer settings, media upload should not allow to upload files other than image. We can set files other than image, and it shows broken in preview " umesh.nevase 7 33714 Add custom post types to the 'At a Glance' widget needs-docs Posts, Post Types 3.8 low normal enhancement new 2015-09-03T20:48:57Z 2019-06-04T21:03:54Z "This patch introduces a new argument to the `register_post_type()` function which will list a custom post type in the 'At a Glance' widget. A few notes: - For backwards compatibility reasons the new argument is set to false by default. - If no menu_icon argument is set, then it will default to `dashicons-marker`. This is the same behaviour as previous. - I've added menu_icon arguments to the core post/page post_types. I'm not sure if this has any negative implications. - Removed a small chunk of unnecessary CSS where the dashicons were hardcoded into the styling rather than using the existing `.dashicons` classes. (Related #27414) - `wp_dashboard_quota()` was slightly refactored due to the removal of some of the CSS." paulwilde 11 33717 Send Notification Email When a Comment is Approved From Moderation has-patch Comments normal normal Future Release enhancement assigned 2015-09-04T00:43:09Z 2021-05-13T20:02:21Z Currently in WordPress, commenters have no idea their comment is approved unless they visit the page often. When a comment is held for moderation, WordPress should send the commenter an email notification when their comment is approved. I'm using the [http://wptavern.com/an-easy-way-to-notify-users-when-their-comment-is-approved Comment Approved] plugin to add this functionality to WordPress but I really think it should be a core feature. jeffr0 77 33728 Rewrite endpoints cannot be added to custom taxonomies with public rewrites johnbillion needs-unit-tests Rewrite Rules 4.4 normal normal Future Release defect (bug) reviewing 2015-09-04T14:37:20Z 2018-01-23T22:07:25Z "Take the following scenario: 1. A plugin registers a custom taxonomy that is public and has pretty rewrite rules enabled: {{{ function genre_taxonomy() { $tag_args = array( 'label' => 'Genre', 'public' => true, 'rewrite' => array( 'slug' => 'genre' ), ); register_taxonomy( 'genre', array( 'post' ), $tag_args ); } add_action( 'init', 'genre_taxonomy', 5 ); }}} 2. A second plugin registers a rewrite endpoint that is added to all URLs on the site: {{{ function ajax_endpoint() { add_rewrite_endpoint( 'ajax', EP_ALL ); } add_action( 'init', 'ajax_endpoint' ); }}} `EP_ALL` means ""add this to all pages"", which should logically include all custom taxonomies. This however, is not the case. Works: - site.com/ajax/1 - site.com/tag/blug/ajax/1 - site.com/blog/hello-world/ajax/1 - site.com/2015/05/01/ajax/1 - all other standard rewrites Fails: - site.com/genre/rock/ajax/1 It fails because custom taxonomies do not get included in `EP_ALL` unless they are explicitly included. If we look at `register_taxonomy()`, we see this is done intentionally: {{{ if ( false !== $args['rewrite'] && ( is_admin() || '' != get_option( 'permalink_structure' ) ) ) { $args['rewrite'] = wp_parse_args( $args['rewrite'], array( 'with_front' => true, 'hierarchical' => false, 'ep_mask' => EP_NONE, ) ); if ( empty( $args['rewrite']['slug'] ) ) $args['rewrite']['slug'] = sanitize_title_with_dashes( $taxonomy ); if ( $args['hierarchical'] && $args['rewrite']['hierarchical'] ) $tag = '(.+?)'; else $tag = '([^/]+)'; add_rewrite_tag( ""%$taxonomy%"", $tag, $args['query_var'] ? ""{$args['query_var']}="" : ""taxonomy=$taxonomy&term="" ); add_permastruct( $taxonomy, ""{$args['rewrite']['slug']}/%$taxonomy%"", $args['rewrite'] ); } }}} In my opinion, '''this is fundamentally wrong'''. If a rewrite endpoint is added with `EP_ALL`, it should actually be registerred on '''all''' rewrites, not just some. Let's see another example to help illustrate that this is wrong. 1. A plugin (such as WooCommerce) registers a custom taxonomy with public rewrites called ""Product Category"". With this taxonomy, the following rewrite is available: `site.com/products/product-category/mugs` 2. A second plugin (such as AffiliateWP) registers a rewrite endpoint with `EP_ALL` to permit the following: - site.com/ref/1 - site.com/page-name/ref/1 - site.com/2015/01/01/ref/1 - site.com/category/news/ref/1 - etc, etc - AND - site.com/products/product-name/ref/1 (works) - site.com/products/product-category/mugs/ref/1 (fails) The rewrite endpoint works fine on custom post type rewrites '''but not taxonomy rewrites'''. There are two ways for rewrite endpoints to work on the custom taxonomy: 1. Have the taxonomy include `'ep_mask' => 'EP_ALL'` (or similar) when it is registered. This requires that the plugin that registers the taxonomy to include this, which very, very, very few do as it is not necessary for pretty permalinks to work. 2. Manually add rewrite rules for the endpoints to all custom taxonomies: {{{ $taxonomies = get_taxonomies( array( 'public' => true, '_builtin' => false ), 'objects' ); foreach( $taxonomies as $tax_id => $tax ) { add_rewrite_rule( $tax->rewrite['slug'] . '/(.+?)/ref(/(.*))?/?$', 'index.php?' . $tax_id . '=$matches[1]&ref=$matches[3]', 'top'); } }}} While manually adding the rewrite rules does work, '''it should not be necessary''' when `add_rewrite_endpoint( 'ref', EP_ALL );` should be sufficient. I propose that `EP_TAXONOMY` be introduced, as suggested in #21050, and that `EP_TAXONOMY` be included in `EP_ALL`. Related #19275" mordauk 10 33735 Reduce Duplication and Improve Comment Notification Email Functions SergeyBiryukov needs-unit-tests Comments low normal Future Release enhancement reviewing 2015-09-04T22:55:04Z 2021-01-27T19:20:55Z "Had touched on this in #33587. wp_notify_postauthor and wp_notify_moderator have some duplicative code that could be eliminated and simplified. The functions for notification also lack a filter similar to the one for displaying the comment text. Proposing the function to show the comment in text form in the notification be separated out into its own function with a filter, and the default text be improved somewhat. " dshanske 31 33740 Create a new API to standardize application tracing reporter-feedback Bootstrap/Load 4.4 normal normal feature request new 2015-09-05T13:10:31Z 2019-06-04T19:32:32Z "Having read #30934 and #28319, I think it's best if I raise a new requirement. My proposal isn't about logging, it's related to problem determination tracing; the ability to dynamically activate trace logic to help someone to track down a problem. I have been using my own solution ( a plugin called oik-bwtrace ) for a while now. There are two dormant APIs that I need to make available at all times, even when tracing is not activated. Since these functions are currently not available by default I've had to be careful where I use them. To circumvent the problem of trying to use an API which doesn't exist, many of my plugins have dependencies on a base plugin which supplies the dormant APIs. Life would be a lot simpler if WordPress came with a set of dormant functions which I can rely on to exist. This proposal is for two trace APIs. It could easily be extended to support logging. The dormant APIs have the same basic structure {{{ function dormant_api( easy to use parameters ) { global $api_set_active; if ( $api_set_active ) { lazy_api( easy to use parameters ); } } }}} In this example $api_set_active is just a boolean. It's set to true when the API logic is activated, false otherwise. To cater for different levels of tracing ( or logging ) we can either implement the test in the dormant API, or pass it to the lazy_api(). This solution is different from 'pluggable'. The dormant APIs need to exist, from very early on. The lazy APIs are provided by implementing plugins and should be implemented as pluggable. The two APIs I really do need are currently called bw_trace2() and bw_backtrace(). I've attached the latest version of my shared library file that defines these APIs and the constants they use. Assuming that these APIs will be required to trace WordPress core logic I feel that they need to have been defined early on in wp-settings.php I therefore propose a new file called dormant.php which can, if the developer so wishes, be included in wp-config.php but would otherwise be loaded in wp-settings.php before load.php. Note: It's the implementing plugin's responsibility to know when it's safe to do things. In my implementation of a hook for the 'all' action I've used multiple strategies which involve loading my APIs in wp-config.php before wp-settings.php, using a Must-Use plugin to be able to record most hooks, but requiring a custom db.php to be able to capture everything. I can't do it before db.php since add_action()'s not available until then. " bobbingwide 5 33741 Remove references to my-hacks.php and the hack_file option jorbin has-patch Plugins 4.3 normal normal Awaiting Review enhancement reopened 2015-09-05T15:01:22Z 2017-08-03T14:18:52Z "According to the documentation https://codex.wordpress.org/Hacking_WordPress my-hacks.php was deprecated in v1.5 and removed in v2.8 So the code in wp_get_active_and_valid_plugins() is no longer necessary and can be deleted along with mentions of my-hacks and hack_file anywhere else in the code. " bobbingwide 27 33743 Theme location x Menu location has-patch Menus normal normal Future Release defect (bug) new 2015-09-05T19:50:56Z 2023-07-01T21:42:29Z "We are using ""Theme Location"" and ""Theme locations"" in admin menu page (and also many help text sentences). But Customizer uses ""Menu locations"" and ""Menu Locations"". I am not sure what is better, but it should be same." pavelevap 4 33759 An admin changing an email/password should not generate a notification Users 4.3 normal normal defect (bug) new 2015-09-07T05:01:06Z 2019-06-05T06:41:35Z "Branched off from #33504 as requested. In 4.3, email notifications are now sent to a user whenever their email or password is changed. The reasoning behind the was solely from a security perspective: ''so if someone hijacks your browser session and changes these items, you’ll be notified that it happened, and you can take action.'' If the person changing the email/password is an admin, this notification does not provide any security benefits or useful information - all is done is mislead/confuse the user. It does not provide security benefits because an admin has full control of the site and rights to do whatever they want - they could delete every user account on the site and create their own if they wanted to. It is misleading/confusing because the notification implies this should only be happening if they changed the information themselves: ''If you did not change your password, please contact the Site Administrator''. A common use-case where an admin is changing the password of a user occurs after a WordPress import - you are prompted to change all imported users' passwords. Other than editing site code to add filters, you can no longer do so without everyone getting an email they won't understand - even if you are setting their passwords to same as their originals. For these reasons, I suggest altering the code to not send these notifications if the change of email/password was instigated by someone with admin rights." smerriman 3 33768 Include image_meta in wp_prepare_attachment_for_js response for images needs-unit-tests Media 4.4 normal normal enhancement new 2015-09-07T16:35:22Z 2019-06-04T20:15:56Z "Currently seems odd that the image_meta array isn't returned in the response from wp_prepare_attachment_for_js for an image. The function already calls get_attachment_metadata so the image_meta array is readily available. The meta key is already declared in the response array. All other mime types populate the meta value in the response array in a similar fashion as my proposal. I can't see any downside or overhead, and the function becomes much more powerful, particulaly for gallery implenmenations, as a result. The addition is just three lines (in wp-includes/media.php #L2835 of current version)." SteveHoneyNZ 4 33773 Media, Featured Images: The media modal doesn't remember filter settings in the context of featured images Media 4.3 normal normal enhancement new 2015-09-07T21:46:15Z 2024-01-28T09:18:20Z "https://make.wordpress.org/flow/2015/09/07/media-featured-images-setting-the-featured-image-on-an-old-post-macnchrome/ A thread on #23205 discusses featured image flow through the media modal. There are requests that the filter in the media modal remember the “uploaded to this post” filter setting independently for the featured image flow. Considerations: * “Uploaded to this post” requires that the image be attached to a post. Images uploaded through the media modal from the editor are attached to the post, but images uploaded directly to the media library are not attached and don’t get attached later when added to a post. We could use some API for pulling images out of post content, like we do with some other media types. See related discussions on #23041 ""Images Don't Become Attached When Inserting a Gallery"" and #32622 ""Make the text of the Image delete AYS dialog clearer"". * If no images are attached to the post, the filter should be set to show all images. " ryan 1 33785 cannot login when someone got similar login but with polish special chars Login and Registration 4.3 normal normal defect (bug) new 2015-09-09T07:04:55Z 2019-06-04T20:16:04Z "hello i see issue that.. i have user with login Mały and user with login maly both got nicename maly cannot login to Mały after i changed in database login to szudarski started working properly also cannot then use login with email with additional plugin. greetings Pawel " nook86 33821 redirect_canonical does not consider port in $compare_original needs-unit-tests Canonical 2.3 normal normal Future Release defect (bug) new 2015-09-11T03:18:16Z 2019-09-23T21:12:34Z "In the `wp-includes/canonical.php` file the `$requested_url` is built starting at line 64. It combines `is_ssl()` for protocol, `$_SERVER['HTTP_HOST']`, and `$_SERVER['REQUEST_URI']` - but it does not consider `$_SERVER['SERVER_PORT']` This causes a redirect loop for us because we run HTTPS on port 8443. I suggest checking to see if a port other than 80 or 443 is being used and adding that as part of the comparison - suggested patch attached." willshouse 7 33832 Add admin email column to list table on wp-admin/network/sites.php Networks and Sites 4.3 normal normal defect (bug) new 2015-09-11T15:56:31Z 2019-06-04T20:51:32Z "The list table on `wp-admin/network/sites.php` currently shows for every site * the site's URL * the date when the site was last updated * the date when the site was created * the number of users. It would be nice to have another column which contains the email address of the administrator which is stored in the `admin_email` option. That way, the network administrator(s) could see at a glance the email addresses of the people responsible for the single websites." thomaswm 2 33833 Quick/Bulk Edit are not visually consistent Quick/Bulk Edit normal normal Future Release enhancement reopened 2015-09-11T16:41:56Z 2020-02-10T17:48:44Z "Quick/Bulk Edit are not visually consistent between uses (posts vs. comments, for example), and have typography treatment that we don't really use elsewhere in the admin, like all-caps and italic labels. It really hasn't changed much in quite some time. This needs some considered design treatment. Screenshots attached below." helen 13 33834 wpautop treats html comments as content General 4.3 normal normal defect (bug) new 2015-09-11T16:44:57Z 2019-06-04T19:51:17Z "This php code: {{{ $str = '<div>My div1</div><!-- comment --><div>My div2</div>'; echo $str.'<br/>'.wpautop($str); }}} Produces this output as seen in the page source: {{{ <div>My div1</div><!-- comment --><div>My div2</div><br/><div>My div1</div> <p><!-- comment --> <div>My div2</div> }}} I.e. unbalanced {{{ <p> }}} and wrong layout. " opajaap 3 33837 We should avoid Superglobals when possible wonderboymusic dev-feedback General normal normal enhancement assigned 2015-09-11T19:53:44Z 2019-06-04T19:51:22Z "We can probably add some helper functions that complete common tasks around Superglobal access Examples of accessing here: https://codeclimate.com/github/WordPress/WordPress/wp-admin/edit-comments.php Something like `wp_verify_action( $action )` could replace the many instances of things like: `isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['action']` Without having to architect something like `Symfony/HttpFoundation`, we can make accessing them more rare." wonderboymusic 24 33840 wpautop damages inline script Formatting 4.3 normal normal defect (bug) new 2015-09-12T10:54:20Z 2019-06-04T19:51:27Z "This code: {{{ $str = ' <script type=""text/javascript""> alert( \'<div style=""float:right; margin-right:6px;"" >Edit</div><div style=""float:right; margin-right:6px;"" >Delete</div>\' ); </script>'; echo $str; echo '<br/>'; echo wpautop($str); }}} results in this output as seen in the page source: {{{ <script type=""text/javascript""> alert( '<div style=""float:right; margin-right:6px;"" >Edit</div><div style=""float:right; margin-right:6px;"" >Delete</div>' ); </script><br/><p><script type=""text/javascript""> alert( ' <div style=""float:right; margin-right:6px;"" >Edit</div> <div style=""float:right; margin-right:6px;"" >Delete</div> <p>' ); </script></p> }}} The wpautop filter adds {{{<p>}}} twice and {{{</p>}}} once; adds linebreaks and hence a js error: SyntaxError: unterminated string literal To my opinion, wpautop should NEVER change a byte between {{{<script>}}} and {{{</script>}}}; neither should the script tag be wrapped in a p tag. Wrapping the code in a {{{[CDATA[ ]]}}} block makes no difference. This behaviour is noticed for years and is still present at version 4.4-alpha-34061" opajaap 1 33841 WP_Dropdown_Categories: Parent Category Optgroups Taxonomy 4.4 normal normal enhancement new 2015-09-12T11:14:02Z 2019-06-04T21:16:50Z "On a number of occasions I've structured a hierarchical taxonomy with parent > child categories, but have only wanted to be able to select the child categories. An example of this is country > county, or manufacturer > model. The best way to do this is to set the parent category as an optgroup. wp_dropdown_categories() doesn't handle this through the Walker_CategoryDropdown class. I would like a new option for the wp_dropdown_categories() function arguments to enable this, for example: parent_optgroup = true (default, false) This could either trigger a flow change in the walker class, or the use of an extended class. I'm currently using an override to the walker argument to the function - the codex doesn't advertise this is available, but works: {{{ $args = array( .... 'hierarchical' => 1, 'taxonomy' => $taxonomy, 'walker' => new Walker_CategoryDropdown_Optgroup ); wp_dropdown_categories( $args ); }}} {{{ /** * Parent level optgroup walker extension */ class Walker_CategoryDropdown_Optgroup extends Walker_CategoryDropdown { var $optgroup = false; function start_el( &$output, $category, $depth = 0, $args = array(), $id = 0 ) { $pad = str_repeat(' ', $depth * 3); $cat_name = apply_filters('list_cats', $category->name, $category); // set parent optgroup if (0 == $depth) { $this->optgroup = true; $output .= '<optgroup class=""level-$depth"" label=""' . $cat_name . '"" >'; } else { $this->optgroup = false; $output .= '<option class=""level-' . $depth. '"" value=""' . $category->term_id . '""'; if ( $category->term_id == $args['selected'] ) { $output .= ' selected=""selected""'; } $output .= '>' . $pad.$cat_name; if ( $args['show_count'] ) { $output .= ' ('. $category->count .')'; } $output .= ""</option>""; } } function end_el( &$output, $object, $depth = 0, $args = array() ) { if ( 0 == $depth && true == $this->optgroup ) { $output .= '</optgroup>'; } } } }}} This sets the parent term (depth 0) as an optgroup, and all child elements are left as standard select options. " tifosi 1 33884 Move meta functions to their own files Options, Meta APIs 4.4 normal normal enhancement new 2015-09-15T17:51:10Z 2019-06-04T20:51:37Z "All the meta functions should be in their own file. Like this. post-meta.php comment-meta.php user-meta.php Related tickets: #10142 #28290" spacedmonkey 1 33896 Gallery linking to Attachment page Media normal normal defect (bug) new 2015-09-16T13:52:16Z 2019-06-04T20:16:05Z "I have received some user reports recently, that they are using internal WordPress gallery (which was improved) and there is some strange problem. - Create new post - Create new gallery with existing images from Media library (do not upload new images). - Link gallery to Attachment page. - See post on website, click on first image in gallery. - You will see links to next/previous image, but not related to user created gallery. Instead of created gallery you can see all images attached (uploaded) to some other post. Users do not understand that this is how it works (gallery shortcode x attachments uploaded to post), they are only asking what is wrong. Maybe we should disable possibility to link to Attachment page when all images from gallery are not uploaded to current post?" pavelevap 2 33909 The `home` option not equivalent to the WP_HOME constant value in multisite and single instance dev-feedback Upgrade/Install 3.0 normal normal Awaiting Review defect (bug) new 2015-09-17T07:41:18Z 2022-12-03T19:16:01Z "Hi, for this issue, I'm running a multisite instance with custom WordPress and wp-content directory paths where I set the constants '''WP_SITEURL''' and '''WP_HOME''' values as follow: * WP_HOME: http://mydomain.com/ * WP_SITEURL: http://mydomain.com/cms (where WordPress is installed) All the process during the installation is working perfectly and the multisite instance is installed as expected...except when you click on the admin toolbar button '''Visit site''' for example. Here is the issue, the site URL is set as '''http://mydomain.com/cms''' where it should be '''http://mydomain.com'''. This issue is becoming a user experience issue because both URLs with and without the '''cms''' URI are working. But all anchor tags href attribute have the wrong value. When looking at the database '''wp_options''' table, we can see that both '''home''' and '''siteurl''' options have a value of '''http://mydomain.com/cms''' which should only be '''siteurl''' with this value. I'm filling this issue mainly for multisite because the anchor tags used to visit the site have the wrong value but note that even for single WordPress installation, the options values are wrong in the '''wp_options''' table. Both have the same value where only the '''siteurl''' should get '''cms''' URI in this example. But when you're on a single instance all anchor tags href attributes have the correct URL in order to visit the site where in multisite they are wrong. So there are 2 things to look at here probably: * First why the '''wp_options''' values are not equal to the set constants '''WP_HOME''' and '''WP_SITEURL'''? * Second, why in a single instance URLs are correct (even if values in the database are wrong) and not on multisite? Best regards" jlambe 12 33915 Add a filter in dynamic_sidebar() function to modify sidebar index needs-unit-tests Widgets 4.3 normal normal enhancement new 2015-09-17T15:04:28Z 2019-06-05T06:41:40Z Changing sidebars depending on the page/post/etc loaded through a plugin. Nothing too complex, just no way to do it. There is a filter dynamic_sidebar_params but that isn't called until later on in the function after the widgets have been collected for that sidebar. fahidjavid 7 33924 sanitize_html_class valid characters dev-feedback Formatting 4.4 normal normal Future Release defect (bug) new 2015-09-18T16:39:10Z 2022-09-20T23:57:53Z "`sanitize_html_class` excludes some increasingly common valid html characters. In particular the `@` character. The use of `@` may not be extremely common for class names but it is being encouraged by some pretty renowned folks in the area of class naming conventions. http://csswizardry.com/2015/08/bemit-taking-the-bem-naming-convention-a-step-further/#responsive-suffixes Actually pretty much anything is now valid for html classes except for spaces or tabs. I also use the `/` quite a bit in my classes but I thought I'd start with the `@` ." m-e-h 15 33929 Wrong data type for several variables holding a wpdb query result boonebgorges needs-unit-tests General normal normal defect (bug) assigned 2015-09-19T16:27:25Z 2019-06-04T19:51:38Z "Just like in #32876, there are several situations where the result of `$wpdb->get_var()` is used as is (which is a `string`), and yet data type is said to be `int`. The individual situations include `apply_filters()` calls, function return values, and class properties, i.e., only ''non-local'' usage. Please find the attached patch that takes care of that. In one case I also adapted two conditionals using a former-`string/null`-now-`int`-value." tfrommen 6 33931 Complex simplification and standardisation of all the list and quick edit screens Quick/Bulk Edit 4.4 normal normal enhancement new 2015-09-19T20:55:34Z 2019-06-04T21:16:59Z "As every function (posts, media, taxonomy, insert media popups) of wordpress came in different time, it looks differently, it must be operated differently, it is much more difficult to maintain and develop, it use different actions and filters for generaly the same thing ... I have walked through the all this pages, created wireframes and point out the differences and similarities. And i have came up with the IMO very simple solution, that would standardise all these screens, so they coul all share the same code and they will have all the functions, but in the same time they will be cleaner and easier to use, the same function will be on the same place and will be named the same, and it could higly reuse most of the code. And what's more, it ads some new interesting possibilities, e.g. mass edit. Please download the enclosed PDF with wireframes - there are the commented current pages at the begining, the last pages are then my new proposal. I think that now is the perfect time to do it, as there are plans for adding meta to taxonomies for the WP 4.4 and this my approach would IMO save a lot of effort and use it for bigger good. " thomask 4 33932 Filters for Plugin/Theme Update Email Notifications ocean90 needs-unit-tests Upgrade/Install 3.7 normal normal enhancement reviewing 2015-09-20T04:51:05Z 2019-06-05T06:41:41Z "I've had several requests to enable core update emails, but disable emails for plugins/themes. If this idea is approved, '''I would love to be the one to tackle this''' as I have yet to contribute to core. Goal is to keep `send_core_update_notification_email` intact, but allow filters for both plugin/theme background update notifications. Apparent use-case is a user wants core emails, but not plugin/theme emails. One filter rules them all currently from what I can see in the code-base. Example use-case in the wild: https://wordpress.org/support/topic/for-on-the-wishlist?replies=8" ronalfy 31 33936 Alignment issue in dashboard update count reporter-feedback General normal normal Awaiting Review defect (bug) new 2015-09-20T12:05:10Z 2019-06-19T08:12:11Z "There is a small margin issue in dashboard update count.[[Image(http://s2.postimg.org/noqs824vt/alignment_issue_dashboard_update_count.png)]] " PranaliPatel 3 33940 Double spaces in term names can cause problems XML-RPC normal normal Awaiting Review defect (bug) assigned 2015-09-20T22:56:04Z 2019-08-15T06:46:02Z "Create a tag called 'test term'. Use XML-RPC to create a post with a tag of: {{{ test term }}} (two spaces). You'll get an error thrown, with the post not created: {{{ A term with the name already exists in this taxonomy }}} This appears to be due to the `_insert_post` function in XML-RPC using `get_term_by( 'name', $term_name, $taxonomy );`, which is returning false - thus it tries to create the term as new, and fails. Most other aspects of WP seem to filter the term name to strip double spaces first - is that what is necessary here? Or could the issue affect more than just XML-RPC?" smerriman 3 33955 get_posts() menu args filter has-patch Menus normal normal enhancement new 2015-09-22T06:37:14Z 2019-06-04T20:16:11Z "Before I get menu items by get_posts() I can't filter args (Example: I want ignore item of menu for not logged users) {{{ add_filter( 'wp_get_nav_menu_items_args', 'wp_get_nav_menu_items_args', 10, 3 ); function wp_get_nav_menu_items_args( $args, $menu, $items ) { if ( ! is_user_logged_in()) { if (( $key = array_search( 2778, $items ) ) !== false) { unset( $items[$key] ); } $args['include'] = implode( ',', $items ); } return $args; } }}}" sebastian.pisula 4 33959 Improve wp_get_attachment_thumb_file needs-unit-tests Media 4.4 normal normal enhancement new 2015-09-22T08:28:27Z 2019-06-04T20:16:19Z "Since we can retrieve an image thumbnail url it will be nice if we can get the path of this thumbnail too. Here is a patch allowing this. And improvements for the first parameter allowing it to be a WP_Post object. " Rahe 6 33963 New function: `upload_url()` reporter-feedback Upload normal normal Awaiting Review enhancement new 2015-09-22T12:32:57Z 2019-05-15T21:20:24Z Retrieve the url to the uploads directory. sebastian.pisula 7 33967 MS Sites: content of the users column should be by choice, number is not too informative dev-feedback Networks and Sites 4.3 normal normal enhancement assigned 2015-09-22T13:43:11Z 2019-06-04T20:51:42Z "I sadly noticed, that on network admin -> sites, the users column only shows numbers now. It looks nicer with the less data, but on the other hand we used that information. I ask, it is possible to make it choosable, or at least, list the users in the excerpt listing mode? Why I ask this: We have a multisite install with many blogs and open registration. Because of that we sometimes have spam blogs. We frequently delete those spam blogs with its user(s), but now it's more complicated, because we don't see the email (user) at first. We have to open it on a new window (by clicking on the number of users). That slows down the process. And in some cases, just from the registered user (email) we saw if it was a spam blog or not." katazina 26 33972 static use of PHPMailer class results in stale state between calls to wp_mail() Mail 4.3 normal normal defect (bug) new 2015-09-23T09:57:09Z 2019-06-04T20:16:28Z "I've just been chasing down a problem since upgrading to WordPress 4.3 with mails sent via wp_mail() being sent with: Content-Transfer-Encoding: quoted-printable Auto switching to quoted-printable was added in the PHPMailer class which was upgraded in 4.3. The issue is that the internal state in $phpmailer is not properly cleared between calls to wp_mail(). There is an attempt to do this via: // Empty out the values that may be set $phpmailer->ClearAllRecipients(); $phpmailer->ClearAttachments(); $phpmailer->ClearCustomHeaders(); $phpmailer->ClearReplyTos(); But non of these methods reset the value of $this->Encoding. So if I make two calls to wp_mail() and the first one gets switched to quoted-printable the second one will be sent as quoted-printable even if it doesn't need to be. Would it not be better to just create a new instance of PHPMailer for each invocation of wp_mail() and let the constructor take care of it? " codebuddy 3 33975 Improve capabilities management when registering custom taxonomy needs-unit-tests Taxonomy normal normal enhancement new 2015-09-23T12:02:12Z 2019-06-04T21:17:04Z "Currently we have such caps when using `register_taxonomy()` [https://codex.wordpress.org/Function_Reference/register_taxonomy#Arguments codex]: {{{ 'manage_terms' - 'manage_categories' 'edit_terms' - 'manage_categories' 'delete_terms' - 'manage_categories' 'assign_terms' - 'edit_posts' }}} IMO, setting `manage_terms` to false block access to page (cheating message), setting `edit_terms` to false displays this message: ""You are not allowed to edit this item."", which is very odd. Editing means editing, So I should not be able to use Quick Edit and Edit links (they should be hidden). Also, I propose to add a `create_terms` capability maping - for displaying the add term form and giving ability to create them, separately from editing/deleting. Related: #22511" slaFFik 4 33977 set_transient('settings_errors', get_settings_errors(), 30); and multi user @ wp-admin/options.php Options, Meta APIs 4.3.1 normal normal defect (bug) new 2015-09-23T13:37:52Z 2019-06-04T20:51:48Z " {{{ #!div style=""font-size: 80%"" Code highlighting: {{{#!php /** * Handle settings errors and return to options page */ // If no settings errors were registered add a general 'updated' message. if ( !count( get_settings_errors() ) ) add_settings_error('general', 'settings_updated', __('Settings saved.'), 'updated'); set_transient('settings_errors', get_settings_errors(), 30); /** * Redirect back to the settings page that was submitted */ $goback = add_query_arg( 'settings-updated', 'true', wp_get_referer() ); wp_redirect( $goback ); exit; }}} }}} I see the code above in wp-admin/options.php since the key 'settings_errors' is not binding to a user, Is there a chance than one user's error message may be shown on another user's page?" coldwinds 1 33993 Add Links for additional props on about.php after updating. Help/About normal normal Awaiting Review enhancement new 2015-09-24T16:19:33Z 2021-10-25T20:28:16Z "Upon updating WordPress, a user is presented with the ""Welcome to WordPress X.X"" or the about.php page that has tabs that also link to the credits.php page and the freedoms.php page. I recently started following development in Slack. Reading new tickets, watching committed tickets and I've been really amazed by all of the hard work that goes into the project. I've been sucked into reading trac tickets and comments and looking at the various patches etc and I'm NOT a coder. I do however run the monthly meetup in my city and I do my best to teach from the middle and share what I learn and what features developers need to be made aware of. That said, the average person isn't following along in Slack and they have no idea how many tickets have been impacted in a release, how many lines of code were added, how many were deleted, how many new files were created for organization... I propose that the about.php add an addition tab that has a ""Project Progress"" tab that will then link to the https://core.trac.wordpress.org/ticketgraph showing how many tickets were recently closed and how many are still outstanding. How many lines of code were actually impacted by being added and deleted, etc. A lot of times I tell my Meetup attendees that there was ""a ton of things done under the hood"" that made the code base better/faster/etc. But having numbers I think would help people really get a feel for the progress that is made during a release. I'd also think it would be neat if trac can give up the info on the ticket that was oldest that was closed during the release. Just today I saw something that was 6 years old that was closed. That is pretty cool to see, and a few days ago I saw something that was submitted and then committed all within 2 hours it seemed like. What is the fastest ticket closed. Some of those stats would be nice to see ESPECIALLY on releases that don't have a whizbang feature plugin being merged into them. PS - Thanks to everyone who works tirelessly to make the project better." scotthack 7 34009 Need ability to query what post_type_supports values plugins and themes might use Posts, Post Types 4.4 normal normal Awaiting Review enhancement new 2015-09-25T10:11:30Z 2017-07-01T10:43:48Z "A number of plugins and themes define their own values to pass to add_post_type_support(). e.g. Jetpack's `publicize`, and the Genesis theme framework's values prefixed with `genesis-`. I have a post type UI where I allow the user to decide which feature a post type supports. The current API does not allow me to find the full set of possible values. `$_wp_post_type_features` only lets me find out what's currently registered. I propose a new API `get_all_post_type_supports_features()` that invokes a filter `post_type_supports` to allow plugins and themes to return a complete list of post type supports values, along with user friendly labels. Currently my routine returns the set I can get from `$_wp_post_type_features` and my filter function augments it with additional options. {{{ array ( 'publicize' => ""Publicize with Jetpack"" 'home' => ""Display in blog home page"" 'genesis-layouts' => ""Genesis layouts"" ... ) }}} WordPress core would respond to the `post_type_supports` filter with: title, editor, author, etcetera " bobbingwide 2 34028 wp_safe_redirect can return admin_url() when get_admin_url() is used aaroncampbell needs-unit-tests General normal normal defect (bug) reopened 2015-09-25T20:47:48Z 2019-06-04T19:51:49Z "Setup your site like this: WordPress Address (URL): http://yourdomain.tld/ (without www) Site Address (URL): http://www.yourdomain.tld/ (with www) Example code (yes I know it's stupid code, but it's a working proof-of-concept): {{{ <?php function unsafe_safe_redirect() { $pagenow = empty( $GLOBALS['pagenow'] ) ? false : $GLOBALS['pagenow']; if ( empty( $pagenow ) || 'post-new.php' != $pagenow ) return; // Redirect for add new screen if ( 'post-new.php' == $pagenow ) { wp_safe_redirect( get_admin_url() . 'plugins.php' ); die(); } } add_action( 'admin_init', 'unsafe_safe_redirect' ); }}} Visit: http://yourdomain.tld/wp-admin/post-new.php It will redirect you to: http://yourdomain.tld/wp-admin/ But it should have redirected you to: http://yourdomain.tld/wp-admin/plugins.php The problem is that wp_validate_redirect() uses home_url() which can be different from site_url() which is used by get_admin_url(). I propose that we use both in wp_validate_redirect(). Diff attached." layotte 5 34039 shortcode_parse_atts() no longer parses embedded html fragments Formatting 4.3.1 normal normal defect (bug) new 2015-09-27T03:38:25Z 2019-06-04T19:51:55Z "I have a shortcode: [show_custom_field field=""image_media"" before=""<img src='"" after=""'>""] Previously, shortcode_parse_atts() would accept the attribute: before=""<img src='"" But, now shortcode_parse_atts() rejects any attributes that have unclosed HTML elements. I have almost three years invested (10K lines of code) in this plugin and I really would like to keep it functional. That being said it is also true that I am no longer actively developing it and it has only 30 users. " Magenta Cuda 34041 Tying nonces to sessions breaks when users are switched Security 4.3 normal major Future Release defect (bug) new 2015-09-27T10:09:00Z 2019-06-04T18:12:27Z "Because of the way we have tied nonces to session tokens they are broken if you write code that follows the following pattern: * Code switches user using wp_set_current_user * Code generates a nonce * ...time happens * Nonce is verified for the switched user. The underlying issue is that while we are switched to the different user we still generate nonces using the session token from the current logged in users cookie. This is because wp_get_session_token only checks the cookie and either gives you back a token for the cookie or an empty string. This also means if you are authenticating by an alternative method and not setting cookies - say OAuth Authorization headers - then your nonces don't get session tokens in them at all." westi 5 34052 Plugin-Install/Update Sections dev-feedback Plugins 4.3.1 normal normal Awaiting Review defect (bug) new 2015-09-28T08:16:47Z 2023-05-13T19:05:15Z "Hey WP-Community, I've found out that some plugins producing ""Cannot use object of type stdClass as array"" fatal errors when there is an update-notification and one clicks on the ""View version x.x.x details"" link. After the plugin information window pops up WordPress is not able to read the sections. In most cases this is caused by external plugins, I guess. However I was confisued to see that WordPress is doing a type casting already but not everywhere needed. Everything starts in the file [https://core.trac.wordpress.org/browser/tags/4.3.1/src/wp-admin/includes/plugin-install.php#L395 wp-admin/includes/plugin-install.php on line 395]. In this line the parameter ""sections"" from $api object is casted as an array. However a line later it's assumed that the parameter is an array already. Here is the code snippet: {{{ foreach ( (array) $api->sections as $section_name => $content ) { $api->sections[$section_name] = wp_kses( $content, $plugins_allowedtags ); } }}} The same problem appears on [https://core.trac.wordpress.org/browser/tags/4.3.1/src/wp-admin/includes/plugin-install.php#L408 line 408]. Wouldn't it be better to cast the parameter before everything happends? This would also avoid to type-cast the same parameter over and over again, see attached patchfile. {{{ $api->sections = (array) $api->sections; }}}" floriansimeth 2 34053 HTTP API (Curl backend) inappropriately sends Content-Length header on POST requests made through a proxy server CONNECT HTTP API 4.3.1 normal normal defect (bug) new 2015-09-28T08:47:00Z 2019-06-04T19:51:56Z "When WordPress is configured to communicate with the outside world through a HTTP proxy server, using {{{ define('WP_PROXY_HOST', 'some-proxy-server'); define('WP_PROXY_PORT', '3128'); }}} in '''wp-config.php''', HTTP POST requests that are over HTTPS, and pass through the proxy server, get a Content-Length header inserted in the CONNECT request, instead of in the headers of the POST request made inside the HTTPS tunnel. On certain proxy servers configured to parse requests strictly, they will reject this outer CONNECT request with a HTTP 400 Bad Request, as the Content-Length header should not be there(?) Here is an HTTP POST request and response, going via a HTTPS CONNECT request (in this case a request for Google's Recaptcha through the Contact Form 7 plugin) behind a BlueCoat proxy server configured with tolerant-request-parsing off: {{{ CONNECT www.google.com:443 HTTP/1.1 Host: www.google.com:443 User-Agent: WordPress/4.3.1; https://staging.testvalley.hants.sch.uk Proxy-Connection: Keep-Alive Accept-Encoding: deflate;q=1.0, compress;q=0.5, gzip;q=0.5 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 1052 HTTP/1.1 400 Bad Request Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Proxy-Connection: close Connection: close Content-Length: 513 invalid_request: Your request could not be processed. Request could not be handled }}} To demonstrate this is not a plugin issue, a similar request (a check for core updates by clicking 'Check again' on the Updates page in WP-Admin) that is also affected: {{{ CONNECT api.wordpress.org:443 HTTP/1.1 Host: api.wordpress.org:443 User-Agent: WordPress/4.3.1; https://staging.testvalley.hants.sch.uk Proxy-Connection: Keep-Alive Accept-Encoding: deflate;q=1.0, compress;q=0.5, gzip;q=0.5 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 193 HTTP/1.1 400 Bad Request Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Proxy-Connection: close Connection: close Content-Length: 513 invalid_request: Your request could not be processed. Request could not be handled }}} HTTP (not HTTPS) requests, including POST, proceed fine through the proxy. HTTPS GET requests also work correctly. This seems to be an issue that derives from where '''includes/class-http.php''' injects the Content-Length header before dispatching the request to the chosen HTTP backend. This header injection does not cause issues with a HTTP POST request, but in the case of an HTTPS POST request going through the proxy, the Content-Length header ends up in the HTTPS CONNECT request to the proxy, rather than the actual request to the server that is wrapped inside the established tunnel. Commenting out lines 273 and 274 of '''includes/class-http.php''' causes the above two requests to succeed. " petertvs 4 34055 the_taxonomies lacks a filter has-patch Taxonomy 2.5 normal normal enhancement new 2015-09-28T10:13:40Z 2023-05-15T14:35:15Z "The template tag ""the_taxonomies"" displays all taxonomies terms attached to a post. However plugins can use taxonomies for internal purposes and not every taxonomy terms are meant to be displayed." Chouby 6 34058 Proposal: wp_get_archives_object() function has-patch General 4.3.1 normal normal Future Release feature request new 2015-09-28T16:10:27Z 2021-07-05T06:25:38Z "I'm currently working on building a personal site using the WP REST API, and one of the features I want to introduce is an equivalent to the archives widget on the front-end. Unfortunately, this isn't so straight forward given that I have no quick means of accessing an object representing the current archives. The existing function `wp_get_archives()` will return lots of lovely HTML - which I can use out of the box perfectly well - but this is useless given that I want full control of the data to manipulate/parse/sort as well as having something that is more suitable for output via JSON in the API. I propose that a new function called `wp_get_archives_object()` be added to give developers immediate access to the archives object for general use without having to get their hands dirty. As a compromise, perhaps add an additional parameter to `wp_get_archives()` that when set to `true` simply returns the object?" anonymized_13665966 12 34064 Filter the file type error message Filesystem API normal normal enhancement new 2015-09-28T20:42:56Z 2021-06-03T14:54:59Z "When uploading a file type that is not permitted, the error `Sorry, this file type is not permitted for security reasons.` is returned. By adding a filter, a plugin/site admin can add a customized message. An example use case: A plugin that allows a front-end post submission system that allow file add-ons. By filtering the response, the author/admin can give more detailed specifications including allowable file types, if desired. Example function of the filter in psudocode: {{{ add_filter( 'upload_filetype_error', 'bk_test_error' ); function bk_test_error() { $allowed = get_allowed_mime_types(); $message = ""This type of file is not allowed! Please use one of the following: "" . implode( ', ', array_keys( $allowed ) ); return $message; } }}} " kraftbj 1 34083 Feed for post type should link to post type archive if available stevenkword dev-feedback Feeds normal normal Future Release enhancement assigned 2015-09-29T20:50:33Z 2017-03-17T19:16:03Z "This post type feed: https://yoast.com/dev-blog/feed/ has {{{ <link>https://yoast.com</link> }}} Even though that particular post type has a post type archive. IMHO, it should link to the post type archive `https://yoast.com/dev-blog/`. " joostdevalk 7 34088 Add delay to admin menu arrow's disappearance has-patch Administration 4.3.1 normal normal Awaiting Review defect (bug) new 2015-09-29T23:11:19Z 2022-11-16T11:25:44Z "Currently if you hover over an item in the admin's left sidebar, the submenu will show after a few hundred milliseconds. The arrow/triangle next to the submenu will appear at the exact same time. However, on leaving the hover state, the arrow disappears right away while the submenu will stay around for a few hundred milliseconds and then disappear. I would assume this is because the arrow is bound to the menu item, and not the submenu. Not really sure what the solution would be to this, but I see it as a bug in code that's improves UX. [[Image(https://cldup.com/oDl-qIUYxW.gif)]]" pathartl 12 34093 New filter: `get_calendar_post_type` in get_calendar() needs-unit-tests Widgets normal normal enhancement new 2015-09-30T06:19:27Z 2023-05-17T05:47:36Z Filter for post type in calendar. If I want show posts from others post type sebastian.pisula 7 34106 Comments should have real permalinks Comments normal normal defect (bug) new 2015-10-01T04:41:21Z 2019-06-04T19:32:37Z "The closest think we have to comment permalinks are links like this: `example.com/my-post/comment-page-3/#comment-123` This is very fragile: * comment-page-x is sometimes optional, as when oldest comments are displayed first, and `my-post/comments-page-1/` is the same as `my-post/` * If you change the number of comments per page, the link is no longer correct * URL fragments (the stuff after `#`) are client-side only. Remember hashbangs? https://www.w3.org/blog/2011/05/hash-uris/ * Pagination URLs are ugly and should not be used for canonical purposes I propose something along the following lines: * `example.com/comment/123` rewrites to `example.com/?comment_id=123` * `WP_Query` will translate `comment_id` into the proper values for `p` and `cpage` * `redirect_canonical()` will send you to `example.com/my-post/comment-page-3/#comment-123` Comment pagination settings can change at any time, and permalinks will continue to work." boonebgorges 9 34110 WordPress Trackback Bug when Comment Pagination is Enabled needs-unit-tests Comments normal normal defect (bug) new 2015-10-01T11:40:36Z 2019-06-04T19:32:40Z "Hi, I just find a comment bug with wordpress which I think is there for a ling site, may be since v2.7+ but never actually fixed. '''Bug Details/ Reproduce process''' Inside your theme while fetching your comments after {{{ have_comments() }}} try to fetch comments only by using {{{ wp_list_comments( array( ""type"" => ""comment"") ) }}} and then below check if trackback exists and if they do print the trackbacks separately using {{{ wp_list_comments( array( ""type"" => ""pings"") ) }}} Now add a bunch of comments on any of your blog post which also have some trackbacks. Add more than 60 - 70 comments on that post. and from settings enable comment pagination option. So that comments get divided into several comment pages. If you are thinking this is never going to happen in real life, let me tell you I have blog posts which has more than 2.500 comments in it and none of them are spam comments. Now, after you enable the comment pagination, visit your blog page link i.e. example.com/some-post/ and you will see the trackbacks below your comments as it should show up now start navigation through your comment pagination, you will see the following - Trackback is showing on the normal blog post link Trackbacks also showing for /comment-page-1/ But when you will move further from comment page 1 you will only see the heading i.e. Trackback or whatever you have set, but not the actual trackbacks. This problem is also present in genesis theme, earlier I though it was a genesis bug but while developing a non genesis wordpress there I understood that it is actually a wordpress core bug." isaumya 13 34112 Library broken after import XML Import normal normal defect (bug) new 2015-10-01T12:15:55Z 2019-06-04T20:16:44Z "Hello, after exporting an XML file to a blog and after import this XML in a empty Wordpress installation (to a new URL), the result is often a broken Library: it's missing thumbs, as you can see here: http://s1380.photobucket.com/user/New254/media/wp-track--library-broken-01_zpskslxbc7t.jpg.html But if I clic on empty thumb, the media is ok and appear also on the website. As you can see here, after clicking empty thumb, the media is here: http://i1380.photobucket.com/albums/ah198/New254/wp-track--library-broken-02_zpsdos6akx8.jpg After many days of research and try tips found on the forums, plugin tests... I finally found the ultimate plugin that repair the problem: https://wordpress.org/plugins/fix-my-posts/ The subject is vast on the Internet if you search ""wordpress broken library after moving"" or ""wordpress plugin repair library""... so i think that there is a problem in the core of WordPress, missing a function ""regenerate library"" or ""repair library"". " Newzic 1 34116 "Rethink default install content like ""Sample Page"", etc." dev-feedback General normal normal Awaiting Review enhancement new 2015-10-01T14:30:09Z 2021-04-10T11:17:18Z "New installs of WordPress come built in with ""Sample Page"", a default blog post, and a built in comment. I would like to propose that we rethink this content. In its current state, all it means is that any site owner needs to make some changes to their website, including either trashing or changing the sample page, editing the information in it and the sample blog post, and deleting the sample content. IMO, there are a variety of steps I'd prefer to take, but I'll rank a few in terms of what I think have few consequences to options that may be more of a difficult sell. 1. Change the name of Sample page to ""About"". Nearly every website has an about page. It's a much better option in my opinion. It's even the recommendation of the current sample page. 2. Delete the sample comment on Hello World altogether. People get web comments, this just has to be trashed on all new installs. 3. Change the status of ""Hello World"" to draft. It's not ready to publish, so let's not make it published. 4. Change ""uncategorized"" to ""general"" or something that's not so awful. (I know this has been discussed elsewhere a good bit but I'd be sad to not mention it) Currently the sample content is used as a defacto new user walkthrough. I would rather see proper new user onboarding, personally. But even if that's a step too far, I'd like to make some of these changes to the default content. Numbers 1 and 2 feel particularly doable to me, and 3 and 4 would be really nice additions." krogsgard 13 34118 Allow permalinks to spell out when certain symbols are used Permalinks normal normal enhancement new 2015-10-01T16:37:15Z 2019-06-04T20:51:58Z "Someone just pasted this link to me in IRC: http://www.rawstory.com/2015/10/alabama-to-stop-issuing-drivers-licenses-in-counties-with-75-black-registered-voters/ whereas a more accurate URL would be: http://www.rawstory.com/2015/10/alabama-to-stop-issuing-drivers-licenses-in-counties-with-75-percent-black-registered-voters/ Give the propensity of people to skim read things online, this would be very useful." mattlee 4 34128 Tests_Feed_RSS2::test_channel fails when WP_TESTS_TITLE contains an apostrophe needs-unit-tests Feeds normal normal defect (bug) new 2015-10-02T14:12:16Z 2019-06-04T19:52:26Z "If the site configuration contains an apostrophe in the site title, the test_channel unit fails. {{{ 1) Tests_Feed_RSS2::test_channel Failed asserting that two strings are equal. --- Expected +++ Actual @@ @@ -'Rob's Test Blog' +'Rob's Test Blog' }}} The happens with either of the following configurations: {{{ define( 'WP_TESTS_TITLE', 'Rob\'s Test Blog' ); }}} and {{{ define( 'WP_TESTS_TITLE', 'Rob's Test Blog' ); }}}" miqrogroove 3 34130 Thickbox previous arrow close External Libraries 4.3.1 normal minor Awaiting Review defect (bug) new 2015-10-02T15:22:51Z 2021-03-15T21:51:46Z "The previous arrow in Thickbox does not work reliably. It sometimes displays 2 images, sometimes displays just the caption. Since that problem does not happen with the buttons, I suggest using the ""trigger"" function instead. The following code seems to work more reliably (staring at line 137): {{{ function goPrev(){ if(jQuery(document).unbind(""click"",goPrev)){jQuery(document).unbind(""click"",goPrev);} jQuery(""#TB_window"").remove(); jQuery(""body"").append(""<div id='TB_window'></div>""); tb_show(TB_PrevCaption, TB_PrevURL, imageGroup); return false; } jQuery(""#TB_prev"").click(goPrev); function goNext(){ jQuery(""#TB_window"").remove(); jQuery(""body"").append(""<div id='TB_window'></div>""); tb_show(TB_NextCaption, TB_NextURL, imageGroup); return false; } jQuery(""#TB_next"").click(goNext); jQuery(document).bind('keydown.thickbox', function(e){ if ( e.which == 27 ){ // close tb_remove(); } else if ( (e.which == 190) || (e.which == 39) ){ // display next image jQuery(""#TB_next"").trigger( ""click"" ); } else if ( (e.which == 188) || (e.which == 37) ){ // display previous image jQuery(""#TB_prev"").trigger( ""click"" ); } return false; }); }}}" Eric3D 9 34136 Allow register_post_type's rewrite to remove CPT slug Rewrite Rules 4.3.1 normal normal Awaiting Review enhancement new 2015-10-02T23:20:58Z 2022-06-24T18:55:50Z "Not sure if there are reasons (outside of naming conflicts) why register_post_type's rewrite does not allow an empty value as an argument to remove the post type slug from its future post URL's. After a lot of research and some code from @JanBeck at my wordpress.stackexchange question: [http://wordpress.stackexchange.com/questions/203951/remove-slug-from-custom-post-type-post-urls] its clear that naming conflicts between a CPT and Page type URL's are being avoided. I propose: {{{ 'rewrite' => array( 'slug' => '', 'with_front' => false ), 'has_archive' => 'something', // will now default to false to avoid possible conflict }}} then proper rewrite rules should be added to allow for the removal of this CPT slug and disallow the CPT to create conflicting URLs in the future. eg publishing ones that match page URL's the same as native posts append a '-1' to a conflicting URL. This will solve a large problem where users are trying to hack around this by creating their own rewrite rules, hacking post.php, and pre_get_posts solutions. " BenRacicot 15 34149 Standardize wp-signup.php to also use search engine visibility text DrewAPicture has-patch Upgrade/Install normal normal defect (bug) assigned 2015-10-04T23:05:00Z 2022-01-18T13:48:25Z "In #27628, we standardized the installation screen to use the same search engine visibility text as the setting in Settings > Reading. We should also change over the text in wp-signup.php. Currently, the option reads as install did before: {{{ Privacy: Allow search engines to index this site. [Yes] [No] }}} With Twenty Sixteen: [[Image(http://f.cl.ly/items/1C2x3x2W0V0P1C2d3010/Screen%20Shot%202015-10-04%20at%205.03.20%20PM.png)]]" DrewAPicture 22 34165 Incorrect file param in wp_handle_upload in class-wp-xmlrpc.php XML-RPC 4.3 normal normal defect (bug) new 2015-10-06T08:27:44Z 2019-06-05T06:41:48Z "Hello, I am using the plugin imsanity which uses the wp_handle_upload hook to resize the upload. This doesn't work when uploading via xml-rpc. After digging deeper into this I found that the ""file"" param that is passed into this hook is inconsistent and changes depending on where this hook is triggered from. When uploading through the web interface the full file path is included in this param. When uploading via xml-rpc only the filename is given. When I modified class-wp-xmlrpc to be consistent with the web interface the plugin works. Thanks Michael" OceanicSurfer 3 34173 Edit locking for term management Taxonomy normal normal enhancement new 2015-10-06T18:41:30Z 2020-03-26T17:06:12Z "If you give a WordPress developer term meta, they'll want to add fields to the term edit page. If there are numerous editable fields on the term edit page, then WordPress should make sure User B's changes don't accidentally override User A's changes. Related #32202" danielbachhuber 2 34184 IIS with Helicon Ape is not detected for suggesting pretty permalinks Permalinks 4.3.1 normal normal enhancement new 2015-10-07T07:30:04Z 2019-06-04T20:52:03Z When deciding on suggesting pretty permalinks on the permalinks settings page, the function got_url_rewrite() is used, which checks the function iis7_supports_permalinks(). In this function, only the Microsoft URL Rewrite module is checked. A check for Helicons Ape (www.helicontech.com/ape/) should be included here as well since it supports full mod_rewrite functionality. mikek70 34185 "Excluding certain PHPUnit test groups results in ""Database is dead"" notice and tests terminate" Build/Test Tools normal normal Awaiting Review defect (bug) new 2015-10-07T07:35:43Z 2021-03-09T18:03:52Z "When excluding certain PHPUnit groups from the full test suite the tests fail with a ""Database is dead"" notice. Known groups thus far: * `phpunit --exclude-group import` * `phpunit --exclude-group query` {{{ $ phpunit --exclude-group import Installing... Running as single site... To run multisite, use -c tests/phpunit/multisite.xml PHPUnit 4.7.7 by Sebastian Bergmann and contributors. ............................................................. 61 / 4556 ( 1%) ...................................SS........................ 122 / 4556 ( 2%) ............................................................. 183 / 4556 ( 4%) ............................................................. 244 / 4556 ( 5%) .S........................................................... 305 / 4556 ( 6%) ............................................................. 366 / 4556 ( 8%) ............................................................. 427 / 4556 ( 9%) ............................................................. 488 / 4556 ( 10%) ............................................................. 549 / 4556 ( 12%) ............................................................. 610 / 4556 ( 13%) .....................S....S.................................. 671 / 4556 ( 14%) ................................................S............ 732 / 4556 ( 16%) ............................................................. 793 / 4556 ( 17%) ..................................Database is dead. }}}" netweb 3 34188 Post lockdown Editor 4.3.1 normal normal defect (bug) new 2015-10-07T10:46:43Z 2019-06-04T19:32:44Z "Assume having two users. First user clicks on edit post and then edits and updates the post (e.g: Test Post). After updating the post the first user straight away logs out from admin area. Now, second user logs in to admin area and navigates to the post area. The post updated by the first user (Test post) shows ""First user is currently editing the post"" notification and is in a lockdown state. " danish.iqbal 2 34189 Add warning about changing $table_prefix for existing database has-patch Bootstrap/Load 4.4 normal normal enhancement new 2015-10-07T10:50:06Z 2019-06-04T19:32:46Z "When changing the $table_prefix for an existing database, it is not sufficient to rename the tables. You also have to change several values in at least two tables. In my case, changing prefix from ""wp_"" to ""bbj_wp_"" this involved at least the following SQL: UPDATE bbj_wp_options SET option_name = 'bbj_wp_user_roles' WHERE option_name = 'wp_user_roles'; UPDATE bbj_wp_usermeta SET meta_key = 'bbj_wp_user_level' WHERE meta_key = 'wp_user_level'; UPDATE bbj_wp_usermeta SET meta_key = 'bbj_wp_capabilities' WHERE meta_key = 'wp_capabilities'; The attached patch adds a warning to the generated wp-config.php file about this. There is much room for improvement here, including giving detailed information on what needs to be changed or even re-writingthe particular misfeature that stores tables names in other tables. The patch is intended as a stop-gap 'til such improvements are made. Hopefully this will prevent others from chasing down the same wildly unexpected behavior should they decide to change $table_prefix " bjerke-johannessen 8 34195 Deprecate get_terms_fields has-patch Taxonomy 4.4 normal normal enhancement new 2015-10-07T17:31:30Z 2019-06-04T21:17:28Z It seems like most people agree with the removal of this filter. So here is an approach to make this happen. wpsmith 3 34211 Ability to specify fields WP_Query can search Query 4.4 normal normal enhancement new 2015-10-08T11:59:10Z 2019-06-04T20:52:08Z "Currently the `s` parameter in WP_Query is hardcoded to only search in the `post_title` and `post_content` fields. A decent enhancement would be if you could also specify which postmeta fields it can search into as well. Also allowing more fine-grained control so that it can search only postmeta fields and ignore `post_title` and `post_content` as well. Something along the lines of: {{{ 's' => 'foo', 's_fields' =>'title', 's_meta_fields' => array( 'custom_field_1', 'custom_field_2' ), }}} `s_fields` can a string/array of either post_title and/or post_content. Setting it to false would disable searching these fields and assume you have set custom meta fields to search for instead. By default it would be `array( 'title', 'content' )`. `s_meta_fields` can accept a string/array of postmeta field names to search for. By default it would be `false`. A decent use case would be the [https://wordpress.org/plugins/search-by-sku-for-woocommerce/ Search by SKU for Woocommerce] plugin which resorts to writing a custom query. I assume the only real concern would be performance." paulwilde 6 34223 Core support for image regeneration Media 4.3 normal normal feature request new 2015-10-08T20:26:48Z 2023-10-18T15:52:00Z "Making this a separate ticket from #34196 so as to not hijack another conversation. I’d like to discuss WordPress doing image regeneration as a part of core. Images are most often defined in themes, and when switching themes, I think it makes sense to at least offer the ability to easily regenerate images to create the images a theme expects to exist. Similarly, if the default image sizes are changed, it’d be nice if users could regenerate images to make older images compatible to new size definitions. I think the nomenclature for images (i.e.: medium, large) help define images well enough that regenerating an image that exists on an old post would not alter it in a way that is out of expectation. And if we have a new image size that’s equivalent to the content width (and I’d actually argue to make that the standard insert size), it would make sense to be able to change it easily, with core, as part of a theme switch routine." krogsgard 5 34225 Display correct dimensions for image sizes in media modal has-patch Media 4.3.1 normal normal Future Release defect (bug) new 2015-10-08T22:08:36Z 2017-05-24T19:40:21Z "In the media modal dropdown, the available image sizes and their dimensions are shown like this: [[Image(https://cldup.com/fO5zZgC7OV.png)]] But the image dimensions are actually larger. The shown values are restricted because of the theme's `$content_width` variable. The actual values are like this: [[Image(https://cldup.com/DHFDDrEnlb.png)]] This dropdown is for informational purposes only, and the actual image size should show, not the constrained dimensions that will be in the media markup (largely for TinyMCE / editor purposes I believe). These image sizes are output to this modal template from `wp-includes/media-template.php`, and that data is setup from `wp_prepare_attachment_for_js`. This function calls the `image_constrain_size_for_editor`, which has a fourth parameter for `context`. That parameter is set to be `edit` both here and by default, and therefore the image constraints are set to this dropdown, even though it is for informational purposes only. Current contexts documented currently are `edit` or `display`. `edit` is the default if `is_admin()` returns true. There should be a third context, that does no constrain the image size, if the purpose for grabbing the image size is for informational purposes. Therefore, I think the best solution is to allow for a new `context` that I'm calling `info`. The new context would override the `admin` context, but not override the width parameter on the inserted media (that's useful for editor/TinyMCE purposes), nor would it override anything on the front end. It just edits it for reference purposes in the dropdown, to prevent innaccurate information from being presented to the user." krogsgard 4 34233 There is not a body class filter within the customizer. Customize 3.4 normal normal Future Release enhancement new 2015-10-09T16:23:40Z 2019-12-11T06:58:49Z "I'm hoping for a way to filter the body classes for the customizer panel. https://core.trac.wordpress.org/browser/trunk/src/wp-admin/customize.php#L112 My particular use: I happen to have some custom controls on my widgets. I'd like to style them differently for superadmins versus other users. The rest of my application handles this as a body class, and does so in pure php via filtering. I know that's a pretty specific use, but I do find it surprising that there's not a filter here, given how useful it is in wp-admin and the front end. If it were to mimic admin body classes, where the classes are a new string, it would look something like {{{ $customizer_body_classes = apply_filters( 'customizer_body_classes', '' ); ?> <body class=""<?php echo esc_attr( $body_class ); ?> <?php echo $customizer_body_classes; ?>""> }}} I happen to prefer the front-end treatment, where existing classes are passed in as an array. In that case it would look more like {{{ $classes = array_map( 'sanitize_html_class', $classes ); $classes = apply_filters( 'customizer_body_classes', $classes ); array_unique( $classes ); $classes_str = implode( ' ', $classes ); <body class=""<?php echo esc_attr( $classes_str ); ?> ""> }}} I see some objections to a similar ticket here: #32623 But my request is slightly different because I'm not advocating that we re-use the admin_body_class fliter. Rather, I'm suggesting a new filter just for the customizer body class. This is my first ticket! I would be happy to attempt to make it my first patch as well if there is traction for this enhancement." scofennell@… 6 34235 Multi selection in menu Menus 4.3.1 normal normal feature request new 2015-10-09T18:39:44Z 2019-06-04T20:16:58Z Can we have multiple selection of pages/posts/categories/ which are added in menu? So that if we have more number of things are there we can change order easily instead of selecting one by one. vir2714 1 34236 Better passwords - differences between setting and resetting password? Login and Registration 4.3 normal normal defect (bug) new 2015-10-09T18:48:08Z 2021-02-23T06:07:14Z "1) When user registers on a site, there is notification email ""Your username and password info"" which contains 2 URL addresses: `<http://localhost/wp-login.php?action=rp&key=iJy9s6jdmcpNwM27iyWc&login=test>` `http://localhost/wp-login.php` Why is there the second URL? Nothing can be done here, only antispam filters can ban this email... 2) When user clicks the first link, new password can be set: ""Enter your new password below."" But why has button text ""Reset Password""? User is not resetting password, but only setting first (new) password. And after submitting, there is text ""Your password has been reset."" 3) Site admin receives 2 notification emails (for one registration): - ""New User Registration"": New user registration on your site... (same in pre 4.3) - ""Password Lost/Changed"": Password Lost and Changed for user... So, every site admin receive another notification email with not relevant info, because password was not lost and changed, but created for the first time. For sites with many users, it is surprising and not needed... When user changes its password on Profile page, site admin also does not receive any notification. As I understand it, there is no difference when user set first password or reset lost password? It can be confusing for some users... 4) When site admin adds a new user, custom password can be set. But newly added user does not know about it? User received only standard ""Your username and password"" email with link to creation of new password: To set your password, visit the following address... I am not sure, if I understand workflow completely, but it seems to me a little bit confusing..." pavelevap 2 34253 wp_insert_post() can assign a random, unauthorized user_id's Posts, Post Types 4.3.1 normal normal defect (bug) new 2015-10-11T07:48:09Z 2019-06-04T20:52:13Z "Hello, When using wp_insert_post, the `get_current_user_id()` function is being called when post_author is left empty. When updating a plugin, and this function appears, you would assume the admin (whoever updated the plugin) would ""insert the post"". But this is not always the case, for instance when you update the plugin through FTP, or use auto-update, or static Opcode caching, etc. However, the admin area is accessible to many on a multisite environment with open registrations. But is also accessible by subscribers, if permitted. The user who accesses the admin area first after updating the code be assigned as post author. An example code below will show you the defect in action, on a Multisite environment: {{{ // Update 'plugin' here, log out and flush opcode cache. // This 'plugin' now executes the following code in admin_init: // Some options. $the_post_id = false; $main_blog = 0; $post_title = 'About WordPress'; $post_content = 'WordPress is great!'; $post_id_option = 'the_inserted_post_id'; // Switch to main blog switch_to_blog( $main_blog ); // Prevent code from running twice with option $page = get_post( get_option( $post_id_option ) ); if ( !$page ) { // Page doesn't exist yet // Insert post $the_post_id = wp_insert_post( array( 'post_title' => $post_title, 'post_status' => 'publish', 'post_type' => 'page', 'post_content' => $post_content ) ); } if ( $the_post_id ) { // Prevent code from running twice by updating option. update_option( $post_id_option, $the_post_id ); } // Back to current blog. restore_current_blog(); }}} A resolution would be to check if the current user has rights to post content. Either by default or parameter. Even more so, assign the site admin if the `current_user_can()` check fails. Thanks!" Cybr 1 34293 Network Admin Email description doesn't really explain what it is. dev-feedback Networks and Sites normal normal enhancement new 2015-10-13T21:18:49Z 2019-06-04T20:52:18Z "On /wp-admin/network/settings.php the field for **Network Admin Email** has this as the description: > This email address will receive notifications. Registration and support emails will also come from this address. By contrast, the per-site has this: > This address is used for admin purposes, like new user notification. I propose we change the Network Admin one to this: > This address is used for admin purposes, like site notifications. Registration and support emails will be sent from this address. That makes for a little more parity, and explains more clearly that emails are sent FROM this address (which has been unclear to some). The attached patch comes in two versions. 1) As I originally proposed 2) Without the 'and support' phrase since I have no idea what we are referring to with that one." Ipstenu 19 34296 Autoplay for more than one self-hosted video fails Media 4.3.1 normal normal Awaiting Review defect (bug) reopened 2015-10-14T10:05:48Z 2017-07-05T20:12:26Z "Hi, When adding more than one self-hosted video to a page (using the [video] shortcode or media browser to insert), if you set more than one to autoplay, then none of them autoplay. This might be a mediaelementjs problem. Stock 4.3.1 install with TwentyFifteen: http://test.10degrees.uk/one-video-autoplay/ - one video set to autplay, works fine. http://test.10degrees.uk/two-videos-autoplay/ - both videos set to autoplay, neither plays. These are both mp4 files. Jonny" jonnyvaughan 3 34297 "Passwords containing ' or "" via wp_set_password() break login via wp-login.php" needs-docs Users normal normal enhancement reviewing 2015-10-14T11:07:22Z 2020-09-20T13:01:55Z "We are using custom plugins to have the user reset their passwords. Internally all that is done boils down to the following code: {{{ wp_set_password('Test""123', 1); // alternative test wp_update_user([ 'ID' => 1, 'user_password' => 'Test""123' ]); }}} Doing this the password gets successfully changed inside the database. Trying to login on wp-login.php now with the new password results in: ""ERROR: The password you entered for the username admin is incorrect"" Login however still works using wp_signon(). I don't know what's going on there or where the differences are but surely this can't be intended behavior that we're not supposed to set passwords using ' or "" via wp_set_passworod(), can it?" manuakasam 12 34316 User status inconsistent between single-site & multisite needs-unit-tests Users 1.5 normal normal Awaiting Review enhancement new 2015-10-15T19:00:15Z 2017-09-27T15:30:10Z "The way a user's status is defined in WordPress differs between single-site and multisite: * In single-site, the `user_status` column is used * In multisite, there are two additional columns for `spam` and `deleted` Not only this, but the `update_user_status()` function is multisite only, and the `user_status` column is an integer without an API to help announce what values equate to what results. On the plus side, user statuses aren't really ever used in core. Marking users as spammers in multisite installations is the only real benefit of this feature as it exists today. I'd like to propose the following: * Stop creating the the `spam` and `deleted` columns in `wp_users` on new installations * ALTER the `user_status` column from `INT(11)` to `VARCHAR(20)` ala `wp_posts` * A bevy of `wp_register_user_status()` like functions to introduce bonafide support for them * A database upgrade routine to move user status `0` to `active` and `1` to `spammer` * A new index on the `wp_users` table for the updated `user_status` column type. We may need a few, based on how users are commonly queried in core, BuddyPress, etc... * Update the `WP_User` and `WP_User_Query` classes to suss out any `user_status` inconsistencies A few considerations worth noting: * Large installations would need to manually perform these DB upgrades. I'm embarrassed to say I've personally frozen WordPress.org for several minutes years ago by missing a `DO_NOT_UPGRADE_GLOBAL_TABLES` check on the `wp_users` table * Several plugins use their own values in the `users_status` column, assuming their numeric ID is unique and special. The authors of these plugins would need notifying, and their code updating to support the above ideas * This work *could* parlay into the Post Status API that's on infinite back-burner. There are some really excellent ideas floating around about how `post_status` could work that would translate nicely to users, too" johnjamesjacoby 9 34322 set_transient and get_transient don't seem to be working for some users since WP 4.3 Options, Meta APIs 4.3 normal normal Awaiting Review defect (bug) new 2015-10-16T04:07:34Z 2017-04-06T17:08:22Z "I'm the developer of a social media plugin which relies on the WordPress set_transient and get_transient functions to temporarily cache data in the user's database. Since the WordPress 4.3 update, we've had reports of the cache not clearing automatically as it should, meaning that the transients aren't expiring correctly in the database. This seems to only be happening on some servers as I haven't been able to replicate the issue on my own test site, but have confirmed it on user sites, and looks like it could be related to [https://make.wordpress.org/core/2015/07/30/get_transient-is-now-more-strict-in-4-3/ this thread]. The same problem seems to be happening to other developers of similar plugins, and I've had some users report that other unrelated WordPress plugins they're using are also not automatically updating either any more, which I'm assuming is caused by the same issue. I've been able to confirm the problem on user sites by using a page template containing the following basic code. I've commented it to explain what it does and can provide a Facebook Access Token privately if needed, although I included a link on how to obtain your own. The transient set using the script below should expire every 30 minutes and then the script should check the URL again for new data, but it doesn't unless I delete the transient manually. {{{ <?php /* Template Name: Transient test */ //Facebook URL to get data from. You can get an Access Token to use in the URL by following the directions here: https://smashballoon.com/custom-facebook-feed/access-token/ $url = 'https://graph.facebook.com/cnn/posts?access_token=ACCESS_TOKEN'; //Check the database for the transient containing the data $transient = get_transient( 'test_transient_expiration' ); if( ! empty( $transient ) ) { //The transient was found in the database echo 'Got the existing transient from the database <br />'; //Show the date the data was last updated from Facebook echo 'Last updated: ' . json_decode( json_encode($transient) )->headers->date; } else { //No transient in the database - get the data from Facebook $facebook_data = wp_remote_get( $url ); //Cache the data in the database set_transient( 'test_transient_expiration', $facebook_data, 1800 ); echo 'Got the data from the URL <br />'; //Show the date the data was last updated from Facebook echo 'Last updated: ' . json_decode( json_encode($facebook_data) )->headers->date; } ?> }}} I was in two minds whether to report this as a bug as I've never reported one before, however it definitely seems like this could be a bug as the above code should work, but doesn't on some user's sites. I use code very similar to the above in my plugin and nothing has been changed in that code, but users started reporting an issue shortly after the WordPress 4.3 update was released. Through reading the change logs for the 4.3 update I know some changes were made to transients and so I'm wondering if that's what caused this problem. Sorry for the long post! John" smashballoon 8 34324 Tag picker for attachments Media 4.3.1 normal normal Awaiting Review enhancement new 2015-10-16T11:46:21Z 2019-01-21T12:10:03Z "When adding a taxonomy for attachments you only get a basic input field in the modal views, like in a post or when using the grid view on the attachment page: [[Image(https://s3.amazonaws.com/f.cl.ly/items/2T2n3k2014362w402z2P/Image%202015-10-16%20at%201.36.39%20PM.png)]] Someone in the forums [pointed out](https://wordpress.org/support/topic/tags-picker-for-attachments?replies=3) that this is because the modal view is only for editing the image, and not the attachment post it belongs to. This makes sense when editing a post, but not in the grid view on the attachments page. The only way to edit tags and categories in the normal way is to press ""Edit more details"", where you get the proper tags/category pickers. I feel like we should either remove or improve the basic input field. It doesn't really make sense to have a stripped down version in the modal. It's confusing and not very good UX." filipstefansson 7 34327 Check for filesystem write permissions done based on ownership instead of actual filesystem permissions Filesystem API 4.3.1 normal normal defect (bug) new 2015-10-16T16:34:57Z 2019-06-04T19:52:31Z "For security reasons, I don't run my httpd/fpm processes as the same user that owns my web content. This gives problems when trying to do various things in Wordpress such as updating themes/plugins/translations etc. It all comes down to the function get_filesystem_method in wp-admin/includes/file.php, which bases the choice for direct filesystem access on the ownership of the filesystem resource(s) it's trying to access. Of course user ownership is not the only thing that can grant write permissions in the filesystem, the group owner and even things like ACL's can influence this. I see that for WP updates there has already been a 'hack' made which is $allow_relaxed_file_ownership but there seems to be no way to use the same criteria for all other actions. The core issue is that Wordpress bases its ""Can I actually write files $here"" decision not on the actual outcome of a filesystem action, but on assumptions about the file/directory owner being the sole factor in being able to write. Please either - allow a global 'allow_relaxed_file_ownership' setting, or - actually perform a filesystem write check so that people configuring their filesystem permissions properly don't need to lower their security in order to run Wordpress. Thanks!" Sling1 1 34335 URL shorteners ( redirects) should to be supported by the embed handling for couple of hops Embeds 2.9 normal normal Future Release defect (bug) reviewing 2015-10-16T22:35:15Z 2023-05-29T10:40:57Z "It should be possible to use URL shorteners ( redirects) to load embeds. I have been testing the new embeds feature and have found that a Bit.ly link doesn't work, but the resolved link does I believe we should support at least one hop if not two " pbearne 10 34353 redirect_canonical() – Undefined indexes 'host' and 'scheme' needs-unit-tests Canonical 4.3.1 normal normal Future Release defect (bug) reopened 2015-10-19T08:47:03Z 2023-08-19T00:05:18Z "Hello, We have a problem on our Blog (http://blog.mila.com). Since over half a year, we get these notifications on top of our wordpress blog: '''Notice: Undefined index: HTTP_HOST in /opt/wordpress/wp-includes/canonical.php on line 66''' '''Notice: Undefined index: HTTP_HOST in /opt/wordpress/wp-includes/nav-menu-template.php on line 558''' The notifications come and go, so i don't know what the problem is.. This is line 66 in the canonical file: {{{#!php <?php $requested_url .= $_SERVER['HTTP_HOST']; }}} And this is line 558 in nav-menu-template.php: {{{#!php <?php $current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_root_relative_current ); }}} We know that the notification is shown because the variable HTTP_HOST is not set, but we don't know how to fix that. It would be great if you could help" theamila 55 34358 plugin_dir_url( __FILE__ ) returns plugins directory when plugin symlinked to mu-plugins needs-unit-tests Plugins 4.3.1 normal normal Future Release defect (bug) new 2015-10-19T17:53:00Z 2017-10-02T15:02:25Z "With a plugin symlinked to the mu-plugins folder, paths to find assets via the URL are broken if using `plugin_dir_url()`. This does not happen when using the `WPMU_PLUGIN_URL` constant. However, if using the constant then the plugin is not portable to the normal `plugins` directory without additional checks. {{{#!php <?php /** * Plugin is symlinked to mu-plugins directory */ // http://example.com/wp-content/plugins/my-plugin-dir/ define( 'BAD_PLUGIN_URL', plugin_dir_url( __FILE__ ) ); // http://example.com/wp-content/mu-plugins/my-plugin-dir/ define( 'GOOD_PLUGIN_URL', WPMU_PLUGIN_URL . '/my-plugin-dir/' ); }}}" scamartist26 18 34367 Image Editing: Orientation-aware rotation icons Media normal normal Future Release enhancement reviewing 2015-10-20T05:38:51Z 2019-06-04T20:17:04Z "Having just processed a massive set of images and needing to rotate several of them, I noticed a small issue with the way the WordPress image editor's rotation icons work. They're generally much better than the standard rotation arrows you'd normally see, providing a visual of an image being rotated one way or another from portrait to landscape. But if you're looking at a landscape image that needs to rotate one way or the other, it's somewhat disorienting trying to decide which button to push, since you're essentially rotating it one more time past the orientation indicated in the icon. By contextually adjusting these icons to reflect the orientation of the image in the editor, we could eliminate an extra cognitive step during the image editing process (see proposed screenshots). Probably the easiest way to go about fixing this would be to add a class for the image's orientation somewhere in a container div, then add some css to rotate these buttons when the image is already landscape, so that they indicate that clicking would make them rotate into portrait orientation." celloexpressions 5 34372 Password reset link invalid for user names containing blanks reporter-feedback Login and Registration 4.3.1 normal normal Awaiting Review defect (bug) new 2015-10-20T18:35:44Z 2021-01-12T21:56:43Z When a user name contains a blank, resetting the corresponding password. The URL in the reset email will contain a blank, at which point the link will be interrupted. ditler 7 34385 Missing site_url path results in array to string conversion Rewrite Rules 4.3.1 normal normal enhancement new 2015-10-21T08:55:13Z 2019-06-04T21:17:38Z "Given WP_Rewrite is used in verbose mode (use_verbose_mode = true), site_url() does not contain any path component and a rule which does not match home_url() is added to WP_Rewrite::$rewrite_rules, WordPress runs into an Array to string conversion within $wp_rewrite->mod_rewrite_rules(). The origin of this issue is in [https://core.trac.wordpress.org/browser/tags/4.3.1/src/wp-includes/rewrite.php#L1902 wp-includes/rewrite.php#L1902] and the Array-to-String-Typecast occurs in [https://core.trac.wordpress.org/browser/tags/4.3.1/src/wp-includes/rewrite.php#L1952 wp-includes/rewrite.php#L1952]. Interestingly, $home_root has a safety net against this special case. When no path is set, it defaults to ""/"" (Introduced in [https://core.trac.wordpress.org/changeset/9516 Changeset 9516]). Unfortunately, this is not the case for $site_root. " adormann 34389 Comment pagination settings should discourage infinite comments-per-page Comments normal normal enhancement new 2015-10-21T16:37:20Z 2019-06-04T19:32:55Z "The default value for `page_comments` is `0`. See #12562. When a comment has hundreds or thousands or trillions of comments, the lack of pagination causes severe performance problems. Part of the spiritual journey described in #8071 involved forcing pagination. We tried a few things in #8071, but decided to leave the problem for a separate ticket. A couple of possible ways forward, some of which are mutually compatible: - Force comment pagination in all cases. This could be coupled with a bump in the default value of `comments_per_page`. Good: It's consistent, and it allows us to drop a checkbox from the UI. Bad: It breaks comment permalinks for many posts (though see #34106). - Force comment pagination only when the number of comments on a post is dangerously high. Good: It reduces permalink breakage. Bad: It's confusing for the user. - Do nothing for existing installations, but enable `page_comments` by default on new installs. This could be coupled with a bump in the default value of `comments_per_page`. - Add some sort of AYS message to options-discussion.php that discourages admins from disabling `page_comments`, or setting `comments_per_page` too high." boonebgorges 34390 Gallery - images order Gallery 4.3.1 normal normal defect (bug) new 2015-10-21T16:55:11Z 2019-06-04T19:52:47Z "I already asked here, but nobody answered: https://wordpress.org/support/topic/media-manager-shuffle-images-all-the-time?replies=10 Seems as it is a bug, or oversight because you maybe dont test this real life scenario case. I know now what triggers this problem, did not know when asked in this topic. Some short info: - Have this problem in 1-2 years. - Installed new and clean Wordpress (to exclude my code lines or plugins) - Default theme, no plugins, no custom code in functions.php, no custom code in wp-config.php, .htaccess. How to trigger problem: - Add new post. - Open media manager and insert many images (In my case was it 280 images uploaded at once. I make multiple galleries on separate subpages to reduce page load). But for your test you can have maybe 100 images uploaded in this post, not so important. - When uploading finished you will see that all images are sorted in perfect order. - Just for clean test close modal box and open it again Add Media and chose Create Gallery. - Images are still sorted in perfect order. - Go to the first image media manager uploded in this batch. In my case as it was clean installation it was image first at the bottom (but you get it). - Now comes part how you trigger glitch/bug. - If you mark first uploaded image and hold Shift arrow on keyboard, and if you CLICK ONLY ONCE at last image you want in your gallery, sorting in gallery (backend and frontend) is still perfect and OK. - But, if you hold Shift key and keep clicking on row after row (to be able to see number of images in gallery at the bottom bar ""#No selected""), then problems comes and seems as JS code is confused and shuffle many images. - Problem will be visible in next modal window where you chose gallery settings, in post self and on the front. Shift and click on last image wished in gallery = perfect order. Shift and click several time around before you decide what to mark = shuffled images. [[Image(http://s7.postimg.org/4o50g6cpn/2015_10_21_184256.jpg)]] [[Image(http://s17.postimg.org/t0c4blrin/2015_10_21_184859.jpg)]] [[Image(http://s9.postimg.org/4msb88s9r/2015_10_21_185039.jpg)]]" Stagger Lee 6 34392 "calling update_option(""siteurl"", $newval) can overwrite it with an instance of WP_Error." General 4.3.1 normal normal defect (bug) new 2015-10-21T17:41:50Z 2019-06-04T19:52:53Z "Hello, under admittedly somewhat obscure circumstances a call to update_option(""siteurl"", ...) can overwrite its value with an instance of WP_Error class. When being updated `siteurl` is subject to some additional checks in `sanitize_option()` function, and the bug is due its handling of WP_Error's. In particular the code at https://github.com/WordPress/WordPress/blob/4.3.1/wp-includes/formatting.php#L3609-L3612: - overwrites the `$value` variable with result of the call to `$wpdb->strip_invalid_text_for_column()` - - will only create the `$error` variable if the WP_Error received from the call to `$wpdb->strip_invalid_text_for_column()` contains the optional error message If `$wpdb->strip_invalid_text_for_column()` returns an instance of WP_Error without an error message we end up with `$value` containing a WP_Error instance but empty `$error` variable. Then the check at https://github.com/WordPress/WordPress/blob/4.3.1/wp-includes/formatting.php#L3720 fails due to empty `$error`, and the WP_Error `$value` propagates upwards as the return result of `sanitize_option()`, to be written into the database. As most places trust get_option(""siteurl"") to return a string rather than an object this results in fatal errors as WP_Error can't be converted to a string. In the specific case I observed, the WP_Error instance without an error message was originating from `wpdb::get_table_charset()` function - https://github.com/WordPress/WordPress/blob/4.3.1/wp-includes/wp-db.php#L2306-L2308. From what I gather `wpdb::strip_invalid_text_for_column()` needs to know the database charset for the database column to determine valid input, this will eventually call out to `wpdb::get_table_charset()` and if the query in that function fails for some reason the resulting WP_Error propagates all the way up to `sanitize_option()`. As this was tracked down retrospectively I don't know what exact conditions allowed the query in `wpdb::get_table_charset()` to fail while allowing any subsequent queries to succeed, however it can be reproduced with a test case at https://gist.github.com/pbogdan/9827a8f2358cf9e8ca71 I have not reviewed the logic for other options handled by `sanitize_option()` but it's possible some of them could be affected if they use the same logic for dealing with WP_Error's - which relies on the WP_Error having the optional error message. I might be bit slow to respond but let me know if there is any additional information I can provide. Thanks, Piotr " pbogdan 1 34396 Gallery shortcode : make image captions relative to the current gallery Gallery 3.5 normal normal enhancement new 2015-10-22T12:57:02Z 2019-06-04T19:52:58Z "In the media frame, the ""Caption"" field is used to set a caption for images. But this field has several other effects that are not always intended by the website author. * Changes to this field are saved on the database (in the excerpt field of the attachment post) as soon as the field is unfocused : no preview is possible, changes are put online directly. Changes are still applied even if ""Update"" button is not clicked. * For single image insertion, caption is saved in the post content, inside the [caption] shortcode. But for multiple images, caption is saved globally, not inside the [gallery] shortcode. * When modifying a gallery, changing the caption field right under the image also updates the caption field on the right panel, and saves it globally when the focus is moved. So even when the ""Update gallery"" button is not clicked, the changes are still saved in the database, but they are not reflected in the editor until the page is reloaded. * When an image is use in several galleries, updating the caption associated with this image in one gallery also updates the caption on the other gallery. This is very different from the behavior of other fields displayed on the right panel (columns, link to, size) that change only the current gallery. * Modifying the caption field is the attachment details edition view or in the media library grid view will change the caption used for this image in a gallery." Fab1en 1 34405 Retrieval of meta value that is an array. has-patch Options, Meta APIs 4.3.1 normal normal defect (bug) reviewing 2015-10-23T00:10:52Z 2020-09-20T13:02:22Z "Simply using $post->meta_value automatically runs get_post_meta(). This happens in [https://core.trac.wordpress.org/browser/tags/4.3.1/src/wp-includes/post.php#L748] (post.php line 748). That value then goes into sanitize_post_field() [https://core.trac.wordpress.org/browser/tags/4.3.1/src/wp-includes/post.php#L751] (post.php line 751). The value then gets modified at [https://core.trac.wordpress.org/browser/tags/4.3.1/src/wp-includes/post.php#L2215] (post.php line 2251) through esc_attr(). Codex entry for [https://codex.wordpress.org/Function_Reference/esc_attr] (esc_attr()) shows that the only parameter that should be sent is a string. This process works for strings. However, if our meta value is an array, we get a PHP notice (Notice: Array to string conversion in /var/www/html/wp/wp-includes/formatting.php on line 959). Then returns a sting(5) 'Array' instead of the actual array. I think that the best option may be to edit esc_attr() or the subsequent function wp_check_invalid_utf8() to allow for arrays to be passed to them. Alternatively the quick dirty fix would be to not send an array into sanitize_post_field." alexwbaumann 2 34407 esc_url() cannot handle a relative URL containing a : character (IPv6) Formatting normal normal defect (bug) new 2015-10-23T05:07:04Z 2019-06-04T19:53:08Z "Split off from #34202 / #34054 When using a relative URL with `esc_url()` nothing will be returned if the string contains a `:` character, for example, one which occurs within an IPv6 address. This will output nothing: {{{#!php <?php echo esc_url( 'edit-comments.php?s=2001:0db8:0000:0000:0000:ff00:0042:8329' ); }}} The cause boils down to `wp_kses_bad_protocol()` which through `wp_kses_bad_protocol_once()` assumes anything before `:` in a URL is a protocol. Relative URL's such as `/edit-comments.php?s=2001:0db8..` succeed as `esc_url()` identifies them as relative, and never calls `wp_kses_bad_protocol()`." dd32 4 34412 Problem with äö characters in Roundcube emails reporter-feedback Mail 4.3.1 normal normal defect (bug) new 2015-10-23T09:38:22Z 2019-06-04T20:17:14Z "HI There, I have the latest WP 4.3.1. On it, I have cost-calculator plugin in my site and I am facing similar issue with äö characters than in ticket: #31566 ( in Thunderbird and Roundcube emails) I didn't quite understood how to solve this problem. What should I now do to fix this problem?. my client have one of those emails systems that get bad messages from their site. The plugin provider says they have not use anything special apart from built it WP api. Plugin provider mentioned that this issue was suppose to be fixed from WP 4.2+/ Any help would be nice." memmuli 6 34414 Add extra item fields to exported WXR file close Export 4.4 normal normal Future Release feature request new 2015-10-23T12:01:43Z 2022-07-15T16:24:54Z "Hello I am one of WPML developers. WPML is plugin which allows user to make multilingual sites, set language information to posts etc. Straight to the point: we want to make it available to add to exported posts/pages an information about their language. Language information is stored in our own tables, so we cannot use existing WXR <item> elements like those for taxonomies or custom fields. It would be perfect if before closing </item> tag would be executed hookable action which will echo those additional elements, coming from plugins such our. I am attaching proposed patch. Example of usage: {{{ add_action('wxr_export_item_extra_fields', 'here_wxr_export_item_extra_fields'); function here_wxr_export_item_extra_fields($post) { echo ""<testitempost id='"" . $post->ID . ""' />""; } }}} " kkarpieszuk 6 34419 Update Pingback Processing Code needs-unit-tests Pings/Trackbacks normal minor enhancement new 2015-10-23T21:36:25Z 2019-06-04T20:52:31Z "Related to #34141, which would pass the retrieved pingback source to preprocess_comment and comment_post for additional processing, pingback_ping currently strips all content from the source as part of its processing. Suggesting that specifically: 1. Sanitization be done using core sanitization functions(wp_kses, etc) 2. The code that returns relevant errors(URL not found, etc), be processed ahead of anything else. 3. The older code that duplicates the functionality of url_to_postid noted as FIXME be removed. If there really is another difference, that should be an enhancement to url_to_postid. This, combined with the enhancements in #34141, would allow moving toward improving linkback presentation(#32653), which is a long term goal." dshanske 7 34435 Creating a post might fail during fall's DST switch due to ambiguous time needs-docs Date/Time normal normal Future Release defect (bug) new 2015-10-25T00:53:55Z 2019-05-30T06:24:04Z "When I use `wp_insert_post()` to create a post when `timezone_tz` is `Europe/London` [https://github.com/danielbachhuber/year-ago-today/blob/master/year-ago-today.php#L25-L32 ref], the post gets scheduled for the future. `$post_date` is established here: https://core.trac.wordpress.org/browser/tags/4.3/src/wp-includes/post.php#L3272 Because `$post_date_gmt` isn't supplied, it's set here: https://core.trac.wordpress.org/browser/tags/4.3/src/wp-includes/post.php#L3292 However, `get_gmt_from_date()` returns the same value as its supplied, when it should return an hour less (as Europe/London respects DST). `gmdate()` returns the proper GMT date (one hour less) so the post gets forced to `future` [https://core.trac.wordpress.org/browser/tags/4.3/src/wp-includes/post.php#L3310 ref] Here's debug of `get_gmt_from_date()`: {{{ <?php $format = 'Y-m-d H:i:s'; $string = '2015-10-25 01:23:08'; $tz = 'Europe/London'; $datetime = date_create( $string, new DateTimeZone( $tz ) ); echo $datetime->format( $format ) . PHP_EOL; // 2015-10-25 01:23:08 $datetime->setTimezone( new DateTimeZone( 'UTC' ) ); echo $datetime->format( $format ) . PHP_EOL; // 2015-10-25 01:23:08, but should be 2015-10-25 00:23:08 }}} Is this a bug in PHP, or how we're using `DateTime`? Tested on PHP 5.6.14, 5.5.9, and 5.5.27" danielbachhuber 7 34465 Uploader in Media Modal Not Working When Certain Library Arguments Present Media 4.0 normal normal Awaiting Review defect (bug) new 2015-10-27T13:32:55Z 2017-09-18T00:16:15Z "I noticed this bug while working on a plugin that deals with the media modal. I'm using the following code to create a media modal on a button view: {{{ function frame(){ // Destroy the previous collection frame. if ( this._frame ) { this.stopListening( this._frame ); this._frame.dispose(); } this._frame = wp.media( { className: 'media-frame rwmb-media-frame', multiple : true, title : 'Select Media', library : { type : 'image', }, frame: 'select', } ); //Event stuff goes here this._frame.open(); }, }}} The issue is when uploading a file using the upload tab in the media modal. The file uploads but it never appears in the Media Library tab like it does in the core media modal used by the editor. The side Attachment Details panel shows the file information but the file itself doesn't appear on the grid. Attached is a screen cap from a user of the plugin. " Funkatronic 14 34466 wp_register_form, wp_lost_password_form function dev-feedback Login and Registration 4.4 normal normal Awaiting Review feature request new 2015-10-27T14:48:11Z 2017-02-22T09:57:13Z "Hi, We currently have a wp_login_form function to display the login form, however, we do not currently have an opposite for the registration form. '''Should look into:''' wp_register_form wp_lost_password_form " atomicjack 5 34467 Media Library after removing bulk removing all images on page Media 4.3.1 normal normal defect (bug) new 2015-10-27T15:13:52Z 2019-06-04T20:17:20Z In the Media Library if you go to say the last page and bulk delete all the images, you will be 'stuck' on that page - pagination is removed despite there still being previous pages in the library that I could be brought back to. sorensenss 1 34475 get_comment_link incorrect page number in returned url. SergeyBiryukov needs-unit-tests Comments 4.3.1 normal normal Future Release defect (bug) reviewing 2015-10-28T16:36:42Z 2019-10-03T22:15:05Z Since 4.3 core update the get_comment_link function returns incorrect page numbers for paginated comments. Have tried using default twentyfifteen theme with no plugins enabled and issue still persists. Property118 17 34487 "Add a new conditional tag for the ""Posts Page""" has-patch General 4.4 normal normal enhancement new 2015-10-29T19:22:45Z 2019-06-04T19:53:19Z "Currently, there's no conditional tag to determine whether the current page is the ""Posts Page"", set under Settings->Reading. The codex (https://codex.wordpress.org/Conditional_Tags#The_Blog_Page) describes a way to combine is_home() and is_front_page(), but I propose that we instead add a new conditional tag to deal with this. Naming the function is a little tricky. Unfortunately, the name ""is_posts_page"" is taken in query.php, so I created a patch that adds ""is_blog_page"". It returns true on the ""posts page"", and false everywhere else. I've run across this issue in real world projects a couple of times and though it would be a good addition to WordPress. The patch adds this to query.php because is_home() and is_front_page also live there." roytanck 1 34507 New action `before_login_form` needs-docs Login and Registration normal normal Awaiting Review enhancement new 2015-10-30T07:33:57Z 2017-01-10T12:21:39Z "I can add new fields before default fields form. For example I can add social login : https://food52.com/users/sign_in?next_url=%2F" sebastian.pisula 5 34525 Use wp_parse_id_list() in the WP_Query class has-patch Query 4.3.1 normal normal enhancement new 2015-10-31T11:57:36Z 2019-06-04T20:52:47Z "We have this handy core function to clean up an array, comma- or space separated list of IDs: {{{ function wp_parse_id_list( $list ) { if ( !is_array($list) ) $list = preg_split('/[\s,]+/', $list); return array_unique(array_map('absint', $list)); } }}} Why not use it where we can? == Examples: == Instead of the following lines, in the {{{WP_Query}}} class: {{{ $q['category__in'] = array_map( 'absint', array_unique( (array) $q['category__in'] ) ); $q['category__not_in'] = array_map( 'absint', array_unique( (array) $q['category__not_in'] ) ); $q['category__and'] = array_map( 'absint', array_unique( (array) $q['category__and'] ) ); $q['tag__in'] = array_map('absint', array_unique( (array) $q['tag__in'] ) ); $q['tag__not_in'] = array_map('absint', array_unique( (array) $q['tag__not_in'] ) ); $q['tag__and'] = array_map('absint', array_unique( (array) $q['tag__and'] ) ); }}} we could simplify it with: {{{ $q['category__in'] = wp_parse_id_list( $q['category__in'] ); $q['category__not_in'] = wp_parse_id_list( $q['category__not_in'] ); $q['category__and'] = wp_parse_id_list( $q['category__and'] ); $q['tag__in'] = wp_parse_id_list( $q['tag__in'] ); $q['tag__not_in'] = wp_parse_id_list( $q['tag__not_in'] ); $q['tag__and'] = wp_parse_id_list( $q['tag__and'] ); }}} Similarly for: {{{ $author__not_in = implode( ',', array_map( 'absint', array_unique( (array) $q['author__not_in'] ) ) ); $author__in = implode( ',', array_map( 'absint', array_unique( (array) $q['author__in'] ) ) ); }}} we could use: {{{ $author__not_in = implode( ',', wp_parse_id_list( $q['author__not_in'] ) ); $author__in = implode( ',', wp_parse_id_list( $q['author__in'] ) ); }}} I will check it further and soon add the relevant patches. " birgire 4 34538 Improvement of the IPv4 address format check chriscct7 has-patch HTTP API 4.4 normal normal Future Release enhancement reviewing 2015-11-01T06:57:35Z 2017-02-05T20:33:50Z "For the current ""is_ip_address()"" in the function of out of range, such as ""256.256.256.256"" IP so will also be judged as IPv4, it is increases the usefulness of the function you have to return false for out of range of IP." ka2 8 34542 Permalink settings page should offer a filesystem API based way to save .htaccess Permalinks normal normal Future Release enhancement new 2015-11-01T10:06:30Z 2020-07-02T17:50:02Z Right now if .htaccess is not writable from PHP, the user is presented with the rules he should manually copy&paste into the file. There is no real reason to sent the user at that point to launch his FTP software to do something that in most cases can be done via the filesystem API. The filesystem API is both faster and most likely less prone to user mistakes. mark-k 34546 Change in function `get_post_field` Posts, Post Types normal normal enhancement new 2015-11-01T18:35:51Z 2019-06-04T20:53:00Z "I suggest change for function get_post_field(); 1. Second param should be optional; 2. Add default value in param of function. Additional I have question. Why in function get_the_ID() or get_post_title(); don't call function get_post_field ? In many functions in first line is $post = get_post( $post ); If we insert my patch then we can use: {{{ function get_the_ID() { return get_post_field('ID', null, 'display', false); } }}} OR {{{ function get_the_guid( $id = 0 ) { return apply_filters( 'get_the_guid', get_post_field( 'guid', $id ) ); } }}} " sebastian.pisula 1 34552 Remove default post format setting Post Formats normal normal Awaiting Review enhancement new 2015-11-02T06:16:58Z 2017-04-24T20:01:48Z "It doesn't matter why, but it seems to me that there isn't any real theme support for post formats (real = post formats are actually displayed in a vastly different way than standard), therefor I doubt anyone actually uses the default post format setting or needs it. The default should most likely be standard with a filter to override it, I don't think there is a need to anything more complex than that with the way the feature is actually being used." mark-k 4 34553 Remove the default category concept Taxonomy normal normal defect (bug) new 2015-11-02T06:41:52Z 2019-06-04T21:17:39Z "Default category is an historical artifact with no parallel in any other taxonomy. Why do we force user to even have a category when what they might want to do is just a twitter like status update stream, or posting pictures. related #31483, although this is about the whole functionality and nod just the UX." mark-k 1 34555 superscript in url dev-feedback Permalinks normal normal defect (bug) new 2015-11-02T10:39:17Z 2019-06-04T20:53:06Z "If you have a superscript in the post title and selected post-name structure for permalink, it creates a slug as in the image: http://prntscr.com/8y3wsc " sabrisahincan 6 34567 Improve HTML5 support in frontend close General normal normal Awaiting Review enhancement new 2015-11-03T11:52:42Z 2020-09-04T14:28:15Z "With this ticket I'd like to discuss about HTML5 support in WordPress. While theme authors are able to add support for HTML5, only some parts of WordPress respond to that appropriately. We have several components (like gallery, search form etc) which can be printed in HTML5 if needed, but then there are lots of other areas which are not printed in valid HTML5. I would like to know if there is any particular reason that this has not been improved yet or if it's simply something that no one has taken a deeper look into yet. Some areas that could be improved are: * the `checked()`, `selected()` and `disabled()` functions (boolean attributes don't need values) * link, style and script tags in `WP_Styles` and `WP_Scripts` (type attributes not needed, CDATA not needed, link tags shouldn't have a self-closing slash at the end) * meta and link tags hooked into `wp_head` (no self-closing slash) * all img tags generated (no self-closing slash) The above are probably just a fraction of what could be adjusted. I've always used some custom mu-plugin to address this issue and have valid HTML5 in more locations, but it would be great if Core supported it out-of-the-box. Of course all HTML code should only be changed if the theme has declared `'html5'` support. An important thing to think of here would be whether small things like those above actually need to exist as individual arguments in `add_theme_support( 'html5', $arguments )` or if simply adding general support for HTML5 is enough to adjust them. I'd be glad to work on this enhancement if it was approved for core." flixos90 4 34571 Thumbnails and featured images broken if the filename contains utf8 characters (e.g. üäö) Media 4.3.1 normal normal defect (bug) new 2015-11-04T01:56:03Z 2019-06-04T20:17:29Z "I did an upgrade to 4.3.1 from 3.6.1 and I have a whole bunch of media assets (more than 4000 images) where a substantial portion of these images have filenames containing utf8 characters like apostrophes, umlauts etc. While these images work just fine in posts, neither the ""feature image"" nor the thumbnail in the media library will work for that image (broken image icon, rename plugins won't work, feature image shows broken image icon). Both functionalities worked fine in 3.6.1 I would be grateful if the media library and the featured image functionally could be fixed so that the media library will work for these files again as well as the feature image." smuts 3 34591 "BugFix to WP_Scripts::do_item(), remove doubled ""//""" needs-unit-tests Script Loader 4.3.1 normal normal Awaiting Review defect (bug) new 2015-11-05T11:01:37Z 2017-02-05T09:08:07Z "Current code in `do_item()` of class.wp-script.php on line 172: {{{ $src = $this->base_url . $src; }}} may produce duplicate slashes `""//""`, resulting in problems. This might be fixed with code: {{{ $src = $this->base_url . $src; }}} Currently: * WP_Scripts contains: `""public $base_url; // Full URL with trailing slash""` and * script-loader.php contains calls `$scripts->add()` with initial `""/""` in relative paths Together this produces doubled slashes `""//""`. For example: http://www.ocelovehaly.cz/ll//wp-includes/js/jquery/jquery.js?ver=1.11.3 This makes W3TC include script in minified version, but not to remove it from the original HTML. Including jQuery twice makes LayerSlider not to work. Please, could you bugfix class.wp-script.php on line 172? Thank you :-)" jan.mazanek 4 34592 wptexturize interprets apostrophe at end of word as closing single quote Formatting 4.3 normal normal defect (bug) new 2015-11-05T11:07:35Z 2019-06-04T19:53:30Z "In the example `Let's meet at Chris' place` wptexturize interprets the first special character as an apostrophe and the second special character as a closing curly single quote. In English, the result is `’` regardless. However, some localization files use closing curly single quotes that differ from apostrophes." floffimedia 4 34608 Add role display name to WP_Role object Role/Capability normal normal enhancement new 2015-11-06T20:32:02Z 2019-06-06T06:25:22Z "Roles have both a `name` (slug) and `display_name`. The `display_name` is saved to the database in an untranslated form, and should be translated with `translate_user_role()` before display. I would have thought that you could get the display name of a role by first calling `get_role()` to retrieve the `WP_Role` object, and then accessing a property or method. However, the `WP_Role` objects are constructed only with the `name` and capabilities of the role. It is therefore not possible to retrieve the `display_name` directly from the `WP_Role` object. Instead, to retrieve the `display_name` for a role, you have to call `WP_Roles::get_names()`, which returns an array of (untraslated) role display names (not the slug `name`s). I am proposing that we introduce a way to get the display name directly from the `WP_Role` object. Possibly we could offer two properties: `display_name` with the translated display name, and `raw_display_name` with the raw display name (in case it would actually be useful for anything). I would never have known that the role display names needed special treatment for translation if I hadn't done this digging, so it would probably be helpful to newbies if the translated names were exposed in the API by default, instead of untranslated. (Related: #20764) In the process, maybe it would be possible to clear up the difference between the name and the name, at least in the docs. Perhaps that deserves its own ticket. It really is confusing in the code though, so much so that I've had to double-check which name (the display or the slug) was the one passed to `WP_Role`. Both of them are just referred to as the name in much of the code. This goes all the way back to [2703] when the role classes were introduced." jdgrimes 4 34610 Unify Add plugin with Add theme: load tabs through ajax Upgrade/Install 4.4 normal normal enhancement new 2015-11-06T22:55:21Z 2019-06-05T06:42:14Z Make Add plugin page the same way as Add theme. So '''Upload plugin''' and tabs (features, popular ...) react without reloading whole page. petercralen 2 34615 Make it possible to disable a user account Users normal normal feature request new 2015-11-07T17:38:43Z 2019-06-05T06:42:17Z "There should be a possibility to flag a user account as ""disabled"". A disabled user should 1. not be able to log in to WordPress anymore, and 1. not receive any email notifications (e.g. comment notifications) anymore, but 1. all the posts he wrote should still be assigned to him. This is useful in the case that an author or editor of a WordPress blog leaves the company and they would like to delete his user account. However, if they did, they'd have to delete all his posts or assign them to another user. [http://9seeds.com/tech/how-to-disable-wordpress-user-accounts/ This blog post] lists some possible workarounds, but none of them satisfies all three requirements stated above." thomaswm 8 34631 Extra compat for mbstring: mb_strpos() has-patch Charset 4.4 normal normal enhancement new 2015-11-09T12:00:50Z 2019-06-04T19:33:04Z "Hello, I noticed a missing compat function within compat.php, regarding mb_strpos. The use of this function within a plugin will result in a fatal error if the server doesn't support mbstring. So I made a function that will take over the function if it does not exist. I also implemented debugging errors based on PHP 5.5 source: https://github.com/php/php-src/blob/PHP-5.5/ext/standard/string.c#L1824 {{{#!php if ( ! function_exists( 'mb_strpos' ) ) { function mb_strpos( $haystack, $needle, $offset = 0, $encoding = null ) { return _mb_strpos( $haystack, $needle, $offset, $encoding ); } } /* * Only understands UTF-8 and 8bit. All other character sets will be treated as 8bit. * For $encoding === UTF-8, the $str input is expected to be a valid UTF-8 byte sequence. * The behavior of this function for invalid inputs is PHP compliant. */ if ( ! function_exists( '_mb_strpos' ) ) { function _mb_strpos( $haystack, $needle, $offset = 0, $encoding = null ) { if ( null === $encoding ) { $encoding = get_option( 'blog_charset' ); } // The solution below works only for UTF-8, // so in case of a different charset just use built-in strpos() if ( ! in_array( $encoding, array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) ) ) { return $offset === 0 ? strpos( $haystack, $needle ) : strpos( $haystack, $needle, $offset ); } $haystack_len = mb_strlen( $haystack ); if ( $offset < (int) 0 || $offset > $haystack_len ) { trigger_error( 'mb_strpos(): Offset not contained in string', E_USER_WARNING ); return false; } if ( !is_string( $needle ) ) { $needle = (string) $needle; if ( !is_string( $needle ) ) { trigger_error( 'mb_strpos(): Array to string conversion', E_USER_WARNING ); return false; } } if ( empty( $needle ) ) { trigger_error( 'mb_strpos(): Empty needle', E_USER_WARNING ); return false; } // Slice off the offset $haystack_sub = mb_substr( $haystack, $offset ); if ( _wp_can_use_pcre_u() ) { // Use the regex unicode support to separate the UTF-8 characters into an array preg_match_all( ""/./us"", $haystack, $match_h ); preg_match_all( ""/$needle/us"", $haystack_sub, $match_n ); $pos = key( array_intersect( $match_h[0], $match_n[0] ) ); if ( empty( $pos ) ) { return false; } return (int) $pos; } $regex = '/( [\x00-\x7F] # single-byte sequences 0xxxxxxx | [\xC2-\xDF][\x80-\xBF] # double-byte sequences 110xxxxx 10xxxxxx | \xE0[\xA0-\xBF][\x80-\xBF] # triple-byte sequences 1110xxxx 10xxxxxx * 2 | [\xE1-\xEC][\x80-\xBF]{2} | \xED[\x80-\x9F][\x80-\xBF] | [\xEE-\xEF][\x80-\xBF]{2} | \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3 | [\xF1-\xF3][\x80-\xBF]{3} | \xF4[\x80-\x8F][\x80-\xBF]{2} )/x'; /** * Place haystack into array */ $match_h = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_h ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $haystack, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_h = array_merge( $match_h, $pieces ); } while ( count( $pieces ) > 1 && $haystack = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Place haystack offset into array */ $match_hs = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_hs ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $haystack_sub, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_hs = array_merge( $match_hs, $pieces ); } while ( count( $pieces ) > 1 && $haystack_sub = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Put needle into array */ $match_n = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_n ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $needle, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_n = array_merge( $match_n, $pieces ); } while ( count( $pieces ) > 1 && $needle = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Compute match of haystack offset with needle * If passed, find the array key number within the full haystack. */ $pos = in_array( $match_n[0], $match_hs ) ? key( array_intersect( $match_h, $match_n ) ) : ''; if ( empty( $pos ) ) { return false; } return (int) $pos; } } }}} `if ( ! function_exists( '_mb_strpos' ) ) {` could probably be removed since it could be a core function. To test this, I've used the following lines of code: {{{#!php var_dump( _mb_strpos( '象形指事', '指', 0 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 1 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 2 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 3 ) ); // false var_dump( _mb_strpos( '象形指事', '指', -1 ) ); // false WARNING var_dump( _mb_strpos( '象形指事', '指', 4 ) ); // false var_dump( _mb_strpos( '象形指事', '指', 5 ) ); // false WARNING echo PHP_EOL.PHP_EOL; var_dump( mb_strpos( '象形指事', '指', 0 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 1 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 2 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 3 ) ); // false var_dump( mb_strpos( '象形指事', '指', -1 ) ); // false WARNING var_dump( mb_strpos( '象形指事', '指', 4 ) ); // false var_dump( mb_strpos( '象形指事', '指', 5 ) ); // false WARNING }}} Feel free to contribute your thoughts :) Thanks!" Cybr 1 34634 Empty PHP_SELF causes 404 pages to load front page with 200 status code has-patch Bootstrap/Load 2.0 normal normal Awaiting Review defect (bug) new 2015-11-09T14:34:39Z 2018-11-16T00:53:36Z "I've been having this issue where visiting a non-existent page in wordpress on our live server would result in the homepage being loaded with a 200 OK response, however on local and staging going to an non-existent page would result in the correct 404 page and template being loaded. I have a standard 4.3.1 WP install subdomain base multisite with pretty permalinks enabled running with Nginx/PHP-FPM. I've looked to see what was different between local and live and it turns out on live `$_SERVER['PHP_SELF']` is being set blank and on staging it is being set to `/index.php`. So to test I set at the top of my index.php file the following line `$_SERVER['PHP_SELF'] = '';`. Then when running on staging I was now getting the homepage load on a non-existent page. So I've fired up my debugger to see what is going on in core and here are my findings. In wp-load.php we set PHP_SELF to something based off REQUEST_URI {{{#!php // Fix empty PHP_SELF $PHP_SELF = $_SERVER['PHP_SELF']; if ( empty( $PHP_SELF ) ) $_SERVER['PHP_SELF'] = $PHP_SELF = preg_replace( '/(\?.*)?$/', '', $_SERVER[""REQUEST_URI""] ); }}} So the request `http://www.example.com/non-existent` results in `PHP_SELF` equal to `/non-existent` instead of `/index.php` Then in `class-wp.php WP->parese_request()` we have: {{{#!php $self = $_SERVER['PHP_SELF']; $home_path = trim( parse_url( home_url(), PHP_URL_PATH ), '/' ); $home_path_regex = sprintf( '|^%s|i', preg_quote( $home_path, '|' ) ); // Trim path info from the end and the leading home path from the // front. For path info requests, this leaves us with the requesting // filename, if any. For 404 requests, this leaves us with the // requested permalink. $req_uri = str_replace($pathinfo, '', $req_uri); $req_uri = trim($req_uri, '/'); $req_uri = preg_replace( $home_path_regex, '', $req_uri ); $req_uri = trim($req_uri, '/'); $pathinfo = trim($pathinfo, '/'); $pathinfo = preg_replace( $home_path_regex, '', $pathinfo ); $pathinfo = trim($pathinfo, '/'); $self = trim($self, '/'); $self = preg_replace( $home_path_regex, '', $self ); $self = trim($self, '/'); }}} This ends up with: `$req_uri = $self = non-existent` Later in the same function we have: {{{#!php // If req_uri is empty or if it is a request for ourself, unset error. if ( empty($request) || $req_uri == $self || strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) { unset( $error, $_GET['error'] ); if ( isset($perma_query_vars) && strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) unset( $perma_query_vars ); $this->did_permalink = false; } }}} Here because `$req_uri == $self` this code unsets the 404 which subsequently results in the front page being loaded rather than the 404 page I did some further investigation and this appears to only happen on multisite installs. If I take a normal wordpress install and set `$_SERVER['PHP_SELF'] = ''` the 404's work as normal. " l3rady 5 34638 New function for retrieving previous and next adjacent image has-patch Media 4.4 normal normal Future Release feature request new 2015-11-09T21:04:08Z 2020-04-15T22:39:10Z There are `previous_image_link()` and `next_image_link()` functions. But there are no functions that only return `true` and `false`, which would works similarly to `get_previous_post()` and `get_next_post()` but for images. It would be very helpful to have that, so we can easily to control whether to output the pagination HTML markup in `image.php`. solidcolour 2 34641 Inline menu item editing in backend Menus normal normal feature request new 2015-11-10T04:03:01Z 2019-06-04T20:17:39Z "Editing menu item in WordPress in backend is very pain full when we are dealing with large menu item list. We can create editing menu item process in WordPress backed more simple by adding inline editing to menu item. Can we add a switch feature to menu item, which allow us to change any menu item to any type dynamically for which we do not have to create a new item and put it into menu list manually?" ravinderk 2 34649 Support for filtering constants and .htaccess message in network setup Upgrade/Install normal normal enhancement new 2015-11-10T18:18:41Z 2023-03-15T18:42:10Z "It would be helpful if there were filters to modify the suggested constants and .htaccess message in network setup. For instance, I'd like to be able to include a switch statement to define `DOMAIN_CURRENT_SITE` based on an environment variable. Similarly, I'd like to be able to disable the .htaccess message when WordPress is running on a Nginx / PHP-FPM setup." danielbachhuber 1 34657 WordPress doesn't set object terms for menu items so pending items not working dev-feedback Menus 4.3.1 normal normal defect (bug) new 2015-11-11T11:23:11Z 2019-06-04T20:17:50Z " When I create menu items and refresh admin page without saving menu, wordpress can not show pending menu items. At line 1127 of 'wp-admin/includes/ajax-functions.php' file there is wp_save_nav_menu_items function, the first argument for this function '''is always zero''', so At line 441 of 'wp-includes/nav-menu.php' file wp_set_object_terms function doesn't work. I add my menu id to {{{ $item_ids = wp_save_nav_menu_items( 97, $menu_items_data ); }}} function, and it working for me. :)" rss_samuel 3 34660 Query breaks when nopaging = false and posts_per_page = -1 needs-unit-tests Query 4.4 normal normal defect (bug) new 2015-11-11T16:06:20Z 2019-06-04T20:53:11Z "Whenever `nopaging = false` and `posts_per_page = -1`, the SQL query breaks because the LIMIT clause is set to: `LIMIT 0, -1` This patch ensures that `nopaging` is set to TRUE whenever `posts_per_page = -1`." mgibbs189 6 34669 Custom back_link in wp_die and provide a filter reporter-feedback General 4.4 normal normal Future Release enhancement assigned 2015-11-12T17:21:17Z 2022-09-16T21:06:01Z "At the moment, inside `_default_wp_die_handler` function, the `$args['back_link']` (boolean) set to true allow to show a generic javascript back link: `<a href='javascript:history.back()'>`. I know that it's possibile to write own function handler using `wp_die_handler` filter, but accepting a custom back url, and not only a boolean, could be an easy way without rewrite all the function. In some cases it could be useful, here is an example. I wrote a plugin that creates custom roles with custom caps. I use the meta cap filter to let user of custom roles to edit users of other roles, but not admin users. So when an user of custom roles tries to bulk edit/promote/delete admin and not-admin users together, the user gets a wp_die message like: ''You can’t edit that user.''. When the user goes back with browser, the user will see again the old users page with old (and wrong) info, because the bulk action has edited properly the not-admin users and leave the admins untouch. I think it could be useful to provide the back url to wp_die message, so you can load the updated version of previous page. I propose that `$args['back_link']` can accept 3 types of values: - `false`: no back link shown (as now); - `true`: show javascript back link shown (as now); - `{url}`: show passed url. In this way I can use `wp_die` for custom messages in my plugin pages, like: `wp_die( 'Error message', '', array( 'back_link' => admin_url('whatever.php') ) );` Then, it could be useful to have a filter inside `_default_wp_die_handler` function to customise error messages of default dashboard pages. We could use the arguments (`$message`, `$title`, `$args`) to provide context to the filter, e.g.: `apply_filters( 'default_wp_die_handler_back_link', $r['back_link'], $title, $args )` `apply_filters( 'default_wp_die_handler_back_link_'.sanitize_key( $title ), $r['back_link'], $args )` Or maybe use `wp_get_referer` to add more context. I hope my explanation has been clear." eventualo 7 34670 Default Post Format option lists formats that are not available in the theme close Post Formats 4.3.1 normal normal Awaiting Review defect (bug) reopened 2015-11-12T18:35:08Z 2021-06-16T22:30:02Z "The problem happens when you set a post format that it's not available on the theme. It actually happened with the Canard theme, that doesn't allow Video post formats. Below is the steps to reproduce: 1) Select the Canard theme 2) On Settings > Writing, change the Default Post Format to Video 3) Add a new post, it will show the Video format post selected (even if it's not allowed). Add a Featured Image and publish the post. The Featured Image will not show on the front page. I've tested and reproduced this behavior with WP Admin and Calypso for WordPress.com and on a self hosted site. I tried different themes and post formats, but was able to reproduce only with Video format, and found only this theme that it's not allowed. Let me know if you need any other information. Thanks, Carina Pilar Happiness Engineer Trial" carina.pilar 6 34676 Optimize bulk plugin updates francina needs-unit-tests Upgrade/Install 4.4 normal normal Future Release enhancement assigned 2015-11-13T16:03:40Z 2022-06-07T17:22:52Z "When selecting more then one plugins to update the following things are done: * Maintenance mode on (if -a- plugin is active) * Per plugin: 1. Get plugin info 2. Download package 3. Unpack package 4. Install package * Maintenance mode off **Scenario:** 10 plugins require updates. Only the last one is active = requires maintenance mode to be enabled. Server might not have the best connection to WordPress.org or other plugin resource. This means that the site will not be available during: * Downloading of all plugins * Unpacking of all plugins * Installing of all plugins This means at least (10*download request) + (10*unpacking) + (10*installing) = 30 actions. Not including optional plugin info request * 10. Also not including plugins that need to do delta's on tables or other upgrading scripts. Though only one plugin actually required the site to not be available, which would be (1*installing) = 1 action. **Ideal flow:** * Download all packages * Unpack downloaded packages * Determine per plugin if maintenance is required * Install plugin * Disable maintenance if next plugin is not active * Finally: disable maintenance if enabled * Remove all unpacked packages and downloads I can think of a performance argument to include the unpacking of packages in the maintenance mode because it might be a strain on the server, but functionally I don't think it should be. As far as I can see the only file that this is effectively handled in is `class-wp-upgrader.php`." jipmoors 38 34681 "Consider removing the ""Disable the visual editor when writing"" option" Editor normal normal Future Release enhancement new 2015-11-14T14:41:57Z 2019-01-08T09:51:38Z Is anyone even uses it? considering the lack of love the text editor gets I truly hope that the answer is no. mark-k 20 34683 Default .htaccess config creates rewrite infinite loops for path-based multisite installations Rewrite Rules 4.3.1 normal normal Awaiting Review defect (bug) new 2015-11-14T20:16:54Z 2020-03-27T14:11:01Z "Default .htaccess config for path-based multisite installations looks like that: {{{ RewriteBase / RewriteRule ^index\.php$ - [L] # add a trailing slash to /wp-admin RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ - [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] RewriteRule . index.php [L] }}} The problem is in these lines: {{{ RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] }}} `?` sign makes expression `([_0-9a-zA-Z-]+/)` optional, so rule works also for request like `http://example.com/wp-config/file.png` and basicly try to internal redirect request to the same address. If file does not exist, it creates infinite internal loops that causes internal server errors. There is no sense create rewrite rules for main site of network and site prefix should no be optional for rewrites. Correct .htaccess content should be: {{{ RewriteBase / RewriteRule ^index\.php$ - [L] # add a trailing slash to /wp-admin RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ - [L] RewriteRule ^([_0-9a-zA-Z-]+/)(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)(.*\.php)$ $2 [L] RewriteRule . index.php [L] }}} " rob006 3 34690 when user login is required to comment, there should be a link to registration has-patch Comments normal normal enhancement new 2015-11-15T19:12:17Z 2019-06-04T19:33:05Z "Right now when user login is required the login form only shows a message about the need to login, but if registration is open, there is no reason not to send the visitor directly to the registretion page. At the very least the default text of the link to the login page should be changed to some thing like ""Login or Register"" when registration is open." mark-k 4 34693 Add browser-based testing and automated acceptance tests (BrowserStack) Build/Test Tools normal normal Future Release enhancement assigned 2015-11-15T23:43:07Z 2020-09-15T01:55:03Z "Automated testing in WordPress is primarily focused on PHPUnit testing, with some JavaScript QUnit tests. While the PHP tests are run against every version of PHP since 5.2, the JavaScript tests are limited to one single browser environment (PhantomJS). This has meant that browser-specific bugs have been introduced (e.g. #30781) because manual testing isn't always performed in all the browsers that WordPress supports. We should connect WordPress unit tests with something like BrowserStack to run the QUnit tests in the various browsers. While we're at it, the unit/integration testing in PHPUnit and QUnit only take us so far in WordPress as it is. What WordPress is missing are acceptance tests that fire up an actual browser to do actual tasks that users would perform when using WordPress. Such acceptance tests would make WordPress much more resilient against regressions, and it would open up a lot of new areas for automated testing that are currently very difficult to test using unit/integration tests. For instance, the Customizer heavily uses data from both PHP and JavaScript along with Ajax requests between the two. To create unit/integration testing mocks for PHP, JS, and Ajax requests adds a lot of testing overhead and is also difficult to maintain. I believe acceptance testing would allow much more of WordPress to be tested automatically, and it would allow tests to be written by more people. See also https://wordpress.slack.com/archives/core/p1419407324003594" westonruter 16 34697 Password (re)set form fails when addressed as /wp-login.php/ Login and Registration 4.3.1 normal normal defect (bug) new 2015-11-16T02:47:09Z 2019-06-04T20:18:00Z "`setcookie` in resetpass uses `$rp_path` to set the path for the cookie, but does not use the same `$rp_path` when setting up the form action in HTML. This means that the cookie can be set to a path where it will not be submitted by the browser on post and thus the form will fail. Easily reproducable by adding changing the reset password link from `/wp-login.php?...` to `/wp-login.php/?...` For some reason Firefox works (submits cookie), but Chrome and IE fail (don't submit cookie)." friedcell 6 34699 New function: `get_query_arg()` dev-feedback General normal normal Future Release enhancement new 2015-11-16T12:51:31Z 2021-07-20T08:07:55Z "For example i have url $url = 'http://example.com/?param=1¶m2=2¶m3=3' and I want get `param2` so I use function: get_query_arg('param2', $url); Second argument: exists function add_query_arg and remove_query_arg" sebastian.pisula 8 34712 New filter: `reset_password_url` has-patch Login and Registration normal normal Awaiting Review enhancement new 2015-11-17T11:46:06Z 2017-08-27T22:36:01Z For example if I want make custom reset password page. sebastian.pisula 1 34722 Open P Tag in shortcode related to h tag dev-feedback Formatting 4.4 normal normal Awaiting Review defect (bug) new 2015-11-18T07:32:04Z 2017-07-20T07:25:55Z "Hi Wordpress core Team There is a bug in wordpress. When you add a simple text in the editor like this {{{ <h3>Integer in ex vel urna tempor ultrices.</h3> Morbi vehicula a orci nec dignissim. }}} In the front of the website and in the page source code this text is changed by wordpress to this and there are no issues or open or extra p-tags. {{{ <h3><p>Integer in ex vel urna tempor ultrices.</h3> <p>Morbi vehicula a orci nec dignissim.</p> }}} [[Image(http://i.imgur.com/9TCF7gi.png)]] However this does not happen in a shortcode F.e. if you create a simple shortcode to add a div with a class around your text. The result is open and or extra p-tags and break tags, {{{#!php <?php function theme_shortcode_div($atts, $content = null, $code) { $content = $content; return '<div class=""theme-div"">' . $content .'</div>'; } add_shortcode('theme_div', 'theme_shortcode_div'); }}} And add the text within a sshortcode {{{ [theme_div]<h3>Integer in ex vel urna tempor ultrices.</h3> Morbi vehicula a orci nec dignissim. [/theme_div] }}} The same text is rendered like this. {{{ <div class=""theme-div""><br /> <h3>Integer in ex vel urna tempor ultrices.</h3> <p> Morbi vehicula a orci nec dignissim. </div> }}} The p tag is never closed and before the h-tag there is suddenly a break tag. I tested this in any of the default themes and i dont know how many commercial themes and all with same results. The p tag is left open and there is a extra break tag. [[Image(http://i.imgur.com/52p291S.png)]] It can even gets worse if you add it like this and embed your text in a p-tag. {{{ [theme_div]<h3><p>Integer in ex vel urna tempor ultrices.</h3> Morbi vehicula a orci nec dignissim.</p> [/theme_div] }}} Now the end result is this {{{ <div class=""theme-div""><br /> <h3> <p>Integer in ex vel urna tempor ultrices.</h3> <p> Morbi vehicula a orci nec dignissim.</p> <p> </div> }}} There is suddenly a extra br tag before the h-tag a extra p tag suddenly in the h-tag and a extra p tag at the end of the div. [[Image(http://i.imgur.com/J3597aM.png)]] Note: All code has been added in text mode of the editor. The text was added as shown. H-tag and normal text without any break tag all on one line Note: used theme in my images twenty sixteen. Note: Shortcode added to the functions.php exactly as shown above. Note: You can only see the p-tags missing in the source of the page. If you inspect the page in firebug or chrome it shows the closing p-tags as that is what browsers do. They try to close the p-tags by default even if it is missing. [[Image(http://i.imgur.com/aTwn2Wg.png)]] Please resolve as this is a really annoying bug. " BackuPs 22 34736 wp_calculate_image_srcset filter: provide the individual srcset image size joemcgill* has-patch Media 4.4 normal normal defect (bug) accepted 2015-11-19T03:16:03Z 2019-06-04T20:18:12Z "When using the `wp_calculate_image_srcset` filter, plugins have access to the `value` (typically the width), but no easy way to access the height of the image being used for that particular srcset source. Since Core already knows the height of the image being considered, instead of asking a plugin to backwards-engineer it when needed, I suggest we should be explicitly sending the size to make it more functional. Slack convo: https://wordpress.slack.com/archives/feature-respimg/p1447899460000167 Plugin example: https://github.com/Automattic/jetpack/pull/3040" kraftbj 7 34747 "Provide more flexibility for ""You are customizing"" text" ryankienstra close Customize normal normal Awaiting Review enhancement assigned 2015-11-19T22:00:49Z 2021-05-23T18:37:12Z "I'd like to be able to customize the ""You are customizing"" text based on context: [[Image(https://dl.dropboxusercontent.com/s/bu33174tvkdrhnf/2015-11-19%20at%201.55%20PM.png?dl=0)]] Because these strings are rendered directly in `wp-admin/customize.php`, I have very little control over the text. Ideally, this HTML would be rendered by calling `WP_Customize_Panel::content_template()` for the primary panel in the customizer (and I could have different primary panels for each view). However, if this abstraction is hairy, a filter for the title and description would suffice. If no description was present, the `?` wouldn't appear. If no title were present, the informational section wouldn't appear." danielbachhuber 13 34753 "Remove use of ""Toggle"" in strings" dev-feedback Administration 4.4 normal normal Awaiting Review enhancement new 2015-11-20T15:14:58Z 2021-08-01T11:50:10Z "Hello! It would be nice to have WordPress stop using ""Toggle"" in strings in multiple places and contexts -- most particularly action buttons and helper text. It's really two possible actions/behaviors, most of the time different ones depending on the context/location/result of the previous clic, and it's always a pain to translate properly (current way in French replace ""Toggle"" with the French equivalent of ""Open/Close"". Not elegant). I could change the text, sure. But the buttons themselves, not so much. They'd need to go from displaying ""Toggle"" to displaying ""Open"" or ""Close"" depending on the current status of the target. That'd require some JavaScript wizardry. Hence, this ticket. Thanks!" xibe 14 34776 Introduced the `$site_root` and `$home_root` parameter in `mod_rewrite_rules` has-patch Rewrite Rules normal normal Awaiting Review enhancement new 2015-11-24T07:51:30Z 2018-04-01T18:34:16Z "if I want make custom rewrite rule I must use in filter this script: {{{#!php <?php $home_root = parse_url(home_url()); if ( isset( $home_root['path'] ) ) $home_root = trailingslashit($home_root['path']); else $home_root = '/'; }}} So I think that this is good idea with new params in filter" sebastian.pisula 1 34778 A better indication of action happening on buttons. General 4.3.1 normal normal Awaiting Review enhancement new 2015-11-24T15:01:01Z 2020-03-16T18:34:19Z "It's from UX point of view - every single action button that when clicked the page is being refreshed or loads another has no clear way of showing this. A quick example can be the site setup process. When you click submit for example, a simple blue shadow appears that show that something is happening, but this blue shadow is not very obvious (on a blue button) and is very similar to ""focus"" outline as default behaviour for buttons. I personally suggest one of two options: One - gray out the button but still keep it clickable, that will show that the click has triggered something, but will also allow the user to click a second time which will deal with the case of having connection problems in the middle of request, where you can resend the settings once more without refreshing the whole page. Two - same as before, but instead of making the button gray (or do) add small rotate dashicon to visually represent action. The main reason i report this is because many times when i setup the site or work on the dashboard, clicking a button doesn't really show anything and i think for some reason i haven't clicked it or nothing is happening. Its purely for UX and to me it's not a small thing" xavortm 28 34796 Facing an issue when using wp_remote_get with streams (non-blocking mode) rmccue* reporter-feedback HTTP API 4.3.1 normal normal defect (bug) accepted 2015-11-26T22:45:06Z 2019-06-04T19:53:49Z "On some hosting providers (like wpengine.com) I've encountered an issue when using wp_remote_get with streams (non-blocking mode) which on the other hand uses PHP native functions stream_socket_client, stream_context_create and stream_set_blocking. The issue is that HTTP request (non-blocking) never succeed, it just hangs/stuck on the initial call of stream_socket_client and neither errors or exception are generated. I've investigated the issue deeper and it seems that many people over the Internet have it. The issue can be resolved after invoking stream_socket_client we put usleep(5000) and then stream_set_blocking($handler, 0). It seems that the initial time for stream_socket_client is not enough and that's why it needs more time in order to process the HTTP request. PHP Bugtracker https://bugs.php.net/bug.php?id=64803 WordPress 4.3.1 PHP 5.5 Is it possible to add additinal parameter on wp_remote_get or if there is any other way to achieve setting usleep parameter will help us to precisely configure HTTP requests. I am adding patch file" bangelov 3 34798 Export Bug dev-feedback Export normal normal Awaiting Review defect (bug) new 2015-11-27T05:00:43Z 2017-10-03T07:52:59Z " We found a bug in export process that prevents post data changes going to actual export. In wp\wp-admin\includes\export.php L416 you select all matching posts from DB, having $posts array of stdClass objects as result. Then you call setup_postdata for every post, that goes to wp\wo-includes\query.php setup_postdata which calls $wp_query->setup_postdata after passing the $post. In function setup_postdata L4754 you check instance of the $post which will always be stdClass and create a new $post object. It breaks the reference link original $post from export.php so all changes in function setup_postdata will not be reflected to original object. A possible fix would be converting $post object to WP_Post before calling setup_postdata in expost.php Please see patch attached " eugenekireev 2 34799 Tell admin-post.php to check for $_REQUEST['action2'] ? Administration 4.4 normal normal enhancement new 2015-11-27T10:05:55Z 2019-06-04T19:33:11Z "In plugin development, we can handle POST requests through the `admin-post.php` file. This file is looking after an input with a name of `action` so we can register a custom hook to handle the POST request. After looking at the WP_List_Table, the bulk ""select"" '''top''' tag has a name attribute of `action`. So for custom development, the form where the list table fit can easily point to `admin-post.php` and we can handle the bulk POST request through a custom hook and it works. But here is the issue, if users use the ""select"" '''bottom''' tag for their bulk action, it won't work because the bottom select tag has a name attribute of `action2`. So if a POST request to `admin-post.php`, we can no longer listen to a custom hook to manipulate the request and its data. So I'm asking if it will be ok to update the `admin-post.php` file to check after a `$_REQUEST['action2']` as well?" jlambe 4 34800 Canonical 301 redirects go to request origin instead of site_url reporter-feedback Canonical 4.3.1 normal normal defect (bug) new 2015-11-27T11:48:52Z 2019-06-04T19:33:12Z "I have a problem with canonical redirect using a CDN setup. Let's say we have an origin server at `origin.example.com`, and the CDN at `www.example.com`. When I request `https://www.example.com/page-x`, it redirects me to `https://origin.example.com/page-x/` instead of `https://www.example.com/page-x/`, altough both `site_url` and `home_url` are set to `https://www.example.com`. I suspect that Wordpress doesn't use `site_url` when composing the redirect URL, it's just using the request URL with a trailing slash added (which is in fact `https://origin.example.com/page-x` as the CDN translates the request). The expected behaviour would be to either: * use the correct absolute URL in the header, like `Location: <site_url> + <canonical_path>` * use a relative URL, like `Location: <canonical_path>` I also checked the Redirection plugin, which returns relative URLs in the 301 redirects, and those work fine with my setup. Thanks for looking into this! Sevcsik " sevcsik 3 34803 Deleting menu item with sub-items does not update sub-items' parent (with disabled JS) has-patch Menus 3.0 normal normal defect (bug) new 2015-11-27T14:16:00Z 2019-06-04T20:18:28Z "This bug appears only with '''disabled JavaScript'''. If I create menu with following structure: - Parent - Child 1 - Child 2 and I delete ''Child 1'', it should look like this: - Parent - Child 2 The problem is that WP does not update the ''Child 2'' 's parent (postmeta ''_menu_item_menu_item_parent'') with disabled JavaScript." JanVoracek 3 34805 registration_errors filter not called when adding users in admin section Users normal normal defect (bug) new 2015-11-27T20:04:55Z 2019-06-05T06:42:22Z "Hi, I believe that the `registration_errors` filter should also be called when adding a user from within the admin area. As it stands now, it's only called when adding a user via `wp-login.php` Cheers! Mike" mikelopez 1 34808 Deprecate get_media_embedded_in_content() and get_tag_regex() has-patch Posts, Post Types normal normal defect (bug) new 2015-11-28T05:08:54Z 2019-06-04T20:53:17Z "Both are ""dead"" functions not used anywhere in core. Seem like left overs from the post types code in 3.6. `get_media_embedded_in_content()` is buggy: cannot handle nested `<object>` tags (which were popular few years ago for embedding flash) and doesn't match short ended tags without a slash at the end. `get_tag_regex()` is also buggy, see #26674. It was used in `get_media_embedded_in_content()` before [31574]. Not used anywhere since then." azaozz 1 34814 "Presence of ""Less than sign"" < adds additional closing shortcode tag." Shortcodes 4.2.3 normal normal defect (bug) new 2015-11-29T06:31:24Z 2019-06-04T21:18:09Z "If a `<` is used in shortcode content without a reciprocating `>` the shortcode closing tag will be duplicated. This was introduced in 4.2.3 as part of [33360]. For example, assuming `[my_shortcode]` simply returns it's content. This... `[my_shortcode]One < Two[/my_shortcode]` Should output this: `One < Two` But instead, we get this: `One < Two[/my_shortcode]` Consequently, a unit test somewhat like this won't pass: {{{ array( '[caption]Hello < World[/caption]', 'Hello < World' ) }}} I'm not 100% sure, but I suspect it's due to this regex: https://core.trac.wordpress.org/browser/branches/4.2/src/wp-includes/shortcodes.php?rev=33360#L346 By continuing to match all input, perhaps that also grabs the shortcode's closing tag, causing it to be duplicated." alexander.rohmann 1 34817 Add a new image size detection function Media 4.3.1 normal normal enhancement new 2015-11-29T23:15:28Z 2019-06-04T20:18:33Z "Hi there, Currently if you need to see if a custom image size exists for an image you need to call `get_image_sizes` and pass in your image id. This returns either the the applicable information for that image size or false. I think a better approach would be to have a function such as `images_size_exists()` which just detects if that size exists for a given image id and returns true or false. When using `wp_get_attachment_image_src` for example, you pass in your desired size, e.g 'large'. If the size you passed in doesn't exist for the image it will choose an applicable similar image such as the 'full' size. If there was a function like `images_size_exists()` it would let you conditionally target based on if sizes exist. I'm pretty keen on potentially adding this as a feature if it's not being worked on by anyone else? Thoughts guys? " simonrcodrington 3 34821 Allow creating users without an email address Users 4.3.1 normal normal feature request new 2015-12-01T16:33:55Z 2019-06-05T06:42:24Z "My current use case is kind of a family history website. It would be nice to get every family member an account, but some don't even have an email address and it is not necessary anyway, or is it?. Several workarounds have been suggested on several forums, including (A) fake emails, (2) the ""Allow Multiple Accounts"" plugin for using one email for all and (3) some hackery that I wouldn't want to try. ;) [https://wordpress.org/support/topic/add-user-without-email-adress]" stevenbauers 2 34822 Post name permalinks problems dev-feedback Permalinks 4.3.1 normal normal defect (bug) new 2015-12-01T16:41:16Z 2019-06-04T20:53:19Z " When using the ""post name"" permalink options and creating/deleting duplicates it can happen that the links get confused and the correct permalink doesn't work anymore. (page not found) The workaround shows a little more of this strange behaviour. If you change the link of the old page to blog/pagename-2, create a new one (with changing the link to the correct/old one if necessary), and delete the old one, the permalink blog/postname works, but redirects to blog/pagename-2. Something gets mixed up there... --- To add another workaround that we've tried to fix it: If one changes the permalink setting to standard, the post show up as normal, but when changing the settings back (to ""article name""), the problem persists/reappears. The permalinks do not seem to be freshly generated but rather to somehow half-and-half rely on old and new setting, very weird. " stevenbauers 34839 Wrong attribution of current_page_parent for menus when on single/archive CPT has-patch Menus 3.0 normal normal defect (bug) new 2015-12-03T16:21:15Z 2019-06-04T20:18:39Z "- When on a single CPT page, the menu item receiving the class '''current_page_parent''' is the blog archive page, and not the archive CPT page. - When on an archive CPT page that is in a submenu, the menu item receiving the class '''current_page_parent''' is the blog archive page, and not the parent menu item. Also, the parent menu item doesn't have the '''current-menu-parent''' and '''current-menu-ancestor''' classes. This plugin has some functions that deal with this issue, but it's probably something that should be fixed in core now since archive CPT page are available by default. [https://wordpress.org/plugins/sf-archiver/]" tabrisrp 6 34845 Serialized custom fields are ignored on import Import normal normal defect (bug) new 2015-12-04T13:56:30Z 2019-06-04T20:18:44Z "Hi guys, we would like to report a bug related with .xml file import. Data from our builder are stored in $items table. Post meta values entry are made with below code: {{{ $new = wp_slash( $items ); update_post_meta( $post_id, 'mfn-page-items', $new ); }}} And in accordance to your documentation https://codex.wordpress.org/Function_Reference/update_post_meta#Character_Escaping, we use ""wp_slash"" function. Table with data is saving and reading properly. The problem is when we export .xml file with Tools > Export and when we try to import data with built-in Tools > Import > WordPress option, serialised table is ignored and we get empty field. We attach test, exported .xml file so you can check it yourself. We would be grateful if you can have a look on it. Thanks!" muffingroup 1 34848 Add support for updating post meta in bulk chriscct7 close Options, Meta APIs normal normal Future Release enhancement assigned 2015-12-04T19:43:48Z 2023-08-29T15:59:31Z "A limiting factor in performance of inserting posts into the database is postmeta. I've been running a patch locally which adds functions for adding postmeta in one function call instead of calling add_post_meta multiple times over and over. add_post_meta creates a single SQL insert query, when adding 20 post metas that is 20 SQL inserts all run separately. This can be greatly improved by combining these into a single SQL insert. There is a problem where updating meta in bulk would likely be impossible or very painful. At the very least I have not been able to find a way to do this. Deleting I haven't developed a function but I imagine it would be fairly easy. {{{#!php /** * Add metadatas to a post. * * @since x.x.x * * @param int $post_id Post ID. * @param string $meta_data Metadata as an key/value pair array * * @return bool Was the data inserted */ function add_post_metas( $post_id, $meta_data ) { // Make sure meta is added to the post, not a revision. if ( $the_post = wp_is_post_revision($post_id) ) $post_id = $the_post; return add_metadatas('post', $post_id, $meta_data); } /** * Add multiple metadatas for the specified object. Similar to calling add_metadata for each metadata individually, * and is only applicable for unique meta data. If a meta key already exists for an object it will not be stored. * * @since x.x.x * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $meta_type Type of object metadata is for (e.g., comment, post, or user) * @param int $object_id ID of the object metadata is for * @param array $meta_data Metadata as an key/value pair array * * @return bool If the metadata was stored successfully. */ function add_metadatas($meta_type, $object_id, $meta_data) { global $wpdb; if ( ! $meta_type || ! is_array( $meta_data ) || ! is_numeric( $object_id ) ) { return false; } $object_id = absint( $object_id ); if ( ! $object_id ) { return false; } $table = _get_meta_table( $meta_type ); if ( ! $table ) { return false; } $column = sanitize_key($meta_type . '_id'); /** * Filter whether to add metadatas of a specific type. * * The dynamic portion of the hook, `$meta_type`, refers to the meta * object type (comment, post, or user). Returning a non-null value * will effectively short-circuit the function. * * @since x.x.x * * @param null|bool $check Whether to allow adding metadata for the given type. * @param int $object_id Object ID. * @param string $meta_key Meta key. * @param mixed $meta_value Meta value. Must be serializable if non-scalar. * @param bool $unique Whether the specified meta key should be unique * for the object. Optional. Default false. */ $check = apply_filters( ""add_{$meta_type}_metadatas"", null, $object_id, $meta_data ); if ( null !== $check ) return $check; $_meta_data = array(); foreach( $meta_data as $key => $value ) { if ( 0 == absint( $wpdb->get_var( $wpdb->prepare( ""SELECT COUNT(*) FROM $table WHERE meta_key = %s AND $column = %d"", $key, $object_id ) ) ) ) { $key = wp_unslash( $key ); $value = wp_unslash( sanitize_meta( $key, $value, $meta_type ) ); $_meta_data[ $key ] = maybe_serialize( $value ); /** * Fires immediately before meta of a specific type is added. * * The dynamic portion of the hook, `$meta_type`, refers to the meta * object type (comment, post, or user). * * @since 3.1.0 * * @param int $object_id Object ID. * @param string $meta_key Meta key. * @param mixed $meta_value Meta value. */ do_action( ""add_{$meta_type}_meta"", $object_id, $key, $value ); } } $rows = array(); if( ! empty( $_meta_data ) ) { $sql = ""INSERT INTO {$table} ({$column}, meta_key, meta_value) VALUES ""; $comma = false; foreach( $_meta_data as $key => $value ) { if( true == $comma ) { $sql .= ','; } $sql .= ""({$object_id}, '{$key}', '{$value}')""; $comma = true; } } $result = $wpdb->query( $sql ); if ( ! $result ) return false; wp_cache_delete($object_id, $meta_type . '_meta'); return true; } }}} " patrickgarman 32 34852 fix broken re-auth loop (due to expired session) Security 4.3.1 normal normal Awaiting Review defect (bug) new 2015-12-06T04:04:26Z 2019-06-04T18:12:28Z "Happened today. Was writing a post. A lightbox popped up saying my session was expired. Filled in my creds, submitted and got a 406 error. Tried closing the lightbox - it just popped up again. Tried submitting again. Eventually, had to login into the admin area in a different tab, and only then the login lightbox stopped popping up. What scares me is there wasn't even an option to save my edit. Luckily nothing got lost." rothschild86 1 34853 A helper method should be created to centralize which extensions are used for images. has-patch General 4.4 normal normal enhancement new 2015-12-06T08:44:31Z 2019-06-04T19:53:56Z In keeping with the helper methods introduced in `3.6` for audio/media extensions retrieval, the retrieval of image extensions should similarly be wrapped in a filterable method. Currently all places where this information is needed appear to simply define their own array and use that -- very un-DRY. dan.rossiter 1 34872 dbDelta Missing Index Name Creates Duplicate Indexes has-patch Database 3.5.1 normal normal defect (bug) new 2015-12-06T18:00:25Z 2019-06-04T19:33:14Z "Reference ticket #10404. This is to decompose the original ticket into components. May be fixed in 4.4. Needs testing. ---- Creates duplicate indexes: {{{ create table x ( id mediumint(8) not null autoincrement, KEY (id) ) }}} Does not create duplicate indexes: {{{ create table x ( id mediumint(8) not null autoincrement, KEY id (id) ) }}} " charlestonsw 3 34886 Search Form should not submit empty strings has-patch Themes normal normal Future Release enhancement new 2015-12-06T21:23:46Z 2020-10-28T16:17:53Z "Depending on the styling it is not always obvious to the user that there is a text box to click in before hitting the search button. On WordPress.com we are seeing about 3.5% of all site search queries are an empty string. For the end user this costs them the extra page load, and the confusion of having the page loaded. By selecting the field instead we avoid the user changing pages, and needing to re-find the search box. Similar problems are very prevalent in many themes. The most popular single word (that is not a stop word) in site search for WordPress.com is ""search"" due to the default value text being searched in themes. For most of the Twenty themes this problem is solved by not displaying the search button at all (display: none;). Fixing this in core should help point the way for fixing it in themes. Twenty Ten does not have the search button hidden and so is a good theme for reproducing the problem. " gibrown 11 34907 List for translation updates Upgrade/Install 4.3.1 normal normal enhancement new 2015-12-08T10:45:51Z 2021-06-26T15:59:32Z "If updates are available you have the overview at /wp-admin/update-core.php. There you can see updates for themes and plugins and you have a list for these updatable items. If there are updates for translations there is only a button, that updates are available, but there is no list or information which translations will be updated. It would be fine to have a list as it exists for themes and plugins." Giede 3 34913 Unscheduling cron jobs fails when original arguments were not an array. dev-feedback Cron API 3.0 normal normal Awaiting Review defect (bug) new 2015-12-08T13:31:40Z 2021-09-02T05:39:24Z "The Cron API does not check whether the cron job arguments passed are an array when scheduling a cron job. This inadvertently allows for scheduling cron jobs with string, integer or other arguments. However when unscheduling the cron job using `wp_clear_scheduled_hook()`, the arguments are ''always'' cast to an array which leads to cron jobs which '''*can*''' be scheduled, but can't be '''''*un*'''''scheduled using `wp_clear_scheduled_hook()`. The `wp_clear_scheduled_hook()` does throw a `deprecated` notices when non-array arguments are passed in, but this will most of the time go unnoticed as this function is most often used in a plugin deactivation routine. The patch which I'm submitting makes sure that cron job arguments are always cast to an array. The patch is backward compatible in that it: * will not break the `schedule_event` filter for plugins (which are ''doing it wrong'') which expect their original non-array argument to test against. * will schedule all newly schedule events with array arguments independently of how the arguments were passed. * will upgrade the cron array to ensure that all arguments are arrays. The patch includes unit tests proving the existence of the bug and the fixing of it by this patch. As far as I can see, this bug was introduced by the changes in https://core.trac.wordpress.org/changeset/12462 and has been in WP since 3.0. The patching of this bug also brought to my attention *another* (ancient) bug where in the cron option upgrade routine `_upgrade_cron_array()` the array structure wasn't respected properly leading to `Undefined index: args` notices and the inadvertent removal of cron events which were scheduled on the same hook for the same timestamp with different arguments. That bug has also been fixed in this patch." jrf 12 34924 Network upgrade fails on tls 1.2 only servers HTTP API 2.7 normal normal Awaiting Review defect (bug) new 2015-12-09T01:37:03Z 2018-07-16T19:56:09Z "Setup: Nginx 1.9.7 on Centos 7.1 with cURL 7.29 SSL configured with 'ssl_protocols TLSv1.2' only because Firefox does only accept TLS 1.2 for http/2 Symptom: After upgrading from WordPress 4.3 to 4.4 the network upgrade fails with error message: 'Your server may not be able to connect to sites running on it. Error message: TCP connection reset by peer' Test: Setting 'curl_setopt ( $handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1 );' in WP_Http_Curl::request solves the issue This is definitely an issue with older cURL versions. cURL 7.45 works well as reported by @dd32. Suggestion: Conditionally set CURLOPT_SSLVERSION if the first connect over https fails. Hint: Since WP_Http_Curl has been introduced in WordPress 2.7.0 I guess all version since 2.7.0 are affected. " mensmaximus 20 34927 user_url and user_email length too short dev-feedback Users normal normal Awaiting Review enhancement new 2015-12-09T06:26:38Z 2018-05-14T19:32:04Z "I have been adding users to my client's site with no issues, until I got to a user with a .edu email address. I add the user details as normal. Click the Add New User button and get the message ""New user created"". No error message at all. But the user has not been created. I tried 3 times, same result. I have turned off all plugins and changed to the wordpress default theme (2015). Same issue. What I expect to happen: When I add a user I expect them to be added to the Users list. What happens: when I add a user with a .edu email address, there is no error message, I get message ""New user created"", but the user is not in the user's list. These users should also appear in the Author drop down in posts (because they are added with Author role), but the new user does not appear in the Author dropdown eiither. Using Firefox 42.0 on Mac OS X Yosemite. Same issue happens with Safari 9.0.1 on Mac OS X Yosemite. " DonnaMiller 14 34932 Custom Field meta box in Taxonomy Term after WP 4.4 Taxonomy 4.4 normal normal enhancement new 2015-12-09T12:10:34Z 2019-06-04T21:18:22Z "As WordPress 4.4 takes Taxonomy Term Meta, it's a huge leap. Kudos to the team's effort. But as in Add New Post/Add New Page contains an additional meta box named ""Custom Fields"" for adding data into the `postmeta` table, taxonomy term, not even in default taxonomy term contains any of such meta box. So the `termmeta` table becomes writable only by the Programmers and the programmers only. But using Custom Fields meta box a general user can use the `postmeta` table. Screenshot 1: Enabling Custom Field Meta Box in Add New Post page Screenshot 2: Add New Post's Custom Field Meta Box Screenshot 3: Term doesn't contain any of such Meta Box So the only option remains to a developer is to add necessary fields using hooks - the old method. Can we add ""Custom Fields"" meta box for taxonomy terms too?" wzislam 2 34933 postMessage - targetOrigin does not contains port number Upgrade/Install 3.9 normal normal defect (bug) new 2015-12-09T14:01:59Z 2019-06-05T06:42:29Z "'''Current behavior''' When the skins are upgraded then the communication to the parent node using postMessage is blocked when the user is on the URL that has specified port. Example: ''example.com:81''. I see in console: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('http://localhost') does not match the recipient window's origin ('http://localhost:81'). '''Expected behavior''' File ''wp-admin\includes\class-wp-upgrader-skins.php'' line 168 contains: {{{ window.parent.postMessage( JSON.stringify( { action: ""decrementUpdateCount"", upgradeType: ""' . $type . '"" } ), window.location.protocol + ""//"" + window.location.hostname ); }}} The '''targetOrigin''' for the ''postMessage'' should also contains port number. E.g. ''window.location.hostname + window.location.port''" ctomczyk 1 34934 Suppress preg_match() and urldecode() errors in WP::parse_request(). reporter-feedback Query 4.4 normal normal defect (bug) new 2015-12-09T14:38:01Z 2019-06-04T20:53:31Z "Error en la fila class-wp.php 207 - 208 Aqui lo arregle asi {{{#!php if ( @preg_match(""#^$match#"", $request_match, $matches) || @preg_match(""#^$match#"", @urldecode($request_match), $matches) ) { }}} " entreosos 3 34957 #a11y-focus: Standardizing the handling of :focus and :hover adamsoucie Administration 4.4 normal normal Future Release enhancement assigned 2015-12-09T23:47:22Z 2019-05-06T16:06:43Z "After the discussion of [ticket:34876] with @mor10 and @michaelarestad, we've realized there are two main cases: * Times when the :focus and :hover states can be the same * Times when they need to be different In order to tackle the general :focus problem we'll need to: 1. Define which elements fall into which category 1. Establish a standard implementation for each category 1. Implement the new standards This could quickly evolve into a larger project, but we want to start resolve the :focus/:hover to make sure that gets addressed. This ticket is intended to start the conversation and put the attention on :focus. This is an important a11y issue, as [ticket:34876] shows there are still elements that lack a :focus state completely. As part of this plan, we'll identify those elements lacking :focus and address both the lack of :focus and the correct implementation at the same time." adamsoucie 7 34972 Permalink for unattached media same as a post needs-unit-tests Permalinks 4.4 normal normal Future Release defect (bug) new 2015-12-10T11:53:16Z 2018-12-17T21:55:36Z "First step - upload media ""tralala.jpg"" I got pretty link example.com/tralala/ Second step - create a post with Title ""Tralala"" it creates post with slug example.com/tralala/ this works. So post with the same title as unattached media filename creates the same permalink - slug as already exists for unattached media. In this case, unattached media is unreachable as permalink point to new post with the same slug." petercralen 7 34981 Usage of `image_size_names_choose` breaks JS attachment model attributes has-patch Media 4.3.1 normal normal Future Release defect (bug) assigned 2015-12-10T16:31:31Z 2022-08-03T21:11:43Z "Here's a small use case that shows how the issue arise. I want to limit the options of image sizes in the default media modal to so I use the filter `image_size_names_choose` provided in `wp-admin/includes/media.php` and remove the sizes `thumbnail` and as well as `medium`. This brings me the expected result: [[Image(https://naber.pegasus.uberspace.de/fs/public/images/2015/limit-attachment-sizes.png)]] With this I have now the problem, that for every thumbnail image in the media library (mode: grid) the large image source is used which is a performance issue if there are more than a couple of images in the library. The reason is, that the same filter `image_size_names_choose` is also applied to each image in `wp_prepare_attachment_for_js()` and therefore the attachment model does not reflect all available image sizes (`console.log( attachment.sizes )`: [[Image(https://naber.pegasus.uberspace.de/fs/public/images/2015/attachment-model-sizes.png)]] Here's a plugin that reproduces the issue in a clean WordPress (4.4) install: `wp-content/plugins/image_sizes_issue/image_sizes_issue.php`: {{{#!php <?php /** * Plugin Name: Image sizes issue */ add_filter( 'image_size_names_choose', function( $sizes ) { unset( $sizes[ 'medium' ] ); unset( $sizes[ 'thumbnail' ] ); return $sizes; } ); add_action( 'admin_enqueue_scripts', function() { wp_enqueue_media(); wp_enqueue_script( 'image_size_test', plugins_url( '/image_sizes_issue.js', __FILE__ ), [ 'jquery' ] ); } ); }}} `wp-content/plugins/image_sizes_issue/image_sizes_issue.js`: {{{ ( function( $, wp ) { $( function() { var image = wp.media.model.Attachment.get( '4' ); var promise = image.sync( 'read', image ); promise.then( function( results ) { console.log( results.sizes ); } ); } ); } )( jQuery, window.wp = window.wp || {} ); }}} For what I see, the filter `image_size_names_choose` is meant to affect the default UI for customization purpose. At least the name of the filter and the name of the function `image_size_input_fields()` (introduced in 2.7) suggests that. In contrast to that, `wp_prepare_attachment_for_js()` prepares the data structure for the Javascript API. I'm sure there's some reason to apply the filter there, but I have no idea what this reason could be. A possible, backward compatible solution could be, to pass a second argument to the filter to specify the context, the filter is applied in. I detected this behaviour in 4.3.1 but I think it go back to 3.5 when `wp_prepare_attachments_for_js()` was introduced. " dnaber-de 17 34983 shortcodes not working in input fields Shortcodes 4.4 normal normal defect (bug) new 2015-12-10T16:59:09Z 2019-06-04T21:18:27Z "So here's the gist of it... Won't work: `<input type=""text"" value=""[shortcode]"">` Works: `<input type=""text"" value=[shortcode]>` At first I thought it's because the shortcode is enclosed in quotes but apparently that's not the case as the both the following work just fine. `<a href=""[shortcode]"">` `<a href=[shortcode]>` Narrowed down the issue to `do_shortcodes_in_html_tags()` where I found this: {{{ if ( ( false === $single || $open < $single ) && ( false === $double || $open < $double ) ) { // $attr like '[shortcode]' or 'name = [shortcode]' implies unfiltered_html. // In this specific situation we assume KSES did not run because the input // was written by an administrator, so we should avoid changing the output // and we do not need to run KSES here. $attr = preg_replace_callback( ""/$pattern/s"", 'do_shortcode_tag', $attr ); }}} What bothers me is the part where it says ""assumes KSES did not run because the input was written by an administrator"". Why not really check if an admin did write the input, at least for posts? Attached is a patch that I did which possibly needs improvement from the WP gods :) Thanks. Mike" mikelopez 3 34986 Add Upgrade Notice for Themes has-patch Upgrade/Install normal normal Future Release enhancement new 2015-12-10T17:19:17Z 2023-06-21T04:26:30Z "There is upgrade notice for plugins that displays on the core update page if `$transient->upgrade_notice` is set in the `pre_set_site_transient_update_{plugins|themes}` filter, but there is no corresponding upgrade notice used or available for themes. I propose adding a similar usage for themes as currently exists for plugins. Use case, when theme upgrades are pending a notice of what changes, etc. will be available from the main update page." afragen 17 34991 Introduce a typographic measure for the admin screens Administration normal normal Future Release feature request assigned 2015-12-10T22:03:26Z 2020-11-12T12:14:16Z "For optimal readability, lines of text shouldn't exceed a certain length. In typography, this is called [https://en.wikipedia.org/wiki/Measure_(typography) measure] and looking around for references you will find several (different) recommendations, starting from 45-50 characters per line till 90 or even more. By the way, there's no such a thing as an absolute, perfect, number to fit all the different cases. It depends on many different factors, starting from the typeface used, its metrics, if it's a single column or multi-column layout etc. That said, when a line of text is really, really, too long, then readability, usability, and accessibility, they're all seriously affected. I'd like to encourage typography lovers and designers to start some discussion, research, and development with the long-term goal to improve typography in the admin screens. Trying to implement a ''measure'' could be a nice start. Also, I'd like to propose to consider the introduction of a new ""typography"" focus tag for Trac. In the screenshots below: a couple examples of some admin screens rendered on a large display with the browser's window maximized. [[Image(https://cldup.com/Lqn6W2CVsy.png)]] [[Image(https://cldup.com/CV2JcdQI1w.png)]] " afercia 34 34994 HTML5 elements reformatted poorly switching between Visual & Text editors Formatting normal normal defect (bug) new 2015-12-10T22:38:56Z 2019-06-04T19:54:13Z "HTML5 elements get reformatted in weird ways when switching between Visual and Text (HTML) editors. Details tag (not fully supported in browsers yet, but still shouldn't receive this behaviour IMO) gets an additional   above and below it upon each switch. Section, article, and aside are all completely stripped of white space. This combined with the stripping of paragraph tags results in a block of run-together text within a couple of switches. Demo: [[Image(https://cldup.com/OA6dgTmyxU.gif)]] I used HTML5 elements from https://www.tinymce.com/docs/demo/format-html5/ to test with." kristarella 1 35002 Attempt to set executable bits for core directories Upgrade/Install normal normal enhancement new 2015-12-11T03:06:49Z 2019-06-05T06:42:37Z "I just diagnosed a problem with a site where `wp-includes` was `744` rather than `755`, missing the executable bit and thus preventing CSS/JS from being served. Suexec was being used, so we should have had the ability to set the executable bit if we had ever noticed this was a problem. This happened on an existing site, so I'm not entirely sure when we'd fix this. `wp-admin/maint` script? DB upgrade process? Core file update process? I'm not sure what caused this here, which would probably play into how to best account for it. (Wordfence was on the site, could have been related.) I asked @pento about this and he said ""One less insane error to deal with is always a nice thing.""" nacin 2 35016 New plugin version in upgrader object Upgrade/Install 4.4 normal normal enhancement new 2015-12-11T16:11:53Z 2019-06-05T06:42:39Z "The current upgrader object only has the ''old'' plugin version ({{{->skin->plugin_info['Version']}}} unless you parse out the source URL. {{{ Plugin_Upgrader Object ( [result] => Array ( [source] => Q:/dev/webspec-design/wp-content/upgrade/types.1.8.11/types/ [source_files] => Array ( [0] => admin.php [1] => classes [2] => embedded [3] => help.php [4] => includes [5] => marketing [6] => marketing.php [7] => plus [8] => readme.txt [9] => resources [10] => wpcf.php [11] => wpml-config.xml ) [destination] => Q:\dev\webspec-design/wp-content/plugins/types/ [destination_name] => types [local_destination] => Q:\dev\webspec-design/wp-content/plugins [remote_destination] => Q:/dev/webspec-design/wp-content/plugins/types/ [clear_destination] => 1 ) [bulk] => 1 [strings] => Array ( [skin_upgrade_start] => The update process is starting. This process may take a while on some hosts, so please be patient. [skin_update_failed_error] => An error occurred while updating %1$s: %2$s [skin_update_failed] => The update of %1$s failed. [skin_update_successful] => %1$s updated successfully. Show Details [skin_upgrade_end] => All updates have been completed. [skin_before_update_header] => Updating Plugin %1$s (%2$d/%3$d) [bad_request] => Invalid Data provided. [fs_unavailable] => Could not access filesystem. [fs_error] => Filesystem error. [fs_no_root_dir] => Unable to locate WordPress Root directory. [fs_no_content_dir] => Unable to locate WordPress Content directory (wp-content). [fs_no_plugins_dir] => Unable to locate WordPress Plugin directory. [fs_no_themes_dir] => Unable to locate WordPress Theme directory. [fs_no_folder] => Unable to locate needed folder (%s). [download_failed] => Download failed. [installing_package] => Installing the latest version… [no_files] => The package contains no files. [folder_exists] => Destination folder already exists. [mkdir_failed] => Could not create directory. [incompatible_archive] => The package could not be installed. [files_not_writable] => The update cannot be installed because we will be unable to copy some files. This is usually due to inconsistent file permissions. [maintenance_start] => Enabling Maintenance mode… [maintenance_end] => Disabling Maintenance mode… [up_to_date] => The plugin is at the latest version. [no_package] => Update package not available. [downloading_package] => Downloading update from %s… [unpack_package] => Unpacking the update… [remove_old] => Removing the old version of the plugin… [remove_old_failed] => Could not remove the old plugin. [process_failed] => Plugin update failed. [process_success] => Plugin updated successfully. [process_bulk_success] => Plugins updated successfully. ) [skin] => Bulk_Plugin_Upgrader_Skin Object ( [plugin_info] => Array ( [Requires WP] => [Requires PHP] => [GitHub Plugin URI] => [GitHub Branch] => [GitHub Enterprise] => [GitHub CE] => [Bitbucket Plugin URI] => [Bitbucket Branch] => [Bitbucket Enterprise] => [Bitbucket CE] => [GitLab Plugin URI] => [GitLab Branch] => [GitLab Enterprise] => [GitLab CE] => [Name] => Types [PluginURI] => http://wordpress.org/extend/plugins/types/ [Version] => 1.8.10 [Description] => Define custom post types, custom taxonomies and custom fields. [Author] => OnTheGoSystems [AuthorURI] => http://www.onthegosystems.com [TextDomain] => [DomainPath] => [Network] => [Title] => Types [AuthorName] => OnTheGoSystems ) [in_loop] => [error] => [upgrader] => Plugin_Upgrader Object *RECURSION* [done_header] => [done_footer] => [result] => Array ( [source] => Q:/dev/webspec-design/wp-content/upgrade/types.1.8.11/types/ [source_files] => Array ( [0] => admin.php [1] => classes [2] => embedded [3] => help.php [4] => includes [5] => marketing [6] => marketing.php [7] => plus [8] => readme.txt [9] => resources [10] => wpcf.php [11] => wpml-config.xml ) [destination] => Q:\dev\webspec-design/wp-content/plugins/types/ [destination_name] => types [local_destination] => Q:\dev\webspec-design/wp-content/plugins [remote_destination] => Q:/dev/webspec-design/wp-content/plugins/types/ [clear_destination] => 1 ) [options] => Array ( [url] => update.php?action=update-selected&plugins=types%2Fwpcf.php [nonce] => bulk-update-plugins [title] => [context] => ) [plugin_active] => 1 ) [update_count] => 1 [update_current] => 1 ) }}}" eclev91 4 35017 Bug in bindPasswordForm() LastPass mismatch issue Users 4.4 normal normal defect (bug) new 2015-12-11T16:24:12Z 2019-06-05T06:42:46Z "Hello, Using Wordpress 4.4 I seem to have found a small bug in the file wp-admin/js/user-profile.js (user-profile.min.js). The theme that I am customizing has a front end profile editor. When the user navigates to the editor and attempts to update their password, if typing in the first password text box updates the second with only the first character of the string entered. This bit of javascript is meant to handle LastPass input, but breaks regular text entry. It seems that the javascript that is bound to the first text box is bound on input, when it should be bound on a paste event perhaps? I have included a jsfiddle to demonstrate the issue. http://jsfiddle.net/nge42ryb/10/ My apologies if this is not sufficient information to diagnose. Please feel free to ask for any additional information that might be helpful. " amandala 1 35018 The authentication check modal dialog appears just once has-patch Login and Registration 4.4 normal normal defect (bug) new 2015-12-11T17:12:25Z 2019-06-04T20:19:17Z "Noticed while investigating on #34951. To reproduce: 1. edit a post 2. open a new tab, go in some other admin screen and log out 3. in the tab with the edit post screen, after a while the authentication modal dialog appears 4. login again using the modal dialog 5. repeat step 2 The authentication modal dialog won't appear again because, as far as I see, when it gets hidden the custom event that triggers the dialog gets removed. See `hide()` in `/wp-includes/js/wp-auth-check.js` {{{ $(document).off( 'heartbeat-tick.wp-auth-check' ); }}} Not sure why the event is removed." afercia 1 35022 WP allows Unicode 0x00a0 spaces in editor but shortcode parser can't handle them has-patch Shortcodes 4.4 normal normal Future Release defect (bug) assigned 2015-12-11T19:38:38Z 2017-02-06T17:05:45Z "Since the release of WP 4.4, we have complaints on multiple sites that shortcodes are ""mysteriously"" failing despite being syntactically correct. Users claim merely editing and re-saving articles breaks the shortcodes. After several days of research, I discovered the problem with the non-working shortcodes is that they contain 0x00a0 Unicode non-breaking space characters. I've been unable to determine how the space characters are being created or why it has started generating complaints for us since the release of 4.4 but I have looked at the code in /wp-includes/shortcodes.php and verified that it will fail on shortcodes containing 0x00a0 characters in white space despite the editor apparently allowing them as legal white space characters. Part of the problem is this line of code which can't identify a shortcode tag if it is followed by a 0x00a0 instead of a 0x20 space character. There are further problems parsing the shortcode parameters. (adding \xc2\xa0 to the regex seems to fix this line). {{{ // Find all registered tag names in $content. preg_match_all( '@\[([^<>&/\[\]\x00-\x20]++)@', $content, $matches }}} " steevithak 21 35048 custom menu - OPTIMIZE QUERY! Menus normal normal feature request new 2015-12-13T14:00:14Z 2019-06-04T20:19:29Z " hi.. i had an idea - developers should have an ability to set a constant i.e. USE_STATIC_CUSTOM_MENU('menu_name') = true; in general, output of custom_menus on front-end, takes long (sometimes 1 second).. so, i think, that the custom-menu output should be saved as static string, and that should be outputed on FRONT_END request by visitors... and that STATIC string should be changed/ updated every time the custom-menu is edited, or when any of that custom-menu's item is modified... i think, it will save huge resources over millions of sites/hosting.. p.s. of course, somehow, ""current-menu-item"" should be added while front-end request.." selnomeria 2 35052 Filter themes by language translations Themes normal normal enhancement new 2015-12-13T17:59:39Z 2019-06-04T21:18:31Z "Since themes can now be translated in a fairly easy way, we should incorporate a filter in the WP admin UI that lets the users search only for themes which are translated to their language of choosing. We should probably agree on a % value treshold after which a theme will show up in the results (likely somewhere around 50% - 70% completion)." eclare 1 35055 Custom Meta for nav_menu_items Menus 4.4 normal normal feature request new 2015-12-13T19:42:08Z 2019-06-04T20:19:35Z "With the release of custom meta for taxonomy terms, I can't help but suggest the same for nav_menu_items. One can currently use a custom walker class as demonstrated here: [https://github.com/kucrut/wp-menu-item-custom-fields] However this is a tedious and ultimately ridiculous method, as Core should lend itself to easy customization and display of nav_menu_item meta. Not to mention this method makes it extra difficult to utilize UI components other than a standard text input when creating options for navigation menu items. I'd love to be able to utilize add_meta_box or something similar on nav_menu_items and I'm sure others in the community would benefit as well. Thoughts/Concerns/Corrections? " vincentastolfi 1 35075 Comment cache ignores custom query vars boonebgorges has-patch Comments normal normal defect (bug) assigned 2015-12-14T14:41:42Z 2020-03-06T01:08:10Z "It's currently very possible to add custom query vars to the get_comments function, for themes and plugins to extend. A problem occurs, however, if the function is being used and a custom query var is being used, but no standard ones are changing. This is because it caches the first query, and every subsequent query is then assumed to be the same since custom query vars are ignored. I first thought about just using the entire query_vars array for caching, but decided there's probably a reason this wasn't done. So instead I decided it would make the most sense to make a filter for the cache keys so a plugin/theme can add its own keys that should be considered for caching." jason_the_adams 26 35077 Post featured image: image attributes not updated on the fly Media 4.4 normal normal defect (bug) new 2015-12-14T15:31:40Z 2019-06-04T20:19:41Z "Noticed while investigating on #35076. When a post has a featured image, users can click the image to set a new featured image or edit the current one. When editing the current image attributes, changes are not reflected live in the UI after the image is inserted again. To reproduce: - edit a post with a featured image - click on the featured image - in the media dialog, update the current featured image alt attribute - click the button ""Set featured image"" - check the featured image in your console inspector: the alt attribute is not updated Looks like the AJAX action `wp_ajax_set_post_thumbnail` takes into account only the ""set"" and ""delete"" cases, there's nothing to handle an update. Additionally, when removing a featured image '''and''' there's some error and the response is `0`, `WPRemoveThumbnail` should trigger an alert with a message but `setPostThumbnailL10n` is undefined (the related `set-post-thumbnail` script is not enqueued at all, I'm guessing it was used in the old media uploader)." afercia 1 35082 get_adjacent_post() when using in term doesn't account for child terms Posts, Post Types normal normal enhancement new 2015-12-14T21:05:29Z 2019-06-04T20:53:35Z "When using any of the next or previous post functions with $in_term set to true only top level terms are accounted for. This means if two posts are in the same child term, and a third is not but is between the posts date range then the third will take precedence. Although I am sure it will be up for discussion, I believe child terms should take priority. Take the following posts for example: '''Post 1''' Date: 01/01/2015 Categories: Parent -> Child '''Post 2''' Date: 02/01/2015 Categories: Parent '''Post 3''' Date: 01/01/2015 Categories: Parent -> Child '''Expected Functionality (In my opinion):''' Post 1 get_adjacent_post(true) should return Post 3 '''Actual Functionality:''' Post 1 get_adjacent_post(true) returns Post 2, which does not match the child term. My attached patch simply removes parent terms from the query, where a child of it is set. This means that only the deepest selected terms will be used, where children and parent terms are set. I have also attached an export of my posts to highlight the issue more clearly, along with a patch to Twenty Fifteen purely to help represent the issue. This really is just an initial draft suggestion for the code, backwards compatibility is obviously extremely important however more discussion about this is needed. There is another issue related to this function involving dates . Sorry if this should be tagged as an enhancement rather than a bug." WazzaJB 7 35085 "Image editor not cropping correctly when image size is the same as ""Large Size"" in media settings" Media 4.4 normal normal defect (bug) new 2015-12-14T22:49:02Z 2019-06-04T20:19:52Z "This issue was reported as an issue for the plugin Imsanity here: https://wordpress.org/support/topic/imsanity-breaks-the-image-editor?replies=10 However, after research, it appears this behavior happens regardless of the plugin. A video demonstrating the error is at: https://www.youtube.com/watch?v=3a6UbuPrlmU&feature=youtu.be To reproduce: 1. Ensure media settings for ""Large Size"" are set to 1024px 2. Upload a landscape image with a width of exactly 1024px to the media library 3. Click the ""Edit"" button to edit the image, and use the crop tool to make an obvious change. The image will appear to have been cropped at this point 4. Click the ""Save"" button and now the image will no longer appear to be cropped The image now seems to be in an unknown state where the preview shows the un-cropped version, but in the editor the crop shows correctly. " verysimple 3 35092 Remove crop check in wp_prepare_attachment_for_js() for sizes joemcgill reporter-feedback Media 3.5 normal normal defect (bug) reviewing 2015-12-15T02:20:36Z 2019-06-04T20:20:01Z Currently only cropped images generated on the fly are displayed. This due to a {{{! $downsize[3] }}} check. This change was made in #22598 and with the patch supplied I deleted this check. then medium/large does show up. markoheijnen 1 35094 Replace static with Dynamic Image Sizes for inserted images Media normal normal Awaiting Review enhancement new 2015-12-15T02:27:38Z 2018-08-16T20:36:21Z "== Proposal == Change the behavior of the add image size selector from hard-coding `width` and `height` attributes to adding size-based classes to the `<img>` element to allow theme authors to define what Thumbnail, Small, Medium, and Large means. This creates Dynamic Image Sizes that change and adapt when a site owner switches from one theme to the next. === Practical Implementation === - Create new theme feature for dynamic-images - When an image size is selected (eg. ""medium""), the a class formatted as `size-[selected-size]`, (eg. `size-medium`) is added to the `<img>` tag. - Theme developers add CSS rules for `.size-thumbnail`, `.size-small`, `.size-medium`, and `.size-large`. These rules can define whatever parameters the theme developer desires, but must include either `width`, `max-width` or both. Theme developers are also free to use media queries to change this behavior depending on viewport width. - '''Ideal, optional:''' Remove the `width` and `height` attributes from `<img>` markup as they serve no practical purpose once RICG and class-based sizing is implemented. == Rationale == With Responsive Images in core, the modality of the image size selector no longer makes sense. The image size selector hard-codes pixel sizes to images added in posts and pages based on the physical width and height of the image file, but with the new srcset + sizes markup, these image sizes no longer have a real world rationale as the browser selects the image source dynamically. I propose a change in what happens when an image size (thumbnail, small, medium, large, original) is selected from a pre-defined pixel size to a dynamic size defined by the current active theme. This would allow theme designers and developers to add image sizes as part of their art direction and design, and displayed image sizes would change depending on the current active theme without the site owner having to make changes to individual images to make them fit. In simple terms, move from this: [[Image(http://mor10.com/wp-content/uploads/2015/06/Slide1-700x394.png)]] to this: [[Image(http://mor10.com/wp-content/uploads/2015/06/Slide2-700x394.png)]] == Backwards Compatibility == This has the potential of being a breaking change. The most obvious solution would be to make dynamic image sizes a `theme feature` along the lines of html5 comments and title-tag: {{{ add_theme_support( 'dynamic-images' ); }}} == Practical Application == This change would work within the existing framework of how WordPress adds images because the only practical change in the actual post/page is the addition of a new class in the `<img>` tag. To apply to existing posts and pages, the classes could be added by piggybacking off the dynamic rewriting of the `<img>` element done by Responsive Images. == Challenges == - Some authors physically resize images to fit a specific display. This in itself is a problem because it counteracts the responsive nature of the web, but it is a fact that must be considered. An implementation of Dynamic Image Sizes could cause some authors to be frustrated that their carefully sized images suddenly change display. This would likely only happen on old static-width sites as properly built themes with RWD would already override such forced sizing except for the full-width versions of images. - Currently an author can use click-and-drag behaviors to resize an image in the editor. This would be hard to replicate using the proposed CSS model, but is not impossible: One solution could be generating inline CSS for custom image sizes, and possibly adding a .size-custom class to the `<img>` tag. Another clearner option could be to remove the click-and-drag resizing option and instead provide percentage-based options. When discussing this it is important to note that such forced click-and-drag resizing goes against the natural behavior of images in a mobile-first RWD environments." mor10 9 35097 New filter: `edit_post_type_title` dev-feedback Posts, Post Types normal normal Awaiting Review enhancement new 2015-12-15T09:15:30Z 2017-02-05T13:53:13Z "Filter in edit.php to filter title. Why ? I filter this page by term and I want have title of current term edit.php?post_type=investor-day&funds-categories=title" sebastian.pisula 4 35099 Make the filter links (Mine, Status, Author, Taxonomy, etc.) links in the posts list table filterable has-patch Posts, Post Types normal normal Awaiting Review enhancement new 2015-12-15T10:41:36Z 2017-07-01T15:26:40Z "In ticket #35097 I wrote about filter edit page title. @SergeyBiryukov found a solution. But I want filter url in ""All, Published, Trash"" and others. I want add taxonomy info and see show posts from taxonomy in trash. {{{#!php add_filter('edit_link', 'wp_edit_link_filter'); function wp_edit_link_filter($url){ return add_query_arg(array('taonomy'=>'slug'), $url); } }}}" sebastian.pisula 1 35109 Add Online DDL support to dbDelta needs-unit-tests Database normal normal enhancement new 2015-12-15T22:24:20Z 2019-06-04T19:33:19Z "Since MySQL 5.1, a bunch of table level operations can be done in an asynchronous manner. We can add support for this by adding `ALGORITHM=INPLACE` to the `ALTER TABLE` query, but the fun part is that this algorithm isn't supported for all types of operations. So, we have a couple of options: * Keep an array of what operations can be done online in each MySQL and MariaDB version, which will need to be updated for each new version of MySQL. * Try all `ALTER` queries with the algorithm flag, then catch any SQL errors and fall back to the old style if needed. This will need careful testing with old versions of MySQL, particularly. https://dev.mysql.com/doc/refman/5.7/en/innodb-create-index-overview.html" pento 3 35124 Add get_user() function that maps to get_user_by() joedolson* has-patch Users normal normal 6.6 enhancement accepted 2015-12-16T19:20:22Z 2024-02-13T04:37:21Z "{{{#!php <?php /** * Retrieve user info by user ID. * * @since 4.5 * * @param int $user_id User ID * * @return WP_User|false WP_User object on success, false on failure. */ function get_user( $user_id ) { return get_user_by( 'id', $user_id ); } }}} Works like get_userdata but meets the standards of get_{object_type} we've put forth in get_post( $id ) / get_term( $id ) / get_comment( $id ) to make it easier for new developers coming into WordPress. I imagine at some point we could deprecate get_userdata calls, but not sure that should be done in the same release this is introduced." sc0ttkclark 8 35127 Allow wp_nav_menu() function to add container attributes, including Schema.org structured data Menus 4.4 normal normal Awaiting Review enhancement new 2015-12-17T00:06:34Z 2017-03-07T15:29:38Z "I'd like to propose an enhancement that would improve the flexibility of the `wp_nav_menu()` function to allow additional attributes to be added to the `<nav>` container of menus. The main purpose of this proposal is to enable the ability to add schema.org structured data attributes to the menu, but this could be extended to other purposes as well given its flexibility. Currently, `wp_nav_menu()` offers 3 container-related arguments: `$container`, `$container_id`, and `$container_class`. Using these arguments, we can create container elements such as {{{ <nav id=""main-menu"" class=""my-menu""> }}} However, it is not possible to create elements with Structured Data such as the [https://schema.org/SiteNavigationElement SiteNavigationElement] as [https://developers.google.com/structured-data/schema-org recommended by Google], which would look like this {{{ <nav id=""main-menu"" class=""my-menu"" role=""navigation"" itemscope=""itemscope"" itemtype=""http://schema.org/SiteNavigationElement""> }}} Adding the `role`, `itemscope`, and `itemtype` attributes is currently impossible with `wp_nav_menu()` (without resorting to error-prone string replacement), so theme authors and end users need to resort to hard-coding the menu wrapper in order to add such attributes. My proposal is to add a new `container_atts` argument to `wp_nav_menu()`, which will allow arbitrary attributes to be added to the container when the `$container` argument is defined. The changes required are very minimal and only apply to the `wp_nav_menu()` function in `wp-includes/nav-menu-template.php` 1. First, we just need to register `container_atts` as a valid argument in line 257 by adding it to the `$defaults` array {{{ $defaults = array( 'menu' => '', 'container' => 'div', 'container_class' => '', 'container_id' => '', 'menu_class' => 'menu', 'menu_id' => '', 'echo' => true, 'fallback_cb' => 'wp_page_menu', 'before' => '', 'after' => '', 'link_before' => '', 'link_after' => '', 'items_wrap' => '<ul id=""%1$s"" class=""%2$s"">%3$s</ul>', 'depth' => 0, 'walker' => '', 'theme_location' => '' , 'container_atts' => array() ); }}} 2. Next, we process and concatenate the attributes and add them to the container via the `$nav_menu` string on line 355 {{{ $atts = ''; //initialize string to concatenate attributes foreach( $args->container_atts as $att => $att_val ){ //iterate over each attribute $atts.= ' '.$att; //add attribute name, spaced out //Add attribute value, if it exists. This logic allows for attributes without values if( ! empty( $att_val ) ) $atts.= '=""'.esc_attr( $att_val ).'""'; } $nav_menu .= '<'. $args->container . $id . $class . $atts . '>'; //add the string of attributes to the nav/div container }}} That's all the code that would be required to enable this capability. This then allows for function calls such as this: {{{#!php <?php wp_nav_menu( array( 'theme_location' => 'primary', 'container' => 'nav', 'container_class' => 'my-menu', 'container_atts' => array( 'role' => 'navigation', 'itemscope' => 'itemscope', 'itemtype' => 'http://schema.org/SiteNavigationElement', ) )); }}} Which would produce this output for the container element: {{{ <nav class=""my-menu"" role=""navigation"" itemscope=""itemscope"" itemtype=""http://schema.org/SiteNavigationElement""> }}} (The other thing I might consider is calling `unset()` on the `id` and `class` keys in the `$container_atts` array, to prevent users from adding those attributes, since there are already dedicated arguments for them. But that is likely adding more restriction than necessary.) I think this would be a really simple change, and add a lot of flexibility to the `wp_nav_menu()` function. Beyond just adding valuable attributes like structured data, adding data-attributes could be useful for javascript-driven applications, and I'm sure there are plenty of other possibilities I haven't thought of. Thanks for your consideration!" sevenspark 2 35130 .wp-full-overlay-main prevents touch scrolling in theme preview iframe in iOS Safari obenland* has-patch Themes 4.4 normal normal Future Release defect (bug) accepted 2015-12-17T07:00:53Z 2017-01-02T10:23:31Z "This appears related to https://core.trac.wordpress.org/ticket/20805 closed 4 years ago. In iOS 9 (latest) on an iPhone 6+ in Safari (latest) the theme previewer within the theme installer doesn't allow touch scrolling within the iframe. This bug persists in Xcode Simulator and on iPad 2 and iPhone 6s running latest iOS and Safari. This issue does not appear in the installed theme previewer, as far as I can tell. '''Fix:''' Within theme-install.php, on line 279, when I apply styles `-webkit-overflow-scrolling: touch;overflow-y: scroll;` to .wp-full-overlay-main it resolves the issue." anthonydpaul 2 35131 Unexpected 404: pending post hides published post with matching slug Query 4.3.1 normal normal defect (bug) new 2015-12-17T08:55:51Z 2019-06-04T20:53:40Z "While attempting to recreate #35012 and #35031 I also noted the anomaly previously reported in #22902 where an authorized user could see all the posts displayed as if they were a single page. Investigating this led me to determining that the existence of a new ""pending"" post with the same slug as an existing post prevents the user from visiting the existing post using its permalink. Example: post: 31766, status: pending, title: Cycle 1, slug: cycle-1 date: 2015-12-16 11:18:26 Content: You might be able to see this if you're logged in. post: 31764, status: publish, title: Cycle 1, slug: cycle-1 date: 2015-12-16 11:17:17 Content: You should be able to see this. Steps: 1. Create posts as above 2. Log out or otherwise visit the site as a visitor 3. View the blog page or the archive 4. Note that you see the published post, not the pending post 5. Click on the published post's permalink 6. You'll get a 404. === Expected result === Displays the published post. === Actual result === Displays a 404 page. === Explanation === - The query in WP_query returns two posts: 31766:pending and 31764:publish. - Even though there are two posts in the result set, `is_single` is true. - The logic to ""Check post status to determine if post should be displayed."" kicks in and the post array is emptied. - This eventually leads to the 404. === My Conclusion === There are two problems leading to this one 1. The pending post should not have been given the same slug as the published post. 2. `is_single` should not have been set to true. === Proposed solution === If it's not possible to deal with the underlying cause then the logic in the ""Check post status..."" should be adjusted to filter out the posts that the user shouldn't have been able to see. If the resulting set contains more than one post then is_single should become false. I noticed this on 4.4 but have reproduced it on 4.3. I imagine the actual bug goes back a long long way. " bobbingwide 3 35132 UX improvements when creating/editing menus Menus 4.4 normal normal enhancement new 2015-12-17T10:32:28Z 2019-06-04T20:20:10Z "Using the menus component (accessible via Appearance -> Menus) is currently a bit of a pain! A few improvements would go a long way to making this feature more pleasant to use: 1. When editing a menu, the '''Pages/Posts/Custom Links/Categories''' panel on the left hand side does not show which pages have already been added to the menu; all items are unchecked, even if they've already been added to the menu. This makes it very hard to discover any new pages which need adding and also makes it easy to accidentally add duplicate pages. 2. There is currently no means to bulk edit existing menu items - two functions which would be very useful here are the deletion of all existing items and the alphabetical sorting of all existing items. 3. It should be possible to select all children of an existing parent page. For example, if creating a sub menu that lists 20 children of a parent page, we have to click on each child separately. If a new page is added a week later, then items 1 and 2 above become problematic - we need to either carefully check for the new page in the list on the left, cross referencing that list with the existing pages, or we have to delete everything in the menu and add each individual item again from scratch, which despite being quite lengthy is actually the quickest, least error-prone option here. Hope this helps!" chris_dac 1 35133 Make the admin menu more flexible in width Administration 4.4 normal normal enhancement new 2015-12-17T14:06:31Z 2019-06-04T19:33:21Z "Two years ago the admin menu was increased by width by 10 pixels, #25918. More and more strings gets translated, which causes the menu to be too small: [[Image(https://dl.dropboxusercontent.com/u/23348/WP/Schermafbeelding%202015-12-17%20om%2014.33.42.png)]] I would suggest to make the menu variable in width, so it can take the space needed for translated menu items." ChantalC 3 35144 Sorting Greek characters Charset 4.4 normal normal defect (bug) new 2015-12-17T21:52:15Z 2019-06-04T19:33:24Z There's an abnormal behaviour in alphabetically sorted lists containing terms in Greek. The expected order would be Latin characters on top, then Greek; two consecutive lists. However, the Greek list is actually further split into two other lists, one with terms starting with an upper case character and the other with terms starting with lower case. So it's Latin Aa-Zz, then Greek Α-Ω, then Greek α-ω. A real-world example is a tag cloud. See this for example: [http://www.tastefull.gr/tagcloud] beerallica 1 35154 The admin_url filter might break ajaxurl usage reporter-feedback General normal normal defect (bug) new 2015-12-18T12:46:04Z 2019-06-04T19:54:22Z "`ajaxurl` is a javascript global generated basically as {{{ var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative' ); ?>'; }}} `admin_url()` results get filtered by `admin_url`, which might add query arguments into `ajaxurl`, or at least modify it on a substantial way. We have several instances where we assume that `ajaxurl` will be an URL without query arguments, like this one: {{{ // wp-admin\js\tags-box.js 179 ajaxurl + '?action=ajax-tag-search&tax=' + tax, }}} That assumption might be completely wrong. I am attaching a list of places where we define `ajax_url` and a list of places where we assume it is a clean, query-arguments-free URL. Note that those lists might not be complete, although I greped against WordPress trunk. As a solution idea, we might want to create a javascript version of `add_query_arg()` and use it extensively." jadpm 2 35158 Titles Change over to Admin User Name Editor 4.4 normal normal defect (bug) reopened 2015-12-18T18:14:27Z 2019-06-04T19:33:28Z "When I open the page and post editor, the contents of the title field changes over from the name of the page or post to the admin user name. The change takes about 2 - 3 seconds. I can watch it before my eyes. I turned off all plugins, and changed over to the Twenty Sixteen theme and the problem persisted. The problem occurred after updating to Version 4.4. When I look in the WP Admin at the Post or Page table, the titles of my entries appear fine. When I open each post or page in `Quick Edit` mode, I observe the post and page titles correctly. The problem only occurs in the editor. The result is that when view the page or post, the Admin User name appears in place of the post or page title. I'm developing locally using Desktop Server 3.8 on top of XAMPP. App runs on Mac OS X 10.9.5 (Mavericks). " yogaman5020 6 35164 Singular body class and main post post class Themes normal normal enhancement reviewing 2015-12-19T11:53:29Z 2019-06-04T21:18:36Z "I think it would be pretty useful to be able to style all singular posts with one selector. I thought it might be a good idea to output "".singular"" using the `body_class()` function. This would allow people to target all singular pages. In addition, detecting the main post on the page would be useful if someone had some related posts on a singular page. So the class "".main-post"" could by added using the `post_class()` function. I'm using this method via hooks in a theme so I can say: `.singular .main-post {}` which allows me to style posts and pages with one selector and give a default look to all custom post types. " danielpataki 11 35177 Introduce a separate function for the login form action URL has-patch Login and Registration 4.4 normal normal Future Release enhancement new 2015-12-21T03:34:52Z 2023-09-18T20:44:31Z "See #34925, #35103. I have always understood `wp_login_url()` to mean ""The url which one can visit to use a login form"" but not necessarily the url to which the form data is posted. Previous to 4.4.0 the login form generated by `wp_login_form()` had the action hard coded to `wp-login.php`. This made it easy (and not uncommon) for users to have `wp_login_url()` filtered to point to a custom page. It was also easy for these users to have a shortcode put a login form on that page which draws from `wp_login_form()`. They didn't need to worry about making their page handle the posted data since the form was hard-coded to post the form submission to `wp-login.php`. The patch proposed in #34925 fixes the problem outlined there, but doesn't fix the bug described here. The desired action is that the function `wp_login_url` should not be used to get the url to which the form should be submitted. We need another way of determining the url to post the data to. I've written a function, `wp_login_handler_url()` which solves the problem here and the problem from the other ticket. Now we can use `wp_login_url()` and `wp_login_handler_url()` separately. By default, they are going to both be pointing at `wp-login.php`, but users can now filter `login_url` while still allowing the login form post data to be sent to `wp-login.php`. If we commit this patch, we could (and should) search through core files for use of `site_url('wp-login.php')` and instead use either `wp_login_handler_url` or `login_url` depending on the circumstance of use. The spirit of the original change was good. We shouldn't have hard-coded references to wp-login.php, we should have a function and one place that can be filtered. And attempting to use the existing function, `wp_login_url()` to get that url was a good idea, but its obvious that two separate but similar functions are needed here." khag7 1 35179 playlist shortcode needs an option to not loop Shortcodes 4.3 normal normal enhancement new 2015-12-21T08:42:40Z 2019-06-04T21:18:45Z "It would be great if we could have a loop=""no"" attribute for the playlist shortcode. The audio and video shortcodes support this, but for [playlist] the behavior is hardcoded into the javascript." john k c 35182 Site icon URLs don't respect SSL in admin dev-feedback Administration 4.4 normal normal defect (bug) new 2015-12-21T12:14:56Z 2019-06-04T19:33:29Z "It appears that the following check in `wp_get_attachment_url()`: {{{#!php if ( is_ssl() && ! is_admin() && 'wp-login.php' !== $GLOBALS['pagenow'] ) { $url = set_url_scheme( $url ); } }}} prevents `get_site_icon_url()` from using SSL for serving the icon links in the head, which results in non-HTTPS icon URLs on all admin pages: [[Image(http://kaspars.net/wp-content/uploads/2015/12/site-icon-url-https.png)]] " kasparsd 5 35186 "Put the Customizer ""back"" button next to the ""Close"" button" Customize 4.4 normal normal Future Release enhancement new 2015-12-21T15:44:55Z 2020-11-22T16:27:21Z "Seems like a pretty small thing. The ""Back"" button that takes you to the top of the Customizer menu scrolls out of view but the ""Close"" button does not. If we put the Back button next to the Close button, it would be slightly less confusing." DragonFlyEye 45 35201 Mobile email validation Formatting 4.4 normal normal Awaiting Review enhancement new 2015-12-22T17:08:27Z 2017-02-06T09:14:45Z "While testing form submission through Samsung Android devices (Galaxy S6 Edge and Galaxy Note 5), we noticed that when user selects their email from the field history dropdown, it appends a space at the end of the email address. This invalidates the email when using the is_email validation function in wp-includes/formatting.php. A fix I am currently using is simply adding a trim function to the email address in the first line of the function... $email = trim($email); This resolves the Samsung bug and passes the email validation. I hope this helps. " njbebop 3 35204 Refresh HiDPI support Administration normal normal Awaiting Review defect (bug) new 2015-12-22T19:38:43Z 2023-03-14T19:20:01Z "As a continuation of #22238... In newer versions of Chrome, loading the admin bar CSS provides these console warnings: > Consider using 'dppx' units, as in CSS 'dpi' means dots-per-CSS-inch, not dots-per-physical-inch, so does not correspond to the actual 'dpi' of a screen. In media query expression: print, not all, (-webkit-min-device-pixel-ratio: 1.25), (min-resolution: 120dpi) Consider using 'dppx' units, as in CSS 'dpi' means dots-per-CSS-inch, not dots-per-physical-inch, so does not correspond to the actual 'dpi' of a screen. In media query expression: print, not all, (-webkit-min-device-pixel-ratio: 1.25), (min-resolution: 120dpi) This was enabled first in ​[22629]. Matt Micklick (@iammattthomas) researched and suggests we update as follows. This is what our HiDPI media query looks like: {{{ @media print, (-o-min-device-pixel-ratio:5/4), (-webkit-min-device-pixel-ratio: 1.25), (min-resolution: 120dpi) { /* Styles go here */ } }}} We specify min-resolution in dpi because of browser support. While Firefox, Chrome, and Opera support min-resolution and the dppx unit, Internet Explorer and Safari do not. Specifically, the most current version of IE supports min-resolution declared in dpi but not dppx. The most recent version of Safari only recognizes -webkit-min-device-pixel-ratio. In order to avoid notices in the Chrome console, we can add an additional declaration of min-resolution in dppx. We'll add it last, so that browsers that support it will use it. As a bonus, we can remove the Opera-specific selector. Since Opera has used Blink as its layout engine for over a year there's no need to continue including it. Opera's CSS support now mirrors Chrome's. Finally we'll move the Webkit-specific selector last in the set, as we do with other browser-specific declarations in CSS. So the new syntax would look like this: {{{ @media print, (min-resolution: 120dpi), (min-resolution: 1.25dppx), (-webkit-min-device-pixel-ratio: 1.25) { /* Styles go here */ } }}} " lancewillett 4 35205 Add additional hooks to the 'attachment-info' template to customise output Administration 4.4.2 normal normal feature request new 2015-12-22T23:05:31Z 2019-06-04T19:33:34Z "Hey guys, I've been working on several sites for clients and one thing that keeps coming up is the need to customise the 'attachment info' screen when viewing media items in the fancy media modal. [[Image(http://drive.google.com/uc?export=view&id=0BxFkQxv15MkfUWJNUnBMb3gxa00)]] You can see that the screen shows the attachment info at the top, followed additional info below (for example the file name, file type, uploaded date at the top followed by editable fields below such as title, caption etc) All of this is defined in `/wp-includes/media-template.php` and pretty much hard coded, looking for the upload type and then displaying fields. There is already an [https://codex.wordpress.org/Plugin_API/Filter_Reference/attachment_fields_to_edit 'attachment_fields_to_edit'] action but what that does is allow you at add fields to the ''bottom of the existing fields'' as such. [[Image(http://drive.google.com/uc?export=view&id=0BxFkQxv15MkfSUVhby1pQm9Mc3M)]] I would propose a few new hooks be created inside `media-template.php` starting from line 338. This is the start of the `attachment-info` panel and it's here a few actions would be helpful. For example a client wanted to see all of their different image sizes in the attachment screen so they could easily copy them. Currently this can only be done by editing core directly (which is a terrible idea). [[Image(http://drive.google.com/uc?id=0BxFkQxv15Mkfd2dwdXRkMm93SHM)]] Since the media modal is built dynamically with Ajax if we add hooks here developers will be able to access the media object (which contains the URL, title, id and other info). So the flexibility will be really neat. I'm more than happy to look into this but I'd be really keep to get feedback from you guys just in case I am missing something critical (because I don't know why there is a lack of hooks here for development) I'm thinking of adding just basic hooks like ```do_action('media-attachment-info-start')``` Cheers " simonrcodrington 2 35209 Permalinks of published pages get changed when creating new pages as a draft dev-feedback Permalinks 4.4 normal normal defect (bug) new 2015-12-23T13:14:39Z 2019-06-04T20:53:45Z "While looking over ticket #35197 I found some other strange behavior where a permalink of a published page will be overwritten by a newly created draft page. Here are the steps to reproduce it (''4.4''/''trunk''): '''Step 1''' Add a new page with the title ''""Test 1""''. When switching to the editor, a permalink is generated: ''http://your-site.com/test-1/'' '''Step 2''' Click the ''Edit'' button next to the generated permalink, change the permalink from ''""test-1""'' to ''""test""'', click ''OK'' and click the ''Publish'' button to publish the newly created page. '''Step 3''' Add a new page with the title ''""Test 2""''. When switching to the editor, a permalink is generated: ''http://your-site.com/test-2/'' '''Step 4''' Click the ''Edit'' button next to the generated permalink, change the permalink from ''""test-2""'' to ''""test""'' and click ''OK''. The permalink gets changed back to ''test-2'' correctly because the already published ''Test 1'' page is using ''test'' as a permalink. '''Step 5''' Click the ''Save Draft'' button to save the ''Test 2'' page as a draft. Do '''NOT''' publish it! '''Step 6''' Switch to the ''""All pages""'' area and open the ''Test 1'' edit page. '''Step 7''' SURPRISE! The permalink of the already published page ''Test 1'' changed from ''""test""'' to ''""test-2""''. Curiously when you hover the permalink it still uses the correct ''""test""'' permalink. [[Image(http://fs5.directupload.net/images/151223/r6gqvcph.png)]] '''Step 8''' Okay, now lets change something at the site. Add some text for example and click the ''Update'' button. After ''Step 8'' the permalink of the ''Test 1'' page gets changed to ''""test-2""'' while the ''Test 2'' page is using the ''""test""'' permalink now. There should be a patch for this because permalinks of already published pages can easily get changed when you are not aware of this problem. The main issue is that in this case all incoming links from third-party websites will not link to the correct page anymore." Asgaros 2 35214 Custom Comment Types Comments normal normal Future Release task (blessed) assigned 2015-12-24T00:28:11Z 2021-07-13T16:02:18Z "It's time to take another look at Custom Comment Types. We have a nice stable example in post types, but there's a '''lot''' to do here, so we'll use this as a centralized tracking ticket for everything. As such, I'm sure the description here will be fluid for a while as we figure out how much there is to do. Here's a rough list of things that need to be looked at and addressed: * UI/UX - In order for custom comment types to be really useful, we need to put some serious thought into the UI/UX surrounding comments in the admin. * The `comment_type` field needs to start using `'comment'` instead of `''` for comments. This will mean an upgrade routine as well as some back-compat work. * We need to decide what to do about non-default comment types in various admin areas (comments table, recent comments, etc). The thing that makes most sense is for `WP_Comment_Query` to be adjusted to only show default comment types (comments, pingbacks, and trackbacks) by default. Additional comment types would then be handled by whatever plugin or theme adds them. Unfortunately, this is a breaking change (comment:58:ticket:12668) because right now those areas show all comment types. Maybe we can create new management areas to be able to pull these out of the default one? Lets put our heads together. * A lot of existing functions, like `comment_type()`, will need to be fixed to make room for newly registered comment types and their registered strings. Previous tickets for history: #25674 #12668 " aaroncampbell 40 35216 Return empty string from wp.shortcode.replace() callback is ignored has-patch Shortcodes 3.5 normal normal Awaiting Review defect (bug) new 2015-12-24T11:58:32Z 2018-06-27T04:46:19Z "I was trying to just remove a shortcode by returning empty string from `wp.shortcode.replace()` callback. **For example** {{{ var text = ""This is some content with shortcode. [foo]some content[/foo] text = wp.shortcode.replace('foo', text, function(tag){ // attributes and content values are broken. return ''; }); }}} The callback function simply get ignored. No replacement happened for the shortcode. If I return anything other then empty string for example `' '` (string with space) it does replace the shortcode. I am not sure if this behavior was intended or not. " prionkor 6 35248 "WordPress should remove domain trailing dot (as/like it removes ""www."")" Canonical 4.4 normal normal Awaiting Review enhancement reopened 2015-12-29T00:35:21Z 2020-01-31T16:22:59Z "I think, WordPress should redirect from address with trailing dot of domain to version without the dot, like it redirects from address with ""www."". I have read about which version is correct and seems version without dot is allowed according to RFCs, and it is very widely used, and even almost nobody know that trailing dot can be used. ( https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol ""The first definition of HTTP/1.1, the version of HTTP in common use, occurred in RFC 2068 in 1997, although this was obsoleted by RFC 2616 in 1999"" -> https://tools.ietf.org/html/rfc2616#section-14.23 ""The Host field value MUST represent the naming authority of the origin server or gateway given by the original URL."" -> https://tools.ietf.org/html/rfc2616#section-3.2.1 ""For definitive information on URL syntax and semantics, see ""Uniform Resource Identifiers (URI): Generic Syntax and Semantics,"" RFC 2396 ..."" -> http://tools.ietf.org/html/rfc2396#section-3.2.2 ""The rightmost domain label of a fully qualified domain name will never start with a digit, thus syntactically distinguishing domain names from IPv4 addresses, and may be followed by a single ""."" if it is necessary to distinguish between the complete domain name and any local domain."" )" qdinar 11 35250 "Enable developer to omit ""internal"" taxonomies from return value of get_taxonomies()" needs-docs Taxonomy normal normal Awaiting Review enhancement new 2015-12-29T04:44:13Z 2019-05-10T16:06:49Z "I frequently use one or two taxonomies in a project that users should never see, but plugins that use the `get_taxonomies()` function are able to display my internal taxonomies to users. ` get_taxonomies()` does not filter for `show_in_nav_menu` or `show_in_nav_menu` _(and probably should not.)_ so I can't correct this proactively. Thus I would like to be able to filter out my internal taxonomies so they will be invisible to plugins and themes. I am uploading a patch that adds a `'get_taxonomies'` filter for this. Another option would be to introduce a `'internal'` property at taxonomy registration and then filter for that being `false` in `get_taxonomies()` and probably elsewhere, or introduce the idea of underscore prefixed taxonomies being hidden. Any of those would work for me. Thanks in advance for considering. " MikeSchinkel 5 35256 $wpdb->insert_id equals 0 Database 4.2.4 normal normal defect (bug) reopened 2015-12-29T19:54:39Z 2019-06-04T19:33:42Z "Hi, reading this https://make.wordpress.org/core/2015/04/02/the-utf8mb4-upgrade/ Ok then cool. But I've had this weird bug with the table posts : collation utf8_mb4 was not set properly for this table (I do not really know why). As a result everytime `$wpdb->insert_id` was used it just inserted posts with ID `0` ! For example, each upload just failed and because an AJAX grid layout is used in admin (media library page) it just failed to load anything ! Took me some time to realize this was related to a database issue and not my php code that uses `wp_insert_post()`. My question is : would it be safer to prevent WordPress from inserting posts with ID `0` in any case ? I'm refering to this line https://core.trac.wordpress.org/browser/tags/4.4/src/wp-includes/post.php#L2926 " jmlapam 35274 Break-out conditional in allow_subdomain_install() has-patch Networks and Sites normal normal enhancement new 2015-12-31T18:04:22Z 2019-06-04T20:53:50Z "Attached patch expands the conditional within `allow_subdomain_install()`with better inline documentation, replaces the IP address regex with `filter_var( $var, FILTER_VALIDATE_IP )` ([[http://us3.php.net/manual/en/function.filter-var.php supported in PHP 5.2.0+]), and adds unit tests. This came about while working on a refresh for #22330, trying to add missing unit tests along the way, and includes one of the regex changes from @nacin's patch." stevegrunwell 2 35280 Should feed_links_extra run when current theme doesn't support automatic-feed-links ? Themes 4.4 normal normal defect (bug) new 2016-01-01T19:31:10Z 2019-06-20T09:43:05Z `feed_links()` will return early if the current theme doesn't support `automatic-feed-links`, shouldn't `feed_links_extra()` do the same? tiqbiz 35292 Terms: get_terms by name mismatches emoji Taxonomy 4.2 normal normal defect (bug) new 2016-01-03T06:41:42Z 2019-06-04T21:19:00Z "When assigning emoji-named terms to a post, it appears the post processing will match some emoji characters incorrectly. So far, it appears it occurs within get_terms. Steps to duplicate: Write a post and attempt to add two flag emoji (e.g. Mexico and Germany) as individual tags. Expected: Both terms are assigned. Actual: Only one. Another method: Create two tags of just the two flags, then assign the second one created. The first one created will be assigned instead. It doesn't happen for all emoji, but I didn't isolate if it by plane, etc." kraftbj 2 35308 get_the_excerpt: For protected posts the output should be able to be filtered has-patch Posts, Post Types normal normal enhancement new 2016-01-04T20:47:24Z 2020-07-03T21:11:05Z "If I want to show an excerpt of a protected post, then I have to search the output of get_the_excerpt for a string like ""There is no excerpt because this is a protected post."" and replace this string by the actual excerpt. In a multilanguage environment this creates a source of possible errors. I would like to see that the filter ""get_the_excerpt"" is also applied to the ""There is no excerpt ..."" message. Code in the function get_the_excerpt could look like this: {{{#!php <?php function get_the_excerpt( $deprecated = '' ) { if ( !empty( $deprecated ) ) _deprecated_argument( __FUNCTION__, '2.3' ); $post = get_post(); if ( empty( $post ) ) { return ''; } $excerpt = ''; // emanaku new if ( post_password_required() ) { // return __( 'There is no excerpt because this is a protected post.' ); // emanaku replace with next line $excerpt = __( 'There is no excerpt because this is a protected post.' ); // emanaku new } else { $excerpt = $post->post_excerpt; }; // emanaku new /** * Filter the retrieved post excerpt. * * @since 1.2.0 * * @param string $post_excerpt The post excerpt. */ // return apply_filters( 'get_the_excerpt', $post->post_excerpt ); // emanaku replace with next line return apply_filters( 'get_the_excerpt', $excerpt ); // emanaku changed } }}} With this change a filter asking for protected content can hook into get_the_excerpt and can deliver any kind of excerpt (the real excerpt, a customized protected text, a form to give the password etc.) " emanaku 5 35310 """Add Media"" dropzone shouldn't take up the entire modal window" dev-feedback Upload 4.0 normal normal Awaiting Review defect (bug) new 2016-01-04T21:41:44Z 2019-05-15T21:20:58Z "As @ocean90 mentioned in #28851, > the whole `[""Add Media"" modal window]` is a dropzone for the uploader. For example, if you drag and drop an item over the left, gray column where the ""Create Gallery"", ""Create Audio Playlist"" and ""Featured Image"" links are, the ""Add Media"" window will show that the dropzone covers this area as well. Since I'm attempting to write a plugin to add an extra plupload drag-and-drop instance in the existing ""Add Media"" modal window, my custom dropzone will not take effect because WP's dropzone has precedence. Would it be possible to limit WP's uploader dropzone to the ""Insert Media > Upload Files"" tab only?" r-a-y 1 35315 New action `manage_posts_before_extra_area` reporter-feedback Posts, Post Types normal normal enhancement new 2016-01-05T07:47:13Z 2019-06-04T20:54:00Z I think that should be action before table of posts in edit.php. Why ? Because I want add settings for post type in this section or custom form. sebastian.pisula 3 35318 Automate anti-virus scanning of WordPress zips Build/Test Tools normal normal Awaiting Review enhancement new 2016-01-05T16:36:15Z 2022-01-29T10:48:46Z "In WordPress 4.4, some files were marked as malware by antivirus vendors. This sucks for users. I think we should automate scanning of WordPress packages so that we can alert antivirus vendors as soon as possible that they are miss flagging WordPress files. one api that could work is https://www.virustotal.com/en/documentation/public-api/ , but we should investigate that and other possible options. " jorbin 3 35326 New taxonomy template dev-feedback Taxonomy normal normal Future Release enhancement new 2016-01-06T10:29:26Z 2017-02-05T14:21:10Z "I sugest neww taxonomy template: taxonomy-{$term->term_id}.php. taxonomy-$taxonomy-{$term->slug}.php is bad because if I change slug then I must remember about change filename. In my website this isn't problem but if client change name on website then will be problem." sebastian.pisula 6 35330 Categories Format & Search Bug Menus 4.4 normal normal defect (bug) new 2016-01-06T16:27:32Z 2019-06-04T20:20:20Z "Hello, I have been advised by WooCommerce to submit this to Wordpress as they deduced it was a Core problem and not related to WooCommerce. I have been able to re-produce this 3x, Once on SiteGround, another on Hostgator and also locally. This is on Wordpress 4.4. Issue #1: After adding categories if I go to Appearance > Menu and search for a category no results are returned. Furthermore, if I was to go to second page of categories and then try and search for something then only placeholder text is written. Issue #2: The problem occurred when I tried adding a lot of nested categories onto my WooCommerce categories. The format which I had was 9x Parent Categories, 5x Second Level Categories and under one of the Second Level Category are 11x Third Level Categories. If you were to view the categories via Appearance > Menu then the format is all broken. The WooCommerce support mentions as soon as pagination is involved then the format breaks. He also said ""It looks like the way WordPress is handling the Taxonomy is incorrect"". Please confirm if you can reproduce or need further details. Many Thanks, Jawad" jawad96 4 35331 Update external Prototype library to 1.7.3 has-patch Script Loader normal normal enhancement new 2016-01-06T16:36:45Z 2019-06-04T21:19:05Z "Mostly bug fixes for newer versions of IE, including a very annoying ""This page uses Java"" popup. [https://github.com/sstephenson/prototype/compare/1.7.1...1.7.3] http://prototypejs.org/2014/04/18/prototype-1-7-2/ http://prototypejs.org/2015/09/24/prototype-1-7-3/ I could only see it breaking things if people (like me) have added work arounds for the old version?" mikemanger 35339 Settings > Reading > Front Page Displays > Front Page and Posts Page Select Length of Text Administration 4.4 normal normal defect (bug) new 2016-01-07T00:59:05Z 2019-06-04T19:33:48Z "When choosing the Front Page and Posts Page within Reading Settings, if you have really long post or page titles, these are not truncated, leading to a pretty bad looking Settings page. Screenshot: [[Image(http://slimbobwp.com/wp-content/uploads/2016/01/reading-settings-select-text-length.png)]] This is further implicated if moving a column based admin as is discussed as having potential here: #16413 Expected output would be a limitation on the number of characters, what that limit should be is open for debate." robertwhitis 5 35375 function wp_guess_url not compatible with symlinks Upgrade/Install 4.3 normal normal defect (bug) new 2016-01-08T19:01:07Z 2019-07-27T01:21:35Z "If your web root is a symlink to another directory in the server, common for continuous delivery environments, wp_guess_url will try to find {{{#!php $script_filename_dir = dirname( $_SERVER['SCRIPT_FILENAME'] ); }}} inside of {{{#!php $abspath_fix = str_replace( '\\', '/', ABSPATH ); }}} in line 3837 of wp-includes/functions.php : {{{#!php } elseif ( false !== strpos( $abspath_fix, $script_filename_dir ) ) { }}} Since `$_SERVER['SCRIPT_FILENAME']` will resolve a symlink these 2 will be completely different and the elseif will be skipped, so `$path = $_SERVER['REQUEST_URI'];` Is this a problem? Only if you have WordPress installed as a dependency with Composer. See https://github.com/johnpbloch/wordpress -- so maybe I shouold report the bug to his repo instead... Not sure! Possible fix: I tried wrapping dirname() in readlink() but won't work when the path is not a symlink. Maybe a conditional check?" jorgeorpinel 1 35379 update_network_option changes stored option value if sanitize_option detects error jeremyfelt has-patch Options, Meta APIs 3.0 normal normal Future Release defect (bug) assigned 2016-01-08T23:48:50Z 2017-09-05T16:57:14Z "If you make a call like {{{ update_network_option( null, ""admin_email"", ""this.is.not.an.email.address"" ); }}} then the value of the `admin_email` ''network'' option will be changed to the value of the `admin_email` ''site'' option in the database. Expected behaviour would be that the option value in the database is not changed. The reason is that `update_network_option` calls {{{ sanitize_option( ""admin_email"", ""this.is.not.an.email.address"" ); }}} and writes its return value to the database. However, `sanitize_option` will return the value of `get_option( ""admin_email"" )`, instead of `get_network_option( null, ""admin_email"" )`. See [https://core.trac.wordpress.org/browser/tags/4.4/src/wp-includes/formatting.php#L3863 lines 3863ff. in formatting.php]." thomaswm 28 35384 Archive for post in Menu Editor needs-unit-tests Menus normal normal enhancement new 2016-01-09T09:50:03Z 2019-06-04T20:20:36Z In menu edit in posts meta box I suggest add Archive for Posts sebastian.pisula 5 35385 Able to get raw content by calling get_the_archive_description has-patch Taxonomy normal normal enhancement new 2016-01-09T12:07:00Z 2020-06-07T08:45:06Z "Calling the '''get_the_archive_description''' the content will be passed to some filters by the '''sanitize_term_field''' function, one of them is wpautop. To add some class to the p tag the only way is to perform a preg_replace but that can create issue with other callbacks hooked into 'get_the_archive_description'. Would be great to have a param like $context as the '''get_term_field''' has to able to pass '''raw''' and retrieve only the text. " wido 4 35390 image_constrain_size_for_editor() should not affect images generated on the front end when `large` size is used. joemcgill* needs-unit-tests Media 4.4 normal normal Future Release defect (bug) accepted 2016-01-10T04:01:24Z 2017-05-31T21:17:47Z "{{{ <img width=""680"" height=""510"" src=""http://staging.dev/wp-content/uploads/2011/07/dsc02085-1200x900.jpg"" class=""attachment-post-thumbnail size-post-thumbnail wp-post-image"" alt=""Orange Iris"" srcset=""http://staging.dev/wp-content/uploads/2011/07/dsc02085-300x225.jpg 300w, http://staging.dev/wp-content/uploads/2011/07/dsc02085-768x576.jpg 768w, http://staging.dev/wp-content/uploads/2011/07/dsc02085-1024x768.jpg 1024w, http://staging.dev/wp-content/uploads/2011/07/dsc02085-1200x900.jpg 1200w, http://staging.dev/wp-content/uploads/2011/07/dsc02085.jpg 1600w"" sizes=""(max-width: 680px) 100vw, 680px""> }}} I am using Twenty Fifteen theme, WordPress version 4.4. `post-thumbnail` size is `825x510`. Original image size is `1600x1200`. But I am not getting expected image. After some testing I found that this problem arises if post thumbnail `large` is used. I could not understand how width and height is set to 680 and 510 respectively. I am not sure this is related to https://core.trac.wordpress.org/ticket/35108" rabmalin 28 35398 Allow post types to override `posts_per_archive_page` Query normal normal enhancement new 2016-01-11T10:09:48Z 2019-06-04T20:54:10Z fixed sebastian.pisula 1 35416 List children pages of another (in dashboard) has-patch Posts, Post Types normal normal Awaiting Review enhancement new 2016-01-12T12:22:30Z 2020-05-30T15:55:08Z "In Dashboard, in ""ALL POSTS"" page, there is available to list POSTS of specific categories.. it is good, if such thing was possible for PAGES, when i have hundreds of pages, then i want to show only specific page's children pages... please add this posibility (like url : `/wp-admin/edit.php?parent=2754&post_status=all..................`" selnomeria 8 35418 Assigned post type not appeared in category and tag archive reporter-feedback Query 4.4.1 normal normal defect (bug) new 2016-01-12T14:07:24Z 2019-06-04T20:54:15Z "In case of custom post type assign to category or tag(like use register_taxonomy_for_object_type), this post type not appeared in category and tag archive. " jim912 2 35422 only exit if the redirect is true when registering on multisites has-patch Login and Registration normal normal enhancement new 2016-01-12T18:55:09Z 2022-02-19T08:10:40Z " in wp-login.php we do a redirect to (wp_signup_location wp-signup.php) when registering on multi sites and die we should only die if the redirect is true I also want to this patch added to save me from having to edit a core file inorder to install s2member on multisite This plugin has install instructions that have us rem out the redirect and exit ` {{{#!php <?php case 'register' : if ( is_multisite() ) { $sign_up_url = network_site_url( 'wp-signup.php' ); // Multisite uses wp-signup.php // Modified for full plugin compatiblity. //wp_redirect( apply_filters( 'wp_signup_location', $sign_up_url ) ); //exit; } }}} ` I would like to change this to use the filter to remove the location and cause the wp_redirect to return false" pbearne 7 35425 Return HTTP status code in WP_Error objects REST API normal normal Future Release enhancement new 2016-01-12T20:04:34Z 2017-03-26T02:15:25Z "The REST API has an existing pattern of using a HTTP status code to better describe the nature of a `WP_Error` object: {{{ if ( ! empty( $request['id'] ) ) { return new WP_Error( 'rest_post_exists', __( 'Cannot create existing post.' ), array( 'status' => 400 ) ); } }}} Throughout WordPress, it would improve the quality of error reporting to include an equivalent HTTP status when generating a new `WP_Error` object. This ticket can serve as placeholder for improvements to this effect. Previously: https://github.com/WP-API/WP-API/issues/153#issuecomment-170734687" danielbachhuber 11 35427 add filter on the wpmu_signup_user() meta values in user-new has-patch Login and Registration 3.0 normal normal enhancement new 2016-01-12T20:49:48Z 2019-06-04T20:20:51Z "I want to add additional meta when signing up a new user so I need a filter to allow this '''note'''. the s2member multi-site setup requires c a core mode to allow this " pbearne 6 35428 Allow the suppression of errors if user already exists reporter-feedback Login and Registration normal normal enhancement new 2016-01-12T21:19:14Z 2019-06-04T20:21:01Z "The install instructions for s2members requires that we add a filter to suppress errors it seems to be we should add the filter to allow this. " pbearne 7 35430 Should the 'counts' cache group be persistent? has-patch Cache API 4.4 normal normal Future Release enhancement new 2016-01-13T02:58:54Z 2022-12-19T01:46:07Z I checked that the places storing data in the `'counts'` cache group have proper way to delete the data in cache on updates. For example, `wp_count_posts()` stores the post count, and `_transition_post_status()` deletes the count. So could we change the `'counts'` cache group to be persistent? This can reduce the repeated counting queries to the database. wjywbs 9 35432 `wp_list_comments()` should perform a more modest fallback comment query Comments 4.4 normal normal enhancement new 2016-01-13T04:17:29Z 2019-06-04T19:33:53Z "Previously: #35175, #35356, #8071. In 4.4, `comments_template()` was updated so that it no longer queries for every single comment belonging to a post; instead, it only fetches the comments appropriate for the current comment-page. See #8071. This change introduced a bug in `wp_list_comments()`: since all of the post's comments were no longer available in `$wp_query->comments`, it was no longer possible to pass custom (read: differing from `$wp_query`) pagination params to `wp_list_comments()` and get the proper comments back. We addressed this problem in 4.4.1 by adding a clause to `wp_list_comments()` that falls back on the old behavior - querying for all of the post's comments - if non-default pagination params are provided. See #35175 [36157]. This fallback solution is obviously not ideal. Querying for all of a post's comments is what #8071 was supposed to fix. `wp_list_comments()`, like `comments_template()`, should be able to perform a fallback query that fetches only the required comments. The necessary logic already exists in `comments_template()`, so this may be a relatively simple matter of porting the functionality over, or abstracting it for use in both functions. cc @smerriman" boonebgorges 35435 Support Webmentions needs-unit-tests Pings/Trackbacks normal normal Future Release feature request new 2016-01-13T05:25:25Z 2018-02-19T11:52:22Z "Webmention is now a W3C Recommendation as of January 12, 2017. https://www.w3.org/TR/webmention/ . Previous linkback protocols(trackback and pingback) did not achieve this status. The Webmention is a simplified evolution of the Pingback. It drops XML-RPC in favor of simple form encoding. The recommendation calls for asynchronous processing to prevent DoS attacks. There is already a webmention plugin for WordPress in the repository. https://wordpress.org/plugins/webmention/ and this could be used as a basis for a feature plugin to merge into core. Trackbacks and Pingbacks both have their unique problems. The idea of linkbacks in general remains a good one, spoiled by less robust implementations. To go to the logical extreme, suggesting that adoption of webmentions be concurrent with the disabling by default of the earlier and less secure protocols. Finally, no feature should be adopted in WordPress unless it has users...the pingback implementation in WordPress displays pingbacks in a way that does not convey useful meaning. Current implementations of Webmention parse the HTML to generate a comment or other richer forms of response that are more useful to a site than what is currently available. The proof of concept for this is in the Semantic Linkbacks plugin https://wordpress.org/plugins/semantic-linkbacks . " dshanske 3 35437 dot in permalinks Canonical normal normal Future Release enhancement new 2016-01-13T06:49:02Z 2019-01-08T13:53:11Z "Just try to add dot in request uri (begin or end of any part) – it will return status 200, but should 404 or may be it should redirect to url without dots, otherwise it generates duplicate pages that is not so good. For example. Correct url is http://site.com/some/url/ Let's try: http://site.com/.some/url/ – will return status 200 and open the correct page. The same behavior if: http://site.com/some./url/ http://site.com/some/.url/ http://site.com/some/url./ Temporary solution in functions.php helpful for me: {{{#!php <?php function clear_uri($var) { global $clear_processed; $clear_processed = true; $str = trim($var, '.'); if( $str[0] == '.' || $str[strlen($str)-1] == '.' ) $str = clear_uri($str, '.'); return $str; } $clear_processed = false; $parts = explode('/', trim($_SERVER['REQUEST_URI'], '/')); foreach($parts as $k => $s) { if( $s[0] == '.' || $s[strlen($s)-1] == '.' ) $parts[$k] = clear_uri($s); } if( $clear_processed ) { $location = '/' . implode('/', $parts) . '/'; header(""Location: "" . $location, true, 301); exit; } }}} " vk_code 5 35450 Relocate user's primary_blog setting to user profile Users 3.0 normal normal defect (bug) new 2016-01-13T21:59:02Z 2019-06-05T06:43:02Z "In multisite installations, the `primary_blog` user setting is an anomaly: * It's located in `my-sites.php` vs. `user-edit.php` or `profile.php`. * It's both presented and conditionally saved in `choose_primary_blog()` vs. in `wp_insert_user()` along with the rest of a user's data & meta * It uses the `_user_option()` functions with the `$global` flag set to true, instead of `_user_meta()` functions. At a glance, the code makes this look like `primary_blog` might be a per-site setting, which wouldn't make any sense. I'd like to suggest we do a few things to improve this setting: * Move this setting into the user profile, and remove it from `my-sites.php` * Move the saving of the `primary_blog` user meta key into `wp_insert_user()` so it can added to a user a object * Introduce a new function, similar to `choose_primary_blog()`, for displaying this field in the user profile * Switch to using the `user_meta()` functions, away from `user_option()`" johnjamesjacoby 2 35456 New args for apply_filters in WP_Widget_Archives needs-docs Widgets normal normal enhancement new 2016-01-14T14:24:23Z 2019-06-05T06:43:05Z "I suggest add new arguments for Widget. For example I can use archive widget for another post types: {{{#!php <?php /** * Filter the arguments for the Archives widget. * * @since 2.8.0 * @since 4.5.0 Added new params $widget_args, $instance and $widget_archive * * @see wp_get_archives() * * @param array $args An array of Archives option arguments. * @param array $widget_args Array of arguments including 'before_title', 'after_title', * 'before_widget', and 'after_widget'. * @param array $instance Settings for the current Archives widget instance. * @param WP_Widget_Archives $widget_archive Object Current Widget */ add_filter( 'widget_archives_args', function ( $args, $widget_args, $instance, $widget ) { if ( $widget_args['widget_id'] == 'archives-2' ) { $args['post_type'] = 'page'; } return $args; }, 10, 4 ); }}} I know that date archives is not supported for other post type but this is example (but I can make support for other post type :) )" sebastian.pisula 1 35466 `add_filter()` errors when `spl_object_hash()` not exists General 4.4.1 normal normal defect (bug) new 2016-01-15T05:06:37Z 2019-06-04T19:54:52Z "`add_filter()` will errors when the following conditions are met. 1. `$function_to_add` is Closure 2. `spl_object_hash` function not exists For example: {{{ add_filter( 'template_include', function($args){ return $args; },90 ); }}}" yaquawa 1 35475 New functions: `current_widget` and `current_widget_id` reporter-feedback Widgets normal normal enhancement reopened 2016-01-15T16:08:56Z 2019-06-05T06:43:09Z "This is alternative for ticket #35456. In widgets we can use different filters and actions. For example we use the_title filter but in widget we don't want (this is abstract example). So: {{{#!php <?php if(current_widget() == 'archive'){ return 'test'; } return 'test2'; }}} Other example - when can use filter from #35456 ticket: {{{#!php <?php add_filter( 'widget_archives_args', function ( $args ) { if ( current_widget_id() == 'archives-2' ) { $args['post_type'] = 'page'; } return $args; }, 10 ); }}} " sebastian.pisula 3 35476 Allow posts to be filtered before return when `fields` parameter is used with `WP_Query` adamsilverstein* close Query normal normal Awaiting Review enhancement accepted 2016-01-15T16:46:59Z 2023-09-19T21:10:23Z "Right now, when the '''fields''' parameter is used with '''WP_Query''' (""ids"" or ""id=>parent""), the returned posts are not filterable at all. Later in WP_Query, the_posts can be used to filter returned posts. This functionality should be mimicked with fields queries. The use case for this is in plugins that bypass MySQL in WP Query (Elasticsearch). Fields queries right now can not be bypassed. Patch attached." tlovett1 9 35482 Archival pagination fails in 4.4 and up needs-unit-tests Rewrite Rules normal normal defect (bug) new 2016-01-15T20:59:37Z 2019-06-04T21:19:22Z "Stemming from research into a weird 'category' issue in #35344 1. Make your permalinks {{{/%category%/%postname%/}}} or anything _as long as_ you start with `/%category%/` 2. Go to `example.com/category/SOMECAT/` and everything works. 3. Go to `example.com/SOMECAT/` and WP thinks it’s an _archive_! And pagination fails. Either it's a 404, or it redirect you to the 'most appropriate' page (I ended up on http://local.wordpress-trunk.dev/page-a/2/ a lot) I tested this with `/%author%/%postname%/` and `/bob/%postname%/` - the former had the same issue, the latter shows a 404 for `http://local.wordpress-trunk.dev/bob/` and this is expected! If the permalink 'base' is any of our structure tags ( https://codex.wordpress.org/Using_Permalinks#Structure_Tags ) then WordPress is attempting to generate an archival page for something it knows, and the pagination is failing. Logically this is becuase any ‘base’ page that ​_can_​ generate an archive of itself (cats, tags, dates, but ​_not_​ `bob`) should be doing so. Contrary to initial reports, this is a 4.4+ bug, it was _not_ introduced by 4.4.1 Slugs like bob and 'archive' (the slug you get if you pick the 'Numeric' permalink option) have never, that I can see, paginated. Digging even deeper.... 1. Permalinks set to `/%year%/%category%/%postname%/` 2. Visit `example.com/2016/SOMECAT` and the page displays an archive 3. Pagination from here does _not_ work (tested on 4.4 and 4.3 so I think its okay to assume that never worked....) I'm not sure if these should have worked. I know that if you do `/%year%/%month%/%postname%/` then the year ''and'' the year/month archive URLs will work, but that may be a separate issue." Ipstenu 5 35489 Im having an issue with WP_Image_Editor_Imagick Media 4.4.1 normal normal defect (bug) new 2016-01-16T20:39:07Z 2019-06-04T20:21:12Z "Im using this following to set up an editor to create thumbs for an image I am uploading: $editor = wp_get_image_editor( $file ); Some images are crashing my script causing a 500 error. I tracked the issue down to the WP_Image_Editor_Imagick class specifically within the crop_image function. From what I could tell this is the line causing my 500 error at line 349 of class-wp-image-editor-imagick.php $this->image->cropImage( $src_w, $src_h, $src_x, $src_y ); I fixed the issue in a band-aid class I am temporarily using removing the WP class and using my own with the wp_image_editors filter within my added class I am using I added the following line $this->image->setResourceLimit(6, 1); // set max threads to 1 I added it just before $this->image->cropImage( $src_w, $src_h, $src_x, $src_y ); " stoi2m1 1 35491 Add a function to check whether a hook is scheduled has-patch Cron API normal normal Future Release enhancement reopened 2016-01-17T04:46:47Z 2019-06-04T18:11:28Z "I'm working with a plugin that calls `wp_schedule_event()` with an unpredictable value for `$args`. Sometimes it would be helpful to know whether this plugin's event is scheduled, but because I can only guess at `$args`, I can't always detect it with `wp_next_scheduled()`. The attached patch attempts to address this scenario with a function that checks only whether a hook is scheduled, regardless of its `$args`. " dlh 13 35501 "Dashboard page: incorrect work of ""Activity"" group box bottom counters" adamsilverstein has-patch Comments 4.4.1 normal normal Future Release defect (bug) assigned 2016-01-17T21:22:17Z 2019-01-10T22:26:26Z "STEPS TO REPRODUCE Create new post, add comment through front end, go to dashboard page, click showed up menu items Approve/Unapprove/Spam/Trash in different combinations: - click ""Approve"" and quick click ""Trash"", - click ""Unapprove"" and quick click ""Trash"" - quick click ""Approve"" twice EXPECTED RESULT: bottom counters ""All"", ""Pending"", ""Approved"", ""Spam"", ""Trash"" counts correct. ACTUAL RESULT: see attachment." antonrinas 20 35503 "Dashboard page: comment status in ""Activity"" group box shows incorrect" reporter-feedback Comments 4.4.1 normal trivial feature request new 2016-01-17T21:54:34Z 2019-06-04T19:33:54Z "'''STEPS TO REPRODUCE''': log in (subscriber user), create new comment for post, log in (administrator user), approve comment on Dashboard page using ""Activity"" group box, click ""Approved (1)"", click ""Go back one page"" in browser. '''EXPECTED RESULT''': comment status - Approved '''ACTUAL RESULT''': comment status - Unapproved This problem was found in browsers Firefox 44.0b9, Chrome 47.0.2526.111 m" antonrinas 5 35504 response to adding data to taxonomy shows in a wrong place reporter-feedback Taxonomy 4.4.1 normal normal defect (bug) new 2016-01-17T22:55:55Z 2020-06-04T05:50:50Z "Hello, i created a custom taxonomy and when i try to add an item, item will be successfully add but response from ajax request to add this data show's in wrong place and the table not getting updated. response data showing as the message value instead. i toke screenshot. and i tested my codes and wordpress healthy time and time over. I'm Sure it's core bug. [[Image(http://uupload.ir/files/kuv1_bug.jpg)]]" ehsanaghaei 2 35505 Navigation tabs styling inconsistencies Administration 4.4.1 normal normal defect (bug) new 2016-01-17T23:07:58Z 2019-06-04T19:33:58Z "This is a follow-up to #34214. Still an issue at max-screen width 600px (mobile)." Cybr 7 35517 Work around PHP7 php-ssh2 breakage dev-feedback Filesystem API normal normal Awaiting Review defect (bug) new 2016-01-18T20:46:22Z 2023-06-27T06:41:29Z "There is an updated php-ssh2 package available for PHP7, but it currently breaks the WordPress updater functionality for `class-wp-filesystem-ssh2.php`. The root cause seems to be that it has not correctly implemented the PHP stream wrappers for the `stat()` call, and any dependent functions such as `is_file()`, `is_dir()`, `file_exists()`, etc. However, the `ssh2_sftp_stat()` function does work, and we can deduce the other information from it. I've filed a bug against the php-ssh2 extension (https://bugs.php.net/bug.php?id=71376), but I wondered if using `ssh2_sftp_stat()` might be better, in general, than depending on the PHP stream wrapper functionality. " dougal 30 35520 If stylesheet_directory and template_directory are forced, don't show theme screens Themes normal normal defect (bug) new 2016-01-18T23:54:48Z 2019-06-04T21:19:39Z As those screens will be broken, switching to a different theme has no effect, installing new ones doesn't make sense and there may be errors if the default theme directory is not used. iseulde 35524 Overwrite default widget templates Widgets normal normal enhancement new 2016-01-19T10:02:19Z 2019-06-05T06:43:12Z "I have two proposal for layout in default widget. I think that developer should have possibility to overwrite widget layout. I suggest value of widget method add to new directory: wp-includes/widget-templates and add if: {{{#!php <?php public function widget( $args, $instance ) { $widget_template = 'widget-templates/recent-posts.php'; if ( $template = locate_template( $widget_template ) ) { include $template; } else { include ABSPATH . WPINC . '/' . $widget_template; } } }}} Developer can overwrite widget layout in theme. " sebastian.pisula 2 35529 Updating to 4.4.1 causes new pretty permalinks for media to break existing permalinks kraftbj Permalinks 4.4 normal normal Awaiting Review defect (bug) assigned 2016-01-19T18:43:41Z 2022-08-01T19:36:30Z "When updating a site from v4.0.9 to v4.4.1 at least one page (which is a top-level page for the site) is getting ""-2"" added on to its slug while an unattached image takes the original slug. This causes problems for SEO as well as breaking things that depend on results from functions like `is_page('slug')`." nyodulf 17 35530 "Style and upgrade ""Briefly unavailable for scheduled maintenance. Check back in a minute."" page" Upgrade/Install normal normal Awaiting Review enhancement new 2016-01-19T19:01:42Z 2018-01-10T23:44:54Z "While ideally it would not be shown except briefly, the current display of the ""Briefly unavailable for scheduled maintenance. Check back in a minute."" feels very unprofessional and generic. Perhaps we should consider dropping the message into some output similar to the readme.html file. Thoughts? Concerns?" tw2113 5 35536 WP_Upgrader goes too far up when enumerating parent paths on a network share Upgrade/Install 3.7 normal normal defect (bug) new 2016-01-19T22:43:29Z 2019-06-05T06:43:16Z "In `/wp-admin/includes/class-wp-upgrader.php`: When `is_vcs_checkout()` is walking up parent folders, the behavior of `dirname()` causes WordPress to check for folders that couldn't possibly exist. For example, if ""inetpub-share"" was the name of a share on machine ""myserver"", the following folders might be searched for source control folders: * `\\myserver\inetpub-share\wwwroot\.git` * `\\myserver\inetpub-share\.git` * `\\myserver\.git` * `\.git` Note that the last two are not even subfolders of `""inetpub-share"".` That is, the search should stop at `""\\myserver\inetpub-share\.git""` because `""inetpub-share""` should be considered a top-level folder. Even more concerning is that checking for `""\\myserver\.git""` and `""\.git""` are very expensive operations in a network environment, which means that the upgrade logic takes a very long time or will time out. My proposed remedy is to change this line: {{{#!php if ( $context_dir == dirname( $context_dir ) ) }}} to {{{#!php if ( $context_dir == dirname( $context_dir ) || (substr($context_dir , 0, 2)=='\\\\' && strpos(dirname( $context_dir ), '\\', 2)===false) }}} Thoughts?" vfs_hobbes 2 35537 AllPosts page: sorting is not remembered dev-feedback Posts, Post Types 4.4.1 normal minor Future Release enhancement new 2016-01-19T22:43:43Z 2017-02-06T09:13:22Z "STEPS TO REPRODUCE 1) Log in (administrator). 2) Remove all posts. 3) Create 3 new posts with titles accordingly ""1"", ""2"", ""3"" 4) Go to AllPosts page. 5) Click on ""Title"" column header to sort posts by title (as a result: posts is sorted in order 1,2,3). 6) Click ""Published (3)"". 7) Click ""All (3)"" EXPECTED RESULT: posts is sorted in order 1,2,3 ACTUAL RESULT: posts is sorted in order 3,2,1" antonrinas 2 35538 "AllPosts page UI: link ""All"" has incorrect color" Posts, Post Types 4.4.1 normal trivial Awaiting Review defect (bug) new 2016-01-19T23:15:48Z 2023-07-09T20:45:45Z "STEPS TO REPRODUCE: 1) Log in (administrator), remove all posts. 2) Create new post. Go to AllPosts page. 3) Remove post to trash by clicking ""Trash"" menu item. EXPECTED RESULT: ""All (0)"" link color #000 ACTUAL RESULT: ""All (0)"" link color #0073aa" antonrinas 8 35545 Unexpected behavior of wp.shortcode.regexp Shortcodes 4.4.1 normal normal defect (bug) new 2016-01-20T14:09:51Z 2019-06-04T21:19:46Z "Using the _.memoize-Function for wp.shortcode.regexp (defined in /wp-includes/js/shortcode.js) leads to somewhat surprising behavior of the returned Regexp-Object: {{{ > wp.shortcode.regexp(""foo"").exec(""[foo]bar[/foo]"") -> [""[foo]bar[/foo]"", """", ""foo"", """", undefined, ""bar"", ""[/foo]"", """"] > wp.shortcode.regexp(""foo"").exec(""[foo]bar[/foo]"") -> null > wp.shortcode.regexp(""foo"").exec(""[foo]bar[/foo]"") -> [""[foo]bar[/foo]"", """", ""foo"", """", undefined, ""bar"", ""[/foo]"", """"] > wp.shortcode.regexp(""foo"").exec(""[foo]bar[/foo]"") -> null ... }}} I would expect the call to return the same result every time and not ""null"" every second time. This happens because the Regexp-Object is recycled and Regexp just seems to behave this way. However when using wp.shortcode.regexp-Function without knowing the internal behavior of the Regexp-Object, this comes rather surprising. Maybe not caching this object might be a better choice here. For example, the Shortcode-UI-Plugin (https://wordpress.org/plugins/shortcodes-ui/) seems to have a problem because of this." TobiasHoessl 35546 "AllPosts page UI: ""Edit"" name in ""Bulk Actions"" does not match with ""Bulk Edit"" group box" Posts, Post Types normal minor Future Release enhancement new 2016-01-20T19:42:09Z 2017-08-07T16:15:17Z "This may mislead a user. Because not all users know that there are 3 types of editing on this page: 1. Hidden menu ""Edit"". 2. Hidden menu ""Quick Edit"". 3. ""Edit"" in the ""Bulk Actions"" list. This name is equal to the 1. when it is not the same. Should ""Edit"" in the""Bulk Actions"" be changed on ""Bulk Edit""?" antonrinas 3 35550 AllPosts page: Tags field does not accept characters <> Posts, Post Types 4.4.1 normal minor defect (bug) new 2016-01-20T21:43:49Z 2019-06-04T20:54:37Z " STEPS TO REPRODUCE 1. Log in as administrator and create new post ""Test post"". 2. Go to AllPosts page. Check ""Test post"" and perform ""Edit"" bulk action. 3. Type into ""Tags"" 2 characters ""<>"". Click ""Update"" EXPECTED RESULT: Characters <> are added as a tag. EXPECTED RESULT: Characters <> are not added as a tag." antonrinas 1 35554 De-emphasise WordPress Version in the admin has-patch Administration normal normal Future Release enhancement new 2016-01-21T09:54:32Z 2022-05-06T10:49:33Z "Currently WordPress is very proud of the version it's running - but version strings are not exactly the most important piece of information to a regular user. I'd like to bring it back to displaying only the major version (ie. `Version 4.4`, not `Version 4.4.1`). A few of us have kicked the idea around over the years, and making the version number less specific as we move towards faster point releases really makes a lot of sense. There's two options which could be taken: 1. Simply bring it back to x.y (`Version 4.4`). attachment:major.minor.diff 2. Remove it entirely, including the `You are running WordPress x.y.z running Theme X theme.` message in the at-a-glance widget. attachment:remove-all-version-mentions.diff The second option is a harder-line approach, but removes information that most users have no need to see most of the time. They'll still see update nags when a new version comes out (Well, except for the million or more of sites which choose to enable automatic updates for major versions too) and the version string will always be available on the update screen where it's useful." dd32 55 35559 Image wrapped in anchor disappear in Customizer (Safari) reporter-feedback Customize 4.4 normal normal Awaiting Review defect (bug) new 2016-01-21T13:40:20Z 2021-05-23T18:52:05Z Medium and large size images that set as a featured images displaying through the_post_thumbnail disappear when viewing from customizer if height is not set strictly (400px for example). It disappear time to time – try to reload page or click menu links to update customizer window. halftones 22 35561 function wp_admin_canonical_url() not using configured site url when constructing canonical url link tag dev-feedback Administration 4.4.1 normal normal Awaiting Review defect (bug) new 2016-01-21T16:00:36Z 2023-10-05T08:26:19Z "I was having an issue with the wp_admin_canonical_url() function in wp-admin/includes/misc.php and I have a suggested fix I am running word press behind a reverse nginx proxy on a different box so my main site is at http://www.rammount.com and the blog is at http://www.rammount.com/blog The blog url is set in the WordPress configuration. But when you log into the admin section the wp_admin_canonical_url() function does not pick up the configured url instead it constructs the url without the /blog. This of course breaks links in the admin section, constantly redirecting things to http://www.rammount.com without the /blog by changing the following line: `$current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );` to: `$current_url = set_url_scheme(home_url(add_query_arg(array(),$wp->request)) . $_SERVER['REQUEST_URI']);` the problem is solved. the proper url is created and as such the links in the admin section that use the canonical url link function correctly. Hoping to have this change evaluated for inclusion, so that I don't have to remake this edit every time one of my designers updates the WordPress installation?" ilude 13 35562 Single post pagination redirect back to page one with nextpage tag - WordPress 4.4.1 Canonical 4.4 normal normal Future Release defect (bug) new 2016-01-21T18:07:31Z 2017-02-07T19:11:07Z "When a single post post content, {{{$post->post_content}}}, does not contain the {{{<!--nextpage-->}}} tag, and we append more pages to the single post through the {{{content_pagination}}} filter, pagination works as expected Sample code to test {{{ add_filter( 'content_pagination', function ( $pages ) { $pages[] = 'This is another page we want to append'; return $pages; }); }}} However, when we add the {{{<!--nextpage-->}}} tag inside the post content ($post->post_content}}} and run the same sample code, any appended page simply redirects back to page one as a 404 header is set on appended pages. I tracked this down to the following block of code (lines 623 - 628) inside the {{{WP}}} class ({{{wp-includes/class-wp.php}}} which seems to be introduced in either v4.4.0 or 4.4.1 {{{ // check for paged content that exceeds the max number of pages $next = '<!--nextpage-->'; if ( $p && false !== strpos( $p->post_content, $next ) && ! empty( $this->query_vars['page'] ) ) { $page = trim( $this->query_vars['page'], '/' ); $success = (int) $page <= ( substr_count( $p->post_content, $next ) + 1 ); } }}} Removing those lines fixes the issue. What I recommend is that instead of simply checking for the {{{<!nextpage-->}}} and returning a 404 according to that, we must rather have a check that acts on the amount of pages we have counted immediately after the {{{content_pagination}}} filter and then return a 404 if the current page exceeds the amount of pages after the {{{content_pagination}}} filter" pietergoosen 5 35567 New argument `is_embeddable` for `register_post_type()` has-patch Embeds 4.4 normal normal Awaiting Review enhancement assigned 2016-01-21T20:47:31Z 2024-01-26T07:38:05Z "I really love the new oembed functions! But as much as I love the feature, it would be awesome to have an argument in the register_post_type function to choose, if the posttype should be embedable or not. I have no problem with it to be true by default, but I just would love to deactivate it for certain post types which are not that publicly used. There are already arguments like ""publicly_queryable"" or ""has_archive', so this doesn't seem off." pampfelimetten 20 35574 Add REST API JSON schema information to WP_Widget needs-unit-tests Widgets 2.8 normal normal Future Release enhancement new 2016-01-22T12:24:06Z 2017-04-23T23:27:58Z "With the REST API, there is an emerging-established way in WordPress for describing a data structure, such as a widget instance. One aspect of the REST API endpoint schema is the `default` values for given fields on a property. Widgets often have duplicated logic between the `WP_Widget::widget()`, `WP_Widget::update()`, and `WP_Widget::form()` methods for checking if a given `$instance` property has been set, and if not, supplying a default value. In some cases, these `isset` checks are ''not'' performed resulting in PHP notices if the methods are programmatically invoked with an empty array. With JSON Schema defined, we would provide `$instance` defaults upon which the current stored `$instance` can be merged. Widgets in WordPress are assumed to be arrays, with the applied filters and function return values. With a schema defined, the data type of a widget instance would be guaranteed. Meta in the REST API is a challenge given that it may or may not contain serialized PHP. Widgets are stored in serialized PHP arrays in WP options (though it is possible to store them in posts, per #32474). Additionally, the instance arrays may also contain PHP objects for classes that cannot be cleanly serialized into JSON, and having a REST API JSON schema defined for a widget would guarantee that a widget instance can be represented in JSON. This would, in turn, allow widgets to be exposed as [https://github.com/WP-API/WP-API/issues/19 endpoints] in the REST API, and it would allow widget instances to be completely manipulated with JavaScript (such as in the Customizer, as described in #33507). By adding schema information to `WP_Widget`, we get a lot more than having default `$instance` data available. For one, the widget form can be automatically generated based on the schema if one is not defined (i.e. if `noform` is returned from the `WP_Widget::form()` method). (This may actually be focus of the Fields API.)" westonruter 25 35587 If core in under version control, don't let the user update manually Upgrade/Install normal normal defect (bug) new 2016-01-23T10:19:01Z 2019-06-05T06:43:19Z "If core is under version control, I don't think the user should be able to manually update it (and break it). I know auto updates are disabled in this case, but shouldn't manual updates be disabled too? E.g. WordPress is installed in a subdirectory and syncs trunk every hour. A manual update would revert the changes back to the last nightly build until the next sync. " iseulde 5 35591 Shortcode Attributes Parsing Issue reporter-feedback Shortcodes 4.4.1 normal normal defect (bug) reopened 2016-01-24T09:26:53Z 2019-06-04T21:19:47Z "I'm using the following custom shortcode: [expert_profile mode=""desktop"" expert=""142""] And when the attributes are parsed using the following method: extract( shortcode_atts( array( 'mode' => 'desktop', 'expert' => '0', 'num_to_show' => '25', 'tooltip' => 'on' ), $atts ) ); the ""expert"" attribute/variable is getting quotes around the end result after being parsed" markclotfelter 13 35593 Metadata from wrong file in media_handle_upload has-patch Media normal normal Awaiting Review defect (bug) reviewing 2016-01-24T15:14:20Z 2023-02-06T15:07:08Z "In media_handle_upload and media_handle_sideload the attachment metadata is generated after inserting the attachment. For that the same file name is used. However, if a plugin changes the filename in an `add_attachment` hook the wrong file name will be used. Thus the wrong metadata is written or it is cleared. See wp-admin/includes/media.php: {{{ 368 // Save the data 369 $id = wp_insert_attachment($attachment, $file, $post_id); 370 if ( !is_wp_error($id) ) { 371 wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) ); 372 } }}} In my patch I query the filename again before updating the metadata. " normanrz 9 35606 AllPosts page: contradiction in filtering by Category and category assigning to the post Posts, Post Types 4.4.1 normal minor defect (bug) new 2016-01-25T20:52:14Z 2019-06-04T20:54:43Z "'''STEPS TO REPRODUCE''': 1. Log in as administrator. 2. Go to Posts->Categories. 3. Add category: Name - ""Test category"", Slug - ""test-category"". 4. Add category: Name - ""Test subcategory"", Slug - ""test-subcategory"", Parent - ""Test category"". 5. Go to AllPosts page. 6. Add new post: Title - ""Test post"", assign it to ""Test category"". 7. Add new post: Title - ""Test post for subcategory"", assign it to ""Test subcategory"". 8. Go to AllPosts page. 9. Filter posts by category ""Test category"". '''EXPECTED RESULT''': Post ""Test post"" is presented as a result of filtration. '''ACTUAL RESULT''': Posts ""Test post"", ""Test for subcategory"" is presented as a result of filtration. If to follow this logic, post ""Test post for subcategory"" had to be assigned to ""Test subcategory"" and automatically to parent category in the moment of creation. See attachment." antonrinas 35627 Delete user posts not reassigned. Users 4.3.1 normal normal defect (bug) new 2016-01-27T12:53:58Z 2019-06-05T06:43:23Z "In a multisite, when a user is removed from a single site their posts stay assigned to them. If the user is then deleted in the multisite admin WP says the users is not in the above site. Therefore their posts do not get reassigned or deleted. The user is deleted from wp_users and individual posts now have a user_id assigned to them that does not exist." hughie.molloy 35635 Redirect loop for custom post types in WP 4.4 dev-feedback Permalinks 4.4.1 normal critical defect (bug) new 2016-01-27T19:46:48Z 2019-06-04T20:54:50Z "I have a client site hosted on WPE that was on 4.3.1 and when I updated to 4.4.1. it now has a redirect loop error (ERR_TOO_MANY_REDIRECTS) when trying to access a single post page (for a custom post type) from a category page. What it is doing is trying to redirect without the category in the the URL and then tries to redirect with the category, and loops; [[br]] /%category%/%postname%/ => /%postname%/ => /%category%/%postname%/ => etc. On my category page a have a list of posts with links with the markup {{{<a href=""<?php the_permalink(); ?>"" class=""custom"">...</a>}}} and my permalinks setup is ""Post name"" or ({{{/%postname%/}}}). I don't know the code causing this so I don't have much info, but with the assistance of WPE support we confirmed this is due to the WP 4.4.1 update by cloning versions and updating WP and reverting, etc. Here is [https://wordpress.org/support/topic/this-webpage-has-a-redirect-loop-43/ another instance I found] as well, but they claim to have reinstalled 4.4 and it fixed it. I tried this several times with no luck. Note: This is my first time submitting a defect/ticket, so please let me know if I need to add any other info." standuncan 2 35640 No API to set a nav menu location Menus normal normal defect (bug) new 2016-01-28T05:21:19Z 2019-06-04T20:21:30Z "We've got an API to retrieve the nav menu locations - `get_nav_menu_locations()` however, there's nothing (as far as I can tell) to set a theme location, either singularly or for all menu's. We should probably have a method that can be used to set a single theme locations menu, and one to bulk-set. For reference, the admin pages currently all call `set_theme_mod( 'nav_menu_locations', $locations );` directly." dd32 4 35648 the_post_thumbnail sets srcset with http protocol reporter-feedback Media 4.4 normal normal defect (bug) new 2016-01-28T16:28:48Z 2019-06-04T20:21:48Z "We have a wordpress site that uses https always, when we use the_post_thumbnail, it returns HTTPS for the SRC attribute but it returns HTTP values for the SRCSET attribute. This is not a duplicate of #28261 or #15928 because this only happens on the srcset attribute. We had to do this filter in order to do a quick patch: {{{#!php <?php function fix_srcset_https_thumb_images ($html) { if ( is_ssl()) { $html = str_replace('http://','https://',$html); } return $html; } add_filter('post_thumbnail_html','fix_srcset_https_thumb_images') ; }}}" javiertoledos 4 35650 title_reply_to should work when javascript is enabled Comments normal normal Future Release enhancement new 2016-01-28T21:51:05Z 2019-06-21T01:16:40Z "`title_reply_to` is a parameter in the `comment_form` function, and has even been around since 2.7 in the `comment_form_title` function, allowing you to display a different heading when replying to a comment, including who you are replying to. While a cancel comment reply link does appear, having a different heading is a very useful concept for making it clear to users exactly what they are doing. Except, nobody ever sees it because it only applies when javascript is disabled. Everybody* has javascript enabled. The javascript for replying to comments should be updated to change the heading based on this parameter. " smerriman 3 35651 No longer any consistent way to add content to bottom of comments form dev-feedback Comments 4.4 normal normal defect (bug) new 2016-01-28T22:12:22Z 2019-08-19T01:44:25Z "In #34731, there was a discussion on whether `comment_notes_after` should be directly after the comment form (now at the top by default), or at the bottom above the submit form (as the documentation described). The decision was to change the documentation. However, this now leaves no consistent way for themes/plugins to add content to the bottom of the form, above the submit button. Using `comment_notes_after` was a popular method to add notes like terms and conditios, or a subscribe checkbox etc, and consistent with the old documentation. All of these themes/plugins that relied on the positioning in the documentation will now have this output in the wrong place in the form. `comment_form_after_fields` isn't an alternative since it only applies when the user is logged out." smerriman 5 35656 Deprecate old single (non-multi) widgets dev-feedback Widgets 2.8 normal normal Future Release enhancement new 2016-01-29T08:52:23Z 2021-08-25T01:28:32Z "Widgets were introduced to Core in 2.2. These initial widgets only allowed one instance of a given widget to be registered at a given time. In 2.8 the `WP_Widget` was introduced which allowed for multiple instances of a widget type to be added, but more importantly it introduced an object-oriented MVC-ish paradigm for representing widgets. The `WP_Widget::update()` callback allows for a given widget instance to be sanitized without having to actually save it to the database. This ability is key for previewing widgets in the Customizer. In addition to the `update` callback, the `WP_Widget` can have schema information attached which works in conjunction with `update` to sanitize and validate a given widget for the REST API, for automatically generating a widget form, and automatically providing default values for a widget instance (see #35574). All of this is not possible with the old single widgets. I believe it is time to deprecate old single widgets so that widgets can evolve. If support for old single widgets is removed in 4.5, then in 4.6 (or later) support can be removed which could clean up quite a bit of the widgets codebase, including the brittle “option transactions” functionality that was added to widgets in the Customizer. Once single widgets are removed, moving widgets from being stored in options to a custom post type will be facilitated: #35669." westonruter 12 35669 Store widgets in a custom post type instead of options dev-feedback Widgets 2.8 normal normal Awaiting Review enhancement new 2016-01-30T20:00:34Z 2019-01-10T05:18:15Z "Widget instances are stored in options. For a multi-widget (`WP_Widget`) the widget instances of a given type (`id_base`) are stored in a serialized array of instance arrays. A widget ID is comprised of a widget's `id_base` followed by a number which is the array index for that widget instance. For example, the third-created Text widget would have the ID `text-4` (note that multi-widget numbering starts at 2). Old single widgets do not include the numeric index after the `id_base`, and technically they could be stored anywhere (see #35656 for suggestion to deprecate old single widgets). == Issues There are several problems with how widgets are currently stored as options. '''Scalability:''' For sites with a large number of widget instances, the entire collection of widgets must be unserialized with each request to access only one widget of a given type. (Note #23909 for how all widget instances get registered with every request.) For sites that use Memcached as an external object cache where cache buckets have a 1MB limit, since all widget instances of a given type are stored in a single option, sites with a huge number of widgets will overrun this limit. What's more is that widget options get registered as autoloaded, so all widget options will get combined together in the `alloptions` key, making widgets even more liable to overrun the 1MB cache bucket limit in Memcached. '''Concurrency:''' Since all widget instances of a given type are stored in a single option, if two users attempt to update two separate widgets at the same time, it is possible that one of the updates will get lost (see #31245). Additionally, the widgets admin page and widgets in the Customizer both get loaded with the max number (array index) for each widget type. When a new widget instance is created, this maximum number is incremented in memory and used in the new widget ID which is then passed to the server for saving. If two users have loaded the UI at the same time, when they both create a widget of a given type and save their widget changes, the one who saves last will overwrite the other user's widget since the two widgets would have the same ID. (See #32183 for more about the widget ID collisions, and see [https://wordpress.org/plugins/customize-widgets-plus/ Customize Widgets Plus] for a “Widget Number Incrementing” component which uses Ajax to generate new widget IDs in a more concurrency-safe manner.) '''Addressability:''' As noted above, widget instance IDs are comprised of the widget type's `id_base` followed by the array index `number`. Two different widget instances can have the same `number`, such as `search-3` and `text-3`, since the `number` is incremented in the scope of the instances of the given type. No other objects in WordPress are identified by strings in this way, that is as of now: taxonomy terms actually used to have to be addressed by a numeric term ID and taxonomy name until term splitting happened in 4.2 (see #5809). Now, however, a term can be uniquely identified by a single integer ID. All of the above issues would be resolved by switching to store widget instances in a custom post type, where each widget instance has a single unique auto-incremented post ID. == Advantages Storing widgets in custom post type has several benefits beyond fixing the above issues, including: * widget authorship attribution * revision history * import/export * querying * widget drafts * scheduled widgets == Data Migration Migrating widgets from options to a custom post type would involve some tedious data migration to update all references to current `id_base-number` widget IDs to their new integer IDs. The old widget ID could actually be copied directly into the `post_name` field for the `widget_instance` posts. Backwards compatibility for the `sidebars_widgets` option containing the old-style IDs may be necessary. Newly created widget IDs could have `post_name` fields populated with the `id_base` followed by the post ID. This switch would also necessitate discontinuing to register all widget instances with every request (#23909). == Sidebars and Widget Groups Perhaps out of scope for this ticket, but the way that widgets get associated with sidebars should also perhaps be changed to follow the pattern of how nav menu items are associated with a nav menu via a taxonomy term. The implementing of widget groups (#19912) could be the right opportunity to do this, where a `widget_grouping` taxonomy could be introduced, and when a grouping is assigned to a sidebar, the backwards-compatible widget IDs could be copied into the existing `sidebars_widgets` option. Otherwise, backwards compatibility might entail adding `pre_option_sidebars_widgets` filter. == REST API Impacts For more on widgets and now they relate to nav menu items in the context of a harmonized interface via the REST API, see https://github.com/WP-API/wp-api-menus-widgets-endpoints/issues/10 == Feature Plugin See the [https://github.com/xwp/wp-customize-widgets-plus Customize Widgets Plus] feature plugin's “Widget Posts” module for an initial implementation of storing widgets in a `widget_instance` custom post type. This plugin depends on #32474 which facilitated plugins to store widgets in posts instead of options." westonruter 8 35689 Pagination issue on front page after 4.4.1 update Canonical 4.4.1 normal normal defect (bug) reviewing 2016-02-01T14:36:06Z 2019-06-04T19:34:14Z "This is a spinoff of the remainder of #35344. See ticket:35344#comment:60 and on. > It seems to be that the remaining issues being experienced is this scenario, which is sounding like a combination of #35482 and this ticket. > * Static page on front, no posts page defined > * `query_posts()` or `$wp_query = new WP_Query()` used within the template to display the first page of posts > * /page/2/ would then load page 2 of the posts index with no static page in sight. > The problem I face, is that /page/2/ should NOT be the archive of posts, it should be the second page of the static home page (You can paginate posts/pages using the <!--nextpage--> tag in your content). " samuelsidler 12 35696 Allow extra control over CSS Classes in paginate_links() has-patch Themes normal normal Awaiting Review enhancement new 2016-02-02T19:21:18Z 2018-05-15T17:10:36Z "Currently, `paginate_links()` does not allow any flexibility in terms of customizing CSS classes in the outputted HTML. The idea here is to introduce some degree of control in this area. This idea rose from the need to implement a pagination component in [https://getbootstrap.com/components/#pagination Bootstrap] and Zurb's [http://foundation.zurb.com/sites/docs/pagination.html Foundation]. As of now, there is no way to implement these components without workarounds / hacks to `paginate_links()`. Currently, `paginate_links()` lets me output such HTML: {{{ <ul class=""page-numbers""> <li><span class=""page-numbers current"">1</span></li> <li><a class=""page-numbers"" href=""https://example.com/blog/page/2/"">2</a></li> <li><a class=""page-numbers"" href=""https://example.com/blog/page/3/"">3</a></li> <li><a class=""next page-numbers"" href=""https://example.com/blog/page/2/"">Next »</a></li> </ul> }}} I would expect `paginate_links()` to allow me to attach custom CSS classes to `<ul>`, `<li>` and `<a>` elements. {{{ <ul class=""pagination""> <li class=""page-numbers active""><a href=""#"">1 <span class=""sr-only"">(current)</span></a></li> <li><a class=""page-numbers"" href=""https://example.com/blog/page/2/"">2</a></li> <li><a class=""page-numbers"" href=""https://example.com/blog/page/3/"">3</a></li> <li><a class=""next page-numbers"" href=""https://example.com/blog/page/2/""><i class=""fa fa-arrow-right""></i></a></li> </ul> }}} This will allow for much more flexibility and less dirty workarounds." maor 4 35702 No current-menu-item in WP custom menus Menus normal normal enhancement new 2016-02-03T09:35:08Z 2019-06-04T20:22:08Z The _wp_menu_item_classes_by_context() method misses some menu item matches for the currently-queried object. This patch adds support for a common case. dotancohen 2 35707 On installation page, autocompleted password should not be visible. dev-feedback Upgrade/Install 4.3 normal normal defect (bug) new 2016-02-03T22:03:17Z 2020-02-15T17:48:03Z "We have a development server where new installations of WordPress are regularly created on the same domain. On the WP installation page, if you enter a username used elsewhere on the domain, the password field will be autocompleted if you have set the browser to remember it. The fact the autocomplete occurs is not a problem - however, the password appears in plain text. If anybody else is watching the screen, seeing a brand new random password for a brand new installation is OK (and you can click hide and change it if necessary) - but seeing a saved password from elsewhere is not. Autocompleted passwords should never appear in plain text. Removing autocomplete is one option, though some people may find it useful - but I think the ideal solution is that any changes to the password field should hide it automatically." smerriman 6 35736 Replace 'Lost Password' phrase with 'Reset Password' chriscct7* has-patch Login and Registration normal normal defect (bug) accepted 2016-02-05T02:04:28Z 2020-02-06T19:46:34Z "This is a simple terminology change with a huge impact on the end user. Since v4.3, WordPress is no longer sends passwords via email. WordPress sends only password reset links. WordPress also notifies by e-mail when a password is changed. Across WordPress core, the old ""'''Lost my password?'''"" phrase already replaced with the new ""'''Reset Password'''"" / ""'''Password Reset'''"" phrases. But in some places we still use the old ""'''Lost my password?'''"" phrase. This ticket aim is to replace the remaining strings in the login page, and in email notifications. === Login Page === In the reset screen, the page title is ""'''Password Reset'''"". But in the ""'''Login page'''"", the 3 action links under the form - '''Login''' / '''Register''' / '''Lost your password?''' We should replace the old '''Lost your password?''' phrase with the new ""'''Reset Password'''"" action. === Mail notifications === When WordPress notifies by e-mail that the password is changed, we use the ""'''Password Lost and Changed for user...'''"" phrase. Why not simplify this? ""'''Password Changed for user...'''""" ramiy 20 35758 Reading Settings fallback option when none is selected at Front page displays Query 4.4.1 normal normal defect (bug) new 2016-02-05T20:26:25Z 2019-06-04T20:54:56Z "Hi, I found a bug that makes the home page think it's a page. (I didn't look at the WP_Query variables.) Here are the steps to replicate the issue: 1. Go to /wp-admin/options-reading.php 2. Delete the selected option at ""Front page displays"" through Developer Tools/Web Inspector. 3. Save settings. 4. Now no setting is selected. The home page is a Posts Page but WP_Query doesn't recognize it as one, nor as a front page at all. This causes all kinds of issues when plugins/themes rely on is_front_page(). Thanks!" Cybr 3 35761 Add filter(s) to get_adjacent_post function to change variables further down Query normal normal enhancement new 2016-02-06T04:17:05Z 2019-06-04T20:55:03Z "I'm finding it incredibly difficult to sort a post type using the existing filters to order by custom post meta alphabetically on a single post (for next/previous post). A use case is when I have a separate field for a custom post type called ""Last Name"" where I would want my posts to display in alphabetical order by last name. When sorting on an archive with pre_get_posts, it's not a problem, however when navigating posts from the single post, there just doesn't appear to be a simple way to change the ""next"" and ""previous"" posts to maintain the same custom sort order when dealing with an alphabetical meta_value. I'm proposing adding one or two filters to the get_adjacent_post() function which allows the final query to be filtered, or more importantly, the query result to be filtered so a custom sort can be implemented." briandichiara 1 35771 Setting Size for Native Video Player Doesn't Work Media normal normal Awaiting Review defect (bug) new 2016-02-07T21:28:00Z 2017-06-27T16:50:20Z "Width and height rules do not affix the size of the embedded native media player. Width is ultimately honored, but height setting is overruled and set proportionally based on video's proportions. Consequently, if width of the player is set to fill in the theme's available content space, but the embedded video is vertical (filmed vertically, whereby height of the video is greater than width), then the player will be stretched way too tall, regardless of height settings (which is ultimately ignored). To reproduce: Embed any locally hosted, vertical video using native video player, using the Embed Media Player option from the Insert Media attachment window. Set width to the width of your theme's content area, and height to less than width. Height will not be honored. Desired solution: Set player size to the width and height chosen by the user. Fit the video within the set space of the player." Tranny 1 35774 WordPress admin <title> structure SergeyBiryukov dev-feedback Administration normal normal Future Release enhancement assigned 2016-02-08T13:29:06Z 2019-09-23T01:38:27Z "Currently the admin titles has a wired structure. Few examples: * **Dashboard ‹ Site Name — WordPress** * **Posts ‹ Site Name — WordPress** * **Writing Settings ‹ Site Name — WordPress** Same structure applies for plugin setting pages. * `page-title ‹ site-name — WordPress` The problem with this structure: * Why are we using `‹` character? why not `›`. * We should add RTL support for the separator. * The `Site Name` and the `WordPress`, they look like bad combination. Few suggestions: * We need to replace the `‹` character with `›`. * We can add RTL support. See ticket #35737 and changeset [36487]. * And we need to think about the combination of `WordPress` and `Site Name`." ramiy 22 35775 Enhancements: add_post_thumbnail_image_size / wp_get_attachment_id Media normal normal enhancement new 2016-02-08T14:14:08Z 2019-06-04T20:22:23Z "Hello, I hope I am in the right place here to suggest two enhancements for WP core. 1: From my perspective the most used image of a post is the post-thumbnail. I use this post thumbnail quite often in different sizes - for teasers, related posts, sliders etc. From a performance perspective I always want to deliver the image in the correct dimensions. No 1600px image in a related post section where the image is 200px wide etc. I am struggling a bit because I often work on websites which have a lot of pictures in their posts. When I add a new image size its always relevant for all images which are uploaded to WP and often they are not necessary. I do not need a 200px wide image of 20 images which are used in the post - I only need it for the post-thumbnail. From that perspective I would like to have another function than add_image_size - for example: add_post_thumbnail_image_size which is only triggered when somebody selected an image as the post-thumbnail. This will save space on the servers as well. 2: Sometimes I have the case that I need the attachment ID of an url that has been uploaded. For example: I delevoped a plugin where an image can be chosen, the input field is a text field for a URL. In that case I need to determine the attachment ID to have access to all the necessary WP functions. In this case I built my own function that does it, but I think it will also be a function that can be helpful if it is integrated in WP. Looking forward to your reply. In order to always get the image in the correct dimensions which are " torben.tschechne@… 1 35780 New data-type: recordable video General normal normal Future Release feature request new 2016-02-09T00:16:41Z 2019-06-04T19:55:20Z "Hello there I am suggesting a new data-type 'recordable video' within WordPress core. Do not have a clear idea what data types you currently have and how they are implemented. Already have raised this on slack and were recommended to raise this as a ticket instead. My goal is to make WordPress accessible for Sign Language users! They are mostly Deaf people who express their messages, comments, posts in Sign Language. Currently it is a pain to record a video message with a separate software, to convert, to compress and to upload it back to WordPress. That's not fair compared to those hearing people who just can type in the Form and submit that. There is an open source npm library to record videos, asynchronous, in plain JavaScript and HTML, see https://github.com/binarykitchen/videomail-client. Here is an exact example how this could work: https://binarykitchen.com/contact/action/add/ With the videomail-client you can add a recordable <video> element linked to your webcam inside any form. Very easily. As a plus, it also supports audio! Like that also those who can hear, not just deaf people, could just hit the record button, say something and submit that right away. That would be awesome for everyone. Just takes few seconds to encode, depending on the length and your bandwidth. All plain JS, using the getUserMedia() API. I am not trying to advertise my code but to distribute it on well-known CMS, this to improve the lives of Deaf people including me (I've been hacking JS, PHP, HTML and much more for > 22 yrs). Feedback very welcome. I am very happy to submit PRs if I have your blessings and can count on your guidance where to start. Michael" michael.heuberger 14 35785 "Concatenating ""wp-post-new-reload=true"" with URL repeatedly" Administration normal normal defect (bug) new 2016-02-09T18:33:12Z 2019-06-04T19:34:27Z "Concatenating ""wp-post-new-reload=true"" with URL repeatedly when a meta box has required field and user click on ""Publish"" button without filling it properly: http://screencast-o-matic.com/watch/cDnQFFhRcR " codename065 1 35793 Something Wrong with UI in Administration reporter-feedback Administration normal normal defect (bug) new 2016-02-10T02:26:04Z 2019-06-04T19:34:33Z "I'm using 4.4.2 now. And I think that there's something wrong with the UI in administration page. Look at the sidebar in the image. I have tried to remove the cache, it works. But it looks as the image shows working after viewing some pages. " zjhzxhz 1 35794 redirect_canonical doesn't strip off custom feed endings Canonical 3.9 normal normal defect (bug) new 2016-02-10T13:54:41Z 2019-06-04T19:34:38Z "The pattern used for matching URL's with feed endings (e.g. /feed/atom/) isn't matching any custom defined feeds. For example, if you add 'json' as a new type of feed, the redirect_canonical function adds up the feed ending to the current request URL. This is caused by fixed regular expressions used to match such feed URL's. These regular expressions should be generated using the $wp_rewrite->feeds variable: {{{#!php $feedssubpattern = implode('|', array_map(function($val) { return preg_quote($val, '#'); }, $wp_rewrite->feeds)); $pattern = '#/(comments/?)?(' . $feedssubpattern . ')(/+)?$#'; }}}" huyby 2 35796 """Permalink Settings"" admin page is largely blog/post specific" dev-feedback Permalinks normal normal enhancement new 2016-02-10T17:44:29Z 2020-02-06T19:41:12Z "The current verbiage in `options-permalink.php` is a little cryptic, and in a world pull of custom post types (including Pages) it's actually a bit confusing: Here's the current verbiage: > '''Permalink Settings''' > > WordPress offers you the ability to create a custom URL structure for your permalinks and archives. Custom URL structures can improve the aesthetics, usability, and forward-compatibility of your links. A number of tags are available, and here are some examples to get you started. I'd like to see these changed to something more like: > '''Post Link Settings''' > > WordPress offers the ability to customize the URL structure of your post and post-archive permalinks, improving the aesthetics, usability, and forward-compatibility. Several tags are available, and we've included the most popular configurations below: In addition, I'd like to propose we include the permalink tags in the dropdown Help section, rather than link off to WordPress.org. All of this would offer several UX improvements: * Keep the user on the same page rather than link off and open a new browser tab for WordPress.org * It better expresses to the end-user that this settings page is largely dedicated to posts, implying that pages and custom post types get pretty URLs largely as a consequence * Now that `unregister_post_type()` is in trunk, we should start thinking about trimming the options down to ""Pretty"" and ""Unpretty"" if the ""Posts"" type isn't even registered anymore. (There are likely to be many other considerations in this circumstance, but it's relevant here.) * It's a friendly nod to developers to remind them that this page won't help them with their custom post types, taxonomies, or rewrite rules for other purposes." johnjamesjacoby 10 35802 Code being injected by toolbar into Visual Editor Editor normal normal defect (bug) new 2016-02-11T20:08:40Z 2019-06-04T19:34:40Z "Morning. I've come across an issue where if a user has Microsoft Lync installed on their machine, that if the browser has the 'link to call' and 'lync browser helper' tool bars enabled, their browser automatically inserts a telephone icon and related span tag into the visual editor that breaks the editor. Users are not able to save their changes after this code has been inserted and it happens automatically as a phone number is typed in. But you can publish articles with the injected code without saving to draft. " hexified 1 35805 Reverse page order in wp_list_comments() with newest comments first boonebgorges needs-unit-tests Comments 4.4.2 normal normal defect (bug) reviewing 2016-02-12T00:21:26Z 2019-06-04T19:34:45Z "Hey there, since wp 4.4 there were lots of bugs in the wp_list_comments()-function. Some of them are already fixed, now I found another one. If you change the comments order from default (oldest first) to newest first, the page order is wrong (reverse page order). == Example == You have 4 pages by sending following param you get these pages: {{{ page=1 -> 4 page=2 -> 3 page=3 -> 2 page=4 -> 1 }}} == How I call this function == Inside the post-loop I'm calling: {{{#!php <?php while ( have_posts() ) : the_post(); get_template_part( 'templates/content', 'comment' ); }}} The template file templates/content-comment.php has following content: {{{#!php <?php if ( ! defined( 'ABSPATH' ) ) { exit; } ?> <?php global $withcomments; ?> <?php $withcomments = 1; ?> <?php add_filter( 'comments_template', '__return_true' ); ?> <?php if ( comments_open() || get_comments_number() ) : ?> <div class=""entry-comment""> <?php comments_template( '/comments-content.php' ); ?> </div> <?php endif; ?> }}} And comments-content.php has following part: {{{#!php <?php wp_list_comments( array( 'page' => $cpaged, // Variable defined before, default: 1 'per_page' => 2 ) ); ?> }}} PS: In ticketing system the version 4.4.2 is not available :-)" Ninos Ego 7 35806 Add filter to capability check when checking if user row is editable Users normal normal enhancement new 2016-02-12T01:12:54Z 2019-06-05T06:43:30Z "'''Suggestion''' Currently in `class-wp-users-list-table.php` the check for wether or not a displayed user is editable is done using `current_user_can( 'list_users' )` on line 398. This is inflexible and doesn't allow finer control over which users are editable by which other users. I suggest filtering this check or filtering the specific capability. '''Scenario''' I create WordPress sites for clients in an agency setting. Our sites are highly bespoke, and changing themes or disabling plugins will cause harm to their site. Must-use plugins have their limitations and removing other themes from wp-content/themes only goes so far. On these sites, I want the client to administrate all aspects of the site, except for changing the theme or disabling plugins. To this end, I've created a plugin defining a custom 'manager' role with. This role is highly permissive, save administrating themes or plugins. On the user side I want managers to be able to create users with manager or lower roles, but not create/edit/delete administrators. I can exclude administrators from the list using a `users_list_table_query_args` filter, but for transparency I want administrators to be listed, just not editable. If either the check or the capability in `if ( current_user_can( 'list_users' ) ) {` went through `apply_filters`, I could define a custom capability and filter this check, producing the desired result, or create some other logic. I feel as though this enhancement would be of great benefit, allowing finer grain user control." nathanshubert 2 35817 Force users to set strong passwords close Login and Registration normal normal Awaiting Review enhancement new 2016-02-12T16:31:38Z 2024-02-08T15:55:49Z "WordPress 4.3 added [https://github.com/dropbox/zxcvbn zxcvbn] for better password strength testing. The UI was also modified to push users to set strong passwords in various ways. * When setting a password, a strong one is generated for the user. * A user must check off an ""Are You Sure?"" checkbox to set a weak password. This is great. However, an ""Are You Sure"" checkbox is what stands between an easily hackable WordPress site and an exponentially stronger WordPress site. I would like to force users to set strong passwords in the UI. " ericlewis 23 35820 WP_Query(array( 'p' => 0)) will return posts Query 4.4.2 normal normal defect (bug) new 2016-02-12T21:28:16Z 2019-06-04T20:55:04Z "Long to short, I was presuming that if the $args were such that no rows exist then WP_Query would return nothing. Not so. If by chance, 'p' => 0, you do get results. Perhaps the 0 is interpreted as false? Even so, an ID == false should return no row, yes? Or one might argue ""well, that query doesn't make sense. it's not really valid."" again, all the more reason to return nothing. " ChiefAlchemist 1 35823 "Implement ""FS_CHMOD_FORCE"" constant; if set - media uploads and image resizing do NOT ignore FS_CHMOD_FILE" Upload normal normal Awaiting Review enhancement new 2016-02-12T23:46:25Z 2018-01-25T20:22:36Z "Hello. I want to re-open https://core.trac.wordpress.org/ticket/21251 I think that it's very strange to not giving an ability to globally override file permissions. Even though WP lead developers thinks that it's ""not good"" to use FS_CHMOD_FILE on file uploads - there should be a way to do it. It will not be default. Default behaviour won't be changed. Filters or other ways are a madness for users with many websites on board or for hosting providers which want to set basic options forcefully. The problem: One may expect that after setting constant FS_CHMOD_FILE - all files created or modified (maybe) by WordPress will have FS_CHMOD_FILE permissions. But for some wierd reason it is not so. I can understand the explanation from 21251 ticket. So it can be solved by creating a new constant which control the behaviour. I've attached a patch which changes upload function's logic to understand FS_CHMOD_FORCE constant and honor it if it is defined. If it is not defined (default), behaviour will be the same as it was before. After applied patch it will be possible to set the following in wp-config.php or globally: {{{#!php <?php define('FS_CHMOD_FILE', 0640); define('FS_CHMOD_FORCE', 1); }}} so all uploaded files will be uploaded with 0640 chmod. 0640 can be changed to desired value for sure, this is just an example." Profforg 2 35827 Customizer: Create a dropzone for adding images Customize 4.1 high normal Future Release enhancement assigned 2016-02-13T22:27:11Z 2017-09-26T13:52:00Z "This is a follow-up to #35826. On panels that let you upload images (identity, header, background) we should make the ""no image set"" container a dropzone to drag & drop your images onto. Like the editor, when you drag and drop an image into those dropzones, it would open the media modal and start uploading the image." melchoyce 20 35829 Separate functions from wp-login.php has-patch Login and Registration normal normal enhancement new 2016-02-14T13:10:10Z 2019-06-04T20:22:28Z "There are some functions in `wp-login.php`. But it makes hard to customize login page. (e.g. [https://github.com/georgestephanis/two-factor/pull/62 2FA Feature plugin]) Related: #20279" extendwings 1 35833 "Adding a table with the ""widefat"" class on post and taxonomy list table screens causes the quick edit UI and bulk edit to fail" has-patch Quick/Bulk Edit 4.4.2 normal normal 6.6 enhancement assigned 2016-02-15T05:11:47Z 2024-02-12T09:19:40Z "This is a very strange issue. On a fresh WP install running twentysixteen with no plugins activated, including this code causes the quick edit UI to miscalculate its width and end up looking wacky: {{{ add_action( 'load-edit.php', 'xxx_test_table_in_help_tab' ); function xxx_test_table_in_help_tab() { $test_table_args = array( 'id' => 'test_help_table', 'title' => 'Something', 'content' => '<table class=""widefat""><tr><td>Something</td></tr></table>', ); get_current_screen()->add_help_tab( $test_table_args ); } }}} I'm attaching a screenshot of what the quick edit UI looks like with this code in place. Removing the class ""widefat"" restores the quick edit UI to normal. As strange as it sounds, I believe the presence of the widefat class is causing something in the quick edit JS to miscalculate. I haven't found the exact line where the issue is, but it seems to all come down to the presence of the ""widefat"" class." Braad 31 35837 The auto-update in media editor rewrites user inputs reporter-feedback Media 4.4.2 normal normal defect (bug) new 2016-02-15T13:04:34Z 2019-06-04T20:22:32Z "Hello while the media editor is opened in ""lightbox"" where the auto-upade is applied the input fields loose their focus on each autoupade making the editing really uncomfortable. see this video https://youtu.be/ULmiAf2N6kA all the fields that you can see in this video were hooked up like so: https://gist.github.com/twentyfortysix/d7dcdc931aed3f2529a9#file-register_media_field-php" o----o 2 35839 Escape backslashes upon export for better import Import 4.4.2 normal normal Awaiting Review defect (bug) new 2016-02-15T21:10:19Z 2017-03-30T01:05:40Z "Exporting a WordPress site and importing it again will lose backslashes in Post content. For example, if you had a post discussing c:\Windows\System32\calc.exe it would be imported as c:WindowsSystem32calc.exe" JasonH09 2 35842 Register Post Type function label default dev-feedback Posts, Post Types normal normal enhancement new 2016-02-16T10:14:42Z 2019-06-04T20:55:17Z "When registering a Post type if the label or labels arguments are not set the label takes on a default of 'Posts' and not the Post type's name. It states in the documentation that the label takes on the name of the Post type passed in as the first argument. I believe the fix is as simple as updating the defaults variable in wp-includes/post.php on line 1017 with the label argument set to the post_type variable. {{{#!php <?php $defaults = array( 'label' => $post_type, 'labels' => array(), 'description' => '', 'public' => false, 'hierarchical' => false, 'exclude_from_search' => null, 'publicly_queryable' => null, 'show_ui' => null, 'show_in_menu' => null, 'show_in_nav_menus' => null, 'show_in_admin_bar' => null, 'menu_position' => null, 'menu_icon' => null, 'capability_type' => 'post', 'capabilities' => array(), 'map_meta_cap' => null, 'supports' => array(), 'register_meta_box_cb' => null, 'taxonomies' => array(), 'has_archive' => false, 'rewrite' => true, 'query_var' => true, 'can_export' => true, 'delete_with_user' => null, '_builtin' => false, '_edit_link' => 'post.php?post=%d', ); }}}" moshiezz 2 35847 Issue with blog roll pagination on static frontpage Canonical 4.4.2 normal major defect (bug) new 2016-02-17T02:00:09Z 2019-06-04T19:34:46Z "This is a follow-up to #35344. Still having this problem on 4.4.2 with or without [https://core.trac.wordpress.org/attachment/ticket/35344/35344.2.diff 35344.2.diff] applied. The query.php in 4.4.2 is way too different to apply [https://core.trac.wordpress.org/attachment/ticket/35344/35344.diff 35344.diff]. In my case this bug only affects the blog roll on a static front page, and instead of redirecting to the homepage it strips the page number from the URL and tries to load sitename.com/page/ which, in turn, returns a 404. The same page, unset from being the frontpage, works fine." finomeno 4 35848 WordPress 4.4 Handling Custom Taxonomies and Tax Queries Correctly reporter-feedback Query 4.4 normal normal defect (bug) new 2016-02-17T05:53:20Z 2019-06-04T20:55:22Z "As of the WordPress 4.4 release, we have seen several sites that are using custom post types and custom taxonomies that no longer respond correctly to taxonomy page requests. E.g. Custom Post Type 1 -- Custom Tax 1 (slug = customtax1) -- Custom Tax 2 (slug = customtax2) Custom Post Type 2 -- Custom Tax 3 (slug = customtax3) -- Custom Tax 4 (slug = customtax4) A query like this ?customtax1=term1&customtax3=term2&customtax2=term4 should result in a taxonomy query where you get posts/post types that have the respective term values associated with the post object for each of those taxonomies. Instead as of WordPress 4.4, these queries are returning the home page of the site with is_home = true (not a taxonomy template) and completely disregarding the taxonomy query. Important notes: 1) Custom Post Type/Taxonomy plugins have been observed on these sites. It is not limited to any specific custom post type/taxonomy plugin 2) register_post_type and register_taxonomy ARE being called by these plugins via the init hook 3) Reverting to 4.3.x fixes the issue 4) Custom taxonomies in the admin and custom post types everywhere still seem to be working the same as with previous WP versions. The issue seems to be related only to the main query of front end requests. 5) Switching themes does not fix the issue 6) Migrating the register_post_type and register_taxonomy definitions to functions.php in the main theme and verifying they are run in an init hook does not fix the issue. 7) Trying to work around the issue by running pre_get_posts and applying the appropriate tax_query to the main query does not fix the issue. 8) Setting the post_type to the associated custom post type for the custom taxonomy in a ""request"" hook or ""pre_get_posts"" hook does not fix the issue, but it does shift the theme template to the custom post type's archive template (which at least rectifies the visual display problem associated with the incorrect query parsing, but it still doesn't appropriately filter the request) 9) Creating a WP_Tax_Query manually does return the desired tax_query, but this does not appear to work with $query->set in pre_get_posts either by assigning the tax_query as an array or WP_Tax_Query object (which was a hail mary test) Any necessary information needed to debug this can be provided. But it ""appears"" to be some sort of regression or new bug associated with the new taxonomy features and that is limited to custom post types with custom taxonomies." vrazer 3 35857 Add QUnit tests for Customizer preview, including Selective Refresh needs-unit-tests Customize 3.4 normal normal Future Release task (blessed) assigned 2016-02-18T08:26:15Z 2023-03-17T17:06:23Z "Initial Customizer unit tests for PHP and JS were added in #28579. The QUnit tests were done specifically for the Customizer controls (pane) and not the Customizer preview. This was understandable since he preview was devoid of much unique JS functionality. With the introduction of the Selective Refresh component (#27355), this has changed. There needs to be a new QUnit test suite specifically for the Customizer preview. See @valendesigns initial foundation work here: https://github.com/xwp/wp-customize-partial-refresh/pull/32/files#diff-6fcbfd120899db12c05cdb1f6142cd87 " westonruter 17 35858 """wpmu_welcome_notification"" has a filter post-processing routines in wrong place" has-patch Login and Registration 3.0 normal normal enhancement new 2016-02-18T08:54:11Z 2019-06-04T20:22:37Z """wpmu_welcome_notification"" has a filter post-processing routines in wrong place which renders the filter mostly useless. Nearly identical ""wpmu_welcome_user_notification"" has it done corectly. Diff/Patch attached. " mwillberg 3 35859 get_edit_user_link should always return the edit user link even if the given ID is that of the current user dev-feedback Users normal normal defect (bug) new 2016-02-18T11:18:13Z 2019-06-05T06:43:31Z "In my scenario a user action triggers an email that is sent to the site admin that contains a link to edit that users profile. When I'm using the function as follows {{{#!php <?php wp_mail( get_option('admin_email'), 'User needs help', get_edit_user_link( get_current_user_id() ) ); }}} the email only contains a link to http://example.com/wp-admin/profile.php which of course isn't very helpful in that context. The expected behavior to me is that the URL returned is always pointing to that specific user that I used as a function argument and I can use the link in any context: http://example.com/wp-admin/user-edit.php?user_id=19" jancbeck 1 35862 Comments screen: audit all the background color animations Comments 3.8 normal normal defect (bug) new 2016-02-18T17:26:13Z 2019-06-04T19:34:53Z "Noticed some weird behavior, to reproduce: go in the Comments screen (in the ""All"" view), and mark as spam or move to the trash an '''approved''' comment. The comment row background will quickly ""flash"" to red and then the comment row will disappear. Do the same on an '''unapproved''' comment: no red flash. There are also other cases where this happens, seems all related to pending comments. By the way, the JavaScript animations still run and the background is animated behind the scenes. It just can't be seen because the pending comment row background color is now set on the `th` and `td` elements that hide the change on the `tr` background. Looks like this JavaScript part wasn't updated after the CSS changes in WordPress 3.8. There are also other old things that missed to be updated, for example at some point JavaScript still uses `#FFFFE0`. This was the background color used for unapproved comments in WordPress 3.7 but they use `#FEF7F1` since 3.8. I'd propose two options: 1. Fix the animations :) 2. Get rid of them. Apparently, not so many users have complained about the (partial) lack of color animations in the last 2 years I'd lean toward the second option. There are several lines of JavaScript in `edit-comments.js` and `wp-lists.js` that could be removed, they are hard to maintain and being a bit old code they also violate the separation of structure, presentation and behavior principle. Yes, the JS could be refactored and maybe use a more modern approach but for, I'd say, a very little benefit. So before any patch attempt, this would need a decision. Any thoughts more than welcome. In the screenshot below, the red flash on pending comments, how it used to be on WordPress 3.7 [[Image(https://cldup.com/Ml9laEw1jQ.png)]]" afercia 5 35865 Site Icon should be uploaded to a different directory or not able to be deleted from library Media 4.4 normal normal Awaiting Review enhancement new 2016-02-18T22:52:42Z 2023-08-14T21:50:57Z The new site icon feature is great. However I think if an image is set as the site icon, that image should not be able to be deleted from the media library, or it should be uploaded somewhere else and use that location as its link. DoodleDogCody 6 35867 Screen scrolls to bottom when moving menu items on mobile Menus 4.4.2 normal normal defect (bug) new 2016-02-19T05:57:13Z 2019-06-04T20:22:49Z "When tapping on a menu item in Appearance > Menus on a mobile browser, dragging it to the desired position becomes an almost impossible task because the screen keeps scrolling to the bottom. Steps to reproduce: 1. Access wp-admin in a mobile browser 2. Go to Appearance > Menus 3. Create a menu and add four or more menu items 4. Tap and hold on a menu item and drag it to a desired position Expected: Screen remains in current position and I'm able to move menu items around smoothly Actual: Screen scrolls to the bottom and I'm unable to see where to position the menu item Issue happens on both mobile Safari and Chrome. However, this does not occur in the Menus section of the Customizer where I had a much better experience managing menus. " druesome 3 35868 Add Filter for Profile User Description Bio Users normal normal enhancement new 2016-02-19T09:26:18Z 2019-06-05T06:43:35Z I see there's a filter for user_contactmethods and user_profile_picture_description but not for the bio. wordpresssites 4 35870 image_default_link_type does not work for galleries Media 4.4.2 normal normal defect (bug) new 2016-02-19T10:25:33Z 2019-06-04T20:22:54Z "After some updated I've noticed all galleries started to point the URL to attachment post instead of image. After some digging it seems that attachment post will appear if no settings were found in the code. I've tried to override this without any luck I found this and it describes the problem: https://core.trac.wordpress.org/ticket/35101 Now I find out that this fix does not work for galleries. Even if I have image_default_link_type i the data table the attachment appears as default. And the front generates galleries with attachment post url when the setting is missing in the gallery code from content." jayse83 1 35871 before_delete_post incorrectly triggered from edit.php to post.php reporter-feedback Posts, Post Types 4.4.2 normal normal defect (bug) new 2016-02-19T10:44:18Z 2019-06-04T20:55:27Z "It seems there's a bug where {{{before_delete_post}}} triggers when clicking the post name (on edit.php) to go to the post.php admin edit screen. I have this code {{{#!php <?php add_action('before_delete_post', $plugin_admin, 'prevent_club_deletion', 5); public function prevent_club_deletion() { global $post_type; if ( $post_type != 'club' ) return; $redirect = ( isset($_SERVER[""HTTP_REFERER""]) ? $_SERVER[""HTTP_REFERER""] : get_admin_url(1, 'edit.php?post_type=club') ); wp_redirect( $redirect ); exit(); } }}} It randomly triggers the redirect when attempting to head into single edit screen for a post. It's a hierarchical CPT and the bug occurs for both parent and child pages. Tested with custom theme (no hooks really) and no plugins activated (except the one that creates the CPT and this hook). " Jonathandejong 5 35879 Increase width of menu item classes field Menus normal normal enhancement new 2016-02-19T20:20:43Z 2019-06-04T20:23:00Z "Relatively self-explanatory patch attached. Let me know if more details needed." lkraav 3 35887 Adding multiple media to post - selecting image size Media 4.4.2 normal normal Awaiting Review defect (bug) new 2016-02-20T12:03:10Z 2023-10-25T04:35:24Z "When clicking ""Add Media"" to add images to a post, you can select multiple images. With all images selected, logic follows that if you change the ""ATTACHMENT DISPLAY SETTINGS"" size from default ""Medium"" to ""Full Size"", that all selected images would have the same setting changed, but when you add them, only the one image that was highlighted is actually ""Full Size"" and the rest which were selected, but not highlighted, are still ""Medium"". I think when adding multiple media, all should be changed to size that is selected in ""ATTACHMENT DISPLAY SETTINGS""." myburgh.bernard@… 9 35907 Permit sticky posts to affect the query in REST_REQUEST rmccue needs-unit-tests Query normal normal Future Release enhancement reopened 2016-02-22T23:44:13Z 2017-04-23T22:19:55Z Needed for https://github.com/WP-API/WP-API/issues/2210 danielbachhuber 6 35912 Allow changing network URL scheme dev-feedback Networks and Sites normal normal enhancement new 2016-02-23T02:37:42Z 2019-06-04T20:55:37Z "Right now, it's not possible to convert a network from HTTP to HTTPS. The normal way to enforce HTTPS on a site is to change the URLs for the site, but with multisite, this has to be done via the Network Admin. However, the URL isn't editable at all for the main site on the network, so it's not possible to edit it. Attached patch allows setting only the scheme for the main site. However, this does have a big question attached: should updating the scheme for the network update it across all sites? If so, should it only update from HTTP -> HTTPS, or vice versa as well?" rmccue 8 35913 `is_()` conditional methods should share their logic dev-feedback Query normal normal Future Release defect (bug) new 2016-02-23T02:54:55Z 2017-02-06T08:52:07Z "Many of the `is_()` methods in `WP_Query` share the nearly the exact same logic. As such, they share the exact same bugs, and fixing those bugs requires many parallel changes and huge numbers of tests. See #35902 and #24674 for some recent examples. It's possible to move all the shared logic to a single `protected` utility method. It's a bit more abstract, but is much easier to maintain and test." boonebgorges 2 35916 WP_Rewrite::generate_rewrite_rules() ignores boolean $endpoints / $feed parameters for CPT needs-unit-tests Rewrite Rules normal normal defect (bug) new 2016-02-23T08:34:12Z 2019-06-04T21:20:24Z "Hello, I'm trying to declare custom rewrite rules for a custom post type without endpoints and feeds. As result, WP ignore the endpoint flag in the WP_Rewrite::generate_rewrite_rules(). What I did is as following. I created a custom post type called 'event' with the following arguments for register_post_type() : {{{#!php array( // Array of WP post type args 'labels' => array( 'name' => 'Events', 'singular_name' => 'Event', ), 'public' => true, 'publicly_queryable' => true, 'show_ui' => true, 'show_in_menu' => true, 'query_var' => false, 'rewrite' => false, 'capability_type' => 'post', 'hierarchical' => false, 'menu_position' => 5, 'menu_icon' => 'dashicons-tickets-alt', 'supports' => array( 'title', 'editor', 'thumbnail', ), 'taxonomies' => array( 'post_tag', 'my_category', ), ); }}} Then I called {{{#!php $args_post_type = array( 'feed' => false, 'paged' => false, 'ep_mask' => EP_NONE, 'endpoints' => false, ); add_permastruct('events', 'events/%event%', $args_post_type); }}} The resultings rewrite rules are : {{{ 'events/[^/]+/attachment/([^/]+)/?$' => string 'index.php?attachment=$matches[1]' (length=32) 'events/[^/]+/attachment/([^/]+)/trackback/?$' => string 'index.php?attachment=$matches[1]&tb=1' (length=37) 'events/[^/]+/attachment/([^/]+)/feed/(feed|rdf|rss|rss2|atom)/?$' => string 'index.php?attachment=$matches[1]&feed=$matches[2]' (length=49) 'events/[^/]+/attachment/([^/]+)/(feed|rdf|rss|rss2|atom)/?$' => string 'index.php?attachment=$matches[1]&feed=$matches[2]' (length=49) 'events/[^/]+/attachment/([^/]+)/comment-page-([0-9]{1,})/?$' => string 'index.php?attachment=$matches[1]&cpage=$matches[2]' (length=50) 'events/[^/]+/attachment/([^/]+)/embed/?$' => string 'index.php?attachment=$matches[1]&embed=true' (length=43) 'events/([^/]+)/embed/?$' => string 'index.php?event=$matches[1]&embed=true' (length=38) 'events/([^/]+)/trackback/?$' => string 'index.php?event=$matches[1]&tb=1' (length=32) 'events/([^/]+)(?:/([0-9]+))?/?$' => string 'index.php?event=$matches[1]&page=$matches[2]' (length=44) 'events/[^/]+/([^/]+)/?$' => string 'index.php?attachment=$matches[1]' (length=32) 'events/[^/]+/([^/]+)/trackback/?$' => string 'index.php?attachment=$matches[1]&tb=1' (length=37) 'events/[^/]+/([^/]+)/feed/(feed|rdf|rss|rss2|atom)/?$' => string 'index.php?attachment=$matches[1]&feed=$matches[2]' (length=49) 'events/[^/]+/([^/]+)/(feed|rdf|rss|rss2|atom)/?$' => string 'index.php?attachment=$matches[1]&feed=$matches[2]' (length=49) 'events/[^/]+/([^/]+)/comment-page-([0-9]{1,})/?$' => string 'index.php?attachment=$matches[1]&cpage=$matches[2]' (length=50) 'events/[^/]+/([^/]+)/embed/?$' => string 'index.php?attachment=$matches[1]&embed=true' (length=43) }}} Looking at class-wp-rewrite.php, I noticed in generate_rewrite_rules() that piece of code that forces the $post flag for CTP {{{#!php if ( ! $post ) { // For custom post types, we need to add on endpoints as well. foreach ( get_post_types( array('_builtin' => false ) ) as $ptype ) { if ( strpos($struct, ""%$ptype%"") !== false ) { $post = true; // This is for page style attachment URLs. $page = is_post_type_hierarchical( $ptype ); break; } } } }}} and that piece of code that unconditionnaly add extra endpoints / feeds... for post {{{#!php // If we're matching a permalink, add those extras (attachments etc) on. if ( $post ) { // Add trackback. $rewrite = array_merge(array($trackbackmatch => $trackbackquery), $rewrite); }}} Could confirm that problem? Thanks" solo14000 3 35927 _wp_attachment_metadata meta_value wrong type in export dev-feedback Export 4.4.2 normal normal defect (bug) new 2016-02-23T20:50:59Z 2019-10-24T06:06:09Z "this if from an export using wp 4.4.2, the particular post is from Dec 2010. {{{ <wp:postmeta> <wp:meta_key><![CDATA[_wp_attachment_metadata]]></wp:meta_key> <wp:meta_value><![CDATA[a:6:{s:5:""width"";s:4:""1280"";s:6:""height"";s:3:""800"";s:14:""hwstring_small"";s:23:""height='80' width='128'"";s:4:""file"";s:49:""2010/12/Bildschirmfoto-2010-12-14-um-19.47.29.png"";s:5:""sizes"";a:3:{s:9:""thumbnail"";a:3:{s:4:""file"";s:49:""Bildschirmfoto-2010-12-14-um-19.47.29-150x150.png"";s:5:""width"";s:3:""150"";s:6:""height"";s:3:""150"";}s:6:""medium"";a:3:{s:4:""file"";s:49:""Bildschirmfoto-2010-12-14-um-19.47.29-300x187.png"";s:5:""width"";s:3:""300"";s:6:""height"";s:3:""187"";}s:5:""large"";a:3:{s:4:""file"";s:50:""Bildschirmfoto-2010-12-14-um-19.47.29-1024x640.png"";s:5:""width"";s:4:""1024"";s:6:""height"";s:3:""640"";}}s:10:""image_meta"";a:10:{s:8:""aperture"";s:1:""0"";s:6:""credit"";s:0:"""";s:6:""camera"";s:0:"""";s:7:""caption"";s:0:"""";s:17:""created_timestamp"";s:1:""0"";s:9:""copyright"";s:0:"""";s:12:""focal_length"";s:1:""0"";s:3:""iso"";s:1:""0"";s:13:""shutter_speed"";s:1:""0"";s:5:""title"";s:0:"""";}}]]></wp:meta_value> </wp:postmeta> }}} every width and height value is a string but should be an int! {{{ s:5:""width"";s:3:""150"";s:6:""height"";s:3:""150""; }}} should be {{{ s:5:""width"";i:150;s:6:""height"";i:150; }}} if i edit it manually, the import works. could you provide database migration or something in the next update to fix the values? this don't happen with newer articles." davidak 2 35932 Square brackets for shortcodes can't be entered with default Czech, Slovak and maybe other keyboards Editor normal normal defect (bug) reopened 2016-02-24T11:16:12Z 2019-06-04T19:35:00Z "In Czech, Slovak, and probably some other languages, we have dedicated right alt click for writing some lesser used characters. E.g. for writing [ you need to press Right Alt plus F And that's the problem, as this combination is in wysiwyg editor shortcut for opening wysiwig in full screen window. So it is not possible for us to write any shortcode, unless we switch keyboard or write it elsewhere and copy to editor or remember the numeric value of the symbol and writing it on numlock. I am not sure, and i doubt, that this can be solved via language .pot file (so that every language could define the keys for every shortcut), and i have not found, where it is defined. I know that tinymce got addShortcut method, bot no delete or edit shortcut.... it is wrong in both trunk and latest" thomask 10 35937 "Visual improvements for the comment ""pending status""" Comments normal normal Future Release defect (bug) new 2016-02-24T16:25:05Z 2019-01-13T16:55:31Z "Splitting this out from #35392. While working on #35392, noticed and agreed there's room for some visual (and further accessibility) improvements. Specifically, the comment ""pending status"" relies on a small ""flag"" icon, followed by a `[Pending]` text. From a design perspective, this could use some love. Whether it would be some additional, descriptive, text or a new icon etc. it would be possible to expand the new text or icon with some `screen-reader-text` in order to provide a reasonably understandable feedback for assistive technologies users. Worth noting this applies to the Dashboard ""Recent Comments"" widget and the list of comments in the Comments screen and Edit post screen as well, where the pending status information is conveyed using just color. cc @melchoyce [[Image(https://cldup.com/IWyv7rKuEE.png)]] " afercia 17 35955 Improvements for Menus reporter-feedback Menus 4.4.2 normal normal enhancement new 2016-02-25T21:33:35Z 2019-06-04T20:23:06Z "I'd like to propose some improvements for Menus. - When adding a set of pages with children, I think it would be useful if the menu structure would also follow the relationship between parent and children elements. Currently, when adding pages and their children, all of them go into first level so children and their children must be rearranged manually. - If replacing a parent menu item (does not necessarily need to be a parent page), all the children are sent to level below, so they have to be rearranged manually again. I think it would be useful if we could replace any element that has children with another element without losing the structure (something like ""replace this menu item"") " Mckilem 1 35959 Functon 'wp_generate_attachment_metadata(...)' silently swallowing errors from 'wp_get_image_editor(...)'. has-patch Media 3.5 normal normal Awaiting Review defect (bug) new 2016-02-26T05:11:54Z 2017-11-12T19:47:33Z "So the function {{{wp_generate_attachment_metadata(...)}}} in {{{wp-admin/includes/image.php}}} is silently ignoring / swallowing errors from the function {{{wp_get_image_editor(...)}}}. The logic is here: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/image.php?rev=36429#L123 This ignoring of these particular errors prevents user notification in the UI when image thumbnails could not be regenerated due to error ""{{{No editor could be selected}}}"" that is returned from the function {{{wp_get_image_editor(...)}}} when the PHP environment on the server is lacking graphics support. So the thumbnails are not getting regenerated, and because of this bug, there is notification to the user as to that fact or as to why. I looked this up in the history, and noticed that this bug is present since this revision: https://core.trac.wordpress.org/changeset/22192 What's odd is that this revision does add logic to relay these errors in its 1st change (to the function {{{wp_crop_image(...)}}}) in {{{trunk/wp-admin/includes/image.php}}}, but not in the 3rd change in that file (to the function {{{wp_generate_attachment_metadata(...)}}}). Not sure why the error is not being relayed there as well. " maratbn 4 35963 Only remove item from WP_Dependencies::to_do if it was successfully processed needs-unit-tests Script Loader normal normal defect (bug) new 2016-02-26T12:37:32Z 2019-06-04T21:20:31Z "If WP_Dependencies::do_item returns false, the item is removed from being processed again. Due to this, if an item gets switched to the footer, it is never actually outputted. A common scenario is depending on jquery which depends on jquery-core and jquery-migrate. jquery is processed right, but jquery-core and jquery-migrate are moved to the bottom but still removed from the list. The following example demonstrates: {{{#!php <?php add_action('wp_print_scripts', function () { if (!is_admin()) { $jquery = wp_scripts()->registered['jquery']; wp_dequeue_script('jquery'); wp_deregister_script('jquery'); wp_register_script('jquery', $jquery->src, $jquery->deps, $jquery->ver, true); } }, 0); }}} Attached is a very simple patch to resolve this" pcfreak30 2 35983 "Better support for ""singular"" endpoints" has-patch Rewrite Rules normal normal enhancement new 2016-02-28T04:47:11Z 2019-06-04T21:20:37Z "WP_Rewrite endpoints are currently geared towards endpoints that capture content after it, for example, `/feed/FEED_TYPE/`. Quite often we instead want to create an endpoint which is instead `/embed/` or `/faq/` we don't need to capture an optional bit of data after it. Currently endpoints can operate in either mode, if you specify and endpoint of `test-endpoint` then both `/endpoint-name/` and `/endpoint-name/data-passed/` will work. The problem comes when testing for the existence of that endpoint in the query. An endpoint which passes data is easy to check `if ( get_query_var('endpoint-name') )`, an endpoint which doesn't - not so easy `global $wp_query; if ( isset( $wp_query->query_var['single-endpoint'] ) )`. Something that would be easier, and nicer for developers using the rewrite endpoint is to instead match the endpoint name itself: Currently the rewrite rule would look like this: {{{ ([^/]+)/endpoint-name(/(.*))?/?$ => index.php?name=$1&endpoint-name=$3 }}} What would be great, is if we can do instead: {{{ add_endpoint( 'single-endpoint', ... ); ([^/]+)/(single-endpoint)/?$ => index.php?name=$1&single-endpoint=$2 }}} Which if used in conjunction with `add_endpoint()`'s 3rd parameter allowing us to specify a custom query_var: {{{ add_endpoint( 'endpoint-name', ..., 'special_query' ); add_endpoint( 'another-endpoint-name', ..., 'special_query' ); Rules: ([^/]+)/(endpoint-name)/?$ => index.php?name=$1&special_query=$2 ([^/]+)/(another-endpoint-name)/?$ => index.php?name=$1&special_query=$2 }}} this would then allow us to use `if ( get_query_var( 'special_query' ) )` or `if ( get_query_var( 'single-endpoint' ) ) ` in the case of the first example. Attached is an implementation which upgrades the 3rd parameter (`$query_var`) to an array to support this. It's a super-rough patch, but appears to work. Does anyone else feel that this is worthwhile supporting?" dd32 2 35993 Unit tests: XML-RPC Request routines dev-feedback XML-RPC 0.71 normal normal Future Release enhancement new 2016-02-29T01:07:36Z 2022-01-20T13:01:43Z "I wrote unit tests for the 3 methods regards to XML-RPC request in functions.php, the aim is improve de code coverage, theses methods are: * xmlrpc_getposttitle() * xmlrpc_getpostcategory() * xmlrpc_removepostdata() This patch cover 100% of coverage related to theses methods above. Only one thing to consider, I didn't found any XML-RPC format on the WordPress doc with title and category, so I've created a simple XML format with both, following the methods the behaviour is the same." borgesbruno 11 35995 Registering taxonomies for attachment mime types Taxonomy 3.5 normal normal defect (bug) new 2016-02-29T05:13:30Z 2019-06-04T21:20:43Z "I stumbled across [https://core.trac.wordpress.org/browser/trunk/tests/phpunit/tests/query/taxQuery.php#L1008 an interesting unit test] in core that led me down a bit of a rabbit hole. The test `test_tax_query_taxonomy_with_attachments()` in `phpunit/tests/query/taxQuery.php` calls: {{{#!php register_taxonomy_for_object_type( 'post_tag', 'attachment:image' ); }}} I never knew that you could register a taxonomy to a mime type, so I looked into it, but from what I've found the support seems spotty. First off, calling `register_taxonomy_for_object_type( 'post_tag', 'attachment:image' );` fails and returns `false`. As best I can tell, this is because `get_post_type_object( 'attachment:image' )` fails, since `$wp_post_types['attachment:image']` is not set. For the purposes of testing the query support, I added a taxonomy to an attachment mime type ""the hard way"" using the following: {{{#!php $GLOBALS['wp_taxonomies']['post_tag']->object_type[] = 'attachment:image'; }}} On the querying side of the equation, support seems much better. The only area that's iffy is if you register a taxonomy to the `'attachment'` post type, but pass the mime type (e.g. `'attachment:image'`) to `get_object_taxonomies()`, you won't get the registered taxonomy. Since `attachment:image` is a subset of attachment, I would expect to get all the ""attachment"" taxonomies as well. Breaking this all down, the main bug here is that '''it doesn't seem to be possible to register a taxonomy to an attachment mime type, despite there being support for this feature otherwise.''' Side note, since the unit test `test_tax_query_taxonomy_with_attachments()` fails in registering a taxonomy to an attachment mime type, the rest of this unit test probably should have failed (for a couple of reasons)." mboynes 1 36010 New password reset styling changes are confusing to casual users has-patch Login and Registration 4.4 normal major Awaiting Review enhancement new 2016-02-29T16:20:53Z 2020-02-08T14:04:34Z "I've noticed an uptick in how many of my users have been confused by the password reset process recently. In talking a few of them through the process, I realized that there are two spots where they are unsure of what to do: * On the password reset screen, the ""New password"" input doesn't look like the other inputs they've encountered, like at wp-login.php. * Once they click ""Reset password,"" they're expecting to receive an email containing the new password (and aren't realizing that the characters in the ""new password"" box are the new password). So, when they're redirected to a standard login screen, they're doubtful. About the first issue, I'm attaching mockups of the reset password screen with less styling. It's less visually interesting to advanced users, but maybe less is more for less experienced users. To help with the second issue, adding an instructional banner might help. For instance, if we were to redirect on submission of the ""reset password"" form to `wp-login/?newpass=true` or similar, then we could offer some guidance. See attached images. Thanks for your consideration. " dcavins 18 36012 Add .current-ancestor class to any relative menu item ancestor SergeyBiryukov needs-unit-tests Menus 4.4.2 normal normal Future Release enhancement assigned 2016-02-29T16:52:22Z 2023-04-28T18:17:43Z "Right now there is .current-page-ancestor and .current-post-ancestor for pages and posts and no any class for archives, category, taxonomy or custom post types ancestors added to items in nav-menu. I think it will be usefull, for indication navigation depth purposes, to add .current-ancestor class to ANY menu item if ""current page"" is child/successor to anything in menu (parents, archive, category, taxonomy etc. menu items)." vovkasolovev 9 36030 Expose site icon on wp.getUsersBlogs needs-unit-tests XML-RPC normal normal Future Release enhancement new 2016-03-01T09:06:46Z 2019-06-20T14:07:35Z "WordPress 4.3 has added the ability for site owners to manage their site’s favicon, but never exposed it over the XML-RPC protocol. It's useful for XML-RPC clients to receive it back in the response of wp.getUsersBlogs, so they can show the proper icon beside the name of the site. In the patch I've provided an empty value is returned if site_icon is not set on the blog. I've avoided returning a default value, since it's better to leave this responsibility to clients. If siteIcon is empty, the client should show their default icon, or nothing." daniloercoli 1 36034 Change post name permalinks to use ID when inserting links General normal normal Awaiting Review enhancement new 2016-03-01T21:34:02Z 2017-06-28T14:31:41Z "When using the visual editor, and your permalink setting is postname, the default behavior when adding an internal link is that the href attribute points to the slug. For example, if I add a link to a page with the permalink/slug of ""my-page"" the HTML link will be created as `<a href=""http://example.com/my-page/>my page</a>`. This is fine until the slug of the target page (`my-page`) changes. Since WordPress doesn't do any checking when a slug is changed to see if there are any links pointing to it, the link is now dead. I propose that when adding links in the visual editor, that they be added based on the ID of the target, not the slug. This would prevent links from breaking whenever a slug was changed, and not affect the use of the post name in the URL. Even following ID-based links return the prettier post name version in the URL. The code change is already available as a plugin or addition to functions.php from http://wordpress.stackexchange.com/questions/156032/how-can-i-store-page-id-in-a-post-instead-of-other-selected-permalink: {{{ function wp_link_query_mod ( $results ){ if( count( $results ) ){ for( $i=0; $i<count($results); $i++ ){ $results[$i]['permalink'] = wp_get_shortlink( $results[$i]['ID'] ); } } return $results; } add_filter('wp_link_query', 'wp_link_query_mod'); }}} " catchmyfame 3 36036 Multiple CDATA regressions in wp-includes SergeyBiryukov has-patch General 3.4 normal normal Future Release defect (bug) assigned 2016-03-01T23:45:26Z 2020-11-25T19:40:06Z "There is invalid XHTML at lines 2084-2097 of wp-includes/theme.php ( https://github.com/WordPress/WordPress/blob/3f3fe5a7ed6473e995f9b96ee4bcf36fe4c71a35/wp-includes/theme.php#L2084-L2097 ) This script block needs to be escaped with /*<![CDATA[*/ ..script content.. /*]]>*/ Otherwise it will cause rendering errors for people serving XHTML as application/xhtml+xml This was not always like this, as 5 years ago when I made my strict XHTMl theme there were no errors. I recently re-enabled serving as application/xhtml+xml and to my surprise find this regression in the WP codebase." sephr 20 36056 When saving a post for an other author, the current_user_can() check is not passing the post ID with the edit_others_posts capability Role/Capability 4.4.2 normal normal defect (bug) new 2016-03-03T01:48:29Z 2019-06-04T21:20:50Z "The scenario: we're using a custom role that is locked down to only being able to edit a single page titled 'About Us'. We've added an 'edit_about' capability to the role, and use the map_meta_cap filter to return 'edit_about' if that's the page being edited for the role. {{{ if ( in_array( $cap, $cap_needed ) && user_can( $user_id, 'edit_about' ) && ! empty( $args ) ) { $post_id = $args[0]; $page = get_post( $post_id ); $parent = get_post( $page->post_parent ); $caps = array(); if ( 'page' === $page->post_type && ( 'about us' === strtolower( $page->post_title ) || ( null !== $parent && 'about us' === strtolower( $parent->post_title ) ) ) ) { $caps[] = 'edit_about'; } else { $caps[] = 'do_not_allow'; } } }}} WP_Posts_List_Table and wp-admin/post.php is doing a simple check just on edit_post. {{{ current_user_can( 'edit_post', $post->ID ); }}} Because we're getting the post ID, we can allow any user with that role to see the Edit link and get to the edit page, and it's turned off for every other page. When trying to save the post, wp-admin/includes/post.php checks to see if the author is different than the current user, but is not passing the post ID in the check: {{{ if ( isset( $post_data['user_ID'] ) && ( $post_data['post_author'] != $post_data['user_ID'] ) && ! current_user_can( $ptype->cap->edit_others_posts ) ) { if ( $update ) { if ( 'page' == $post_data['post_type'] ) { return new WP_Error( 'edit_others_pages', __( 'You are not allowed to edit pages as this user.' ) ); } }}} Because we don't have the post ID, we don't have any context of the post being saved and are not able to tell WordPress that saving this others post is allowed. Changing the code in core above to: {{{ current_user_can( $ptype->cap->edit_others_posts, $post_data['ID'] ) }}} fixes the issue and allows the page to be saved. Giving the role the edit_others_pages capability also fixes the issue. I'm not 100% sure this is a bug or by design, and may be related to #30452, but would like some input from the core team. " GunGeekATX 4 36058 "PHP notices and invalid ""View Post"" link on edit-comments.php when post type does not exist" Comments normal normal Future Release defect (bug) reviewing 2016-03-03T05:48:30Z 2017-05-06T17:13:37Z "Steps to reproduce: 1. Register a custom post type 2. Create a post 3. Create a comment on that post 4. Stop registering the post type 5. Visit wp-admin/edit-comments.php The markup built in `WP_Comments_List_Table::column_response()` for the ""In Response To"" column requires a valid post permalink, as well as the post type label corresponding to ""View Post"". Since permalinks to non-existent CPT objects cannot be valid, and since non-existent CPTs don't have any post type labels, it seems to me that we can probably bail out of this method early if the post type doesn't exist. Similarly, `column_date()` probably shouldn't attempt to link to the post if the post type doesn't exist." boonebgorges 7 36081 Activity dashboard widget is not using word-wrap: break-word mrahmadawais dev-feedback Administration 4.4.2 normal normal Future Release defect (bug) assigned 2016-03-03T07:40:11Z 2019-03-20T18:05:43Z "Long word's without spaces goes out of the container. I think that this class `#dashboard-widgets a` needs `word-wrap: break-word`; Screenshot: http://www.awesomescreenshot.com/image/1048253/7b7bc297dd3c3bd1f3c9532dd9f1138e" Prelc 25 36082 Schedule post, not added to cron, shown as 'scheduled' in admin. Doesn't publish. Cron API 4.4.1 normal normal Awaiting Review defect (bug) new 2016-03-03T14:08:09Z 2019-06-04T18:13:40Z "Hello, We have an intermittent problem on a high traffic site. The issue is that occasionally, a post will be scheduled but not picked up in cron (we log whats in the cron). In the admin, it shows as being scheduled but obviously never posts because it's not actually present in the cron. What could make this happen? The site has about 20 users in the admin, with around 30 pageviews/second on frontend. (4 webservers etc)" dencreativeltd 1 36087 Migration plan from insecure RNG fallback Security normal normal Future Release enhancement reopened 2016-03-04T00:08:44Z 2020-09-30T18:16:11Z "== Where we are today== WordPress uses paragonie/random_compat to polyfill PHP 7's new CSPRNG functions in PHP 5 projects, (on PHP 7 it just used the new functions directly). However, it currently catches the `Exception` that is thrown when used on an environment in which PHP cannot access the kernel's CSPRNG (usually `/dev/urandom`). If an exception is caught, it then proceeds with the old way of doing things: #28633 After nearly one year into random_compat, we've only just recently received our first complaint about an `Exception` being thrown: https://github.com/paragonie/random_compat/issues/91 (If you note, the resolution was: ""Our host made `/dev/urandom` available to us"".) == Scott's Proposal == Let's transition away from this insecure RNG fallback. Not all at once, of course. 1. Implement a telemetry feature. How many systems will trigger the fallback code in the first place? Is it negligible (i.e. less than 0.0001% of WordPress installs)? Let's call this a 4.5.0 or 4.5.1 feature. 2. If the telemetry identifies *any* systems that cause random_compat to throw an `Exception`, let's identify common points of failure. Are they all from the same webhost? Same operating system? 3. Get in touch with as many of the hosting providers as possible and help them remedy these issues. 4. Finally, once we've done everything we can, remove the fallback code entirely. Let's call this a 4.6.0 or 5.0.0 feature, for the sake of argument. (Tagging @dd32 since he's my usual point of contact for these discussions.)" sarciszewski 3 36098 "Install: ""Repeat Password"" is not required when browser js is disabled" close Login and Registration normal normal defect (bug) new 2016-03-05T00:57:39Z 2020-02-16T21:35:57Z "Recreate: 1. Turn off browser JS. 2. Install WordPress. 3. Go to step 2. The ""'''Repeat Password'''"" field is marked as '''required'''. It's not. ---- Recreate this step by step: Leave all fields empty and press the install button. You will see an error saying: `Please provide a valid username.` Enter invalid username (use spaces). You will see an error saying: `The username you provided has invalid characters.` Enter valid username. You will see an error saying: `You must provide an email address.` Enter some text (not an email). You will see this error message: `Sorry, that isn’t a valid email address. Email addresses look like username@example.com.` If you provide a valid email, it will install WordPress. ''' Password is not required! '''" ramiy 5 36120 Move wp_*_link() functions into wp-includes dev-feedback General normal normal enhancement new 2016-03-05T14:51:04Z 2019-06-04T19:55:44Z "The following link functions live in `wp-admin/includes/bookmark.php`: * `wp_insert_link()` * `wp_delete_link()` * `wp_update_link()` I would like to propose that these three functions be moved into `wp-includes/bookmark.php` so that they are available on any request, and not just requests inside `wp-admin`. It would also be necessary to move the `wp_set_link_cats()` so that it is available inside the `wp_insert_link()` function. Other similar functions live in `wp-includes` already, such as `wp_insert_post()`, `wp_insert_commet()`, etc. This change would allow links to work in the same way as those other content types." JPry 3 36124 Format: Aside next to an embedded video, removes player and only displays URL Formatting 4.4.2 normal normal defect (bug) new 2016-03-06T03:47:09Z 2019-06-04T19:55:54Z If you add a URL of a Vimeo or YouTube video into a page, it displays correctly. But if you then try to add an aside block of text next to the video, it no longer displays the embedded video player, but only displays the URL to the video. I even switched over to the Twenty Sixteen theme and this was an issue on that theme as well as the theme I'm currently using. mynamedotcom 36157 Permalink UI shown without typing a title needs-unit-tests Permalinks 2.5 normal normal defect (bug) new 2016-03-07T15:11:15Z 2019-06-04T20:55:42Z "When creating a new post and jumping straight to the content to write a post the permalink UI will still be shown. '''Steps to reproduce:''' * 'Add New' post in the admin * Type content inside the post content field. * Wait until an autosave triggers and finishes. This step can also be achieved by putting `wp.autosave.server.triggerSave();` inside the console. '''Expected behaviour:''' The permalink UI isn't shown because no title has been set yet. '''Actual behaviour:''' The permalink UI is shown with a post ID as the slug." atimmer 5 36159 Inserting Image on iOS Doesn't Respect Cursor Position Editor 4.2 normal normal Future Release defect (bug) new 2016-03-07T16:18:59Z 2019-06-05T07:07:40Z "When using Press This as a launch pad to edit a longer blog post, additional images added are inserted at the top of the post, rather than in the space in which the cursor has been placed. Here's a quick video displaying the issue. http://www.screencast.com/t/NtdCWRoJsWI " mrjarbenne 3 36171 Proposed clean up of get_the_category_list() and link filter needs-unit-tests Taxonomy 4.4.2 normal normal enhancement new 2016-03-08T17:09:25Z 2019-06-04T21:20:57Z "The current source code of the {{{get_the_category_list()}}} function is quite messy and there is also a lot of duplicate code which we can avoid. Also, on a micro optimization level, in stead of passing the category ID to {{{get_category_link()}}}, we can pass the whole category object. Doing this will avoid the extra overhead of having to get the complete category object from the term cache. There is also no filter to filter each category link on category level, we only have the {{{the_category}}} filter which filters the string of links. We have being receiving a couple of questions on wordpress.stackexchange.com regarding filtering these category links according to category. [http://wordpress.stackexchange.com/q/219554/31545 Here] is such one question. My proposal is included in my code, a filter called {{{the_category_list_links}}} which we can use to filter each category link individually according to the category. One such use-case of the filter can look something like {{{ add_filter( 'the_category_list_links', function ( $the_link_list, $category, $cat_parents ) { $category_color = get_field( 'category_color', $category ); if ( !$category_color ) return $the_link_list; $the_link_list = str_replace( '<a', '<a style=""color:' . $category_color . '""', $the_link_list ); return $the_link_list; }, 10, 3 ); }}} On initial testing, I can confirm that my code is slightly faster that the current code, and the new {{{the_category_list_links}}} filter is working as intended Here is the proposed cleanup {{{ /** * Retrieve category list in either HTML list or custom format. * * @since 1.5.1 * * @global WP_Rewrite $wp_rewrite * * @param string $separator Optional, default is empty string. Separator for between the categories. * @param string $parents Optional. How to display the parents. * @param int $post_id Optional. Post ID to retrieve categories. * @return string */ function get_the_category_list( $separator = '', $parents = '', $post_id = false ) { global $wp_rewrite; if ( ! is_object_in_taxonomy( get_post_type( $post_id ), 'category' ) ) { /** This filter is documented in wp-includes/category-template.php */ return apply_filters( 'the_category', '', $separator, $parents ); } /** * Filter the categories before building the category list. * * @since 4.4.0 * * @param array $categories An array of the post's categories. * @param int|bool $post_id ID of the post we're retrieving categories for. When `false`, we assume the * current post in the loop. */ $categories = apply_filters( 'the_category_list', get_the_category( $post_id ), $post_id ); if ( empty( $categories ) ) { /** This filter is documented in wp-includes/category-template.php */ return apply_filters( 'the_category', __( 'Uncategorized' ), $separator, $parents ); } $rel = ( is_object( $wp_rewrite ) && $wp_rewrite->using_permalinks() ) ? 'rel=""category tag""' : 'rel=""category""'; $links = array(); foreach ( $categories as $category ) { /** * Break the link for better link building */ $start_link = '<a href=""' . esc_url( get_category_link( $category->term_id ) ) . '"" ' . $rel . '>'; $end_link = $category->name . '</a>'; /** * Build the category links */ $the_link_list = ''; switch ( strtolower( $parents ) ) { case 'multiple': $cat_parents = $category->parent ? get_category_parents( $category->parent, true, $separator ) : ''; $the_link_list = $cat_parents . ' ' . $start_link . $end_link; break; case 'single': $cat_parents = $category->parent ? get_category_parents( $category->parent, false, $separator ) : ''; $the_link_list = $start_link . $cat_parents . $end_link; break; case '': default: $the_link_list = $start_link . $end_link; } /** * Filter the category links on category level. * * @since X.X.X * * @param string $the_link_list Post category link. * @param object $category The current category object * @param $cat_parents Link list of parents of the current category */ $links[] = apply_filters( 'the_category_list_links', $the_link_list, $category, $cat_parents ); } $thelist = ''; if( '' === $separator ) { $thelist .= '<ul class=""post-categories"">'; $thelist .= ""\n\t<li>""; $thelist .= implode( ""</li>\n\t<li>"", $links ); $thelist .= '</li>'; $thelist .= '</ul>'; } else { $thelist .= implode( $separator, $links ); } /** * Filter the category or list of categories. * * @since 1.2.0 * * @param array $thelist List of categories for the current post. * @param string $separator Separator used between the categories. * @param string $parents How to display the category parents. Accepts 'multiple', * 'single', or empty. */ return apply_filters( 'the_category', $thelist, $separator, $parents ); } }}}" pietergoosen 2 36177 default htaccess should include security measures Security normal normal Awaiting Review enhancement new 2016-03-09T08:43:09Z 2021-11-09T18:45:43Z "Wordpress has some code that automatically creates a .htaccess file for users. This file however includes no security measures whatsoever, meaning that users who do not tighten security by themselves are left with an install that lets upload files that contain random php code and then execute them. The real problem is that most wordpress users don't do any security tightening by themselves, either because they didn't see it in the install procedure or (more likely) because they don't have the knowledge necessary to know what measres are appropriate or not. This is a bane to all shared hosting providers who will either need to figure out ways to tighten security for the users, while not knowing what they are or will be hosting. This lack of basic security was already pointed out in ticket #9185 seven years ago but was discarded for reasons that I believe are not valid: blocking php evaluation for all files in wp-content would only affect direct php file access through a URL, not inclusion of code by other php files. This means that only direct access to files would get blocked for some plugins, but plugins should not require users to load plugin-specific php files directly in the first place: those files should get included through wordpress itself. finally, since wordpress has php code that generates these .htaccess files, there is no good reason to avoid addding some security measures in there. Some measures for htaccess are even suggested in https://codex.wordpress.org/Hardening_WordPress . It doesn't make sense to not include them by default Drupal does include a good host of default security measures to help users have a good security level by default. More can be done by users of course depending on the requirements, but default drupal installs will not get hacked as badly as default wordpress installs frequently do. see: https://github.com/drupal/drupal/blob/8.1.x/.htaccess What I'm suggesting is the following. Have wordpress include the following blocks in generated .htaccess files: {{{ <IfModule mod_rewrite.c> RewriteRule ^wp-admin/includes/ - [F,L] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] RewriteRule ^wp-includes/theme-compat/ - [F,L] </IfModule> <files ~ ""^.*\.([Hh][Tt][Aa])""> order allow,deny deny from all </files> <files wp-config.php> order allow,deny deny from all </files> <LocationMatch ""/wp-content/""> php_flag engine off <files ~ "".php""> order allow,deny deny from all </files> </LocationMatch }}} note that the above example might need to be adapted to the multisite layout. note also that the ""order"" and ""deny"" lines are only fit for apache 2.2. It's however easy to have both sets for instructions of 2.2 and 2.4 with `<IfModule mod_authz_core.c>` blocks (see drupal 8.1 default .htaccess file linked above for examples)" lelutin 18 36179 Password protected post with force_ssl_admin() and domain mapping not working dev-feedback Login and Registration 4.3.1 normal normal defect (bug) new 2016-03-09T13:48:42Z 2019-06-04T20:23:26Z "Hi, I'm running a WordPress multisite with ""define(FORCE_SSL_ADMIN, true)"" and domain mapping. Our network site is using ssl (where users login to administrate their site). But a domain mapped site is not using ssl, which is working fine. So, I have a post that is password protected. When I'm on the mapped domain and submit the password protect form, I then get redirected to ""wp-login.php?action=postpass"" over https and get a security warning. It should not redirect me to https when I'm on a non-ssl mapped domain. Thanks" tcdeskwolf 6 36188 After WordPress installation, the default category archive page is showing a 404 page dev-feedback Rewrite Rules 4.2 normal normal Future Release defect (bug) new 2016-03-09T19:17:14Z 2017-12-06T22:20:49Z "Steps to reproduce the issue: 1. Install WordPress 2. Log to the back-end 3. Go to Post -> Categories and click on the ""view"" link of the default category. => You get a 404 page Now, if you visit Settings -> Permalinks, the default category archive page is showing correctly. This issue might be related to #20171" strategio 16 36191 Support responsive images in WP_Customize_Media_Control joemcgill Customize 4.1 normal normal Future Release defect (bug) assigned 2016-03-10T02:14:17Z 2021-05-23T19:01:25Z "When you add a custom logo, the preview in the Customizer sidebar isn't retina, even if the image file you uploaded is big enough. Discovered in https://core.trac.wordpress.org/ticket/35942#comment:13. Some additional comments there. Related: * #21455: HiDPI (retina) theme custom backgrounds * #36442: Customizer: when setting header image and site logo, also create a 2x image if possible" melchoyce 26 36194 Media Settings page description is unclear has-patch Media normal normal enhancement new 2016-03-10T15:30:36Z 2020-02-06T19:45:54Z "The media settings reads the following: ""The sizes listed below determine the maximum dimensions in pixels to use when adding an image to the Media Library."" I saw a Facebook in Advanced WordPress where someone expected images uploaded to be converted to these dimensions in ALL cases. But the full picture will still remain in the uploaded dimensions, of course. ''(link: https://www.facebook.com/groups/advancedwp/permalink/1107356659326547/)'' New WordPress / non-developers will probably understand this differently so I'd think a description like this would be better: ""The sizes listed below determine the maximum dimensions in pixels to use for displaying cropped images."" Or something in that direction? The description is changed earlier in reply to this ticket: https://core.trac.wordpress.org/ticket/15732" mklasen 1 36201 Admin Pagination URLs Use Wrong Hostname dev-feedback Administration normal normal Future Release defect (bug) reopened 2016-03-10T21:18:06Z 2024-02-01T00:58:46Z "The pagination links on the posts/pages screen uses the wrong host in some cases. Particularly for my case I have a Wordpress blog installed on a separate server from my main website, but it's hosted as a subdirectory `/blog` on the main site using the `mod_proxy` Apache module. So the pagination links are coming through using the wrong host like this: http://1647760595.us-east-1.elb.amazonaws.com/wp-admin/edit.php?paged=2 It seems like these pagination links are the only ones with this issue, and I believe it's because of how they are being constructed. I've attached a patch that solves the issue for me. -Garrett" grimmdude 42 36202 Menus screen: fix persistence of toggles for displayed nav menu item properties ryankienstra has-patch Menus 4.4 normal normal Future Release defect (bug) assigned 2016-03-10T21:33:41Z 2018-01-03T08:13:36Z "Splitting this out from #35273. The Screen Options in nav-menus.php would need a similar treatment as the one used for the options in the Customizer. When quickly clicking on the checkboxes, multiple separate AJAX requests fire and there's no guarantee about the order they will be processed. This could lead to a non-synchronized state of the options in the Menus Screen and in the Customizer. To consider: maybe do this for all the screen options in all the admin screens? For details, see #35273 and the solution implemented in [36908]. " afercia 9 36208 Comment queries should ignore comments associated with non-active custom post types has-patch Comments 4.4 normal normal Future Release defect (bug) new 2016-03-11T13:50:28Z 2023-10-17T13:16:37Z "As of 4.4 we introduced the `_doing_it_wrong()` (r34091) when checking meta capabilities on custom post types that aren't registered. This also spread and affected comments, primarily on the dashboard where we show comments and try to add links for these and check the users capability against them, they will produce this wonderful output: > PHP Notice: map_meta_cap was called <strong>incorrectly</strong>. The post type shop_order is not registered, so it may not be reliable to check the capability ""edit_post"" against a post of that type. Please see <a href=""https://codex.wordpress.org/Debugging_in_WordPress"">Debugging in WordPress</a> for more information. (This message was added in version 4.4.0.) in /wordpress/wp-includes/functions.php on line 3827 Ideally, `WP_Comment_Query` should bypass comments associated to non-existing post types as well. In the attached patch I've introduced both `post_type__in` and `post_type__not_in` which accepts an array of post type string names. I've also added the default value for `post_type__in` to `get_post_types()`, as by default you'd never want to query for non-existing data any way, but this allows the query to be overwritten via filters, or directly with a new construct for those who have the need. I am wondering if the use of `post_type = 'any'` would need to short-circuit the new arguments to avoid breaking BC (current tests all pass with the patch applied though) ? Related #16956 What this looks like (from #34918): [[Image(http://crosseyedeveloper.com/wp-content/uploads/2015/12/commentcap.jpg)]] It also shows up on the Dashboard in the comments widget: [[Image(http://crosseyedeveloper.com/wp-content/uploads/2015/12/commentcap21.jpg)]]" Clorith 29 36212 Empty menu items are deleted without warning audrasjb* has-patch Menus normal normal Future Release defect (bug) accepted 2016-03-12T01:21:43Z 2022-09-28T22:47:01Z I recently discovered that menu items with with an empty label are deleted from the menu upon save without any warning or notice. The particular situation was that I was adding a menu with an icon font for the items, so the labels were empty but had classes. Obviously a HTML comment can be used in this instance, but there should be some way to either communicate with the user that items with an empty label will be removed, disable saving of a menu with empty labels, or some way to handle empty labels without deleting the item. cameronjonesweb 16 36216 Keyboard shortcut for displaying contextual help Editor normal normal enhancement new 2016-03-12T10:22:18Z 2019-06-04T19:35:23Z "Some websites have help panels that pop up when a user types a keyboard shortcut. Press `command+/` on a Mac or `control+/` on Windows in Slack and a pane of keyboard shortcuts pops up. I wonder if it would be helpful to use a keybinding like this to open the ""Keyboard Shortcuts"" modal when a user is within TinyMCE. " ericlewis 2 36228 "Uncheck ""uncategorized"" when you select a category" Taxonomy normal normal Future Release enhancement reopened 2016-03-13T17:44:50Z 2018-10-03T15:16:23Z "One of my assorted WordPress pet peeves is when I select a category for my post, and still have to uncheck ""uncategorized."" If you haven't changed your default category from Uncategorized, you probably don't want to continue using it once you assign a new category to your post. We should automatically uncheck ""uncategorized"" when you pick an actual category." melchoyce 12 36237 Add filter for post statuses in quickedit has-patch Posts, Post Types 4.4.2 normal normal enhancement new 2016-03-14T16:53:31Z 2019-06-04T20:55:48Z "To make changes to the quick edit status list, one has to use JS or action ''quick_edit_custom_box'' to add extra fields. In instances where some of the statuses need to be removed, JS is required. [[BR]] I propose that the statuses in ''wp-admin/includes/class-wp-posts-list-table.php (line 1284-1300)'' be stored in an array then filtered using ''quick_edit_statuses'' before the array is iterated through to create the select options.[[BR]] I'm available to submit a patch that does this " kakomap 3 36239 wp-embed image size is using the smallest image or it sometimes uses the one for featured images dev-feedback Embeds 4.4.2 normal normal Awaiting Review defect (bug) new 2016-03-14T19:48:48Z 2020-09-25T19:44:53Z When using the wp-embed in my custom post types the image size is correct, a bit big, but it's not blurry. In regular posts, the image size is the thumbnail size created for the media library thumbnail (not the one in the media settings) because that happens to be the smallest one. I noticed that for posts, whatever is the smallest image is being used, whether set in the functions file or by WordPress. carasmo 4 36242 wpdb set_sql_mode add param Database 3.9 normal normal enhancement new 2016-03-14T23:43:46Z 2019-06-04T19:35:29Z When making a creating a db drop-in that supports multiple databases, I had to override the whole {{{set_sql_mode}}} method. If {{{set_sql_mode}}} accepted a {{{$dbh}}} param, the method could easily be reused. spacedmonkey 36244 added a filter to allow the separator in the week date range to be changed pbearne needs-docs Themes normal normal Future Release enhancement assigned 2016-03-15T00:13:17Z 2020-06-23T19:37:09Z added a new filter 'getarchives_week_separator' in wp_get_archives() to allow the separator used in the weekly archive text to changed pbearne 7 36257 REST API: It's difficult to impossible to determine the endpoint matched to a request rmccue REST API normal normal enhancement assigned 2016-03-15T23:14:18Z 2022-01-18T13:48:37Z "Originally raised in Slack - https://wordpress.slack.com/archives/core-restapi/p1457730713002298 It is really difficult (and sometimes impossible) to get good information about the route/endpoint that was matched to a request. You can inspect `$handler['callback']` in `'rest_dispatch_request'`, which gives the function that will handle the endpoint. In `'rest_post_dispatch'` you can get the URL regex that was matched. BUT none of that works if an error occurred in `'rest_authentication_errors'`, because the request is never dispatched. A couple of cases where we need to match up requests to endpoints on WordPress.com: 1. Restricting access to certain endpoints. As far as I can tell, this is only possible by inspecting `$handler['callback']` during e.g. `'rest_dispatch_request'` and looking at the class and method name of the callback. (This also has the drawback that you can't prevent the endpoint's `permission_callback` from being called. To get around this, we use the filters added in #35590.) 2. Monitoring of endpoint calls, response times, etc. Getting the matched route regex, like `/wp/v2/posts/(?P<id>[\d]+)`, is possible by listening on the `'rest_post_dispatch'` filter, but as mentioned above, this doesn't work if an error occurs in `'rest_authentication_errors'`, so we've had to move all of our auth logic out of `'rest_authentication_errors'` because we want to know which endpoints have failing auth. Suggested improvements: 1. Make it possible to consistently and easily get info about the route that was matched up to a request, including the various URL pieces. 2. Still dispatch a request, or at least match it up to what the route would have been, if an error happens in `'rest_authentication_errors'`." jnylen0 5 36259 Switching language should update date and time formats vagios needs-unit-tests I18N normal normal Future Release defect (bug) assigned 2016-03-16T07:43:07Z 2023-11-16T16:49:08Z "Previously: #11226 1. Install WordPress in English. 2. Switch language to Russian. 3. Date and time formats in General Settings are still `F j, Y` and `g:i a`, which doesn't make sense for Russian and doesn't match the locale defaults (`d.m.Y` and `H:i`, respectively)." SergeyBiryukov 12 36269 WordPress 4.4.2 Gallery Ordering reporter-feedback Gallery 4.4.2 normal normal defect (bug) new 2016-03-17T16:01:00Z 2019-06-04T19:56:16Z There seems to be an issue with the ordering functionality in the latest version of WordPress. Wordpress seems to ignore/misunderstand gallery image order. aj@… 2 36270 Allow filtering of the final HTML output of media related shortcodes Media 4.7.2 normal normal Awaiting Review enhancement new 2016-03-18T02:33:02Z 2020-04-09T09:00:28Z "Sometimes it is required to further process the final HTML output of the media related shortcodes, eg {{{caption}}} or {{{gallery}}}, so as to add extra HTML code such as enclosing div or span elements or just modify the existing HTML code during run time. For instance the final output of {{{img_caption_shortcode}}} could be filtered: https://core.trac.wordpress.org/browser/tags/4.4.2/src/wp-includes/media.php#L1537 Passing all relevant image attachment data, like ID and size, would also be very useful. I hope that I am not missing anything but right now the only way to insert code inside the {{{<figure>}}} or {{{<figcaption>}}} block seems to be the complete override of the {{{img_caption_shortcode}}} function. " gnotaras 3 36273 update_attached_file() on Windows will result in invalid image path when using native Windows directory separators needs-unit-tests Media 4.4.2 normal normal Awaiting Review defect (bug) new 2016-03-18T10:48:16Z 2018-04-30T23:34:09Z "Calling ''update_attached_file( $image->ID, $file );'' on platforms like Windows can be really bad if ''$file'' was normalized/validated using PHP's ''realpath()'' function: {{{#!php <?php $id = 123; // Image $image = get_post( $id ); if ( is_null( $image) || !preg_match( '!^image/!', get_post_mime_type( $image ) ) ) { die( sprintf( ""Invalid image id (#%s)"", $id ) ); } // Easy case: Let's imagine we can get the path from meta data $file = get_attached_file( $image->ID ); // Well, in real world you could have created the path manually... // The only important thing to know is, that we call ""realpath()"" which will // convert any directory separator into the native directory separator: // Linux will end with /dir/subdir/basename.jpg // Windows will end with C:\Dir\Subdir\basename.jpg $file = realpath( $file ); // Again, this is just a demo, for real world cases see plugins like ""Force Regenerate Thumbnails"" // But this is a valid API call: update_attached_file( $image->ID, $file ); // On Windows this will result in an update statement like // UPDATE `postmeta` SET `meta_value` = 'C:WWWSitesdemohtdocswordpresswp-contentuploads201603example.jpg' WHERE `post_id` = 123 AND `meta_key` = '_wp_attached_file' // when $file was set to ""C:\WWW\Sites\demo\htdocs\wordpress\wp-content\uploads\2016\03\example.jpg"" // Now imagine a plugin which is re-generating thumbnails :] // The problem is // $meta_value = wp_unslash($meta_value); // in wp-includes/meta.php update_metadata(). }}} When using ''update_attached_file()'' we should make sure that ''update_metadata()'' don't update the path value to an invalid value... PS: After you updated all image paths to an invalid value, the media library won't work anymore: {{{ [18-Mar-2016 07:31:10 UTC] PHP Warning: file_exists() expects parameter 1 to be a valid path, string given in C:\WWW\Sites\demo\htdocs\wordpress\wp-includes\media.php on line 3063 }}} " Whissi 2 36285 Inconsistency between the filters that can be used to override the default shortcode output for images/videos/audio Media normal normal Future Release defect (bug) new 2016-03-21T18:15:59Z 2017-07-27T16:13:03Z "Currently, in order to override the default output of the {{{caption}}}, {{{video}}} and {{{audio}}} shortcodes, you have to use the following respectively: {{{ apply_filters( 'img_caption_shortcode', '', $attr, $content ); apply_filters( 'wp_audio_shortcode_override', '', $attr, $content, $instance ); apply_filters( 'wp_video_shortcode_override', '', $attr, $content, $instance ); }}} Imho, there should be some consistency between these regarding the following: * hook name. * arguments passed to the filtering function. Also, it would be very useful if the attachment ID was also passed to the filtering function. Right now, the attachment ID of images can be obtained from {{{$attr['id']}}}, which gives {{{attachment_IDNUMBER}}}, while the ID of video and audio attachments can only be obtained by using the media file URL found in the {{{$attr}}} array and directly querying the database in order to get the post ID based on the {{{guid}}} field. " gnotaras 4 36288 Bug Found when you update plugins... Plugins 4.4.2 normal normal defect (bug) reopened 2016-03-21T20:20:04Z 2019-06-04T20:55:53Z If you leave the checkbox(s) when you go to update a plugin php errors appear and a success message appears but no plugins where updated... georgemou 3 36292 Rewrites: Next Generation rmccue Rewrite Rules normal normal Future Release feature request assigned 2016-03-22T06:38:33Z 2020-11-19T11:28:21Z "Let's start improving rewrites. The current rewrite system is outdated and clunky for modern development, and was one of the most complained about pieces of WordPress when I [https://twitter.com/rmccue/status/710460165879898114 enquired on Twitter]. Here's what I'd like to change. == Part 1: Separate rules from WP Query == This has two parts. Firstly, we need to ensure any rule can be mapped to any set of arbitrary query parameters. Right now, this is quite hard to do for the more complex query parameters, such as [https://roots.io/routing-wp-requests/ date query]. Doing this will eliminate the need for temporary/intermediate query vars; these are typically used temporarily during the rewrite process, then changed into actual query vars in `pre_get_posts`. The second part of this is breaking the interdependency between rewrites and the main query. Currently, it's not possible to have a page that doesn't generate a main query. #10886 has attempted to tackle this in the past, however has run up against problems. This is important for things like user profile pages, and can immediately be used in core for the REST API. The current solution for these is to hook in at `parse_request`, but this causes some hooks not to be run, and changes the overall flow of a WordPress request. Part 1 will introduce a Rewrite Rule Interface that will allow better customisability of rules as well. == Part 2: Ensure the rewrite process is DRY and testable == This part will decouple the rewrite process from the global state to ensure testability. @ericlewis has made a fantastic start on this in #18877, which works well with some of the refactoring from part 1. In separating from the global state, we may be able to reuse `WP_REST_Request` as a more generic `WP_HTTP_Request` (it was designed for this from the start). This should also start cleaning up the `WP` and `WP_Rewrite` classes as concerns get a cleaner separation. Currently the boundary between the two is pretty unclear. == Part 3: Rework flushing == The `rewrite_rules` option and the flushing process are one of the toughest bits of the rewrite process. The fact with these is that they're a caching process that significantly predates transients and object caching. The reason flushing exists is to avoid regenerating expensive rules (like one-rule-per-tag) on every request, but we can create a better system using the newer tools available in core. An opt-in system for rewrite caching could potentially work well once we have a solid Rewrite Rule Interface that allows us to identify and group rules. (For example, a `WP_Rewrite_CachedRuleInterface`.) #29118 digs into some past work on this front; automatically flushing rewrites is already possible. == Other Changes == Note that these parts are in a rough order, and get more vague as they go on. We need to incorporate feedback after changes are made, and these changes might need to be reworked or rethought with previous feedback in mind. There are also other changes we may want to make based on feedback from the community. " rmccue 17 36293 video/audio object passed to wp_video_shortcode/wp_audio_shortcode is always null Media normal normal defect (bug) new 2016-03-22T06:47:41Z 2020-03-12T05:16:51Z "Hi, The following: {{{ apply_filters( 'wp_video_shortcode', $output, $atts, $video, $post_id, $library ); apply_filters( 'wp_audio_shortcode', $html, $atts, $audio, $post_id, $library ); }}} send the {{{$video}}} and {{{$audio}}} objects respectively to the filtering function. However, these objects seem to be always {{{null}}}. By checking the relevant code I notice that these objects are only set when the {{{$primary}}} variable is set to {{{false}}}. The code does not clarify why the audio/video object is bound to that variable. Perhaps someone more familiar with the logic behind these functions should check this please." gnotaras 2 36303 edit_user() will give PHP Notices if user_login is unset on add. Users 4.4.2 normal normal defect (bug) new 2016-03-23T02:03:53Z 2019-06-05T06:43:54Z If you call edit_user() programmatically to add a user then if `$_POST['user_login']` isn't set you'll get multiple PHP Notices of `Undefined property: stdClass::$user_login` (as well as a WP error message). The attached patch sets it to blank on add if unset (the WP error message will still occur). gitlost 36305 Permalink can't decide the parent category Permalinks normal normal defect (bug) new 2016-03-23T10:46:11Z 2019-06-04T20:55:59Z "'''The bug:-''' There is a bug in the permalink generation that it can't decide the parent category. This means that even though we choose the child & parent both as a post's category, it creates the permalink as /parent/child/ in '''certain situations'''. Please note that the Permalink Structure is set to:- {{{ /%category%/%postname%/ }}} ---- '''What should happen:-''' If we choose a parent category as well as the child category as post's categories, the permalink should be: {{{ /parent/ }}} And if we choose only the child as post category, the permalink should be: {{{ /parent/child/ }}} ---- '''Demonstration:-''' I created a parent-child category set as ""Parent 1 (parent) & Child 1 (child)"" & another set as ""Parent 2 (parent) & Child 2 (child)"". The difference between the two sets is that 'Child 1' was created before 'Parent 1' & then edited to have 'Parent 1' as it's parent, while the 'Child 2' was created after 'Parent 2'. Now, if I choose 'Parent 1' & 'Child 1' as a post's category, it creates the permalink as: {{{ /parent-1/child-1/hello-world/ }}} And if I choose 'Parent 2' & 'Child 2' as a post's category, it creates the permalink as: {{{ /parent-2/hello-world/ }}} ---- '''How to reproduce the bug:-''' 1. Create a category 'child 1'. 2. Create another category 'parent 1'. 3. Now edit the 'child 1' category and set 'parent 1' as it's parent. 4. Now the permalink can't judge that 'parent 1' is the parent of 'child 1' & creates a wrong permalink as if only 'child 1' was selected. ---- '''Possible Reason:-''' A possible reason for this bug maybe due to the category id. Here, the 'Child 1' has lesser category id than 'Parent 1'. And the permalink algorithm checks for the least selected category id." gr8shivam 1 36308 get_attached_file() destroys file paths on Windows Media 4.4.2 normal normal Future Release defect (bug) assigned 2016-03-23T15:45:03Z 2023-05-31T15:30:19Z "While working on ticket #36273 I noticed that ''get_attached_file()'' from ''wp-includes/post.php'' will destroy paths normalized by ''wp_normalize_path()'' on Windows: For example the function starts with {{{#!php $file = get_post_meta( $attachment_id, '_wp_attached_file', true ); // $file = 'C:/WWW/Sites/demo/htdocs/wordpress/wp-content/uploads/2016/03/example.jpg' }}} However this will become {{{#!php $file = 'C:\WWW\Sites\demo\htdocs\wordpress/wp-content/uploads/C:/WWW/Sites/demo/htdocs/wordpress/wp-content/uploads/2016/03/example.jpg' }}} due to {{{#!php if ( $file && 0 !== strpos($file, '/') && !preg_match('|^.:\\\|', $file) && ( ($uploads = wp_upload_dir()) && false === $uploads['error'] ) ) $file = $uploads['basedir'] . ""/$file""; }}} This is similar to ticket #24824 however we are dealing will full qualified paths here, not URLs (well, both are URIs...). PS: Yes, `$uploads['basedir']` contains mixed directory separators. That's another thing." Whissi 61 36309 Timezone issue in WP_Date_Query->build_mysql_datetime Query 4.4.2 normal normal enhancement new 2016-03-23T15:57:00Z 2019-06-04T20:56:04Z "Currently build_mysql_datetime function in WP_Date_Query using gmdate to generate SQL datetime. {{{#!php <?php if ( ! is_array( $datetime ) ) { // @todo Timezone issues here possibly return gmdate( 'Y-m-d H:i:s', strtotime( $datetime, $now ) ); } }}} That leads to unexpected result in my use case. My timezone is GMT -7. When I want to get posts before the current post (e.g. post_date 2015-12-30 14:00:02), the query get posts before 2015-12-30 07:00:02. That not what I want. I'm trying to use GMT with get_post_time function, but the query get posts before 00:00:02. Farther from what I want. I think this function not need to change date timezone with gmdate. Just use datetime as is with date function." fad.lee 36312 Inline link toolbar: add advanced panel Editor normal normal enhancement new 2016-03-23T20:36:56Z 2019-06-04T19:35:35Z Attempt to move advanced fields in the link modal to the inline link toolbar (under the gear icon) and make it easily extendible. Thoughts are welcome. :) iseulde 3 36313 get_pages() child_of argument does not work in combination with meta_key/value query Posts, Post Types 4.4.2 normal normal defect (bug) new 2016-03-23T21:38:48Z 2023-07-06T12:21:02Z "If you pass both `child_of` and `meta_key/value` parameters to the `get_pages()` function, there are problems. To reproduce: Create a page structure like so: Grandparent (id=1) -Parent (id=2) --Child (id=3) Add a custom field to the Child page. Say `meta_key='bark'` and `meta_val='woof'`. Call {{{ get_pages(array( 'child_of'=>1, 'meta_key'=>'bark', 'meta_value'=>'woof' )); }}} And it will return an empty array. The reason this is happening is because in the `get_pages` function (`wp-includes/post.php`) on line 4562, the `$pages` array only contains Child because it's been filtered by the `meta_key`, but `get_page_children()`, which is being used to determine which pages are `child_of`, requires the complete hierarchy of connected pages to determine which are children, and so it returns nothing. I hope this is helpful. Obviously there are workarounds using loops and get_posts() and people are always suggesting you don't use get_pages() but anyhow, there it is, a bug report. :)" MarcGuay 4 36314 If orderby undefined, alter get_posts to defer to WP_Query's default needs-unit-tests Posts, Post Types normal normal enhancement new 2016-03-23T22:22:46Z 2019-06-04T20:56:15Z "If the argument is undefined, defer `get_posts` orderby & order to that of WP_Query's. For search strings, this will order posts by relevance. In other cases it will have no effect." peterwilsoncc 36317 Introduce a cookie prefix default constant dev-feedback Login and Registration normal normal enhancement new 2016-03-24T01:41:57Z 2019-06-04T20:23:42Z "Right now, all of WordPress's cookies are prefixed with the same `wordpress` namespace. A problem arises with `advanced-cache.php` caching solutions that load before `wp_cookie_constants()` is called, where the cookie prefix cannot be guessed. The current work around is to stab at each cookie individually: {{{ // Auth cookie if ( defined( 'AUTH_COOKIE' ) && ( $this->cookie === AUTH_COOKIE ) ) { return true; } // User cookie if ( defined( 'USER_COOKIE' ) && ( $this->cookie === USER_COOKIE ) ) { return true; } // Logged-in cookie if ( defined( 'LOGGED_IN_COOKIE' ) && ( $this->cookie === LOGGED_IN_COOKIE ) ) { return true; } }}} And to special case the test cookie, like: {{{ // Generic 'wordpress' cookies (that are not test cookies) if ( ( substr( $this->cookie, 0, 9 ) === 'wordpress' ) && ( $this->cookie !== 'wordpress_test_cookie' ) ) { return true; } }}} But without a known and trusted cookie prefix, it's still an unpredictable environment. ----- I'd like to re-propose an 8 year old issue (#6413) to introduce a new default constant to define a cookie prefix. This could turn the above snippet into something at least slightly more sane, like: {{{ // Generic 'wordpress' cookies (that are not test cookies) if ( defined( 'COOKIEPREFIX' ) ) { $len = strlen( COOKIEPREFIX ); if ( substr( $this->cookie, 0, $len ) === COOKIEPREFIX ) && ( false !== strpos( $this->cookie, 'test_cookie', $len ) ) { return true; } } }}} A `COOKIEPREFIX` constant would also allow plugins an easy way to drop themselves inside of WordPress's cookie namespace, which will help them play more nicely in environments where WordPress is not the only application within the domain." johnjamesjacoby 36323 home_url returns url with wrong scheme dev-feedback Permalinks 4.4.2 normal normal defect (bug) new 2016-03-25T02:40:21Z 2019-06-04T20:56:21Z "Hello, I have a multisite with HTTPS on all subsites. When using {{{ home_url( '/' ); }}} , on a subsite page, logged in user got a https url, when anonymous got just http. In the track, it seems that the error comes from those lines... {{{#!php 2963 if ( ! in_array( $scheme, array( 'http', 'https', 'relative' ) ) ) { 2964 if ( is_ssl() && ! is_admin() && 'wp-login.php' !== $pagenow ) 2965 $scheme = 'https'; 2966 else 2967 $scheme = parse_url( $url, PHP_URL_SCHEME ); 2968 } }}} ... Thank you for your time." Gerkin 3 36324 Post status labels use inconsistent grammar dev-feedback Posts, Post Types normal normal enhancement new 2016-03-25T05:57:25Z 2019-06-04T20:56:27Z "Our post status labels switch back and forth between being verbs, adjectives, or potentially past-participles: * All * Mine * Published * Scheduled * Drafts * Trash I'd like to suggest we tidy these up. Maybe something like: * All * Authored (I don't love this, but you get the idea) * Published * Scheduled * Drafted * Trashed " johnjamesjacoby 1 36334 Custom RSS feed has wrong MIME type and forces download in browser needs-docs Feeds 2.1 normal normal Future Release defect (bug) reopened 2016-03-25T18:37:42Z 2020-03-25T15:58:17Z "When adding a custom RSS feed using add_feed(), the resulting feed is transferred to the document with the wrong MIME type and forces a download. Built in feeds behave properly. {{{ <?php add_action('init', 'customRSS'); function customRSS(){ add_feed('feedname', 'customRSSFunc'); } function customRSSFunc(){ echo 'say anything'; // get_template_part('rss', 'feedname'); } ?> }}} Navigating to http://wordpress.dev/feed/feedname/ results in forced download and console message: {{{ Resource interpreted as Document but transferred with MIME type application/octet-stream: ""http://wordpress.dev/feed/feedname/"". }}} This occurs on a fresh install of WordPress 4.4.2 with no added plugins. The above code is the only contents of functions.php in a child theme of Twenty Sixteen. Browser/OS is Google Chrome 48.0.2564.116 (64-bit) on Mac OSX 10.11.3. Test website is running on a local Vagrant/VirtualBox server." Missilesilo 11 36335 Next generation: core autoloader proposal has-patch General normal normal Awaiting Review feature request new 2016-03-25T19:21:43Z 2024-02-14T20:30:44Z "Hello WordPress community. With this ticket I would like to get the debate of the last days about how to attract WordPress to developers (or the other way around?) to a concrete discussion on how a class autoloader could look like in WordPress core. So when we start to think about some major improvements like in #36292, we should also take some time and talking about autoloading. == Abstract == A class autoloader is a basic tool to separate code writing form code organization. It takes care about providing class declaration at the point they are needed. The fact that WordPress lacks of a core autoloader was one point mentioned in the debate on what developers [https://www.alainschlesser.com/attracting-developers-wordpress/ missing most with WordPress]. == Why we need an autoloader == Plugin authors using autoloaders these days. They even use composer for dependency management and ship their plugins with this dependencies. This practice [https://github.com/composer/composer/issues/3852 leads to trouble right now]. I'm convinced that in a long-range plan we even have to talk about how to deal with proper dependency management to overcome collisions. Having an autoloader in core is a precondition for this. == How an implementation could look like == The following proposal follows a concept of separating the file locating and file loading process to avoid a violation of the single responsibility principle and to gain flexibility. All classes and interfaces are prefixed with `WP_Autoload_` to apply a pseudo namespace. The main instance of this concept is the interface `WP_Autoload_Rule`. An autoload rule is against the client responsible for locating and loading a given class. The class is provided by its full qualified name. This leads to this interface signature: {{{#!php <?php interface WP_Autoload_Rule { /** * @param string $class (A full qualified class name) * * @return bool */ public function load_class( $class ); } }}} Implementations could be `WP_Autoload_Psr4Rule`, `WP_Autoload_Psr0Rule` or `WP_Autoload_ClassMapRule` or what ever plugin and theme authors want to implement for their requirements. Here's a quick example: {{{#!php <?php class WP_Autoload_Psr4Rule implements WP_Autoload_Rule { /** * @var string */ private $base_namespace; /** * @var string */ private $base_directory; /** * @var WP_Autoload_FileLoader */ private $file_loader; /** * @param $base_namespace * @param $base_directory */ public function __construct( $base_namespace, $base_directory, $file_loader = NULL ) { $this->base_directory = (string) $base_directory; $this->base_namespace = (string) $base_namespace; $this->file_loader = $file_loader && is_a( $file_loader, 'WP_Autoload_Fileloader' ) ? $file_loader : new WP_Autoload_IsReadableFileLoader; } /** * @param string $class (A full qualified class name) * * @return bool */ public function load_class( $class ) { // performing the psr4 mapping here to get a $file $file = '/whatever'; return $this->file_loader->load_file( $file ); } } }}} Autoloading rules should depend on a file loader. The file loader receives a file name and loads it, if it is present. {{{#!php <?php interface WP_Autoload_FileLoader { /** * @param string $file * * @return bool */ public function load_file( $file ); } }}} A very simple implementation can just ask for `is_readable()`. Looking on performance, another implementation could `glob()`-ing a given directory once to read in all PHP-files and matching the given file against this list. Even persistent caches are thinkable. Last but not least `WP_Autoload_Autoload` acts as a repository for all possible rules: {{{#!php <?php interface WP_Autoload_Autoload { /** * @param WP_Autoload_Rule $autoload_rule * * @return void */ public function add_rule( $autoload_rule ); } }}} The main implementation should be `WP_Autoload_SplAutoload` which connects to PHP standard library autoload: {{{#!php <?php class WP_Autoload_SplAutoload implements WP_Autoload_Autoload { /** * @var WP_Autoload_Rule[] */ private $rules = array(); /** * @param WP_Autoload_Rule $autoload_rule * * @return void */ public function add_rule( $autoload_rule ) { if ( ! in_array( $autoload_rule, $this->rules, TRUE ) ) $this->rules[] = $autoload_rule; } /** * @param string $fqcn (full qualified class name) */ public function load_class( $fqcn ) { foreach ( $this->rules as $rule ) { if ( $rule->load_class( $fqcn ) ) break; } } } }}} == Instantiate and propagate the autoloader == {{{#!php <?php function wp_setup_autoloader() { $autoloader = new WP_Autoload_SplAutoload; spl_autoload_register( array( $autoloader, 'load_class' ) ); /** * Use the WordPress core autoloader to * bootstrap your plugin and theme * * @param WP_Autoload_Autoload $autoloader */ do_action( 'wp_autoload', $autoloader ); } }}} `wp_setup_autoloader()` should then be called early in the WP loading process. {{{#!php <?php add_action( 'wp_autoload', function( $autoloader ) { $autoloader->addRule( new WP_Autoload_Psr4Rule( 'MyPlugin\\' __DIR__ . '/src' ) ); } ); }}} == Things to discuss == * The proposal uses [http://verraes.net/2013/09/sensible-interfaces/ sensible interface names] which I prefer over naming interfaces like `WhateverInterfaces`. As WordPress does not provide interfaces right now, this is just a suggestion. * PHP class identifiers are case insensitive. That means `new MySql` and `new MySQL` will both work, if a class `mysql` is declared. The autoloader should respect this. Now, Psr4 is very wide-spread and encourage developers to use case sensitive autoloaders and [https://r.je/php-autoloaders-should-not-be-case-sensitive.html this is a problem]. How can we deal with this in a performant way? * How should the WordPress core files be organized to work with the autoloader? Is it realistic to rearrange them, if not how could a corresponding `WP_Autoload_Rule` look like? * What about compatibility with PHP 5.2.? The proposal uses `spl_autoload_register`. But before PHP 5.3.0 it is theoretically possible to deactivate the spl extension. In this case another implementation of `WP_Autolad_Autoload` would be necessary and maybe some adaptions to the other interfaces. But is this really the intention? == Finally == Thanks for reading. Feel free to add your concerns, your opinions or even if I'm on a completely wrong train. In fact I'm really interested in critic. To be clear, I don't want to push this proposal but I would like to see a proper autoloader in core some day :)" dnaber-de 265 36339 Possible issue with export_wp() and undefined custom post types needs-unit-tests Export normal normal Future Release defect (bug) new 2016-03-25T22:03:59Z 2020-07-06T14:20:09Z "While writing the improved docblock for `export_wp()`, I noticed something that may be an issue if an invalid custom post type is supplied. Here is the code: {{{#!php <?php if ( 'all' != $args['content'] && post_type_exists( $args['content'] ) ) { $ptype = get_post_type_object( $args['content'] ); if ( ! $ptype->can_export ) $args['content'] = 'post'; $where = $wpdb->prepare( ""{$wpdb->posts}.post_type = %s"", $args['content'] ); } else { $post_types = get_post_types( array( 'can_export' => true ) ); $esses = array_fill( 0, count($post_types), '%s' ); $where = $wpdb->prepare( ""{$wpdb->posts}.post_type IN ("" . implode( ',', $esses ) . ')', $post_types ); } }}} The two things that occurred me are 1. If a valid custom post type is supplied but its `can_export` property is `false`, `posts` will be used instead. This is unexpected behaviour. I think it should stop and not export anything. 1. if an invalid custom post type is supplied, every post type that has `can_export` set to `true` is used. This is also unexpected behaviour. I think it should stop and not export anything. Am I reading this wrong? Is there a reason why it works this way?" theMikeD 3 36340 Other options ignored when using a custom post type with export_wp() Export normal normal Future Release enhancement new 2016-03-25T22:17:35Z 2020-07-06T14:09:01Z "While writing the improved docblock for `export_wp()`, I noticed something that may be an issue when a custom post type is supplied. For the built-in post types you can filter the exported content by start date, end date and/or author. But not with a custom post type: with them it's everything. Is this by design? The fix could be to modify line 113 to include the custom post type option because by that point we know that it's both valid and `can_export` is true thanks to the stuff starting on line 88. I don't use this code myself but it did jump out at me. Thoughts?" theMikeD 1 36341 Add a note about the 'init' hook to the DocBlock for get_current_user_id() has-patch Users normal normal Future Release defect (bug) assigned 2016-03-25T22:47:15Z 2018-02-09T16:44:54Z DrewAPicture 12 36355 Article URL redirects no longer working Canonical 4.0 normal normal defect (bug) new 2016-03-28T15:20:39Z 2019-06-04T19:35:41Z "On multiple sites, we have started using article URLs with the post ID in them. Historically, this has allowed WordPress to find the post and do a 301 redirect when the slug, date, or other parts of the URL path changed. For example, Permalink - %year%/%vertical%/%category%/%postname%-%post_id%/ All of these URLs should redirect us to this article: http://variety.com/2016/tv/news/the-loud-house-premiere-date-video-nickelodeon-1201740128/ http://variety.com/2015/tv-news/news/the-loud-house-premiere-date-video-nickelodeon-1201740128/ http://variety.com/2015/tv-news/news/test-url-slug-1201740128/ http://variety.com/the-loud-house-premiere-date-video-nickelodeon-1201740128/ http://variety.com/2016/the-loud-house-premiere-date-video-nickelodeon-1201740128/ While the first 2 examples work correctly, the last 2 URLs land on 404 page inspite of correct %pagename%-%post_id% combination. If we have Permalink - %year%/%vertical%/%category%/%postname%/ The last 2 structure work correctly and reach correct article page. For example - http://hollywoodlife.com/2016/03/28/lip-sync-battle-the-walking-dead-sasha-vs-maggie-video/ http://hollywoodlife.com/lip-sync-battle-the-walking-dead-sasha-vs-maggie-video/ http://hollywoodlife.com/2013/lip-sync-battle-the-walking-dead-sasha-vs-maggie-video/ Since we have a correct %postname%-%post_id% combination in the first Permalink structure URL, we should be able to reach the correct article page in the last 2 examples there too. " archanamandhare 2 36368 Add `access_admin` capability dev-feedback Users normal normal feature request new 2016-03-29T13:55:09Z 2019-06-05T06:44:00Z "Many, many plugins do various types of checking of capabilities the determine if a user should ''really'' have the ability to view the WordPress admin. It's very common to prevent that from happening. Within WordPress's roles and capabilities, there are many checks that have something to do with the admin, like `edit_posts` and myriad others, but there isn't one that's an explicit `admin_access` check. Even a Subscriber role sees the toolbar by default, only to be able to edit their profile and see WordPress news, the activity widget (and Akismet stats btw) once they log in. I can't imagine many scenarious where this is truly wanted by site administrators -- for lower level users to even know what CMS the site uses, much less view the admin. I'd love to see `admin_access` or a similar capability enabled in core. I think for backward compatibility reasons, it may have to be set to `true` for all roles by default, but at least plugins would have a standard capability to flag for disabling it. It'd also be nice as a ""Reading"" option for the site owner to choose roles that should have access to the admin and would trigger this capability -- but that's probably wishing too much from a core standpoint. @drewapicture has a plugin called [https://wordpress.org/plugins/remove-dashboard-access-for-non-admins/ Remove Dashboard Access] that has a [https://cloudup.com/cn67XAgAIop pretty thorough UI], if folks were interested in taking this the next step, but I'd rather focus on the capability itself as the primary mission of this ticket. To me this is a new user experience issue and would make for a very helpful flag for plugin authors, at a minimum." krogsgard 5 36372 Show Plugins Active at the Site Level Networks and Sites 4.4.2 normal normal enhancement new 2016-03-29T23:04:31Z 2019-06-04T20:56:33Z "[35151] added a new feature to multisite installs to show the Network Active plugins at the subsite level (#20104). Although this fixed one problem, it has created an issue where the Network Admin has no simple way to discern which plugins -- in addition to the Network Active list -- are activated at the site level. Previously the active plugins filter at a sub-site level could be used to show the sub-site activated plugins. In order to find out which plugins are subsite activated now, the Network Admin has to scan through all the plugins available on the Network, looking for the small ""deactivate"" link, amidst the Network Active and Inactive plugins. [[Image(https://cldup.com/EM7DN3pStf.png)]] On the subsite level, it would be helpful to be able to toggle a filter to view the ""Site Active"" plugins, in addition to the ""Network Active"" plugins, particularly in busy multisites where a large number of plugins are being used in specific ways on small sub-sections of the network. This would mimic the additional filters available at the network level, where plugins can be filtered by Must-Use, Drop-ins, Recently Active etc, [[Image(https://cldup.com/Lq7ubQ5PDx.png)]] expanding on the existing Sub-site filters: All, Active, Inactive [[Image(https://cldup.com/zP5v9BqxRc.png)]] I recognize there is a filter to regress to the the previous behaviour, but I'm looking for the best of both worlds." mrjarbenne 3 36376 current_user_can/has_cap fails when user has multiple roles dd32* needs-unit-tests Role/Capability normal normal Future Release defect (bug) accepted 2016-03-30T17:16:45Z 2019-01-14T04:46:21Z "To replicate the issue, install a role editor. Setup a user with primary role 'author' and secondary role 'customer' (this is a WooCommerce role which has ONLY 'read' access, nothing else). https://dl.dropboxusercontent.com/s/xgucqvvh6no3skm/2016-03-30%20at%2017.49.png?dl=0 You can add a role with only: {{{#!php 'read' => true }}} permissions if you don't have WooCommerce installed. Dump: {{{#!php current_user_can( 'edit_posts' ) }}} It will be false. During get_role_caps() in class-wp-user.php, each role is retrieved and merged. The merge itself doesn't look at values, so if multiple roles have the same 'cap' but different value, these overwrite each other. In my case, edit_posts was true for the author role, but false for customer role. Customer role false overwrote author role true. Since caps only allow access to things if 'true', I think we can safely discard all 'false' caps when getting roles. If false caps are discarded, only true caps are left which works around the issue and fixes user capabilities if they have multiple roles at once. Fix to follow (added array_filter to discard all 'false' caps, allowing us to merge only 'true' caps). Had this reported to us in https://github.com/woothemes/woocommerce/issues/10612#issuecomment-203518038 but wasn't a WooCommerce issue. " mikejolley 14 36391 Create a hook to handle dynamic CSS? close Script Loader normal normal Awaiting Review feature request new 2016-04-01T00:12:25Z 2022-07-15T15:08:32Z "I'm not sure if this has been suggested before, but it would be really cool if there was a hook for plugins that would allow them to add their css to a css file that is generated and enqueued automatically when that hook is not empty. This would be done to prevent plugins such as Visual Composer, from loading all of their custom css in the <head> of the page which can be bad for caching. Instead they would hook in, add their css, and then the css would be added to a single file along with all of the other css that has been hooked to it. {{{ add_filter( 'options_css', 'add_my_plugin_css' ); function add_my_plugin_css( $hooked_css ) { $bg_color = get_option( 'header_background_color' ); $hooked_css .= '#header{background-color:'.$bg_color.';}'; return $hooked_css; } }}} This code would then be hooked, sanitized, and minified, and then enqueued where it needs to be. I'd even suggest that the name of the css file could be wp-options.css or options.css " CarlosRios 5 36397 add_query_arg doesn't work with numbered html entities dev-feedback Formatting 2.8 normal normal defect (bug) new 2016-04-01T13:36:24Z 2019-06-04T19:56:44Z "In #20771 we'd like to use `esc_url` instead of `esc_html` to escape the url that is generated by `wp_nonce_url`. Unfortunately this is currently not possible because `add_query_arg` has some buggy behavior with regard to its dealing with hashes in urls. I am creating this ticket to deal with that issue separately. `add_query_arg` searches for the first hash in a url and cuts everything that comes after it from the url as the hashfragment and appends it back at the end of the operation. There are two problems with this: 1. No hash found in the url necessarily indicates a hashfragment. It could also indicate a numbered html entity. 2. If there are multiple hashes in the url, we should probably only look at the last hash present to find a possible hashfragment. This can for instance become a problem when we use`esc_url` on a url with more than one parameter. `esc_url` escapes ampersands by replacing them with their numbered html entity equivalents; `#038;` When I now want to use `add_query_arg` on such a url, the parameters get moved to the end of the url because it thinks everything after the second parameter is a hashfragment. I am adding a patch with a some passing and some failing testcases that cover this issue. I am also adding a patch that takes care of the issue of multiple hashes in the url and fixes the issue for ampersands, which should unblock #20771 if it were committed." omarreiss 1 36402 front-page.php behavior for child themes Themes normal minor Awaiting Review enhancement new 2016-04-02T08:18:59Z 2018-04-17T22:08:56Z "Currently, if a parent theme has a `front-page.php` template, child theme inherits this too. I think this should not happen. On this specific case, I think that a child theme should behave like a parent one. The attached patch checks: {{{ if * A child theme is NOT used or * A child theme is being used and includes 'front-page.php' then * Load 'front-page.php' }}} This allows a child theme to include its own `front-page.php` template or setting the ''front-page'' to a page from the 'Reading' setting." cristovaov 1 36405 User creation fails for users with long names. Users normal normal defect (bug) new 2016-04-03T05:49:00Z 2023-05-28T11:52:50Z "Summary: When creating a user with a long first or last name, the query that inserts the user into the DB is assumed to have succeeded, but that fact is never verified. Sign in as an admin and create a new user, giving it the first name `ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQ` (or any 251-byte string). After submitting the form, you'll see a handful of error messages (line numbers are from trunk just now, but I can reproduce the bug as far back as 4.2.1): {{{ Notice: Trying to get property of non-object in wp-includes/pluggable.php on line 1716 Notice: Trying to get property of non-object in wp-includes/pluggable.php on line 1717 Notice: Trying to get property of non-object in wp-includes/pluggable.php on line 1730 Notice: Trying to get property of non-object in wp-includes/pluggable.php on line 1738 Notice: Trying to get property of non-object in wp-includes/pluggable.php on line 1740 Notice: Trying to get property of non-object in wp-includes/pluggable.php on line 1742 Notice: Trying to get property of non-object in wp-includes/pluggable.php on line 1746 Warning: Cannot modify header information - headers already sent by (output started at wp-includes/pluggable.php:1716) in wp-includes/pluggable.php on line 1171 }}} What happens is that the `$wpdb->insert( $wpdb->users, $data + compact( 'user_login' ) );` call in `wp_insert_user()` fails, but there's no check to ensure that it succeeded, so the code proceeds to try and create a new `WP_User` with ID `0`. This results in unexpected behavior, like sending a ""New User Registration"" email to the admin with blank ""Username"" and ""Email"" values. The failure is due to `$wpdb->process_fields()` calling `$wpdb->strip_invalid_text()`, which truncates the `display_name` field (because the `display_name` field only allows 250 bytes), and because it then doesn't match the value passed into `$wpdb->process_fields()`, it returns `false`. So this isn't so much a bug about a text string that's too long, it's really a bug about not checking the return value of `$wpdb->insert()`. I think the resolution of #10377 is probably the same kind of approach that could be taken here, since the problems seem similar." cfinke 2 36406 $network_wide is unreliable needs-unit-tests Plugins 3.0 normal critical Future Release defect (bug) reviewing 2016-04-03T09:20:33Z 2019-07-09T10:20:39Z "This issue may be related to ticket #31104 Scenario: In a WordPress network an admin decides a plugin must not be network activated. Only a per site or even a site specific activation shall be allowed. Idea: Conditional check during plugin activation and die with an error message if $network_wide is true. Result: Plugin does not get activated but the custom error message is not displayed Assume the following function run during activation (it is simplified and the real activation sequence does not have echos!) {{{ function test_activation_hook( $network_wide ) { echo '<span>1 | </span>'; // exit( 1 ); if ( is_multisite() ) { echo '<span>2: | </span>'; // exit( 2 ); if ( $network_wide ) { echo '<span>3: | </span>'; // exit( 3 ); } else { echo '<span>4: | </span>'; // exit( 4 ); } } else { echo '<span>5: | </span>'; // exit( 5 ); } echo '<span>6: | </span>'; exit( 6 ); } }}} If you exit after if(is_multisite) the message displayed will be '1 | 2 |' If you exit after if($network_wide) during a networkwide activation the message displayed is '1 | 2 | 4 | 6' instead of '1 | 2| 3|' Exiting at 4, 5, or 6 will display '1 | 2| 4|', '1 | 2| 5|' and '1 | 2| 6|' as expected. After many hours of debuging I realized the function (the action filter 'activate_' . $plugin) gets executed 3 times if you exit it early. And only the first call has the argument $network_wide set to true if it is an network_wide activation. If you like to exit at 3, that is you do not want a network activation, the flow is therefore as follows: - The first run (click on network activate) has $network_wide set to true and will exit at 3 - the second run (no idea why) has $network_wide set to false and will pass 1 | 2 | 4 | 6 - the third run (no idea why) has $network_wide set to false and will pass 1 | 2 | 4 | 6 Imho calling the activation function (or the code) three times in case you exit it (better say terminate because you cant end a plugin installiton clean) is wrong at all. However if this is by design then $network_wide must be reliably set to true if it originally was. " mensmaximus 31 36409 Comments number is wrong needs-unit-tests Comments normal normal defect (bug) new 2016-04-04T14:21:26Z 2019-06-04T19:35:47Z "Hi, the comment number return the number of approved comments, this means all approved comments even those are replies to unapproved comments, for example if a user post comment and people replied to it, then the admin decide to hide this parent comment by disapproving it, the comment number will decrease only by one and keeping counting the hidden replies So there are two option to fix that : 1. Hold/Disapprove all children when disapproving the parent. 2. Recalculate the comment number and excluding comments has an unapproved parent. Regards, Sidati" sidati 7 36411 Missing admin menu for custom taxonomy Menus normal normal defect (bug) new 2016-04-04T16:38:00Z 2019-06-04T20:23:47Z "I found an edge case that can cause that a user with the right capabilities becomes unable to manage terms on a custom taxonomy. The scenario includes: * A user with an editor role. * A custom post type with a set of custom capabilities that the current editor can not match. * A custom taxonomy assigned to that custom post types with default capabilities, so editors can manage it. Under those premises, the admin menu for the taxonomy is not generated. Note that you can access the admin page to manage terms on that custom taxonomy if you access the URL manually. If you then register a second custom taxonomy, also assigned to the same custom post type and with default capabilities (so an editor can manage it), then a custom admin menu is generated, wit the custom post type label, and granting access to admin pages to manage both taxonomies terms. I am attaching a minimum test case that does register the three objects, and includes comments as to how to test it." jadpm 4 36417 Unit tests for functions.php's maybe_unserialize General 2.0 normal normal enhancement new 2016-04-05T00:36:50Z 2019-06-04T19:56:56Z Unit tests for maybe_unseriaze tloureiro 1 36418 Custom MIME type icons lost in WP Media List view dev-feedback Media normal normal Awaiting Review defect (bug) new 2016-04-05T01:18:11Z 2021-10-23T13:22:48Z "The ability to define custom MIME icons has been possible since at least v2.5, by hooking into several filters, one of which is `icons_dir`. `icons_dir` allows you to specify additional directory/uri pairs for the `wp_mime_type_icon` routine to search, ideally adding icon support for additional MIME types. However, going through SVN history, it seems that almost from the beginning of the availability of that hook, there has been a loophole where the additional icon directories are ignored! Specifically: `wp_get_attachment_image_src` calls `wp_mime_type_icon`, which in theory could select a custom icon directory added by the `icon_dirs` hook. It then attempts to fetch width and height information from the selected icon file, but only checks the default wp-includes/images/media directory. Of course, this prevents the custom icons from displaying when fetched through `wp_get_attachment_image_src`." jhorowitz 2 36420 A more forgiving redirect guesser dev-feedback Canonical normal normal Awaiting Review enhancement new 2016-04-05T14:13:37Z 2017-08-16T19:53:17Z " I would like the redirect guesser to be more forgiving using SOUNDS LIKE . Here's a small suggestion: {{{#!php function redirect_guess_404_permalink() { global $wpdb; if ( get_query_var('name') ) { $where = $wpdb->prepare(""(post_name SOUNDS LIKE %s"", $wpdb->esc_like( get_query_var('name') ) ); $where .= $wpdb->prepare("" OR post_name LIKE %s)"", $wpdb->esc_like( get_query_var('name') ) . '%'); .... }}} It would be even better if it could be implemented using levenstein distance if that is not too heavy on resources. https://github.com/fza/mysql-doctrine-levenshtein-function " gorillum 2 36423 Constant in wp-config.php to disable uploads Upload normal normal Awaiting Review feature request new 2016-04-05T21:35:13Z 2017-02-02T12:59:42Z "During a conversation with @ jasondewitt10up today, he asked if there was a wp-config.php constant he could define to disable uploads within WordPress (his specific use-case was in case the containerized filesystem went away, but I could also see uses during migration/content freezes, while performing some upgrades, etc. I'd be interested to hear the core team's thoughts on a constant like `DISABLE_FILE_UPLOAD`, which would function in a similar fashion to `DISALLOW_FILE_EDIT` and `DISALLOW_FILE_MODS`. Is there a stance for or against more wp-config.php constants, or is it a ""only if they ''really'' make sense and would be applicable for a large % of the install base"" decision?" stevegrunwell 2 36424 graphically visualize if comments are closed (in wp-admin/edit.php) has-patch Comments normal normal Future Release enhancement new 2016-04-06T08:08:36Z 2018-03-12T17:02:29Z "it would be nice if the pages or posts list would not only show the number of comments per page but if it also could show a symbol if comments for this particlar page or post are closed. proposal: - the lock symbol https://developer.wordpress.org/resource/dashicons/#lock - or https://developer.wordpress.org/resource/dashicons/#edit combined with a kind of ""forbidden"" sign/strike, similar to https://developer.wordpress.org/resource/dashicons/#hidden " pixelverbieger 41 36426 WP Admin memory limit not increasing to base limit by default has-patch Administration 4.6 normal normal enhancement new 2016-04-06T12:54:54Z 2019-06-04T19:35:53Z "We have 2 constants that can be set in wp-config.php (and by using filters, afaik), for example: {{{#!php define( 'WP_MEMORY_LIMIT', '512M' ); // increases WP base (front-end) limit define( 'WP_MAX_MEMORY_LIMIT', '512M'); // increases WP admin (back-end) limit }}} The former isn't really known, which you can Google to find out. People usually only use the first constant. If the 2nd constant (WP_MAX_MEMORY_LIMIT) is not set, it defaults to 256M. WP_MEMORY_LIMIT can be higher than that though, so we could safely increase WP_MAX_MEMORY_LIMIT to match WP_MEMORY_LIMIT if WP_MEMORY_LIMIT is higher and WP_MAX_MEMORY_LIMIT is not set manually to a lower (than WP_MEMORY_LIMIT) value. What I mean in coding terms: {{{ if(!isset(WP_MAX_MEMORY_LIMIT) && isset(WP_MEMORY_LIMIT)){ if(WP_MEMORY_LIMIT>DEFAULT_WP_MAX_MEMORY_LIMIT){ //NOTE to the line above: this requires parsing the actual value in these constants as the strings can be like: 512M, 1G etc.; the DEFAULT_WP_MAX_MEMORY_LIMIT is a thing I came up with, currently the default admin memory limit is 256M define( 'WP_MAX_MEMORY_LIMIT', WP_MEMORY_LIMIT); } } }}} All these values can be checked with the Bulletproof Security plugin, under BPS Security -> System Info. Side note: imho WP_MAX_MEMORY_LIMIT should be renamed to something like WP_ADMIN_MEMORY_LIMIT, but that's another issue. " eclare 2 36428 Weird default value of option 'default_link_category' needs-unit-tests Upgrade/Install 3.5 normal normal defect (bug) new 2016-04-06T15:15:19Z 2020-06-05T06:22:07Z "The option `default_link_category` has value `2` after installing WordPress. It makes no sense since 3.5. Generally, it's not a big problem, but we check referential integrity in our plugin and this fails because there's no `term_taxonomy` with ID `2`. " JanVoracek 2 36432 Show Site ID and Theme in My Sites dev-feedback Networks and Sites 4.4.2 normal normal Awaiting Review enhancement new 2016-04-06T21:27:31Z 2019-11-05T13:49:25Z It could be useful to show in My Sites menu, for each site, the Theme/Child Theme applied and the site ID jusox 4 36437 wp_delete_attachment causes warning needs-unit-tests Media 2.0 normal normal Awaiting Review defect (bug) new 2016-04-07T06:24:34Z 2017-07-27T16:26:17Z wp_delete_attachment assumes that attachments uses category and post_tag taxonomies. This causes a warning in wp_delete_object_term_relationships when post type attachment is not using category or post_tag taxonomies. thorbrink 2 36439 Wrong language when resetting password johnbillion has-patch Login and Registration normal normal Future Release defect (bug) reviewing 2016-04-07T09:29:24Z 2021-10-20T15:16:27Z "When using WPML (or other multilanguage plugin) along with multisite, the reset password email comes in wrong language, as the reset password form is sent to network_site_url() instead of site_url(). I think a proper way should be: <form name=""lostpasswordform"" id=""lostpasswordform"" action=""<?php echo esc_url( site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>"" method=""post"">" vasikgreif 8 36440 get_results break in wp-admin/options.php if thetable is huge Options, Meta APIs 4.4.2 normal minor defect (bug) new 2016-04-07T14:17:47Z 2019-06-04T20:56:39Z "If we try to check all values from wp_options table thanks to the admin page wp-admin/options.php, the page will be broken if the table is huge (on my case more than 100 000 rows). A simple pagination feature should fix the issue instead of trying to get all results. Currently on wp-admin/options.php line 253: {{{#!php <?php $options = $wpdb->get_results( ""SELECT * FROM $wpdb->options ORDER BY option_name"" ); }}} " aoculi 2 36441 Customizer: when setting header image, site icon and logo, do not force the user to crop the image if cropping is not required Customize 4.3 high normal Future Release defect (bug) new 2016-04-07T15:33:28Z 2022-07-20T21:18:04Z "This is a long time standing UX ""weirdness"". When using ""the Cropper"" in the Customizer, it forces the user to crop the selected image even when it only requires scaling. To reproduce: - Open the Customizer and go to setting a site icon. - Upload an image that is square, I tested with 800 x 800px. We require 512 x 512px image for site icon, so the uploaded image only needs to be scaled. However on the next screen there is no ""Skip cropping"" button. If the users wants to use the whole image, they will have to ""crop"" it at 100% x 100% to get to the next step. " azaozz 19 36442 Customizer: when setting header image and site logo, also create a 2x image if possible Customize 3.9 normal normal Future Release defect (bug) new 2016-04-07T15:46:44Z 2017-01-24T18:49:45Z Currently after cropping an image for a header image or site logo, we make only smaller sizes images with the same ratio. These sizes are used (automatically) in srcset. We also need to make a 2x size for use on high density displays, if the original image is large enough. azaozz 2 36447 Responsive preview icons in Customizer need tooltips iamjolly dev-feedback Customize 4.6 normal normal Future Release enhancement assigned 2016-04-08T02:44:59Z 2021-11-09T15:43:27Z "The new icons at the bottom of the Customizer for toggling the preview window of your site really need tooltips to indicate what they're for. Just like the tooltips on the Visual Editor icons, other icons in the Dashboard should have tooltips as well. As leading usability expert Jakob Nielsen explains; >A user’s understanding of an icon is based on previous experience. Due to the absence of a standard usage for most icons, text labels are necessary to communicate the meaning and reduce ambiguity. https://www.nngroup.com/articles/icon-usability/ Even the Google Design Guidelines recommend tooltips for icons https://www.google.com/design/spec/components/tooltips.html# I originally raised this as a post on the [https://wordpress.org/support/topic/responsive-preview-icons-in-customizer-need-tooltips Beta forum] but it was suggested that since it's getting late in the 4.5 release cycle it would be best to raise it as a Trac ticket." ahortin 14 36448 When concatenating scripts in script-loader dependencies may not be honoured. Script Loader 4.4.2 normal normal defect (bug) new 2016-04-08T09:33:59Z 2019-06-04T21:21:36Z "This is a follow on from [https://core.trac.wordpress.org/ticket/36392#comment:13 36392#comment:13]. Ticket #15833 looks to be related. When concatenating scripts, dependencies may not be honoured for scripts that trigger the use of `$print_html` (ie those outside the default directories or having conditionals or (if available!) inline scripts). For instance this test where `three` depends on `one` and `one` has a conditional: {{{#!php <?php public function test_wp_script_conditional_concat_dependency() { global $wp_scripts; $wp_scripts->do_concat = true; $wp_scripts->default_dirs = array( '/directory/' ); $wp_scripts->default_version = 1; wp_enqueue_script( 'one', '/directory/one.js', array(), 1 ); wp_enqueue_script( 'two', '/directory/two.js', array(), 1 ); wp_enqueue_script( 'three', '/directory/three.js', array( 'one' ), 1 ); wp_script_add_data( 'one', 'conditional', 'blah' ); $wp_print_scripts = get_echo( 'wp_print_scripts' ); $print_scripts = get_echo( '_print_scripts' ); $expected = ""<!--[if blah]>\n""; $expected .= ""<script type='text/javascript' src='/directory/one.js?ver=1'></script>\n""; $expected .= ""<![endif]-->\n""; $expected .= ""<script type='text/javascript' src='/wp-admin/load-scripts.php?c=0&load%5B%5D=two,three&ver=1'></script>\n""; $this->assertEquals( $expected, $print_scripts ); $this->assertEquals( '', $wp_print_scripts ); } }}} will fail, as the conditional stuff will always be outputted after the concatenated scripts, resulting in `one` appearing after `three`: {{{ <script type='text/javascript' src='/wp-admin/load-scripts.php?c=0&load%5B%5D=two,three&ver=1'></script> <!--[if blah]> <script type='text/javascript' src='/directory/one.js?ver=1'></script> <![endif]--> }}} The same is also true, ''mutatis mutandis'' (ahem), for styles, but I'll open a separate ticket for that." gitlost 1 36449 When concatenating styles in script-loader dependencies may not be honoured. Script Loader 4.4.2 normal normal defect (bug) new 2016-04-08T09:43:07Z 2019-06-04T21:21:41Z "This is the (not-really) evil twin of the scripts issue [https://core.trac.wordpress.org/ticket/36448 36448]. When concatenating styles, dependencies may not be honoured for styles that trigger the use of `$print_html` (ie those outside the default directories or having conditionals or alts). For instance this test where `three` depends on `one` and `one` has a conditional: {{{#!php <?php public function test_wp_style_conditional_concat_dependency() { global $wp_styles; $wp_styles->do_concat = true; $wp_styles->default_dirs = array( '/directory/' ); $wp_styles->default_version = 1; wp_enqueue_style( 'one', '/directory/one.js', array(), 1 ); wp_enqueue_style( 'two', '/directory/two.js', array(), 1 ); wp_enqueue_style( 'three', '/directory/three.js', array( 'one' ), 1 ); wp_style_add_data( 'one', 'conditional', 'blah' ); $wp_print_styles = get_echo( 'wp_print_styles' ); $print_styles = get_echo( '_print_styles' ); $expected = ""<!--[if blah]>\n""; $expected .= ""<link rel='stylesheet' id='one-css' href='/directory/one.js?ver=1' type='text/css' media='all' />\n""; $expected .= ""<![endif]-->\n""; $expected .= ""<link rel='stylesheet' href='/wp-admin/load-styles.php?c=0&dir=ltr&load%5B%5D=two,three&ver=1' type='text/css' media='all' />\n""; $this->assertEquals( $expected, $print_styles ); $this->assertEquals( '', $wp_print_styles ); } }}} will fail, as the conditional stuff will always be outputted after the concatenated styles, resulting in `one` appearing after `three`: {{{ <link rel='stylesheet' href='/wp-admin/load-styles.php?c=0&dir=ltr&load%5B%5D=two,three&ver=1' type='text/css' media='all' /> <!--[if blah]> <link rel='stylesheet' id='one-css' href='/directory/one.js?ver=1' type='text/css' media='all' /> <![endif]--> }}} " gitlost 1 36462 Updating or publishing a (custom) post that hasn't loaded completely closes comments dev-feedback Posts, Post Types 4.4.2 normal normal Future Release defect (bug) new 2016-04-10T14:44:28Z 2017-02-20T22:19:57Z "I am using a custom post type, but I assume this happens to the default post type as well. On the edit post screen (post.php?post=1&action=edit) I have several custom meta boxes. Some of these have content that is quite slow to load. You can reproduce this behavior by adding a sleep(5) statement somewhere in the code that loads the content for a custom meta box. Now in the document's DOM, the sidebar is loaded before the custom meta boxes. This introduces a situation where it is possible to update or publish a post before all the meta boxes have completely loaded. In most cases this isn't a huge problem - I myself check to see if the $_POST fields are there and if they are not then I don't act upon them. Unfortunately this does not happen for the included ""Discussion"" meta box. This box has a checkbox named ""Allow Comments"" which gets switched off when you update the post before this meta box has loaded into the DOM. The culprit is the code in wp-admin/includes/post.php on line 133 in the _wp_translate_postdata() function: {{{#!php if (!isset( $post_data['comment_status'] )) $post_data['comment_status'] = 'closed'; }}} Since the comment_status field is not in the post data, it is automatically assumed it needs to be closed. Of course there are two ""workarounds"" I can think of that would improve my current situation. One is for me to optimize the meta boxes so the page loads quicker, the other is to move the Discussion metabox to the top of the page, so it loads first. Is this expected behavior? I would much rather see the current comment_status be preserved - don't touch it if I didn't intend to modify it. Of course there might be a reason for this implementation that I don't know about. This post data is then finally presented to wp_insert_post in wp-includes/post.php which actually updates the post's comment_status to become closed, which finally answers my boss' question why comments kept getting disabled automatically." SeBsZ 15 36475 Responsive images in TinyMCE Editor normal normal Future Release enhancement new 2016-04-11T12:49:07Z 2019-07-02T14:57:57Z Decide if we should be adding the `srcset` and `sizes` attributes to the images in the editor, and if they should be saved to the database or added with the display filter. iseulde 4 36477 Responsive images (srcset) can include images larger than the full size needs-unit-tests Media 4.4.2 normal normal Future Release defect (bug) assigned 2016-04-11T13:27:58Z 2023-09-01T15:35:00Z "In many cases, I saw the resized and smaller images are much larger than the origin image, especially for the optimized images, it will make no sense to do that resize in this case, the worst case I've seen is about 13x larger than the origin and bigger image. If an example can help to explain the problem, please take this picture: https://cdn2.peterdavehello.org/wp-content/uploads/2016/04/status.png Many thanks!" peterdavehello 44 36479 Improve autosave in the browser Autosave normal normal defect (bug) new 2016-04-11T14:55:10Z 2019-06-04T19:36:24Z "Several improvements that can make this quite better: - Try to better detect when a restore may be needed. - Make in-browser autosaves a ""higher priority"" than remote/server autosaves. The in-browser content is fresher. If both are available, prefer/emphasis the in-browser data. - Add some subtle, always present UI for restoring a post from in-browser autosave. This should (probably) be only available before the users start typing. - Consider adding the in-browser data to the revisions or display a preview/diff with the current data in some other way. " azaozz 36486 is_apache in vars.php does not always work has-patch Rewrite Rules 4.4.2 normal normal Awaiting Review defect (bug) new 2016-04-11T22:42:10Z 2019-05-12T17:30:01Z "The $is_apache variable does not always work when using an Apache module like security2_module with the SecServerSignature option. By removing the word ""Apache"" from the name of the server vars.php will no longer detect that the server is Apache. A simple solution is to add an addition check: || function_exists('apache_get_version')!== false Any Apache only function will work. See attached patch from WP 4.4.2 I discovered this caused issues with the RewriteRules, randomly WordPress would add index.php/ within the permalinks when editing the permalink options in the wp-admin. Not sure if this should be called a bug or an enhancement, leave it up to core team to decide that. I would not remove the first 2 checks though, it is possible that the apache_get_version is disabled in the php.ini. I would recommend adding the option to the current checks just to be 100% sure." amandato 3 36492 Add `WP_Post_Status` class dev-feedback Posts, Post Types 3.0 normal normal enhancement reviewing 2016-04-12T10:30:14Z 2019-06-04T20:56:46Z "Similar to #36217 and #36224, a dedicated class for post statuses would make it easier to work with those as they are currently represented through raw objects. The global variable `$wp_post_statuses` would then hold objects of `WP_Post_Status` which would provide the benefits of autocompletion in IDEs, and we could possibly add methods to the class in the future to make post status management easier." flixos90 16 36499 featured image, image upload reporter-feedback General 4.5 normal normal defect (bug) new 2016-04-13T01:35:59Z 2019-06-04T19:57:19Z "Using Avada theme with WP4.5, many elements have broken since WP4.5 update. Including: Slidedeck Slider shows ini_set errors and load.php errors Fusion Slider - stuck at spinning wheel trying to load slides Featured Images for blog posts not showing Add Media into post or page (images wont load to select from) Surprised this update has affected just about all my sites (about 200) which updated automatically. Now I am trying to revert them all to 4.4x How did you guys drop the ball this time?" diskmandotnet 3 36507 Invalid URLs in network admin when WP Core is in custom subdirectory dev-feedback Networks and Sites normal normal Awaiting Review defect (bug) reopened 2016-04-13T09:47:36Z 2022-11-16T23:54:54Z "In my setup, I have WordPress Core in a custom subdirectory, so my home URL for a site is like `http://example.com` while my site URL is like `http://example.com/core`. In the network admin area, this results in invalid links since the `network_site_url()` function does not check whether WordPress is installed in a custom subdirectory. The links have a path like `/wp-admin/network/...` although they should have a path like `/core/wp-admin/network/...`." flixos90 11 36512 Color picker has disappeared from input in custom post type. reporter-feedback Administration 4.5 normal normal defect (bug) new 2016-04-13T14:55:37Z 2022-07-07T17:30:40Z "In a custom plugin I've created some metaboxes with color picker fields. Here how I call the color picker style : {{{ add_action( 'admin_enqueue_scripts', 'le_chiffre_add_color_picker' ); function le_chiffre_add_color_picker( $hook ) { // $hook to apply a check for admin page. wp_enqueue_style( 'wp-color-picker' ); wp_enqueue_script( 'custom-script-handle', plugins_url( 'custom-script.js', __FILE__ ), array( 'wp-color-picker' ), false, true ); } }}} the HTML input (created dynamically): {{{ <input class=""color-field"" placeholder=""#FFCC00"" id=""_chiffre_bgcolor"" name=""_chiffre_bgcolor"" value=""#c61d4c"" size="""" type=""text""> }}} and the js for my input fields, loading the color picker: {{{ (function( $ ) { // Add Color Picker to all inputs that have 'color-field' class $(function() { $('.color-field').each(function(){ $(this).wpColorPicker(); }); }); })( jQuery ); }}} With WordPress 4.4.2 everything worked like a charm (I even did a reverse from 4.5 to 4.4.2 to be sure of it) and now with the 4.5 version, the color picker doesn't show up on my fields... I didn't found anybody having the same issue. Have a nice day David THOMAS " anou 3 36527 Add a 'wp-' prefix to ALL admin classes to prevent CSS conflicts Administration normal normal enhancement new 2016-04-14T12:37:34Z 2019-06-04T19:36:44Z Long story short, in any front end editors, which WP itself seems to be moving towards with the Customizer, there are lots of admin elements that are not prefixed and can quickly begin to conflict. Some examples are .button, .textarea, etc. I'd love to see all admin classes add a prefix of `.wp-` mrpritchett 2 36532 Allow Reordering of Available Widgets Widgets normal normal enhancement new 2016-04-14T21:12:22Z 2019-06-05T06:44:15Z "It's common to see sites with 20 or even 30 widgets, even when the site user only needs a few of them: - Example 1: Core still ships with Tag Cloud and Meta widgets that I'd guess are barely ever used. - Example 2: It's always a bummer that the Text widget starts with ""T""... - Example 3: Jetpack adds a bunch of widgets, but I often only need one. Yesterday, I observed a client trying to drag-and-drop reorder the list of Available Widgets. I thought that was a perfectly reasonable thing to try, and realized I would love to do that on every site. This seems even more reasonable considering that a user can already reorder Inactive Widgets. I considered requesting that each widget be togglable via Screen Options, but I realize this wouldn't quite make sense given that a user could then hide an existing widget type. So among the options I can think of, I think the ability to reorder Available Widgets would be a relatively minor UI change with a potentially large UX improvement!" mrwweb 3 36556 has_cap was called with an argument Users 4.4.2 normal normal defect (bug) new 2016-04-17T04:14:45Z 2019-06-05T06:44:17Z "I am seeing this error message in one of the site Notice: has_cap was called with an argument that is deprecated since version 2.0! Usage of user levels by plugins and themes is deprecated. Use roles and capabilities instead. in ~/wp-includes/functions.php on line 3737 I understand it's probably because of one of the plugin or theme probably called a numeric user level instead of a capability name. But maybe we could create a backfill kind of approach here. " Asif2BD 36557 WordPress Version 4.5 Upgrade Failure Upgrade/Install 4.5 normal normal Awaiting Review defect (bug) reopened 2016-04-17T04:27:36Z 2017-07-05T20:12:57Z "Upgrade to Version 4.5 failing in one of my site. The wp-admin/update-core.php?action=do-core-upgrade page comes blank with normal admin menu and sidebar. Upon further investigation I found those in source {{{ <!-- Ticket #11289, IE bug fix: always pad the error page with enough characters such that it is greater than 512 bytes, even after gzip compression ... (3 line of random char) .... --> }}} And at the end of the page {{{ <body id=""error-page""> <p>Are you sure you want to do this?</p><p><a href='https://domain.tld/wp-admin/update-core.php'>Please try again.</a></p></body> }}} I cleaned cache, re-logined, still same. Any plugin updates works perfectly, not just the core. Server NGINX 1.9.10, PHP 7.0.5, from WordPress 4.4.2 " Asif2BD 3 36559 "Using ""widget"" as part of setting title breaks the customizer since 4.5" close Customize 4.5 normal normal Awaiting Review defect (bug) new 2016-04-17T10:02:56Z 2021-05-23T19:49:48Z "Hi, My theme ""'''Indie'''"" had several customizer options that have the word ""Widget"" as part of the '''add_setting''' and '''add_control''' title: {{{ 'widget_bg' 'widget_txt' 'widget_txt_highlight' 'widget_txt_highlight_hover' }}} This broke the customizer completely showing no options other than the widget panel. I've replaced these names and the customizer works again. This problem was reported to me since 4.5 release. Thanks Steven" steven_gardner 7 36564 Last Modified for Comments needs-unit-tests Comments 4.4 normal trivial Future Release enhancement new 2016-04-17T20:44:59Z 2017-02-12T10:37:16Z "Related #28463, #19495. Posts have a last modified and last modified gmt, but comments have no such thing. There are several proposals indicating a need for comment revision, or tracking when the comment is first created. Wanted to explore the idea of having last modified and last modified gmt stored as comment meta triggered by update_comment as a simple, low impact way of adding this feature that could be used by a variety of plugins. This could be implemented by plugin hooking to edit_comment, but if such a feature is to be useful, it needs a standard storage format." dshanske 7 36579 global $wp_rewrite not set when create_initial_post_types() first run Posts, Post Types 4.4 normal normal enhancement new 2016-04-18T17:59:18Z 2019-06-04T20:57:05Z "The global $wp_rewrite is set in wp-settings.php, after create_initial_post_types(). If you want to hook into the 'register_post_type_args' filter, to set `$args->rewrite` then you currently have to jump through hoops to avoid an `Uncaught error Call to a member function add_rewrite_tag() on null` Could the call to set `$GLOBALS['wp_rewrite']` be moved to before `create_initial_post_types()`? Or perhaps some defensive programming in `rewrite.php` to test if $wp_rewrite is set. Functions `add_rewrite_tag` and `add_permastruct` are candidates for that change. " bobbingwide 3 36581 Customizer Header Image Control should extend the cropped image control Customize 3.9 normal normal Future Release enhancement new 2016-04-18T19:55:06Z 2019-05-29T17:36:05Z "`WP_Customize_Header_Image_Control` was written (in 3.9) before all of the other customizer media controls were refactored to use the media library (in 4.1) and additional controls were introduced (in 4.2 and 4.3). It uses an almost entirely separate codebase right now, and by merging it back in to use the newer functions, future enhancements can be made in fewer places to apply to more controls, and the cropped-image control will likely benefit with some new reusable features as well. Additionally, this cleanup will simplify the codebase and make it much easier to contribute to and understand the way the headers UI works, and why. Ideally, we would be able to use `WP_Customize_Cropped_Image_Control` directly for header images by bringing more features that are currently specific to headers to all media controls. However, in practice we may end up needing it to remain a distinct control for various reasons. Regardless, it should extend WP_Customize_Cropped_Image_Control directly and make use of its functions in both PHP and JS where possible. Additionally, it should leverage the core API for JS-templated contols introduced in 4.1. See #29211, and #32861, which would likely be fixed in the process of implementing this ticket." celloexpressions 7 36582 Export main query from Customizer preview Customize 4.0 low normal Future Release enhancement assigned 2016-04-18T20:45:09Z 2021-05-23T19:56:36Z "Controls, sections, and panels in the Customizer support the concept of an active state (#27993) which controls whether or not the control is contextual to the current query. Controls may want more information than whether to hide/show, but to show contextual information based on which kind of query is loaded in the Customizer preview, such as if it `is_singular` or which post specifically was queried. This information should be exposed from the Customizer preview to the pane as well. An initial implementation of this has been implemented in the Customize Posts feature plugin: https://github.com/xwp/wp-customize-posts When the preview syncs the `WP_Query` data from the preview to the pane, the data should get sent along with the `ready` message along with the `activeControls`, `activeSections`, and `activePanels` data. When the data is received by the pane, it should get populated into a model which can have events attached to it. For example, a `wp.customize.Values` instance could be used as a collection to represent the query_vars. Or there could be one single `wp.customize.Value` that stores the exported `WP_Query` data in like `wp.customize.previewedQuery` which plugins could then listen to changes on. For example: {{{#!js wp.customize.previewedQuery.bind( function( newQuery, oldQuery ) { if ( newQuery.is_singular !== oldQuery.is_singular ) { if ( newQuery.is_singular ) { // We switched to a singular template! } else { // We switched to a non-singular template! } } } ); }}} Some thought will need to be given to how a JavaScript object is used to represent `WP_Query`. See Slack: https://wordpress.slack.com/archives/core-customize/p1461011732000103" westonruter 8 36595 can't set post_modified in wp_insert_post, becomes post_date dev-feedback Posts, Post Types 1.0 normal normal defect (bug) new 2016-04-19T15:34:29Z 2020-04-01T19:46:50Z "When manually instering a post, post_modified isn't working, it becomes the post_date {{{#!php <?php $wp_test = array( 'post_title' => 'test', 'post_content' => 'test', 'post_status' => 'publish', 'post_type' => 'test', 'post_author' => 1, 'post_date' => '2015-01-22 22:00:12', 'post_modified' => '2016-04-18 12:12:12', 'comment_status' => 'closed' ); wp_insert_post( $wp_test ); }}} outcome: post_modified = '2015-01-22 22:00:12'" gijsgg 10 36603 wp_publish_post() does not fire post_updated action has-patch Posts, Post Types 4.6 normal normal enhancement new 2016-04-20T13:25:14Z 2019-06-04T20:57:19Z "{{{ do_action( 'post_updated', $post_ID, $post_after, $post_before); }}} Gives convenient access to before/after state of the post for actions that are conditional on exact changes performed. `wp_publish_post()` inconsistently doesn't fire this hook, even though it does fire `edit_post` and `save_*` hooks that come before and after it. This makes it impossible to rely on `post_updated` hook since it will never fire for any update performed by `wp_publish_post()`." Rarst 8 36610 Loss of multibyte category and tag names Taxonomy normal normal defect (bug) new 2016-04-20T22:40:40Z 2019-06-04T21:22:20Z "Some multibyte category and tag names can be lost during creation. Example: create a category with the name `テテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテAAA`. It is 201 bytes long and will be truncated by `$wpdb->strip_invalid_text_for_column()` to 200 bytes (`テテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテAA`) before the category is created. However, the category name `AAAテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテテ` is also 201 bytes, but when it is truncated to 200 bytes, it splits a multibyte character, so when `wp_check_invalid_utf8()` gets called, it will truncate the string to zero bytes out of an abundance of caution, since the string ends with something that is not valid utf8. It's clear that the category creator was not submitting invalid utf8, and the true goal of `$wpdb->strip_invalid_text_for_column()` was to ensure that the text would fit in the DB column without auto-truncation by the DB engine, so the ideal behavior should be that the string is truncated to the longest possible length that remains valid and fits within the column. One way to get around this data loss would be a wrapper around `wp_check_invalid_utf8()`. If `wp_check_invalid_utf8()` fails, chop a single byte off the end of the string and check it again, up to the point where you have checked the string without the last five bytes (as I believe that the longest a single character can be is six bytes, although I'm not positive about that and I think anything longer than four bytes is mostly theoretical). Or, fix `$wpdb->strip_invalid_text_for_column()` so that it doesn't truncate in the middle of a multibyte character. There might be a solution lurking in mb_strlen(). If `wp_check_invalid_utf8()` returns an empty string, take bytes off of the original string (up to 5 bytes) until `mb_strlen()` returns a smaller number and then try `wp_check_invalid_utf8()`. Configuration details: Tested in WordPress trunk (4.5-RC1-37153) and PHP 5.2.17 Here's my `wp_terms` structure: {{{ CREATE TABLE `wp_terms` ( `term_id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, `name` varchar(200) NOT NULL DEFAULT '', `slug` varchar(200) NOT NULL DEFAULT '', `term_group` bigint(10) NOT NULL DEFAULT '0', PRIMARY KEY (`term_id`), KEY `slug` (`slug`(191)), KEY `name` (`name`(191)) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; }}} See #36393 for discussion of a similar (but now-fixed) bug." cfinke 36634 `register_post_status()` default causes notices in post list table has-patch Posts, Post Types normal normal defect (bug) new 2016-04-22T15:14:08Z 2019-06-04T20:57:24Z "The default value for the `$label_count` parameter in `register_post_status()` is an ""array of `$label`, twice."" As far as I can see, `$label_count` is used only once in core: in `WP_Posts_List_Table::get_views()`, where it's passed to `translate_nooped_plural()`. However, `translate_nooped_plural()` assumes the array it receives was generated through `_n_noop()` or similar. So the default `$label_count` value leads to undefined-index notices for each of the expected array keys when viewing the list table. To replicate, register a post status with these args, assign a post the 'test' status, and view the post list table: {{{ add_action( 'init', function () { register_post_status( 'test', array( 'label' => 'Test', 'show_in_admin_status_list' => true ) ); } ); }}} The attached patch would fix the notices by checking the `$nooped_plural` keys in `translate_nooped_plural()` and attempting to return a fallback value. Also, even though `$label_count` is an optional argument, it looks to me like developers are expected to register it as the list table expects. So, the patch would add a `_doing_it_wrong()` call to `register_post_status()` when no `$label_count` is included. This does, however, also flag the `auto-draft` and `inherit` statuses." dlh 36641 WP_Term method __toString needs-unit-tests Taxonomy normal normal Awaiting Review enhancement new 2016-04-22T20:59:58Z 2017-02-05T14:18:20Z "I think that this is good idea. For example: {{{#!php <?php echo '<pre>'; var_dump(implode(', ', get_the_terms( get_the_ID(), 'category' ))); echo '</pre>'; ?> }}} I have ```string(**) ""Cat 1, Cat 2""``` " sebastian.pisula 1 36642 Add function to generate `image-set` attribute Media 4.6 normal normal enhancement new 2016-04-22T22:40:33Z 2019-06-04T20:24:09Z "This is a follow-up to #33641. It would be great to have a function that we can use to generate a `image-set` attribute, to support responsive images as background's on elements. See: https://drafts.csswg.org/css-images-3/#image-set-notation See: http://caniuse.com/#search=image-set Or this too early for such a request? It would be great to get it on the radar for the future." dbaker 1 36652 Use meta_value in a meta query to decide type format in SQL clause ericlewis dev-feedback Query normal normal enhancement reviewing 2016-04-23T19:27:08Z 2019-06-04T20:57:29Z "The SQL clause generated for a meta query [https://github.com/WordPress/WordPress/blob/4.5/wp-includes/class-wp-meta-query.php#L628 quotes the `meta_value` in a string]. This means that if there's a post with a postmeta field for likes set to 2 and you run the query looking for posts with 10 or more likes {{{ #!php <?php $query = new WP_Query( array( 'meta_query' => array( array( 'key' => 'likes', 'value' => 10, 'compare' => '>=' ) ) ) ); }}} the query will return the post with 2 likes. This is because the SQL is doing a string comparison, as both the column value and the compared-to value are strings. The fix for the developer is to supply a `type` parameter like `NUMERIC` in the meta query clause which coerces a numeric MySQL comparison. We could use the meta_value's type to decide the type format the value takes in the SQL clause, so that a query like this works as expected without the `type` parameter. This was [https://core.trac.wordpress.org/ticket/27272#comment:13 suggested] by @boone in #27272." ericlewis 6 36655 Enhancement: Add datetime column to options table. needs-unit-tests Options, Meta APIs normal normal enhancement new 2016-04-24T15:04:51Z 2019-06-04T20:57:35Z "== Proposal == The options table in WordPress is a great key/value storage option for a wide variety of different data used by core and plugins. One improvement that would increase its utility for faster time based queries on data stored there is to add a DATETIME column. == Some examples where this benefit could be realized: == === Example 1: Transient storage. === Currently, when there is no object-cache in use, transients are stored to the wp_options table. However, for each transient there are two records. One for the actual key/value pair and then one for any timestamp set as the transient expiry. Having a datetime column would allow the transient to always only consist of one record and thus make any queries interacting with transients much simpler. === Example 2: Arbitrary plugin data using the options table for its own scheduled tasks. === A lot of plugins are using the transient system wrong because it's not intended for indicating minimum age. Having a datetime column would provide the database schema in WordPress core that allows for plugins to implement their own ""minimum/maximum age"" apis. === Example 3: Tracking creation/modification times. === Having a datetime column would allow for indicating when a key/value pair was created and/or modified which could be useful for plugins that have need to do so. === Example 4: Scheduled settings/options. === Having a datetime column could allow for scheduled changes with a sites configuration and thus more advanced previews/site preparation, (think adding scheduled changes to site title, or site description via the customizer). Having a datetime column makes such schedules simpler to implement. == Implementation == === Schema === {{{ option_date datetime NOT NULL default '0000-00-00 00:00:00' }}} === Iterations: === 1. Add the column and modify options api to expose the new column to queries (get_option, update_option, site option functions etc). 2. Convert transient API to implement new option_date column for setting expiries when object-cache is not in use. == Who and When == I'd be willing to spearhead putting some patches together and getting the initial code going but before I invest some time in this I'm just testing the waters to see if this is even something that would be considered/welcomed for core. I'm not aware of any potential conflicts this may pose with the purpose for the option table but if there are any I'm sure I'll find out! I definitely don't see this as going in 4.6 but it might have potential for 4.7 if work begins fairly soon. " nerrad 1 36656 Improve UX on Add New User screen joedolson* Users normal normal Future Release enhancement accepted 2016-04-24T17:03:48Z 2023-10-20T01:25:26Z "While working with Multisite recently, I noticed that the Add New User screen can be quite cumbersome to work with. The screen currently serves two purposes: 1. Add existing user to site 2. Create a new user and add them to the site It may make sense to have two different forms for that, but these are currently nearly identical, leading to user confusion. Here's an example: [[Image(https://cldup.com/FSMdB2Gtdp.png)]] I'd love to improve the UX on this screen, ideally by combining these forms and then use some JavaScript to conditionally display/hide the email field only needed when creating a new user. Alternatively, tabs could be leveraged to have each form on a separate page. Thoughts? Note: I also wrote a simple proof-of-concept plugin called [https://wordpress.org/plugins/simple-user-adding/ Simple User Adding] that could be used as a playground for this enhancement." swissspidy 29 36663 "Wordpress 4.5 Query Strings Replacing ""."" with ""_""" reporter-feedback Administration 4.5 normal normal defect (bug) new 2016-04-25T17:07:37Z 2019-06-04T19:37:19Z "As of Wordpress 4.5, any query strings using a ""."" will get converted to a ""_"". While i understand that PHP doesn't support a period in a query string value, there are instances where query strings with periods are used by JavaScript and need to be retained. For example, the Webtrends analytics platform uses periods in most of their analytics query string values. For example, they use ""wt.mc_id"", ""wt.z_mce"", and ""wt.dl"". It appears that changes to 'wp-includes/canonical.php' in 4.5 cause these periods to be visually and functionally converted to underscores when the pages loads. Interestingly, this only happens on pages and not posts. Can we get the functionality put back the way it was so that the periods are retained, as this update will break Webtrends functionality, as well as any site using JavaScript that expects a period in a query string value?" michael.bucklin 8 36666 Enhance `remove_theme_support()` so that it can take additional arguments dev-feedback Themes 3.0 normal normal Awaiting Review enhancement new 2016-04-25T18:21:45Z 2018-05-15T17:08:21Z "Sometimes we might need to use the function `remove_theme_support()` to only support specific details of a specific theme feature, in particular it would be useful to be able to remove support for specific post formats or remove post thumbnail support for specific post types (related to #22080 for example). These checks would need to happen in a `switch` statement, similar to the other theme support functions, and we would need to handle additional arguments. For example, it should be possible to do `remove_theme_support( 'post-formats', 'video' )` to remove support for the video post format." flixos90 19 36670 Move CAST to right-hand side of comparison in meta query Query 3.1 normal normal enhancement new 2016-04-26T04:40:41Z 2019-06-04T20:57:40Z "The SQL clause created by a meta query [https://github.com/WordPress/WordPress/blob/4.5/wp-includes/class-wp-meta-query.php#L634 CASTs the column value] `postmeta.meta_value` and compares it to the value provided in the meta query, a la `CAST(postmeta.meta_value AS CHAR) = 'some-value'`. Casting a column value instead of a constant means that MySQL will ignore an index for that column if one exists. Although core does not define an index for the `meta_value` column, a user could create one for perf reasons. Switching the side of the CAST would result in the same two types, just on different sides `postmeta.meta_value = CAST('some-value' AS CHAR)` That means [http://dev.mysql.com/doc/refman/5.7/en/type-conversion.html MySQL's type conversion] will work the same as it did previously. #36649 would need to be completed before this. Related: #27272, #36625" ericlewis 36680 "Audio player with preload=""metadata"" shows incorrect duration for audio files 1 hour or longer" Media 4.5.1 normal normal Awaiting Review defect (bug) new 2016-04-27T04:29:12Z 2017-09-20T21:29:57Z "For an audio file that's longer than one hour, using the audio player shortcode with preload=""metadata"" shows an incorrect duration for the audio when the page loads. The hours are chopped off. So an audio that is 1:07:45 in duration will erroneously display 07:45 upon loading. Then when the audio file is played, the correct duration pops in, but this causes the volume control to disappear, so the volume can no longer be adjusted while the clip is playing. Many podcasts are longer than an hour in duration. For a demonstration of the bug, see audio 16 on this page, which is 1:07:45 in duration: http://www.stevepavlina.com/audio/" Dexterity 5 36686 plugin_row_meta hook for specific plugin Plugins 4.5.1 normal normal enhancement new 2016-04-27T13:39:15Z 2019-06-04T20:57:51Z "Hello WordPressers, It is my first post here. So please forgive me if something is wrong. What I see here https://core.trac.wordpress.org/browser/tags/4.5.1/src/wp-admin/includes/class-wp-plugins-list-table.php#L773 plugin_row_meta is a filter hook available but It is not available for specific plugin like we have ""plugin_action_links_{$plugin_file}"" available here https://core.trac.wordpress.org/browser/tags/4.5.1/src/wp-admin/includes/class-wp-plugins-list-table.php#L682 Shouldn't there be a ""plugin_row_meta_{$plugin_file}"" filter to call on specific plugins ?? " hiddenpearls 1 36691 "Ability to disable ""Password Protected"" post option" Role/Capability normal normal Awaiting Review enhancement new 2016-04-27T19:19:02Z 2018-03-10T17:59:50Z "We don't want any of our posts accidentally being published as ""password protected."" It would be helpful to have a filter to disable that part of the UI." paulschreiber 6 36694 [Pages] [Edit Page] Changing the Permalink URL updates the displayed anchor text, but not the HREF (URL) property reporter-feedback Permalinks 4.5.1 normal normal defect (bug) new 2016-04-27T23:25:56Z 2019-06-04T20:57:57Z "Steps to reproduce: 1. Create a page or post 2. Edit said page or post 3. Change the Permalink URL using ""Edit"" button next to displayed permalink 4. Click OK button after updating Permalink URL Observe. Expected: the anchor link text is updated and the anchor link HREF property is updated to the new value input in the field Actual: the anchor link text is updated but the anchor link HREF property remains the same." setsailmedia 3 36696 WP_Meta_Query can give wrong results when comparing large numbers Query 3.8.1 normal normal defect (bug) new 2016-04-28T02:23:43Z 2019-06-04T20:58:03Z "This is a follow on from #27272. Using quoted numbers can trigger MySQL to do floating-point type conversion (last two points in the first bullet list in http://dev.mysql.com/doc/refman/5.7/en/type-conversion.html): > * If one of the arguments is a decimal value, comparison depends on the other argument. The arguments are compared as decimal values if the other argument is a decimal or integer value, or as floating-point values if the other argument is a floating-point value. > * In all other cases, the arguments are compared as floating-point (real) numbers. Currently number literals are quoted in `WP_Meta_Query`, whereas the LONGTEXT `meta_value` column is cast to the passed-in meta `type`. Thus when a number literal (quoted string) is compared to the `meta_value` column (cast to SIGNED/UNSIGNED meta `type`), floating-point type conversion is evoked. If the numbers involved are larger than the floating-point precision (53 bits), then incorrect comparisons can occur. You can see this happening in the `mysql` client by using the 54 bit numbers 9007199254740992 (`0x20 0000 0000 0000`) and 9007199254740993 (`0x20 0000 0000 0001`): {{{ select '9007199254740992'+0.0, '9007199254740993'+0.0, '9007199254740992'+0.0 < '9007199254740993'+0.0; }}} which will return: {{{ +------------------------+------------------------+-------------------------------------------------+ | '9007199254740992'+0.0 | '9007199254740993'+0.0 | '9007199254740992'+0.0 < '9007199254740993'+0.0 | +------------------------+------------------------+-------------------------------------------------+ | 9.007199254740992e15 | 9.007199254740992e15 | 0 | +------------------------+------------------------+-------------------------------------------------+ }}} (Note the results are system dependent.) A way around this is to not quote number literals, as in the proposed patch, based on @wonderboymusic's [https://core.trac.wordpress.org/ticket/27272#comment:5 ""27272.2.diff""]. It's been switched (ahem) to an if-elseif-else statement to easily allow cases like `DECIMAL(10,2)` etc to be added. (Note the patch attached here also fixes a regression I introduced in previous proposed patches on the #27272 ticket re casting on `LIKE`/`NOT LIKE`.) This issue relates to #36652 (using the PHP type of the meta `value` to determine cast), and the proposed patch should facilitate it. This issue also relates to #36625 (don't bother `CHAR` casting `meta_value` column), and the proposed patch shouldn't impact on a fix for that. " gitlost 1 36704 Delete Plugin not compatible with Bulk Actions Plugins 4.5.1 normal normal defect (bug) new 2016-04-28T19:56:38Z 2019-06-04T20:58:09Z "`delete_plugins()` has a `foreach` loop which calls `uninstall_plugin()` which defines a constant: {{{ define('WP_UNINSTALL_PLUGIN', $file); }}} A constant cannot be defined twice. If several plugins are selected for bulk deletion and two of these have uninstall.php, only the first one will see the expected constant value. For example, Jetpack's uninstall.php dies immediately when the constant contains an unexpected value. This prevents the code at the end of `delete_plugins()` finishing the job for the plugins that were uninstalled and deleted. (Jetpack's uninstall.php isn't exactly doing it right, but it's a very real example.) The obvious fix is to remove Delete from bulk actions on the Plugins page. This leaves the working parts in working order and buys time to rewrite the delete/uninstall API to work with a bulk delete function if this is desirable. Part of the rework would involve rewriting `uninstall_plugin()` and the uninstall.php pattern so that it can return a `WP_Error` instead of dying. This way, `delete_plugins()` could continue without leaving the work of `delete_plugins()` incomplete for the plugins that were uninstalled. I propose removing Delete from bulk plugin actions until the uninstall API is made compatible with bulk deletion." andy 1 36705 Read-only plugins are uninstalled before deletion fails Plugins 4.5.1 normal normal defect (bug) new 2016-04-28T20:06:04Z 2019-06-04T20:58:14Z "Plugin uninstall happens before deletion is attempted. If the plugin's files are read-only, the plugins list action says ""Delete"" but all that happens is uninstall and an error. Plugins that cannot be deleted because they are read-only in the filesystem should not have Delete buttons. `is_writable()` should be checked while constructing the actions. If read-only, either remove the button or replace it with an action which deletes the plugin's data and leaves the files. I prefer the latter." andy 1 36710 Symlinked directories should not be deleted recursively has-patch Filesystem API normal major Future Release defect (bug) new 2016-04-28T21:51:47Z 2023-06-20T03:06:48Z "When deleting a symlinked plugin, the current behavior is to recursively delete everything in the plugin's real directory and then fail to unlink the symlink because rmdir won't work on a symlink. This is probably not what the site admin intended when they installed the plugin via a symlink. The desired behavior is to unlink only the symlink, leaving the external directory intact so that other symlinks remain intact. My patch fixes this in WP_Filesystem rather than in the plugin deletion logic because it seems generally applicable to the use cases for symlinks. What makes this hard is that trailing slashes are significant when dealing with symlinked directories. The trailing slash causes the link to be followed: {{{ is_link('/link/') => false is_link('/link') => true }}} The patch fixes deletion of symlinked plugins: it unlinks the symlink and leaves the real files intact. It should be carefully checked against other uses of delete because they might not include the trailing slash. In such cases, adding a trailing slash to the new `is_dir()` check might help. Could be a minefield, could be fine. Related to #29408 but not a duplicate." andy 26 36712 Paragraph tags removed from div elements if script tag is present Formatting 4.5.1 normal normal defect (bug) new 2016-04-28T23:51:32Z 2019-06-04T19:57:41Z "I honestly have no idea how to summarize this bug (therefore my lousy title), so I'll best skip right to how to reproduce it. - Get 10 paragraphs of text from Lorem Ipsum, and paste it to your visual editor. - Switch to the text editor and wrap the first 5 paragraphs in a div, and wrap the last 5 in a second div. - After the first paragraph in each div, simply write <script></script> - Switch between Visual and Text editor, and watch the paragraphs in the second div disappear. For you convenience, you can copy the template from here, instead of typing it manually: http://pastebin.com/PFYj885M If the paragraphs don't disappear after the first switch from text to visual, do it a couple of more times. I tried it on a fresh new install using the Twenty Sixteen theme. I encountered this bug while having a couple of Instagram embeds on the same page, all of which loaded a script. " dankop 36715 Contextual help to describe what roles are Users normal normal enhancement new 2016-04-29T02:32:32Z 2019-06-05T06:44:20Z "Roles are not exactly self-explaining ""What's the difference between a contributor and an author?"" is probably a confusing question for new users. We have help text to describe what roles are in the Help dropdown on the Add New User page, but it's rather out of the way. I'd like to suggest moving this help text closer to its context, in the form of a tooltip next to the Role dropdown in the Add New User form." ericlewis 5 36722 "No way to access media ""Attachment Display Settings"" using wp.media" Media 4.5.1 normal normal defect (bug) new 2016-04-29T15:55:47Z 2020-03-12T05:51:47Z "I am using custom wp.media request to get WP Media uploader iframe on front end. Added scripts, styles and media: {{{ wp_enqueue_script('jquery'); wp_enqueue_media(); wp_enqueue_style( 'wp-admin' ); }}} then I am using JS to open the Media iframe: {{{ var custom_uploader; jQuery(document).ready(function($){ if (custom_uploader) {custom_uploader.open();return;} var parent_container = parent.document.body; custom_uploader = wp.media.frames.file_frame = wp.media({ frame: 'post', state: 'insert', title: 'Choose Image', library : {type:'image'}, button: {text: 'Choose Image'}, multiple: false }); custom_uploader.on('insert',function(){ var attachment = custom_uploader.state().get('selection').first().toJSON(); console.log( attachment ); }); custom_uploader.open(); }); }}} after selecting needed image, link and size I get the result: {{{ {""id"":2182,""title"":""WordPress"",""filename"":""WordPress.jpg"",""url"":""http://localhost:8080/mgwebthemes.com/uploads/2015/05/WordPress.jpg"",""link"":""http://localhost:8080/mgwebthemes.com/wordpress/"",""alt"":"""",""author"":""1"",""description"":"""",""caption"":"""",""name"":""WordPress"",""status"":""inherit"",""uploadedTo"":2166,""date"":""2015-05-13T09:09:47.000Z"",""modified"":""2015-05-13T09:09:47.000Z"",""menuOrder"":0,""mime"":""image/jpeg"",""type"":""image"",""subtype"":""jpeg"",""icon"":""http://localhost:8080/mgwebthemes.com/wp-includes/images/media/default.png"",""dateFormatted"":""13/05/2015"",""nonces"":{""update"":""2d7619f512"",""delete"":""725c6d8639"",""edit"":""709844b592""},""editLink"":""http://localhost:8080/mgwebthemes.com/wp-admin/post.php?post=2182&action=edit"",""meta"":false,""authorName"":""admin"",""uploadedToLink"":""http://localhost:8080/mgwebthemes.com/wp-admin/post.php?post=2166&action=edit"",""uploadedToTitle"":""Test"",""filesizeInBytes"":8990,""filesizeHumanReadable"":""9 kB"",""sizes"":{""thumbnail"":{""height"":150,""width"":150,""url"":""http://localhost:8080/mgwebthemes.com/uploads/2015/05/WordPress-150x150.jpg"",""orientation"":""landscape""},""full"":{""url"":""http://localhost:8080/mgwebthemes.com/uploads/2015/05/WordPress.jpg"",""height"":249,""width"":201,""orientation"":""portrait""}},""height"":249,""width"":201,""orientation"":""portrait"",...} }}} it does not contain any Attachment Display Settings options." chattyboy 2 36737 Single site reachable on multiple subdomains always redirected to site_url close Canonical 4.5 normal normal Awaiting Review defect (bug) new 2016-05-03T07:21:29Z 2021-01-14T22:11:33Z "We run a site which is reachable by multiple subdomains (nb. not multisite) For example customer1.site.nl, customer2.site.nl. A plugin uses the subdomain to display different data for each customer. The site url is set to www.site.nl. Since a recent update this stopped working. The visitor is always redirect to the site url www.site.nl. I tracked down the problem to canonical.php. When I replace this file with the version from 4.4.2 the old behaviour is back, ie. the subdomains are not redirected. There are no rewrite rules for these sub domains. " jsoft 5 36738 No validation for $post_date_gmt parameter has-patch Posts, Post Types 4.5.1 normal normal defect (bug) new 2016-05-03T11:52:59Z 2019-06-04T20:58:26Z "1) When publishing a post via `wp_insert_post()`and the `$post_date_gmt` parameter has a wrong format it's silently set to `0000-00-00 00:00:00`. 2) If `$post_date` is omitted in the parameter array WP tries to determine it from `$post_date_gmt`. A wrong formatted `$post_date_gmt` leads to a `post_date` of `1970-01-01 00:00:00`. Just like `$post_date`it should throw an error to give a programmer the right hint for his malfunctioning code. " Latz 1 36746 WP v4.5.1 broke something in the Permalinks settings Permalinks 4.5.1 normal normal defect (bug) new 2016-05-04T00:41:24Z 2019-06-04T20:58:32Z "WP v4.5.1 broke something in the Permalinks settings. The Plain Permalink settings do work, though: http://domain/?p=123 One weird thing I saw just now while I was trying different Permalink settings is that several times the word ""blog"" appeared in all the Common Settings example URLs when it never had before. For instance: http://domain/blog/2016/05/04/sample-post/ But it is no longer there now. Now that Day and name common setting shows as: http://domain/2016/05/04/sample-post/ " voidPortal 5 36760 Intermittent empty returns from get_post_meta function after 4.5 upgrade Options, Meta APIs 4.5 normal normal defect (bug) new 2016-05-05T02:45:08Z 2019-06-04T20:58:39Z "I've seen this reported several times, but the reporters failed to properly explain the issue and the tickets were closed. Since the 4.5 upgrade I am seeing intermittent issues in my custom plugin (which has worked for years and hasn't changed) where the get_post_meta function is used if the request is made via ajax or by calling a custom endpoint. Rolling back the 4.5 upgrade has resolved these issues. The same function called with exactly the same arguments will return the meta data value one minute and return an empty string the next (with single on). The data in the database is unchanged. Logging shows the post id and meta key are the same, only the return value is different. It always seems to work as part of a regular page request (not ajax, not custom endpoint). Sometimes the function works correctly for 24 hours, then fails several times. I can't identify any pattern but suspect the meta cache / session. I tried doing a meta cache update for the object before calling get_post_meta, but the problem still occurred. In Googling I've found several people reporting issues related to get_post_meta after the 4.5 update. Please take a look!" amberau 1 36765 Remove Legacy Code from pingback_ping needs-unit-tests Pings/Trackbacks 4.1 normal normal defect (bug) new 2016-05-05T14:59:53Z 2019-06-04T20:58:45Z "Proposing we remove the legacy conditional url_to_postid and //$way debugging line leftover from [30139]. {{{ / let's find which post is linked to // FIXME: does url_to_postid() cover all these cases already? // if so, then let's use it and drop the old code. }}} Related: #34419 " dshanske 6 36766 Improve Source Verification in Pingbacks and Add Filter has-patch Pings/Trackbacks normal normal enhancement new 2016-05-05T15:26:57Z 2019-06-04T20:58:56Z "Like the do_pings code, the source verification should make a HEAD request to the site, retrieving the content type and rejecting images, video, or audio from being downloaded at all, removing a possible attack vector. The content-type check, which is not currently done by the code, is in the specification. ""''It then requests the content of http://alice.example.org/#p123 and checks the Content-Type of the entity returned to make sure it is text of some sort.''"" For display purposes, the content-type should also be passed into the $commentdata for use in preprocessing. The current code goes through the remote source replacing possible links to content to generate an except. However, while the specification only notes retrieving an 'extract of the page content surrounding the link' as an example of content that might be retrieved, and says nothing about display and most people agree the [...] excerpt display isn't exactly attractive. The code should verify the source on a plaintext level before anything else and fail immediately, then pass the result of that, along with the source and the retrieved content-type to a filter for more complicated checks if needed. For example, checking to see if it is in proper HTML format(link in a href or some other proper link type). We treat pingbacks as a comment type, but pingbacks are generated based on the source provided. Related: #34419 " dshanske 1 36775 Shortcode stripping on frontend Formatting 4.5.1 normal normal defect (bug) new 2016-05-06T12:27:39Z 2019-06-04T19:58:01Z "WordPress, since 3.6, introduced the [https://codex.wordpress.org/Audio_Shortcode audio tag]. It should be used like it: {{{ [audio src=""file.mp3""] }}} My old & wrong code used into my blog was formatted like the following. {{{ [audio:file.mp3] }}} This was generating an issue on Jetpack (which I consider [https://wordpress.org/support/topic/stats-module-of-jetpack-causing-core-dump-file/ solved] now). Analyizing the issue we discovered that Wordpress is stripping out from front end this bad formatted shortcode. I then tried to use this non-existent shortcode: {{{ [unuseful:file.mp3] }}} And the existent video one (badly implemented): {{{ [video:file.mp3] }}} Both are rendered as plain text on the front end. So, only the bad formatted audio tag is being stripped. The funny thing is that I can't actually type sentences like ''[audio is very loud]'' because are being stripped off. I am not sure which one should be the default Wordpress behavior. For sure it's strange that's acting differently on audio/video or non-existing shortcodes." pixel8383 6 36778 Parent theme editor-style.css cannot be disabled Editor normal normal Future Release enhancement reopened 2016-05-06T16:58:34Z 2020-11-23T04:48:13Z "While it is possible to override the CSS in a parent theme's editor-style.css, it is not currently possible to completely disable or dequeue a parent theme's editor-style.css file. This is a problem for a few reasons: - Theme authors may not keep their editor-style.css files up to date with the HTML the editor produces, leading to formatting oddities. - You may not just want the editor styles customized from the WP defaults at all." matthewmcvickar 10 36779 Move /wp-admin/load-scripts.php and /wp-admin/load-styles.php to /wp-includes Script Loader 4.4.2 normal normal defect (bug) new 2016-05-06T18:26:45Z 2019-06-04T21:22:41Z "Basically these files are inside /wp-admin directory, but you can hit them and get an output without being authenticated, examples: http://somedomain.usingwp.com/wp-admin/load-scripts.php?c=0&load%5B%5D=hoverIntent,common,admin-bar,svg-painter,heartbeat,wp-auth-check&ver=4.4.2 http://somedomain.usingwp.com/wp-admin/load-styles.php?c=0&dir=ltr&load=dashicons,admin-bar,wp-admin,buttons,wp-auth-check&ver=4.4.2 If these scripts are for use inside admin, why authentication isn't required?, if these scripts are for general use on the admin, themes, etc, why these aren't on wp-includes? This was pointed to me on a security scan, and apart from that if the idea is general use for this, I think hosting these on /wp-admin is misleading. " SaulNunez 36786 Can't pass filter names to `MockAction::get_call_count()` has-patch Build/Test Tools normal normal Future Release defect (bug) new 2016-05-09T04:20:03Z 2021-09-03T08:15:40Z "The first of these tests works as expected, but the second generates an ""Undefined index"" notice. {{{#!php <?php function test_get_call_count_action() { $action = rand_str(); $ma = new MockAction(); add_action( $action, array( $ma, 'action' ) ); do_action( $action ); $this->assertSame( 1, $ma->get_call_count( 'action' ) ); } function test_get_call_count_filter() { $filter = rand_str(); $ma = new MockAction(); add_filter( $filter, array( $ma, 'filter' ) ); apply_filters( $filter, rand_str() ); $this->assertSame( 1, $ma->get_call_count( 'filter' ) ); } }}} The attached patch attempts to fix the notice and allow passing filter names to `get_call_count()`. " dlh 3 36789 Upload Folder Bug reporter-feedback Media 4.5 normal normal defect (bug) new 2016-05-09T10:46:03Z 2019-06-04T20:24:40Z "Affected Version 4.5.x If changing the upload folder path in wp-config.php (define( 'UPLOADS', 'media' );) - no image will work after update to 4.5.x, because the url path structure changes in the sourcecode. for example: <img src=""http://www.example.com/media/2015/02/example-300x300.jpg"" alt="""" width=""300"" height=""300"" class=""alignleft size-medium wp-image-32"" srcset=""http://www.example.com/wp-content/uploads/2015/02/example-300x300.jpg 300w, http://www.example.com/wp-content/uploads/2015/02/example-150x150.jpg 150w, http://www.example.com/wp-content/uploads/2015/02/example.jpg 400w, http://www.example.com/wp-content/uploads/2015/02/example-50x50.jpg 50w, http://www.example.com/wp-content/uploads/2015/02/example-180x180.jpg 180w, http://www.example.com/wp-content/uploads/2015/02/example-200x200.jpg 200w"" sizes=""(max-width: 300px) 100vw, 300px"" />" netzilicious 2 36791 Set load order when enqueuing scripts and styles has-patch Script Loader 4.6 normal normal enhancement new 2016-05-09T18:42:31Z 2019-06-04T21:22:48Z I've implemented a patch and associated unit tests to add the ability to set the offset within the style or script queue when enqueuing styles or scripts. This will allow a developer to prioritize or set a strict order in which the stylesheets and/or scripts should load. This new functionality is optional and so all current code will continue to function as it always has. logistiker 4 36803 ms-files.php: inconsistent behaviour for upload visibility on archived sites Media 4.5.2 normal normal defect (bug) new 2016-05-10T15:14:11Z 2019-06-04T20:24:50Z "Hey, i just ran into an odd issue on one of our clients Multisites. I archived the said site and – as you know – it remains accessible for network admins. The matching files however don't. I followed this down to ms-files.php::21ff. {{{#!php <?php if ( $current_blog->archived == '1' || $current_blog->spam == '1' || $current_blog->deleted == '1' ) { status_header( 404 ); die( '404 — File not found.' ); } }}} You see that ms-files.php checks, if the blog is archived (or spam or deleted) and than throws out a 404. Shouldn't this include a check for network admin users to see the files? Or, if that's not desirable, couldn't we make this check accessible for filters? Thanks for the good work! Christian " antwortzeit 2 36812 WP_Rewrite removes regex groups, should replace with non-capturing Rewrite Rules 4.5.2 normal normal defect (bug) new 2016-05-11T05:23:43Z 2019-06-04T21:22:59Z "I have got that plugin which adds a rewrite tag like so: {{{ add_rewrite_tag('%lang%', '(en|fr)', 'lang='); }}} One can then customize the permalinks and add the post's language anywhere in the url. The problem is that, at one point, the WP_Rewrite class adds rules for attachment and on line 1112 of class-wp-rewrite.php it simply gets rid of all the parenthesis in the regex. So, if I configure the permalink to be `/%postname%/lang/%lang%/` the resulting regex for the rewrite rule is: {{{ [^/]+/lang/en|fr|zh/attachment/([^/]+)/?$ }}} which is a totally different rule than expected, where `anything/lang/en` is matched as an attachment page when it really shouldn't be. Instead the regex should be: {{{ [^/]+/lang/(?:en|fr|zh)/attachment/([^/]+)/?$ }}} The code on line 1112 of class-wp-rewrite.php should be replaced with: {{{ $submatchbase = str_replace( '(', '(?:', $match); }}} " cvedovini 1 36818 Export filter for post meta dev-feedback Export normal normal enhancement new 2016-05-11T20:00:14Z 2019-06-04T19:58:11Z "It would be handy if we had a filter for modifying post meta before it is written to an export file. Our plugin stores serialized arrays in post meta that get corrupted from time to time during the export/import process. The attached patch/filter would allow us to store the data differently in an export file to prevent that from happening. " justinbusa 10 36823 """TypeError: wp.updates is undefined"" when installing a plugin" has-patch Upgrade/Install 4.9.2 normal normal Future Release defect (bug) reopened 2016-05-12T10:15:11Z 2018-01-22T14:04:40Z "When I install a new plugin that has a translation pack for my current language (which is not `en_US`), I get the following error: > TypeError: wp.updates is undefined > `if ( wp && wp.updates.decrementCount ) {` Patch will follow soonish." tfrommen 12 36842 "More global event hooks using the media.events, like ""modal:open"", ""modal:close"", etc" Media 4.6 normal normal feature request new 2016-05-15T00:30:04Z 2019-06-04T20:25:03Z "There seem to be plentiful hooks in the media backbone system, but most require listening to the frame/controller/etc vs having global hooks/events to listen to. This, obviously, would be much like WP's `do_action`. Each event should pass contextual info including the frame/controller/etc object. Select2 (as well as most JS modal libs) provides an example of prior art: [https://select2.github.io/examples.html#events] Using that implementation as an example, we could do something like: `wp:media:open` is fired whenever the modal is opened. `wp:media:opening` is fired before this and can be prevented. `wp:media:close` is fired whenever the modal is closed. `wp:media:closing` is fired before this and can be prevented. `wp:media:highlight` is fired whenever a result is highlighted (clicked). `wp:media:unhighlight` is fired whenever a result is unhighlighted. `wp:media:select` is fired when a result is chosen and modal is closed. `wp:media:selecting` is fired before this and can be prevented. `wp:media:change` is fired whenever the modal changes state. `wp:media:changing` is fired before this and can be prevented. " jtsternberg 2 36849 Filter to limit length of post slug (filter for _truncate_post_slug) Posts, Post Types 4.5.2 normal normal enhancement new 2016-05-16T14:38:16Z 2019-06-04T20:59:05Z "There are circumstances where you need to limit the lenght of the post slug. Unfortunately there is no filter in _truncate_post_slug to do so. It will be a great enhancement, if there would be a filter in this function. Related function: -wp_unique_post_slug - calling _truncate_post_slug Additionally it would be very usefull, if there could be a filter right at the start of wp_unique_post_slug for filtering the slug. " wp-entwickler.at 5 36851 Widgets don't remove hooks after being unregistered Widgets 2.8 normal normal Future Release defect (bug) new 2016-05-16T15:28:57Z 2017-06-28T16:29:44Z "In `WP_Widget_Recent_Comments::__construct()`, there is this bit of code: {{{#!php <?php if ( is_active_widget( false, false, $this->id_base ) || is_customize_preview() ) { add_action( 'wp_head', array( $this, 'recent_comments_style' ) ); } }}} If `unregister_widget( 'WP_Widget_Recent_Comments' )` is called, this added `wp_head` action is still going to persist unexpectedly. At the moment, I believe the only way to remedy this inside such widgets themselves would be to check to see if the widget is still among `$wp_widget_factory->widgets` when the action callback is called (here the `recent_comments_style` method). From outside the widget, the alternative is would be to do: {{{#!php <?php $widget = $wp_widget_factory->widgets['WP_Widget_Recent_Comments']; unregister_widget( get_class( $widget ) ); remove_action( 'wp_head', array( $widget, 'recent_comments_style' ) ); }}} Neither of these options are great. Perhaps there should be new `widget_registered` and `widget_unregistered` actions that widgets could listen to to do this cleanup? Or there could be a new `unregister` method on `WP_Widget` that a subclass could have this logic inside of. (We wouldn't be able to use the PHP destructor since it would never be called since the reference to the class would be still captured among the registered hooks.) Likewise, instead of adding the hooks inside of the constructor, perhaps there should also be a `WP_Widget::register()` method that gets called inside of the faux-private `WP_Widget::_register()` (and `_register` should be `final`, no?)" westonruter 1 36873 Canonical redirect code does opposite of comment, breaks script when home_url starts with https Canonical 4.5.2 normal normal defect (bug) new 2016-05-18T03:43:01Z 2019-06-04T19:37:46Z "The comment on line 444 in wp-includes/canonical.php says that it only changes the host if it's adding or removing ""www."". It changes the host to lowercase if capitalization is the only difference or if the change is NOT adding or removing ""www."". Either the comment or the code should be changed. This is causing a problem when I try to run the script below. If the home url (used on line 176) is ""https://www.example.com/"", then the host is removed and redirect url changes to ""https:///"". This makes the parse_url call on line 69 return false and end processing. I believe this is why the script fails. There's a lot of code here. Apologies if I have it wrong. Here's the script: define('WP_USE_THEMES', true); require_once('/var/www/html/wp-blog-header.php'); I can workaround the bug by explicitly setting some server variables before calling that code: $_SERVER = array ( 'REQUEST_URI' => '/', 'HTTPS' => 'on', 'HTTP_HOST' => 'www.example.com', );" thasmin 36881 Improved hot-wiring of set_found_posts needs-unit-tests Query normal normal enhancement new 2016-05-18T22:45:22Z 2019-06-04T20:59:10Z Currently you can filter posts_request and posts_result to hot wiring the query object add caching. However, this means that in many cases the set found posts method then never gets called. This means that found posts is un-filterable. The set found posts needs to be called after the post results filter. spacedmonkey 1 36882 Add a reusable admin CSS class for destructive actions joedolson* Administration normal normal Future Release enhancement accepted 2016-05-18T22:54:26Z 2023-09-27T03:27:23Z "As generally recommended, plugin authors should not use regular buttons for destructive actions, like removing something. However, while there are standardized classes for buttons in WordPress admin (`button`, `button-primary`, `button-secondary`), a similar standardized class is missing for the destructive link. There are several locations in the admin where such links are displayed, but these are all styled using their individual selectors. Therefore plugin authors who want to use this style must either use one of these selectors (that probably do not fit the use-case at all) or recreate the style manually. Therefore I propose to standardize these style rules for a specific class, for example something like `delete-button` or `delete-link`." flixos90 10 36885 "When one uses custom callback function for comment list, ""Reply"" link would not show" reporter-feedback Comments normal normal defect (bug) new 2016-05-19T00:59:34Z 2019-06-04T19:37:59Z "It took too much time, but found the issue here in wp-includes/comments-template.php in get_comment_reply_link function. The OR conditions are likely to be true I imagine in many combination of situations although I am not too sure what combination causes bad things to happen. {{{ if ( 0 == $args['depth'] || $args['max_depth'] <= $args['depth'] ) { return; } }}} Well and good to check this, but why would the reply as well as login link disappear if any of it is true? Sorry if I am not getting this as I should. " remedy17 1 36887 Database upgrades should fail gracefully Upgrade/Install low normal Future Release defect (bug) new 2016-05-19T03:48:30Z 2022-07-07T14:19:10Z "Currently, `wp-admin/upgrade.php` and `wp_upgrade()` don't check that the database has actually upgraded properly, before returning a success message. Making them fail gracefully would be nice." pento 2 36891 Saving large menus is super slow Menus normal normal enhancement new 2016-05-20T01:37:54Z 2019-06-04T20:25:09Z "When saving menus, `wp-admin/includes/nav-menu.php` calls `wp_update_nav_menu_item()` for every menu item. This function call can take 0.1-0.4s, when multiplied by 50 (or more!) menu items, is a less than pleasant experience. Because of the length of time this takes, it's also quite likely that an interrupted connection could cause the menu to be saved in a weird state." pento 3 36893 Columns filter from taxonomy edit screen (edit-tags.php) gets applied in term edit screen (term.php) Taxonomy 4.5 normal normal defect (bug) new 2016-05-20T06:00:43Z 2019-06-04T21:23:17Z "I've did a simple test: {{{#!php <?php function test($columns) { echo 'Test output'; return $columns; } add_filter('manage_edit-category_columns', 'test'); }}} which resulted: {{{ <div id=""screen-meta"" class=""metabox-prefs""> <div id=""contextual-help-wrap"" class=""hidden no-sidebar"" aria-label=""Zakładka pomocy kontekstowej"" tabindex=""-1""> Test output </div> }}} so this filter is working in term.php. Another thing is that, adding custom columns in edit-terms.php screen forces Screen options to show in term.php. edit-tags.php [[Image(http://s32.postimg.org/igwy86u2t/image.jpg)]] term.php [[Image(http://s32.postimg.org/7ddc2l8sl/image.jpg)]]" szaqal21 2 36897 """You do not have sufficient permissions to access this page."" should have relevant links to go back to dashboard." Plugins 4.6 normal normal enhancement new 2016-05-21T03:45:54Z 2019-06-04T20:59:15Z "The ""You do not have sufficient permissions to access this page."" screen has no information where to go after seeing this error on screen. It would be better if there is a link to go back to the dashboard or maybe even better if the admin bar is visible on the screen with this error message." Nikschavan 5 36898 Have `grunt precommit` fail if the test DB is unreachable. Build/Test Tools normal normal Awaiting Review defect (bug) new 2016-05-21T06:18:15Z 2019-02-25T01:46:28Z "`grunt precommit` passes if the test DB is unreachable, preventing phpunit from running. To recreate: 1. Disable your local database 2. Add a test guaranteed to fail 3. Run `grunt precommit` 4. The result will be `Done, without errors.` This could happen in the hypothetical event someone forgets to start their virtual machine." peterwilsoncc 1 36911 Customizer and Theme Installer spinners should have different z-index has-patch Customize 4.5 normal normal Future Release defect (bug) new 2016-05-22T17:25:39Z 2021-05-23T20:07:43Z "My bad, I think this has to do with some previous changes I've made on these spinners. Looks like after [36518] the ""loading"" spinner in the Customizer is hidden, at least in some browsers. While the spinners used in the Customizer and in the Theme installer are basically the same and so the CSS rule for them was grouped in just one rule in [36518], I think the only CSS property that has to be different is `z-index`. As far as I see, the Theme installer needs a value of `-1` but this will hide the spinner in the Customizer so it has to be `0` here. The fix would be trivial but I'd greatly appreciate some testing to confirm the issue, in different browsers." afercia 4 36915 Permalinks broken after 4.5 Rewrite rules Rewrite Rules 4.5 normal normal defect (bug) new 2016-05-22T20:08:04Z 2019-06-04T21:23:21Z "Hi guys, Some of my websites had the permalinks broken after upgrading to 4.5. My webserver is NginX and the theme is iMedica. How I fixed: ============ This file: /wp-includes/class-wp-rewrite.php Line: 1813: ""update_option( 'rewrite_rules', '' );"" Before 4.5 that line was ""delete_option('rewrite_rules');"" But I think when WP team changed to update_option function they missed a parameter, it should be: ""update_option('rewrite_rules', $this->rules);"" After fixing this the permalink started working again. " fatorbinario 4 36916 Refactor EditAttachments frame to work outside Media Library admin page has-patch Media 4.5.2 normal normal enhancement new 2016-05-23T02:26:26Z 2019-06-04T20:25:21Z "The EditAttachments frame/modal is used on the Media Library page to display and edit meta data of attachments. This modal could be useful for plugin/theme developers but a few things tightly couple it to the Media Library: 1. The frame requires a router. This is easily remedied by feeding it a dummy object with two functions it seems to need but I can see this easily refactored using event listeners 2. When opened, the code in the modal deletes all mediaelement.js instances on a page. Not a problem in the media library but if you want to use it on a page with video and audio elements (which I do) it deletes them all from the DOM" Funkatronic 7 36924 dbDelta(): Support more than one whitespace between field name and its type definition Database 4.5.2 normal normal Awaiting Review defect (bug) new 2016-05-23T22:42:46Z 2018-08-10T00:39:26Z "dbDelta() fails to remove multiple spaces between field name and field type definition in ALTER / CREATE statements. In result some table definitions may lead to constant ALTER statements to be executed which may easily crash MySQL server. Compare: == Correct {{{#!php $sql = ""CREATE TABLE some_table ( id bigint(20) NOT NULL KEY AUTO_INCREMENT, test varchar(100) NOT NULL, );""; require_once( ABSPATH . 'wp-admin/includes/upgrade.php' ); dbDelta($sql); }}} vs == Wrong, due to multiple spaces between 'test' and 'varchar' ALTER query is executed {{{#!php $sql = ""CREATE TABLE some_table ( id bigint(20) NOT NULL KEY AUTO_INCREMENT, test varchar(100) NOT NULL, );""; require_once( ABSPATH . 'wp-admin/includes/upgrade.php' ); dbDelta($sql); }}} == Possible fix: - in dbDelta() call trim() on $tablefield->Type, - or remove extra spaces during preg_match: replace: {{{#!php preg_match(""|"".$tablefield->Field."" ([^ ]*( unsigned)?)|i"", $cfields[strtolower($tablefield->Field)], $matches); }}} with: {{{#!php preg_match(""|"".$tablefield->Field.""\s+([^ ]*( unsigned)?)|i"", $cfields[strtolower($tablefield->Field)], $matches); }}}" matt_fw 3 36931 wp_upload_dir caches calls with default arguments separately from their explicit equivalent has-patch Media 4.5 normal normal defect (bug) new 2016-05-24T09:55:05Z 2019-06-04T20:25:34Z "This a fairly minor bug. Prior to [36565] the following were equivalent {{{#!php $upload = wp_upload_dir(); $upload2 = wp_upload_dir( gmstrftime('%Y/%m') ); }}} (In deed, even `$upload3 = wp_upload_dir( gmstrftime('%Y/%m yabadabadoo') );` is equivalent, but that behaviour is undocumented.) Since caching has been introduced the first call to `wp_upload_dir()` is stored separately in the cache to the second call, despite the fact that they are otherwise interpreted the same. This causes a disparity in behaviour when one of the caches is cleared after a setting has been changed: {{{#!php $upload = wp_upload_dir(); $upload2 = wp_upload_dir( gmstrftime('%Y/%m') ); // $upload == $upload2 //Disable year/month folders and clear the cache add_filter( 'pre_option_uploads_use_yearmonth_folders', '__return_null' ); wp_upload_dir( null, false, true ); $upload = wp_upload_dir( null ); $upload2 = wp_upload_dir( gmstrftime('%Y/%m') ); //$upload != $upload2 remove_filter( 'pre_option_uploads_use_yearmonth_folders', '__return_null' ); }}} " stephenharris 2 36933 TinyMCE failing when using ModPagespeed Administration 4.5.2 normal normal defect (bug) new 2016-05-24T15:07:41Z 2019-06-04T19:38:18Z "TinyMCE Stops working correctly When using ModPagespeed module. TypeError: wp.svgPainter is undefined I needed to edit this file to fix the issue: /wp-admin/js/svg-painter.js " franmaWp 4 36936 Plugin update does not works via web with proper filesystem permissions. Filesystem API 4.5.2 normal normal defect (bug) new 2016-05-24T21:09:30Z 2019-06-04T19:58:39Z "Hello all, I run Wordpress 4.5.2 on Ext4 file system with POSIX ACL. Web server is Nginx, PHP runs as FPM daemon. Both under www-data user and group (for now). When I try to update some plugin, Wordpress ask me to enter FTP credentials instead of doing update. All output below was gathered under '''www-data''' account (PHP-FPM runs under it). Here is my file system permissions: '''Document root:''' {{{ $ getfacl /var/www/html/ getfacl: Removing leading '/' from absolute path names # file: var/www/html/ # owner: root # group: root user::rwx user:www-data:r-x group::--- group:SA:rwx group:webdesigner:rwx mask::rwx other::--- default:user::rwx default:user:www-data:r-x default:group::--- default:group:SA:rwx default:group:webdesigner:rwx default:mask::rwx default:other::--- }}} '''wp-content''' {{{ $ getfacl /var/www/html/wp-content/ getfacl: Removing leading '/' from absolute path names # file: var/www/html/wp-content/ # owner: root # group: root user::rwx user:www-data:rwx group::--- group:SA:rwx group:webdesigner:rwx mask::rwx other::--- default:user::rwx default:user:www-data:rwx default:group::--- default:group:SA:rwx default:group:webdesigner:rwx default:mask::rwx default:other::--- }}} '''Plugins''' {{{ $ getfacl /var/www/html/wp-content/plugins/ getfacl: Removing leading '/' from absolute path names # file: var/www/html/wp-content/plugins/ # owner: root # group: root user::rwx user:www-data:rwx group::--- group:SA:rwx group:webdesigner:rwx mask::rwx other::--- default:user::rwx default:user:www-data:rwx default:group::--- default:group:SA:rwx default:group:webdesigner:rwx default:mask::rwx default:other::--- }}} '''Plugin to be updated:''' {{{ $ getfacl /var/www/html/wp-content/plugins/postmatic/ getfacl: Removing leading '/' from absolute path names # file: var/www/html/wp-content/plugins/postmatic/ # owner: root # group: root user::rwx user:www-data:rwx group::--- group:SA:rwx group:webdesigner:rwx mask::rwx other::--- default:user::rwx default:user:www-data:rwx default:group::--- default:group:SA:rwx default:group:webdesigner:rwx default:mask::rwx default:other::--- }}} Despite user www-data is explicitly granted to have write permissions to all required directories, Wordpress fails to start upgrade from web and asks for FTP credentials. I believe PHP works well enough with POSIX ACL, here is simply proof script: {{{ $ php -r 'if (posix_access( ""/var/www/html/wp-content/"", POSIX_R_OK | POSIX_W_OK)) { echo ""The file is readable and writable!\n""; } else { $error = posix_get_last_error(); echo ""Error $error: "" . posix_strerror($error); }' The file is readable and writable! }}} If there are some reason to keep current filesystem permission check method intact - please, issue spcecial technical note regarding required permissions and how does Wordpress checking it. System information: {{{ $ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.4 LTS Release: 14.04 Codename: trusty $ php -v PHP 5.5.9-1ubuntu4.16 (cli) (built: Apr 20 2016 14:31:27) }}} There are no SuPHP, Suhosin or any suspicious extensions. This issue could be related to [https://core.trac.wordpress.org/ticket/34327] Thank you. " brudas 8 36939 Role groups dev-feedback Role/Capability normal normal enhancement new 2016-05-25T02:17:46Z 2019-06-04T21:23:29Z "WordPress's roles & capabilities API has support for allowing users to have multiple roles, and recent improvements to the Users list table have helped improve the administrator experience a bit by showing all roles rather than just the first one for each user. I think what makes multiple user-roles confusing (or maybe less valuable) is that WordPress by itself does not directly benefit from allowing users to have multiple roles, because the existing roles are designed to blanket all of WordPress's bundled functionality. I'd like to propose the introduction of Role Groups, as a layer that lives one layer above the main `WP_Roles` object to allow for groups of roles to be registered, enabling for users to have at least 1 role from each role group. ---- For example: * You install bbPress, and Bob cannot publish posts but can moderate the forums * You install WooCommerce, and Jane can contribute posts to the blog, and can also buy items from the store * You install BuddyPress, and while Chris can administrate posts, pages, and media, he cannot moderate the community In the above scenarios, each of these plugins would register their own role groups, and any user could easily have 1 role for each ""section"" of the same 1 WordPress site. ---- How could WordPress core use this? * Create a role group for Posts, Pages, Media, Comments, and Users * Ones ability to Edit posts should not assume they can moderate comments * Ones ability to moderate comments should not assume they can publish posts * Ones ability to upload media & attachments should not assume they can publish pages * Ones ability to edit an existing user should not assume they can upload media ---- How does this complicate things? Depending on how deeply this is implemented, potentially greatly, or not at all for vanilla WordPress installations. * If we keep WordPress's built-in roles identical to how they are today, they become 1 role group that grants access to Posts, Pages, Media, Comments, and Users; then plugins can define their own role groups, and we make sure WordPress has an adequate interface for assigning multiple roles for each user. * If we separate WordPress's roles into groups for each object type, backwards compatibility is a huge issue, as well as how confusing does it make granting access and assigning default roles for each group. * We may be able to remove the ""Default Role"" setting UI entirely, and leave it to plugins to reopen this functionality for improved support for multiple roles. ---- What do we do now? Let's talk this through, decide if it's worthwhile, and maybe work towards something viable. Much of this can happen without much (if any) modification to WordPress core. Worst case, we uncover more areas of WordPress that can be improved to support multiple roles per user, and address those in separate tickets. Best case, we make the existing roles & capabilities API more plugin-friendly." johnjamesjacoby 1 36940 Break `manage_sites` capability up into more targeted caps johnjamesjacoby Networks and Sites 3.0 normal normal Future Release enhancement assigned 2016-05-25T12:56:16Z 2017-07-17T20:36:26Z "The `manage_sites` capability is currently used as a blanket, to cover all needs when it comes to editing a site in a multisite installation. Started in #15800 (and having chatted with @jeremyfelt at length) we'd like to break `manage_sites` up into new capabilities that more acutely convey what part of a site someone is allowed to edit. The goal is to allow users with `/network` admin access to have more fine-grained control over what parts of a site they can edit. For example: `manage_site_settings = false` so a user can modify site themes & users, but not have access to the raw option data. We are imagining they would look something like: * `manage_site_info` (`site-info.php`) * `manage_site_settings` (`site-settings.php`) * `manage_site_themes` (`site-themes.php`) * `manage_site_users` (`site-users.php`) In addition: * We would pass the site ID through `current_user_can()` to provide additional context * Switch to using `create_sites` in `site-new.php` (vs. `manage_sites` which was likely a copy-paste assumption that the capabilities across these similar files should match) ---- More paraphrasing of our past 4 months of chat in #core-multisite: * Because only WordPress Super Admins can access any of these by default, renaming these capabilities should be considered a backwards compatible change * We /could/ go as far as mapping all of these new caps to `manage_sites` to maintain compatibility, but for plugin authors wishing to take advantage of this, it would require an additional `map_meta_cap` override that we would like to try and avoid * This should not result in much code churn, and will only change multisite files, and a handful of functions that special-case multisite using the `manage_sites` capability check * We would still keep `manage_sites` in a few higher-level places (as a site equivalent to `edit_posts`) to ensure that a user has access to certain UI elements that allow them entry to more detailed site editing" johnjamesjacoby 9 36946 Provide `id` properties on core objects General normal normal defect (bug) new 2016-05-26T00:22:39Z 2019-06-04T19:58:44Z "In #36717, `WP_Site` and `WP_Network` will get magic getters/setters so that `id` and other more properly named properties can be used. We should standardize on `id` rather than `ID` for core objects where it makes sense. Current primary IDs for objects are: * `WP_Comment` -> `comment_ID` * `WP_Post` -> `ID` * `WP_Term` -> `term_id` * `WP_User` -> `ID` * `WP_Widget` -> `id` * `WP_Screen` -> `id` `WP_User` is somewhat unique because the property was `id` and then deprecated in [18504] in favor of `ID`. We should be able to un-deprecate this." jeremyfelt 7 36956 Trigger event when taxonomy term is added with ajax dev-feedback Taxonomy normal normal enhancement new 2016-05-26T22:33:28Z 2019-06-04T21:23:34Z "When adding a taxonomy term via ajax, it would be nice if some JavaScript event was triggered, maybe on `.wp-list-table.tags` or the newly added row itself. This would give taxonomy term plugins some event to listen for and take action on. Something akin to: {{{ this.trigger( 'term-added' ); }}} Maybe `tag-added` is more appropriate, since all of those form elements seem to use `tag` for everything, regardless of the taxonomy." johnjamesjacoby 36958 extending has_shortcode to allow searching in custom fields Shortcodes normal normal enhancement new 2016-05-27T08:05:59Z 2019-06-04T21:23:39Z "Seeing as has_shortcode is mainly used by plugin developers to search a shortcode in post_content, I'd like to open a discussion about what would be the best way to extend the has_shortcode functionality to also allow searching in custom post fields. Problem: - if one uses a post_meta field to store additional content for a post ( content that may contain shortcodes and is processed when displaying the post ) - there is no way for another plugin to check if a shortcode exists in that post_meta field (without knowing the meta field, of course) - example: a plugin needs to enqueue a script only if the current post contains a shortcode. The way it's being handled right now is: {{{#!php if ( has_shortcode( $post->post_content, $tag ) ) { //enqueue script } }}} This of course will only work for the main post_content. If another plugin uses a post_meta field to add content to the frontend, there is no way to check if that meta field contains the shortcode. I think one possible solution for this would be to introduce a new function, something like: {{{#!php function post_has_shortcode( $tag, $post_id = null ) { $post = get_post( $post_id ); if ( empty( $post ) ) { return false; } if ( has_shortcode( $post->post_content, $tag ) ) { return true; } return apply_filters( 'post_has_shortcode', false, $tag, $post_id ); } }}} A filter implementation for this would look like: {{{#!php function custom_plugin_has_shortcode( $has_shortcode, $tag, $post_id ) { if ( $has_shortcode ) { return true; } $custom_content = get_post_meta( $post_id, 'custom_plugin_custom_content', true ); return has_shortcode( $custom_content, $tag ); } add_filter( 'post_has_shortcode', 'custom_plugin_has_shortcode', 10, 3 ); }}} Another option (which is better in terms of performance) is to gather all the content before checking for shortcodes - but it's not that ""clean"": {{{#!php function post_has_shortcode( $tag, $post_id = null ) { $post = get_post( $post_id ); if ( empty( $post ) ) { return false; } $content_to_check = apply_filters( 'get_content_for_shortcode_check', $post->post_content, $post_id ); return has_shortcode( $content_to_check, $tag ); } }}} Would there be any other approaches for this? Is this something that can go into the core? Thanks" radugroza 1 36966 Search is not working with soft hyphen symbols Query 4.5.2 normal normal defect (bug) new 2016-05-28T21:36:29Z 2019-06-04T20:59:30Z "Site search doesn't work if a word contains soft hyphen symbols. When a word is pretty long and it should fit within a limited space, the best solution seems to be to stuff it with soft hyphens (­), so there will be no hanging lines. It looks like this: Pseu­do­pseu­do­hy­po­pa­ra­thy­roi­dism But in this case the word can't be found." mvasin 36971 Show readme.txt from Themes SergeyBiryukov* Themes normal normal Future Release enhancement accepted 2016-05-29T23:53:20Z 2022-11-09T19:39:32Z "The readme.txt should be used to document any dependencies of a theme. But if we install the theme from inside WordPress there is no way to see the readme.txt for an unexperienced user. For example the Sela theme needs Jetpack to show Testimonials. See readme.txt: https://themes.svn.wordpress.org/sela/1.0.9/readme.txt But the theme page is not mentioning that (https://wordpress.org/themes/sela/) and there is no direct link or presentation of the readme.txt with this essential information on the theme page or inside WordPress. I suggest showing the readme.txt somewhere or use a system like https://github.com/TGMPA/TGM-Plugin-Activation to give this information to the user." zodiac1978 41 36973 Update FTP credentials form design Upgrade/Install normal normal Future Release defect (bug) new 2016-05-30T09:27:42Z 2018-03-12T16:16:03Z "As reported by @melchoyce in https://github.com/obenland/shiny-updates/issues/100, the filesystem credentials dialog needs some love to improve accessibility and the overall design. Here's how it could look like: https://cloudup.com/cnvj5NqMefR Her notes: 1. Update modal style to bring more in-line with other wp-admin modals — like including an ""x"" for closing (even though there's also a cancel button) 2. Make ""Proceed"" primary 3. Also consider changing ""proceed"" to something more descriptive — maybe connect? Proceed might be okay, it's just such a weird-sounding word. Maybe switch the ""proceed"" in both the description and the button to ""continue."" 4. ""This password will not be..."" could stand to be decreased in size just a little and made a lighter grey, to match descriptions on the settings pages. At the very least, the line-height should decrease. 5. ""Authentication Keys"" is at the same level of hierarchy as the field labels. It should probably be bigger, since it's a header above the labels. 6. Additionally: the modal is really tall for mockup purposes, but would ideally be whatever height we normally max modals out at. Any content not visible because of height would be scrollable in the modal, like we do in others. See also: #34376" swissspidy 3 36978 Add pre filter to get_term_by needs-unit-tests Taxonomy normal normal enhancement new 2016-05-30T22:25:13Z 2019-06-04T21:23:44Z Like other get get_*_by functions the get_term_by should have a pre filter. This filter should specially be useful to short-circuit the default logic, perhaps to add caching. spacedmonkey 36982 Add image attributes and additional context to the wp_calculate_image_srcset and wp_calculate_image_sizes filters adamsilverstein dev-feedback Media 4.6 normal normal Future Release enhancement assigned 2016-05-31T17:39:55Z 2021-11-18T15:46:55Z "Because the srcset and sizes attributes try to give the browser guidance on how CSS is going to handle images, we should be able to take into account image class attributes (and other attributes that could be used as CSS selectors) when using the {{{wp_calculate_image_srcset}}} and {{{wp_calculate_image_sizes}}} filters to set the appropriate srcset and sizes. It would also be helpful to be able to supply a context to functions like {{{wp_image_add_srcset_and_sizes}}} and {{{wp_make_content_images_responsive}}} so we can calculate different srcset and sizes attributes if a medium sized image is in the main content section vs. in an aside or other section." kylereicks 40 36995 Support for Service Workers westonruter* General 5.1 normal normal Future Release feature request accepted 2016-06-02T00:18:09Z 2022-05-03T22:21:12Z "It might make sense into looking to offer a basic service worker for WordPress. It can start with something simple like caching files for `wp-admin`. Beyond that there are many ways it could be expanded: * Cache all scripts and styles for themes/plugins, possibly offering offline mode for sites * Possibly Notifications * etc Useful links: * https://developers.google.com/web/fundamentals/getting-started/push-notifications/step-03?hl=en * https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers * https://justmarkup.com/log/2016/01/add-service-worker-for-wordpress/" bhubbard 25 36996 get_the_post_thumbnail and the usage of class attribute Post Thumbnails 2.9 normal normal defect (bug) new 2016-06-02T05:08:46Z 2019-06-04T20:59:46Z "Hi, I noticed that if I use class attribute, it overrides some of the standard classes. So in my example I use header image of custom size: {{{#!php <?php echo get_the_post_thumbnail( $post->ID, 'custom-header-image-large', array( 'id' => 'featured-image', 'itemprop' => 'image', ) ); }}} In this case WP generates these classes for the header image: attachment-custom-header-image-large size-custom-header-image-large wp-post-image If I add attribute `'class' => 'photo u-photo',` {{{#!php <?php echo get_the_post_thumbnail( $post->ID, 'custom-header-image-large', array( 'class' => 'photo u-photo' 'id' => 'featured-image', 'itemprop' => 'image', ) ); }}} WP skips some classes and final class list produces only: photo u-photo wp-post-image Is it by design, or a possible bug? Thank you!" TomasM 9 37000 Support for the SameSite cookie attribute dev-feedback Security normal normal Future Release enhancement new 2016-06-02T13:31:13Z 2022-11-11T10:45:05Z "IETF's [https://tools.ietf.org/html/draft-west-first-party-cookies Same-site Cookies draft] was [https://www.chromestatus.com/feature/4672634709082112 shipped in Chrome 51 and Opera 39]. The SameSite cookie attribute instructs a browser not to send that cookie with cross-origin third-party requests (such as iframes, embedded images, and Ajax requests). This effectively mitigates CSRF attacks as, for example, the user will not be authenticated for a given third party URL that's being used in a CSRF attack. More information on the SameSite attribute can be found here: http://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/ We should investigate whether setting the `SameSite=lax` attribute is of benefit to the `auth` and/or `logged_in` cookies in WordPress, and if so consider implementing it once the draft becomes an RFC. PHP uses the `setcookie()` wrapper for setting cookies, which means that setting the SameSite attribute is not possible using that function, until such point that support for the attribute gets added. If WordPress were to implement the SameSite attribute, we'd need our own cookie handling function which constructs and sets the `Set-Cookie` header itself, and use it in place of `setcookie()` (side note: this may also be beneficial to unit testing)." johnbillion 42 37005 Unit test for the wp_check_filetype method has-patch Media normal normal Awaiting Review enhancement new 2016-06-02T18:43:14Z 2020-04-09T05:51:19Z "Improving the code coverage for the functions.php, to be more precise the `wp_check_filetype` method, this one hadn't any tests written, decreasing the overall code coverage. Now, the test covers the entire logic " borgesbruno 2 37009 When two different tags generate the same slug, the second tag is rejected boonebgorges Taxonomy 4.5.2 normal normal defect (bug) assigned 2016-06-03T00:59:03Z 2022-01-18T13:48:44Z "When two different tags result in the same slug, instead of the slugs being made unique the second tag is discarded and treated as if it were the first. Here's an example: 1) Add the tag ""$4 gas"" to a post, via the post edit screen. 2) Update the post. 3) Verify that the term ""$4 gas"" is added to the wp_terms table with ""4-gas"" as its slug and that the tag is displayed with the post on the edit screen. 4) Add the tag ""#4 gas"" (or ""#4-gas or similar) to the post, via the post edit screen. 5) Update the post. 6) Note that the term ""#4 gas"" has not been added to the wp_terms table and the tag is not displayed with the post. Also, if you try to add ""#4 gas"" to any post, you'll get ""$4 gas"" instead. (I realize this example sounds silly, but with the many tags based on words in different languages or brands, unique tags can result in the same slug.) It seems that what should happen in this case is that if the original tags are actually unique, the second one should get a unique slug (with something like '-2' appended). I'm using WordPress 4.5.2 with all plug-ins deactivated." michael.costanza 10 37026 PHP Notice: Trying to get property of non-object in wp-admin\nav-menus.php on line 836 has-patch Menus 4.5.2 normal normal defect (bug) new 2016-06-04T07:56:36Z 2019-06-04T20:26:04Z "I'm using WordPress 4.5.2 and get this PHP Notice: {{{ PHP Notice: Trying to get property of non-object in wp-admin\nav-menus.php on line 836 }}} When I export and import database for using on localhost (one database content for two sites), two sites using different theme and have different menu location. My first site has menu location Mobile, when I use this database on new site with Twenty Sixteen theme, it doesn't have this location, so the notice message appeared. The menu location on Menu Settings section looks like this: {{{ Mobile (Currently set to: ) }}} Plese add a conditional function to check if is a nav menu object before get its name. {{{ wp_get_nav_menu_object( $menu_locations[ $location ] )->name }}} It's not an error, but I don't want to see this notice message when coding theme. Thank you." skylarkcob 1 37040 Enhancement: new function to validate a transient exists, and isn't expired without extra query has-patch Options, Meta APIs 4.6 normal normal enhancement new 2016-06-06T23:34:51Z 2019-06-04T20:59:56Z "Currently calling get_transient makes 2 queries, the first to validate if the transient exists & is not expired, the second to get the transient value. I propose creating a new function that does the job of the first query only. It should validate that the transient exists and hasn't expired returning a boolean. The get_transient should then be modified to call that function rather than get_option. The purpose here is to allow plugin / theme developers to minimize queries even further. Example: If all I need to do is check for a valid transient that only requires 1 query, I don't always need the value, just need to know whether it should be refreshed. In that case I could call valid_transient( 'transient' ). Since that value can be cached if I later need the full value then only one additional query would be needed. " danieliser 4 37041 Allow arbitrary return redirects when activating plugins has-patch Plugins normal normal enhancement new 2016-06-07T03:15:30Z 2019-06-04T21:00:02Z "After activating a plugin, the return redirect is set to either `import.php` or `plugins.php` depending on the `from` query parameter. It'd be nice to have the ability to specify an arbitrary `redirect_to` similar to the login process. This should probably be locked down using `wp_safe_redirect`." rmccue 4 37042 Additional filter for has_category function reporter-feedback Taxonomy 4.5.2 normal normal feature request new 2016-06-07T07:27:25Z 2019-06-04T21:24:00Z "Our plugin translates categories and posts. Let's assume we have two languages: - original: English - second: French We defined category ""test"" and its translation ""test-fr"". The category is assigned to the post in such way that English post has English category and vice versa. Currently, when we call has_category(""test"") in single.php file, it returns true only for the English post ( because French one does not have ""test"" category but ""test-fr"" ). We expect that result will be true in both cases. ---- For this reason, we need some filter inside ''is_object_in_term'' function, similar to ""get_object_terms"" inside ""wp_get_object_terms"" function. It will give as opportunity to adjust ""has_category"" behaviour to out requirements. " jakubbis 2 37043 New filter `pre_unique_post_slug` boonebgorges has-patch Posts, Post Types normal normal enhancement reviewing 2016-06-07T07:42:35Z 2019-06-04T21:00:08Z "This filter will be for multilanguages plugins helpful. For example I have page: News in English with url http://example.com/en/news/ and News in Polish with url http://example.com/pl/news/ For Polish version this will be have slug news-2 but should be have news. If new filter will be added then we can generate slug for my pages. I know that I can use wp_unique_post_slug filter but more optimally will be add pre_unique_post_slug filter because will be less SQL Queries because this code: {{{#!php <?php if ( is_post_type_hierarchical( $post_type ) ) { if ( 'nav_menu_item' == $post_type ) return $slug; /* * Page slugs must be unique within their own trees. Pages are in a separate * namespace than posts so page slugs are allowed to overlap post slugs. */ $check_sql = ""SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type IN ( %s, 'attachment' ) AND ID != %d AND post_parent = %d LIMIT 1""; $post_name_check = $wpdb->get_var( $wpdb->prepare( $check_sql, $slug, $post_type, $post_ID, $post_parent ) ); /** * Filters whether the post slug would make a bad hierarchical post slug. * * @since 3.1.0 * * @param bool $bad_slug Whether the post slug would be bad in a hierarchical post context. * @param string $slug The post slug. * @param string $post_type Post type. * @param int $post_parent Post parent ID. */ if ( $post_name_check || in_array( $slug, $feeds ) || 'embed' === $slug || preg_match( ""@^($wp_rewrite->pagination_base)?\d+$@"", $slug ) || apply_filters( 'wp_unique_post_slug_is_bad_hierarchical_slug', false, $slug, $post_type, $post_parent ) ) { $suffix = 2; do { $alt_post_name = _truncate_post_slug( $slug, 200 - ( strlen( $suffix ) + 1 ) ) . ""-$suffix""; $post_name_check = $wpdb->get_var( $wpdb->prepare( $check_sql, $alt_post_name, $post_type, $post_ID, $post_parent ) ); $suffix++; } while ( $post_name_check ); $slug = $alt_post_name; } } else { // Post slugs must be unique across all posts. $check_sql = ""SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type = %s AND ID != %d LIMIT 1""; $post_name_check = $wpdb->get_var( $wpdb->prepare( $check_sql, $slug, $post_type, $post_ID ) ); // Prevent new post slugs that could result in URLs that conflict with date archives. $post = get_post( $post_ID ); $conflicts_with_date_archive = false; if ( 'post' === $post_type && ( ! $post || $post->post_name !== $slug ) && preg_match( '/^[0-9]+$/', $slug ) && $slug_num = intval( $slug ) ) { $permastructs = array_values( array_filter( explode( '/', get_option( 'permalink_structure' ) ) ) ); $postname_index = array_search( '%postname%', $permastructs ); /* * Potential date clashes are as follows: * * - Any integer in the first permastruct position could be a year. * - An integer between 1 and 12 that follows 'year' conflicts with 'monthnum'. * - An integer between 1 and 31 that follows 'monthnum' conflicts with 'day'. */ if ( 0 === $postname_index || ( $postname_index && '%year%' === $permastructs[ $postname_index - 1 ] && 13 > $slug_num ) || ( $postname_index && '%monthnum%' === $permastructs[ $postname_index - 1 ] && 32 > $slug_num ) ) { $conflicts_with_date_archive = true; } } /** * Filters whether the post slug would be bad as a flat slug. * * @since 3.1.0 * * @param bool $bad_slug Whether the post slug would be bad as a flat slug. * @param string $slug The post slug. * @param string $post_type Post type. */ if ( $post_name_check || in_array( $slug, $feeds ) || 'embed' === $slug || $conflicts_with_date_archive || apply_filters( 'wp_unique_post_slug_is_bad_flat_slug', false, $slug, $post_type ) ) { $suffix = 2; do { $alt_post_name = _truncate_post_slug( $slug, 200 - ( strlen( $suffix ) + 1 ) ) . ""-$suffix""; $post_name_check = $wpdb->get_var( $wpdb->prepare( $check_sql, $alt_post_name, $post_type, $post_ID ) ); $suffix++; } while ( $post_name_check ); $slug = $alt_post_name; } } }}} Will useless for my plugin and unnecessary SQL Queries will be generate" sebastian.pisula 5 37051 New filter `wp_page_path_sql` has-patch Posts, Post Types normal normal Awaiting Review enhancement new 2016-06-08T06:24:28Z 2017-10-24T19:13:32Z "Make plugin for translations I found next missing filter. WordPress use get_page_by_path in WP->parse_request(); In post meta I save info about language version. Example: ""Contact"" in German and Polish is ""Kontakt"" so slug will be 'kontakt'. Function get_page_by_path fiund by slug in all languages. But in filter `wp_page_path_sql` I can add LEFT JOIN and set current language. I know that exists `parse_query` action and I can change query via this action but before in `wp_page_path_sql` will be generate unnecessary sql. This sql filter will be usefull very much. " sebastian.pisula 1 37056 paginate_links should be a method on WP_Query Query 4.6 normal normal enhancement new 2016-06-08T22:21:09Z 2019-06-04T21:00:17Z "How do we paginate custom or subqueries when `paginate_links` relies upon the global `$wp_query` variable? It's easy. We make `paginate_links` a method on the `WP_Query` object. Then the function `paginate_links` can rely upon the method. Likewise with `get_the_posts_pagination`, with a way to pass query context. I'll get around to a patch when I can." jfarthing84 2 37057 Creation of an esc_html functions for _n(), _nx(), _ex(), and number_format_i18n() I18N normal normal Awaiting Review enhancement new 2016-06-09T00:32:50Z 2022-03-25T18:43:48Z "Using a lot of the translation functions generates an error using the WordPress Coding Standards under PHPCS such as: Expected next thing to be an escaping function (see Codex for 'Data Validation'), not '_nx' Certain functions like `_x()`, `_e()`, `__()` all have equivalent esc_html functions. But there are no esc_html equivalent for these other functions. Granted one could simply wrap the statements in `esc_html()`, for the sake of consistency and standardization for theme developers, I feel that esc_html versions of these functions should be created. " zakkath 17 37064 No checkbox in Posts list table for bulk action Posts, Post Types normal normal defect (bug) new 2016-06-09T15:25:20Z 2019-06-04T21:00:24Z In posts list table it checks that user has edit_post capability or not and output checkbox depend on that. WP_Posts_List_Table also output table for any CPT. But user may not have edit_post capability but have delete_post capability or may be any other capability which need bulk select. In my case i created a CPT and which i restricted users from editing published post using 'edit_published_posts' but i did not restrict users from delete published post. But when i saw post table for that CPT i saw that no checkbox after post being published. But have Trash link individually when i mouse over that post. shamim51 37068 wp_unique_post_slug() should accept `$post` parameter rather than post properties has-patch Posts, Post Types normal normal enhancement new 2016-06-10T03:30:31Z 2022-01-18T13:48:49Z "Breaking this ticket off from #20419. The function signature for `wp_unique_post_slug()`' is currently: {{{ function wp_unique_post_slug( $slug, $post_ID, $post_status, $post_type, $post_parent ) }}} This is a departure from `wp_unique_term_slug()`, which accepts two parameters: `$slug` and `$term` (where `$term` is a term object). For greater consistency, we should prefer a post object in `wp_unique_post_slug()`. There are also some cases where the current function signature requires weird hacks, such as when generating sample permalinks. See #20419. Another argument for standardizing the signature. Latest patch is at https://core.trac.wordpress.org/attachment/ticket/20419/20419.5.diff" boonebgorges 1 37077 Replacing one variable handler for another to ensure proper conditional check occurs 100%. has-patch Formatting 4.5.2 normal trivial defect (bug) reopened 2016-06-11T23:18:57Z 2019-06-04T19:59:27Z "I have a likely non-reproduceable problem that, nonetheless, still indicates a failure of a conditional check in wp-class.php. I'd been receiving log file non-critical php errors/warnings for months referencing the rawurlencode() on line 528 getting an array variable. Which is not allowed for that function, hence the error. When I changed line 526's conditional check from {{{ if ( !is_scalar($this->query_vars[$wpvar]) ) }}} to {{{ if ( ( !is_scalar($this->query_vars[$wpvar]) || is_array($this->query_vars[$wpvar]) ) ) }}} the errors went away. Bad plugin/theme code, notwithstanding, the fact that the conditional check fails at all indicates a need for ""refinement"". That's the whole point of these checks, to ensure bad code doesn't take down a website. I'm even wondering if a more streamlined code change for line 526 to {{{ if ( !is_string($this->query_vars[$wpvar]) ) }}} is more appropriate as string variables are all that rawurlencode() allows. I hated changing any core file. But, I was able to quickly address a small issue that shouldn't have been allowed by the core. I don't think this change would impact anyone, the function build_query_string() this code falls within has been depreciated, anyway. BTW, I'm not sure why is_scalar() is failing. However, I came across a few instances across the web with similar quirks. Everyone of those problems was addressed in a similar fashion (i.e. using is_array() or !is_string() instead of !is_scalar()). Source code from wp-class.php: {{{ 521 public function build_query_string() { 522 $this->query_string = ''; 523 foreach ( (array) array_keys($this->query_vars) as $wpvar) { 524 if ( '' != $this->query_vars[$wpvar] ) { 525 $this->query_string .= (strlen($this->query_string) < 1) ? '' : '&'; 526 if ( !is_scalar($this->query_vars[$wpvar]) ) // Discard non-scalars. 527 continue; 528 $this->query_string .= $wpvar . '=' . rawurlencode($this->query_vars[$wpvar]); 529 } 530 } }}}" chadschulz 4 37079 Add new filter pre_wp_get_nav_menu_items has-patch Menus normal normal Awaiting Review enhancement new 2016-06-11T23:58:25Z 2017-08-17T18:32:01Z Add a filter into wp_get_nav_menu_items function. This allows you to short-circuit the function and stop the get_objects_in_term (which is uncached) function from running. spacedmonkey 5 37096 Unit tests for xmlrpc_getposttitle() and xmlrpc_getpostcategory() along with patch to trim and unique returned values SergeyBiryukov dev-feedback XML-RPC 0.71 low minor Future Release enhancement reviewing 2016-06-14T00:24:25Z 2022-01-20T13:01:43Z In tonight's Contrib 2 core we created this unit test for xmlrpc_getposttitle() function pbearne 17 37103 get_comments_number_text() should not replace '%' in post title has-patch Comments 4.2 normal normal defect (bug) new 2016-06-14T20:06:02Z 2019-06-04T19:38:56Z "Background: #13651 1. Create a post titled ""Hello % world"". 2. Add a couple of comments. 3. `comments_popup_link()` will produce the following output: {{{ <a href=""..."">2 Comments <span class=""screen-reader-text""> on Hello 2 world!</span> }}} Note ""Hello 2 world!"" instead of ""Hello % world!"", due to `get_comments_number_text()` treating `%` as a comments number. Reproduced with 4.5.2 and Twenty Sixteen. Technically introduced in [31388]." SergeyBiryukov 5 37115 recent canonical change is giving an infinite 301 redirect loop dev-feedback Canonical 4.4.2 normal normal defect (bug) new 2016-06-16T16:26:39Z 2019-06-04T19:39:05Z "Hello, For 4.5.2 in canonical.php line 175, in prior versions there was an elseif condition which was removed. Can you please add it back? && isset($wp_query->queried_object) && For example, when we have akamai injecting GET parameters to our home page, it just goes in an infinite 301 loop due to line 175 now evaluating TRUE when in the past it would evaluate as FALSE, and we'd like that back. Please and thank you awesome wordpress team!" solomon123br 7 37130 Auto-download language packs when installing manually Upgrade/Install normal normal Future Release enhancement new 2016-06-20T09:08:17Z 2020-09-23T20:45:03Z "Themes and plugins can be downloaded from Rosetta sites (locale.wordpress.org). When they're downloaded, they are only available in English and whatever locale packages a theme/plugin author has decided to ship. They do not include language packs made available from translate.wordpress.org. As a result, if I download a plugin from the German plugin directory and manually install it, even if it's fully translated into German and a language pack is available, I won't see the interface in German. Thus, this ticket. On manual install, we should check for an available language pack and auto-download the language pack." samuelsidler 2 37143 Missing Screen options tab in Add New plugin screen Plugins normal normal enhancement new 2016-06-21T22:29:07Z 2019-06-04T21:00:36Z "Hey It would be great to have Screen Options tab for Add New Plugin screen. With the option to select amount of plugins to view on each page. Having one very long add new plugin screen is preferable then to having 5-6 pages to have to jump through. Adding the Screen Options tab would really help." paaljoachim 1 37145 Admin submenu opens underneeth editor link tool dev-feedback Administration 4.5.2 low minor Future Release defect (bug) assigned 2016-06-22T07:00:54Z 2020-08-05T14:22:04Z "Sub menus of the admin menu opens underneath the editor's link tool. Possibly a z-index problem. [[Image(http://i.imgur.com/7PMPxb6.png)]]" Stoffe1 11 37148 Links in notification emails appearing as https Administration normal normal Awaiting Review defect (bug) new 2016-06-22T08:38:31Z 2017-03-01T14:03:39Z "I have received several notification emails as an Administrator instructing me that Wordpress has been updated to the latest version. However, all of the links contained within all of the emails output the URL as https://, and not whatever is stated within the Wordpress Site URL setting in General. This leads to any link that is visited displaying a 'Connection not secure' message, as there is no SSL certificate for that domain name." leec87 6 37156 Multisite: WP-generated permalink for title-less post does not work (Or: numeric post slug that matches existing post ID number generates 404 error) reporter-feedback Posts, Post Types 4.4.3 normal normal defect (bug) new 2016-06-23T00:51:59Z 2019-06-04T21:00:50Z "On a Multisite installation, a permalink with a post-name structure results in a 404 error when its slug is a number and that number matches an existing post ID number. Example: http://myblog.com/blog/7 where a post (any post) has an ID of 7. When WordPress generates a slug for a title-less post, it forms the slug using the post ID. Since the post ID is (now) in use, the default permalink for the title-less post is broken. It appears ticket #5305 resolved the issue for regular installs by automatically appending -2 to the slug (http://myblog.com/blog/7-2). Can this be done for Multisite? Or better yet, use some other more elegant designation that doesn't imply that this is the second of two posts using 7 for the slug? To replicate: Use a Multisite installation. Set permalinks to Post name structure. Create a post without a title. Note that the generated slug is the ID number of the post. Save and then click on the Permalink slug below the title text field. Arrive at 404 page. In admin, change the slug to include a character. Try again. Arrive at correct page. You can also see the same behavior by choosing any titled post in admin and changing its slug to a number that matches its own or any other existing ID. " raskull 4 37157 Photo galleries are displaying EVERY photo in library (and related issues). Gallery 4.5.2 normal normal defect (bug) new 2016-06-23T03:21:21Z 2019-06-04T19:59:42Z " '''ISSUE 1.)''' * With WordPress Permalinks set to ""Post Name"", any photo gallery that has been added to a page displays EVERY photo in the media library. For example if you've added a gallery of 3 photos, 3 thumbnails are displayed on the page, but entering the gallery will allow you to click ""next"" to view every photo that has been uploaded to the WordPress site. This has been tested in a fresh install of WordPress (version 4.5.3) and with the themes Twenty Thirteen through Twenty Sixteen. In this case WordPress Permalink settings have been set to ""Post Name"". If Permalinks are instead set to ""Plain"" (the default) this does not seem to be a problem. I have not tested out other Permalink settings to see if they work. An internet search brings up two discussions related to this issue which do not appear to have been properly resolved: * https://wordpress.org/support/topic/gallery-showing-all-images-in-media-library?replies=12 * https://wordpress.org/support/topic/gallery-showing-all-images-in-media-library-1?replies=4 '''ISSUE 2.)''' * Single photos added to a page are no longer viewable within a gallery. If you've added a single photo (not a gallery) to a page that also contains a gallery, and if that single photo is also part of the gallery's thumbnail group, it is longer a part of the actually gallery. You can no longer view that image by entering the gallery even though it is shown in the gallery's thumbnails. In this case the single photo is set to ""link to attachment page"". Permalinks are set to ""Post Name"". '''ISSUE 3.)''' * Single photos added to a page have incorrect attachment link by default. In this case Permalinks are set to ""Post Name"". If you add a single photo to a page and leave the default ""link to attachment page"" set, the link is incorrect; it is missing the page name in it's path. If you then go back to edit the page again and look at the details of the photo, you can see that it has changed to ""link to custom URL"" but is still showing the same incorrect link. Changing this back again to ""link to attachment page"" corrects the link by adding the page name to the path. I have not tested this with other Permalink settings. '''ISSUE 4.)''' There seems to be a problem with galleries not displaying all photos when certain other pages are in the ""trash"". For example, after deleting a page titled ""try"" which contained the image ""cake"", another page would not display ""cake"" within a photo gallery. Clicking on the ""cake"" thumbnail in the photo galley opened the attachment page ""try__trashed/cake/"" and would not slide to the next photo. Clicking on any of the other thumbnails in the gallery would work, but would never slide to ""cake"". " webtechmailbag 2 37160 Pingbacks fail on multi-page posts Pings/Trackbacks normal normal defect (bug) new 2016-06-23T18:48:37Z 2019-06-04T21:00:55Z "Repro: 1. Publish a post to pingback in a subsequent post and assure that the site/post will allow pings. 2. Create a second post that has multiple pages with a reference to the post created in step 1 in one of the later pages (sample content below). 3. Publish the second post. Expected: The pingback will register. Actual: The pingback doesn't register. If you repeat steps 2 and 3 but move the link to the post created in 1 to the first page, the pingback works. Here's some sample content to demonstrate the issue: {{{ Page One <!--nextpage--> Page Two <!--nextpage--> Page Three with pingback: http://pleasetest.me/2016/06/23/page-to-ping/ }}} This fails because the pingback code checks the pinging post to confirm that the pung link exists in the content. Since the pung link displays on a subsequent page, it's not displayed on the un-paginated permalink. Thus when the pingback code fetches the pinging link, it doesn't find a link to itself in the content and it discards the pingback. But this is a valid use case and not an instance of spoofing (which I take it is what this check is designed to prevent). I'm not sure if there's some parameter we could append to the url when we fetch to validate the link in context that might skip the pagination. If so, that might be the simplest fix. I suppose another fix might be to look for `verifying pingback` in the user agent (which is included in this validation request's UA) and skip pagination if found. That feels kind of brittle, though." dllh 37162 wp_style_add_data and wp_script_add_data should accept SRI information Script Loader 4.5.3 normal normal Awaiting Review enhancement new 2016-06-24T01:34:38Z 2018-11-14T15:27:09Z "Subresource Integrity Hashes (SRI) is now recommended for many CDN sourced CSS and JavaScript as provided for in http://www.w3.org/TR/SRI/ . WordPress does not allow SRI code (or anything other than a set list) to be added via wp_*_add_data. The same applies to javascript loading in addition to stylesheet loading. wp_*_add_data should support these tags instead of currently silently ignoring them. The two tag keys are crossorigin and integrity. Example of recommended link tags that should be generated: {{{ <link rel=""stylesheet"" href=""https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/css/bootstrap.min.css"" integrity=""sha384 -y3tfxAZXuh4HwSYylfB+J125MxIs6mR5FOHamPBG064zB+AFeWH94NdvaCBm8qnd"" crossorigin=""anonymous""> <link href=""https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css"" rel=""stylesheet"" integrity=""sha384-T 8Gy5hrqNKT+hzMclPo118YTQO6cYprQmhrYwIiQ/3axmI1hQomh7Ud2hPOy8SP1"" crossorigin=""anonymous""> }}} Expected (currently non-working usage) {{{ wp_enqueue_style('bootstrap', ""https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/css/bootstrap.min.css"", array(), null, 'all'); wp_style_add_data('bootstrap', 'crossorigin', 'anonymous'); wp_style_add_data('bootstrap', 'integrity', 'sha384-y3tfxAZXuh4HwSYylfB+J125MxIs6mR5FOHamPBG064zB+AFeWH94NdvaCBm8qnd'); }}} " michaelkrieger 2 37178 Add $cache_only parameter to get_option needs-unit-tests Options, Meta APIs normal normal Awaiting Review enhancement new 2016-06-26T11:21:08Z 2023-04-24T13:03:34Z "When you do `get_option()` and the option doesn't exist in the option cache, WordPress does a query to check whether that option exists and loads it. This is great as default behavior, but when you ''know'' that an option would have been autoloaded, you might not want that to happen. I propose adding a parameter `$cache_only`, which defaults to false, which, when set to true, returns false when there is no option set in the cache. The ""workaround"" currently would be to set an empty option, but that means adding unnecessary data to the database." joostdevalk 5 37181 Use metadata api in *_network_options spacedmonkey Networks and Sites 4.4 normal normal Future Release enhancement reopened 2016-06-26T12:44:04Z 2022-12-07T16:46:35Z "The network (site) options are stored in the database as sitemeta. The table is formatted as a meta table. However the CRUD of this data in get_network_option, update_network_option, add_network_option and delete_network_option doesn't use the metadata api. Using the metadata api has many advantages, such as filters and a more consistent caching api. " spacedmonkey 70 37183 Nested shortcodes in new-style [caption] dev-feedback Shortcodes 3.4 normal normal defect (bug) new 2016-06-26T13:05:25Z 2021-05-08T23:34:46Z "Splitting this of from #24990 after discussions on WCEU contributor day: Having something like `[caption][shortcode]<a href=""""><img></a>[/shortcode] Caption Text[/caption]` does not work. The opening shortcode get's thrown out completely because `caption` only begins to parse at `<a ...`. The problem lies in the regex line {{{ if ( preg_match( '#((?:<a [^>]+>\s*)?<img [^>]+>(?:\s*</a>)?)(.*)#is', $content, $matches ) ) { }}} that throws out any shortcode enclosing the image and/or link tag in the `$content`. Currently, the only workaround is to replace {{{wp_caption}}} and {{{caption}}} entirely, like this: {{{ function media_credit_caption_shortcode($attr, $content = null) { // New-style shortcode with the caption inside the shortcode with the link and image tags. if ( ! isset( $attr['caption'] ) ) { if ( preg_match( '#((?:\[media-credit[^\]]+\]\s*)(?:<a [^>]+>\s*)?<img [^>]+>(?:\s*</a>)?(?:\s*\[/media-credit\])?)(.*)#is', $content, $matches ) ) { $content = $matches[1]; $attr['caption'] = trim( $matches[2] ); } } return img_caption_shortcode($attr, $content); } add_shortcode('wp_caption', 'media_credit_caption_shortcode'); add_shortcode('caption', 'media_credit_caption_shortcode'); }}} The regex can't be removed entirely because it converts the new-style caption syntax introduced in WordPress 3.4 to the older one used internally. Following a suggestion from @tychay, I've come with the attached patch filtering the `$matches` instead of the regex itself. The proposed filter would also enable new-style captions for media elements other than `<img>` (which currently are only supported if you use the old-style attribute syntax). The default behavior is not changed, though. Currently existing unit tests are not affected." pputzer 3 37185 "wp_print_styles() doesn't call ""wp_print_styles"" action when ""$handles"" argument passed" needs-unit-tests Script Loader 3.3.1 normal normal defect (bug) assigned 2016-06-26T13:53:32Z 2019-06-04T21:24:27Z "In {{{wp_print_styles()}}}, there is ""wp_print_styles"" action calls when function is used with optional ""$handles"" argument. {{{if ()}}} statement should be deleted ( like {{{wp_print_scripts()}}} ). Unit tests are passed." evgenniy 5 37190 Split out function declarations and code executions. reporter-feedback Build/Test Tools normal normal Awaiting Review enhancement new 2016-06-26T14:59:16Z 2020-09-14T19:03:30Z Quite a few php files in the root directory contain function definitions and code executions. This makes it impossible to unit-test those functions. Should we move those function definitions to `includes/<file-name>.php` and then include them at the top of the root file? stephenharris 2 37200 Add wrappers with IDs to user-edit.php Users 4.6 normal normal enhancement new 2016-06-27T17:51:33Z 2019-06-05T06:44:27Z "The HTML markup of the user edit screen has been missing some classes and IDs that would make it easier to hide different sections. An earlier patch #29348 introduced ids for the `<tr>` elements but there is still more to do. The different sections have all `<h2>` headings and `<table class=""form-table"">` tables. It's hard to select these sections with CSS or JS because there is no identifiers. To take the initiative from #29348 to a bit further, I would add wrapper `<div>` elements to these sections. I used following naming: Section title: `Additional Capabilities` Section wrapper id: `user-additional-capabilities-section` This way, the naming is simalar to the `<tr>` wrappers (like ""user-capabilities-wrap"") but has it's own logic that separates these two. This patch makes it easy to hide the title of a section or hide the whole table of chosen section." TeemuSuoranta 37202 the_archive_title() doesn't output the author's display name if that author hasn't posted has-patch Users 4.5.3 normal normal defect (bug) new 2016-06-27T18:25:38Z 2021-11-19T18:10:30Z "In my archive.php template, if I do this: {{{ get_header(); the_archive_title( '<h1>', '</h1>' ); // Rest of code... }}} and then take a look at example.com/author/joebloggs, I expect to see: = Author: Joe Bloggs = The problem is if joebloggs hasn't posted yet, I see this: = Author: =" henry.wright 2 37206 Unit test functions for functions.php's xmlrpc_removepostdata function has-patch XML-RPC 4.6 low minor Future Release enhancement reviewing 2016-06-28T00:56:34Z 2020-02-21T17:56:03Z Wrote some unit tests that covers functions.php's xmlrpc_removepostdata function. tloureiro 1 37207 Multiple unit tests for add_rewrite_endpoint lose custom endpoints Build/Test Tools 4.5.3 normal normal Future Release defect (bug) new 2016-06-28T02:47:28Z 2019-02-25T01:46:38Z "When registering multiple endpoints through `add_rewrite_endpoint()`, tests for the existence of each endpoint in `$GLOBALS['wp']->public_query_vars` fails. I have attached a simple plugin that illustrates the problem. Steps to reproduce: 1. Download the plugin. 2. Run `phpunit` inside of it. 3. Test #1 succeeds while test #2 fails. The relevant excerpts from the plugin are included below. Endpoint registration: {{{ add_action( 'init', function() { add_rewrite_endpoint( 'custom-endpoint', EP_ROOT ); add_rewrite_endpoint( 'custom-endpoint-2', EP_ROOT ); }); }}} Tests: {{{ class TestRewriteEndpoint extends WP_UnitTestCase { public function setUp() { parent::setUp(); $this->set_permalink_structure( '/%year%/%monthnum%/%day%/%postname%/' ); $this->qvs = $GLOBALS['wp']->public_query_vars; // print_r( $this->qvs ); } public function tearDown() { $GLOBALS['wp']->public_query_vars = $this->qvs; parent::tearDown(); } public function test_is_custom_endpoint_added() { $this->assertContains( 'custom-endpoint', $GLOBALS['wp']->public_query_vars ); } public function test_is_custom_endpoint_2_added() { $this->assertContains( 'custom-endpoint-2', $GLOBALS['wp']->public_query_vars ); } } }}} This may possibly be related to #34346, though in this case I am not using `go_to()`." ericdaams 5 37219 Admin menu with admin_url function has-patch Administration normal normal enhancement new 2016-06-29T06:13:05Z 2019-06-04T19:39:25Z I think that options in menu should have admin_url function. For example I want add custom param (?lang=de). I can use admin_url filter but this not work in menu items sebastian.pisula 6 37228 Consider to rethink and improve the list tables pagination links Administration normal normal Future Release enhancement new 2016-06-29T14:04:15Z 2019-04-19T20:13:48Z "Splitting this out from #33962. See also #32558. Quickly discussed at WCEU 2016 Vienna's Contributor Day with @karmatosed and @hugobaeta and noticed the pagination links offer room for design improvements. Looks like there are no apparent reasons (other than historical ones) why the top and bottom pagination links should differ and maybe the editable input field should be displayed only when there are more than 3 pages. As @helen pointed out, also the interactions could benefit from some rethink. This would probably be a very nice ticket for designers willing to contribute :) Current state on 4.6 trunk: [[Image(https://cldup.com/jPRxp_462C.png)]] with longer translated strings: [[Image(https://cldup.com/lkdtPkEn0P.png)]]" afercia 2 37238 Right-aligned captions with embedded iframes get removed in Visual mode Shortcodes 4.5.3 normal normal defect (bug) new 2016-06-29T20:43:13Z 2019-04-19T21:12:30Z "This has affected a client site a couple of times now so I thought I'd better share it and see if this is a bug or if there is something we are doing fundamentally wrong. If you are working in Text mode and you end up creating a caption, right-aligning it and embedding an iframe within the caption shortcode, as follows... {{{ [caption width=""350"" class=""alignright"" caption=""Ria Ritchie's latest video on YouTube""]<iframe width=""350"" height=""197"" class=""alignright"" src=""https://www.youtube.com/embed/_W9f5onA6nc?rel=0&showinfo=0"" frameborder=""0"" allowfullscreen></iframe>[/caption] }}} ...if anyone comes along in Visual mode they can see the embedded iframe right-aligned and with the caption below it. If they make a change to any part of the post and hit 'Update', the caption and iframe get removed, but the caption text remains (without any surrounding markup)." ChrisBAshton 1 37249 Missing url escapes and 'author' link relation in wp_list_authors() has-patch General normal normal Awaiting Review defect (bug) new 2016-07-01T12:34:23Z 2019-04-20T10:11:59Z " Since WordPress 4.4 the function {{{get_the_author_posts_link()}}} is available: https://github.com/WordPress/WordPress/blob/4.4-branch/wp-includes/author-template.php#L236-268 It was introduced in #30355. It escapes the {{{get_author_posts_url()}}} as expected and uses {{{rel=""author""}}} for the author link. This is not the case with {{{wp_list_authors()}}} were e.g. both {{{get_author_posts_url()}}} and {{{get_author_feed_link()}}} are un-escaped. ps: My first thought was to have two separate tickets for the escape + relation, but I decided to combine it here as it corresponds to the same code. It would have been handy to use {{{get_author_posts_url()}}} within {{{wp_list_authors()}}} but there's a slight difference there. If we had e.g. the input parameters {{{get_author_posts_url( $author, $name )}}} then such a replacement could work ;-) " birgire 2 37251 Not return 404 on front-page with option page and url `/page/2` Query 4.5.3 normal normal Awaiting Review defect (bug) new 2016-07-01T15:31:11Z 2023-05-28T15:33:44Z "If i setup page on front-page(Go `Settings`->`Reading`->`Set show on front static page and choose own page`->`Save`). Then go to front page on my site (example http://my-domain/) i see page, which setted before. But if i try open `http://my-domain/page/2`, `http://my-domain/page/3` and etc, i get always front-page, except i am wait 404 error. After debug i found solution (line 1777 in `query.php`): {{{#!php <?php if ( $this->is_home && 'page' == get_option('show_on_front') && get_option('page_on_front') && !$this->is_paged) { $_query = wp_parse_args($this->query); // pagename can be set and empty depending on matched rewrite rules. Ignore an empty pagename. if ( isset($_query['pagename']) && '' == $_query['pagename'] ) unset($_query['pagename']); unset( $_query['embed'] ); if ( empty($_query) || !array_diff( array_keys($_query), array('preview', 'page', 'paged', 'cpage') ) ) { $this->is_page = true; $this->is_home = false; $qv['page_id'] = get_option('page_on_front'); // Correct <!--nextpage--> for page_on_front if ( !empty($qv['paged']) ) { $qv['page'] = $qv['paged']; unset($qv['paged']); } } } }}} Add `&& !$this->is_paged` check." sheo13666q 7 37253 "Add several missing ""_deprecated_function()"" calls" has-patch General low normal Future Release defect (bug) new 2016-07-02T07:21:54Z 2019-04-19T20:51:49Z "I found 13 deprecated functions that don't use `_deprecated_function()`. We have to use the deprecated functions call to trigger an error when `WP_DEBUG` is `true`. It helps developers to catch and fix their code. See the attached patch." ramiy 4 37255 Update attachment functions to accept a post object in addition to ID johnbillion* close Media 4.6 normal normal Future Release enhancement accepted 2016-07-02T09:26:02Z 2023-04-26T21:37:20Z "Some WordPress functions accept the $post object as parameter instead only the $post_id. Since most of the time we write our code within the loop or we use the $post object, could be an improvement to standardize the functions that require a post id even support the $post object? For the wp_get_attachment_caption for example, could be like this: {{{ /** * Retrieves the caption for an attachment. * * @since 4.6.0 * * @param int|WP_Post|null $post Optional. Post ID or post object. Defaults to global $post. * @return string|false False on failure. Attachment caption on success. */ function wp_get_attachment_caption( $post = null ) { if ( ! $post instanceof WP_Post ) { if ( ! $post = get_post( $post ) ) { return false; } } if ( 'attachment' !== $post->post_type ) { return false; } $caption = $post->post_excerpt; /** * Filters the attachment caption. * * @since 4.6.0 * * @param string $caption Caption for the given attachment. * @param WP_Post $post Attachment object. */ return apply_filters( 'wp_get_attachment_caption', $caption, $post ); } }}} The get_the_post_thumbnail_caption that use the wp_get_attachment_caption accept the $post object. Also, instead of passing the $post->ID to the wp_get_attachment_caption, use the $post object, so we can work directly with the object instead of calling again the get_post function to retrieve it." wido 49 37261 Consider removing the `$start` argument from `WP_UnitTest_Generator_Sequence` Build/Test Tools 4.4 normal normal Awaiting Review enhancement new 2016-07-03T12:46:17Z 2019-02-25T01:46:45Z "As a follow up to [35244] and [37299], I wonder whether the `$start` argument in `WP_UnitTest_Generator_Sequence` still makes sense. Currently the class handles two things: - Global increments (via the static incrementor variable). - Local increments (via the `$start` argument). So I'd propose to remove the `$start` argument. A different, simpler class could be used for local increments instead." Frank Klein 37264 Please do not chmod 666 the wp-config.php file on installation. has-patch Security 1.0 normal normal Awaiting Review defect (bug) new 2016-07-03T22:27:47Z 2019-03-22T13:20:31Z "On installation, WordPress invariantly does a {{{chmod 666}}} of the {{{wp-config.php}}} file: https://github.com/WordPress/WordPress/blob/4.5.3/wp-admin/setup-config.php#L393 This file is very sensitive; it contains the database password and authentication keys, among other things. 666 grants read, write, and execute permissions to every single user on the system. Even read permissions are too much; not only can you dump the database, but you can easily escalate to code execution via template changes (which are stored in the database and {{{eval}}}'d). There are virtually no situations where 666 is the appropriate level of permission for this file. It should be something like 600 instead. * On shared web hosts, other users may be able to read (or even edit!) the file, depending on what isolation the host provides. Most large shared hosting providers do it by making the home directory ~600 so that only the user can traverse it, then run the webserver as that user (and so there's no point making it 666 anyway, it might as well be 600). Other shared web hosts use suexec or suphp to achieve the same, but in these setups, 666 is incredibly dangerous and allows others to modify it (and it should be 600). * Even on dedicated hosts with no other users or websites, these permissions mean that pretty much any compromise on the system can be elevated to full control of your site. And 600 will still work here. If there is too much concern about this not working across diverse hosting environments, then the installer could incrementally try wider permissions until the file can be read by the PHP code (I would still argue it should never silently make files world-writable, or even world-readable, though). Please consider changing the default to 600." chriskuehl 9 37274 Facilitate updating/extending Customizer setting values that are objects Customize 3.4 normal normal Future Release enhancement new 2016-07-04T20:22:46Z 2019-04-19T21:04:47Z "There is bit of a dance to work with setting values that are objects. Consider a `mailing_address` setting that represents a street address: {{{#!json { ""street"": ""123 Fictional St."", ""city"": ""Portland"", ""state"": ""OR"", ""zip"": ""97201"" } }}} Getting the value is as simple as `wp.customize( 'mailing_address' ).get()`, but updating the value is not so simple. To change the `street` part of this setting, the following is required: {{{#!js var value = wp.customize( 'mailing_address' ).get(); value = _.clone( value ); value.street = '123 Imaginary Ave'; wp.customize( 'mailing_address' ).set( value ); }}} The clone is required because objects are passed by reference, and if the `value` were to set directly, the subsequent `set` would not trigger a `change` event. Widgets and nav menus use objects as values in Core. Widgets aren't manipulated directly in JS (until #33507) but nav menus and nav menu items are. Here's the code for managing how a nav menu's name gets changed when the nav menu's name field is updated: {{{#!js control.nameElement.bind(function( value ) { var settingValue = control.setting(); if ( settingValue && settingValue.name !== value ) { settingValue = _.clone( settingValue ); settingValue.name = value; control.setting.set( settingValue ); } }); }}} To make it easier to work with setting values as objects, we could introduce a `wp.customize.Value#setExtend` method that allows an object value to be extended in the same way that `setState` works in React, take an object of key/value pairs that are merged on top of the existing value. Here is an example implementation: {{{#!js wp.customize.Value.prototype.setExtend = function( props ) { var value = _.clone( this.get() ); _.extend( value, props ); this.set( value ); }; }}} With this, to update the `mailing_address` setting value property in the above example could be changed to simply: {{{#!js wp.customize( 'mailing_address' ).setExtend( { street: '123 Imaginary Ave' } ) }}} See #26061. Related #37275." westonruter 2 37275 Facilitate creating controls that manipulate settings with object values Customize 3.4 low normal Future Release enhancement new 2016-07-04T20:39:26Z 2019-04-19T21:05:06Z "While #37274 addresses the difficulty to manipulate updating settings that have object values, the Customizer JS API also does not facilitate creating controls that have fields which manage a setting that has a object value. The `MenuNameControl` provides a good example of a control that has a text field for managing a nav menu setting's `name` property: {{{#!js control.nameElement = new api.Element( control.container.find( '.menu-name-field' ) ); control.nameElement.bind(function( value ) { var settingValue = control.setting(); if ( settingValue && settingValue.name !== value ) { settingValue = _.clone( settingValue ); settingValue.name = value; control.setting.set( settingValue ); } }); control.setting.bind(function( object ) { control.nameElement.set( object.name ); }); }}} This works but it is tedious when scaling and makes it difficult to extend, as can be seen in the `MenuItemControl`. There should be a more declarative way to link a field to ''a property'' of a setting value object. One implementation of this can be seen in the [https://github.com/xwp/wp-customize-posts/blob/0.6.1/js/customize-dynamic-control.js Dynamic control] as seen in the Customize Posts plugin. While Core supports a `data-customize-setting-link` attribute in a control template to declaratively link an input field to a setting value, the Dynamic control Dynamic adds support for a `data-customize-setting-property-link` attribute which will link the input field to the a ''property'' of the (default) setting. This eliminates the need for custom JS logic to link the input elements. See an example control which has fields which manipulate a setting value containing a street address: https://github.com/xwp/standalone-customizer-controls/blob/master/class-customize-address-control.php This will facilitate extending nav menu items in the Customizer: #18584." westonruter 3 37280 Remove boldness from update notices Presskopp has-patch General normal normal Future Release enhancement assigned 2016-07-04T22:08:13Z 2021-11-14T10:49:16Z "Previously: https://wordpress.slack.com/archives/design/p1466093104000007 The notices are currently inconsistent, some are bold, some are not, and some use bold only to highlight words. OH: ''Bold text is just wasted bandwidth.''" ocean90 14 37281 Allow non-error notifications to be set for Customizer settings from PHP Customize normal normal Future Release enhancement new 2016-07-04T22:46:29Z 2019-04-19T21:05:35Z "An API adding notifications to Customizer settings was added in #34893. In JS a notification can be added of type `error`, `warning`, `info`, and custom. In PHP, however, only `error` notifications can be added to a setting, and this is done by returning `WP_Error` from a validation routing (or sanitization routine). It may be useful to allow other kinds of notifications to be added via PHP as well. This would likely require adding a `WP_Customize_Setting::$notifications` collection with a `WP_Customize_Setting::add_notification()` and `WP_Customize_Setting::remove_notification()` to provide a similar API in PHP for the general notifications API in JS. It seems clear that non-error notifications shouldn't be added by returning `WP_Error` instances from validation routines, but that the notifications could be added inside of such routines, for example: {{{#!php <?php class My_Setting extends WP_Customize_Setting { function validate( $value ) { $validity = parent::validate( $value ); if ( strlen( $value ) > 20 ) { $this->add_notification( array( 'type' => 'warning', 'code' => 'long_value', 'message' => __( 'This is a long value!' ), ) ); } } } }}} The non-error notifications could be sent back as part of full refresh and selective refresh responses in a similar way that error notifications are sent back and updated into the JS models." westonruter 2 37284 Add indication for required next to Confirm Password has-patch Users 4.6 normal normal Awaiting Review enhancement new 2016-07-05T10:12:50Z 2017-05-04T16:35:52Z "In new user and edit user screens, if you choose to manually add a password and this password is not strong enough, a ""Confirm Password"" checkbox appears. ""Add New User"" or ""Update Profile"" (depending on which of the 2 screens you currently are) button is disabled, until you check this ""Confirm Password"" checkbox. But, as there is no indication that you have to check this checkbox in order the submit button to be enabled, I suggest to add a ""(required)"" indication next to it, so the user knows what is missing to enable the button. I attach a screen on how I suggest the screen to look like. I also attach a patch that adds this indication in both add and edit user screens." kouratoras 37287 wp_print_admin_notice_templates() does not use _n*() for plural forms swissspidy I18N 4.6 normal normal 6.6 defect (bug) assigned 2016-07-05T12:23:24Z 2024-02-28T14:25:48Z "Function wp_print_admin_notice_templates() (https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/update.php#L615) does not properly use _n() and related functions for plural forms of its strings. It just makes a simple if (count ===1) check and uses two different strings - one for singular, one for plural form. This presents a problem when translating into languages that have more than one plural form, or more complicated rules for singular form usage. For example, in Lithuanian we also use singular form for 21, 1241 and any other number that ends with 1 (except for 11). And we have two plural forms - one for numbers ending with a zero, another for everything else. In current situation we can not have a proper translation here. " ideag 16 37296 Bulk edit category labels are slightly misleading has-patch Quick/Bulk Edit normal normal enhancement new 2016-07-06T19:51:46Z 2019-06-04T21:24:45Z "Related to this ticket #35548, the bulk edit taxonomy tool labels can be a little misleading, as the feature does not allow for bulk editing, but rather bulk assignment. This patch simply prepends ""Assign"" to the labels to make it more clear.." wpnook 4 37297 Deprecate get_blogaddress_by_id function spacedmonkey Networks and Sites 3.0 normal normal Future Release enhancement reviewing 2016-07-06T21:06:18Z 2023-03-06T14:30:02Z The get_blogaddress_by_id function is pretty old and should be replaced with get_home_url, as this is filtered. spacedmonkey 10 37301 A way to test plugin/theme installs and updates before applying dev-feedback Plugins 4.4.3 normal normal Awaiting Review feature request new 2016-07-07T09:13:20Z 2020-04-15T20:41:18Z "The # 1 reason for WordPress sites going completely down or becoming partially broken is the bad install or an update of a plugin or a theme. The worst case scenario being a complete white screen of death from which the only way to recover is to manually remove the culprit plugin files, which unfortunately requires remote access to the server filesystem. The current plugin upgrader checks if the upgrade causes errors and can in some cases recover from the most obvious cases syntax errors in the critical plugin code. This however fails to mitigate the slightly more subtle issues like incompatibilities between plugins/themes and javascript errors that may still completely wreck the site. Furthermore, the more seasoned WordPress users are known to avoid updating plugins and themes on their site due to the volatility of running an update in production. This of course leaves their sites vulnerable to possible security issues. The best practice of running staging environments to test plugins before updating requires a significant amount of technical knowledge and labour, and is not widely practiced among regular users. I suggest we give the option for users to test plugin / theme installs and updates prior to applying them. This requires a sort of sandbox environment for the user where they can freely install and test plugins without worrying about breaking anything. I've created an example implementation of these plugin update sandboxes in (slightly hacky) plugin form. The plugin adds a ""test update"" button to the update.php admin screen, which creates a sandbox where the user can test the updated plugin without affecting the live site. Both the plugin directory and the database are separated from the live ones. https://github.com/anttiviljami/wp-safe-updates Screenshots: The ""test update"" button in update.php [[Image(https://github.com/anttiviljami/wp-safe-updates/raw/master/assets/screenshot-1.png)]] Updating the plugin in an alternate heap (sandbox) [[Image(https://github.com/anttiviljami/wp-safe-updates/raw/master/assets/screenshot-2.png)]] Testing the plugin inside the sandbox [[Image(https://github.com/anttiviljami/wp-safe-updates/raw/master/assets/screenshot-3.png)]] -- I would love more discussion about this. I feel the safety of theme / plugin updates is definitely among the most important issues to solve for the future of WordPress security. Love, @anttiviljami" Zuige 16 37307 Indicate non-GPL plugins and themes for users General 4.4.3 normal normal Awaiting Review enhancement new 2016-07-07T14:57:55Z 2017-05-03T10:41:46Z "There are a lot of WordPress plugins in circulation that ship with a non-GPL compatible license. The wordpress.org plugin repository, of course, only contains plugins that ship with the GPL license, and we are all well aware that all WordPress plugins are considered derivatives and should thusly be licensed under the GPL. This does not remove the fact that not everyone agrees with this, and still vendors insist on shipping with proprietary software licenses. For the regular WordPress user installing plugins from outside of the wordpress.org plugin repository, there is practically no way to differentiate a plugin that ships with the GPL license, and a plugin vendor that chooses to ship with a proprietary license. The readme.txt already always contains the license field, but currently the licenses aren't shown anywhere in the plugins.php UI. I propose we add a license indicator in the plugins.php UI. This would help the user make better choices by choosing to use plugins that ship with a free software license. It would also be useful to somehow also explain (e.g. in a tooltip perhaps) what it means that a plugin author has decided to ship their plugin with a non-GPL license. I would love discussion on how the license field could be indicated in plugins.php. Ideas: - Part of the Shiny Updates feature? - Should clearly indicate when a plugin is NOT using a GPL compatible license - Colour coding different licenses - A tooltip that would explain the use of GPL vs. proprietary licenses Related: #29820" Zuige 4 37310 To get Term Metadata in $term->meta_key Taxonomy normal normal Future Release enhancement new 2016-07-07T16:13:41Z 2020-01-07T22:15:29Z "Like postmeta and usermeta, I'd like to get Term Metadata as a property of a term object. Would you confirm the attached patch file? Thank you." minkapi 3 37311 Site icon thumbnails are lost if wp_generate_attachment_metadata called again later Media 4.5 normal normal Awaiting Review defect (bug) reopened 2016-07-07T22:36:48Z 2021-04-14T16:36:05Z "If image sizes are regenerated with the Regenerate Thumbnails plugin, the custom Site Icon sizes (and possibly other images in the customiser?) are lost. The question is whether this is something that needs changing in the plugin, or whether the logic for how these sizes work should change in core. (Virtually all core documentation tells people to use this plugin when changing image sizes, so it should be fixed in one of the other). I'm of the opinion it should be changed in core, where custom sizes like the ones created by Site Icons should be somehow marked as special sizes, with wp_generate_attachment_metadata checking for any existing custom sizes and including them in the output." smerriman 8 37330 Attachment pages do not always provide a link to the original article. Media 4.5.3 normal normal enhancement new 2016-07-11T21:56:27Z 2019-06-04T20:26:17Z "I wasn't sure where to post this issue, as it seems to be a limitation in the WordPress code itself rather than a bug. But perhaps someone knows what's going on? Individual attachment pages (which are created when inserting an image or gallery on a page or post) sometimes provide a link to the main article, BUT NOT ALWAYS. This is noticeable in themes which take advantage of this capability, such as Twenty Thirteen and Twenty Fourteen, (for other themes that don't include a link back to the original article anyway this doesn't matter.) For example, in Twenty Thirteen's image.php the following code checks to see if the article URL is available. If it is, the attachment page displays a ""published in"" link, but if not it just displays the date: {{{ <div class=""entry-meta""> <?php $published_text = __( '<span class=""attachment-meta"">Published on <time class=""entry-date"" datetime=""%1$s"">%2$s</time> in <a href=""%3$s"" title=""Return to %4$s"" rel=""gallery"">%5$s</a></span>', 'twentythirteen' ); if ( empty( $post_title ) || 0 == $post->post_parent ) $published_text = '<span class=""attachment-meta""><time class=""entry-date"" datetime=""%1$s"">%2$s</time></span>'; }}} Obviously, WordPress expects that the article URL will not always be known, and this is observable. Some attachment pages link back to the article and some do not. But why is this? It seems kind of random- I can't figure out which scenarios generate an attachment page without the link? And in any case, why should WordPress not be able to figure out the article URL and always make it available for themes to use? " webtechmailbag 2 37332 Enhancement: Add a wrong password message on password protected posts has-patch Posts, Post Types 4.5.3 normal normal enhancement new 2016-07-11T22:15:07Z 2024-02-15T14:11:33Z "If a post is password protected, the user is shown a form where they can enter a password to gain access. If a wrong password is given, there's no helpful message shown to the user. The page is simply reloaded. Something like ""Wrong password. Please try again."" would be helpful here." henry.wright 3 37336 Pre-existing page with slug /embed/ does not work as described needs-unit-tests Embeds 4.5 normal normal Awaiting Review defect (bug) new 2016-07-12T02:22:56Z 2020-09-28T09:56:19Z "In #34971, embeds were added to static frontpages, and there was a discussion of how this would affect an existing page with a slug of /embed/. The solution was: - an existing page with slug /embed/ will work as is and disable the pretty embed URL - new pages can't be created with a slug of /embed/. However, this did not work properly. On a site of mine, there is a page with URL /embed/ that was working fine prior to this upgrade. Now: - if you visit /embed/, you are redirected to the homepage. - if you attempt to edit the page, the slug previews as /embed-2/, meaning editing the page content and saving has the unwanted side effect of forcing the URL to change and all links to the page to break without warning. Suggested changes: - fix whatever is incorrectly redirecting the URL - allow a slug of /embed/ to continue to save as-is if it already exists." smerriman 3 37338 add filter in get_data_by Users 4.5.3 normal normal enhancement new 2016-07-12T10:45:06Z 2019-06-05T06:44:40Z "Basically I need to encrypt user_email field in the database, I can enrypt them using following filters: `email_change_email` `pre_user_email` now what i need is to decrypt them when getting retrieved from database, as far as I say in the core, this may be done by applying a new filter in `wp-includes\class-wp-user.php#get_data_by( $field, $value )` method, right before this line `update_user_caches( $user );` (LN:239) for this to work, `$value` needs to be filtered based on `$field` as well (cause this is the value that sits in the query in `Line# 235`, so I think three filters in `Line# 207` switch branches should do the trick. " muhammadn 37344 Side effects on 'nav_menu_item_args' filter when appending to arguments needs-unit-tests Menus 4.4 normal normal Future Release defect (bug) new 2016-07-12T16:25:52Z 2021-10-10T23:08:44Z "The 'nav_menu_item_args' filter allows you to filter the arguments for a single nav menu item which works well when you are '''overwriting''' arguments. When you try to '''append''' an argument the original arguments object is updated. This means that the next menu item passes in the updated object to the 'nav_menu_item_args' filter which leads to unexpected side effects. For demonstration purposes here's how to reproduce the issue. {{{ function format_menu_item_args( $args, $item, $depth ) { $args->before .= rand(0,9); return $args; } add_filter( 'nav_menu_item_args', 'format_menu_item_args', 10, 3); }}} What you should see before every menu item is a random integer between 0-9. What happens instead is the integer from the previous menu item is passed into the next. So by the time the 'nth' menu item is processed you get 'n' integers outputted whereas only one integer per menu item should be outputted. I have added a patch to solve this by casting the $args object to an array early in start_el(). If left as an array this would break code already using the 'nav_menu_item_args' filter as an '''$args object''' is passed into the filter. Also code further down start_el() would need updating to use array rather than object notation. So, to get around this I've casted $args to an object again. This is a new object and so there won't be any issues with referencing the original nav menu args object. Plus, existing code using the 'nav_menu_item_args' filter will still work fine. See attached screenshots for views of a nav menus before and after the patch is applied. ''Note: The default type for $args in start_el() is already specified as an empty array but it's actually an object that's being passed in.''" dgwyer 5 37349 Allow sanitize_meta() to filter the meta_value regardless of meta_key has-patch Options, Meta APIs 4.5.3 normal normal enhancement new 2016-07-12T23:15:49Z 2019-06-04T21:01:23Z "I have created a couple of custom DB tables to handle storing a custom data type, and the meta for that data type. I modeled my meta table off of the WP postmeta/usermeta/etc standards so that I can use get_metadata and update_metadata functions and leverage all of their abilities. Part of the update_metadata function is a call to sanitize_meta which lets you add filters in to sanitize the data in the format of: ""sanitize_{$meta_type}_meta_{$meta_key}"". For the meta that I will be storing, I would like to apply a filter to ALL meta for my $meta_type, in the format of: ""sanitize_{$meta_type}_meta""." mattkeys 37355 remove_settings_section() counterpart to add_settings_section() has-patch Options, Meta APIs 4.6 normal normal enhancement new 2016-07-13T13:52:18Z 2019-06-04T21:01:29Z "The settings API allows for settings sections to be added, but not removed. To remove section you have to do the following {{{#!php <?php global $wp_settings_sections; unset( $wp_settings_sections[$page][$id] ) }}} To avoid accessing globals directly this should be wrapped inside a function." stephenharris 1 37362 @font-face errors with dashicons in Microsoft Edge Script Loader normal normal Awaiting Review defect (bug) new 2016-07-14T12:08:36Z 2017-12-11T23:04:04Z "I encountered the following errors in Microsoft Edge console when enter admin dashboard: CSS3113:@font-face font format not recognized dashicons.eot CSS3120: No fonts available for @font-face rule load-styles.php (0,37) This is the following explanation of error code https://msdn.microsoft.com/query/dev12.query?appId=Dev12IDEF1&l=EN-US&k=k%28VS.WebClient.Help.CSS3113%29#cssCodes " jevuska 4 37372 "missing ""edit permalink button"" below the title" Posts, Post Types 4.5.3 normal normal defect (bug) new 2016-07-14T22:14:25Z 2019-06-04T21:01:40Z "With posts and pages there is an ""edit permalink button"" below the title. Also, permalinks change when the title is changed. For custom posts that does not seem to work in the same way: For the function register_post_type() there is a 'public' argument which is merely a way of defining 4 other arguments in 1. If you set that to false and then set 'show_ui' to true to get the user interface back you get the complete user interface except the ""edit permalink button"" below the title. Also, permalinks do not change when the title is changed. That seems like a bug and not like intended functionality." realblueorange 2 37376 Make it possible for custom post type to have an archive but no single needs-unit-tests Posts, Post Types 4.6 normal normal Awaiting Review feature request new 2016-07-15T17:55:34Z 2021-08-24T05:07:13Z "Very commonly we'll have testimonials, faqs, and such custom post types, which warrant an archive, but don't make sense to have a single. It's possible to have a post type with no archive and a single, but not the other way around. Funnily enough, I find that we far more often could use what isn't available versus what is. There are workarounds. One option is to make it a non-publicly-queryable post type and use a page template or something to display the results. Another option I've seen around is to hook into template_redirect on the single and redirect the user. Chances are there's no links on the front-end, so this really only occurs when users click on the link from edit-post admin-side. Another thing to consider here is SEO plugins and the like which look to the definition of the CPT to build the sitemap. The redirect method ends up putting useless links in the sitemap. The page template method works fine, but obviously means the CPT has to be queried separately. Would there be a downside to adding a sibling `has_single` option? If it's true by default then it's backwards compatible, and the single rewrites simply reflect the option." jason_the_adams 2 37388 Resource hinting: only dns-prefetch resources in HTML footer. Script Loader 4.6 normal normal enhancement new 2016-07-17T11:20:27Z 2019-06-04T21:24:57Z "In #34292 @superpoincare raised some concerns about hinting items in the HTML header, arguing it was of use to hint items in the footer only as the browser will connect to resources enqueued in the HTML header quickly regardless. @swissspidy pointed out ""Even when enqueued in the head of the document, the resource hints will be delivered to the browser much earlier because their higher up in the source and therefore likely in another HTTP packet. Already being able to perform all necessary handshakes only benefits the actual retrieval of the assets later on."" @peterwilsoncc thought there was some validitaty to skipping hinting on items in the HTML header but it's something that can be decided later. Oh, that's me. Related #37387 Milestoning for discussion." peterwilsoncc 2 37391 memory issue action reporter-feedback Menus normal normal defect (bug) new 2016-07-17T22:14:37Z 2019-04-18T20:14:42Z "( i have seen this issue on many sites) the problem is that, while saving any custom-menu, it gives frequently error: `PHP Fatal error: Out of memory (allocated xxxx) .... on `wp-includes/functions.php, line 3350` it is `wp_list_filter` function. in the start of that function, i have included this script: echo '<pre>';print_r(debug_backtrace()); and i have counted how many times `wp_list_filter` executes and how heavy data it processes on each loop.. look this file, i have included only first 5 ""debug_backtrace: results (because after 20nd loop php crashed, because of out of memory): https://drive.google.com/open?id=0Bz7qe_olclTwVXEzeDk2eXdkZVk please help. i cant save menus, i cant do anything like that, it crashed with ""out of memory"". i know that i should increase memory limit, but evidently , WP has issue. " tazotodua 2 37395 Transients should be replaced with options, e.g. plugin delete notification Plugins normal normal defect (bug) new 2016-07-18T12:04:04Z 2019-06-04T21:01:46Z "Transient data is not guaranteed. Even in the shortest possible duration, on a page redirect! In `wp-admin/plugins.php` : {{{ set_transient('plugins_delete_result_' . $user_ID, $delete_result); //Store the result in a cache rather than a URL param due to object type & length wp_redirect( self_admin_url(""plugins.php?deleted=$plugins_to_delete&plugin_status=$status&paged=$page&s=$s"") ); }}} Now a delete notification is not critical, but it would be just as easy to do this with `set/get/delete_option()`, and set a good example for plugin authors. The retrieval step does an immediate delete: {{{ $delete_result = get_transient( 'plugins_delete_result_' . $user_ID ); delete_transient( 'plugins_delete_result_' . $user_ID ); }}} So it looks easy to write a patch substituting `set/get/delete_option()`, modulo multi-site perhaps. I expected to see more of these in the WP codebase related to notifications, but it's mainly other stuff. About half the use of transients in WP is wrong. I'll list them here for future bugs, but I leave this bug for the Plugins component. * GOOD: wp-admin/includes/dashboard.php ( $cache_key, 'plugin_slugs' ) * BAD: wp-admin/includes/template.php ( 'settings_errors' ) * GOOD: wp-admin/includes/theme-install.php ( 'wporg_theme_feature_list' ) * BAD: wp-admin/plugins.php ( see above: 'plugins_delete_result_' . $user_ID ) * ALL GOOD: wp-content/themes/* * PROB. BAD: wp-trunk/wp-cron.php AND wp-includes/cron.php ( 'doing_cron' ). Using it as a file lock is either egregious or just confusing, depending on whether it is doubling as a global store for the same run. Why not use `*_option()` instead? * GOOD: wp-includes/author-template.php ( 'is_multi_author' ) * PROB. BAD: wp-includes/class-feed.php ( $this->name, $this->mod_name ) * PROB. BAD: wp-includes/media.php ( $regeneration_lock ). Bad if it's to protect successive ajax calls, confusing if it's a global store for the same run. * GOOD: wp-includes/ms-functions.php ( 'dirsize_cache' ) * BAD: wp-includes/pluggable.php ( 'random_seed' ) * GOOD: wp-includes/rss.php ( $cache_option ) * BAD: wp-mail.php ( 'mailserver_last_checked' ) You were expecting a Clint Eastwood reference? Should all be easy fixes. " kitchin 1 37409 Broken & illogic conditional check in wp_get_document_title() General 4.5.3 normal normal defect (bug) new 2016-07-19T11:53:24Z 2019-06-04T20:00:19Z " {{{ /* * If we're on the blog page that is not the homepage or * a single post of any post type, use the post title. */ } elseif( is_home() || is_singular() ) { $title = the_title_attribute('echo=0'); }}} should be changed to: {{{ /* * If we're on the blog page that is not the homepage or * a single post of any post type, use the post title. */ } elseif( !is_home() || is_singular() ) { $title = the_title_attribute('echo=0'); }}} For now it does not lead to wrong title because the previous condition is_front_page() is catching this before it throws out a wrong title but it should be fixed before it leads to issues when someone decided to do some changes on wp_get_document_title(). You can reproduce a possible error with commenting the condition is_front_page() in wp_get_document_title(). Than visit a frontpage with multiple blog posts. You will see that the wp_get_document_title() will return than the title of the first blog post and not the site title as expected. " ReneHermi 3 37417 Customize Nav Menus: more visible way to navigate the preview to a menu item object has-patch Customize 4.3 normal normal Future Release enhancement new 2016-07-20T02:22:43Z 2022-05-17T10:31:57Z "Nav menus in the customizer have the benefit of live preview. One of the more hidden aspects of this experience is the ability to view a menu item's object in the preview with the ""original"" link in the menu item options. Unfortunately, being hidden in the item properties dropdown, this feature is little-known. Can we add a link for this to the menu item handle somehow? I've create a preliminary (fully-functional) patch for this, and while I like the UX I think the UI could use work (feels cluttered). This helps to reinforce the connection between menus and content, as well as making it easier to see what an item is linking to when the current menu isn't shown in the preview. It also helps users that may not know that you can navigate links within the preview." celloexpressions 19 37435 Conflicting permalinks with attachment and category of same name Permalinks 4.5.3 normal normal defect (bug) new 2016-07-21T18:58:56Z 2019-06-04T21:01:58Z "On my company site, I created a category called '''Announcements''' and uploaded an image called '''Announcements.png''' Both had permalinks of http://MYDOMAIN/announcements When I tried to navigate to http://MYDOMAIN/announcements I was expecting to see a listing of all the posts in that category, but instead the site was showing the image. I tried with different themes, deactivated all plugins but the issue remained. At the time I didn't realize there was an attachment with the same name as my category. Once I figured that out, I simply changed the attachment name and updated the permalink and everything worked properly. I have a custom permalink structure: '''/%category%/%postname%''' Category Base '''.''' and Tag base of '''keyword'''" Spidergirl1979 1 37441 get_default_post_to_edit() function is broken Posts, Post Types normal normal defect (bug) new 2016-07-22T08:32:09Z 2019-06-04T21:02:04Z "The [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/post.php?rev=38118#L591 get_default_post_to_edit()] function contains the following code (formatted for the sake of better readability) in case a new post should be inserted to the database: {{{#!php <?php $post_id = wp_insert_post( array( 'post_title' => __( 'Auto Draft' ), 'post_type' => $post_type, 'post_status' => 'auto-draft', ) ); $post = get_post( $post_id ); }}} Later in the function, we just ''work'' with the `$post` object. The problem is, there are [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post.php?rev=38125#L2919 se]-[https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post.php?rev=38125#L2966 ve]-[https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post.php?rev=38125#L3038 ral] [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post.php?rev=38125#L3205 rea]-[https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post.php?rev=38125#L3220 sons] under which [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post.php?rev=38125#L2873 wp_insert_post()] returns `0`. In such a case, [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post.php?rev=38125#L451 get_post()], in turn, will return `null`, which is neither a `WP_Post` object nor an `object` at all. Then, [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/post.php?rev=38118#L639 setting a property on this null post] will automatically create a new `stdClass`, resulting in the `$post` object only having the three explicitly set properties `post_content`, `post_title` and `post_excerpt`. If you want to see how this affects WordPress, just put `$post = null;` before [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/post.php?rev=38118#L631 wp-admin/includes/post.php:L631]." tfrommen 37445 Allow to adjust the `$in_admin` property of `WP_Screen` has-patch Administration 3.5 normal normal Awaiting Review enhancement new 2016-07-23T13:57:18Z 2022-07-07T17:32:55Z "The `$in_admin` property of the `WP_Screen` class is impossible to be changed by a developer at the moment, which makes sense in how WordPress uses it. However, I'm currently building a plugin that creates an additional administration panel (like network and user admin) and I would need to adjust the `$in_admin` property to reflect when this panel is active. Otherwise a function like `is_blog_admin()` returns true although we actually aren't in the regular admin panel (since the value of `$in_admin` defaults to 'site'). So I'm proposing to either make the property public so that a developer can override it (for example on the `current_screen` action) or to add a new filter for the property specifically in `WP_Screen::get()`. I would prefer the second approach since having the property being protected makes sense in general. The use-case I have is a very rare one, so I think a very specific filter for it should do." flixos90 7 37454 get_avatar_data() delivers different url for scheme=https and is_ssl() needs-unit-tests Users 4.3 normal normal Awaiting Review defect (bug) new 2016-07-25T08:09:46Z 2017-02-15T07:56:44Z "get_avatar_data() has an option to set the scheme. If https is used, an image URL is returned which is different to the one which is returned in case delivery is conducted via https without the scheme parameter. I think it would be better to serve the same gravatar url for https pages and explicit https-scheme requests. Regarding performance and depending on the infrastructure, it could also be benefical to drop https://%d.gravatar.com completely and serve all requests to gravatar independent of the page's protocol via https://secure.gravatar.com/ to benefit from HTTP/2 (http and https://%d.gravatar.com requests are served via HTTP/1.1 whereas https://secure.gravatar.com/ allows multiplexing via HTTP/2)." neoxx 4 37459 Add additional layer in WP_Http to support parallel requests without requiring use of Requests directly has-patch HTTP API normal normal Future Release enhancement new 2016-07-25T12:46:20Z 2022-07-25T21:01:59Z "Follow-up to #33055. Requests supports parallel requests but we should provide this support through the existing WP_Http API. Some initial work was done by @wonderboymusic in [attachment:ticket:33055:33055.diff]." ocean90 2 37461 Introduce get_the_title_attribute() to wrap the_title_attribute( 'echo=0' ) Themes 4.6 normal normal enhancement new 2016-07-25T17:10:06Z 2019-06-04T21:25:02Z "the_title_attribute( 'echo=0' ) is ugly and annoying given that all the other the_* template tags have corresponding get_* functions. Patch adds get_title_attribute() as a simple wrapper function." sillybean 2 37462 Introduce is_private() conditional has-patch Posts, Post Types normal normal enhancement new 2016-07-25T17:20:10Z 2019-08-07T09:20:38Z Add a quick conditional tag to check whether the post is private. sillybean 2 37463 Abstract Query Class has-patch Query normal normal Awaiting Review enhancement new 2016-07-25T20:50:02Z 2023-04-20T13:32:38Z All of the query classes WP_Comment_Query, WP_Network_Query, WP_Site_Query, WP_Term_Query and WP_User_Query are based on WP_Query class. For that reason they have a lot of similar methods and variables. As all the classes basically do the same thing, we can use an abstract class, so all related methods and variables are on the abstract class. If all query classes extend this abstract class, we can keep structure and consistency. It would also mean, for example, we could just add filters and actions in the abstract class and these would filter down. spacedmonkey 3 37470 Shiny Updates: Erroneous Plugin Deactivation has-patch Plugins 4.2.4 normal normal Future Release defect (bug) reopened 2016-07-26T15:53:12Z 2017-08-08T21:40:31Z "I recently noticed with a plugin of mine, that if you change the name of the main file in a version update, i.e.: `plugin-name/plugin-name.php` => `plugin-name/different-name.php` the plugin becomes inactive after the update. This was not the case prior to Shiny Updates and is still an issue in trunk. I installed 4.1.x just to be sure. Steps to reproduce: 1. Put plugin on .org repo 2. Install/activate plugin on a site. 3. Change the name of the main file in svn and commit it with a version bump. 4. Update the plugin with Shiny Updates. " voldemortensen 16 37484 Make form in request_filesystem_credentials() in line with WP admin form styling / HTML structure / security Upgrade/Install normal normal Future Release enhancement new 2016-07-27T12:57:10Z 2020-06-29T17:18:41Z "Currently, the `Connection Information` form output by `request_filesystem_credentials()` looks very sad and doesn't reflect the admin form HTML structure and style. This is how it looks: [attachment:""Screen Shot 2016-07-27 at 13.41.52.png""] It would be great if it can be standardised to look like WP admin settings UI, i.e. [attachment:""Screen Shot 2016-07-27 at 13.41.23.png""] While at it, it would be great to secure the form code with escape family functions (esc_attr, esc_html and so on)." dashaluna 7 37486 Make emojis accessible has-patch Emoji 4.2 normal normal Future Release task (blessed) new 2016-07-27T15:01:59Z 2021-01-05T08:08:42Z "Splitting this out from #37432. Currently, the WordPress Emojis are not accessible. The alt text contains the emoji character (vs a HTML encoded entity, or the emoji description) and that's a deliberate implementation choice, see [ticket:37433#comment:3] intended to allow copy and pasting the emojis. We've discussed a bit this issue in the accessibility weekly meeting and agreed there's room for improvements. At least, starting a discussion about emojis accessibility would be very welcome. Quickly checking how screen readers announce the WordPress emojis, there's no accessible name or description they can use: [[Image(https://cldup.com/oioYLgdQ86.png)]] Note: VoiceOver reads out ""group"" because the image is a `svg` file. Just adding an `aria-label` attribute (I've quickly edited in the browser console) gives screen readers an accessible name to announce: [[Image(https://cldup.com/xP0gzKlsnK.png)]] Comparing with what others do, for example Twitter because they usually have great solutions for accessibility, they use `png` images and both an `aria-label` and a `title` attribute, so VoiceOVer in this example reads out both. I guess the title attribute is used just to show the browser's ""tooltip"" with the emoji name: [[Image(https://cldup.com/MwMY0nHtoQ.png)]] {{{ <img class=""Emoji Emoji--forText"" src=""https://abs.twimg.com/emoji/v2/72x72/1f60e.png"" draggable=""false"" alt="""" title=""Smiling face with sunglasses"" aria-label=""Emoji: Smiling face with sunglasses""> }}} The aria-label solution is mentioned also on a related issue on the twemoji GitHub: https://github.com/twitter/twemoji/issues/41" afercia 19 37489 If Posts have the same datetime, the order of the post is indefinite. has-patch Query normal normal defect (bug) new 2016-07-27T16:52:11Z 2019-06-04T21:02:16Z "Posts has same datetime, the order is different, when logged in or otherwise. " Toro_Unit 37491 Improve Iranian functionality in WordPress johnbillion I18N normal normal Future Release feature request assigned 2016-07-27T18:33:49Z 2020-01-07T20:22:06Z "I'm currently one of [https://wordpress.org/plugins/wp-parsidate/ Parsi Date] core developers. Parsi Date, enables Shamsi calendar, aka Iranian calendar, for WordPress. WordPress is really popular in Iran, many people use it as an accelerator in their own business, so I thought that enabling Iranian calendar, might be a good idea to step the progress of internationalizing WordPress. Can it be enabled in WordPress? Where to start?" iEhsan.ir 5 37505 Filtering pagination when the pagenumber doesn't exist. Canonical 4.5.3 normal normal defect (bug) new 2016-07-29T05:10:50Z 2019-06-04T19:40:25Z "Hello :). `WP_Query::page` or `$GLOBALS['page']` or `get_query_var( 'page' );` will return whatever value is set by the visitor on a non-paginated page or post. On a paginated page/post, it will 301 redirect the visitor to the first page, this is OK. '''An example, on a post or page without pagination:''' The output of the page will be incorrect, specifically on these two parts (both Title and Canonical URL show pagination). URL: `http://example.com/2016/07/29/hello-world/123/` {{{ <title>Hello world! – Page 123 – Example.com ... ... }}} This is a major concern for SEO, as it will output duplicated pages. Abusers could mark otherwise good pages as duplicated by simply linking to a non-existing non-paginated page. '''My suggestion:''' Check against `$GLOBALS['multipage']` (or `$GLOBALS['numpages']`) prior to creating the above output. " Cybr 1 37508 wpdb->result instance should be checked `mysqli_num_fields` in `load_col_info()` needs-unit-tests Database 3.9 normal normal defect (bug) new 2016-07-29T07:33:53Z 2019-06-04T19:40:32Z "In `wpdb::load_col_info()` the function `mysqli_num_fields()` is called passing `$this->result` without any check on this property value. The problem is that function has a type hint to `mysqli_result` (see http://php.net/manual/en/mysqli-result.field-count.php), but `$this->result` may be `false`. Just like in other places in the same class, the function should check that `$this->result instanceof mysqli_result` before calling `mysqli_num_fields()`." giuseppe.mazzapica 2 37516 Site title and tagline: allow ability to hide each independently has-patch Customize normal normal Future Release defect (bug) new 2016-07-29T17:44:11Z 2019-01-25T20:40:03Z By adding the ability for users to turn on or off the site title and tagline individually we would allow more flexibility. Currently it's both or none, this does not allow the flexility that users want over their site. There are valid cases where people do not want either. karmatosed 35 37518 New term.php is showing warning for rearranged columns using manage_{$screen->id}_columns filter Taxonomy 4.5 normal normal defect (bug) new 2016-07-29T19:41:29Z 2019-06-04T21:25:15Z "== Main Issue: == Declared custom column and sorted them using `unset()` for my Custom Taxonomy for CPT: {{{#!php gives wrong results needs-unit-tests Query 4.5.3 normal normal Future Release defect (bug) new 2016-07-31T14:28:49Z 2020-01-07T20:25:04Z "1) is_front_page() is based on the SQL query, so it always gives back false when you try to use it eg at pre_get_posts. If it has no way to figure it out if it's the front page or not, it should return null instead 2) is_front_page() in themes gives the wrong result false back when you set an static page for the front page and then modify the main query on start page to posts or any other custom post type except page. This forces you to make an additionally SQL query instead of using the main query to build a custom front page. Both is because of this: https://core.trac.wordpress.org/browser/tags/4.5.3/src/wp-includes/query.php#L4458 . This does not really make sense to get the front page." TheInfinity 5 37535 Outputting Post Type Description on admin edit screen has-patch Posts, Post Types 4.6 normal normal Future Release enhancement new 2016-08-01T06:14:19Z 2017-10-04T20:54:13Z "When registering a custom post type you can[https://codex.wordpress.org/Function_Reference/register_post_type#description specify the description] as part of the arguments you pass into `register_post_type`. I would expect that somewhere in the back-end of WP this description would be shown, however it isn't. It would be great if we could output the description right below the title of the post type when viewing the entries table (as I've done below) [[Image(https://goo.gl/IwzNmi)]] I've updated `edit.php` inside of `wp-admin` and added the following code after the main H1 tag {{{ description){ echo '

'; echo esc_html( $post_type_object->description); echo '

'; }?> }}} It's a pretty small update but its pretty useful for clients so that know what this admin edit screen is for. I use them for outlining what type of content will be added here. If the content type doesn't have a description nothing is outputted. I can submit a pull request since it's a fairly straightforward change. Cheers Simon " simonrcodrington 14 37537 Hooks To Improve UI & UX when making a plugin that modifies the Edit-Comment Screen Comments 4.5.3 normal normal feature request new 2016-08-01T12:00:27Z 2019-06-04T19:40:48Z "I am in the process of trying to modify the edit-comment form. While there are hooks for adding Meta Boxes here, more hooks for adding inputs and elements to the page would be useful. For example, I am attempting to add a dropdown menu that allows for the comment's author_id to be changed. To me, it makes most sense for this to be available underneath the existing author fields. Ideally, in the same box. At the moment this just isn't possible, " stewarty 1 37549 Add optional parameter to wp_generate_attachment_metadata for image dimensions. joemcgill has-patch Media 4.6 normal normal Awaiting Review enhancement reviewing 2016-08-02T22:00:41Z 2020-01-07T20:05:16Z "My plugin [https://wordpress.org/plugins/scalable-vector-graphics-svg/ Scalable Vector Graphics] received a support request, [https://wordpress.org/support/topic/svg-in-image-gallery-is-not-working?replies=16#post-8710513 SVG in image gallery is not working] -- which caused me to do some digging in core. I realized the reason the Theme wasn't doing what it intended to do is because it is reyling on `wp_get_attachment_metadata()` -- which lead me to realize that SVG files -- although being uploaded and working for the most part, are missing the meta information normally generated for images such as JPG files. The function that does that is `wp_generate_attachment_metadata`. The reason it is not doing that is because `file_is_displayable_image` is returning false, which I can override if I want with the filter -- BUT -- the function also depends on `getimagesize` -- which I cannot navigate around and does not work with SVG files. It would be cool if {{{#!php usecache || $cached_recently ) { }}} should be changed to: {{{#!php usecache && $cached_recently ) { }}}" zabatonni 8 37604 'Password Lost/Changed' emails should give indication of the strength of the new password dev-feedback Security 3.7 normal normal Future Release feature request new 2016-08-08T19:08:40Z 2018-04-09T13:18:35Z "When any user changes their password, the site's owner gets an email that currently just says: ""Password Lost and Changed for user: [username]"" It would help administrators if the email also included WordPress's assessment of the strength of the new one. I don't always agree with that assessment, but it is better than saying nothing. As it is, there's no way to know if the user has just picked an extremely weak password and thanks to the repeated user privilege escalation exploit issues, even low level users with weak passwords can put the whole site at risk." lovingboth 5 37611 Ordering of the Site Language entries I18N 4.0 normal normal Awaiting Review defect (bug) new 2016-08-09T08:48:11Z 2019-04-05T19:08:37Z "The ordering of the language selector in options-general.php is based off the locale, but the visual (and quick-access by typing) entries are using the languages native name. Would it not make more sense to order by the native name here, I don't think I know of any other language selector that isn't alphabetically ordered by the visual element of it?" Clorith 2 37614 WP_PROXY_BYPASS_HOSTS has no effect inside curl transport, if http_proxy or https_proxy is set on the system HTTP API normal normal defect (bug) new 2016-08-09T13:20:22Z 2019-06-04T20:00:40Z "OS: Debian Squeeze PHP Version tested: 5.3.29 Will try to provide results from newer distros later today. -- In case server hosting website has environmental settings for proxy, it's not possible to skip using it even for addresses that should be bypassed. Let's take for example that printenv returns following: {{{ http_proxy=http://proxy.com:8080 https_proxy=http://proxy.com::8080 }}} In this case, if we execute `wp_remote_get` (with domain that should be bypassed via WP_PROXY_BYPASS_HOSTS) it will still use system variable http_proxy in curl transport. I think that wp_remote_get should explicitely set `curl_setopt($handle, CURLOPT_PROXY, null);`, if proxy is disabled inside wordpress or url SHOULD be bypassed." fliespl 5 37616 Replace `is_super_admin()` calls with real capability checks Role/Capability normal normal Future Release task (blessed) reviewing 2016-08-09T18:18:57Z 2017-05-08T17:18:40Z "As discussed in Multisite office hours (https://wordpress.slack.com/archives/core-multisite/p1470762377000454), there are plans to improve capability handling in WordPress, to also support network-wide (and possibly global) capabilities. The current `is_super_admin()` check system is no actual role- and capability-based system which makes it impractical to refine roles and capabilities on this level. While a super admin should have access to all capabilities, we should get rid of all `is_super_admin()` checks that happen outside of `WP_User` and the `map_meta_cap()` function and replace those calls with dedicated capabilities. There might be a few other occurrences where `is_super_admin()` is actually the right choice, but generally it shouldn't be used in other locations anymore. This will open up new possibilities to think about how we can implement a true role- and capability-based system beyond the scope of a site. The hardest part of this ticket will probably be finding names for the new capabilities. The good thing is that we most likely won't need to touch any roles or adjust `map_meta_cap()` since the new capabilities should only be granted to the super admin for now anyway. We should probably create a list of occurrences and think about names for the capabilities (or whether we can use existing capabilities) first." flixos90 66 37624 Strings should not have different translators comments? swissspidy I18N normal normal Future Release enhancement assigned 2016-08-10T15:41:33Z 2024-02-28T16:40:59Z "See for example here: https://translate.wordpress.org/projects/wp/dev/admin/cs/default?filters[status]=either&filters[original_id]=3731&filters[translation_id]=139896 String `Install %s` have 3 different comments, but there should be only one? If special context is not needed (I am not sure, especially for importer), there should be one comment `translators: %s: Importer, plugin or theme name`? Or maybe any general solution for GlotPress to unite these comments and display it better for translators? Or any special tool to automatically check for these differences?" pavelevap 5 37627 Custom Fields Heading shows up when all meta values are serialized arrays/objects has-patch Posts, Post Types normal normal defect (bug) new 2016-08-10T18:38:23Z 2019-06-04T21:02:53Z "`_list_meta_row` skips the meta rows when the value is a serialized array/objects. When all meta values are serialized arrays/objects OR when you only have one meta with the value being serialized array/object the table heading shows up: [[Image(https://cldup.com/sVKAp24YMF.png)]] [[Image(https://cldup.com/0axQNTon98.png)]] There is a check for protected metas before the table rendering wp-admin/includes/meta-boxes.php:631 {{{ $metadata = has_meta($post->ID); foreach ( $metadata as $key => $value ) { if ( is_protected_meta( $metadata[ $key ][ 'meta_key' ], 'post' ) || ! current_user_can( 'edit_post_meta', $post->ID, $metadata[ $key ][ 'meta_key' ] ) ) unset( $metadata[ $key ] ); } list_meta( $metadata ); }}} but it does not take in account meta values, which are skipped later. ''This might be considered an edge case, but it is better to be noted.'' Discovered this when I reported: #37626" implenton 2 37632 Incorrect Image Previews for SVG Media normal normal Awaiting Review defect (bug) new 2016-08-11T01:52:35Z 2021-06-03T15:02:06Z "Hi guys, When using the `upload_mimes` filter to add new mime types for the media uploader, it handles SVG uploads strangely. Here is my code to add SVG support {{{#!php get_var(""Select option_value from wp_options Where option_name='option_name'""); unserialize(Serialized_Fixer($raw_data)); function Serialized_Fixer($serialized_string){ // securities if ( !preg_match('/^[aOs]:/', $serialized_string) ) return $serialized_string; if ( @unserialize($serialized_string) !== false ) return $serialized_string; return preg_replace_callback( '/s\:(\d+)\:\""(.*?)\"";/s', function ($matches){ return 's:'.strlen($matches[2]).':""'.$matches[2].'"";'; }, $serialized_string ) ; } }}} and that worked! this is seriously a bug of WP! please fix it! thanks!" tazotodua 5 37640 Add WPLANG to `.maintenance` Upgrade/Install 4.0 normal normal Awaiting Review enhancement new 2016-08-12T05:37:25Z 2018-07-16T02:18:52Z "Currently, maintenance display is English. This will be WPLANG definition is deprecated in version 4.0 or later, I think that it is due to the fact that now is not the translation information of each language is loaded at the time of the maintenance display. I think the problem can be solved by adding a WPLANG defined in `.maintenance` that is created at the time of maintenance. *Currently(/wp-admin/includes/update-core.php : line936) {{{ $maintenance_string = ''; }}} *Change {{{ $language = get_option( 'WPLANG' ); if ( $language ) { $maintenance_string = ''; } else { $maintenance_string = ''; } }}} Please consider this matter." tmatsuur 3 37641 Support queries on `spam` and `deleted` fields in `WP_User_Query` on multisite has-patch Users 3.1 normal normal Awaiting Review enhancement new 2016-08-12T09:54:11Z 2019-04-25T11:09:00Z The users database table on multisite contains two additional fields `spam` and `deleted` which need to be queried in some cases. For example the function `wp_update_network_user_counts()` makes a direct SQL query at the moment, but that could be improved if `WP_User_Query` supported these fields (only on multisite that is). flixos90 3 37645 Changes made to certain is_*() functions generates PHP Notices when arrays or objects are present has-patch Query 4.5 normal normal Awaiting Review defect (bug) new 2016-08-12T16:12:38Z 2021-07-23T10:35:28Z "The patch added by #35902 can generate PHP Array to string conversion notices if an array is passed that contains sub-arrays or objects that don't implement `__toString()`. The supplied patch applies the `strval` conversion taking those special conditions into account. Functions affected: is_attachment() is_author() is_category() is_tag() is_page() is_single() I came across this using plugin I built which adds custom data, in the form of an array, to the WP_Post object for my templates to use. When `strval` is run (by post_class() calling is_attachment()) it throws notices when it comes across the arrays." Enchiridion 4 37646 Make wp-settings.php a series of do_actions() dev-feedback Bootstrap/Load normal normal Awaiting Review enhancement new 2016-08-12T19:07:44Z 2017-02-23T04:41:29Z "Now that #36819 is in, my master plan for `wp-settings.php` can begin. ---- '''Problem''' `wp-settings.php` makes many assumptions, many on purpose, others by necessity, some on consequence, and a few by accident. It is somewhat poorly named for what it is, and it's a mishmash of globals, function calls, class instantiations, and do_action() calls. ---- '''Solution''' `do_action()` all of the things. Make `wp-settings.php` a series of action calls. One for setting versions, one for initial constants, one for environmental setup, translations, database, plugins, themes, users, template output, and so on... Introduce a file named `wp-includes/default-actions.php` that serves 2 purposes: * Includes a bunch of new functions that wrap up sections of what's already in `wp-settings.php` * Hooks those new functions into the new actions in `wp-settings.php` ---- '''Why do we do this?''' As more robust and sophisticated plugins, themes, APIs, and systems start to use, rely on, and bend WordPress to their will, the need to override more & more pieces becomes apparent. While WordPress comes with a very handy set of default post types, taxonomies, APIs, helpers, wrappers, and tools, it may be desirable to unhook (or never load) certain pieces so that other pieces can take their place. In the past, this is done only with great intent, with strategic actions & filters in places where specific needs are being addressed. This is good in that it's predictable, but bad in that it's impossible for anyone to truly know what action or hook is *best* to perform any given subsequent action. By breaking `wp-settings.php` up into many clearly named `do_action()` calls, it becomes clearly obvious what actions perform what duties, while also introducing literally maximum flexibility in the entire system for new and exciting things to happen around WordPress itself. Imagine something like: {{{ // Load versions do_action( 'wp_settings_load_versions' ); // Load constants do_action( 'wp_settings_load_constants' ); // Load translations do_action( 'wp_settings_load_translations' ); // Load environment do_action( 'wp_settings_load_environment' ); // Load early WordPress settings do_action( 'wp_settings_load_early' ); // Load database do_action( 'wp_settings_load_database' ); // and on, and on... }}} ---- '''Epilogue''' This is a huge idea, easily scoffed at, and introduces code-churn like whoa. It would mean doubling down on WordPress's actions API, trusting it implicitly to load all of WordPress's core pieces & parts. It would open many doors to many unforeseen oddities while developers start dissecting all the ways things are tied together. It would also enable really cool external tools, like REST API drop-ins that can `SHORTINIT` WordPress if auth is missing, or WP CLI commands that can `die()` literally anywhere in the stack after they've done what they need to do. This is something I've wanted in WordPress since 2006 having seen similar in other libraries, and even old BackPress & bbPress gave nods and hints to back in the day. I'm also happy to give this a first patch if it's helpful to see visually the destruction it causes, or guide someone else along my vision for this if someone is willing and able to see it through before I am. <3" johnjamesjacoby 10 37647 FTP Credentials Modal should have a 'button-primary' class on the 'Proceed' button has-patch Administration 4.6 normal normal Future Release enhancement new 2016-08-12T21:31:47Z 2020-01-07T20:11:34Z "When reviewing another ticket's screenshots (#32194), I noticed that the 'Proceed' button in the FTP Credentials modal doesn't have the 'button-primary' class on it. Existing view: [[Image(https://cldup.com/2dIi9fsIrd.png)]] Proposed view with 'button-primary' class [[Image(https://cldup.com/dr8Gu8K_sE.png)]]" mapk 3 37653 "customizer sections with 'active_callback' set to 'is_front_page' don't show when ""Front page displays"" ""a static page"" and no page is selected" needs-unit-tests Customize 3.4 normal normal defect (bug) new 2016-08-13T18:02:08Z 2019-06-04T19:41:19Z "When using a theme with customizer sections set up with the ""active_callback"" feature set to ""is_front_page"", when customizing the theme on a blog which has ""Front page displays a static page"" under ""Reading setting"", these sections to not show up when accessing ""Appearance""->""Customize"". The problem appears to be that when running ""Customize"", the WP_Query object is started with an empty string. When the query is empty, then `is_front_page` looks at the value of `get_option( 'show_on_front')` and if it is set to ""posts"" it checks `is_home` - which resolves to `true` when the query is empty. On the other hand, if `get_option( 'show_on_front')` resolves to ""pages"", `is_front_page` then checks `$this->is_page( get_option( 'page_on_front' ) )` which never resolves to true when starting with an empty query. The problem with `is_page` not responding correctly `get_option( 'show_on_front') == ""pages""` is that `WP_Query::__construct()` will not do anything if `empty($query)` and will not run `WP_Query::query()` - which would in turn run `get_posts()` and then `parse_query` only there does `get_option('show_on_front')` gets resolved and `is_page` is set if needed. Tested on 4.5.1, but the code paths I traced exist without change in trunk. I'm running my tests on a mutli-site set up, so that might also contribute to the issue, but not in anyway I managed to detect." Guss77 13 37656 Improve plugin bootstrapping processes dev-feedback Plugins normal normal Awaiting Review enhancement new 2016-08-14T11:32:28Z 2019-12-13T19:04:03Z "I recently thought about if we could make bootstrapping plugins easier and take away some common tasks that (should) happen in every plugin. It would also be nice to have a general plugin class registry. What I was thinking of is to introduce an abstract class `WP_Plugin` that plugin developers can extend for their plugin's main class. Then they would call a new function `register_plugin( __FILE__, $plugin_class_name )` to register that class with WordPress. We could take some regular processes away from the developer and, by doing that, also make sure that they don't implement it the wrong way. For example, we could take care of plugin installation routines: If the class implements a static method `install()`, the base class `WP_Plugin` would register an activation hook to an internal function that takes care of whether the plugin is activated network-wide. The actual `install()` method would only contain those steps necessary for the setup on the current site (`WP_Plugin` would take care of switching sites as appropriate). Many plugin developers overlook Multisite in their setup routines, causing the plugin to only install on the main site although being network-activated. We could also deal with other tasks, like hooking the `bootstrap()` method of the plugin class in `plugins_loaded` or `muplugins_loaded` (detected by the base class). I think this whole concept could improve the way plugins initialize themselves. It would not be mandatory (since several plugins don't even use classes), but it would become a best practice. This is just an idea that I wanted to throw on Trac to discuss about it. If we get to the point that we agree this is a good idea, we would need to come up with actual details (of which I don't have any yet)." flixos90 15 37662 Category sub-category problem reporter-feedback Taxonomy 4.5.3 normal normal Awaiting Review defect (bug) new 2016-08-15T03:56:06Z 2019-04-30T02:19:49Z "If I have one category and change it to sub-category the behavior is of one category. For exp, in ""all in one seo plugin"" if you put category in title in some categories write the category that is correct I think, but in another write the sub-category. This no is only for the plugin, I don't remember now but also the error can be in the quantity post for categories or the address url post with category and sub-category (in this moment I don't can reproduce it but the plugin is one indication). Another behavior is '''at the end of the post where you show the categories''' of the post, in the post where show correctly the category in title, appear first the category and right side the subcategory. In the wrong behavior, appear first the sub-category and right side the category. One time for change this behavior I create one new category and delete the older with one wrong behavior but I don't remember the problem now, was some months ago and maybe was the url post and now maybe is solved because I no can reproduce it. Check this and try to reproduce the error. This is for change from sub-category to category, or category to subcategory." Guillermo77 2 37665 Font Natively: Google maps can change the active font has-patch General 4.6 normal normal Awaiting Review defect (bug) new 2016-08-15T06:09:47Z 2019-04-18T21:46:27Z "Because of the font stack ordering, Roboto has a high priority. This is also the font used by Google Maps, so adding google maps embeds will change the font in use in the admin when viewing post pages. Reported at https://wordpress.org/support/topic/system-fonts-easily-overridden-by-google-maps-api?replies=3&view=all" Clorith 7 37667 Handle post type support in `WP_Post_Type` has-patch Posts, Post Types 4.6 normal normal Future Release enhancement new 2016-08-15T11:29:21Z 2019-04-18T21:43:17Z "Currently post type features are stored in a global variable `$_wp_post_type_features`. Now that we have `WP_Post_Type`, I think it would make sense to let the class handle this functionality. Post type features are part of a post type, so they should also be part of it in the implementation. This would also allow us to get rid of the global variable we currently use (note that it's private, so it's not intended to be used directly by other developers). There's a single possible caveat I would see with this implementation: That would be if post type support is added before the post type is even registered. However, I would think we might be able to change this (with a dev note) since it should be best practices to add post type support either directly (via the `supports` argument in `register_post_type()`) or after registering the post type. Adding a post type feature without the post type being registered is not logical in my opinion." flixos90 7 37669 Shiny Updates: Cancelling the filesystem credentials when updating within the pop-up prevents updating again (without closing/opening) and leaves UI artefacts has-patch Themes 4.6 normal normal Future Release defect (bug) new 2016-08-15T14:16:55Z 2021-02-06T11:39:52Z "Reproducible on RC3: 4.6-RC3-38260 Reproducible: every time Steps to reproduce: 1) Set up WordPress, and set permissions to that the 'filesystem credentials' dialog will be required when performing theme updates. 2) Tweak a version number so that you will have a theme that needs an update. Then, go to /wp-admin/themes.php 3) Do *not* click on the immediately visible ""Update now"". Instead, click on the theme such that the pop-up pops up. 4) Click on the ""Update now"" link within the pop-up. If step 1) was done correctly, then the filesystem dialog should now pop up. 5) Close the filesystem credentials dialog. Result: ""Updating..."" will still show there. But nothing will be updating. You cannot update until you close the pop-up and re-open it. Excepted result: The ""update now"" link re-appears, and ""Updating.."" disappears. Result: nothing happens. #37285 is similar, but a separate (and now fixed) issue. " DavidAnderson 7 37670 wp_validate_redirect fails when running WordPress on a port reporter-feedback Security 4.5.3 normal normal Awaiting Review defect (bug) new 2016-08-15T15:19:35Z 2019-06-04T18:12:31Z "$allowed_hosts is checking againts host value the parsed host value doesn't contain the port number and $wpp does. Thereror hosts aren't matched and wp_validate_redirect fails. {{{ $lp = @parse_url($test); }}} equals {{{ array (size=4) 'scheme' => string 'http' (length=4) 'host' => string 'localhost' (length=9) 'port' => int 3002 'path' => string '/project/xactly-com/insights/' (length=29) }}} where {{{ $wpp = parse_url(home_url()); }}} equals {{{ array (size=2) 'scheme' => string 'http' (length=4) 'host' => string 'localhost:3002' (length=23) }}} will result in {{{ if (isset($lp['host']) && (!in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host']))) { }}} failing The server is running on a local proxy." raptor235 2 37671 Emptying Bin with large amount of posts results in whitescreen needs-unit-tests Posts, Post Types normal normal Future Release enhancement new 2016-08-15T16:01:56Z 2017-08-06T00:31:10Z "When the Bin has a large amount of posts, e.g over 1,500, clicking Empty takes a long time to load, several minutes. After it finishes, it loads a blank white page and has only deleted about 75% of the posts. There's ~500 remaining." atomicjack 8 37672 wpautop adds a closing p-tag without an opening p-tag has-patch Formatting 4.5.3 normal normal Awaiting Review defect (bug) new 2016-08-15T19:06:03Z 2019-04-18T21:39:39Z "Following code result in ill-formed HTML. {{{#!php This is a paragraph. This is another paragraph. EOT; echo wpautop($pee); }}} This is the output: {{{
This is a paragraph.

This is another paragraph.

}}} As you can see, the first paragraph lacks an opening

. " TBarregren 3 37677 Introduce WP_Plugin class analogous to WP_Theme Plugins normal normal Awaiting Review enhancement new 2016-08-16T15:50:59Z 2017-05-04T19:30:55Z "Background: This ticket emerged from #37656. A `WP_Plugin` class has been previously mentioned in #22256 and brought up with a patch in #21883, but only in regards of hooks and filters (i.e. `$GLOBALS['wp_global_hooks'] = new WP_Plugin();`. With #17817 in contention, that approach would need some more tweaking. Also, the class name isn't ideal too because of `WP_Theme`. Using `WP_Plugin` for hooks but themes can use hooks too? Confusing. Proposal: Introducing a new `WP_Plugin` class that does similar things as the already existing `WP_Theme` class but for plugins. This would mainly mean handling caching, retrieving data from plugin file headers and adding any needed helper methods. As a result, we're less prone to errors since we can use 1 reliable API instead of `get_plugin_data()`, `get_plugins()`, etc." swissspidy 4 37678 Add an action hook for plugins to do database upgrades on dev-feedback Database normal normal Awaiting Review defect (bug) new 2016-08-16T18:10:59Z 2019-04-18T21:27:24Z "Currently, plugins that have custom database tables usually hook into `admin_init` and pray for rain when comes to their database alterations. This pollutes the `admin_init` hook namespace quite a bit, particularly with database actions that are almost always necessary in order for plugins to actually work correctly. It would be nice if WordPress core had a dedicated action hook meant for executing database alterations & upgrades, no different than there being one for `plugins_loaded`, `template_redirect`, et all... I'm conflicted on where exactly this hook should be. I'm 95% sure it belongs somewhere after `admin_init` so that admin area plugins have a chance to hook everything in. I'm also 95% certain I don't want this as part of the plugin activation sequence, because it's becoming more common to deploy plugins via WP CLI, version control, or some other deployment process, and activation hooks aren't usually ran that way." johnjamesjacoby 1 37685 Creating new multisite blog - wpmu_create_blog tries to execute queries on non-existent tables reporter-feedback Networks and Sites normal normal defect (bug) new 2016-08-17T10:04:45Z 2019-06-04T21:03:08Z "I have noticed that while creating new wordpress site in multisite install I get quite a few notices about executed queries while using verbose logging. {{{ query: SELECT option_name, option_value FROM wp_85_options WHERE autoload = 'yes' status: ERR: Table 'wp1.wp_85_options' doesn't exist }}} which is triggered by `wp_roles()->reinit();` during switch_to_blog function Another are from get_blogaddress_by_id (inside install_blog function): {{{ query: SELECT option_name, option_value FROM wp_85_options status: ERR: Table 'wp1.wp_85_options' doesn't exist query: SELECT option_value FROM wp_85_options WHERE option_name = 'home' LIMIT 1 status: ERR: Table 'wp1.wp_85_options' doesn't exist query: SELECT option_value FROM wp_85_options WHERE option_name = 'blogname' LIMIT 1 status: ERR: Table 'wp1.wp_85_options' doesn't exist query: SELECT option_value FROM wp_85_options WHERE option_name = 'siteurl' LIMIT 1 status: ERR: Table 'wp1.wp_85_options' doesn't exist query: SELECT option_value FROM wp_85_options WHERE option_name = 'post_count' LIMIT 1 status: ERR: Table 'wp1.wp_85_options' doesn't exist query: SELECT option_name, option_value FROM wp_85_options WHERE autoload = 'yes' status: ERR: Table 'wp1.wp_85_options' doesn't exist }}} Wouldn't it make sense to skip execution of those queries unless tables has been created? 1. `get_blogaddress_by_id` calls get_blog_details with $get_all as true while it makes no sense since additional fields will either be empty. 2. Do not call reinit of wp_roles if in blog creation mode" fliespl 7 37687 Multisite - Enormous number of update queries during site creation (user roles) Networks and Sites normal normal Awaiting Review enhancement new 2016-08-17T10:33:27Z 2019-01-23T22:45:54Z "This is mostly because the wp_roles+caps are added one by one causing a very nice overhead. {{{ query: INSERT INTO `wp_86_options` (`option_name`, `option_value`, `autoload`) VALUES ('wp_86_user_roles', 'a:1:{s:13:\""administrator\"";a:2:{s:4:\""name\"";s:13:\""Administrator\"";s:12:\""capabilities\"";a:0:{}}}', 'yes') ON DUPLICATE KEY UPDATE `option_name` = VALUES(`option_name`), `option_value` = VALUES(`option_value`), `autoload` = VALUES(`autoload`) query: UPDATE `wp_86_options` SET `option_value` = 'a:2:{s:13:\""administrator\"";a:2:{s:4:\""name\"";s:13:\""Administrator\"";s:12:\""capabilities\"";a:0:{}}s:6:\""editor\"";a:2:{s:4:\""name\"";s:6:\""Editor\"";s:12:\""capabilities\"";a:0:{}}}' WHERE `option_name` = 'wp_86_user_roles' query: UPDATE `wp_86_options` SET `option_value` = 'a:3:{s:13:\""administrator\"";a:2:{s:4:\""name\"";s:13:\""Administrator\"";s:12:\""capabilities\"";a:0:{}}s:6:\""editor\"";a:2:{s:4:\""name\"";s:6:\""Editor\"";s:12:\""capabilities\"";a:0:{}}s:6:\""author\"";a:2:{s:4:\""name\"";s:6:\""Author\"";s:12:\""capabilities\"";a:0:{}}}' WHERE `option_name` = 'wp_86_user_roles' query: UPDATE `wp_86_options` SET `option_value` = 'a:5:{s:13:\""administrator\"";a:2:{s:4:\""name\"";s:13:\""Administrator\"";s:12:\""capabilities\"";a:3:{s:13:\""switch_themes\"";b:1;s:11:\""edit_themes\"";b:1;s:16:\""activate_plugins\"";b:1;}}s:6:\""editor\"";a:2:{s:4:\""name\"";s:6:\""Editor\"";s:12:\""capabilities\"";a:0:{}}s:6:\""author\"";a:2:{s:4:\""name\"";s:6:\""Author\"";s:12:\""capabilities\"";a:0:{}}s:11:\""contributor\"";a:2:{s:4:\""name\"";s:11:\""Contributor\"";s:12:\""capabilities\"";a:0:{}}s:10:\""subscriber\"";a:2:{s:4:\""name\"";s:10:\""Subscriber\"";s:12:\""capabilities\"";a:0:{}}}' WHERE `option_name` = 'wp_86_user_roles' [...] One hunder queries later: UPDATE `wp_86_options` SET `option_value` = 'a:5:{s:13:\""administrator\"";a:2:{s:4:\""name\"";s:13:\""Administrator\"";s:12:\""capabilities\"";a:61:{s:13:\""switch_themes\"";b:1;s:11:\""edit_themes\"";b:1;s:16:\""activate_plugins\"";b:1;s:12:\""edit_plugins\"";b:1;s:10:\""edit_users\"";b:1;s:10:\""edit_files\"";b:1;s:14:\""manage_options\"";b:1;s:17:\""moderate_comments\"";b:1;s:17:\""manage_categories\"";b:1;s:12:\""manage_links\"";b:1;s:12:\""upload_files\"";b:1;s:6:\""import\"";b:1;s:15:\""unfiltered_html\"";b:1;s:10:\""edit_posts\"";b:1;s:17:\""edit_others_posts\"";b:1;s:20:\""edit_published_posts\"";b:1;s:13:\""publish_posts\"";b:1;s:10:\""edit_pages\"";b:1;s:4:\""read\"";b:1;s:8:\""level_10\"";b:1;s:7:\""level_9\"";b:1;s:7:\""level_8\"";b:1;s:7:\""level_7\"";b:1;s:7:\""level_6\"";b:1;s:7:\""level_5\"";b:1;s:7:\""level_4\"";b:1;s:7:\""level_3\"";b:1;s:7:\""level_2\"";b:1;s:7:\""level_1\"";b:1;s:7:\""level_0\"";b:1;s:17:\""edit_others_pages\"";b:1;s:20:\""edit_published_pages\"";b:1;s:13:\""publish_pages\"";b:1;s:12:\""delete_pages\"";b:1;s:19:\""delete_others_pages\"";b:1;s:22:\""delete_published_pages\"";b:1;s:12:\""delete_posts\"";b:1;s:19:\""delete_others_posts\"";b:1;s:22:\""delete_published_posts\"";b:1;s:20:\""delete_private_posts\"";b:1;s:18:\""edit_private_posts\"";b:1;s:18:\""read_private_posts\"";b:1;s:20:\""delete_private_pages\"";b:1;s:18:\""edit_private_pages\"";b:1;s:18:\""read_private_pages\"";b:1;s:12:\""delete_users\"";b:1;s:12:\""create_users\"";b:1;s:17:\""unfiltered_upload\"";b:1;s:14:\""edit_dashboard\"";b:1;s:14:\""update_plugins\"";b:1;s:14:\""delete_plugins\"";b:1;s:15:\""install_plugins\"";b:1;s:13:\""update_themes\"";b:1;s:14:\""install_themes\"";b:1;s:11:\""update_core\"";b:1;s:10:\""list_users\"";b:1;s:12:\""remove_users\"";b:1;s:13:\""promote_users\"";b:1;s:18:\""edit_theme_options\"";b:1;s:13:\""delete_themes\"";b:1;s:6:\""export\"";b:1;}}s:6:\""editor\"";a:2:{s:4:\""name\"";s:6:\""Editor\"";s:12:\""capabilities\"";a:34:{s:17:\""moderate_comments\"";b:1;s:17:\""manage_categories\"";b:1;s:12:\""manage_links\"";b:1;s:12:\""upload_files\"";b:1;s:15:\""unfiltered_html\"";b:1;s:10:\""edit_posts\"";b:1;s:17:\""edit_others_posts\"";b:1;s:20:\""edit_published_posts\"";b:1;s:13:\""publish_posts\"";b:1;s:10:\""edit_pages\"";b:1;s:4:\""read\"";b:1;s:7:\""level_7\"";b:1;s:7:\""level_6\"";b:1;s:7:\""level_5\"";b:1;s:7:\""level_4\"";b:1;s:7:\""level_3\"";b:1;s:7:\""level_2\"";b:1;s:7:\""level_1\"";b:1;s:7:\""level_0\"";b:1;s:17:\""edit_others_pages\"";b:1;s:20:\""edit_published_pages\"";b:1;s:13:\""publish_pages\"";b:1;s:12:\""delete_pages\"";b:1;s:19:\""delete_others_pages\"";b:1;s:22:\""delete_published_pages\"";b:1;s:12:\""delete_posts\"";b:1;s:19:\""delete_others_posts\"";b:1;s:22:\""delete_published_posts\"";b:1;s:20:\""delete_private_posts\"";b:1;s:18:\""edit_private_posts\"";b:1;s:18:\""read_private_posts\"";b:1;s:20:\""delete_private_pages\"";b:1;s:18:\""edit_private_pages\"";b:1;s:18:\""read_private_pages\"";b:1;}}s:6:\""author\"";a:2:{s:4:\""name\"";s:6:\""Author\"";s:12:\""capabilities\"";a:10:{s:12:\""upload_files\"";b:1;s:10:\""edit_posts\"";b:1;s:20:\""edit_published_posts\"";b:1;s:13:\""publish_posts\"";b:1;s:4:\""read\"";b:1;s:7:\""level_2\"";b:1;s:7:\""level_1\"";b:1;s:7:\""level_0\"";b:1;s:12:\""delete_posts\"";b:1;s:22:\""delete_published_posts\"";b:1;}}s:11:\""contributor\"";a:2:{s:4:\""name\"";s:11:\""Contributor\"";s:12:\""capabilities\"";a:5:{s:10:\""edit_posts\"";b:1;s:4:\""read\"";b:1;s:7:\""level_1\"";b:1;s:7:\""level_0\"";b:1;s:12:\""delete_posts\"";b:1;}}s:10:\""subscriber\"";a:2:{s:4:\""name\"";s:10:\""Subscriber\"";s:12:\""capabilities\"";a:2:{s:4:\""read\"";b:1;s:7:\""level_0\"";b:1;}}}' WHERE `option_name` = 'wp_86_user_roles' }}} Possible idea: instantiate `wp_roles` with `use_db` false during blog creation and force saving roles data into database after `populate_roles();` function." fliespl 2 37692 Introduce WP_Database_Table base class dev-feedback Database normal normal Awaiting Review enhancement new 2016-08-17T13:23:28Z 2017-03-15T17:20:50Z "I've always thought it odd that WordPress only versions blogs, and not each individual database table. On one hand, it's great that the schema changes rarely enough that WordPress core would not get a lot of use out of it. On the other, many plugins would benefit pretty hugely from a smart base class that encapsulated a lot of the procedural work of having custom database tables and maintaining a schema. BuddyPress, for example, comes with several object & metadata pairs, for groups, activity, friends, profiles, messages, notifications, etc... It currently takes WordPress's approach of having a big-dumb installer and a bunch of tangled together upgrade routines. I'd love it if each component could manage it's own schema on the fly, with it's own upgrade routines and database table classes to separate the responsibilities, but without needing to setup `admin_init` hooks and `version_compare()` checks for each component. Django has something similar currently, as do other open-source projects like Piwik, GitLab, Mattermost, etc... ---- I'm imagining that each core database table would extend the `WP_DB_Table` class, each with their own `db_version` and their own methods for upgrading to newer versions. Global tables (like `wp_users`) would use `site_id` `-1` in the `wp_sitemeta` database table to distinguish them as global, and not per-network or per-site. ---- This way, when a plugin like WooCommerce wants to introduce new database tables, they just extend the base class, pass in an array of column-keys & attributes, and the base class would handle the `$wpdb` table registration and all of the other bits and bobs. Eventually... eventually it could get paired up with some kind of a `WP_Base_Query` class to automatically handle cache-key assignments, and generate basic crud methods based on the parameters in the associated `WP_Database_Table` extension. ---- I think this becomes particularly useful in REST applications, where WordPress's APIs can be used and extended for any manner of scalable data storage outside of the core database schemas. Obviously this is a huge idea with lots of moving parts, and without a core need ideas like this are pretty slow on the go. I am already starting to do something similar in my own plugins though - just without the base class - and it feels much easier to maintain each plugin knowing there is a similar convention between them. See: https://code.flox.io/stuttter/wp-site-aliases/blob/master/includes/class-wp-site-aliases-db-table.php" johnjamesjacoby 3 37698 wp_kses_split global variable pollution has-patch Formatting normal normal Future Release defect (bug) new 2016-08-17T20:20:15Z 2021-02-09T16:12:22Z "In r10339, `wp_kses_split` was modified so it doesn't longer require the `preg_replace` with the `e` (eval) modifier. This implementation uses globals to pass the values of `$allowed_html` and `$allowed_protocols` to the `_wp_kses_split_callback` function. While in most cases this isn't really a problem, we noticed that a call to `wp_kses_split` (via a filter) from within `_wp_kses_split_callback` may have undesirable effects on the next replacements. The snippet below illustrates this problem, you can see in action in https://3v4l.org/YmYTZ {{{ |$))|(<[^>]*(>|$)|>))%', '_wp_kses_split_callback', $string ); } function _wp_kses_split_callback( $match ) { global $pass_allowed_html, $pass_allowed_protocols; return wp_kses_split2( $match[1], $pass_allowed_html, $pass_allowed_protocols ); } function wp_kses_split2($string, $allowed_html, $allowed_protocols) { wp_kses_split('', array(), array()); // this overrides the globals. print_r( array( $allowed_html, $allowed_protocols ) ); } wp_kses_split(""I link this"", array('a'=>array( 'style' => array() )), array('http') ); }}} One way to fix this would be to use an anonymous function, but I guess that's only available on PHP >= 5.3. Another way is to encapsulate the callback in a class and tie the arguments to an instance of this class." xknown 14 37699 Death to Globals Episode #1: A Registry, A Pattern General normal normal Awaiting Review enhancement new 2016-08-17T20:49:29Z 2021-01-14T10:48:12Z "Storing application state in globals is ... bad. Using global state to store objects is ... bad. Using globals to avoid writing classes is ... bad. Using globals to pass data between functions is ... bad. Training people to assume that globals will always be set to the value they expect is ... bad. Globals are an artifact of a #dark-er time, think PHP 3. It would be nice if we didn't use globals. We have a backward compatibility strait jacket, but that shouldn't stop us from exploring ways to eradicate them. We can start with class instances, because variables hold a reference to the actual instance when set. We can also start with a simple registry that allows us to create a data that can get / set globals for us (or not!). We can also add a few static methods onto `WP` to hide all of this away. Attached is a POC that removes (every instance of?) `$wpdb` as a global, and instead uses the registry. Take a glance. All unit tests (seem to) pass. This will evolve before it becomes a reality, but I encourage you to unleash your imagination unto a world where WordPress' codecase resembles something globallessly lovely. " wonderboymusic 117 37702 Accept array of IDs in `delete_metadata_by_mid` needs-unit-tests Options, Meta APIs normal normal Future Release enhancement new 2016-08-18T01:23:21Z 2019-12-13T19:00:51Z "When deleting meta data in bulk (for example when an object is deleted), improve performance of meta deletion by accepting an array for `delete_metadata_by_mid` and related functions. Related #37671." peterwilsoncc 1 37705 Remove unnecessary parts of WP_HTTP which remain has-patch HTTP API normal normal defect (bug) new 2016-08-18T04:07:10Z 2019-06-04T20:01:04Z "After Requests was merged in WordPress 4.6, WP_HTTP now wraps it with a few of the previous classes remaining for compatibility. Some of these have significant code left in them which is no longer used, and we've still got the entire cURL and Streams WP_HTTP request classes in core. We should be able to remove a large percentage of these without too much issue. There's a chance that some developers have been using these classes directly, especially as a number of items were marked as public (due to how it was developed). I'd like to take the hardline approach and rip everything not needed out early, and restore compatibility shims where needed if it turns out developers were using things directly (incorrectly)." dd32 10 37708 `wp_http_supports()` doesn't reflect what Requests can do HTTP API 4.6 normal normal Future Release defect (bug) reopened 2016-08-18T04:36:47Z 2022-04-21T21:23:17Z "While reviewing what parts of `WP_HTTP` can be removed in #37705, I noticed that `wp_http_supports()` still performs it's checks against the `WP_HTTP` transports rather than querying against Requests to see if the request can be performed or not. The only capability which we supported was `ssl`. Three options: 1. Query SSL ability against Requests (if it supports that) 1. Deprecate and always `return true;` 1. Implement a small check to see if SSL requests will be able to proceed, checking for cURL features or openssl being available (and all the other streams requirements being satisfied). The above options are in my order of preferences, we should support it if possible, but I'm not afraid of just no-oping the function. Marking for 4.7, with the potential for 4.6.x backporting." dd32 15 37712 Opacity not applied to admin menu icon when it selected has-patch Administration normal normal Future Release defect (bug) new 2016-08-18T08:09:28Z 2020-11-20T01:26:01Z "Opacity not applied to single menu with custom menu logo when it selected. But it work fine where menu has sub-menu and following css applied for it. {{{ #adminmenu li.menu-top:hover .wp-menu-image img, #adminmenu li.wp-has-current-submenu .wp-menu-image img { opacity: 1; } }}} So here css rule missing for single menu with custom menu logo. When I applied following css then it work fine. {{{ #adminmenu li.menu-top.current .wp-menu-image img { opacity: 1; } }}} " chandrapatel 1 37754 Support Receiving Pings for Non Post-Type Permalinks Pings/Trackbacks 1.0 normal normal enhancement new 2016-08-20T23:57:21Z 2019-06-04T21:03:23Z "Related: #2700 Ten years ago, it was proposed that the ability to ping the homepage(often linked in the author_url of a comment). After a year, the issue was closed and turned over as a plugin issue. While the idea of pinging comments is certainly one that can be added as a plugin, the infrastructure to support receipt on arbitrary pages is not. This enhancement is specifically about making it possible for Core or a plugin to receive and direct these pingbacks, separate from the issue of what to do with them once received. After the changes are made, that could be explored as plugin territory. However, the only way to do this now is to completely replace the pingback handler with a custom one. Probably the easiest way to do this is to expand url_to_postid to allow it to return an arbitrary post_ID(using a filter) if it detects that the URL in question is a valid URL on the site, but does not refer to a post_type. " dshanske 37756 Allow inline scripts on script aliases needs-unit-tests Script Loader 4.5 normal normal Future Release defect (bug) new 2016-08-21T06:46:10Z 2019-12-13T22:21:50Z "It appears if {{{add_inline_script}}} is called on {{{jquery}}} then it gets ignored, and requires to use {{{jquery-core}}} The same may apply to styles but not tested. Inline scripts should work on both the main script and the aliases. " pcfreak30 4 37757 Add `allowed_classes` to `maybe_unserialize` When WordPress is running on PHP 7+ has-patch Security normal normal Awaiting Review enhancement new 2016-08-21T11:39:57Z 2017-09-13T21:39:27Z "PHP 7 added an options array to unserialize: http://php.net/manual/en/function.unserialize.php The most notable option is passing a whitelist of classes that can be unserialized which can help mitigate some remote code execution vulnerabilities. Something like this (PHP 5.X will throw a warning if a second argument is provided to `unserialize`). {{{#!php if (!is_serialized($input)) { return false; } return PHP_MAJOR_VERSION >= 7 ? @unserialize($input, apply_filters('wp_maybe_unserialize_options', [])) : @unserialize($input); }}} By default, I don't think any whitelisting needs to be done -- would be a huge BC break. But it would be nice to give developers an option to lock down what can be unserialized via `maybe_unserialize`." chrisguitarguy 7 37758 The Link Checker tool does not detect some links has-patch Editor 4.6 normal normal Awaiting Review defect (bug) new 2016-08-21T14:25:45Z 2023-09-16T12:09:45Z "hello, The Link Checker tool in WordPress 4.6 doesn’t detect an error when you put something before ‘http(s)‘. Example: xhttps://www.google.com And the tool does not detect error if a missing letter in ""http"". examples : ttps://core.trac.wordpress.org/newticket htps://core.trac.wordpress.org/newticket htts://core.trac.wordpress.org/newticket" Djibs13 10 37762 cache_results parameter doesn't prevent queried posts from being added to cache boonebgorges dev-feedback Query 4.6 normal normal Future Release defect (bug) assigned 2016-08-22T09:39:42Z 2022-06-15T13:23:14Z "Even when `cache_results` is set to `false`, the queried posts in `WP_Query` are still mapped to `get_post()` which will always add post instance to cache. For more info: http://wordpress.stackexchange.com/questions/236653/how-to-prevent-queried-posts-from-being-added-to-cache/236659. " Dang Vu 7 37763 Target server overload due to invalid RSS feed URL in RSS widget stevenkword Feeds 4.6 normal normal Awaiting Review defect (bug) assigned 2016-08-22T11:09:00Z 2017-10-26T18:31:00Z "Was roped into helping a friend figure out why a Wordpress site he managed was constantly registering 100% CPU usage. Turns out that they used the RSS widget and had it pointed to an RSS feed for their site. At some point the RSS feed had been deactivated and began generating a 404, and the server began getting four or five calls ''per second'' to the feed URL, effectively DoSing their own server. Although the widget was displayed on every page, they only average a few hundred unique visitors a day, so the number of requests from the widget far exceeded the number of page views. I took some time trying to figure out why it might be doing this, but decided to stop looking through the trash WordPress code when I got to the fetch_feed() function. I just don't care enough. But I do care if there is a bug that causes that many requests when the feed URL returns a 404. I don't know how often feed names are changed or removed, but this could cause a huge number of unwanted requests. My initial guess is that the SimplePie class is like ""oh hey a 404 how about I try again. oh hey a 404 how about I try again. oh hey a 404 how about I try again. oh hey a 404 how about I try again."" until it tires itself out. But like I said, too much trash code to care since I'm not getting paid to fix it. Summary: 1. RSS Widget on page. 2. Invalid RSS feed URL, pointed to same server as page, returned a 404. 3. Generated a number of requests for the RSS feed that was substantially higher than the number of page views. 4. Caused 100% CPU usage on server." bstovall 11 37773 Update get_avatar() to support native and registered image sizes. dev-feedback Media 2.5 normal normal Awaiting Review enhancement new 2016-08-22T21:41:26Z 2021-03-31T16:55:15Z "The get_avatar() method currently allows developers to retrieve a user's avatar of a particular size by passing in an integer value, such as `get_avatar( 'jeremy@example.com', 80 )`. In some cases, it might be useful to instead retrieve an avatar by passing in an image size registered with WordPress (e.g., thumbnail, medium, large). See attached patch. " jmichaelward 8 37775 Capabilities inconsistence when registering CPT Posts, Post Types normal normal Awaiting Review defect (bug) new 2016-08-22T21:52:54Z 2019-04-25T10:57:20Z "When registering CPT I can define `capabilities`, and some of them can be ""turned off"", so I can disable, for example, creating a new CPT object with `'create_posts' => false`. But here is the interesting part: {{{ 'delete_post' => null, 'delete_posts' => false, }}} To prevent deletion, I need to specify exactly like above, otherwise I will get notices from WP. In my opinion, we should have 1 approach, like `false`" slaFFik 1 37788 dns-prefetch s.w.org conditionally via javascript Emoji 4.6 normal normal Awaiting Review enhancement new 2016-08-23T10:31:12Z 2023-06-07T05:54:00Z "For many users, dns-prefetch to s.w.org is not needed if they aren't using Jetpack or any plugin which connects to it. It's because: 1. A page may not have an emoji 2. Even if the page has it, the browser may support emojis. Going forward the support will increase. Hence I propose the dns-prefetch to s.w.org be made only if the feature detection detects wp-emoji-release needs to be loaded or if possible page needs an emoji svg. " superpoincare 5 37799 "Add progress indicator to ""Upgrade Network"" page" pcarvalho has-patch Networks and Sites normal normal Future Release enhancement assigned 2016-08-23T20:07:43Z 2020-05-18T17:24:29Z "The ""Upgrade Network"" page loops through sites in a network, and upgrades them 5 at a time. As primitive as this interface is, as a network admin responsible for upgrading thousands of sites, I actually don't mind the simplicity. What would be nice, though, is some indication of how many sites there are, and how many are left until the routine is complete. Maybe this is a progress bar (can we steal that from media?) or a pie-chart, or a simple ""Upgrading sites 10-15 out of 2,378"" or something more encouraging like ""Only 2,375 to go!""" johnjamesjacoby 27 37801 Media Functions dev-feedback Media normal normal Awaiting Review feature request new 2016-08-23T21:40:41Z 2019-04-19T20:04:28Z "I think now WordPress should include all media functions, like getMedaTitle($attID) getMedaCaption($attID) getMedaAlt($attID) getMedaUrl($attID) getMedaUrl($attID) I will be really happy to work on it and include them in 4.7 " daniyalahmedk 2 37812 404 when using a numeric slug and /%category%/ base needs-unit-tests Permalinks normal normal Future Release defect (bug) new 2016-08-24T15:29:53Z 2023-03-11T11:36:36Z "To reproduce: 1. Create a top and sublevel category. Lets say Parent > Child 2. In permalink settings, set custom permalink structure /%category%/%postname%/ 3. Create a post with slug 12345 and assign to category ""child"" 4. View post. There is a 404. Tested in 4.6 only. No other plugins active." mikejolley 5 37818 Suggested import id for wp_insert_user has-patch Import 2.0 normal normal Future Release enhancement new 2016-08-25T03:47:56Z 2020-07-17T17:47:49Z "I would like to import users and would like to keep the previous user ids. In `wp_insert_post()` I can define the `import_id` and that is the ID that is used if it does not yet exist. By adding the same parameter to `wp_insert_user()` would allow us to suggest an ID." grapplerulrich 1 37822 Text area misaligned on network setting.php Networks and Sites 4.6 normal normal Future Release defect (bug) new 2016-08-25T10:46:27Z 2018-03-05T16:42:51Z "On Network setting page, all text area looks misaligned. Looks zig zag Refer attached screenshots for better view. " Ankit K Gupta 12 37825 Introduce functions to check whether there are multiple taxonomy terms needs-unit-tests Themes normal normal Future Release enhancement new 2016-08-25T12:33:10Z 2018-06-14T18:04:43Z "We've had a function `is_multi_author()` since version 3.2.0, which is regularly used by themes to check if a site has multiple authors with published posts. A similar function is often needed by themes for taxonomies (mostly categories), for example the latest default themes have contained a function `*_categorized_blog()`. I think this functionality is essential for several themes, and we can make their lifes easier by providing these functions to them (especially since several theme authors don't really wanna mess with hooks for invalidating transients). Of course, for backward compatibility a theme should check whether that function exists, and if not, it still needs to take care of things by itself. However, I think this will still be a good solution long-term to include this functionality in WordPress Core." flixos90 9 37829 Problem when adding a link and searching published articles Editor 4.5 low normal Awaiting Review defect (bug) new 2016-08-25T17:47:28Z 2019-04-19T18:03:59Z With WordPress 4.6 (was already in 4.5 actually), there’s a problem when you wanna put a link and search published articles. Here, if you search “iOS 9“, every article with iOS 9 in the title show up. Although, if you search “iOS 9.3.5“, nothing is found. Same thing with an apostrophe and maybe other punctuations. Djibs13 2 37831 Change the permalink structure without changing the url of older articles dev-feedback Permalinks normal normal Awaiting Review feature request new 2016-08-25T22:22:50Z 2019-04-19T15:19:48Z "A nice feature would be to change the permalink structure without changing the url of older articles. Many users complain of having 404 errors on old articles. This causes problem when there are dozens or hundreds of articles. Not everyone has the competences to manage the redirections " Djibs13 2 37832 Using ?p=xxx on a posts page with an invalid post ID does not return a 404 status Posts, Post Types normal normal Awaiting Review defect (bug) new 2016-08-25T23:06:41Z 2019-04-19T15:20:07Z "Steps to replicate: - Create a page and set it as the posts page. - Visit this page with ?p=123456 (an invalid ID) added. WordPress will return whatever 'no results found' message you have in the theme, but with a 200 status. The handle_404 function seems to have been set up to always give a 200 status if is_home() returns true. This should not apply if you're overriding the query in some way via the URL. Somehow many of these URLs have been detected by Google on a site of ours and are being reported as soft 404s. How they were found is one thing, but WordPress should not be returning a 200 status regardless." smerriman 2 37837 Extend WP_Query author parameters to filter by role Query 4.7 normal normal Awaiting Review feature request new 2016-08-26T10:25:01Z 2017-03-30T17:01:37Z "WP_Query contains a series of author parameters (`author', ' author_name', ' author__in', and `author__not_in` as documented on the Codex). It wpould be nice to add `author_role__in` and maybe `author_role__not_in` as valid parameters, and be able to also query for posts given one or a set of user roles. I can see a lot of usages, and this has indeed been asked inside the community in some places, although I could not find a Track dedicated ticket. AFAIK, this would require the WP_Query database interaction to include the usermeta table, which can be expensive by default, and add a LIKE statement against the `wp_capabilities` usermeta field value, which is also expensive by default. So this might introduce performance problems and be discarded because of that. But otherwise, I would like that we consider this as a possible feature to add." jadpm 1 37840 Optimize full size images enshrined has-patch Media normal normal Future Release enhancement assigned 2016-08-26T15:12:04Z 2023-03-13T16:26:19Z "Many users upload unoptimized full size images to the media library, which can result in unnecessarily large downloads for users when the full size image is inserted in post content or when the full size image is added to `srcset` attributes. We could potentially improve things by adding a new image size to WordPress that is an optimized version of the original image and use that on the front end instead of the original uploaded image. Some considerations: * We should not modify the original uploaded file. * Consider potential server implications of adding an additional size. * Can we determine if a file is already optimized so we don't end up increasing the file size in those cases?" joemcgill 41 37848 Form fields misaligned on export.php has-patch Export 5.2.1 normal normal Awaiting Review enhancement new 2016-08-27T10:57:16Z 2019-06-17T13:54:31Z "On the export page, all the form fields are misaligned. Refer attached screenshots for a better view." adhun 6 37850 Auto-scroll to error notice on failed inline updates (plugins/themes) Upgrade/Install 4.6 normal normal Future Release defect (bug) new 2016-08-27T16:14:49Z 2019-04-19T19:58:43Z "See a small UX issue in WordPress 4.6 on shiny updates. In this case I noticed it on the network themes page when one theme has an update and that theme is below the fold (or view-port). if the update has an error (of any kind), the response happens at the top of the page and a user would never know about the response message. I think in this case a forced scroll-to-top would be great or allow the shiny updates to show inline errors. " austyfrosty 1 37857 Strange behaviour for COOKIE_DOMAIN since Wordpress 4.6 reporter-feedback Login and Registration 4.6 normal normal Awaiting Review defect (bug) new 2016-08-28T11:53:15Z 2023-10-05T01:04:22Z "I hope I am right here, because since the last update for WordPress 4.6 there is a very strange behaviour with the by hand sedate constant COOKIE_DOMAIN. I have adapted COOKIE_DOMAIN in wp-config.php to be able to use the same login data about multible domains away. Since the update for WordPress 4.6 this causes problems with the browser cache for all dynamic data transfers, like forms etc. Not only in WordPress, but also in form-plugins or WooCommerce. With the example WooCommerce: data for the goods basket are updated always only after a renewed page-reload. That means, if you go to basket, no changes are active. You need to reload the basket to see the changes in action. The same behavior with changes in forms for addresses etc. Absolutely no caching module is active. If browser caching is disabled, everything works fine. These are the changes I've made for the COOKIE_DOMAIN in wp-config.php: {{{#!php

`. * @type string $after_title HTML content that will be appended to the widget's title when displayed. * Default `

`. * } */ function the_widget( $widget, $instance = array(), $args = array() ) { global $wp_widget_factory; $widget_obj = $wp_widget_factory->widgets[$widget]; if ( ! ( $widget_obj instanceof WP_Widget ) ) { return; } $default_args = array( 'before_widget' => '
', 'after_widget' => ""
"", 'before_title' => '

', 'after_title' => '

', ); $args = wp_parse_args( $args, $default_args ); $args['before_widget'] = sprintf( $args['before_widget'], $widget_obj->widget_options['classname'] ); $instance = wp_parse_args($instance); /** * Fires before rendering the requested widget. * * @since 3.0.0 * * @param string $widget The widget's class name. * @param array $instance The current widget instance's settings. * @param array $args An array of the widget's sidebar arguments. */ do_action( 'the_widget', $widget, $instance, $args ); $widget_obj->_set(-1); $widget_obj->widget($args, $instance); } }}} Enhanced {{{#!php `, where `%s` is the widget's class name. * @type string $after_widget HTML content that will be appended to the widget's HTML output. * Default ``. * @type string $before_title HTML content that will be prepended to the widget's title when displayed. * Default `

`. * @type string $after_title HTML content that will be appended to the widget's title when displayed. * Default `

`. * } */ function the_widget( $widget, $instance = array(), $args = array() ) { global $wp_widget_factory; $widget_obj = $wp_widget_factory->widgets[$widget]; if ( ! ( $widget_obj instanceof WP_Widget ) ) { return; } $default_args = array( 'before_widget' => '
', 'after_widget' => ""
"", 'before_title' => '

', 'after_title' => '

', ); $args = wp_parse_args( $args, $default_args ); //Allow modifying widget args via filter hook $args = apply_filters( 'the_widget_args', $args ); $args['before_widget'] = sprintf( $args['before_widget'], $widget_obj->widget_options['classname'] ); $instance = wp_parse_args($instance); /** * Fires before rendering the requested widget. * * @since 3.0.0 * * @param string $widget The widget's class name. * @param array $instance The current widget instance's settings. * @param array $args An array of the widget's sidebar arguments. */ do_action( 'the_widget', $widget, $instance, $args ); $widget_obj->_set(-1); $widget_obj->widget($args, $instance); } }}} " mnmlthms 2 38036 Add support for the utf8mb4_0900_ai_ci collation Database normal normal Future Release enhancement new 2016-09-13T10:11:38Z 2023-04-05T10:24:05Z "MySQL 8.0 adds the `utf8mb4_0900_ai_ci` collation, based on the current Unicode Collation algorithm. We should use it when possible. Note that the version check will need to be a little more complex than the `utf8mb4_520` check - MariaDB 10.x doesn't support `utf8mb4_0900_ai_ci`. " pento 5 38037 Maximum User ID Issue Users lowest normal Awaiting Review defect (bug) new 2016-09-13T10:46:57Z 2019-04-10T07:47:18Z "Hi, We found that if you set the AUTO_INCREMENT value to 18446744073709551614 (which is 1 less than the maximum value of BIGINT), it creates a blank user in the admin user table. upon checking the mySQL database details, we found that the ID (_users) is 18446744073709551614 and the user_id (_usermeta) is 9223372036854775807. the reason for the test is, we have created a plugin that allows an admin to change the user ID of any user, so we where testing the maximum upper limits of. The only way to delete this user is manually, the delete option fails. it would seem the ID (_users) supports 0 to 18446744073709551615 and it would seem the user_id (_usermeta) supports -9223372036854775808 to 9223372036854775807 this can be checked in https://dev.mysql.com/doc/refman/5.5/en/integer-types.html thanks" akaracing 1 38044 Make seems_utf8() RFC 3629 compliant. Formatting 1.2.1 normal normal Future Release defect (bug) new 2016-09-13T21:07:56Z 2019-04-09T21:41:24Z `seems_utf8()` should be made [https://www.ietf.org/rfc/rfc3629.txt RFC 3629] compliant. Currently it accepts overlong sequences and surrogates, which will cause PHP functions expecting valid UTF-8 strings to fail. gitlost 1 38052 wp-utility.js misses function argument null needs-unit-tests General 4.6 normal major Awaiting Review defect (bug) new 2016-09-14T09:26:29Z 2017-07-28T08:57:16Z "Since 4.6 the wp-utility is updated. The null parameter has been removed here: {{{ compiled = compiled || _.template( $( '#tmpl-' + id ).html(), null, options ); }}} to {{{ compiled = compiled || _.template( $( '#tmpl-' + id ).html(), options ); }}} Which can give the following error: {{{ wp-util.min.js:1 Uncaught TypeError: (intermediate value)(intermediate value) is not a function }}} This is fixed by adding that null value again like this: {{{ compiled = compiled || _.template( $( '#tmpl-' + id ).html(), null, options ); }}} Affects version 4.6 and 4.6.1" wiardvanrij 5 38054 class.wp-scripts.php - add_action when init is already doing reporter-feedback Script Loader 4.6.1 normal normal Awaiting Review enhancement new 2016-09-14T13:12:13Z 2019-04-09T21:27:34Z "Hi, I've simple WP installation and I'm trying to make ""my profiler"" which will show executing times of all actions. I just found an issue in class.wp-scripts.php. Plugin Query monitor runs `wp_register_script( 'debug-bar', false, array( 'query-monitor') );` inside init action. (it's first call of wp_register_script). Then constructor of WP_Scripts runs `add_action( 'init', array( $this, 'init' ), 0 )`, but action is already doing and my profiler shows warning about it (`$merged_filters['init']` has reset state). I think that constructor should be: {{{ public function __construct() { $this->init(); if ( ! did_action( 'init' ) ) add_action( 'init', array( $this, 'init' ), 0 ); } }}} Sasa " stodorovic 1 38057 'wp_update_nav_menu' action returns inconsistent number of arguments johnbillion has-patch Menus 4.6 normal normal Future Release enhancement reviewing 2016-09-14T16:13:56Z 2023-02-09T13:31:46Z "The 'wp_update_nav_menu' action is fired in two places with a different amount of arguments. - [https://core.trac.wordpress.org/browser/branches/4.6/src/wp-includes/nav-menu.php#L348 wp-includes/nav-menu.php] `do_action( 'wp_update_nav_menu', $menu_id, $menu_data );` - [https://core.trac.wordpress.org/browser/branches/4.6/src/wp-admin/includes/nav-menu.php#L1070 wp-admin/includes/nav-menu.php] `do_action( 'wp_update_nav_menu', $nav_menu_selected_id );` The first one passes along the menu id and menu data, where the second one only returns the menu id. " barryceelen 12 38061 Rename the text window name on the editor has-patch Editor normal normal Future Release enhancement assigned 2016-09-14T22:10:52Z 2019-06-21T06:36:36Z "The text window on the editor name should be something that makes better sense to new users. Since the reality is it is a way to tab between the visual editor and actual view the code. So if a new user who does not know this if they tab between Visual and Text it does not make total sense." lukecavanagh 35 38062 SELECT DISTINCT ... ORDER BY ... has-patch Query 4.6 normal normal Awaiting Review defect (bug) new 2016-09-14T22:36:46Z 2019-04-09T18:51:23Z "I'm not 100% certain of how best to change this in the code, but I've attached a patch that I believe is correct and fixes it ... In '''./wp-includes/class-wp-query.php:2810''' (trunk), there is a query that looks like: {{{ SELECT $found_rows $distinct {$this->db->posts}.ID FROM {$this->db->posts} $join WHERE 1=1 $where $groupby $orderby $limits }}} When run, in some cases at least, the query turns into: {{{ SELECT SQL_CALC_FOUND_ROWS distinct wp_posts.ID FROM wp_posts ... ORDER BY wp_posts.post_date ... }}} The problem with the query is that it could potentially give unpredictable results ... the only reason it doesn't is because wp_posts.ID happens to be a Primary Key, and therefore, is already guaranteed that the post_date+ID will always be unique. Now, I understand why the 'distinct' is used, as there are JOINs involved in the expanded query that could result in multiple rows being returned for each wp_post.ID, ie: ID post_date 1 2016-09-01 2 2016-08-01 3 2016-07-01 4 2016-06-01 1 2016-09-01 4 2016-06-01 , but if that weren't the case, then the unpredictable results could come from a case like: ID post_date 1 2016-09-01 2 2016-08-01 3 2016-07-01 4 2016-06-01 1 2016-05-01 4 2016-04-01 For the above query, which 1,4 date is to be used? If the first, then the order would be 1,2,3,4 ... if the second, the order would be 2,3,1,4 ... If the query was changed to: {{{ SELECT SQL_CALC_FOUND_ROWS distinct wp_posts.ID, wp_posts.post_date }}} ... then the query becomes SQL compliant, and it is no longer possible to get unpredictable results, since in both my 'bad example' above, and in the case of the actually database table as defined for WordPress, the result would end up being: 1,2,3,4 I attached a patch that fixes the query in such a way that makes the query SQL Compliant and removes the potential unpredicatability of the results that right now is protected against by ensuring that the field itself is always UNIQUE in the first place ... " yscrappy 3 38067 New filter `wp_post_lock_status` has-patch Posts, Post Types 2.5 normal normal Awaiting Review feature request new 2016-09-15T13:23:37Z 2019-04-05T18:08:53Z "I have wp with one account for 5 people, employees. We make websites so 5 accounts for each website -> waste of time and difficult to maintain. We have big problem - if somebody edit page and I start edit the same page we have conficts and overwrite own changes. I can't see notice about that somebody edit this page because we use one account. My best idea! When user is logged in i create new cookie: `wordpress_logged_in_unique_COOKIEHASH` with unique hash -> user agent + wp_generate_password(). I save user hash if `_edit_lock_hash` was saved. So I can't check that post is locked or. So I write filter for return value of wp_check_post_lock() and... this work! I suggest add this filter (idea) to core or show me other way to resolve my problem." sebastian.pisula 2 38071 Add status links to network/sites.php has-patch Networks and Sites 3.0 normal normal Future Release enhancement new 2016-09-15T19:08:13Z 2017-05-06T22:29:20Z "Although sites have a ""status"" property, there is no interface for identifying what sites have which statuses, or their associated counts. Screens that do have this: * Posts * Pages * Users * Comments * Plugins * Themes (network or list view)" johnjamesjacoby 16 38072 Eliminate placeholder nav menu items in favor of auto-drafts in Customizer Customize 4.3 normal normal Future Release enhancement new 2016-09-16T05:46:06Z 2017-06-07T00:21:05Z "When nav menus were added to the customizer in 4.3, newly-created nav menu items were assigned a random negative integer to represent the ID for that `nav_menu_item` post. (This was also true of `nav_menu` terms for newly-created nav menus.) Upon saving the customized state, any such `nav_menu_item[...]` settings with negative IDs would then get inserted and assigned actual IDs which would then get sent back in the `customize_save_response` and the UI then replaces the placeholder nav menu item's control with the newly-inserted nav menu item's control. The key motivation here was to ensure that changes made in the customizer would not have an impact any part of WP until hitting Save. (What happens in the customizer stays in the customizer… until you hit Save.) Now, aside from a momentary flicker of placeholder nav menu item controls that get replaced with actual nav menu item controls, there is a key disadvantage to using such placeholder nav menu items (with negative post IDs): it is not possible to relate postmeta to them. There is a long-standing ticket #18584 for allowing nav menu items to be extensible to add custom fields in the customizer (and in the admin screen). In the call to `get_metadata` it has a behavior whereby it passes the supplied post ID through `absint` so if any postmeta are attempted to be related to placeholder `nav_menu_item` posts, they will fail to be accessed when calling `get_post_meta()`. Now, in #34923 there was the introduction of being able to create stubs for posts and pages inside the customizer so that they can have nav menu items created for them. The stubs created here are `auto-draft` posts which ensures that they do not affect other parts of WordPress and they will be automatically garbage-collected if never published. Now, the original Menu Customizer plugin did make an Ajax request for each created new nav menu items but they were `nav_menu_item` posts that were not related to a `nav_menu` (they were orphaned) rather than being `auto-draft`. We could consider going back to making an Ajax request to create each `nav_menu_item` (now an `auto-draft`) in the same way that is being done for post/page stubs. A downside of going to using Ajax to create new nav menu items (to reserve an auto-incremented post ID) is that adding a new nav menu item would no longer be instant. However, it would mean that upon save there wouldn't be any rebuild of nav menu item controls replacing placeholders with actuals, and as such it could mean a lot of code could be removed. But the most important benefit of switching to use `auto-draft` posts for nav menu items is that postmeta could then be created in the customizer and related to actual post IDs which could then be properly targeted in `get_post_metadata`filters. Alternatively, `get_post_meta` could just replace the `absint` with a call to `intval` and then ensure that the `get_post_metadata` filters apply with that negative ID, but then short-circuit if the filter doesn't return with `null` (since it wouldn't be able to find entries with negative IDs in the database). See feature plugin for adding custom fields to the customizer: https://github.com/xwp/wp-customize-nav-menu-item-custom-fields Note how the plugin has to postpone the presentation of custom fields until a newly-added nav menu item is saved the first time: https://github.com/xwp/wp-customize-nav-menu-item-custom-fields/blob/2ad056634441a74ba91982ca88b089297f630971/customize-nav-menu-item-custom-fields.js#L279-L284 Dependency for: #18584" westonruter 8 38073 Deprecate and replace wp_reset_vars() davideferre dev-feedback General 4.9 normal normal Awaiting Review enhancement assigned 2016-09-16T12:34:35Z 2021-09-01T10:18:46Z "`wp_reset_vars()` sets global variables based on `$_POST` and `$_GET` values. The function is used around 20 times in core and in my opinion this should be zero. Even better, the function should be deprecated. Why? First of all, it's easy to shoot yourself in the foot if you forget to properly sanitize the input value. Second, globals set by `wp_reset_vars()` aren't explicitly globalized in the files / functions using it. You might stumble upon code like this: {{{#!php \r\n"" . ""\r\n"" . ""\r\n"" . ""\r\n"" . ""\r\n"" . ""\r\n"" . ""\r\n"" . ""

This is a red paragraph

\r\n"" . ""\r\n"" . ""\r\n"" . ""--$multipart_boundary--""; wp_mail( 'whoever@example.com', 'Multipart email test', $body, $headers ); }}} The email sent by this code should show either the text part or the html part, depending on the email client. I use Thunderbird and it shows no content at all. The source of the problem is in the Wordpress file /includes/pluggable.php, function wp_mail(). The function argument $headers array/string supplied by the user is assigned to a variable $tempheaders and then $headers is set to an empty array. $tempheaders is then processed in a switch statement block starting at line 251 to extract the header fields From, Content_Type, Cc, Bcc and Reply-To. Any other header fields are considered 'custom headers' and are added back into the $headers array by the default case of the switch block. At the end of processing $tempheaders, if there are no 'custom header' fields present, then the $headers variable remains an empty array. At line 441, the $headers variable is tested to see if any 'custom headers' need setting. {{{#!php $content ) { $phpmailer->AddCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) ); } if ( false !== stripos( $content_type, 'multipart' ) && ! empty($boundary) ) $phpmailer->AddCustomHeader( sprintf( ""Content-Type: %s;\n\t boundary=\""%s\"""", $content_type, $boundary ) ); } }}} Strangely, not only does this if statement block set the 'custom headers' ($headers) when they exist, it also sets the Content-Type: multipart/...; boundary=... Hence, if $headers is empty, as is the case for my example above, the multipart boundary is not set. The question is: why is setting the multipart boundary dependent on there being these so called 'custom headers'? I have only noticed this problem since Wordpress 4.6+. Since version 4.6, the header field Reply-To was added to Wordpress' list of 'non-custom headers'. Prior to version 4.6, Reply-To was considered a 'custom header' and so, $headers was not empty and my code worked. As a work-around, if I add Return-Path: ... to my headers, then everything works and my emails are readable again. However, I shouldn't need to do this. I think this problem needs some serious attention. Tony " drtonyb 38109 Improvements to user deletion dev-feedback Users normal normal Awaiting Review enhancement new 2016-09-20T13:50:32Z 2019-04-01T23:06:06Z "User deletion in WordPress, at the moment, is not straightforward. When you click ""delete"" on users who have authored content, you are presented with this ultimatum: [[Image(https://i.imgur.com/11ex3hz.png)]] At my company, we build and host WP sites for clients and we almost never make decisions about content. But we do sometimes want to delete users, for instance in the situation where a person who works for a client leaves their position as they have been promoted or left for another job. In that case we would like to be able to delete the user account of that person. But without knowing how to answer the question of which user to assign their content to, we're forced to ask the client to make that decision. With a view to making it possible for sysadmins to delete users without having to consult with the client, I'd like to propose two solutions: 1. WordPress disassociates user accounts from authorship information (like in the Automattic plugin [https://wordpress.org/plugins/co-authors-plus/ co-authors-plus]) 2. WordPress allows deactivating user accounts so that the user can no longer login or reset their password, but the account still exists" tomdxw 1 38112 Deleting an Active Plugin via Bulk Actions Fails Silently has-patch Plugins normal normal Future Release defect (bug) assigned 2016-09-20T17:43:26Z 2022-09-21T12:03:20Z "With the introduction of shinier updates in 4.6, it appears that the error messaging around deleting an activated plugin wasn't ported into the new system properly. '''To reproduce:''' 1. On Plugins Screen, select an activated plugin. 2. From ""Bulk Actions"" select ""Delete"" 3. Click Apply '''Result:''' Nothing happens. Silent failure (to delete). '''Expected Result:''' Error message explaining that you can't delete activated plugins. In one case, I actually saw the expected error message after refreshing the plugins page, but I haven't been able to replicate that since." mrwweb 11 38128 Twitter Embed - Enhancement change theme Embeds lowest normal Future Release enhancement new 2016-09-22T13:34:18Z 2023-05-30T08:59:36Z "I would like to suggest to add a option to set the twitter embed theme. Currently you only can use the standard White Theme, some possibility to customize it to dark as example for dark sites would be great." Deexgnome 4 38133 "Core widget fields fail to render value of ""0"" when empty() checks are used" stevenkword has-patch Widgets 2.6 normal normal Future Release defect (bug) reviewing 2016-09-22T19:52:55Z 2019-04-02T17:46:37Z "If you put a single zero 0 the instance property for in many default widgets, it won't output any thing if an `empty()` check is used since `empty( '0' ) === true`. You can try putting a 0 in any widget title or content. It works if you put 00 or anything else. The reason being our use of `empty( $variable )` and `! empty( $variable )` in the default widgets. `empty` returns FALSE if var exists and has a non-empty, non-zero value. So it will be better to use `isset( $variable) && $variable != ''` instead. Wanted to submit a patch but wanted to know if above method will be the best one." hardeepasrani 16 38171 A site within a network has no more users when those users are deleted from the network dev-feedback Networks and Sites 3.0 normal normal Awaiting Review feature request new 2016-09-27T14:08:40Z 2020-01-06T17:33:20Z "In a multisite installation, if a site has only one user and you delete this user, the site has no more users. That seams logical, but this is not what super admin expects when he deletes a user from the network. When deleting a user, the following question appears : What should be done with content owned by XXX ? But even if he chooses ""Attribute all content to:"" option, the site in question is left without any user. I don't think this is impacting the site functions, but perhaps we should add a note ? We have several options : * if a user is selected to attribute the content to, it should also be added as a site user * OR, display a warning somewhere that a site will be left without any user before deleting the user * OR, do nothing and be responsible of some heart attacks when a super admin discovers that a site has no more active user. " Fab1en 12 38173 Meta query creates unecessary multiple left joins when using the same meta key Query 3.2 normal normal Future Release enhancement new 2016-09-27T16:36:27Z 2017-02-17T03:06:46Z "If you specify the below as a meta_query wordpress creates an extremely bad and inefficient query, it seems to unnecessarily create a left join for each array even though they have the same key when it could use the same join {{{#!php 'OR', array( 'key' => 'product', 'value' => '1', 'compare' => '!=' ), array( 'key' => 'product', 'compare' => 'NOT EXISTS' ) ); }}} {{{ SELECT SQL_CALC_FOUND_ROWS vvc_posts.ID FROM vvc_posts LEFT JOIN vvc_postmeta ON ( vvc_posts.ID = vvc_postmeta.post_id ) LEFT JOIN vvc_postmeta AS mt1 ON (vvc_posts.ID = mt1.post_id AND mt1.meta_key = 'product' ) WHERE 1=1 AND ( ( vvc_postmeta.meta_key = 'product' AND CAST(vvc_postmeta.meta_value AS CHAR) != '1' ) OR mt1.post_id IS NULL ) AND vvc_posts.post_type = 'news' AND ((vvc_posts.post_status = 'publish')) GROUP BY vvc_posts.ID ORDER BY vvc_posts.post_date DESC LIMIT 0, 10 }}} On my site this query takes a huge 6.640 sec, more than 80% of the page's ttfb. {{{ SELECT SQL_CALC_FOUND_ROWS vvc_posts.ID FROM vvc_posts LEFT JOIN vvc_postmeta ON ( vvc_posts.ID = vvc_postmeta.post_id && vvc_postmeta.meta_key = 'product') WHERE 1=1 AND (CAST(vvc_postmeta.meta_value AS CHAR) != '1' OR vvc_postmeta.post_id IS NULL ) AND vvc_posts.post_type = 'news' GROUP BY vvc_posts.ID ORDER BY vvc_posts.post_date }}} whereas an optimized version takes only 0.969 sec." neonWired 3 38183 Add hooks to be run before and after each callback needs-unit-tests Plugins normal normal Future Release enhancement new 2016-09-28T23:41:23Z 2017-08-25T21:15:07Z "Since before the dawn of time, debugging tools have relied on the `all` hook to collect information about how long hooks take to run, and which callbacks are registered to that hook. This has a few drawbacks. Primarily, it's not possible to collect timing information about individual callbacks, and it's quite difficult to manage recursive hook behaviour. With that in mind, hooks that run before and after each callback would be quite valuable, but they do need to be considered carefully. * What kind of performance impact would they have? If there are no callbacks registered to these hooks, there should ideally be no performance impact. * Should they be `WP_DEBUG` only? This would discourage plugins from abusing them on production systems - they would only be used if the site admin explicitly sets the site to debugging mode. * Dealing with recursion is fun, should they provide any helpers for indicating recursion level, or is it up to the code hooking into them to handle that?" pento 3 38186 Database Collations Bypassed by determine_charset() in wp-db.php Charset 4.6.1 normal major Awaiting Review defect (bug) new 2016-09-29T14:26:56Z 2017-02-10T14:32:55Z "The function 'determine_charset' in wp-db.php, since 4.6.0 will try to set the database collation to the best option available, 'utf8mb4_unicode_520_ci'. This makes sense when the collation is not explicitly defined in wp-config.php, and most likely beneficial to novice developers. However, this assumptive behavior occurs even when the DB collation ''is'' explicitly defined in wp-config, effectively ignoring 'utf8_general_ci', 'utf8mb4_unicode_ci', and collations starting with 'utf8_' in certain environments. There appears to be no way to force these collations when defined by the developer. If the developer has set the collation in the config file, shouldn't the software obey the word of the developer? In short, ''a valid database collation set in wp-config should not be bypassed by WP Core.'' There is no workaround that vindicates the logic in determine_charset(). A possible solution would involve determine_charset() checking for a config setting such as 'FORCE_DB_COLLATE'. If true, use the collation defined in wp-config without assuming otherwise. " natecf 2 38197 Update Pingback function To Add Return has-patch Pings/Trackbacks normal normal Future Release enhancement assigned 2016-09-30T11:07:47Z 2022-09-30T14:43:00Z "Related to #36824. Updated to reflect focus on the return issue. In #36824, the proposal was to improve performance of the do_all_pings function. Part of this involves the fact that if a pending trackback URL is sent a pingback successfully, it should not also send a trackback. The function should also optionally return which URLs were successfully pinged or a WP_Error object in the event the sending fails, etc. This would change the signature of the function but would allow for debugging, response to errors, as well as assist in optimizing the do_all_pings function. The original proposal was to deprecate pingback because it includes $content, a parameter better retrieved from the post itself for purposes of integrity. However, that can be addressed in other ways." dshanske 27 38203 Remove `absint` on object IDs in `delete_metadata`, etc dev-feedback Options, Meta APIs 2.9 normal normal Awaiting Review defect (bug) new 2016-10-01T06:40:14Z 2017-04-19T02:50:43Z "Absint is run on the object ID in the functions called with a meta key: `delete_metadata()`, `get_metadata()`, `add_metadata()`, `update_metadata()` and `metadata_exists()`. This leads to unexpected behavior in the event a negative or floating object ID is passed. Related #37746, #37738, #33372." peterwilsoncc 7 38204 enhancement: custom pathname to wp-config.php dev-feedback Bootstrap/Load 4.7 normal normal Awaiting Review enhancement new 2016-10-01T15:01:18Z 2022-10-20T18:18:29Z "This patch allows for setting the pathname to the {{{wp-config.php}}} file with a {{{WP_CONFIG_FILE}}} environment variable. The end goal is to have wordpress code separate (and possibly read-only) from the config file, and from the state (user content). " gdamjan 6 38207 Disable Trackbacks by Default Keep Pingbacks On dev-feedback Pings/Trackbacks low minor Awaiting Review enhancement new 2016-10-01T19:21:01Z 2017-03-07T23:23:29Z "Trackback is a manual technology. Pingback is an automated technology(automatically pings sites linked to in post content). The question comes from me as the component maintainer and I'm opening this as a place for if the proliferation of Trackback Spam and the manual requirement has made it worth disabling the receipt and/or sending of trackbacks by default while leaving pingbacks enabled. I continue to be committed to pingback and the concept in general, but I have to ask regarding the interest in trackback. I'm putting out a call for comment in this regard. The only recent trackback related requests involve expensive queries to send trackbacks(See #36824). Related #37007." dshanske 8 38211 Interference of AJAX search with input field auto-complete adamsilverstein has-patch Plugins 4.6 normal normal Future Release defect (bug) assigned 2016-10-02T12:09:55Z 2021-10-29T19:23:00Z "In WordPress 4.6 new feature was introduced in ""Add Plugin"" page - user input in ""Search Plugin"" field triggers AJAX search. That's great but it also makes browser's auto-complete of this field to disappear (at least in Chrome). Therefore it's difficult to select an already existing option of plugin name that browser's auto-complete offers because AJAX search gets triggered very soon after you type a letter in input field. So, in most cases I need to type full name of the plugin or try to select auto-complete option before AJAX gets triggered. I'm not sure what the solution for this would be but I don't think it's difficult to press Enter or tap Search button after you have written everything you wanted without system interfering with the process without user wanting it. In addition, the fact that button Search disappeared some time ago made it impossible to add a plugin on touch devices. I see that AJAX search perhaps tries to fix this but it breaks auto-complete as I mention above." armandsdz 35 38223 Add indicators to off-site links in wp-admin General normal normal Awaiting Review enhancement new 2016-10-04T07:31:51Z 2020-03-16T18:10:46Z "Now that `target=""_blank""` has been removed from links in the help tab on pages, off-site links will take the user away from their current screen. While a fan of removing `_blank` links, we should set expectations for users, the tabs on one side open new panels, on the other side they take you to Codex articles on .org while still retaining a similar style. I can see this as being a frustrating point for users who'd use the help tab and suddenly find them selves not only losing data from their forms etc that may not be fully filled in, but also taken to a completely new domain. Introducing a new screen reader text alerting users to a link taking you to an external source, as well as an icon or similar for non-sr users would be good in regard to UX. I believe the link icon of a box with an arrow going diagonally out of it has become a well established indicator of external links, we even have a [https://developer.wordpress.org/resource/dashicons/#external dashicon] ready for it" Clorith 5 38224 Not enough results in menu-page-add-search dev-feedback Menus 4.6.1 normal normal Awaiting Review defect (bug) new 2016-10-04T09:42:08Z 2017-01-31T20:35:38Z "While editing menu, trying to add a page, searching for the page ""research"" in a database with hundreds! of pages with this word in it, looking for that ONE page with just 'research' as title, the page is not listed admin/includes/nav-menu.php, _wp_ajax_menu_quick_search with type=quick-search-posttype-page the WP_Query lists posts_per_page = 10, but the search does NOT provide a paginator. I call this a bug because it is not working as intended; I assume you intended that the search would allow a page to be found, so the bug would be ""pagination is missing"" I have hard-coded a -1 to avoid the issue for now possible solutions are: - add pagination - add a filter on the arguments so we can set a different page-size without altering the code " clearsite 3 38227 Term Status API Taxonomy normal normal Future Release task (blessed) new 2016-10-04T15:52:34Z 2021-04-10T18:04:51Z See #37914, #37915, and make/core post (coming in a moment). boonebgorges 3 38228 Add filter to default gallery shortcode output dev-feedback Gallery 4.7 normal normal Awaiting Review enhancement new 2016-10-04T18:27:54Z 2018-04-12T14:05:03Z "Right now the only way to alter the default gallery shortcode output is to use the ""post_gallery"" shortcode which effectively requires the developer to rewrite the entire shortcode. There is a lot of redundancy in here since in most cases, we do not want to alter the retrieval of gallery items. By adding a simple filter at the end of the gallery, we can save a lot of code as well as not effect anyone currently using the post_gallery filter. See my proposed patch." tristangemus 3 38238 Sorting a list table by some kind of count should default to DESC initially helen has-patch Administration normal normal Awaiting Review enhancement reviewing 2016-10-05T21:32:01Z 2020-06-29T11:01:52Z "List tables that can be sorted by some kind of count (posts with that term, comments on that post, etc.) should likely use `DESC` for that sort initially, as more frequent user workflows involve wanting to see things with many X (popularity/usage), as opposed to items with no X (cleanup). For example, you may want to see which categories are most popular (related: #36964) or which posts have generated a lot of comments. Should also consider how sortable custom columns indicate whether to use `ASC` or `DESC` initially." helen 9 38243 Attempting to create a term with invalid UTF8 characters creates a blank term needs-unit-tests Taxonomy normal normal Future Release defect (bug) new 2016-10-06T13:52:37Z 2019-04-01T17:41:28Z "Attempting to insert a term which contains invalid UTF8 characters will incorrectly create a term in the database with a blank name & slug. This happens as we check that the term name & slug is provided, but fail to check after sanitizing the term. In the scenario that I've run into, something similar to this happens: {{{ $term_name = urldecode( ""360%BF"" ); // Invalid UTF8 character wp_insert_term( $term_name, 'my_taxonomy' ); }}} What this causes is * the checks on `$name` to pass * it then hits `sanitize_term()` and after passing through `sanitize_text_field()` and then `wp_check_invalid_utf8()` the `name` field of the term is set to an empty string. * `wp_insert_term()` then takes this empty name and creates an equally empty slug from it. * `wp_insert_term()` then calls `get_terms( array( 'name' => '' ) )` and needlessly & badly loads up all 60,000 terms into memory of the custom taxonomy * `wp_insert_term()` then see's an empty slug and ultimates settles on a setting the slug to the numeric ID of the term somehow * `wp_insert_term()` finally inserts a term with a numeric slug and empty `name` field I think at a minimum, we should verify that the term name is still valid after term sanitisation. See patch for that." dd32 2 38259 A FORCE_SSL_CONTENT constant Security normal normal Awaiting Review enhancement new 2016-10-08T17:03:15Z 2019-06-04T18:12:33Z "If this constant is set, we will: - Force local URLs within content to https What we won't do: - Force non-local URLs within content to https - Force the https version of oEmbeds just yet - see #28507" LoreleiAurora 1 38260 A FORCE_SSL_CANONICAL constant Security normal normal Awaiting Review enhancement new 2016-10-08T17:04:21Z 2019-06-04T18:12:35Z "If this constant is set, we will: - Force canonical links to https - Turn on {{{FORCE_SSL_CONTENT}}} - see #38259" LoreleiAurora 1 38261 A FORCE_SSL_SCRIPTS constant Security normal normal Awaiting Review enhancement new 2016-10-08T17:06:12Z 2019-06-04T18:12:36Z "If this constant is set, we will: - Force local enqueued scripts and styles to https - Force non-local enqueued scripts and styles to https" LoreleiAurora 2 38262 Task: Opt in SSL Improvements Security normal normal Awaiting Review enhancement reopened 2016-10-08T17:06:50Z 2020-02-05T06:46:51Z "In the core-https meeting we have been discussing how we can improve opt in support for https. The first stage of this is to introduce constants to force https on various components. This ticket is the canonical place for this discussion. So far we are proposing the below constants: {{{FORCE_SSL}}} #28521 {{{FORCE_SSL_CONTENT}}} #38259 {{{FORCE_SSL_CANONICAL}}} #38260 {{{FORCE_SSL_SCRIPTS}}} #38261 These will be in addition to the existing {{{FORCE_SSL_ADMIN}}} constant." LoreleiAurora 3 38265 Add term_relationship_id column to wp_term_relationships dev-feedback Taxonomy normal normal Awaiting Review feature request new 2016-10-09T01:11:01Z 2017-10-25T16:44:02Z "I have a need to attach additional information to the post/term relationships themselves. I'd prefer not to stash this data in postmeta or termmeta, as this data is strictly about the connection between the two, and not about either object. Naturally, my solution for this is to create a metadata database table (like we did with comments years ago, and taxonomy terms recently.) The first of many steps towards a `term_relationshipmeta` database table is that `wp_term_relationships` lacks a `term_relationship_id` primary column in the database. ---- On the extreme end of this idea, probably lives a `WP_Term_Relationship` object, with methods for adding/editing/removing relationships, which the `wp_*_object_terms` functions would become wrappers for. Before any of that is really feasible, or for very much work to continue even in private as a plugin first, term relationships need a unique identifier." johnjamesjacoby 2 38276 """Is thing public/accessible"" API" dev-feedback Role/Capability 4.7 normal normal Awaiting Review feature request new 2016-10-10T16:13:16Z 2017-09-23T20:45:44Z "'''Question:''' How do you check if a non-logged-in user is allowed to view something in WordPress? (Posts specifically, and also in general?) '''Answer:''' Within WordPress there is no API for checking whether a non-logged-in user is allowed to view a post or other object. == Capabilities API There is the role and capabilities API, but only logged-in users will have a role or any capabilities. A visitor to the site who is not logged-in will thus not have even the `read` capability. `WP_User::has_cap( 'read' )`, and thus `current_user_can( 'read' )`, will return `false`, while `user_can()` will peremptorily return `false` if the user ID passed does not exist before even calling `WP_User::has_cap()`. ''Thus, while we can check if a logged-in/existing user can view a post via the capability API, we cannot use it to check whether a non-logged-in user can view the post.'' == Underlying Philosophy The underlying philosophy that is used within WordPress is that objects such as posts are public by default. '''Everything is accessible to everyone unless specifically restricted.''' This is, in a word, a blacklist-style approach. The object is public, unless it blacklists/restricts itself in some way. When an object is public, the capabilities API, and the concept of capabilities in general, no longer applies as to whether that object is accessible. The object is accessible by default. The question becomes “is this post publicly visible?” rather than “does this user have the ability to view this post?"" The capabilities API, on the other hand, operates on a whitelist philosophy—nobody is allowed to do anything (and thus nobody has any capabilities), unless specifically granted permission. These two different approaches make sense in different scenarios. However, it starts to get sticky when the two intersect. And that is exactly what happens with the `read` capability: we're now checking the whitelist to check a blacklist. And when the user isn't logged in, the capability isn't in the whitelist, which causes everything to get blacklisted—they don't have the capabilities to read any posts at all. == Why doesn't this explode? Obviously, WordPress has gotten along quite well up to this point without everything flying apart though. Non-logged-in users ''can'' view public posts—otherwise you and I wouldn't be able to see about 25% of the web right now. So yes, of course non-logged-in users do get to view those posts. They are public, they aren't restricted. But they get to view them despite not having the `read` capability. In other words, usually this doesn't cause any issues. That's why nobody has brought it up before (that I know of—probably they have). Why? Because usually posts are retrieved for display via `WP_Query`, and it bypasses the `read` capability. Instead, it works from the philosophy of public by default discussed above, and internally handles all of the logic for checking if the post is publicly visible or restricted from the current user. So, any time that you are using `WP_Query`, you will automatically get all of the posts, minus those that were restricted in some way (blacklisting, as it were). == Okay, so then who cares? Good question. After all, shouldn't we always be using `WP_Query` to retrieve posts? === People not using `WP_Query` Well, yes. But, what if we aren't retrieving a post? What if we have a plugin where we are storing some information that relates to a post in a separate table, and we want to display that information publicly on the site. But because that information references the post in a potentially identifying manner, we can't show it to users who can't view the post. I'd say that's a perfectly valid use-case. So how would we check if the current user can see the information for a particular post? I know what you were about to suggest: ""Use `current_user_can()`!"" But yeah, now you know why that won't work: that's a capability check, and non-logged-in users will not have any capabilities. So non-logged-in users wouldn't be able to view the information for any of the posts, even those that they can view publicly on the site. Now, you might say, ""Just check if the post is public."" Yes, and thanks for telling my how to do that. Should I use the `just_check_if_the_post_is_public()` function? :-) That's what this ticket is about. === People adding accessibility restrictions Another reason to care about this is that it means that when somebody wants to restrict the visibility of posts they have to hook-in multiple places: in the capabilities API for the `read` cap, and for the post retrieval logic in `WP_Query`. That is not the main focus of this ticket, and it may not really be practical to solve at all. However, I'm not sure how many developers realize that they need to consider both of these things. == So what do you propose? In this ticket, I'm '''not''' really suggesting that we: - throw out the `read` capability. (Back-compat nightmare.) - modify the caps API to handle non-logged-in users differently. (Fundamental change in an API, probably not practical.) I ''am'' suggesting that there is a need for a new API, to formally provide a means of determining whether a post (or any object) is publicly accessible. This API would include a function like `is_thing_accessible( $thing_id )` (and perhaps `is_thing_accessible_for_user( $user_id, $thing_id )`). == Is that ''really'' needed? Now, I know that some might suggest that this really isn't needed, because you can just check if the post has a public status. That is true in theory, but in practice things are more complex. First, let me reiterate that what I'm proposing isn't just for posts, it is for any objects, of which posts are one, comments another, users another. Secondly, using posts as an example,a plugin can add extra restrictions that cause posts with otherwise public stati to not be publicly accessible to all users. So it isn't a viable solution to just duplicate each core check that would normally apply to posts—others might be added by plugins. For capability checks I don't have to worry about that. I just check for a particular cap and anything that affects that cap will just hook into `map_meta_cap` and I never have to know. But if the user is logged out I can't use the capability API, and suddenly the onus is on me to know about every possible restriction that could ever apply to a post, in order to check if the post is public. I should be able to check `is_thing_accessible( $post_id )` and just forget it, same as I can do with `current_user_can( 'read_post', $post_id )`. We are talking about non-logged-in users here after all. If a restriction isn't taken into account, it doesn't just mean that some less privileged users can view the object, it means that everybody can. ---- I [https://wordpress.slack.com/archives/core/p1476106801005182 brought this up] and [https://wordpress.slack.com/archives/core/p1476107282005192 discussed it with @johnbillion] in the `#core` channel on Slack before creating this (admittedly long-winded) ticket. " jdgrimes 13 38278 Only query taxonomies assigned to the post types being queried dev-feedback Taxonomy 4.7 normal normal Awaiting Review enhancement new 2016-10-10T20:28:53Z 2017-04-20T03:02:26Z "While working on #31383 (Add `WP_Tax_Query` support to `WP_User_Query`), it was brought up that taxonomy queries do not check to see whether the requested taxonomies are registered to the requested post type. Opening this ticket to discuss further. Should taxonomies always match the queried `post_type`? From @boonebgorges on the other ticket: Here's a way to frame the issue: are we likely to confuse developers if we allow (ie, don't throw errors for) queries like `get_users( ... 'tax_query' => ... 'taxonomy=post_tag' )`? Or `get_posts( ... 'tax_query' => ... 'taxonomy=some_user_taxonomy' )`? Or maybe these queries will just always end up empty? We should think through the possible confusions (or, maybe, lack thereof). " desrosj 38280 Make term count for a specific object type available desrosj has-patch Taxonomy 4.7 normal normal Future Release enhancement assigned 2016-10-10T21:54:15Z 2020-06-11T14:29:45Z "Term count is the total number of relationships with no context of the object types the relationships belong to. Currently, the best way to determine the count of a term for a specific object type is to run a `WP_Query` with a `WP_Tax_Query` for that term. {{{#!php $term_count_query = new WP_Query( array( 'post_type' => 'some-post-type', 'tax_query' => array( array( 'taxonomy' => 'some-taxonomy', 'field' => 'slug', 'terms' => array( 'term-slug' ) ), ), 'posts_per_page' => 1, ) ); $term_count_for_post_type = $term_count_query->found_posts; }}} Now that term meta is in core, it would be great if these counts were stored in term meta for easy access. To start, these counts could be available through a function. To go a step further, an argument could be added to `get_terms()` and other functions to filter the term counts and reflect the object types terms are being grabbed for." desrosj 27 38282 Trackbacks do not return proper XML on double entries and flood has-patch Pings/Trackbacks normal normal Awaiting Review defect (bug) new 2016-10-11T09:49:18Z 2019-04-01T15:10:22Z "If an comment is double or part of a comment flood, `wp_new_comment()` tends to `wp_die()`. With #36901 we can now get a proper `WP_Error` instead and utilize this in ''wp_trackback.php''" websupporter 1 38283 Some `WP_Query` query vars undocumented has-patch Query normal normal Future Release defect (bug) new 2016-10-11T15:07:18Z 2019-03-27T15:20:20Z "While working on #38276, I noticed that the `has_password` and `post_password` query args (added in [27395]) aren't included in the inline docs for `WP_Query::parse_query()` with the other args. I did a search for all of the args used in `WP_Query`, and discovered that the following args are used but not documented: {{{ attachment caller_get_posts embed error feed has_password minute post_password posts_per_rss preview robots search_orderby_title search_terms search_terms_count showposts static subpost subpost_id taxonomy tb term term_id withcomments withoutcomments }}} Some of these may be deprecated, discouraged, or internal. If there has been a previous decision not to include them for some reason, then I apologize for bringing it up. But I couldn't find any tickets relating to the password related args not being documented, so I have a feeling that some of these may have just been overlooked. Perhaps some of these shouldn't be documented, although we could document deprecated args and that they are deprecated, rather than just leaving them out. But at least this ticket will provide us a central place where we can state why certain ones aren't going to be documented, if indeed that's the decision." jdgrimes 1 38285 Object lookups by ID (or primary key) are not managed properly, lots of memory leaks has-patch Cache API normal normal Awaiting Review defect (bug) new 2016-10-11T17:02:42Z 2019-04-01T15:00:53Z "tl;dr this affects every object that uses the `WP_Post::get_instance()` paradigm of ""managing instances"" (spoiler: they are not) `WP_Post` and friends are supposed to add more sanity to caching and sanitization. They are not models, they are read-only data objects that strongly-type database rows. As such, it should be easy to maintain only one reference to any given row = one object per row, regardless of method of query, you should always get the exact same object. This tends to work if you pass around objects, but not when passing around IDs. Passing around IDs is a common use-case: {{{ $ids = get_favorite_posts(); foreach ( $ids as $id ) { $post = get_post( $id ); // wreak havoc } }}} In a theme: {{{ get_the_title( get_the_ID() ); }}} In Doctrine (or Hibernate, or any other ORM), each type is an Entity that is managed by an Entity Manager. There is never more than one instance of a single item. In WordPress, we get `get_post()` and a built-in non-persistent Array Cache. We also get `WP_Post::get_instance( $id )`, which makes us believe that `WP_Post` is managing instances. It is not. The Array Cache is maintaining all of these references. A few problems: * calls to `::get_instance()` will always touch the cache * The Array Cache clones objects before storing them, and clones objects before returning them * The Array Cache is storing `stdClass` instances, not `WP_Post` instance, so every item out of the cache also has to become a brand new instance of `WP_Post`. Storing the items as `WP_Post` objects would seemingly remove the need to return new instances, but they would be new instances nonetheless, since the cache clones every object before saving / returning. What needs to be done: * Object rows are stored strongly-typed * Cache does not clone objects How to test that this is happening (using WP-CLI): {{{ contains( $p ) ) { $store->attach( $p ); } } $mem2 = memory_get_usage(); \WP_CLI::line( round( ( $mem2 - $mem1 ) / 1024, 2 ) ); \WP_CLI::line( $store->count() ); } public function ids() { $store = new \SplObjectStorage(); $mem1 = memory_get_usage(); foreach ( range( 1, 20 ) as $i ) { $p = get_post( 27 ); if ( ! $store->contains( $p ) ) { $store->attach( $p ); } } $mem2 = memory_get_usage(); \WP_CLI::line( round( ( $mem2 - $mem1 ) / 1024, 2 ) ); \WP_CLI::line( $store->count() ); } } if ( class_exists( '\WP_CLI' ) ) { \WP_CLI::add_command( 'prof', Prof::class ); } }}} Both should print out 1. Without the patch, `ids` will print out 20 + a bunch of leaked memory. Patch for `WP_Post` + `WP_Object_Cache` attached" wonderboymusic 3 38288 Connection Timeout when importing heavy .xml (LiteSpeed) Import 4.6.1 normal normal Awaiting Review defect (bug) new 2016-10-11T21:24:41Z 2019-04-01T14:49:05Z "When importing big .xml files using the WordPress importer, the connection times out on LiteSpeed servers. This is due to server not sending new content to the browser, so connection automatically closes. This is different to a PHP timeout due to low max_execution_time. This might be prevented by showing some sort of progress bar so the connection is not closed due to inactivity." jscrm 38300 Got a PHP warning: class-wp-xmlrpc-server.php L596: array_unshift() ... XML-RPC 4.6.1 normal normal Awaiting Review defect (bug) reopened 2016-10-13T06:46:16Z 2017-02-06T03:13:45Z "Sometimes the php_error.log file got a warning: {{{ PHP Warning: array_unshift() expects parameter 1 to be array, null given in /wp-includes/class-wp-xmlrpc-server.php on line 596 }}} {{{#!php blogger_getUsersBlogs( $args ); } ... } }}} The $args is NULL, it doesn't matter?" kmvan 1 38303 register_meta and capabilities aren't working as expected rmccue needs-unit-tests Role/Capability 4.6 normal normal Future Release defect (bug) reopened 2016-10-13T14:43:18Z 2017-06-25T20:31:21Z "The first part of this is #38284, there aren't capabilities for object types other than posts. The second part is best described by a use case: I want logged in users to be able to flag inappropriate comments. After 10 flags, the comment gets unpublished and a notice goes to a moderator to check it. I'm going to store these flags and the user in the comment meta table using something like {{{#!php 'string', 'show_in_rest' => true, 'auth_callback' => 'check_logged_in' ); register_meta( 'comment', 'flagged', $args ); function check_logged_in(){ return is_user_logged_in(); } }}} However, I don't want them to be able to edit the comment itself so `current_user_can( 'edit_comment' )` should return false. So that's the use case. What happens at the moment is, well, no one can update the comment because there's no edit_comment_meta capability. But it's not a problem making the capabilities work like that. However, `edit_post_meta` currently doesn't work like that. For `current_user_can( 'edit_post_meta' )` to return true, a user also has to have the `edit_post` capability. It's straightforward to change, but does have one backwards incompatibility: if someone is using current_user_can( 'edit_post_meta' ) with a registered meta key which has an auth_callback that returns true but they really ''don't'' want the person to update the post meta so are relying on the fact that they don't have the edit_post capability, then that will change and that person will be able to update the post meta. It's a slightly convoluted edge case, admittedly. Attached is a patch that shows how it would work with unit tests. " tharsheblows 20 38304 It is not possible to filter posts by category or date on mobile devices has-patch Administration 3.8.9 normal normal Awaiting Review defect (bug) new 2016-10-13T15:08:15Z 2022-06-02T11:17:16Z On mobile devices, this [https://github.com/WordPress/WordPress/blob/4.6.1/wp-admin/css/list-tables.css#L1703-L1706 css rule] hides the actions available at the top of the posts list table. This is not a major issue for bulk actions as the we can find them at the bottom of the list table, but filters (category, date) are totally hidden. Chouby 7 38308 Accept 'meta_query' parameter in `WP_Tax_Query` Taxonomy 4.4 normal normal Future Release feature request new 2016-10-14T08:27:03Z 2017-07-30T15:37:16Z "It would by possible to extend like that? {{{#!php 'post', 'tax_query' => array( array( 'taxonomy' => 'people', 'field' => 'meta', 'meta_query' => array( array( 'key' => 'map', 'compare' => 'EXIST' ) ) ), ), ); $query = new WP_Query( $args ); ?> }}} " Hrohh 3 38310 "Improve ""wp_update_term"" documentation" ruudjoyo needs-unit-tests Taxonomy 4.7 normal normal Future Release enhancement reopened 2016-10-14T10:10:06Z 2021-09-29T05:26:16Z "Hi all, When using the wp_update_term function and reading through its inline docs, it struck me that some part of the inline docs is kind of vague (highly subjective, I know). I will add a patch with a proposal for a more specific inline docs. Thanks, Ruud" ruud@… 12 38312 Network setup step 2 throws warning in certain server setups Networks and Sites 3.5 normal normal Awaiting Review defect (bug) new 2016-10-14T14:31:02Z 2019-04-01T13:47:23Z "Hi, I got this error on my local server: ''Warning: Strpos(): Empty delimiter in wp-admin\includes\network.php line 344'' I tracked this down to line: $home_path = 0 === strpos( $abspath_fix, $document_root_fix ) ? $document_root_fix . $base : get_home_path(); After some more digging, it seems to me that it's possible that this line is causing the initial problem: $document_root_fix = str_replace( '\\', '/', realpath( $_SERVER['DOCUMENT_ROOT'] ) ); Since realpath() can be false in some server setups, $document_root_fix can be empty as well (hence the error) From http://stackoverflow.com/questions/7906513/realpath-returns-empty-string: ''Note: The running script must have executable permissions on all directories in the hierarchy, otherwise realpath() will return FALSE. So your web server should have access also to pre-webroot directories.'' Leaving us with perhaps unexpected behavior of the lines following. I'm not quite sure what to do next, since the next couple of lines are quite hard to grasp. Thanks, Ruud " ruud@… 1 38336 Login: Add new action hooks to the top of login type forms Login and Registration 4.6.1 normal normal Awaiting Review enhancement new 2016-10-17T20:11:14Z 2021-07-20T16:26:30Z "Currently there are action hooks that fire in the login forms after the fields have been loaded into the form. This allows new fields, new text, additional verification fields such as CAPTCHA, etc to be added after the username/email/password fields. However, currently there is not an easy way to add new fields to the top of the forms before the username/email/password fields without building a custom form. In my use case I require an Account/Membership number to be provided in addition to the email/username, which internally allows the same email address to be used with multiple accounts. The only place to add this new field without building a custom form is to add the field after the password field. The current field sequence on the form appears as email, password, account number. Since the account number field is more significant, it would be better to read the field sequence as: account number, email, password. In wp-login.php the login forms have the following action hooks: in form name=""loginform"" `do_action( 'login_form' );` in form name=""lostpasswordform"" `do_action( 'lostpassword_form' );` in form name=""registerform"" `do_action( 'register_form' );` in form name=""resetpassform"" `do_action( 'resetpass_form', $user );` I am requesting new additional action hooks to be created and placed at the top of each of the forms before any fields are defined. For example, in `form name=""registerform""` a new action hook such as `do_action( 'login_form_top' )` to appear directly after the form html line as follows: {{{
"" method=""post"">

... }}} The other forms (lostpasswordform, registerform and resetpassform) would be updated with similar action hooks at the top of each form." pagewidth 1 38368 Add front-end revision browsing Revisions normal normal Awaiting Review enhancement new 2016-10-19T16:17:04Z 2018-03-08T20:14:27Z "This patch will add a live-updating revision browser to single post view when the current user can edit posts. This feature requires the post and post revision routes of the WordPress REST API, as well as the JavaScript client for the REST API. Here is demo of this patch: [[Image(https://github.com/Shelob9/revisions-browser/blob/master/CvIKaDdWcAAtRSa.gif?raw=true)]] Currently this is a functional prototype, as a plugin -- https://github.com/Shelob9/revisions-browser -- prepared by myself with guidance from @adamsilverstein and contributions from @mrahmadawais + @websupporter + @kadamwhite + @circlecube " Shelob9 9 38419 Make beta testing an opt-in feature in core General 4.7 normal normal Awaiting Review feature request new 2016-10-20T19:27:42Z 2021-10-05T01:11:32Z "Currently beta testing of WordPress core (and feature plugins) is something you have to be aware of to take part in. This limits the reach of beta testing feedback to those who are intimately engaged in the day-to-day development of WordPress core and results in feedback that skews heavily in the direction of those who build WordPress as opposed to those who use WordPress. To increase participation in end-user testing of WordPress core and feature plugins, active participation in such programs should be surfaced more visibly, either through settings during install, a modal pop-up, or an alert. To be clear, I'm not talking about testing of bleeding edge nightlies here, but specific features and feature plugins in Beta or RC state. A simple admin alert saying ""WordPress 4.7 beta is available. Would you like to test it?"" would be a huge improvement. Similar can be done with select feature plugins, especially if the alert is tied to the feature they change/improve (so for a new media feature, the alert would appear when the media functionality is engaged: ""We are working on a new and improved media panel. Would you like to test it?""). This would of course have to be done sparingly to avoid alert overload. == Simplified feedback procedure == Along with the surfacing of beta testing, there should be a way to provide feedback on features directly from within WordPress admin. Asking for feedback to be posted in a Trac ticket or even a Make blog post limits the number of possible responses significantly. An in-app feedback feature activated only for testers would greatly simplify the process and most likely increase the volume of feedback data significantly. Whether this data is mapped to Trac tickets or something else needs to be addressed." mor10 10 38424 Custom form taxonomy field doesn't clear after added... has-patch Taxonomy 2.9 normal normal Future Release defect (bug) new 2016-10-20T21:41:06Z 2019-02-17T11:13:34Z "Hi, I was adding a new taxonomy field via the action {$taxonomy}_add_form_fields. Anyway if the input type is 'url', after added the new taxonomy the form field doesn't clear itself, and in the url field will remain the inserted value. This doesn't happen if the input type = text. Thanks." SGr33n 5 38432 Validate user creation and email change by token needs-unit-tests Login and Registration 4.9 normal normal Awaiting Review feature request new 2016-10-21T13:34:31Z 2018-01-17T11:57:10Z "When you register on a wordpress site or when you change your email, we can use a fake email (or error entry) and it create ghost profile. I see 36 bad profile in 2 month on a website. If an email is send with a validate links (token), the profile or the email change can be executed. It secure correct data. Thanks " lriaudel 2 38433 Complete test coverage for current_user_can_for_blog() needs-unit-tests Role/Capability 4.3 normal normal Future Release enhancement new 2016-10-21T14:15:43Z 2020-06-04T15:49:23Z In `Tests_User_Capabilities`, all roles and capabilities are tested using `current_user_can()`. They should all be tested using `current_user_can_for_blog()`, too. johnbillion 5 38442 Error when WP_Query parses orderby array in function parse_order has-patch Query 4.2 normal normal Future Release defect (bug) new 2016-10-21T22:17:25Z 2019-04-02T20:03:42Z "Example of query where I want to order by two custom fields in meta query '''start_date_order''' and '''is_sticky''' {{{#!php true , 'posts_per_page' => 4, 'post_type' => 'event', 'post_status' => 'publish', 'meta_query' => array( 'relation' => 'AND', array( 'key' => 'start_date_order', 'type' => 'UNSIGNED', ), array( 'key' => 'is_sticky', 'type' => 'UNSIGNED', ), ), 'orderby' => array( 'start_date_order' => 'DESC', 'is_sticky' => 'ASC', ), ); $result_query = new WP_Query( $args ); echo $result_query->request; }}} The wrong SQL query generated is {{{ SELECT wp_posts.ID FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) INNER JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id ) WHERE 1=1 AND ( wp_postmeta.meta_key = 'start_date_order' AND mt1.meta_key = 'is_sticky' ) AND wp_posts.post_type = 'event' AND ((wp_posts.post_status = 'publish')) GROUP BY wp_posts.ID ORDER BY CAST(wp_postmeta.meta_value AS UNSIGNED) DESC LIMIT 0, 3 }}} The '$primary_meta_query' var in method parse_order( $order ) is set forever with the first item of '$meta_clauses' array see line 2336 /wp-includes/query.php {{{#!php select activation_key from wp_signups where signup_id=4; +------------------+ | activation_key | +------------------+ | 7259c714857ef009 | +------------------+ 1 row in set (0.00 sec) }}} == Expected behaviour wp_users.user_activation_key contains a timestamp and a hash of the key. wp_signups.activation_key is no less important to security and so should include these security features too." tomdxw 15 38479 Need to check utf8_encode() is available before use. Media 4.4 normal normal Future Release defect (bug) new 2016-10-25T04:38:14Z 2017-08-10T18:05:17Z "The DOM/XML extension isn't necessarily installed on some distros so use of `utf8_encode()` should be checked for availability first. It's not checked in `wp_read_image_metadata()` in ""wp-admin/includes/image.php"" (where I encountered its lack on a Ubuntu 16.04 PHP 7 server), introduced in [36429] and [36430], nor in `wxr_cdata()` in ""wp-admin/includes/export.php"", introduced in the distant past. (Also it does ISO-8859-1 not Windows-1252 so more than likely not that good in the image situation anyway.)" gitlost 3 38481 wp_handle_upload_prefilter not used before deriving attachment title dev-feedback Upload 4.6.1 normal normal Awaiting Review enhancement new 2016-10-25T08:30:18Z 2019-03-26T21:28:44Z "I created a module that modifies upload behavior. I use the wp_handle_upload_prefilter to alter the $_FILES data - specifically the 'name' property of the uploaded file. This works well for changing the name of the file being stored in the file system, but the title of the attachment post still accesses the $_FILES['async-upload']['name'] on line 281 of media.php. To be able to override the title, I had to hook into the 'sanitize_title' filter on line 293 of media.php - and doing that is, in my book, a hack. This sanitize_title filter should specify a context." frodeborli 38486 current_page_parent class wrongly added to menu item williampatton needs-unit-tests Menus 4.6.1 normal normal Awaiting Review defect (bug) assigned 2016-10-25T15:46:20Z 2020-07-31T16:06:44Z "If the current page being viewed is either of the following: - a custom post type archive - a custom post type single item a {{{current_page_parent}}} class is added to the menu item assigned as the {{{page_for_posts}}}. I believe this is wrong because the page assigned as the {{{page_for_posts}}} is associated with ''posts'' only. It has nothing to do with CPTs." henry.wright 8 38507 Quick Edit: Parent label without input when editing page has-patch Posts, Post Types normal normal Future Release defect (bug) new 2016-10-26T07:53:42Z 2019-03-26T21:27:57Z "Noticed while working on #18375. To reproduce: 1. Delete all pages 2. Create a new page, save as Draft 3. Click Quick Edit or Bulk Edit 4. Notice a 'Parent' label without any dropdown It might make sense to always use 'show_option_none' in `wp_dropdown_pages()`, even when there are no pages. However, that might lead to data loss when a parent ID is set but the page does not exist anymore. Instead, the 'Parent' label could be hidden. Screenshot: [[Image(https://cldup.com/tUquX3xYvS.png)]] " swissspidy 3 38518 Rewrite Rules rebuilding on parse_request Rewrite Rules 4.6.1 normal normal Awaiting Review defect (bug) new 2016-10-26T18:33:59Z 2019-03-26T17:20:05Z "Hi, We have an issue that when flush_rewrite_rules is flushing, another request is coming in an parse_request is firing. While update_option('rewrite_rules', ' ') is deleted and the rules are being processed, parse_request is passing the conditional and writing it's own rules. I've created a patch that has flush_rewrite_rules being solely responsible for rebuilding the rewrite rules. Otherwise, parse request will just read the current rules." andyphillips82 1 38536 Hook/Function to Set Content-Security-Policy Security 4.7 normal normal Awaiting Review feature request new 2016-10-27T20:51:06Z 2019-06-04T18:12:39Z "I would like to see a function to set the Content-Security-Policy header. I believe it should be in core so plugins and themes can hook into to set the whitelist domains/urls. By having it in core would allow the function to prevent duplicates. Maybe default to using any script enqueued on page load? Further Reading: https://scotthelme.co.uk/content-security-policy-an-introduction/ https://securityheaders.io " bhubbard 2 38548 Add new filters on wp_script_is/wp_style_is Script Loader 4.7 normal normal Awaiting Review enhancement new 2016-10-28T13:41:52Z 2019-03-26T13:30:07Z "Minification engines tend to group dependencies and then enqueue them in a single file so enqueues handles change their names. So imagine this situation: Handles `style-1` and `style-2` are now grouped into a file and the new handle name is `group-1` Once grouping is done `wp_style_is('style-1', 'done')` won't work as style-1 and 2 are now inside `group-1` so `wp_style_is('group-1', 'done')` would work but this is just known by the plugin that minifies the styles/scripts. I don't know if the point is clear enough. By adding a new filter this would help a lot to remap those handles names. The filter can be placed easily in `WP_Dependencies::query()` method like this: {{{#!php registered[ $handle ] ) ) { $query = $this->registered[ $handle ]; } break; case 'enqueued' : case 'queue' : if ( in_array( $handle, $this->queue ) ) { $query = true; } else { $query = $this->recurse_deps( $this->queue, $handle ); } break; case 'to_do' : case 'to_print': // back compat $query = in_array( $handle, $this->to_do ); break; case 'done' : case 'printed': // back compat $query = in_array( $handle, $this->done ); break; } return apply_filters( 'script_is_query', $query, $handle, $list, $this ); } }}} Any thoughts? " igmoweb 38549 Additional CSS lost when changing themes dev-feedback Customize 4.7 normal normal Future Release enhancement new 2016-10-28T14:37:14Z 2021-05-23T23:39:27Z When you change themes, the Additional CSS is lost. Change the theme back and it returns. I think there should be an option to retain the Additional CSS across any theme used. If we do not implement that, I have a funny feeling that many users will be confused as to where their custom CSS went. scottwyden 13 38557 Format for registering a default header image is ambiguous joemcgill* dev-feedback Themes normal normal Future Release defect (bug) accepted 2016-10-28T23:33:02Z 2019-03-26T13:16:14Z "When registering a custom header with a default image, most resources seem to recommend using an absolute URL ([https://developer.wordpress.org/themes/functionality/custom-headers/ Handbook], [https://codex.wordpress.org/Custom_Headers Codex], [https://make.wordpress.org/themes/2012/04/06/updating-custom-backgrounds-and-custom-headers-for-wordpress-3-4/ Make post]). However, it can be registered with `sprintf` placeholders, which is what the old `HEADER_IMAGE` [https://themes.trac.wordpress.org/browser/twentyten/1.0.3/functions.php#L106 constant accepted]. It's registered that way in [https://themes.trac.wordpress.org/browser/twentythirteen/2.0/inc/custom-header.php#L27 Twenty Thirteen] as well. Any time core references the default image URL, it needs to account for the replacements. The problem is it doesn't take this into consideration in at least a couple places and obscures the replacement a bit by passing the default string through `get_theme_mod()` in some cases, which handles the replacement itself. Here are a couple of places where the replacement isn't handled in core: * [https://github.com/WordPress/WordPress/blob/f7552bbf53c183753eb8ac0e723f79e0d98260ae/wp-includes/class-wp-customize-manager.php#L3438 wp-includes/class-wp-customize-manager.php] * [https://github.com/WordPress/WordPress/blob/f7552bbf53c183753eb8ac0e723f79e0d98260ae/wp-admin/custom-header.php#L642-L643 wp-admin/custom-header.php] To see how this manifests itself: 1. Switch to Twenty Ten or Twenty Thirteen 2. Delete the `header_image` and `header_image_data` theme mods 3. Access the Customizer 4. Open the Header Image section In either theme, the default image that was visible on the front end is missing in the Customizer preview and the ""Current header"" control doesn't show an image as being set. If you access the old Custom Header screen in the admin panel (wp-admin/themes.php?page=custom-header), the option to reset the image is visible when it shouldn't be. I imagine this also affects default images for the custom background feature as well." bradyvercher 15 38560 Add support for uploading arrayed $_FILES needs-unit-tests Media normal normal Future Release feature request new 2016-10-29T13:11:24Z 2017-08-10T17:33:05Z "When you have form code that references [several file uploads](http://php.net/manual/en/features.file-upload.multiple.php) as array, the media_handle_upload() function fails to handle this. For example this: {{{ }}} Will result in a $_FILES array that's creates subarrays shaped like so: {{{ $_FILES['userfile']['name'][0] $_FILES['userfile']['name'][1] $_FILES['userfile']['tmp_name'][0] $_FILES['userfile']['tmp_name'][1] $_FILES['userfile']['size'][0] $_FILES['userfile']['size'][1] $_FILES['userfile']['type'][0] $_FILES['userfile']['type'][1] }}} This will fail when passed to media_handle_upload, since [https://core.trac.wordpress.org/browser/tags/4.5.3/src/wp-admin/includes/media.php#L281 the implementation does not handle this array structure] nor is this documented." kontur 3 38563 Theme installed state does not persist after installation and refined search has-patch Themes normal normal Future Release defect (bug) reviewing 2016-10-30T00:16:26Z 2021-08-11T15:48:59Z "After installing a theme an 'Installed' flag is displayed above the theme. If you refine the search results, and the same theme is in the results the theme does not display the 'Installed' flag. '''Steps to reproduce:''' (Exact steps assumes the WordPress installation does not have the theme Twenty Twelve installed) 1. In the WordPress Administration, go to Appearance -> Themes -> Add New 2. Search for 'Twenty' 3. Install theme 'Twenty Twelve' and wait for installation to complete. The 'Installed' flag will appear above the installed theme. 4. Refine search results by changing search term to 'Twenty T' 5. The theme 'Twenty Twelve' will appear in the search results but will not have the 'Installed' flag. If you attempt to install the theme again you receive an error message stating 'Installation failed: Destination folder already exists.' '''The specifics ...''' Installed themes are stored in a JavaScript array - _wpThemeSettings.installedThemes The array is being created when the page loads and needs to be updated when a theme is installed so that new search results (which use Ajax and do not reload the page) have the complete list of installed themes. '''The solution ...''' Once the installed theme is successfully installed, push the theme slug into the array. e.g. {{{ _wpThemeSettings.installedThemes.push( response.slug ); }}} Attached patch with how I would see this being done." ovann86 1 38573 Ajax requests in customizer controls don't inject customized state as done in preview Customize normal normal Future Release defect (bug) assigned 2016-10-30T21:01:04Z 2017-01-21T17:19:51Z "In the customizer preview, Ajax requests now get the `customized` state injected via `jQuery.prefilter`. In the customizer controls pane, however, this was not also implemented. This is important to ensure that that requests to the REST API will return back the expected previewed state. Also relates closely to #38122." westonruter 4 38595 Unable to access wp-admin/options-permalink.php when .htaccess file is on NFS Permalinks 4.4 normal normal Awaiting Review defect (bug) new 2016-10-31T19:03:14Z 2017-05-03T05:59:25Z "After nearly a week of troubleshooting, we have identified an issue with wordpress which is preventing us from storing our .htaccess file on an NFS mount. This issue exists as far back as 4.4 In order to reproduce: install wordpress in a directory where .htaccess is located on a mounted nfs share. Once wordpress is installed, navigate to yoursite.com/wp-admin/options-permalink.php - the page should fail to load. This issue appears to be caused by the function ""flock();"" in the function ""insert_with_markers();"" in wp-admin/includes/misc.php Per PHPs documentation, flock(); is only acceptable for use on local filesystems. I found an existing ticket regarding this function - #31767 - if I understand correctly, flock(); was added to the ""insert_with_markers(); function to resolve a concurrent write issue on shared filesystems. Disclaimer: I am not a PHP developer, and only understand the basic concepts. The testing for the above bug consisted of commenting out functions till I could find the source of the issue. Commenting out the ""flock();"" function in the ""insert_with_markers();"" function resolved the issue in our environment." kicwordpress 3 38596 Preview Change button does not reflect Custom Page Template dev-feedback General 4.6.1 normal normal Awaiting Review defect (bug) new 2016-10-31T20:08:55Z 2017-09-08T14:17:51Z "When creating 2 or more custom page templates, the Preview Change button is failing to show the correct template after making a switch. Here are steps below. - Create 2 custom page templates in code. - Go to wp-admin and go to Pages - Either use the Sample that ships with WordPress or create a new page - Within page edit mode, under Page Attributes, select a different page template. - Click Preview Change. - You will notice that the preview does not reflect the correct template. You have to push Update in order to see it. " blackawxs 1 38597 Discourage usage of legacy properties in WP_Network jeremyfelt has-patch General 4.6 normal normal Future Release enhancement reviewing 2016-10-31T20:48:29Z 2017-04-24T17:07:09Z "`@property`'s is for magic properties: https://phpdoc.org/docs/latest/references/phpdoc/tags/property.html Since `$id` isn't magic, let's remove the `@property` documentation. See: #37050" johnjamesjacoby 12 38599 Allow verbose rewrite rules with custom post types Posts, Post Types normal normal Awaiting Review enhancement new 2016-11-01T00:08:41Z 2021-07-27T05:50:55Z "Every time I create a custom post type (say, Book) I invariably want a structure like this: /books/ - static page where I can write all sorts of overview content with all of the formatting provided by the theme's page template (not a basic post type archive) /books/book-1/ /books/book-2/ - custom post type permalinks This is possible by using a rewrite slug of books. However, if someone then creates a subpage of books, they'll get a 404 error, full stop. This has been around a long time, and many workarounds have been provided in trying to get verbose rules triggered, such as: https://gist.github.com/mattberridge/2960966 Rewrite rules underwent some major changes a while ago for improved performance (to get %postname% permastructures working well, then there were pretty attachment URLs, etc), which results in these workarounds no longer working. (Custom post type rules get inserted at a place which isn't easy to reorder and conflicts with other rules). Instead, I have to keep using unique prefixes which make things look messy and confusing to visitors: /books/ /book/book-1/ (even though there is no /book/ page on my site) Having a nicer structure seems like a very common use case (especially given the number of search results you'll find about workarounds). I'd like to suggest allowing custom post types to trigger verbose rules in a way that will work." smerriman 2 38618 wp_description() and description-tag dev-feedback General normal normal Awaiting Review feature request new 2016-11-02T10:00:21Z 2019-04-05T11:03:42Z "The `wp_title()` function is used by the `title-tag` theme feature to output specific page titles. Ref https://developer.wordpress.org/reference/functions/wp_title/ What are your thoughts on having something like this for the meta description?" henry.wright 2 38622 XML-RPC wp_newComment should return an error when a field exceeds the maximum length has-patch XML-RPC 4.5 low normal Awaiting Review defect (bug) reopened 2016-11-02T16:09:56Z 2024-01-13T06:26:52Z "We return a `WP_Error` in `wp_handle_comment_submission()` when the comment content, author name, author email, or author url exceeds the maximum length of its respective database column. See #10377. We should do the same in the XML-RPC `wp_newComment()` method." rachelbaker 10 38624 Allow starter content to apply after a site has already been set up and is no longer “fresh” Customize normal normal Future Release enhancement new 2016-11-02T17:26:32Z 2020-11-23T21:19:54Z "Starter content for themes was introduced in #38114. In order to prevent the starter content from overriding a site's existing content, a `fresh_site` option flag was added to prevent the content from applying after the site has been first updated. This means the starter content has limited use when installing new themes to try out during the life of a site. The primary problem for applying starter content on an existing site is how to handle the merge conflicts, how to decide when to use the starter content/configs and when to use existing site content/configs. One option would be a button to “reset” a site to use the starter content. For more granularity, once the starter content is applied there could be a list of the settings that were modified so that you could then go through and evaluate each change to see if you want to keep it. Each control that has a setting containing dirty starter content could be highlighted in some way with a button that allows you to revert the starter content or toggle the starter content so you can compare before/after. This is closely related to #21666 (Customizer reset/undo/revert) and #31089 (Add revisions of settings to the Customizer)." westonruter 24 38630 Discourage usage of legacy properties in WP_Site dev-feedback Networks and Sites 4.5 low normal Future Release enhancement new 2016-11-02T21:21:20Z 2021-11-22T07:25:30Z "Working on #38597, it was figured out that the best solution for handling problems with IDE handling of `WP_Network`s magic ID property is to rename the actual properties to reflect our current naming conventions. This enhancement will encourage to use the new conventions while still supporting the old ones for legacy code. Let's do the same for `WP_Site`: * `$blog_id` (string) is replaced with `$id` (int) * `$site_id` (string) is replaced with `$network_id` (int) * both legacy names will continue to work through magic methods" flixos90 10 38636 Allow data attributes to be added to WP Admin Bar menu items has-patch Toolbar normal normal Future Release enhancement new 2016-11-02T22:19:44Z 2021-07-09T05:20:33Z "It is currently not possible to add your own parameters to WP Admin Bar. For improved flexibility with javascript I think this could be a good feature. Example: {{{#!php add_node( 'id' => '', 'parent' => '', 'title' => '', 'href' => '', 'meta' => array( 'title' => '', 'data' => array( 'test' => 'data-test content' ) ), ) ); }}} Example code for class-wp-admin-bar.php (L 497 - 533) {{{#!php meta['data'] ) && ! is_array( $node->meta['data'] ) ) { $node->meta['data'] = array( 'data' => (string) $node->meta['data'] ); } ?>
  • id ); ?>""> href=""href ) ?>""meta['onclick'] ) ) : ?> onclick=""meta['onclick'] ); ?>""meta['target'] ) ) : ?> target=""meta['target'] ); ?>""meta['title'] ) ) : ?> title=""meta['title'] ); ?>""meta['rel'] ) ) : ?> rel=""meta['rel'] ); ?>""meta['lang'] ) ) : ?> lang=""meta['lang'] ); ?>""meta['dir'] ) ) : ?> dir=""meta['dir'] ); ?>""meta['data'] ) ) : foreach ( $node->meta['data'] as $attr => $data ) : ?> data-="""">
    meta['title'] ) ) : ?> title=""meta['title'] ); ?>""meta['lang'] ) ) : ?> lang=""meta['lang'] ); ?>""meta['dir'] ) ) : ?> dir=""meta['dir'] ); ?>""meta['data'] ) ) : foreach ( $node->meta['data'] as $attr => $data ) : ?> data-="""">

    `, but the corresponding opening and closing tags won't exist. For example, `

    a\n\nb
    ` will produce `
    a

    b

    `, when it really should produce `
    \n

    a

    \n

    b

    \n
    `." pento 4 38690 Introduce classes for settings dev-feedback Options, Meta APIs normal normal Awaiting Review enhancement new 2016-11-07T08:53:14Z 2019-03-26T13:14:34Z "Let's add classes surrounding settings to provide a better structure for dealing with them. It will also allow us to get rid of some globals if we are in a position to remove them (in terms of BC). Here is what I have in mind: * A `WP_Settings` class should be introduced that contains `get()`, `update()`, `add()` and `delete()` methods. This will mostly be copy-paste from the related functions. The functions themselves will become wrappers. * A `WP_Settings_Registry` will be introduced. It should contain all methods that handle registered settings (mostly introduced in 4.7). Again, the functions would become wrappers. We could get rid of the `$wp_registered_settings` global here and store these in a class property instead. * The `WP_Settings_Registry` instance will be contained by the `WP_Settings` instance as a public property. * A function `wp_settings()` will be introduced to access the `WP_Settings` instance or generate it if it does not exist yet. I'm not sure yet how to store the instance: The easy way is a global, but I was wondering where we're at with plans like a `WP::get( 'settings' )` so that we could do it differently. Anyway, let's assume a global first. I think it would be a good pattern to build the class in a flexible way, so that the registry instance and database instance are passed to the class constructor. The following is how I would envision the `wp_settings()` function: {{{ function wp_settings() { global $wp_settings; if ( ! isset( $wp_settings ) ) { $wp_settings = new WP_Settings( new WP_Settings_Registry(), $GLOBALS['wpdb'] ); } return $wp_settings; } }}} I think once we agree on an approach, we should do something similar for metadata. But let's have the discussion in here first and open the other ticket afterwards." flixos90 38702 REST API: Add accessor functions for post_status and post_parent needs-unit-tests REST API 4.7 normal normal Future Release enhancement new 2016-11-08T02:26:23Z 2022-01-18T13:48:55Z "In order to enable better permission checks for Customiser Changesets, these need to be filterable. See [https://github.com/xwp/wp-customize-snapshots/issues/32 xwp/wp-customize-snapshots#32]. Split from #38701." rmccue 5 38707 Customizer: Additional CSS highlight, revisions, selection, per-page, pop-out Customize normal normal Future Release enhancement new 2016-11-08T06:04:04Z 2021-06-01T03:01:11Z "[[Image(https://core.trac.wordpress.org/raw-attachment/ticket/35395/customizer-css-i2.png)]] This ticket is to track the next steps of Additonal CSS after 4.7. See #35395 for the discussion so far. The MVP of the Additional CSS editor in customizer included the basic UI, navigation and backend work. There are various next steps that area already included in the design above, and can be done either in a single next release or staggered further as needed. From the latest discussed design, the features we already have ready to build are: 1. Syntax Highlighting 2. Revisions 3. Selection of items on the page (CSS selector) 4. Per-Page CSS as a complement of the current ''site-wide'' CSS for better management 5. The ability to pop-out the editor in a separate window for a more comfortable editing experience Just one special note regarding revisions: we might want to not do CSS revisions, and instead build the more flexible and general revision UI for the customizer as a whole. That's being discussed in #31089. " folletto 42 38709 Unlimited query for invalid post names Query 4.6.1 normal normal Future Release defect (bug) new 2016-11-08T13:25:13Z 2024-01-31T21:38:38Z "In case a request which is being parsed as one which sets a ""name"" query var (eg.: `http://localhost/wordpress-latest/2016/11/08/[` ) includes an invalid name ( the `[` ), a query without any limit with empty post_name is triggered: {{{#!sql SELECT wp_posts.* FROM wp_posts WHERE 1=1 AND ( ( YEAR( wp_posts.post_date ) = 2016 AND MONTH( wp_posts.post_date ) = 11 AND DAYOFMONTH( wp_posts.post_date ) = 8 ) ) AND wp_posts.post_name = '' AND wp_posts.post_type = 'post' ORDER BY wp_posts.post_date DESC }}} The problem with the query is that it matches all the drafts in the database, since they don't have the post_name set (is empty). This may have a performance implications for the database in case it contains a lot of drafts (or posts without the post_name set for any reason) as it queries all the posts. The `post_name` is being set as empty due to `sanitize_title_for_query` in https://core.trac.wordpress.org/browser/tags/4.6.1/src/wp-includes/query.php#L2717 I have tested a more suitable validation function than `trim` ( eg.: `sanitize_title` ) in https://core.trac.wordpress.org/browser/tags/4.6.1/src/wp-includes/query.php#L1609 but it leads to archives being served on those invalid URLs, which does not seem like good fix. Trying to set `posts_per_page` to 1 in case the `name` is parsed based on the rewrite rule (which seems like a good thing since we really should be interested in a single and unique post_name in such cases) hits a wall as the is_singular() returns true and the limit is not set even if the posts_per_page is present ( due to https://core.trac.wordpress.org/browser/tags/4.6.1/src/wp-includes/query.php#L3215 ). So the fix might need to be more complicated than." david.binda 6 38711 Invalid Cookie domain for wp-settings-time-* reporter-feedback Users normal normal Awaiting Review defect (bug) new 2016-11-08T14:58:21Z 2019-03-26T12:54:02Z "I have set cookie domain {{{#!php cap->assign_terms` for example. This becomes a problem with custom post types that define a custom capabilities array specifying a different edit capability and the usual ""edit_posts"" capability for particular roles is removed, though they have the proper edit CPT capability. Then the corresponding meta box on the CPT edit screen is not properly interactive. For example, I create a CPT called ""Contributions"" and map the ""edit_posts"" capability to ""edit_contributions"". I also create a ""Contributor"" role that has all the expected capabilities for Contributions posts, including ""edit_contributions"" This role does not have the usual ""edit_posts"" and other default post and page capabilities, other than ""read"". The role also has ""manage_categories"" capability. When logged in as a user with only the Contributor role, when I go to the edit contributions screen, I can see the categories meta box, but cannot assign any terms to the current contributions post. The checkboxes are inactive. Similarly for tags, I can see the tags meta box, but it has no content. This issue was brought up in this forums post: https://wordpress.org/support/topic/custom-post-type-with-categories-and-tags-checkbox-disabled/" bcworkz 1 38715 Facilitate posts storing raw JSON in post_content by short-circuiting KSES and other filters dev-feedback Posts, Post Types normal normal Future Release enhancement new 2016-11-08T21:55:55Z 2019-03-26T07:59:01Z "When attempting to store arbitrary JSON in WordPress, the `post_content` field is the logical choice. Using `post_content` to store arbitrary JSON instead of postmeta is more performant and it also means that the JSON content will automatically get support for revisions. Storing JSON is done in core now for `customize_changeset` posts and it is done in the `widget_instance` post type in the Customize Widgets Plus plugin. In both cases, however, there are challenges when storing the JSON due to filters that may apply on `content_save_pre`. In particular, the KSES filters will apply on the `post_content` and strip out markup that is intended to be contained within JSON strings. The solution taken by changesets is to wrap the updates to the `customize_changeset` post type by the `\WP_Customize_Manager::save_changeset_post()` method. Before this method calls `wp_update_post()`/`wp_insert_post()` it suspends the KSES filters temporarily: {{{#!php result` was measured as size in bytes, so debugging tools had a better sense of how much data was running over the network. danielbachhuber 1 38769 Possible password reset loop Login and Registration normal normal Awaiting Review defect (bug) new 2016-11-12T13:11:48Z 2019-03-25T21:41:17Z " == Bug summary == After registering (wp-login.php?action=register) you get straight to the '''login screen''' with a small notice to check your email (wp-login.php?checkemail=registered). But logging-in is not even possible because users have to set their password via a link provided in their email in the first place. '''If users nevertheless try to login they get a misleading error message that could lead to an endless loop of password reset and the user will not be able to register.''' '''Bug 1:''' There should be no login form where a user cannot log-in. (attachment 1) '''Bug 2:''' There should be the message that the user has to set the password first. (attachment 2) '''While these things seems to be tiny the results are severe.''' == Bug description == If users register they see after submitting the register form the login form with the message ""Registration complete. Please check your email."" on top. They often overlook this message and try to log-in even if they didn't set a password yet. This leads to situations where users are not able to register: 1. When users try to log-in directly after registration they get the message that the password is wrong. (see attachment) 2. Because of the misstated error message they go to the ""Lost your password?"" form and try to get a new password. 3. They now check their email for the first time and open the email from the registering (!) and not the ""lost password"" email. 4. They click on the link for setting the password in the register email. 5. This link is invalid because of step 2. 6. They then try again to get a new password. 7. They go back to their email account and open the email from step 2 (!) and open this link. Because of step 6 the link is again invalid. 8. They try to get a new password. 9. And so on. Having the impression to be trapped in an endless loop they often think that the website is full of bugs, are not interested to register anymore or contact the support for removing bugs. '''I could provide dozen if not even hundreds of cases where this happened to my website.''' == How to reproduce the bugs?== 1. Try to register. 2. Try to log-in even without a password (put your usual password in it). 3. Set you password back after the error message. 4. Go to your email account and open the register email. Click on the link. 5. You get the message that the link is invalid. Set you password back. 6. Open the email from step 3 and so on. == tl;dr == After registration you see the login form even if you don't set a password yet. If you try to log-in (even if you don't set a password yet) you get a misleading error message that could trap you in an endless password reset process. Users than give up to register or contact support. It is not just theory. Every day, I lose angry customers or have to support them. Please have a look to the attachments." yetAnotherDaniel 3 38782 Insert/Edit link scrolling triggers AJAX requests for both (recent and search) rivers SergeyBiryukov Editor 4.6.1 normal normal Future Release defect (bug) reviewing 2016-11-14T14:57:00Z 2020-02-21T01:02:21Z "I noticed quite a number of insert/edit link related SQL queries. When testing the feature, I have noticed that in case a search keywords is typed into the search field and user scrolls down the results, not only the search river related AJAX is made, but also a recent river triggers an AJAX request. The behaviour currently looks this way: 1) opening the Insert/Edit link modal triggers following AJAX request: action: wp-link-ajax page: 1 2) putting in a keyword to search input triggers following AJAX request: action: wp-link-ajax page: 1 search: {keyword} 3) scrolling down the results of the search query produces two AJAX request: action: wp-link-ajax page: 2 and action: wp-link-ajax page: 2 search: {keyword} 4) as the search AJAX for page 2 returned `false`, scrolling up produces following AJAX only: action: wp-link-ajax page: 3 5) removing the keyword form the search input user is taken to the recent river which now already contains 4 pages of results Since this behaviour is producing a lot of SQL queries with an increasing offset, those queries are getting slow with increasing dataset. Shouldn't the implementation be triggering AJAX requests for visible river only?" david.binda 2 38789 Multisite sign-up improvements (potential roadmap) dev-feedback Login and Registration 3.0 normal normal Awaiting Review feature request new 2016-11-14T20:06:03Z 2019-03-25T21:18:22Z "The `wp_signups` database table has a few things not going for it: * No `_Query` class * No `WP_Signup` object class * No user interface for moderating them * No query or object caching * A `meta` database column vs. a `wp_signupmeta` database table * `wp-signup.php` is a pretty gnarly file, as is `wp-activate.php` A lack of support for this multisite feature means no one is very likely to use it. Most membership plugins (BuddyPress included) generally wrap around it, but also need to write a bunch of additional code to interface with what's here now. I took a stab at this last week, and made this plugin for a proof-of-concept: * https://wordpress.org/plugins/wp-user-signups * https://github.com/stuttter/wp-user-signups Pretty much all of the pieces are there, minus the meta-data table (which would not be very hard at all.)" johnjamesjacoby 4 38797 api.previewer.refresh() could return a deferred.promise() with custom server data has-patch Customize normal normal Future Release enhancement new 2016-11-15T09:49:46Z 2021-05-24T00:02:52Z "Following a discussion (https://core.trac.wordpress.org/ticket/38728#comment:8) with @westonruter, I'd like to propose an enhancement for the `api.previewer.refresh(`) method. There might be cases when a developer needs to fire a previewer refresh after a specific customizer change, and execute other actions when this refresh has been done. From a general standpoint, I think that the asynchronous nature of the refresh makes it a good candidate for returning a deferred promise. An example of use case could be that a developer has several predefined settings configuration available for a given theme. Each time a configuration is switched to, the settings have to be changed to a set of predefined values set in the api. Those predefined values are stored server side in say a custom post type ( like the changeset for ex. ). A way to do that would be to fire an `api.previewer.refresh()` when switching to a given predefined configuration, that would be followed on `api.previewer.refresh().done( ... )` by an update of the api values, if some conditions are met. With the current api, we can add callbacks to the `'synced'` previewer event, but it will be fired on all `api.previewer.refresh()` calls, with no possibility to target a specific refresh situation that should be followed by a custom action. This problem could be solved by making the refresh return a deferred promise. This $.Deferred() would be resolve() in the `onceSynced()` callback function (of the current refreh method), taking a `sent_preview_data` object as param. While this deferred would be implemented in the `api.previewer.refresh(`) method of customize-control.js, another minor addition in customize-preview.js could allow developers to easily pass custom server data on refresh to the panel this way, and then use those data once the refresh is done. This way, it would be possible to use the following kind of syntax to fire an action on demand after a specific refresh(). {{{ api.previewer.refresh().done( function( sent_preview_data ) { // fire actions after a specific refresh, when the preview is ready and synced // the sent_preview_data, could be an object sent when the api.preview.send( 'synced', preview_data() ), // providing customizable server informations that we may need after a refresh. } ); }}} On the preview side, in order to pass a server data object to the resolve refresh, the idea would be to introduce a `new api.Value()` that could be populated before the synced event occurence. The current code in [customize-preview.js]https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/customize-preview.js#L679 : {{{ api.preview.send( 'synced'); }}} could be replaced by : {{{ api.server_data = api.server_data || new api.Value( {} ); api.trigger('before_synced', api.server_data() );//<= developers can alter the api.server_data() here, before it gets sent api.preview.send( 'synced', api.server_data() ); }}} This way, a developer could pass custom data to the panel when `api.previewer.refresh().done()`, using the `synced` event, with this type of code : {{{ add()}}} and {{{$styles->add()}}} to use those variables instead of the fixed path. This works as expected to hide the directory WP is installed in from the WP default scripts and styles. I'm pretty sure there's a lot more to change but I wanted to bring this up for discussion first and I'm eagerly waiting for feedback. Notes: I'm a newbie here so please excuse if I did't follow the usual procedure and let me know how to do better. And second please be bear with me that I'm not a native english speaker. Peter " petersplugins 3 38801 Terms with the same name indistinguishable in Menu section Menus normal normal Future Release defect (bug) new 2016-11-15T19:10:08Z 2017-08-18T12:52:07Z "== Problem == Let's say we have a WooCommerce site (although likely all taxonomies/terms are liable to this problem) with the following categories: Men, Women. Each of the categories has a subcategory called Shoes. When in Appearance -> Menu and trying to add a link to Shoes (whichever), there's no way to distinguish the 2 Shoes categories, as the parents are not displayed and no indenting is applied. No matter if we use the Latest, All or Search filter. == Solution == Keep in mind that ""All"" uses pagination, so indenting might not be the best solution. An idea is a hover with the parents listed, but this would be tricky on mobile. Maybe just make a ""Show parents"" switch above the field (or in the Screen Options) and if it's checked, show the parents after the taxonomy/term's name? Like: Shoes (Women -> Shoes). Just getting rid of pagination in the ""All"" view could cause problems with a lot of values and would not help the Search function within the menu creator." eclare 5 38805 A hook is missing in class WP_List_Table dev-feedback Administration 4.6.1 normal major Awaiting Review defect (bug) new 2016-11-15T22:03:17Z 2022-04-20T16:51:26Z "If I want to add a column to a WP_List_Table, I used this hooks : * `manage_{$this->screen->id}_columns` * `manage_{$this->screen->id}_sortable_columns` * `manage_{$screen->id}_custom_column` But the last one doesn't exist in WP_List_Table, I can create a column but I can't insert data into. Here the documentation : https://make.wordpress.org/docs/plugin-developer-handbook/10-plugin-components/custom-list-table-columns/#output-table-cell-contents Here the source of WP_List_Table : https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/class-wp-list-table.php Actually, I want to hook a plugin with this hook, I can't add columns. Thanks " madvic 7 38809 Better wp namespace in password-strength-meter.js close Administration normal normal Future Release defect (bug) reviewing 2016-11-15T23:27:37Z 2022-03-30T20:52:46Z "Currently, `password-strength-meter.js` uses this pattern to pass the wp object as argument: {{{ window.wp = window.wp || {}; var passwordStrength; (function($){ wp.passwordStrength = { ... })(jQuery); }}} so `wp` inside the IIFE is, technically, undefined, even if WordPress considers `wp` a global object. Also the first line is pointless if then `window.wp` is not passed as argument." afercia 11 38813 REST API: Test schema registration for required fields. jnylen0 needs-unit-tests REST API normal normal Future Release enhancement assigned 2016-11-16T06:21:36Z 2019-11-30T10:53:13Z "Follow-up from #38792. For all endpoints included in WordPress core, we want to make sure arguments and parameters are consistently registered and expose a nice, stable API to the world. While we can check this manually, building it into the unit tests is even better. @jnylen0 wrote an initial version [https://gist.github.com/nylen/9021f6d19157a023a0a8a607a3adb28a in Node-based JS], so we can port this to PHP and use the built-in schema rather than sending a HTTP request." rmccue 3 38836 A current_page_parent CSS class is not added to relevant WP menu items if the query is for a custom post type single item SergeyBiryukov has-patch Menus normal normal Future Release enhancement reviewing 2016-11-17T00:05:51Z 2019-09-23T23:19:05Z A {{{current_page_parent}}} CSS class doesn't get added to relevant post type archive menu items if the current query is for a custom post type single item. henry.wright 9 38845 Implement HTML5 input validity constraints in customizer settings Customize 4.6 normal normal Future Release enhancement new 2016-11-17T23:58:38Z 2017-09-18T19:10:39Z "Ever since #28477 controls in the customizer have supported custom HTML5 input types along with new input attributes passed via the control's `input_attrs` param. The support, however, has been lacking because when a user supplies something that violates some of the constraints (such as `pattern` or `step`) there is nothing that blocks the setting from being saved (using setting validation model in #34893). So using the `input_attrs` along is in fact somewhat harmful if it is not accompanied by the same constraints being applied in the setting's `sanitize_callback` or `validate_callback`. The browser's built-in input validation error UI also does not show because no form actually gets submitted, and there are no calls to the poorly-supported `input.reportValidity()` method. To address these issues, I suggest that the default `validity_callback` for `WP_Customize_Setting` could look for any associated controls and then check the type of the value against the control's `type` and also check the value against the validation constraints defined in the control's `input_attrs` param, such as `min`, `max`, `pattern`, `step`, `maxlength`, and so on. In this way, a setting's `sanitize_callback`/`validate_callback` wouldn't even need to be defined since the validation constraints would be defined declaratively and checked automatically. It's not exactly the best pattern, however, for the setting's validation constraints to be defined on the control. So there could be a new `validation_constraints` param on `WP_Customize_Setting` where the validation input attributes could be defined instead of the on the control's `input_attrs`. A control could then automatically populate it's own `input_attrs` by copying from the setting's `validation_constraints`. These changes will ensure that setting validation routines will apply and error notifications will be displayed when settings fail validation on the server with a full refresh, selective refresh, or changeset update. In order to get the browser's native validation error reporting to appear, the JS control logic can be updated to call `input.reportValidity()` if it is available (it's currently only implemented in Chrome). See feature plugin: https://github.com/xwp/wp-customize-input-validity-constraints" westonruter 5 38850 Sticky positioning for a smoother scrolling experience iseulde* Editor normal normal Future Release enhancement accepted 2016-11-18T11:06:23Z 2019-06-05T07:06:26Z "Let's consider using sticky positioning to do the scrolling effect we currently have on the editor page. At the moment we use JS and listen to scroll events, which is not ideal. It may look slow and buggy under some circumstances. Browser support is looking good. It's already implemented in Firefox and Safari, and by the time we ship 4.8 it will be in Chrome (est. 31 Jan). It's under consideration for Edge and there's no support in IE. This is no big deal though, as we can just fall back to what we currently have. http://caniuse.com/#feat=css-sticky Note: Firefox now also gives a warning in the console about using JS for this: > This site appears to use a scroll-linked positioning effect. This may not work well with asynchronous panning; see https://developer.mozilla.org/docs/Mozilla/Performance/ScrollLinkedEffects for further details and to join the discussion on related tools and features!" iseulde 6 38851 WP_User_Query cannot retrieve multisite users who have not been assigned a role on a site needs-unit-tests Users normal normal Future Release defect (bug) new 2016-11-18T15:11:32Z 2017-12-01T05:20:30Z "If you add a user to a multisite at network level, but do not proceed to assign them a role on a site within the network, `WP_User_Query` cannot retrieve those users (even if the query is run at network level), as they have no associated `wp_capabilities` meta_key. To reproduce the problem: 1) Add a user to a multisite via Network Admin > Users > Add New. 2) Run a WP_User_Query at network level (e.g. by doing something like: {{{ add_action('load-users.php', 'myAction'); function myAction() { $screen = get_current_screen(); if( $screen->base === 'users-network' { $query = new WP_User_Query(); $users = $query->results; } } }}} The returned results will not include the user added in step 1. In fact, it will only return users who have capabilities set on the first site in the network, even though this query is not occurring at site level. This could be fixed by allowing something like `'blog_id' => 'all'` in a `WP_User_Query`." robdxw 8 38863 Text change when activating a theme dev-feedback Themes low minor Awaiting Review enhancement new 2016-11-19T02:43:03Z 2022-06-10T05:43:12Z "When switching themes, after activating we see: New theme activated. Visit site [/wp-admin/themes.php?marks=168#L168, /wp-admin/themes.php, L.168] Because it needs not to be a NEW theme, I suggest the following: ''Theme changed and activated succesfully.'' " Presskopp 5 38869 "Change ""Site Default"" in User Profile Options for Language to ""Site Setting""" I18N 4.7 normal normal Awaiting Review enhancement new 2016-11-19T13:32:58Z 2022-09-11T17:46:43Z "In https://core.trac.wordpress.org/browser/trunk/src/wp-includes/l10n.php?marks=1148#L1148 is the original text-string ""Site Default"" the very first choice in the dropdown menu for the custom user profile language choice. Wouldn't it be better to change that to ""Site Setting""? Because it does mean that a user profile might have the same language as it is set under Settings > General in the admin. It is not necessarly a default language, that is choosen in the general site settings for the Website frontend appearance, which might justify the string ""Site Default"" there. " transl8or 13 38878 REST API: Default query for users endpoint doesn't scale dev-feedback REST API 4.7 normal normal Future Release defect (bug) new 2016-11-20T11:55:53Z 2019-07-11T18:34:11Z "The user query is performed with the `has_published_posts` argument which generates the following query > SELECT SQL_CALC_FOUND_ROWS wp_users.* FROM wp_users INNER JOIN wp_usermeta ON ( wp_users.ID = wp_usermeta.user_id ) WHERE 1=1 AND wp_users.ID IN ( SELECT DISTINCT wp_posts.post_author FROM wp_posts WHERE wp_posts.post_status = 'publish' AND wp_posts.post_type IN ( 'post', 'page', 'attachment', 'forum', 'topic', 'reply' ) ) AND ( wp_usermeta.meta_key = 'wp_2_capabilities') ORDER BY display_name ASC LIMIT 0, 10 'forum', 'topic', and 'reply' are bbPress' post types. We use bbPress on wordpress.org/support/ where I noticed in the logs that the server/database can't handle the request. I'm currently not sure how and if this needs to be fixed but having at least a ticket for it might help others." ocean90 7 38888 Change `init` Priority For Hook: `widgets_init` Widgets 2.3 normal normal Awaiting Review enhancement new 2016-11-21T16:20:59Z 2019-03-25T20:00:08Z "The action/hook `init` is used for Custom Post Types and Custom Taxonomies to be registered. Most developers register Custom Post Types and Custom Taxonomies on `init` with the default priority of (10) -- Especially since that's how the examples are illustrated in the documentation on how to register Custom Post Types and Custom Taxonomies. Action/hook `widgets_init` is fired ON action/hook `init` with a priority of (1). You can see this if you look in `default-filters.php` for: {{{ // Widgets add_action( 'init', 'wp_widgets_init', 1 ); }}} '''So what's the problem?''' Widgets are completely unaware of Custom Post Types and Custom Taxonomies, since they're registered on `init` with the default priority of (1) BEFORE the Custom Post Types and Custom Taxonomies are registered for the most part on `init` with a default priority of (10). '''How to allow Widgets to be aware of Custom Post Types and Custom Taxonomies? ''' Simple. Change the priority from (1) to (10). {{{ // Widgets add_action( 'init', 'wp_widgets_init' ); }}} Thoughts? Would this effect anything else? Why was it initially set to (1)? Is there a reason for that? If you want to make a push for the Theme Customizer, don't you think it would be beneficial for Widgets to be aware of Custom Post Types and Custom Taxonomies?" michael.ecklund 1 38896 avatar_settings help text may not be accurate if avatar_defaults is filtered dev-feedback Options, Meta APIs normal normal Awaiting Review enhancement new 2016-11-21T22:04:36Z 2019-03-19T00:49:20Z "The string says: {{{ For users without a custom avatar of their own, you can either display a generic logo or a generated one based on their email address. }}} But, I have a need to remove generated Gravatars entirely using the `avatar_defaults` filter, which makes this text misleading. In addition, this text is not wrapped in any defining HTML, making it impossible to reliably target with CSS or JS even." johnjamesjacoby 38897 user_email with & (ampersand) being encoded within the database making notifications fail Users 4.6.1 normal normal Awaiting Review defect (bug) new 2016-11-22T01:24:45Z 2019-06-04T18:11:13Z "Hello, It seems WordPress does some encoding on the email field which causes issues as the encoded email is stored in the database and causes notifications to fail as it's no longer a valid email. The specific email i noticed this with had an ampersand (&) within the email, the following is a bogus one to illustrate; johnny&joey@telus.net This is apparently a valid email according to telus.net (as the email exists there, not that exact one of course) and according to IETF Trust as shown in this stack overflow answer; http://stackoverflow.com/a/2049510 Anyway, if you register a user with an email containing & it will encode it into the database and fail to deliver the password notification. The following should NOT be encoded; ""Characters ! # $ % & ' * + - / = ? ^ _ ` { | } ~ Character . (dot, period, full stop) provided that it is not the first or last character, and provided also that it does not appear two or more times consecutively."" Thank you" garrett-eclipse 1 38898 Lost password form not working with plugins that rename login URL Users 4.6.1 normal normal Awaiting Review defect (bug) reopened 2016-11-22T02:13:12Z 2017-07-19T08:20:43Z "When any given user, belonging to any given site, within a Multisite environment, try to recover its password, AND IF any security plugin which renamed the login URL is in place, the submission of that lost password form will fail because the action form has the wp-login.php URL hardcoded within. It should submit the form to the same URL you are currently on. You can refer to this support thread to learn more: https://wordpress.org/support/topic/bug-found-lost-password-form-outputting-incorrect-action-url-under-multisite/ So, the submit form URL at wp-login.php file should be outputted programatically rather than hardcoded. Best regards Marcelo " Kent Brockman 7 38899 Deletion of auto-drafts and trashed posts never gets scheduled unless user accesses admin pages westonruter* dev-feedback Administration normal normal Future Release defect (bug) accepted 2016-11-22T03:55:27Z 2021-06-07T09:58:35Z "As [https://core.trac.wordpress.org/ticket/38615#comment:37 noted] in #38615: It turns out that the cron event that does `wp_delete_auto_drafts()` is only scheduled when a user lands on `post-new.php`: {{{#!php http://localhost:8080/lacoastalservices/wp-content/uploads/2016/09/wetlands-1600x600.jpg [1] => 1080 [2] => 405 [3] => 1 ) }}} The image itself is actually 1600 by 600 pixels wide, but for some reason the width and height values given in the array are ""scaled down"" to the width of the next largest image size on the site (1080px), and the corresponding image height if it were actually that wide (405px). Note that WordPress's ""large"" default image size is still at its default of 1024px, so I don't think that's the problem. You can hopefully reproduce this by running the ""Display All Image Sizes"" plugin on a few sites and looking for images whose larger image sizes have a mismatch between their identified dimensions and their actual urls. ""Display All Image Sizes"" is using wp_get_attachment_image_src() to generate the text strings that describe image sizes, which is how I became aware of this bug." pressupinc 17 38921 Defining filter pre_get_table_charset causes errors has-patch Database 4.2 normal normal Future Release defect (bug) new 2016-11-23T23:17:46Z 2020-05-27T08:29:22Z "In wp-db.php::get_table_charset(), a filter is defined, '''pre_get_table_charset'''. However, if this filter is defined, wp-db.php::get_col_charset() throws errors. This is because the latter assumes that it can find cached results cached in: {{{ $this->table_charset[]; }}} The assumption seems to be that if you add the '''pre_get_table_charset''' filter, you will also define the '''pre_get_col_charset''' filter. Code reference: [https://github.com/WordPress/WordPress/blob/master/wp-includes/wp-db.php#L2437] Note: defining this filter lets you hard-code the charset of tables, rather than doing a database lookup every time. This can be done quite safely because the most recent upgrade forced our DB tables to be '''utf8mb4'''." haoran 4 38922 Use REST API for ajax tag search Taxonomy normal normal Future Release defect (bug) reviewing 2016-11-23T23:40:24Z 2020-10-25T04:56:30Z "Proof of concept. Probably can't be done because you lose the context on the filter -- we will continue to see this for ''existing'' ajax actions, but this will be super nice for newer things. Similar: #38920." nacin 65 38923 Introduce `WP_Action_Handler` to clean up admin action mess dev-feedback Administration normal normal Awaiting Review enhancement new 2016-11-24T01:08:35Z 2020-02-15T10:27:30Z "We all know that several parts of the admin code are messy in a way. After we had to take several looks at these files during today's multisite chat, I thought we need to do something about it. My proposal for now is to introduce a new base class `WP_Action_Handler`. This abstract class would lay a foundation to handle any kind of actions on any admin screen. Currently there's a (sometimes huge) switch clause at the beginning of almost every page. By removing these clauses entirely and handling the logic in a dedicated class for this instead, we get the following benefits: * easier readable code * less huge files * possibility to add unit tests for each of the switch cases * possibility to add unit tests the entire handling of an action * easy addition of any custom actions in plugins, beyond just bulk actions (which have become easier to implement thanks to 4.7) I have been experimenting with such a class over the past few hours and will upload a first patch below. Some notes: * The class usage is almost similar to all the list table classes: There's a base class, and then there's (or rather there will be) one class (which extends the base class) for each screen that could benefit from that. * Many of the actions have similarities: They mostly use `check_admin_referer()` at the beginning, followed by some capability and other permission checks to verify the user is allowed to perform the action. Therefore the base class should be able to handle nonces on its own. The capability checks should be separated from the actual action logic for better organization and easier testing. * Many of the actions redirect back to the admin page, with a GET parameter denoting a notification message to show to the user. `WP_Action_Handler` should also be capable of managing such messages to make that easier as well. This will furthermore allow to remove a bunch of code from the admin screen files where they ""bootstrap"" their supported messages. More notes will follow on the initial patch." flixos90 3 38925 Allow override of depth limits on comment reply link dev-feedback Comments 4.7 normal normal Future Release enhancement new 2016-11-24T06:41:07Z 2020-05-26T20:21:04Z "The core code currently hides the Reply link if a comment is at the maxDepth setting for comment nesting, but this appears to only be a constraint on the presentation. The API still allows replies through URL parameters and the REST interface, which demonstrates that there is not a functional reason for the constraint. I'm proposing that plugin authors are allowed to override this constraint by setting `$args['limit_by_depth'] = false` in a `comment_reply_link_args` filter. This requires only a minor, inconsequential change to comment-template.php per the attached patch. Note the '[https://wordpress.org/plugins/infinite-comment-replies/developers/ Infinite Comment Replies]' plugin currently achieves this by completely rewriting the reply link and thus masking everything that is handled in the core production of the link. The proposal above is a better option to achieve the same effect." TravisR 5 38931 `update_option()` race condition with non-autoloaded options has-patch Options, Meta APIs 3.7 normal normal Awaiting Review defect (bug) new 2016-11-24T13:31:55Z 2022-06-09T00:26:55Z "Starting back in [25664] there's a race condition with object caches where `get_option()` will return a value, but `update_option()` will refuse to update it. This is kind-of-related to `alloptions`, but affects non-autoloaded options (which are not in `alloptions`, but in their own cache). Consider the following scenario: {{{ Process 1: Fetch option_a. Fills local cache. Process 2: Update option_a. Process 1: Delete option_a. Process 2: Update DB. Process 1: Delete from DB. Delete from remote cache. Process 2: Update remote cache. ... Process 5: Fetch option_a. Fills local cache from remote cache. Process 5: Update option_a. FAIL. DB doesn't have option. abort. cache not updated. ... (repeat process 5 above many times) Process 10: Get option_a (Still the value that Process 2 set in cache, even though it's not in the DB) Process 10: Update option_a (Doing the same as Process 5 now). FAIL. }}} Seems very racey and unlikely, but I've seen it happen on WordPress.org at least twice in the last few weeks when we update Jetpack (which makes heavy usage of the options table, and is loaded on most WordPress.org requests). When it happens, `get_option()` will continue to return a stale value from the cache that no longer exists in the DB and `update_option()` will fail to update the option as long as it exists in cache. If a plugin is performing an operation to update the stale option often, it can cause a huge load spike on the database server of never-ending failing `UPDATE` queries. The only way to 'fix' it is to create the DB row manually, or flush the object cache key. The patch attached attempts to perform an `add_option()` in the case of the `update_option()` DB query failing. This isn't exactly a new behaviour for options - `add_option()` will effectively perform an `update_option()` in the event the option you're trying to add already exists (through it using `INSERT .. ON DUPLICATE KEY UPDATE..`), doing it in reverse doesn't seem that out of the question." dd32 2 38935 Proposition to add the theme mod name as a param to the dynamic theme_mod_{$name} filters has-patch Themes normal normal Awaiting Review enhancement new 2016-11-24T15:07:20Z 2018-04-17T21:48:12Z "Hi ! It would be convenient to be able to target a specific theme mod name when applying the same callback to all theme mods with `add_filter( ""theme_mod_{$name}"", '_my_generic_callback' )`. Right now we need to extract the theme mod with a code looking like this : {{{#!php $fielddef) { // Push a query line into $cqueries that adds the field to that table. $cqueries[] = ""ALTER TABLE {$table} ADD COLUMN $fielddef""; $for_update[$table.'.'.$fieldname] = 'Added column '.$table.'.'.$fieldname; } }}} `ADD COLUMN` is hardcoded and is creating this SQL error. I googled for a solution but didn't find anything. I've tried it with the constraints being part of the full table creation statement, and also as a stand alone statement, with the same results. " philsown 8 38946 WP_Upgrader: Protection against deleting files in destination directory has-patch Upgrade/Install normal normal Awaiting Review enhancement new 2016-11-26T09:12:52Z 2017-11-07T15:26:12Z "While creating a plugin I have to upload zip file and extract it in the custom destination directory with its inside main folder name just like how Theme_Upgrader and Plugin_Upgrader does. While extending the class `WP_Upgrader` and using method `install()` like this: {{{#!php true, ); $parsed_args = wp_parse_args( $args, $defaults ); $this->init(); $this->install_strings(); add_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); $this->run( array( 'package' => $package, 'destination' => WP_CONTENT_DIR . '/uploads/demo-packs', 'clear_destination' => false, // Do not overwrite files. 'protect_destination' => true, // Let me utilize this args in `install_package()` to fix this error, happy :) 'clear_working' => true, 'hook_extra' => array( 'type' => 'demo', 'action' => 'install', ) ) ); remove_filter( 'upgrader_source_selection', array( $this, 'check_package' ) ); if ( ! $this->result || is_wp_error( $this->result ) ) { return $this->result; } return true; } }}} Now always the zip file content are extracted into that destination directory but I want to index just like this where `{uploaded-zip}` is the zip file inside folder name: `WP_CONTENT_DIR . '/uploads/demo-packs/{uploaded-zip}'` And finally the detected issue is that the destination directory are no more protected just like theme and plugins directories does :) {{{#!php allcaps['delete_published_posts'] = 0; // doesn't work $current_user->allcaps['delete_private_posts'] = 0; }}} ""doesn't work"" means that ""Trash"" link appears on hover over the post in edit.php and ""Move to Trash"" shows up on post.php " yboris 2 39003 menu_page_url() not working on Ajax call reporter-feedback Administration 4.6.1 normal normal Awaiting Review defect (bug) new 2016-12-01T13:50:38Z 2023-02-20T17:36:29Z `menu_page_url( 'menu_slug', false )` is always returning empty string on AJAX response. The `global $_parent_pages;` is return NULL on AJAX call. But the same menu slug is working on normal page load. vinoth06 4 39004 Alt attributes should be searchable in media library joedolson* has-patch Media 3.0 normal normal Future Release enhancement accepted 2016-12-01T15:58:50Z 2023-10-18T15:41:48Z "The alt attribute is intended to be the alternative replacement value for an image. As such, if you're managing an image library correctly, it would be entirely reasonable that most images would have an alt attribute but no caption or description. However, this means that your only searchable field is the image title. " joedolson 43 39021 Import Export Attachments Export 4.6.1 normal normal Awaiting Review enhancement new 2016-12-02T02:52:10Z 2019-03-19T02:01:50Z "Currently when we export a post type, it seems that the post thumbnails are exported as id's. It would be fantastic if these could be exported as url's to the images as otherwise there is no way for a separate install to import the post data. currently, for posts with a thumbnail the below or similar is added to the `` {{{ }}} I propose this is moved to `` or `` and the specific postmeta for `_thumbnail_id` removed from postmeta and re-created on each import. Problems with my suggestion that I've considered * Re-importing (w|c)ould create duplicate media. As the post has to exist for post-meta to be added. Maybe using the basename function we could check for existing media, maybe it's an edge case... I think this is unlikely to be a large problem and it potentially empowers less technical users. * Some plugins would see no benefit as they use either custom metadata keys or multiple attached images (like WooCommerce). I'd suggest this could be mitigated by adding a filter of an array of strings that on import / export treats a list of fields as keys to treat as thumbnails) " LewisCowles 39028 Comments on private posts or specific edge cases can get a confusting white screen error. Comments 4.4 normal normal Awaiting Review enhancement new 2016-12-02T14:29:01Z 2017-08-03T14:00:53Z "I have a plugin that uses the private status for a custom post type used in private BuddyPress groups. When a group member tries to comment on one of the post type he's getting a white screen. I've fixed the issue on my side, problem was about caps mapping. But still, i was pretty confused by this behavior. At first i thought it was a fatal error, but xdebug returned nothing, so i've looked in my error.log again nothing ?? Then i've found some returned WP_Error was missing data like the 403 status in `wp_handle_comment_submission()`. As this function was introduced in 4.4, i guess it first appeared in 4.4. I think it could be interesting to have a screen looking like this in this kind of cases : [[Image(https://cldup.com/ymyxLMacts.png)]] I suggest the attached patch." imath 1 39031 Customize: Include theme as just another setting instead of passing as separate parameter Customize 4.1 normal normal Future Release enhancement new 2016-12-02T18:58:11Z 2021-05-24T00:19:53Z "The customizer state is currently split in two places: the `customized` settings (changeset) and the previewed `theme`. This separation of the theme from the settings makes sense to a degree since the settings are dependent upon which theme is active. There is currently an `active_theme` setting but it is a dummy setting which is used merely for the sake of wiring up the capability check for the themes panel. The `active_theme` setting is added with a comment: > unused - the theme is considerably more fundamental to the Customizer experience However, since the `theme` is not just another `setting` then this means that the theme cannot currently be made part of a changeset, and as such a theme switch cannot be previewed on the frontend by non-authenticated users and also a theme switch cannot be scheduled in the customizer. Ideally there could be a `theme` setting with the `switch_themes` capability that could be added to a changeset, and when that changeset is published, the `switch_theme` call should then be made. See also #22880." westonruter 4 39037 Should REST API support multiple orderby values? has-patch REST API 4.6.1 normal normal Awaiting Review enhancement new 2016-12-03T00:15:46Z 2021-10-21T17:19:53Z WP_Query features the ability to query by multiple orderby parameters as well as independent orderby parameters (https://core.trac.wordpress.org/ticket/17065). The API does not have this ability yet. I looked through GitHub issues to find any discussion regarding this and could not find any. Should the REST API also support multiple orderby parameters or is that deemed to be plugin territory? ChopinBach 10 39040 Hide references to nav menu locations that are not visible in the customizer preview Customize 4.3 normal normal Future Release enhancement reopened 2016-12-03T12:16:53Z 2019-03-19T02:03:11Z "Could be helpful to have menu locations automatically updated when switching template parts. For example if I have two header style: header-singlemenu.php {{{#!php 'primary', )); }}} header-doublemenu.php {{{#!php 'primary-left', )); wp_nav_menu( array( 'theme_location' => 'primary-right', )); }}} Those got by {{{#!php }}} where ''header_style'' obviously can be '''singlemenu''' or '''doublemenu''' in functions.php i have {{{#!php print_r( rest_sanitize_value_from_schema( 23452345346346345456567356, array( 'type' => 'integer' ), 'page' ) ); 3481259413623275520 => bool(true) wp> print_r( rest_validate_value_from_schema( 23452345346346345456567356, array( 'type' => 'integer' ), 'page' ) ); 1 => bool(true) wp> absint(23924321212413345333); => int(5477577138703794176) }}} Edge case, but worth noting since smaller values that are larger than the number of pages return an empty array (like if there are only 2 pages of posts, but 3 are requested). Related: #19728." morganestes 20 39067 wp_insert_user custom validation has-patch Users normal normal Awaiting Review enhancement new 2016-12-04T19:29:02Z 2019-03-15T01:43:12Z "Currently there are no hooks in wp_insert_user where plugin can hook to validate any custom validation and prevent to insert/update user. If there can be added a hook before insert/update user to database, that will be very helpful for custom validation. sample code can be following {{{#!php $custom_user_validate = apply_filters( 'custom_user_validate', false ); if ( is_wp_error( $custom_user_validate ) ) { return $custom_user_validate; } }}} " shamim51 39076 Reinstate Vimeo support for external header videos Themes 4.7 normal normal Awaiting Review feature request new 2016-12-04T21:07:36Z 2021-08-04T22:50:51Z Re: [39165] and [39128]. I've been able to embed Vimeo videos from non-pro accounts on Squarespace's site headers just fine (example: https://hanashapiro.com). It appears to embed an iframe inside a header `
    `. Should be doable since we already embed an `` inside a header `
    ` for the background image. nonproftechie 2 39077 Navigation menu items should be defined as being hierarchical dev-feedback Menus 3.0 normal normal Future Release defect (bug) new 2016-12-04T21:20:29Z 2019-01-14T06:07:22Z "Menu items are hierarchical in nature, as each menu item can be attached as a child to a parent item. This is what allows one to build submenus at differing levels. These hierarchical relationships are persisted into the database using the `post_parent` column to attach parent IDs to child IDs. However, when the `nav_menu_item` is registered during the bootstrapping process, it is defined as being `hierarchical => false`, which is conceptually wrong. It just happens to be irrelevant, because the user interface for menus is a custom implementation that considerably differs from standard post list tables. As these `nav_menu_item` elements might need to be iterated over through other means than the menu UI, they should be correctly represented as being hierarchical in nature (and thus making use of the `post_parent` database table column)." schlessera 9 39080 created unittest for is_serialized and is_serialized_string files and move tests into them whyisjake* dev-feedback General 4.7 normal normal Future Release enhancement accepted 2016-12-04T21:32:26Z 2020-04-23T21:58:05Z Move the tests from function.php to separate files and converted to dataprovider ans added move tests pbearne 5 39083 Introduce singular capabilities for managing individual themes needs-unit-tests Themes normal normal Future Release enhancement new 2016-12-04T22:12:26Z 2017-07-14T19:41:15Z "As we did in #35614 for taxonomy terms, singular capabilities should be introduced for switching, editing, deleting, and updating individual themes. This would allow fine-grained cap checks such as `current_user_can( 'switch_theme', $theme )` and `current_user_can( 'delete_theme', $theme )`." johnbillion 1 39084 Introduce singular capabilities for managing individual comments needs-unit-tests Comments normal normal Future Release enhancement new 2016-12-04T22:14:50Z 2017-07-14T19:41:15Z "As we did in #35614 for taxonomy terms, singular capabilities should be introduced for approving, unapproving, spamming, unspamming, editing, and deleting individual comments. This would allow fine-grained cap checks such as current_user_can( 'edit_comment', $comment_id ) and current_user_can( 'approve_comment', $comment_id )." johnbillion 1 39091 Customize: Nav menu item controls should be inactive when items are excluded from preview Customize 4.3 normal normal Future Release defect (bug) new 2016-12-05T20:44:48Z 2017-01-15T23:03:48Z Plugins can exclude nav menu items from displaying in nav menus in a plugin like Nav Menu Roles. This is similar to how widgets can be conditionally excluded from sidebars via a plugin like Jetpack's Widget Visibility module. This is currently implemented for widgets, where a widget that is not shown in the preview will have its control's `active` state set to `false` (causing it to become partially-opaque rather than fully hidden). Something similar should be done for nav menu item controls that are excluded from the preview. westonruter 2 39106 Make hierarchy level indicator text changeable [WP List] has-patch Posts, Post Types 4.6.1 low minor Future Release enhancement assigned 2016-12-06T10:09:08Z 2021-01-31T16:29:57Z " In `WP_Posts_List_Table` class, dashes(—) used to indicate the hierarchy level of post item, which is not changeble by any filter, we can add a new filter to replace this string. {{{ $pad = str_repeat( '— ', $this->current_level ); }}} https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/class-wp-posts-list-table.php#L918-L919 Source: http://wordpress.stackexchange.com/questions/248405/replace-dashes-before-title-in-page-list" gk.loveweb 4 39120 Add get/set methods to remaining main query classes (comments and terms) has-patch Query normal normal Awaiting Review enhancement new 2016-12-06T20:40:36Z 2018-04-07T12:08:19Z "Interacting with the `$query_vars` property in `WP_Query` or `WP_User_Query` is handled through the `get()` and `set()` methods. It would be great if this could be a unified generic interface for WP's other main query classes, `WP_Comment_Query` and `WP_Term_Query`. Patches attached." Offereins 2 39121 Twenty Twelve: Tagcloud has tags hyphenated over line breaks has-patch Bundled Theme normal normal Future Release defect (bug) new 2016-12-06T21:16:45Z 2019-05-28T18:57:40Z "I'm using theme TwentyTwelve and I observed that tagcloud has tags hyphenated over line breaks. I suggest to fix it by adding the following to the stylesheet: {{{ .tagcloud { -webkit-hyphens: none; -moz-hyphens: none; -ms-hyphens: none; hyphens: none; } }}} Maybe this can even be put somewhere that applies to all themes..." xuhdev 2 39123 Allow usernames to be changed by administrators needs-unit-tests Users normal normal Awaiting Review enhancement new 2016-12-06T21:25:53Z 2017-11-21T17:13:11Z "Usernames cannot be changed. I'd like to propose that users who have the `edit_users` capability (administrators on single site installations, and super admins on multisite installations) are given the ability to update a user's username from their profile editing screen. The historical reason for disallowing changes to usernames is not clear, but it's most likely related to the generation of the `user_nicename` field which ideally needs to remain persistent so author archives don't 404. However, this can be addressed in the same way as changes to post slugs, where a user's old usernames and nicenames are recorded in usermeta when their username is updated (and their nicename is regenerated) and a canonical redirect can kick in to redirect to the new author archive URL. Any other considerations to make if usernames are allowed to be changed by administrators?" johnbillion 19 39128 Customize: Preview fails to load when domain mapping in use (home/siteurl domain mismatch) Customize 4.7 normal normal Future Release defect (bug) assigned 2016-12-07T00:12:58Z 2017-10-20T13:38:44Z "When the `home` URL and the `siteurl` have different domains, in 4.7 the preview shows the error message “Non-existent changeset UUID.” The reason is because the user is (probably) not authenticated on the frontend, and so the user cannot `customize` and since the changeset doesn't exist yet the user blocked from accessing the site. (The thought here is that the UUID serves as a unique key which would allow an unauthenticated user to access the preview if they knew it, though this wouldn't do any good for users who are previewing a theme switch since `switch_themes` capability is required regardless in that case). Note that the issue goes deeper when `FORCE_SSL_ADMIN` is enabled because the browser's cross-domain security policy blocks the preview frame altogether (in 4.7). Nevertheless, even as far back to 4.3 (at least) when attempting to access the customizer with the frontend (`home`) domain mapped to another domain from the backend (`siteurl`), the preview loads with a login form and submitting the form just results in the form being re-displayed indefinitely. The user can never advance past it. So cross-domain customizer preview seems to be broken prior to 4.7 as well. Note that the issue likely does not manifest in domain mapping plugins which dynamically change the `home` option (such as WordPress.com), as they do it conditionally based on whether or not the customizer is bootstrapped." RomainVB 73 39133 Check email length in is_email() has-patch Comments 4.8 normal normal Awaiting Review enhancement new 2016-12-07T05:38:44Z 2020-07-17T14:50:12Z "In reference to this ticket - https://core.trac.wordpress.org/ticket/38506#comment:12 It would be better to check email length within the is_email() itself instead of validating it at various other places. " PranaliPatel 4 39140 Taxonomies - operator AND doesn't work properly for taxonomy hierarchies Query 4.6.1 normal normal Awaiting Review defect (bug) new 2016-12-07T08:54:32Z 2019-01-08T19:56:52Z "Hi, This is a problem discovered using WooCommerce shortcodes but has its core problem in the WP core according to my findings. I've already implemented a fix for this in a customer project. I’ve ran into problems using one of the Woo shortcodes and operator ‘AND’. This is questioned by others several times before (see links below) but it seems like the core of the problem is not solved. I’ve worked with the issue on WP 4.6.1 installation and come to what I believe is a solution (changes in file class-wp-tax-query.php). Even if the issue is found using Woo product categories I believe this is an issue for taxonomies in general. Problem: Using shortcode to retrieve a filtered product list and filtering on two or more product categories using operator “AND” fails when using one or more non-leaf (i.e. parent) product categories. There even seemed to be additional problems when using more than two leaf keywords. In general the ""AND"" didn't behave as expected. Other reports on the issue: [https://wordpress.org/support/topic/operator-and-on-product_category/] [https://wordpress.org/support/topic/woocommerce-display-products-from-two-categories-combined/] [https://wordpress.org/support/topic/woocommerce-product_category-and-operator-returns-no-results/] Examples using Woo shortcodes: Taxonomies (product categories) for Product1: '''Leaf'''CatA, '''Leaf'''CatB [product_category category=”'''Parent'''CatA, '''Leaf'''CatB” operator=”AND”] => '''Fails''' - shows nothing. Should show Product1 [product_category category=”'''Leaf'''CatA, '''Leaf'''CatB” operator=”AND”] => '''Ok''' - shows Product1 Reason: There is no individual and complete hierarchial evaluation of each taxonomy/category keyword specified in the shortcode. Solution that worked for me: The issue is found in the WP-core file class-wp-tax-query.php. I’ve modified three functions to correct the issue. This includes changes to the SQL-statements generated. Changes to file class-wp-tax-query.php: class WP_Tax_Query - function get_sql_for_clause – code - function clean_query – input params and code - function transform_query – input params and code You find my modified and running code/functions with my comments here (tagged with // BF): [https://gist.github.com/Nettsidespesialisten/5d4596e18dced3c7d97501f195ffe02e] This is my first ticket here so please notify me how to contribute the best way with this issue (providing code into SVN or other). Kind regards Brede " bredefladen 2 39153 Bug in wp_html_split with unclosed PHP tag (or HTML tag <) needs-unit-tests Formatting 4.6.1 normal normal Awaiting Review defect (bug) new 2016-12-07T17:48:32Z 2018-03-02T08:27:32Z "The problem is in the ''shortcodes.php'' file, but exact problem is function ''wp_html_spli''t in ''formatting.php'' This bug is completely described in this question forum thread. https://wordpress.org/support/topic/bug-in-wp_html_split-with-unclosed-php-tag/ Consider following post code. {{{ Some amount of useless text [code-highlight line-numbers=""table"" linenostart=""53"" highlight-lines=""1,3,8"" style=""native"" lang=""html+php"" pyg-id=""1"" ] checkstyle [code-highlight style=""native"" lang=""perl"" pyg-id=""2"" ] (?:s+)(?:(/*([^*]|[rn]|(*+([^*/]|[rn])))**+/)|(//(?!.*(CHECKSTYLE)).*)) [/code-highlight] }}} Here dump after this line {{{ $textarr = wp_html_split( $content ); var_dump($textarr); exit; }}} {{{ array(25) { [0]=> string(0) """" [1]=> string(3) ""

    "" [2]=> string(28) ""Some amount of useless text "" [3]=> string(11) """" [4]=> string(0) """" [5]=> string(4) ""

    "" [6]=> string(1) "" "" [7]=> string(3) ""

    "" [8]=> string(121) ""[code-highlight line-numbers=""table"" linenostart=""53"" highlight-lines=""1,3,8"" style=""native"" lang=""html+php"" pyg-id=""1"" ]"" [9]=> string(6) ""
    "" [10]=> string(1) "" "" [11]=> string(464) """" [12]=> string(10) ""checkstyle"" [13]=> string(9) """" [14]=> string(0) """" [15]=> string(4) ""

    "" [16]=> string(56) "" [code-highlight style=""native"" lang=""perl"" pyg-id=""2"" ]"" [17]=> string(6) ""
    "" [18]=> string(72) "" (?:s+)(?:(/*([^*]|[rn]|(*+([^*/]|[rn])))**+/)|(//(?!.*(CHECKSTYLE)).*))"" [19]=> string(6) ""
    "" [20]=> string(19) "" [/code-highlight] "" [21]=> string(3) ""

    "" [22]=> string(15) ""Some Text Again"" [23]=> string(4) ""

    "" [24]=> string(1) "" "" } }}} As you can see one shortcode was not splitted, and here the problem. If php closing tag is present (?>) than everything works fine. Problematic regex provider {{{#!php is found. . '-(?!->)' // Dash not followed by end of comment. . '[^\-]*+' // Consume non-dashes. . ')*+' // Loop possessively. . '(?:-->)?'; // End of comment. If not found, match all input. $cdata = '!\[CDATA\[' // Start of comment, after the <. . '[^\]]*+' // Consume non-]. . '(?:' // Unroll the loop: Consume everything until ]]> is found. . '](?!]>)' // One ] not followed by end of comment. . '[^\]]*+' // Consume non-]. . ')*+' // Loop possessively. . '(?:]]>)?'; // End of comment. If not found, match all input. $escaped = '(?=' // Is the element escaped? . '!--' . '|' . '!\[CDATA\[' . ')' . '(?(?=!-)' // If yes, which type? . $comments . '|' . $cdata . ')'; $regex = '/(' // Capture the entire match. . '<' // Find start of element. . '(?' // Conditional expression follows. . $escaped // Find end of escaped element. . '|' // ... else ... . '[^>]*>?' // Find end of normal element. . ')' . ')/'; } return $regex; } }}} Without any doubts this case should be included in regex. " crosp 9 39156 Introduce singular capabilities for managing individual sites on a network dev-feedback Networks and Sites 3.0 normal normal Future Release enhancement new 2016-12-07T18:50:16Z 2021-07-20T08:00:36Z "As we did in #35614 for taxonomy terms, singular capabilities should be introduced for editing and deleting individual sites on a network. This would allow fine-grained cap checks such as `current_user_can( 'edit_site', $site_id )`. Bear in mind there's a potential clash here with the existing `delete_site` capability which is intended as a cap check for site admins to delete their own site. Needs some thought." johnbillion 9 39158 Unify site deactivation process dev-feedback Networks and Sites normal normal Future Release defect (bug) new 2016-12-07T19:20:38Z 2017-08-14T17:16:24Z "Currently there are three cases of ""deleting"" a site on a multisite setup: * deleting a site entirely (for example via Sites list table's ""Delete"" link) * deactivating a site from the network admin (for example via Sites list table's ""Deactivate"" link) * deactivating a site from the site admin (admin can click ""Delete Site"" in Tools menu) Note that deactivating a site does not wipe out the site, but rather sets the ""Deleted"" flag for that site (strange legacy naming, can be ignored here). What this ticket should solve is that the latter two processes work differently although they should be doing the same thing: While deactivating a site from the network admin simply sets the site to ""Deleted"", deactivating the current site from the site admin also removes all users from the site (via `wpmu_delete_blog()`). That means if an admin deactivates their site and later asks support (i.e. the network administrator) to restore it, all users will be gone. I'm not sure why this happens, but I certainly don't think the two actions should have a different behavior. My proposal is to move the part of that function where users are removed into the `if ( $drop )` clause to make sure users are only removed when the site is actually being deleted." flixos90 7 39159 Add APC to automated test matrix Build/Test Tools normal normal Awaiting Review feature request new 2016-12-07T19:58:12Z 2020-11-09T19:50:50Z We already have a test run using memcache, but APC is different and @jaquith's object cache drop-in is heavily used enough that it makes sense to also run the automated tests using it. Inspired by #39132 jorbin 1 39167 Theme mods should be able to be gotten/changed on inactive themes. dev-feedback Themes 2.1 normal normal Awaiting Review enhancement new 2016-12-07T22:37:54Z 2019-03-15T02:06:13Z "Currently, there is no way (short of direct option queries) to get theme mods of an inactive theme. This can be problematic when a user wants to see what changes they had configured on a parent theme, when on a child theme, or when trying to see the other theme mods they had configured elsewhere. This change moves the bulk of the theme mod functions to be methods on the `WP_Theme` class -- so if you `wp_get_theme()` any theme -- active or inactive -- you can view and change its mods. The attached changeset also converts the existing legacy methods to use the new versions on the current theme. Related: [4401]" georgestephanis 1 39170 Remove connection between network email and super admin account dev-feedback Networks and Sites normal normal Future Release defect (bug) new 2016-12-07T23:26:30Z 2019-03-15T02:07:02Z "While looking at #34293, I came across the restriction that a user's super admin capabilities cannot be revoked when that user has the same email address that is currently specified as network (admin) email address. I just chat about this with @johnbillion and he agreed that the connection between the network email and a super admin doesn't really make sense, especially since one can easily work around it by temporarily changing the network email address before revoking super admin caps on the user. He also pointed to #14051 where the change was made, however even on that ticket there are concerns about inconsistency expressed. I think this restriction should be removed so that any super admin can have their capabilities revoked regardless of email address. This would also clarify the meaning of the network email address (which we would then change to display as something like ""Network Email"" or ""Network Notification Email""). Any information on the history why that change was made in the first place would be welcome, because on the ticket itself the comments seem to agree on what I'm describing here, although in the end the changeset still introduces the restriction without any documented context." flixos90 2 39174 Introduce network roles needs-unit-tests Role/Capability normal normal Future Release feature request new 2016-12-08T02:00:45Z 2019-03-15T02:07:55Z "We have been discussing introducing network roles during multisite office-hours several times. The original concept for roles on multisite/multinetwork was the following: ''Site Administrator < Network Administrator (currently also called ""Super Admin"") < Global Administrator < Super Admin (special access via `$super_admins` global, has all capabilities automatically)'' This ticket is about network roles in particular, but we need to figure out the entire concept we'll be going with beforehand. After the initial discussions which happened several weeks ago, I started playing around with that idea and created a plugin with network roles which is available at https://github.com/felixarntz/wp-network-roles. The details on that plugin are described in this Google doc (and are probably worth reading to understand the following discussion better): https://docs.google.com/document/d/1MWwwKmhBJookr5dEcYga4sBtCwvx-K8uSucBFx6SP9U/edit# I just had a long conversation with @johnbillion around this topic where we agreed on some ideas, disagreed on others, were entirely unsure about others. The following bullet points sum up what we talked about / which questions we raised. * The original idea of network roles was that these roles behave similar to regular site roles: They all have a set of capabilities they can perform. These capabilities can apply to either the site or network level. This allows for roles like the current ""Super Admin"" / ""Network Administrator"" that has access to everything a site administrator has, but also to any network admin functionality - however it also allows for roles like a possible ""Network Editor"" which would be the same as if a user had the ""Editor"" role on every site of the network. * Should we support both of these concepts? Or should network roles only affect the actual network admin area? If the latter, which roles would we even need in Core itself (in addition to the ""Super Admin"" / ""Network Administrator"")? This decision would also affect whether we should support inheritance of network capabilities to site capabilities or whether network roles would just be additional kind of roles for a user. An example to clarify: * First approach: The ""Super Admin"" / ""Network Administrator"" has all the capabilities a regular site administrator has, plus the network admin area capabilities (like `manage_network` or `manage_network_options`), so they automatically behave as if they were a site administrator on every site in the network. * Second approach: The ""Super Admin"" / ""Network Administrator"" role only has network admin area capabilities (like `manage_network` or `manage_network_options`), so the user also needs to have the site administrator role for each site they want to access. (probably not?) * If we support inheritance, can we handle the two kinds of roles together? A ""Network Administrator"" that has access to the network admin area is conceptually a bit different from a ""Network Editor"" who can only access all site admin areas on that network. If we find solid descriptive names, we're probably good here. For example, instead of having a ""Network Administrator"" being the role where one can access the network admin and at the same point be an administrator on all the network's sites, maybe that role should rather be called ""Network Manager"", while ""Network Administrator"" is a different role which basically means that user is an administrator on all the network's sites, but cannot access the network admin area. * We would certainly need to handle that in a slow migration path: If we introduce a network role system with a predefined set of capabilities in let's say 4.8, we write a dev-note at the same time that tells plugin authors that they now need to add their custom capabilities to the new network role because that role no longer automatically can do anything. At this point however we still keep the current super admin functionality in sync so that the role actually still can do anything. We wait until 2-3 releases later to actually remove the sync thing, which means we get rid of the `site_admin` network option and from that point on use `is_super_admin()` and `get_super_admins()` only to retrieve users specified in the `$super_admins` global. * Is this the right approach at all? Currently the ""Super Admin"" / ""Network Administrator"" can do ""anything but..."" rather than having a predefined set of capabilities. While we can address that with a migration like described above, we still need to think about whether it ''is'' the right way to do it. Maybe we need a concept like ""Role X can do anything under certain circumstances unless specifically denied"". * How should we handle Multisite / Multinetwork? Multisite is the ""easy"" thing here - for all of the changes here we need to consider Multinetwork especially, even though it is not really supported by Core at this point. * What do we think a ""Super Admin"" is? Is that a network administrator with specific capabilities, is it kind of a global administrator or is it a special thing that can do anything, thus not having a predefined set of capabilities? Core itself doesn't really know what a super admin is at this point. In most setups it is a network administrator / network manager as it's stored in a network option. But if you use the `$super_admins` global, it suddenly turns into some kind of a global administrator. Which of the two are we going to stick with for that terminology? * Can we rename the term ""Super Admin"" at all (in terms of BC)? It would probably become either ""Network Administrator"" or ""Network Manager"" depending on the approach. If we can't rename it and keep the name for the ""network administrator"" role, how are we going to handle the higher role level? This will likely become a feature project, but this ticket is for more discussion beforehand." flixos90 5 39186 Bulk actions not correctly applied when selecting bulk actions in both the top and bottom bulk actions dropdowns engelen needs-unit-tests Quick/Bulk Edit 4.7 normal normal Future Release defect (bug) assigned 2016-12-08T14:48:44Z 2023-02-28T16:25:04Z "In `WP_List_Table` objects, the bulk actions dropdown and ""Apply"" button is displayed twice: once below the table and once above the table. The `name` attribute of the bulk actions dropdown element is always set ""action"". This wouldn't be a problem if the top and bottom actions were two in different forms. However, both dropdown elements are in the `posts-filter`-form. You can start to see the problem here. Two form elements both have the same name, which yields unexpected behaviour when trying to apply bulk actions. Take the following use case, for example: - Select some posts from the posts list in `/wp-admin/edit.php`. - Select ""Edit"" from the bulk actions dropdown above the list table. - Select ""Move to Trash"" from the dropdown below the list table. - Click the apply button next to the dropdown on the bottom of the list table. - The submit request is sent. You would expect the posts to be moved to the trash, but instead, nothing happens. Screencast of bug: http://recordit.co/EjHAbw2KNr The solution I see would rename the dropdowns for the top and bottom dropdowns (they already have different names) and name the ""Apply"" buttons. Then, when one of the buttons is pressed, execute the corresponding bulk action. In any case, we shouldn't have any two form elements with the same name in a single form." engelen 21 39188 Wrapping paragraph tags around 'Read More' link stripped out of custom post type Formatting 4.7 normal normal Awaiting Review defect (bug) new 2016-12-08T19:42:53Z 2019-03-15T02:08:28Z "My Genesis child-theme modifies the 'Read More' link in posts and custom post types by stripping out the 3 dots (hellipsis) after the link text, changing the text string, and adding styling attributes. The anchor link is wrapped in a set of p-tags. When I updated WordPress Core in my local development environment from version 4.6.1 to 4.7, the wrapping p-tags were stripped out, and the anchor tag wrapping the 'Read More' link slid up into the preceding paragraph of text. The padding added to the paragraph tags wrapping the link disappeared, and the link styling became in-line to the preceding paragraph text (not what I wanted). I was able to install a fresh copy of my local dev site and then reran the WP Core update, reproducing the problem. I'm not sure why the wrapping paragraph tags are getting stripped out. For now, I can work around the problem by running WP v4.6.1, which is not an optimal, long-term solution. To see an example of how the 'Read More' links are supposed to appear, visit [http://alb.spiralwebdb.com] and view the custom posts on the front page under 'Practice Areas'. A screenshot of the displaced 'Read More' links is attached as a PNG file." yogaman5020 39190 RSS feed not valid: U+001A or 0x1a Formatting normal normal Awaiting Review defect (bug) new 2016-12-08T21:23:40Z 2019-01-04T09:45:50Z "I am not sure how is it possible, but one of our users copy/paste text from another website into TinyMCE and content is now filled with strange non-visible Unicode characters `U+001A` / `0x1a` (`001a` in JSON response). It is not visible in TinyMCE or frontend, but it is saved in database and also RSS feed is considered as invalid (displayed without problem in browser, but characters are there). RSS feed is processed by other custom scripts and we are receiving following messages (different validators): `PCDATA invalid Char value 26` `Input is not proper UTF-8, indicate encoding! Bytes: 0x1A` I can replace those characters and add a check before saving content into database, but it should not be possible for users to break their feeds by copying content into TinyMCE?" pavelevap 39196 When saving large menus the JSON encoded string was not used. related to #14134 has-patch Menus 4.5 normal normal Awaiting Review defect (bug) new 2016-12-09T09:24:44Z 2017-07-05T00:06:02Z "This is a follow-up to #14134. The solution proposed in #14134 is not properly working. This is because the values of the JSON string are replacing $_POST but later on $_REQUEST was being used. The only reason it seemed to still work is because the post action of the form was populating all the variables, but still failed when the apache, php or suhosin were reached. In the proposed solution only the JSON string, menu ID and action are submitted by post and then $_POST and $_REQUEST are populated with the data. " budaned 2 39197 Page not found error on posts in different alphabets General normal normal Awaiting Review defect (bug) reopened 2016-12-09T09:48:07Z 2019-03-15T02:09:30Z "Hi, I have a question about the new WP 4.7. I noticed that the permalinks are not working well for languages that are using different alphabets (for example, cyrillic or arabic). Before updating to 4.7, I was able to publish posts to my WP sites in Cyrillic, but now these posts are only visible in my Home page, but when I click on the title to open it, I'm sent to 'That page can't be found'. I still have one site that hasn't been updated to 4.7 and publishing posts in these alphabets are working fine. Is this something that has to do with the recent changes in WP? Thanks in advance, Arnela" arnela 2 39237 PHPunit coverage reports fail if the is out to the stdout or header dev-feedback Build/Test Tools normal normal Future Release defect (bug) new 2016-12-11T18:03:15Z 2020-03-21T23:17:25Z "trying to get the coverage report to work :-) https://phpunit.de/manual/current/en/textui.html and their error due to the ech statements in the phpunit `install.php` and `bootstrap.php` i.e. {{{#!php determine_charset now forces utf8 when DB_CHARSET is set to utf8mb4 dev-feedback Database 4.7 normal normal Awaiting Review defect (bug) new 2016-12-14T05:05:58Z 2019-03-15T02:23:09Z "I've seen this happen several times now. `DB_CHARSET` is defined as `utf8mb4` and the columns in the database are set to `utf8mb4_unicode_ci`. However, the changes in 38581 are now forcing `utf8` causing the serialized array lengths to change when the data is queried and breaking them because the charsets don't match. I can't say for certain because I'm debugging this issue on a site that isn't mine, but I don't think anyone explicitly set `DB_CHARSET` to `utf8mb4` in `wp-config.php`. It appears that at one point, WordPress set that define and created (or updated) those tables to `utf8mb4_unicode_ci`. Deleting the `DB_CHARSET` define fixes the issue but that doesn't seem like an ideal solution for users who update and end up with a broken site. I'll admit this is a bit over my head, so I'm hoping someone smarter than me might be able to chime in with some more info :) I'm definitely available to keep the conversation going. Thanks! " justinbusa 39281 Twenty Seventeen: header.php forces thumbnails on all post types has-patch Bundled Theme 4.8 normal normal 6.6 enhancement reopened 2016-12-14T17:23:54Z 2024-02-22T06:48:27Z "My plugin has custom post type and custom 'single-post-type' views and doesn't utilize thumbnails in them. As a result layout appears broken, and there is nothing I can do to make the plugin compatible with Twentyseventeen. I went to have a look how WooCommerce deals with this, and it turns out that there is this piece of code in the style of twentyseventeen: {{{ .single-product .single-featured-image-header { display: none } }}} While that does work, I don't think it's a solution. At the very least there has to be a filter to dynamically disable the thumbnail from `header.php`" justnorris 10 39282 The process for approving and then replying to a comment can be made more visible Comments 3.1 low normal Awaiting Review enhancement new 2016-12-14T18:17:51Z 2020-09-01T15:53:25Z "The workflow for approving and then immediately replying to a comment has a shortcut in WordPress, but it's not obvious. If you don't know about it, you can waste time and effort switching between the pending and approved views on the comment moderation screen after approving a comment and then wanting to reply to it. The `Reply` link on a pending comment is actually a shortcut for approving and then replying to a comment. The `Reply` link text should be updated to `Approve and Reply` to reflect this and make comment moderation a more enjoyable process." johnbillion 7 39286 Standardizing actions and filters for adding, getting, setting, updating, and deleting options and transients Options, Meta APIs normal normal Awaiting Review enhancement new 2016-12-14T21:46:09Z 2022-07-21T14:33:56Z "== The Problem == In a nutshell, the problem is that there is no standardization of hooks surrounding the options and transient APIs and the hooks presently available are inconsistent in their terminology. === Issue 1: Add Option === When adding an option to the database, there are presently 3 hook available: * `add_option` * `add_option_{$option}` * `added_option` There are two main points of confusion: * The first point of confusion is that `add_option` is fired before the option is added to the database, but `add_option_{$option}` is fired after the option is added. * The second is that prior to the option being added to the database, there is a hook available that will fire anytime an option is added, while there are two hooks fired after the option is added. There is no hook available prior to the option being added to the database that fires for the specific `$option`. These same two issues are present for updating and deleting options. === Issue 2: Get Option === When getting an option from the database, there are only two hooks fired: * `pre_option_{$option}` * `option_{$option}` The first is fired before the option is getted from the database and the second after. The problems are that: * Unlike adding, updating, and deleting, there is no verb in this hook to tell what is being done * There are no hooks that fire for every option getted from the database === Issue 3: Delete Transient === Transients are sort of like options. Without an external object cache, WordPress stores them in the options table of the database. It would make sense that the hooks available for transients are consistent with those available for options. If we look at deleting a transient, there are two hooks available: * `delete_transient_{$transient}` * `deleted_transient` ( The same issues are present with site transients. ) Remembering issue 1 above, there are presently three hooks available when deleting and option. * `delete_option` * `delete_option_{$option}` * `deleted_option` There are a couple issues: * There is no hook present that will fire every time a transient is deleted, either before or after * The `delete_transient_{$transient}` is fired BEFORE the transient is deleted in contrast with the `delete_option_{$option}` hook which is fired AFTER the option is deleted. === Issue 4: Pre === Prior to getting and setting transients, the hooks all start with `pre_`. But this prefix is used inconsistently throughout. * It is not used prior to deleting the transient * It is used prior to getting an option, but not prior to adding, updating or deleting == Proposal == === Structure of hooks === I would like to propose that there be four hooks for each action: two before and two after, one general and one specific. The general structure would look like so: {{{ ""pre_{present-tense-verb}_{noun}"" ""pre_{present-tense-verb}_{noun}_{$variable}"" [verb noun] ""{past-tense-verb}_{noun}_{$variable}"" ""{past-tense-verb}_{noun}"" }}} So for instance, adding an option would look like: {{{ ""pre_add_option"" ""pre_add_option_{$variable}"" [add option] ""added_option_{$variable}"" ""added_option"" }}} === Type of hook === Prior to adding, setting, or updating options/transients, the hooks should be a filter to allow changing of the option/transient prior to writing to the database. After adding, setting, or updating the hooks should be an action since the write has already occurred. Both prior and after getting an option/transient, the hook should be a filter. I'm not sure the use case for filtering the option before running the query, but that's what's presently done. Before and after the option is deleted the hook should be an action as there's no need to change the value of the option since it's being deleted anyway. === Deprecating hooks === There are several hooks no present that don't fit the proposed structure above. I suggest these hooks continue to work for backward compatibility, but that they be deprecated. === See also === [https://docs.google.com/document/d/1Zl7SuBJTWY8oWvWP6p4QuDmOCowuuqKHtmnmmlhasBI Google Doc] showing all the new and deprecated hooks == Related Tickets == * #37928 * #37929 * #37930 " NathanAtmoz 1 39295 Prevent infinite loop when calling get_user_locale() in a 'locale' filter has-patch I18N 4.7 normal major Awaiting Review enhancement new 2016-12-15T11:12:40Z 2020-09-27T17:07:25Z "Using `get_user_locale()` in a `locale` filter (for `get_locale()`) might sound like a good idea, for example to change the site locale depending on our user. {{{#!php locale` value exists. Since this only affects logged out users, it feels like an easy trap to miss, and we should prevent that. " yoavf 3 39298 Add filters for the exporter Export normal normal Awaiting Review enhancement new 2016-12-15T15:25:36Z 2019-03-15T01:06:47Z "I think being able to enhance the exporter with plugins would be very helpful. If there was a filter for the export options where custom export queries could be made to possibly return the $post_ids to be exported I think that would be a great addition because I recently had to edit the core export file to build a custom export query. I noticed one plugin attempted this but resorted to completely replacing the export.php file. " stormrockwell 39301 Importer associates all posts with uncategorized term in WP4.7 PHP7 Import 4.7 normal normal WordPress.org defect (bug) new 2016-12-16T01:00:20Z 2017-04-01T08:33:47Z "The WordPress Importer plugin fails to remove the uncategorized term from the post which has at least one category set. It's a pretty quick fix, though. wordpress-importer.php after line 729 Insert: {{{#!php if ( 'category' == $term['domain'] ) $post_is_categorized = TRUE; }}} wordpress-importer.php after line 753 Insert: {{{#!php if ( isset( $post_is_categorized ) && $post_is_categorized ) { wp_remove_object_terms( $post_id, 'uncategorized', 'category' ); unset( $post_is_categorized ); } }}} And BTW, is there somewhere I can make pull requests for WP like on github? That will make it much easier to suggest code changes. " staymanhou 5 39309 Secure WordPress Against Infrastructure Attacks has-patch Upgrade/Install 4.8 normal critical Future Release task (blessed) assigned 2016-12-16T17:50:14Z 2022-05-26T22:30:44Z "(Similar to #25052 but much more focused on the implementation details) == Background == Recommended reading: 1. http://seclists.org/oss-sec/2016/q4/478 2. https://www.wordfence.com/blog/2016/11/hacking-27-web-via-wordpress-auto-update/ 3. https://paragonie.com/blog/2016/10/guide-automatic-security-updates-for-php-developers Currently, if an attacker can compromise api.wordpress.org, they can issue a fake WordPress update and gain access to every WordPress install on the Internet that has automatic updating enabled. We're two minutes to midnight here (we were one minute to midnight before the Wordfence team found that vulnerability). Given WordPress's ubiquity, an attacker with control of 27% of websites on the Internet is a grave threat to the security of the rest of the Internet. I don't know how much infrastructure could withstand that level of DDoS. (Maybe Google?) The solution is to make the automatic update mechanism secure **even if the update server is totally owned up**. As published in the third link, the core elements of a totally secure automatic update system are: 1. Offline Cryptographic Signatures 2. Reproducible Builds 3. Decentralized Authenticity / Userbase Consistency Verification 4. Transport-Layer Security 5. Mirrors and Other Availability Concerns 6. Separation of Privileges However, I'm mostly interested in 1, 2, and 3. I believe 4 is already implemented (if not, this just became a lot scarier). == Proposed Solution == We're going to have to roll this out in phases, rather than all at once. 1. Offline Cryptographic Signatures 1. Decide on a digital signature algorithm and/or cryptography library to use. 2. Generate a keypair for the release managers to use. 3. Pin the public key in a major release (e.g. 4.8 or 4.9). 4. Add signature verification to the update process, but for the first release or two, **don't enforce it**. Just collect data until we're sure it works for everyone. 5. Enforce digital signatures. Then this is satisfied. 2. Reproducible Builds. 1. The update file should be easily reproduced by any end user. 2. The update file and update served by api.wordpress.org should be easily verifiable. 3. We wrote Pharaoh for auditing PHP Archives; something similar may be useful for WP updates: https://paragonie.com/project/pharaoh 3. Decentralized Authenticity / Userbase Consistency Verification * See below. 4. Make plugin/theme updates secure. Once core updates are secure, the next step is to allow plugin/theme developers to upload their own public keys which can be used to sign their own extensions. If you want a reference implementation, we already have a working secure automatic update system built into CMS Airship (which is GPL 3): * https://paragonie.com/blog/2016/05/keyggdrasil-continuum-cryptography-powering-cms-airship * https://github.com/paragonie/airship/blob/master/src/Engine/Continuum.php * https://github.com/paragonie/airship/blob/master/src/Engine/Keyggdrasil.php === Decentralized Authenticity === In CMS Airship, we're totally decentralized: Every Airship maintains its own record of every update file or new/revoked public key since its inception. (This is because CMS Airship aims for maximum security.) For WordPress, I'm recommending a federated model instead, but the concepts are mostly the same: 1. Notaries (WordPress blogs or other services that opt in to hosting/verifying the updates) will mirror a Merkle tree which contains (with timestamps and signatures): * Any new public keys * Any public key revocations * Cryptographic hashes of any core/extension updates 2. WordPress blogs will have a pool of notaries they trust explicitly. (This can be provided by your hosting provider, who runs the single source of truth for all their clients, so long as they themselves practice due diligence.) 3. When an update is received from the server, after checking the signature against the WP core's public key, they will poll at least one trusted Notary (send a challenge nonce, current timestamp, a checksum of the update file, and any other useful identifying metadata e.g. ""wp-core version 4.9.2""). The Notary will verify that the update exists and matches the checksum on file, and respond with a signed message containing: * The challenge nonce * The response timestamp * Whether or not the update was valid This will be useful in the event that the WP.org's signing key is ever compromised by a sophisticated adversary: If they attempt to issue a silent, targeted update to a machine of interest, they cannot do so reliably: To pull off their attack, they have to allow the Merkle tree (that is mirrored by every Notary) to record/broadcast evidence of their attack in order for it to succeed. So while targeted attacks may still be theoretically possible, it will no longer be possible to do them silently. In addition to a security layer, it's a deterrent against the most sophisticated threats. === Securing Plugins and Themes === This will probably be the last piece tackled. Basically: Offer the same signing capabilities to theme/plugin developers that will already be in the hands of the core team. This can be done piecemeal (i.e. optional field on WP.org that allows them to upload their public key, generated by some tooling we provide developers). We should incentivize packages that provide their own signature by, for instance, placing them higher in the listings and/or giving them an attractive and desirable UI element that says ""we're secure"". If we one day reach near-100% coverage of the WP ecosystem with digital signing, we can discuss making it mandatory. == Implementation Recommendations == Okay, this section is going to be technical so feel free to skip most of this if you're not into cryptography. TL;DR - We need a libsodium polyfill, which Paragon Initiative Enterprises is willing to write for free if (and only if) the cost of an independent third party audit is covered by the community and/or the community's corporate sponsors. === Digital signatures === PHP, out of the box, only supports RSA signatures (via the OpenSSL extension), but doesn't support RSASSA-PSS+MGF1SHA256. PKCS1v1.5 padding is unacceptable. It may be tempting to move towards something like ECDSA, but a mix of security concerns (the Sony ECDSA k-value reuse incident, invalid curve attacks against Weierstrass curves) makes us wary even of RFC 6979 (deterministic ECDSA). We propose a standardized digital signature algorithm based on twisted Edwards curves. Namely, **Ed25519** or **Ed448** (EdDSA over the RFC 7748 curves). === Merkle Trees === The TrimmedMerkleTree in Halite is probably the best starting point: https://github.com/paragonie/halite/blob/master/src/Structure/TrimmedMerkleTree.php Halite's Merkle tree implementations are based on the BLAKE2b hash function (a SHA3 finalist with great performance in software based on the ChaCha20 round function). === Checksums === One of the following algorithms should be used where ever a checksum is required: * BLAKE2b * SHA-512/256 * SHA-512/224 * SHA-384 At no point should MD5 or SHA1 be considered. SHA-256 and SHA-512 are vulnerable to length-extension attacks and are not recommended. == Action Plan == First, if this plan is agreeable by WordPress's security team, we'll get to work on a libsodium polyfill that works as far back as PHP 5.2.4 (in the spirit of WordPress's backwards compatibility tradition). Once that's finished, independently audited by cryptography experts, and released to the public, we'll work on getting the core cryptographically signed. This will require some additional tooling; the release managers will need to run a command to produce a valid signature of the update file before releasing it. After core updates are signed and signatures are being verified, we'll build the decentralized verification layer. Then, we can move forward with making everyone's plugins and extensions securely delivered. --- Edit Jan 3, 2019: As noted in [comment:50 comment #50], adding the sodium_compat library has been split out to a separate ticket, #45806, as it can serve a wider purpose than protecting against infrastructure attacks. -- @peterwilsoncc" paragoninitiativeenterprises 104 39318 Assign a theme when creating a site (Multisite) has-patch Networks and Sites 3.0 normal normal Future Release enhancement new 2016-12-17T18:13:46Z 2019-03-13T20:50:42Z "This is a serie of multisite focus enhancements for themes, the major one is from #13743 that add a network default theme (I used this network option in this following patch). This ticket ""Assign a theme when creating a site"" was a shared idea discussed on WCUS, WC Cologne, etc. So here a first patch that just add a select input containing the activated themes of the current network. By default, the selected theme is WP_DEFAULT_THEME constant or the new default network option for theme. After the form is submited, we add stylesheet and template name to the $meta array, and {{{wpmu_create_blog}}} function makes an automatic update option with the right theme." Mista-Flo 13 39321 Issue with get_permalink when using wp_update_post() and %author% is part of your permalink dev-feedback Permalinks 4.7 normal normal Awaiting Review defect (bug) new 2016-12-17T21:39:12Z 2020-05-22T04:16:09Z "This was an odd and very specific issue I found with `get_permalink()`. When using `wp_update_post()`, I was getting the following: PHP Notice: Trying to get property of non-object etc... I traced it to `wp-includes/link-template.php` on line 205: {{{#!php if ( strpos($permalink, '%author%') !== false) { $authordata = get_userdata($post->post_author); $author = $authordata->user_nicename; } }}} When the post is a `revision`, post_author is equal to 0, so there's no `user_nicename` property because get_userdata(0) does not return an object. So here's a possible fix for those situations: {{{#!php if ( strpos($permalink, '%author%') !== false) { $authordata = get_userdata($post->post_author); if ( is_a( $authordata, 'WP_User' ) ) { $author = $authordata->user_nicename; } } }}}" mauteri 4 39330 WP_Image_Editor_Imagick: get pdf from url Media 4.8 normal normal Awaiting Review enhancement new 2016-12-19T13:59:58Z 2024-01-16T13:00:28Z It is not possible to use the class, if an url is passed as filepath. With this little patch it is possible (I know it's not perfect. Maybe someone can make it better) wordpressrene 1 39331 unsharpMaskImage in Imagick's thumbnail_image is not compatible with CMYK jpegs. Media 4.5 normal normal Awaiting Review defect (bug) new 2016-12-19T15:31:11Z 2017-05-11T14:40:11Z "This has been split off from #39216. The use of `Imagick::unsharpMaskImage()` in `WP_Image_Editor_Imagick::thumbnail_image()` on jpegs with CMYK color spaces results in mangled images, eg black text becomes fuzzy and over-black, and colors change. The attached patch just doesn't call it if the image has a CMYK color space. The unit test requires the attached ""test_cmyk.jpg"" to be uploaded to the test data images directory (which is actually the ""full"" jpeg produced by `WP_Image_Editor_Imagick` when processing the ""test_cmyk.pdf"" PDF uploaded to #39216). " gitlost 3 39334 Network administrators should be able to enable themes on the site level has-patch Networks and Sites normal normal Awaiting Review enhancement new 2016-12-19T18:42:12Z 2017-12-03T17:13:59Z "At the WordCamp USA, a suggested idea about themes in a multisite context was to allow network administrators (that have manage_network_themes cap) to network enable themes on the site level. So I have made a patch to handle this. You can now activate a theme on a site on two actions (first network activate, then activate for the site) on the same page. Maybe it could be better to handle this in just one action, and just network activate the theme if it's not yet activated before site activation." Mista-Flo 2 39338 class-wp-hook.php - apply_filters() infinite loop has-patch Plugins 4.7 normal critical Future Release defect (bug) new 2016-12-20T08:16:25Z 2019-08-01T00:55:14Z "I just saw nearly 60 million error log entries (17 GB) due to this bug. In line 303 of class-wp-hook.php, there is a piece of code that will cause an infinite loop: {{{#!php } while ( false !== next( $this->iterations[ $nesting_level ] ) ); }}} The problem is that {{{#!php $this->iterations[ $nesting_level ] }}} can be null. Suggested fix: {{{#!php } while ( ! is_null( $this->iterations[ $nesting_level ] ) && false !== next( $this->iterations[ $nesting_level ] ) ); }}} I also urge developers to look for similar ""false !== next()"" constructs in code, as they '''will''' lead to infinite loops." frettled 78 39340 Scheduled Posts are being missed (problem with wp-cron.php?) Cron API 4.6.1 normal normal Awaiting Review defect (bug) new 2016-12-20T09:45:33Z 2020-04-03T14:39:45Z "Scheduled posts are missing their set time. This is not an issue with out server times, nor is it an issue with the cron jobs. I have seen that many other users are experiencing problems with this, but as of yet there has been no word from WordPress. Has this been fixed in 4.7? Or is this still outstanding? " remarkablemike 10 39346 Display Error if GD library ins't installed/enabled Media 4.7 normal normal Awaiting Review enhancement new 2016-12-20T18:47:03Z 2018-01-04T18:55:29Z "I recently moved a website to a new server and ran the Regenerate Thumbnails plugin which ended up breaking my site because it couldn't generate the image sizes. Looking at their reviews there are a number of people bashing the plugin for breaking their sites because they do not have the GD library installed. I was very confused for awhile and I couldn't google the issue I was having but then remembered it required the GD library. This isn't an issue only directed at the plugin because when you upload an image it will only show the full size available which left me puzzled for awhile. I think if we could display an error in the media library after uploading an image that it failed to create the image sizes because of the missing PHP library that would be very helpful." stormrockwell 3 39347 Role Column In Multisite's User List, Augment User Profile to Show Sites/Roles Users 4.7 normal normal Awaiting Review enhancement new 2016-12-20T19:13:26Z 2019-03-15T01:07:22Z "WordPress multisite's network user list displays sites per user but does not offer a column with the user's role on each one. It would be helpful to add a column to the right of 'Sites' named 'Role' with their role on each one. Network administrators would appreciate this enhancement, to show users' roles at-a-glance and verify they were set appropriately. Currently the workflow is to open each individual sites' settings and click on the Users tab. This is cumbersome if you just need to verify role levels. It would be helpful to see the same information in each users' profile (a list of sites associated with the user, and their role on the site)." anseltaft 2 39351 Passing 'none' to menu_icon of custom post type displays broken image in admin menu has-patch Posts, Post Types normal minor Future Release defect (bug) new 2016-12-20T22:39:43Z 2017-05-19T14:27:41Z "According to the inline documentation of class WP_Post_Type you have to pass 'none' for the menu_icon parameter to leave div.wp-menu-image empty to be able to add an icon via CSS. However passing none (or div) as menu_icon while registering a post type result in a broken image because instead of 'none' you get 'http://none'. The following condition in line 120 of menu-header.php does not match: {{{ if ( 'none' === $item[6] || 'div' === $item[6] ) { $img = '
    '; } }}} The conditional statement in line 103 of /wp-admin/menu.php url escapes any value of menu_icon that is neither a dashicons class nor a svg data: {{{ if ( 0 === strpos( $ptype_obj->menu_icon, 'data:image/svg+xml;base64,' ) || 0 === strpos( $ptype_obj->menu_icon, 'dashicons-' ) ) { $menu_icon = $ptype_obj->menu_icon; } else { $menu_icon = esc_url( $ptype_obj->menu_icon ); } }}} To make 'none' and 'div' (deprecated) work as documented either the first condition has to be extended or an additional elseif statement has to be included. I have opted for the second statement for better readability and documentation. " mensmaximus 6 39352 Customize: menu widgets have two edit shortcuts Customize 4.7 normal normal Awaiting Review defect (bug) new 2016-12-20T22:59:37Z 2021-05-24T02:47:23Z "r39622 fixes the edit shortcut for menus inside widgets, but that still leaves two edit shortcuts for those partials, generally with one on top of the other. Right now the menu shortcut is on top of the widget shortcut, so I was thinking it might be worth while to hide one, but I wonder which one is the better experience for users? Clicking on the menu shortcut brings up the editor for that menu. [[Image(https://cldup.com/7lTAzaHguo.png)]] Clicking on the widget shortcut brings up the widget settings, which allow changing which menu is displayed there. [[Image(https://cldup.com/mWvyLgbTc1.png)]] It seems to me that both could be what a user might be looking for, but I think we can really only have one. Since you can click the ""Edit Menu"" button to get from the widget settings to the menu settings and not the other way around, I suggest we hide the menu shortcut, but I'm open to a dissenting opinion. cc: @folletto and @melchoyce for a UX perspective Split from #39101 " sirbrillig 3 39355 Menu title doesn't get updated if I change the page title Menus 4.7 normal normal Awaiting Review defect (bug) assigned 2016-12-21T01:38:03Z 2020-01-08T00:23:49Z "It seems like WordPress converts the hyphen character to the dash character automatically. I created a new page with the following page title: '''Foo - Bar''' However, when I checked the menu title (Appearance > Menus), I found the title was displayed as: '''Foo – Bar''' The page gets stored in the database with a customized menu title (page title with a hyphen and menu title with a dash) and that's why the menu title doesn't get updated if I change the page title." maaarsl 4 39356 grunt precommit doesn't work on full checkouts of develop.svn has-patch Build/Test Tools normal normal Future Release defect (bug) new 2016-12-21T05:46:13Z 2017-05-18T14:25:45Z "To reproduce: {{{ $ svn co https://develop.svn.wordpress.org/ develop.svn $ cd develop.svn/branches/4.7 }}} Edit a file in the 4.7 branch, then run `grunt precommit`. It fails with this message: {{{ $ grunt precommit Running ""precommit"" task Fatal error: This WordPress install is not under version control. }}}" pento 2 39358 Media search speed has been dramatically reduced joemcgill Media 4.7 normal normal Future Release defect (bug) reopened 2016-12-21T08:07:18Z 2023-10-18T16:48:40Z "In the ajax-actions.php file there is function called wp_ajax_query_attachments. This function is responsible for searching images in the media library. We see that in Wordpress 4.7, someone added a new filter to this function: {{{ // Filter query clauses to include filenames. if ( isset( $query['s'] ) ) { add_filter( 'posts_clauses', '_filter_query_attachment_filenames' ); } }}} This filter is a performance killer and takes forever to output a result in large databases. We have tested this with db that has over 500000 posts." merts 20 39361 Object not properly tested against in wp-includes/post-template.php reporter-feedback General 4.7 normal normal Awaiting Review defect (bug) new 2016-12-21T10:23:39Z 2019-03-15T01:08:10Z "PHP Notice: Trying to get property of non-object in /home/coffeet9/public_html/wp-includes/post-template.php on line 298 line 298: {{{ if ( false !== strpos( $post->post_content, '' ) && ( ! $multipage || $page == 1 ) ) $strip_teaser = true; }}} Requires if(isset($post->post_content)) so that null variables aren't tested against" fourstringfail 1 39362 Checkbox control for 'Automatically add new top-level pages to this menu' not wrapped in checkbox customize control dev-feedback Customize 4.7 normal normal Awaiting Review enhancement new 2016-12-21T11:48:34Z 2021-05-24T02:50:58Z "When you go to set the menu in the customizer you have the option to check the Menu Options for Adding the top-level pages automatically to the current menu. This option isn't wrapped in the {{{
  • }}} This isn't a bug, but a hindrance if you want to customize the look of the customizer and would like to have all the checkboxes look the same. One could say that all one needs to add is the style for {{{ .input[type=""checkbox""] }}} but this is not true if you have a custom control that has a checkbox input, and you want to style it differently. In that case you'd need to overwrite additionally. Plus the current style is styled via {{{.customize-control-checkbox input[type=""checkbox""]}}} as well as with just {{{input[type=""checkbox""]}}}." dingo_d 3 39364 Introduce a trigger to handle a custom queue job and run them dev-feedback Upgrade/Install 4.7 normal normal Awaiting Review enhancement new 2016-12-21T17:03:28Z 2023-03-23T00:11:28Z "While I was creating a plugin which imports theme demos. I have to utilize the `wp.updates` for AJAX way to import and delete the demo packs but unfortunately there are no any trigger which I can utilize to update the queue job for demo by using its action and data in `wp.updates.queueChecker`. As a fix I have introduced a trigger in a patch file :) Any procedure to the extend self-executing anynonmous function `wp.updates.queueChecker` below with only trigger `$document.trigger( 'wp-updates-queue-job', job );` is much appreciated :) {{{ ( function( $, wp ) { var $document = $( document ); wp = wp || {}; /** * The WP Updates object. * * @type {object} */ wp.updates = wp.updates || {}; /** * Sends an Ajax request to the server to delete a demo. * * @param {object} args * @param {string} args.slug Demo Pack. * @param {deleteDemoSuccess=} args.success Optional. Success callback. Default: wp.updates.deleteDemoSuccess * @param {deleteDemoError=} args.error Optional. Error callback. Default: wp.updates.deleteDemoError * @return {$.promise} A jQuery promise that represents the request, * decorated with an abort() method. */ wp.updates.deleteDemo = function( args ) { var $button = $( '.theme-actions .delete-demo' ); args = _.extend( { success: wp.updates.deleteDemoSuccess, error: wp.updates.deleteDemoError }, args ); if ( $button && $button.html() !== wp.updates.l10n.deleting ) { $button .data( 'originaltext', $button.html() ) .text( wp.updates.l10n.deleting ); } wp.a11y.speak( wp.updates.l10n.deleting, 'polite' ); // Remove previous error messages, if any. $( '.theme-info .update-message' ).remove(); $document.trigger( 'wp-demo-deleting', args ); return wp.updates.ajax( 'delete-demo', args ); }; /** * Updates the UI appropriately after a successful demo deletion. * * @typedef {object} deleteDemoSuccess * @param {object} response Response from the server. * @param {string} response.slug Slug of the demo that was deleted. */ wp.updates.deleteDemoSuccess = function( response ) { wp.a11y.speak( wp.updates.l10n.deleted, 'polite' ); $document.trigger( 'wp-demo-delete-success', response ); }; /** * Updates the UI appropriately after a failed demo deletion. * * @typedef {object} deleteDemoError * @param {object} response Response from the server. * @param {string} response.slug Slug of the demo to be deleted. * @param {string} response.errorCode Error code for the error that occurred. * @param {string} response.errorMessage The error that occurred. */ wp.updates.deleteDemoError = function( response ) { var $button = $( '.theme-actions .delete-demo' ), errorMessage = wp.updates.l10n.deleteFailed.replace( '%s', response.errorMessage ), $message = wp.updates.adminNotice( { className: 'update-message notice-error notice-alt', message: errorMessage } ); if ( wp.updates.maybeHandleCredentialError( response, 'delete-demo' ) ) { return; } $( '.theme-info .theme-description' ).before( $message ); $button.html( $button.data( 'originaltext' ) ); wp.a11y.speak( errorMessage, 'assertive' ); $document.trigger( 'wp-demo-delete-error', response ); }; /** * Pulls available jobs from the queue and runs them. */ wp.updates.queueChecker = function() { var job; if ( wp.updates.ajaxLocked || ! wp.updates.queue.length ) { return; } job = wp.updates.queue.shift(); // Handle a queue job. switch ( job.action ) { case 'install-plugin': wp.updates.installPlugin( job.data ); break; case 'update-plugin': wp.updates.updatePlugin( job.data ); break; case 'delete-plugin': wp.updates.deletePlugin( job.data ); break; case 'install-theme': wp.updates.installTheme( job.data ); break; case 'update-theme': wp.updates.updateTheme( job.data ); break; case 'delete-theme': wp.updates.deleteTheme( job.data ); break; default: break; } $document.trigger( 'wp-updates-queue-job', job ); }; })( jQuery, window.wp ); }}} " shivapoudel 4 39370 wp_insert_user() appends suffix to nicename when updating already existing user needs-unit-tests Users 4.6.1 normal normal Future Release defect (bug) new 2016-12-22T14:11:21Z 2020-03-12T02:58:27Z "wp_insert_user() appends suffix to nicename when updating already existing user, even though the user_nicename prop is set to exactly the same value as it currently has. Steps to reproduce: - Asuming you have a user in your wordpress database with the ID 1 and user_nicename set to 'test-nicename'. - If you then make an update using wp_insert_user() of that user and in the update set the user_nicename to 'test-nicename', then wordpress will update the user, but append -2 as a suffix to the nicename. This happens because of a check located on line 1597 - 1609 in wp-includes/user.php {{{#!php get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $user_nicename, $user_login)); if ( $user_nicename_check) { $suffix = 2; while ($user_nicename_check) { // user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix. $base_length = 49 - mb_strlen( $suffix ); $alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . ""-$suffix""; $user_nicename_check = $wpdb->get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $alt_user_nicename, $user_login)); $suffix++; } $user_nicename = $alt_user_nicename; } }}} This code is there to make sure that there are no duplicate nicenames in the wp_users table, which is fine. However it does not take into account updating the nicename of a user with the same value as it currently has. The way to solve it is very easy, only simply changes the if() statement to check the id fethced in $user_nicename_check against the ID of the user currently being updated, like so: {{{#!php get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $user_nicename, $user_login)); if ( $user_nicename_check && $ID != $user_nicename_check) { $suffix = 2; while ($user_nicename_check) { // user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix. $base_length = 49 - mb_strlen( $suffix ); $alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . ""-$suffix""; $user_nicename_check = $wpdb->get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $alt_user_nicename, $user_login)); $suffix++; } $user_nicename = $alt_user_nicename; } }}} This makes prevents the code from appending the suffix when the $user_nicename_check ID matches the ID of the user currently being updated " alfhen 5 39372 Allow count for wp_terms query to count other post statuses as well as published posts reporter-feedback Taxonomy 4.7 normal normal Awaiting Review feature request new 2016-12-22T16:51:55Z 2020-12-23T19:18:41Z "While it is great to use the wp_terms query to get the terms, when counting the number of posts assigned to each of these terms, it would be great if there was a way to be able to include the number of posts that have other post statuses and not just count the number of posts that have been published. At the moment if I want to do this, I have to return all of the terms from a taxonomy and then go through each one and count how many posts are associated with each term for both published posts and draft posts which is a lot more inefficient." roperjonathan 7 39381 Export->Import WordPress menu bug when image is saved as label Import 4.7 normal normal Awaiting Review defect (bug) new 2016-12-23T15:11:28Z 2017-06-06T04:06:22Z "So I use this as ""Home"" content value: {{{ }}} And then I export with: WordPress -> Tools -> Export -> All And then I import with this official plugin: wordpress-importer.0.6.3.zip ( https://wordpress.org/plugins/wordpress-importer/ ) And then I see that it was 'Home' text imported (the actual page name). Another bug is if I leave the field empty, after saving it get gone from Navigation menu at all. While I may want to use CSS for that. And assigning a CSS class to menu item is gone/missing. (or maybe that was from the theme), but I want to have an option to leave a blank element and hook to it's css. " KestutisIT 39382 Skipping term cache cleaning when cache invalidation is suspended Cache API 4.3 normal normal Awaiting Review defect (bug) new 2016-12-23T16:15:41Z 2017-03-17T01:58:09Z "Since v4.3, `clean_term_cache` checks if cache invalidation is suspended, and bails early if it is. This behavior might be a bit obscure and unexpected, based on the documentation of `wp_suspend_cache_invalidation`. I understand that the responsibility of ensuring that the cache is properly invalidated falls on the caller of `wp_suspend_cache_invalidation`, according to the Codex, but I believe that the word ""''cache''"" can be easily misinterpreted as the ''object cache'', not including the (persistent) ''term cache''. Furthermore, even if persistent caches are not invalidated during invalidation suspension, there should probably be a simple function call to purge them all at once. One might suggest using `wp_cache_flush`, as its description states that it ""''removes all cache items''"", but that is also not exactly true, since the word ""''cache''"" does refer to the object cache at this point (expluding persistent caches, e.g. the term cache). I don't exactly think of this as a bug, and I can imagine the performance-related considerations and decisions that led to that behavior. I just believe that, even if nothing changes, a more detailed description of `wp_suspend_cache_invalidation` and `wp_cache_flush` would be really helpful." zachop 4 39387 Responsive Images Broken When Full Size <= 300 px joemcgill has-patch Media 4.4 normal normal Future Release defect (bug) reviewing 2016-12-24T19:02:49Z 2017-05-18T14:27:41Z "A quick test of the srcset feature today showed me that WordPress never includes the ""full"" size image in the srcset when the ""thumbnail"" size is inserted in a post. As a result, if the full size was 300 px, the responsive image feature effectively does nothing. Tested 4.7. Suspect this might go back to 4.4." miqrogroove 14 39389 Customize: Make sure selective refreshed partial placement is scrolled into view Customize 4.5 normal normal Future Release enhancement new 2016-12-24T23:11:57Z 2022-08-26T08:01:45Z As of #36678 there are visible edit shortcuts in addition to the “shift-click to edit” behavior in the preview. This ensures that the corresponding control for a given element in the preview can be focused and discovered. However, there is no corresponding facility to quickly discover and jump to an element in the preview that corresponds to a given control. When making a change in a control any corresponding element (partial placement) in the preview should be scrolled into view. This is a key usability improvement. westonruter 28 39406 Make callback_args filterable in WP_Terms_List_Table has-patch Taxonomy 4.7 normal normal Awaiting Review enhancement new 2016-12-27T15:25:23Z 2019-10-12T00:04:53Z "The callback_args variable is specific to the WP_Terms_List_Table class. It defines a set of core variables that are passed to the get_terms function, and thereby to the generated WP_Term_Query instance. They can't be modified so restricting the default terms displayed to the paginated display of all terms for that post-type / taxonomy association. The reason for this enhancement request is to easily allow the development of drill-down filtering for custom columns, which are added via the filters: {{{ add_action( 'manage_edit-{$taxonomy}_columns', 'add_column' ); add_action( 'manage_{$taxonomy}_custom_column', 'add_column_content, 10, 3 ); // Add the meta data column sortable add_filter( 'manage_edit-{$taxonomy}_sortable_columns', 'add_column_sortable' ] ); }}} It is possible to do this at a lower level in get_terms - from 4.6 at least - using the 'pre_get_terms action' and injecting / over-riding the WP_Meta_Query query_vars['meta_query'] value e.g. with: {{{ add_action( 'pre_get_terms', 'get_terms_meta' ); function get_terms_meta($query) { // store current query vars $query_vars = $query->query_vars; $args = []; $args['meta_query'] = [ [ 'key' => 'meta_key', 'value' => 'meta_value', 'compare' => 'LIKE' ] ]; if ( !empty( $args ) ) { $query->query_vars = array_merge( $query_vars, $args ); } } }}} That requires a deep understanding of core funtions - as well as some core digging! It would be much more flexible if there was an entry point filter that could be used to modify the get_terms args to manipulate by custom field, e.g. {{{ add_filter( 'manage_edit-{$taxonomy}_column_filter', 'column_filter' ); function column_filter( $args ) { // conditions met e.g. $_GET['meta_key'] $args['meta_query'] = [ [ 'key' => 'meta_key', 'value' => 'meta_value', 'compare' => 'LIKE' ] ]; return $args; }}} The column field value could be modified to add the query arg for the meta_key via the column filter detailed earlier. I've hacked it in a test version of the class and it's pretty functional. {{{ $args = array( 'search' => $search, 'page' => $this->get_pagenum(), 'number' => $tags_per_page, ); }}} to {{{ $args = array( 'search' => $search, 'page' => $this->get_pagenum(), 'number' => $tags_per_page, ); $args = apply_filters( 'manage_edit-' . $this->screen->taxonomy .'_column_filter, $args ); }}} Thanks " tifosi 1 39414 New param in plugin_dir_path Plugins normal normal Awaiting Review enhancement new 2016-12-28T09:02:45Z 2019-03-15T01:17:40Z "New param - `path`. Function with this param return full path to file. Examples: {{{#!php Reports -> Daily Reports. Single.php shows the structure in the right way but when I use the same the_category () function inside Search template then it shows the different result. Rather than showing it in the default structure, it shows it like Daily Reports -> HR -> Reports. In search template the structure changes to order by name. The_category working perfectly in other pages." cybentizen 2 39447 Improvement to the get_the_posts_navigation SergeyBiryukov needs-unit-tests Query normal normal Future Release enhancement reviewing 2017-01-03T14:36:31Z 2021-01-27T06:28:38Z "[https://core.trac.wordpress.org/browser/tags/4.7/src/wp-includes/link-template.php] Here at ''get_the_posts_navigation'' the function check global wp query('''Globals['wp_query'\]''') for displaying markup. But in many cases we may need to display the navigation for '''custom wp query''' which has unique query options(max_num_page, post_per_page). So it would be great, if we can check the our custom query's max_num_page. Hope it make sense. Thank you " thirumani02 10 39461 default-preset option for custom background cannot be set by default has-patch Customize 4.7 normal normal Future Release defect (bug) new 2017-01-04T09:29:37Z 2021-05-24T03:01:57Z "I am trying to set a custom background by default for this theme https://wordpress.org/themes/islemag/ . This is my code: {{{ add_theme_support( 'custom-background', array( 'default-image' => get_template_directory_uri() . '/img/islemag-background.jpg', 'default-preset' => 'fill', 'default-repeat' => 'no-repeat', 'default-position-x' => 'center', 'default-attachment' => 'fixed', ) ); }}} When I open the customizer, the default preset option is set on ""fill screen"" but the background image is still small. Everything works great if I change the default preset and then change it back on ""fill screen"" I talked with developers in core channel on slack and @celloexpressions told me this: ''""Currently you need to define the default for each individual property (size, repeat, etc.) in addition to defining the preset. It would probably be better for consistency if each property is set based on the preset if the theme sets a preset.""'' Tried to set each property for custom background but with no luck. " cristian-ungureanu 23 39472 Code tag still parses embeds Embeds 4.7 normal normal Awaiting Review defect (bug) new 2017-01-04T20:55:45Z 2017-02-20T10:57:26Z "WordPress 4.7. The 'code' block in the WordPress editor behaves incorrectly. For example: {{{ Test Test Another www.google.com http://www.google.com https://www.youtube.com/watch?v=JHw6LTuMkNQ Foxtrot Uniform Charlie Kilo }}} Displays as normal code in the wp-admin, but once published it creates an embed on the page. This should not happen and the contents of the code block should be displayed without embeds." rmens 5 39473 get_routes() called multiple times within single REST request causing the rest_endpoints() filter to also fire more than once needs-unit-tests REST API 4.4 normal normal Awaiting Review enhancement new 2017-01-04T21:59:38Z 2023-01-19T23:28:07Z "Hi all, Many thanks for creating the REST API, and also for getting it into core! :) When I had a closer look at how to integrate this in our projects I noticed something peculiar with the rest_endpoints() filter: it is called multiple times over; in some cases twice, in others three times. So I did a little digging around and found that the root cause seemed to be the use of get_routes() at multiple locations: - in the rest_pre_dispatch filter (rest_handle_options_request) - in the rest_post_dispatch filter (rest_send_allow_header) - in the dispatch() itself - in the get_index() method - in the get_namespace_index() method After looking how these locations interact with each other, I couldn't detect any code which altered the generated route map between consecutive calls to get_routes(). I will add a patch in which I propose to store the generated route map in the class, and re-use that one instead of generating yet again the same array (and also re-filtering the same array). Since the name 'endpoints' is already taken, and being used in the initialization as well, I thought it would be prune to use another variable name: $route_map, which is also being used in the current doc-block. I did not profile this patch (not really sure how to do that), so I'm not sure if storing this rather large associative array is a good thing to do. However generating it multiple times (and re-filtering it also) may also be quite 'expensive'. Thanks, Ruud " ruud@… 8 39474 """Update plugins"" button also updates pending translations without express consent, while there's a specific button for that (Update translations)." Plugins 4.7 normal normal Awaiting Review enhancement new 2017-01-04T22:04:19Z 2023-07-09T16:12:47Z "Usability problem in wp-admin/update-core.php If there are at least one pending plugin update AND one pending translation update, the label of the button ""Update Plugins"" should be ""Update Plugins AND Translations"", because that's exactly what it does: it updates BOTH the plugins AND the translations. Otherwise, if the label ""Update plugins"" is to remain as it is now, then it should ONLY update the plugins (and not also the translations, because there's already a specific button for that action). (Windows 7 Pro 64bit + Firefox 50.1.0 64bit + WordPress 4.7.0) " Carlos ASR Dias 1 39475 Customize doesn't consider the hash in the URL after change Customize 3.4 normal normal Future Release defect (bug) new 2017-01-05T03:42:15Z 2021-05-24T03:03:41Z "When I open a page that has a hash in the URL, in the Customize, the behavior wasn't the expected. At least for me. The preview Iframe is loaded in the first time with the hash. But after a setting update, using the refresh transport, the hash disappear. Customizer URL /wp-admin/customize.php?url=http%3A%2F%2Flocalhost%3A8080%2F%23hide-entry-screen First preview Iframe href /?customize_changeset_uuid=e041a773-41df-4fcb-a800-01fa3249233d&customize_theme=senplo&customize_messenger_channel=preview-0#hide-entry-screen Second preview Iframe href (after a change) /?customize_changeset_uuid=e041a773-41df-4fcb-a800-01fa3249233d&customize_theme=senplo&customize_messenger_channel=preview-1 I debugged the customize JS scripts and saw that in the line 796 of the wp-includes/js/customize-preview.js file is set the frame URL. It come from api.settings.url.self value. I cannot identify where this value is the. In a quick test, I concatenated the hash with the URL and the second Iframe was loaded with it." edpittol 2 39487 Default to 'transport'=>'postMessage' for a setting associated with a selective refresh partial noisysocks has-patch Customize 4.5 normal normal Future Release defect (bug) reviewing 2017-01-05T18:44:52Z 2020-11-13T05:32:14Z "As a WordPress developer, it can be confusing when registering a selective refresh partial to a setting doesn't work because I've omitted `'transport'=>'postMessage'` for the setting. When registering a selective refresh partial to a setting, I'd expect `'transport'=>'postMessage'` to be set dynamically for the setting." danielbachhuber 6 39492 upload_post_params and plupload_init filters are not being executed on wp_print_media_templates() Media 4.7 normal normal Awaiting Review defect (bug) new 2017-01-05T20:17:11Z 2018-01-04T18:38:02Z upload_post_params and plupload_init filters are not being executed on the new media upload form located in wp-includes/media-template.php => wp_print_media_templates(). llvasconcellos 1 39493 Include custom post type slug as body class has-patch Themes normal normal Future Release enhancement new 2017-01-05T22:28:27Z 2017-01-06T13:05:07Z "If I have a custom post type `product` and a post with slug `laptop`, then I can create a `single-product-laptop.php` template to render markup specific to this product. ''But'', a template needs styles too. It would be easier to target my CSS specific to this template if `single-product-laptop` was included as a body class." danielbachhuber 3 39495 Can't navigate to subsite without logging in again. Networks and Sites 4.7 normal normal Awaiting Review defect (bug) new 2017-01-05T23:50:39Z 2017-05-02T04:05:13Z "In a multi-site configuration, as a Super Admin user, log in to the root site. Then navigate to the dashboard of a subsite. Expected result: navigate to the subsite unhindered. Actual result: prompted to log in before navigating to the subsite. Problem occurs when we use WP Core 4.7. Problem does not occur on WP Core 4.6. Problem occurs when all plugins are deactivated and uninstalled. Problem occurs on more than one theme." davidmlentz 3 39496 Can't view page preview. General 4.7 normal normal Awaiting Review defect (bug) new 2017-01-05T23:55:18Z 2017-04-15T20:19:15Z "Clicking any Edit link on the list of published pages (wp-admin/edit.php?post_status=publish&post_type=page), and then clicking the Preview Changes button on the edit page, I'm unable to preview the page. Instead I'm presented with the error message ""Sorry, you are not allowed to preview drafts."" Expected result: Clicking the Preview Changes button shows me the page, including the WP Admin bar. Actual result: Clicking the Preview Changes button shows me the error message ""Sorry, you are not allowed to preview drafts."" Problem occurs when we use WP Core 4.7. Problem does not occur on WP Core 4.6. Problem occurs when all plugins are deactivated and uninstalled. Problem occurs on more than one theme." davidmlentz 5 39505 Add an option to add custom classes to comment_reply_link() has-patch Comments 4.7 normal normal Awaiting Review enhancement new 2017-01-06T14:08:03Z 2017-01-06T18:45:38Z In many cases, I want to add custom classes to comment reply link. I can use js or handle comment link string. But it's better if have an option to add custom classes to link via PHP. truongwp 39521 media_handle_sideload does not initialize the caption/excerpt value Media 2.6 normal normal Awaiting Review defect (bug) new 2017-01-09T02:58:05Z 2019-05-16T02:37:04Z "In /wp-admin/includes/media.php changes have been made in the media_handle_upload() function to initialize the caption/excerpt value after an upload. Here's the code: {{{#!php $type, 'guid' => $url, 'post_parent' => $post_id, 'post_title' => $title, 'post_content' => $content, 'post_excerpt' => $excerpt, ), $post_data ); }}} Corresponding changes should be made in the media_handle_sideload() function, which still has: {{{#!php $type, 'guid' => $url, 'post_parent' => $post_id, 'post_title' => $title, 'post_content' => $content, ), $post_data ) }}} " dglingren 3 39535 Canonical redirects disallow tag named comments needs-unit-tests Canonical normal normal Future Release defect (bug) new 2017-01-10T09:04:05Z 2019-02-28T19:41:33Z "The `redirect_canonical` function includes a regular expression replacement which effectively disallows tags named ""comments"" to have an RSS feed: https://github.com/WordPress/WordPress/blob/master/wp-includes/canonical.php#L285 For example: /blog1/tag/comments/feed/ This is redirected to: /blog1/tag/feed/ Could / should the regular expression on line 285 could pay attention to the first placeholder it matched (`comments/?`) or check whether the page is a tag request?" dwc 14 39540 NOT EXISTS meta condition doesn't work if meta has NULL value. needs-unit-tests Query 4.7 normal normal Future Release defect (bug) new 2017-01-10T16:42:19Z 2020-07-14T05:36:51Z "It seems problem exists since meta query class release. Right now NOT EXISTS works only if meta doesn't exist at all, but if it has NULL value we got incorrect result. I understand that better not use NULL values with metas at all, but you allow to write NULL as meta value, so please add possibility to check it. Just need to change string in class-wp-meta-query.php: {{{ $sql_chunks['where'][] = $alias . '.' . $this->meta_id_column . ' IS NULL'; }}} For example on: {{{ $sql_chunks['where'][] = ""$alias.meta_value IS NULL""; }}} And both cases will be covered. Thank you in advance. " avahura 4 39543 Certain Strings When Pasted Into Title Bar Cause Loss of Styling reporter-feedback General 4.7 normal normal Awaiting Review defect (bug) new 2017-01-11T02:32:48Z 2019-03-15T14:51:38Z "To reproduce: 1 - open startpage.com or similar search engine that doesn't use URL redirects 2 - search for string that contains special characters, for example: ""Nova Fátima (Paraná)"" 3 - highlight ""Nova Fátima (Paraná)"" from the top result (https://pt.wikipedia.org/wiki/Nova_F%C3%A1tima_(Paran%C3%A1)) and copy it to clipboard 4 - on /wp-admin/post-new.php paste the content of your clipboard to where t says ""Enter title here"" 5 - ta da" Tranny 3 39544 REST API: Improve users endpoint in multisite REST API normal normal Future Release task (blessed) new 2017-01-11T11:22:13Z 2021-08-17T17:53:20Z "As per the discussion that happened during the past two weeks' multisite office-hours, the REST API users endpoint needs to be improved to support multisite behavior. This ticket is supposed to act as a general task for discussion, and then for the actual implementation smaller spin-off tickets should be opened. Currently, the four steps (possibly four tickets) we're thinking about are: * The users overview at `wp-json/wp/v2/users` should continue to only show users of that site by default, but a request like `wp-json/wp/v2/users?global=true` should show all users in the WordPress setup. This parameter must only be available to network administrators though, more specifically users with the `manage_network_users` capability. In the future a `network` parameter might also be introduced for support of multi networks, but at this point core does not support querying users per network. Accessing global users should be available from all sites in a setup instead of only from the main site. While this approach makes these endpoints duplicates of each other, it has several benefits like preventing the requirement for cross-domain requests, allowing easier API discovery and not requiring the main site of a setup to be exposed to REST API calls to a sub site. * Assigning an existing user to a site and removing a user from a site should generally be only available to network administrators, and the site administrators of the site that is being interacted with. * Similarly, editing a user that does not belong to the current site should only be possible for a network administrator. Currently this is available to site administrators as well which is probably wrong. * Deleting any user completely should only be available to a network administrator. A good way to handle the `reassign` parameter needs to be found though. For background information, please read the posts at https://make.wordpress.org/core/2017/01/09/improving-the-rest-api-users-endpoint-in-multisite/ and https://make.wordpress.org/core/2017/01/11/controlling-access-to-rest-api-user-functionality-for-multisite/ (the latter contains the above list as well)" flixos90 26 39553 Use REST API endpoints for Plupload backend has-patch Media 4.7 normal normal Future Release enhancement new 2017-01-12T01:34:32Z 2023-03-29T14:08:38Z "`async-upload.php` currently handles all our backend uploading needs. However, with the new `POST /wp/v2/media` endpoint in the REST API, we no longer need a specialised API. I had a quick (30 min) go at converting this, and it actually worked out pretty well, which is crazy. There are sure to be a tonne of backwards compatibility concerns to tackle here (especially around the custom parameters that can be passed along), but I'm confident we can tackle them. Working proof-of-concept patch attached. This changes both the Media Library uploader (`wp-plupload.js`) and `media-new.php` (`media_upload_form`/`plupload/handlers.js`)." rmccue 20 39558 A lot of menu classes (and id's) are missing when there's no menu set for a location Menus 4.7 normal normal Awaiting Review enhancement new 2017-01-12T12:45:58Z 2017-01-12T14:02:03Z "When a fallback menu is displayed because no menu is set to a location, a lot of the CSS classes are removed, compared to the same menu when the location is set. Would it be possible for a fallback menu to have the same classes than a menu with a location? It would allow theme developers to use classes instead of tags to style the menu. '''Fallback menu''' {{{
    }}} '''Menu with a location''' {{{
    }}}" benoitchantre 1 39566 WordPress ignoring previously approved comment for some comment authors rachelbaker needs-unit-tests Comments 4.7 normal major Future Release defect (bug) assigned 2017-01-12T15:41:04Z 2018-10-08T02:36:17Z "I seem to have a reproducible bug with the option ""Comment author must have a previously approved comment"". My client has a site that heavily uses guest commenting. They have selected the option ""...must have previously approved comment"". This works well most of the time, however more frequently some guests (identified by email) are being flagged as not having a previously approved comment even though they do. For one author (email) in question I am able to replicate this every time. - All other possible comment moderation disabled. - Comment as the guest in question, comment moderated. - Log in as admin, approve the comment. - Comment a second time as the guest, comment moderated again (shouldn't be) - Disable the option ""must have previously approved..."" - Comment a third time, now the comment is approved automatically. - Re-enable option ""must have previously approved..."" - Comment a forth time, the comment is moderated. This appears to be a bug to me, and I can reproduce it every time. Not sure how to troubleshoot this further from here." rperrett 7 39574 Editor patterns: add empty headings/quotes Editor 4.3 normal normal Future Release defect (bug) new 2017-01-13T14:49:16Z 2019-07-18T06:46:04Z "Currently some patterns normally only work if there's other text after the leading character(s). I you type `## Test` and press enter, a new h2 element will be created. If you type `##` followed by zero or more spaces, no heading is added and the `##` stays ""normal"" text. I think this is and should be the intended behaviour, so no empty elements are created. But if yout enter `## Test`, then move the cursor between `##` and Test followed by pressing enter, an empty heading will be created and the resulting html looks like this: {{{

    Test }}} Until switching to the text editor and back, you are not able to add text to the heading because it doesn't show up in visual mode. When doing the same with `>`, it doesn't create an empty blockquote, but removes the leading char. The visual editor is then adding an additional line of whitespace, where you can't put your cursor in. This line disappears also after switching to text mode and back. I've tested with WP 4.3 and 4.7.1. " mahu2401 1 39587 link problems with language settings dev-feedback I18N 4.7 normal normal Awaiting Review defect (bug) new 2017-01-15T01:10:15Z 2023-04-05T12:19:10Z "Dear Developers! After WP versiion 4.7 i think i found a bug it is not listed. In version 4.7 we have the option to have a X site language but with Y language admin dashboard. (clever idea Cheers for it!!) But if i use the dashboard in Y language >>> it changes the links (after you edit something) language to Y language. (maybe it is related ~only in/with woocommerce) for example the link changes from ""product"" to ""termek"" or vica-versa... makes many pages unreachable... let me know if you need any further information or help! Very Best regards!! Ben" aansel 17 39593 Improve DocBlocks in class-automatic-upgrader-skin.php has-patch Upgrade/Install normal normal Future Release defect (bug) new 2017-01-15T15:45:03Z 2021-07-27T04:29:07Z "Missing DocBlock Description and wrong @param formatting in: wp-admin/includes/class-automatic-upgrader-skin.php public function feedback( $data ) " carl-alberto 10 39599 Customizer: when no title on page it adds weird content in navigation link has-patch Customize normal normal Awaiting Review enhancement new 2017-01-16T12:40:14Z 2017-07-26T01:46:39Z "I understand that that there may need to be a title, however if you have a page and remove the title you then get the following: [[Image(https://cldup.com/sc4tmiokFB.png)]] The output being `#20 (no title)` does make sense but couldn't we increase the usability here and just have it say 'no title'? Do we have to have `#20`?" karmatosed 9 39603 The more posts with similar names you have, the slower you save the next one has-patch Posts, Post Types normal normal Awaiting Review enhancement new 2017-01-16T14:51:13Z 2021-06-16T13:09:56Z "Hello, developers! Thank you for your work on Wordpress! While using Flamingo for saving Contact Form 7 submissions, I encountered a huge slowdown after more than 11 000 submissions had been saved. I thought it was a Flamingo problem, but it appears that all autogenerated post-types in Wordpress can cause this problem. Contact Form 7 saves submissions as posts with 'flamingo_inbound' type, and uses 'your-subject' slug when a form doesn't have a subject (which is my case). So, in all saved form submissions I have 'your-subject, your-subject-2, ..., your-subject-N' slugs generated by wp_unique_post_slug(). The problem is that for every new 'your-subject-N' slug wp_unique_post_slug() issues N-1 SELECT queries. In other words, wp_unique_post_slug() bruteforces a new possible slug, generating a lot of SQL queries fetching all previously saved similar posts. You can see it if you run the attached 'generate-many-posts.php' script from your Wordpress root (more and more queries will be used for saving every new post). Also, let me suggest a solution. With the attached patch we don't bruteforcing the slug suffix. We just get the last appropriate slug, increment it's suffix, and than use this suffix in a new unique slug." bisyarin 10 39609 "Customizer should display ""Fade"" effect for entire iFrame for settings using partialRefresh when selector is not visible" Customize 4.5 normal normal Future Release enhancement new 2017-01-17T01:30:41Z 2017-11-06T17:26:53Z "When modifying the value of a setting in the customizer that uses partialRefresh for the transport, typically, the element that is being modified on the live site fades out as the customizer replaces the element with the correct output. This gives the user a nice visual letting them know to be patient as the output is modified. In some cases, the element being modified may not be visible in which case there is no cue to the user to let them know things are being updated. A good example would be an advanced setting for changing the color scheme of the site which adds inline CSS to the head tag. Here is a little video example: https://cl.ly/illS (I don't use postMessage for this setting because there are filters in place so developers can hook in custom elements to be modified and for 3rd party plugin support). I'm sure there are other circumstances where a setting may be altering a ""hidden"" element. This is just one example and while there is very little delay in my specific example, I believe for consistency and UI purposes it would make sense to add the extra check to see if the element is visible and if not fade-out the whole iFrame during the refresh process. Thank you for considering!" AJClarke 3 39613 Use Shift + Delete to bypass Trash/Prompt Administration normal normal Awaiting Review feature request new 2017-01-17T08:24:39Z 2017-07-10T16:10:59Z "There are times where deleting many single items is necessary, but the bulk edit interface isn't desirable. For these situations, it might be nice to have a Shift + Delete interface, that bypasses the warnings and sends items straight to being permanently deleted. bbPress is my current example of this, where it's not uncommon to want to cherry-pick several topics/replies for different bulk actions in the same view, or mass-delete topic tags where dozens of spam tags exist and clicking ""Delete"" in every action-row brings up a dedicated prompt. Yes, you can check the boxes and use Bulk Edit to delete them, but UX wise that approach requires a bit more planning than you usually want to do when you're in cleanup mode. It isn't comfortable to queue up a bunch of internal todo's just to moderate a queue of topics & replies, but it does feel comfortable to have identified something needing doing, and to be able to do that think as quickly as possible." johnjamesjacoby 2 39614 Video header: Support free formats like .webm/vp8 and .ogv/theora Customize 4.7.1 normal normal Awaiting Review enhancement new 2017-01-17T16:15:52Z 2017-03-13T00:51:54Z It seems like the theme do not support free formats like webm or ogv. This concerns me as the web should use open standards and not closed ones. Content wise, WordPress supports the use of both mp4 and webm to provide broader support of browsers and it seems like the same practice should be applied here. As I'm not a great programmer I will just create this ticket as a suggestion. fnadde42 3 39617 Improve the Dashboard Screen and Welcome dashboard widget Administration 4.7.1 normal normal Awaiting Review enhancement new 2017-01-17T20:04:18Z 2017-03-23T19:03:03Z "Currently the welcome dashboard widget only offers a few options, it does not cover making sure that a new has added a site name, site description, set permalinks or made sure that a user has created their first page and post on the site. https://codex.wordpress.org/Dashboard_Screen#Welcome Giving users a better flow from the dashboard screen would help them get started on their site." lukecavanagh 10 39618 Insert PDF Thumbnail into Editor Media 4.7 normal normal Future Release enhancement new 2017-01-17T22:00:29Z 2019-12-09T15:38:51Z "[38949] is awesome, but the next logical move is to allow content editors to easily insert the PDF thumbnail into the Editor upon Insert Media. There will need to be a UI for allowing the content editor to choose whether to insert the image or the textual link. The easiest place for this to live without a major UI overhaul would be in the Insert Media workflow itself. In fact the ""Size"" pull-down menu doesn't really do anything right now for PDFs, so it would be a good place to add an option ""Document Link Only"", and then honour the other sizes when selected and actually insert the image. " tomauger 10 39623 Twenty Seventeen: Consider removing custom header from internal pages if selected video header Bundled Theme normal normal Awaiting Review enhancement new 2017-01-18T14:53:04Z 2024-02-22T08:13:21Z "This came up as I first off didn't even notice I still had default custom header until went to that blog page on the front end. It felt logical to me that the video header I had set would continue in the main site or at least I'd not still see the default header image." karmatosed 1 39624 Misleading warning when editing the page_for_posts page Posts, Post Types normal normal Awaiting Review defect (bug) new 2017-01-18T14:58:00Z 2018-01-15T17:44:25Z "Whilst I was using Twenty Seventeen, I discovered some unusual page locking. It seemed the blog page was locked and I was unable to edit it, despite it being apparently not locked. I've not experienced this before and whilst it feels like a rare experience, I wanted to bring it to attention incase there was something deeper wrong. [https://cldup.com/qn5iA2HXBR.mp4 Here is the video.] Along with this, I experienced a further issue that I almost feel needs another ticket but going to throw it in together. I found I could upload and change featured images, despite a page lock. This felt weird and something I'd expect to not be able to happen. Note: I can't see a pages component so putting under posts but unsure if correct placement." karmatosed 4 39625 Give an error message when a non-image is uploaded for featured image has-patch Media normal normal Future Release defect (bug) new 2017-01-18T15:04:41Z 2023-06-07T15:22:53Z "I was able to upload a video but it didn't error, it just didn't show. I feel we should give some feedback that this isn't supported. Yes, it doesn't add the video but it shouldn't just reshow the 'add' call. This is what you see after having seemingly gone through upload working - the video shows in media browser. [[Image(https://cldup.com/272Cq89Sl0.png, 40%)]]" karmatosed 22 39626 Add video poster in media browser Media normal normal Awaiting Review enhancement new 2017-01-18T15:07:26Z 2020-03-02T16:17:23Z "When you upload images you get to see amazing thumbnails in the browser. This unfortunately isn't the case for videos. Could we somehow have this? This is what we currently have: [[Image(https://cldup.com/yK6Hu9pZgw.png, 50%)]]" karmatosed 7 39630 PDF Thumbnails in Media Library Don't Fall Back to Full Size antpb has-patch Media 4.7 normal normal 6.6 defect (bug) assigned 2017-01-18T17:49:37Z 2024-02-29T12:11:12Z "When previewing uploaded files in the Media Library, image thumbnails fall back to displaying the full size image when the option `medium_size_h` is set to `0` (the `0` setting is used to stop WordPress generating thumbs at that size). The same functionality does not work for uploaded PDFs, instead displaying `wp-includes/images/media/document.png` in their place. The full-size thumbnail is generated, but not used. The '''Attachment Details''' modal window successfully falls back to the full size image when previewing a PDF under the same circumstances." daleharrison 21 39632 Adding Query identifier attribute Query normal normal Awaiting Review feature request new 2017-01-18T19:55:17Z 2017-06-07T21:13:26Z "You create any query by passing the arguments to `WP_Query`. What will happen if we add the custom query identifier `_id` like this? {{{#!php 'custom_name', ... ); $q = new WP_Query( $args ); }}} Nothing bad, and one good thing. Using this `_id` I can work with filters like `posts_where` super easy. This would work for many other filters from ''wp-includes/class-wp-query.php'' {{{#!php query will hold the query arguments ... if ( 'custom_name' == $q->query['_id'] ){ // do our improvement on $where return $where. } return $where; } add_filter( 'posts_where', '_20170118_posts_where', 10 , 2 ); }}} If you need more details here is the original [http://wordpress.stackexchange.com/questions/252246/how-to-detect-custom-query-inside-posts-where-hook/252406#comment375812_252406 example]. This already works, but we can benefit more if we add the `_id` for all WordPress core generated queries? This should happen just after `WP_Rewrite` returns the query arguments, based on the query flags. Let's test the future in case of main search query ( `$is_search` flag is true ). You may write like this to address the search query: {{{#!php is_main_query() && $q->is_search() ){ ... // do something with $where } return $where; }}} but with the `_id` '''main-search''' argument, you could write: {{{#!php get( '_id' ) ){ ... // do something with $where } return $where; }}} This is somehow similar to the threads #15063 and #23833, but not exactly. What would be the gain? WordPress query programming may become simpler, and queries may be managed using '''human-readable''' names. " prosti 39635 Make insertion of generic dismissible notices in frontend code possible Administration 4.7.1 normal normal Awaiting Review feature request new 2017-01-19T02:51:45Z 2020-02-15T10:41:45Z "As a plugin developer I want to employ dismissible notices on an admin screen. All is fine as long as I use the hook in server-side code to insert them on page load. But if I want to use them in frontend code (for example to notify users of Ajax events), the only way to access the initialisation code is to hijack one of the events in [source:trunk/src/wp-admin/js/common.js#L415 common.js#L415] - with possibly heavy side effects. It would be easy to add a generic event like `wp-notice-added` that is not used by specific actions to make the live of developers easier." ccprog 1 39636 Smilies not converted when directly followed by punctuation marks dev-feedback Formatting 4.7.1 normal normal Future Release enhancement new 2017-01-19T10:29:30Z 2022-04-11T03:02:17Z "Steps to recreate: - Create a new post or comment - Insert a smilie directly followed by a period or other punctuation mark such as :). - View the post or comment Expected: Ideally the smilie would show followed by the punctuation mark. I've attached a screenshot showing how a post with the following text appears. Smiles with a space between them and the punctuation mark show, but the others do not. {{{ This is a test :). It uses smilies :) If a smilie has punctuation directly after, it is not converted :(! :( The expected behavior would be to look like this: :) ! :) , However instead they appear as this :)! :), }}} " ourvalley 4 39639 Increase cache time on wp_get_available_translations() I18N 4.8 normal normal Awaiting Review enhancement new 2017-01-19T15:02:46Z 2017-01-19T20:11:20Z "Currently there's no nice way of retrieving a full list of supported languages / locale codes from WordPress. The closest seems to be: {{{ require_once( ABSPATH . 'wp-admin/includes/translation-install.php' ); $languages = wp_get_available_translations(); }}} This calls the WordPress.org API to retrieve the list, making this approach not wholly suitable outside of its original intended use during WordPress install. The results are currently cached for 3 hours so it's not that the API will be called every time this function is called, however it seems that the 3 hours could be extended reasonably safely without causing any detriment. Patch attached that extends the cache time to 24hrs. " leewillis77 3 39641 "Idea: Move ""Updates"" from ""Dashboard"" to ""Tools""" dev-feedback Upgrade/Install normal normal Awaiting Review enhancement new 2017-01-19T17:15:05Z 2017-01-20T19:59:15Z "When plugin/theme/core updates are available, a new submenu gets added to `wp-admin` for ""Updates."" IIRC, this location was picked because for a few reasons: * Updates are important, so put them towards the top * There is no ""Notification Center"" so this is the next best place * This is the site communicating to the user, so ""Dashboard"" has a logical association Revisiting this, having had this show up for myself recently, ""Dashboard"" suddenly felt... off... * Updating software in other large projects is actually a bigger deal, with dedicated top-level sections for managing it all * WordPress is logically progressing towards software updates being as invisible to the user as comfortably makes sense * ""Dashboard"" shouldn't be a dumping ground for ""this has no other home"" type pages * A ""Notification Center"" for individual users exponentially complicates how this interface works. Do ""global"" notifications exist? Does clearing it for one user clear it for all users? How do we re-check, without user-transients? Obviously, all of this is premature for this idea anyways... So, this got me thinking about our other ambiguously named top-level-menu item: ""Tools"" * Upgrades and updates are technically tools being ran with a mostly-acceptable interface on top of them * The ""Available Tools"" page is a pretty lonely place to be * Plugins already have started putting their own tools in that tools menu, so why not core? I'll attach a screenshot of a relocated submenu to help visualize, and please feel free to close this issue if the notion is premature or silly or whatever." johnjamesjacoby 2 39645 "If user ""admin"" doesn't exist (renamed admin account) users can create a user with username admin" has-patch Users 4.7.1 normal normal Awaiting Review defect (bug) new 2017-01-20T04:42:20Z 2023-04-26T21:01:41Z "I am not sure whether this is a bug, should be discussed or changed. I have renamed my ""admin"" account to something else for security reasons. I was surprised to see a person being able to create a user with username ""admin"" due to the email address given ""admin@example.com"". I cannot count the amount of script kiddies trying to get into the installation everyday using 'admin' ... so having a user with username ""admin"" it is a little bit of a security problem. Should there not be a way to disable the creation of particular usernames? Should this be done through wordpress core? Would this not be a good feature to have that certain usernames cannot be created? " jobst 18 39647 "Make media upload ""HTTP error."" more user-helpful" has-patch Media 3.4 normal normal Future Release defect (bug) new 2017-01-20T06:58:59Z 2019-09-25T16:18:14Z "Since the introduction of the Media Gallery in WordPress 3.4, the error messages when users attempt to upload media have been reduced to a detail-less “HTTP error.”, without any suggestion as to how users can move forward, and limited information for users to be able to contact their hosts to get help. This is user hostile, and not in line with many of the assertions in [https://wordpress.org/about/philosophy/ WordPress Philosophy]. There’s no doubt that error messages must exist, but they should be useful, providing next steps for users. A few possible parts/steps of this: - Retry - Auto Retry - Better error messages where possible (Timeout, Out of Memory, in user terms) - Expand for Exact Details to give to host (or WP_DEBUG enables this?) - Troubleshooting Steps, or link to troubleshooting steps This should be possible to accomplish in stages, which will likely each need their own tickets. One of the first steps for ""Retry"" is to make image upload/thumbnail creation able to be resumed, rather than only adding the meta after all sizes are created." kirasong 33 39651 Find Posts modal does not show post-type labels correctly Posts, Post Types 4.7.1 normal normal Future Release defect (bug) new 2017-01-20T11:59:21Z 2017-01-21T02:22:58Z "The screenshot shows the output of four different posts in the '''Find Posts Modal'''. The last two post are correct, at the first and second post the post-type-label (e.g. cpt_example) is missing. The problem is the post-type parameter ""''public''"", if it is set to ""''false''"" the label will not be shown AND you will get the following PHP-Notice (if DEBUG is true): {{{ Undefined index: cpt_example in ... /wp-admin/includes/ajax-actions.php on line 1803 Trying to get property of non-object in ... /wp-admin/includes/ajax-actions.php on line 1803 }}} At the following code (1745 ff.) you will notice the reason of this issue: '''$post_types''' only includes '''public posts''' {{{#!php true ), 'objects' ); ^^^^^^^^^^^^^^^^ }}} The output of this modal shows all posts (public and unpublic), so i don't think that this ""filter"" was set for security reasons. In my opinion it must either show all posts correctly with their labels (which would be great) or it must suppress all ""unpublic"" posts completely. " arkonisus 1 39653 WP_Http_Cookie changes reporter-feedback HTTP API normal normal Awaiting Review enhancement new 2017-01-20T14:56:16Z 2017-01-20T15:30:30Z "1. The WordPress convention is to use underscores instead of camelCase for function and method change 2. add new param to return array in get_attributes method 3. change parse_url to wp_parse_url" sebastian.pisula 1 39656 Create a submenu item under About admin bar for security Security 4.7.1 normal normal Awaiting Review enhancement new 2017-01-20T21:59:37Z 2017-01-23T18:02:38Z "Make it easier for users to find the WP hardening information, from the About menu in wp-admin. {{{
  • Security
  • }}} " lukecavanagh 2 39665 Customize: nav menu fallbacks don't get edit shortcuts has-patch Customize 4.7 normal normal Future Release defect (bug) new 2017-01-22T22:40:36Z 2017-10-18T19:52:19Z "`wp_nav_menu()` defaults to showing a menu of pages when no menu is set in a location. This is usually the case when a user first switches to a new theme. Since content is shown in the menu, I would expect to see an edit shortcut to be able to change what menu is displayed. But there isn't one. This is likely a bit of a technical challenge, but should be possible since the menu location is still there. There is a full refresh when switching a location to have an actual menu, so it's likely a matter of adding selective refresh support for menu fallbacks." celloexpressions 16 39666 "Put front page on top of ""All pages"" list" dev-feedback Posts, Post Types normal normal Future Release enhancement new 2017-01-23T03:33:36Z 2020-02-27T21:57:27Z "I'd like to see the front page and blog page as first elements in the pages list (if such are set of course), no matter what priority they may have. What do you think? Screenshot follows." Presskopp 13 39670 urlencoded non-alphanumeric permalink Permalinks 4.8 normal normal Awaiting Review defect (bug) new 2017-01-23T16:47:15Z 2020-12-15T21:49:22Z "I don't know it is the problem of wordpress or not. It may yes or it may other problem like server or php setting. When I update new version of wordpress, some permalink that contains non-alphanumeric characters not working. Because $req_uri of WP::parse_request() in class-wp.php has urlencoded. So I think it's better to urldecode to proceed parsing. {{{#!php list( $req_uri ) = explode( '?', $_SERVER['REQUEST_URI'] ); $req_uri = urldecode($req_uri); // added to fix urlencoded permalink $self = $_SERVER['PHP_SELF']; }}} " jeongsu 3 39674 Special characters are encoded in the database, for site settings options Formatting 4.7.1 normal normal Awaiting Review enhancement new 2017-01-24T09:50:40Z 2017-01-24T09:53:18Z "If you change the name of the blog in the settings page, for example to ""Donald's blog"", we can see in the mysql database, the result is ""Donald's blog"" for the '''blogname''' option name, so I can not understand why this happening, I think in the database the result should be the same of what we type. All sensitization actions I think must be used on the front (page view) side not on the database side (before submitting to the database). I use Windows 64b, PHP: 7.0.4, WordPress: 4.7.1 " alexvorn2 39678 "get_term_by slug with ""0"" as value" has-patch Taxonomy 4.7 normal normal Awaiting Review defect (bug) new 2017-01-24T15:48:34Z 2021-09-21T09:43:13Z "Executing this code get_term_by('slug','0','taxonomy_name') my expectations were to obtain a taxonomy term, considering that one actually exists in my database, but instead the function returned false due to the PHP empty function returning true (see https://core.trac.wordpress.org/browser/tags/4.7/src/wp-includes/taxonomy.php#L844). The empty function behaves according to documentation (http://php.net/manual/en/function.empty.php) but the string ""0"" should be accepted to be searched if it is possible to use it to create a taxonomy term." fausonealessio 2 39679 Redirect loop on attachment pages Media 4.7.1 normal normal Awaiting Review defect (bug) new 2017-01-24T17:12:11Z 2018-09-03T15:48:54Z "Summary: a URL to an attachment page will redirect to itself in an infinite loop in certain cases. Speculation: this may be due to my permalink structure, which would be why others are not complaining about it. This issue depends on the letter case of the URL. The attachment pages exist, and there is a method that allows them to be accessed, however they cannot be reached if the link is all lowercase letters. Because that is the link generated by the Media Library, users can encounter this. It took me a while to convince myself that this is a WP core issue because it does not happen on all servers. After adding logging code to some of the action hooks, I could see that a URL comes in and then generates a redirect, using `wp_redirect`, to the exact same URL that was requested. My permalink structure is `/%postname%.html`, and the WP portion of the site is in a subdirectory, so WP pages are accessed as: http://yourfriendpaul.com/wp/shredding-on-my-guitar.html Trying to reach the attachment page using this URL will result in an infinite loop: http://yourfriendpaul.com/wp/shredding-on-my-guitar.html/good-at-shredding-dscn4850-1200x900 Trying to reach it with this one will succeed, note the uppercase C. Making ANY letter in path uppercase will make it succeed: http://yourfriendpaul.com/wp/shredding-on-my-guitar.html/good-at-shredding-dsCn4850-1200x900 To complicate matters further, this does not happen on my Ubuntu server, but does happen on GoDaddy with the exact same database (other than site name). This is my first bug report, so I'm not sure how much info to put in the initial report. The following is an excerpt from my error log, with some notes added. Sorry for the formatting, it is just pasted. Thanks in advance for looking into this. Paul The data is captured using the error log. The first entry is made in wp-config. The next 3 lines are when yfp_functions is loaded. It creates the function that prepends `**yfplog` to an error message. The final three lines are from the action hooks indicated. {{{ ` # A call in all lowercase has multiple tries, in bursts, which loop and cause 301 redirects to the original URI, ` # but one uppercase letter avoids any redirects and finds the content. Only two of the redirects are shown. ` ` [24-Jan-2017 06:19:04 UTC] *** in wp-config.php, REQUEST_URI is /wp/shredding-on-my-guitar.html/good-at-shredding-dscn4850-1200x900 ` [24-Jan-2017 06:19:04 UTC] **fyplog - *** Log writing is enabled in yfp_functions, making funcion yfp_write_log() ` [24-Jan-2017 06:19:04 UTC] **fyplog - script: /wp/index.php ` [24-Jan-2017 06:19:04 UTC] **fyplog - uri: /wp/shredding-on-my-guitar.html/good-at-shredding-dscn4850-1200x900 ` [24-Jan-2017 06:19:04 UTC] **fyplog - wp_loaded() action was called. ` [24-Jan-2017 06:19:04 UTC] **fyplog - wp_redirect() action was called, location: http://YourFriendPaul.com/wp/shredding-on-my-guitar.html/good-at-shredding-dscn4850-1200x900, status: """" ` [24-Jan-2017 06:19:04 UTC] **fyplog - wp_redirect_status() action was called, location: , status: ""301"" ` ` [24-Jan-2017 06:19:04 UTC] *** in wp-config.php, REQUEST_URI is /wp/shredding-on-my-guitar.html/good-at-shredding-dscn4850-1200x900 ` [24-Jan-2017 06:19:04 UTC] **fyplog - *** Log writing is enabled in yfp_functions, making funcion yfp_write_log() ` [24-Jan-2017 06:19:04 UTC] **fyplog - script: /wp/index.php ` [24-Jan-2017 06:19:04 UTC] **fyplog - uri: /wp/shredding-on-my-guitar.html/good-at-shredding-dscn4850-1200x900 ` [24-Jan-2017 06:19:04 UTC] **fyplog - wp_loaded() action was called. ` [24-Jan-2017 06:19:04 UTC] **fyplog - wp_redirect() action was called, location: http://YourFriendPaul.com/wp/shredding-on-my-guitar.html/good-at-shredding-dscn4850-1200x900, status: """" ` [24-Jan-2017 06:19:04 UTC] **fyplog - wp_redirect_status() action was called, location: , status: ""301"" ` ` [24-Jan-2017 06:19:49 UTC] *** in wp-config.php, REQUEST_URI is /wp/shredding-on-my-guitar.html/good-at-shredding-dsCn4850-1200x900 ` [24-Jan-2017 06:19:49 UTC] **fyplog - *** Log writing is enabled in yfp_functions, making funcion yfp_write_log() ` [24-Jan-2017 06:19:49 UTC] **fyplog - script: /wp/index.php ` [24-Jan-2017 06:19:49 UTC] **fyplog - uri: /wp/shredding-on-my-guitar.html/good-at-shredding-dsCn4850-1200x900 ` [24-Jan-2017 06:19:49 UTC] **fyplog - wp_loaded() action was called. ` [24-Jan-2017 06:19:49 UTC] **fyplog - ******* in function get_attachment_link() ` [24-Jan-2017 06:19:49 UTC] **fyplog - ******* in function get_attachment_link() ` [24-Jan-2017 06:19:49 UTC] **fyplog - ******* in function get_attachment_link() ` [24-Jan-2017 06:19:49 UTC] **fyplog - ******* in function get_attachment_link() ` [24-Jan-2017 06:19:49 UTC] **fyplog - ******* in function get_attachment_link() ` [24-Jan-2017 06:19:49 UTC] **fyplog - ******* in function get_attachment_link() }}}" OPunWide 7 39681 Add RGBA to Customizer color picker Customize normal normal Future Release feature request new 2017-01-24T18:39:25Z 2019-02-08T17:15:54Z "It would be helpful to provide a UI for changing color opacity in the Customizer's color picker. Some prior discussion about supporting RGBA in Iris here: https://github.com/Automattic/Iris/issues/13 See #21059" melchoyce 10 39687 Request headers sent incorrectly from `WP_Http` to `Requests` dev-feedback HTTP API normal normal Awaiting Review defect (bug) new 2017-01-25T12:02:48Z 2017-01-27T08:51:23Z "While having a closer look at Requests (and also the way it is used in WP), I noticed something that appears to be a bug. The `$headers` variable that is passed from `WP_Http::request()` to `Requests::request()` is an array of `$key => $value` pairs where `$value` may be an array itself in case multiple values for that header have been passed to `WP_Http::request()`. However, the Requests library expects each `$value` of the `$headers` array to always be a string, as it uses `sprintf()` with it directly (the passed `$headers` array is sent through `Requests::flatten()`). This can cause issues when specifying multiple headers of the same name." flixos90 3 39695 Add preload headers in redirects needs-unit-tests HTTP API normal normal Awaiting Review enhancement new 2017-01-25T22:09:45Z 2017-02-27T09:32:49Z "http2 push enabled servers can immediately push linked assets or documents for the client. This saves clients from one round-trip. At the moment at least Cloudflare and h2o web server can http2 server push assets defined in Link headers: https://www.w3.org/TR/preload/#server-push-http-2. I believe more will follow in the next few years. WordPress powers so much of the web that it's our responsibility to try to make it as fast as we can. This is usually quite hard topic because we have no idea what is stored in the client browser cache. We can start implementing the Link preload headers in internal redirects because in that situation it's quite obvious that the client wants to make that request as their next one. This is what I want to achieve {{{ $ curl --http2 -i https://wordpress.test/wp-admin/ HTTP/2 302 ... Location: https://laextra.test/wp-login.php?redirect_to=https%3A%2F%2Flaextra.test%2Fwp-admin%2F&reauth=1 Link: ; rel=preload; as=document }}} I created a patch which adds these headers automatically in '''wp_redirect()''' function. Links about http2 server push: https://blog.cloudflare.com/announcing-support-for-http-2-server-push-2/ https://h2o.examp1e.net/configure/http2_directives.html" onnimonni 4 39699 Filter to check XML-RPC data before any DB insertion has-patch XML-RPC 4.8 normal normal Future Release enhancement new 2017-01-26T11:03:08Z 2017-10-03T03:39:32Z "After searching into XML-RPC server class code, I realized that it seems that there isn't way to check XML-RPC input data before starting to insert/update any rows to database nor to return an `IXR` custom error message. For example for new post, in order to check custom fields, a possible workaround is to use `wp_insert_post_empty_content` filter, but we are unable to customize the error message. Moreover at this point some DB rows are inserted, so inside the filter above we have to call `wp_delete_post` manually in order to clean DB (taking care to check `auto-draft` post status). In the case of editing post, things get a bit more complicated, so we could use transactions with the help of `xmlrpc_call`/`wp_insert_post` actions. So, the patch aims to add a new filter named `xmlrpc_before_insert_post` that allows to do this check in a more robust manner (for `wp.newPost` and `wp.editPost` XML-RCP methods). Typical usage: {{{#!php see signup-activate-1.patch If running `wp()` is required for a reason i don't see, a query could still be saved and it could be interested to use this to set a ""page"" title for the `` tag. > see signup-activate-2.patch " imath 2 39706 Add $unique param to add_{$meta_type}_meta actions Options, Meta APIs normal normal Awaiting Review enhancement new 2017-01-26T17:11:05Z 2017-01-26T17:16:36Z "The hooks `add_{$meta_type}_meta` and similar provide context about `$object_id`, `$meta_key`, `$_meta_value` and such, but do not tell whether the meta data added or updated is supposed to be `$unique`. Adding this information could be helpful. My use case for instance is propagating meta data across posts." barryceelen 1 39707 Create onboarding flowchart for users of WP.org installations Administration 4.7.1 normal normal Awaiting Review enhancement new 2017-01-26T17:42:47Z 2017-04-03T16:45:50Z Chatting in the [design channel on Slack](https://wordpress.slack.com/archives/design), we believe documentation should exist for user onboarding. While this is somewhat related to the customizer project for setting up an install, a general user flowchart should be created. alwaysbrightblue 14 39708 Provide suppress_actions argument on WP_Query::get_posts or apply suppress_filters to pre_get_posts Query 4.7.1 normal normal Awaiting Review enhancement new 2017-01-26T18:03:33Z 2018-07-03T16:12:19Z "{{{#!php <?php public function get_posts() { global $wpdb; $this->parse_query(); /** * Fires after the query variable object is created, but before the actual query is run. * * Note: If using conditional tags, use the method versions within the passed instance * (e.g. $this->is_main_query() instead of is_main_query()). This is because the functions * like is_main_query() test against the global $wp_query instance, not the passed one. * * @since 2.0.0 * * @param WP_Query &$this The WP_Query instance (passed by reference). */ do_action_ref_array( 'pre_get_posts', array( &$this ) ); // Shorthand. $q = &$this->query_vars; }}} I'm proposing that, just like we have `$q['suppress_filters']` that we add a `$q['suppress_actions']` to prevent actions like `pre_get_posts` from running (which is essentially a filter) on my query (if I want). We could also apply `$q['suppress_filters']` to the `pre_get_posts` action since the user can modify the query since it's passed by reference, and may not create another argument, but it is not really a filter. I'm not sure how this idea could be problematic, nor can I think of any reason why we couldn't do anything like this, but I thought I'd at least open it up for discussion and see what becomes of it. I guess my question really is why can I suppress filters but not actions?" aubreypwd 1 39709 Add filler content to New Site Registration email to avoid space ratio spam rule Mail normal normal Awaiting Review enhancement new 2017-01-26T19:57:08Z 2017-03-09T15:03:08Z "I noticed SpamAssassin on helpscout.net is coming very close to flagging the `New Site Registration` emails as spam. The biggest rule being triggered is [https://wiki.apache.org/spamassassin/Rules/TVD_SPACE_RATIO `TVD_SPACE_RATIO_MINFP`], with a weight of `2.5`, getting the message 50% of the way to the the default threshold of `5`. That rule looks for excessive whitespace in the message body, and I'm guessing it's being triggered by the high ratio of newlines to paragraph text. I uploaded [http://pastebin.com/tDyEfShL a pastebin with the full headers and body]. I don't have time right now to verify whether or not helpscout.net is using the default SpamAssassin configuration, or if they've weighted this rule more heavily for some reason, but even if they have, it seems likely that others will as well. Additionally, the current message text seems like poor UX, and I think the fix for the spam issue would also fix that. I think the fix would be to add some filler text to the message body, to decrease the ratio of newlines to paragraph text. e.g.: > Howdy, this is your WordPress multisite installation at {example.org}. I thought you'd like to know that a new site was created. The details are below: It doesn't really matter what the text is, as long as it's a normal sentence or two, so whatever makes the most sense from a UX point of view will probably be fine. If the new text does include the domain name, I think we should avoid entering a full URL, because that could trigger other spam rules. (As an aside, I think it's generally a bad idea to include URLs in emails, since it trains users to expect and click them, which makes them more vulnerable to phishing. That's another ticket, though.) I think the next steps for this ticket would be: 1. Reproduce the issue with a local SpamAssassin instance, to verify that `2.5` is the default score for this message (rather than something Help Scout modified) 1. Test that adding some filler text will prevent the rule from being triggered. I don't think it'll really matter what the text is, for the purposes of testing. 1. Decide on what the best text would be from a UX perspective" iandunn 1 39711 Allow network administrator to network activate/deactivate/delete a plugin on sub site plugin list table has-patch Networks and Sites normal normal Awaiting Review enhancement new 2017-01-26T21:33:11Z 2017-11-22T19:50:52Z "Hello, Before thinking of greater enhancement about plugin management for Multisite, I would like to bring this little enhancement : Allow network administrators (super admin by now) with the manage_network_plugins cap to network activate/deactivate/delete a plugin on the sub site plugin list table. I just point the actions to the Network URL, so after an action is made, the user is automatically redirected to the network admin plugin page, by that, it's more easy for the admin to continue managing its network plugins if he want to do some bulk actions for example. The only difficult point is for the Network Delete action, imagine you have a plugin which is activated in site 1 (and you're not aware of it), and you want to Delete a plugin on site 1 where this plugin is not installed, this could be dangerous. So maybe it's safer to drop this Delete action on single site. But maybe it's not so dangerous since you have the exact same behavior on Network Plugin list, you can delete a plugin which is activated on a sub site." Mista-Flo 39714 Proposal: Use Full PHPMailer library has-patch External Libraries normal normal Awaiting Review enhancement new 2017-01-26T22:20:40Z 2023-02-02T15:34:11Z "Currently we're using a customized version of phpMailer that strips out some features. This is most evident when you compare class.smtp.php: Ours: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-smtp.php#L465 Official: https://github.com/PHPMailer/PHPMailer/blob/v5.2.21/class.smtp.php#L465-L527 We're missing sections which plugin developers are using to support extended features (oauth, ntlm, etc). By leaving this out, we introduce a reason for them to include versions of PHPMailer which they then have to update in the case of security issues (such as the sort that predicated the 4.7.1 core release). If we were to include the full library, it would be easier (and faster) for core to update in case of security issues, and it would provide more flexibility and security for plugins and (by extension) users of WordPress." Ipstenu 8 39724 Defining custom validation callbacks for tag/attribute values in wp_kses() Formatting 4.8 normal normal Awaiting Review enhancement new 2017-01-27T17:54:04Z 2017-06-17T11:00:12Z "This patch allows to define a custom validation callbacks to check tag/attributres values in `wp_kes()` etc. The callbacks are defined through `wp_kses_allowed_html` filter. If a tag and/or tag attribute is a callable function/method, then it will be used to check/validate/process the value, for example: {{{#!php <?php add_filter( 'wp_kses_allowed_html', 'my_wp_kses_allowed_html_flter' ), 10, 2 ); function my_wp_kses_allowed_html_flter ( $tags, $context ) { $tags['span']['style'] = function ( $name, $value, $element ) { // return sanitized $value or empty to remove it return $value; }; // iframe callback $tags['iframe'] = function ( $element, $attr ) { // does something with complete attribute string or return empty to remove it return $attr; }; return $tags; } }}} While waiting for the core updates the list of allowed tags/attribitutes/values (for example for `style` attribute, see #24157, #37134, #37248 and probaly many others), this enhancement could offer the possibility of having the fine control over every tag attributes value. Regards" enrico.sorcinelli 1 39736 Thumbnail src image link to direct large image, cause low page speed Post Thumbnails normal normal Awaiting Review defect (bug) new 2017-01-29T19:38:13Z 2022-03-22T04:33:53Z "Hi, i have install wordpress and add some images to my post.. but when i test it on page speed check it returns me bad figures you may check http://bit.ly/2k6lXNw. i have used coped images but google take it as large images. I have searched a lot and find out something. related images thumbnail src linked with direct image link you may see through source code: [https://postimg.org/image/k71uvbah9/] it is not causing by theme it is causing by wordpress. but i don't know how to fix it" mcky909 3 39740 "Twenty Seventeen: Allow child themes to use front-page.php when front page is set to ""Your Latest Posts""" dev-feedback Bundled Theme 4.7 normal normal Awaiting Review defect (bug) reopened 2017-01-30T19:54:05Z 2023-04-18T09:41:50Z "== What's Happening: == If a child theme of Twenty Seventeen has a `front-page.php` file, and the Reading settings are set to have ""Your Latest Posts"" as the front page, Twenty Seventeen's `twentyseventeen_front_page_template()` function, called on the `frontpage_template` filter, sets the template to an empty string instead of the child theme's `front-page.php`, so `index.php` gets used. == What I expect: == I expect the child theme's `front-page.php` to be used if present, no matter what the Reading settings are for the front page, as [https://developer.wordpress.org/themes/basics/template-hierarchy/#front-page-display described in the codex]. This is the default behaviour. == Relevant Code: == Here's TwentySeventeen's `twentyseventeen_front_page_template()` function, for reference: {{{ /** * Use front-page.php when Front page displays is set to a static page. * * @since Twenty Seventeen 1.0 * * @param string $template front-page.php. * * @return string The template to be used: blank if is_home() is true (defaults to index.php), else $template. */ function twentyseventeen_front_page_template( $template ) { return is_home() ? '' : $template; } add_filter( 'frontpage_template', 'twentyseventeen_front_page_template' ); }}} Link to [https://core.trac.wordpress.org/browser/trunk/src/wp-content/themes/twentyseventeen/functions.php?rev=40024#L530 location in code viewer]. " johnnyb 8 39746 Suddenly getting error on all of my servers: Unable to locate WordPress content directory (wp-content). Upgrade/Install 4.7.2 normal normal Awaiting Review defect (bug) new 2017-01-31T07:13:39Z 2017-03-08T05:04:54Z "Hi I have now been getting these update errors, I have never had problems before. It always worked using ssh2. This happened while I was overseas (5 weeks), so I am not sure when this started - but before I went ALL of my servers (CentOS 6.8 with php 5.6, all latest patches) where still able to update. Suddenly I started getting ""could not update wordpress"" as I have automatic updates setup, now I can update some machines, some I cannot. I thought I try one of the servers (the development server) with latest php 7.1, maybe that gets rid of that problem - it did not solve the issue, so I went back to the original php install. What is really strange I have a development server/install of one website on a different server as the main server. Both installs are identical (as in core/plugins/etc) The main server I can happily update the wordpress site using ssh2, the development server I cannot update the wordpress site anymore - the ONLY difference is the domain name. Both servers run the nearly the same software (the development machine has a few more yum packages) both OS and web-environment are the same, they even have the same php.ini file. When I change the development server from FS_METHOD=ssh2 to FS_METHOD=direct it works (after updating the file permissions), but I do not like this as the files need to be write-able by the user running the server, with ssh2 I can have different owner and group which is way more secure. I too have another wordpress install that I cannot update. I know that all settings/keys/permissions etc are correct as it USED to work. Help please! " jobst 10 39748 Function to insert or update DB value Database normal normal Awaiting Review enhancement new 2017-01-31T10:00:01Z 2017-10-29T17:06:57Z "Hello. I have been searching for long and couldnt found a good solution to the simple problem: lets say,in my plugin, I create a new table. Then I want to have a function, that updates a row in table, which's column (named EventId) equals i.e. 734 (if such row not exists, then create it). for that, I use my custom-created function: {{{#!php function UPDATE_OR_INSERT($tablename, $NewArray, $WhereArray){ global $wpdb; $arrayNames= array_keys($WhereArray); //convert array to STRING $o=''; $i=1; foreach ($WhereArray as $key=>$value){ $o .= $key . ' = \''. $value .'\''; if ($i != count($WhereArray)) { $o .=' AND '; $i++;} } //check if already exist $CheckIfExists = $wpdb->get_var(""SELECT "".$arrayNames[0]."" FROM "".$tablename."" WHERE "".$o); if (!empty($CheckIfExists)) { return $wpdb->update($tablename, $NewArray, $WhereArray );} else { return $wpdb->insert($tablename, array_merge($NewArray, $WhereArray) ); } } }}} //usage: {{{ UPDATE_OR_INSERT('my_table', array('new_page_content'=>'blabla'), array('EventId'=>734)); }}} it's good if there was built-in function that replaces this custom method" tazotodua 1 39752 Customize: add a post editing flow Customize normal normal Future Release feature request new 2017-01-31T20:09:14Z 2020-10-11T15:47:50Z "The Customizer has always prevented following any non-frontend links in the preview, which has disabled post links provided by `edit_post_link()` from working. This was worked around in #38648 by no-op'ing the edit links. One approach to solving this problem would be to bring post editing into the Customizer, which has been explored: https://github.com/xwp/wp-customize-posts Another approach would be: 1. Navigate to the appropriate edit post screen when an `edit_post_link()` is clicked on 2. Before 1), save a Customize changeset if the state is unsaved 3. Provide a UI on the edit posts screen to return to the Customizer after editing is complete 4. When returning to the Customizer, restore the changeset stored in 2) if one was needed. This would solve the problems of there being no way to edit posts from the Customizer, while not trying to stuff a (duplicate) post editing UI into a space that is not well-suited to it. This could also help to editing posts created in nav menus #38002" mattwiebe 23 39753 wp_mail() under PHP 7 hosted on Windows creates malformed email messages SergeyBiryukov* has-patch Mail 4.7.2 normal normal Future Release defect (bug) accepted 2017-02-01T01:54:38Z 2017-10-12T04:31:22Z "Synopsis: WordPress’ wp_mail function uses the third party component PHPmailer 5. PHPmailer 5 relies on the standard PHP mail() function for final delivery. With PHP 7.x hosted on Windows, WordPress mails are being rejected by providers, such as Gmail, due to RFC violations. Reason: PHPmailer->LE (Version 5) defaults to a lone ""LF"" (\n) as the end-of-line character. That is in violation of SMTP, which expressly forbids lone LF characters. This known error in PHPmailer 5 and has been be resolved with (not yet released) PHPmailer 6. Fortunately for WP (and other CMS'), Linux has an operating system default of ""LF"", so its mailer programs have always translated lone LF to CR/LF when creating SMTP data streams. And, in PHP 5, the Windows implementation of mail() has always ""fixed"" lone ""LF"" by replacing them with CR/LF. Consequently, WordPress (et al) have worked in both environments. As of PHP 7, the Windows implementation of mail() requires standards compliant input and no longer fixes malformed headers. The lone ""LF"" characters of the incorrect PHPmailer 5 defaults now ""bleed"" through and result in malformed SMTP data streams. (Linux is not effected, because PHP continues to launch the operating system's mailer programs.) At a future time PHPmailer 6 will be the final solution. In the meantime, WordPress wp_mail needs to explicitly set $phpmailer->LE = '\r\n' right after this line: $phpmailer = new PHPMailer( true ); " Andy Schmidt 19 39754 `_post_format_get_terms()` can overwrite names of terms in other taxonomies has-patch Taxonomy normal normal Awaiting Review defect (bug) new 2017-02-01T03:19:35Z 2017-02-22T02:05:56Z "`_post_format_get_terms()` filters `'get_terms'` and includes this logic: {{{ if ( in_array( 'post_format', (array) $taxonomies ) ) { if ( isset( $args['fields'] ) && 'names' == $args['fields'] ) { foreach ( $terms as $order => $name ) { $terms[$order] = get_post_format_string( str_replace( 'post-format-', '', $name ) ); } } ... }}} which affects the names of all `$terms`, as long as `post_format` was one of the queried taxonomies. Many terms are replaced with an empty string from `get_post_format_string()`. The attached patch includes a test to demonstrate the issue, and it would check before changing a value that the value begins with `post-format-` and that `get_post_format_string()` returns a name for the value. " dlh 39756 Extend the jQuery datepicker localization has-patch I18N 4.8 normal normal Awaiting Review enhancement new 2017-02-01T09:33:47Z 2023-05-30T08:41:53Z "Since #29420 whenever the jQuery datepicker script is enqueued it gets automatically localized. However, there are three options still not properly managed, mentioned and described in ticket:29420#comment:22, that should also get included, as they are indeed mentioned in the Localization section of the official documentation: https://api.jqueryui.com/datepicker/ Unless we do include them, our datepicker localization is incomplete and can not replace using external resources, hence plugins relying on localized datepickers can not truly trust and make complete usage of the bundled locales. The official localization files for the whole jQuery UI suite can be fond here: https://github.com/jquery/jquery-ui/tree/master/ui/i18n and they all include such options. Those missing localizable options are: * `weekHeader`: the string on the week column header when `showWeek` is set to `TRUE`. * `showMonthAfterYear`: a boolean to switch the month and year in the datepicker header, seems to be used by East Asia languages. * `yearSuffix`: the optional string to append to the year in the month headers. We have at least two approaches on how to include the missing localizable options: * We can filter the array of localization data added as an inline script for `jquery-ui-datepicker`, so plugins and third parties can add such options by themselves (hence forcing them to include those localizations on their own, and enter a possible race to be the one that forces its values). * We can add them as first-class properties in the `WP_Locale` class, stating as comments for translators both the meaning of the value that they are translating, and the jQuery UI localization files they can use to set the right value on their language. Although I understand that providing localization for external libraries might not be in our roadmap, this is what #29420 actually did. It managed to cover most of the localizable options since we already had their translations. This is slightly different as we need to add specific properties for specific options, but still I would go with the second approach, and I will be attaching soon a patch for its consideration." jadpm 1 39762 Change in DOM Element Properties as seen in Javascript Event Handlers Between 4.6.2 and 4.7+ reporter-feedback Administration 4.7 normal normal Awaiting Review defect (bug) new 2017-02-01T22:37:55Z 2021-04-06T05:27:06Z "I'm seeing a problem that appears to be related to the change introduced by ticket #37973 in 4.7. I don't see this issue in 4.6.2. I filed ticket #39739 earlier this week that documented another problem related to this change as well. This problem is also related to a ""select all"" checkbox but has to do with the state of child checkboxes within javascript event handlers being different between 4.6.2 and 4.7. In short, I have an event handler for ""click"" for the ""manage-column check-column"" checkbox (simplified HTML shown below). This event handler looks for child checkboxes in the table (""nslb_import_rows"") and triggers their ""click"" event accordingly. The ""click"" events are triggered so that additional HTML can be displayed on the page if certain conditions are met when the individual rows are selected / unselected or en masse via this ""select all"". {{{ <table class=""form-table""> <tbody class=""nslb-dynamic-content""> <tr> <td> <table class=""wp-list-table fixed widefat striped""> <thead> <tr> <th scope=""col"" class=""manage-column check-column""> <label><input type=""checkbox"" class=""check-all""></label> </th> <th scope=""col""> Name </th> </tr> </thead> <tbody id=""the-list""> <tr> <th scope=""row"" class="" check-column""> <input type=""checkbox"" id=""cb-select-1"" name=""nslb_import_rows"" class=""nslb-input"" value=""1""> </th> <td> Steven<input type=""hidden"" name=""s_1_1"" class=""nslb-input"" value=""Steven""> </td> </tr> <tr> <th scope=""row"" class="" check-column""> <input type=""checkbox"" id=""cb-select-2"" name=""nslb_import_rows"" class=""nslb-input"" value=""2""> </th> <td> David<input type=""hidden"" name=""s_2_1"" class=""nslb-input"" value=""David""> </td> </tr> </tbody> </table> </td> </tr> </tbody> </table> }}} Please note the first <tbody> element with the class ""nslb-dynamic-content"". As the name implies, this content is created dynamically and added to the page via javascript as certain other options on the page are chosen. Because the inner HTML is added dynamically, when this code in common.js at line 459 at the 4.6.2 level executes: {{{ $('thead, tfoot').find('.check-column :checkbox').on( 'click.wp-toggle-checkboxes', function( event ) { ... }}} it doesn't find any elements that match the search criteria as they are not present on the page yet, therefore no event handlers are registered here. The HTML at this point would look only like this: {{{ <table class=""form-table""> <tbody class=""nslb-dynamic-content""> </tbody> </table> }}} Conversely, the code in common.js at 4.7+ on line 452 that replaced this line {{{ $body.on( 'click.wp-toggle-checkboxes', 'thead .check-column :checkbox, tfoot .check-column :checkbox', function( event ) { ... }}} fires when the ""manage-column check-column"" checkbox is clicked even though it's in HTML that is added dynamically. This is because the line in 4.7+ handles click events in the body and then evaluates whether or not a ""check-column"" checkbox was clicked in a <thead> or <tfoot> as part of click event processing itself thereby finding my ""manage-column check-column"" checkbox"" in the DOM at that point. The net of effect of all this is a change in the value of the ""clicked"" property of these child checkboxes when my own click event handler executes. For example, in 4.6.2, if no checkboxes are selected on the page and I click my ""manage-column check-column"" checkbox, the ""clicked"" properties for the child checkboxes are ""false"" because the event handler on line 459 in common.js doesn't execute. However, in 4.7+ given the same scenario, the ""clicked"" properties for the child checkboxes are already ""true"" because the event handler on line 452 in common.js does execute each time. You could actually argue the behavior in 4.6.2 is defective since the handler does not get registered for ""check-column"" checkboxes added dynamically. FYI, if I hard code this exact HTML statically, then the 4.6.2 event handler does get registered and the ""clicked"" property for child checkboxes is consistent between 4.6.2 and 4.7+. Additionally, the code in common.js at the 4.7+ level could potentially trigger the ""click"" event for any child checkboxes it finds as opposed to just modifying their ""checked"" property, although I'm not sure of the ramifications of that type change." reldev 2 39772 add ajax functionality to switching tabs and pagination in plugins Plugins 4.8 normal normal Awaiting Review enhancement new 2017-02-02T22:06:48Z 2017-02-02T22:06:48Z Since we have the cool ajax search plugin functionality, maybe we add the ajax for the tabs on the add plugin page as same as with the pagination of the results. m1tk00 39773 Users Can Wrongly Set a Custom Page Template when front-page.php is in Use Themes normal normal Awaiting Review defect (bug) new 2017-02-02T23:56:47Z 2017-04-27T14:16:43Z "If you try to set a custom page template in a theme that uses a `front-page.php`, `front-page.php` always wins. This is expected, but a user doesn't know that. They're still able to save the page, and it looks like it should work, but on the front end, `front-page.php` wins, and they may be left confused. Discovered while researching #39299. Steps to reproduce: 1. Activate Twenty Seventeen. 2. Set the front page to a static page. 3. Create a page template. 4. Assign it to the static page being used as the front page. 5. Save. 6. Visit front end – the template isn't used. What I expected? At the very least – WordPress doesn't save this change, and provides an error message. Better: The page template selection box doesn't show up in this case because setting a template when the front page is a static page and a theme has `front-page.php` isn't possible." davidakennedy 2 39775 wp_mail miss send Content-Type with boundary when array header does not have other custom headers Mail normal normal Awaiting Review defect (bug) new 2017-02-03T07:42:43Z 2017-04-14T09:46:47Z "It's a PR send in github. https://github.com/WordPress/WordPress/pull/273 Fix empty charset in line 436. Before: `Content-Type: multipart/alternative; charset=` After: `Content-Type: multipart/alternative; charset=UTF-8` ------------- fix `$headers[] = ""Content-Type: multipart/alternative; boundary=\""$boundary\"""";` not send when not other headers. Test Code: {{{#!php <?php $boundary = md5( uniqid() . microtime() ); $to = 'wordpress@wordpress.org'; $subject = 'TEST'; $headers[] = ""From: Wordpress <wordpress@wordpress.org>""; $headers[] = ""Content-Type: multipart/alternative; boundary=\""$boundary\""""; $body = ""--$boundary\r\n"" . ""Content-Type: text/plain; charset=UTF-8\r\n""; $body .= 'test'; $body .= ""--$boundary\r\n"" . ""Content-Type: text/html; charset=UTF-8\r\n""; $body .= '<div>test</div>'; wp_mail( $to, $subject, $body, $headers ); }}} Before: [[Image(https://cloud.githubusercontent.com/assets/6196903/22583305/a84c5f1c-ea26-11e6-8718-2bde99d20484.png)]] After: [[Image(https://cloud.githubusercontent.com/assets/6196903/22583326/c4055362-ea26-11e6-8890-1da8fac8552e.png)]] I could search some issue for this, like http://wordpress.stackexchange.com/questions/191923/sending-multipart-text-html-emails-via-wp-mail-will-likely-get-your-domain-b https://wordpress.org/support/topic/using-wp_mail-with-php-generated-attachments/ but still have same problem here." kn007 39787 wp_list_authors can be optimize dev-feedback Users 4.8 normal normal Awaiting Review enhancement new 2017-02-05T01:52:55Z 2024-01-26T07:47:14Z "May be i don't understand but look at this line https://core.trac.wordpress.org/browser/tags/4.7/src/wp-includes/author-template.php#L392 {{{#!php 392 $author = get_userdata( $author_id ); }}} Why we should call `get_userdata()`? At top we call `$authors = get_users( $query_args );` and can return display_name and user_nicename in next foreach section without `get_userdata()`. And will be nice add filter by role. Because wp_list_authors means authors not subscribers or editors. " alexufo 2 39791 sanitize_file_name() optimizations Media 4.8 normal normal Awaiting Review enhancement new 2017-02-05T23:24:33Z 2018-01-20T13:49:47Z "This changeset: [29290] added this line: {{{#!php $filename = str_replace( array( '%20', '+' ), '-', $filename ); }}} But because of this changeset it can be removed as those chars aren't present anymore: [35122] '''Additional proposals''' 1.) After many years new special characters are added step-by-step to sanitize_file_name(). Now almost all characters of the reserved file system, reserved URI and unsafe URL characters lists are part of it, except of: reserved file system chars (https://en.wikipedia.org/wiki/Filename#Reserved_characters_and_words) {{{ chr(0), ..., chr(32) }}} the reserved URI char (https://tools.ietf.org/html/rfc3986#section-2.2): {{{ @ }}} the unsafe URL char (https://www.ietf.org/rfc/rfc1738.txt): {{{ ^ }}} non-printing DEL: {{{ chr(127) }}} Finally you should add all these chars to avoid future bug reports: {{{#!php $special_chars = array( // file system reserved https://en.wikipedia.org/wiki/Filename#Reserved_characters_and_words '<', '>', ':', '""', '/', '\\', '|', '?', '*', // control characters http://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx // note: \t, \n and \r are chr(9), chr(10) and chr(13) chr(0), chr(1), chr(2), chr(3), chr(4), chr(5), chr(6), chr(7), chr(8), chr(9), chr(10), chr(11), chr(12), chr(13), chr(14), chr(15), chr(16), chr(17), chr(18), chr(19), chr(20), chr(21), chr(22), chr(23), chr(24), chr(25), chr(26), chr(27), chr(28), chr(29), chr(30), chr(31), // non-printing character <DEL> chr(127), // non-breaking space chr(160), // URI reserved https://tools.ietf.org/html/rfc3986#section-2.2 '#', '[', ']', '@', '!', '$', '&', ""'"", '(', ')', '+', ',', ';', '=', // URL unsafe characters https://www.ietf.org/rfc/rfc1738.txt '{', '}', '^', '~', '`' ); }}} If you do that, do not forget to change this line: {{{#!php $filename = preg_replace( '/[\r\n\t -]+/', '-', $filename ); }}} to that (because we replaced the other chars already): {{{#!php $filename = preg_replace( '/[ -]+/', '-', $filename ); }}} and remove this line because we cover it already through chr(160): {{{#!php $filename = preg_replace( ""#\x{00a0}#siu"", ' ', $filename ); }}} Source: https://en.wikipedia.org/wiki/Whitespace_character#Unicode 2.) mb_strtolower() could be used to raise windows/unix interoperability (when downloading ftp backups or moving the host) because of their different behaviour in case-sensitivity. " mgutt 5 39793 Scrolling up in the sticky post text editor does not scroll the page up to top Editor normal normal Future Release defect (bug) new 2017-02-06T13:03:53Z 2019-06-05T06:52:24Z "In the sticky post editor, if I use arrow keys to navigate in the text mode tab (textarea#content), the page does not scroll up to the very top of the page, leaving part of the text hidden. I have to use mouse to again reveal the text. In the TinyMCE mode the scrolling works perfectly. I attached a screenshot where I created lines of text to get the page scroll. At the bottom of the page, cursor can be seen all the time. Then, when I go and use arrow keys to scroll to the first line of the text, it only scrolls almost to the top, leaving about 6.5 lines above the scroll. Additionally, using Ctrl+Home or Ctrl+End (on Windows) to navigate to the top or bottom of the textarea does not scroll the page." elmo5 20 39794 Notice if update_plugins cap is off SergeyBiryukov has-patch Plugins normal normal Future Release defect (bug) reviewing 2017-02-06T13:03:56Z 2017-05-18T15:01:43Z "In wp-admin/includes/update.php:378 i have condition: {{{#!php <?php if ( ! current_user_can( 'update_plugins' ) ) { }}} then in plugins lists I should see notice ""There is a new version of %1$s available. View version %4$s details"" But I don't see notice. I think that problem is in wp_plugin_update_rows() function " sebastian.pisula 2 39795 WordPress objects are only accessible via global variables General 4.8 normal normal Awaiting Review enhancement new 2017-02-06T13:47:17Z 2017-02-06T16:29:03Z "Hello. Here's the context: I'm trying to write some high quality plugins that go through some code analysis tools before any new release is made available to the public. That means that the code that is being analysed is on a repository of its own. When running the plugin code through such tools (sensio labs insights for example), some errors are marked as major issues: ""Global variable or function should never be used"" and that is related to the access of some WordPress objects like $blog_id, $wpdb and $wp_filesystem to name a few. Upon investigation I found out that for $blog_id, there was an alternative, which is to use the get_current_blog_id() function. That is great, because it respects the WordPress way of working on the WordPress side, and in my plugin, I can now use a function instead of a global variable. Could we make some equivalent functions for the other global WordPress objects? Like get_wp_db(), get_wp_filesystem() for example? Thanking you. Regards." jdmweb 3 39802 "Multisite: ""No importers are available"" error message shown to site admins, but not to network admins" has-patch Import 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-06T22:32:40Z 2024-02-26T23:02:39Z "Steps to reproduce: * Consider one site in a WordPress multisite install. * Verify that the ""WordPress Importer"" plugin is installed in the network, but disabled on this specific site. * Log in as a ''site'' administrator. * Click on ""Tools"" and ""Import"". * You'll see the message ""No importers are available."" If, however, you open the same screen as a ''network'' admin, WordPress will show a link ""Run importer"". If you click it, WP will activate the ""WordPress Importer"" plugin and proceed with the import process. This inconsistency is confusing to users. It does not really make sense because both ''site'' admins and ''network'' admins have the necessary capabilities to activate the importer plugin (provided that it is installed)." thomaswm 7 39808 My Sites broken in 4.7.2 Networks and Sites 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-07T21:56:33Z 2017-11-14T18:24:33Z "After upgrading to 4.7.2, My Sites shows an error: You must be a member of at least one site to use this page. This happens for both regular users and administrators. I've fixed it for now by changing one line of code: diff wp-admin/my-sites.php.orig wp-admin/my-sites.php 20c20 < $blogs = get_blogs_of_user( $current_user->ID ); --- > $blogs = get_blogs_of_user( $current_user->ID, 1 ); " earl.fogel 15 39811 Bug maybe_unserialize() broke mysql data. Database 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-08T13:53:06Z 2017-02-20T06:34:57Z "I have an issue what is realated to maybe_unserialize() function. Example: When someone made MySQL export or backup and you want that data to import in database again, widgets, some plugin setup, some template setup, particular WPBakery Visual Composer or similar visual editors lost it's setup. To get all work well I change function into this: {{{ function maybe_unserialize( $original ) { if ( is_serialized( $original ) ) { $fixed = preg_replace_callback( '!(?<=^|;)s:(\d+)(?=:""(.*?)"";(?:}|a:|s:|b:|i:|o:|N;))!s', 'serialize_fix_callback', $original ); return @unserialize( $fixed ); } return $original; } function serialize_fix_callback($match) { return 's:' . strlen($match[2]); } }}} -wit this code I get all data to work well but I'm unable to install new plugins or made any kind of update. What to do with it, how to fix this problem and can you made some update to this code or add some solution to not happen this problems? Here is also my StackOwerflow question: http://wordpress.stackexchange.com/q/255591/82023 Thanks!" ivijanstefan 4 39824 Gallery doesn't show images being uploaded adamsilverstein dev-feedback Gallery 4.0 normal normal Future Release defect (bug) assigned 2017-02-09T16:18:43Z 2021-02-17T07:21:08Z "When you insert a gallery with images being uploaded in Edit Post page, the gallery doesn't show the images. '''How to Reproduce''' 1. Open Edit Post page. 2. Insert a gallery with one uploaded image. 3. Select the gallery in tinyMCE then click on Edit. 4. Upload a big image file and/or slow down the internet to buy time for the following actions. 5. Choose Edit Gallery tab then click on Update Gallery button while the big image is uploading. 6. The gallery shows an empty element instead of the image. 7. If you edit the gallery and open Edit Gallery tab after the image uploaded, you'll see it has gone." gonom9 7 39826 LIMIT clause not required in get_options function as there's already a UNIQUE KEY on option_name dev-feedback Database 4.7.2 normal normal Awaiting Review enhancement new 2017-02-09T23:41:05Z 2020-05-07T19:31:10Z "The Core get_options (wp-includes/option.php) uses LIMIT 1 to retrieve only a single row for an option. However, the option_name field already has a UNIQUE KEY in the table schema, so it's impossible for the db to contain or return more than one row for any option_name. Barring history I'm unaware of (if there used to not be a UNIQUE KEY on this field in the past), it's safe to remove the LIMIT 1 clauses from these queries (there are a few instances in the function. While LIMIT clauses can sometimes be harmful to performance, in this particular scenario that's not the case. However, it's just superfluous." arjenlentz 3 39827 notice in wp-includes/canonical.php:392 SergeyBiryukov needs-unit-tests Canonical 4.7.2 normal normal Future Release defect (bug) reopened 2017-02-10T02:28:03Z 2024-02-15T09:23:06Z "Hello, We're getting notice in wp-includes/canonical.php:392, but it requires some specific steps to obtain it. Steps: 1. Setup a clean install of WPML 2. Set permalinks to postname without ending slash: /%postname% 3. Create a page in secondary language 4. Set this page as Home Page (under Settings/Reading) but only in the secondary language When you enter ""home page"", you get 404 because a page for original language does not exist. In line 121, you get {{{$redirect_url = get_permalink($redirect_post);}}} and value of $redirect_url is for instance ""http://testsite.dev?lang=fr"". As you see, there is no ""/"" before ""?"", that's why path is empty. You have already fixed the similar issue in line:77-79 {{{#!php // Notice fixing if ( !isset($redirect['path']) ) $redirect['path'] = ''; }}} I suspect, we need the same fix before line: 392 {{{#!php $redirect['path'] = preg_replace('|/' . preg_quote( $wp_rewrite->index, '|' ) . '/*?$|', '/', $redirect['path']); }}} " jakubbis 26 39831 Theme Tag Translation Ready has-patch Themes normal normal Future Release enhancement new 2017-02-10T09:25:09Z 2022-09-13T05:02:00Z "As i read, All theme text strings are to be translatable. > https://make.wordpress.org/themes/handbook/review/required/#language In that case, seems it is compulsory and there is not any use of 'translation-ready' theme tag. Because all themes on directory should be translation ready. if we apply filter with 'translation-ready' checkbox, it will return all themes." rinkuyadav999 11 39835 Category slug could be auto-generated with ability to update manually Taxonomy 4.7.2 normal normal Awaiting Review enhancement new 2017-02-10T14:10:59Z 2017-02-10T14:13:09Z Like adding a post, when category is created from Post > Category, if a default slug could be auto generated from title here as well with the ability to edit that would be time saving and helpful. subrataemfluence 1 39836 Display maximum file upload size on theme upload page dev-feedback Themes normal normal Awaiting Review enhancement new 2017-02-10T16:47:09Z 2017-06-25T04:06:02Z "When we click on 'Upload Theme' button, WordPress displays ""If you have a theme in a .zip format, you may install it by uploading it here."" message on /wp-admin/theme-install.php If we can displays maximum file size in this message, it will really help WordPress users. They will consider increasing upload file size in php.ini instead starting upload and displaying a message ""Are you sure want to do that?"" and if debug is true, they will also see error message." rinkuyadav999 1 39841 Additional Post Button Options Posts, Post Types 4.7.2 normal normal Awaiting Review enhancement new 2017-02-10T18:38:24Z 2017-02-14T08:39:25Z "Turn ""Update""/""Publish"" into a button with a dropdown. So if a user selects say Update & Return it will redirect the user back to the posts admin screen. If a users selects the Update & Add New option then it would update that existing post, then redirect to a new posts screen or return to the post list screen instead." lukecavanagh 4 39844 Don't return anchor tag if link is empty in get_the_author_posts_link() needs-unit-tests Themes 4.7.2 normal normal Future Release enhancement new 2017-02-11T11:17:28Z 2022-02-21T16:17:57Z "If get_author_posts_url() returns an empty value, currently get_the_author_posts_link() creates an anchor tag with am empty target. If shown on the page this results in a link to the current page, which is not what is expected from an author link. https://core.trac.wordpress.org/browser/tags/4.7.2/src/wp-includes/author-template.php#L252 The attached patch changes this, so that if no link is given, just the author name is returned with no anchor tag surrounding. This is in line with the respective code for get_comment_author_link() https://core.trac.wordpress.org/browser/tags/4.7.2/src/wp-includes/comment-template.php#L216" SirkoSchindler 2 39847 force_balance_tags not properly balancing < with <strong> and </strong> Formatting 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-11T19:12:04Z 2017-02-11T21:11:08Z "Given following HMTL code which includes the ''\['' and ''\]'' Latex delimiters: {{{ \[<\] <strong>We</strong> }}} the output of '''force_balance_tags''' is {{{ \[<\] <strong>We }}} which is not correct as the bold tags are unbalanced. Expected output should be the input string. " jpmerx 1 39848 New filter 'the_title_wrap' dev-feedback Posts, Post Types 4.7.2 normal normal Awaiting Review enhancement new 2017-02-11T20:46:21Z 2017-07-03T15:18:35Z "== Problem: In plugin I wish to add some markup after/before the post and page title so, naturally, I use `the_title` filter. However, this filter is applied on `get_the_title()` function which is used by all instances of post title all over the page (menus, edit links etc). On top of that, more and more themes are using `the_title()` with before and after params which makes all my custom markup wrapped inside this before and after. So when theme is using `the_title( '<h1 class=""entry-title"">', '</h1>' )`, and my markup in filter is, for example an image, then I get: {{{ <h1 class=""entry-title"">The title <img src=""image.jpg"" ></h1> }}} Or something even worse if my custom markup is more complex. == Proposal (possible solution): I have tested another filter on `the_title()` function **(wp-includes/post-template.php)** and it gave me exactly what I needed: {{{#!php /** * Display or retrieve the current post title with optional markup. * * @since 0.71 * * @param string $before Optional. Markup to prepend to the title. Default empty. * @param string $after Optional. Markup to append to the title. Default empty. * @param bool $echo Optional. Whether to echo or return the title. Default true for echo. * @return string|void Current post title if $echo is false. */ function the_title( $before = '', $after = '', $echo = true ) { $title = get_the_title(); if ( strlen($title) == 0 ) return; $title = $before . $title . $after; /** * Filters the post title after 'the_title' filter. * * @param string $title The post title. */ $title = apply_filters( 'the_title_wrap', $title ); if ( $echo ) echo $title; else return $title; } }}} I named it `the_title_wrap` because it wraps everything that comes with `the_title` function and filter. This filter doesn't apply on menus, edit links etc. Tested on twenty* themes, it applies only on posts and pages title on singulars and on posts title inside the loop on archive pages. Also, my custom markup doesn't end up inside `<h1>` or `<a>` tags. Now it looks like this: {{{ <h1 class=""entry-title"">The title</h1><img src=""image.jpg"" > }}} This is, of course, somewhat uncertain because I'm counting on theme author to use `the_title()` instead of `get_the_title()` but I think it's worth of effort as sometimes it becomes nearly impossible to target only entry title on singular or inside loop on archives etc. Thank you." milana_cap 39850 WordPress embedded links drop query vars from URL Embeds normal normal Awaiting Review enhancement new 2017-02-11T23:02:51Z 2017-02-11T23:29:04Z "When embedding a WordPress page within another post, any query strings that are passed in the URL get dropped. For example, if embedding http://example.com/page-name/?foo=bar, the actual URL that gets passed to the oEmbed function (and later on to the template files) is http://example.com/page-name/embed/ (foo=bar gets dropped). The link inside the blockquote also drops the url query variable and links to http://example.com/page-name/ instead of http://example.com/page-name/?foo=bar As I see, this occurs because the `wp_filter_pre_oembed_result` function in `embed.php` uses `url_to_postid` to get the embeded post's ID, and later `get_post_embed_url` uses that ID to create the embed permalink. So naturally any url query vars are not preserved in the final URL construction. Similarly in `get_post_embed_html`, the function uses `esc_url( get_permalink( $post ) )`, thus reconstructing the permalink without knowledge of the initial url. I encountered this when embedded a specific photo gallery (from nextcellent plugin), but I assume some other plugins such as language/translation ones may also be affected. I don't think the URL's should be dropping any of the query variables. However, if that is a requirement, it would be good to also pass on the original url in the `post_embed_url` hook to allow plugin developers to make sure to add any parameters from the original url that got dropped off in the embedded url." charleslf 2 39851 WP_REST_Posts_Controller::get_items() has too many concerns REST API 4.7 normal normal Future Release task (blessed) new 2017-02-11T23:20:39Z 2019-01-17T18:58:52Z "I've written a bunch of custom endpoints that return collections of posts of one or more post types. I'd like my responses to be the same formatting, body and header as the default post routes provide. This allows for a client designed to consume default routes to be more easily modified to use custom routes. Achieving this with a subclass of WP_REST_Posts_Controller still requires some cut and paste for collections of posts, since the get_items() method has way too many concerns. I'd like to break out the preparing of response body, as well as response header into separate methods, so that they can be used with different types of requests or ways to create arrays of WP_Post objects, while still providing a consistent response. " Shelob9 3 39852 "Change the confusing ""Screen Options"" button text" Administration normal normal Awaiting Review enhancement new 2017-02-12T08:52:23Z 2017-03-21T19:12:44Z "From a new users perspective the label ""Screen Options"" doesn't make any sense. Seems technical, it doesn't express anything meaningful. From a general perspective by reading a buttons text it should be clear to users what it does. Besides that the text Screen Options is not that common either. In my opinion, It would be easier and meaningful if it uses one of these : '''1. see more''' '''2. more information''' '''3. display more''' '''Google Books Ngram Viewer '''how many times these terms has been used (from year 1800 to 2000) [[Image(http://i.imgur.com/QgOeB0e.png)]] '''Google Trends '''[[Image(http://i.imgur.com/CA2SHv4.png)]] Reference: 1. Design Words With Data [https://medium.com/dropbox-design/design-words-with-data-fe3c525994e7#.hv4ce0o2q] 2. How To Design Words [https://medium.com/@jsaito/how-to-design-words-63d6965051e9#.tfmbqs2ux]" cryptex_vinci 7 39861 WP REST API and Caching Issue johnbillion* REST API 4.7.2 normal normal Future Release defect (bug) accepted 2017-02-13T16:32:51Z 2023-06-21T15:57:00Z "It appears that the current implementation of the WP REST API uses the following cache control header: cache-control:no-cache, must-revalidate, max-age=0 The problem is that some providers, e.g., SiteGround, also tack on a bogus last modified header: last-modified:Thu, 01 Jan 1970 00:00:00 GMT This combination causes the browser to add a ""if-modified-since"" header to subsequent API call and resulting with a 304 response (in this case NGINX at SiteGround). At the point, you continually get stale results from the API. The fix is to also add a ""no-store"" to the API response. Cache-Control: no-cache, no-store, must-revalidate For reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control" sckmkny 7 39862 Track the number of children for a walker element scope has-patch Menus 4.7.2 normal normal Awaiting Review enhancement reopened 2017-02-13T17:06:24Z 2017-08-02T20:24:05Z "Unless this had been deliberately omitted for performance reasons? A minor change to the {{{Walker}}} class would provide the total number of children {{{$this->total_children}}} for the current element scope from within the {{{display_element()}}} function. Currently a custom walker must be used and include an extension of display_element() for each {{{X_Walker}}} class where this information is needed. Patch attached. This change; for example could provide information to display the number of replies to a comment in an extended template of {{{Comment_Walker::comment()}}}" AlexGW 5 39863 HTML description property of term in WP_REST_Terms_Controller lacks display filters joehoyle REST API normal normal Awaiting Review enhancement assigned 2017-02-13T17:13:48Z 2019-07-11T18:13:16Z "Working with the REST API i've noticed that with terms, either from custom taxonomies or default categories and tags, their descriptions are different within REST requests compared to outputting within a theme template. Tracking it down and I've noticed that within themes these term descriptions are having `term_description` filters applied, whereas within WP_REST_Terms_Controller the term description is used as is from the database. At its most basic example a user can add HTML to a term description (either manually or via a plugin that adds a visual editor), and paragraphs will be applied for a theme, but not for the REST requests. But the schema for Terms says that it's the `HTML description of the term`, which IMO is slightly wrong without all the term description filters. Comparing to the WP_REST_Posts_Controller it further raises the question, should the Term controller be providing a `raw` and `rendered` version of the term description to match Post content? Or should the filters simply be added as it's a smaller change?" davecpage 5 39864 Upload not giving back any error message when uploads directory doesn't exist. Upload 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-13T17:35:20Z 2017-02-13T17:35:20Z "[[Image(http://i.imgur.com/PLrKSNz.png)]] When the path (upload_path in media options) set in the above image doesn't exists, no error message is displayed when uploading images. It would be great if an error message would tell you that the path is set wrong or doesn't exists, so you get an idea where to start looking to fix the error. After you upload an image the image gets displayed like this on the media page: [[Image(http://i.imgur.com/Euiaihl.png)]]" nahakiole 39883 Code hooking on `image_downsize` can no longer assume the file is an image joemcgill dev-feedback Media 4.7 normal normal Future Release defect (bug) assigned 2017-02-15T19:52:34Z 2017-05-23T20:29:02Z "In r38949, Core pretty drastically changed the expectations that any code hooking onto the `image_downsize` filter could make until then, potentially leading to issues for integrators. We went from having the `image_downsize()` function immediately return `false` if a file wasn't an image, not getting to that filter application at all, to only setting a variable with the result of the `wp_attachment_is_image( $id )` test and now applying the filter (not even passing said result, for that matter). This was a pretty big safe assumption to take away from under integrators' feet. Coupled to this, a wise integrator that might have picked up on this change could have wanted to have its own code have `image_downsize()` still returning `false` if it does not want to have the file further processed by the function, but there is no opportunity to, since returning `false` will cause `image_downsize()` to keep on with its processing instead of proceeding with `return $out`. Returning anything but false or null will cause `image_downsize()` to return, but that might not always be desirable to preserve the way WP worked prior to 4.7. What's better here for general use isn't as clear cut as what r38949 made it to be. I've discussed the case with @mikeschroder, and we've agreed to open this ticket so we can further discuss what should be done, if anything." stephdau 23 39889 Improve/Fix REST Response on Multisite when an endpoint for a non-existent site is hit. needs-unit-tests REST API 4.7 normal normal Future Release defect (bug) new 2017-02-16T15:52:54Z 2019-07-09T18:42:18Z "Currently if you hit the endpoint for a domain on a site that doesn't exist it will behave the same as on a normal request. - visit https://nonexistentsubdomain.eventsmart.com/wp-json in a REST client. - Take note of the ""Location"" header in the response: https://eventsmart.com/wp-signup.php?new=nonexistentsite. It's also returned with a HTTP 302 Granted this is kind of edgecase, but I think it'd be better to handle things a bit better on REST requests. The question is how? I think from the standpoint of the REST client it'd be better to just return a 404 and a ""site doesnt' exist"" message (or something to that affect)." nerrad 3 39891 Chrome rendering issue with Customizer, widgets, and checked radios dev-feedback Customize normal normal Future Release defect (bug) new 2017-02-16T16:38:59Z 2021-05-29T16:56:54Z "Steps to reproduce: - Open up Chrome (at least on Mac, have not tested on PC) - Open up the Customizer - Edit any sidebar - Add any widget '''that contains at least one radio field that is checked''' - Reduce the height of the browser window until a vertical scrollbar appears in the pane Once the vertical scrollbar appears, the entire pane vanishes. Upon further investigation, it appears to be Chrome ""max-width paint"" type issue. Basically, the checked radio element sets a `text-indent` of `-9999px` on the `:before` item to hide the browser rendered checkmark. It seems that this expands the width of the painted area very very far to the left (outside the visible window). I say this because if you mess around with the indent by lowering it, eventually the bug disappears. You can even see the right side of the painted area vanish (screencast attached showing this below). Here's some CSS changes I tried that fixed it: - Lower the text-indent to something higher (as in smaller negative number) than about `-8000px` - Set the `.widget` element position to `static` (previously set to `relative`) Here's some screencasts: Detailing how to create the bug: [[Image(http://d.pr/i/WEil+)]] Example showing why I think it's some sort of ""max paint width"" rendering issue: [[Image(http://d.pr/i/gLzq+)]] Example showing how setting the `position` on the `.widget` item to `static` fixes things: [[Image(http://d.pr/i/4P9a+)]]" joelworsham 3 39893 Twenty Seventeen Header Media: YouTube Embed Does Not Fill Screen dev-feedback Bundled Theme 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-16T18:47:31Z 2023-04-17T10:32:24Z "Hi. I was really excited to see 2017 in action and thought a great deal of the video header feature, but my expectations were dashed when I realised that the promise of anamorphic images and videos automatically stretching to full screen in the header just did not materialise, despite using all the precautions, guidelines and recommendations suggested in the theme: 2000x1200 as per image, .mp4, etc. It seems that no matter what video link from YT I tried the image will stretch, but the video will not. Is there a solution to this or is it just me? You can see a brand new installation with no extra plugins, scripts or other potentially interfering code in the way, here: http://2ud.biz/dev/ Thanks in advance " cingrosso 11 39894 JS heartbeat can run before ready causing exception General 3.6 normal normal Awaiting Review defect (bug) new 2017-02-16T19:29:05Z 2017-07-03T21:29:52Z Sometimes where my page is loading slowly I can get the error attached, where the element isn't yet available. programmin 2 39903 is_user_logged_in() true on ajax after cookie has been deleted Users 4.7.2 normal major Awaiting Review defect (bug) new 2017-02-17T14:46:34Z 2022-08-08T10:22:44Z "is_user_logged_in() will return true on ajax after cookie has been deleted manually in browser, until the session tokens expired or after destroy_sessions from admin for this user. To reproduce on: 1. Add ajax callback function with one checkup is_user_logged_in(). 2. Log in front-end. 3. Clear browser cookie. 4. Refresh page and run ajax. It will return true. But the var_dump( is_user_logged_in() ) on page will return correct false. Even more: after deleting cookie and refreshing page, new wordpress_ cookie will appear again, maybe because of is_user_logged_in() check. Proof on video attached using fresh wp install. " esemlabel 9 39907 "Add ""Remove all widgets"" button for themes with multiple widget areas" dev-feedback Customize normal normal Awaiting Review enhancement new 2017-02-17T19:04:28Z 2021-05-29T17:01:57Z "I was loading giving one of my sites a new theme as a New Year treat. It only seemed fitting to put on Twenty Sixteen. As this was a simple site, I wanted the single column. Unfortunately, loading up the theme brought a few issues as I suddenly found a lot of widgets I didn't want. For example the footer areas, they were filled with defaults I didn't want. Going in and removing each one took several steps as there were multiples. Whether you want defaults or not may be something the theme can decide, but offering a 'remove all widgets' button I think would be easy enough to add into the Customizer and a great enhancement for the minimalists." karmatosed 5 39908 Make the page and category widget exclusions use a drop down not ID Widgets normal normal Future Release enhancement new 2017-02-17T19:14:40Z 2017-09-20T08:33:06Z "Currently excluding in this widget involves you getting and ID and then adding it. This could be made more user friendly by using a drop down. [[Image(https://cldup.com/YVbvUK5pLK.png, 50%)]]" karmatosed 6 39909 Make title behaviours consistent across all widgets on first load westonruter dev-feedback Widgets 2.8 normal normal Future Release enhancement reopened 2017-02-17T19:17:20Z 2021-06-25T15:47:08Z "On first load the word 'Archives' outputs as the Widget title but it doesn't appear in the input field. If there is a default text, perhaps it should show. This could also assist by users making the connection with the words and where they can edit. For example: [[Image(https://cldup.com/EK1v0wxGX1.png, 50%)]] Another example, the Calendar widget has no title and compared to the examples above this feels weird. What I think should happen is that the same title behaviour occurs for all widgets when you first load them." karmatosed 32 39910 Customizer: Add ability to drag & drop widgets and menu items Customize normal normal Future Release enhancement new 2017-02-17T19:38:19Z 2021-05-29T17:06:55Z Currently when you add a new widget in the Customizer, the available widgets will show, but you can not drag and drop any of the those widgets, rather you have to select the widget then, that widget will be added in. Drag and drop does work on widgets that already exist or where just added. lukecavanagh 21 39913 Customize: Disable auto-trashing of published changesets in anticipation of revisions Customize 4.7 normal normal Future Release defect (bug) new 2017-02-18T22:29:08Z 2021-05-29T17:10:47Z "When changesets were introduced in 4.7 (via #30937), we decided by default to auto-trash a `customize_changeset` post upon publishing. The reason for this is that there was no UI for changesets and there would be no way to clean up old revisions from the UI, meaning the posts would just be added indefinitely. However, with revisions being planned for 4.8 being planned for in #31089 and #21666, it would perhaps be beneficial to disable the auto-trashing behavior so that once revisions support ''is'' added the revision history won't be empty. Nevertheless, even with changesets not being auto-trashed, there would still be [https://core.trac.wordpress.org/ticket/21666#comment:33 challenges] with reverting to a previously-published changeset: > == Challenges of Reverting to a Previously-published Changeset == > > Reverting to a revision of a changeset is easier than reverting to a previously-published changeset. When reverting to a revision of the current changeset, all this means basically is to reset the settings to match the state of the changeset at that revision. However, reverting to a previously-published changeset is more complicated/interesting. Take this changelog: > > 1. January 1st: User changes site title to “Foo”. > 2. January 2nd: User changes site tagline. > 3. January 3rd: User changes site title to “Bar”. > > Now, if the user clicks the changeset revision for January 1st, my assumption is that this will restore the site title of “Foo”. However, will it also include a revert of the change made to the tagline on January 2nd? Each changeset only contains the settings that were modified, so as it stands right now we would not know what to revert the tagline to since it's previous value is not captured. Whenever a changeset is about to be published, we could capture the current value for each setting prior to saving. This would allow us to roll back all of the changes made to the site between two published changesets. The process would involve walking over the previous changesets to gather up a list of the previous values and merge them and apply them to the current changeset for previewing. > > Complication: What about when a user makes a change to the tagline ''outside'' of the customizer? In that case the tagline would not be referenced in any changeset, and reverting to the changeset on the 1st would only rollback the site title. Would this be expected behavior?" westonruter 1 39914 'orderby' date results differs depend on 'post_status' Query 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-19T09:40:43Z 2017-02-19T09:40:43Z "Default 'orderby' date return different order results depend on 'post_status' passed in WP_Query. For example, 3 published posts with identical post_date (if bulk publish, import or other stuff) in WP_Query will return different posts order on page, which depend on 'post_status' = 'publish' or 'any'. Since all posts are published, setting 'post_status' should not affect default orderby date results. Most notably this difference in edit.php?post_type= in comparison with front-end WP_Query results. Is it normal behaviour of such querying results?" esemlabel 39918 Whitelist audioBoom oEmbeds Embeds 4.8 normal normal Awaiting Review enhancement new 2017-02-20T11:00:33Z 2023-05-30T09:50:56Z "{{{ sandbox=""allow-scripts"" }}} is disabling links within our iframe player on some wp sites, try the social icons on the audioBoom player in this article http://www.niemanlab.org/2017/02/in-a-chaotic-presidency-civics-101-is-giving-listeners-a-reintroduction-to-how-the-u-s-government-works/. What are the steps to getting audioBoom whitelisted so that no changes are made to the oEmbed codes? " arunaudioboom 6 39926 wp_get_object_terms should return WP_Error on wrong fields argument or use a sane default dev-feedback Taxonomy normal normal Awaiting Review defect (bug) new 2017-02-21T13:40:52Z 2017-04-14T09:44:53Z "wp_get_object_terms( $object_ids, $taxonomies, $args ) accepts object_ids, taxonomies and as last option extra arguments as an array. One of the extra arguments in the $args array is the fields option. I used the field value 'term_id' (erroneously) assuming this would return the term_ids. However this did not work. wp_get_object_terms returned an empty array and in my error log I noticed this SQL error message: {{{ WordPress database error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM wp_terms AS t INNER JOIN wp_term_taxonomy AS tt ON t.term_id = tt.term_id ' at line 1 for query SELECT FROM wp_terms AS t INNER JOIN wp_term_taxonomy AS tt ON t.term_id = tt.term_id INNER JOIN wp_term_relationships AS tr ON tr.term_taxonomy_id = tt.term_taxonomy_id WHERE tt.taxonomy IN ('product') AND tr.object_id IN (449, 427) ORDER BY t.name ASC }}} After consulting the source of the wp_get_object_terms I noticed that 'term_id' is not a valid fields value. However I would have expected wp_get_object_terms() to return a WP_Error object instead of creating erroneous SQL code. The following are valid field option values: * all - Default : all matching term's objects will be returned * ids : term's ids will be returned * names : term's names will be returned * slugs : term's slugs will be returned * all_with_object_id : all matching term's objects will be returned * tt_ids : term's taxonomy's ids will be returned [https://codex.wordpress.org/Function_Reference/wp_get_object_terms See wp_get_object_terms() docs on the Codex] === Proposed solution Due to [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-term-query.php#L581 this switch statement] invalid or an empty fields value will result in an empty SELECT SQL query in this [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-term-query.php#L650 codeblock] My proposal is to add a default clause to the [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-term-query.php#L581 switch statement] which defaults to using the 'all' case value. This seems to adhere to the functionality as well as the spirit of the rest of the WP_Term_Query class code. As far as I know it should be backwards compatible as well. " BjornW 4 39927 Add support for CSS class and attributes in wp_login_form input fields has-patch Login and Registration 4.7.2 normal normal Awaiting Review enhancement new 2017-02-21T14:23:14Z 2019-04-24T22:05:26Z "I think adding support for class and a few useful attributes like placeholder and required for default login form (wp_login_form). In `wp-includes/general-templates.php` (line 402), if we can pass `$args` like this it would be nice: {{{ $args = array( ... 'placeholder_username' => __('Your login Id'), 'placeholder_password' => __('Your password (case sensitive)'), 'username_required' => true, 'password_required' => true, 'username_css_class' => 'form_control, 'password_css_class' => 'form-control 'username_remove_size' => true, 'password_remove_size' => true ); }}} This will have the following benefits: 1) We can use HTML5 native client side validation 2) We can tell WordPress to use custom class name (if none is supplied, default would be used) 3) Placeholder will help removing labels and save space 4) Size attribute if set to `true` will not be used. This is useful if I don't need it at all. Based on the above values the `<form>` element also could be modified like this: {{{ $form = '<form ...> <input type=""text"" <?php if($args[""username_required""] == true) echo ""required"" ... ?> </form>'; if($args['echo']){ echo $form; } else { return $form; } }}}" subrataemfluence 4 39929 "Improve ability to customize ""nav"" links below login form." Login and Registration 4.8 normal normal Awaiting Review enhancement new 2017-02-21T19:07:00Z 2017-02-21T19:11:52Z "In adding a Single Sign-On option to a site, I ran into trouble while trying to add a link to the login form. Flexibility could be introduced by adding an action inside each `p.nav` in `wp-login.php`, but there's already duplicated code. So, I've added a function that builds the output and allows plugins to add new links or change the existing links. Thanks for considering my request." dcavins 39939 A Contributor cannot preview their own post if it's scheduled needs-unit-tests Posts, Post Types normal minor Awaiting Review defect (bug) new 2017-02-22T12:52:02Z 2017-02-23T05:36:25Z "Steps to reproduce: 1. A Contributor writes a post and submits it for review. At this point they can preview their post. 2. An Editor or Administrator approves the post and schedules it for publication at a later date. 3. The contributor viewing the Posts listing table can no longer preview their post. Previously: #33694 " johnbillion 3 39942 Restored Post may steal slug to published Post Posts, Post Types 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-22T15:37:10Z 2017-02-22T15:49:15Z "Steps to reproduce: 1. Create a Post 1 with title ""Post"", 2. Assign the slug 'post' to Post 1, 3. Publish Post 1, 4. Unpublish Post 1 by setting it as 'Draft', then Update, 5. After Update, Trash Post 1, 6. Repeat 1-5 for Post 2, 7. Create a Post 3 with title ""Post"", 8. Assign the slug 'post' to Post 3, 9. Publish Post 3, 10. Now restore Post 2, 11. Open/Reload the edit screen for Post 3, 12. It'll show 'post-2' as slug, 13. Saving/Updating Post 3 will change the slug from 'post' to 'post-2'. Probably the following functions participate in the issue: * `wp_add_trashed_suffix_to_post_name_for_post`, which is checking for {{{ if ( '__trashed' === substr( $post->post_name, -9 ) ) { }}} while Post 2 has `post__trashed-2` as post name * `wp_unique_post_slug`, which is not checking the uniqueness of the slug if the post is `draft`." ziodave 1 39945 WP_Query::get_posts fails to correctly sanitize 'posts_per_page' dev-feedback Query 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-22T21:34:01Z 2020-03-03T22:32:24Z "WP_Query::get_posts fails to correctly sanitize the 'posts_per_page' argument when a negative value in range (-2, -1) is supplied. == Example == The following get_posts query causes an exception: {{{ get_posts(array('posts_per_page' => '-1.5')); }}} Exception: WordPress database error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-1' at line 1 for query SELECT wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'post' AND ((wp_posts.post_status = 'publish')) ORDER BY wp_posts.post_date DESC LIMIT 0, -1 made by get_posts, WP_Query->query, WP_Query->get_posts == Cause == Incomplete sanitization in WP_Query::get_posts(), line 1775 - 1779: {{{ $q['posts_per_page'] = (int) $q['posts_per_page']; if ( $q['posts_per_page'] < -1 ) $q['posts_per_page'] = abs($q['posts_per_page']); elseif ( $q['posts_per_page'] == 0 ) $q['posts_per_page'] = 1; }}} == Impact == Some plugins (e.g. Woocommerce) initialize the posts_per_page argument with user supplied values and may suffer from an information disclosure vulnerability, depending on the webserver configuration. Confirmed on the latest Wordpress version 4.7.2. First reported at 19.02.2017 to security[at]wordpress.org without response (not nice!), so I assume you do not consider this security relevant in accordance with e.g. https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-there-path-disclosures-when-directly-loading-certain-files" biisent 4 39946 Private posts can be sticky when bulk editing them from wp-admin/edit.php reporter-feedback Quick/Bulk Edit normal normal Awaiting Review defect (bug) new 2017-02-22T22:10:00Z 2023-02-07T19:11:34Z "[[Image(https://cldup.com/ZsJC4iH0GM.png)]] Although it's not possible to inline-edit a Private post to be sticky or to Publish a private post as sticky from the Publish meta box, as shown on the above screen capture, it's possible to do it using the Bulk edit action of the `wp-admin/edit.php` screen." imath 5 39952 Category Dropdown Widget: required spacing issue on attachments template reporter-feedback Widgets 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-23T17:50:13Z 2020-12-19T21:05:54Z "This issue only happens on the attachments.php template, all other primary templates don't appear to have the issue. When using the category widget as a dropdown, the select statement looks like: <selectname='cat' rather than <select name='cat' The file, category-template.php output statement is: {{{#!php <?php $output = ""<select $required name='$name' id='$id' class='$class' $tab_index_attribute>\n""; }}} Removing $required corrects the issue. Setting required to true also corrects the issue. {{{#!php <?php function categories_dropdown($args) { $args['required'] = true; return $args; } add_filter( 'widget_categories_dropdown_args', 'categories_dropdown' ); }}} Which returns: {{{ <select required="""" name=""cat"" id=""cat"" class=""postform""> }}} While this does correct the issue, the required="""" isn't correct either, it should be: required without the ="""" https://developer.mozilla.org/en-US/docs/Web/HTML/Element/select It should also have aria-required=""true"" for Safari." tribalNerd 2 39954 REST API: Improve date updates if both `date` and `date_gmt` are set REST API 4.7 normal minor Awaiting Review enhancement new 2017-02-23T19:51:41Z 2017-03-09T02:38:25Z "Currently, if you set both the `date` and `date_gmt` fields when creating or updating a [https://core.trac.wordpress.org/browser/tags/4.7.2/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php#L996 post] or [https://core.trac.wordpress.org/browser/tags/4.7.2/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php#L1119 comment], the `date` field will take precedence and the `date_gmt` field will be ignored. This behavior isn't ideal because when either of these two dates is specified, the other is also updated based on the site's timezone offset. If both `date` and `date_gmt` are specified, '''and''' the two values do not match according to the site's current timezone offset, there are a couple of options for improving the behavior: - Update the date fields exactly as requested, even though they will not match the site's current timezone offset. - Return an error." jnylen0 7 39958 Comment reply/cancel links work badly when comment form is above the comment list dev-feedback Comments normal normal Awaiting Review defect (bug) new 2017-02-23T22:36:25Z 2018-01-15T14:41:01Z "If the comment form is below the list of comments, as in default WP themes, reply and cancel links work as follows: When you click reply, the form moves directly under the comment (page doesn't scroll). When you click cancel, the form jumps back to original position (page doesn't scroll). Consider any theme where the comment form is output before the list of comments. (This is a standard request, to make it easier for people to comment without having to scroll through lots of existing comments first). When you click reply, the form moves from its original position to under the comment, causing the whole page to scroll up a significant amount. The textarea gets focus, meaning if it has scrolled off the top of the screen as is quite likely, the page jumps to ensure it is visible, but you don't see important things like the reply heading, cancel link, or comment label. When you click cancel, the form reverts back to its original position, jumping the whole page content down significantly, often leaving you in a completely random part of the page. This is very disorientating from a user perspective. I'm not sure what a workaround is - perhaps some way of saving your vertical position prior to a click and restoring it after a click to make it look like there is no jump." smerriman 5 39960 Separate Supported Status for Trackbacks and Pingbacks has-patch Pings/Trackbacks 4.3 low minor Future Release defect (bug) new 2017-02-24T04:01:35Z 2018-10-08T04:38:00Z "In #31168, get_default_comment_status was introduced, with the intent to set default pingback and comment status for new comments. With the current design, it isn't possible to address these items separately. get_default_comment_status treats the 'supports' => 'trackbacks' statement as intent to open pings. While I see the rationale for why this was done, it is not consistent. Supporting trackbacks is not actually clear to someone calling it what it is supposed to do. According to the code, excluding allowing pings by default as amended in this function and a few other places, it adds the 'Send Trackbacks' metabox. What I am proposing here is therefore a change that might confuse backward compatibility. I can't see another easy way to separate these two. Let's say, for the sake of fairness as a default, that if you want to be able to send pings or trackbacks, you should also support receiving them. So, my proposal would be to separate post_type_support into two features: 'trackbacks' - which will add the trackback metabox and govern the default desire to accept trackbacks for that post type 'pingbacks' - which will set whether the default for pingbacks for a given post type is set to send/receive by default. That handles the intent of the post type default. Then we move to the individual post issue. So, the logic I'm proposing is that if pings are open for the post(ping_status set to open), it means it will support whatever protocols the post type supports. While it would be nice to get more granular, it would create too much of a strain on backward compatibility. Conversely, suggesting that someone might want to turn pingbacks or trackbacks on or off for an entire post type makes sense. I can't see a scenario where someone would want support on or off for a specific post. If they decide to turn pings off, they are turning off whatever type of linkback the post chooses to support. A plugin or theme could change this behavior using the get_default_comment_status filter that already exists. Relate: #38207 discusses the idea of disabling trackbacks by default, but retaining pingbacks for the foreseeable future. The first step is allowing for these sensible defaults by post type, and then making the decision about default support for the 'post' post type. I'd like to get some feedback on the proposed solution or alternatives." dshanske 10 39963 MIME Alias Handling has-patch Media normal normal Future Release enhancement reopened 2017-02-24T19:47:12Z 2022-06-08T12:42:49Z "WordPress currently only supports a single MIME type for a given extension. This is good enough in many cases, but begins to cause problems like #39550 when a library references an alternative MIME type (like audio/mpeg vs audio/mp3). We probably don't want to introduce changes to the basic MIME functions as that could have crazy-far-reaching consequences, but we could add a `wp_check_mime_alias($filename, $mime, $allowed_mimes)` function, and query it in places where validation-by-MIME is happening. This would require a comprehensive collection of MIMEs, past, present, vernacular, etc. I am actually already maintaining such a database for another PHP library that combines results from Nginx, Apache, freedesktop.org, and IANA. So let's start from the assumption that the necessary data already exists for retrieving all possible MIME types for a given extension. I can whip up a patch with the added functionality, but wanted to first get some feedback on where/how the data should be incorporated (it is a rather big list, a PHP array would go on for miles.. I'm keeping it in a JSON file currently), and what existing areas might need to plug into that. @joemcgill, do you have any initial thoughts?" blobfolio 39 39968 Media Library: deleting all items on the last page loses the pagination/navigation buttons and shows message antpb has-patch Media 4.7.2 normal normal Future Release defect (bug) reopened 2017-02-26T14:10:59Z 2021-02-25T15:14:07Z "While deleting all items on the last page of Media Library, the page loses the pagination/navigation buttons and shows the message ""No Media Files found"" with no way to access the earlier pages other than by going back to the ""Media"" link" donsony 26 39969 add filter to end of post_categories_meta_box() Taxonomy normal normal Awaiting Review enhancement new 2017-02-26T17:09:46Z 2017-02-26T17:09:46Z "I have a need to output short ""instructional"" text below taxonomy metaboxes on the post{,-new}.php screens. This text is to help admin users decide when/if to assign terms to a given (custom) post. I currently do something similar in the featured image metabox, i.e., I hook into 'admin_post_thumbnail_html' (which is applied at the end of _wp_post_thumbnail_html()) to add text to tell admin users what image dimensions the featured image for a particular (custom) post should have. Thus, it would be helpful if there were a similar filter applied at the end of post_categories_meta_box(). My current workaround is to add a {{{#!php 'meta_box_cb' => 'custom_tax_meta_box' }}} to the args when I register the taxonomy, and my custom_tax_meta_box() function just calls post_categories_meta_box() and then adds the text. Of course, this works, but is not very elegant and not very ""future proof"" (i.e., if WP core changes how taxonomy metaboxes are created them this workaround will break)." pbiron 39972 REST API: Allow querying posts by post format REST API 4.7 normal normal Awaiting Review feature request new 2017-02-27T00:30:29Z 2017-05-07T05:48:09Z "Although it is listed in the REST API reference, {{{ posts?format=video }}} shows all posts." sba7elfol 3 39977 "Search results for custom post type = ""ANY""" General 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-27T20:58:56Z 2019-03-15T13:46:54Z "There is a bug for search results query for post type ""ANY"", any returns only page and post. If we use: {{{#!php <?php $args = array( 's' => $s, 'numberposts' => -1, 'post_type' => array('post','page','gallery') ); $the_query = new WP_Query( $args ); }}} Then works, also pre_get_post not working. Debug info from QM: {{{ order DESC post_type any posts_per_page 10 s Janis gallery search_orderby_title Array ( [0] => wp_8b3200f070_posts.post_title LIKE '%Janis%' [1] => wp_8b3200f070_posts.post_title LIKE '%gallery%' ) search_terms Array ( [0] => Janis [1] => gallery ) }}} If we use standart: {{{ <?php if (have_posts()) : while (have_posts()) : the_post();?> }}} Then custom post types is not showed on search results. " foxsk8 1 39980 Improve handling of image previews for non-image files joemcgill Media 4.7 normal critical Future Release defect (bug) assigned 2017-02-28T02:57:40Z 2017-05-20T20:16:18Z "Follow up from #31050. The changes to the `image_downsize()` and `image_get_intermediate_size()` functions introduced in [38949] added regressions to the `'image_downsize'` and `'image_get_intermediate_size'` filters, running them for non-image attachments. Best option to fix this seems to be to introduce new function(s) with new filter(s) specifically for handling this case: adding image preview to non-image attachment. This will fix the regressions, and will make it possible for plugins to hook into this functionality." azaozz 7 39985 Do action before send email of retrieve password Login and Registration 4.7.2 normal normal Awaiting Review feature request new 2017-02-28T14:01:07Z 2017-03-08T02:49:10Z "Add do_action before sending email to recover password. Inspiration: I needed to integrate an SMS sending to recover password, where I had to use retrieve_password_message filter hook to get the user's phone number. https://github.com/WordPress/WordPress/pull/275" bonus369 2 39991 jQuery UI Datepicker Localization Error with PHP date 'S' has-patch Script Loader 4.6 normal normal Future Release defect (bug) new 2017-02-28T20:03:37Z 2018-10-25T18:10:04Z "When localising the datepicker, the UK default WordPress date format is not converted correctly to jQuery UI's format. The default PHP format for the UK is `jS F Y` The script-loader.php function `wp_localize_jquery_ui_datepicker()` converts this to `dS MM YY`, however the `S` is invalid and an ordinal suffix cannot be created with the datepicker. There is no easy solution to add in the ordinal suffix, but a better solution than printing the stray `S` is to strip this out by modifying the `str_replace()` function call to do so. {{{ // Convert the PHP date format into jQuery UI's format. $datepicker_date_format = str_replace( array( 'd', 'j', 'l', 'z', // Day. 'F', 'M', 'n', 'm', // Month. 'Y', 'y', // Year. 'S' // Invalid ), array( 'dd', 'd', 'DD', 'o', 'MM', 'M', 'm', 'mm', 'yy', 'y', '' ), get_option( 'date_format' ) ); }}} " devonto 6 39992 Bug in get_the_content has-patch Posts, Post Types 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-28T21:01:15Z 2017-10-11T20:25:06Z "In get_the_content $post is not checked if it's null, after {{{#!php <?php $post = get_post(); }}} and then on line: {{{#!php <?php if ( false !== strpos( $post->post_content, '<!--noteaser-->' ) && ( ! $multipage || $page == 1 ) ) }}} as you see, $post->post_content is queried. Then if $post is null, the program falls. A solution can be to check: {{{#!php <?php $post = get_post(); if ( ! $post ) { return ''; } //else }}} and then continue. Thank you for everything! :)" olik9 2 40001 Replace wp-list.js with REST API-powered JavaScript has-patch Administration 4.7 normal normal Awaiting Review task (blessed) new 2017-03-01T07:06:00Z 2021-04-06T15:33:21Z "wp-list.js is used for ''some'' list tables in WordPress, but not all. We should switch everything it does over to the REST API, and simultaneously rethink list tables to ensure consistency. (This is a stub ticket, longer post on make/core coming soon.)" rmccue 2 40007 update_option function does not work if the $value argument is false on a nonexistent option has-patch General normal normal Awaiting Review defect (bug) reopened 2017-03-01T17:03:59Z 2023-10-30T23:49:08Z "If we specify a false argument in update_option function and if the database option does not exist then the option will not be saved. I expect the option to be saved with false value if it does not exist. If we look into the code of this function we can see that it will return false if the old value is false too, so if the option does not exists then it will return false. It's a bug. How to replicate? give a try: {{{#!php <?php update_option( 'aaa2345454', false ); }}} " alexvorn2 9 40012 Only add_metadata if no matching value dev-feedback Options, Meta APIs 2.9 normal normal Awaiting Review defect (bug) new 2017-03-02T02:04:43Z 2017-03-02T02:58:15Z "`add_metadata()` has a `$unique` parameter, but it only looks for a unique `meta_key` for the given object ID. I have a need to add meta-data with the same `meta_key` but different values, and only if that `meta_value` isn't already present with the same key. To do this now, requires: * Getting all meta-data for the ID by `meta_key` * Checking those array-values for my value * Bailing if it's already present, or... * Proceeding with `$unique` set to `false` It'd be lovely if `add_metadata()` either: * Accepted strings like `key`, `value` for the `$unique` parameter, to switch up the check * Added a second parameter for unique value in addition to a unique key" johnjamesjacoby 1 40014 & converted to '#038 Themes 4.7.2 normal normal Awaiting Review defect (bug) new 2017-03-02T08:41:46Z 2017-03-03T05:01:54Z "Hi guys, This is a follow-up to #30831. Using WordPress v4.7.2 . With paginate_links() and setting the 'add_args' to an an array of values breaks the url. Specifically replaces '''&''' with '''#038'''; Sample code below: {{{ echo paginate_links( array( 'base' => str_replace( $big, '%#%', esc_url( get_pagenum_link( $big ) ) ), 'current' => max( 1, get_query_var( 'paged' ) ), 'total' => $query_object->max_num_pages, 'format' => 'page/%#%', 'add_args' => array( 'project' => 1 /* or whatever the project number is*/ ), ) ); }}} The code above replaces '''&''' with '''#038'''; Sample result: http://domain.com/?page_id=1&paged=2#038project=1 " fervillz 3 40024 Include CPT archives in the menu cutomizer Menus normal normal Future Release enhancement new 2017-03-03T15:35:25Z 2019-11-07T16:57:39Z "If we create a new Custom Post Type and go to the menu customizer, we can insert links to particular posts of that type. What we can't easily do is insert a link to the Custom Post Type archive page. Example: we create a Movies CPT. We want to add a link to the list (archive) of all Movies to the menu. We can't do that unless we use the custom URL field (and the URL is not provided anywhere in the admin panel, only in the CPT registering code itself). Enhancement needed: add a section which lets you link to archive pages for CPTs. Suggested name for the box: ""Content archives"" or ""Custom content archives""." eclare 4 40031 Consider Adding Web Annotations to WordPress Comments normal normal Awaiting Review feature request reopened 2017-03-04T05:20:30Z 2018-02-19T23:30:39Z "This is a strawman ticket published to generate discussion and hopefully concensus. The W3C has standardized [https://wptavern.com/web-annotations-are-now-a-w3c-standard-paving-the-way-for-decentralized-annotation-infrastructure Web Annotions] to decentralize annotations across the web ''(""annotations"" being a superset of commenting.)'' As WordPress' mission is to ''""Democratize Publishing,""'' and as WordPress is by far the most widely used tool for publishing content on the web that also allows other people to comment on said content, it would seem fitting ''(at least to me)'' that WordPress would empower users of WordPress to control their own annotations across the web, moving forward. How might to work? WordPress could offer three (3) new and yet related features: 1. Add enhancements to the commenting system to accept references to annotations. 2. Enable a WordPress site to be an ''""Annotation Server.""'' This would likely leverage the existing comment system where the comments could be associated with a new custom post type where each inidividual post could collection annotations for and represent one ""persona"" of a given registered user as well as how that persona could be presented to the outside world in the form of a URL that represents the user. 3. An ''""Annotate This""'' feature similar to ''""Press This""'' which can store annotations at the user's own WordPress site where the Annotate This UI could become the UI for commenting on all future WordPress websites (and potential non-WordPress sites) that offer feature 1. For those that doesn't offer feature 1 this UI could provide functionality to more easily transfer the comment to the foreign commenting system ''(such as copying it to the clipboard on user request)'' and possibly even implement commenting for specific well-known services ''(Twitter, Facebook, LinkedIn, Disqus, Medium, etc.)'' Note that some people's first reaction to this idea might be ''""that's plugin territory""'' -- which I can appreciate -- but there are four (4) reasons why I think this is core territory instead: 1. It is reasonable to assume that 80% of WordPress users would want to maintain their own comments in addition to their own posts, 2. This idea only really has benefits if it can become ubiquitous, e.g. If the 3 features are all available. If a plugin then an individual can only ever control one side of annotations thus dooming their implementation to obscurity. Note that a ''""Feature Plugin""'' slated for a future version of WP core is not ''""plugin territory""'' that I am arguing against. 3. It is a W3C recommendation, not some startup 3rd party service so it is likely to be adopted by many if not all of the web in the next few years. Why should WordPress not be the tool that helps define for the world how annotations should best be utilized, before some walled-garden like Facebook establishes the defacto-approach ahead of WordPress? 4. And finally, WordPress's mission is to ''""Democratize Publishing""'' and I cannot think of many other feature requests that are more ''""on-mission""'' than this one, Thoughts?" MikeSchinkel 24 40032 Automatic redirects with _wp_old_slug won't mantain GET parameters if present has-patch Permalinks 2.1 normal normal Awaiting Review defect (bug) new 2017-03-04T15:05:27Z 2021-03-09T06:31:59Z "If for example links come up with GET parameters, for example utm parameters for analytics, they get stripped before the redirect. post_name = 'new-slug' _wp_old_slug = 'old-slug' http://example.org/old-slug/?utm_source=test1&utm_medium=test2&utm_campaign=test3 Wordpress will build the link for the redirect to the new slug without any GET parameter: http://example.org/new-slug/ I think it should mantein them instead: http://example.org/new-slug/?utm_source=test1&utm_medium=test2&utm_campaign=test3 I'm not even sure if this should be classified as a bug, if it's the correct behaviour or not. I'll let you judge." DrLightman 1 40038 Padding load_template's require with a do_action on each end has-patch Themes 1.5 normal normal Future Release enhancement new 2017-03-05T17:08:53Z 2017-03-08T03:32:03Z "Pad the requires in load_template in wp-includes\template.php with a do_action on each end so it looks like this: {{{#!php <?php function load_template( $_template_file, $require_once = true ) { global $posts, $post, $wp_did_header, $wp_query, $wp_rewrite, $wpdb, $wp_version, $wp, $id, $comment, $user_ID; if ( is_array( $wp_query->query_vars ) ) { extract( $wp_query->query_vars, EXTR_SKIP ); } if ( isset( $s ) ) { $s = esc_attr( $s ); } do_action('load_template_before', $_template_file); // new line if ( $require_once ) { require_once( $_template_file ); } else { require( $_template_file ); } do_action('load_template_after', $_template_file); // new line } }}} this will allow plugin and theme developers to pad each template with html. At the very least for debugging purposes you'd be able to do something like this {{{#!php <?php add_action('load_template_before', 'debug_pad_before'); add_action('load_template_after', 'debug_pad_after'); function debug_pad_before($template){ echo('<!-- template begin ' . $template . ' -->'); } function debug_pad_after($template){ echo('<!-- template end ' . $template . ' -->'); } }}} I'm specifically targeting this function because it's used not only by wordpress but by buddypress as well, and I anticipate other extensions to fall back to this same function. Buddypress uses its own bp_locate_template but uses wordpress' load_template to load them." qwertyzw 3 40045 "HTML code entered using ""Text"" mode gets garbled" Formatting 4.7.2 normal normal Awaiting Review defect (bug) new 2017-03-06T14:44:10Z 2017-03-06T14:44:10Z "Entered this: {{{ <area shape=""poly"" coords=""77,57,276"" data-content=""<a href=//google.com>link</a> some other content. Be careful with using the right quotes here!"" title=""Some title""> }}} converted to this: {{{ <area shape=""poly"" coords=""77,57,276"" data-content=""<a href=//google.com>link</a> some other content. Be careful with using the right quotes here!” title=”Some title”></p> }}} Is it really so difficult to leave the content of the ""Text"" mode as it is? Just to remind you, that W3C says ""attributes on HTML elements may have any string value"". " s0what 40046 Add password length filter in `register_new_user` function. Users 4.7.2 normal normal Awaiting Review enhancement new 2017-03-06T14:58:24Z 2021-06-01T13:45:25Z "I found there is no way to change password length param of wp_generate_password function. I found there is no filter to extend the password length. there should be one filter so that if anyone want to extend password length during user registration they could. ref: wp-includes/user.php line number : 2343 Function name: register_new_user()" 1naveengiri 3 40047 Add term_meta to WP_Term class getter method dev-feedback Taxonomy 4.8 normal normal Awaiting Review enhancement new 2017-03-06T17:28:27Z 2017-03-13T14:22:20Z The `WP_Post` and `WP_User` classes allow getting a meta value by calling its getter function, eg. `$post->my_meta_key`. This functionality was omitted when introducing the `WP_Term` class. barryceelen 4 40052 Issue with WP_Cache not invalidating stale cache after an update request Cache API 4.7.3 normal major Awaiting Review defect (bug) new 2017-03-06T22:40:50Z 2017-03-08T20:56:08Z "Hi, There appears to be an issue with WP_Cache if/when an object-cache has a stale value, and you attempt to update that value to the value that already exists in the database ( race condition as an example ). The object-cache in this case will never be invalidated until the TTL is hit, or if/when the cache is flushed. This affects high volume sites that has repetitive actions. An example of this happens on our site in production on user_meta, where quick endpoints fire that requires a set value on user_meta, however occasionally redis-cache will not get updated with the new value, even though the wp database does have the proper value. In this case there's an infinite loop where wp_cache will return the old stale value, and the code will correctly attempt to update it to the new value, but WP thinks the value is already correct, and thus the object-cache will not be updated. Potentially related bugs are #26779 & #31245 An easy solution is to add a wp_cache_delete onto lines 195/196 here: https://github.com/WordPress/WordPress/blob/master/wp-includes/meta.php#L190-L253" cookiesowns 4 40055 Incorrect User Counts Bug :: No-multisite Users 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-07T00:20:15Z 2017-03-08T15:39:13Z "@All In the user list there are two completely different counts of users. How to fix the problem? [[Image(https://s9.postimg.org/gkipwt90v/Captura_de_Tela_3.png)]]" rpgmem 1 40057 Double hashed value for background-color of body.background-color Themes 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-07T10:34:58Z 2019-03-13T00:59:01Z "The problem is that body.custom-background has background-color property which gets double hashed value. So if theme is supporting custom background features, then you'll get wrong (double hashed) background-color value all the time. I have already found the cause of the problem. Check this file: wp-includes/theme.php on line: 1564 change this: $style = $color ? ""background-color: #$color;"" : ''; to this: $style = $color ? ""background-color: $color;"" : ''; That will solve the problem." hovhanneshovakimyan 1 40060 Define ADMIN_COOKIE_PATH cause unreachable /wp-login.php Users 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-07T13:11:56Z 2017-03-07T14:44:52Z "If user is logged in and tries to open /wp-login.php page, he never couldn't do this if ADMIN_COOKIE_PATH is set to root '/' (is equal to COOKIEPATH). Instead, the redirect to /wp-admin/ will occur. Even more, many of function during page load will run twice. In a long route of functions, the last one is wp_parse_auth_cookie(), which return false to many functions called from, which cause ""true"" check in wp-login.php on line 814, where unneeded redirect happens. {{{#!php <?php if ( !is_wp_error($user) && !$reauth ) { ... wp_redirect( $redirect_to ); exit(); }}} In regular situation, wp_parse_auth_cookie() return ""false"" when checking auth cookie on wp-login.php from path '/', because existing one is for /wp-admin path. So wp-login.php loads normally. {{{#!php <?php if ( empty($_COOKIE[$cookie_name]) ) return false; }}} But if ADMIN_COOKIE_PATH is defined with value, that not differs from COOKIEPATH or SITECOOKIEPATH - it return ""true"" and forever redirect to /wp-admin/. Any ideas to solve this?" esemlabel 2 40065 Check for invalid user before `lostpassword_post` in `retrieve_password()` dev-feedback Login and Registration 4.7.3 normal normal Awaiting Review enhancement new 2017-03-07T22:14:22Z 2018-05-04T01:18:16Z Some errors are added before `lostpassword_post` and one is added after. It'd be nice if all of the errors were present when the action is called. This patch fixes that. jfarthing84 1 40070 Cannot remove theme with Javascript if folder name contains periods Themes 4.7.3 normal normal Future Release defect (bug) new 2017-03-08T07:15:28Z 2017-06-12T05:27:59Z "Hi. This could be vaguely related to #37924 but I've started versioning my themes and producing zip files with version numbers in them, ie `foo-2.1.6b.zip` - I've noticed that I can't delete them using the admin interface. I press the delete button and the slug name is `foo-216b` - the periods have been stripped out and the delete fails. So for a theme directory of `honw-0.0.1b` It fails. The front end gives a message ""Deletion failed: The requested theme does not exist"". The JSON payload is as follows: {{{ { ""success"": false, ""data"": { ""delete"": ""theme"", ""slug"": ""honw-001b"", ""errorMessage"": ""The requested theme does not exist."" } } }}}" svanlooy 11 40073 "WP_Comment_Query should support a comment type of ""comment""" Comments 4.8 normal normal Future Release enhancement new 2017-03-08T20:44:29Z 2017-03-13T16:18:07Z "Scenario: User is leveraging the `comment_type` field in their theme or a plugin, and desires all comments to have a type. They assign ""regular"" comments a `comment_type` of ""comment"" as that seems to make sense. If they then ask for those comments using `get_comments` or another function which leverages `WP_Comment_Query`: {{{ $comments = get_comments( [ 'type' => 'comment', ] ); }}} The returned list will not return any comments which have `comment_type` set to ""comment"", only those with no type at all. As this behavior (the swallowing of ""comment"" as a type entirely, rather than looking for `['','comment']`) is undocumented, perhaps `WP_Comment_Query` could be altered as such: {{{ 715 case 'comment': 716 case 'comments': 717 $comment_types[ $operator ][] = ""''""; ___ $comment_types[ $operator ][] = ""'comment'""; ___ $comment_types[ $operator ][] = ""'comments'""; 718 break; 719 720 case 'pings': 721 $comment_types[ $operator ][] = ""'pingback'""; 722 $comment_types[ $operator ][] = ""'trackback'""; ___ $comment_types[ $operator ][] = ""'pings'""; 723 break; }}} A sounder approach would probably be to allow a flag to be passed: {{{ 708 foreach ( $_raw_types as $type ) { ___ if ( empty( $this->query_vars['ignore_default_types'] ) ) { 709 switch ( $type ) { ... 729 } ___ } else { ___ $comment_types[ $operator ][] = $wpdb->prepare( '%s', $type ); ___ } ... 735 } }}} An alternative might be to throw an exception when setting `comment_type` to one of the default values using `wp_new_comment`, `wp_insert_comment` and similar functions. (I feel since there is no way to retrieve a comment when the type is one of these ""reserved"" words with standard WP functions, comments should probably not be able to be saved with a ""reserved"" type using standard functions if `WP_Comment_Query` is not altered.) At the very least, the documentation for comment ""insert"" functions should mention that there are reserved keywords on `comment_type`, note what they are, and that if you use one of them you will need to use the `comments_clauses` filter to allow them to be retrieved." rogerlos 2 40076 Add Filter option Attached has-patch Media 4.7.3 normal normal Future Release enhancement new 2017-03-09T08:49:19Z 2021-06-21T15:17:11Z "In Media Library there should be ad additional filter ""Attached"" like ""Unattached"". This should give the opportunity to filter out exactly what we need to display rather than looking through ""Uploaded To"" column for its status." subrataemfluence 7 40079 Content of static pages does not show when you have a count_post in the theme Posts, Post Types 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-09T14:08:13Z 2017-03-09T14:14:38Z "in page.php when you have elsewhere: {{{#!php <?php $count_posts = wp_count_posts(); $posts = $count_posts->publish; $numberofcats = wp_count_terms('category'); echo ""<p><u>"".$posts."" articles in "".$numberofcats. "" categories:</u></p>""; ?> }}} then the content inside the loop of a static page will display the content of an article. well for me i fixed it with: {{{#!php <?php $count_posts = wp_count_posts(); $numberofcats = wp_count_terms('category'); echo ""<p><u>"".$count_posts->publish."" articles in "".$numberofcats. "" categories:</u></p>""; ?> }}} I am testing it on a custom theme but with plain code you will see this too. tested it on a plain installation with custom theme in page.php: {{{ <?php get_header(); ?> <h2>Categories:</h2> <?php $count_posts = wp_count_posts(); $posts = $count_posts->publish; $numberofcats = wp_count_terms('category'); echo ""<p><u>"".$posts."" articles in "".$numberofcats. "" categories:</u></p>""; ?> <?php if (have_posts()) : while (have_posts()) : the_post(); ?> <h2><a href=""<?php the_permalink() ?>""><?php the_title(); ?></a></h2> <div class=""entry""> <?php the_content(); ?> </div> <?php endwhile; endif; ?> <?php get_sidebar(); ?> <?php get_footer(); ?> }}} " devlink1337 40081 Remove wp-admin links from all Core emails Mail normal normal Awaiting Review defect (bug) new 2017-03-09T14:56:40Z 2017-03-09T18:32:07Z "SpamAssassin has an undocumented rule called `URI_WPADMIN`, which is triggered when it sees a wp-admin URL in a message. If the rule is triggered, the message's spam score is bumped by `2.6` points (by default), which gets the message `50%` of the way to being flagged as spam. This can be reproduced easily with [http://spamcheck.postmarkapp.com/ Postmark's spam-checker API]. SpamAssassin also has a `PHP_ORIG_SCRIPT` rule that is assigned to all messages that are sent with the default PHP `mail()` agent. It has a score of `1.5`, which brings the vast majority of Core emails sent by WordPress installations up to a score of `4.1`, which is `80%` of the way to being flagged. That's not counting any other rules that may be triggered based on message content, server configuration, etc. From a UX perspective, it's very helpful to include links in messages that take the user directly to any actions that we can reasonably assume they'll want to perform on a message. However, from a security perspective, I think the best practice is to not include those links, because doing so trains users to expect and trust them, which makes them vulnerable to phishing attacks. So, I think we should consider removing all links to wp-admin, and replace them with a message asking users to log in to their site instead. We can give them navigation breadcrumbs like, `To disable these notifications, log in to WordPress at example.org and navigate to: My Sites > Network Admin > Settings.` Related #39709" iandunn 3 40082 Pretty links for users when searching Canonical 4.7.3 normal normal Awaiting Review enhancement reopened 2017-03-09T15:12:23Z 2018-08-14T09:50:45Z "When using the site search, users are shown the ugly URL when taken to the results page: > example.com/?s=keyword It appears as though search results can have pretty URLs: > example.com/search/keyword Maybe show the pretty URL in the browser instead?" henry.wright 9 40088 Stop creating the `wp_links` database table close Database 3.5 normal normal Future Release defect (bug) new 2017-03-09T20:29:37Z 2022-08-10T19:19:35Z "In WordPress 3.5 (2012) the Links feature was disabled by default in new WordPress installations, and was hidden for old installations that had no links. See #21307. Every new WordPress site since then (including multisite) has continued to create an empty `wp_links` database table for a feature that was sunsetted 5 years ago." johnjamesjacoby 7 40090 Walker::display_element does not populate $args[0]->has_children when it is cast as an Object Menus 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-09T23:39:09Z 2017-03-10T00:38:08Z "When using the various hooks in {{{Walker_Nav_Menu}}}, the {{{$args}}} argument is expected to have a {{{has_children}}} object property. Walker::display_element only creates and populates this property if {{{$args[0]}}} exists and is an array. {{{#!php <?php //display this element $this->has_children = ! empty( $children_elements[ $id ] ); if ( isset( $args[0] ) && is_array( $args[0] ) ) { $args[0]['has_children'] = $this->has_children; // Back-compat. } }}} But {{{wp_nav_menu()}}} casts $args as an object ensuring that this assignment will always fail. = Suggested Fix = Add an additional check for object type and assign appropriately. {{{#!php <?php //display this element $this->has_children = ! empty( $children_elements[ $id ] ); if ( isset( $args[0] ) && is_array( $args[0] ) ) { $args[0]['has_children'] = $this->has_children; // Back-compat. } else if ( isset( $args[0] ) && is_object( $args[0] ) ) { $args[0]->has_children = $this->has_children; } }}} " JoelStransky 3 40098 Prevent same sidebar from outputting twice Widgets 4.8 normal normal Awaiting Review enhancement new 2017-03-10T17:25:25Z 2017-03-10T21:38:33Z "I ran across #23934 recently, and it occurred to me that if such a ticket was closed because you're not supposed to call the same sidebar for output twice, why don't we just prevent the same sidebar from outputting twice? Seems like an easy win, using code to effectively prevent officially discouraged theme behavior. Anyone have thoughts?" nathanrice 1 40108 Pagination Enhancement wp_link_pages() Themes normal normal Awaiting Review enhancement new 2017-03-11T01:39:00Z 2018-01-25T23:34:23Z " Current implementation of the function is not well suited for posts containing 10+ pages, this creates usability issues for desktop and especially mobile users. Most popular themes which rely on this built-in function are affected. Popular hosting providers such as Wordpress.com do not allow 3rd party plugins or any enhancements to work around this issue. '''Example:''' [[Image(http://i.imgur.com/yqLOfD0.jpg)]] '''Goal:''' Provide theme creators posibility to reduce the number of visible page links and enhance CSS theming by wrapping the current page in CSS selectable tag, allowing improved usability on mobile devices and reducing the reliance of wider community on 3rd party plugins or custom code. '''Solution:''' Accept additional 'mixed' value for the [next_or_number] parameter and create a helper parameter to control the max number of outputted page links. Wrap the current page in a <span> to allow CSS theming. The looks/functionality as per the screenshot above can be achieved with only ~20 additional lines of code (below) It accounts for any edge cases and ensures full backwards compatibility, however, additional testing is needed. '''Enhanced wp_link_pages Function:''' {{{#!php <?php function wp_link_pages( $args = '' ) { global $page, $numpages, $multipage, $more; $defaults = array( /** *Start of New code for making pagination into CSS friendly */ 'before' => '<p>' . __( 'Pages:' ), 'after' => '</p>', 'link_before' => '', 'link_after' => '', 'next_or_number' => 'number', // new param for controling max link number in 'mixed' mode 'navwidth' => '3', //number of links displayed before and after current page 'separator' => ' ', 'separator' => ' ', 'nextpagelink' => __( 'Next page' ), 'previouspagelink' => __( 'Previous page' ), 'pagelink' => '%', 'echo' => 1 ); $params = wp_parse_args( $args, $defaults ); /** * Filters the arguments used in retrieving page links for paginated posts. * * @since 3.0.0 * * @param array $params An array of arguments for page links for paginated posts. */ $r = apply_filters( 'wp_link_pages_args', $params ); $output = ''; if ( $multipage ) { if ( 'number' == $r['next_or_number'] ) { $output .= $r['before']; for ( $i = 1; $i <= $numpages; $i++ ) { $link = $r['link_before'] . str_replace( '%', $i, $r['pagelink'] ) . $r['link_after']; if ( $i != $page || ! $more && 1 == $page ) { $link = _wp_link_page( $i ) . $link . '</a>'; } /** * Filters the HTML output of individual page number links. * * @since 3.6.0 * * @param string $link The page number HTML output. * @param int $i Page number for paginated posts' page links. */ $link = apply_filters( 'wp_link_pages_link', $link, $i ); // Use the custom links separator beginning with the second link. $output .= ( 1 === $i ) ? ' ' : $r['separator']; $output .= $link; } $output .= $r['after']; } elseif ( $more ) { $output .= $r['before']; $prev = $page - 1; if ( $prev > 0 ) { $link = _wp_link_page( $prev ) . $r['link_before'] . $r['previouspagelink'] . $r['link_after'] . '</a>'; /** This filter is documented in wp-includes/post-template.php */ $output .= apply_filters( 'wp_link_pages_link', $link, $prev ); } /** *Start of New Code for 'mixed' navigation mode */ // Output number of links equal to $navwidth before current page if ( 'mixed' == $r['next_or_number'] ) { For ( $i = $page - $navwidth; $i < $page; $i++) { if ( $i > 0) { $link = _wp_link_page( $i ) . $r['link_before'] . str_replace( '%', $i, $r['pagelink'] ) . $r['link_after'] . '</a>'; $link = apply_filters( 'wp_link_pages_link', $link, $i ); // Use the custom links separator beginning with the second link. $output .= ( 1 === $i ) ? ' ' : $r['separator']; $output .= $link } } // Output current page within <span> tags for enhanced styling capability if ( $prev ) { $output .= $r['separator']; } $output .= $r['link_before'] . ('<span>') . str_replace( '%', $i, $r['pagelink'] ) . ('</span>') . $r['link_after']; // Output number of links equal to $navwidth after current page For ($i = $page + 1; $i <= $numpages; $i++) { $link = _wp_link_page( $i ) . $r['link_before'] . str_replace( '%', $i, $r['pagelink'] ) . $r['link_after'] . '</a>'; $link = apply_filters( 'wp_link_pages_link', $link, $i ); $output .= $r['separator'] . $link; } } /** *End of New Code for 'mixed' navigation mode */ $next = $page + 1; if ( $next <= $numpages ) { if ( $prev ) { $output .= $r['separator']; } $link = _wp_link_page( $next ) . $r['link_before'] . $r['nextpagelink'] . $r['link_after'] . '</a>'; /** This filter is documented in wp-includes/post-template.php */ $output .= apply_filters( 'wp_link_pages_link', $link, $next ); } $output .= $r['after']; } } /** * Filters the HTML output of page links for paginated posts. * * @since 3.6.0 * * @param string $output HTML output of paginated posts' page links. * @param array $args An array of arguments. */ $html = apply_filters( 'wp_link_pages', $output, $args ); if ( $r['echo'] ) { echo $html; } return $html; } }}} Let me know if I can further help to get this be pushed into the next release. Martin [https://martinshreder.com] " mshumacher 9 40115 Duplicate Custom Fields are created has-patch Options, Meta APIs 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-12T09:16:44Z 2017-03-15T09:25:56Z "Duplicate custom fields are created when populating multiple custom fields at once. Steps to reproduce: * Create a New Post * Add a custom field ""custom_1"" with a value ""test1"" * Add a custom field ""custom_2"" with a value ""test2"" * Save Draft ...you will now see the ""custom_2"" field repeated twice (both with a value of ""test2""), so ought to delete one." ChrisBAshton 40120 Media on mobile action links missable Media normal normal Awaiting Review enhancement new 2017-03-12T12:19:47Z 2017-03-16T19:45:14Z "The following is how on an iPhone 7 Plus the media interaction links look: [[Image(https://cldup.com/TLmN2U_8fW.PNG, 50%)]] They are smaller than the body text and also very missable at the bottom. Can we at least increase their size and see about moving to top?" karmatosed 1 40121 Media edit screen on mobile has visual issues Media normal normal Awaiting Review defect (bug) new 2017-03-12T12:23:38Z 2017-05-03T21:10:17Z "This screen unfortunately on an iPhone 7 Plus is pretty unusable. [[Image(https://cldup.com/ANkhsYmH_F.PNG, 50%)]] I would at the least suggest we don't have 2 panes and move the right below the left. Then we can iterate." karmatosed 8 40123 Improve media uploading flow Media normal normal Awaiting Review enhancement new 2017-03-12T12:30:16Z 2019-01-14T17:54:02Z "Currently once you upload an image it just leaves you back at screen. We should consider on success offering next steps. We could use this as a chance to add encouragement: [[Image(https://cldup.com/sS6jT02xtn.PNG, 50%)]]" karmatosed 6 40124 Media on uploading only gives me edit options Media normal normal Future Release enhancement new 2017-03-12T12:32:20Z 2023-09-05T15:07:41Z "This shows on mobile but is also desktop issue. [[Image(https://cldup.com/_ZB6QmO5gZ.PNG, 50%)]] Says 'edit' but doesn't give me option to view or delete." karmatosed 3 40126 Mobile has two media editing experiences Media normal normal Awaiting Review defect (bug) new 2017-03-12T12:38:39Z 2023-10-25T05:04:49Z "Seems like two editing experiences on mobile One: Upload an image, click edit once uploaded. See this in new tab: [[Image(https://cldup.com/TblPv9TBJT.PNG, 50%)]] Two: Click ending on existing image, don't get new tab and get double pane weirdness. See this: [[Image(https://cldup.com/eK7TcVfqi4.PNG, 50%)]] We should have one experience as it feels not sensible having two. " karmatosed 3 40127 On mobile media deleting message formatting issues Media normal normal Future Release defect (bug) new 2017-03-12T12:42:20Z 2023-09-05T15:21:34Z "Formatting leads to widow in delete media image on mobile. Seen tested on iPhone 7 plus. [[Image(https://cldup.com/91KH54-k3y.PNG, 50%)]]" karmatosed 2 40129 Media deleting selected on mobile does not work Media normal normal Awaiting Review defect (bug) new 2017-03-12T12:47:13Z 2017-03-16T19:42:35Z "Steps to reproduce: - Select a month in bulk select. - Click image. - Click delete selected. - It doesn't delete. [[Image(https://cldup.com/IHq3IPurbV.PNG, 50%)]] Discovered on iPhone 7 Plus." karmatosed 1 40134 Invalid data for scripts in footer Script Loader normal normal Awaiting Review defect (bug) new 2017-03-12T16:37:24Z 2017-03-12T16:37:24Z "During register scripts via wp_register_script in last param I can choose that script should be in footer. In function we see: {{{#!php <?php if ( $in_footer ) { $wp_scripts->add_data( $handle, 'group', 1 ); } }}} so footer scripts I should check use this code: {{{#!php <?php $wp_scripts = wp_scripts(); if ( $wp_scripts->get_data( $handle, 'group' ) ) { echo 'in footer'; } else { echo 'in header'; } }}} I check for this: admin-bar and I have false -> `in header`. We can see this code: {{{#!php <?php $scripts->add( 'admin-bar', ""/wp-includes/js/admin-bar$suffix.js"", array(), false, 1 ); }}} This should be in footer (and is, but I can't check it via my script). I think that this is bug." sebastian.pisula 40140 upload_url_path doesn't seem to make any effect Media 4.7.3 normal normal Awaiting Review feature request new 2017-03-13T06:53:00Z 2018-12-27T21:15:21Z "An site of mine had '''http://site.com/articlefiles/''' as the place to receive uploads, equally it was '''/site/root/articlefiles''' on the filesystem, instead of '''/site/root/wp-content/uploads'''. Now I migrated the site into a multisite installation as site 2 and uploads are going into /site/root/articlefiles/site/2/ and all previous uploads in old posts are linked as '''http://site.com/articlefiles/site/2/something.jpg''', causing broken images and links cause they originally don't have the ""site/2"" part. Editing the post, these links and images do not have the ""site/2"" part either. WordPress is rewriting the URL dynamically when reading the posts. I want to keep compatibility with '''http://site.com/articlefiles/''' and '''/site/root/articlefiles''' without the ""site/2"" part. I was expecting '''upload_url_path''' on options table to be the solution but it doesn't work. I put there '''http://site.com/articlefiles/'''. How can I keep URL and path compatibility when migrating a single site to a non-primary site of multi site installation ? Thank you in advance" avibrazil 1 40142 WP Remote Remaining Methods needs-unit-tests HTTP API 2.7 normal normal Awaiting Review enhancement new 2017-03-13T16:46:43Z 2023-04-19T19:43:33Z "While we have `wp_remote_post()` and `wp_remote_get` I would like to see helper functions for the remaining HTTP Methods. These can be very useful working with third-party APIs, and as the Rest API becomes more important. '''Requested Functions:''' `wp_remote_delete()` `wp_remote_put()` `wp_remote_trace()` `wp_remote_get_head()` `wp_remote_get_options()` `wp_remote_connect()` Further Reading: https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html" bhubbard 13 40143 Comment template functions don't check for comment existence needs-unit-tests Comments normal normal Future Release defect (bug) new 2017-03-13T16:59:35Z 2024-02-08T16:10:20Z "Discovered during debugging an issue with Circle Lite theme, which uses [https://themes.trac.wordpress.org/browser/circle-lite/1.0.9/comments.php?marks=55#L42 comment_text( true )] in `kopa_comment_callback()` function. That, while being an invalid usage (the function treats `true` as a comment ID), causes an inconsistent behaviour, depending on the existence of the comment: * If the comment with ID 1 exists, the function returns its text, as expected. That's obviously not what the author of the theme intended, but still the correct behaviour of the function. * If the comment with ID 1 does not exist, the function returns the text of the current comment in the loop instead of an empty string. What happens is `get_comment( $comment_ID )` returns null (as expected), but then null is passed to `get_comment_text()`, which treats it as the current comment. After investigating more, it looks like most of comment template functions are either affected in a similar way or cause an undefined property notice when passed a non-existing comment ID. Let's bring some consistency here." SergeyBiryukov 8 40146 Starter content can be silently published with other themes Customize 4.7 normal normal Future Release defect (bug) new 2017-03-13T18:07:33Z 2017-11-02T18:59:40Z "To replicate on a fresh install, open the Customizer with Twenty Seventeen active, preview a different theme, then ""Save & Activate"" the new theme. All of the Twenty Seventeen starter content will be published along with the new theme. The potentially confusing part of this behavior is that starter content might or might not have been in the preview, depending on the new theme. For example, in Twenty Eleven, some of the Twenty Seventeen starter widgets are visible in the preview, but the menu items aren't. I'm not quite sure what the preferred behavior would be in this scenario, assuming it's not the current behavior. The attached patch would have `WP_Customize_Manager::unsanitized_post_values()` skip any changeset values flagged as starter content when the current theme doesn't support it, but that might not be desirable." dlh 7 40149 WordPress password strength checking is improved, but the hint now doesn't help has-patch Users 4.7.3 normal normal Awaiting Review enhancement new 2017-03-14T00:37:07Z 2017-09-27T01:34:33Z "WordPress 4.7 has vastly improved password strength checking. This is great. However, the password hint function wp_get_password_hint() provides information that's essentially contradicting the approach that the password checker uses. Mind that the check tool now used (built by someone at Dropbox) takes into account that (for instance) random word phrases are easy to remember as well as difficult to crack, while using upper/lowercase and letter->digit substitution are easy to crack while being more of a hassle to remember. Ref also the famous XKCD cartoon on this topic: https://xkcd.com/936/ What does the WP Core default string read? {{{ 'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! "" ? $ % ^ & ).' }}} Yes we can override this using the 'password_hint' filter, however I think it'd be great to provide a better base text for default installs. Proposed new text: {{{ 'Hint: longer is stronger (at least 12 characters), and consider using a sequence of random words (ideally non-English).' }}} " arjenlentz 1 40150 VARCHAR/TEXT inefficiencies Database 4.7.3 normal normal Awaiting Review enhancement new 2017-03-14T00:45:10Z 2017-03-14T00:45:10Z "From conversation with Matty Cohen, a selection of structural improvement suggestions, for performance and future-proofing. Note that these aspects have recently been applied to WooCommerce already, resulting in a much optimised/modernised default table structure. Current some of the TEXT and VARCHAR use in WP Core appear to be based on old information - that is, restrictions and behaviour from MySQL versions long ago. This has consequences for performance. First, VARCHAR. In MySQL 4.0, VARCHAR used to be restricted to 255 max. In MySQL 4.1 character sets such as UTF8 were introduced and MySQL 5.1 supports VARCHARs up to 64K-1 in byte length. Thus, any occurrence of VARCHAR(255) indicates some old style logic that needs to be reviewed. Why not just set the maximum length possible? Well... A VARCHAR is subject to the character set it's in, for UTF8 this means either 3 or 4 (utf8mb4) bytes per character can be used. So if one specifies VARCHAR(50) CHARSET utf8mb4, the actual byte length of the stored string can be up to 200 bytes. In stored row format, MySQL uses 1 byte for VARCHAR length when possible (depending on the column definition), and up to 2 bytes if necessary. So, specifying VARCHAR(255) unnecessarily means that the server has to use a 2 byte length in the stored row. This may be viewed as nitpicking in the margin, however storage efficiency affects the number of rows that can fit on a data page and thus the amount of I/O required to manage a certain amount of rows. It all adds up, so having little unnecessary inefficiencies will cost - particularly for larger sites. Best practice is to set VARCHAR to the maximum necessary, not the maximum possible - otherwise, as per the above, the maximum possible is about 16000 for utf8mb4, not 255 - and nobody would propose setting it to 16000, would they? But it's not much different, in stored row space a VARCHAR(255) requires a 2 byte length indicator just like VARCHAR(16000) would. So please review VARCHAR columns and set their definition to the maximum actually necessary, this is very unlikely to come out as 255. If 255, why not 300? Or rather 200? Or 60? Setting a proper number indicates that thought and data analysis has gone into the design. 255 looks sloppy. On to TEXT. TEXT (and LONGTEXT) columns are handled different in MySQL/MariaDB. First, a recap of some facts related to TEXT columns. The db server often needs to create a temporary table while processing a query. MEMORY tables cannot contain TEXT type columns, thus the temporary table created will be a disk-based one. Admittedly this will likely remain in the disk cache and never actually touch a disk, however it goes through file I/O functions and thus causes overhead - unnecessarily. Queries will be slower. InnoDB can store a TEXT column on a separate page, and only retrieve it when necessary (this also means that using SELECT * is needlessly inefficient - it's almost always better to specify only the columns that are required - this also makes code maintenance easier). A TEXT column can contain up to 64k-1 in byte length (4G for LONGTEXT). So essentially a TEXT column can store the same amount of data as a VARCHAR column (since MySQL 5.0), and we know that VARCHAR offers us benefits in terms of server behaviour. Thus, any instance of TEXT should be carefully reviewed and generally the outcome is to change to an appropriate VARCHAR. Using LONGTEXT is ok, if necessary. If the amount of data is not going to exceed say 16KB character length, using LONGTEXT is not warranted and again VARCHAR (not TEXT) is the most suitable column type. Applications don't need to care, so the db definition can be altered without any application impact. Summary: Particularly when combined with the best practice of not using SELECT *, using appropriately defined VARCHAR columns (rather than VARCHAR(255) or TEXT) can have a measurable and even significant performance impact on application environments. It is a worthwhile effort." arjenlentz 40153 Filter for wp_safe_remote_get in download_url has-patch General 4.8 normal normal Awaiting Review enhancement new 2017-03-14T11:51:03Z 2019-08-19T09:54:02Z I had to deal with images on a server that has basic authentication active. There is no filter in ''download_url'' that would give me the chance to add the header authentication that I needed in this case. realloc 1 40156 Warning for invalid hook callback is not very useful Plugins 0.71 normal normal Awaiting Review enhancement new 2017-03-14T23:07:39Z 2017-03-15T08:38:54Z "If you add a hook with an uncallable callback, an error like `Warning: call_user_func_array() expects parameter 1 to be a valid callback, function 'not_a_function' not found or invalid function name in` is shown. This is technically correct, but not useful. When I say useful, I don't think it is useful to the following user profiles: 1) Non-technical user seeing errors. A non-developer might no what a WordPress hook is, but not how it works internally. Therefore they are not likely to understand this error is related to a hook. They are not given good information, and might be missing a clue as to who to ask for support (plugin or theme developer, host, etc.) 2) New developer. A developer new to WordPress might not understand yet what a hook is or that a missing callback generates this type of error. A more clear error will help guide their googling for the error and/ or help them find the issue in the code. 3) Experienced WordPress developer. When I see this error, I assume there is a non-callabale hook callback. But `call_user_func()` has other uses so it might be misleading to me. I think it would be way more helpful if the error triggered was something like `Hook $hook_name could not call $callback` or `The callback function $hook, registered for $hook_name is not callabale` " Shelob9 2 40158 Plupload bug with Firefox and Mac OS where the user can't select .jpeg files azaozz External Libraries normal normal Future Release defect (bug) reviewing 2017-03-15T10:32:54Z 2017-09-01T12:13:28Z "NOTE: Core currently uses Plupload version 2.1.8, this bug is solved in version 2.2.1 + (latest stable is 2.3.1). '''The bug''' If plupload is limited to jpg/jpeg images and a user using FireFox and Mac OS tries to select images, all the .jpeg images are grayed out and not selectable, a user can select .jpg files but not .jpeg ones. '''Bug Example''' (You need to be running FireFox on Mac OS to recreate) http://jsfiddle.net/sr8jarsc/1/ '''Solution''' Update the Plupload version to 2.2.1 or greater Example: http://jsfiddle.net/mr31zw6L/1/" stiofansisland 16 40161 Wrong documented or coded 'schedule_event' filter Cron API low normal Future Release enhancement reopened 2017-03-15T12:39:06Z 2019-01-08T03:28:43Z "https://core.trac.wordpress.org/browser/trunk/src/wp-includes/cron.php#L41 says that $event parameter should always be an object. But the following code allows to terminate script only when passing ""false"" values to filter ("""", array(), null, 0 or false), whereas checking false as object will produce error. The documentation should be changed to force check isset( $event->hook ) when using this filter, otherwise the filter should be changed to something like this {{{#!php <?php $event = apply_filters( 'schedule_event', $event->hook, $event ); if ( ! $event->hook ) return false; }}} " esemlabel 7 40164 Apace HTTP 414 error on deleting comments in bulk has-patch Comments 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-15T15:41:13Z 2017-03-15T21:23:12Z "Bit of an edge case, but I just had to delete 3000 comments from a WP site I took on and I was doing them in 200's (so not to over run the server and so I can check for any legitimate comments). Doing this, the first 200 comments were ""spanmmed"" fine, but then you do the next 200, it generates a 414 error as the url becomes something like: {{{ /wp-admin/edit-comments.php?s=&comment_status=moderated&pagegen_timestamp=2017-03-15+15%3A31%3A06&_total=200&_per_page=200&_page=1&paged=1&_ajax_fetch_list_nonce=ef4afc8347&_wp_http_referer=%2Fnew-site%2Fwp-admin%2Fedit-comments.php%3Fcomment_status%3Dmoderated%26paged%3D1%26spammed%3D200%26ids%3D814%2C365%2C2177%2C813%2C2021%2C812&_wpnonce=461233332d&_wp_http_referer=%2Fnew-site%2Fwp-admin%2Fedit-comments.php%3Fcomment_status%3Dmoderated%26paged%3D1%26spammed%3D200%26ids%3D814%2C365%2C2177%2C813 }}} Basically for every process it duplicates the url and if you have 100+ ID's in each request, it passes a really long url string 1) Is there a reason why all the comment ID's are passed to the url? 2) Can this be amended so in edge cases, so the 414 error isn't generated as it can and will frustrate some people." garethgillman 1 40166 query_vars bug sets is_home to false. Query 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-15T18:36:27Z 2019-05-20T09:17:12Z "Hi @boonebgorges, in reference to an older ticket - #25143 following is the issue i am facing. Similar to the other ticket, when registering a query variable as follows: {{{#!php <?php function wppbi_register_query_vars($vars){ $vars[] = get_option('wppbi_file_url_parameter'); return $vars; } add_filter('query_vars', 'wppbi_register_query_vars'); }}} the is_home variable is set to false when visitng the homepage as such http://yoursite.com/?foo=1 while http://yoursite.com/ works perfectly. Any solutions are appreciated." avengers 2 40171 Object Cache Should Support Namespaces General 4.2 normal normal Awaiting Review enhancement new 2017-03-16T12:56:05Z 2017-03-16T16:05:52Z "Currently if any code (particularly a plugin) needs to delete many different cache keys, the default solution is to call wp_cache_flush(). However, this flushes the global cache which may cause serious performance issues on a live site since it affects all cached data. Furthermore is it probably an extremely rare case that all cached data needs to be purged rather than a subset. Solution Summary: Support namespaces on wp cache calls so that it is possible to kill ranges of cache keys without flushing the entire cache. Design: 1. Cache functions have an optional parameter added to specify cache namespace. The default namespace will resolve to the global cache. 2. An int value is tracked for each namespace. The current int values for each namespace can be stored in the object cache. 3. When a caller performs a get/set the current int value for the specified namespace is obtained and the namespace + int value is prepended to the key provided by the caller. 4. When all cache keys within a namespace need to be cleared, the int value for that namespace is incremented, and all subsequent get/sets will begin using new keys. Memcache will eventually purge the old data. This adds the slight overhead of maintaining the int values for each namespace but allows selectively killing/invalidating cache keys without flushing the entire cache. If necessary namespace values can be statically cached to avoid getting the same namespace value from memcache several times." brandonliles 3 40175 Upload Validation / MIME Handling early Media 4.7.3 high major Future Release defect (bug) assigned 2017-03-16T21:37:10Z 2023-10-30T16:13:26Z "A security fix implemented in WordPress `4.7.1` relies on a PHP extension (`fileinfo`) with inconsistent reporting behavior. As a result, many users (even after #39550) trying to upload various types of files (office documents, multimedia, fonts, etc.) have received validation errors. In a nutshell, this is because the media types returned by `fileinfo` vary from server to server and file to file. If PHP returns a media type beginning `application/*`, that media type must be whitelisted or the result will fail. Because most incorrect/historical answers from `fileinfo` begin `application/*`, this is resulting in a large number of false-positives. There are three main ways to address this, with a combination approach being preferred: '''1)''' The conditional in `wp_check_filetype_and_ext` could be restricted so that rather than searching `application/*` broadly, it looks only at the narrow file types at the heart of the original security issue. '''This option requires review from the Security Team.''' '''2)''' The WordPress Core could be extended to provide ""MIME alias"" awareness. This would allow WordPress to properly match a given extension/MIME pairing even in cases where the MIME type is historically valid, but not the singular type in the whitelist. See #39963 for related information. '''3)''' WP could be extended to maintain its own `mime.types` file, which can be passed to `fileinfo`, providing more consistent responses. '''This option requires the MIME alias handling to avoid breaking sites or plugins which hook into `upload_mimes`.''' '''Duplicate/related tickets are being collapsed into this thread. Please continue all related discussion here.'''" blobfolio 82 40176 Filter user_trailingslashit called with inconsistent $type_of_string for Post-Tags dev-feedback Permalinks 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-16T22:32:05Z 2021-06-07T10:00:27Z "It seems to be a general inconsistency issue with the handling of post-tags in combination with the user_trailingslashit function/filter. Assumption: `$type_of_string` should be consitent and of type **tag** or **post_tag** == Testcase == Permalink Structure with Trailing-Slash: {{{ /%year%/%monthnum%/%day%/%postname%/ }}} === Testcode to produce debug output === {{{#!php // disable canoncial redirects add_action('redirect_canonical', '__return_false'); // show all events with tag/ urls add_filter('user_trailingslashit', function($string, $type_of_url){ if (strpos($string, 'tag/') !== false){ echo 'Tag Link: ', $string, ' of type ', $type_of_url, PHP_EOL; } }, 100, 2); }}} == Expected behaviour == Outputs like **Tag Link: /tag/mytag1/ of type post_tag** everytimes the url is of type **Tag** == Current behaviour == On Post Pages: **Tag Link: /tag/mytag1/ of type category** for related post-tag links On Canoncial Redirects: **Tag Link: /tag/mytag1/ of type category** AND **Tag Link: /tag/mytag1/ of type** (not set!) == Identified Issues == **wp-includes/canoncial.php** line 425 its not checked if current page if of type **tag** {{{#!php foreach ( array('single', 'category', 'page', 'day', 'month', 'year', 'home') as $type ) { }}} **wp-includes/taxonomy.php** line 3882 the `$type_of_string` variable is set to **category** by default instead of `$taxonomy` {{{#!php $termlink = home_url( user_trailingslashit($termlink, 'category') ); }}} " Andi Dittrich 40178 Menus that contain post types in Draft status should be hidden from logged out users dev-feedback General 4.7.3 normal normal Awaiting Review enhancement new 2017-03-16T23:39:44Z 2017-03-19T19:48:41Z "I recently added 2 pages to my site. I published them, and moved them into a Menu on my site. Then realized, I don't want them public, but I also don't want to lose their positioning where I put them in the menu. I moved them to draft. When I go to my site logged out, I still see the links and goes to a 404. I'm proposing that when an item in the Menu moves to a non-published state that isn't the Trash (Draft or Pending), it should remain in the nav, but be hidden from any logged out users." jdingman 3 40180 Introduce `get_site_by()` function for multisite flixos90 has-patch Networks and Sites normal normal Future Release enhancement assigned 2017-03-17T10:54:31Z 2019-10-10T23:25:35Z "As @stephdau mentioned on #40064, the new `get_site()` function from 4.6 is not a direct replacement for `get_blog_details()` which we are planning to deprecate. Therefore I think it makes sense to introduce a function `get_site_by()` that is basically a wrapper for a `WP_Site_Query` (with `LIMIT 1`), and then runs `array_shift()` to only return the first result. This function would then become the direct replacement that people who previously relied on `get_blog_details()` with something other than an ID could use. Parameter-wise, we should probably adjust it a little bit to match things like `get_term_by()`, which also makes the way that function works more explicit." flixos90 38 40183 Customizer strange slide out Customize 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-17T12:23:52Z 2021-05-29T17:18:28Z Don't know how to say it right what it looks like. Strange customizer behaviour when selecting text input or when clicking anywhere and dragging to the right. halftones 3 40191 Multiline post content with `<` as first character becomes malformed Formatting normal normal Awaiting Review defect (bug) new 2017-03-17T18:44:07Z 2018-03-02T07:58:24Z "Create a page/post with the following content: {{{ < Hello < Hello < Hello }}} View the post, and `post_content` becomes: {{{ < Hello < Hello < Hello }}}" johnjamesjacoby 2 40195 No provision to set paths for sftp (ssh2) Filesystem API 4.7.2 normal normal Awaiting Review defect (bug) new 2017-03-18T13:36:00Z 2017-03-18T13:36:00Z "I have a server which has different paths for the web server verses when accessed via sftp and consequently updates fail with ""Unable to locate WordPress content directory (wp-content)."" According to this page [https://codex.wordpress.org/Editing%20wp-config.php#Enabling_SSH_Upgrade_Access] there are 3 options for this exact purpose: FTP_BASE, FTP_CONTENT_DIR, FTP_PLUGIN_DIR. Setting these has no affect. This is confirmed by turning on debug and the following error is generated: ""Installation failed: Looking for /usr/local/www/+++++/www/wp-content/plugins in /"" The ""wp-admin/includes/class-wp-filesystem-base.php"" file reveals the find_folder function only processes the overrides for ftp services. {{{ public function find_folder( $folder ) { if ( isset( $this->cache[ $folder ] ) ) return $this->cache[ $folder ]; if ( stripos($this->method, 'ftp') !== false ) { $constant_overrides = array( 'FTP_BASE' => ABSPATH, 'FTP_CONTENT_DIR' => WP_CONTENT_DIR, 'FTP_PLUGIN_DIR' => WP_PLUGIN_DIR, 'FTP_LANG_DIR' => WP_LANG_DIR ); }}} Seems to be a strange requirement on the ssh2 method that the paths must align exactly with the web server so I consider this a bug. Others may consider it an enhancement in which case it would be a good idea if the codex entry made it clear only ftp access methods support configurable paths (ssh must align with the webserver)." fsrs 40197 meta cap 'publish_post' is not being used johnbillion has-patch Role/Capability 3.5 normal normal Awaiting Review defect (bug) reviewing 2017-03-18T14:48:43Z 2021-01-13T22:02:58Z #21288 adds ''publish_post'' to meta cap but it is not being called anywhere. I tried to log it using ''map_meta_cap'' at the post edit page. There is only ''publish_posts'' called but not ''publish_post'' panjmp 7 40199 Customize: collapse suggested and previously uploaded header images with accordions close Customize 3.9 normal normal Future Release defect (bug) new 2017-03-18T22:23:12Z 2019-12-02T17:59:49Z "The custom header image control takes up quite a lot of space, which is why header videos are, somewhat confusingly, placed before the image control. We could improve this by collapsing the suggested and previously-uploaded images by default, making the headers/labels expandable/collapsable. That would allow larger image collections here without taking up too much space. Alternatively, other ways to show these collections should be considered, such as in the media modal. Eventually, we'll want this UI pattern to be able to expand to be used in other media controls." celloexpressions 22 40200 Introduce WP_Customize_Embed_Control Customize 4.7 normal normal Future Release enhancement new 2017-03-18T22:28:29Z 2018-07-08T17:36:03Z Similar to the previously-introduced `WP_Customize_Media_Control`, `WP_Customize_Embed_Control` would offer a UI framework for options that store media information. For this control, associated settings would always store the embed URL, whereas the media control stores an associated local attachment ID. This control would be used to add and manage options that use externally-hosted media via oembed. The initial core usage would be for the external header video control, and this would facilitate showing the embed within the customize pane so that you can directly see what the embed is in the pane, similarly to how the media controls show small previews in the pane to complement the full previews in the customize preview. celloexpressions 4 40202 wpautop bad code Formatting 4.7.3 normal normal Future Release defect (bug) new 2017-03-19T09:02:06Z 2020-05-21T05:41:09Z "post content {{{ <a href=""document.htm""><div>Text</div></a> }}} generated markup - note wrong HTML {{{ <p><a href=""document.htm""></p> <div>Text</div> <p></a></p> }}} related: #40135 " jim5471 2 40206 wp_insert_term() $slug_provided check fails has-patch Taxonomy 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-20T11:56:26Z 2023-05-22T17:40:32Z "Imagine 2 city terms with same name, whereas state is stored inside its term_meta. ""Washington, Connecticut"" ""Washington, Georgia"" So you have 2 identical names, but technically different terms with appropriate content. If one of this city is already saved with slug ""washington-2"", than you will not able to save the second without manually set slug value to ""washington"". The problem is in wp_insert_term() func. https://core.trac.wordpress.org/browser/trunk/src/wp-includes/taxonomy.php#L2018 {{{#!php <?php if ( $name_match ) { $slug_match = get_term_by( 'slug', $slug, $taxonomy ); if ( ! $slug_provided || $name_match->slug === $slug || $slug_match ) { // return new WP_Error } } }}} As result, $name_match->slug !== $slug && ! $slug_match, but $slug_provided weren't provided, so it return WP_Error, instead of save new term ""Washington"" with slug ""washington"". I think the last 2 of 3 checks is enough and '''! $slug_provided''' shouldn't exits here. " esemlabel 5 40214 Some WP instances prematurelly try to do capability tests, before the user object is loaded Role/Capability 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-21T08:22:29Z 2017-03-21T08:22:29Z "What happens is that an empty deserialized stdObject is passed (probably too early) to the WP_user object and the _wp_get_current_user function mistakenly presumes the WP_user object to be properly initialized, thus it prevents the administrators (in fact anyone from doing anything that need capability checking) from accesing the protected page. A quick fix for the solution was this: users.php 2487 changed from: if ( ! empty( $current_user )) { changed to: if ( ! empty( $current_user ) && isset($current_user->data->id)) { This is a strange bug... it didn't effect my staging boxes running on 7.0.8 but it did effect all my boxes running 7.0.15+ It seems to me very unbeliavable that such little change can do harm, but I can reproduce it everytime I try to move the project to a box. Sorry I'm not a WP boy but do move sites requllary and I haven't experienced such behavior with 4.6 or earlier." dffnbfee 40218 Button and select box alignment issue in page view Administration normal normal Future Release defect (bug) new 2017-03-21T12:33:37Z 2024-02-24T23:43:41Z "Hi, Button and select box are not aligned in the page view. I have attached screenshot for more information. Thanks" sagarprajapati 13 40221 switch_theme action + Live Preview = confusion Themes 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-21T17:09:49Z 2019-03-13T04:04:10Z "The switch_theme function has inside a hook named the same: switch_theme, it is used for theme deactivation actions, but the problem is that after you activate the theme via Live Preview - this action is executed, so can create confusion. (switch_theme hook is for theme deactivation functions - https://codex.wordpress.org/Plugin_API/Action_Reference/switch_theme) When we activate a theme (not via Live Preview) - then this hook is executed together with old theme, not with new theme, but when we have a Live Preview with a new theme, then this hook will be used with the theme that is inside the Live Preview, with it's files. That's why this hook is called incorrectly. So if this is not by design and it is a bug then the fix would be to skip this hook after a theme activation via Live Preview. " alexvorn2 2 40223 Allow arrow key navigation in (all?) modals Administration 4.8 normal normal Awaiting Review enhancement new 2017-03-21T19:37:46Z 2024-02-26T12:20:19Z "Would be nice, if we could use arrow keys to navigate trough details of plugins, themes, etc inside modal on install, update and list screens. [[Image(http://i.imgur.com/hxBL2sM.png)]]" marsjaninzmarsa 1 40228 Use get_sites in get_blog_details spacedmonkey has-patch Networks and Sites normal normal Future Release enhancement assigned 2017-03-22T05:35:18Z 2023-05-26T11:22:38Z "Currently get_blog_details performs raw sql queries to get data out of the blogs tables. This data is then cached. However how the caching is done in the function is horrible. It generates three different caches that store the whole wp_site object in cache. {{{#!php wp_cache_delete( $blog_id , 'blog-details' ); wp_cache_delete( $blog_id . 'short' , 'blog-details' ); wp_cache_delete( $domain_path_key, 'blog-lookup' ); }}} This function should be refactor to use get_sites and relay on the caching built into wp_site_query " spacedmonkey 55 40232 Could is_tax check through queried_terms instead of queried_object? Taxonomy 4.7.3 normal normal Awaiting Review feature request new 2017-03-22T09:21:17Z 2017-03-22T09:21:17Z "is_tax('tax2') returns false when tax2 is one of the taxonomies on http://somesite.com/?tax1=abc&tax2=xyz, as the queried_object is tax1. Would it be possible for is_tax to check through queried_terms instead of queried_object, so that is_tax('tax1') and is_tax('tax2') would both return true?" yeetien 40237 Educate users about modern password best-practices Security normal normal Awaiting Review enhancement new 2017-03-22T17:00:51Z 2022-06-06T10:10:15Z "We've done several things over the past few years to encourage users to use stronger passwords, but we've never tried to educate them about ''why'' it's important. It's obvious to most of us, but I think it's common for the average user to think things like, ""Why would anybody want to hack into this small site I created for a non-profit?"" If someone doesn't understand ''why'' having a strong password is important, they're not going to be motivated to take any steps in that direction, and they may respond to any attempts to push them in that direction by adopting insecure workarounds to avoid it, like post-it notes stuck to their monitor with the password they reuse on all sites. It seems like educating users about the risks of weak passwords, and easy ways to follow modern best practices, could be very effective. My first thought would be something like this: 1. When a user is manually entering a password, if `zxcvbn` detects a low entropy score, then they're shown a message saying something like, `That password won't protect your account from hackers. Automated bots attempt to gain access to all accounts on the Web 24/7, no matter how small. Don't worry, though, there's an easy way to use very strong passwords, and you'll never have to type or remember them. Learn more.` 1. Clicking on `Learn more` would reveal a modal with a brief explanation of how to use password managers, with a link to a longer article (maybe [https://en.support.wordpress.com/selecting-a-strong-password/ similar to WordPress.com's], but more .org-specific). 1. The modal would also have a video embedded, since many people are more willing to watch a video than read a long article. We could put the video on WordPress.tv and subtitle it in all of the locales. That's just one idea though, does anybody have any others?" iandunn 9 40241 Showing wrong Core current version on the update page. has-patch Upgrade/Install 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-23T15:47:43Z 2023-12-06T20:43:34Z "I am using development version '''4.8-alpha-40312''' but in the update page it shows stable version. '''4.7.3''' ''If you need to re-install version 4.7.3, you can do so here:'' I checked in the '''wp-admin/update-core.php''' and found this {{{#!php <?php foreach ( (array) $updates as $update ) { echo '<li>'; list_core_update( $update ); echo '</li>'; } }}} This line '''$updates''' should be '''$updates[0]''' to get latest version on wordpress. {{{ array ( 0 => stdClass::__set_state(array( 'response' => 'development', 'download' => 'https://wordpress.org/nightly-builds/wordpress-latest.zip', 'locale' => 'en_US', 'packages' => stdClass::__set_state(array( 'full' => 'https://wordpress.org/nightly-builds/wordpress-latest.zip', 'no_content' => false, 'new_bundled' => false, 'partial' => false, 'rollback' => false, )), 'current' => '4.8-alpha-40312', 'version' => '4.8-alpha-40312', 'php_version' => '5.2.4', 'mysql_version' => '5.0', 'new_bundled' => '4.7', 'partial_version' => '', 'dismissed' => false, )), 1 => stdClass::__set_state(array( 'response' => 'latest', 'download' => 'https://downloads.wordpress.org/release/wordpress-4.7.3.zip', 'locale' => 'en_US', 'packages' => stdClass::__set_state(array( 'full' => 'https://downloads.wordpress.org/release/wordpress-4.7.3.zip', 'no_content' => 'https://downloads.wordpress.org/release/wordpress-4.7.3-no-content.zip', 'new_bundled' => 'https://downloads.wordpress.org/release/wordpress-4.7.3-new-bundled.zip', 'partial' => false, 'rollback' => false, )), 'current' => '4.7.3', 'version' => '4.7.3', 'php_version' => '5.2.4', 'mysql_version' => '5.0', 'new_bundled' => '4.7', 'partial_version' => '', 'dismissed' => false, )), ) }}} " thamaraiselvam 6 40243 Allow Manual Hue input for the HSL Color Picker Customize 4.7 normal normal Future Release enhancement new 2017-03-23T17:58:50Z 2021-05-29T17:23:19Z "The new HSL mode for the color picker is insanely useful! However, if someone has certain brand colors that they wish to incorporate, it might be helpful to allow a specific hue input via an integer value that will allow accurate matching. Right now, with the hue slider, it's anyone's best guess if they near their brand colors." calvinkoepke 2 40249 period as last character in username breaks activation link Login and Registration 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-24T10:38:43Z 2017-03-24T10:40:31Z "Many browsers and mail clients are converting text-URLs to clickable links. If a user chooses an username with a period at the end, the activation link in the mail could be incorrect, because the mail client thinks, the period is a punctuation character. See this (non-working) URL for an example: https://www.domain.de/wp-login.php?action=rp&key=XXXXXX&user=ballspieler96. The period at the end is part of the username but not part of the URL. Fix: Don't use the username as last parameter. Instead use a defined parameter, which won't have periods as value (i.e. 2action"" or ""key"")" ilikewordpress 40250 When cropping a image right after scaling, the crop selection will show incorrect dimensions adamsilverstein Media 4.7.3 normal normal Future Release defect (bug) reviewing 2017-03-24T11:04:59Z 2021-01-28T19:53:54Z "Steps to reproduce: - Upload any image to the media library. - Press ""Edit Image"" on the uploaded image. - Scale the image up or down by any dimension. - Try to crop the image afterwards with the drag selection on the image. On the screenshot provided you will notice the crop dimensions are actually larger then the image size. The bug only seems to appear when the page is not being refreshed, indicating the correct values are probably not being passed to the javascript handling the cropping after a scaling operation. [[Image(source:http://imgur.com/fEj6uDP)]] (Screenshot: http://imgur.com/fEj6uDP) " level level 1 40252 Redirection during activation Plugins normal normal Future Release defect (bug) new 2017-03-24T19:33:28Z 2024-02-29T10:56:50Z "for example, i select several plugins (which are deactivated) at once and click BULK ACTIVATE... if any of plugin has custom filter `add_action( 'activated_plugin', ...` (inside where it redirect to plugins settings page after activation), then those plugins are not activated in bulk, instead while that plugin's turn comes, it is activated and the page is redirected to that plugin's url.. i think there is no easy solution... you should create a new hook, that will be named i.e. `redirect_to_after_activation` which will be solely dedicated and used for redirection, while that plugin is activated individually. " tazotodua 3 40255 Parameter to Enable/Disable Trash on register_post_type(); Posts, Post Types 4.7.3 normal normal Awaiting Review feature request new 2017-03-24T21:39:36Z 2017-03-24T21:39:36Z "It would be nice to have the ability to toggle on/off the ""trash"" feature on specific Post Types. I figured, for extreme simplicity; A parameter could be specified during Post Type registration. Or perhaps factored into the ""supports"" parameter (similarly to revisions) Thoughts?" michael.ecklund 40265 Introduce an 'All Network Users' view to multisite user list tables has-patch Users 3.0 normal normal Future Release enhancement new 2017-03-25T18:58:34Z 2020-10-15T16:38:30Z "Bulk managing users on WordPress multisite is not an easy process. As part of a push to improve the ability of network administrators to bulk add users to sites, I'm proposing the introduction of an `All Network Users` view when viewing the `Users` screen for an individual site on Multisite, and on the `Users` tab when editing a site from the network admin screen. The benefit this provides is that a network administrator can quickly add users to a site in bulk; something that's not currently possible without the aid of a bulk user management plugin or WP-CLI." johnbillion 20 40272 Customize: Account for media queries in l10n.css Customize normal normal Future Release defect (bug) new 2017-03-27T07:48:03Z 2017-10-03T17:00:48Z "Noticed while working on #40271 / #40152. `wp-admin/css/l10n.css` contains some locale-specific CSS adjustments, some of them for the customizer. For example: {{{ .locale-de-de #customize-header-actions .button { padding: 0 5px 1px; /* default 0 10px 1px */ } }}} Now, that default is correct — as long as you are not using the Customizer on a smaller device. There, the default padding is `6px 14px`, not `0 10px 1px`. On an iPhone 6, that de_DE specific CSS looks like this: [[Image(https://cldup.com/8Zl2SQwmIT.png)]] As you can see, there's a clear lack of top and bottom padding." swissspidy 3 40276 enhancement: add a $type parameter to wp_add_inline_script() Script Loader 4.7.3 normal normal Awaiting Review enhancement new 2017-03-27T16:45:16Z 2021-11-08T02:56:24Z "It would be helpful to add a $type parameter to wp_add_inline_script(). Currently, it can only output scripts of type text/javascript. If you want something of another type, you need to either use the script_loader_tag filter (which gets run for every script), or manually add the script using a wp_head action. This will require changing several functions: * wp_add_inline_script() * WP_Scripts::add_inline_script() * WP_Scripts::do_item() * WP_Dependencies::add_data() * _WP_Dependency::add_data() Along with the data structure (array) used by add_data." paulschreiber 3 40278 Customizer: Introduce theme uploading Customize 4.9 normal normal Future Release task (blessed) new 2017-03-27T18:12:04Z 2020-11-22T16:01:06Z "This is an offshoot of #37661. Please note: this ticket only addresses uploading themes to the Customizer. It does not touch on browsing and discovering new themes. Theme switching in the Customizer was introduced in 4.2. Within the Customizer, you can preview any theme you currently have installed on your site. This feature would allow you to upload new themes directly from the Customizer, so you can preview them immediately without having to jump back into your themes admin screen. Additionally, this introduces a new header for the Themes section, which was initially mocked up in #21666. This header will hopefully clarify some of the confusion between going in and out of the Themes section, by adapting the back arrow the other Customizer panels use. See mockups for specific details and interactions." melchoyce 22 40280 Short-circuit filters can't return common values has-patch General 4.8 normal normal Awaiting Review enhancement new 2017-03-27T19:09:10Z 2017-12-08T21:47:40Z "#37930 contemplates adding another short-circuit filter, `pre_option`. This follows a pattern that is already duplicated several times and even somewhat fragmented in its implementations. The short-circuit filter pattern has this problem: the return value is overloaded. Its meaning is either ""nothing changed"" or ""this is the new value"" and there are collisions between these meanings in cases where you might want to short-circuit-return `false` or `null`, depending on which short-circuit filter is being used. One proposed improvement is to use only `null` as the value meaning ""nothing changed"", as this is less likely than `false` is to be a value in any short-circuit situation. The pattern using `null` can be formalized in a new function that does not overload the return value. This is accomplished by returning multiple values, which we can do in PHP by reference passing. A simple implementation using `null` and a usage example: {{{ function apply_filters_pre( $filter, &$value ) { $value = apply_filters( $filter, null ); return !is_null( $value ); } if ( apply_filters_pre( 'get_option_pre', $value ) ) { return $value; } }}} (Other proposed function names include `if_apply_filters` and `apply_filters_short_circuit`.) This centralizes the pattern and its documentation to a single core function, encapsulates the overloaded parameter as an implementation detail, and simplifies every existing and future call site. The diff would be net red. However, we are still unable to return `null` from a short-circuit position, which becomes a plausible use case if we enshrine this pattern in a core function. The collision space can be minimized by using a special type used nowhere else: {{{ class WP_Unfiltered_Value {} function apply_filters_pre( $filter, &$value ) { $value = apply_filters( $filter, new WP_Unfiltered_Value ); return !is_object( $value ) || !is_a( $value, 'WP_Unfiltered_Value' ); } }}}" andy 17 40281 Improve Documentation for HTTP Unit Testing Build/Test Tools 4.8 normal normal Awaiting Review enhancement reopened 2017-03-27T22:42:10Z 2021-11-16T18:39:48Z Improve Commenting for HTTP Unit Testing. bhubbard 1 40288 Whitelist oEmbed for Apple Keynote has-patch Embeds normal normal Future Release enhancement new 2017-03-28T19:40:23Z 2023-05-30T09:12:08Z "Apple's iCloud Keynote web app added oEmbed support. This ticket is for consideration on whitelisting them as an oembed provider. To test, visit iCloud.com, choose Keynote, and open a presentation. In the presentation, click the person icon along the top, next to the wrench icon. Choose Share Options and set ""Who can access"" to ""Anyone with the link"" (Permissions can be set either way, but ""View Only"" is quite enough). Pasting the URL (icloud.com/keynote/[hash]#[title]) will oembed with the incoming patch." kraftbj 6 40289 Uploading 2 files with the same name but different casing, overwrites existing files Media 4.7.3 normal normal Awaiting Review defect (bug) reopened 2017-03-28T22:23:44Z 2017-06-08T09:36:11Z "Problem: Under normal circumstances, if I upload a file to the media library but a file with a similar name was previously uploaded, wordpress would change the name of the new file (by adding a dash and a number). However, If I upload 2 files with the same name, BUT WITH DIFFERENT CAPITALIZATION, wordpress won't rename the second file and will just reference the older one. So if for example, I already had the file cover.jpg in my library and I've created a new post and uploaded the file COVER.JPG, it will show in the post the older image of (cover.jpg)." quickim 8 40291 subcategory pagination no run Taxonomy 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-29T02:55:51Z 2017-03-29T21:46:18Z "I can use the subcategory as directory in the url: example.com/sub-category/ But example.com/sub-category/page/2/ Give me error 404 But example.com/Category/sub-category/page/2/ Run OK" Guillermo77 40292 Twenty Seventeen: Use echo file_get_contents() instead of require_once() to pull in SVG file contents dev-feedback Bundled Theme 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-29T04:16:12Z 2023-10-06T13:27:34Z "Using require_once() to pull in the contents of SVG files can result in the PHP parser throwing a {{{ PHP Parse error: syntax error, unexpected version (T_STRING) }}} error if any of the SVG files begin with {{{ <?xml version=""1.0"" encoding=""UTF-8""?> }}} The proposed solution is to use echo file_get_contents() instead. A few recommendations for using that method are here: https://css-tricks.com/using-svg/#article-header-id-7 http://sheelahb.com/blog/how-to-get-php-to-play-nicely-with-svg-files/ It could be argued that using require_once() is fine in Twenty Seventeen, since we know that none of the SVGs in /assets/images/svg-icons.svg contain the problematic <?xml … ?> tag. However, there are of course many developers who fork Twenty Seventeen, or copy its code into their own themes, so it seems wise to me to pull in SVG file contents using a method that won't throw errors in the event that <?xml … ?> tags are present in any SVG files." kellenmace 6 40293 Comment template - warning has-patch Comments 4.8 normal normal Awaiting Review defect (bug) new 2017-03-29T07:15:59Z 2017-10-11T11:29:50Z "Hi, in the `comments_template` function, you are entering a divide-by-zero condition at line '''1379''' of the `wp-includes/comment-template.php` file. The line described above is like this. {{{#!php <?php $comment_args['offset'] = ( ceil( $top_level_count / $per_page ) - 1 ) * $per_page; ?> }}} I believe this will solve. {{{#!php <?php $offset = 0; if ( $top_level_count && $per_page ) { $offset = ( ceil( $top_level_count / $per_page ) - 1 ) * $per_page; } $comment_args['offset'] = $offset; ?> }}} I'm using a default install with theme Twenty Seventeen. Thank you!" victorfreitas 5 40299 Removing width attribute on an image with a caption removes entire caption Media 4.7.3 normal normal Future Release defect (bug) new 2017-03-29T13:59:21Z 2018-12-27T21:56:20Z "If you insert an image with a caption into the visual editor, it will create code like: {{{ [caption id=""attachment_12345"" align=""alignnone"" width=""150""]<img class=""wp-image-12345 size-thumbnail"" src=""https://www.example.com/wp-content/uploads/2017/03/image.png"" alt="""" width=""150"" height=""150"" /> My caption[/caption] }}} If you switch from the visual editor to the text editor and remove the `width` attribute '''of the image''' to get: {{{ [caption id=""attachment_12345"" align=""alignnone"" width=""150""]<img class=""wp-image-12345 size-thumbnail"" src=""https://www.example.com/wp-content/uploads/2017/03/image.png"" alt="""" height=""150"" /> My caption[/caption] }}} And then either update the post, or switch back to the visual editor, the caption is stripped and only the image remains: {{{ <img class=""wp-image-12345 size-thumbnail"" src=""https://www.example.com/wp-content/uploads/2017/03/image.png"" alt="""" height=""150"" /> }}} Removing the `height` attribute doesn't appear to cause the same behavior. I don't believe that removing the width attribute on the image should result in both the caption being stripped and the `[caption]` shortcode being removed. I'm not sure but this might be related to [27426] and #23103." catchmyfame 2 40300 `title` parameter causes `WP_Query` to return sticky posts. Query 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-29T14:24:28Z 2017-03-29T14:24:28Z "When a `title` parameter is present in the WP_Query arguments array then sticky posts are included in the `$query->posts` array. I'm not sure is it a bug, or is it just an incomplete documentation. The same happens with `post__in` parameter but in this case, I'm sure that it's not a bug because the documentation mentions that sticky posts are returned when using the `post__in` parameter." wujek_bogdan 40311 Disable inline edit post via filter has-patch Posts, Post Types normal normal Future Release enhancement new 2017-03-30T10:03:11Z 2017-03-30T10:44:51Z "I suggest add new filter: {{{ disable_inline_edit_post }}} if true inline edit is disable." sebastian.pisula 1 40319 Apostrophe in commenter's name prevents comment_whitelist setting from working. has-patch Comments 4.0 normal normal Future Release defect (bug) new 2017-03-30T18:30:04Z 2020-03-20T05:26:22Z "If a commenter has an apostrophe in their name, and they have a previously approved comment, and the comment_whitelist setting is enabled (""Comment author must have a previously approved comment""), the commenter's comment will always end up in moderation. The cause of this can be traced to r38738. If the name has an apostrophe, it will be slashed; the author name was previously included directly in the SQL, with the slash properly escaping the apostrophe, but when the query was updated to use `prepare()`, the author name was not unslashed. Affects 4.7, 4.7.1, 4.7.2, 4.7.3, and trunk. I've attached a patch that addresses the issue by unslashing the two `expected_slashed` parameters." cfinke 1 40320 Feature idea: Rename roles dev-feedback Role/Capability 4.8 normal normal Awaiting Review enhancement new 2017-03-30T21:16:48Z 2023-02-02T16:11:56Z "There are some help topics available online where users manipulate the role names (not the slug but the display label). Why not make a simple helper function rename_role() for this?" keraweb 1 40324 make_clickable doesn't work if url stands after an even number off spaces Formatting 4.7 normal normal Awaiting Review defect (bug) new 2017-03-31T11:49:56Z 2017-03-31T16:22:07Z "The function '''make_clickable''' doesn't work, if an even number of spaces is written before an url Examples: {{{ Test post http://de.wordpress.org -> 1 space = works Test post http://de.wordpress.org -> 2 spaces = doesn't work Test post http://de.wordpress.org -> 3 spaces = works Test post http://de.wordpress.org -> 4 spaces = doesn't work }}} I tested it in WP 4.7 and 4.7.3 " wordpressrene 1 40325 Potential bug with the “get_post_type” function Posts, Post Types 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-31T12:04:13Z 2020-12-14T12:56:20Z "I have encountered a weird behavior in the WP code, and I want to report it, in case it is a bug. I have posted it in the Support forum first and I was advised to make a ticket here. '''Replication:''' I have a custom post type created. A function is added to the '''before_delete_post''' hook. In this function, I am verifying the current post type. I used to verify it with the '''get_post_type();''' function but I have found a problem with that in some cases. Now, I have replaced it with '''global $post_type;''' {{{ class My_Example { public function build_admin() { add_action('before_delete_post', array($this, 'delete_post')); } public function delete_post($post_id) { $case1 = get_post_type(); global $post_type; $case2 = $post_type; } } }}} On the posts listing page, in the Trash table, there are 3 says of deleting posts: 1. The '''Delete Permanently''' button for each post. 2. The '''Empty Trash''' button. 3. And through '''Bulk Actions > Delete Permanently > Apply'''. The '''get_post_type''' function returns the proper post type name only in the 1st case. For the other 2 cases, it returns '''false'''. However, '''global $post_type''' returns the proper value in all cases. I don’t know if it is a bug but it seems that way on the surface. If the global post type variable is set well, then the function should be able to return it too but I am not sure if something else it at play here. A bit more info: Looking over the source code for the [https://developer.wordpress.org/reference/functions/get_post_type/ get_post_type] function in Code Reference, I see that it is using the [https://developer.wordpress.org/reference/functions/get_post/ get_post] function to retrieve an object, instance of '''WP_Post''', from which it gets the post type. So, the value is retrieved from different locations in the two examples. " ancientro 3 40326 One Click Install Problems with WordPress 4.7.3 reporter-feedback Upgrade/Install 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-31T16:34:41Z 2023-03-22T18:37:19Z "I've been having a bizarre issue with One Click Installs for WordPress now that they've upgraded to version 4.7.3 I follow all the usual instructions (set username, password, email, database options, etc) in the same way that works for every previous time that I've used a One Click Install. But this time, when I go to the site. I find I can go to the /wp-admin/ folders, and access all of the Admin panel features. Changes are being saved to the database. Updating Permalinks modifies .htaccess correctly. Everything seems fine until I try to go to the site. It immediately redirects me to an error page associated with the Hosting service. The exact same error has been reproducible for me at GoDaddy, BlueHost, and MediaTemple, so I believe the error is somewhere in the WordPress version. I have found a lengthly fix to the problem, but this shouldn't be a problem in the first place. Upload and replace files from WordPress version 4.7.2 Refresh an Admin page. Upload and replace files from Wordpress version 4.2.2 Refresh an Admin page. Site will require a database update, click button to initiate it. Once site is up, click ""upgrade to 4.7.3"" After following all these steps, the site works again. I've tried omitting a step or switching up the order, but it seems only by following these steps in this order is my problem fixed. What is going on?" okomikeruko 2 40327 Wrong SQL request for 'EXIST' OR 'NOT EXIST' on same post meta Query 4.7 normal normal Awaiting Review defect (bug) new 2017-03-31T19:57:27Z 2017-03-31T19:57:27Z "Hi, I want to make a query on a custom post type (event post type) with custom post status (on air, forthcoming...) joining optional meta (event rating) then order by decreasing rating, defaulting to increasing title. I'm using 'new WP_Query()' way as secondary loop with the following WP query parameters: {{{#!php [ // Valid events only 'post_type' => My_Post_Type::POST_TYPE_EVENT, 'post_status' => [ My_Post_Type::EVENT_STATUS_ON_AIR, My_Post_Type::EVENT_STATUS_FORTHCOMING, ], // Join optional rating 'meta_query' => [ 'relation'=> 'OR', [ 'key' => My_Post_Type::EVENT_ATTR_RATING, 'compare'=> 'EXISTS', ], [ 'key' => My_Post_Type::EVENT_ATTR_RATING, 'compare' => 'NOT EXISTS', ], ], // Order by rating then title 'orderby' => [ My_Post_Type::EVENT_ATTR_RATING => 'DESC', 'post_title' => 'ASC', ], // Limit number 'posts_per_page' => self::NB_HOME_COMING_EVENTS, ] }}} Resulting SQL query is: {{{#!php SELECT SQL_CALC_FOUND_ROWS cq_posts.* FROM cq_posts LEFT JOIN cq_postmeta ON ( cq_posts.ID = cq_postmeta.post_id ) LEFT JOIN cq_postmeta AS mt1 ON (cq_posts.ID = mt1.post_id AND mt1.meta_key = 'ev_rating' ) WHERE 1=1 AND ( cq_postmeta.meta_key = 'ev_rating' OR mt1.post_id IS NULL ) AND cq_posts.post_type = 'event' AND ((cq_posts.post_status = 'ev_on_air' OR cq_posts.post_status = 'ev_coming')) GROUP BY cq_posts.ID ORDER BY cq_postmeta.meta_value+0 DESC, cq_posts.post_title ASC LIMIT 0, 6 }}} The result set is not what I was looking for (in fact has no sense at all for me) The right SQL query should be something like this: {{{#!php SELECT SQL_CALC_FOUND_ROWS cq_posts.* FROM cq_posts LEFT JOIN cq_postmeta ON ( cq_posts.ID = cq_postmeta.post_id AND cq_postmeta.meta_key = 'ev_rating' ) WHERE 1=1 AND cq_posts.post_type = 'event' AND ((cq_posts.post_status = 'ev_on_air' OR cq_posts.post_status = 'ev_coming')) GROUP BY cq_posts.ID ORDER BY cq_postmeta.meta_value+0 DESC, cq_posts.post_title ASC LIMIT 0, 6 }}} Only one LEFT JOIN is required. Can anyone confirm it is a bug or tell me what WP query parameters I must use instead ? Thanks in advance. " solo14000 40330 Reconsider the usage of infinite scrolling across the admin Administration normal normal Future Release task (blessed) assigned 2017-04-01T14:24:24Z 2021-05-08T11:20:11Z "As accessibility team, we've often discussed and we're aware of some a11y issues in the WordPress admin but haven't formalized them in a Trac ticket yet. That's because they're general, broad, issues and they probably can't be solved soon, as they have a big impact on the way some relevant parts of the user interface are built. They would require some extensive discussion and research. Nevertheless, if we're not going to at least open a discussion, the solution is not going to happen 🙂 . During the last accessibility weekly meeting we've decided to open a series of tickets and use a special keyword to group them, something like `a11y-task`. This is the first ticket of the series. Infinite scrolling (sometimes known as ""endless scrolling"") can be a serious accessibility barrier. It's used in the admin in a few places, for example: - Media Grid - Add Themes screens - Customizer > Add menu items - Editor > Insert/Edit link > Search - any other places? For a comprehensive view of all the potential issues, I'd refer to the list of resources below. I'd recommend everyone to have a look at those posts. I'd say the issues can be grouped in three different categories: accessibility, usability, and performance. Just to mention some of the most relevant ones: - a11y: it's impossible or very hard for keyboard users to reach content placed after an infinite scrolling region: think for example at the Media Grid, where tabbing through attachments loads more and more attachments (potentially hundreds or thousands of them) forcing users to keep tabbing indefinitely - a11y: no audible feedback or instructions about how infinite scrolling works, the current and total number of items, or when new items get loaded - usability: infinite scrolling often breaks the browser's history - usability: there's no JS fallback - performance: memory footprint can be huge, especially when loading hundreds of big images, see the Theme install screens Resources mostly focused on accessibility: http://adrianroselli.com/2014/05/so-you-think-you-built-good-infinite.html http://simplyaccessible.com/article/infinite-scrolling/ http://www.webaxe.org/infinite-scrolling-and-accessibility/ http://www.ssbbartgroup.com/blog/infinite-scrolling-impact-on-assistive-technologies-series-1/ Resources mostly focused on usability: https://webmasters.googleblog.com/2014/02/infinite-scroll-search-friendly.html https://www.nngroup.com/articles/infinite-scrolling/ https://www.sitepoint.com/ux-infinite-scroll-good-bad-maybe/ http://www.webdesignerdepot.com/2015/11/how-infinite-scrolling-breaks-ux/ https://www.smashingmagazine.com/2016/03/pagination-infinite-scrolling-load-more-buttons/ https://www.smashingmagazine.com/2013/05/infinite-scrolling-lets-get-to-the-bottom-of-this/ Resources focused on memory footprint: http://engineering.linkedin.com/linkedin-ipad-5-techniques-smooth-infinite-scrolling-html5 https://www.sencha.com/blog/the-making-of-fastbook-an-html5-love-story/ http://dannysu.com/2012/07/07/infinite-scroll-memory-optimization/ Maybe for the future: the ARIA role `feed` https://www.w3.org/TR/wai-aria-1.1/#feed (at the time of writing, ARIA 1.1 is still a Candidate Recommendation, and as far as I know, no assistive technologies support the role `feed`) See also: http://www.ssbbartgroup.com/blog/differences-aria-1-0-1-1-additions-role/ See #19815, #28927, #28998. " afercia 24 40331 The placeholder attribute should not be used as a replacement for a label joedolson* has-patch Administration normal normal 6.6 defect (bug) accepted 2017-04-01T16:37:45Z 2024-03-01T22:04:02Z "This is the second ticket in the `a11y-task` series, which aims to start a discussion and research on broad accessibility issues. See also #40330. Across the WordPress admin, the placeholder attribute is used in an inconsistent way. Sometimes it's used properly, sometimes not. For example, this is a good usage because the form fields have a visible label and the placeholder clarifies the expected format: [[Image(https://cldup.com/G8zSR9UYzm.png)]] [The ""Post via email"" section in the WordPress Writing Settings] In other cases though, the placeholder attribute is used as a replacement for a label. While it's tempting for designers to use it this way, especially when screen real estate for a visible label is limited, this practice introduces accessibility (and usability) barriers and goes against the HTML5 specification. Despite the fact labels and placeholders have distinct (and complementary) purposes, replacing labels with placeholders has become, unfortunately, a popular practice. In the accessibility team we've discussed this issue a few times, and we'd like to propose to make an effort to change the current approach when using placeholders. Basically, the only use case when a placeholder used as a visual label can be considered acceptable, is when there's just one, simple, form field and its purpose is made very clear by the context. For example, a search field. [https://make.wordpress.org/core/handbook/best-practices/coding-standards/accessibility-coding-standards/ WordPress aims to be as much accessible as possible], I'd say a good first step would be striving to conform to the WCAG and HTML5 specifications. One more good step would be avoiding to introduce new cases where the placeholder attribute is misused . There are lots of resources online about the placeholder issue, so I'd prefer to keep this ticket description short and refer to them, starting with what the HTML5 specification says: https://www.w3.org/TR/html51/sec-forms.html#the-placeholder-attribute > The placeholder attribute represents a short hint (a word or short phrase) '''intended to aid the user with data entry''' when the control has no value. A hint '''could be a sample value or a brief description of the expected format'''. > '''The placeholder attribute should not be used as a replacement for a label.''' For a longer hint or other advisory text, place the text next to the control. And then, in a big red-bordered box: > '''Warning'''! Use of the placeholder attribute as a replacement for a label can reduce the accessibility and usability of the control for a range of users including older users and users with cognitive, mobility, fine motor skill or vision impairments. While the hint given by the control’s label is shown at all times, the short hint given in the placeholder attribute is only shown before the user enters a value. Furthermore, placeholder text may be mistaken for a pre-filled value, and as commonly implemented the default color of the placeholder text provides insufficient contrast and the lack of a separate visible label reduces the size of the hit region available for setting focus on the control. Other resources: W3C Web Accessibility Tutorials https://www.w3.org/WAI/tutorials/forms/instructions/#placeholder-text W3C WAI Wiki: Using @placeholder on input http://www.w3.org/WAI/GL/wiki/Using_@placeholder_on_input Léonie Watson: Using the HTML5 placeholder attribute http://tink.uk/using-the-html5-placeholder-attribute The Paciello Group. HTML5 Accessibility Chops: the placeholder attribute http://www.paciellogroup.com/blog/2011/02/html5-accessibility-chops-the-placeholder-attribute/ WebAIM: Creating Accessible Forms http://webaim.org/techniques/forms/advanced Nielsen Norman Group. Placeholders in Form Fields Are Harmful http://www.nngroup.com/articles/form-design-placeholders/ Roger Johansson - 456 Berea Street. The HTML5 placeholder attribute is not a substitute for the label element http://www.456bereastreet.com/archive/201204/the_html5_placeholder_attribute_is_not_a_substitute_for_the_label_element/ Web Axe: Placeholder Attribute Is Not A Label! http://www.webaxe.org/placeholder-attribute-is-not-a-label/ Mobile Form Usability: Never Use Inline Labels https://baymard.com/blog/mobile-forms-avoid-inline-labels See the ""Exceptions"" paragraph " afercia 34 40334 Trim siteurl and homeurl General 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-01T19:20:34Z 2017-04-01T20:49:51Z "I have seen some sites accidently put new line or space end of the '''siteurl''' and '''home''' in the '''wp_options''' So whenever WordPress defines constants like '''WP_CONTENT_URL''' its not trimming the '''siteurl''' ''/wp-includes/default-constants.php'' {{{#!php function wp_plugin_directory_constants() { if (!defined('WP_CONTENT_URL')) { define('WP_CONTENT_URL', get_option('siteurl') . '/wp-content'); } }}} If '''siteurl''' has the new line in the end and '''plugin_url()''' gives the result as follow {{{ https://example.com /wp-content/plugins/myplugin/ }}} As javascript is not supporting multiline string so it just broke my UI." thamaraiselvam 2 40335 using 'pre_get_terms' is confusing when it comes to ordering by meta Query 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-02T09:41:03Z 2019-10-12T00:18:14Z "There's a `pre_get_terms` hook. One might think that it works in the same way how `pre_get_posts` works, but it doesn't. I wanted to order terms by a meta field, so I did something like this: {{{#!php <?php add_action('pre_get_terms', function (\WP_Term_Query $query) { if ( SOME_CONDITION_HERE ) { return; } $queryVars = $query->query_vars; $args = [ 'meta_key' => 'my_meta_key', 'orderby' => 'meta_value', 'order' => 'ASC', ]; $query->query_vars = array_merge($queryVars, $args); }); }}} And for `pre_get_posts` this technique would work. But with `pre_get_terms` it's different. Digging into `WP_Term_Query` class code I found that this code would cause `parse_orderby()` method to set the `$maybe_orderby_meta` variable to `true`. But it doesn't mean that terms will be sorted by a meta field. It only means that terms '''maybe''' will be sorted by meta. There's an another filter required. At the end of the `parse_orderby()` method there's an another filter applied: `get_terms_orderby`. So in order to sort terms by meta field there's one more thing required. Something like: {{{#!php <?php add_filter('get_terms_orderby', function ($orderby, $args) { if ( SOME_CONDITION_HERE ) { return $orderby; } return 'meta_value'; }, 10, 2); }}} This is unintuitive and confusing, and what's the most important: it's not documented. The documentation should be very clear about it. Because of the filter name, that's very similar to the `pre_get_posts` filter name, users might expect it to work in the same way. It might be even considered as a bug. So I'll mark it as a bug, because from the user's perspective this is how it looks like. " wujek_bogdan 5 40338 Twenty Seventeen: Layout broken and JS error in `wp-activate.php` has-patch Bundled Theme 4.7 normal normal Future Release defect (bug) new 2017-04-02T13:07:14Z 2021-11-01T11:11:43Z "In a Multisite setup with registrations enabled, one can access the `wp-activate.php` and `wp-signup.php` pages which use the header and footer as well as stylesheets and scripts of the current themes. It appears that the Twenty Seventeen theme was not optimized for these pages, particularly for `wp-activate.php`: The layout on that page is broken (no padding at all on the left side of the screen), and there is also a JavaScript error occurring. I haven't looked into this more closely yet, but I just wanted to open this ticket for now. I can have a closer look probably later next week, if no-one gets there before. :)" flixos90 8 40339 If $home_path=='wp' then WP::parse_request() will remove 'wp' from 'wp-json/wc/v1/products' in $pathinfo Rewrite Rules 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-02T13:32:06Z 2018-01-12T02:33:28Z "I have installed WordPress in a subdirectory 'wp' so $home_path is 'wp'. The statement {{{#!php pathinfo = preg_replace( $home_path_regex, '', $pathinfo ); }}} is called with arguments {{{ $home_path_regex = '|^wp|i' $pathinfo = 'wp-json/wc/v1/products' }}} and returns {{{ $pathinfo = '-json/wc/v1/products' }}} Since, $_SERVER[ 'PATH_INFO' ] is the trailing part of the path wouldn't the leading home path be already removed? Here is the $_SERVER variable: {{{ $_SERVER=Array ( [SERVER_SOFTWARE] => PHP 5.6.30 Development Server [REQUEST_URI] => /wp/wp-json/wc/v1/products [DOCUMENT_ROOT] => C:\\WWW [REMOTE_ADDR] => 192.168.1.113 [REMOTE_PORT] => 54207 [SERVER_PROTOCOL] => HTTP/1.1 [SERVER_NAME] => me.local.com [SERVER_PORT] => 80 [REQUEST_METHOD] => GET [SCRIPT_NAME] => /wp/index.php [SCRIPT_FILENAME] => C:\\WWW\\wp\\index.php [PATH_INFO] => /wp-json/wc/v1/products [PHP_SELF] => /wp/index.php/wp-json/wc/v1/products [HTTP_HOST] => me.local.com [HTTP_CONNECTION] => keep-alive [HTTP_CACHE_CONTROL] => max-age=0 [HTTP_UPGRADE_INSECURE_REQUESTS] => 1 [HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 [HTTP_ACCEPT_ENCODING] => gzip, deflate, sdch [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8,en-AU;q=0.6 [HTTP_COOKIE] => wp-settings-1=libraryContent%3Dbrowse%26mfold%3Do%26editor%3Dhtml%26posts_list_mode%3Dexcerpt%26widgets_access%3Don%26post_dfw%3Don%26hidetb%3D1; wp-settings-time-1=1489742056; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_82a92e8b6fd4f1e7bd35e69acfebe645=mc%7C1491295996%7ClSYWOrX5ljiNvjMUuOsdx3Hqd3B4PsyM6sdhaHx3VHB%7C0f85cc8928c44377d339344bd93f970151fb018ad0623b09964e252bc6104127 [REQUEST_TIME_FLOAT] => 1491131923.8711 [REQUEST_TIME] => 1491131923 ) }}} " Magenta Cuda 1 40340 """Attach to existing content"" modal shows posts and pages of other users" needs-unit-tests Role/Capability normal normal Awaiting Review defect (bug) reopened 2017-04-02T15:19:15Z 2017-08-03T17:54:02Z "From the Media library, a user can attach media (through the Attach link) that were uploaded by himself only. The first image shows the Attach links appearing for certain media only. In the same way, the ""Attach to existing content"" should also list only those posts/pages for which the user has the permissions to attach. Instead it lists all posts (including private) and pages of all users, and then, upon selection, gives the message ""Sorry, you are not allowed to edit this post."" " menakas 5 40341 Make search possible in custom fields Query 4.8 normal normal Awaiting Review enhancement new 2017-04-02T17:36:06Z 2017-04-02T17:36:06Z "Currently when performing a search query with `WP_Query` using `s` parameter, WordPress only searches in post_title, post_content and post_excerpt. I suggest to extend search to custom fields. Say I added a ""my_description"" custom post field to my posts. I would like a regular search to return every post containing the searched word(s) in any of the fields post_title, post_content, post_excerpt or my_description. Currently the supposed way of doing this is by using a `WP_Meta_Query`: {{{ new WP_Query(array( 's' => 'foo', 'meta_query' => array(array( 'key' => 'my_description', 'value' => 'foo', 'compare' => 'LIKE', )), )) }}} The problem is that the meta query and the search WHERE clauses are going to be joined by AND, not by OR. The resulting query is going to be something like that: {{{ SELECT [...] WHERE ( posts.post_title LIKE '%foo%' OR posts.post_content LIKE '%foo%' OR posts.post_excerpt LIKE '%foo%' ) AND ( postmeta.meta_key = 'my_description' AND postmeta.meta_value LIKE '%foo%' ) AND [...] }}} But I'd need: {{{ SELECT [...] WHERE ( posts.post_title LIKE '%foo%' OR posts.post_content LIKE '%foo%' OR posts.post_excerpt LIKE '%foo%' OR (postmeta.meta_key = 'my_description' AND postmeta.meta_value LIKE '%foo%') ) AND [...] }}} which is impossible to achieve with a regular `WP_Meta_Query`. Actually it's pretty hard to do: it involves to hook into WHERE and JOIN clauses, and to rewrite almost the whole search mechanism. That's why I suggest to implement into core a simple way of doing this: {{{ new WP_Query(array( 's' => 'foo', 'meta_search' => array('my_description', 'my_other_field', 'etc') )) }}} This `meta_search` parameter would accept an array of meta_key strings and would just be ignored when not set. Please have a look into my attached solution." max345 40348 Option to enable User Dashboard on single-site installations dev-feedback Users 3.0 normal normal Awaiting Review enhancement new 2017-04-03T19:45:58Z 2021-08-04T21:11:11Z "Since WordPress 3.0, the User Dashboard located at `/wp-admin/user/` has only been exposed to multisite installations. I would like the option to use this dashboard as a replacement for `profile.php`, even on single-site installations. ---- '''Why?''' Because `profile.php` is just 1 page, and plugins (like BuddyPress & bbPress) cannot user-centric data management without overriding the profile screen completely, which has the adverse affect of abandoning other plugins that have hooked into this screen. If we have to do that, we may as well invest more in the User Dashboard that already comes with WordPress core. My WP User Profiles plugin helps to re-imagine how the WordPress User experience might work & look, and comes with full integration into the User Dashboard. I'd like to bring that experience to single-site installations, and the core code currently explicitly prevents this behavior. ---- '''How?''' I believe, today, the User Dashboard should be off-by-default for single-site installations, and work as-is for multi-site installations. Plugins should be allowed to enable access to the User Dashboard, and plugins can then opt-into supporting that new dashboard in new & creative ways. I'm proposing that we simply enable this feature to function, and not that we completely jump head-first into supporting it in core and/or replacing `profile.php` entirely, at least not yet or my foreseeable future. ---- '''Caveats''' There are zero caveats for all existing WordPress installations, though as with any new feature, I can imagine the range of future scenarios from bad to good on how this could be used and/or abused. The one major bummer is that the Admin Settings API does not support either the Network or User dashboards, so saving options is still a completely custom affair. The theoretical Fields API could save us here, or maybe not. ---- This functionality is relatively easily achieved, and I'll be attaching a patch imminently." johnjamesjacoby 4 40351 Term post re-counts scale poorly, are common and difficult to avoid whyisjake has-patch Taxonomy 4.8 normal normal Future Release enhancement reopened 2017-04-04T01:18:28Z 2023-09-11T02:20:51Z "Under normal conditions whenever a post status transition occurs, `_update_term_count_on_transition_post_status` attempts to completely recalculate the post counts for each term related to the post by re-counting each term's total number of post relationships.. For sites with large term relationship tables, large numbers of total terms and high numbers of terms per post, this recalculation does not scale well and can lead to wp-admin lag (while saving a post for example) or failed queries. A typical bad scenario looks like this: Consider a site with a large term_relationship table and a post with (say) 30 terms assigned to it. When that post is updated, an eventual call to `_update_post_term_count` will cause that function to execute 60 total queries on some very large tables. 30 are SELECTs: `SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type IN ('"" . implode(""', '"", $object_types ) . ""') AND term_taxonomy_id = %d` (This is actually the hopeful case, since if we need to count attachments too, those are added to the above query via a subselect which probably makes things worse.) Interspersed among the 30 SELECTs are 30 UPDATEs to the tt table, generated by: `$wpdb->update( $wpdb->term_taxonomy, compact( 'count' ), array( 'term_taxonomy_id' => $term ) );` One result of all of this can be failed queries -- typically the SELECTs -- and incorrect term post counts. Even more frequently the issue manifests as slow post updating behavior (the lag a user feels while waiting for a post to save or publish.) We currently provide two mechanisms (besides just unhooking `_update_term_count_on_transition_post_status` entirely and not updating term post counts at all) to do something about this problem. The first is to defer post counts, but this just delays the badness until a later call of `wp_update_term_count`. The second is to define a per-taxonomy custom update callback using `update_count_callback`. Neither of these mechanisms is intended to improve performance, and both are obscure. It would be better to by default increment or decrement post counts directly in the tt table in response to posts entering or leaving published (or other countable) stati, and reserve complete recalculations for special occasions (such as when a term is edited.) Using this strategy, the 60 total queries in the example above could -- on publish -- be replaced by a '''a single''' query that would look something like: `UPDATE {$wpdb->term_taxonomy} AS tt SET tt.count = tt.count + 1 WHERE tt.term_taxonomy_id IN ( .... )` (where the final list is a list of tt_ids.) This solution is implemented now as a plugin here: https://github.com/Automattic/lightweight-term-count-update. Patch based on this on the way soon." mattoperry 56 40352 WP REST API, Comments Not Triggering 'comment_post' dev-feedback Comments 4.7 normal normal Awaiting Review defect (bug) new 2017-04-04T06:50:37Z 2019-11-26T14:44:32Z "Hello, I’ve noticed that when comments are created using the WP API that notification emails are not sent out to the author of the post or moderators. (When testing, If I add the comment via the admin interface, it works as expected). On debugging, I noticed that the filter ‘comment_post’ is not being called when inserted via the API. For now, I used the following workaround: {{{#!php function mytheme_comment_inserted($comment_id, $comment_object) { wp_notify_postauthor( $comment_id ); } add_action('wp_insert_comment','mytheme_comment_inserted'); }}} I already posted on the support forum here: https://wordpress.org/support/topic/wp-api-comments-not-sending-notifications/#post-8987973 and it was suggested this could be intentional behaviour but that this also could, in fact, be reported as a bug? Thanks! Chris" stickypixel 2 40353 Site URL and Home URL inputs are not properly validating loru88 has-patch Options, Meta APIs normal normal Awaiting Review defect (bug) assigned 2017-04-04T12:33:11Z 2020-04-08T20:34:50Z "In wp-admin/options-general.php > General settings the URLs not properly validating. I tried the following with WordPress address (URL) input: http://local.mysite. com http://local.my?site.com http://local.my*site.com In all three cases WP saves the entry and then the page breaks! A proper handling is required." subrataemfluence 15 40355 "Default to ""https://"" in comment author URL field" dev-feedback Comments normal normal Awaiting Review enhancement new 2017-04-04T15:56:58Z 2021-06-07T10:00:12Z "One pet peeve of mine with commenting on other people's WordPresses, is on new sites I haven't commented on yet (or aren't powered by Jetpack Comments) that I need to type `https://` in every Website field. Traditionally, this field is currently empty unless a cookie exists (see: `wp_get_current_commenter()`). Tangentially, recent efforts across the web to SSL all-of-the-things (`\o/`) makes this field an interesting opportunity to gently nudge the web in the direction of `https://` feeling more like the norm than the exception. A plugin can easily enable this (and I'll likely make one today) but I'll offer up the idea here first. Patch imminent." johnjamesjacoby 3 40357 dbDelta can't change primary keys, create AUTO_INCREMENT columns and doesn't make significant index changes needs-unit-tests Database 4.8 normal normal Awaiting Review enhancement new 2017-04-04T17:20:04Z 2017-04-04T18:21:02Z "dbDelta has three inter-related issues which center around changing indexes. 1) It isn't possible to change which column is the primary key 2) It isn't possible to add a new AUTO_INCREMENT column 2b) It isn't possible to modify an existing AUTO_INCREMENT to no longer be AUTO_INCREMENT 3) Indices with the same name are not dropped/re-created, even when the index definition is changed significantly. == Use case == A client had been tracking inventory in a custom table where the product ID was the primary key. When he opened a new location, we added a location column, and wanted to be able to track how many of each product was in each location. 1. A table's purpose is being expanded, or otherwise doesn't meet the needs of the data. Since the primary key is unique, we needed to add a new key column and change which column was designated as the primary key. 2. A table was originally defined without an AUTO_INCREMENT column and the need for such a column arises. The new column we wanted to add and use for the key was simply an AUTO_INCREMENT integer column. In testing we defined the new column and also defined a new UNIQUE index (so, not changing the primary key yet). Since dbDelta adds new columns before adding the new indices, and in separate ALTER TABLE statements, MySQL refuses to add a new AUTO_INCREMENT column without an index. The solution is to add the new column without the AUTO_INCREMENT designation, then add the UNIQUE index, then alter the table to use AUTO_INCREMENT. 3. A primary (or other key) could be significantly and intentionally altered, significantly changing how queries are run. I understand that WP doesn't want to drop and recreate indices when changing the sub-part of an index (see: https://core.trac.wordpress.org/ticket/34870#comment:21) However I think that it should change the index, if the definition is significantly altered. In the use case above, we could've changed the primary key to be `PRIMARY KEY(productId,location)` instead of adding a new column and switching the index to that column. In other use cases, changing from a BTREE to FULLTEXT index would change which types of queries need to a full table scan. == This Patch == This patch does the following: 1. You can now add a new AUTO_INCREMENT column to an existing table When a new AUTO_INCREMENT column is added to an existing table, the column creation is done in two parts. First the column is created as a non-AUTO_INCREMENT column, and a separate `ALTER TABLE` statement is set to run after index creation to enable AUTO_INCREMENT. Note: The CREATE TABLE statement given to dbDelta must provide the required indexes that MySQL expects. 2. You can now modify a column with AUTO_INCREMENT to no longer use AUTO_INCREMENT 3. You can change which column is the primary key 4. Significant index definitions cause an index to be dropped and re-created The cases that cause an index to be dropped and re-created are: * An index which wasn't UNIQUE, but now is or vice-versa * An index which changes index type (eg. FULLTEXT => BTREE) * An index which contains a different number of columns * An index which contains a different column order * An index which contains different columns Note: Changing the index sub-part or no longer defining the index in the table does not cause it to be dropped. == Other notes == 1. I've tried to use WP coding standards and comment my code well. I'd love feedback if there are things I can do better. 2. I've included a file, test.php which takes 13 table definitions, takes them two at a time, and converts between each possible combination. To run it, put it in the root WordPress directory and run `php ./test.php`. 3. Also, the dbDelta phpunit tests still pass." stuporglue 1 40362 Remove `blog-id-cache` cache group dev-feedback Networks and Sites normal normal Awaiting Review defect (bug) new 2017-04-04T21:56:12Z 2017-10-03T17:11:29Z "The function `get_blog_id_from_url()` is the only function that uses the old `blog-id-cache` group. Since the introduction of `WP_Site_Query` it's basically redundant in there though, since site query results are cached anyway. Therefore I think we should remove the cache read and write actions in that function. We can then also remove the cache group completely (from `clean_blog_cache()` and registration as a ""global group"")." flixos90 6 40365 Introduce a REST API endpoint for sites needs-unit-tests REST API normal normal Future Release task (blessed) new 2017-04-05T00:18:18Z 2020-04-03T05:00:47Z "It should be possible to manage sites in a multisite configuration through the REST API. * List sites: `GET wp/v2/sites/` * Retrieve a site: `GET wp/v2/sites/<id>` * Create a site: `POST wp/v2/sites/` * Update a site: `PUT wp/v2/sites/<id>` * Delete a site: `DELETE wp/v2/sites/<id>` Data included in a site object should at least mirror the data available for the site in `wp_blogs`. Additional ideal pieces of data for a site include `blogname`, `blogdescription`, `home`, and `siteurl`. It's possible that creating a new meta table for sites can help developers register meta for inclusion with a site object (See #37923). Sites should be accessible by default for authenticated users only. Network (global) admins should have access to all sites. Site users should have access to the sites they are members of. The ""My Sites"" list is a great candidate for exploring how this will work. See #15317. As of the introduction of `get_sites()` in 4.6.0, retrieving sites is a much better experience. The methods used to create, update, and delete sites in multisite are not as pleasant right now. We should investigate each of these and determine what can be done to streamline the process. The first improvement is probably in creating a site. See #40364." jeremyfelt 14 40369 Mail server settings page (options-writing.php) has no validation has-patch Options, Meta APIs 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-05T10:55:59Z 2017-04-05T10:58:35Z "wp-admin > options-writing.php 1. Accepts everything. No character type restriction 2. Page gets submitted with anything entered in PORT textbox 3. Setting gets saved without values entered in Login name and Pass word boxes 4. Pass word box should now show actual characters!" subrataemfluence 40370 "add_image_sizes does not create the ""crop position"" versions of the image" dev-feedback Media 2.9 normal normal 6.6 enhancement reopened 2017-04-05T13:29:32Z 2024-02-12T09:04:43Z "I wanted to introduce 3 different version of post thumbnails - each with different cropping position (top, center, left) , so i added them like this: {{{#!php add_image_size( 'newscentered', 400, 400, array( 'center', 'center') ); add_image_size( 'newstop', 400, 400, array( 'center', 'top' ) ); add_image_size( 'newsbottom', 400, 400, array( 'center', 'bottom' ) ); }}} Now, whenever i use the the_post_thumbnail() with the name of my custom image size i always get the same image, cropped to the default WordPress crop position of ('center', 'center') . Why is that happening? I did 'refresh' the thumbnails and tried also uploading fresh image files and still i can't get 3 differently cropped versions of the image. I noticed that when i set the cropping defaults using the following function and set the cropping there, then it works: {{{#!php set_post_thumbnail_size( 400, 400, array('center', 'bottom')); }}} ... but it affects the cropping of all of my thumbnails, so i can only get one ""crop position"" for all my images. Guys, is this some kind of bug or do i configure something in a wrong way? I'm using the newest official WordPress version" piejesus 33 40373 Conditionally initialize Playlist Media Element dev-feedback Media 4.7.3 normal normal Future Release enhancement new 2017-04-05T15:54:22Z 2019-01-24T21:48:32Z "The single element media player (https://develop.svn.wordpress.org/trunk/src/wp-includes/js/mediaelement/wp-mediaelement.js) uses a special jQuery filter to remove already initialized media elements from the initialization process: Source: https://develop.svn.wordpress.org/trunk/src/wp-includes/js/mediaelement/wp-mediaelement.js Lines: 43~49 {{{ // Only initialize new media elements. $( '.wp-audio-shortcode, .wp-video-shortcode' ) .not( '.mejs-container' ) .filter(function () { return ! $( this ).parent().hasClass( 'mejs-mediaelement' ); }) .mediaelementplayer( settings ); }}} However, a similar approach is not implemented for the Playlist element and might be needed. Source: https://develop.svn.wordpress.org/trunk/src/wp-includes/js/mediaelement/wp-playlist.js Lines: 167~171 Original Code: {{{ $(document).ready(function () { $('.wp-playlist').each( function() { return new WPPlaylistView({ el: this }); } ); }); }}} Should probably be (my suggestion): {{{ // Only initialize new media elements. $(document).ready(function () { $('.wp-playlist') .not(':has(.mejs-mediaelement)') // <-- Filter out already initialized playlist media elements .each( function() { return new WPPlaylistView({ el: this }); } ); }); }}} I have tested both media elements (single player and playlist player) on an Ajax-based WordPress theme, and I've noticed that an already initialized playlist media element stops playing when the wp-playlist.js file is reloaded on a new page load. When the conditional (patch above) is placed in the code, the playlist element continues playing without problem on subsequent page loads. Awaiting feedback." kostasx 2 40387 WP_Query bug with product post type with search parameter on Query 4.7.3 normal normal Awaiting Review defect (bug) reopened 2017-04-07T11:07:02Z 2017-04-18T21:09:16Z "I am not sure if it is a WordPress core bug, but seems like it! I have 5 different custom post types along with 'product' post type from Woocommerce. The following query gives (only) product result: {{{ $args = array( 'post_type' => array('product'), 'posts_per_page' => 5, 'post_status' => array('publish', 'future') ); }}} Actual query output: {{{SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'product' AND ((wp_posts.post_status = 'publish' OR wp_posts.post_status = 'future')) ORDER BY wp_posts.post_date DESC LIMIT 0, 5}}} But the following query: {{{ $args = array( 'post_type' => array('product'), 's' => 'mobile', 'posts_per_page' => 5, 'post_status' => array('publish', 'future') ); }}} outputs this (even post_type is specified the query is generated to search all other post types and surprisingly not product): {{{SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND (((wp_posts.post_title LIKE '%htc%') OR (wp_posts.post_excerpt LIKE '%htc%') OR (wp_posts.post_content LIKE '%htc%'))) AND wp_posts.post_type IN ('post', 'travelog', 'hotel-info', 'trips', 'package_tour') AND ((wp_posts.post_status = 'publish' OR wp_posts.post_status = 'future')) ORDER BY wp_posts.post_title LIKE '%htc%' DESC, wp_posts.post_date DESC LIMIT 0, 5}}} and brings up results from all other post types and simply ignoring product. " subrataemfluence 7 40390 Wrong time (and date) in mail header send by phpmailer Mail 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-07T12:47:41Z 2017-05-02T11:59:04Z "I noticed that some mail clients show wrong time and sometimes date (around midnight) while forwarding or otherwise dealing with emails. For ex. MS Outlook gets it wrong. The offset is the same as my local timeoffset to UTC. Tracking it down this is because the {{{rfcDate()}}} within ''wp-includes/class-phpmailer.php'' uses {{{date_default_timezone_get()}}} to add the date and time into the mail header. This value is forced by WP to be UTC. Debugging rfcDate() with: {{{ error_log( var_export( date_default_timezone_get(), true ) ); error_log( var_export( date('D, j M Y H:i:s O'), true ) ); error_log( var_export( current_time( 'D, j M Y H:i:s O' ), true ) ); }}} I get: {{{ [07-Apr-2017 12:01:02 UTC] 'UTC' [07-Apr-2017 12:01:02 UTC] 'Fri, 7 Apr 2017 12:01:02 +0000' [07-Apr-2017 12:01:02 UTC] 'Fri, 7 Apr 2017 14:01:02 +0000' }}} I read this ticket #39595 and I guess it will not be changed. The ticket also says there is no WP function using the native timezone getter. This shows there is. Or at least a lib within core. Can we modify the phpmailer class to use {{{current_time()}}} or do we need to set and reset the timezone before and after every phpmailer call? " Drivingralle 1 40393 Using remove_action within an action callback skips over execution of other callbacks with lower priority dev-feedback Plugins normal major Awaiting Review defect (bug) new 2017-04-07T16:01:05Z 2020-07-07T14:23:02Z "Description: When remove_action is used by an action callback to remove itself from the list of callbacks, this results in all callbacks hooked with the immediately lower priority to be skipped by apply_filters. Here is simple code to demonstrate: {{{#!php <?php class Sample { public function test() { add_action('custom_action', array($this, 'callback_1'), 1); add_action('custom_action', array($this, 'callback_2')); add_action('custom_action', array($this, 'callback_3'), 20); echo '<h1>First Run</h1>'; echo '<pre>'; do_action('custom_action'); echo '</pre>'; echo '<h1>Second Run</h1>'; echo '<pre>'; do_action('custom_action'); echo '</pre>'; } public function callback_1() { echo ""Callback 1\n""; } public function callback_2() { echo ""Callback 2\n""; remove_action('custom_action', array($this, 'callback_2')); } public function callback_3() { echo ""Callback 3 - Priority 20\n""; } } $runner = new Sample; $runner->test(); }}} The output is: First Run Callback 1 Callback 2 Second Run Callback 1 Callback 3 - Priority 20 The expected output should be: First Run Callback 1 Callback 2 Callback 3 - Priority 20 Second Run Callback 1 Callback 3 - Priority 20 The net effect of this issue is that a plugin using remove_action in that way will break another, totally unrelated plugin, if they both add actions on same tag, with different prorities. WooCommerce is using this method, it uses remove_action inside a pre_get_posts action callback. This broke our Accelerated Mobile Pages plugin when doing AMP pages for WooCommerce. This was reported to [https://github.com/woocommerce/woocommerce/issues/14092 WooCommerce here], but it was then suggested it was a core issue. '''Additional notes''': - all callbacks must '''object methods'''. The problem does not occur if callbacks are functions. - the callback using remove_action must be the only registered callback for that priority level {{{#!php <?php add_action('custom_action', array($this, 'callback_1')); add_action('custom_action', array($this, 'callback_2')); add_action('custom_action', array($this, 'callback_3'), 20); add_action('custom_action', array($this, 'callback_4'), 20); }}} will not cause the issue, all callbacks are executed. {{{#!php <?php add_action('custom_action', array($this, 'callback_1'), 5); add_action('custom_action', array($this, 'callback_2')); add_action('custom_action', array($this, 'callback_3'), 20); }}} will cause the issue, callback_3 is not executed. - only the next priority level is removed (but all callbacks for that level are removed): {{{#!php <?php add_action('custom_action', array($this, 'callback_1'), 1); add_action('custom_action', array($this, 'callback_2')); add_action('custom_action', array($this, 'callback_3'), 15); add_action('custom_action', array($this, 'callback_4'), 20); }}} will cause callback_3 to be skipped and callback_4 to be executed normally {{{#!php <?php add_action('custom_action', array($this, 'callback_1'), 1); add_action('custom_action', array($this, 'callback_2')); add_action('custom_action', array($this, 'callback_3'), 20); add_action('custom_action', array($this, 'callback_4'), 20); }}} will cause both callback_3 and callback_4 to be skipped '''Related''': the following tickets are related, even duplicates, but are marked as fixed, which is why I am opening this ticket: [https://core.trac.wordpress.org/ticket/33144 #33144], [https://core.trac.wordpress.org/ticket/21169 21169], [https://core.trac.wordpress.org/ticket/37679 37679]" weeblrpress 11 40394 Activation email not sent to new users on Windows (have come out another time) Mail 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-08T08:59:29Z 2017-04-08T12:48:27Z "https://wordpress.org/support/topic/activation-email-not-sent-to-users/#post-9009273 I experience this into a: windowsOS/php5.6/apache2.4 when i test an user registration, the email that inform the admin about new user is sent out, while the activation email to the user not. so to fix it on fly, i've remove (like last time) $header that seem to cause a problem: {{{#!php <?php //Can't use additional_parameters in safe_mode, calling mail() with null params breaks //@link http://php.net/manual/en/function.mail.php if (ini_get('safe_mode') or !$this->UseSendmailOptions or is_null($params)) { //$result = @mail($to, $subject, $body, $header); $result = @mail($to, $subject, $body); } else { $result = @mail($to, $subject, $body, $header, $params); } return $result; }}} " axewww 1 40395 New action: pre_generate_rewrite_rules has-patch Rewrite Rules normal normal Awaiting Review feature request new 2017-04-08T13:20:38Z 2019-09-02T09:00:02Z "I suggest add new action in WP_Rewrite class. Why? I need add new permastruct. I can use for example admin_init, but I think it isn't optimal if rewrite rules in saved in permalink page or via call function." sebastian.pisula 1 40397 PHP 7.1.x problem in WP_Query Query 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-08T23:08:20Z 2018-01-11T03:59:56Z "I believe I have found another instance of the defect reported in Trac #37772. This was reported in my plugin's support forum: https://wordpress.org/support/topic/warning-parameter-2-to-mlaquery The first post there includes the PHP message: Warning: Parameter 2 to MLAQuery::mla_query_posts_search_filter() expected to be a reference, value given in /home/prodport/staging/1/wp-includes/class-wp-hook.php on line 298 A later post from @adrianb includes a call trace showing the call to `apply_filters()` from line 1995 in WP_Query." dglingren 6 40403 Media: Allow disabling of auto-save for attachment changes in Media Library Media normal normal Awaiting Review enhancement new 2017-04-10T18:57:38Z 2017-10-16T06:45:09Z "When in the select frame of the media library and the user has selected an attachment, the fields for that attachment including the title, caption, and description can all be modified. The user may very well be expecting that the changes they are making to be ''localized'' to the current context for which they are inserting the image. For example, a user may want to provide a unique caption for an image when selecting it into one post vs the caption for the image when it is inserted into another post. Nevertheless, when the user does make a change to the caption, it will get written into the underlying `attachment` post and will thus change the caption on the `attachment` single template and any galleries in which the image appears. These are the fields in question: [[Image(attachment-fields-in-media-library-select-frame.png, width=400px)]] All of this to say that the behavior to auto-save back changes to an attachment as changes are made in the media library should be able to be disabled, or should perhaps be disabled by default if not in a management context on the Media admin screen. Also, when the media library is opened in the customizer, a user should expect all changes to be previewable without impacting the site before hitting Save & Publish. The customizer is supposed to guard against the “save and surprise” experience. In the case of the Media Library, it can be even worse because it is “auto-save and surprise” and the auto-save behavior isn't even stated. So if auto-save isn't disabled by default in the media library across WordPress in a non-management context, then at least it seems it should be disabled in the context of the customizer. The conversation for this started in the context of the image widget, and unexpected behavior for when modifying fields in the select frame versus modifying fields in the edit frame (which, as in the edit post screen, do not auto-save but are local to the post being edited). See https://wordpress.slack.com/archives/C0381N237/p1491845195064777 See also #37887, which would still allow for changes to be made in the media library, but for the changes to defer to being published until the user hits Save & Publish in the Customizer. " westonruter 8 40404 Slow queries with a large number of posts (tens of thousands and above) Query 4.7.3 normal normal Awaiting Review enhancement new 2017-04-10T19:23:04Z 2017-04-10T19:28:25Z "translation yandex: TASK: Faced with such a problem that when the number of posts of 20 000+, the sample was held for 30 seconds each page. That is, the database constantly selects all records to select all of a certain number (items per page). The computer is weak for the global scale, but plans to increase to 7 000 000+ posts. Usually hard disks are not the problem. QUESTION: is There a possibility to optimize the sample? My SOLUTION (working in project MySQL): (maybe I should add this decision to the release of WP) Therefore, the solution is selected such that, upon receipt of a sample using the function get_posts () (wp-includes/class-wp-query.php) you need to ""intercept"" a standard request, modify the request function and give the already constructed list. To store ""lists"" of sorting in the database was created table: ### CREATE TABLE `wp_сорт` ( `номер_сорта` int(10) unsigned NOT NULL AUTO_INCREMENT, `значение_сорта` text NOT NULL, `время_сорта` datetime NOT NULL DEFAULT '1000-01-01 00:00:00', `период_сорта` int(10) unsigned NOT NULL, `мд5_сорта` varchar(32) NOT NULL, `записей_сорта` int(10) unsigned NOT NULL, `вызов_сорта` datetime NOT NULL DEFAULT '1000-01-01 00:00:00', PRIMARY KEY (`номер_сорта`), UNIQUE KEY `инд_мд5_сорта` (`мд5_сорта`) USING BTREE ) ENGINE=InnoDB AUTO_INCREMENT=23 DEFAULT CHARSET=utf8mb4; CREATE TABLE `wp_сортировка` ( `номер_поста` bigint(20) unsigned NOT NULL, `номер_страница` int(10) unsigned NOT NULL DEFAULT '0', `номер_на_странице` tinyint(3) unsigned NOT NULL DEFAULT '0', `номер_сорта` int(10) unsigned NOT NULL DEFAULT '1', UNIQUE KEY `уник` (`номер_страница`,`номер_на_странице`,`номер_сорта`) USING BTREE, KEY `внешка_поста` (`номер_поста`) USING BTREE, KEY `внешка_сорта` (`номер_сорта`), CONSTRAINT `внешка_поста` FOREIGN KEY (`номер_поста`) REFERENCES `wp_posts` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE, CONSTRAINT `внешка_сорта` FOREIGN KEY (`номер_сорта`) REFERENCES `wp_сорт` (`номер_сорта`) ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; ### Modification of the file wp-includes/class-wp-query.php in the function get_posts () somewhere 2513 string to find: ### {{{#!php <?php if ( $split_the_query ) { // First get the IDs and then fill in the objects }}} ### and insert the following: ### {{{#!php <?php $bMod = isset( $q[ ""posts_per_page"" ] ) && $q[ ""posts_per_page"" ] > 0 && !isset( $q[ 'search_terms' ] ); if ( $bMod ) { $мЗначение = [ ""join"" => $join, ""where"" => $where, ""groupby"" => $groupby, ""orderby"" => $orderby, ""posts_per_page"" => $q[ ""posts_per_page"" ] ]; $сЗначение = serialize ( $мЗначение ); $сМд5 = md5 ( $сЗначение ); $aR = $wpdb->get_results ( ""SELECT `номер_сорта`, `записей_сорта` FROM `wp_сорт` WHERE `мд5_сорта`='{$сМд5}'"", ARRAY_A ); $sTime = date ( ""Y-m-d H:i:s"", strtotime ( ""now"" ) + 14400 ); if ( !$aR ) { $stable = ""wp_сорт""; $sColumName = ""номер_сорта""; $iN = $wpdb->get_var ( 'SELECT t1.' . $sColumName . '+1 FROM ' . $stable . ' AS t1 LEFT JOIN ' . $stable . ' AS t2 ON t1.' . $sColumName . '+1 = t2.' . $sColumName . ' WHERE t2.' . $sColumName . ' IS NULL ORDER BY t1.' . $sColumName . ' LIMIT 1' ); $wpdb->insert ( ""wp_сорт"", [ ""номер_сорта"" => $iN, ""значение_сорта"" => $сЗначение, ""период_сорта"" => 86400, ""мд5_сорта"" => $сМд5, ""вызов_сорта"" => $sTime ], [ '%d', '%s', '%d', '%s', '%s' ] ); $чНомерСорта = $wpdb->insert_id; $iPerPage = $q[ ""posts_per_page"" ] - 1; $iQ = $wpdb->query ( ""SET @iVar = -1;"" ); $iQ = $wpdb->query ( ""SET @iVar2 = 0;"" ); $sQ = ""INSERT INTO `wp_сортировка` SELECT SQL_CALC_FOUND_ROWS @iVar3:=wp_posts.ID, IF(@iVar={$iPerPage},@iVar2:=@iVar2+1,IF(ISNULL(@iVar2), @iVar2:=0 , @iVar2)) t, IF(@iVar<"" . $iPerPage . "",@iVar:=@iVar+1,@iVar:=0) t1, {$чНомерСорта} FROM wp_posts {$join} WHERE 1=1 {$where} {$groupby} {$orderby} ON DUPLICATE KEY UPDATE `номер_поста`=@iVar3;""; $wpdb->query ( $sQ ); $q[ ""iRows"" ] = $iRows = $wpdb->get_var ( ""SELECT FOUND_ROWS()"" ); $wpdb->update ( ""wp_сорт"", [ ""записей_сорта"" => $iRows, ""время_сорта"" => $sTime ], [ ""номер_сорта"" => $чНомерСорта ] ); } else { $чНомерСорта = $aR[ 0 ][ ""номер_сорта"" ]; $wpdb->update ( ""wp_сорт"", [ ""вызов_сорта"" => $sTime ], [ ""номер_сорта"" => $чНомерСорта ] ); $q[ ""iRows"" ] = $iRows = $aR [ 0 ][ ""записей_сорта"" ]; } if ( isset ( $q[ ""paged"" ] ) && $q[ ""paged"" ] ) $iPaged = $q[ ""paged"" ] - 1; else $iPaged = 0; $this->request = ""SELECT $found_rows $distinct {$wpdb->posts}.ID FROM {$wpdb->posts} $join WHERE {$wpdb->posts}.ID IN(SELECT `номер_поста` FROM `wp_сортировка` WHERE `номер_страница`={$iPaged} AND `номер_сорта`={$чНомерСорта}) GROUP BY {$wpdb->posts}.ID""; //echo 0; } else { $this->request = ""SELECT $found_rows $distinct {$wpdb->posts}.ID FROM {$wpdb->posts} $join WHERE 1=1 $where $groupby $orderby $limits""; } }}} ### To give the number of records in set_found_posts function ( $q, $limits ) change: ### {{{#!php <?php $this->found_posts = $wpdb->get_var ( apply_filters_ref_array ( 'found_posts_query', [ 'SELECT FOUND_ROWS()', &$this ] ) ); }}} ### on: ### {{{#!php <?php if ( isset( $q[ ""iRows"" ] ) ) $this->found_posts = $q[ ""iRows"" ]; else $this->found_posts = $wpdb->get_var ( apply_filters_ref_array ( 'found_posts_query', [ 'SELECT FOUND_ROWS()', &$this ] ) ); }}} ### in cron you need to add one-time during installation, for example, the plugin task: ### {{{#!php <?php wp_schedule_event ( time (), 'wp_wc_updater_cron_interval', 'xray_sorting_event' ); }}} ### at the event: ### {{{#!php <?php add_action ( 'xray_sorting_event', 'xray_sorting_event_func' ); }}} ### and, accordingly, the function itself: ### {{{#!php <?php /** * Функция для cron событий */ function xray_sorting_event_func () { global $wpdb; set_time_limit ( 600 ); echo '<pre>xray_sorting'; $aR = $wpdb->get_results ( ""SELECT * FROM `wp_сорт` WHERE (NOW()>DATE_ADD(`время_сорта`,INTERVAL `период_сорта` SECOND) OR `время_сорта`<`вызов_сорта`) AND `номер_сорта`>0"", ARRAY_A ); foreach ( $aR as $aV ) { $aЗначение = unserialize ( $aV[ ""значение_сорта"" ] ); $iPerPage = $aЗначение[ ""posts_per_page"" ] - 1; $iQ = $wpdb->query ( ""SET @iVar = -1;"" ); $iQ = $wpdb->query ( ""SET @iVar2 = 0;"" ); $sQ = ""INSERT LOW_PRIORITY INTO `wp_сортировка` SELECT SQL_CALC_FOUND_ROWS @iVar3:=wp_posts.ID, IF(@iVar={$iPerPage},@iVar2:=@iVar2+1,IF(ISNULL(@iVar2), @iVar2:=0 , @iVar2)) t, IF(@iVar<"" . $iPerPage . "",@iVar:=@iVar+1,@iVar:=0) t1, {$aV[""номер_сорта""]} FROM wp_posts {$aЗначение[""join""]} WHERE 1=1 {$aЗначение[""where""]} {$aЗначение[""groupby""]} {$aЗначение[""orderby""]} ON DUPLICATE KEY UPDATE `номер_поста`=@iVar3;""; $iQ = $wpdb->query ( $sQ ); if ( !$wpdb->last_error == """" ) { echo ""\nсорт {$iQ} "" . $aV[ ""номер_сорта"" ] . "": провал: "" . htmlspecialchars ( $sQ ) . "" "" . $wpdb->last_error . "";""; } else { echo ""\nсорт {$iQ} "" . $aV[ ""номер_сорта"" ] . "": норма;""; } $iRows = $wpdb->get_var ( ""SELECT FOUND_ROWS()"" ); echo $wpdb->update ( ""wp_сорт"", [ ""записей_сорта"" => $iRows, ""время_сорта"" => date ( ""Y-m-d H:i:s"", strtotime ( ""now"" ) + 14400 ) ], [ ""номер_сорта"" => $aV[ ""номер_сорта"" ] ] ); } # Стираем старые записи сортировок 604800 сек - это 7 суток $wpdb->query ( ""DELETE FROM `wp_сорт` WHERE `вызов_сорта`<"" . date ( ""Y-m-d H:i:s"", strtotime ( ""now"" ) - 604800 ) . "" AND `номер_сорта`>0"" ); } }}} ### I repeat that this is a working model. Can requires file. But all the errors which may be in code(commas, spaces, something like that) is the problem of copy-paste. [https://ru.wordpress.org/support/topic/%d0%bc%d0%b5%d0%b4%d0%bb%d0%b5%d0%bd%d0%bd%d0%b0%d1%8f-%d1%80%d0%b0%d0%b1%d0%be%d1%82%d1%8b-%d0%b2%d1%8b%d0%b1%d0%be%d1%80%d0%ba%d0%b8-%d0%bf%d1%80%d0%b8-%d0%b1%d0%be%d0%bb%d1%8c%d1%88%d0%be%d0%bc/]" xrayboy 40410 Add chunked upload support to the REST API REST API 4.7 normal normal Future Release enhancement new 2017-04-11T05:57:29Z 2021-03-03T17:22:09Z "Split from #39553. Having support for chunked (partial) uploads would be super useful, and provide additional functionality not possible with the current upload API. This would be built off the existing upload endpoints. This needs a detailed proposal." rmccue 3 40412 Filter for theme actions to add extra buttons. dev-feedback Themes 4.7.3 normal minor Awaiting Review feature request new 2017-04-11T10:52:34Z 2017-04-11T10:56:26Z "In theme preview window we not have any filter to add extra buttons. > Not major. We'll add this with JS. ----- In file `\wp-admin\themes.php` {{{ echo implode( ' ', $current_theme_actions ); }}} Maybe like this: {{{ echo implode( ' ', apply_filters( 'wp_current_theme_actions', $current_theme_actions ) ); }}} Screenshot: [[Image(http://bsf.io/-dxku)]] " Mahesh901122 40415 Imagick resize filter hook reporter-feedback Media 4.7.3 normal normal Future Release enhancement new 2017-04-11T16:57:07Z 2022-04-12T13:14:37Z "As of ticket #33642, WordPress 4.5 introduces the `thumbnail_image()` function within the `WP_Image_Editor_Imagick` class. This function uses the default imagick filter `FILTER_TRIANGLE` to assists the image resizing process. Within the `thumbnail_image()` is even declared a list of allowed filters that actually are absolute unsued due to the fact that wordpress uses only the default filter `FILTER_TRIANGLE`. The filter list is {{{ 'FILTER_POINT' 'FILTER_BOX' 'FILTER_TRIANGLE' 'FILTER_HERMITE' 'FILTER_HANNING' 'FILTER_HAMMING' 'FILTER_BLACKMAN' 'FILTER_GAUSSIAN' 'FILTER_QUADRATIC' 'FILTER_CUBIC' 'FILTER_CATROM' 'FILTER_MITCHELL' 'FILTER_LANCZOS' 'FILTER_BESSEL' 'FILTER_SINC' }}} Resizing image using the default filter often gives as a result a softly blurry thumbnail image. this blur effect became more visible as the thumbnail size increase. Using filter like `FILTER_HAMMING` or `FILTER_SINC` the blur effect disappear, giving a great resizing result. To better improve the use of the resizing process and to give any users the ability to choose which type of filter to use, I think that could be implemented the following filter hook: {{{ $filter_name = apply_filters('image_resize_filter', $filter_name); }}} that will give an opportunity to change this filter before the resizing process will perform. This filter should be implemented at the beginning (line 1) of the `thumbnail_image()` function. This way everyone can, optionally, change the imagick resize filter easily." virgodesign 30 40418 ID columns in multisite database tables should be unsigned flixos90 dev-feedback Database 3.0 normal major Awaiting Review defect (bug) assigned 2017-04-12T02:00:28Z 2018-09-11T16:06:41Z "See #8751 for ye'olde single-site effort to normalize the respective object ID columns. All multisite ID columns are `bigint(20)`, but none of them are `unsigned` which has 2 unintended consequences: * Negative numbers can be stored as values instead of being set to `0` * Maximum int of `9223372036854775807` instead of intended `18446744073709551615` Changes are necessary to every multisite database table, as they all touch site or network IDs. Patch imminent" johnjamesjacoby 9 40427 Expose a JavaScript API to extend the Media Manager Media 4.8 normal normal Awaiting Review enhancement new 2017-04-12T17:30:38Z 2021-05-20T20:29:03Z "After talking with @mikeschroder as Pressnomics about how hard it was to extend the media manager, I wanted to open the discussion here for ways we could improve that. One way I made it work for the Stock Photo plugins at GoDaddy was to override core bindHandlers (see https://github.com/godaddy/wp-stock-photos/blob/master/assets/js/stock-photos.manifest.js#L13) and register my new view. One problem with that approach is that it makes it hard for anyone else to extend it for themselves. I'm turning out to the community so we can discuss ways we could expose hooks that would let anyone extend any part of the media manager experience. This could pave the way for awesome new plugins." jonathanbardo 7 40428 Introduce best practices to hide CSS generated content from assistive technologies trishasalas Administration normal normal Future Release defect (bug) assigned 2017-04-12T18:43:44Z 2019-03-23T14:30:53Z "This ticket is part of [https://core.trac.wordpress.org/query?keywords=~a11y-task the a11y-task series], which aims to start discussion and research on broad accessibility issues that probably can't be solved so soon. In the accessibility team, we've discussed a few times these topics and decided as first step to try to make everyone aware of them. This could help in trying to improve future implementations and avoid to introduce new issues. As the CSS 3 spec states, in the near future [https://www.w3.org/TR/css-content-3/#accessibility CSS generated content will be treated as actual content] (Safari and VoiceOver already does that). Specifically for assistive technologies: > Generated content should be searchable, selectable, and available to assistive technologies. The content property applies to speech and generated content '''must''' be rendered for speech output. Some interesting data about browsers and screen readers support (i.e. which ones announce CSS generated content) here: http://tink.uk/accessibility-support-for-css-generated-content/. Please consider these data are from March 2015, so they're probably a bit outdated. '''What this means in practice''' In the best case, screen readers will try to read the generated content as a character, and if there's no character that matches, they may announce `You are currently on a text element`. See #37513 for a specific use case. [[Image(https://cldup.com/xOaq2xSczn.png)]] In the worst case, when the generated content maps to an actual recognisable character, screen readers will just announce the character. A couple simple examples: `content: ""\00d7"";` gets read out as ""times"" `content: ""\25BA"";` gets read out as ""black right pointing pointer"" Maybe in the future it will be possible to use a CSS-only solution, see: Alternative Text for Speech https://www.w3.org/TR/css-content-3/#alt which will (hopefully) introduce the ability to specify alternative text for the CSS generated content property, after a slash: `content: ""\25BA"" / """";` There's no browser support so far. '''A possible solution''' When CSS generated content is ''not'' intended to be available for speech output, then it should always be wrapped by an element (for example a `<span>`) with an `aria-hidden=""true""` attribute. At the moment, this is the only reliable way to hide CSS generated to assistive technologies. Of course, trying to apply this solution to all the CSS generated content currently used in core would be a huge task. There may be better solutions, worth researching a bit. Worth also considering there's an ongoing effort to replace the CSS font icons currently used in core with SVG icons. That could help mitigating the issue, but it will still stand for any other non-icons generated content. Any thoughts and feedback welcome! " afercia 11 40432 Customizer: Should we stop contextually hiding features? Customize 4.0 normal normal Awaiting Review enhancement new 2017-04-12T22:20:48Z 2018-09-12T17:52:10Z "This is a continuation of the conversation in #39087. If something doesn't appear on a page you're previewing, it gets hidden in the Customizer panel. For example, if your archive pages have a sidebar, but your static pages do not, you will not be able to edit your archive sidebar. It will be hidden until you go to an archive page. The same goes for contextual theme options. For example, you can't assign sections to your homepage in Twenty Seventeen unless you're on your homepage. This is often very confusing for folks new to WordPress, as evident in the previous ticket linked above. I think we should change this behavior, and I'm interested in hearing what others think." melchoyce 59 40434 Optimize SQL in Admin - In the Post/CPT List `wp-admin/edit.php` > the function get_posts() has-patch Query 4.7.3 normal normal Awaiting Review enhancement new 2017-04-13T09:00:56Z 2018-01-17T20:31:06Z "When we list a post, a page or a custom-post-type the default query is {{{ SELECT SQL_CALC_FOUND_ROWS en_posts.ID FROM en_posts WHERE 1=1 AND en_posts.post_type = 'post' AND (en_posts.post_status = 'publish' OR en_posts.post_status = 'moderation' OR en_posts.post_status = 'refusal' OR en_posts.post_status = 'future' OR en_posts.post_status = 'draft' OR en_posts.post_status = 'pending' OR en_posts.post_status = 'private') ORDER BY en_posts.post_date DESC LIMIT 0, 20 }}} This query cause slow queries. The operation `OR` is not appropriate and not optimize. It is better to use the operation `IN`. I propose to change lines in the `clasw-wp-query.php` line 2348: Today : {{{#!php <?php } elseif ( !$this->is_singular ) { $where .= "" AND ({$wpdb->posts}.post_status = 'publish'""; // Add public states. $public_states = get_post_stati( array('public' => true) ); foreach ( (array) $public_states as $state ) { if ( 'publish' == $state ) // Publish is hard-coded above. continue; $where .= "" OR {$wpdb->posts}.post_status = '$state'""; } if ( $this->is_admin ) { // Add protected states that should show in the admin all list. $admin_all_states = get_post_stati( array('protected' => true, 'show_in_admin_all_list' => true) ); foreach ( (array) $admin_all_states as $state ) { $where .= "" OR {$wpdb->posts}.post_status = '$state'""; } } if ( is_user_logged_in() ) { // Add private states that are limited to viewing by the author of a post or someone who has caps to read private states. $private_states = get_post_stati( array('private' => true) ); foreach ( (array) $private_states as $state ) { $where .= current_user_can( $read_private_cap ) ? "" OR {$wpdb->posts}.post_status = '$state'"" : "" OR {$wpdb->posts}.post_author = $user_id AND {$wpdb->posts}.post_status = '$state'""; } } $where .= ')'; } }}} The proposition : {{{#!php <?php } elseif ( !$this->is_singular ) { $where_status[] = 'publish'; // Add public states. $public_states = get_post_stati( array('public' => true) ); foreach ( (array) $public_states as $state ) { if ( 'publish' == $state ) // Publish is hard-coded above. continue; $where_status[] = $state; } if ( $this->is_admin ) { // Add protected states that should show in the admin all list. $admin_all_states = get_post_stati( array('protected' => true, 'show_in_admin_all_list' => true) ); foreach ( (array) $admin_all_states as $state ) { $where_status[] = $state; } } if ( is_user_logged_in() ) { // Add private states that are limited to viewing by the author of a post or someone who has caps to read private states. $private_states = get_post_stati( array('private' => true) ); foreach ( (array) $private_states as $state ) { $where_status[] = $state; $where_post_author = current_user_can( $read_private_cap ) ? """" : "" OR {$wpdb->posts}.post_author = $user_id""; } } $where .= "" AND ( {$wpdb->posts}.post_status IN ('"" . implode(""','"",$where_status) . ""')""; $where .= $where_post_author; $where .= ')'; } }}} And the result is better : {{{ SELECT SQL_CALC_FOUND_ROWS en_posts.ID FROM en_posts WHERE 1=1 AND en_posts.post_type = 'post' AND ( en_posts.post_status IN ('publish','moderation','refusal','future','draft','pending','private')) ORDER BY en_posts.post_date DESC LIMIT 0, 20 }}} It would be interesting to do the same work on other parts of get_posts where the `OR` is used." lriaudel 5 40436 Custom taxonomy terms order lost under wp-admin/post.php edit action for a custom post type has-patch Taxonomy 4.7 normal normal Awaiting Review defect (bug) new 2017-04-13T10:01:40Z 2019-03-26T21:01:47Z "Hi, I have registered a custom taxonomy (for a custom post type) that supports sorting using the following taxonomy args {{{#!php const DEFAULT_ARGS = [ 'public' => true, // Make WP function is_tax() working for this custom taxonomy 'show_ui' => true, 'show_in_menu' => true, 'show_in_nav_menus' => false, 'show_tagcloud' => false, 'show_in_quick_edit' => true, 'meta_box_cb' => null, // If null default to WP post_tags_meta_box() in not 'hierarchical' otherwise to post_categories_meta_box() (see WP meta-boxes.php) 'show_admin_column' => true, 'hierarchical' => false, // 2017-01-25 Seems not to be necessary anymore 'update_count_callback' => 'My_Query_Admin::cb_update_count_callback', 'query_var' => true, // Make WP function is_tax() working for this custom taxonomy 'rewrite' => false, 'capabilities' => [], 'sort' => true, // Need by post terms ordering for M_Post_Type::get_main_term() (https://core.trac.wordpress.org/ticket/5857) '_builtin' => false, ]; }}} I used the following args for registering the custom post type {{{ // Default custom post type arguments // https://codex.wordpress.org/Function_Reference/register_post_type const DEFAULT_ARGS = [ 'description' => '', 'public' => false, 'exclude_from_search' => true, 'publicly_queryable' => true, 'show_ui' => true, 'show_in_nav_menus' => false, 'show_in_menu' => true, 'show_in_admin_bar' => true, // 'capability_type' => 'post', // 'capabilities' => [], // 'map_meta_cap' => false, 'hierarchical' => false, 'supports' => [ 'title', 'editor', 'thumbnail', 'custom-fields', ], 'register_meta_box_cb' => null, 'has_archive' => false, 'rewrite' => false, 'permalink_epmask' => EP_PERMALINK, 'query_var' => true, 'can_export' => false, 'delete_with_user' => false, 'show_in_rest' => false, // 'rest_base' => $post_type, // 'rest_controller_class' => WP_REST_Posts_Controller, // '_builtin' => false, '_edit_link' => 'post.php?post=%d', ]; }}} Terms order is well respected using {{{#!php wp_get_object_terms($post->ID, $taxonomy, ['orderby' => 'term_order']); }}} but when editing post under admin panel, order is lost and reverts always to alphabetical order. Can anyone confirm that bug or tell me what's wrong for me? Thanks a lot " solo14000 7 40440 Save permalink without send form close Rewrite Rules normal normal Awaiting Review defect (bug) new 2017-04-13T18:52:02Z 2021-12-19T16:37:58Z "if somebody open wp-admin/options-permalink.php, .htaccess are genereate and save without click submit button. I report this bug as security issue but during send messages with John Blackbourn we have determined that this isn't a security bug so I add ticket as public." sebastian.pisula 7 40441 High server resource usage and timeouts during image uploads Media normal normal Awaiting Review enhancement new 2017-04-13T18:53:52Z 2017-04-14T14:25:12Z "When uploading an image, server resource usage can run high and the resize process can easily timeout causing the upload to fail. This is often down the creation of intermediate image sizes and is especially noticeable when plugins/themes have custom image sizes defined. This issue has been mentioned before in both #37840 and #36534. #40439 proposes saving the progress of intermediate image creation so resizing can be resumed on retry. This ticket is mainly for discussion around ways to reduce potential server implications when uploading an image and creating intermediate image sizes." enshrined 5 40447 Add cache domain to site/network query close Networks and Sites normal normal Future Release enhancement new 2017-04-14T15:01:02Z 2023-06-08T11:27:36Z "A cache domain allows to define a custom cache key to ensure unique results when one of the query filters, like `sites_clauses`, is used to customize the default query. This is necessary because the default cache key is only computed from the default query variables. Previously: [18128] for terms and [38117] for comments." ocean90 4 40451 Customizer: Introduce plugin management dev-feedback Customize 4.7.3 normal normal Future Release feature request new 2017-04-14T18:23:53Z 2019-01-15T21:13:52Z "There is currently not a way to discover or upload plugins in the customizer, the only way is in WP Admin. https://codex.wordpress.org/Managing_Plugins#Automatic_Plugin_Installation https://codex.wordpress.org/Managing_Plugins#Manual_Plugin_Installation Themes already have #37661 and #40278." lukecavanagh 10 40456 Twenty Seventeen: Submenu greater than 10 items not visible Bundled Theme 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-14T22:06:02Z 2021-09-02T10:09:26Z If you add more than 10 items to a sub menu in twenty seventeen, only the top 9 items are visible when the menu expands. The remaining items are displayed off the bottom of the screen and inaccessible. When this happens, the submenu should become two column (or 3, or 4, etc.) MusicalSaw 3 40459 WP_Site::__set() and WP_Network::__set() allow to set any property without a way to retrieve it has-patch Networks and Sites 4.6 low normal Future Release enhancement new 2017-04-15T11:49:17Z 2017-07-03T17:44:08Z "Noticed while working on #40458. The magic setters of `WP_Site` and `WP_Network` allow to set any property via `$this->$key = $value;` but neither `__set()` nor `__isset()` can handle custom properties. Not sure if they should or if we should just block any non-default properties." ocean90 2 40460 Add-On Grouping for Plugin List Screen Plugins normal normal Awaiting Review feature request new 2017-04-15T16:25:17Z 2017-04-15T16:25:17Z "I'd like to see if anyone has thoughts on (or has previously discussed) reworking the plugins API & plugins list screen to group ""child"" or ""add-on"" plugins under their required parent plugin. There are obviously some API implications that go along with this. It seems pretty common now for a well-rounded base plugin, premium or free, to develop a handful of add-ons that require the base functionality of the main plugin and provide no meaningful value on their own. These ""child"" plugins can be from the same developer as the parent, or from a 3rd party community that wants to extend the usefulness of the parent plugin. Because WordPress plugins have no concept of relationships between one another, several less-than-ideal scenarios can occur. Firstly, an add-on plugin can be activated while the parent plugin is not active or even present. Without it being expressed in the title or description, there's nothing to necessarily tell a user that another plugin is required for the one they're installing to function. In the best case scenario, the add-on plugin developer has put safe guards to check for the parent plugin into their code, and will write a message out to the user upon activation to tell them why there's an issue. In the worst case scenario, the developer simply assumed that they parent plugin would exist, did no checks for the availability of the base code, and WordPress encounters a fatal error. Now dependency management is a broad and weighty topic and I do not believe that a full-blown dependency system is what I am proposing here. We do already have a pattern for how to express a basic requirement in the existing parent + child theming system. A child theme expresses that it requires the parent theme with the template attribute and appropriate handling takes place upon it's activation. I think plugins could potentially take the same form. [[Image(https://raw.githubusercontent.com/brentjett/WP-Core-Add-On-Plugins-Proposal/master/plugin-declaration-with-template.png)]] A plugin declares that it requires it's base plugin to function with a ""Template"" (or Parent, Required, etc...), and the system handles including it at the proper time, or not at all depending on the base plugin's existence. The UI benefits from this by grouping these add-on plugins with their associated parent plugin so there is a visual understanding of that relationship. This serves to organize the plugin list in a friendlier way, regardless of what a plugin my be named. [[Image(https://raw.githubusercontent.com/brentjett/WP-Core-Add-On-Plugins-Proposal/master/plugin-screen-addon-groups.jpg)]] There's plenty of complexity to work out both in the UI and API design for this to be a nice addition to the platform. The plugin list should end up more clear and easy to read, not more cluttered and disjointed in the end. I'd love to hear thoughts! Thanks for taking the time." brentjett@… 40464 Embed video in Wordpress gives W3c Markup Validation issue Embeds 4.4 normal normal Awaiting Review defect (bug) new 2017-04-16T10:47:25Z 2017-04-16T15:51:37Z "When embed video in wordpress, the below validation issue occurs: Error: The frameborder attribute on the iframe element is obsolete. Use CSS instead." pmbaldha 2 40465 Multisite fails to rewrite upload path on main site Networks and Sites 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-16T13:33:33Z 2017-04-17T18:12:13Z "This is a follow-up to #12002. After removing the /blog/ slug On options-permalink.php, the media filed display the wordpress subdirectory on the urls. '''Steps''': Install wordpress in its own directory Activate multisite with subsites Switch one of thd subsite into becoming main site Everything works smoothly including images However, image urls contain wordpress directory. {{{ Domain.com/wordpress/wp-content/uploads/image-title.jpg }}} Instead of {{{ Domain.com/wp-content/uploads/image-title.jpg }}} Is this the way it is designed to work? Or a bug? Thanks." daniel berhane 5 40469 How to remove full size image path from srcset and more intelligent choices in srcset candidate list Post Thumbnails 4.7.3 normal normal Awaiting Review enhancement new 2017-04-16T22:41:15Z 2017-06-28T12:38:06Z "On our site, we have a number of image sizes registered in WP, in addition to the default ones, for a variety of purposes. A large one to fill the width of our column, smaller ones for some custom image output, etc. The result of this is a sloppy srcset candidate list filled with URLs that may make no logical sense in a particular location in the markup. WP does have an upper size limit to prevent giant images from being in srcset, and also matches aspect ratio, but nothing else. I have been able to hack together a filter using `wp_calculate_image_srcset_meta` to unset various sizes in the `sizes` array. But if the full size of the image is smaller than the `max_srcset_width` parameter, it still gets included, and there should be some way to remove it. The full size of the image is not part of the `sizes` array in image_meta. It actually points to a larger issue with WP srcset implementation, which is that is mindlessly fills the HTML with srcset candidates that in many instances would never be used, adding lots of excess markup that a developer wouldn't add. For example, we have a 300px wide sidebar where we output an image. The sidebar is never larger than 300px, and even is that size in our responsive site on mobile. The srcset outputs a 150px, 200px, 300px, 600px, 768px and 1240px, based on the sizes registered in our installation and the built-in ones. Logisitically, all that is really needed for this layout is 300px and probably the 600px version. We have all sorts of examples like this where the srcset includes either smaller or larger sizes than are physically possible in a given layout. Obviously WordPress cannot know how a site is styled, but it feels like there needs to be a more robust way of dealing with this. It is not a great feature to load up on unneeded markup. As a theme developer, I would like the ability to constrain the srcset candidate list in an intelligent way each time I output img tags into the markup. It is easy for me to say ""at this location, this image will never be smaller than 300px, so don't give me anything smaller, and will also never be bigger than 300px, so only go up to a 2x version and skip anything larger. I'm guessing this is exacerbated by a variety of themes and pluging that may load up on extra registered image sizes as well." lisota 1 40475 Additional way to add plugin by indicating URL|slug of plugin page Plugins normal normal Awaiting Review enhancement new 2017-04-18T18:28:43Z 2021-07-28T21:38:15Z "Today, when using the UI to add a new plugin, I only have two basic options. • I may either upload the plugin as a zip-file, which somehow hasn't got into my behavior yet. (But soon may, if the issue described here doesn't get a nice solutuion.) • Or I can search for Keyword|Author|Tag I'd like to have a third way of finding the plugin. Reason is I may already know the exact plugin slug (or plugin URL). One way might be to add one more option in the drop-down, to make it Keyword|Author|Tag|Plugin URL And if the user selects the option Plugin URL, then we should disregard anything up to last occurrence of ""/"" and then use that last part as the plugin slug." tobifjellner 3 40477 REST API: Does NOT Trigger New User Notifications! needs-unit-tests Users 4.7 normal normal Awaiting Review defect (bug) new 2017-04-19T07:35:19Z 2017-12-04T05:11:43Z "If you create new users with WP REST API. The notification for new WordPress users via email does NOT get triggered. I tried it on a fresh install. Used the [Email log](https://wordpress.org/plugins/email-log/) WP plugin to test that no emails were sent. " mrahmadawais 13 40485 Add function for retrieving metadata from registered script has-patch Script Loader 4.2 normal normal Awaiting Review feature request new 2017-04-19T17:15:32Z 2017-06-07T21:13:49Z "There is currently a function for adding metadata to a registered script (`wp_script_add_data()`), but no function for retrieving that metadata. '''My use case''' I am trying to write a unit test for a function in my plugin that generates data and calls `wp_localize_script()` to ensure the expected data is passed for localization. '''Other Use Cases''' I could see other use cases where a plugin could change a metadata value or add a new key if a certain value is assigned to a certain key." desrosj 40486 Standard Themes: Logic for translated strings in connection with Screen Reader text can be improved Bundled Theme normal normal Awaiting Review enhancement new 2017-04-19T17:45:26Z 2024-01-24T09:33:18Z "There are 2 strings including: {{{ screen-reader-text""> ""%s"" }}} 1) {{{#!php Continue reading<span class=""screen-reader-text""> ""%s""</span> }}} & 2) {{{#!php Edit<span class=""screen-reader-text""> ""%s""</span> }}} In german (as an example, I assume this happens too in other languages) the syntax for 1) needs to be reversed like that: {{{#!php <span class=""screen-reader-text"">""%s""</span> weiterlesen }}} 2) gets: {{{#!php <span class=""screen-reader-text"">„%s“</span> bearbeiten }}} which is correct for Screen Reader Users, but it should rather be capitalized in both cases so the button text doesn't start lowercase, see screenshot. https://translate.wordpress.org/projects/wp-themes/twentyseventeen/de/default?filters%5Bterm%5D=screen-reader-text%22%3E+%22%25s%22 We could now capitalize the strings in translation, but there must be a better solution!? PS: Yes, the quotation marks in our translation also needs a little attention, but that's not part of the ticket ;-) " Presskopp 9 40487 GUID contains more than 255 characters General 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-19T20:05:53Z 2017-04-19T20:35:13Z "My website had a strange problem: it couldn't save page edit's anymore. After saving a page, it said: your page is successfully saved (some Dutch translation) but it wasn't. I described everything in this post: http://stackoverflow.com/questions/42099222/wordpress-cant-edit-some-pages-anymore I found a solution: increase the length of the GUID column in the post table to 500 characters." martenbiesheuvel 3 40493 On the Edit User Profile page, prevent losing data when clicking links joedolson* has-patch Users normal normal 6.6 enhancement accepted 2017-04-20T12:08:37Z 2024-03-12T16:00:25Z "On the Edit User Profile, open the ""You can change your profile picture on Gravatar."" link in a new window. Reason being that otherwise it causes the user to loose any data that they have edited in the form, but not yet saved." ashokrane 8 40497 wp_insert_user requires user_login when ID is given has-patch Users normal normal Future Release defect (bug) new 2017-04-20T14:07:19Z 2017-05-19T14:41:50Z "When passing an array containing an `ID` key to `wp_insert_user`, the local variable `$update` is set to `true` so that various checks throughout the function can be disabled. [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/user.php#L1445 Line 1445]: {{{ if ( empty( $user_login ) ) }}} checks for the existence of the `user_login` key but does not include the check for `!$update`. This means that if an array of user meta to be updated is passed in with an `ID`, the array must also contain a `user_login`, otherwise a `WP_Error('empty_user_login')` will be thrown. In the case that `ID` is passed in but not `user_login`, this exception should not be thrown as `user_login` is redundant: `user_login` can be determined from the ID, and logic earlier in the function (see lines 1411 onwards) determines that the user already exists and is to be updated." johnprestonsoapmedia 6 40500 Adding custom capabilities to a custom post type seems to break permalink link on post edit screen Posts, Post Types 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-20T16:28:46Z 2019-11-27T20:38:26Z "Added custom capabilities to a wordpress custom post type to be used in conjunction with a role scoper plugin .... see: https://www.dropbox.com/s/7gzvma9t3lm028j/Screenshot%202017-04-20%2010.27.15.png?dl=0) ... seems to make the permalink link that shows up on the post edit screen, beneath the title, non-functional (ie, no URL is actually outputted). Also does not have the ""view [custom post type]"" link that typically appears in the black wordpress admin toolbar. Otherwise, everything works as designed. Confirmed on two separate hosts with plugins disabled and default theme. Confirmed that removing custom capabilities fixes the issue. Confirmed that adding capability using alternative method of simply 'capability_type' => array('print', 'prints'), also has the same result. " finitejest 1 40502 Add the check version and template attributes method for /themes/update-check/1.1/ API HTTP API 4.7.4 normal normal Awaiting Review defect (bug) new 2017-04-20T19:55:09Z 2017-04-20T19:55:09Z "I created a child theme for work, but WordPress noticed me that new theme has an update. That is so weird. So I traced the code and found that problem is API(api.wordpress.org/themes/update-check/1.1/) did not check the whole theme's info between local and WordPress DB. Here is my steps: 1. install the base theme named `site` 2. create a child theme named `royal` 3. add theme info in royal/style.css and royal/functions.php style.css: /* Theme Name: Royal Author: Knockers Version: 1.0 Template: site */ functions.php: <?php ?> 4. login to wp-admin/themes.php and the update notice shows up! I think the API must check the `Theme Name`, `Version`, `Author` and `Template` attributes at least and make sure the theme package is current belong to someone." mxp 40508 Add new do_action after load template files has-patch Themes 5.0 normal normal Future Release enhancement new 2017-04-21T06:42:24Z 2018-12-05T17:08:30Z "Could not perform action after get_header loads. get_header hook only perform before template part loads. So we can add new do_action after template files loads ''' do_action( 'get_header_after', $name );''' {{{ function get_header( $name = null ) { /** * Fires before the header template file is loaded. * * The hook allows a specific header template file to be used in place of the * default header template file. If your file is called header-new.php, * you would specify the filename in the hook as get_header( 'new' ). * * @since 2.1.0 * @since 2.8.0 $name parameter added. * * @param string|null $name Name of the specific header file to use. null for the default header. */ do_action( 'get_header', $name ); $templates = array(); $name = (string) $name; if ( '' !== $name ) { $templates[] = ""header-{$name}.php""; } $templates[] = 'header.php'; locate_template( $templates, true ); do_action( 'get_header_after', $name ); } }}}" rajanit2000 7 40511 get_blogs_of_user should return an array of WP_Site objects Networks and Sites normal normal Awaiting Review enhancement new 2017-04-21T10:24:55Z 2017-04-24T17:09:38Z Currently the get_blogs_of_user uses get_sites to get list of sites. The code loops through the list and creates std objects. However, this is now needed. It is much better to return a list of WP_Sites. spacedmonkey 5 40513 switch_to_blog should accept a WP_site as param needs-unit-tests Networks and Sites 3.0 normal normal Future Release enhancement new 2017-04-21T10:52:30Z 2022-02-01T13:18:39Z The switch_to_blog function currently only accepts a blog id. By passing a WP_Site object where available, it means switch has more context. The WP_site object has all the site information, including the network id. spacedmonkey 9 40518 multisite users table should use user's ID to get the avatar Users 4.7.4 normal normal Awaiting Review enhancement new 2017-04-21T18:51:08Z 2019-03-15T13:07:33Z "In class-wp-users-list-tables.php, the get_avatar() uses WP_User 's ID. {{{#!php <?php $avatar = get_avatar( $user_object->ID, 32 ); // Comma-separated list of user roles. $roles_list = implode( ', ', $user_roles ); $r = ""<tr id='user-$user_object->ID'>""; }}} (around line 438) However, in class-wp-ms-users-list-table.php, the get_avatar() uses WP_User 's email address. {{{#!php <?php $super_admins = get_super_admins(); $avatar = get_avatar( $user->user_email, 32 ); $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user->ID ) ) ); echo $avatar; }}} (around line 238) In my opinion, class-wp-ms-users-list-table.php should have the same behaviour. And we have already known that the user has been registered. So we should better use the User's ID." mc256 4 40521 Using a custom query var on a static front page results in wrong $post Posts, Post Types 4.7.4 normal normal Awaiting Review defect (bug) new 2017-04-21T20:52:36Z 2017-04-22T09:15:03Z "'''Steps to reproduce:''' * Create a page and make it the static front page * Add a new query var via filter in theme's functions.php: `add_filter( 'query_vars', function( $vars ) { array_push( $vars, 'buggy' ); return $vars; } );` * Open the front page setting the newly added query var (e.g. ""https://example.com/?buggy=yep"") '''Result:''' displays the latest blog post '''Expected result:''' displays front page" mechter 2 40523 populate_options doesn't use correct add_options actions dev-feedback Options, Meta APIs 1.5 normal normal Awaiting Review enhancement new 2017-04-21T23:17:27Z 2017-05-02T20:15:25Z populate_options is a special function, used to populate default option in the options table. To populate the options table, a single (and large) insert is used. Because the add_option isn't used, it means none of that functions actions are run. spacedmonkey 2 40524 Filter hook for max image columns in gallery settings has-patch Gallery 4.7.4 normal normal Awaiting Review enhancement new 2017-04-22T09:52:47Z 2017-04-22T10:10:03Z "It would be nice to have a filter for modifying maximum count of gallery columns. Or would this be a bad hook, because most of themes would not support more 9 (default maximum) columns out of the box?" JanneLeppanen 1 40525 apply_filters_deprecated() in WP_Rewrite SergeyBiryukov has-patch Rewrite Rules normal normal Future Release enhancement reviewing 2017-04-22T10:20:36Z 2021-06-01T13:55:01Z Use apply_filters_deprecated() for deprecated filters. sebastian.pisula 8 40527 Decouple WP_Customize_Manager Customize 4.8 normal normal Future Release enhancement new 2017-04-22T10:59:58Z 2017-09-25T17:24:37Z "When you create multiple instances of `WP_Customize_Manager` it adds/removes multiple hooks in its constructor which should be executed single time. So let's say if I want to create two new changeset posts it I will do. {{{#!php <?php $data = array( ... // Some changeset data. ); $manager1 = new WP_Customize_Manager(); $manager1->save_changeset_post( array( 'data' => $data ) ); $manager2 = new WP_Customize_Manager(); $manager2->save_changeset_post( array( 'data' => $data ) ); }}} This will cause `wp_ajax_customize_save` to add twice with `$manager1` and `$manager2` it should add only once. `wp_ajax_customize_save` is a just example. See Constructor: https://github.com/WordPress/WordPress/blob/5f771393a318d333503d5e13525dfcd543819302/wp-includes/class-wp-customize-manager.php#L229-L369. So we should decouple `WP_Customize_Manager` class and maybe extract changeset methods in separate class `WP_Customize_Changeset`." utkarshpatel 9 40528 Title with ascii paragraph separator is not being filtered on post save has-patch Posts, Post Types 4.7.4 normal normal Awaiting Review defect (bug) new 2017-04-22T11:09:01Z 2017-04-23T14:46:41Z While saving post, filter: title_save_pre only trim spaces before saving to database. In case of paragraph separator it get encoded with %e2%80%a9 . Same thing happen with permalink too. shpetimshala 40538 Fix or remove useless PHPUnit tests johnbillion* needs-unit-tests Build/Test Tools normal normal Future Release task (blessed) accepted 2017-04-23T01:11:24Z 2022-09-01T22:54:20Z "There are 29 tests in the test suite which don't perform an assertion. They should be fixed or removed. PHPUnit 6 has switched to being strict about useless tests by default, so that gives us an additional reason to address them. In addition, there's no reason for core's default PHPUnit configuration to not be strict about useless tests so the same behaviour is seen when running older versions of PHPUnit. Previously: #36016" johnbillion 12 40544 Keep toolbar showing at the top on mobile screens Toolbar normal normal Awaiting Review feature request new 2017-04-23T13:04:05Z 2021-08-13T17:22:14Z "Hi , when i travel some where then I use my phone to edit my blog. From last 1 week I'm using my phone to edit my website and I found difficaltly in editing my website. Like if I have open theme editor them I have to scroll up again and again to access menu :( when i scroll up then all the coding is mixed and make me confused where I have left . So what I mean is , there should be flying menu bar on top to access the menu easily :) with out scrolling the screen up . Like i'm sending two images for example , we have to scroll the screen up to view the menu :)" arvindsinghu 5 40552 Calling wp_parse_args() early, with $args as empty string, may cause fatal error dev-feedback Formatting normal normal Awaiting Review defect (bug) new 2017-04-24T15:41:28Z 2021-06-19T23:00:51Z "When running the unit test suite while working on #31245, I ran into an edge-case fatal error: {{{ Fatal error: Uncaught Error: Call to undefined function wp_parse_str() in /srv/www/wordpress-develop/public_html/src/wp-includes/functions.php on line 3487 Error: Call to undefined function wp_parse_str() in /srv/www/wordpress-develop/public_html/src/wp-includes/functions.php on line 3487 }}} Anytime between `functions.php` being loaded and `formatting.php` being loaded, calling `wp_parse_args()` with an empty string as the first parameter will trigger it, and I was doing this in the `wp_load_alloptions()` stack with my test code. It happens because `wp_parse_args()` calls `wp_parse_str()` when `$args` is an empty string, and because `formatting.php` is loaded well after `functions.php`, the above fatal happens. ---- It's not a bug in core today, but it could be a problem later. In my research, one place of relatively high risk is `register_setting()`. You'd need to pass an empty string as the third parameter, and it would need to be early in the stack, but it calls `wp_parse_args()` and is in `functions.php`. ---- One potential solution is to move `wp_parse_str()` out of `formatting.php` and into `functions.php`, alongside it's other `wp_parse_` siblings. Another would be to load `formatting.php` sooner." johnjamesjacoby 1 40554 Hide /wp-admin/network/site-settings.php Networks and Sites normal normal Awaiting Review enhancement new 2017-04-24T18:14:25Z 2017-04-25T16:26:43Z "WordPress developers have decided that `/wp-admin/options.php` is inappropriate to be shown to users and so there are no links to it. You can't click on a menu item and stumble across it. The only way to find it is to manually type in the URL. This is great because it prevents inexperienced users from making potentially disastrous changes, or at the very least being a bit confused. `/wp-admin/network/site-settings.php` is pretty much the same as `/wp-admin/options.php` except it hides options beginning with `_` and munges the option names to be slightly more human-readable. As such, I think it should be given the same treatment as `/wp-admin/options.php` - hide it completely so that nobody stumbles across it." tomdxw 1 40556 REST API: Allow for server generating a user's password has-patch REST API 4.7 normal normal Awaiting Review enhancement new 2017-04-24T18:47:07Z 2017-04-27T14:30:59Z "Currently the REST API requires the client to send a password when creating a user. Ideally, the server should generate a random password when none is provided. In WP Admin contexts this can be worked around by using the existing WP Ajax action to generate a password, but this does require a separate round trip. In non WP Admin contexts this forces the client to generate their own password securely and it also means filters like `random_password` won't be called. Patch incoming to automatically generate a password if the request parameter is omitted. If an empty string is passed, that still errors." TimothyBlynJacobs 2 40559 Bug when inserting images with TinyMCE for latest Chrome Editor 4.7.4 normal normal Future Release defect (bug) new 2017-04-25T02:03:44Z 2017-05-19T14:36:48Z "Environment: Windows 8.1 64bit Google Chrome ver 58.0.3029.81(latest) Google Chrome Canary ver 60.0.3079.0(Official Build)canary (64bit) Issue steps: Preparation test.jpg This is a test sentence.This is a test sentence.This is a test sentence. This is a test sentence.This is a test sentence.This is a test sentence. This is a test sentence.This is a test sentence.This is a test sentence. test.jpg is the name of the file to be inserted. 1)Select test.jpg with the mouse 2)Cut test.jpg with CTRL + X 3)Insert image from Add Media button After image insertion: <img src=""test.jpg"" />a test sentence.This is a test sentence.This is a test sentence. This is a test sentence.This is a test sentence.This is a test sentence. This is a test sentence.This is a test sentence.This is a test sentence. The img tag interrupts the sentence behind as described above. Please validate." dreative 5 40566 add_query_arg() returns only URL fragments in certain circumstances General normal normal Future Release enhancement new 2017-04-25T22:01:33Z 2020-07-28T05:35:11Z "The documentation for add_query_arg() - https://developer.wordpress.org/reference/functions/add_query_arg/ - and its docblock, both claim that it returns a URL. And this appears to be how it is commonly used. (I started looking into this because of it being used in WooCommerce in this way, a wrong assumption which ulimately causes a reproducible-every-time 404 on my webserver on password reset requests via WooCommerce). e.g. in the documentation: ""Retrieves a modified URL query string."" ""You can rebuild the URL and append query variables to the URL query by using this function"". It is also recommended to use esc_url() on what is returned - a function that states that it acts upon URLs, implying that what is returned is indeed a URL. The docblock says ""Retrieves a modified URL query string"" - which isn't a very clear statement (does it return a query string? Or a URL *with* modified query string?). It continues later with ""Omitting the URL from either use results in the current URL being used (the value of {{{$_SERVER['REQUEST_URI']}}})"". The last clause is where the problem comes in. {{{$_SERVER['REQUEST_URI']}}}, actually stores a path that is relative to the current host, only (i.e. not ""U""niversal). Another beautiful bit of PHP mis-design: http://php.net/manual/en/reserved.variables.server.php - ""The URI which was given in order to access this page; for instance, '/index.html'."" As a result, despite the documentation and expectation, add_query_arg() returns relative fragments. And when these are passed to wp_redirect(), as WooCommerce does, the result can be, as in my case, that the webserver gives a 404. (This appears to be related to changes to relative path handling in CGI output in recent versions of lighttpd. The problem is CGI-specific I think - it relates to how a webserver handles the output of a CGI script when that output has a Location: header without a full URL in it). It appears to me that in the default case of no URL being specified, add_query_arg() should return an actual URL, instead of a relative path. Perhaps related: #14062" DavidAnderson 3 40569 next_post_link parameters $format and $link, have default values that produce awkward to use output Formatting 4.7.4 normal normal Awaiting Review enhancement new 2017-04-26T02:45:16Z 2017-04-26T02:49:11Z "The default output when using the default next_post_link() is: {{{ <a href=""nextposturl"" rel=""next"">Post Title Linked here</a> » }}} Note how the » is left outside of the linked text by default. I believe for most users this will cause a styling issue to fix as soon as you use this function, and otherwise, seems improper for a default output. I used next_post_link() with the following values to get what I think should be default output behavior {{{ next_post_link( ""%link"", ""%title »"" ); }}} Which outputs: {{{ <a href=""nextposturl"" rel=""next"">Post Title Linked here »</a> }}} Note that the » is now inside of the linked text, and any css applied to the next post link will also affect the » by default, and no changes to function parameters would be required by users. To implement this enhancement, I believe you would simply move the » into the default value for the $link parameter, and out of the $format parameter default value." bhartlenn 40577 Introduce a capability for viewing the revisions of a post adamsilverstein needs-unit-tests Revisions 2.6 normal normal Future Release enhancement assigned 2017-04-26T11:36:57Z 2023-03-02T06:35:53Z "In order to view the revisions of a post, a user needs the ability to edit the post. This makes sense because it may be undesirable for users to be able to view older revisions of a post which they cannot edit. However it may be desirable to allow certain users to view the revisions of a post which they cannot edit, for example for auditing purposes, or to allow contributors to browse the revisions of their own published post." johnbillion 12 40581 When all columns are 'special' ... has-patch Administration normal normal Future Release defect (bug) new 2017-04-26T17:10:37Z 2019-03-02T16:12:56Z "In an admin page list, when all columns are 'special', no columns settings " Arena94 3 40585 'Update' vs 'Schedule' has-patch Posts, Post Types normal normal Awaiting Review defect (bug) reopened 2017-04-27T16:48:26Z 2017-05-08T18:44:30Z "Hi, today i work with WordPress and i noticed a problem. My timeline event is: 1) I have an article ""X"" published of the 26 april at 20.00. 2) Today, 27 april at 18.02 i start the edit the article 3) At 18.15 finish edit article and modified date of article in pubblication in 27 april at 18.15 4) Now i don't look button ""Update"" but i look button ""Planning"". I have feeling that WordPress don't check date in this moment (18.15) but check date open edit article (18.02). The article is pubblished in all cases but theoretically the article is deleter on the google serp for some minutes. Sorry for my english :)" micheleconversano 4 40587 Feed link markup should contain rel and type attributes has-patch Feeds normal normal Future Release enhancement new 2017-04-27T18:31:44Z 2017-05-19T15:01:56Z "The markup of feed links should really contain a {{{rel}}} and a {{{type}}} attribute. For example: {{{<a rel=""alternate"" type=""application/rss+xml"" href=""https://example.com/feed"">#</a>}}} The {{{post_comments_feed_link()}}} is an example of where this doesn't happen." henry.wright 12 40588 Trashing and restoring a draft post replaces the slug needs-unit-tests Posts, Post Types 4.5 normal normal Awaiting Review defect (bug) new 2017-04-27T20:39:43Z 2018-07-31T14:57:32Z "Using the latest version of WordPress, if you create a draft post with a slug, lets say 'test-post', then trash it and restore it, the slug becomes {{{__trashed-xxx}}}, where xxx is a number Related to https://core.trac.wordpress.org/ticket/11863" TJNowell 3 40590 "wp_video_shortcode always adds controls=""controls""" has-patch Media 4.7.4 normal normal Future Release defect (bug) new 2017-04-27T22:05:01Z 2019-01-17T21:21:54Z "wp_video_shortcode always adds `controls=""controls""` to the `<video>` tags it generates. The user should be able to pass in a value to `$attr` to disable output of `controls=""controls""`." paulschreiber 16 40593 Media library replace image popup not displaying completely below 641px width Media 4.7.4 normal normal Awaiting Review defect (bug) new 2017-04-28T10:04:38Z 2018-10-02T14:31:15Z "When trying to Replace Media with screen width below 641px the right panel of the popup gets hidden and there is no way to update image information like description and title. Tested in Chrome (Version 58.0.3029.81 64-bit) and Firefox (53.0 - 64 bit). Screenshots attached." subrataemfluence 1 40595 wp_authenticate_username_password() should respect WP_Error object generated by higher priorities Login and Registration 4.7.4 normal normal Awaiting Review defect (bug) new 2017-04-28T13:46:54Z 2017-04-28T13:59:39Z "If I've read through #19714 but believe this issue should be reopened. This issue affects anyone who needs to alter the normal authentication process by hooking into the authenticate filter at a high priority. Functions in the process flow should respect a WP_Error object if that is what it is handed, including wp_authenticate_username_password(). '''Expected Behavior''' function hooks ''authenticate'' filter, assigns priority 10. Function invalidates authentication attempt and returns a WP_Error object. Authentication should fail and error message displayed to user. '''Current Behavior''' Function hooks ''authenticate'' filter, assigns priority 10. Function invalidates authentication attempt and returns a WP_Error object. wp_authenticate_username_password() ignores WP_Error object, attempts authentication and returns its own error message, or goes ahead and authenticates the user. Functions could assign a priority less than 20 (i.e. 30), but then when will be required to decipher error codes and/or the user object to then determine if authentication should continue, '''after''' an authentication attempt has already been processed by wp_authenticate_username_password(), even if no authentication should have been attempted. In additon, if wp_authenticate_username_password() is not going to respect WP_Errors from higher priorities, why not assign it a priority of 1 and make it the very first item in the authentication process? " gilzow 40602 Implement immutable cache headers Script Loader normal normal Awaiting Review enhancement new 2017-04-29T00:01:18Z 2017-04-29T15:35:05Z "When you have js files that will not change in a certain version of Wordpress, why not set the immutable cache that is enabled on various browsers? https://hacks.mozilla.org/2017/01/using-immutable-caching-to-speed-up-the-web/ For example this url should never change output unless user changed the wordpress version, in which case the ver= will change, forcing browser to load that url. /wp-admin/load-scripts.php?c=gzip&load%5B%5D=jquery-core,jquery-migrate,jquery-ui-core,jquery-ui-widget,jquery-ui-mouse,underscore,mediaelement,jquery-ui-sortable&ver=4.7.4" programmin 2 40608 show view link and permalink when editing a post even if post type does not supports 'title' has-patch Posts, Post Types 4.8 normal normal Awaiting Review enhancement new 2017-04-29T23:29:30Z 2017-05-01T10:18:37Z "Hi ! When a post type does not supports the 'title' feature, The 'view post' and permalink are not displayed; which is not a logical behaviour : we still want to view those links even if the post does not have a title. With this patch, if this post type does not supports the 'title' feature; Only the input and label are hidden; not the entire block." grosbouff 2 40609 Cannot register an application/foo+xml mime type without also registering application/xml Upload normal normal Awaiting Review defect (bug) new 2017-04-30T04:05:08Z 2017-06-01T19:21:11Z "In wp_check_filetype_and_ext() there is a block that uses finfo_file to sniff the mime type of a file. When registering an application/foo+xml type the returned type from finfo_file is application/xml so to allow application/foo+xml using the upload_mimes filter one must also allow application/xml otherwise this real_mime check fails. It seems like the check should allow the original mime type if the real_mime is application/xml and the $mime is of the form application/foo+xml" paulsowden 1 40624 MP3 files with ID3v2 information can't be uploaded Upload 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-01T19:02:06Z 2020-12-18T18:11:44Z "When I upload an mp3 to the Media Library that has any ID3v2 information, I receive an error, ""Sorry, this file type is not permitted for security reasons."". When I removed the ID3v2 information, and solely had ID3v1 information, the upload completed successfully. mp3 files are an allowed file type in my WP installation. ALLOW_UNFILTERED_UPLOADS is false. " sophia4wp 2 40629 Change default template Editor 4.7.4 normal normal Future Release enhancement new 2017-05-02T06:17:50Z 2020-11-23T05:58:04Z "I recently required to change the default template of theme to another template. The site is already working since 3 months and now client wants to change the default template to the sidebar template while publishing new pages. There is no such action or filter available for it. I am trying to add filter for it but if anyone have other suggestions, please let me know." pratikgandhi 2 40630 "Advanced meta compare ""like"" in WP_Query" has-patch Query 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-02T06:28:33Z 2017-05-16T15:17:40Z "I try get posts with LIKE compare. For example: {{{#!php <?php add_action( 'init', function () { $q = new WP_Query( [ 'post_type' => 'any', 'meta_key' => '_stock_status', 'meta_value' => 'i%st', 'meta_compare' => 'LIKE', ] ); } ); }}} And I have SQL Query: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) WHERE 1=1 AND ( ( wp_postmeta.meta_key = '_stock_status' AND wp_postmeta.meta_value LIKE '%i\\%st%' ) ) AND wp_posts.post_type IN ('post', 'page', 'attachment', 'product') AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 10 }}} I can't get posts with meta value for example `instock` and other matched. " sebastian.pisula 1 40631 Safari issues with wp-includes/ms-files.php reporter-feedback Media 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-02T07:33:43Z 2020-07-28T10:19:56Z "We have a multi-site network with over 200 sites on it. Whilst the network is running WP 4.7.4–en_AU the network was originally built on a version prior to 3.5 and has been continually updated as versions become available. That being said, our network still uses the old file structure wp-content/blogs.dir/[site#]/files to store media. I've tried converting this over with no success and haven't really been able to find any good resources to help me do this beyond the things I've tried. So, our network continues to use the above path with the compatibility option of using wp-includes/ms-files.php which is called in the .htaccess file. However, there seems to be a bug in the ms-files.php that are causing some resources not to load properly when the sites are loaded into Safari or an iOS device. 1. PDF documents fail to load 2. CSS files that have been cached by our theme (it has it's own caching function) also fail to load. I've narrowed down the culprit to the lines of code in ms-file.php that output the headers. If I comment out the code on line 43: {{{#!php header( 'Content-Length: ' . filesize( $file ) ); }}} ...then the problem goes away. Not sure what impact commenting the above has but it doesn't seem to break the site so I've left it commented out. My best guess is that Safari doesn't like this header being sent out separately from the earlier one on line 41. It may even be a bug with Safari - not sure on this one. Anyway, thought I'd report it here to begin with. Cheers Chris " Brandicoot 3 40638 In attachments taxonomy displays slug instead of name has-patch Media 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-02T16:53:50Z 2020-02-04T18:47:50Z "Hello! Custom taxonomy registered for attachment displays as '''slug''' instead of '''name'''. It looks like this: [[Image(http://caseforyou.pro/two.png)]] It would be much better if it will looks like this: [[Image(http://caseforyou.pro/one.png)]] It is a only one thing to do. Replace string {{{#!php $values[] = $term->slug; }}} to {{{#!php $values[] = $term->name; }}} in file /wp-admin/includes/media.php at line number 1652. The code fragment: [[Image(http://caseforyou.pro/three.png)]] Could you do this change and inlclude in one of the followings releases? Thank you!" snookerist 1 40642 Add new filter to populate_options dev-feedback Options, Meta APIs 1.5 normal normal Awaiting Review enhancement new 2017-05-02T20:05:34Z 2017-05-02T20:12:33Z The populate_options is used in the install of WordPress, both single and multisite. When creating options, it loops around an array of default options. Adding a filter to this array, would allow for new settings to be populated on install. spacedmonkey 40643 Russian post date month translation is incorrect I18N 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-02T22:45:20Z 2017-05-02T23:37:59Z "Was wondering if you could fix the post dates for the Russian translation of the months. You can see for example that the post date on https://cyhacker.com/ says ""3RD МАЙ 2017"", for example. This is using the [https://translate.wordpress.org/projects/wp/dev/ru/default?filters%5Bstatus%5D=either&filters%5Boriginal_id%5D=2723&filters%5Btranslation_id%5D=76439 normal form] of ""May"". It should be ""3RD МАЯ 2017"", which is using the [https://translate.wordpress.org/projects/wp/dev/ru/default?filters%5Bstatus%5D=either&filters%5Boriginal_id%5D=1367227&filters%5Btranslation_id%5D=31279546 genitive form] of ""May"". Not sure if or where I could tweak this. This actually goes for all months, where the genitive form should be used." chepurko 2 40646 Move code from `ms-settings.php` into functions needs-unit-tests Networks and Sites normal normal Future Release enhancement new 2017-05-03T10:03:16Z 2017-08-29T16:16:58Z "As briefly discussed during yesterday's office-hours, it would be a good idea to move most of the bootstrap code from `ms-settings.php` into separate functions. `ms_load_current_site_and_network()` which was added in [37475] was a good first step in that direction. Let's introduce further functions (possibly small units) to make `ms-settings.php` less complex and more functionality testable. Once `ms-settings.php` becomes more lightweight, we may even think about removing that file and handling all of it in `wp-settings.php`, as this would give a better overview of the entire core bootstrapping process. This ticket is a subticket for #40623." flixos90 5 40649 parent_file filter seems to be overwritten by get_admin_page_parent call Menus 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-03T13:37:51Z 2019-06-10T22:21:53Z "In wp-admin/menu-header.php the filter `parent_file` seems to have little to no impact most of the time. This is because the global `$parent_file` variable often gets immediately overwritten by the `get_admin_page_parent` function call. {{{#!php <?php /** * Filters the parent file of an admin menu sub-menu item. * * Allows plugins to move sub-menu items around. * * @since MU * * @param string $parent_file The parent file. */ $parent_file = apply_filters( 'parent_file', $parent_file ); /** * Filters the file of an admin menu sub-menu item. * * @since 4.4.0 * * @param string $submenu_file The submenu file. * @param string $parent_file The submenu item's parent file. */ $submenu_file = apply_filters( 'submenu_file', $submenu_file, $parent_file ); get_admin_page_parent(); }}} I am not completely sure what the purpose of the `get_admin_page_parent` is, but maybe the filter should be called after or inside that function? To try to give an example. If I have the ""Broken Link Checker"" plugin installed and try to move it's settings page to the Tools menu I would want use this code: {{{#!php <?php add_filter('parent_file', 'move_to_tools'); function move_to_tools($parent_file){ global $hook_suffix; if($hook_suffix === 'settings_page_link-checker-settings'){ $parent_file = 'tools.php'; } return $parent_file; }; }}} However, because of the above mentioned issue this code does nothing. I am aware completely moving a settings page requires more work than this, this is purely an example." jontis 2 40650 get_pages() should accept 'any' among it's post_status arg has-patch Posts, Post Types 4.7.4 normal normal Awaiting Review enhancement new 2017-05-03T14:42:23Z 2023-07-06T12:29:19Z "`WP_Query::get_posts()` accepts `'any'` among it's `$post_status` `$query_vars` and I think `get_pages()` should do the same. I've combed through the 4.7.4 core code and can't find any place where this enhancement would break existing code." pbiron 4 40651 Plugins: Make it easier to find plugin settings after install Plugins normal normal Awaiting Review feature request new 2017-05-03T18:24:19Z 2017-05-04T14:01:14Z "After installing new plugins, I invariably end up spending time hunting down wherever I need to configure or use it. Some plugins add a ""Settings"" link to their plugin card (very useful!) but this isn't always the case. It would be great to find a way to direct people to the settings screens upon activation. " melchoyce 2 40660 the_post_navigation not excluding terms - wp 4.7.4 has-patch Query 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-04T10:05:34Z 2020-07-28T05:59:17Z "I'm retrieving the post navigation as so {{{#!php <?php $args = array( 'in_same_term' => true, 'excluded_terms' => '129', 'taxonomy' => 'category' ); the_post_navigation( $args ) }}} I've debugged and it constructs the $where clause here as it should (properly excluding the term) https://github.com/WordPress/WordPress/blob/master/wp-includes/link-template.php#L1647 {{{ $where = AND tt.taxonomy = 'category' AND tt.term_id IN (127) AND p.ID NOT IN ( SELECT tr.object_id FROM wp_term_relationships tr LEFT JOIN wp_term_taxonomy tt ON (tr.term_taxonomy_id = tt.term_taxonomy_id) WHERE tt.term_id IN (129) ) AND ( p.post_status = 'publish' OR p.post_status = 'private' ) }}} This is then replaced here https://github.com/WordPress/WordPress/blob/master/wp-includes/link-template.php#L1716 it improperly constructs the where clause so that the result is as follows {{{ $where = WHERE p.menu_order > '2' AND p.post_type = 'post' AND p.post_status = 'publish' }}} This means i cannot excluded other categories from the post navigation or specify which categories to exclude. " Sbaxter_Quba 1 40661 WP_Term_Query->parse_query() needs filter like 'get_terms' needs-unit-tests Taxonomy normal normal Awaiting Review enhancement new 2017-05-04T10:28:28Z 2017-08-04T17:50:55Z "The new class/method WP_Term_Query->parse_query() does not provide a filter like the old function get_terms() does. Using WP_Term_Query directly has thus different functionality from using the old wp_terms function. Using a plugin like: https://wordpress.org/support/plugin/custom-taxonomy-order-ne/ with a custom term_order field and sorting based on that, gives the default sort based on name. Adding a filter to the method like get_terms, provides backwards compatibility for plugin and theme authors, that are switching to WP_Term_Query directly. This filter gives options to apply a custom order to the list of terms. Reference on support forum: https://wordpress.org/support/topic/doesnt-reorder-when-using-wp_term_query/ If adding a filter is somehow not wanted by core devs, then I will have to answer to add this filter manually to the code when support requests are coming. To be clear, I would consider that a valid response." mpol 8 40675 Accented letter at end of line displays wrong reporter-feedback Editor 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-05T09:48:17Z 2020-11-24T06:25:54Z "In WordPress (last version) if a line of text '''ends with an accented letter''' (ie ""Università""), the accented letter is displayed as a ""?"" (unknown character). If replaced with à it displays correctly. It happens on all wordpress sites I have (different plugins, different themes)." niente0 3 40676 wpautop adds opening & closing p tags around the opening a tag and around the closing a tag when the link contains certain flow content elements like div, h1, h2... needs-unit-tests Formatting 4.8 normal normal Awaiting Review defect (bug) new 2017-05-05T10:55:47Z 2017-07-21T11:02:23Z "Hi, == Description == wpautop leaves {{{<a href="""">}}} (opening tag of the link) in between {{{<p></p>}}} tags and {{{</a>}}} (closing tag of the link) in between {{{<p></p>}}} tags when the link contains certain flow content elements like div, h1, h2... == Example 1 == If I add this to the HTML editor: {{{ <a href=""https://example.com/""><div>DIV inside link</div></a> }}} The output source code is: {{{ <p><a href=""https://example.com/""></p> <div>DIV inside link</div> <p></a></p> }}} ---- == Example 2 == If I add this to the HTML editor: {{{ <a href=""https://example.com/""><h1>H1 inside link</h1></a> }}} The output source code is: {{{ <p><a href=""https://example.com/""></p> <h1>H1 inside link</h1> <p></a></p> }}} ---- == Note 1 == I would like to point out that html '''''flow content'' elements such as {{{<div>}}} or headings ({{{<h1>, <h2>, <h3>}}} ,...) belong to the category of permitted content for the {{{<a>}}} element'''. References: [https://html.spec.whatwg.org/multipage/semantics.html#the-a-element WHATWG HTML Living Standard |The definition of a] [http://www.w3.org/TR/html5/text-level-semantics.html#the-a-element HTML5 | The definition of a] [https://developer.mozilla.org/en/docs/Web/HTML/Element/a MDN | The definition of a.] ---- == Note 2 == This issue might be related to ticket #34722" diegocanal 13 40682 get_current_blog_id() and get_current_network_id() are loaded before absint() Networks and Sites 3.5 normal normal Awaiting Review defect (bug) new 2017-05-06T06:41:04Z 2019-02-23T15:35:39Z In r21484, these functions were moved to `wp-includes/load.php`. Regardless of when they are *supposed* to be called, they are available to be called by cache plugins before `absint()` exists in the ether. If caching plugins are indeed accessing `global $blog_id` this early, seems like a race condition somewhere. wonderboymusic 3 40685 /wp-includes/class-wp-hook.php function resort_active_iterations not working correct General 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-06T19:23:26Z 2017-06-08T00:02:14Z "if you have current priority of 5, whose only hook is cancelling itself (remove_filter) and the new priority list is for example (2,7,12), then this part {{{#!php while ( current( $iteration ) < $current ) { if ( false === next( $iteration ) ) { break; } } }}} sets the current pointer to 7, so the next priority worked on is the 12 in apply_filters function, while it should be 7. " tim2017 3 40686 CSS: introduce naming and usage conventions for JS targeting Administration normal normal Awaiting Review enhancement new 2017-05-07T13:34:50Z 2021-05-06T21:56:00Z "As part of the broader goal of the [https://make.wordpress.org/core/2014/12/19/core-css-roadmap/ CSS roadmap], it would be great to start introducing CSS classes naming and usage conventions for JS targeting. This need clearly emerged during the ongoing exploration to revamp the Settings API, and woud benefit all the codebase. Work on the Settings API is happening on GitHub and [https://github.com/wpaccessibility/settings-api-enhanced/issues/11 there's an open issue for this]. Quoting from the doc @helen prepared to share some thoughts (the doc is available on the GitHub issue): > Reusing styling class names is fragile and obscures intent when doing long-term maintenance. Personally, I can only add that I can't count the number of times when touching some CSS class or ID forced me to check all the codebase to make sure they weren't used also for JavaScript related purposes :) " afercia 5 40687 pre_option_upload_url_path filter no longer working General 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-07T20:42:53Z 2019-08-16T15:34:05Z "“pre_option_upload_url_path” filter is not working since WP 4.7. This is my use case that used to work like a charm before, it's pretty simple and seems like an issue in the {{{wp_upload_dir()}}} function in {{{/wp-includes/functions.php}}} file. {{{ function cdn_url() { return 'http://cdn.domain/wp-content/uploads'; } add_filter( 'pre_option_upload_url_path', 'cdn_url' ); }}} " QROkes 2 40688 there is a bug in deleting a photo and replacing it by the new photo with the same name reporter-feedback Media 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-07T21:04:41Z 2023-06-06T09:45:05Z there is a bug when you want to permanently delete some photo from library and replace some other one with the same name in library. when you do this the first photo in web page wont be changed i mean the first photo still appears on the web page so you should change the name of the new photo for uploading it and showing it instead of the older one. Navid.abazari 6 40692 Filter default image size in gallery Gallery 4.8 normal normal Awaiting Review defect (bug) new 2017-05-08T13:39:43Z 2020-09-21T11:10:24Z "Using the `media_view_settings` filter, I can specify default `link` and `column` settings for new galleries but the `size` parameter is not filterable. For example: {{{ function me_filter_gallery_settings( $settings ) { // This will successfully set the default number of columns to 5 $settings['galleryDefaults']['columns'] = 5; // This does nothing $settings['galleryDefaults']['size'] = 'large'; return $settings; } add_filter( 'media_view_settings', 'me_filter_gallery_settings' ); }}} I know that it’s possible to override these defaults when outputting the gallery via the `gallery_shortcode`. However, this may be confusing to the user who would expect to see the same value for the image size appear when the gallery is generated on the front end as they have seen in the admin. To clarify: at the moment, I can set a default size for gallery images to ‘medium’, for example, although in the Gallery Settings panel in the page editor, the size will still display as ‘Thumbnail’. Indeed, the user could change the value of the size field without actually affecting the image size on the front end. [[Image(https://catapultthemes.com/wp-content/uploads/2017/05/gallery-admin-default-size.jpeg)]] In wp-includes/media-template.php replace lines 775 - 779 with: {{{ foreach ( $size_names as $size => $label ) : ?> <option value=""<?php echo esc_attr( $size ); ?>"" <# if ( '<?php echo $size ?>' == wp.media.galleryDefaults.size ) { #>selected=""selected""<# } #>> <?php echo esc_html( $label ); ?> </option> <?php endforeach; ?> }}} This will allow: {{{ function me_filter_gallery_settings( $settings ) { $settings['galleryDefaults']['size'] = 'large'; return $settings; } add_filter( 'media_view_settings', 'me_filter_gallery_settings' ); }}} Thereby allowing plugin and theme developers to set a default value for the image size in galleries." Catapult_Themes 7 40694 dbDelta uses suppressed errors to detect table absence has-patch Database normal normal Future Release defect (bug) new 2017-05-08T20:00:36Z 2019-12-01T08:38:14Z "In dbDelta, `$tablefields` is populated by the statement `DESCRIBE {$table}`. When the table does not exist, this statement fails with an error. This statement is executed with error suppression enabled. Handling of suppressed errors is customizable in database drop-ins. In one large case, suppressed errors are logged for analysis. These suppressed `DESCRIBE` errors are considered a bug because it's possible to check for the presence of a table without errors by using a `SHOW TABLES LIKE` statement. It would be preferable to leave error suppression out of dbDelta and use the `SHOW TABLES LIKE` statement, as in the attached patch." andy 3 40695 `install_blog` suppresses database errors has-patch Database normal normal Future Release defect (bug) new 2017-05-08T20:18:03Z 2017-06-01T19:19:28Z "`install_blog` uses error suppression and `DESCRIBE $table` to detect the absence of tables. Error suppression can be removed in favor of `SHOW TABLES LIKE $table`, as in the patch on #40694. Another source of errors in `install_blog` is the call to `get_blogaddress_by_id`. This attempts to read the site's `home` attribute which hits the magic `WP_Site->__get`, which ultimately leads to a `SELECT` against the non-existent options table." andy 4 40696 no chance to control wp_count_terms () audrasjb* has-patch Taxonomy 4.7.4 normal normal Future Release enhancement accepted 2017-05-08T22:15:56Z 2022-09-19T19:18:21Z "Hey! I'm wondering if i have no chance to filter the resulting number of wp_count_terms (). Theres no filter available there. wp_count_terms () calls get_terms () but it returns the result of $term_query before (""Count queries are not filtered, for legacy reasons."") the ""get_terms"" filter is appliable. So i see no chance to control result of wp_count_terms () without (heavy) diggin in to WP_Term_Query(). Is there a chance for a filter before the function returns in this case? thank you a lot, Christian" krizkroz 13 40701 Admin menu icon distorted in Chrome when #adminmenu folded has-patch Administration 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-09T11:17:06Z 2017-06-22T21:30:33Z "By default - when the admin menu is not folded - the icons in the admin menu are 36px wide. {{{ #adminmenu div.wp-menu-image { float: left; width: 36px; height: 34px; margin: 0; text-align: center; } }}} With this width, Chrome renders the icons sharp. When the admin menu is folded it changes the width to 35px: {{{ .folded #adminmenu div.wp-menu-image { width: 35px; height: 30px; position: absolute; z-index: 25; } }}} The icons are blurry as the lines in the icon shifted 0.5px horizontally -> antialising. Possible solution: Do not force .wp-menu-image to 35px when the menu folded. {{{ .folded #adminmenu div.wp-menu-image { height: 30px; position: absolute; z-index: 25; } }}}" nextendweb 2 40705 Unable to login to admin backend from a wordpress login modal window Login and Registration 4.7.3 normal normal Awaiting Review enhancement new 2017-05-09T19:48:11Z 2017-05-09T21:15:38Z "Hello, I am unable to login to WordPress backend from the login modal. Always get 'ERROR: The password field is empty.' error but if I login through this link https://yourwebsite.com/wp-admin/ or https://yourwebsite.com/wp-login.php it works. I believe the modal login should work irrespective of where you are? Have experienced this on more than five sites. See the attached screenshot. http://prnt.sc/f5xwb8 Thanks" dickensayieko 1 40706 pasting text that has emojis into a new post breaks autosave and save draft Autosave 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-09T20:30:32Z 2017-05-09T20:35:10Z "When copying text that includes emoji's into the editor, then clicking save draft, the page refreshes and doesn't save any of the text in the editor. Copying initially from Google Docs with and without emojis. I haven't specifically limited it down to only Google Docs copying; i'm not a writer and i hate emojis so. Good luck on the bug hunt, but it's definitely a thing. " ryno267 1 40711 WP_Post:get_instance: Update cache if $_post->filter is empty has-patch Posts, Post Types 4.7.4 normal normal Awaiting Review enhancement new 2017-05-10T09:52:07Z 2017-05-10T12:48:51Z "WP_Post::get_instance always returns raw filtered posts. At least in my tests it gets many hits where a post is already cached, but not filtered. For each hit it calls sanitize_post again. To improve performance, if a cached post isn't filtered, update the cache after calling sanitize_post. class-wp-post.php, line 228: Instead of {{{#!php } elseif ( empty( $_post->filter ) ) { $_post = sanitize_post( $_post, 'raw' ); } }}} add wp_cache_replace {{{#!php } elseif ( empty( $_post->filter ) ) { $_post = sanitize_post( $_post, 'raw' ); wp_cache_replace( $_post->ID, $_post, 'posts' ); } }}} This significantly reduces unnecessary calls to sanitize_post. " greencp 40716 WordPress's magic quotes emulation doesn't slash keys like PHP's built-in magic quotes General 0.71 normal normal Awaiting Review defect (bug) new 2017-05-10T14:56:49Z 2017-06-06T06:48:41Z "PHP's built-in magic quotes feature [https://secure.php.net/manual/en/security.magicquotes.disabling.php#69024 not only slashed values, but also keys]. However, although WordPress emulates the magic quotes feature even when it is disabled/unavailable, it has apparently never slashed keys of the GPC arrays, only the values. As a consequence of this, I was just dealing with a bug in a plugin that a user was experiencing on PHP 5.2, but I had never witnessed on newer versions of PHP (5.6, 7.0), which did not have magic quotes enabled. The plugin POSTs data via Ajax that includes both keys and values containing backslashes. This data will be double-slashed by the magic quotes feature. So in the Ajax handler, this data is passed through `wp_unslash()`, and so the original, single-slashed values can then be utilized. However, `wp_unslash()` does not unslash the keys. When PHP's magic quotes are disabled, this is not a problem, because WordPress's magic quotes do not slash keys. But on older versions of PHP where magic quotes are enabled by default, PHP will slash both the keys and values, and `wp_unslash()` will not unslash the keys. Data flow: {{{ # WordPress's magic quotes emulation: POST => Data containing slashes in keys and values posted. add_magic_quotes() => Slashes in values are escaped. wp_unslash() => Escaping slashes in values removed. result: data is unchanged. --- # PHP's magic quotes: POST => Data containing slashes in keys and values posted. magic_quotes_gpc => Slashes in values *and keys* escaped. wp_unslash() => Escaping slashes in values removed. result: values unchanged, keys still double-slashed. }}} In other words, there is an inconsistency in how data is slashes on different PHP configurations, despite WordPress's efforts to standardize it. The values are consistent in the way that they are slashed, but keys are not." jdgrimes 1 40719 iis7_add_rewrite_rule and iis7_delete_rewrite_rule create malformed web.config Rewrite Rules 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-10T19:14:11Z 2020-02-15T21:56:04Z "Running wordpress in azure on version 4.7.4 and i have a custom web config utilizing the location directive. The methods iis7_add_rewrite_rule and iis7_delete_rewrite_rule do not take into account when these directives exist and create a new system.webserver line in the web.config at the bottom causing the server to 500 error. This seems to happen even when simply deleting a post using the admin console, wp is thinking the web.config is wrong and trying to add lines. As an immediate work around i have disabled these methods, is there a configuration that will allow me to stop wordpress from ever doing this? I dont have the ability to change the web.config permissions because its a PAAS implementation. Example config: <configuration> <location path=""wp-admin""> <system.webServer> <security> <ipSecurity allowUnlisted=""false""> <add ipAddress=""x.x.x.x"" allowed=""true"" /> </ipSecurity> </security> </system.webServer> </location> <location> <system.webServer> <security> <requestFiltering removeServerHeader=""true"" /> </security> </system.webServer> </location> </configuration> This is only a partial sample of the file. " jaendres 1 40736 Ensure that `get_blog_count()` and `get_user_count()` return an integer dev-feedback Networks and Sites normal normal Future Release defect (bug) new 2017-05-11T18:59:30Z 2021-06-07T09:57:58Z "The documentation for the functions `get_blog_count()` and `get_user_count()` states that the return type is an integer, however the functions only call `get_network_option()` without any typecast. The functions should be adjusted to actually reflect their documentation. While this might theoretically be problematic in terms of backward-compatibility, in #40724 some initial thoughts of this being a viable change were expressed, so let's think about it on this ticket." flixos90 9 40737 Script tags inside unclosed HTML comment in value passed to WP_Script->localize() breaks page has-patch Script Loader normal normal Awaiting Review defect (bug) new 2017-05-11T19:26:30Z 2017-06-01T18:45:45Z "Hi. Thanks for your time. I encountered an edge case with the WP_Script->localize() method that can cause malformed html and cause javascript on the page to break. Our site has a custom field for adding pixel tracking code html snippets. On the post edit admin page, the values from the custom fields are run through the localize method by the Wordpress-SEO plugin which adds their values to the wpseoReplaceVarsL10n var. One of our users pasted code into this field like the following: {{{ <!-- Code comment --!> <script> console.log('test'); </script> }}} This gets serialized to JSON by WP_Script->localize and ends up being output like this. I simplified the structure a bit for the example. {{{ <script type='text/javascript'> /* <![CDATA[ */ var wpseoReplaceVarsL10n = {""custom_header_html"":""<!-- Code comment --!>\r\n<script>\r\nconsole.log('test');\r\n<\/script>""}; /* ]]> */ </script> }}} This catches some interesting edge behavior in the browser. Notice the code comment is not actually closed correctly because it has {{{--!>}}} instead of {{{-->}}}. When testing that in html, I noticed that browsers seem to treat it as closing the comment and it doesn't break the page. It must be a common enough mistake. If the field value is changed it have the proper {{{-->}}}, there are no issues. It also requires the {{{<script>}}} tag to be inside the unclosed comment for it to be an issue. It can be worked around by replacing {{{<script>}}} tags in the output with a string concatenated {{{<scri"" + ""pt>}}} version. Other potential solutions would be replacing the {{{<}}} and {{{>}}} tag markers with unicode points like the {{{JSON_HEX_TAG}}} option to {{{json_encode()}}} in PHP 5.3+ does. But that will cause a lot more replacements and also increase the page size more. I think `str_replace( '<script', '<scr"" + ""ipt', wp_json_encode( $l10n ) )` is probably the least intrusive solution. I attached a patch with that update for your consideration. Thanks for your time reviewing this. " rmarscher 40748 Use REST API for Community Events needs-unit-tests REST API 4.8 normal normal Future Release enhancement new 2017-05-12T17:39:23Z 2020-10-25T03:56:50Z "#40702 introduced new Community Events to the News widget on the Dashboard screen, but it uses admin-AJAX. Converting to the REST API is a good opportunity to lay some groundwork for migration the rest of wp-admin in the future. The work for this was started in #40702, but it'll be easier to keep track of with a new ticket. I'm working on an updated version of `40702.11.diff` and will upload it soon." iandunn 14 40751 Login form - Consider making Back to {site name} & Lost your password inline. has-patch General 4.7.4 normal normal Awaiting Review enhancement new 2017-05-13T06:11:34Z 2017-05-15T14:44:39Z "Will it not look good, if we make the login and Back to site button below the login-form inline? Or atleast we can remove padding-left from login and back to site button, so it will be aligned with the login form. {{{ .login #nav, .login #backtoblog { font-size: 13px; padding: 0 24px 0; } }}} [[Image(https://goo.gl/KZ7elv)]] " pratik028 3 40759 Word Count Discrepancies has-patch Editor normal normal Awaiting Review defect (bug) new 2017-05-14T12:36:09Z 2020-11-24T06:27:13Z "I've noticed several discrepancies between how WordPress, Pages, Google Docs, and Word count words. Given the following text, all four count things quite differently. {{{ a 1 foo-bar e.g. jack & jill 5 @ $4.99 . fuzz@baz.blog }}} || ||= WordPress =||= Word =||= Pages =||= Docs =|| || Individual Words (a, jack, jill) || 3 || 3 || 3 || 3 || || Individual Numbers (1, 5) || 0 || 2 || 2 || 2 || || Hyphenated Words (foo-bar) || 1 || 1 || 2 || 1 || || Abbreviations (e.g.) || 1 || 1 || 2 || 2 || || Punctuation that translates to a word (&) || 0 || 1 || 0 || 0 || || Punctuation that translates to a word in this usage (@) || 0 || 1 || 0 || 0 || || Punctuation that doesn't translate to a word (.) || 0 || 1 || 0 || 0 || || Compound number ($4.99) || 0 || 1 || 1 || 2 || || Email address (`fuzz@baz.blog`) || 1 || 1 || 3 || 3 || I tend to fall in the camp of ""what would a reasonable native speaker count as a word"", which is probably closest to Word's definition, minus the punctuation that doesn't translate to a word." pento 6 40760 Make Walker_Page::start_lvl more flexible by introducing filters for class name(s) at least has-patch Menus normal normal Awaiting Review enhancement new 2017-05-14T13:22:04Z 2017-05-15T16:59:37Z "Related: #36163, #40359, #40666 We should harmonize the filters available in the 3 main `Walker` classes. " pbiron 4 40761 Make Walker_Category::start_lvl more flexible by introducing filters for class name(s) at least has-patch Taxonomy normal normal Awaiting Review enhancement new 2017-05-14T13:24:12Z 2017-05-15T16:31:15Z " Related: #36163, #40359, #40666, #40760 We should harmonize the filters available in the 3 main `Walker` classes." pbiron 2 40768 site.com/login should not redirect to login page when user is already logged in has-patch Login and Registration normal normal Awaiting Review enhancement new 2017-05-15T13:53:08Z 2023-08-18T11:01:29Z "When I am already logged in I should not be redirected to Login page if I type in `mysite.com/login`. Rather WordPress should be able to decide which page I should be on in this situation. Being redirected to Login page even when I am already logged in must be treated as a bug. The reason is I am being able to login as a different user by going to login page directly when I am already logged in! For example if I am already logged in as admin and type in `mysite.com/login` I should directly be taken to `wp-admin`. Same decision could be taken for different user privileges like if I am logged in as a subscriber or as a participant then I might land on site's home page. Inspired from #40762 I have modified the decider so that WordPress can take this decision itself and stop landing logged in users to login page." subrataemfluence 8 40769 Translators' note required for singular/plural strings where both strings are in the singular form I18N 4.8 normal normal Awaiting Review enhancement new 2017-05-15T14:33:18Z 2021-11-23T11:44:53Z "There is some confusion for translators in GlotPress over WordPress 4.8.x as some of the singular/plural strings are singular in the originals. For example: Singular: Audio Widget (%d) Plural: Audio Widget (%d) A translators' note would be handy here to explain why the plural is not Audio Widget'''s''' in this case. This currently relates to four strings: [https://translate.wordpress.org/projects/wp/dev/en-gb/default?filters%5Bstatus%5D=either&filters%5Boriginal_id%5D=4483096&filters%5Btranslation_id%5D=49716087/ Audio Widget] [https://translate.wordpress.org/projects/wp/dev/en-gb/default?filters%5Bstatus%5D=either&filters%5Boriginal_id%5D=4483106&filters%5Btranslation_id%5D=49716079/ Image Widget] [https://translate.wordpress.org/projects/wp/dev/en-gb/default?filters%5Bstatus%5D=either&filters%5Boriginal_id%5D=4483125&filters%5Btranslation_id%5D=49716063/ Media Widget] [https://translate.wordpress.org/projects/wp/dev/en-gb/default?filters%5Bstatus%5D=either&filters%5Boriginal_id%5D=4483114&filters%5Btranslation_id%5D=49716070/ Video Widget]" pidengmor 10 40774 Refine error message when embedding invalid Video (URL) has-patch Media 4.8 normal normal Awaiting Review enhancement new 2017-05-16T02:11:00Z 2017-09-14T19:00:17Z "like in #40771 you get the following error when your link is invalid: {{{ Sorry, we can’t display the video file type selected. Please select a supported video file (...) or stream (YouTube or Vimeo) instead. }}} When posting an incomplete youtube link for example it's not the file type but a character wrong or missing. I propose to change the error message like in the patch attached: {{{ Sorry, either the selected file type is not supported or the video stream is invalid. Please make sure to select one of the following video file types (%1$s) or a valid stream (YouTube or Vimeo) instead. }}} " Presskopp 4 40776 "Feature request : Need class parameter for ""Twitter"" embed share" Embeds normal normal Awaiting Review enhancement new 2017-05-16T06:47:48Z 2019-04-25T13:08:46Z "'''Note:''' Twitter embedded share already working nicely. This is an only feature request. I want to update twitter embed share, but I can't edit or modify that default twitter embed share because it's an iframe. ''For example'', I want to make twitter share as a 'center aligned' within my content area when writing blog posts. (There are number of possibilities as well.) Yes, I found the solution for twitter share center alignment. We need to add one class with iframe - '''''tw-align-center''''' but there is no input box/area available in popup where I can write down my custom classes. Please check this screenshot for more detail - https://d.pr/f32E0" sanjaydabhoya 1 40779 function_exists() audit in wp-db.php dev-feedback Database low minor Awaiting Review defect (bug) new 2017-05-16T14:47:06Z 2021-06-01T12:50:59Z "A few `function_exists()` checks can be removed from `wp-db.php`, thanks to recent load order changes, probably nobody having looked in a while, and generally being afraid to break DB drop-ins: All of these functions are in files now loaded ahead of `require_wp_db()`: * `is_multisite` (load.php) * `_deprecated_function` (functions.php) * `mb_strlen` (compat.php) Bonus: * `mb_check_encoding()` could *maybe* be a new function in compat.php (it's used 3 times in core, using `@` or `function_exists`) ---- The only caveats are the installation process, and 10+ year-old HyperDB versions that do the old-school deep-integration thing, of directly including files – they'll need extra scrutiny." johnjamesjacoby 1 40784 WP_HTTP_IXR_Client constructor needs to check that $server is valid has-patch HTTP API 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-17T12:11:28Z 2017-08-04T22:03:31Z "ErrorException is thrown: {{{Undefined index: host}}} and {{{Undefined index: scheme }}} When WP_HTTP_IXR_Client is instantiated in {{{pingback()}}}, {{{$path}}} is checked, but {{{$server}}} may still be invalid or false, which sends an invalid URL to {{{parse_url()}}}. Instantiation: {{{ $client = new WP_HTTP_IXR_Client($pingback_server_url); }}} Excerpt from class: {{{#!php <?php class WP_HTTP_IXR_Client extends IXR_Client { public $scheme; /** * @var IXR_Error */ public $error; /** * @param string $server * @param string|bool $path * @param int|bool $port * @param int $timeout */ public function __construct($server, $path = false, $port = false, $timeout = 15) { if ( ! $path ) { // Assume we have been given a URL instead $bits = parse_url($server); $this->scheme = $bits['scheme']; $this->server = $bits['host']; ... }}} In the code that instantiates {{{WP_HTTP_IXR_Client}}}, it is clear that {{{discover_pingback_server_uri}}} could return false, which then gets passed as a constructor parameter. Relevant code block: {{{ $pingback_server_url = discover_pingback_server_uri( $pagelinkedto ); if ( $pingback_server_url ) { @ set_time_limit( 60 ); // Now, the RPC call $pagelinkedfrom = get_permalink( $post ); // using a timeout of 3 seconds should be enough to cover slow servers $client = new WP_HTTP_IXR_Client($pingback_server_url); $client->timeout = 3; }}} Possible resolution: {{{filter_var($server, FILTER_VALIDATE_URL) }}} should be used to test the URL prior to {{{parse_url($server)}}}" chrispecoraro 2 40785 Image caption in WYSIWYG is not displaying in post page Media 4.7.5 normal normal Awaiting Review defect (bug) new 2017-05-17T13:53:07Z 2017-05-19T11:15:53Z "I have uploaded an image to my post via Media upload utility of WYSIWYG editor and added a caption to it. When I go the post page, the image is there but the caption is not showing up anywhere, which ideally should be underneath the image. In wp_posts table the content was saved as: {{{ <div class=""section-hotel-details-text-all"">Nestled among ski slopes in the Garhwal Himalayas, this secluded hotel is 23 km from Panch Prayag temple and 25 km from Nanda Devi National Park. In winter, the property is only accessible by cable car.</div> <div class=""section-hotel-details-text-all""></div> <div class=""section-hotel-details-text-all"">Ranging from studios to 2-bedroom suites, the cosy lodgings come with cable TV and kitchenettes with minifridges, microwaves and stoves. Suites add living rooms and dining areas.</div> <div class=""section-hotel-details-text-all""></div> <div class=""section-hotel-details-text-all"">Breakfast is free. There's also a relaxed restaurant, a game room and a bonfire area with regular entertainment. Ski equipment rentals and lessons are available, as are guided hikes and in-room massages. The property has a generator.</div> <div class=""section-hotel-details-text-all""> [caption id=""attachment_713"" align=""alignnone"" width=""1600""]<img class=""wp-image-713 size-full"" src=""/wp-content/uploads/2017/03/Auli.jpg"" alt="""" width=""1600"" height=""924"" /> Cliff Top Restaurant at 10000ft[/caption] </div> }}}" subrataemfluence 1 40786 Leading spaces are added to custom textarea metabox Posts, Post Types 4.7.5 normal normal Awaiting Review defect (bug) reopened 2017-05-17T14:22:55Z 2017-05-17T17:48:51Z "I am using `esc_atr(ltrim(rtrim(br2nl($meta_value))))` to place the value of post meta in textarea metabox I have created in my custom post type. {{{#!php <textarea id=""<?php echo $id_name; ?>"" name=""<?php echo $id_name; ?>"" rows=""7"" cols=""80"" style=""width:100%"" maxlength=""<?php echo $maxlength; ?>"" placeholder=""<?php echo $placeholder_text; ?>"" <?php if($is_required){ ?>required<?php } ?>> <?php echo esc_attr(ltrim( rtrim( br2nl($input_value)) ) ); ?> </textarea> }}} But whenever I go to edit the post, inside all textarea metaboxes values are pre-loaded with leading spaces (exactly 10 spaces) and additional line breaks! Also tried `esc_atr(trim(br2nl($meta_value)))` with no avail." subrataemfluence 3 40790 Ability to filter $post_type in _get_last_post_time dev-feedback General 4.7.5 normal normal Awaiting Review enhancement new 2017-05-17T15:30:09Z 2019-04-25T07:36:14Z "This function starts on line 5610 of https://github.com/WordPress/WordPress/blob/4.7.5/wp-includes/post.php Currently, there is no way to filter the `$post_type` argument of the `_get_last_post_time` function. This creates situations where it's impossible to filter/modify the default post type when `_get_last_post_time` is called without the `$post_type` argument. Suggested enhancement is to add a `_get_last_post_time_post_type` filter inside the `_get_last_post_time` function, right after the `$field` is validated or the timezone gets lowercased. Something like this... {{{#!php $post_type = apply_filters( '_get_last_post_time_post_type', $post_type ); }}} Thank you for considering this enhancement. " toddlevy 4 40791 paginate_links outputs unnecessary dots General 4.7.5 normal normal Awaiting Review enhancement new 2017-05-17T19:46:55Z 2017-05-22T16:47:16Z "== Steps to reproduce: == A) Call paginate_links with current=2, total=6 B) Call paginate_links with current=5, total=6 (assume defaults for everything else: mid_size=2, end_size=1, show_all=false) == Actual results: == A) `[1] ... [3] [4] [5] [6]` B) `[1] [2] [3] [4] ... [6]` The output includes dots that are unnecessary because they are taking up space that an actual page link could occupy. == Expected results: == A) `[1] [2] [3] [4] [5] [6]` B) `[1] [2] [3] [4] [5] [6]` When `total <= mid_size + end_size * 2 + 2`, no dots should be included in the pagination output." rphelan 2 40793 Events widget on back button loses location Widgets normal normal Awaiting Review defect (bug) new 2017-05-17T21:21:01Z 2017-05-17T21:22:38Z "I noticed that if you save a location, visit a meetup, then click back button in browser, you will lose your location. It returns on refreshing your browser. Here is video: [[Image(https://cldup.com/pyYG5Z4gtz.gif, 50%)]] " karmatosed 1 40795 If plugin zip file has very long name, windows systems can fail to upgrade Plugins 4.7.5 normal normal Awaiting Review defect (bug) new 2017-05-17T23:17:52Z 2018-09-17T17:01:06Z "If a plugin upgrade zip file has an extremely long name and the plugin a deep directory structure, windows can fail to create directories and therefore the plugin upgrade will fail. I suggest WordPress have an upper limit on the working directory name that is well-shy of that limit--and realistically, even 32 characters might be plenty, as the upgrader only needs to avoid other plugins being upgraded at the same time. Windows has a 247-character limit to the total ''path'' name for directories, as said directory needs to be able to hold, at a minimum, an ""8+3"" file, and allow for a null byte or similar at the end of path + file (260 total characters). As an example, SearchWP fails to upgrade on my local system (WAMP running on top of Windows 10) because the downloaded zip filename is 142 characters long ''sans'' extension (redacted in case this is a license key): {{{ XXX0XXX0XxxxXXxxXXX0XxXxXxX0XXXxXxXxXXXxXxXxXXX0XXx 0X0XxXXx0XxX0XXxxXXX0XXx0X0XxXXX0Xxx0XxX0XXXxXXX0XX XxXxx0xXXXXx0xXXXxxxxxXxxxX0XxXxX-0xxXXx.zip }}} Combine that with my wordpress location on disk: {{{ C:/wamp/www/example/wp-content/upgrade/ }}} And this directory cannot be created because the total path is 254 characters long (including the hidden null): {{{ C:/wamp/www/example/wp-content/upgrade/XXX0XXX0Xxxx XXxxXXX0XxXxXxX0XXXxXxXxXXXxXxXxXXX0XXx0X0XxXXx0XxX 0XXxxXXX0XXx0X0XxXXX0Xxx0XxX0XXXxXXX0XXXxXxx0xXXXXx 0xXXXxxxxxXxxxX0XxXxX-0xxXXx/searchwp/vendor/ pdfparser/vendor/smalot/pdfparser/src/Smalot/PdfParser }}} I think that while this may be an outlier, it's a hard bug to chase for a vendor who may not have windows systems available...and even they do have such an environment available, the results returned by Apache when running WAMP (or in similar environments) does not reflect the actual cause of the error. Looking at the structure above as pretty much as edge-case as you are likely to get, even a truncate at 64 characters would have been more than adequate, while 32 characters would give quite a bit of room for flexibility. I believe that this could be affected by altering `wp_tempnam()` in `file.php`: {{{ /** * Returns a filename of a Temporary unique file. * Please note that the calling function must unlink() this itself. * * The filename is based off the passed parameter or defaults to the current unix timestamp, * while the directory can either be passed as well, or by leaving it blank, default to a writable temporary directory. * * @since 2.6.0 * * @param string $filename Optional. Filename to base the Unique file off. Default empty. * @param string $dir Optional. Directory to store the file in. Default empty. * @return string a writable filename * * @since x.x.x * @param int|string $maxlen Optional. Maximum length (excluding extension) of returned filename */ function wp_tempnam( $filename = '', $dir = '', $maxlen = 32 ) { if ( empty( $dir ) ) { $dir = get_temp_dir(); } if ( empty( $filename ) || '.' == $filename || '/' == $filename || '\\' == $filename ) { $filename = time(); } // Use the basename of the given file without the extension as the name for the temporary directory $temp_filename = basename( $filename ); $temp_filename = preg_replace( '|\.[^.]*$|', '', $temp_filename ); // new: truncate the filename if longer than specified $max = intval( $maxlen ) > 0 ? intval( $maxlen ) - 6 : 32; $temp_filename = strlen( $temp_filename ) > $max ? substr( $temp_filename, 0, $max ) : $temp_filename; // ... remainder omitted for clarity return $temp_filename; } }}} An alternative would be to require plugin upgrade files to have filenames shorter than [insert recommendation here], though actually checking that would mean a similar chunk of code would need to be added elsewhere in WP. (Not sure exactly where the best place to document this for plugin authors, which could be done immediately.)" rogerlos 5 40796 Twenty Seventeen: Overriding WordPress globals is prohibited Bundled Theme 4.7.5 normal normal Awaiting Review defect (bug) new 2017-05-18T06:04:14Z 2019-11-14T12:26:19Z "In Twenty Seventeen theme, global variable $post is overridden at line 145 of /inc/template-tags.php As per theme review guidelines Overriding WordPress globals is prohibited. " maneshtimilsina 2 40804 Display important informations in plugins list Plugins 4.7.5 normal normal Awaiting Review enhancement new 2017-05-18T17:27:03Z 2017-05-18T17:37:33Z Showing last plugin update date in plugins list and compatibility with current wordpress version may quickly give a look if any plugins are no more up to date by his creator. xsweb 40806 Subtitles show no media files in browser when there are some has-patch Media normal normal Awaiting Review defect (bug) new 2017-05-18T17:42:45Z 2021-07-09T05:02:00Z "This may be a case of it looking for a very particular file, the trouble is that isn't clear if the case. I discovered this whilst testing the video widget, but assume its media library. I see the following: [[Image(https://cldup.com/jLgqBIQbvi.png, 60%)]] Somewhat of a surprise when my media library shows... [[Image(https://cldup.com/pCAJry0o1a.png, 60%)]]" karmatosed 3 40811 Gallery drag and drop breaks layout Gallery 3.5 normal normal Future Release defect (bug) assigned 2017-05-18T23:40:24Z 2019-12-26T20:50:12Z "Starting with an example gallery: [[Image(https://cldup.com/hcwGa3LYIW-3000x3000.png)]] 1) If I start dragging the nth item in a row, n blank spaces are created in the next row, eg: [[Image(https://cldup.com/_Fbgdjcs1w-3000x3000.png)]] 2) The exception is when I start dragging the last item in a row - as soon as I start to drag, a blank space appears where the current item / the mouse is, and the actual item I am dragging appears a long way from the mouse (in the first position in the next row). [[Image(https://cldup.com/8j0d3aCFrk-3000x3000.png)]] This occurs in Firefox in Windows on a clean WordPress installation with no plugins installed. Testing in Chrome, I get the same results with the exception of dragging the 2nd or 4th item in a row, which work perfectly (1st and 3rd cause gaps; last breaks). I expect this is due to rounding in some way, and it appears to differ based on the width of your browser. If I go into Firefox responsive view and set a width of 1366px, everything works perfectly. 1367px works for all but the last image in a row, while 1369px has everything broken." smerriman 4 40821 Add filter to `wpmu_delete_blog()` to overwrite ability to drop tables Networks and Sites 4.8 normal normal Future Release enhancement new 2017-05-19T16:53:57Z 2017-05-19T20:45:23Z "The function `wpmu_delete_blog( $blog_id, $drop = false )` includes a flag to add the ability to drop tables. There are some cases where we may want to prevent accidental deletion of tables, even when that flag is set to true. Adding a filter like: `$drop = apply_filters( 'wpmu_allow_drop_tables', $drop );` will allow manual overwriting of the passed value. " mermel 4 40825 Re-addressing validation/sanitization of IDs to allow filtering before WP_Post (and others) database query dev-feedback Posts, Post Types 4.7.5 normal normal Awaiting Review enhancement new 2017-05-20T00:00:04Z 2017-09-26T21:47:27Z "The following ticket spawned from a desire to import content from outside of the WordPress database but have it treated as a native content type. A concept that has a clear audience that desires this functionality (see ticket: #12955) and has been addressed in a number of different ways. I believe the least impactful way to address this ''without'' removing the 'final' keyword from the WP_Post class that also improves standards for validation and sanitization of the ID value typically passed to get_posts() is to use the ID as a sort-of 'decorator' unto itself. When merging the content from multiple sources to be displayed in a theme the biggest conflict to arise is duplication of IDs. Since the remote source is ignorant to the ID numbers already in use in the wp_posts table, a requirement for a ""decorated"" ID determined. WordPress currently does not have a standard method for validating the format of the variable that will ultimately be passed to get_post() to create a new WP_Post object. The following methods are implemented in core files to attempt to sanitize '''''or''''' validate the value passed as an ID ^(*see links for pro/cons of usage in WP)^: * [https://gist.github.com/LinzardMac/b27e738aee52cb3e45c1909fb555cec5 (int) Typecast / intval()] * [https://gist.github.com/LinzardMac/0d1915dfe78fc68f0b3c64d50cf2cb41 is_numeric()] * [https://gist.github.com/LinzardMac/31ed99f8faa34ffad6e666f213e99870 absint()] == '''My Suggestion''' == I recommend creating a new function that will standardize the validation and sanitization of ID numbers that are being passed to a database query. All instances of is_numeric, (int), intval(), and absint() that are used as a way to validate or sanitize (or both validate and sanitize) an ID number that is passed to a query from an external function should be replaces with a new function that will serve both purposes. The new function will return a falsey response OR throw an exception when validation fails or if validation passes, will sanitize the value to a format compatible with the typical MYSQL type for the ID column (bigint). Inside of this new function we can include a filter that will allow developers to override certain restrictions, specifically for allowing external content to be treated as a WP_Post object or some other native content that commonly would exist in WordPress’ database. Since WP_Post will always look for a cached version of the object before querying the database, we make sure to store all necessary values in the cache before the template is loaded after we run our remote_get. We utilize the concatenated ID which is formatted like 12345-REMOTE as the ID in the cache so as to avoid conflicts w/ existing post IDs that are also stored in the memory cache. The only hurdle to this was the fact that core files were forcibly casting IDs as integers long before a query of any sort were to be made. The argument for sanitizing early was to catch malformations early, but all it seemed to do was force the type early and never truly ""caught"" a bad value passed as an ID. A true “early catch” would either sanitize early w/ a falsey response or Exception and/or find the cached version as early as the sanitization so as to avoid the rest of the process of getting the WP_Post instance anyways. Available in the following gist is my suggestion for a better validation function I called ```is_valid_id()```, an example of how filters can be used on this sanitization function to allow external content to be treated as if it was a WP_Post object, and it's usage within a core file that previously used one of the subpar validation functions ( in this case meta.php using is_numeric() ) *comments in the file are just opinions and alternative thoughts I had while crafting this https://gist.github.com/LinzardMac/38bbe22feb0b0a3fbabfcf64d797cd80 !** It could be worthy of note that I have been using some version of this code in a live production site for the last 4 months without any changes needed to plugins or template files to account for this ""non native"" content. " LindsayBSC 5 40831 Customize: Further improve JS inline documentation has-patch Customize normal normal Future Release defect (bug) new 2017-05-21T07:22:33Z 2019-01-14T06:45:08Z "We need to do another pass on the customizer code to ensure that inline documentation is added to JS. This is building on #27534, #27065, #21303, #39671 among others. The main files that need to looked at are: - `customize-base.js` - `customize-loader.js` - `customize-models.js` - `customize-preview.js` - `customize-preview-nav-menus.js` - `customize-preview-widgets.js` - `customize-selective-refresh.js` - `customize-views.js` Related to #39930" grapplerulrich 40834 Introduce a JS module pattern to WordPress General normal normal Awaiting Review enhancement new 2017-05-22T10:25:33Z 2018-09-04T13:49:44Z "This is a discussion ticket proposing an approach for implementing module pattern in WordPress core JavaScript. == Introduction to modules. == For anyone reading this and wanting to learn about JS modules, [https://twitter.com/iam_preethi Preethi Kasireddy] wrote an excellent two part introduction. You can find it here: * Part 1: [https://medium.freecodecamp.com/javascript-modules-a-beginner-s-guide-783f7d7a5fcc about what modules are and why you should use them.] * Part 2: [https://medium.freecodecamp.com/javascript-modules-part-2-module-bundling-5020383cf306 about module bundling and the different ways in which that can be done.] == Goals == The higher level concerns that I based this on are: * The need to modularize our JS in order to make it more maintainable, robust and reusable. * (Backwards) compatibility with current state and {{{wp_register_script}}} / {{{wp_enqueue_script}}}. * Great developer experience. * Allowing core to take advantage of the rich npm ecosystem and current day ES standards. * Lowering the barrier for the greater JS community to participate in WordPress. * The benefit of aligning ourselves with [https://github.com/Automattic/wp-calypso Calypso] as much as possible. == Module definition == Currently in core modules are only being used in the WP media library, which follows Common JS module definition, [https://core.trac.wordpress.org/ticket/28510 see modularization ticket]. I would however prefer to switch to ES6 module definition as this is where the JS world is moving and [https://caniuse.com/#feat=es6-module most browsers seem to be working on adding support] as well. Another thing to keep in mind is that Calypso is also using ES6 module imports. I think it should be a priority for us to align with ES standards as much as possible, especially since transpilers like [https://github.com/babel/babel Babel] and different available polyfills have already solved all major browser compatibility problems for us. Embracing the latest (widely adopted) practices will also help open up WordPress as a project to the greater JavaScript community. == Module bundler == The current bundler of choice is [http://browserify.org/ Browserify]. The other options are [https://github.com/webpack/webpack Webpack] and [https://rollupjs.org/ Rollup]. Webpack is currently the weapon of choice in most React projects. I think this is especially because the development experience is very enjoyable due to its hot reloading capabilities and its ability to only recompile the module that has been changed instead of rebuilding the entire build every time. This is especially great for developing single page apps. As developers we could take advantage of these features as well if we add some code that allows the scripts to come from a different server. This would also be very useful for production as I think it makes a lot of sense to serve our JS from a CDN in the future. The React project itself has [https://github.com/facebook/react/pull/9327 recently switched from Browserify to Rollup]. By using a technique called [https://rollupjs.org/#tree-shaking tree shaking] it's able to dramatically reduce file size of the bundle. It's also possible to include as a [https://github.com/egoist/rollup-loader Webpack plugin] or [https://github.com/nolanlawson/rollupify Browserify transform]. Here's a [https://medium.com/@housecor/browserify-vs-webpack-b3d7ca08a0a9 good article comparing Browserify and Webpack]. I would prefer to switch to Webpack, especially if we can make the developer experience as smooth as not having to reload pages anymore to see changes directly reflected in the browser. The fact that Calypso is also using Webpack is also a big plus. == How can we go about bundling the JavaScript in core? == Taking into account backwards compatibility, once a script has been registered in core, it can not be removed. Plugin and theme authors unregister / replace scripts or enqueue scripts that aren't enqueued by core on certain screens. Therefore I'd say we might have a bundled file for every script that is currently registered in core. Anything that is in a registered script can of course be extracted away into a separate module. This will give us a ton of freedom as modules can be rearranged without having to worry about bc. == What are the implications on current API's? == Anything that needs to be on the global {{{wp}}} object could still be assigned to it. However, using modules should eventually lead to better composition. Modules that don't need to know about global API's shouldn't depend on them or assign themselves to global objects. I believe it's possible to configure Webpack to do these assignments for us. Of course it's always possible to do it in a separate file. == Do we need to move everything into modules straight away? == No, modularizing code is typically something that can be gradually implemented. We just need to agree on the direction so we can build a roadmap and start implementing it. I do think we need to document our decisions well and make sure core is in sync with that. It will be highly beneficial to have good examples in the code itself of how things can be modularized. There might also be a few things which we simply don't want to modularize, like jQuery for instance, since jQuery needs to be globally available anyway for bc reasons. I am curious to see opinions about this since there could be architectural reasons to still do this. == Do all modules we for core need to reside in core? == I would very much like all general purpose modules to be extracted to a separate package on which core depends. We are an open source project. If we can organize our code in a way that makes it more reusable for the greater community of developers, we should do so. Anything core specific should of course reside in core. Using modules in core will also expose endless new possibilities in terms of depending on third party libraries / modules. This is another great opportunity if you ask me to build stronger ties with the greater JS community. " omarreiss 8 40835 Password and email change emails should not contain site-specific wording on multisite dev-feedback Users normal normal Awaiting Review defect (bug) new 2017-05-22T12:20:14Z 2017-05-22T12:20:14Z "With multisite enabled, the following three actions (there may be more) result in an email being sent to the user which contains wording specific to the site that the user happens to be on when they perform the action: * Attempt to change their email address. * Confirmed change of email address. * Changed password. As an example, here's the text from the ""Notice of Password Change"" email: {{{ Hi john, This notice confirms that your password was changed on Site B. If you did not change your password, please contact the Site Administrator at siteb@example.com This email has been sent to john@example.com Regards, All at Site B http://mtrunk.wp/siteb }}} This is misleading because it's not immediately clear whether my password was changed on all the sites on the network, or whether the change was specific to ""Site B"". In addition, the email address shown is the email address of the site administrator, not the network administrator. The site administrator does not necessarily have the ability to manage users. There may be similar considerations to those raised in #21352 regarding a user's awareness of the site being part of a network of sites." johnbillion 40842 Adding template filters dev-feedback Themes normal normal Awaiting Review enhancement new 2017-05-22T23:37:08Z 2017-10-23T20:28:21Z "Hey there, for a plugin I really need filters for modifiing the header, footer and also maybe the sidebar. ATM I cannot change the template files without changing the theme itself because of missing filters. If you need a description why I need to replace the header and footer, it's just simple: I want to add a functionality that on some pages the header/footer is replaced by a minimal header/footer (e.g. for customers from affiliate networks, shop pages). For a plugin it's not possible without these filters. Customers are forced to modify their theme itself, which is very hard to do for non-devs. I hope you can implement them as soon as possible (in next WP 4.8). PS: This is not a security risk, because a plugin also can manipulate the theme itself or use filters to change the general templates (single page...)." Ninos Ego 5 40852 Support Micropub General normal normal Awaiting Review feature request new 2017-05-24T01:13:06Z 2020-09-09T01:30:15Z "Micropub is now a W3C Recommendation. https://www.w3.org/TR/micropub/ It is used to create, update and delete posts using third-party apps. Micropub uses OAuth 2.0 Bearer Tokens for authentication and uses traditional form posts as well as JSON posts, which is both simpler and more secure than an XMLRPC approach. The REST API is specific to WordPress, whereas Micropub is platform agnostic, which has its advantages. " dshanske 3 40860 "Post that is ""Pending Review"" and Scheduled shows incorrect ""Last Modified"" date in Post Listing" has-patch Posts, Post Types 4.7.5 low normal Future Release defect (bug) new 2017-05-25T03:21:23Z 2018-01-15T16:42:00Z "Reproduction steps: 1. Create a new post 2. Schedule the post for a date in the future 3. Set the status to ""Pending Review"" 4. Save the post 5. Return to Posts listing 6. Observe that the ""Date"" column has an incorrect ""Last Modified"" flag" yearginsm 3 40862 Partially visible controls within a pane do not scroll into view jpurdy647 has-patch Customize low normal Future Release enhancement assigned 2017-05-25T13:51:57Z 2020-11-25T19:39:42Z "If the widget pane has many widgets, sometimes the widget dialogue will not be visible when the edit shortcut icon is clicked on the page. If any part of the control is visible, it does not fully scroll into view even though the focus is properly set. A few notes: - If the widget is not in view at all wihtin the pane, it properly scrolls it into view and focuses. - The problem also occurs if the pane is not currently visible when the edit shortcut is clicked. Clicked edit shortcut on a widget in view in the sidebar: https://cldup.com/EPHX4omF81.png Clicked edit shortcut on a widget with part of the header visible in the pane: https://cldup.com/gOsa9rovWG.png" desrosj 8 40863 WP 4.7.5 XMLRPC new method for parsing arguments omits menu_order XML-RPC 4.7.5 normal normal Awaiting Review defect (bug) reopened 2017-05-25T15:35:22Z 2017-08-04T16:43:29Z "In WP 4.7.5, in wp-includes/class-wp-xmlrpc-server.php, on line 1327, this line: {{{ $post_data = wp_parse_args( $content_struct, $defaults ); }}} was changed to: {{{ $post_data = wp_parse_args( array_intersect_key( $content_struct, $defaults ), $defaults ); }}} Unfortunately, the new intersection strips out any arguments from $content_struct that don't exist in $defaults. So you can no longer edit a post and change the ""menu_order"" field, because it doesn't exist in the $defaults declared just before this line. Please provide either an updated list of acceptable defaults (e.g. including menu fields), or allow for additional fields to pass through to wp_parse_args. Tested with latest version of WP, and confirmed that swapping the changed line above enables/disables the ability to change menu_order in posts. " bjminihan 5 40864 Standardize strings for missing attachments across media widgets Widgets 4.8 normal normal Awaiting Review enhancement new 2017-05-25T18:06:09Z 2017-05-25T18:46:48Z "While translating 4.8 strings, I noticed that strings for missing attachments in the new media widgets do not refer to the same thing: > We can’t find that audio file. Check your <a href=""%s"">media library</a> and make sure it wasn’t deleted. > We can’t find that image. Check your <a href=""%s"">media library</a> and make sure it wasn’t deleted. > We can’t find that video. Check your <a href=""%s"">media library</a> and make sure it wasn’t deleted. > We can’t find that file. Check your <a href=""%s"">media library</a> and make sure it wasn’t deleted. In two occasions we only use media type, but once we use ""file"" alongside of it and once we only use ""file"" and remove any mention of media (type). I propose removing ""file"" completely and just using type of media. Second possibility is to always use ""file"", though I don't see that as needed." dimadin 1 40869 Replacing an image in content editor Media 4.7.5 normal normal Awaiting Review enhancement new 2017-05-26T10:42:10Z 2017-05-26T13:36:33Z "Hello, I noticed a strange behaviour in WordPress User Experience while dealing with images. Let's say for example you want to replace an existing image in the content editor while creating or editing a post/page. Right now this is only possible when this 'existing' image is part of your Media Library and probably has an attachment post_id. What about people that have added images from external urls or maybe even placeholder images that have been adding to their content via custom TinyMCE buttons. When you press Edit on those images you can't easily replace them for an image inside your Media Library. I think this is a little odd and we should be able to replace any image in our editor for one inside our library so I made this little change what will make the 'Replace' button always show up in the Image Details modal. /wp-includes/media-template.php :line: 885 {{{ <div class=""image""> <img src=""{{ data.model.url }}"" draggable=""false"" alt="""" /> <# if ( data.attachment && window.imageEdit ) { #> <div class=""actions""> <input type=""button"" class=""edit-attachment button"" value=""<?php esc_attr_e( 'Edit Original' ); ?>"" /> <input type=""button"" class=""replace-attachment button"" value=""<?php esc_attr_e( 'Replace' ); ?>"" /> </div> <# else if ( data.attachment && window.imageEdit ) { #> <div class=""actions""> <input type=""button"" class=""replace-attachment button"" value=""<?php esc_attr_e( 'Replace' ); ?>"" /> </div> <# } #> </div> }}} **Todo. While adding a new image to the editor we get a small JavaScript error. " MacPresss 1 40870 Using underscore in meta box id field metabox is not working correctly General 4.7.5 normal normal Awaiting Review defect (bug) new 2017-05-26T11:52:17Z 2017-05-26T17:49:18Z "To reproduce this issue: 1. Create a meta box with an id that has underscores(id_with_underscores). 2. Try to put the box after the title. Nothing happens. Replace the underscores with dashes and everything works as expected. {{{#!php <?php // Render metabox function render_metabox(){ ?> <h2>Test</h2> <?php } // Define meta box add_meta_box( 'test_underscore_metabox', __( 'Person Details', 'text-domain' ), 'render_metabox', 'post', 'advanced', 'high', null ); function move_metabox_after_title() { global $post, $wp_meta_boxes; do_meta_boxes( get_current_screen(), 'advanced', $post ); unset( $wp_meta_boxes[ get_post_type( $post ) ]['advanced'] ); } add_action( 'edit_form_after_title', 'move_metabox_after_title' ); }}} " stode 3 40872 Add $item argument to start_lvl (nav menu walker) reporter-feedback Menus 4.7.5 normal normal Awaiting Review feature request new 2017-05-26T20:08:47Z 2017-06-28T07:45:39Z "Would it be possible to add the $item argument inside the start_lvl function? Other than the usual dropdown menu, I'd also like to build megamenus and to make that possible, I need to use different ul tags (along with some JavaScript components). These custom ul tags will be different based on the parent li ((array) $item->classes) and $depth. " mireillesan 2 40882 Characters omitted when copying and pasting from Word has-patch Editor 4.7.5 normal normal Awaiting Review defect (bug) new 2017-05-29T19:48:44Z 2020-11-24T06:28:05Z "I have been preparing WordPress pages by arranging the information in Microsoft Word 2016, and then copying it from Word and pasting it into WordPress. My pages almost all include citations that I've copied from Google Scholar and pasted into Word. I noticed recently that in the citations, the following characters would be missing: - the (nonbreaking) space that follows the italicized publication name - the volume number that follows after that - the period that follows after that When I first noticed this, I went back through 70+ pages and it looked like these characters had been omitted every time. Note that when this happened again on another page yesterday, I decided to report a bug. I had already deleted the Word source file, so I tried to reproduce the behavior with a small new Word file. I found that I was never able to reproduce this behavior. Today I saw this behavior again on yet another new page. This time I've saved the Word source file, and I've confirmed that this happened again when I copied and pasted again. Please fix this if at all possible. Copying and pasting is such a reliable operation normally in every modern application that it's fairly easy to not realize that in WordPress this operation introduces errors that need to be fixed. Thanks!" janthony636 2 40885 Update admin color scheme using the REST API has-patch Administration normal normal Awaiting Review task (blessed) new 2017-05-30T05:55:01Z 2017-05-31T13:05:44Z "Reasonably simple admin-ajax call (notably, with no significant filters) that can be replaced with a call to `/wp/v2/users`. Patch attached. One thing we can't do is provide an enum of valid color schemes, since historically these have only been registered on `admin_init` (including in core). This also applies to the sanitization callback on the meta key, which can only remove invalid characters, not validate the scheme is valid." rmccue 1 40899 '&' Is always escaped in the JavaScript template. General 4.7.5 normal normal Awaiting Review defect (bug) new 2017-06-01T08:41:12Z 2020-09-08T13:05:47Z "When I tried the JavaScript template, '&' was always escaped. Source: {{{ <script type=""text/template"" id=""tmpl-fields""> <p>&</p> <p>Unscaped: {{{data.value}}}</p> <p>Escaped: {{data.value}}</p> </script> <script type=""text/javascript""> ( function($) { $(document).ready( function () { var template = wp.template( 'fields' ); $( '.widget_search' ).after( template( { value: ""W<i>o</i>&r'l\""d"" } ) ); } ); } )( jQuery ); </script> }}} Rendering: {{{ <p>&</p> <p>Unscaped: W<i>o</i>&r'l""d</p> <p>Escaped: W<i>o</i>&r'l""d</p> }}} While checking the interpolation of the variable, '&' was always converted to '& amp;'. Is this a specification or a bug? " tmatsuur 4 40901 get_comments_number_text() third argument not used in certain situations needs-docs Comments normal normal Future Release defect (bug) new 2017-06-01T13:43:43Z 2019-06-21T13:02:54Z "`comments_number()` is a wrapper for echoing `get_comments_number_text()`. Reference: https://codex.wordpress.org/Function_Reference/comments_number The 3rd parameter's description: Text to display when there is more than one comment. % is replaced by the number of comments, so '% so far' is displayed as ""5 so far"" when there are five comments. This doesn't seem to work as expected. In particular, the parser doesn't look just for '%' but also for strings with spaces in front or behind this sign, after which it processes it in a illogical way. For example, this code {{{ <? _e('Read on', 'anytextdomain'); comments_number(' and add the first comment', ' and see the first comment', ' % so far'); ?> ... }}} results in: `Read on 2 komentarze...` (""komentarze is a Polish translation of ""comments"", which is ok). Where's the ""so far"" string? Now another example with text before the % sign: {{{ <? _e('Read on', 'anytextdomain'); comments_number(' and add the first comment', ' and see the first comment', ' and view % comments'); ?> ... }}} The result is bizarre: `Read on2 komentarze...` With some testing it seems that some strings passed as the 3rd argument are being kept, but it's totally illogical and requires review. If this is somehow intended, it should be explained in the Codex. So far, even the Codex example doesn't work as intended. I also checked that I'm not using any `comments_num*` filters. Workaround: use `get_comments_number()` with conditional code." eclare 1 40903 Filtered posts_request query can break found_posts query Query normal normal Awaiting Review defect (bug) new 2017-06-01T16:54:45Z 2017-06-01T18:40:57Z "Suppose the `posts_request` query is built with `SQL_CALC_FOUND_ROWS`. The stage is set for `WP_Query::set_found_posts` issue `SELECT FOUND_ROWS()` because `$limits` is non-empty. Now suppose a plugin filters `posts_requests` to the empty string because it gets results another way. WP_Query will still go ahead and issue `SELECT FOUND_ROWS()` erroneously. Some plugins avoid this by filtering `found_posts_query` to the empty string. However, it seems like there is a better way to write the logic of `set_found_posts` so that it respects the filtered `posts_request` query and avoids the problematic statement: simply check the filtered query for `SQL_CALC_FOUND_ROWS` instead of looking at `$limits`. Proposed fix: {{{ private function set_found_posts( $q, $limits ) { global $wpdb; // Bail if posts is an empty array. Continue if posts is an empty string, // null, or false to accommodate caching plugins that fill posts later. if ( $q['no_found_rows'] || ( is_array( $this->posts ) && ! $this->posts ) ) return; - if ( ! empty( $limits ) ) { + if ( substr( $this->request, 0, 26 ) === 'SELECT SQL_CALC_FOUND_ROWS' ) ) { /** * Filters the query to run for retrieving the found posts. * }}}" andy 1 40910 Limit writable directories required by WordPress unit test suite Build/Test Tools normal normal Future Release defect (bug) new 2017-06-02T16:21:06Z 2019-06-12T19:40:15Z "Some environments only permit writing to specific directories. But, the WordPress test suite currently assumes it can write to a variety of directories. Based on searches for `file_put_contents()`, `copy()`, and `symlink()`, here are the directories I found: * `tests/phpunit/data` * `.trac-ticket-cache.*` is created to store a cache of Trac ticket numbers. * `tests/phpunit/build/logs/` * `junit.xml` is created with the results of the test run. * `tests/qunit/fixtures` * `wp-api-generated.js` is generated by PHPUnit for use in QUnit tests. * `/tmp/` * Variety of files are copied out of `phpunit/data` into `/tmp/` for test-specific transformation. * `wp-content/themes` * `theme-file-parent` and `theme-file-child` are symlinked from the PHPUnit data directory into the theme directory * `wp-content/uploads` * Attachments are copied Generally, in write-restricted environments, the test suite fails when it tries to write to directories it doesn't have access to. More directories could be found by running the test suite against a write-restricted environment. To better ensure WordPress compatibility with a variety of platforms, we should ensure these file write requirements are compatible with limited write directories. Here are some strategies we can use: * Properly use `wp_tempnam()` instead of hardcoding `/tmp/` paths. * Permit some write directories to be configurable with a constant or environment variable. * Failing gracefully, in certain cases, when a file can't be written. cc @mikeschroder @octalmage" danielbachhuber 9 40915 wordpress should issue a warning if no graphic library is installed Media 4.7.5 normal normal Awaiting Review enhancement new 2017-06-03T14:58:23Z 2017-06-10T07:07:59Z "Hi people! I've installed wordpress on my site, and I had no library for image manipulation installed. Iin that case, I got no thumbnails. Due to css of my site, I was not initially aware of my site, cause the layout was right. So, I think that a warning on admin to the ones that don't have GD or imagick installed could be a good thing. I know that this is a strange corner case :)" waltercruz 4 40921 Detect and Handle MP4 and OGG audio files properly reporter-feedback Media 3.6 normal normal Future Release defect (bug) assigned 2017-06-04T20:14:25Z 2022-01-30T16:51:13Z "The audio media widget does not render the audio player when displaying the widget on the front-end when an mp4 file is referenced; it is rendered (and plays) as expected in the admin screens. This behaviour is the same whether using the wp-core-media-widget plugin or built-in widgets in 4.8. Attaching a gif (hope these are OK). " toddhalfpenny 45 40922 Use finer-grained capabilities with `customize_changeset` post type needs-unit-tests Customize 4.7 normal normal Future Release enhancement new 2017-06-05T04:44:01Z 2020-05-16T17:41:59Z "The `customize_changeset` post type is currently registered with all of its post type capabilities set to `customize`. As part of adding changeset endpoints in the REST API (#38900): > fine-grained capabilities should be introduced for the `customize_changeset` post `caps`, instead of mapping all to `customize`. @westonruter has compiled links to previous discussions and efforts around changeset capabilities here: https://github.com/WP-API/wp-api-customize-endpoints/pull/5#discussion_r118804994. An example of unexpected behavior caused by the current mapping is where a post ID is passed to `current_user_can()`, such as {{{ current_user_can( get_post_type_object( 'customize_changeset' )->cap->edit_post, $changeset_post_id ) }}} This is equivalent to `current_user_can( 'customize' )`, which means the post ID is ignored because `map_meta_cap()` doesn't check the `$args` when mapping the `'customize'` meta cap." dlh 30 40925 Review the usage of the change event on select elements joedolson* Administration normal normal Future Release task (blessed) accepted 2017-06-05T12:47:01Z 2023-09-22T16:09:18Z "See also #31634 The change event can be problematic when used on select elements because browsers fire the event in different ways across different platforms. In this ticket I'll try to clarify what this difference is, why it matters for keyboard users, and why some actions shouldn't be triggered when a select option gets selected. On macOS, when using the keyboard to navigate content and a select element gets focused, using the arrow keys always opens the select ""drop-down"": [[Image(https://cldup.com/rU6roN4wAO.png)]] This behavior allows users to explore the content of the select, scroll through the options, and select an option pressing Enter or Spacebar. This way, the change event fires after an explicit user action. Instead, on Windows using the arrow keys on a select doesn't automatically open the ""drop-down"". To clarify what happens, I've made a short video using the Archives and Categories widgets as an example: https://cloudup.com/iuFxQ7CkA7k Historically, this behavior was typical of all browsers on Windows, except Firefox. However, a recent change made Firefox behave like all the other browsers. For more details, see https://bugzilla.mozilla.org/show_bug.cgi?id=1350700 Since the drop-down doesn't open (it does only when pressing Alt+Down arrow), it's hard to scroll the list of options without firing the event at each arrow keys press. Users would need to explore the content of the select before making a choice, and to do so they use the arrow keys. However, while exploring the select content, the action associated to the change event runs. In the case of these widgets, the action triggers a full page reload. Actions that have a big impact like a full page reload or a complete change of context should only be triggered after an intentional choice of the user, i.e. when pressing a button close to the select. In other cases, when the action triggers minor changes, using the change event could be OK. The best option would probably be to evaluate the interaction on a case by case basis. There are a few places in WordPress where the change event is used this way, not pretending to be a complete list, here's some of them: Media views: - Filter by type - Filter by date Customizer - Menu > Menu locations - Static front page > A static page" afercia 15 40930 Twenty Seventeen: Sharing buttons not showing with Video, Audio, or Gallery post format Bundled Theme normal normal Awaiting Review defect (bug) new 2017-06-06T12:05:46Z 2017-06-06T16:01:50Z "'''What's expected:''' When sharing buttons are setup to show on the front page, they should be showing regardless of the post format. '''What happened:''' Sharing buttons aren't showing with Video, Audio, or Gallery format. [[Image(https://cldup.com/gbtIq-Ohq4-3000x3000.png,75%)]] Discussed with @thomasguillot, who figured out the cause: {{{ if ( ! is_single() ) { // If not a single post, highlight the video file. if ( ! empty( $video ) ) { foreach ( $video as $video_html ) { echo '<div class=""entry-video"">'; echo $video_html; echo '</div>'; } }; }; }}} If it’s not single, only the video is displayed and nothing else, the sharing buttons require something like the_content() but it’s not being called for video post formats. This also applies to audio, and gallery post format. " chocopress 1 40932 Word breaks the layout has-patch I18N normal normal Future Release defect (bug) new 2017-06-06T19:43:12Z 2018-05-22T16:38:38Z Could we change the string ''Add'' in a symbol, like in the link flyout menu? Because the german word ''Hinzufügen'' for this string is too long and this breaks the layout in WordPress 4.8. The string appears in two places with different meaning, maybe a plus or enter sign is enough. elisa-demonki 4 40933 Improvements for get_file_data() function has-patch Formatting 4.7.5 normal normal Awaiting Review enhancement new 2017-06-06T20:28:37Z 2017-07-18T09:20:04Z "It seams as a bug or as imperfection at least. I try to explain in example. Assume we have such comments in file: {{{#!php <?php /* Plugin Name: My plug Version: 1.0 */ // and trying to get file data like: $data = get_file_data( __FILE__, ['ver'=>'Version'] ); echo $data['ver']; //> 1.0 }}} This is works as we need. BUT if we change comments a little, the get_file_data() becomes broken: {{{#!php <?php /* Plugin Name : My plug Version : 1.0 */ // and trying to get file data like^ $data = get_file_data( __FILE__, ['ver'=>'Version'] ); echo $data['ver']; //> '' }}} All we do just add spaces before `:` to make comments more readable... - Solution I think it's better to improve regular expression of the get_file_data() and add `[\t ]*` before `:` {{{#!php <?php if ( preg_match( '/^[ \t\/*#@]*' . preg_quote( $regex, '/' ) . ':(.*)$/mi', $file_data, $match ) && $match[1] ) to if ( preg_match( '/^[ \t\/*#@]*' . preg_quote( $regex, '/' ) . '[\t ]*:(.*)$/mi', $file_data, $match ) && $match[1] ) }}} " Tkama 5 40940 Twenty Twelve uses invalid linear-gradient() syntax has-patch Bundled Theme 4.7.5 normal normal Awaiting Review defect (bug) new 2017-06-07T14:57:13Z 2021-08-17T10:02:16Z "Twenty Twelve theme uses such construction for gradients: {{{ background-image: -moz-linear-gradient(top, #f4f4f4, #e6e6e6); background-image: -ms-linear-gradient(top, #f4f4f4, #e6e6e6); background-image: -webkit-linear-gradient(top, #f4f4f4, #e6e6e6); background-image: -o-linear-gradient(top, #f4f4f4, #e6e6e6); background-image: linear-gradient(top, #f4f4f4, #e6e6e6); }}} Notice this obsolete syntax: {{{ linear-gradient(top, #f4f4f4, #e6e6e6) }}} And compare it to the specification: https://developer.mozilla.org/en-US/docs/Web/CSS/linear-gradient It has to use ""to"" before the direction. So, it has to be: {{{ linear-gradient(to bottom, #f4f4f4, #e6e6e6) }}} or like this: {{{ linear-gradient(180deg, #f4f4f4, #e6e6e6) }}} It works now just because browsers parse this property from prefixed linear gradient, and prefixed linear gradient allows to omit ""to"", and it is actually parsed as ""from"". It will stop work when support of obsolete prefixed properties will be removed. And we have to replace all ""top"" to ""to bottom"" or to ""180deg""." vrubleg 3 40949 wp_dropdown_users($args) is not returning desired list of users Users 4.7.5 normal normal Awaiting Review defect (bug) new 2017-06-08T14:38:07Z 2017-06-08T14:38:07Z "Below is a list of users with their roles: {{{ aniket: Subscriber, Participant cjx2009: Editor, Participant jackoliv: Author, Participant creamy90: Editor, Participant lalitgarg: Participant warrior: Contributor, Moderator }}} Here is the $args array: {{{#!php <?php $args = array( ... 'hide_if_only_one_author' => null, 'role' => array('Subscriber', 'Participant'), 'role__in => array('Editor', 'Contributor'), 'role__not_in => null ); }}} When calling `wp_dropdown_users` i don't see any dropdown list. While, according to above users and their respective roles the list should bring up the following users: {{{ aniket (matches exactly with 'role': Subscriber, Participant) cjx2009 (matches 'role__in': Editor) warrior (matches 'role__in': Contributor) }}} Even if I do not use a combination like above and just use `role => array('Subscriber', 'Participant')` nothing appears (I already have `'hide_if_only_one_author' => null,`). Furthermore, if I set `role => null` and use `role__in => array('Contributor', 'Moderator')`, again there is nothing when I am expecting user `warrior` will come up in dropdown list! But if I only use 'Contributor' the dropdown appears with `warrior`." subrataemfluence 40950 wp_terms_checklist() does not pass $post_id to current_user_can() has-patch Role/Capability normal normal Awaiting Review defect (bug) new 2017-06-08T15:00:37Z 2021-03-05T20:20:40Z "An incorrect post_id gets passed in $args to a filter on map_meta_cap, when wp_terms_checklist() does a capability check to see if category checkboxes should get a disabled attribute. `$args['disabled'] = ! current_user_can( $tax->cap->assign_terms );` We had an issue where we were checking the post type in a map_meta_cap filter and it was always showing a standard post type instead of the appropriate custom post type leading to category checkboxes being disabled. Expected behaviour: The post_id passed in $args to the map_meta_cap callback should relate to the post being edited / created How to recreate: 1. Create a custom Post Type 2. Add a filter on map_meta_cap 3. Create or edit a post 4. Check the value passed in $args to your filter when wp_terms_checklist does a capability check to see if categories should get a disabled attribute. Workaround: Use the global $post variable instead of the passed post_id" anigel 3 40953 Empty values are handled inconsistently between wpdb->get_results() and wpdb->get_col() dev-feedback Database 0.71 normal normal Awaiting Review defect (bug) new 2017-06-08T17:18:39Z 2017-06-08T17:51:19Z "As outlined and discussed yesterday in Slack [https://wordpress.slack.com/archives/C02RQBWTW/p1496821047585923 here], [https://wordpress.slack.com/archives/C02RQBWTW/p1496844209230845 here], and [https://wordpress.slack.com/archives/C02RQBWTW/p1496850305693715 here], `wpdb` treats empty stored values differently in the `get_results()` and `get_col()` methods. This is because of the use of `get_var()` inside of `get_col()`, which defaults to null for empty values. For example, let's say you're running a query like `SELECT rate FROM sometable` through `get_results()`. With the default parameters and empty values for the column, you'd get something like the following: {{{ array(2) { [0]=> object(stdClass)#1734 (1) { [""rate""]=> string(0) """" } [1]=> object(stdClass)#1735 (1) { [""rate""]=> string(0) """" } } }}} If you ran that same query through `get_col()`, you'd instead get an array of `null` values: {{{ array(4) { [0]=> NULL [1]=> NULL } }}} This seems oddly inconsistent. And writing tests for the workaround is annoying in that creates the need to understand the core workaround in the future. Now, this code goes all the way back to [112], so changing the default behavior is not even on the table. Some solutions brainstormed with @boonebgorges and @johnjamesjacoby include: * A global flag to check against, i.e. `wpdb_get_col_force_strings( true );` * A global flag in the form of a constant * A settable `wpdb`-level flag * A new argument for `get_col()` to selectively change the behavior. The global flag ideas are attractive because they cover the entire DB stack: whether you're using the abstraction layers like `get_posts()`, `WP_Query`, or any of the other query classes, it ''just works'' all the way down the line. The settable `wpdb` flag is attractive only if you're really working with direct queries like we are in our custom table query classes. The same goes for a new argument in `get_col()`, though both could be implemented higher up the stack in the form of arguments or filters. I think a good first step here would be to try to benchmark performance for all of the listed options, just to see what we're looking at. The global flag choices seem like they could be the least impactful. In the short term, our workaround for AffiliateWP will probably be to create a wrapper for `get_results()` that simply plucks the values out so we can maintain consistency, but I'm not a big fan of writing and maintaining core workarounds in perpetuity. Whichever way we go in core, this is something that we should probably address. Who knows how many workarounds there are currently in the wild to fix this." DrewAPicture 2 40958 force_balance_tags breaks Ninjaforms and probably other plugins that output html within js. Shortcodes 4.7.4 normal normal Awaiting Review defect (bug) new 2017-06-08T21:16:48Z 2017-06-13T21:05:23Z "If you have a shortcode for Ninjaforms and use the post in a context that runs force_balance_tags() it seriously breaks the script. For example if you have a form id=14, add this : {{{#!php <?php echo 'NO BALANCE:--'. apply_filters('the_content', '[ninja_form id=14]' ) .' --END NO BALANCE. '; echo 'BALANCED:--'. force_balance_tags(apply_filters('the_content', '[ninja_form id=14]' )) .' --END BALANCED. '; }}} Notice that some ending /spans, /is, and or /as are added before the end script, breaking it. Seems to not be wp version dependent." programmin 1 40964 WordPress 4.8 Pasting into editor functionality changed has-patch Editor 4.8 normal normal Awaiting Review defect (bug) new 2017-06-09T05:43:45Z 2020-11-16T06:48:14Z "Hi there, With 4.8 the paste functionality seems to have changed in the visual editor. When I paste a list of items into the 4.8 visual editor from a text editor it now strips all ""line breaks"" and I end up with one big paragraph. I can still paste the list in text view and switch back to visual view and it keeps the line breaks. This has changed in this new version. I do this process as a daily activity. " AngusMcKinnon 5 40971 Clicking More Details in Add Plugins page shows old version of Plugin Directory page Plugins 4.8 normal normal Awaiting Review enhancement new 2017-06-09T11:09:29Z 2017-06-12T13:26:05Z "If you click the More Details link below the Install/Activate button of any plugin listed on the Add Plugins page, it opens a modal with the corresponding page in the plugin directory. However, in 4.8 this still uses the old styling, not the new plugin directory theme that was launched recently. If this was only a visual thing it wouldn't be much of an issue, but the old style also displays different statistics than the new design. It would be nice to bring this in line with what it looks like on wordpress.org/plugins." hedgefield 1 40984 Possible Bug with Named Orderby Meta Query SQL Query 4.8 normal normal Awaiting Review defect (bug) new 2017-06-09T19:51:56Z 2017-06-09T20:10:26Z "I don't know how easy this would be to replicate, but I can at least walk through the steps in identifying the bug, and how I was able to address it for my own use-case. On the web application we're building, we've added a simple meta field called ""spotlight"" to basically drive a single post to the front of the list, and apply some extra styling. To do this, I had built the following query: {{{#!php <?php $news = new WP_Query([ 'post_type' => 'post', 'posts_per_page' => 3, 'orderby' => 'has_spotlight post_date', 'meta_query' => [ 'relation' => 'OR', 'has_spotlight' => [ 'key' => 'spotlight', 'value' => '1' ], 'standard' => [ 'key' => 'spotlight', 'compare' => 'NOT EXISTS' ] ], 'tax_query' => [ [ 'taxonomy' => 'post_tag', 'field' => 'name', 'terms' => 'News' ] ] ]); }}} In other areas of the web application, similar queries appeared to function as expected - the ""spotlight"" post would appear first in the list, with remaining posts ordered by date. However, for the above query, something interesting happened: A post with no spotlight metadata was appearing at the top of the list, and the actual spotlight post was appearing below it. Using PHPStorm and Xdebug, I set a breakpoint for the query and examined the object. Under the request property, the following SQL was generated: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts LEFT JOIN wp_term_relationships ON (wp_posts.ID = wp_term_relationships.object_id) LEFT JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) LEFT JOIN wp_postmeta AS mt1 ON (wp_posts.ID = mt1.post_id AND mt1.meta_key = 'spotlight' ) WHERE 1=1 AND ( wp_term_relationships.term_taxonomy_id IN (724) ) AND ( ( wp_postmeta.meta_key = 'spotlight' AND wp_postmeta.meta_value = '1' ) OR mt1.post_id IS NULL ) AND wp_posts.post_type = 'post' AND ( wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' ) GROUP BY wp_posts.ID ORDER BY wp_posts.menu_order, CAST(wp_postmeta.meta_value AS CHAR) DESC, wp_posts.post_date DESC LIMIT 0, 3 }}} When running this SQL directly in SequelPro, the following IDs were returned, confirming the order that I was seeing: 1 227 <-- Spotlight Post ID 225 After looking through the SQL statement, I decided to check exactly what Wordpress was seeing. After modifying the query to include everything from the wp_postmeta query, something interesting happened: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID, wp_postmeta.* FROM wp_posts ... }}} I receive the following results: {{{ ID meta_id post_id meta_key meta_value 1 51 1 _edit_lock 1496942377:1 227 20794 227 spotlight 1 225 3305 225 _yst_is_cornerstone }}} It appears that the table that's being used to define the ordering - '''wp_postmeta''' - is not being filtered the same way as the other table alias '''mt1'''. Upon changing the order clause to use the filtered meta table: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID, mt1.* ... CAST(mt1.meta_value AS CHAR) DESC }}} I received the correct results: {{{ ID meta_id post_id meta_key meta_value 227 20794 227 spotlight 1 225 NULL NULL NULL NULL 1 NULL NULL NULL NULL }}} This is strange to me, as this line should theoretically prevent other unrelated meta information from being included in the results: {{{ WHERE ... ( wp_postmeta.meta_key = 'spotlight' AND wp_postmeta.meta_value = '1' ) OR mt1.post_id IS NULL ... }}} It should be noted that simply changing the ORDER BY clause in my case - while it ""fixes"" the issue - is not technically correct. Instead, the primary meta query clause should also contain the same filtering that the second does. The complete query looks like so: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts LEFT JOIN wp_term_relationships ON (wp_posts.ID = wp_term_relationships.object_id) LEFT JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = 'spotlight' ) LEFT JOIN wp_postmeta AS mt1 ON (wp_posts.ID = mt1.post_id AND mt1.meta_key = 'spotlight' ) WHERE 1=1 AND ( wp_term_relationships.term_taxonomy_id IN (724) ) AND ( ( wp_postmeta.meta_key = 'spotlight' AND wp_postmeta.meta_value = '1' ) OR mt1.post_id IS NULL ) AND wp_posts.post_type = 'post' AND ( wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' ) GROUP BY wp_posts.ID ORDER BY wp_posts.menu_order, CAST(wp_postmeta.meta_value AS CHAR) DESC, wp_posts.post_date DESC LIMIT 0, 3 }}} '''Notice that the first metadata left join contains the same filtering by meta_key as the second.''' I'm not sure what far-reaching consequences this might have, or if this issue has come up in the past. I imagine it's a bit of an edge-case. Let me know if this is something that you're able to reproduce on your end, or if you need more information in regards to this." maiorano84 40988 Use objects for `get_item_schema()` calls REST API 4.7 normal normal Awaiting Review enhancement new 2017-06-10T06:07:54Z 2017-12-03T22:32:02Z "The `get_item_schema()` method of a REST API controller always returns a dynamically generated array of schema information. This dynamic nature is needed, because some keys/values can change based on the current environment/controller. This incurs a large performance penalty because the arrays need to be set up again and again, and as a side-effect, the translations that are being used for the `'description'` field are being loaded every single time. On a fresh, empty install of WordPress 4.8, making a request to `GET /wp-json/wpv2/posts` can spend a third or more of its time translating strings. Most of these translations are done multiple times, every single time an item schema is being requested. See blackfire profiling run here: https://blackfire.io/profiles/20516863-50e3-4df2-938a-7fa2f462abc8/graph I suggest turning the arrays that `get_item_schema()` returns into a collection of smart objects that implement `ArrayAccess`. This offers the following benefits: * Objects use up the memory for their keys once. * Objects can be cloned (with the possibility to make changes after the clone), making sure that translations will at the most be loaded only once for every individual string. * Objects can be extended and/or decorated, making it easy and clean to provide different structures for different use case, to get around `if/else` edge case handling. * Objects can provide ""lazily-loaded"" keys (through magic methods or the proxy pattern), allowing the descriptions to only be processed when they are actually being requested. This would avoid the translation work completely for a use case like I tested above. I expect this to shave around 30% off of the execution time of the above test case. It also makes the code more scalable, as large response sets might even incur yet a bigger performance penalty than the one I have recorded." schlessera 4 40998 Replacing static page that includes a snippet reporter-feedback General 4.8 normal normal Awaiting Review defect (bug) new 2017-06-10T19:37:39Z 2020-09-08T05:55:15Z "Replacing the front page with a static one that includes a snippet as content leads to a blank page. Viewing the page code on a browser the content div hides the code that should appear by adding <!-- the snippet code --> The static pages works fine if not used as static. Tested with different plugins too. " pachadiroglou 2 41001 Recently Active Plugins Option does not reset when you delete a plugin. close Plugins 4.8 normal normal Awaiting Review defect (bug) new 2017-06-11T17:25:39Z 2022-02-26T20:18:45Z "When you deactivate a plugin like Akismet, a value gets saved into ""wp_options"" under the option name ""recently_activated"". The value looks like: ''a:1:{s:19:""akismet/akismet.php"";i:1497201452;}'' When you reactivate Akismet, the value is updated and resets the option back to look like this: ''a:0:{}'' '''The Bug.''' When you deactivate Akismet and delete akismet, the ""recently_activated"" option keeps this in the option value. ''a:1:{s:19:""akismet/akismet.php"";i:1497201452;}'' when it should reset back to ''a:0:{}''" GeekStreetWP 1 41008 WP_Error wrote instead of category name in wp_options table, category_base field Permalinks 4.8 normal normal Awaiting Review defect (bug) new 2017-06-12T12:31:13Z 2020-09-08T21:18:17Z "I just installed WordPress 4.8, yet I'm not sure it's a bug specific of this version or not. The issue is documented in the following post: http://www.ryadel.com/en/catchable-fatal-error-object-of-class-wp_error-could-not-be-converted-to-string-wordpress-fix/ Long story short, it seems that sometimes (when some errors occurs, in my scenario was a I/O error) the category_base value of the wp_options table gets filled with a WP_Error json object instead of a category name. This raises an exception in the rewrite.php script (line 326) when the function tries to use that value against a regex, expecting a string. Sadly enough, it doesn't seem easy to reproduce. " Neilgaiman 4 41011 get_calendar generates query with invalid date formats Date/Time normal normal Future Release defect (bug) new 2017-06-12T13:51:12Z 2020-09-22T05:31:12Z "Given a parameter like `?w=1400`, which is obviously not a week number, `get_calendar` will try to compute the date 9799 days into the year. It would make sense to check that `$w` is in a valid range, such as not greater than 53. At the same time, `get_calendar` does not check that `$m` is a valid date, resulting in `$thisyear == '0'` and a query of `SELECT DATE_FORMAT((DATE_ADD('00101', INTERVAL 9799 DAY) ), '%m')`." andy 3 41029 The changed author is not making the coming revisons adamsilverstein Revisions 4.8 normal normal Awaiting Review defect (bug) assigned 2017-06-13T14:02:03Z 2021-04-30T18:28:07Z "Hi In WordPress 4.8 the changed author won't be changed in the new revisions (and autosave)." elisa-demonki 1 41032 REST API: Date fields do not support ISO8601 has-patch REST API normal normal Future Release defect (bug) new 2017-06-13T17:46:15Z 2024-02-15T16:30:24Z "The post and comment `date` and `date_gmt` fields as well as a couple of others like the post `before` and `after` fields [https://core.trac.wordpress.org/browser/tags/4.8/src/wp-includes/rest-api.php#L776 claim to support ISO8601] but this is not entirely accurate. The actual format supported is that handled by the [https://core.trac.wordpress.org/browser/tags/4.8/src/wp-includes/rest-api.php#L776 `rest_parse_date` function]: `YYYY-MM-DDTHH:MM:SS` plus optional fractional seconds plus an optional timezone specifier in the form `Z`, `+XX`, `-XX`, `+XX:XX`, or `-XX:XX`. Additionally, WordPress behavior around timezones is complicated and poorly specified. The `post_date` database field is stored in the site's current timezone, and how to interact with this using `before` and `after` in particular is not clear. (The best way to do it is probably to avoid specifying a timezone string at all for these values, unless the site's timezone is known by the API client and specified exactly.) All of this needs to be documented at https://developer.wordpress.org/rest-api/ and any missing test cases added." jnylen0 5 41034 importing users in multisite: should add existing users to the current blog Import 4.8 normal normal Awaiting Review defect (bug) new 2017-06-13T20:44:57Z 2020-10-28T09:58:24Z "When importing a WXR file in a multisite setup, if 1. an author in the WXR file exists in the multisite but **not** in the current blog; and 1. the ""import author"" route is taken (i.e., neither ""create new user"" nor ""assign posts to an existing user"" route is taken) then a ""Failed to create new user"" error is reported. Instead of that error, the existing multisite user should be added to the current blog. I can create a patch that implements this if folks think it would be a good idea." pbiron 1 41035 Don't return if WP_Error object return by wp_insert_term() from foreach() loop in wp_set_object_terms() Taxonomy 4.7 normal normal Awaiting Review defect (bug) new 2017-06-13T20:57:30Z 2018-05-02T14:32:39Z "Recently, I'm trying to restrict tag creation for some user roles. I tried with using roles and capabilities but it's not possible. So I hook function to `pre_insert_term` filter which returns WP_Error object if condition match. {{{ add_action( 'pre_insert_term', 'prevent_terms', 1, 2 ); function prevent_terms ( $term, $taxonomy ) { if ( 'post_tag' !== $taxonomy ) { return $term; } // Only administrator can create tag. $allowed_roles = array( 'administrator' ); $user = wp_get_current_user(); if ( ! empty( $user->roles ) && empty( array_intersect( $allowed_roles, $user->roles ) ) ) { return new WP_Error( 'term_addition_blocked', 'You are not allowed to create new tags.' ); } return $term; } }}} Now, a restricted user goes to the edit post and trying to assign existing tags to the post and its work fine. But when a user adds a tag which does not exist along with existing tags then existing tags also not assigned to that post. Because `wp_set_object_terms()` function will create new tag if it's not exists and I've return WP_Error object using `pre_insert_term` hook. So once it get WP_Error object then it returns from the `wp_set_object_terms()` function and it's also not execute for other terms. See https://core.trac.wordpress.org/browser/tags/4.8/src/wp-includes/taxonomy.php#L2237 To complete my functionality I hook into `admin_init` action and remove new tags from $_POST so that remaining existing tags can assign to the post. I believe, instead of returning, it should continue execution for other terms. Also, I'm not sure whether it's valid use case or not. So main question is, do we need to return if there is WP_Error while creating term or don't return and continue execution for other terms. I hope, I'm able to explain it properly. :) " chandrapatel 5 41037 Comment author can't edit their comment(s) if they aren't the post author Comments normal normal Awaiting Review defect (bug) new 2017-06-14T00:26:14Z 2019-11-22T11:42:32Z "In {{{map_meta_cap()}}}, the {{{edit_comment}}} meta capability is eventually mapped to {{{edit_others_posts}}} which results in comment authors not being able to edit their own comment(s) if their comment(s) are on a different user's post. Note 1: The issue is specific to the author role. The editor role doesn't see the issue because this role has the {{{edit_others_posts}}} cap. Note 2: The problem doesn't exist if the comment author is also the post author. This is because, in such cases, {{{edit_comment}}} is mapped to either {{{edit_published_posts}}} or {{{edit_posts}}}" henry.wright 3 41051 Confirm use of weak password Field show when removed password has-patch Users 4.8 normal normal Awaiting Review feature request new 2017-06-15T05:29:04Z 2019-06-04T06:22:03Z "Need to change jquery when password not exits hide ""Confirm use of weak password"" checkbox value. [[Image(http://imgur.com/a/Pmwe7)]] " ravipatel 3 41054 Use sargable date filtering where possible Database normal normal Awaiting Review enhancement new 2017-06-15T07:54:13Z 2017-06-15T12:13:22Z "Currently, many queries generated by WP use post_date in a non-sargable fashion, namely by filtering based on the output of a MySQL function taking post_date as a parameter. These can be easily rewritten to use the index on post_date without, to my eyes, breaking anything to boost performance. Here's an example: {{{ MariaDB [blog]> EXPLAIN SELECT * FROM blog.wp_posts WHERE YEAR(post_date) = 2017; +------+-------------+----------+------+---------------+------+---------+------+------+-------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +------+-------------+----------+------+---------------+------+---------+------+------+-------------+ | 1 | SIMPLE | wp_posts | ALL | NULL | NULL | NULL | NULL | 2684 | Using where | +------+-------------+----------+------+---------------+------+---------+------+------+-------------+ }}} vs {{{ MariaDB [blog]> EXPLAIN SELECT * FROM blog.wp_posts WHERE post_date >= ""2017-01-01"" AND post_date < ""2018-01-01""; +------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+ | 1 | SIMPLE | wp_posts | range | post_date | post_date | 8 | NULL | 262 | Using index condition | +------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+ }}} This optimization can be applied to any comparison between post_date and an already known parameter (from query_var). The only time it wouldn't be possible would be when comparing a portion of the date of two different posts (e.g. WHERE MONTH(x.post_date) == MONTH(y.post_date)) It's not much, but it's something. " ComputerGuru 1 41070 register_sidebar and dynamic_sidebar inconsistency Widgets 4.8 normal normal Awaiting Review defect (bug) new 2017-06-15T13:30:11Z 2017-06-23T07:15:20Z "Let's register a sidebar in functions.php and use digits for the value of the id key. {{{#!php <?php register_sidebar( array( 'id' => 'test123', // or 'id' => '123', // or 'id' => 123, 'name' => 'test - Mega Menu', ) ); }}} After that, the Widget is showing up at ''Appearance > Widgets''. But when we'd like to retrieve this widget using the dynamic_sidebar function, it won't work: {{{#!php <?php var_dump(dynamic_sidebar( 'test123' )); var_dump(dynamic_sidebar( '123' )); var_dump(dynamic_sidebar( 123 )); }}} All var_dumps will return ''bool(true)''" derkjanspeelman 2 41076 Themes: Add more help and documentation when editing theme files Themes normal normal Awaiting Review defect (bug) new 2017-06-15T14:45:50Z 2017-06-21T14:25:54Z "Add: “Looks like you’re trying to edit your theme! We recommend creating a [child theme](link)"" instead. This will let you make changes to your theme without accidentally breaking anything.” Except with better copy. Maybe also a “make child theme” one-click button that generates a child theme with a functions.php and style.css." karmatosed 4 41077 Revisions for code edits Administration normal normal Awaiting Review defect (bug) new 2017-06-15T14:47:58Z 2017-06-16T13:46:35Z "We should let people restore previous versions of their code in case they make mistakes. More details TBA." karmatosed 2 41079 PHP Notice: Undefined offset: -1 in /var/www/html/live/wp-includes/rewrite.php Rewrite Rules 4.3 normal normal Awaiting Review defect (bug) new 2017-06-15T17:22:51Z 2017-06-16T01:27:50Z "Low priority, but I'm trying to reduce the size of my error logs, and this notice is a vast majority of it. Issue lies at lines 376 & 378 in the ""wp_resolve_numeric_slug_conflicts"" function. Occurs when $postname_index is 0. With my limited understanding, it seems like that scenario can be skipped, so I added the below snippet to the ""if"" statement at line 363 in my build: {{{ || 0 === $postname_index }}} Please resolve in the next update. Thanks." myrmidon16 3 41081 Improve Custom Menu widget, show notification if menu is empty or no menu selected mdifelice dev-feedback Widgets 4.9 normal normal Future Release enhancement assigned 2017-06-16T13:33:58Z 2022-06-08T19:34:41Z "If you choose a menu for Custom Menu widget and we remove all items in that menu OR the menu is not selected -> nothing shows on the page. Maybe we should add a text message that will inform the user that the menu is empty or is not selected?" alexvorn2 22 41086 Conditional loading of CSS files from (for example) shortcodes Shortcodes 4.8 normal normal Awaiting Review feature request new 2017-06-16T19:51:47Z 2017-06-16T19:53:27Z "The nature of HTTP/2 is such that loading several smaller CSS files instead of one monolithic CSS file is best practice now. Great! However. I have found several cases where loading css files as required via `wp_enqueue_style()` doesn't work because I won't know what CSS file I need until I start rendering the page, which is well past when that function is called. For example, with shortcodes. I have a plugin installed and active that provides a `[shortcode]`. But this `[shortcode]` is not used on every page; or even most pages (such as a goldilock pricing table). So: how do I prevent the CSS for that shortcode from being loaded when `[shortcode]` is not used? Or from the other direction: how do you load the CSS for `[shortcode]` only when that shortcode is used, and only once if the shortcode is used multiple times? If I understand `wp_enqueue_styles()` correctly, anything enqueued after that action is run is sent to `print_late_styles()` but those go into the footer, leading to jank. The only solution I have found is to write the HTML to load the css file directly into the output stream. To that end I wrote this to avoid dupes: https://gist.github.com/th…/f002f696f365aff7c8252f6365cc7d5e It works but it feels hacky. To my way of thinking a better solution would be either a mod to `wp_enqueue_style()` or a new function that allows for the enqueueing of styles but their output on demand, and once per page, similar to what I wrote above. If the answer is just, ""don't do that,"" (which is what I've heard at least once while trying to find a solution) so be it. But the shortcode in question is loading 63k of CSS on every page and, caching be damned, I don't want it to." theMikeD 1 41099 update_option return value ambiguous Options, Meta APIs 4.8 normal normal Awaiting Review enhancement new 2017-06-19T20:58:45Z 2019-04-15T16:37:15Z "WordPress 4.8 The return value 'false' does not allow for differentiating if there was an error saving or if the option value already exists and is the same as the new value. Consider this scenario: a plugin sends option values via AJAX to be updated. The AJAX function returns the return value of 'update_option' which determines the feedback provided to the user, such as a 'success' or 'failure' message. Rather than returning 'false' if an option already exists and is the same as the new option, I suggest returning NULL. In this way the return value of 'update_option' can be checked as follows: {{{#!php if ( is_null( update_option( $option, $value, $autoload) ) ) { ... } // option exists and value is the same as existing option value if ( false === update_option( $option, $value, $autoload) ) { ... } // an error occured when saving the option if ( update_option( $option, $value, $autoload) ) { ... } // option updated successfully }}} The 'update_option' function would need line 308 changed from: {{{#!php return false; }}} to: {{{#!php return NULL; }}} " cloughit 7 41105 Fire action hook after updating option group. has-patch Options, Meta APIs 4.9 normal normal Awaiting Review enhancement new 2017-06-20T19:45:35Z 2017-06-20T19:50:52Z "This suggestion affects the Settings API. There are hooks that fire after updating a single option, but not when a group of options is updated. Options updated via the Settings API are handled by /wp-admin/options.php, which after updating them does a redirection to the previous page, not firing any hook beside the shutdown action hook. In fact, the shutdown hook could be used for the same purpose but it would require some more extra checks. Basically the hook would allow to perform some action that is required after all options in that group are updated." mdifelice 41106 wp_editor() doesn't support attributes besides id and class Editor normal normal Awaiting Review defect (bug) new 2017-06-20T20:31:16Z 2020-09-22T05:37:31Z "I'm replacing a generic textarea with a WYSIWIG field. My textarea has an `aria-describedby` attribute, but wp_editor() -- really `_WP_Editors::editor()` -- can't set any HTML attributes besides ID and class on the WYSIWIG. Would be better if I could do something like this: {{{ wp_editor( 'hi-roy', 'Some text', array( 'attrs' => array( 'aria-describedby' => 'description' ) )); echo '<p id=""description"">Some description</p>'; }}} " Shelob9 1 41110 "Display full content of ""Pending"" comment on WP Dashboard" has-patch Comments 4.8 normal normal Awaiting Review enhancement new 2017-06-21T05:42:37Z 2017-06-21T06:23:25Z """Recent Comments"" widget in WP dashboard displays a list of Pending and recent comments. A ""Pending"" comment has all the action items - approve, reply, edit, trash, spam. But, these items are of no use, because the complete comment text is not visible. It will be good to display the full content of the ""Pending"" comments. OR Add a toggle to display the full content without having to go to ""Comments"" page. " puneetsahalot 1 41114 "Installation: ""Search Engine Visibility"" not keeping checked on error" has-patch Administration 4.8 normal normal Awaiting Review enhancement new 2017-06-21T10:25:48Z 2019-08-16T06:44:10Z "Given your installing WordPress and you reach the screen about site title, admin login and ""Search Engine Visibility"". When you enable the checkbox for/near ""Search Engine Visibility"" And fill nothing out for mail address And press continue Then an error message appears And most fields are still filled out as before --- Problem: The ""Search Engine Visibility"" is no longer checked. IMHO this should also stay as intended to." screamingdev 1 41121 Consistency of the _deprecated_function() calls and related documentation. SergeyBiryukov has-patch General 4.9 normal normal Future Release task (blessed) reviewing 2017-06-22T03:00:23Z 2023-07-06T11:14:14Z "While working on [https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/pull/979 updating the `WP.DeprecatedFunctions` sniff] which is part of the [https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/ WordPress Coding Standards] project, we've come across a number of inconsistencies in the application of the function and/or the related documentation. @jdgrimes previously already reported this concerning three functions in #41094 (has its own patch in that ticket), however since then a lot more inconsistencies have been identified. In a series of patches which I will add to this ticket I will address these: === Patch 1: Fix deprecation info in various docblocks * Fix incorrect deprecation comment naming the deprecated function as its own alternative * Fix typo in docblock `@deprecated` tag which meant that deprecation is not indicated on the dev ref website * Add missing `@deprecated` tags for two functions * Add missing alternative in `@deprecated` comment for `wp_get_sites()` === Patch 2: Add missing replacement functions to various `_deprecated_function()` calls * Add missing parentheses to a few deprecated function replacement function strings to be consistent with how this is done everywhere else. * Add missing alternative for the WP_Customize Widget deprecated methods. * Add missing alternative for three deprecated ms functions * Add missing alternative for deprecated `wp_cache_reset()` function === Patch 3: Add missing `_deprecated_function()` function calls to various functions * Add missing `_deprecated_function()` call for `funky_javascript_callback()` * Add missing `_deprecated_function()` call for `_save_post_hook()`. * Add missing `_deprecated_function()` call for `default_topic_count_text()`. * Add missing `_deprecated_function()` call for `screen_meta()`. * Add missing `_deprecated_function()` call for two screen icon related functions * Add missing `_deprecated_function()` call for nine wp_dashboard related functions * Add missing `_deprecated_function()` call for `wp_ajax_wp_fullscreen_save_post()`. * Add missing `_deprecated_function()` call for `ms_deprecated_blogs_file()` === Patch 4: Add missing `_deprecated_function()` calls to various deprecated class methods * Add `_deprecated_function()` calls to all methods within the deprecated WP_User_Search class. * Add missing `_deprecated_function()` call for four methods in WP_Customize_Image_Control === Patch 5: Add missing `_deprecated_function()` calls for four deprecated pluggable functions. Not all functions complied with what the docblock at the top of the files states: > Deprecated warnings are also thrown if one of these functions is being defined by a plugin." jrf 46 41126 Customizer does not work if both wp_footer() and wp_head() functions are not present in the theme. Customize 4.7 normal normal Future Release enhancement new 2017-06-22T14:56:18Z 2017-07-05T21:06:03Z I know there is another ticket (#14752) that refers to when wp_head() and wp_footer() are not present in the theme and it was discarded. But in this case, I refer specifically to the Customizer. Since it will not work when those functions are missing, maybe we can disable it completely (maybe with a dismissible notice in the head) or find a way to include the necessary files and data and make it work even when those functions are missing. mdifelice 12 41128 404 Page not found after using same URL in post / page Posts, Post Types 4.8 normal normal Awaiting Review defect (bug) new 2017-06-22T15:40:28Z 2017-06-22T17:13:21Z "Starting from a clean Wordpress 4.8 installation. 1. Configure permalinks to: http://domain.com/post-title/ 2. Create a post with title 'new' 3. Remove the post with title 'new' to trash 4. Create a new page with title 'new' 5. Remove post 'new' from trash (not necessarily, both cases result in 404) 6. The page you created trows a 404 due to a database error since it has two different objects with the same URL, though different objects. " jpgos 41130 Link boundaries for links contaning images look bad Editor 4.8 normal normal Future Release defect (bug) new 2017-06-22T18:31:40Z 2017-11-20T22:59:27Z "In 4.8, the new link boundaries were introduced. For normal links they are fine and they highlight the link really nice. But if there's an image (inline-block element) in the link, the link boundaries look quite ugly. This is the case when you embed an image from the media library. The following code was used to generate the screenshot: {{{ [caption id=""..."" align=""alignnone"" width=""300""]<a href=""IMAGE_FILE""><img class=""size-medium ..."" src=""IMAGE_FILE"" alt=""Test"" width=""300"" height=""200"" /></a> Test[/caption] }}} If you click on the image, two narrow link boundary markers appear above and below the image (see screenshot). These are taking up extra vertical space, so the image 'jumps' a bit. Maybe it would be the best to disable the link boundary feature for links containing only images, in my opinion they don't provide any useful information and may irritate the user." mahu2401 2 41132 permalinks are broken when using PHP7.0-fpm with nginx Permalinks 4.8 normal normal Awaiting Review defect (bug) new 2017-06-22T21:34:07Z 2020-05-29T05:43:02Z "Setting permalinks to anything but plain causes a white screen of death with the nginx error message: the error is ""2017/06/22 19:55:49 [error] 20482#20482: *28040 FastCGI sent in stderr: ""Primary script unknown"" while reading response header from upstream, client: MYIPHERE, server: MYSERVER, request: ""GET /apps/my-secret-drinks-android/ HTTP/1.1"", upstream: ""fastcgi://unix:/var/run/php/php7.0-fpm.sock:"", host: ""MYHOST"", referrer: ""https://MYDOMAIN/apps/"" This is my Nginx site configuration: https://paste.ngx.cc/7e It was working when I was using php5-fpm and only started after upgrading php5-fpm to php7.0-fpm" Towlieban 41138 Add classes to Widgets in widgets.php and customize.php pages audrasjb Widgets normal normal Awaiting Review enhancement assigned 2017-06-23T16:37:07Z 2020-04-13T12:44:58Z "Add widget base id class to widgets so developers could add custom CSS styles to their custom widgets. Currently the widgets have only ""widget"" class and ""ui-draggable"". What do you think? I think it's a great idea to highlight custom widgets with different colors, so users can easily find new installed widgets from plugins. (Maybe some one with have other purposes)" alexvorn2 6 41139 Plugin editing: Should the 'browsing' stand out more? Plugins normal normal Awaiting Review defect (bug) new 2017-06-23T17:56:50Z 2017-06-23T18:25:28Z "This message seems to get lost on the page: [[Image(https://cldup.com/ZKUO4NfdPq.png)]] While we are reviewing this making it not just say 'active' and making the message a bit more relatable could be good. " karmatosed 1 41140 Theme/plugin editing: Long file list goes off page Plugins normal normal Awaiting Review defect (bug) new 2017-06-23T18:01:40Z 2017-06-23T18:25:28Z "If you have a long list of files, the list goes a long way down. Could we paginate? Have a 'scrollbox' (probably bad idea)? Have some better way of showing these? [[Image(https://cldup.com/91gj2sr2jz.png)]] " karmatosed 1 41141 Plugin edit: Missed message about making file writeable Plugins normal normal Awaiting Review defect (bug) new 2017-06-23T18:09:08Z 2017-06-23T18:25:28Z "Again, the messages are easy to miss. This may get scooped up in one improving ticket, but worth reporting. [[Image(https://cldup.com/zzF9FEjMvT.png)]] " karmatosed 1 41142 Theme editing: inconstancies with messages between this and plugin editing Themes normal normal Awaiting Review defect (bug) new 2017-06-23T18:14:52Z 2017-06-23T18:25:28Z "The process is the same but we have different ways of saying it. For example even this: [[Image(https://cldup.com/ndD0DpUtS2.png)]] In the plugin it says: [[Image(https://cldup.com/MQ09SZmEdS.png)]] " karmatosed 1 41148 Test for ticket 39875 can throw PHP error has-patch Media 4.8 normal normal Awaiting Review defect (bug) new 2017-06-24T07:53:42Z 2017-08-28T11:29:35Z "The test that was written for #39875 can throw a PHP error under certain circumstances: `Undefined index: sizes`. The problem arises when then `wp_generate_attachment_metadata()` call does not return the proper array data. As the preview path generation directly access a specific array index, this throws a PHP error." schlessera 6 41155 Themes modal hides admin sidebar sub-menu navigation mp518 has-patch Themes normal normal Awaiting Review defect (bug) reopened 2017-06-25T05:17:30Z 2024-02-24T17:19:16Z "Hello Team As this is really awesome as working with the community of wordpress CMS. While reviewing themes of WordPress Me and my colleague @amolebonde face issue about accessing sub-menu navigation when we are theme detail page WordPress Admin > Appearance > Themes > Theme Details. Once we are on Theme Detail page then in case if the user wants to access any Sub Menu Navigation it not shows well, which goes behind the popup theme detail page. For Ref. Screen Shot Attach [[Image(https://s4.postimg.org/qvkwram4d/Screen-_Shot-2017-06-25-at-10.26.18-_AM.jpg)]] Wordpress Version 4.8 Browser Check: SAFARI 10.1.1, Google Chrome 58.0 " codexdemon 25 41170 Allow the newbloguser screen to be themed Login and Registration 3.0 normal normal Awaiting Review feature request new 2017-06-25T19:59:04Z 2017-06-26T07:58:12Z "The appearance of the `newbloguser` screen is not themeable. It should be. Related: #37921" johnbillion 1 41172 Allow autosaving to be disabled on a per post type basis has-patch Autosave normal normal 6.6 enhancement new 2017-06-26T08:24:58Z 2024-02-27T22:31:57Z Autosaving should be a post type feature, so that individual post types can opt out. Disabling this feature should remove both the server-side and the client-side saving. Frank Klein 20 41175 Twenty Seventeen: The letters in words with i, j, l look all the same in h3-headings that are also formatted strong. has-patch Bundled Theme 4.8 normal normal Awaiting Review enhancement new 2017-06-26T19:18:31Z 2023-02-25T20:31:57Z "I stumbled across a website today (brent.fm/how-we-work) that is using the Twenty Seventeen Theme. There are some pages that have text paragraphs that are formatted with the '''h3''' and '''strong''' HMTL-tag. Unfortunately these paragraphs contain a lot of words with ""i"" and ""l"" and even ""j"" like: like, guide, communicators, projects, etc. and these three letters (i,l,j) in the choosen theme font look all the same on Desktop mode, which makes it quite a bit difficult to read. The font-size though gets smaller on Mobile mode and is better readable then, because the letters look like they should: different. I'm not sure if this is really a bug because usually an h3-heading is not meant to be strong formatted also, but as it seems, that's what some people do and the font behaves quite unpleasant in this case, it would be good to have the designers (@melchoye ?) to pay attention to that, with this specific font. I was able to reproduce that on a fresh local installation of WordPress 4.8 on Windows. Screenshot is attached. " transl8or 4 41179 Adding get_the_content-filter dev-feedback Themes 4.8 normal normal Awaiting Review enhancement new 2017-06-27T01:14:32Z 2023-02-03T01:06:47Z "Hey there, atm I cannot replace the content by a custom on, because of missing filter for get_the_content(). Attached a patch for this." Ninos Ego 7 41180 ABSPATH definition - incorrect on chrooted vhost has-patch Bootstrap/Load 4.8 normal normal Awaiting Review defect (bug) new 2017-06-27T08:17:39Z 2019-02-04T17:41:03Z "ABSPATH defined in wp-load.php (and in other files) returns incorrect string on chrooted vhosts (double slash '/' instead of a single): {{{#!php <?php if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', dirname( __FILE__ ) . '/' ); } }}} On chrooted vhost - output of dirname( __FILE__ ) is '/' and no need to add additional '/' at the end of string. It would be nice if the ABSPATH definition looked like the following: {{{#!php <?php if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', ('/' === dirname( __FILE__ )) ? dirname( __FILE__ ) : dirname( __FILE__ ) . '/' ); } }}} " dacartpl 2 41196 add _doing_it_wrong to get_query_var and prevent fatal errors has-patch Query normal normal Awaiting Review defect (bug) new 2017-06-28T20:32:21Z 2017-11-12T15:15:18Z "The following scenario will throw a fatal error: {{{#!php <?php function parse_query_fail_test(){ get_query_var('some_var_name', false); } add_action('parse_query', 'parse_query_fail_test'); function parse_query_fail_trigger(){ get_posts(); } add_action('plugins_loaded', 'parse_query_fail_trigger'); }}} this could easily be avoided with a check and _doing_it_wrong function, similar to functions further down such as is_tax(); I would argue that the same could be done for get_queried_object(), get_queried_object_id() and set_query_var()" netweblogic 1 41199 Allow the optional editing of an author slug Users normal normal Awaiting Review enhancement reopened 2017-06-29T09:40:26Z 2017-06-30T13:35:17Z "At the moment an author slug cannot be changed, although plugins are available to allow this. I believe that WordPress should be able to do this, ""out of the box"". Changes to names, whether through marriage, change of sexual orientation or many other reasons, are important to the individuals that go through it. The original slug, by remaining unchanged, is still the link to an authors page on WordPress and may be the last thing an author, post name change, wants to see. I think, as a very basic change, there should be the option to change this slug, if required (but not a requirement because of how it will affect existing author links). To take this a stage further, if possible, we should also add the option to allow the original slug to also work too." dartiss 5 41204 Placement of wp_redirect() in template Themes normal normal Awaiting Review enhancement new 2017-06-29T13:15:03Z 2017-07-12T18:32:02Z "It doesn't say on [https://developer.wordpress.org/reference/functions/wp_redirect/ | this page] where in template file should wp_redirect() function be called. If placed in wrong place, there could be created confusion and impression that function doesn't work. So, it should be placed '''before''' get_header(); In case page is redirected only under certain condition, it would be something like: {{{ /** * Redirect only if this condition is met */ if ( certain_condition ) { wp_redirect( $location ); exit; } /** * Otherwise render the page */ get_header(); }}} " milana_cap 6 41224 "WP strips query vars if post contains ""wp-admin""" has-patch Query 4.9 normal normal Awaiting Review defect (bug) new 2017-07-03T00:09:50Z 2017-07-03T10:48:55Z "I'm running up against this rather obscure issue in the WP Query parser. If a post name contains ""wp-admin"", the query vars are emptied which results in loading the front page instead of the post. Repro steps: - Use built-in PHP web server to start a WP site. - Create a post or CPT called ""test-wp-admin"" - View the post, you will be redirected to the frontpage. Here is the relevant code from class-wp.php {{{ if ( isset($perma_query_vars) && strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) unset( $perma_query_vars ); }}} https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp.php#L276 If you inspect $_SERVER['PHP_SELF'], the resulting value is ""/index.php/test-wp-admin/"" which triggers the conditional. It is not immediately clear to me why this is being done at all." khromov 3 41226 "Static ""posts page"" preview not working" needs-unit-tests Posts, Post Types normal normal Awaiting Review defect (bug) reopened 2017-07-03T09:41:05Z 2019-02-17T13:21:59Z "My site has both a static front page and a static posts page. The former is intended to be the site's home page, the latter the blog section home page. The static posts page is a regular page, created through the admin interface. Some parts of it are editable by admin - this is a design choice driven by project needs. Whenever I update the static posts page through the editor, the preview doesn't work: '''clicking on the ""preview"" shows the preview of the ""front page"" instead.''' Apart from that, everything works on the front-end side, and I can edit and save the posts page as needed. Unfortunately, as the project is being currently developed, I can't publicly publish urls or screenshots at the time." emross 5 41229 the tag read more is not working Editor 4.8 normal normal Awaiting Review defect (bug) new 2017-07-03T12:17:48Z 2017-07-03T22:11:01Z "Hello, I have wordpress on a Hebrew language and when I try to add read more tag on post it's not show up in the frontend" yohanankap 5 41236 Reset Password button text during the registration process dev-feedback Login and Registration normal normal Awaiting Review defect (bug) new 2017-07-04T14:05:11Z 2017-07-06T08:51:21Z "After completing the registration form at wp-login.php, the user is sent a ""Your username and password"" email which contains a link to the reset password page. Here, the user can set a password. The button on the page reads ""Reset Password"". The button text doesn't quite make sense. The user isn't resetting their password; instead, they are setting a password for the first time. Something like ""Set password"" seems more appropriate. " henry.wright 5 41241 questioning for sftp-hostname while update does not accept final slash Upgrade/Install 4.8 normal normal Awaiting Review enhancement new 2017-07-04T22:42:11Z 2023-03-22T18:37:43Z "Trying to update themes/plugins/translations you will be asked to put the servers sftp login-dates if the files-owner isn't the server. Putting in there the hostname with a final / (slash) I get an error (without final slash works fine). Is there a missing if-clause to try wether there a a slash yet or no? I hope I've written understandable, cheers" jonny-s 1 41249 "Improve the ""collapse menu"" interface" General normal normal Awaiting Review enhancement new 2017-07-05T20:31:56Z 2019-04-21T10:44:49Z "I would like to propose an update to how the left sidebar collapses in the WordPress admin. Right now I can shrink the sidebar down by shrinking the screen, but there are times I'd like to make the sidebar smaller to focus on the content I'm writing. It's also important that I don't have to go into fullscreen mode. It takes and a short delay to open/close it. While I'm in fullscreen mode I can't do anything else. Having a smaller sidebar visible at all times - with the option to easily make it bigger again - would be ideal. So, my proposal is: What if we had 3 stages to the left navigation sidebar? * As is, full size * Partially collapsed (like how it shows on tablet view) * Fully hidden In order to drag between these states there would be a button that appears on hover to pull the sidebar left or right. Kind of like how Things 3 does it: https://v.usetapes.com/mi3p2NxN3Z The attachment shows my recommendations for how I'd envision the 3 states: *Note:* While the interface shows the Gutenberg plugin (this conversation originated on this issue: https://github.com/WordPress/gutenberg/issues/1522), the impact of this feature request applies to the WordPress admin as a whole, as such the discussion was moved to Trac. " JoshuaWold 4 41257 "translate( null, ""domain"" ) returns translation of ""0"" rather than null" close I18N normal minor Awaiting Review defect (bug) new 2017-07-06T09:13:15Z 2022-09-11T17:51:54Z "This could be a case of garbage in = garbage out but I noticed that calling `translate( null, ""domain"" )` or `translate( """", ""domain"" )` produces an unexpected result when - the text domain for ""domain"" is loaded - and it contains a translation for ""0"". === Expected output === null or null string === Actual output === translation of the `""0""` string === Workaround === Don't call translate() this way. === Question === Could/should there be a unit test to confirm what should happen? " bobbingwide 3 41266 Not hard coding the table alias prefix in WP_Meta_Query would make class more extendable noisysocks has-patch Query 4.8 normal normal Future Release enhancement assigned 2017-07-07T13:36:44Z 2021-11-07T19:58:01Z "Hi, I am extending the WP_Meta_Query class for my own uses with custom tables that have the same structure as meta tables. It is an incredibly useful class for this. However the fact that the table alias prefix {{{mt}}} on line 535 is hard coded forces me to do awkward and complex string replaces if I want to use my extensions alongside built in meta queries. I think changing the prefix from being hard coded to a property/function of the meta query object would make this class much more versatile for plugin developers. " thomaslhotta 11 41270 Allow deletion of plugins or themes from the Updates screen has-patch Upgrade/Install normal normal Future Release enhancement new 2017-07-07T18:59:05Z 2018-08-31T14:22:27Z "A suggestion from @matt on a recent [https://make.wordpress.org/core/2017/06/20/dev-chat-agenda-for-june-21st-4-8-1-week-1/#comment-32735 dev chat update thread]: > Sometimes when you get an update notice for something, you realize you don’t need it. (Like old twenty* themes.) Ability to delete a plugin or theme from the updates screen, instead of updating it." melchoyce 3 41272 Unattached media URLs broken for anything over 1000 Permalinks normal normal Awaiting Review defect (bug) new 2017-07-07T23:09:21Z 2017-07-08T16:26:17Z "'''Steps to reproduce''' 1. On your local computer, rename a file to {{{1180.jpg}}} 2. Upload the file to the Media Library 3. Visit {{{example.com/1180}}} You will get a 404 broken link. If you do the same for a 1, 2 or 3 digit filename, you won't see the issue. {{{ example.com/31.jpg // Works example.com/872.jpg // Works }}} The problem isn't just related to images. {{{ example.com/1871.mp3 // 404 }}} " henry.wright 6 41278 SQL_CALC_FOUND_ROWS slow query Database 4.8 normal normal Awaiting Review defect (bug) new 2017-07-09T17:12:10Z 2017-07-19T18:41:46Z "In the logs of slow queries when searching for steel, the following types of logs appear: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND (((wp_posts.post_title LIKE '%donald%') OR (wp_posts.post_excerpt LIKE '%donald%') OR (wp_posts.post_content LIKE ‘%donald%’)) AND ((wp_posts.post_title LIKE '%trump%') OR (wp_posts.post_excerpt LIKE ‘%trump%’) OR (wp_posts.post_content LIKE '%trump%'))) AND wp_posts.post_type IN ('post', 'page', 'attachment') AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' OR wp_posts.post_author = 186 AND wp_posts.post_status = 'private') ORDER BY (CASE WHEN wp_posts.post_title LIKE ‘%donald trump%' THEN 1 WHEN wp_posts.post_title LIKE ‘%donald%’ AND wp_posts.post_title LIKE '%trump%' THEN 2 WHEN wp_posts.post_title LIKE '%donald%' OR wp_posts.post_title LIKE '%trump%' THEN 3 WHEN wp_posts.post_excerpt LIKE '%donald trump%' THEN 4 WHEN wp_posts.post_content LIKE '%donald trump%' THEN 5 ELSE 6 END), wp_posts.post_date DESC LIMIT 0, 30; }}} How can I eliminate it?" lubimow 5 41279 Make PDF Thumbnail (WP 4.7 feature) accessible via the Media Manager Media normal normal Awaiting Review feature request new 2017-07-09T19:24:26Z 2020-10-21T12:55:14Z "When you upload a PDF file WordPress creates a ""preview image"" - This was added as of WP 4.7 This feature request to have that image also added into the database so that it is accessible via the Media Manager. The use case for this feature is that I have a Monthly Newsletter and want to use the preview image (page 1 of the PDF) as the featured image for the post where I am putting the link to the PDF Additionally some plugins (like visual composer) allow you to insert single images, however, you need to be able to select it from the media manager, not just put in a URL" sflwa 7 41281 attachment_url_to_postid results in very slow query joemcgill* Database 4.9 normal normal Awaiting Review enhancement accepted 2017-07-10T07:53:25Z 2021-04-30T13:17:51Z "`attachment_url_to_postid` throws query like this: {{{ # wp-includes/media.php ll.3922 $sql = $wpdb->prepare( ""SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attached_file' AND meta_value = %s"", $path ); }}} But wp_postmeta table has index only of `meta_key`, this may cause file sort. == Why this is problem == Let's assume that you have 20,000 posts and each post has 10 attachments in your WP news site. MySQL filters rows with `meta_key` but still remain 200,000 possible rows. This causes file sort. `attachment_url_to_postid` is used not only in admin screen, but also in public area(e.g. AMP Plugin https://wordpress.org/plugins/amp/ ). Now twitter changes URL for mobile device if AMP version is available. So, MySQL CPU raises up to 100% by `attachment_url_to_postid` if site traffic is high, == Solution == To avoid slow query, I suggest adding another index. {{{ ALTER TABLE $wpdb->postmeta ADD INDEX meta_key_meta_value (meta_key(191), meta_value (64)); }}}" Takahashi_Fumiki 11 41288 wp admin bar WordPress about and updates icon can't show in Smartphone. dev-feedback Toolbar 4.9 normal normal Awaiting Review enhancement new 2017-07-11T09:26:39Z 2024-02-29T20:42:30Z WordPress admin side WordPress about and Updates can't show in smartphone it should be display none in Very narrow screens.that can be helpfully for smartphone user. mp518 10 41302 WordPress not stopping queries which have reached limit and preventing users to load WordPress until query times out Database 4.8 normal normal Awaiting Review defect (bug) new 2017-07-13T07:28:09Z 2017-07-14T07:58:38Z "[[Image(Pasted image at 2017_07_13 10_14 AM.png)]] I have problem with WordPress mysql `max_questions=600, max_updates=600` limit {{{ User 'id1561843_wp_ac6601cd835d82e22d89d11a3ea228a0' has exceeded the 'max_queries_per_hour' resource (current value: 500) }}} After {{{ wp-db.php:830 }}} comes timeout. I suspect that that after limit is reached {{{ public function set_charset( $dbh, $charset = null, $collate = null ) { }}} throws and error. After that WordPress gets stuck on loading something. And you cannot make any other queries on other browser windows. Proper script should just kill the query after error that limit has been exceeded." juslintek 2 41304 Bad protocol sanitization in KSES for URLs NOT RFC 3986 compliant Formatting 4.8 normal normal Awaiting Review defect (bug) new 2017-07-13T10:41:29Z 2017-07-13T14:10:32Z "For URL's that are passed through the kses sanitizer. As specified in RFC 3986, Section 3.3 The path component contains data, usually organized in hierarchical form, that, along with data in the non-hierarchical query component (Section 3.4), serves to identify a resource within the scope of the URI's scheme and naming authority (if any). The path is terminated by the first question mark (""?"") or number sign (""#"") character, or by the end of the URI. If a URI contains an authority component, then the path component must either be empty or begin with a slash (""/"") character. If a URI does not contain an authority component, then the path cannot begin with two slash characters (""//""). In addition, a URI reference (Section 4.1) may be a relative-path reference, in which case the first path segment cannot contain a colon ("":"") character. The ABNF requires five separate rules to disambiguate these cases, only one of which will match the path substring within a given URI reference. We use the generic term ""path component"" to describe the URI substring matched by the parser to one of these rules. So colon(':') is allowed inside URL's. When trying to split the URL like this: {{{#!php <?php function wp_kses_bad_protocol_once($string, $allowed_protocols, $count = 1 ) { $string2 = preg_split( '/:|�*58;|�*3a;/i', $string, 2 ); ... }}} for URL's that do not contain a specified scheme and use colon (':') inside the URL this breaks and returns only the second part of the URL after the colon. Eg: //t0.gstatic.com/images?q=tbn:ANd9GcSxT2q6fV-59s5hq5a03fpgsFYzVtL014iARzGRG7S_3CUjYpIGNlQx0ruGtVl5KCAEOxAtb_ZQ will return: ANd9GcSxT2q6fV-59s5hq5a03fpgsFYzVtL014iARzGRG7S_3CUjYpIGNlQx0ruGtVl5KCAEOxAtb_ZQ Also a “network-path reference” should be implied, in the current format you assume a scheme exists beforehand. Changing the split to: {{{#!php <?php ... $string2 = preg_split( '/(:\/\/)|�*58;|�*3a;/i', $string, 2 ); if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) { ... $string = $protocol . '//' . $string; } ... }}} fixes this issue and is more compliant without breaking sensitization. " bogdanpreda 1 41305 Add lazily evaluated translations timothyblynjacobs dev-feedback I18N 4.8 normal normal Future Release enhancement assigned 2017-07-13T11:16:56Z 2023-05-12T12:14:20Z "In the context of #40988, I did a few performance tests and experimented with adding a lazily evaluated translation object. The general principle is this: Instead of returning the resulting string of a translation, return an object for which the `__toString()` and `jsonSerialize()` methods will fetch the resulting string instead. I tested by having the `__()` method return such a proxy object, instead of the actual translated string. From a quick profiling run on `wptrunk.dev/wp-json/wp/v2/posts`, I got the following results: Returning a `translate()` from `__()`: {{{ Wall Time 162ms CPU Time 157ms I/O Time 5.48ms Memory 16.5MB Network n/a n/a n/a SQL 4.41ms 13rq }}} Returning a `TranslationProxy` from `__()`: {{{ Wall Time 144ms -19ms -14.9% CPU Time 138ms -18ms -15.4% I/O Time 5.33ms -154µs -3.0% Memory 16.6MB +81.6KB n/s Network n/a n/a n/a SQL 4.33ms 13rq }}} As you can see, this shaved off almost 15% from this simple request. It saved 2255 calls to `translate()`, 2157 calls to `get_translations_for_domain()` and, more importantly still, 2156 calls to `apply_filters()` (which could involve a lot of additional processing in some cases). The main problem with this approach is that WordPress does not contain real type-hinting, so BC is broken wherever the proxy is not echoed, but used directly. As we cannot possibly foresee how plugins might use their localized strings, I suggest adding new lazy variations of the translation functions. To mirror the ""echo"" variations that prefix the translation functions with an `e`, I'd suggest using the `l` prefix for these variations: {{{#!php // Lazily retrieve the translation of $text. _l( $text , $domain = 'default' ); // Lazily retrieve the translation of $text and escape it for safe use in an attribute. esc_attr_l( $text, $domain = 'default' ); // Lazily retrieve the translation of $text and escape it for safe use in HTML output. esc_html_l( $text, $domain = 'default' ); // Lazily retrieve translated string with gettext context. _lx( $text, $context, $domain = 'default' ); // Lazily translate string with gettext context, and escape it for safe use in an attribute. esc_attr_lx( $text, $context, $domain = 'default' ); // Lazily translate string with gettext context, and escape it for safe use in HTML output. esc_html_lx( $text, $context, $domain = 'default' ); }}} Arbitrary testing has shown that using such lazily evaluated translations strategically can improve the performance by 10-30% for certain scenarios. Implementing them in this BC fashion allows us to fine-tune Core usage and make it available to plugins, while playing it safe with existing code." schlessera 69 41309 Theme and plugin editing experience improvements at smaller screens karmatosed Themes normal normal Awaiting Review defect (bug) assigned 2017-07-13T13:52:03Z 2019-05-23T19:29:09Z "It was running some tests and noticed how bad the editing experience is when there is a smaller screen. An example is: [[Image(https://cldup.com/6dnk2TUA53-3000x3000.png, 80%)]]" karmatosed 9 41314 If the required fields are not set on user profile's save, every field's value will be dropped jackjohansson has-patch Users 4.8 normal normal Awaiting Review defect (bug) assigned 2017-07-13T17:43:36Z 2023-10-11T19:45:23Z "Hi, In the user profile screen, there are some required fields such as email and nickname. Let's say I have added some extra fields using `edit_user_profile` and `show_user_profile` action hooks. These fields are filled by the user, and do not have to be required. If the user fills every field (let's say 20 fields, took 10 minutes to fill) but clears the email field and save the form, there will be shown an admin error: '''ERROR''': Please enter an email. Every field that was filled by the user will be dropped, and has to be refilled. The point is, until the required fields are empty, there is no reason to let the user save the form in the first place. This issue has been discussed in the WordPress Development StackExchange. I've posted 3 solutions for this issue, which can be improvement or bug resolve. Below is a link to the question on WPSE. I would be happy to write an accurate solution, in case the development team decides to push this into their future patches. https://wordpress.stackexchange.com/q/272940/94498 King regards, Jack" jackjohansson 13 41324 Action of password-protect form. Posts, Post Types normal normal Awaiting Review defect (bug) new 2017-07-14T12:38:49Z 2017-07-14T12:43:17Z "The default form action too-easily (I think just two submissions of a blank or incorrect password) loads wp-login.php?action=postpass with a 'service unavailable' message'). Simple validation to ensure correct password can prevent this. " gulliver 41328 lightbox plugins cannot get image address to open except from image link Gallery 4.8 normal normal Awaiting Review feature request new 2017-07-14T14:43:04Z 2019-05-02T13:39:24Z "it would be good if you put image sizes specially for lightbox plugins. it is already possible to edit A tag's href attributes manually by adding something like ""-768x1024"" but that endings differ for different images so it is not easy. it is not possible to edit links of images of gallery at all, though it is possible to copy-past gallery code from preview's html source and then edit it manually. by default single images and gallery images link to full version of image or to attachment page, and it is not possible to change to smaller version from gui. it would be good if it would be possible to easily select smaller image from gui because as i said they can have different endings. and it would be especially more comfortable for galleries because it would change many links at once. maybe it would be good to provide additional image address in additional attribute for usage by lightbox plugins. so A tags around image might link to full image or attachment as configured and lightboxes would get get image address from custom attribute." qdinar 1 41332 Introduce dedicated capabilities for managing attachments dev-feedback Media normal normal Future Release enhancement new 2017-07-14T19:01:53Z 2021-02-18T15:56:08Z "The capabilities for attachments currently use the regular post capabilities, so it is impossible to grant users specific attachment capabilities without giving them the same post capabilities. While this is fine for WordPress itself, it can be a pain for custom setups which need specific users to have access to their attachments without them being able to write a post. It is rather easy to change that by setting the `capability_type` argument for the `attachment` post type to `attachment` instead of `post`. To make this change compatible we could do two things: * For new setups, we could simply add the necessary capabilities to the respective roles. Note that this won't work retroactively as it would require a heavy migration none of us wants to invest their time for. :) * For existing setups, the necessary capabilities could be granted to users through a default filter for `'user_has_cap'`, so that it would basically map back to posts. Custom setups could remove that filter to invent their own handling of the attachment capabilities. It might be a bit of a tough idea to have two different ways for this to work, so if we are too wary of doing it, we could of course only do what I described in the second point everywhere. An alternative to the whole thing would be to not change anything but introduce a filter for the attachment post type's `capability_type` argument. Otherwise the value would need to be hacked on the already-registered post object. This solution would clearly lay the responsibility more on the plugin authors, which might make sense given the benefits do not really matter for core itself." flixos90 9 41335 dbDelta() does not recognize MySQL's IF NOT EXISTS statement reporter-feedback Upgrade/Install normal normal Awaiting Review enhancement new 2017-07-15T12:24:51Z 2022-10-21T12:46:12Z "When a new table is creating with {{{IF NOT EXISTS}}} MySQL statement in query then array {{{$cqueries}}}(creational queries) will have invalid table names as keys. The keys of the array use below in the function's code for fetch the table column structure in {{{DESCRIBE}}} statement. Example query: {{{CREATE TABLE wp_delta_table...}}} The extracted table name: wp_delta_table Example query: {{{CREATE TABLE IF NOT EXISTS wp_delta_table...}}} The extracted table name: IF" kmaxim 4 41339 WP_Comments_Query::__construct() should allow a 'status__not_in' parameter needs-unit-tests Comments 4.9 normal normal Future Release enhancement new 2017-07-15T19:47:02Z 2017-07-30T15:24:18Z "`WP_Comments_Query::__construct()` (and hence, `get_comments()`) currently allows a `status` parameter to get comments with a specific status. It would be useful to also allow `$status__not_in` to exclude comments with specific stati. Related: #41338" pbiron 4 41340 fsockopen HTTP Proxy support is broken for HTTPS URLs HTTP API 4.8 normal normal Awaiting Review defect (bug) new 2017-07-16T12:47:02Z 2020-10-01T22:58:13Z "First of all, a little bit of background on HTTP proxies. ""HTTP proxies"" can exist with and without TLS at the proxy level. Both varieties allow you to connect to HTTPS hosts, through the CONNECT method (https://tools.ietf.org/html/rfc7231#section-4.3.6). This means that there are four different valid combinations of TLS at proxy connection level and TLS at remote host connection level. WordPress only allows setting a single proxy host (and port), but provides no configuration for whether it should be connected through TLS. The curl code correctly interprets this as using a non-TLS HTTP proxy for both HTTP and HTTPS connections. fsockopen instead will use the remote host TLS (ssl) option even when opening the connection to the Proxy, effectively forcing the same host:port pair to be used both as TLS and not, which does not generally work. Resulting in these error connections: HTTP proxy with no TLS: - https://api.wordpress.org/ -> tries connecting to proxy with tls, fail. - http://api.wordpress.org/ -> works HTTP proxy with TLS: - https://api.wordpress.org/ -> (probably? -- haven't tried) works - http://api.wordpress.org/ -> tries connecting to proxy without tls, fail. " flameeyes 1 41341 Theme update notification appearing multiple times Themes 4.9 normal normal Future Release defect (bug) new 2017-07-17T06:19:52Z 2021-01-15T12:57:11Z "So I went to my dashboard and there were 5-6 themes which were out of date. So I clicked on Update on all, and opened the model of one of the themes (see the picture if you're confused). And as the themes were getting updated, the update alert started to appear on the opened theme for all the themes. Looks like a bug to me." hardeepasrani 5 41349 Media Library insert from URL doesn't give a message when a URL fails check Media normal normal Awaiting Review defect (bug) new 2017-07-17T20:32:53Z 2020-12-03T18:39:48Z "There is a check to see if something is a valid URL. This is awesome, but it doesn't give a message when fails. This is a weird user experience as you are left wondering what happened. There is some strange behaviour, it sometimes has 'link text' vanishing, other times doesn't. It also can appear to flash as a block and then vanish. The logic of when the link text input shows or doesn't, seems a little confusing to work out. What would be better would be to have a message when it's not a correct URL and check for inconsistencies in the link text input showing. [[Image(https://cldup.com/bnlQYzjP04.gif)]]" karmatosed 3 41351 Searching for a category returns nothing if category is empty Menus normal normal Awaiting Review defect (bug) new 2017-07-17T21:53:56Z 2019-11-22T21:53:08Z "Hi, In the navigation menu creation page, when you are trying to add a category to the menu, if the category is empty, it won't show up in the search results. However, if the category itself is empty but has a child that is not empty, it will still be shown. I have a blog with over 500 categories, and I'm trying to add some of them to the menu but they have no posts yet. Navigating through category list is going to take time, and is also frustrating. Now I've tracked down the issue to `/wp-admin/includes/nav-menu.php`, ( starting at line 588 ) but can't find a filter or hook to do so. This line (109) seems to be responsible for doing the search: {{{ $terms = get_terms( $matches[2], array( 'name__like' => $query, 'number' => 10, )); }}} According to the documentations, this function accepts an argument for showing empty terms 'hide_empty' => false, but I can't see such option in this part of core's code. I've added this option to the core (temporarily) to see if it solves the issue, and it does. The other `get_term()` functions withing this template file mostly use `'hide_empty' => false` so I'm not sure either this one was overlooked or not, I tagged this as a bug though." jackjohansson 6 41352 Media library - applying image and date filter redirects to homepage Media 4.8 normal normal Awaiting Review defect (bug) new 2017-07-18T00:12:31Z 2017-09-17T06:43:48Z "When in the media library, select LIST view > select IMAGES in the 'All media items' dropdown, select a month from the dropdown and click FILTER. I am being redirected to the websites homepage rather than the filter results. 3 people have replicated this bug, I personally have replicated it across 3 of our Wordpress websites. I tried disabling media related plugins and it had no affect. " mikedtv 2 41353 Async upload breaks when there are special characters into file name dev-feedback Media 4.8 normal normal Awaiting Review defect (bug) new 2017-07-18T07:53:48Z 2017-07-19T14:48:50Z After crunching the image, thumbnail breaks for the image. bhargavbhandari90 5 41355 get_post_status filter is ignored in some cases Posts, Post Types 4.8 normal normal Awaiting Review defect (bug) new 2017-07-18T11:55:09Z 2017-07-18T11:55:09Z "Code: {{{#!php <?php add_filter( 'get_post_status', function( $post_status, $post ) { return 'private'; }, 10, 2 ); }}} What does not work: For unauthourized user posts still displayed in categories, ""Recent posts"", ""Recent comments"" and maybe somewhere else." zaycakitayca 41358 Shutdown hooks can significantly slow down REST API responses dev-feedback REST API normal normal Awaiting Review defect (bug) new 2017-07-18T16:36:56Z 2019-01-30T16:09:27Z "If you have a site with some slow, maybe deferred actions hooked into `shutdown`, these actions will slow the response from the REST API unnecessarily. To test, simply add the following then do a request to the WP Rest API: {{{#!php <?php add_action( 'shutdown', 'delay_shutdown' ); function delay_shutdown() { sleep( 3); } }}} The response will not be sent out until all of these shutdown hooks are completed. In our case, we found that some heavy sync functions ran on shutdown would cause our API calls to WooCommerce API timed out, when really the response could have been sent much earlier so these calls could run afterwards. This is semi-related to https://core.trac.wordpress.org/ticket/27122 in that the fix could be along those lines. This isn't a solution we feel should be merged into WooCommerce itself because it would be more consistent to have it in WP itself, but see https://github.com/woocommerce/woocommerce/pull/16158/files So on shutdown, it ends any sessions, uses `fastcgi_finish_request` if available, and falls back to flushing. The response is sent and received, and shutdown continues on in the background. The response is sent before the `sleep(3`) in this test case. This could be applied to just REST API requests, or everywhere, depending on everyones feedback. If REST API only, it may make sense to fire an action after the response is sent to avoid `shutdown` hook altogether. " mikejolley 9 41362 Make locate_template() filterable to change the template locations dev-feedback Themes 4.8 normal normal Awaiting Review enhancement new 2017-07-19T02:07:03Z 2019-10-04T20:58:40Z "Right now WordPress expects all templates to reside in the root of your theme directory. We have all come across a theme with dozens of templates and well, that can get messy. With 6 lines of code we can easily, and vastly enhance the templating system. This would provide a number of benefits: 1) This would allow developers to logical group functionally similar files / separates functional dissimilar files 2) It allows the root of the theme directory to be cleaned up and used for ""resources"" such as the functions.php and style.css files 3) By having the ability to pick and choose which templates go where, we can turn WordPress into an MVC application framework (personally what I use this technique for) 4) Related - this plays really nice with Timber 5) This lays the groundwork for future enhancements which I also use and plan to introduce shortly = Examples = == Moving all templates with the {{{""templates_path""}}} filter == Say I wanted to move all my templates into a directory named ""templates"" because as mentioned, this theme I inherited has dozens of templates, maybe one for each page. A good start would be to just move all the templates into a directory named ""templates"": {{{#!php <?php function move_templates($path){ return 'templates'; } add_filter('templates_path', 'move_templates'); }}} This filter would move ALL templates to the ""templates"" directory (and has the added effect of also moving the location of the header, footer ect ect files as well) . So now the root of our theme is nice and clean: {{{ /twentyseventeen/ |-- /assets/ |-- /inc/ |-- /templates/ |-- functions.php |-- index.php |-- README.txt |-- rtl.css |-- screenshot.png |-- style.css }}} Now obviously just moving dozens of templates into a different directory just moves the mess out of site, but that directory is still a mess and just a stew of unrelated templates. == Group related templates together with the {{{""{$type}_templates_path""}}} filter == To clean things up even more. Imagine if 10 of these templates were all children of the page ""team"". You could group them all together into a subdirectory of ""templates"" called ""team"" like so: {{{#!php <?php function move_team_pages($path = '', $type = null){ $parent = get_page_by_title( 'team' ); $parent_id = $parent->ID; $obj = get_queried_object(); if($obj->post_parent == $parent_id) $path = rtrim($path, '/') . '/' . 'team'; return $path; } add_filter('page_templates_path', 'move_team_pages'); }}} Now your theme might look something like: {{{ /twentyseventeen/ |-- /assets/ |-- /inc/ |-- /templates/ |-- index.php |-- single.php |-- /team/ |-- page-mortimer.php |-- page-biff.php }}} As we see, the two filters can (and perhaps should) be used together, but can also be used alone. == Timber == As mentioned before, I use something like this on every project. I generally put all my templates into a directory called ""controllers"" and my twig files (if using Timber) into a directory called ""views"" so I have something akin to an MVC application. My functions file sets Timber to look for twig files in a directory called ""views"" which is right inside the theme directory (next to ""templates""): {{{ $timber = new \Timber\Timber(); Timber::$dirname = array('views'); }}} so my {{{ templates/index.php}}} could set up my Timber context and pass it all the way to the {{{ index.twig }}} file in the ""views"" directory: {{{ $context = Timber::get_context(); $context['posts'] = Timber::get_posts(); Timber::render('index.twig', $context); }}} " kylejennings83 9 41372 when no any media. at that time this section is not usable. so Please hide when no any media. Media normal major Awaiting Review defect (bug) reopened 2017-07-20T07:57:16Z 2017-11-06T06:02:03Z When no any media at that time this section is not usable. So please hide when no any media. rushabh4486 1 41387 Avoid 403's from AJAX requests from postbox.js reporter-feedback Administration normal normal Awaiting Review defect (bug) new 2017-07-20T15:34:23Z 2021-07-24T20:24:11Z "While making some improvements to a plugin's admin pages I changed the HTML in my meta boxes to be more inline with WordPress core. I then noticed that I was getting 403's from the closed-postboxes AJAX request each time I toggled the display of the postbox. Since I don't have a requirement for the open/closed state of my postboxes to persist I don't need the AJAX requests. Consequently I don't have a #closedpostboxesnonce. So, to avoid the 403's I changed postbox.js to not perform the AJAX request if the nonce isn't set. " bobbingwide 3 41388 Insert Media window does not remember state for custom tabs, iframe bug General 4.8 normal critical Awaiting Review defect (bug) new 2017-07-20T16:13:27Z 2018-08-14T12:33:54Z "Hi! I use Edd plugin (easy digital downloads) and Amazon S3 plugin (https://easydigitaldownloads.com/downloads/amazon-s3/). After WordPress update to 4.8, I have encounted problem with filling my downloadable files. I upload them via cyberduck and then create 5 instances of “add new price” – push “upload to file”, then – “Amazon S3 Library”. Before update I had to do so for first price – but next 4 prices pulled the path from the previous price – that was much easier and time-saving. Now – I need to enter whole path each time for each price. When I rollback to wordpress 4.7.5 – problem gone. Here is video that will describe my problem more clear – https://www.youtube.com/watch?v=GeaJrLYtMZI&authuser=0 I asked for help EDD team, but they say “'''''Unfortunately that issue is caused by a change in WordPress itself so is not something we can affect, sorry. It’s possible it was an accidental change with WordPress that will be resolved in a new update by the core WordPress team'''''.”" angel8888 8 41391 Links to media in password protected pages Security 4.7.5 normal normal Awaiting Review defect (bug) new 2017-07-20T21:38:59Z 2017-07-24T09:06:28Z "I was able to see a google search and view a pdf that was housed on a password protected page. This was one of 2 pages I found: http://www.mspcommercial.net/wp-content/uploads/2012/07/4-tessar-14.pdf. Please confirm that the other PDFs we have stored on pages that are set up the exact same way are safe. Thank you. Samantha Doffing" sdoffing 1 41403 "Support ""class"" and ""id"" attributes on wp_oembed_get()" close Embeds normal normal Future Release defect (bug) new 2017-07-21T19:58:48Z 2020-09-22T13:52:43Z "The oembed function `wp_oembed_get( $url, $args )` allows us to set additional arguments for retrieving embed HTML. The problem is that currently the function supports two arguments, only `width` and `height`. In some cases developers need more flexibility, to set other HTML attributes like `id`, `class` and maybe even `title` (for better accessibility). ---- I was trying to thinking of an example and I think that the simplest example would be [https://v4-alpha.getbootstrap.com/utilities/responsive-helpers/ bootstrap responsive embeds]. {{{ <div class=""embed-responsive embed-responsive-21by9""> <iframe class=""embed-responsive-item"" src=""https://...""></iframe> </div> }}} Currently you can't set custom classes in iframe with the attributes: {{{ wp_oembed_get( 'https://...', array( 'class' => 'embed-responsive-item' ) ); }}} " ramiy 3 41409 No point in storing empty EXIF/IPTC data on post meta table Media 4.9 normal normal Awaiting Review enhancement new 2017-07-22T15:37:02Z 2019-01-31T21:49:00Z "- Post meta tables are bloated with often not used EXIF/IPTC data for each image attachments. - `wp_read_image_metadata()` generates `aperture`, `credit`, `camera`, `caption`, `created_timestamp`, `copyright`, `focal_length`, `iso`, `shutter_speed`, `title`, `orientation`, `keywords`. and the data often stored as empty key/value pairs on each attachment metadata. - I see no problem on filling default/empty values upon retrieving the data. - and mentioning the core currently has no way of using ''stored'' `image_meta`." geminorum 1 41422 Need replace_filter() function for improved Just In Time filter adjusment Formatting 4.9 normal normal Awaiting Review enhancement new 2017-07-24T09:42:10Z 2017-08-03T15:59:07Z "In the new solution for text widgets there is some Just In Time code that adjusts the attached filter functions. The logic finds the priority before removing the filter function then re-instates the filter with the same priority. This logic assumes that the sequence in which the filter functions have been attached with the same priority are performed doesn't matter. If this is not the case then the order change could affect processing where the filter is shared but invoked for different purposes. e.g. the 'widget_text' filter for Text widget and Custom HTML widget The logic could be improved by implementing a new suite of filter functions including replace_filter(), restore_filter(), disable_filter() and a dummy filter function disabled_filter(). Instead of calling remove_filter() and add_filter() we'd use disable_filter() and restore_filter() disable_filter() is simply replace_filter() using the disabled_filter() function. Example: Filters attached at priority 10 have been set to do_shortcode and balanceTags. With the current logic after JIT replacement the attached filters would have become balanceTags then do_shortcode. Using disable_filter() and restore_filter() the attached filters at priority 10 would be unchanged. " bobbingwide 6 41424 "Use a better error message than ""Error establishing a database connection"" when site isn't found" needs-unit-tests Database 4.9 normal normal Future Release enhancement new 2017-07-24T14:24:44Z 2017-11-22T08:58:59Z "In multisite, if this query returns no results, the database connection error is triggered: SELECT blog_id FROM wp_blogs WHERE domain IN ( 'example.com' ) AND path IN ( '/' ) ORDER BY blog_id ASC LIMIT 1 I think the error should not mention database connection but allude to the fact that the site was not found. For my use case, I had migrated a production database into QA and didn't update the domain to be qa.example.com so the connection failed. I hope this is helpful. I'm not sure I know what the exact solution is but I thought the connection attempt had failed, when in fact the connection had been made but the data was not as expected. Also, the failure was not found in debug.log." tthorp 4 41425 Killing phpunit may result in a broken database has-patch Build/Test Tools 4.9 normal normal Awaiting Review enhancement new 2017-07-24T15:50:00Z 2018-06-13T20:03:59Z "While running phpunit for wordpress-develop under Windows I hit ctrl-break during the Install processing. The next time I ran phpunit it didn't work. === Actual output === ""Error establishing a database connection"" <p>One or more database tables are unavailable. The database may need to be <a href=""maint/repair.php?referrer=is_blog_installed"">repaired</a>.</p></body> === Expected output === The install routine should drop and recreate the tables during Install === Explanation === The process was killed after the wp_options table was dropped but before wp_install() had completed. === Workaround === Either change $table_prefix in wp-tests-config.php or drop all the other tables that are missing and re-run. " bobbingwide 4 41442 Show nearby events in dashboard events widget in a per country basis Administration 4.8 normal normal Awaiting Review enhancement new 2017-07-25T18:51:10Z 2018-04-25T12:52:15Z "Hi! I've noticed that the new events dashboard widget don't show all WordCamps in a country basis. It shows only that ones nearby in kilometres, 400 kms as seen in code (https://meta.trac.wordpress.org/browser/sites/trunk/api.wordpress.org/public_html/events/1.0/index.php?rev=5559&marks=707,708#L703). That way, i.e., for an Spanish WordPress user from Madrid (in the geographical center of the Country) it going to be impossible to know about WordCamps in Chiclana (Cádiz) or others far away from that 400 kms standard, and totally impossible for anybody to know about a WordCamp in Las Palmas (Canary Islands), and impossible for anyone that lives in Canary Islands to know about continent WordCamps. It could be possible to extend/change the range to a country basis (best) or more kilometres?" fernandot 8 41443 Update /wp-admin/network/site-new.php to use wpmu_validate_blog_signup() Networks and Sites 4.8 normal normal Awaiting Review enhancement new 2017-07-25T21:29:37Z 2017-09-27T06:04:28Z Is there a good reason that /wp-admin/network/site-new.php uses it's own hard-coded blogname validation rules? Shouldn't it just call wpmu_validate_blog_signup() for DRY as well as a consistent / universal application of filters across all new site names? It seems crazy to have two different sets of validation for the same thing. And as multisite plugin developers we see network admins confused by the different behavior of site-new.php and sites created through plugins which use wpmu_validate_blog_signup(). neversettle 3 41445 post_parent can prevent media from embedding correctly adamsilverstein needs-unit-tests Media 4.9.4 normal normal Future Release defect (bug) reopened 2017-07-26T06:29:28Z 2024-01-26T07:46:47Z "If media is uploaded for a post, then used as a featured image on another post, and the original parent is not accessible via the REST API (e.g. because it's in the trash, not published etc), then it cannot be embedded on the post that ''is'' accessible. To reproduce * make a new post with a featured image * trash the post * make a new post, using the first image as the featured image * request the second post over the rest API with media embedding enabled The media will not be embedded, instead a forbidden result will be embedded error {{{#!json { ""wp:featuredmedia"":[ { ""code"":""rest_forbidden"", ""message"":""You don't have permission to do this."", ""data"":{ ""status"":403 } } ] } }}} See https://github.com/WP-API/WP-API/issues/2596 for the original issue. Also related is https://core.trac.wordpress.org/ticket/30691. " loboyle 67 41446 The PHP notice displayed after the overwriting global $posts by a new empty query. Query 4.8 normal normal Awaiting Review defect (bug) new 2017-07-26T07:57:45Z 2020-08-25T12:46:57Z "'''Tested in WordPress 4.8, twentyseventeen theme with default configuration (just installed).''' After the overwriting a global variable {{{$posts}}} by a new {{{get_posts()}}} query (which return an empty array (no posts)) there is a PHP notice displayed: {{{ Notice: Undefined offset: 0 in /.../wp-includes/class-wp-query.php on line 3162 }}} The overwriting is not a best choice, but some themes and plugins do it, so we should solve this problem. The problem is in {{{WP_Query}}} class in {{{rewind_posts()}}} method in {{{wp-includes/class-wp-query.php}}} file. '''The original method:''' {{{#!php <?php public function rewind_posts() { $this->current_post = -1; if ( $this->post_count > 0 ) { $this->post = $this->posts[0]; } } }}} '''The problem:''' the global query has at least one posts, but a new query has not. So the {{{$this->post_count}}} property is always positive, but the {{{$this->posts[0]}}} is not exists. In this step, the PHP notice is displayed. '''An example of solution:''' {{{#!php <?php public function rewind_posts() { $this->current_post = -1; if ( $this->post_count > 0 && isset( $this->posts[0] ) ) { $this->post = $this->posts[0]; } } }}} Right now the method checks that the query has posts and the first post is set and is not null." danielpietrasik 2 41448 Contributors shouldn't be able to change the date of their drafts needs-unit-tests Posts, Post Types 2.7 low normal Future Release defect (bug) new 2017-07-26T12:33:48Z 2017-08-04T13:24:10Z "(I'm guessing that) contributors shouldn't be able to change a post's publication date—that's why the ''Publish'' box doesn't include the date when logged in as a contributor in the first place. However, if a contributor quick edits a post in the ''All Posts'' screen, they'll be able to change the post's date. We should remove the date field from the ''Quick Edit'' form. Or, alternatively, we should allow contributors to edit this date while they're editing a post. Either way, both screens should be consistent." davilera 2 41451 Use pretty permalinks by default in the test suite needs-unit-tests Build/Test Tools normal normal Awaiting Review enhancement new 2017-07-26T21:16:09Z 2018-10-19T11:13:58Z "There are 118 instances of `$this->set_permalink_structure( ... )` in the test suite. The majority of these calls are present simply to enable pretty permalinks, regardless of the permastructure for posts. Pretty permalinks should be enabled by default for the test suite. Let's try it and see if anything breaks." johnbillion 6 41458 Class gets stripped out when inserting a link in author biography box Formatting 3.5 normal normal Awaiting Review enhancement new 2017-07-27T16:44:55Z 2017-07-30T16:11:39Z "Class gets stripped out when inserting a link in author biography box For example <a href=""#"" class=""test"">My link</a> becomes <a href=""#"" >My link</a>" neodjandre 1 41459 Introduce a REST API endpoint for networks / network options has-patch REST API normal normal Future Release task (blessed) new 2017-07-27T16:55:56Z 2020-04-03T04:51:03Z "Similar to sites in #40365, there should be a networks endpoint as part of the REST API. Through recent multisite discussions, we have come to the conclusion that, while multi-network should never be part of core, there should be basic and unopinionated APIs present that can be used by whoever wants to implement it. A basic networks API in these terms implies that it's a simple CRUD API for the `wp_site` database table. #29411 will introduce the internal core functions that this endpoint will be able to use. The endpoint should be able to do the following: * List networks: `GET wp/v2/networks/` * Retrieve a network: `GET wp/v2/networks/<id>` * Create a network: `POST wp/v2/networks/` * Update a network: `PUT wp/v2/networks/<id>` * Delete a network: `DELETE wp/v2/networks/<id>` Once the changes in #25344 is in place, a network meta endpoint should be created as well. For now this will be part of this ticket too. Note that this ticket is an early one and will lay around for a while. The other non-network-related roadmap items have a higher priority." flixos90 6 41462 Promote media details admin page to full post page Media 4.9 normal normal Future Release enhancement new 2017-07-27T17:43:26Z 2023-10-18T16:01:34Z "Currently when editing media metadata, you either get the modern library modal with the image on the left and various fields on the right. When you click ""Edit more details"" you get a blast from the past with an old-school version of WordPress admin where everything looks uninspired and, for new users, broken. Based on user feedback it turns out some site owners use the Attachment Page feature to provide contextual info, commenting, etc for media items. One example was a teacher who uploaded student images to a gallery, then had each image link to the attachment page where further information and images were provided in the ""description"" field (so the post content) and parents could leave comments. Since media items in reality are full fledged posts with their own post content, the media details admin view should be upgraded to a full post page with proper WYSIWYG editing for the Description field, custom fields, and ability to control things like commenting. This would also be an ideal place to visualize in what posts a media item is in use across the site." mor10 2 41463 Improve REST API tests that don't perform any assertions johnbillion* needs-unit-tests REST API 4.7 normal normal Future Release enhancement accepted 2017-07-27T18:02:35Z 2022-09-01T22:54:20Z "There are a bunch of REST API tests that don't perform any assertions. This creates noise in the test results as they get marked as risky tests. These tests are present because their test class extends the abstract `WP_Test_REST_Controller_Testcase` class, which requires several methods to be implemented which don't make sense for all REST API routes. These tests can be improved so they do actually perform assertions related to their behaviour." johnbillion 8 41468 "Provide contextual info about what ""attached"" and ""detached"" means regarding media objects" Media normal normal Awaiting Review defect (bug) new 2017-07-27T22:10:56Z 2017-07-30T14:25:03Z "From user testing: ""I have no idea what it means when it says an image is 'Attached' to a post. Does it mean the image is in the post? Does it mean if I 'Detach' the image from the post it will go away from the post? I'm worried a client might 'Detach' an image from a post to remove it, or 'Attach' an image to add it. What is this for? How can an image be 'Unattached' to the post it is displayed in anyway?""" mor10 1 41469 test_charset_switched_to_utf8() is not tested on Travis CI Database 4.7.1 normal normal Awaiting Review defect (bug) new 2017-07-28T00:26:11Z 2017-07-28T02:09:13Z "The `Tests_DB::test_charset_switched_to_utf8()` test (introduced in #37982) is skipped on Travis, because the test gets skipped when the environment's database driver supports utf8mb4. This makes the test useless. What sort of environment does not support utf8mb4? Presumably an older MySQL version. We should look into adding a build to Travis with a specific environment that allows this test to run. Related: #30462" johnbillion 1 41471 Page dropdown walker must check selected against value field needs-unit-tests Posts, Post Types 4.9 normal normal Future Release defect (bug) new 2017-07-28T03:36:18Z 2019-02-20T21:18:08Z `Walker_PageDropdown` only checks `selected` with the page `ID` and ignores `value_field` option. geminorum 1 41493 Allow users to add widget to multiple widget areas from Widgets Area Chooser audrasjb* Widgets 4.8 normal normal Future Release enhancement accepted 2017-07-31T13:01:42Z 2019-01-17T19:44:33Z "Allow users to add widget to multiple widget areas from Widgets Area Chooser by selecting multiple widget areas pressing Shift or CTRL key. " vinod dalvi 1 41502 _wp_expand_nav_menu_post_data() corrupts multiple select (array value) has-patch Menus 4.9 normal normal Awaiting Review defect (bug) new 2017-08-01T04:01:03Z 2017-12-13T23:29:49Z "Hi guys. Elliot here - ACF developer. I've recently added custom fields to the WP menu and WP menu item forms. In doing so, i have discovered that the `_wp_expand_nav_menu_post_data()` function (called in wp-admin/nav-menus.php on line 56) is corrupting some array $_POST values. The issue is caused with inputs using a name like so: `my_field[]` `my_field[]` Please note that there is no issue when a key is defined like so: `my_field[0]` `my_field[1]` There are many cases where a developer would not define the 'keys' of an 'array type' input name. Think of a multiple select element. The element accepts only one name attribute and it must be defined like so `my_field[]`. - Also, checkbox / radio fields are commonly rendered using the same naming style. Is it possible to request some extra logic within the `_wp_expand_nav_menu_post_data()` function that allows for this? I suspect the issue is caused on line 1125 of the 'wp-admin/includes/nav-menu.php' file where the $_POST value is modified: `$new_post_data[ $array_bits[ $i ] ] = wp_slash( $post_input_data->value );` Thanks Elliot" elliotcondon 5 41511 Attachment page URL not created correctly for image uploaded directly to library before being added to post Editor 4.8 normal normal Awaiting Review defect (bug) new 2017-08-01T10:11:55Z 2018-03-22T20:36:13Z "=== To replicate: === 1. Visit Media ->Add New and upload a media file 2. Visit Posts ->Add New 3. Click Add Media 3. Select the media file previously uploaded and set Link To setting to Attachment Page 4. Publish the post 5. View post and click on image === What I expected: === To be taken to the attachment page for the image === What happened instead: === I got a Page not found error. Additionally the URL is formed as `http://SITE_URL/FILE_SLUG/` which is not the correct format for media attachment pages. I went back to the editor, clicked the image and clicked the edit icon. The Link To setting now shows that I have a Custom URL set instead of Attachment Page. Updating the setting to attachment page again changes the URL to `http://SITE_URL/YEAR/MONTH/POST_SLUG/FILE_SLUG/` If I now update the post, I can click the image to view the attachment page. === Context: === Reported via the [http://en.forums.wordpress.com/topic/problems-with-images-and-attachment-page-custom-url-settings WordPress.com support forums], but I've confirmed it on a non-WordPress.com site as well." kokkieh 1 41516 PNG Image Saturation Loss on Resize Media 4.8 normal normal Awaiting Review defect (bug) new 2017-08-01T16:08:23Z 2017-08-04T04:16:39Z "I work with PNG images made with grey colors. And the colors change because of wordpres, not the original image, but all the new sizes. By default make the colors much darker but sometimes, also is weird: [[Image(http://i.imgur.com/L3Sk1Rg.png)]] Left and right are the same image. Some times handle even different for the same K=70 color. ( I export with Adobe illustrator to sRGB )" colomet 3 41520 Disable deprecated functions dev-feedback Bootstrap/Load normal normal Awaiting Review enhancement new 2017-08-01T20:16:06Z 2020-04-20T09:13:07Z In bootstrap process, deprecated.php, pluggable-deprecated.php and ms-deprecated.php are includes. These files include all the deprecated functions in core. This is done for compatibility reasons, however there are many setups that do not requires these functions as they are not using any of these functions. These files inline over 4500 lines of code ( 3881 + 208 + 518 ). There should be an option to disable them. spacedmonkey 9 41522 wp_set_password() doesn't trigger a changed password notification dev-feedback Users normal normal Awaiting Review defect (bug) new 2017-08-01T20:30:59Z 2017-08-02T13:53:31Z "If {{{wp_update_user()}}} is used to update a user's password, a notification is sent to the user telling them their password has changed. However, the same doesn't happen if {{{wp_set_password()}}} is used to update a user's password." henry.wright 2 41535 Prevent or warn about offline status before submitting a form has-patch Administration normal normal Awaiting Review feature request new 2017-08-02T15:09:27Z 2019-02-19T21:40:41Z "For browsers that support it, the `navigator.online` property reliably indicates that the browser is offline (the inverse isn't true, but it doesn't matter). Prior to submission of a form in the admin area (for example the post editing screen form), WordPress should check the value of `navigator.online` and present a prompt to the user stating that they appear to be offline. They can close the prompt or, optionally, ignore it and continue with the form submission. This functionality would help prevent data loss when a user submits a form while they don't have an internet connection." johnbillion 9 41544 $id_or_email parameter in get_avatar filter needs to be more concrete dev-feedback Users normal normal Awaiting Review enhancement new 2017-08-03T10:16:03Z 2017-10-14T14:06:35Z "In the {{{get_avatar}}} and {{{pre_get_avatar}}} filters there is a parameter {{{$id_or_email}}} which documented as: > The Gravatar to retrieve. Accepts a user_id, gravatar md5 hash, user email, WP_User object, WP_Post object, or WP_Comment object. There might be anything, but how to get user from it? So, in filter callback function, developer have to check all of these types to determine the actual user identifier. Like here https://core.trac.wordpress.org/browser/tags/4.8.1/src/wp-includes/link-template.php?rev=41211#L3923-L3965 Would be much more better to have more concrete value type in {{{$id_or_email}}} parameter (for example user ID) passed to {{{get_avatar}}} and {{{pre_get_avatar}}} filters. Really. " dikiy_forester 8 41546 WP Query order by meta_clause not working correctly for decimal values Query 4.2 normal normal Awaiting Review defect (bug) new 2017-08-03T13:06:36Z 2017-08-05T07:13:01Z "Short description: When using the WP 4.2 improvements for meta queries (as described here: https://make.wordpress.org/core/2015/03/30/query-improvements-in-wp-4-2-orderby-and-meta_query/) and trying to order the query by a decimal custom field, wordpress orders as if these fields are all integer and incorrectly handles all decimal values such as 1.5, 1.6 and 1.7 (all of these are seen as 1). In detail: {{{ WP_QUERY_ARGS Array ( [ignore_sticky_posts] => 1 [post_status] => publish [offset] => 0 [post_type] => Array ( [0] => post ) [orderby] => Array ( [cf_clause_1] => DESC [ID] => ASC ) [meta_query] => Array ( [cf_clause_1] => Array ( [key] => my_decimal_custom_field [type] => DECIMAL [compare] => EXISTS ) ) [posts_per_page] => 10 [nopaging] => ) }}} 5 Test posts: Post 1 - my_decimal_custom_field = 1 Post 2 - my_decimal_custom_field = 2 Post 3 - my_decimal_custom_field = 2.2 Post 4 - my_decimal_custom_field = 2.6 Post 5 - my_decimal_custom_field = 3 Using the query above results in the order: 1,3,4,2,5 When it should be 1,2,3,4,5. Trying out different order types as described in the WP Codex does not help." LordSpackolatius 2 41554 REST API: Use `wp.apiRequest` helper to build URLs for media embed requests has-patch REST API normal normal Awaiting Review enhancement new 2017-08-03T17:41:04Z 2019-09-25T19:12:51Z "Follow-up to #40919. Let's explore getting rid of the `oEmbedProxyUrl` [https://github.com/WordPress/wordpress-develop/blob/1c28b4a/src/wp-includes/media.php#L3449 property] used to pass a REST API URL down to `wp-admin` code that calls out to this endpoint ([https://github.com/WordPress/wordpress-develop/blob/1c28b4a/src/wp-includes/js/media/views/embed/link.js#L56 example]). We can use the helper library introduced in #40919 instead: {{{#!js wp.apiRequest( { namespace: 'oembed/1.0', path: '/proxy', // ... } ); }}} This helper will allow us to eliminate all `rest_url` calls passed to client code through script localization. This will eventually lead to a lot of duplication, but it seems like it should be very clear from the requesting code which API endpoint is being called." jnylen0 2 41558 create a (reusable) wp_default_admin_scripts Administration 2.6 normal normal Awaiting Review enhancement new 2017-08-03T23:53:48Z 2022-06-29T02:24:54Z "I had to create an admin-like form in the frontend, for guests submitting content. I needed to provide {{{meta/post-box}}}, {{{autocompletion}}} and needed {{{media-views}}}, {{{wp-color-picker}}}, ... I thought {{{wp_enqueue_script()}}} would do the trick... until I discovered the {{{ if(is_admin()) }}} inside {{{wp_default_scripts()}}}. I had no other choice than copy/pasting ~210 WP LoC in my own PHP files Is there a really good reason for reserving all that cool client-side stuff to admin dashboard only? plugin/themes developers may want to load and use it for good and having all that libs already registered by core is useful. I suggest: 1. moving all the admin-oriented script into {{{wp_default_admin_scripts()}}} which should be reusable (even if non-admin), and run it if (is_admin). 2. moving all the {{{localize()}}} corresponding to these admin scripts into another {{{wp_default_admin_scripts_settings()}}} function somehow wrapped by {{{if(! is_admin())}}} 3. Document how to correctly bootstrap the dashboard in the frontend and a couple of common gotchas of these scripts (like that ajax-dashboard-pingback feature forcefully pulled as JS-dependencies and which can't be stopped, ...) " drzraf 3 41564 Search for hyphenated post templates for post types with underscores dev-feedback Posts, Post Types normal normal Awaiting Review feature request new 2017-08-04T17:16:29Z 2017-08-13T15:54:10Z "Custom post type names adhere to the rules within sanitize_key() (lowercase alphanumeric characters, dashes, and underscores). This means registering a post type `some_post_type` is perfectly fine. The archive and single templates would be be `archive-some_post_type.php` and `single-some_post_type.php`. These file names do not adhere to the core standard for file names. Files should be named descriptively using lowercase letters. Hyphens should separate words. Searching for `archive-some-post-type.php` in addition to `archive_some_post_type.php` would allow this standard to be followed better." desrosj 3 41573 Editor and Quick Edit display the slug of a page selected as static front page Posts, Post Types 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-06T16:52:02Z 2017-08-06T17:22:26Z "Dear Happy Engineers of WP! I'm writing about a possible WP BUG after consulting the issue with 'AThemes Support' that tells me there is this possibility... The issue is about a SLUG that can not be cancelled in a ""Homepage"" (it has been a normal page before choosing it as Static Frontpage...) But please, in order to don't repeat the conversation of the issue, I beg you to read it in the following link where is more clear... https://wordpress.org/support/topic/slug-homepage-static-page-seo-front-page-wp/ Thank you a lot! " cekar 41577 Fix Notice fixing Canonical 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-07T00:09:12Z 2021-03-19T11:53:15Z "The file wp-includes/canonical.php produces Notices for undefined indexes when a requested uri has no path or query. The attached patch sets the indexes to empty strings. #6977 (which was not used) had a different approach. The currently used ""Notice fixing"" approach does not fix up $original which is used afterwards. " glehner 3 41578 Assure that $_SERVER['PATH_INFO'] is available Bootstrap/Load 4.8.1 normal normal Awaiting Review enhancement new 2017-08-07T00:27:14Z 2017-08-10T06:19:40Z "I use the [http://www.fefe.de/gatling/ gatling] web server on one of my servers (low ressorce consumption). gatling will not set the PATH_INFO environment variable if no path info is available which causes the home page of WP to enter an endless redirect loop. I managed to fix this by setting {{{$_SERVER['PATH_INFO']}}} to the empty string in an unhandled condition in wp-includes/load.php. " glehner 3 41580 Review the usage of the `::-moz-focus-inner` CSS fix for the buttons extra padding in Firefox viktorfroberg has-patch Administration normal normal Awaiting Review enhancement assigned 2017-08-07T14:55:54Z 2022-07-04T11:31:32Z "For a number of years, Firefox used to set some extra padding on the buttons (or inputs of type button/submit/reset). To address this, WordPress uses a known fix targeting the proprietary Firefox pseudo element `::-moz-focus-inner`. Seems something has changed recently and starting with Firefox 53, FF doesn't apply the extra padding any longer. I ''think'' the relevant Bugzilla ticket Firefox 53 release notes, though. Testing a bit on Windows, in the screenshot below: - on the left, Firefox 48: buttons without and with the CSS fix: there's a clear size difference - on the right: Firefox 54: buttons without and with the CSS fix: no size difference [[Image(https://cldup.com/7AkzV22mi3.png)]] Codepen available here: https://codepen.io/afercia/full/Gvrzwz/ Seems these rules used across the admin stylesheets could be simplified a bit. The only part that needs to stay is `border-width: 0;` or, maybe better, `border: 0;` which is necessary on Windows to remove the dotted line on :focus: [[Image(https://cldup.com/aynypgSW6Y.png)]] This could be also a good opportunity for some clean-up. For example, seems to me in `press-this.css` there are two identical rules. " afercia 3 41581 Cleared Comments stuck in moderation Comments 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-07T18:32:40Z 2018-08-31T23:57:30Z "I am the third person to report this issue, since it was first reported in June on the [https://en.forums.wordpress.com/topic/comments-stuck-in-moderation-queue-even-though-akismet-cleared-this-comment?replies=44 Dot Com Forum]. A Staff Member responded to the ticket, at the time, and stated that they would be filing a Bug Report, but we have not heard back. A third user reported the issue on the [https://wordpress.org/support/topic/comments-held-in-moderation-even-after-previously-approved-comment/#post-9388458 Dot Org Forum] 2 months and 2 weeks ago. Not all cleared users are getting their comments bumped into moderation. This is the case for all three of us. The only plugin the other dot org user and I have in common is the Akismet plugin and I disabled that to confirm that it didn't fix the problem. Please advise." fb2ts 3 41583 Menus Administration screen, menu items are always loaded even when not needed dev-feedback Menus 4.8.1 normal normal Awaiting Review enhancement new 2017-08-07T22:04:44Z 2017-10-10T01:39:18Z On the Menus Administration screen menu items are always loaded. For performance, menu items should only be loaded when editing an existing menu and not on the locations tabs or when adding a new menu item. I've attached a patch that fixes this. webgeekconsulting 1 41594 Edit tag form limited to 800px width has-patch Taxonomy 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-09T15:27:23Z 2021-04-06T06:20:52Z "In taxonomy edit page the form width is limited to 800px by css. Many space was lost on large screens. The bug seam come from wp-admin/css/edit.css at line 1095 and appear since WP 4.8.1 (work correctly on previous version) [[Image()]]" fabienlege 3 41597 Language pack download requires too broad file system permissions Upgrade/Install 4.9 normal normal Awaiting Review enhancement new 2017-08-09T17:27:54Z 2017-08-11T06:28:34Z "Language packs are installed into `wp-content/languages` directory. The problem is, even if the directory exists, and WordPress is allowed to create files there, it is still required to: * for WordPress to have permissions in the `wp-content` directory. This is because `$upgrader->fs_connect()` is called with an array of two directories – `WP_CONTENT_DIR` and `WP_LANG_DIR`, and `fs_connect()` only checks the permissions to the first one. * for WordPress to have the exact file owner for the `wp-content` directory. Cause - `wp_can_install_language_pack()` calls `fs_connect()` wihout `$allow_relaxed_file_ownership` I think languages, downloaded from a known source, should not require such a draconian measures. Instead, WordPress should successfully download and install languages if it can write to `wp-content/languages` directory (and not require ownership permissions for either `wp-content` or `wp-content/languages`." kpumuk 2 41601 wp_update_user creates an error Users 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-10T11:16:39Z 2017-08-11T11:05:41Z "See my code below. When I use wp_upadte_user within the hook ""after_setup_theme"", it throws an error: {{{ [Thu Aug 10 13:08:45.503396 2017] [proxy_fcgi:error] [pid 9452] [client 10.130.52.246:56561] AH01071: Got error 'PHP message: WordPress-Datenbank-Fehler You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE user_id = 6 AND blog_id = 1' at line 1 f\xc3\xbcr Abfrage '''SELECT COUNT(id) FROM WHERE user_id = 6 AND blog_id = 1''' von require('wp-blog-header.php'), require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('after_setup_theme'), WP_Hook->do_action, WP_Hook->apply_filters, ad_sso_login, wp_update_user, wp_insert_user, do_action('profile_update'), WP_Hook->do_action, WP_Hook->apply_filters, bp_blogs_add_user_to_blog, bp_blogs_record_blog, BP_Blogs_Blog->save, BP_Blogs_Blog->exists\nPHP message: WordPress-Datenbank-Fehler You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '( user_id, blog_id ) VALUES ( 6, 1 )' at line 1 f\xc3\xbcr Abfrage INSERT INTO ( user_id, blog_id ) VALUES ( 6, 1 ) von require('wp-blog-header.php'), require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('after_setup_theme'), WP_Hook->do_action, WP_Hook->apply_filters, ad_sso_login, wp_update_user, wp_insert_user, do_action('profile_update'), WP_Hook->do_action, WP_Hook->apply_filters, bp_blogs_add_user_to_blog, bp_blogs_record_blog, BP_Blogs_Blog->save\n', referer: http://intranetdev.rehau.org/ }}} The sql functions being executed by this functions are missing the database table name. Here is the code I am using inside the functions.php from my plugin: {{{#!php <?php add_action('after_setup_theme', 'ad_sso_login'); function ad_sso_login () { $user_id = 6; $website = 'http://wordpress.org'; $user_id = wp_update_user( array( 'ID' => $user_id, 'user_url' => $website ) ); if ( is_wp_error( $user_id ) ) { echo ""There was an error, probably that user doesn't exist.""; } else { echo ""Success!""; } } }}} " iamklaus 4 41604 REST API: Attempting to create or update a non-existent setting doesn't return an error response Options, Meta APIs normal normal Awaiting Review defect (bug) new 2017-08-10T16:35:44Z 2017-08-10T16:37:07Z "Attempting to create a new setting via a POST request to `/wp/v2/settings` returns a 200 response, despite the request having been invalid. The same goes for attempting to update a non-existent setting with a PUT request. I would have expected maybe a 400 from such requests. The internal logic in `WP_REST_Settings_Controller` routes the request through the `update_item()` method, treats it as a setting update, and silently ignores the problem. " johnbillion 1 41608 Post files using cURL HTTP API 4.6 normal normal Awaiting Review defect (bug) new 2017-08-11T06:58:35Z 2017-08-11T09:23:40Z "It's impossible to post files by http using cURL via the WordPress API. If you look at the code in the ''setup_handle'' method in ''Requests_Transport_cURL'' class found in the ''/wp-includes/Requests/Transport/cURL.php'' file, you'll see that the POST data is always converted to a string using the PHP ''http_build_query'' function. However, according to the PHP manual at [http://www.php.net/manual/en/function.curl-setopt.php], the value passed to CURLOPT_POSTFIELDS must be an array if files are passed to this option. " codealfa 3 41616 REST API: Expose old slugs needs-unit-tests REST API 4.8.1 normal normal Future Release enhancement new 2017-08-12T05:32:45Z 2021-10-08T10:20:07Z "Expose the old slugs for all posts including custom post types in the REST API. For example, when building a React-powered app using the WordPress REST API the old slugs are required so that users can be automatically redirected if they clicked on an old link. To expose the old slugs I created a small plugin (see below): {{{#!php <?php add_action( 'rest_api_init', 'expose_old_slugs_in_api' ); function expose_old_slugs_in_api() { $post_types = get_post_types( array( 'show_in_rest' => true, 'show_in_nav_menus' => true ) ) ; $args = array( 'get_callback' => 'get_old_slugs_for_api', 'schema' => null ); foreach ($post_types as $type) { register_rest_field( $type, 'old_slugs', $args ); } } function get_old_slugs_for_api( $object ) { //get the id of the post object array $post_id = $object['id']; //return the post meta return get_post_meta( $post_id, '_wp_old_slug' ); } }}} " crosescu 3 41627 Additional parameter for multisite activation Plugins 4.8.1 normal normal Awaiting Review feature request new 2017-08-13T13:42:15Z 2017-08-13T18:00:53Z "It could be good, if there was something additional parameter, which made 'register_activation_hook' function to be executed per individual sub-sites, while activating it from Network dashboard. that is good, because i.e. in activation hook, we want sometimes to create tables, add options ( and etc) per each sub-site." tazotodua 41631 Same Term Not Added dev-feedback Taxonomy 4.8 normal normal Awaiting Review defect (bug) new 2017-08-13T20:24:40Z 2017-09-21T11:42:48Z "Using latest version of WordPress, default theme, all plugins disabled. Problem first appeared in version 4.8 and continues with 4.8.1. To recreate the issue: 1. Create regular post (“Posts”) 2. Add a new term to the Categories meta box 3. Save the term (it will appear on top of the list with a check mark next to it) 4. Add the same term again. Nothing happens and the term is not added Version 4.7.5 and below would activate the term and put to the top of list. This was helpful when adding a string of terms and some of them were already in the database. " vaprak 1 41638 Must-Use Plugin File Still Available With a dot at the beginning of a filename (aka supposedly hidden) dev-feedback Plugins 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-14T22:35:52Z 2022-02-18T19:14:43Z "If you place a dot in front of a must-use plugin file, I believe it shouldn't be included as part of your Must-Use arsenal and the code shouldn't be available as well. Perhaps I'm doing it the wrong way, but when I place a dot in front of something (e.g., folder, file), I expect that file to no longer be available. " ronalfy 2 41646 activate.php and deactivate.php for Plugins Plugins 4.8.1 normal normal Awaiting Review feature request new 2017-08-15T15:01:12Z 2017-08-15T18:21:58Z "There's currently a file for `uninstall.php` to simplify things. Alternatively, there's also a hook available. There's hooks for plugin activation and deactivation. However, I think those hooks can be a bit tricky for newbie plugin developers. I think by implementing a file for `activate.php` and `deactivate.php` could simply plugin development. I'm totally fine using hooks for my own sake, but I just thought it could help simplify plugin development slightly. It might also make things easier on the code review team?" michael.ecklund 1 41663 Hooks for the back to login link in the footer of wp-login.php dev-feedback Login and Registration 4.8.1 normal normal Awaiting Review feature request new 2017-08-17T18:58:25Z 2021-07-20T15:59:58Z "In the following pull request: [https://github.com/WordPress/WordPress/pull/306/files] I introduced 3 new filters to the login footer area. With these filters you can customize the back to login link to your needs. " Fleuv 1 41672 REST create user: existing_user_login is returned before existing_user_email shooper dev-feedback Users 4.7 normal normal Future Release enhancement assigned 2017-08-19T01:37:10Z 2021-11-08T20:17:57Z "When I post to `/wp-json/wp/v2/users` to create a user: {{{ { ""email"": ""brianhenryie@gmail.com"", ""username"": ""brianhenryie"", ""password"": ""password"" } }}} and a user with that username and email address exists, the response is: {{{ { ""code"": ""existing_user_login"", ""message"": ""Sorry, that username already exists!"", ""data"": null } }}} whereas a more useful response would be the existing_user_email response: {{{ { ""code"": ""existing_user_email"", ""message"": ""Sorry, that email address is already used!"", ""data"": null } }}} which is learned once the original POST is updated with a new username. i.e. existing_user_email tells a user if they already have an account. This information could be used to attempt to log in." bbrian 13 41674 More granular capabilities for restoring and permanently deleting trashed posts needs-unit-tests Posts, Post Types normal normal Awaiting Review enhancement new 2017-08-19T16:00:27Z 2017-08-19T16:00:27Z "Currently the user capability required for restoring a trashed post or permanently deleting a trashed post is `delete_post`, which maps to `delete_posts`. There should be a separate capability for each of these actions. Suggestion: * `restore_trashed_post` which maps to `restore_trashed_posts` which maps to `delete_posts`. * `delete_trashed_post` which maps to `delete_trashed_posts` which maps to `delete_posts`. Emptying the trash should use the `delete_trashed_posts` capability. This allows for more granular control over which users can or cannot restore or permanently delete posts." johnbillion 41675 Add filter to bypass display/query for Media Months filter in media modal joemcgill has-patch Media normal normal Awaiting Review enhancement reviewing 2017-08-19T18:27:26Z 2024-02-23T05:09:58Z "I am investigating slow running queries to try and cut down the page load time for edit pages in the admin. The media months dropdown filter runs a somewhat expensive query for what it is. On our production database, it adds about 500 ms of query execution time to the page load. There doesn't seem to be a way to be able to disable this drop down. The query that is run populates the field. But when there are a mass quantity of media, this is not an optimal method of search. There should be an option/filter to disable the display and query for this." CrazyJaco 11 41678 Make sure all field returns use filters in WP Query needs-unit-tests Query 1.5 normal normal Awaiting Review enhancement new 2017-08-20T13:01:32Z 2023-04-20T13:19:18Z Currently if fields is set to either `id` or `id=>parent`, it doesn't run through all the filters as these return early. spacedmonkey 2 41680 Added rewrite tags using add_rewrite_tag() not working on static front-page Rewrite Rules 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-20T19:46:58Z 2017-08-20T19:46:58Z "Hello everyone, the following ticket is a little bit similar to the issue described here: #25143 == Introduction == I am working on a plugin which provides a shortcode. This shortcode generates some content/output on a page where it is placed on. The shown output depends on optional URL-parameters. For example those two URLs result in different outputs: - my-site.com/my-page - my-site.com/my-page?'''foo'''=''bar'' In preparation for pretty URLs I have to register a new rewrite-tag '''foo''': {{{#!php add_rewrite_tag('%foo%', '([^/]*)'); }}} This allows me (in combination with the corresponding rewrite rules) to use pretty URLs like this: - my-site.com/my-page/'''foo'''/''bar'' As expected you can access the assigned value ''bar'' of '''foo''' with the following code: {{{#!php $value_of_foo = get_query_var('foo'); // returns: bar }}} == Problem == This all works fine as long as the page which includes the shortcode is not set as the sites static front-page. In this case your URLs will usually look like that: - my-site.com (the content of the static page is shown) - my-site.com/?'''foo'''=''bar'' (from here it is broken) So, whats happening? Instead of generating and showing the content based on the URL parameter, the second URL loads the front-page but instead of showing the content of the static page, it acts like the blog page and shows the list of the latest posts. The problem is that {{{is_home}}} is improperly set to {{{true}}} because we now have a custom query-var in our URL which basically makes the content of a ''static'' page not ''static'' anymore. But this fact shouldnt let WordPress showing the list of the latest posts-page instead. This problem makes it impossible for users to place and show the content of a shortcode - which is based on (prettyfied) URL-parameters - on their static front-page. At the moment I am using the following code as a workaround but I think this is not an optimal long-term solution for this problem: {{{#!php function fix_query_vars_on_front_page($query) { // Dont do this workaround when we are in the administration area or when we are not inside the main query. if (is_admin() || !$query->is_main_query()) { return; } // Cache the actual query vars first. $queryVarCache = $query->query; // Only continue when our query vars are not already empty. if (!empty($queryVarCache)) { // Remove our query vars from the cache when they are set. if (isset($queryVarCache['foo'])) { unset($queryVarCache['view']); } // When our cache is empty, we are on a front-page (is_home() or is_front_page()). Ensure that the following filtering only happens on a static front page. if (empty($queryVarCache) && get_option('show_on_front') === 'page') { // Get the ID of the front page and add it to the query vars. $query->query['page_id'] = get_option('page_on_front'); // Reparse the query. $query->parse_query($query->query); } } } add_action('pre_get_posts', 'fix_query_vars_on_front_page'); }}} Maybe some way to add custom rewrite tags without adding them as a query var would be a possible solution for this. Of course there would be a need to add a function to access them, for example {{{get_rewrite_var('foo')}}} instead of {{{get_query_var('foo')}}}. I am looking forward that WordPress will make this possible in a future version. :-)" Asgaros 41690 Fix missing assignment of page templates on theme switch Themes normal normal Future Release enhancement new 2017-08-21T17:32:54Z 2017-08-21T20:14:56Z "Following up on #39692 and #39693, let's see if we can also save page template mapping when someone switches themes. For example: - Variations on ""homepage"" or ""front page"" - Variations on ""fullwidth""" melchoyce 2 41701 Introduce singular capabilities for further management of individual plugins needs-unit-tests Role/Capability normal normal Future Release enhancement new 2017-08-22T14:14:11Z 2017-08-22T14:14:28Z "This is a follow-up to #38652 which introduced singular capabilities for activating and deactivating individual plugins. Singular capabilities should be added for controlling the ability to do the following: * Edit an individual plugin. * Delete an individual plugin. * Update an individual plugin. Low priority stretch goals which might end up in another follow-up ticket: * Edit an individual file in a plugin. * Install an individual new plugin. * Upload an individual new plugin. Network activation and deactivation for Multisite will be handled in a separate ticket." johnbillion 41702 Slug for Category or Tag should be generated automatically has-patch Taxonomy 4.8.1 normal normal Awaiting Review enhancement new 2017-08-22T14:16:02Z 2017-08-22T16:40:15Z "When adding a Category or Tag in admin, Slug generation should be automated based on category / tag name entered in Name box and Slug box would be populated with it. Advantages: (1) user won't have to type in the slug by hand, hence saves time (2) will minimize the typographic error. The slug box will remain editable and users still have the ability to change slug if required. Core file: `wp-admin/edit-tags.php` Script added under `line 581`" subrataemfluence 41703 Introduce singular capabilities for network activation and deactivation of individual plugins needs-unit-tests Role/Capability normal normal Future Release enhancement new 2017-08-22T14:16:06Z 2020-09-20T12:12:58Z "This is a follow-up to #38652 which introduced singular capabilities for activating and deactivating individual plugins. Singular capabilities should be added for controlling the ability to network activate and network deactivate individual plugins on Multisite. See also #41701." johnbillion 1 41709 Make plugin install deep-linking easier Plugins normal normal Awaiting Review feature request new 2017-08-23T03:32:11Z 2021-07-28T21:38:15Z "Deeplinking into the WordPress admin is generally a better user experience than pointing users to the plugin repository, if you already know their admin URL. With autodiscovery in the REST API, this becomes even easier, as you can find their admin URL from just their domain (or site address). As an example, the [http://wp-stream.com/ Stream plugin homepage] does this (minus the REST API discovery) to great effect. However, there are numerous problems with this: - The only screen to really point users at is the Search, as `plugin-information` is intended for an iframe and doesn't include the admin ""chrome"" - Since it's a search, other results might turn up, or your desired plugin may not appear at all if the plugin isn't marked as compatible (i.e. try the Stream install on trunk) - Search parameters don't follow redirects (e.g. redirect to Network Admin) We should make this easier. Additionally, WordPress.org could add an install helper to do this for every plugin on the repository. Adding either a REST API endpoint which simply redirects (still requiring user interaction), or an admin action redirect would be great. I think the latter is probably better, and I'd like to propose something like `/wp-admin/?action=install-plugin&slug=wp-stream` as a redirect." rmccue 2 41710 optionally obtain WP_* configuration constants from the environment dev-feedback Bootstrap/Load 4.8.1 normal normal Awaiting Review enhancement new 2017-08-23T04:51:51Z 2022-11-02T12:58:26Z "Although hardcoding strings inside a configuration is the traditional way to setup applications, having smooth configurations values is sometimes needed. The context of rising CI/virtualization/automated WP deployments increases the need of '''provisioning''' WP configuration (setup and adjunst DB credentials/debug-mode/site-url/... in an easy and flexible manner). wp-config.php currently imposes harcoding string values in a PHP-formatted regular text file. No file override, no override of the source of the values. This creates [https://github.com/docker-library/wordpress/blob/master/docker-entrypoint.sh#L110 coding] [https://github.com/wp-cli/scaffold-command/blob/master/templates/install-wp-tests.sh#L111 horrors] where people almost invent sed/awk-based PHP macro templating systems to simply configure a WP instance. The fact that wp-config.php uses PHP-format rather than ini/yaml is '''not''' the issue. The issue is that the current configuration does not offer the possibility of environment indirection. (the other ""issue"" being that developers are reluctant to create a modified copy of wp-config-sample.php {{{getenv()}}}-based, maybe to be future-proof in case of wp-config.php changes, maybe to respect user-provided changes) In the Unix world, environment has been the traditional and flexible way to transmit information to child processes. Is there any blocking wp-config.php from fetching some or all of its user-defined constants from the environment out of the box? Would maintainers consider such an enhancement? Some suggestions (among many possible others): 1. fetch from {{{getenv()}}} if {{{wp-config.php}}} is absent 2. fetch from {{{getenv()}}} if mandatory values of {{{wp-config.php}}} values are empty 3. fetch from {{{getenv()}}} even if {{{wp-config.php}}} values are empty 4. load {{{wp-config.$HOSTNAME.php}}} if present 5. load {{{wp-config.{PHP_SAPI}.php}}} if present 6. provide (and maintain) a {{{wp-config-env-sample.php}}} {{{getenv()}}}-based 7. ... [https://wordpress.org/support/topic/implement-env-variables-for-wp-config/ related forum post]" drzraf 2 41711 Remove hAtom from core dev-feedback Formatting normal normal Awaiting Review defect (bug) new 2017-08-23T08:11:50Z 2017-08-29T17:22:23Z "We output hAtom in core and well, it's just not really needed anymore, so I'd like to get rid of it. Here, amongst other places: https://core.trac.wordpress.org/browser/tags/4.8.1/src/wp-includes/post-template.php?marks=505,506#L496" joostdevalk 5 41712 canonical infinite redirect bug has-patch Canonical normal normal Awaiting Review defect (bug) new 2017-08-23T15:27:56Z 2021-01-11T17:20:29Z "I had an infinite redirection problem caused by ""redirect_canonical"" (wp-includes\canonical.php) I have a query string parameter ex: ""http://mysite.com/mypage/?q=test%2C+test"" and it was redirected infinitly to itself because of: {{{#!php <?php // yes, again -- in case the filter aborted the request if ( ! $redirect_url || strip_fragment_from_url( $redirect_url ) == strip_fragment_from_url( $requested_url ) ) { return; } }}} my $requested_url was in lowercase ""http://mysite.com/mypage/?q=test%2c+test"" because of: {{{#!php <?php $requested_url = preg_replace_callback('|%[a-fA-F0-9][a-fA-F0-9]|', 'lowercase_octets', $requested_url); }}} but my $redirect_url was ""http://mysite.com/mypage/?q=test%2C+test"" so the both url was different because of the ""%2c"" vs ""%2C"" I solved it by adding: {{{#!php <?php add_filter( 'redirect_canonical', 'my_redirect_canonical', 10, 1 ); function my_redirect_canonical($redirect_url){ $redirect_url = preg_replace_callback('|%[a-fA-F0-9][a-fA-F0-9]|', 'lowercase_octets', $redirect_url); return $redirect_url; } }}} " yprince 2 41714 "wp_list_pages() - horrible performance due to eventual ""SELECT *""" dev-feedback Posts, Post Types 4.9 normal normal Awaiting Review defect (bug) new 2017-08-23T16:15:00Z 2023-07-06T14:29:05Z "I'm investigating awful performance (MySQL slow queries logged constantly) a site which uses a plugin to display a page list. The plugin calls wp_list_pages(). wp_list_pages() in turn calls get_posts(). And get_posts() ends up making the slow query: {{{ SELECT * FROM wp_posts WHERE (post_type = ‘page’ AND post_status = ‘publish’) ORDER BY wp_posts.post_date ASC; }}} So, all the post_content fields (along with everything else) are being requested, just for the purposes of constructing a page list. (The site has ~ 1200 pages - and the above call returns 34MB from the MySQL server). It looks like either get_posts() needs some more flexibility so that it has an option to return only specified fields." DavidAnderson 9 41719 Malformed User Search results Users 4.8 normal normal Awaiting Review defect (bug) new 2017-08-23T22:16:58Z 2017-08-23T22:16:58Z "There is a logic bug with the User Search WP_User_Query. (Users > All Users > ""Search Users"" (in top-right corner)). The SQL that is generated looks something like this: {{{ SELECT SQL_CALC_FOUND_ROWS wp_users.ID FROM wp_users INNER JOIN wp_usermeta ON ( wp_users.ID = wp_usermeta.user_id ) WHERE ( 1=1 AND ( user_login LIKE '%Search Term%' OR user_url LIKE '%Search Term%' OR user_email LIKE '%Search Term%' OR user_nicename LIKE '%Search Term%' OR display_name LIKE '%Search Term%' ) ) ORDER BY user_login ASC LIMIT 0, 20; }}} However, such a query is not guaranteed to return unique user IDs. It just so ""happens"" to work right now. The more correct query adds the DISTINCT keyword: {{{ SELECT SQL_CALC_FOUND_ROWS DISTINCT wp_users.ID ... }}} Modifying the query in certain situations results in duplicate user IDs being returned. One example, of many such modifications that could be made, can be seen in the Better User Search plugin on line https://github.com/wp-plugins/better-user-search/blob/master/better-user-search.php#L200. As is, this is currently breaking pagination and sometimes displaying redundant users as you flip through the pages. (See attached screenshot. My pagination is set to 20, and I have 100 matching users on my system). [[Image()]]" navepilif 41725 User Search Box disappears if searched with 0 (zero) has-patch Users 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-25T11:44:12Z 2017-08-25T12:07:15Z "If I search users with ""0"" in search box, the '''search box disappears''' after the search is performed and there is no way of doing another search without reloading user list or going back! If I enter any other value like 999999, -200, xyz etc. no user is fetched, which is fine. But the search box remains visible. It only disappears for `0`. Line nos. 347 and 348 in /wp-admin/includes/class-wp-list-table.php has this: {{{#!php <?php public function search_box( $text, $input_id ) { if ( empty( $_REQUEST['s'] ) && !$this->has_items() ) return; ... } }}} If I understand correctly, according to [https://developer.wordpress.org/reference/classes/wp_list_table/search_box/] and [https://developer.wordpress.org/reference/classes/wp_list_table/has_items/], (`&& !$this->has_items()`) looks whether the table has items to display or not, where the first link is responsible for rendering the search_box. So when I enter such a value for which there will no record fetched, should not render the search box after search is performed, but as I said, it is happening only for `0` Commenting out the above if block prevents search box from disappearing. The search box should remain visible irrespective of values entered into it." subrataemfluence 2 41727 Draft page loses its hierarchy on save when other pages are drafts in hierarchy Posts, Post Types 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-25T13:12:54Z 2020-12-15T22:48:25Z "How to reproduce: 1. Create a set of pages with a status publish 2. Set hierarchy to pages 3. Change the status to of the aforementioned set to draft 4. Open draft for editing. 5. Save as draft. 6. Now you have lost the hierarchy. I think you should retain the hierarchy, because it is quite common use case to build something as drafts before publishing them or taking pages to drafts if they are in need for editing and the user wants them out before edits are done. Tickets possibly related #15541 and #12890. " stode 3 41731 Make it Easier to Locate Restored Comments SergeyBiryukov Comments 4.8.1 normal normal Future Release enhancement assigned 2017-08-25T19:30:34Z 2019-06-21T17:56:20Z "When a comment is in the trash, WordPress does not allow you to edit its details without restoring it first. After restoring the comment, it disappears from the Trash and the user is then required to locate it either by memorizing the post it's on or searching for it in the backend. It doesn't show up on the approved comments page because of its original published date. I suggest that if a single comment is restored, it takes users to the post it's on. Even better would be taking the user straight to where the comment is in the Discussions meta box. However, since users can hide this meta box via the screen options, I'm unsure how to account for that. Perhaps redirecting users to the post where the comment is displayed is enough?" jeffr0 2 41732 Potential Core Issue reporter-feedback Editor 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-26T01:56:27Z 2020-11-16T06:53:16Z "I posted [https://wordpress.org/support/topic/wordpress-core-issue/ this] a couple of weeks ago and I haven't heard anything so I assume its not in the ideal place. I asked one of the developers of the products I initially thought the issue was associated with (and who have also recreated/tested this issue without their products present) for a suggestion and they recommended posting a ticket here. I've been battling to narrow this problem down for a long time now. Over a year ago I discovered an issue which as it turns out impacts the editor view in visual mode. Sorry I don't recall the version this started happening in. I assume it was around 4.0 Initially I thought it was either the GeneratePress theme or Yoast SEO plugin however their support/developers have helped me to recreate the issue without their products installed. I'm not sure why but at this stage the issue occurs using WordPress and twenty-sixteen theme when various types of content are present in visual mode but not when using the twenty seventeen theme to my knowledge. After a load of time and testing the common denominator in all the tests is WordPress itself. I attached an image below which shows the area in the code which fluctuates. It may help cut through some of the info and get to the problem. There are a number of other attachments found within the associated thread above. [https://1drv.ms/f/s!AjEGKOtzUwy1gclEHoZZ9-DCW52S4Q] Thanks" doubledworks 4 41735 Include titles for JSON Schema properties has-patch REST API 4.7 normal normal Awaiting Review enhancement new 2017-08-27T00:38:41Z 2017-12-03T21:03:30Z JSON Schema supports a `title` property that can hold a user-readable label for the property. This would be incredibly helpful in building generated documentation and user interfaces. TimothyBlynJacobs 2 41736 validate_file function will always return error for file paths in windows dev environments has-patch Plugins 4.8 normal normal Awaiting Review defect (bug) new 2017-08-27T18:50:51Z 2017-08-30T16:30:16Z "In Windows dev environments such as WAMP or XAMPP a file path always contains a colon after a drive letter, so all plugins making conditional checks with `validate_file()` would fail. " lechdulian 1 41739 "Support a ""source"" attribute in post types, taxonomies, and post statuses" Posts, Post Types 3.0 normal normal Awaiting Review enhancement new 2017-08-28T02:07:31Z 2017-08-28T02:27:55Z "When registering custom post types, taxonomies, or post statuses, it would be nice to have a way to tell the system what plugin was responsible for those registrations. Use Case: In bbPress, there are 3 post types, 1 taxonomy, and 4 post statuses. There are several places where an ""any bbPress post type"" or ""any bbPress post status"" comparison is necessary, but it's somewhat annoying and repetitive to need to write: {{{ array( bbp_get_forum_post_type(), bbp_get_topic_post_type(), bbp_get_reply_post_type() ) }}} I'd prefer to write: {{{ get_post_types( array( 'source' => 'bbpress' ) ) }}} Tangentially, this could replace the otherwise vague `internal` property, with: {{{ 'source' => 'wordpress' }}} I'm not confident that `source` is the best descriptor, or if `domain` or `namespace` or something else might be more appropriate (without being too vague to be useful.)" johnjamesjacoby 2 41740 "Add comment count to ""replies"" link in post responses" REST API normal normal Awaiting Review enhancement new 2017-08-28T02:42:10Z 2020-10-25T03:26:37Z "Right now, you can preload comments using embedding with the linked ""replies"" resource. This is great, but there's no way to know whether you should try loading more. Fetching the resource directly would give you the total in the `X-WP-Total` header, but you lose this when embedding. While this is generically a problem with the loss of headers from embedded resources, I don't think we really need a generic solution. Even when not embedding, a comment count is useful for archive display of a list of posts. We should add the comment count (using `wp_count_comments`) to the ""replies"" link: {{{ { ""replies"": [ { ""href"": "".../wp/v2/comments?post=42"", ""embeddable"": true, ""count"": 12, } ] } }}}" rmccue 2 41745 Uncaught Error in get_query_var when $wp_query is null has-patch Query 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-28T16:24:01Z 2021-10-01T22:58:19Z When `get_query_var()` is called without the global $wp_query being set an Uncaught Exception is thrown. kbjohnson90 9 41746 oEmbed does not respect canonical provider url parameter needs-unit-tests Embeds 2.9 normal normal Awaiting Review defect (bug) new 2017-08-28T20:30:45Z 2017-09-20T20:39:38Z "I came across a Twitter URL format that would not embed correctly. Providing that URL to their provider endpoint returned an error. But the original page had a `<link>` element which already had a working, canonical `url` parameter in its querystring. An example URL is: {{{https://twitter.com/i/web/status/898599373956722688}}} If you try to fetch oEmbed data for that URL by just adding it as a `url` querystring parameter on the standard Twitter oEmbed provider URL, it will return an error. But view source on that page, and you'll see: {{{<link rel=""alternate"" type=""application/json+oembed"" href=""https://publish.twitter.com/oembed?url=https://twitter.com/dimensionmedia/status/898599373956722688"" title=""David Bisset on Twitter: "Agorakit is a web based open source "groupware for citizens initiatives” (which i’ve seen @buddypress used for too) https://t.co/bFPw9ZZWi2 https://t.co/H1REt0QfcO""">}}} Note that the path of this URL is `.../{username}/status/{id}`, whereas the original URL was `.../i/web/status/{id}`. I've worked out a small patch and method for getting WordPress to use oEmbed discovery to extract and use the canonical URL. When using `wp_oembed_add_provider()`, if you leave the provider URL falsey, then `WP_oEmbed::get_provider()` will use discovery to find it (assuming that you haven't forced `discovery = false` in `$args`). Then my patch will pull the `url` arg from there and use that, instead of the original URL that was passed in to the embed handling. Later, when the JSON response is being handled, the code will still be able to see whether this is a whitelisted URL pattern, and bypass/perform security filtering such as `kses()` (see `wp_filter_oembed_result()`). " dougal 6 41753 _wp_get_attachment_relative_path uses hardcoded uploads directory path has-patch Media 4.7.4 normal normal Future Release enhancement reopened 2017-08-29T15:55:55Z 2019-02-07T22:36:41Z "I'm using a theme that in turn uses the _wp_get_attachment_relative_path to help generate paths to uploaded images. However, because my WordPress install changes the uploads directory path, the function returns the file system path for the attachment rather than then relative path within the uploads directory as expected, which ultimately breaks the intended functionality. In _wp_get_attachment_relative_path, would it make sense to do something like the following instead of hard coding 'wp-content/uploads': {{{ $uploads_dir = wp_upload_dir(); $uploads_basedir = $uploads_dir['basedir']; if ( false !== strpos( $dirname, $uploads_basedir ) ) { // Get the directory name relative to the upload directory (back compat for pre-2.7 uploads) $dirname = substr( $dirname, strpos( $dirname, $uploads_basedir ) + strlen($uploads_basedir) ); $dirname = ltrim( $dirname, '/' ); } }}}" nedga055 2 41757 Add action inside of add_new_user_to_blog() function has-patch Users 3.0 low minor Future Release enhancement new 2017-08-30T02:26:16Z 2017-09-26T07:59:07Z "When adding a new user to a site in multisite, the full `$meta` array is passed in from the relative entry in the `wp_signups` database table, but it's impossible to do anything with it here because no action exists in this function. * A similar action does already exist in `add_existing_user_to_blog()`. * We could use the `wpmu_activate_user` hook, but we'd need to reconfirm if the user was added to the site again, which is not ideal because some complex blog switching may need to occur to do so I'll attach a patch shortly that adds an action to match `add_existing_user_to_blog()`." johnjamesjacoby 4 41760 wp_list_comments callback params dev-feedback Comments normal normal Awaiting Review enhancement new 2017-08-30T18:44:15Z 2017-08-31T09:05:53Z "In `wp-includes/class-walker-comment.php`, methods `comment()` and `html5_comment()` have following order of @params: `$comment, $depth, $args`. However, when you try to modify comment markup using `callback` argument for `wp_list_comments()`, order of params is `$comment, $args, $depth`. Is it possible to make the same order of params?" milana_cap 1 41769 Custom function to display all values of a custom field (meta_key) Options, Meta APIs normal normal Awaiting Review feature request new 2017-08-31T13:25:35Z 2017-09-01T16:06:45Z "If possible, add an extra function where we can list all values of a certain custom field (meta_key). All functions I've found so far is only post id related (e.g get_post_custom_values, etc). While any developer can build this themselves, I do think other wp users could benefit from it as well if it's simly part of the core. Thanks." mireillesan 1 41771 Global configuration table needs-unit-tests Networks and Sites 4.9 normal normal Awaiting Review enhancement new 2017-08-31T22:19:51Z 2017-09-19T16:37:54Z "In multisite, there is no way to have settings or configuration what goes applies to all networks. There are network level settings (Network options) and site levels settings (Options) but nothing global. In #37923 the need for global configuration arose, as storing data the network level ends up with the same data in every network. Also having a global config table, would help rid ourselves of our dependence on PHP defines for configuration. If this config table was installed on single site as well, the following defines, could be moved the config table. - MULTISITE - SUBDOMAIN_INSTALL - WP_CACHE - FORCE_SSL_ADMIN - WP_DEFAULT_THEME This could make the process of installing multisite, much easier. A number of feature flag that are currently store in options / network options could be moved to the global store. Features such as. - link_manager - enabled / disabled - global_terms - enabled / disabled - use blog_versions - enabled / disabled - site meta - enabled / disabled - ms_files_rewriting - enabled / disabled This global table could also store multi network wide settings such as - Global super admin - Global user roles - Global plugins (Not mu plugins) - Global database version - Default Language " spacedmonkey 2 41773 Page Templates // Post Type Templates | Any Post Type? reporter-feedback Posts, Post Types 4.7 normal normal Awaiting Review enhancement new 2017-09-01T00:39:03Z 2021-06-07T09:59:55Z "If I add a template like this: {{{#!php <?php /* Template Name: Full-width layout */ }}} It seems to only be visible on the `page` Post Type in the meta box drop down. If I add a template like this: {{{#!php <?php /* Template Name: Full-width layout Template Post Type: post, page, artist, album, track */ }}} It's available in the meta box drop down for the specified Post Types. I would like to add a template and have it available to all Post Types. Perhaps add like this: {{{#!php <?php /* Template Name: Full-width layout Template Post Type: any */ }}} " michael.ecklund 3 41776 wp_list_category array element 'exclude' better be called 'exclude_id' Taxonomy 4.8.1 normal normal Awaiting Review enhancement new 2017-09-01T14:30:12Z 2017-09-01T14:31:21Z "Could the default array element `exclude` of `wp_list_category` function be renamed as `exclude_id`? I think only `exclude` is not that self explanatory and ""what to exclude"" could easily be a reasonable question for a developer to ask! Instead `exclude_id` is easily understandable, even `exclude_ids` could be used as well because we can pass an array to it. Please give it a thought. Source file: wp-includes/category-template.php Line no: 508" subrataemfluence 41778 Archive page for user roles Role/Capability 4.8.1 normal normal Awaiting Review feature request new 2017-09-01T17:22:55Z 2017-09-02T21:23:07Z "If possible, implement userroles in the author archive page or create a seperate user archive for it. Along with an option to modify the base/slug. For example, subscribers should have their own archive page. While subscribers don't hold any rights inside wordpress, in themes such as an ecommerce website or membership website, these subscriber roles are quite important as they are considered as 'customers'. " mireillesan 2 41781 do not forcefully phpunit delete fixtures data Build/Test Tools 4.8.1 normal normal Awaiting Review enhancement new 2017-09-02T02:06:22Z 2017-09-02T02:06:22Z "When phpunit runs, there are at least three places where test-data are removed (see below). Fixture deletion is good in its principle. But it's also sometimes painful, especially when one is in the process of developing tests and need to run the testsuite many times. WP (re)installation + shared XML fixture loading could easily be '''very''' slow (especially given XML importer slowness). If your plugin's testsuite does not even contains destructive operations (or controlled destructions) then all that time spent in testsuite (re)installation is very frustrating. (In my case it's 1 minutes 50 versus 2 seconds) It would be good if developers could control whether or not fixtures are deleted & database cleaned, when phpunit starts/finishes. Places that need change: * [https://github.com/WordPress/wordpress-develop/blob/ce8a915/tests/phpunit/includes/bootstrap.php#L68 system( WP_PHP_BINARY ... install.php)] * [https://github.com/WordPress/wordpress-develop/blob/ce8a915/tests/phpunit/includes/bootstrap.php#L101 _delete_all_posts()] There is also: [https://github.com/WordPress/wordpress-develop/blob/ce8a91/tests/phpunit/includes/testcase.php#L83 _delete_all_data() inside tearDownAfterClass()] but this one can be easily overriden. Could a couple of filter/action/define/whatever could be made so that data cleanup, being the default, could be disabled if developer wants to? thx" drzraf 41783 allow loading wp-config.php (values) without DB bootstrap Bootstrap/Load 4.8.1 normal normal Awaiting Review enhancement new 2017-09-02T17:43:40Z 2017-09-02T17:43:40Z "Directly related issue: [https://github.com/wp-cli/extension-command/issues/26 wp-cli plugin download command] ''wp-config.php'' is a fundamental and unique source of information about the WP instance. It contains information about database, but some others about languages/paths/... In some case we may want to provide preprovisionned WP instance but also about the to-be-instanciated installation: filesystem/plugin/themes/... to be provided in the filesystem *before* WP got installed). This may be the case when a team share a common WP filesystem image / Docker image / ... External tool (ex `wp-cli`) may benefit from loading not only the WP-core helpers (like, eg, `plugins_api()`), but also to know about some constants inside ''wp-config.php'' although DB is not yet available. An issue is that currently, loading ''wp-config.php'' forcefully attempt a DB connexion. This happens via the unconditional call to `wp_set_wpdb_vars()` inside ''wp-settings.php'' We rather should provide a mechanism to optionally disable such a behaviour. There already exist a '''SHORTINIT''' define. Could we introduce another one that may allow to load `wp-config.php` in a database-less environment? Indirectly related: [https://core.trac.wordpress.org/ticket/41710 WP_* configuration constants from the environment] " drzraf 41788 PHP Fatal error: Call to a member function has_cap() on a non-object in wp-includes/comment.php reporter-feedback Comments 4.8.1 normal normal Awaiting Review defect (bug) new 2017-09-03T22:16:34Z 2020-12-14T19:20:14Z "{{{#!php if ( ! empty( $commentdata['user_id'] ) ) { $user = get_userdata( $commentdata['user_id'] ); $post_author = $wpdb->get_var( $wpdb->prepare( ""SELECT post_author FROM $wpdb->posts WHERE ID = %d LIMIT 1"", $commentdata['comment_post_ID'] ) ); } if ( isset( $user ) && ( $commentdata['user_id'] == $post_author || $user->has_cap( 'moderate_comments' ) ) ) { }}} If get_userdata() returns false, this code can lead to a fatal error." kirbyde 2 41791 Unicode + add_permastruct breaks rewrite rules needs-unit-tests Rewrite Rules 4.9 normal normal Awaiting Review defect (bug) new 2017-09-04T11:15:57Z 2017-09-15T13:14:58Z "This was reported here https://github.com/woocommerce/woocommerce/issues/16673 To recreate the issue, create a taxonomy with a cyrillic name such as Сертификат. View the taxonomy archive. You'll see no results; it will go to the homepage rather than an archive. In WooCommerce you can recreate this by creating an attribute (Product > Attributes) with a cyrillic name, and enabling the 'archive', assigning a term from this taxonomy to a product, and trying to view products by that term. I managed to trace it back to the `add_permastruct`. The `struct` is added with unicode % encoded characters. When the rewrite rules are processed, it thinks these are placeholders so the `matches` variables do not align. See this screenshot for clarity: https://www.dropbox.com/s/5vztnfm6895488a/query%20is%20wrong.png?dl=0 Notice all the $matches? Compare to a working taxonomy: https://www.dropbox.com/s/24zyr5v7taw7b60/correct.png?dl=0 This can be fixed by using `urldecode` when adding the permastruct. I don't know if this has side effects but it worked in testing. Patch to follow. " mikejolley 1 41792 Suggested Enhancement to WordPress' Handling of Authors and Author URL's dev-feedback Themes normal normal Awaiting Review enhancement new 2017-09-04T11:36:02Z 2017-09-06T07:59:42Z "Hi, everyone, my first post here, but I have some concerns. *WordPress' Handling of Authors* I feel it's not the right UX when, say on a single author blog, the url ""blog.com/author"" goes to 404. I'd like for WordPress to programmatically direct/redirect a blog.com/author to the archive of this single author if single author. I mean, say I, Kabolobari, am an author on a single author blog and the url to my posts is blog.com/author/kabolobari. So, WordPress automatically creates that based on my name choice. Now, since WordPress can also tell a multi-author blog once there's more than one author, I'd like if WordPress then automatically builds the url for such as blog.com/authors/kabolobar, Kabolobari being one author on this blog. Then if a user/browser were to backspace the url, of course, their intention would be to see all authors at blog.com/authors, right? Thus, WordPress shouldn't send them to a 404. WordPress should intelligently default that to a list of all the authors on the multi-author blog. Is my explanation clear? Then, WordPress can, as with other archives, leave a way for admins or theme developers to customize how they'd like this `authors.php`, as an example, template to be. To summarize, Single Author Blogs = blog.com/author/single-author Then, blog.com/author = This Single Author and a list of their posts Multi Author Blogs = blog.com/authors/multi-author Then, blog.com/authors = These authors list and a list of their posts Then leave all of these to be customizable by theme devs. I'm having a hard time hacking my way around this because of this feature which I see is unavailable. If I'm wrong and there's actually a straightforward way about this, kindly direct me. *As an Example* Kindly, study the website kincommunity.com. Because what I’m building is very similar to that. Now, you should notice that when you hit Creators on the navigation at this site, Kin Community’s developers chose a custom post type route to display their Creators. Thus, Creators takes you to kincommunity.com/our-community/. Then a single creator is at kincommunity.com/creators/rosanna-pansino/, for example. But when you try kincommunity.com/creators/, as a user you expect to see a list of all creators, right? But you get a 404. I figure if WordPress allowed for a native way to flex around this, so that say you added a role of Creator (coding it yourself or with a plugin such as Members by Justin Tadblock) and you give this new role about same level of cap as Author. Then one wouldn’t need to use CPT for this purpose and then the logic as I’ve explained above would take hold automatically with allowance for customization to look like the theme’s overall feel. Could we examine these concerns? Thanks." kbooshco 5 41797 max_num_pages for WP_User_Query has-patch Query normal normal Awaiting Review enhancement new 2017-09-04T22:19:56Z 2017-09-05T08:13:21Z "The {{{WP_User_Query}}} class supports pagination but doesn't have the public {{{max_num_pages}}} property, like most of the other query classes do. This can be useful when using e.g. {{{paginate_links()}}} and also for better consistency. " birgire 2 41800 Ability to collapse multi-level menus in the Menu editor Menus 4.9 normal normal Awaiting Review enhancement new 2017-09-05T14:04:37Z 2017-09-07T15:59:19Z "When creating large menu structures in the Appearance > Menu editor, it can be very overwhelming when there's a number of top-level items with child items... almost becoming an eyesore and confusingly difficult to navigate. Could we work to make any menu item within the editor have the ability to be collapsed? Along with the default state upon loading the editor to have them collapsed, with an icon to expand it." atomicjack 3 41801 add wp_get_image_extensions() and wp_image_extensions filter pbiron dev-feedback Media 4.9 normal normal Future Release enhancement assigned 2017-09-05T14:33:32Z 2020-08-21T03:27:45Z "Core already has [[https://developer.wordpress.org/reference/functions/wp_get_audio_extensions/|wp_get_audio_extensions()]] and [[https://developer.wordpress.org/reference/functions/wp_get_video_extensions/|wp_get_video_extensions()]] (which are used in [[https://developer.wordpress.org/reference/functions/wp_attachment_is/|wp_attachment_is()]]). For consistency and convenience, core should also have `wp_get_image_extensions()` and `wp_image_extensions` filter." pbiron 24 41804 Combine and Relocate Editor Menu Link Administration normal normal Awaiting Review enhancement new 2017-09-05T16:21:07Z 2020-11-24T01:59:00Z "While discussing #31779, I recommended the following: 1. Move the Editor into the Tools menu, or into Tools > Available Tools. It fits better there anyway: it's not a visual editor for the Appearance, as other things are in the Appearance menu), but the other problem with Plugins > Editor is it's right beside one of the most clicked buttons in the UI (Add New). It's too easy to discover. You could also move the warning messages suggested above into a box on Available Tools. Instead of a warning, it becomes the context for launching the Editor. Plus, what else is going on in that page anyway. :) 1. To do the above, combine the Theme and Plugin editors into one. Separate the edit dropdown with headings for Theme and Plugins. @melchoyce recommended splitting this out into a separate ticket (ticket:31779#comment:54)." cliffseal 2 41816 attachment_url_to_postid() should find post_id for URLs of intermediate size images dev-feedback Media 4.9 normal normal Awaiting Review defect (bug) new 2017-09-06T15:40:45Z 2021-09-28T21:06:56Z "[[https://developer.wordpress.org/reference/functions/attachment_url_to_postid/|attachment_url_to_postid()]] fails to find the post ID when given a URL of an intermediate sized image. For example, {{{ $url_of_full_sized_image = 'http://example.com/wp-content/uploads/test.jpg'; $attachment_id = attachment_url_to_postid( $url_of_full_sized_image ); // $attachment_id now equals 3 $url_of_intermediate_sized_image = 'http://example.com/wp-content/uploads/test-150x150.jpg'; $attachment_id = attachment_url_to_postid( $url_of_intermediate_sized_image ); // $attachment_id now equals 0 but should equal 3, the same as for the full-sized image }}} This should be fixed." pbiron 10 41819 Support the paged argument in WP_Site_Query and WP_Network_Query spacedmonkey dev-feedback Query 4.6 normal normal Future Release enhancement assigned 2017-09-06T18:21:04Z 2017-11-01T17:47:07Z "The {{{WP_Site_Query}}} and {{{WP_Network_Query}}} both support the {{{offset}}} and {{{number}}} arguments. It would be handy to be able to use the {{{paged}}} argument, to make the pagination easier. " birgire 5 41821 REST API: Add support for threaded comments needs-unit-tests REST API 4.7 normal normal Future Release enhancement new 2017-09-07T06:39:29Z 2020-09-24T18:08:59Z "(I don't think we have a tracking ticket for this already.) We should add support for threading comments, particularly in ""flat"" mode. Flat mode would allow threading in frontend code relatively easily. The only issue with this is that it will overflow `per_page`. We intentionally treat this as an indicator and occasionally have less items already (if they're filtered inside the `get_items()` loop, e.g.), so I don't think this is a huge issue. In addition, threaded mode should be opt-in in any case. Previously: https://github.com/WP-API/WP-API/issues/1612" rmccue 7 41822 Twenty Twelve: Submenus not working on touch screen devices Bundled Theme 4.8.1 normal normal Awaiting Review defect (bug) new 2017-09-07T08:16:52Z 2019-01-02T11:27:16Z "Appears identical to #24767 When tapping on a menu item with a submenu, the submenu briefly appears but then the browser loads the link at the top menu item. Site should be viewed in Landscape orientation for the regular menu to be visible. Confirmed on ​http://wp-themes.com/twentytwelve/ in Chrome 60 on Android 7.1.2 (Nexus 5X) The user who reported it suspects it might be related to https://www.chromestatus.com/feature/5093566007214080 From http://en.forums.wordpress.com/topic/submenu-links-broken-on-touch-devices-chrome-56" kokkieh 2 41826 WP_Comment_Query can generate negative offset in LIMIT clause has-patch Comments 4.9 normal normal Awaiting Review defect (bug) new 2017-09-07T11:40:49Z 2017-09-08T19:03:35Z "The {{{paged}}} argument in {{{WP_Comment_Query}}} was introduced in #38268 There's a problem with the {{{paged}}} as 0 case. '''Example:''' When the {{{paged}}} is 0 and {{{number}}} is 2, {{{WP_Comment_Query}}} generates the LIMIT clause: {{{ LIMIT -2, 2 }}} instead of {{{ LIMIT 0, 2 }}} According to the MySQL documentation, the offset in the LIMIT clause shouldn't be negative: https://dev.mysql.com/doc/refman/5.7/en/select.html I think we should handle it in the same way as in {{{WP_Query}}}, where the 0 case is treated as the default, that is 1. " birgire 2 41837 WP_User_Query can generate negative offset in the LIMIT clause has-patch Users 4.4 normal normal Awaiting Review defect (bug) new 2017-09-08T18:08:30Z 2017-09-08T18:51:27Z "The {{{paged}}} argument in {{{WP_User_Query}}} was introduced in #34531 There's a problem with the {{{paged}}} as 0 case. There's a similar ticket for {{{WP_Comment_Query}}}: #41826 '''Example: ''' When {{{paged}}} is 0 and number is 2, {{{WP_User_Query}}} generates the LIMIT clause: {{{ LIMIT -2, 2 }}} instead of {{{ LIMIT 0, 2 }}} According to the MySQL documentation, the offset in the LIMIT clause shouldn't be negative: https://dev.mysql.com/doc/refman/5.7/en/select.html I think we should handle it in the same way as in {{{WP_Query}}}, where the 0 case is the same as 1." birgire 1 41843 Provide more flexibility to the `get_{$adjacent}_post_where` hook Query 4.9 normal normal Awaiting Review enhancement new 2017-09-09T15:33:07Z 2019-03-13T18:09:55Z "I'm working on getting the previous/next post for a Custom Post Type based on a certain postmeta value, and the `get_{$adjacent}_post_where` seems the appropriate hook for this. However, it currently receives the whole WHERE clause as a parameter. IMO it would be ideal to be able to override just the `WHERE p.post_date $op %s AND p.post_type = %s` part and keep the other (useful ones) intact. This could potentially be solved in a non-breaking way by sending `$where` as it stands ''before'' concatenation with `WHERE p.post_date $op %s AND p.post_type = %s`, so that authors can neatly plugin a postmeta condition." danburzo 1 41854 Allow filters to be added for the Media Library in Grid Mode & Insert Media Media 4.8.1 normal normal Awaiting Review enhancement new 2017-09-11T08:02:45Z 2017-09-17T14:41:55Z "Hello, I would like to suggest the action '''restrict_manage_posts''' and '''pre_get_posts''' to be used by the Media Library in Grid Mode. It would also be great to have this available in Insert Media or when picking a Featured Image. That will allow many developers to add useful filters and avoid users to look desperately for their images/photos :) Many users have been asking this and most of them believed it was a bug (List Mode and Grid mode look very similar so the absence of filters for the Grid Mode is actually not logical). Thanks a lot :)" TigrouMeow 2 41857 Walker_PageDropdown doesn't set correct selected value when using value_field Posts, Post Types 4.8.1 normal normal Awaiting Review defect (bug) new 2017-09-11T17:16:16Z 2020-07-22T16:55:25Z "If the ''value_field'' is different from ID, the selected value was not set. Function Walker_PageDropdown::start_el {{{ if ( $page->ID == $args['selected'] ) $output .= ' selected=""selected""'; }}} See also #32330 " it4life 5 41867 wp_list_categories throws SQL error if list is empty reporter-feedback Taxonomy 4.8.1 normal normal Awaiting Review defect (bug) new 2017-09-13T08:05:49Z 2019-02-21T03:13:59Z "If via the args, we exclude the only category available in the list, then the SQL query will end up wrongly formated (empty : IN() statement). See full query here : {{{ SELECT object_id, term_taxonomy_id FROM wp_term_relationships INNER JOIN wp_posts ON object_id = ID WHERE term_taxonomy_id IN () AND post_type IN ('post') AND post_status = 'publish'; }}} Sample php code : {{{#!php <?php $args = array('taxonomy' => 'category', 'child_of' => $queried_object->category_parent, 'depth' => 1, 'exclude' => $queried_object->cat_ID, 'echo' => 0, 'hierarchical' => true, 'hide_empty' => false, 'show_count' => 1, 'title_li' => ''); echo wp_list_categories($args); }}} The solution would be to check if there are other categories to be displayed and if not, then just return the empty result." firebird75 8 41870 Code Editor: Add grunt task for building new CodeMirror bundles from external dependencies adamsilverstein has-patch Build/Test Tools normal normal Future Release task (blessed) assigned 2017-09-13T18:06:08Z 2022-01-30T16:51:32Z "After [41376] for #12423, it would be ideal if the CodeMirror bundling logic (via browserify) could be added as part of core. In this way, the external dependencies (CodeMirror and the linter linraries) can be managed by NPM. For now, just the minified bundles are being included. The logic used in the Better Code Editing plugin for creating the bundles can be seen here: https://github.com/WordPress/better-code-editing/pull/92/files Depends on #40894 which replaces Browserify with Webpack in core. See also #42424, where we need to fix line-endings for CSSLint. Additionally, the linters are currently being included as separate assets. They are not being minified, other than they are already minified as distributed. These could either benefit from additional uglification or bundling with codemirror if they are not going to be enqueued separately. The same goes for the `htmlhint-kses` script." westonruter 45 41873 Code Editor: Add PHP linter General normal normal Future Release enhancement new 2017-09-13T18:15:18Z 2017-10-03T20:31:50Z "There is no PHP linter yet when editing PHP in the code editor (powered by CodeMirror, from [41376] for #12423). This would be a good enhancement, PHP syntax errors are the most critical thing to catch prior to saving in order to prevent whitescreening a site. Currently there are linters only for HTML, JS, CSS, and JSON. See https://github.com/WordPress/better-code-editing/issues/48#issuecomment-327963921: > Props to @rheinardkorf for finding http://glayzzle.com/php-parser/#demo !! > > On GitHub: https://github.com/glayzzle/php-parser > > I had previously stumbled across the https://github.com/glayzzle/php-linter project but it is empty. I didn't see the other project. > > This holds great promise. The only icing on the cake here would be if the parser could be told which PHP version to use, but we could get a list of language features that are added after PHP 5.2 and mark them as errors when the version of PHP on the server is not new enough. Amazing. See more background on the original GitHub issue: https://github.com/WordPress/better-code-editing/issues/48" westonruter 7 41874 Code Editor: Extend CSS linter to check for safecss-forbidden properties General normal normal Future Release enhancement new 2017-09-13T18:18:06Z 2017-09-29T16:16:52Z "While there is a custom HTMLHint rule which checks for Kses violations, this does not extend to CSSLint and `safecss_filter_attr()`. It would be a nice enhancement to get illegal style properties flagged as lint errors as well. Originally https://github.com/WordPress/better-code-editing/issues/60: > The `safecss_filter_attr()` function is used by KSES to filter HTML `style` attributes, removing any properties that are illegal. This should be applied to CSS and `style` attributes in HTML, so that any illegal properties are flagged as such. > > It seems that HTMLHint is not currently applying CSSLint to `style` attributes, but if it did, then a `kses` rule added to CSSLint could then apply to both HTML and CSS. This is for the code editor introduced in [41376] for #12423." westonruter 2 41876 Add inline help to Custom HTML widget Widgets normal normal Future Release defect (bug) new 2017-09-13T20:40:05Z 2021-11-09T15:07:24Z "There is no inline help in the Custom HTML widget for how to interact with the code editor. While the widget will add this to the help text on the widgets admin screen, this is not easily discoverable. Additionally, this help tab text is not displayed in the Customizer at all. Just like the Additional CSS section description in the Customizer, there could be a (?) icon in the widget, and once expanded it could reveal the same help text to guide usage of the widget. I suggest the icon could be placed in the top-right corner of the widget with the help text then appearing at the top when expanded, similar to the Customizer section description. See also: * #41872 * https://github.com/WordPress/better-code-editing/issues/36 * https://github.com/WordPress/better-code-editing/issues/64 * https://wordpress.slack.com/archives/C02RP4X03/p1503940071000037 * https://wordpress.slack.com/archives/C0381N237/p1505323129000204 Builds off of [41376] for #12423." westonruter 21 41878 No way to change the order of fields for taxonomy meta Taxonomy 4.8.1 normal normal Awaiting Review enhancement new 2017-09-13T22:27:26Z 2017-09-13T22:27:26Z There is currently no way to position any fields inserted with {$taxonomy}_add_form_fields or {$taxonomy}_edit_form_fields. Any fields added always appear after the description field with no way to insert them anywhere else in the form. ralphonz 41882 Walker_CategoryDropdown does not wrap options inside HTML select element with wp_list_categories has-patch Taxonomy 4.8.1 normal normal Awaiting Review defect (bug) new 2017-09-14T14:57:49Z 2017-09-14T15:25:32Z "If I use `Walker_CategoryDropdown()` class to build a dropdown list with `wp_list_categories` function, the output does not get wrapped inside `<select>...</select>` element. The rendered output is like this: {{{ <option class=""level-0"" value=""16"">Comedy</option> <option class=""level-0"" value=""17"">Sci-Fi</option> }}} when it should be like {{{ <select> <option class=""level-0"" value=""16"">Comedy</option> <option class=""level-0"" value=""17"">Sci-Fi</option> </select> }}} In order to achieve this we can add an additional parameter `html_wrapper_element` in `wp_list_categories` function and pass a value `dorpdown` in the argument like: {{{#!php <?php <?php /* Template Name: Movie List */ require_once ABSPATH . 'wp-admin/includes/template.php'; $args = array( 'taxonomy' => 'movies_taxonomy', 'walker' => new Walker_CategoryDropdown(), 'hide_empty' => false, 'html_wrapper_element' => 'dropdown' ); wp_list_categories($args); ?> }}} and in `wp_list_categories` we add this before the $html gets returned from the function. {{{#!php <?php $html = apply_filters( 'wp_list_categories', $output, $args ); if( isset($r['html_wrapper_element']) && $r['html_wrapper_element'] === 'dropdown') { $html = '<select>' . $html . '</select>'; } if ( $r['echo'] ) { echo $html; } else { return $html; } }}} " subrataemfluence 41884 Twenty Seventeen: responsive (gallery) images are too large has-patch Bundled Theme 4.8.1 normal normal Future Release defect (bug) new 2017-09-14T19:36:03Z 2019-10-03T22:17:54Z "It seems the sizes attribute used for gallery images on the Twenty Seventeen theme is a bit off. When viewed on the front page or an archive page, instead of the selected thumbnail images (150px), the browser is choosing the medium size at 600w, which I believe is based on the ""default"" of 580px. Even worse, when viewing a single post with a gallery, the ""size"" attribute is 100vw, which means a 1080p screen forces the browser to load the largest image available (1024w in my case). I switched over to the Twenty Sixteen theme and it does not seem to have this same problem. I also tested this on another site, and initially it was only showing thumbs (as expected). I compared the media settings, and realized the two sites were different. So there is one other thing that must be true to cause this behavior. Under the Media settings, if you have the thumbnail cropping turned off, this is the trigger. So essentially, when the thumbs are 150x113 instead of 150x150, the Twenty Seventeen theme adds all (or most of) the available sizes to the srcset list because it fails to find an exact match to display in the gallery. You can see it in action here: https://test.shanebishop.net/2017/06/23/hello-world/" nosilver4u 2 41891 Bug when changing $(comments_)pagination_base of WP_Rewite instance to string with non-ASCII characters Rewrite Rules normal normal Awaiting Review defect (bug) new 2017-09-15T13:05:55Z 2017-09-15T13:05:55Z "When you change `$pagination_base`/`$comments_pagination_base` for `WP_Rewrite` instance to string with ASCII characters, it works as expected. But when you change to non-ASCII string, it doesn't work because it redirects from `/<pagination_base>/2` to `/<pagination_base>/2/<pagination_base>/2` which returns 404. If you use `rawurlencode()` on that string, it again works as expected. So, in short: `$GLOBALS['wp_rewrite']->pagination_base = 'something';` - works `$GLOBALS['wp_rewrite']->pagination_base = 'чџш';` - doesn't work `$GLOBALS['wp_rewrite']->pagination_base = rawurlencode( 'чџш' );` - works This doesn't apply to other bases, they work without `rawurlencode()`, for example: `$GLOBALS['wp_rewrite']->author_base = 'гдђ';`" dimadin 41893 Add URL filter in posts list table get_edit_link() dev-feedback Posts, Post Types 4.9 normal normal Awaiting Review enhancement new 2017-09-15T19:58:55Z 2020-02-15T13:02:42Z "In `get_edit_link()` in the WP_Posts_List_Table class, the URL to edit.php is hard-coded and is not filterable. I'm currently working on a project that has complex filtering and the client wants to maintain the filters as they click through to different statuses. Currently, the only way to update just the URL to edit.php is to use the `""views_{$this->screen->id}""` filter, use regex to find the URL in the markup, then update the URL in the markup as-needed. The proposed `wp_posts_list_table_edit_url` filter would allow filtering of the generated URL separate from the markup. " GunGeekATX 1 41895 wp_calculate_image_srcset filter: Improve the documentation for, or rename, this filter so it's clear it should work on an array. Media 4.9 normal normal Awaiting Review enhancement new 2017-09-16T18:29:18Z 2017-09-16T20:25:06Z "= The Problem = Despite having the same name as the `wp_calculate_image_srcset()` function and being inside of that function the `wp_calculate_image_srcset` filter, [https://core.trac.wordpress.org/browser/tags/4.8.1/src/wp-includes/media.php#L1203 here in the current release], does not directly modify the output of the function as convention would dictate. This leads to confusion, so theme and plugin developers do things that lead to bugs. The `wp_calculate_image_srcset` filter filters the `$sources` variable, which is an array of arrays, each containing information about one of the image sources that WP has decided to add to the srcset. However the `wp_calculate_image_srcset()` ''function'' returns either a string HTML [https://developer.mozilla.org/en-US/docs/Web/HTML/Element/img srcset attribute for use on an img tag] or false if there's only one source or some other failure. Because the `wp_calculate_image_srcset()` ''function'' can return false, developers assume that `wp_calculate_image_srcset` filters can return false as well, thus converting the `$sources` array into a boolean `false`. This causes a problem when a second plugin or theme also tries to filter `wp_calculate_image_srcset` and tries to loop over the values in `$sources`, (`foreach( false)` causes a PHP warning). = Real-World Examples= This is happening in the real world: If you're hosted on WPEngine, and use Themeco's X or Pro theme, the PHP warning pops up in some of your pages, (especially in WPEngine's staging environment). This is because X and Pro use `wp_calculate_image_srcset` to change `$sources` to false, then WPEngine's Must-Use plugin tries to iterate over `$sources`. When contacted about the problem, (with the suggestion they return an empty array), Themeco's response was ""In looking over WordPress' official documentation for that function/hook, I believe that boolean false should be the correct value to return"" with a link to the documentation for the ''function''. When the issue was raised in the the [https://www.facebook.com/groups/advancedwp/ Advanced WP Facebook Group] a prominent member of the WP community [https://www.facebook.com/groups/advancedwp/permalink/1624922314236643/?comment_id=1625126477549560&reply_comment_id=1625763707485837¬if_t=group_comment_reply¬if_id=1505579798429304 appears to have made the same logical jump], that the filter filters the output of the function, and wouldn't listen to any further discussion. = Possible suggestions to improve the situation = 1. If we're ok with setting `$sources` to false, the docblock for the `wp_calculate_image_srcset` filter should be changed to indicate that the `$sources` variable being passed to a filter may not be a variable. 2. If we're not ok with setting `$sources` to false, maybe we should add a `_doing_it_wrong()` if `$sources` type is changed from an array. 3. Whatever we do, we should document an expected return type in the docblock for the filter. 3. Since the filter doesn't actually filter the output of the function, the filter name could be changed to something like `wp_calculate_image_srcset_sources`. I know this is a breaking change, which may never happen because it's a breaking change, but it would be the best fix, if breaking changes can be dealt with." johnnyb 1 41901 Updating fails for themes with style.css in sub directory. williampatton dev-feedback Themes normal normal Awaiting Review defect (bug) assigned 2017-09-17T04:54:03Z 2019-03-18T12:54:28Z "https://github.com/WordPress/WordPress/blob/4.8-branch/wp-includes/theme.php#L466-L513 I saw this part and decided to put style.css in /themes/my-theme/subdir/ And in fact it worked. But, there was one problem. That's about updating the theme. ( I update this theme from GitHub instead of WP.org. ) In /wp-admin/update-core.php, Updating is success. At this time in site_transient_update_themes, There was a value of `my-theme/subdir` as a slug. In /wp-admin/themes.php, Updating is failed. An error message was displayed `The theme is at the latest version.`. At that time, the response of ajax was as follows. {{{ { ""success"":false, ""data"": { ""update"":""theme"", ""slug"":""my-themesubdir"", .... } }}} That is, the slash has disappeared. When I looked it up, it was `wp_unslash()` when updating here. I think that it is better to unify processing for slashes on either page. " inc2734 4 41905 Only loop over enclosure meta keys in rss_enclosure() and atom_enclosure() has-patch Feeds 2.2 normal normal Awaiting Review enhancement new 2017-09-18T10:26:38Z 2018-08-23T10:55:28Z "Instead of getting all post meta keys for the current post and then filter out the {{{enclosure}}} keys: {{{ foreach ( (array) get_post_custom() as $key => $val ) { if ($key == 'enclosure') { }}} we could only get the ones we need with: {{{ $meta_enclosures = get_post_meta( get_the_ID(), 'enclosure', false ); foreach ( (array) $meta_enclosures as $key => $val ){ }}} where {{{get_post_custom()}}} is a wrapper for {{{get_post_meta( get_the_ID() )}}}. See {{{atom_enclosure()}}} [https://github.com/WordPress/WordPress/blob/bbb8d48086b7d10908f4fda673585ee122f2851d/wp-includes/feed.php#L463 here] and {{{rss_enclosure()}}} [https://github.com/WordPress/WordPress/blob/bbb8d48086b7d10908f4fda673585ee122f2851d/wp-includes/feed.php#L463 here]. " birgire 14 41907 WordPress-Importer Assign all entries to one 'local' user Import normal normal Awaiting Review enhancement new 2017-09-18T10:52:09Z 2018-07-23T17:05:46Z "I've only recently started using the Import tool so I don't know if this is something that was purposely done this way or mentioned before but here goes. I had to import some data while working on the HelpHub dev environment and it actually has quite a long list of users so I had to re-assign everyone to my admin to go forth. That being said and with my poor knowledge of the importer ( i don't know if something exists already ) I didn't find any buttons to being able to assign all Authors into an existing one for starters and then change some fields if needed respectively as well. So I'd like to propose this as an enhancement as some websites might need to Import with many users and probably there are many people out there who are not comfortable on changing things through their database. This .gif is a simple mockup of what I thought could be done. As you'll see it's just an extra select box and a little jQuery but it saves a lot of time if the authors are way too many to simply point+click on each of them. This patch was something simple so I can ease my repetitive imports it was not meant to be 100% clean and safe etc." xkon 2 41910 Update plugin/theme maintenance message reporter-feedback Plugins normal normal Awaiting Review enhancement new 2017-09-18T13:41:50Z 2019-06-20T21:06:25Z "Hey The message that shows up when updating plugins or themes should not remove the visible site. Instead it should keep the old plugin/theme until it has finished updating and then smoothly change over to the new without disrupting the frontend of the site. On fatal error it should automatically revert to the old and just give a message in the backend that it could not update to the new plugin/theme because of whatever reason. Then a message saying let the author of the theme/plugin know about the error. " paaljoachim 3 41931 Not possible to add custom display_name option has-patch Users 4.8.2 normal normal Awaiting Review feature request new 2017-09-20T15:42:28Z 2019-06-11T20:49:52Z "In The Netherlands we do have insertion names, to be placed in between the first and last name. It is possible to add a custom field during registration, but in order to give the user the option to include the insertion name in his display_name, a core modification is necessary. Hereby the request to add a line to wp-admin/user-edit.php at line 422: {{{#!php <?php $public_display = apply_filters( 'edit_user_public_display_dropdown', $public_display, $profileuser); }}} This way, it is possible to add custom public_display options. " xinne 2 41933 Undefined offset -1 in $pages array when post without pages is requested has-patch General 4.8.2 normal normal Awaiting Review defect (bug) new 2017-09-20T17:14:36Z 2018-10-15T15:42:22Z This patch fixes an undefined index -1 notice generated in post-template.php when a request is made without a page number. ComputerGuru 9 41934 Update load.php with wp_is_bad_request function Bootstrap/Load 4.9 normal normal Awaiting Review enhancement new 2017-09-20T17:42:06Z 2018-08-16T19:19:56Z "I propose adding a wp_is_bad_request function to load.php, as a way to allow plugin developers to short circuit code execution if the HTTP request that started the WordPress load process is considered a junk request. See: #17246 The existing wp_favicon_request (renamed to wp_favicon_request_x in test file) is re-written to use the proposed wp_is_bad_request function. " rpayne7264 2 41937 "Change name of ""wp-settings-"" and ""wp-settings-time-"" cookie" petertoi has-patch Users normal normal Awaiting Review enhancement assigned 2017-09-21T04:14:42Z 2021-12-03T07:23:26Z "There is no option to change the cookie names of: - wp-settings-time- - wp-settings- Can you add options? It will be nice to add in wp-config.php like other cookies? Thanks in advance." Neustradamus 14 41944 Add %u support to wpdb->prepare Database 4.8.2 normal normal Awaiting Review enhancement new 2017-09-21T13:30:31Z 2017-09-21T15:30:20Z "MySQL unsigned int: 4bn [[BR]] PHP %d signed int: 2bn[[BR]] [[BR]] Maybe the standard should be %u not %d or at the very least support both while internally using %u for all key lookups?[[BR]] [[BR]] Especially since much of the WP Core specifically sets ID fields as bigint unsigned not null auto_increment.[[BR]] [[BR]] If a site never has more than 2bn records, and MOST will NEVER get that big, it is a non-issue but shouldn't the standard be consistent between the DB engine and the language processor (PHP)?" charlestonsw 7 41946 Option to delete_with_markers Rewrite Rules 4.8.2 normal normal Awaiting Review enhancement new 2017-09-21T18:14:48Z 2017-09-21T18:14:48Z "I was trying to develop a plugin for adding speed optimisation code to htaccess using builtin functions . I happened to find options to insert_with_markers and extract_with_markers. But I found there was not a direct option to delete_with_markers. I tried searching as much as possible and finally came out with delete_with_markers myself which I have used in my plugin (which I will be submitting in a day for review).I have refered the insert_with_markers and extract_with_markers to retain the WP style. I thought to share , if this could be integrated in WP as well for it could be of use to many. function delete_with_markers( $filename, $marker ) { if ( ! file_exists( $filename ) ) { if ( ! is_writable( dirname( $filename ) ) ) { return false; } if ( ! touch( $filename ) ) { return false; } } elseif ( ! is_writeable( $filename ) ) { return false; } $start_marker = ""# BEGIN {$marker}""; $end_marker = ""# END {$marker}""; $fp = fopen( $filename, 'r+' ); if ( ! $fp ) { return false; } // Attempt to get a lock. If the filesystem supports locking, this will block until the lock is acquired. flock( $fp, LOCK_EX ); $lines = array(); while ( ! feof( $fp ) ) { $lines[] = rtrim( fgets( $fp ), ""\r\n"" ); } if ( $markerdata = explode( ""\n"", implode( '', file( $filename ) ) )); { $state = false; foreach ( $markerdata as $markerline ) { if (strpos($markerline, '# BEGIN ' . $marker) !== false) $state = true; if (! $state ) $result[] = $markerline; if (strpos($markerline, '# END ' . $marker) !== false) $state = false; } } // Generate the new file data $new_file_data = implode( ""\n"", array_merge( $result ) ); // Write to the start of the file, and truncate it to that length fseek( $fp, 0 ); $bytes = fwrite( $fp, $new_file_data ); if ( $bytes ) { ftruncate( $fp, ftell( $fp ) ); } fflush( $fp ); flock( $fp, LOCK_UN ); fclose( $fp ); return (bool) $bytes; }" shivi66 41949 Allow multiple values for the same meta key to be passed to `wp_insert_post()` has-patch Posts, Post Types 4.4 normal normal Awaiting Review defect (bug) new 2017-09-22T02:03:21Z 2023-08-25T07:51:09Z [33910] introduced the `meta_input` argument to `wp_insert_post()`. However, there is no way to pass multiple values for the same meta key to be stored individually. desrosj 27 41952 WP import: Bug with import gziped file from web Import 4.8.2 normal normal Awaiting Review defect (bug) new 2017-09-22T04:54:24Z 2017-09-22T04:54:24Z "When i import svg image with gzip compression, then i give error ""Remote file is incorrect size"" In [https://plugins.trac.wordpress.org/browser/wordpress-importer/trunk/wordpress-importer.php#L1007 wordpress-importer.php:1007] your check file size. If file is gziped, when filesize on disc != content-length in headers" arybnikov 41953 Improved Meta Box Save Hook Posts, Post Types 4.8.2 normal normal Awaiting Review feature request new 2017-09-22T07:55:37Z 2017-09-22T10:39:51Z "Hi, This is suggestion how to reduce some conditionals for saving meta boxes with function for example. Below is code of meta box save function with all conditions for security and inside that function we always write some core condition for security that can be separated in one or more core functions to do that for us, so we can just call that function. {{{ if ( ! function_exists( 'save_admin_meta_boxes' ) ) { /** * Saves admin meta box to postmeta table * * @param $post_id int - id of post that meta box is being saved * @param $post WP_Post - current post object */ function save_admin_meta_boxes( $post_id, $post ) { // If we're doing an auto save, bail if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) { return; } // If default wp nonce isn't there, bail if ( ! isset( $_POST['_wpnonce'] ) ) { return; } // If current user can't edit this post, bail if ( ! current_user_can( 'edit_post', $post_id ) ) { return; } // If current post type are not in list, bail $post_types = apply_filters( 'wp_allowed_post_types_for_meta_boxes', array( 'post', 'page' ) ); if ( ! in_array( $post->post_type, $post_types ) ) { return; } // If our nonce isn't there, or we can't verify it, bail $meta_boxes = apply_filters( 'add_meta_boxes_filter', array() ); $nonce_array = array(); if ( is_array( $meta_boxes ) && ! empty( $meta_boxes ) ) { foreach ( $meta_boxes as $meta_box ) { $nonce_array[] = 'extensive_vc_meta_box_' . esc_attr( $meta_box ) . '_save'; } } if ( is_array( $nonce_array ) && count( $nonce_array ) ) { foreach ( $nonce_array as $nonce ) { if ( ! isset( $_POST[ $nonce ] ) || ! wp_verify_nonce( $_POST[ $nonce ], $nonce ) ) { return; } } } // Make sure your data is set before trying to save it global $meta_boxes_options; foreach ( $meta_boxes_options as $key => $value ) { $field_key = $_POST[ $key ]; if ( isset( $field_key ) && trim( $field_key !== '' ) ) { update_post_meta( $post_id, $key, esc_html( $field_key ) ); } else { delete_post_meta( $post_id, $key ); } } } add_action( 'save_post', 'save_admin_meta_boxes', 10, 2 ); } }}} Example function with that conditionals {{{ if ( ! function_exists( 'wp_meta_boxes_security_check' ) ) { /** * Check is meta box secure and valid for saving * * @param $post_id int - id of post that meta box is being saved * @param $post WP_Post - current post object * * @return boolean */ function wp_meta_boxes_security_check( $post_id, $post ) { $return_value = true; // If we're doing an auto save, bail if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) { $return_value = false; } // If default wp nonce isn't there, bail if ( ! isset( $_POST['_wpnonce'] ) ) { $return_value = false; } // If current user can't edit this post, bail if ( ! current_user_can( 'edit_post', $post_id ) ) { $return_value = false; } // If current post type are not in list, bail $post_types = apply_filters( 'wp_allowed_post_types_for_meta_boxes', array( 'post', 'page' ) ); if ( ! in_array( $post->post_type, $post_types ) ) { $return_value = false; } return $return_value; } } }}} and then finally code for saving meta boxes will be {{{ if ( ! function_exists( 'save_admin_meta_boxes' ) ) { /** * Saves admin meta box to postmeta table * * @param $post_id int - id of post that meta box is being saved * @param $post WP_Post - current post object */ function save_admin_meta_boxes( $post_id, $post ) { // If meta box doesn't paste check, bail if ( ! wp_meta_boxes_security_check( $post_id, $post ) ) { return; } // If our nonce isn't there, or we can't verify it, bail $meta_boxes = apply_filters( 'add_meta_boxes_filter', array() ); $nonce_array = array(); if ( is_array( $meta_boxes ) && ! empty( $meta_boxes ) ) { foreach ( $meta_boxes as $meta_box ) { $nonce_array[] = 'extensive_vc_meta_box_' . esc_attr( $meta_box ) . '_save'; } } if ( is_array( $nonce_array ) && count( $nonce_array ) ) { foreach ( $nonce_array as $nonce ) { if ( ! isset( $_POST[ $nonce ] ) || ! wp_verify_nonce( $_POST[ $nonce ], $nonce ) ) { return; } } } // Make sure your data is set before trying to save it global $meta_boxes_options; foreach ( $meta_boxes_options as $key => $value ) { $field_key = $_POST[ $key ]; if ( isset( $field_key ) && trim( $field_key !== '' ) ) { update_post_meta( $post_id, $key, esc_html( $field_key ) ); } else { delete_post_meta( $post_id, $key ); } } } add_action( 'save_post', 'save_admin_meta_boxes', 10, 2 ); } }}} Also I added some filter for allowed post types inside that function {{{ $post_types = apply_filters( 'wp_allowed_post_types_for_meta_boxes', array( 'post', 'page' ) ); }}} which allows authors to easily add their own custom post type with meta boxes for saving. Best regards, Nenad" Nenad Obradovic 1 41956 Errno in $wpdb has-patch Database normal normal Awaiting Review enhancement new 2017-09-22T13:30:45Z 2018-08-17T12:09:42Z "Since I use referential integrity in my plugin, there will be situation that the referential integrity will be violated. But, unfortunately there is not a proper way to identify the reason of the violation in $wpdb->last_error. It is only text, and could differ in diffenrent languages I assume. Since Mysqli contains also the errno, would it be possible to also present the errno as part of the result. In that case I could check the errorno to be 1451 for referential integrity violation. In my opinion a usefull enhancement of the WPDB class. If any help needed, just contact me" LeonN1960 15 41972 Add Import/Export functionality to the Customizer Customize 4.8.2 normal normal Awaiting Review enhancement new 2017-09-25T08:35:01Z 2018-07-13T03:25:18Z "As a theme author, a big part of our documentation and guidance is instructing people how to replicate different theme previews. Fr complex Customizer settings, it would be great to be able to provide a user with a file which could be uploaded to the site. Much like uploading an xml file to import the post/page content. I'm aware of plugins such as https://wordpress.org/plugins/customizer-export-import. However I think it would be a great enhancement to add import/export functionality to core, removing the reliance on a plugin and the extra burden this adds for beginner level users. This could also help alleviate issues raised in #27177. The import/export options could be a further development of the UI mentioned in #39896." anonymized_11892634 2 41977 media_handle_upload() un required second parameter antpb Media 2.5 normal normal Future Release enhancement assigned 2017-09-25T14:21:04Z 2023-02-07T06:26:41Z "Why second parameter of `media_handle_upload( $file_id, $post_id )` is required? It's better to define it as 0 and make it optional. In some cases it's more convenient! And we lose nothing if do so..." Tkama 8 41978 `_delete_all_data()` does not delete attachment files johnbillion has-patch Build/Test Tools 4.7 normal normal Future Release defect (bug) reviewing 2017-09-25T14:30:55Z 2019-01-16T03:23:14Z "The `_delete_all_data()` function is called by `WP_UnitTestCase::wpTearDownAfterClass()`. The function deletes all the contents of the posts table in the tests database. However it does not delete any attachment files. So when you create a shared attachment fixture in `WP_UnitTestCase::wpSetUpBeforeClass()`, `_delete_all_data()` will delete the attachment post in `WP_UnitTestCase::wpTearDownAfterClass()`, but leave the file. There is no way to manually delete the attachment file in `wpTearDownAfterClass()`, because the attachment id no longer exists, and `wp_delete_attachment()` will therefore fail. The solution: Instead of a direct SQL query, `_delete_all_data()` should use `_delete_all_posts()`, which accounts for attachments." Frank Klein 3 41980 show_in_menu doesn't work with int value has-patch Posts, Post Types 4.9 normal normal Awaiting Review defect (bug) new 2017-09-25T15:40:29Z 2017-09-25T15:41:13Z The `show_in_menu` parameter in `register_post_type()` function doesn't work with int value (or some other value which be treated as true if convert to boolean). I tried to use `1` instead of `true`, some other parameters work except `show_in_menu`. The problem is WordPress use `Not Identical` operator instead of `Not Equal` to check the value of `show_in_menu` when render admin menu items. truongwp 41990 wp_add_inline_script() does not print if the handler has already processed dev-feedback Script Loader 4.5 normal normal Future Release defect (bug) new 2017-09-26T06:05:37Z 2023-04-12T04:51:08Z "If the wp_add_inline_script() function (with 'after' position set) is called after the head scripts have already been printed and the handler specified on wp_add_inline_script() is part of the head printed scripts, the code is not added later in the footer. Probably it should. Example a plugin which implements a shortcode needs to add some jquery inline statement only when the shortcode is executed (to add the js code only on relevant pages). It enqueues jquery to be added in the footer and a piece of inline script. But another plugin or the theme enqueues jquery in the header (as many do): the above inline code is not printed but it actually does not need to be exactly after the jquery inclusion. Stefano." satollo 2 42000 Mac Keyboard text shortcuts no longer work reporter-feedback General 4.8.2 normal normal Awaiting Review defect (bug) new 2017-09-27T03:02:43Z 2020-12-15T22:50:16Z "I have certain words (like Purchase) that I type 100+ times a day in a post. I have my mac set that if I type 'ppp' it turns to 'Purchase' if I type 'azz' it turns to Amazon and many others. They all stopped working in wordpress 4.8.2. They work on all other sites and apps in both safari and chrome, but no longer in wordpress. This is killing me! ALSO, in Safari only, you have to scroll all the way up to the top of a post to reach the toolbox instead of it staying at the top of the screen." anasdiary 4 42002 Improve the accordions accessibility joedolson* has-patch Administration normal normal 6.6 defect (bug) accepted 2017-09-27T07:46:56Z 2024-03-01T05:43:44Z "Splitting this out from #37013, props to monikarao, xavortm, mihai2u, Kopepasah for the work done there. In #37013 was noted that the toggle ""arrows"" of the accordions in the Menus screen don't have the circular shape to indicate keyboard focus. This is inconsistent with other similar controls that do use the circular focus and could be improved. [[Image(https://cldup.com/WXR2bcgPQp.png)]] However, the accordions in the Menus screen are generated with `do_accordion_sections()`: plugins or themes might use this function for their own purposes and any change here should be carefully considered and well communicated. In core, as far as I see, the Menus screen is the only place where `do_accordion_sections()` is used. In other places, for example the Customizer, the accordions markup is output by a custom implementation. The JS part instead, if I'm not wrong, is still shared and uses `accordion.js`. This would be also a good opportunity to improve the accordions accessibility in core and standardize all the different implementations. I'd recommend to follow the example on the ARIA Authoring Practices, see https://www.w3.org/TR/wai-aria-practices/#accordion and see the example on https://www.w3.org/TR/wai-aria-practices/examples/accordion/accordion.html where the accordion ""titles"" use a button inside a heading (note: the example uses `<dt role=""heading"" aria-level=""3"">` because it's an ARIA example :) that's equivalent to a heading)." afercia 19 42005 filter get_terms_args and orderby meta_value_num not working as expected has-patch Taxonomy 4.8.2 normal normal Awaiting Review feature request new 2017-09-27T08:15:17Z 2022-10-26T07:45:43Z "This is a follow-up to #34996. Hi, this is working : {{{#!php <?php add_filter( 'get_terms_defaults', 'my_get_terms_defaults', 10, 2 ); function my_get_terms_defaults( $defaults, $taxonomies ) { if ( in_array( 'my_tax_types', $taxonomies ) ) { $defaults['orderby'] = 'meta_value_num'; $defaults['meta_key'] = 'tax_position'; } return $defaults; } }}} this is working too (for example) : {{{#!php <?php add_filter( 'get_terms_args', 'my_get_terms_args', 10, 2 ); function my_get_terms_args( $args, $taxonomies ) { if ( in_array( 'my_tax_types', $taxonomies ) ) { $args['orderby'] = 'name'; $args['order'] = 'DESC'; } return $args; } }}} BUT this is NOT working : {{{#!php <?php add_filter( 'get_terms_args', 'my_get_terms_args', 10, 2 ); function my_get_terms_args( $args, $taxonomies ) { if ( in_array( 'my_tax_types', $taxonomies ) ) { $args['orderby'] = 'meta_value_num'; $args['meta_key'] = 'tax_position'; } return $args; } }}} As Samuel said here : https://wordpress.org/support/topic/filter-get_terms_args-and-orderby-meta_value_num-not-working/#post-9533065 , is it possible to move earlier in the process the get_terms_args filter ? Because for now, the get_terms_defaults filter doesn't apply on all returned get_terms(), the get_terms_args filter does, but not accept orderby meta_value_num. Thanks. " Fred_Bdx 24 42007 rpc.pingomatic.com still using HTTP has-patch Pings/Trackbacks 4.9 normal normal Awaiting Review defect (bug) new 2017-09-27T15:19:04Z 2022-07-30T23:25:04Z "It looks like rpc.pingomatic.com still doesn't support https. I would like to see it support HTTPS, and then have WordPress default to using https for it. [https://cl.ly/3Y1H1C2H040v screenshot of Update Services field]" bhubbard 3 42008 Show warning that usernames can't be changed close Upgrade/Install normal minor Future Release defect (bug) reviewing 2017-09-27T16:10:48Z 2020-11-01T11:47:08Z "When we install WordPress, it says ""Please provide the following information. Don't worry, you can always change these settings later."" But When we want to change username, WordPress does not allow. See screenshots." rinkuyadav999 13 42012 Do not switch roles and capabilities when accessing options through `*_blog_option()` dev-feedback Options, Meta APIs normal normal Awaiting Review enhancement new 2017-09-27T21:51:32Z 2021-08-03T11:42:38Z "[41625] has outsourced the functionality to switch the current user's capabilities and available roles when sites are being switched, instead this now happens in `wp_switch_roles_and_user()` which is hooked into the `switch_blog` action. When accessing `get_blog_option()`, `add_blog_option()`, `update_blog_option()` or `delete_blog_option()`, it should be safe to always unhook the function temporarily (see `WP_Roles::get_roles_data()` for an example where it already happens manually in core) to improve performance, in some cases significantly. Roles and capabilities are not needed when accessing options, however we need to be careful and think about what plugins are possibly doing here. Let's discuss whether this can happen automatically in core or whether it should be left to developers." flixos90 42028 On-screen elements missing or dead in Mac OS 10.13 and Google Chrome reporter-feedback Editor 4.7.4 normal normal Awaiting Review defect (bug) new 2017-09-29T03:17:26Z 2020-09-23T05:41:57Z "There are some bizarre bugs that appear when using Chrome (current version, Version 61.0.3163.100 (Official Build) (64-bit) as well as Chrome Canary (Version 63.0.3225.0 (Official Build) canary (64-bit) ) and WordPress 4.7.4, which include a) If I create a link then try to edit it so I can set the ""load in new tab"" check box, the page will ""freeze"" (become totally unresponsive, refusing to acknowledge clicks or scrolling, until I reloaded the Wordpress page) b) My ""edit snippet"" section is missing, requiring me to load this page in Safari to set the snippet. Relatedly, I am pretty sure setting a focus keyword in Chrome will not cause it to be saved, since I set it but then it was blank when the article was loaded in Safari. c) Perhaps most frustratingly, the Visual and Text tabs are nonfunctional in Chrome. I cannot access the page source, which I need for various scripts, as I should be able to. Please fix ASAP! Enclosing screenshots of the nonfunctional elements. [[Image(https://s3-us-west-2.amazonaws.com/megumi.img/ScreenShot2017-09-29at12.08.15PM.jpg)]] [[Image(https://s3-us-west-2.amazonaws.com/megumi.img/ScreenShot2017-09-29at12.10.42PM.jpg)]] [[Image(https://s3-us-west-2.amazonaws.com/megumi.img/ScreenShot2017-09-29at12.12.22PM.jpg)]]" ppayne 2 42035 Twenty Fourteen: Non-Responsive Sub-Menus on iPad Pro in Horizontal View Bundled Theme 4.8.2 normal normal Awaiting Review defect (bug) new 2017-09-29T17:00:29Z 2018-08-11T11:54:36Z "It seems that the sub-menu items are not responsive and do not work on some devices such as iPad Pro in the theme Twenty Fourteen when the device is in the horizontal view. '''The steps to reproduce: ''' - activate the theme Twenty Fourteen; - create a menu with sub-menu items in the Appearance - Customize; - select the display location for the menu to be ""Top Primary Menu""; - save and publish your settings; - go to your site on iPad Pro and try clicking on the menu to make a sub-menu appear in the - horizontal view. '''What I expected:''' the sub-menu items to appear '''What happened:''' the sub-menus did not appear and were not responsive '''Further details:''' I tested on iPad Pro and iPad 4; the issue seems to be happening on iPad Pro specifically - I suspect because it has a desktop view in the horizontal position where you can see all of the items. On iPad 4, the menu is a hamburger menu, and once you click to open it, all menu items are visible. " katinthehatsite 42043 Twenty Fourteen: Menu problems on iPad Air 2 Bundled Theme normal normal Future Release defect (bug) new 2017-09-30T18:15:32Z 2021-09-09T14:02:31Z "When viewing a Twenty Fourteen (2014)-themed blog on an iPad air 2 in landscape alignment it is impossible to access submenu items. Either the arrow to expand the submenu has to be separate so it can be activated without also activating the menu or the menu should be displayed as a compact menu (three bars that expand, like on a mobile or in portrait alignment). Hovering isn't really an option on an iPad. At first glance it seems there are many bugs opened for menus, but none for the 2014-theme. An example of this behavior can be found at https://talkwards.wordpress.com/ (at least for now... it should be repeatable with any blog that has a menu with subitems though). This behavior exists on Wordpress.com. I'm assuming they're using the latest version of Wordpress..." erikalm 3 42046 Customize Themes: Clarify active and previewed themes Customize 4.9 normal normal Future Release defect (bug) new 2017-09-30T19:40:09Z 2018-01-15T18:05:32Z "The current active (live) theme is displayed first in the installed themes list, but not necessarily with anything indicating that it's active. The current previewed theme (in the current customize session) gets different styling and a ""Previewed:"" prefix on its name in the installed themes view. Let's clarify which theme is being previewed and whether it's active by highlighting it in the sidebar. Follow-up to #37661." celloexpressions 7 42053 There should be an option to make wp_login_form() functions's username and password input field required. Login and Registration 4.9 normal normal Awaiting Review enhancement reopened 2017-10-01T11:47:32Z 2019-04-24T22:03:20Z There should be options to make the `username` and `password` filed required if necessary or if any developer wants to make it `required` by HTML in `wp_login_form()` function inside `src/wp-includes/general-template.php` file through `$args` argument. rnaby 4 42058 Unit test for _autop_newline_preservation_helper() dev-feedback Formatting 4.9 normal normal Awaiting Review defect (bug) new 2017-10-01T18:49:35Z 2017-12-11T17:29:20Z just a unit test pbearne 42064 wp_crop_image() does not work when fopen() is disabled Build/Test Tools 4.9 normal normal Awaiting Review defect (bug) new 2017-10-02T19:10:07Z 2021-08-11T21:01:03Z "While running the WordPress PHP Unit testing framework, a single test for wp_crop_image() failed consistently. After @danielbachhuber debugged the test, he found that wp_crop_image() was failing because it depended on _load_image_to_edit_path, which he said is dependent on fopen(). WordPress is supposed to function when fopen() is disabled. wp_crop_image's dependency on fopen is incorrect. To reproduce the issue: Disable allow_url_fopen in PHP Setup the PHPUnit Test Runner (https://github.com/WordPress/phpunit-test-runner) Run the PHPUnit Test Runner. The test runner should report the following failed test: Tests_Image_Functions::test_wp_crop_image_url Failed asserting that WP_Error Object (...) is not an instance of class ""WP_Error"". /../../../phpunit-test-runner/wp-test-runner/tests/phpunit/tests/image/functions.php:317 The WP_Error object reports the following: Fobject(WP_Error)#9993 (2) { [""errors""]=> array(1) { [""invalid_image""]=> array(1) { [0]=> string(21) ""File is not an image."" } } [""error_data""]=> array(1) { [""invalid_image""]=> string(60) ""https://asdftestblog1.files.wordpress.com/2008/04/canola.jpg"" } } The image is a valid image otherwise, such as when viewed through the browser. The test fails on PHP 5.6, PHP 7.0, and PHP 7.1 when fopen is disabled." jadonn 3 42074 YouTube Auto-Embed Does Not Work with Video+Playlist Links Embeds normal normal Awaiting Review defect (bug) new 2017-10-03T14:01:22Z 2018-06-14T12:08:30Z "Hi, When we past a video URL into the editor, it works fine: `https://www.youtube.com/watch?v=0yGrCbYDUvQ` But when embedding the ''playlist''-based URL, '''WordPress always shows the first video in the playlist''', despite the `v=0yGrCbYDUvQ` being set (see below what I am pasting). This is even if I ''don't'' have their `index` parameter set (indexes can move around): `https://www.youtube.com/watch?v=0yGrCbYDUvQ&list=PLpxGtvV4Cq_IacCuIMunwiFx3c4G5h0mE` To make it work, I always have to use YouTube's physical embed code, but then I don't get the benefits of WordPress auto-sizing it. Any chance to get this parsed out a bit better? Thanks!" MicroBerto 3 42075 Do not show default image on using WP_Customize_Cropped_Image_Control. Customize 4.2 normal normal Future Release defect (bug) new 2017-10-03T15:28:41Z 2021-05-29T18:19:17Z "Add New Control use WP_Customize_Cropped_Image_Control. Do not Show default image. But show Default button. When click the button, nothing happens. Instead of using WP_Customize_Image_Control, Show image. {{{#!php <?php function foo_customize_register( WP_Customize_Manager $wp_customize ) { $wp_customize->add_section( 'theme_options', array( 'title' => __( 'Theme Options' ), ) ); $wp_customize->add_setting( 'custom_image', array( 'default' => get_parent_theme_file_uri( '/images/default-header.jpg' ), ) ); $wp_customize->add_control( new WP_Customize_Cropped_Image_Control( $wp_customize, 'custom_image', array( 'label' => __( 'Upload an Image' ), 'section' => 'theme_options', 'width' => 1920, 'height' => 1080, ) ) ); } add_action( 'customize_register', 'foo_customize_register' ); }}} " Toro_Unit 6 42076 Allow the external HTTP tests to run internally needs-unit-tests Build/Test Tools normal normal Awaiting Review enhancement new 2017-10-03T16:44:26Z 2020-03-22T14:07:03Z "The tests in the `external-http` group are the worst. They not only perform calls out over the internet, but they rely on a combination of wordpress.org, wordpress.com, example.org, example.com, and youtube.com. The external oEmbed tests that use youtube.com (`Tests_External_HTTP_OEmbed`) can probably be removed. They're technically fragile (YouTube could change the structure of their embed URLs and cause the tests to fail) and don't actually test anything that core has control over. It _should_ be possible to run the rest of the external-http tests against a local web server running PHP. As an example, frameworks such as Behat usually run against a server being run by PHP's built in web server. If the test files from wordpress.com and wordpress.org were downloaded and placed into the test suite data directory, they could be served by a local web server and therefore tested without a remote HTTP request. Spinning up a local web server in PHP could be made optional via a flag or an environment variable, and could be enabled on Travis by default. It may even be that the functionality that is being tested by these external HTTP tests can be abstracted and made testable without performing an HTTP request at all, or it could be that the functionality is already covered by unit tests in the Requests framework. Feedback / ideas welcome." johnbillion 11 42078 Customize: fix the color hue picker HTML and accessibility has-patch Customize 4.7 normal normal Future Release defect (bug) new 2017-10-03T21:57:49Z 2018-09-26T14:56:35Z "The hue color picker control used in the Customizer, for example with Twenty Seventeen, has an empty `<label>` element and incorrect markup: [[Image(https://cldup.com/tjBoOqM20j.png)]] the actual markup: {{{ <div class=""customize-control-content""> <label> <span class=""screen-reader-text""></span> <input class=""color-picker-hue"" type=""text"" data-type=""hue"" style=""display: none;""> <div class=""iris-picker iris-only-strip ... >{ rest of the iris color picker here}</div> </label> </div> }}} - the label is actually empty - it should not wrap the hidden input field and should use for/id attributes as per the WordPress accessibility standard - the iris picker should not be inside the label - the hidden input field should not be hidden, and should be used as an alternative way to enter a hue value Worth noting the normal color picker does use an input field as alternative to make sure everyone, with any device or ability, can enter a value: [[Image(https://cldup.com/syZnWhJHkC.png)]] " afercia 8 42080 get_site_url() does not always return the appropriate protocol has-patch Administration 4.9 normal normal Awaiting Review defect (bug) new 2017-10-03T22:15:15Z 2021-09-21T05:42:11Z "Consider this case: a Multisite where the main site is running on https with a Let's Encrypt certificate while a sub-site is set to use http because, for example, it is a sub-domain install and the LE certificate does not support the subdomain wildcard yet or the sub-site is using another domain (mapped without plugin) not included in the certificate. The FORCE_ADMIN_SSL is ''not'' set because that would cause the browser to panic and throw an ""insecure"" warning when trying to access the sub-site admin. Both sites work well on both front and admin. However, there is a problem that is visible in three places: 1. on /wp-admin/my-sites.php ''on the main site'' (on https) 2. on /wp-admin/network/sites.php 3. in the ""My sites"" list in the Admin Bar ''on the main site'' (on https) On these locations, while the (non-ssl) sub-site's '''Visit''' link URL scheme is showing the correct protocol, the admin '''Dashboard''' link URL scheme is forced to https. This will make a sub-site owner that follows this link, to get caught in the browser panic about insecure connection, which makes him/her then go running to the network admin in fear of his/her site being hacked or being unable to connect at all... Not a very good promo for WordPress even if there is no real problem. Now before people start saying things like ""every site should be on https"", there ''are'' reasons for site owners to stick with (or even prefer) http. Let's not go into that discussion. The cause of this URL scheme mishap, is the is_ssl() in set_url_scheme() that returns true when on the main site (being on https) in spite of the fact that the URL in question might be from a site that is not on https. To fix this, I see several ways to go. Not sure which is better though... '''A.''' Adapt function get_site_url() by moving the set_url_scheme() up into the first if statement, effectively disabling scheme treatment when switch_to_blog() is used. This is a simple fix but seems too crude and does not address the admin bar links. '''B.''' Adapt function set_url_scheme() either '''(1)''' so that it does not use is_ssl() anymore when $scheme is 'admin', and use parse_url( $url, PHP_URL_SCHEME ) when force_ssl_admin is false (so not forcing it to 'http' but just keep the scheme that is set in the site options) or '''(2)''' so that it can accept another $scheme value like 'network-admin' for example, dedicated for these cases, where is_ssl() is not used. '''C.''' Adapt my-sites.php, network.sites.php and admin-bar.php to approach the retrieval of these URLs differently, not using get_admin_url() and get_home_url() at all. Any better ideas? " RavanH 2 42082 Support compare custom fields in WP_Meta_Query Query 4.9.4 normal normal Awaiting Review enhancement new 2017-10-04T01:30:51Z 2018-02-28T13:32:39Z "The syntax of `WP_Meta_Query` currently is limited to values you already know. It's not possible to compare between two meta_values: {{{ SELECT posts WHERE meta_value_one > meta_value_two }}} I propose allow compare two meta_fields. For example, the pseudocode above would be represented as a meta_query argument that looks like this: {{{#!php <?php array( 'key' => 'meta_value_one', 'value' => 'meta_value_two', 'compare' => '>', 'type' => 'META_VALUE' ), }}} A workaround can be found [https://wordpress.stackexchange.com/a/164041 here] and [https://gist.github.com/mariovalney/e8646d8c64db36e9f239e6d05f2e5923 here] hahaha. Feedback is welcome." mariovalney 1 42085 Still getting ini_get_all warning message dev-feedback Bootstrap/Load normal normal Future Release defect (bug) new 2017-10-04T13:18:36Z 2017-10-04T22:44:05Z "For some PHP configurations, the check function_exists does not suffice. {{{ Warning: ini_get_all() has been disabled for security reasons in /home/mysite/public_html/wp-includes/load.php on line 1027 }}} Suggested fix in wp_is_ini_value_changeable() {{{ if ( ! isset( $ini_all ) ) { $ini_all = false; // Sometimes `ini_get_all()` is disabled via the `disable_functions` option for ""security purposes"". if ( function_exists( 'ini_get_all' ) ) { $disabled_functions_raw = explode( ',', ini_get( 'disable_functions' ) ); $disabled_functions = array_map( 'trim', $disabled_functions_raw ); if (!array_search( 'ini_get_all', $disabled_functions ) ) { $ini_all = ini_get_all(); } } } }}}" scottcwilson 6 42086 Option to view condensed diffs for post revisions Revisions normal normal Awaiting Review feature request new 2017-10-04T16:08:37Z 2020-09-01T16:16:59Z "Viewing a revision of a post which has a lot of content in it can result in a very long screen. It would be great if there was a toggle somewhere on the revisions browser so a condensed diff view was shown. The condensed view would more closely resemble a traditional VCS diff view, which highlights only the changed lines and a handful of lines above and below each change. I haven't checked to see if the `Text_Diff` library that core uses supports such diff generation, I doubt it does but I'd like to be wrong." johnbillion 3 42088 Function to detect if current page is a scheduled post (is_scheduled() or is_future()) Posts, Post Types 4.8.2 normal normal Awaiting Review enhancement new 2017-10-04T17:52:44Z 2018-02-24T11:51:01Z "It would be very helpful if there was a function to detect if the page being viewed is a scheduled post. Call this is_scheduled() or is_future(). Currently, you can achieve this check with code link this: {{{#!php <?php function is_scheduled() { global $post; $is_future = 'future' === $post->post_status; return ( is_preview() && $is_future ); } }}} " paulschreiber 42089 Function to detect if current page is a preview of a draft Posts, Post Types 4.8.2 normal normal Awaiting Review enhancement new 2017-10-04T17:56:22Z 2018-02-24T11:52:08Z "It would be very helpful if there was a function to detect if the page being viewed is a preview of a draft. Call this is_draft_preview(). Currently, you can achieve this check with code like this: {{{#!php <?php function is_draft_preview() { global $post; $is_draft = 'draft' === $post->post_status; return ( is_preview() && $is_draft ); } }}} " paulschreiber 42093 Improve handling of SUBDOMAIN_INSTALL test coverage jeremyfelt needs-unit-tests Build/Test Tools normal normal Future Release task (blessed) assigned 2017-10-04T18:55:45Z 2023-10-20T14:15:29Z "We have a bunch of tests that run (or are skipped) based on `is_subdomain_install()`, but our Travis CI configuration never runs the tests in a subdomain configuration. To run the tests now, you need to setup the environment manually. In its current state, 7 tests fail: {{{ 1) Tests_Multisite_Site::test_created_site_details 2) Tests_Multisite_Site::test_new_blog_url_schemes with data set #0 ('https', 'https', false) 3) Tests_Multisite_Site::test_new_blog_url_schemes with data set #1 ('http', 'https', false) 4) Tests_Multisite_Site::test_new_blog_url_schemes with data set #2 ('https', 'http', false) 5) Tests_WP_oEmbed::test_wp_filter_pre_oembed_result_multisite_sub_samesub 6) Tests_WP_oEmbed::test_wp_filter_pre_oembed_result_multisite_sub_othersub 7) Tests_WP_oEmbed::test_wp_filter_pre_oembed_result_multisite_preserves_switched_state }}} The first is a result of our site factory only creating new subdirectory sites. I believe the `test_new_blog_url_schemes` should be skipped for `is_subdomain_install()`, but I haven't verified. I'm not sure yet what the issue is with the oEmbed tests. I'd like to: * Clean up the existing tests so that they pass. * Determine a good way of running these in our Travis CI configuration. It'd be nice *not* to run the entire set of core/multisite tests again just to account for this. Hopefully there's a creative approach to run only the subdomain specific tests. Previously: #36567, #36566. " jeremyfelt 8 42096 `WP_Term_Query` sanitizes `slug` parameter incorrectly has-patch Taxonomy normal normal Future Release defect (bug) new 2017-10-04T20:53:27Z 2017-10-11T13:13:40Z "At save time, slugs are sanitized for MySQL using `sanitize_title()`. When constructing a query that is intended to match slugs sanitized in this way, we should use `sanitize_title_for_query()`. See #19292 [19444]. `WP_Term_Query` improperly uses `sanitize_title()` in the query context. https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/class-wp-term-query.php?marks=495,498#L494 It has always been thus: [30024], [5525]. It should be fixed. Let's get a unit test that describes the bug (see #19292 for sample payload)." boonebgorges 4 42104 Tax query transformations unintentionally filtered by 'terms_clauses' has-patch Taxonomy 4.9 normal normal Awaiting Review defect (bug) new 2017-10-05T09:32:39Z 2022-03-17T14:26:36Z "Since [40918] tax queries are transformed using `WP_Term_Query`. That's nice because the previously uncached query is now cached. This however raises a backward compatibility issue as all existing filters applied to a term query are now unintentionnally applied to the tax query transformation. The same kind of issue was raised by [38667], when the usage of `WP_Term_Query` was introduced in `wp_get_object_terms()`. However in this latest case, the unique presence of `$args['object_ids']` in the arguments, not interpreted by `WP_Term_Query`, allows to differentiate term queries fired `wp_get_object_terms()`. There is no such unique argument which could serve the same purpose for the tax_query transformation. I suggest to add a dummy parameter to the arguments of the query which would not be interpreted by the core and would only be useful to plugins to distinguish this query from others. " Chouby 1 42115 "Customize Menus: Add ""Your theme already has a basic menu"" view" bpayton Customize 4.9 normal normal Future Release enhancement assigned 2017-10-05T19:33:34Z 2021-05-29T18:22:01Z "When your theme creates a menu by default, we should display the following text: > Your theme already has a basic menu, to help readers find all your pages. If you’d like to choose what appears instead, create a new menu to replace the default. > > Click the button to start. > > [ Replace default menu ] See screenshot." melchoyce 4 42120 htpasswd protection not working due to .htaccess rewrite rules Rewrite Rules 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-06T09:44:24Z 2019-05-14T05:10:15Z "Came across a strange bug whilst trying to password protect our staging sites. This seems to be a known issue as a solution is already suggested online, however unless you know where to look, the first point of call would be to check with the server configuration/Apache/WHM. Considering this is a small and easy fix that shouldn't break other features, it would be great to include to core. '''The setup''' * WHM 66.0.24 CentOS 7.4 * Apache * Latest WP installed at /public_html '''Steps to reproduce''' 1. Enable permalinks 2. Go to cPanel and enable ""Directory Privacy"" on the public_html folder OR 3. Update .htaccess to append AND {{{ AuthType Basic AuthName ""Test"" AuthUserFile ""/home/username/.htpasswds/public_html/passwd"" require valid-user }}} 4. Create the passwd file on the directory shown above 5. Go to your staging site such as staging.website.com and confirm the login prompt is showing 6. Don't enter any details, but click cancel multiple times 7. Notice how the page content is now showing. 8. Try ctrl+u to see the source of the page and notice how the whole HTML is there. '''The solution''' 1. Edit the .htaccess file in your WordPress home folder 2. Find the line RewriteRule . /index.php [L] 3. Replace with RewriteRule ./ /index.php [L] '''The sources of this fix''' Kudos to WHM Support who directed me to the solution and HostGator for actually publishing it http://support.hostgator.com/articles/wordpress-preventing-you-from-password-protecting-a-directory " subscriptiongroup 42128 PNGs lose color space information when resized Media normal normal Awaiting Review defect (bug) new 2017-10-06T21:11:46Z 2017-10-06T22:17:56Z "In cases where a PNG image is RGB but contains no color pixels, ImageMagick is converting the image to a gray color model during resizing, which makes the image look dark and blocky. I'm uploading a few of original example images, saved as both PNG8 and PNG24 and one without an alpha channel. Based on these examples, this seems to only affect PNG images and transparency doesn't seem to matter." joemcgill 2 42136 manage_links should be a custom capability not a default Role/Capability 4.8.2 normal minor Awaiting Review defect (bug) new 2017-10-07T19:36:23Z 2017-10-07T20:05:55Z "I just noticed the capability manage_links still gets added to the default administrator capabilities upon a clean install. If you check that with current_user_can it returns as false, even when a user has this capability, like an administrator. This is when the plugin link manager is not installed. If you have the plugin link manager installed, it returns as true (as expected). So I think it should be removed out of the core and inserted into the https://wordpress.org/plugins/link-manager/." Beee 1 42140 Incorrect use of plural in class-wp-customize-themes-section.php SergeyBiryukov dev-feedback Customize 4.9 normal normal Future Release defect (bug) reviewing 2017-10-08T07:05:41Z 2021-06-08T23:23:42Z "Use of {{{__()}}} where {{{_n()}}} is needed. /wp-includes/customize/class-wp-customize-themes-section.php {{{ /* translators: %s: number of themes displayed. */ echo sprintf( __( '%s themes' ), '<span class=""theme-count"">0</span>' ); }}} " tobifjellner 22 42146 Admin side menu id not displaying proper when name is long has-patch Posts, Post Types 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-08T10:30:32Z 2017-10-08T10:41:38Z "I am registering one custom post type. Post type menu name is too long without space. If menu name is ""mycustomedesignerbywordpressdeveloper"" then it goes outside of admin menu." arzookansagra 1 42148 url_to_postid plain permalinks for CPTs needs-unit-tests Permalinks 1.0 normal normal Awaiting Review enhancement new 2017-10-08T11:42:20Z 2017-10-08T11:46:15Z "Would be nice to have {{{url_to_postid}}} working with plain permalinks for custom post types. There's are currently some issues in {{{url_to_postid}}} where the wrong ID is returned for custom post type plain permalinks (query-based). {{{ <?php add_action( 'init', function() { /** Register a post type */ register_post_type( 'findme', array( 'public' => true ) ); /** Create a post */ $post_id = wp_insert_post( array( 'post_type' => 'findme', 'post_status' => 'publish' ) ); $findme = get_permalink( $post_id ); $found = url_to_postid( $findme ); /** Guess it */ printf( ""%s (%s) == %s (%s)"", $post_id, $findme, $found, get_permalink( $found ) ); exit; } ); }}} {{{30 (http://localhost:8080/?findme=30) == 0 ()}}} and {{{30 (http://localhost:8080/?findme=30) == 2 (http://localhost:8080/)}}} if the frontpage is setup to point ot a post. Why is it not working? Why is the frontpage post being returned? Let's see how the {{url_to_postid}} function works: {{{ // First, check to see if there is a 'p=N' or 'page_id=N' to match against if ( preg_match('#[?&](p|page_id|attachment_id)=(\d+)#', $url, $values) ) { $id = absint($values[2]); if ( $id ) return $id; } }}} Then? {{{ if ( trim( $url, '/' ) === home_url() && 'page' == get_option( 'show_on_front' ) ) { $page_on_front = get_option( 'page_on_front' ); if ( $page_on_front && get_post( $page_on_front ) instanceof WP_Post ) { return (int) $page_on_front; } } }}} Uh, wait what... already? So a short-circuit without checking the custom post types. And that's understandable, since there is inherently no support for custom post type ID mappings as pointed out by: {{{ // Check to see if we are using rewrite rules $rewrite = $wp_rewrite->wp_rewrite_rules(); // Not using rewrite rules, and 'p=N' and 'page_id=N' methods failed, so we're out of options if ( empty($rewrite) ) return 0; }}} What stands in our way to find the URL earlier? 1. The query var is not one of p, page_id, attachment_id 2. The query var value for CPTs is not necessarily, and most often not numeric (the post_title) A proposed solution would be to look at the query parameters much higher, maybe by injecting the custom ones, ones that support slugs as well, since WordPress sets the {{{page_title}}} for a CPT itself, so that {{{\d+}}} check would fail. Use case? Well, this was encountered when trying to paste plain oEmbed URLs for a custom post type (https://github.com/gravityview/GravityView/issues/927)." soulseekah 42150 Cannot edit links with visual editor on chromium-based browser General 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-08T13:40:22Z 2017-10-10T21:06:31Z "Hi, When I'm trying to edit links with visual editor on any chromium-based browser (Opera, Vivaldi and Google Chrome), the editor doesn't respond at all [[Image(https://thumbs.gfycat.com/InfamousContentArchaeocete-size_restricted.gif)]] But at the same time the link editor works perfectly on Microsoft Edge and Mozilla Firefox" 3liwa 4 42164 Conditional Tags not working when using ugly URL needs-unit-tests Query 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-10T10:23:14Z 2017-10-10T13:54:21Z "When accessing a category archive via its pretty URL e.g. {{{ example.com/category/whatever }}} the conditional tag {{{ is_category() }}} returns '''true'''. Accessing the same category archive via its ugly URL {{{ example.com?cat=whatever }}} the conditional tag {{{ is_category() }}} returns '''false'''. I'm pretty sure this concerns other conditional tags too. This is not only a cosmetic flaw because it causes WP to use the wrong template. I've tested it with Twenty Seventeen and the homepage template was used in case of using an ugly URL. Due tue the ugly URL always work independently of permalink settings this is a bug in my opinion." petersplugins 3 42167 Reading -> Static Page - domain/page/1111 duplicates home page dev-feedback General 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-10T13:59:18Z 2017-10-10T19:06:09Z When I set a static page for Home, every url typing after domain with /page/<number> opens home page with http code 200. This is for all WP versions. dqnisoma 1 42182 esc_js must escape U+2028 and U+2029 has-patch Formatting 4.8 normal normal Awaiting Review defect (bug) new 2017-10-11T12:56:23Z 2017-10-11T13:02:09Z "JS considers U+2028 (line separator) and U+2029 (paragraph separator) as line terminators, so they must be escaped to not break inline JS. See: https://www.ecma-international.org/ecma-262/5.1/#sec-7.3" johanee 1 42183 wp_update_user() conditional compares a plain-text password to the hashed old SergeyBiryukov needs-unit-tests Users 4.5.2 normal normal Future Release defect (bug) reviewing 2017-10-11T14:20:02Z 2019-01-16T03:25:00Z "In file wp-includes/user.php, function [https://developer.wordpress.org/reference/functions/wp_update_user/ wp_update_user()] On line 1767: {{{ if ( ! empty( $userdata['user_pass'] ) && $userdata['user_pass'] !== $user_obj->user_pass) }}} The second conditional is comparing a plain-text password to a hashed version of password, so this would almost always evaluate to true except for the case where the new password itself matches the old hashed password. This block will then evaluate to false and therefore password itself won't be updated. It's a rare case but the logic here is incorrect. And obviously this code block would run when passwords are the same since it's comparing plain-text to the hashed version." yudge 6 42187 Multisite - Wordpress Importer Unavailable Networks and Sites 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-11T18:57:31Z 2017-10-11T18:57:31Z "I have a multisite installation for wordpress, and I have two users: * admin - Multisite Administrator * commonAdm - An administrator of only one of the sites in the network. Steps to reproduce: 1. When the commonAdm tries to access the Wordpress Importer via Tools -> Importer, no options are shown to him. 2. Then I, as ""admin"", open the same page, click on Wordpress Importer (just opening the url ""/wp-admin/import.php?import=wordpress"" 3. After the ""admin"" access this page, the commonAdm can see and use the Wordpress importer. It seems that it requires this first access on EVERY single site for it to work, somehow it must be setting a flag, but I couldn't find any documentations regarding this behaviour. Other information: * I'm running a Bitnami Wordpress Multisite on AWS EC2, up to date to 4.8.2; * I'm not sure if the bug is related to Network and Sites or the Importer itself (so I chose the first one)" dtiziani 42191 Customize: Selectively merge settings from autosave revisions Customize normal normal Future Release enhancement new 2017-10-12T04:06:54Z 2021-05-29T18:26:08Z "In follow-up on #42024, an autosave revision is created as part of changeset locking. When a user returns to the customizer after a lock has been lifted, they will be prompted to restore their revision. The restoration logic should only load settings from the changeset which are older than the settings in the `customize_changeset` post (see new setting prop `date_modified_gmt`), or the settings for which there is no existing setting in the changeset. This merge will more intelligently ensure that a user's restored autosave revision won't override the changes another user saved. There may be some cases, however, where selectively restoring parts of an autosave will have unexpected results (e.g. opting to include a newly-created widget, but not accepting the change to the sidebar), so more investigation will be needed. The problem of conflict resolution in the Customizer is a large problem which is also being worked on in the [https://github.com/xwp/wp-customize-snapshots Customize Snapshots] plugin. See also #31436 (Handle conflicts in concurrent Customizer sessions)" westonruter 42193 Select text in readonly textarea on focus has-patch Options, Meta APIs 4.9 normal normal Future Release enhancement new 2017-10-12T09:30:03Z 2018-09-17T16:59:54Z "[[Image(https://ibin.co/3dVwFgRPo6d1.png)]] It would be better if the text is selected when the user clicks (focus) on a read-only textarea, especially when it's meant to be copied, for example in the Network Setup section, a user has to copy-paste in the wp-config.php or the .htaccess file." NomNom99 5 42196 WP_Upgrader->unpack_package can't run in parallel Upgrade/Install normal normal Awaiting Review defect (bug) new 2017-10-12T10:46:00Z 2020-09-23T05:43:41Z "Although `WP_Upgrader->unpack_package` takes care to assign a unique `$working_dir` for the package being unpacked, it recursively deletes the contents of `$upgrade_folder` before it does its work. Since `$upgrade_folder` is the parent of `$working_dir`, concurrent `unpack_package` calls interfere with each other. In particular, this defeats parallel `wp theme install`; one install is likely to encounter `ENOENT` while trying to copy it unpacked files out of `$working_dir`." sheldonh 3 42213 Code Editors: Filter autocomplete suggestions has-patch General normal normal Future Release defect (bug) new 2017-10-13T16:34:23Z 2018-10-03T15:16:11Z "I noticed when playing with some CSS earlier than when you start writing a property, the value brings up an autocomplete panel (awesome!) but it autocompletes with literally every value you can use ever. Is there a way to filter those suggested values by relevance? So, for example, I do `text-transform`. The autocomplete values should be `uppercase`, `lowercase`, `capitalize`, `none`, and `full-width`, plus `inherit`, `initial`, and `unset`. Or, `color` should only suggest colors. Unsure if this should only be a CSS editor thing or what." melchoyce 8 42217 Plugins misuse get_plugins(), should be cached Plugins 4.8 normal normal Awaiting Review enhancement new 2017-10-14T09:15:12Z 2017-10-15T03:39:20Z "Many popular plugins misuse `get_plugins()`. They call it to check if a certain extension is available, and they do it every request. This is the actual reason why it is recommended to keep your plugins directory clean. I tried to reach some of the plugin devs telling them that they are using `get_plugins()` in a wrong way, but they did not listen. `get_plugins()` uses the non-persistent object cache. Once there is some plugin call it, it will scan the plugin directory. It depending on your number of installed plugins, this can take a while. (On VVV, host i7 skylake with NVME SSD, 32 plugins in the plugins dir, 400 - 600 ms). Any subsequent calls during the same request are at no cost. For a fix I propose to use an additional transient for caching. This transient should have a lifetime of at least 1 hour. To be able to instantly find plugins that have been installed or updated on the file system, this transient should be deleted on every request of the plugins admin screen. Additionally, it can be refreshed on every cron request. This would significantly increase performance of the dashboard, if there is at least one plugin misusing `get_plugins()`. " fabifott 2 42218 General Settings: Description of Email address should be Email Address instead of just Address. dev-feedback Administration normal normal Awaiting Review enhancement new 2017-10-14T10:47:03Z 2017-10-16T09:54:53Z "In General Setting, There is currently ""Address"" only used for description of Email Address. It should be ""Email Address"", so it won't be confused to people differentiate ""Address"" and ""Email Address"". (Tested in Version 4.9-beta2-41852)" chetan200891 4 42222 editor removing pre tag Editor 4.9 normal normal Future Release defect (bug) new 2017-10-14T17:08:14Z 2020-12-16T19:57:24Z "When in Text mode, I enter a `<pre>` tag, with text in it all spaced out. Switch to Visual mode, and the `pre` tag is removed, and the text spacing is removed. Switch back to Text mode, there is no `pre` tag or spacing. I'm not sure when this changed. I only noticed it because I wanted to test editor styles and switched to Visual mode (I usually stay in Text mode all the time). I got this in the trunk version, but also on a site that is using WP 4.7.6." joyously 6 42224 Custom HTML widget is flagging errors on non-HTML close Widgets 4.9 normal normal Awaiting Review defect (bug) new 2017-10-14T18:08:38Z 2021-06-07T09:58:48Z "Because I had trouble putting a `<pre>` tag into the Text Widget (See #42222), I tried to put it into a Custom HTML widget. But the Code Editor is flagging errors on my text, and won't let me Save the widget. Additionally, it says there are 6 errors, when it shows 2 errors and 4 warnings. Do warnings have to be fixed to Save?" joyously 6 42248 Can't create category slug with same name for different parents dev-feedback Permalinks 4.9 normal normal Awaiting Review defect (bug) new 2017-10-17T13:11:38Z 2017-10-25T12:52:46Z "Issue with same category slug creation even though both have different parent category. For example I have structure like this wanted to build up. Cars - Category Toyota & Maruti - Subcategory of Cars Parts - Subcategory of Toyota & Maruti /cars/toyota/parts /cars/maruti/parts Wordpress isn't allow it. See attached screenshot." ashokrd2013 2 42252 Use more granular caching for common queries in `WP_Site_Query` flixos90 has-patch Networks and Sites normal normal Future Release enhancement assigned 2017-10-17T17:29:08Z 2019-01-27T20:05:12Z "The new function `get_site_by()` that should serve as a modern replacement for `get_blog_details()` ended up not making it into 4.9, because it had several drawbacks of the latter related to caching, particularly caused by the caches used in `WP_Site_Query` being invalidated on any update to any site, which makes caching almost useless in a very big and active setup. Better handling of caching specific queries that are common should be explored, particularly for queries which can be invalidated only by invalidating the caches for a specific site instead of relying on the aggressively invalidated `last_changed`. Let's look at how some of the old caches like `blog-lookup` or `blog-id-cache` work, and apply that to the modern behavior of `WP_Site_Query`. While mentioning `get_site_by()` above, the changes should preferably be made to `WP_Site_Query` to benefit any other multisite area making such queries as well." flixos90 22 42253 Adjust the inline docs for register_taxonomy() and WP_Taxonomy::set_props() has-patch Taxonomy 4.7 normal normal Awaiting Review enhancement new 2017-10-17T18:13:57Z 2018-01-05T16:09:26Z "The {{{register_taxonomy()}}} is a wrapper for a {{{WP_Taxonomy}}} object. To avoid duplication, we should adjust the inline documentation for that function. It looks like the {{{WP_Taxonomy::set_props()}}} method should contain the main documentation. Similarly one can check out the documentation of the {{{get_posts()}}} function, that's a wrapper for a {{{WP_Query}}} object. Reference: {{{WP_Taxonomy::set_props()}}} https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/class-wp-taxonomy.php#L249 {{{register_taxonomy()}}} https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/taxonomy.php#L371 {{{get_posts()}}} https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/post.php#L1646 " birgire 3 42254 Duplicate news entries in Events & News dashboard widget Iceable has-patch Administration 4.8 low minor Future Release defect (bug) assigned 2017-10-17T18:15:20Z 2023-10-11T14:26:43Z "The first item in the News widget is always the latest post from the `wordpress.org/news` blog. The next 3 posts are selected from the `planet.wordpress.org` feed, which itself includes the `wordpress.org/news` blog. This can lead to duplicate entries: [[Image(https://cldup.com/R67ghZqMRh.png)]] One potential solution is to search the list of Planet feed items, to check ifany of them match the current News item. If one does, it would be removed, so that the next oldest item takes its place. Reported by @sergeybiryukov on Slack https://wordpress.slack.com/archives/C02RQBWTW/p1507073219000123 " iandunn 21 42256 Skip SQL_CALC_FOUND_ROWS when using post__in whose count matches posts_per_page reporter-feedback Query normal normal Awaiting Review defect (bug) new 2017-10-18T03:46:58Z 2017-11-21T03:39:15Z If a `post__in` array is passed to WP_Query whose length matches the `posts_per_page` value for the query, `SQL_CALC_FOUND_ROWS` is unnecessary. ethitter 3 42258 Twitter embed link in posts generates an empty paragraph Embeds 4.9 normal normal Awaiting Review defect (bug) new 2017-10-18T14:32:39Z 2017-10-18T14:32:39Z "When I look into the post, below the embed tweet I see an empty paragraph, when I look inside it, in the source I see a twitter script link: <script async src=""//platform.twitter.com/widgets.js"" charset=""utf-8""> So why it is like that? I think it should not add an empty paragraph after a tweet. How to replicate: 1. add a tweet link in the post: eg: https://twitter.com/BitsAndChipsEng/status/919845271831531520 2. preview the post. You will get an empty line, but if you will look into the source, you will see something like this: {{{#!php <p><script async="""" src=""//platform.twitter.com/widgets.js"" charset=""utf-8""></script></p> }}} " alexvorn2 42261 Add Support for No Limit Queries to 'posts_per_rss' . has-patch Feeds 4.8.2 normal normal Future Release enhancement new 2017-10-18T18:12:32Z 2018-11-14T21:12:57Z Setting `posts_per_rss = -1` will result in a query with `LIMIT 0, -1`. ohryan 4 42264 Systematic way of dealing with compat code and polyfills Bootstrap/Load normal normal Awaiting Review enhancement new 2017-10-18T21:14:14Z 2018-05-23T10:31:48Z "The way compatibility code and fallback/polyfill functionality is currently handled has a few issues: * As everything resides in one big file, all of the code is parsed every time. * As everything resides in one file, problems like the PHP 7.2 parsing error for the autoload polyfill can crop up (as the polyfill is written with now deprecated code). * If the requirements change, it is non-trivial to remove unneeded code again. I'd like the suggest a more systematic way of loading the compatibility layer. The basic premise is that the PHP version of the current server is detected, and then an individual compatibility file is loaded for each version that is not already supported by the server. This provides a clean way of structuring the compatibility layer, giving a good overview of what is needed when, and what can be discarded. It also only loads the code that is needed. Here's the main mechanism that would make this work: {{{#!php <?php // Check the PHP version and load the corresponding compatibility files. // The fall-throughs (missing breaks) are intentional, as this makes sure that // all compat files - starting from the first required one - will be loaded. switch ( substr( PHP_VERSION, 0, 3 ) ) { case '5.2': require ABSPATH . WPINC . '/compat/php-5.2.php'; case '5.3': require ABSPATH . WPINC . '/compat/php-5.3.php'; case '5.4': require ABSPATH . WPINC . '/compat/php-5.4.php'; case '5.5': require ABSPATH . WPINC . '/compat/php-5.5.php'; case '5.6': require ABSPATH . WPINC . '/compat/php-5.6.php'; case '7.0': require ABSPATH . WPINC . '/compat/php-7.0.php'; case '7.1': require ABSPATH . WPINC . '/compat/php-7.1.php'; case '7.2': require ABSPATH . WPINC . '/compat/php-7.2.php'; default: require ABSPATH . WPINC . '/compat/default.php'; } }}} Note the fall-throughs of the case statements. As an example, if the current server would be running PHP 5.6, the above mechanism would load the compatibility files for 5.6, 7.0, 7.1 and 7.2. Inside of the individual files, you'd have fallbacks and polyfills, that are needed for the '''version it resides in and all previous versions'''." schlessera 6 42272 Customize: Use client-side templates for rendering base controls Customize 4.9 normal normal Future Release enhancement new 2017-10-19T03:05:59Z 2019-01-09T06:25:05Z "This is a follow-up on #30738. See patches on that ticket. Eliminating server-side rendering of the control content for server-side registered controls was not included as part of 4.9 due to it being a big change and it got too late in the release. This will necessarily need to include support for `dropdown-pages` which we didn't implement in #30738, since we ran out of time and wanted to rely on REST API for fetching the pages." westonruter 2 42278 Speed up tests by using shared user fixtures needs-unit-tests Build/Test Tools normal normal Future Release enhancement new 2017-10-19T09:09:44Z 2019-01-08T10:13:51Z "There are a lot of tests that require user fixtures. These are then created, and afterwards deleted, as part of the test class set up and tear down methods. These fixtures could all be reused between tests, if a user for every role in Core would be created in the database as part of the unit test setup process. If we had that, all the tests that need for example a user with the `editor` role could just grab the existing user from the database, instead of creating this as a test fixture." Frank Klein 2 42280 Multisite: get_blogs_of_user has no useful caching on large installs dev-feedback Networks and Sites 4.7 normal major Awaiting Review defect (bug) new 2017-10-19T16:18:51Z 2023-05-12T19:40:56Z "While thinking about the changes that were happening in #40228 we started to investigate other places where functions had been switched to use `get_sites`. Looking back through ""recent"" changes I found: [38682] / #37061. Previously we would fetch all the user meta for a user and then use get_blog_details (and it’s inherent caching) to populate the list of blogs. Now we fetch all the user meta for a user and then create a query for get_sites which as previously discussed has pointless caching on active multisites inside WP_Site_Query. I'm opening this ticket to ensure that the caching is also reviewed here too." westi 8 42281 No Autoupdate for Translation files dev-feedback Upgrade/Install 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-19T17:48:13Z 2023-07-09T16:13:08Z "Codex says: Automatic translation file updates are already enabled by default, the same as minor core updates. But still a button ""update translations"" is shown in the Update Dashboard. This is ridiculous as I a) have no influence on accepting or skipping a certain translation, because b) there is no presention of the upcoming translation updates in advance As we have PTE and GTE for QA autoupdate is the right choice for translation files. Pls consider to remove the ""update translations"" buttons and substitute it with a email message as per minor core updates. " stk_jj 2 42284 Stop invalid query generation in WP_Site_Query Networks and Sites 4.6 normal normal Awaiting Review defect (bug) new 2017-10-19T20:09:44Z 2019-02-05T17:20:30Z "In WP_Site_Query, developers have the ability to query by a single value or by multiple using a `__in` param. An example of which is which is `domain` and `domain__in`. Take for example the following query. ` get_sites(['domain' => 'test.local', 'domain__in' => ['lebowski.local', 'start.test.local']]); ` This query will only results for test.local, completely ignoring the `domain__in`. This is because of the query it generates. That looks like this ` domain = 'test.local' AND domain IN ('lebowski.local', 'start.test.local')` Improved error checking must be implemented on this code to stop invalid queries. " spacedmonkey 4 42288 Validation of custom menu link Menus 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-20T05:38:04Z 2018-06-14T13:40:20Z "1. go to menus page 2. try to add custom menu link with label only. without a URL. expected and actual result: validation failed and link cannot be added. 1. go to menus page 2. add custom menu link with label and URL: '#' 3. save menu 4. edit the custom link from the menu and remove the URL. 5. click save expected result: validation failed and menu won't be saved. actual result: menu saved. no validation." dvirhazout 4 42300 Admin Bar CSS assumes body is not positioned Toolbar 4.5.7 normal normal Future Release defect (bug) new 2017-10-21T23:59:02Z 2021-08-14T14:12:55Z "The Admin Bar is appended to the `body` of the page, and uses `position: fixed` for large windows. A space is made for it by using `margin-top` on the `html` tag. This works fine until the media query for smaller windows changes it to `position: absolute` and there is user or theme CSS with `body {position: relative}`. The bar is then positioned relative to the body instead of html (leaving the margin visible and the bar over the top of body content). I discovered this because I wanted to add a background overlay on the body, independent of the custom background, so I set the body position to relative and body:before to absolute. A possible solution is to use body padding instead of html margin, but that might interfere more with theme CSS than the current method." joyously 8 42309 Add page-numbers CSS class to wp_link_pages generated links Themes 4.9 normal normal Awaiting Review feature request new 2017-10-23T01:28:38Z 2018-04-17T20:28:50Z "While creating my own theme, I were annoyed by the differences between the functions wp_link_pages() and the_posts_pagination(). To simplify the styling of the pagination, I would like to suggest some changes to ensure some unification as stated below. ---- For example, equal styling currently works if you use the functions as follows: {{{#!php // pagination on singular pages wp_link_pages (array ( 'before' => '<nav class=""pagination"">', 'after' => '</nav>', 'link_before' => '<span class=""page-numbers"">', 'link_after' => '</span>', )); //pagination on Posts page the_posts_pagination (); }}} Resulting HTML markup {{{ <!-- singular pages --> <nav class=""pagination""> <span class=""page-numbers"">1</span> <a href=""https://example.com/post/2/""> <span class=""page-numbers"">2</span> </a> <a href=""https://example.com/post/3/""> <span class=""page-numbers"">3</span> </a> </nav> <!-- index / posts page --> <nav class=""navigation pagination"" role=""navigation""> <h2 class=""screen-reader-text"">screen-reader headline</h2> <div class=""nav-links""> <a class=""prev page-numbers"" href=""https://example.com/"">Neuer</a> <a class=""page-numbers"" href=""https://example.com/"">1</a> <span class=""page-numbers current"">2</span> <a class=""page-numbers"" href=""https://example.com/page/3/"">3</a> <a class=""page-numbers"" href=""https://example.com/page/4/"">4</a> <a class=""next page-numbers"" href=""https://example.com/page/3/"">Älter</a> </div> </nav> }}} Sample CSS styling: {{{ /* all page numbers */ nav.pagination { text-align: center; } nav.pagination .page-numbers { display: inline-block; padding: 0.25em; margin: 4px; } /* current page */ nav.pagination .page-numbers.current, nav.pagination > span.page-numbers { border-bottom: solid 1px #003e41; } }}} Following circumstances: For singular pages, you have to add a) an additional <nav> container (okay) b) a <span class=""page-numbers""> (hmm) c) unnecessarily confusing CSS rules (!) just to achieve equal styling... ---- BUT: If we would change the wp_link_pages() to output links (like the_posts_pagination()) like this: {{{ <a class=""page-numbers""> }}} and that the current page is wrapped in an extra container {{{ <span class=""page-numbers current""> }}} and that the whole pagination is wrapped in a <nav> container (like the_posts_pagination()) {{{ <nav class=""navigation pagination"" role=""navigation""> }}} styling would be easier and more intuitive: {{{#!php // pagination on singular pages wp_link_pages ()); //pagination on Posts page the_posts_pagination (); }}} {{{ /* all page numbers */ nav.pagination { text-align: center; } nav.pagination .page-numbers { display: inline-block; padding: 0.25em; margin: 4px; } /* current page */ nav.pagination .page-numbers.current { border-bottom: solid 1px #003e41; } }}} I agree, that this might break the compatibility with existing stylesheets, but I'd appreciate it if there was a nice solution. Thanks in advance." okaestne 1 42315 User with no role on a site on a multisite network sees inaccessible links johnbillion* has-patch Users normal normal Future Release defect (bug) accepted 2017-10-23T18:33:39Z 2019-03-24T16:43:25Z "This is a follow-up to #41453 which was partially fixed in 4.9. A user who is a member of a site on a multisite network but has no role on the site will encounter the following problems: * An immediate ""Sorry, you are not allowed to access this page"" error upon logging in. * An admin toolbar link to their profile, which they cannot edit. * An admin toolbar link to `My Sites`, which they cannot access." johnbillion 2 42323 Posts vs CPT user permissions issue needs-unit-tests Posts, Post Types 4.9 normal normal Awaiting Review defect (bug) assigned 2017-10-24T14:51:56Z 2017-10-24T15:10:29Z "We have the following use case: 1. User does not have access to create new ""Posts"" 2. User does have access to create new Product Submissions (CPT post type) With these prerequisites, when the user clicks on ""New Product Submission"" from the list view (or the edit view), they get the No access message. This happens because in core we check for `edit.php` no_priv instead of `edit.php?post_type=product_submission`." bor0 2 42326 Allow for user deletion in multisite needs-unit-tests Users 3.0 normal normal Awaiting Review enhancement new 2017-10-24T18:30:56Z 2017-10-24T21:19:24Z When multisite is enabled, it is impossible to completely delete user a user. A user is only removed from a site. However, if a user is has no sites on the network, then it should be safe to remove them. spacedmonkey 2 42328 directory listing, missing index.html Rewrite Rules 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-24T22:17:00Z 2017-10-24T22:21:09Z "On hostings where missing ""Options -Indexes"" (Apache) index.php file with ""Silence is golden."" could be an option or as discussed in #4759 as it will work also on NGINX. While by default it's not a security issue, however, may lead to a discovery of private/non-for-public files. Directories: /wp-includes/ /wp-content/uploads/ /wp-content/languages/ (I know it's not by default here) possible related: #17619 " rolandinsh 1 42329 "Customizer: interacting with text fields in a ""wide"" widget shifts child panel position in Safari." has-patch Customize 4.7 normal normal Future Release defect (bug) new 2017-10-24T23:06:54Z 2021-11-30T01:15:35Z "When a widget is defined as ""wide"" in the widget construct, there's a sudden shift of the ""widgets"" panel in the customizer when there's any interaction with a text field. This was observed in Safari Mac, versions 11 and 13 (latest). I've used WordPress 4.9-beta3-41983, but this happened also in 4.8.2. This bug was detected while I was using the Black Studio TinyMCE Widget plugin: https://br.wordpress.org/plugins/black-studio-tinymce-widget/. I have tested also with a simple widget plugin, and found the same bug. On both WordPress installations, the Twenty Seventeen theme was active, and there was just two plugins active: the test widget plugin and Black Studio TinyMCE Widget plugin. * Here's a video showing the bug: https://www.dropbox.com/preview/Screen-Recording-2017-10-24-20-39-12.mp4?share=1 * The widget plugin used in the test is here: https://dl.dropbox.com/s/thmywibr3fd2d1x/widget-test.php.zip" pagelab 6 42331 Improve setting up header images in Customizer Customize 3.9 normal normal Future Release enhancement new 2017-10-25T11:47:08Z 2018-01-15T19:05:10Z "I think the process of setting up header images in Customizer can be more streamlined. When only 1 image is there (uploaded or suggested), why do we offer the 'randomize' option? If you click the button, it gets the 'selected' class, the preview greys out, but nothing has been changed (how could it having only 1 image) - 1) Shouldn't this button rather be only there if we have more then 1 image? 2) Small glich Scenario: Current header image is not set We have 1 uploaded image Set it to 'Randomizing uploaded headers' then delete the image (clicking 'X') Publish It's still set to 'randomize headers' instead of 'no image selected' I think it should switch to 'No image set' in the moment the image is deleted There was a lot of activity in #21785 I'm unable to sum this all up" Presskopp 3 42351 Customizer: Text widget loses Visual tab data when moved from one widget area to another Widgets 4.8 normal normal Future Release defect (bug) new 2017-10-27T01:07:42Z 2018-10-03T15:16:36Z "I moved my text widget to a different widget area, and now the content in the visual tab is empty, and I can’t click into the text area. If I switch to text, I see the content. Throughout this, I can also still see my content in the preview pane. If I save, my content remains. Then, if I close and reopen the Customizer, it shows back up. There are no related console errors. This only appears when I move the Text widget from one widget area to another. If I move it around within the same widget area, it's fine. @westonruter says: > The problem is when the control gets moved in the DOM the editor iframe needs to be re-initialized. I think we are accounting for a widget being reordered in a sidebar but not when moved between sidebars. See attached screenshot and https://wordpress.slack.com/archives/C0381N237/p1509058118000165." melchoyce 2 42352 Support use of native MySQLi prepared queries early Database normal normal Future Release enhancement new 2017-10-27T04:15:52Z 2023-09-09T22:23:23Z "When we added `$wpdb->prepare()` back in WordPress 2.3, we were forced to roll our own MySQL Prepared queries as the MySQL extension didn't support it. While the MySQL extension still doesn't, the majority of WordPress sites are likely using the newer MySQLi engine (by default, enabled for PHP 5.5+ which accounts for 70~80% of sites). That makes now a good time to start investigating the potential implementation and usage of native prepared queries in the future. Attached is a first-draft of implementing native prepared queries into WPDB, it has no fallbacks for MySQL at present, but it would be possible to force support in for it using a ""simple"" SQL parser. Unfortunately I expect that this draft is incompatible with many DB drop-ins, which is okay, this is only a draft and proof-of-concept. I'll attach some examples of how this first draft could be used in a comment below." dd32 8 42353 Twenty Seventeen: Header video does not load below 900px after resized and refreshed. Bundled Theme 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-27T08:39:51Z 2019-11-14T12:27:23Z "Header Media video does not load on screen size less than 900px after resized and refreshed. Instead Header Media Image is loaded. Tested on Twenty Seventeen theme and WordPress version 4.8.2. Steps: Set the video URL in the customizer's Header Media. Resize the screen and refreshed below 900px. The video does not load instead header image is shown. " sachyya sachet 42354 Changing Add New theme link in wp-admin/themes.php dev-feedback Themes 4.9 normal normal Future Release enhancement new 2017-10-27T10:36:41Z 2021-05-29T18:35:49Z "In 4.9, we can install theme with live previewing in customize. so it will better WordPress user land on /wp-admin/customize.php?autofocus[panel]=themes&autofocus[section]=wporg_themes to install new theme, when they click on 'Add New' button on wp-admin/themes.php Or when WordPress user click on wp-admin/themes.php under Appearance because WordPrss user can perform same actions in customize related to wp-admin/themes.php. Right now, there is two pages / parts in core to do same task. 1. under customize, 2. under wp-admin/themes.php" rinkuyadav999 9 42358 Twenty Seventeen: Social Links menu items in footer get hidden when used as child dev-feedback Bundled Theme 4.9 normal normal Awaiting Review defect (bug) new 2017-10-27T13:44:04Z 2021-08-21T23:30:57Z "Inside customizer if I reorder Social Menu Items as Children while they are on footer, child items are not visible any more and no way to access them! But they come up as dropdown sub menu item(s) when placed in Top menu. Screenshot attached. I think when Footer menu is checked menu option to create a parent-child kind of ordering should not be available. However, if both options (Header and Footer) are checked, parent-child ordering needs to be there, but it should only in header menu only and leaving all footer menu items visible." subrataemfluence 1 42376 Beta Download/Install capabilities with Plugins & Themes Upgrade/Install normal normal Awaiting Review enhancement new 2017-10-30T02:15:53Z 2017-10-30T14:32:08Z "Either by Authors choice, or using Beta tag with Semantic Versioning. Plugins & Themes could be able to released as beta versions as an option to Webmasters. Currently, there are few concepts that come to mind. * Notice in Installed Plugins screen with action to allow updating to a beta. * Notice (or a list of beta plugins) in the Updates screen. * WP setting to Opt-in to Betas. NOTE: Admin Safety might need consideration with extra measures to prevent accidentally installing. With Developers/Authors, the option would primarily be based on the stable tag, and ( the most beta in tags folder, OR beta tag added ). As well as using a (alpha) beta tag, but brings into question other recent versions with no beta tag. The purpose could be intended as either a hotfix or a test version. In the past, the availability of beta testers has been very small, and to try to make updates more preemptive. " EkoJr 1 42377 "login screen empty fields msgs are not in sync with the ""Username or Email Address"" field label" Login and Registration 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-30T08:59:29Z 2017-10-30T08:59:29Z "(My first trac bug report everrrrr ...) Recently the ""Username"" field label on the login screen (and other places) changed to ""Username or Email Address"" and users can now be authenticated using either a username or an email address. Authentication by username is default implemented by means of a callback (wp_authenticate_username_password) hooked to the authenticate filter. Authentication by email address is default implemented by means of an additional callback (wp_authenticate_email_password) hooked to the authenticate filter. Implementation seems to be a bit sloppy and it doesn't provide much flexibility. This bug report will concentrate on flexibility in the empty field error msgs displayed when the ""Username or Email Address"" field is left empty (while providing input for the ""Password"" field). Below I'll describe 3 login situations and the resulting (mostly incorrect) error msgs followed by what I think are the correct error msgs. Note that the ""Username or Email Address"" field is intentionally left unchanged for convenience. This bug report is not about changing the field label as displayed in the login screen. WordPress core as is provides enough flexibility to do that. So here we go. 1. Both default authentication methods are hooked to the authenticate filter. On submitting an empty ""Username or Email Address"" field while providing a password the following msg is displayed: '''ERROR''': The username field is empty. (<== wrong) '''ERROR''': The '''Username or Email Address''' field is empty. 2. Only the wp_authenticate_username_password method is hooked to the authenticate filter. On submitting an empty ""Username or Email Address"" field while providing a password the following msg is displayed: '''ERROR''': The username field is empty. (<== actually correct) '''ERROR''': The '''Username''' field is empty. 3. Only the wp_authenticate_email_password method is hooked to the authenticate filter. On submitting an empty ""Username or Email Address"" field while providing a password the following msg is displayed: '''ERROR''': The email field is empty. (<== wrong) '''ERROR''': The '''Email Address''' field is empty. Since I prefer an error msg where the field label name stands out I've capitalized the field name as well as displayed them in bold. Also helps in reading the error msgs and see the differences. As can be seen we have an issue here. We can't always seem to get the proper field label reference in the empty field error msgs when submitting an empty ""Username or Email Address"" field. There must be a way for the methods to refer to their own field label part (Username/Email Address) when individually hooked to the authenticate filter but when both are hooked at the same time refer to the combined field label (Username or Email Address) in the error msg. I think the program logic needs to be changed so all three situations return the correct empty field error msg on login screen submit." nlpro 42381 Wordpress update does not check if database structure/scheme on existing site is equal to how it would be on a new install dev-feedback Database 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-30T18:19:44Z 2017-11-11T18:19:31Z "'''Description of bug''' When trying to add a category I receive the error: WordPress database error: [Duplicate entry ‘test’ for key ‘slug’] INSERT INTO wp_terms (name, slug, term_group) VALUES (‘Test’, ‘test’, 0) '''What seems to be the cause of the problem?''' My install does not allow a category (test) with the same slug as an existing tag (test). WordPress should allow this. On further investigation: in wp_terms table, the field slug has a UNIQUE constraint. This was changed in WordPress 4.1 [https://core.trac.wordpress.org/ticket/22023/ three years ago]. Duplicates are now prevented in WordPress code instead of in the database, but it seems like my site has skipped one or more database core updates. '''In short''' My install is up to date. But my database core structure/scheme is not up to date. wp_repair, wp_optimize etc. do not flag this. Also setting WP_ALLOW_REPAIR in wp-config.php does not flag this as an issue. I was able to fix this but potentially my database still has other undetected differences. Questions - Should WordPress check on update if a existing database structure/scheme matches how it should be if it were new install? - Should WordPress offer (after backup disclaimer etc.) offer to repair/update the database structure to the latest version? I submit this as a bug and not as a feature since I feel WP_ALLOW_REPAIR should detect if a WordPress table is setup correctly." mike_vl 3 42389 Wrong password on confirmation page after manual activation of additional sub sites has-patch Networks and Sites 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-31T18:44:30Z 2017-10-31T18:46:35Z "In a multisite installation, we use `wp-activate.php` to activate a site using an activation key. Normally when users can register multiple sites using the same account, we ask them to manually click on activation link from email only once (on initial registration). Sometimes when we decide to enable manual activation for all new sites (even if the user has another site registered already), `wp-activate.php` will show wrong login credentials on the confirmation page. This is because `wpmu_activate_signup` returns newly generated password which was not used as the user account already exists. I think currently it is not possible to enable manual activation for additional sites from WordPress without using custom plugin/code. But sometimes when we require this feature, WordPress will show a wrong password on the confirmation page, which will confuse the user. [[Image(https://i.imgur.com/Ua3rgEp.png)]] On the above screenshot, the password was wrong as the user '''protest''' already exist, but WordPress generated a new password. The new password was generated to use if new user account is being created. But in this case, user account was not created. See `wp-includes/ms-functions.php` line `#1031`." joelcj91 42404 Introduce singular capabilities for managing individual plugins needs-unit-tests Role/Capability normal normal Future Release enhancement new 2017-11-01T22:11:24Z 2018-04-18T20:37:39Z "In #38652, singular capabilities were added for activating and deactivating individual plugins. The same should be added for other management actions for plugins: * `edit_plugin` (ability to adit plugin via the Plugin Editor) * `delete_plugin` (ability to outright delete the plugin) * `update_plugin` (ability to update a plugin) Network activation and deactivation will be handled in #42403" johnbillion 2 42405 Introduce singular capabilities for enabling individual themes on Multisite needs-unit-tests Role/Capability normal normal Future Release enhancement new 2017-11-01T22:14:24Z 2017-11-01T22:14:24Z "Related: #39083 The ability to enable or disable individual themes for a site from the Network Admin -> Sites -> Edit -> Themes screen should be controlled by singular capabilities. * `enable_theme` * `disable_theme`" johnbillion 42422 'unique' index not removed from the 'slug' column of the 'wp_terms' table Taxonomy 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-02T19:07:15Z 2017-11-11T18:10:02Z "This is a follow-up to #22023. It appears that on one of my older installations of wordpress the unique index was never removed from the 'slug' column of the 'wp_terms' table. The latest update 4.8.3 must have stirred something up with wp cron, conflicting with the unique status of the column. This has caused thousands of the following errors to be logged which in turn caused our server to 503 due to hitting the PHP FcgidMaxProcessesPerClass limit. Note: this installation has had regular updates since being installed years ago. {{{ stderr: WordPress database error Duplicate entry 'category-slug' for key 'slug' for query INSERT INTO `wp_terms` (`name`, `slug`, `term_group`) VALUES ('Category Name', 'category-slug', 0) made by do_action_ref_array, WP_Hook->do_action, WP_Hook->apply_filters, _wp_batch_split_terms, _split_shared_term }}}" joellisenby 6 42423 Warning in redirect_guess_404_permalink if $query->post_type is an array instead of a string Canonical 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-02T20:02:01Z 2019-02-01T12:30:46Z "I am not familiar enough with WordPress to know if this is an issue or intended. redirect_guess_404_permalink has a block that looks like: wp-includes/canonical.php:594 {{{#!php // if any of post_type, year, monthnum, or day are set, use them to refine the query if ( get_query_var('post_type') ) $where .= $wpdb->prepare("" AND post_type = %s"", get_query_var('post_type')); else $where .= "" AND post_type IN ('"" . implode( ""', '"", get_post_types( array( 'public' => true ) ) ) . ""')""; }}} This works in the case that post_type is a single value, but if it has been changed to an array of values then this looks to trigger the warning: wp-includes/wp-db.php:1353 {{{#!php _doing_it_wrong( 'wpdb::prepare', __( 'The query only expected one placeholder, but an array of multiple placeholders was sent.' ), '4.9.0' ); }}}" augustuswm 1 42428 wp-emoji pops up privacy hanger in Firefox with privacy.resistFingerprinting turned on Emoji 4.1.2 normal normal Future Release defect (bug) new 2017-11-03T09:56:10Z 2018-06-14T18:31:33Z "This isn’t really a bug, but worth reporting anyway. wp-emoji uses a technique that’s often used by trackers for fingerprinting clients: reading canvas pixel data. For them, differences in OS and graphics drivers can lead to subtle differences when text is rendered to a canvas. This means that when they hash data read out of the canvas with text on they have another datapoint to identify a client. To work around this, Firefox has recently uplifted a technique from TOR Browser. If you visit a site that tries to do this it’ll pop open a hanger asking for the user’s permission. You can test this by downloading a copy of Firefox Nightly, going to about:config and setting privacy.resistFingerprinting to true. Which brings us on to WordPress… Unfortunately the default wp-emoji package also uses this technnique, which triggers a browser warning on a large number of sites I visit on a daily basis. While I doubt that WordPress is using this for user tracking, it means that sites that are being nefarious get lost in the WordPress noise. This is a shame, but also I would imagine that it would be hard for Firefox to turn this on by default given the number of sites out there using Wordpress. What I’d like to suggest is that: 1) wp-emoji is reviewed to see whether this technique is necessary for its functionlity. Can it be updated to use some other technique? 2) wp-emoji is considered for removal by default. According to the docs wp-emoji ‘will convert the often greyscale Emoji characters to colored image files.‘ Is this really a problem with the current set of browsers? " robinwhittleton 19 42440 Uncaught TypeError: $(...).wpColorPicker is not a function Script Loader 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-05T23:30:56Z 2017-11-06T00:56:47Z "I can't edit my page using Page Builder because the next Error {{{ gdlr-admin-panel-html.js?ver=f63693efb5b9a5e10ac3abbd57323a6b:192 Uncaught TypeError: $(...).wpColorPicker is not a function at HTMLDocument.<anonymous> (gdlr-admin-panel-html.js?ver=f63693efb5b9a5e10ac3abbd57323a6b:192) at i (load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,utils,plupload&ver=f63693efb5b9a5e10ac3abbd57323a6b:2) at Object.fireWith [as resolveWith] (load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,utils,plupload&ver=f63693efb5b9a5e10ac3abbd57323a6b:2) at Function.ready (load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,utils,plupload&ver=f63693efb5b9a5e10ac3abbd57323a6b:2) at HTMLDocument.K (load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,utils,plupload&ver=f63693efb5b9a5e10ac3abbd57323a6b:2) }}} Can you help please?" shamstarek 1 42441 Disable autoload for large options pbearne has-patch Options, Meta APIs normal normal 6.6 enhancement assigned 2017-11-06T02:20:50Z 2024-03-13T15:09:12Z "A frequent issue I encounter with WordPress sites is extreme slowdown due to a huge option that is being autoloaded. Sometimes this is some sort of cache option that a careless plugin has let be autoloaded, and has grown to tens of megabytes. Having an option this large be autoloaded not only slows downs the options loading query (when that option may not be required on every load), but on sites with object caching, it causes a lot of wear and tear on the alloptions cache. Combine a large option with a frequently updated option and you have a recipe for a very sluggish site. We should consider preventing options from being autoloaded if they grow to a certain size. Off the top of my head, 100kb sounds like a reasonable upper bounds. We could monitor option settings/updates and peek at the size of the option going in. If it's above a certain (filterable) bounds, we can force autoload to be off." markjaquith 62 42448 Add 'upgrader_pre_unpack' hook has-patch Upgrade/Install normal normal Awaiting Review enhancement new 2017-11-06T21:38:50Z 2023-03-22T18:54:13Z The `WP_Upgrader` class provides several hooks that can be used to modify the upgrader process. There is an `'upgrader_pre_download'` hook, for example. But there is no hook that fires after download but before the package is unpacked. It would be nice to add such a hook, which for example could be used to verify a package's signature, or override the unpacking code entirely. jdgrimes 1 42455 WordPress Class methods and Single Responsibility (recent posts widgets) dev-feedback Widgets 4.9.8 normal normal Awaiting Review enhancement new 2017-11-07T13:24:34Z 2022-09-22T09:16:05Z "WordPress uses PHP Classes a lot and this is great for extending and improving. The problem is, many class methods does a lot of things at once and this doesn't help extending at all. For instance, I'm trying to extend the Recent Posts Widget (`WP_Widget_Recent_Posts`). The plugin has it's internal settings and logic, query posts and apply filters. I want to change it's render method, but just that. Don't want to mess with the plugin logic. The problem is, the render method (`widget` method) does a lot of things instead of focusing only on rendering. This forces me to copy every logical actions and reproduce them on my extending class. This could be solved by just splitting the plugin logic and rendering in separated functions (an function to get the posts and filters, separated from the `widget` function). This would improve a lot the WordPress extending by plugins and themes. If we apply the single responsibility principle on WordPress classes and functions, plugins wouldn't need to have much more code. Another point: this enhancement wouldn't impact old plugins/themes if the functions signatures keep the same." viewup 2 42459 "Comments metabox doesn't load all the comments when clicking ""Show more comments"" link" Comments 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-07T18:04:17Z 2018-07-31T18:11:29Z "Recently, I found an issue related to the Comments meta-box on a post edit screen. To reproduce the bug, go to the article with a certain number of comments. Suppose there are 25 comments. Then go to the post edit screen, enable the comments and scroll down to view all the comments(you will see 10). Then click the link ""Show more comments"" at the bottom of the section. You will see the second part of the comments (10 again), and the link ""Show more comments"" will disappear. You may notice that you can't load the remaining comments(5). Why this happened? My short investigation below. I found that on my opinion there is a mismatch in amount of loaded comments between the ''commentBox'' object(`/wp-admin/js/post.js`) and comments meta-box init script(`/wp-admin/includes/meta-boxes.php`). First have a look at `/wp-admin/includes/meta-boxes.php:741` {{{#!php <script type=""text/javascript"">jQuery(document).ready(function(){commentsBox.get(<?php echo $total; ?>, 10);});</script> }}} As you can see there are 10 comments set to be loaded. Then go to `/wp-admin/js/post.js:42-45` {{{#!js if ( ! num ) num = 20; this.st += num; }}} As you can see there is default `num` value set to 20. Important: then commentBox.st was increased by a `num` value. But now have a look at ""Show more comments"" link onclick attribute. {{{#!php <a href=""#commentstatusdiv"" onclick=""commentsBox.load(26);return false;"">Show more comments</a> }}} As you can see `commentsBox.load(26)` call will update `commentBox.st` but then `commentBox.get(26, 20)` will be called (because `num = 20`). But to fit the init script(`meta-boxes.php`) it should be `commentBox.get(26, 10)`. My solution here is to set default `num` value to 10. So I guess `/wp-admin/js/post.js:42` should looks like this: {{{#!js if ( ! num ) num = 10; }}} Let me know if I missed something and we can't accept new default `num` value. I have tested it on my local end. It works well after I changed `num` default value to 10." rku4er 2 42468 Iron out the usage of 'homepage', 'home page', 'front page' Administration normal normal Awaiting Review defect (bug) new 2017-11-08T14:41:43Z 2020-02-06T19:30:25Z "As discussed in #41828, I think we need clarification of the usage of 'Homepage' vs. 'Home Page' or 'Front Page'. In german we used to differ the homepage from a 'start page', see screenshot. Can I assume it' all the same, like the french do? Quoting @fxbenard: We made the choice to always translate it the same way in FR, no more consistency issues" Presskopp 9 42478 Add_permastruct ignores EP_NONE and other args if %post_id% is present in struct Rewrite Rules 4.9 normal normal Awaiting Review defect (bug) new 2017-11-08T22:15:20Z 2017-11-08T22:15:20Z "Additional rewrite rules are made if the %post_id% is in a struct passed to add_permastruct. This happens because generate_rewrite_rules (called in to process the permastructs) assumes anything with %post_id% in its struct is a post and should have attachments, talkbacks, comments, etc. I suspect it's holdover from when %post_id% and p= only referred to posts and post_ids from the wp_posts table at large. I have a simple enough solution. Add another default rewrite_tag that generates the 'p=' query but doesn't trigger the additional rewrites. i.e. add_rewrite_tag( '%p%', '([0-9]+)', 'p=' );" Underscorefunk 42481 TEST_COOKIE and LOGGED_IN_COOKIE secure flag create issues on non-secure login Login and Registration 4.9 low normal Awaiting Review defect (bug) new 2017-11-09T01:30:29Z 2019-04-29T08:24:10Z "Once a user has accessed the login form over https (possible without a valid ssl license, ignoring the browser warning) the WordPress TEST_COOKIE will have the secure flag set https://core.trac.wordpress.org/browser/trunk/src/wp-login.php#L433 When that user goes back to login over http, this will no longer be possible. The test cookie will be ignored by the browser because of the secure flag. Without the test cookie, all login attempts will be redirected back to the login form with a warning about cookies not being set by the browser. Most users will not know why this happens and will no longer be able to log in. The user will have to go back to https, open the developer toolbar, delete the cookie and then back to http. Only then the test cookie will be set again, this time without the secure flag. A work-around to prevent users from being locked out like this, is to make the test cookie name ""http/s aware"" with something like this in wp-config.php: {{{ $secure = ( isset($_SERVER['HTTPS']) && 'on' == $_SERVER['HTTPS'] ) ? '_sec' : ''; define( 'TEST_COOKIE', 'wordpress' . $secure . '_test_cookie' ); }}} (using wordpress_sec for secure cookie similar to the auth cookie) But... the real question is: '''Why does the test cookie need the secure flag at all?''' There is no sensitive information passed and it's only there to (as the name suggests) test for cookie unaware or blocking browsers. At least as far as I can tell, there would be no possible problem with simply removing this cookies secure flag. This will not affect any sensitive login/session cookies secure flags. Or am I mistaken? Are there use cases where the browser can be set to accept cookies over https while blocking them over http? " RavanH 6 42484 WP ajax call fail when executing long time 'ERR_SPDY_PROTOCOL_ERROR'. Media 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-09T12:18:18Z 2017-11-09T12:38:47Z "Hello, I have one ajax script that is uploading 25MB video on server and convert on server. This core process doing by only WordPress ajax file. This process is run successfully but after uploading and conversion ajax automatically fail and give me this error ""ERR_SPDY_PROTOCOL_ERROR"". This error i am facing from last update(4.8.3). so i think there is issue regarding ajax call in WordPress 4.8.3 version. I am WordPress Developer with 6+ years of experience and i have found this bug. Please review this bug. There is attach one image related to error. [[Image(http://webidroid.com/WP_ajax_err.png)]] " gaurangsondagar 1 42486 The Tools screen is blank for users who cannot manage categories or tags dev-feedback Administration 4.9 normal normal Awaiting Review defect (bug) assigned 2017-11-09T17:05:12Z 2024-01-17T17:05:15Z "Since Press This was removed in #41689, the Tools screen is only composed of the Categories and Tags Converter. For users who can't manage categories or tags (Authors and Contributors), the Tools screen is now completely empty. Subscribers currently don't see the Tools admin menu item. The Tools admin menu item should be removed if there's nothing to display on it." johnbillion 38 42487 Avoid redundant crops for all Customizer media controls. needs-unit-tests Media normal normal Future Release enhancement new 2017-11-09T17:09:17Z 2019-02-07T21:45:56Z "In WordPress 4.9, we made use of context metadata to keep from producing redundant crops in the media library for custom headers (see #21819). We should extend this behavior to all other media controls in the Customizer (e.g., custom logos, site icon, etc.). There are a few parts to the implementation to keep in mind: 1. We should only create one cropped attachment per context for a given site/theme option. So for instance, if a custom logo has already been cropped from an attachment for the theme being customized, we should replace that attachment instead of creating a new one. However, we ''should'' create a new attachment if the crop was created for a different theme (this may not apply to site-level settings). 2. The context of an attachment should be included in the JSON model returned by `wp_prepare_attachment_for_js()` and used to filter contextual crops out of the main media attachment library. However, it would be great if those were ''not'' filtered when you've opened the media library from the context which those attachments are created/selected." joemcgill 2 42512 Domain with special character redirect loop on homepage Canonical 4.5 normal normal Awaiting Review defect (bug) new 2017-11-11T11:31:53Z 2018-03-14T01:39:00Z "Hi, i am experiencing a problem with wordpress starting with 4.5 i think. Since this commit [1] i always get redirect loops on the home page. this issue seemed to be fixed, and i can confirm this on various wordpress instances. But one instance has a '''domain with a special character''' (""ö"" - german Umlaut), and the problem persists there. Also i am not the only user who can confirm this issue [2]. Currently i have to reset the line [3] to the old value after every update since it gets overwritten. This is not a solution, only a very bad workaround. Of course i already have tried to disable all plugins, themes etc. which could cause the issue. I can say, that the problem is not caused by the hoster since i have many wordpress instances running on the same hoster and no other does have this problem (and no other have a special character in the domain) Regards [1] https://github.com/WordPress/WordPress/commit/84a3b4407f9e03311aa591004f3bec0639f3ba3f?diff=unified [2] https://wordpress.org/support/topic/45-causes-infinite-redirect-on-static-front-page/page/2/#post-8156893 [3] https://github.com/WordPress/WordPress/commit/84a3b4407f9e03311aa591004f3bec0639f3ba3f?diff=unified#diff-dc3247fd3fa65f15e6fc5ce8c6fa2d42L175" stefan-niedermann 1 42513 WP_Theme::get_post_templates() is extremely inefficient for large themes needs-unit-tests Themes 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-11T14:07:01Z 2017-11-12T13:13:42Z "WP_Theme::get_post_templates() uses file_get_contents() to read the complete contents of each theme php file in the root of a theme into memory, twice, and processes the result with a custom Regular Expression. As a result, significantly more data than necessary is processed when loading large themes. In addition, because the standard get_file_data() function is not called (as it is with all other header comments), the ""extra_{$context}_headers"" filter is never called, which is inconsistent behavior with other file_header related operations, such as the WP_Theme constructor." gschoppe 4 42517 get_file_data() doesn't support the single-line variant of post template headers needs-unit-tests General 4.9 normal normal Awaiting Review defect (bug) new 2017-11-12T13:05:45Z 2017-11-13T17:24:40Z "get_file_data() is the common function used to retrieve information stored in a file's header comment. The function works fine for Plugin files and Theme style.css files, but is currently not used by the functions enumerating post templates, despite their header format being a clear subset of the same grammar. The issue comes from the fact that post templates have traditionally supported single-line header comments, of the form: {{{#!php <?php // Template Name: Full-Width ?> }}} or even {{{#!php <? # Template Name: Full-Width ?> }}} Addressing this inconsistency will allow post templates to use the same file-handling function that other theme/plugin files use, and will significantly reducing the amount of potential data parsed by WP_Theme::get_post_templates() see issue [https://core.trac.wordpress.org/ticket/42513 #42513]" gschoppe 3 42522 Terms are uselessly counted when saving a post has-patch Taxonomy 3.3 normal normal Awaiting Review defect (bug) new 2017-11-12T17:37:07Z 2017-11-13T08:50:10Z This occurs even when terms have not been modified and when the post status has not changed. This is due to `_update_term_count_on_transition_post_status` not checking if the post status has been modified. Chouby 2 42527 "Admin menus: PHP warning ""open_basedir restriction..."" when `_wp_menu_output` is called" Administration 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-13T10:13:25Z 2023-11-18T19:39:26Z "When plugins create certain kinds of administration menus, PHP warnings can occur when those menus are rendered. Although it's the plugin that generates the menu, it's the WordPress core code that is responsible for the warnings. There may be related situations under which PHP warnings may occur during administration menu rendering, but the ones I've observed are, in summary: * When the PHP setting `open_basedir` is used. * When PHP is running under a Windows operating system. * When a plugin generates an administration menu featuring an external URL. Possible related issues are... * ticket:25048 -- file_exists check in menu-header.php causes issue with backend menu on an IIS server * ticket:0132 -- PHP Warning at menu-header.php line 118 === Steps to Reproduce 1. Preparation: (a) Make a website testing area running under a Windows operating system. I tested with Windows 7. (b) Have a web server installed. I tested with Apache 2.2. (c) Have MySQL installed and prepare necessary user accounts and databases. I used MySQL 5.6. (d) Have PHP installed and configured so that the `open_basedir` setting is ''not'' used (the test plugin will do that). I tested with PHP 7.1.5. Ensure PHP error logging is enabled. 2. Install WordPress 4.8.3. 3. Create a directory `wp-content/mu-plugins`. 4. Put the file `test.admin.menu.php` (attached) into that directory. 5. Log into WordPress as administrator. 6. Go to the dashboard. 7. Check that the ""NaNoWriMo"" menu appears. 8. Click the ""Info"" sub-menu under ""NaNoWriMo"". === Expected Behaviour The ""National Novel Writing Month"" information page should appear in the dashboard. Below the info, there should be only one error message displayed as ""test error, please ignore"". === Actual Behaviour In addition, there is an ""open_basedir"" error message displayed. This message may also appear in the PHP error log. The above happens when PHP runs under Windows. Under Linux, the behaviour is as expected, with no extra warning messages. === Impact The administrative menus are created correctly and behave as expected, however, there are PHP warning messages generated when those menus are rendered by `wp_menu_output()` in `wp-admin/menu-header.php`. The problem may seem relatively benign, but it could lead to bloated logs. It may also indicate more serious underlying issues. === Analysis The issue occurs when an administration menu (or sub-menu) with an external URL is created. The WordPress core attempts to make a file system path out of this URL, then checks for its existence. For example: `{DOCUMENT_ROOT}/wp-content/plugins/https:/nanowrimo.org` While this kind of operation may not be inherently dangerous, and does not seem to cause warnings unless the `open_basedir` PHP setting is used, concatenating URLs to file system paths is not an algorithmically correct thing to do." darkskipper 4 42532 Custom post type : redirection bug after publish when cap edit_published_cpt is not set reporter-feedback Role/Capability normal normal Awaiting Review defect (bug) new 2017-11-13T12:49:29Z 2019-01-16T06:34:06Z "For a custom post type (movie for example), if user have capability `publish_movies` but not `edit_published_movies`, when he publishes a new movie, he is redirected to `http://example.com/edit.php` instead of `http://example.com/edit.php?post_type=movie` I make a gif to illustrate this : [[Image(https://media.giphy.com/media/xT0xeo4c4WIOKd4qFW/giphy.gif)]] ---- User role capabilities : * edit_movies * edit_others_movies * publish_movies * read Custom post type settings : {{{ $labels = array( ""name"" => __( ""Movies"", ""twentyseventeen"" ), ""singular_name"" => __( ""Movie"", ""twentyseventeen"" ), ); $args = array( ""label"" => __( ""Movies"", ""twentyseventeen"" ), ""labels"" => $labels, ""description"" => """", ""public"" => true, ""publicly_queryable"" => true, ""show_ui"" => true, ""show_in_rest"" => false, ""rest_base"" => """", ""has_archive"" => false, ""show_in_menu"" => true, ""exclude_from_search"" => false, ""capability_type"" => ""movie"", ""map_meta_cap"" => true, ""hierarchical"" => false, ""rewrite"" => array( ""slug"" => ""movie"", ""with_front"" => true ), ""query_var"" => true, ""supports"" => array( ""title"", ""editor"", ""thumbnail"" ), ); register_post_type( ""movie"", $args ); }}} " ajoah 6 42533 New pages scheduled via Customizer viewable as admin, 404 as visitor Customize 4.9 normal normal Future Release defect (bug) new 2017-11-13T15:12:36Z 2021-05-29T18:38:36Z "'''I'm not 100% if this is a bug, but here's the issue I am seeing:''' If I add a new page via the Customizer and schedule the changes for 5 minutes in the future: * As an admin viewing the '''Share Preview Link''', I can view the new page. * As a visitor viewing the '''Share Preview Link''', I get a 404 when trying to access the new page. ---- I posted a Google Doc with steps to reproduce and screenshots here: https://docs.google.com/document/d/1tiTjWjlUnVGNDaUZjFWmyg1BFRz6nF7tCTO-jjaXXUs/edit?usp=sharing '''If the document is unreachable, here are the steps from the doc:''' 1. Install a new WordPress site via Softaculous 1. Install WordPress Beta Tester plugin and upgrade to latest WordPress versions: 1. Access the Customizer 1. Menus > Top Menu > Add Items > ''Add New Page'' '''New Page 1''' > Add 1. Schedule the changes for the future, like 1 hour in the future. 1. Copy the Share Preview Link, you’ll need it in step 10. 1. Click the Share Preview Link 1. Click the link in the menu for '''New Page 1'''. You’re currently logged in as an admin, and you can see it. 1. Logout of WordPress. 1. As a visitor, access the '''Share Preview Link''' (the link you copied in step 6). 1. Click '''New Page 1''' in the menu. You’ll get a 404. This 404 I believe is a bug. If I’ve been working on ''New Page 1'' and I want a client to preview my draft, I would expect them to be able to see it without logging in. " bwmarkle 9 42536 Smoothen Plugin Updates Plugins normal normal Awaiting Review enhancement reopened 2017-11-14T02:55:30Z 2023-04-12T20:10:14Z "When about to select plugins to be updated, there's the button 'Update Plugins' (2 times). Having selected nothing I can click on it and it will take a few seconds making requests ending up in an error message. I propose to either: 1. Inactivate the button(s) whenever selected plugins count is 0 2. Change the button to ""Update all plugins"", making it ""auto-select"" all possible one's OR Add a new button to do so (eventually combined with 1.) 3. Something like that" Presskopp 6 42540 Don't move focus to the editor when switching editor mode Editor normal normal Future Release defect (bug) new 2017-11-14T10:38:33Z 2019-01-10T17:31:15Z "Splitting this out from #42530. When switching the classic editor from ""Text"" mode to ""Visual"" mode, the editor area is focused. Worth noting this is a TinyMCE behavior, not something WordPress does. For a number of years it always worked this way, with a few exceptions. For example, in 4.8.3 the editor is not focused for me, not sure if something changed in TinyMCE. Regardless of what happened to TinyMCE, I'd propose to finally discuss this behavior and evaluate if it's a good one for all users. It was discussed sometimes in the past, as part of other issues, see for example #30490 but never fully addressed. This issue is even more relevant now that #41962 is going to move focus to the editor in both Visual and Text mode, when there is a selection. Moving focus programmatically is often problematic because it generally assumes just one, specific, workflow. From an usability perspective, moving focus to the editor assumes users want to start typing immediately. This may or may not be true. It's an assumption. From an accessibility perspective, unexpectedly switching context is a huge concern. See also the discussion on #42530. Any thoughts and discussione welcome!" afercia 3 42546 WP_Query not handling 'LIKE' correctly. Query 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-14T16:27:03Z 2018-03-14T09:30:49Z "I am doing custom PHP to retrieve listings (as a CPT) from the database for a Realty Company website I'm working on and one of the criteria is searching on the city from a search field on a form. The problem is the generated SQL has some sort of guid in it instead of the expected percent character normally used with LIKE. Here is the generated SQL from WP_Query: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.* FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) INNER JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id ) WHERE 1=1 AND ( ( wp_postmeta.meta_key = 'city' AND wp_postmeta.meta_value LIKE '{f270e6c7d3b231242ceefa28fdd47243cac2100fe4fe8c9df633ec6f3cc2f583}fairfield{f270e6c7d3b231242ceefa28fdd47243cac2100fe4fe8c9df633ec6f3cc2f583}' ) AND ( mt1.meta_key = 'beds' AND mt1.meta_value >= '0' ) ) AND wp_posts.post_type = 'listings' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'future' OR wp_posts.post_status = 'draft' OR wp_posts.post_status = 'pending' OR wp_posts.post_status = 'private') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 10 }}} As you can see the generated code for searching the ""city"" field is: {{{ wp_postmeta.meta_value LIKE '{f270e6c7d3b231242ceefa28fdd47243cac2100fe4fe8c9df633ec6f3cc2f583}fairfield{f270e6c7d3b231242ceefa28fdd47243cac2100fe4fe8c9df633ec6f3cc2f583}' }}} The ""expected"" code should look like this: {{{ wp_postmeta.meta_value LIKE '%fairfield%' }}} The form is found here: https://millersells.com/search-2/ After making selections and clicking the Search button it calls itself with url parameters and you get one of these errors: ""Fatal error: Maximum execution time of 60 seconds exceeded in /home/extremx1/public_html/millersells2017b/wp-includes/query.php on line 0"" OR ""Fatal error: Maximum execution time of 60 seconds exceeded in /home/extremx1/public_html/millersells2017b/wp-includes/class-wp-query.php on line 3090"" (Example URL with parameters: https://millersells.com/search-2/?cf_id=37&loc=fairfield&type=SingleFamilyHome&beds=3&baths=2&min_price=0&max_price=0) I am using this PHP code to create the query (for now I'm just working with 2 of the search fields): {{{ <?php if (isset($_GET['loc'])) $location = trim($_GET['loc']); else $location = ''; if (isset($_GET['type'])) $type = trim($_GET['type']); else $type = ''; if (isset($_GET['beds'])) $bedrooms = trim($_GET['beds']); else $bedrooms = 0; if (isset($_GET['baths'])) $bathrooms = trim($_GET['baths']); else $bathrooms = 0; if (isset($_GET['min_price'])) $min_price = trim($_GET['min_price']); else $min_price = 0; if (isset($_GET['max_price'])) $max_price = trim($_GET['max_price']); else $max_price = 999999999; $location = 'fairfield'; $args = array( 'post_type' => array( 'listings' ), 'meta_query' => array( array( 'key' => 'city', 'value' => $location, 'type' => 'CHAR', 'compare' => 'LIKE', ), array( 'key' => 'beds', 'value' => $bedrooms, 'compare' => '>=' ) ) ); $the_query = new WP_Query( $args ); ?> }}} To see the generated SQL I added this code at line 2752 in wp_includes/class-wp-query.php: echo $this->request; Also to aid in debugging I would suggest you add a ""generated_sql"" parameter to the query object that we can echo to see what the actual generated SQL looks like. EX: {{{echo $the_query->generated_sql;}}} Thanks! Tim :o] PS: Your welcome to contact me at tberneman@gmail.com" tberneman 1 42549 Widgets: Allow gallery widget to display images from currently-queried singular post if no images selected audrasjb needs-unit-tests Widgets 4.9 normal normal Future Release enhancement assigned 2017-11-14T18:22:48Z 2020-02-05T00:49:17Z In #42548 (pending) a `[gallery]` placed inside of a Text widget will result in the attachments for a given post to be used in the gallery when the widget appears on a singular template. The same behavior could be allowed for the Gallery widget as well. If you add a gallery widget to a sidebar but don't add any images to it, the widget could conditionally show if it is being rendered on a singular template for a post that has image attachments. westonruter 9 42557 Wrong Behaviour on get_site_url for multiple sites with different protocol Networks and Sites 4.9 normal normal Awaiting Review defect (bug) new 2017-11-15T14:41:28Z 2017-12-21T23:18:17Z "Hi guys, i think i found something that imho isn't working at all as expected. Let's go with some explaination: * I have a multisite network which has 4 sites * 1 site, the main one, is under HTTPS protocol, the rest are under normal HTTP * I've made a unique theme, customized for all 4 sites * '''I don't want to pass the scheme to get_site_url()''' , this should be created dinamically In theme footer, i'm calling the function {{{ get_site_url() }}} for pointing each site to other ones. Something really bad happens here: * The first site (the https:// one) show all the links with https on top, and it's totally wrong as the remaining sites are all under http * Instead, the remaining sites show all the link with http on top, included the first https one So, after inspecting a while, it seems you're doing something i cannot really explain... * function get_site_url (link-template.php, row 3063) get the siteurl option from database using get_option('siteurl') and then you call set_url_scheme * function set_url_scheme will be blocked from first condition check {{{ if(! $scheme) }}}, so we're going to is_ssl() * and here we are with something misunderstood... function is_ssl() checks if $_SERVER[ 'HTTPS' ] global var is set and return true or false for the current server configuration, not bothering of other sites configuration (!?!?!?!?!?) * so when i interrogate a HTTPS site, all links will be ssl, when i interrogate a HTTP site, all links won't have ahead that protocol. I don't think this is an optimal way to check this thing honestly... Could we discuss about it?" matteowebsolution 1 42560 mp4 files do not play in Safari has-patch Media 3.0 normal normal Awaiting Review defect (bug) reopened 2017-11-15T18:54:34Z 2021-03-17T00:26:36Z "When a user uploads an mp4 file, it will not play in Safari. We have determined that this is not an issue with our Apache server (seems to happen to some folks that they have disabled range request headers) as the same file uploaded elsewhere on our server but externally from the wordpress site loads fine. It seems that perhaps the video is attempting to load in byte ranges but that WordPress is returning a 200 response instead of a 206, but that is just a hunch." cg923 20 42566 When I use wp_nav_menu I get a huge update_meta_cache query regardless of theme Menus 4.8.3 normal normal Awaiting Review defect (bug) reopened 2017-11-15T23:53:36Z 2021-01-26T02:32:23Z "Hi there, I've got a wordpress site that's been up and running for a couple of years now. I always keep core+plugins up to date, and although I use a custom theme, I'm pretty happy with how it's working. Recently however it started to crash regularly - and the server guys notified me that it was mysql that was causing it. So I installed Query Monitor and took a look - there was a massive query which looked like this: {{{ SELECT post_id, meta_key, meta_value FROM ajs_postmeta WHERE post_id IN (11178,9677,9060,7417,7354, <lots more ids>) ORDER BY meta_id ASC }}} This was returning 20,000 rows each time the page was loading. This obviously overloaded the server during peak times and it needed rebooting. This is the code that was causing the problem (I know this because I replaced it and the offending query disappeared) {{{#!php <?php $header_menu_query = wp_nav_menu(array( 'theme_location' => 'header-menu', 'container' => 'nav', 'container_class' => 'nav-menu-holder nav-menu-landing nav-new', 'menu_class' => 'nav-menu', 'walker' => new themeslug_walker_nav_menu)); }}} So I replaced wp_nav_menu with static HTML and the query size reduced as it was no longer calling wp_nav_menu. I thought it might have been something I'd done in my theme - so I removed the custom walker, which didn't have any effect, and played about with some settings. I tried using the recommendation here: [https://hitchhackerguide.com/2011/11/01/reducing-postmeta-queries-with-update_meta_cache]/ but that had no effect. So the next step was to try a different menu. So I deleted my menu (which had 70/80 items in it) and added 5 new items to a new menu. That then gave the following query: {{{ SELECT post_id, meta_key, meta_value FROM ajs_postmeta WHERE post_id IN (11178,9677,9060,7417,7354) ORDER BY meta_id ASC }}} which is the same query as above but without the lots of additional ids - as this menu only had 5 items. This returned around 450 rows - so it's not hard to see that a menu with 70/80 items would get up to 20,000. The last thing I tried was to change to the default theme and disable all plugins (bar Query Monitor) and tried again. I associated my test menu (with the 5 items) with the 2017 theme top menu and checked query monitor - it still showed this query: {{{ SELECT post_id, meta_key, meta_value FROM ajs_postmeta WHERE post_id IN (11178,9677,9060,7417,7354) ORDER BY meta_id ASC }}} with the same number of rows. So my question is this - is this something that is a problem in core wordpress, seeing as this update_meta_cache() method seems to be creating massive queries if you have a larger than average menu - even 15/20 items would create a fairly large result set each time. I've been googling like crazy as I really want to get this sorted - but I can't seem to find a solution, and I'm wondering if it's something in the latest release. There's no difference between browser or OS that I can see - its just something wrong (I think) with the update_meta_cache method as it relates to the wp_nav_menu function. Anyway, happy for you to take a look at my config etc - let me know what you need. Best email to get me on is andy@weboptimize.co.uk or you can call my UK mobile on 07791-107755 Thanks Andy" andyseaton83 3 42568 Text Widget: Media Uploader Button Label Widgets normal normal Awaiting Review enhancement new 2017-11-16T06:03:35Z 2021-06-14T15:50:14Z I was wondering if the '''Media Uploader''' in the new '''Text Widget''' has a button with label '''Insert Into Widget''' instead of '''Insert Into Post''' as shown here: http://prntscr.com/hb38jv . It would be more meaningful I guess :) saurav.rox 1 42572 Can't delete custom taxonomy tags from a post Taxonomy 4.9 normal normal Awaiting Review defect (bug) new 2017-11-16T07:17:40Z 2017-11-16T07:17:40Z "Symptoms are the same as #39388: I can add terms in my custom taxonomy to a post, but I can't remove them. I'm not using any of the filters mentioned in that ticket. Based on logging all SQL queries on saving a post, it looks like removing a category triggers a query like: {{{ DELETE FROM wp_term_relationships WHERE object_id = 1470 AND term_taxonomy_id IN ('7') }}} No DELETE query at all is running when I try to remove the custom taxonomy, so it's not a malformed query. Same problem whether I'm using the classic editor, the quick editor, or Gutenberg. As a further wrinkle, in the classic editor, my terms don't even show up in the checkboxes in the sidebar (all of them are unchecked), though they do show up on the front end, in the quick editor, and in Gutenberg. This didn't always happen, but I don't recall the version it started with. Disabling all plugins doesn't fix it, neither does clearing out my functions.php entirely, and neither does changing 'hierarchical' to false. My arguments for registering the taxonomy are as follows: {{{ $args = [ 'labels' => [ /* a bunch of strings */ ], 'public' => true, 'hierarchical' => true, 'show_in_rest' => true, 'rewrite' => ['hierarchical' => true], 'query_var' => 'idea' ]; }}}" thrica 42586 Code Editor: Inconsistent results between finding in CodeMirror vs browser Administration 4.9 normal major Future Release defect (bug) new 2017-11-16T16:43:25Z 2022-11-17T23:54:13Z "When in the Appearance/Editor, f'rinstance, when editing a child theme's CSS file, the Ctrl-F (Search) no longer works. SOMETIMES it will find a string IF that string is on the VISIBLE portion of the screen. It will NOT find that string in the file if the string is NOT visible. Sometimes it will not find the string at all - visible or not. A serious impeiment to the Editor!" wpress2010 47 42589 "Add missing ""third argument"" documentation to user_can()" dev-feedback Role/Capability normal normal Future Release enhancement new 2017-11-16T20:28:54Z 2019-01-08T10:11:37Z "There is an undocumented, third argument, '''$args''', into [https://developer.wordpress.org/reference/functions/user_can/ user_can()] function as written in [https://developer.wordpress.org/plugins/users/roles-and-capabilities/#user-can Roles and Capabilities] section of Plugin Handbook. It's the same of [https://developer.wordpress.org/reference/functions/current_user_can/ current_user_can()] (already documented)." mariovalney 4 42598 Twenty Seventeen: Sticky header offset issue has-patch Bundled Theme normal normal Future Release defect (bug) new 2017-11-17T10:17:07Z 2019-01-21T17:31:53Z "Theme: Twenty Seventeen Version: 1.3+ (not tested below 1.3) The theme has an option to make the header/ menu ""sticky"" or fixed position. The theme also has a function that handles the position of the viewport, so that the menu does not sit on top of content navigated from internal links. For example if you were to jump to a section of the page using '#about' the theme's JS would fire and amend the viewport in relation to the height of the fixed menu. '''The bug''' If a link goes to a section of content another page the theme's JS that amends the viewport no longer works. I've tried debugging this from the support forums on someone's website and I think the issue is related to the order in which the JS fires; 1) When the page loads the header height is not fully calculated; 2) The theme's JS then moves the viewport to fix the sticky menu overlap, which uses the position of the scrollbar as reference; 3) The theme's JS then applies a margin-bottom on the header, causing a shift in the scrolling position 4) The result is that the offset is incorrect and the fixed menu sits on top of the content. Steps to replicate: - Enable the sticky header - Create a ""Continue reading"" link that goes to a new page (with a hash to the section) - Press that ""Continue reading"" link to see the problem in the linked page " anevins 5 42599 Design changes in Tools Categories and Tags Converter box and Tools Import box has-patch Import 4.9 normal normal Awaiting Review defect (bug) new 2017-11-17T10:27:46Z 2019-01-30T06:51:36Z "Some Design changes in Categories and Tags Converter box and Import box Go to wp-admin 1. Tools > Available Tools 2. Tools > Import" Shital Patel 8 42610 Admin created account password reset process not reverse proxy friendly Login and Registration 4.9 normal normal Awaiting Review defect (bug) new 2017-11-17T21:08:41Z 2017-11-17T21:08:41Z "WordPress newbie, so feel free to point me to a better resolution. Couldn't find anything quite like this. Have WP running mostly correctly behind a reverse proxy. So no one ever directly touches blog.<domain>.com (the WP site), instead they access it through www.<domain>.com/blog If I create user accounts in the admin, it sends initial password reset links to the new accounts, which have a format like www.<domain>.com/blog/wp-login.php?action=rp&key=<hash>&login=<user> In wp-login.php, I see the case that catches the rp action, and it does something with the key and user parameters, then strips them off and redirects again to wp-login as follows: {{{#!php wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) ); }}} I'm unclear on why this line doesn't incorporate site_url as do several other places in nearby code. The user ends up getting a redirect to /wp-login.php. That is, from the '''user's perspective''' (not seeing the reverse proxy activity), it looks like: www.<domain>.com/blog/wp-login.php?action=rp&key=<hash>&login=<user> redirects to www.<domain>.com/wp-login.php?action=rp which is a 404 From the '''WP server's''' perspective, it told blog.<domain>.com/wp-login.php?action=rp&key=<hash>&login=<user> to redirect to /wp-login.php?action=rp which would have been fine if there were no reverse proxy involved. This is not the desired behavior in my case, and I would think it would be safe to redirect to <site_url>/wp-login.php?<query string with key and login removed> I can work around it in the main site's rewrite rules by forcing /wp-login to /blog/wp-login, but that seems as if it shouldn't be necessary. Thanks for your consideration." normjhansen 42614 Customize: Changesets can still be previewed even after having been published Customize 4.7 normal normal Future Release defect (bug) new 2017-11-18T00:44:05Z 2019-01-21T03:56:34Z "Steps to reproduce: 1. Change the site title to “First Changeset” 2. Save Draft. 3. Open frontend preview link in a new tab and see “First Changeset” as site title. 4. Back in Customizer tab, publish the changes. 5. Change the site title now to “Second Changeset” 6. Publish the changes. 7. Go back to the frontend preview in the other tab and reload. Bug: notice the first changeset is still able to be previewed even though it it is published (or rather, trashed, since in core a published changeset by default is immediately trashed for garbage collection if revisions support is not enabled). Note however that if you click the “Customize” link in the admin bar from the published changeset frontend preview, you'll land on the Customizer with an error (from [https://github.com/WordPress/wordpress-develop/blob/b424eecd0b255537ec3b7d87f8096d8158f92aae/src/wp-admin/customize.php#L77-L84 customize.php]): > This changeset cannot be further modified. It seems something similar should be done for changesets on the frontend. I can see a case for why being able to preview a changeset with a `publish` status could be useful. For example, if revisions are enabled for changesets, it could indeed be useful to preview an old published changeset to see old changes re-applied. However, when a published changeset goes straight to trash, these do not seem they should be able to be previewed. Should attempting to preview a trashed changeset be silently ignored or should there be an error message like when accessing `customize.php` with a trashed changeset?" westonruter 2 42633 Suggestion to provide Better Page and Image Management Media 4.9 normal normal Awaiting Review feature request new 2017-11-20T03:41:59Z 2017-11-20T05:24:14Z "**** This is not bug report but a suggestion **** Not at all sure if this is the right place for this however, I've been using wordpress for about 12 months now and believe it lacks somewhat in the management of pages and media. I believe that it would help tremendously helpful if we could: (1) organize pages into groups or folders as it can be overwhelming with the current long list of pages when we are working on large sites with a lot of pages, and (2) similarly, organize media into folders so for example, we could keep site media separate from post media. Thanks for listening" sixlinksrule 1 42635 Customize: Add default value for customizeAction param for sections Customize 4.3 normal normal Future Release enhancement new 2017-11-20T05:30:21Z 2018-10-12T04:07:05Z "Currently the `customizeAction` has to be explicitly provided when dynamically adding sections via JS. If not, then the section header has broken layout. There should be a default value provided so that this doesn't have to be provided each time (see #42083). Adding a default value for `customizeAction` is complicated a bit by the fact that it [https://github.com/WordPress/wordpress-develop/blob/4af1237176c326e7840361fd580fdc3f97841e6a/src/wp-includes/class-wp-customize-section.php#L228-L233 varies based on whether the section has a parent panel]. The `getContainer` method of `wp.customize.Section` probably should check if `customizeAction` is empty and if so supply one: it could look to see if it has a `panel` parent, and if so, grab the title; otherwise, it can use the default “Customizing” value. A default value should have been originally provided in #30737. Workaround for plugins to provide a default value in the mean time: {{{#!php <?php add_action( 'customize_controls_enqueue_scripts', function() { wp_add_inline_script( 'customize-controls', sprintf( 'wp.customize.Section.prototype.defaults.customizeAction = %s;', wp_json_encode( __( 'Customizing' ) ) ) ); } ); }}} " westonruter 1 42637 Wrong button text for plugin installation failed! close Plugins normal normal Awaiting Review defect (bug) new 2017-11-20T07:42:07Z 2022-02-10T01:08:13Z "Button text should be `Installation Failed!` instead of `Update Failed!` if plugin installation failed. Check below gif: Latest version: http://bsf.io/yola3 After applied patch: http://bsf.io/rblas" Mahesh901122 1 42642 Displayin page WP 4.9 General 4.9 normal normal Awaiting Review defect (bug) new 2017-11-20T15:10:06Z 2017-11-20T15:27:45Z "I prefer to display my pages on one column rather than on two, as default checked in WP. It works fine with twentyseventeen theme and WP 4.8.3. But it does not any longer works with WP 4.9. So, I undergraded to 4.8.3 but what a work and waste of time. Any idea about this bug solving ? Jacques" jibe64320 1 42644 Customize: Add rich text control for managing tagline and new footer credit theme support Customize 4.8 normal normal Future Release feature request new 2017-11-20T19:47:50Z 2019-01-09T00:15:08Z "In #35243 we extended the Text widget to add TinyMCE. This depended on #35760 which introduced the `wp.editor.initialize()` API for dynamically-instantiating TinyMCE editors. Similarly in #41897 we introduced a Code Editor control which leveraged the `wp.codeEditor.initialize()` API introduced in #12423. It would seem that there should similarly be a rich text control available in the Customizer. The rich text control could be used to manage the site's tagline. This rich text control could also be leveraged by themes to manage a site's footer credits; the control could appear in the Site Identity section. Instead of “Powered by WordPress” being hard-coded into the theme's footer, it could instead be the default value for a `footer_credit` option. This would then allow a user to easily add additional site credits and copyright information to the footer of their site, without having to modify the theme template to do so. WordPress.com has a dropdown control with preset options for this “powered by” text and then a final option to hide for business plans. There could also be a “custom” option which could then reveal a footer credit rich text input where a user could supply links and other content allowed by the Text widget. Naturally the bundled core themes in WordPress.org could make this available by default without requiring a business plan. A new `footer_credit` theme support could be added support added to Twenty Seventeen to take advantage of this new functionality. Previewing the change to the footer text should be done with selective refresh. The rich text control could also be used in themes for managing other parts of the template, like business hours appearing in the header, without having to add a new widget sidebar. Editor should only initialize once the control's containing section is expanded, as was done with the Code Editor control. " westonruter 6 42645 Support passing version number to add_editor_style() dinhtungdu has-patch Editor normal normal Future Release enhancement assigned 2017-11-20T23:11:26Z 2019-09-24T17:53:40Z For automagically flushing browser cache, it would be helpful if `add_editor_style()` supported a version number argument. danielbachhuber 11 42654 Color Palette on Theme Options reporter-feedback Themes 4.9 normal normal Awaiting Review defect (bug) new 2017-11-21T19:26:54Z 2021-04-28T22:38:48Z "Hi, guys! So I'v seen that the color palette menu has changed on the last WordPress Update. Now it doesn't show the box to write down the color code and be more accurate. I've tried with two different themes (Garage and 15Zine) and it shows the same color menu, without the box to write color codes. Do you know if there is a way to get that box back? Best, R." raulfpm 2 42656 Multisite Global $pagenow variable Plugins 5.1 normal normal Awaiting Review defect (bug) reopened 2017-11-22T03:58:15Z 2019-03-22T13:35:45Z "When the site is configured as multisite, plugins are loaded before ""vars.php"", causing plugin getting null value when trying to access the $pagenow variable. Sample Plugin : Brightcove Video Connect Defect : Setting page is empty Caused by : In the setting page logic, it will check whether $pagenow is in the array of 'admin-ajax.php', 'admin.php', 'post-new.php', 'edit.php', 'post.php'. And since the $pagenow is not initialized yet, it will just display an empty page." thorthecoder 2 42668 Remove WordPress Importer tests from default test suite Build/Test Tools normal normal Awaiting Review enhancement new 2017-11-23T08:28:49Z 2017-11-29T23:59:39Z "The importers were removed from Core in r14764, 8 years ago. But the [https://core.trac.wordpress.org/browser/trunk/tests/phpunit/tests/import tests] are still located in the core test suite, and are run by default. We should exclude these tests from running by default as a first step, as it means running 14 tests less. Ultimately these tests should be migrated to the [https://github.com/WordPress/wordpress-importer Importer plugin repository], where they can assist with development." Frank Klein 2 42670 Symlinked plugin makes plugin_basename function return wrong basename brianhenryie has-patch Plugins 4.9 normal normal 6.6 defect (bug) assigned 2017-11-23T11:36:11Z 2024-02-26T16:59:49Z "Symlinked plugin makes plugin_basename function return wrong basename for plugins which goes after the symlinked plugin. If symlinked plugin name is substring of WP root directory name. For instance, plugin name is feedback-plugin and WP root directory is feedback-plugin-wp. Cause of such a behavior is condition: {{{#!php // wp-includes/plugin.php plugin_basename function (line 658). if ( strpos( $file, $realdir ) === 0 ) { $file = $dir . substr( $file, strlen( $realdir ) ); } }}} Solution: {{{#!php $pattern = '/^' . str_replace('/', '\/', $realdir) . '\//'; if ( preg_match( $pattern, $file ) ) { $file = $dir . substr( $file, strlen( $realdir ) ); } }}} " sergiienko 33 42683 widgets cannot be edited General 4.9 normal normal Awaiting Review defect (bug) new 2017-11-23T18:38:01Z 2017-11-23T20:41:04Z "after upgrading to 4.9, my widgets cannot be edited. All i see is just the buttons after each widget (save etc) " fovos 1 42695 Text Widget: hard-coded width/height attributes are stripped from iframes dev-feedback Widgets 4.9 normal normal Future Release defect (bug) new 2017-11-25T04:30:54Z 2018-05-02T15:01:49Z "hi when i update my WordPress 4.9 my exiting iframe size in text widget not working.please find my [http://dubaicarmelschool.com/] and iframe code below: <iframe src=""sshow/show.html"" border=""0"" width=""700"" height=""400""style=""border: 0; margin-left: -120px; margin-right: -0px; margin-top: -9px; margin-bottom: -0px;""></iframe>" dubaicarmelschool 19 42696 Autosave Notification not dismissible dev-feedback Autosave 4.2 normal major Awaiting Review defect (bug) new 2017-11-25T10:11:17Z 2023-05-15T10:09:44Z "If I make changes to a Post/Page and then decide I don't want to keep those changes, I'll simpy click away from the edit page. The next time I decide to edit the page, I'm prompted with a notification advising ""There is an autosave of this post that is more recent than the version below. View the autosave"" https://cl.ly/082A3B0u3J1u The only option I'm given is to view the autosaved version. This notificaiton should be dismissible. I shouldn't have to view the autosaved version when I already know that I don't want it. I also shouldn't have to resave the page, just to get rid of the notification. I would like to see a Dismiss icon/link so that we can dismiss the notification for good. When developing a theme or plugin, we're required to make all notifications dismissible. There's no reason why core notifcations shouldn't follow the same rules and also be dismissible." ahortin 7 42702 "Most common issue inside post edit - ""Links Live search""." Permalinks 4.9 normal normal Awaiting Review feature request new 2017-11-26T09:59:46Z 2017-11-26T09:59:46Z "'''Most common issue in WP Back End Search''': My original parmalink is not matching with Search URL and for that way i have trouble in interlinking of blog articles to 1 post to another one because of wrong category URL. I have set Primary category (Messaging). But in Search you will see wrong category (Linux). For more details please view below 2 attach files carefully… https://drive.google.com/file/d/1XoDVa_zMygIWs8bFfgaSag4-iou7BCl3/view?usp=sharing https://drive.google.com/file/d/1u5ZlOXAA_5q30qo-HLnO8Qtz75tJkj3Q/view?usp=sharing For more details: This above issue is in 2-fold i will try to explane you below… Our website permalinks are configured like so: /%category%/%postname%/ The first issue is that although a '''primary category is set for all of my posts''', when using the WordPress Link button, WordPress does not always insert the link using the primary category in the URL. I read that other people were having a similar issue where the categories where being inserted in alphabetical order. This does not seem to be the case for me as for the most part the permalink is working correctly, but not accross every post. The second issue is that the post is not redirecting to the url which contains the primary category eg. example.com/secondary/test-post is not being redirected to the correct permalink as shown below example.com/primary/test-post Instead, the post is visable on both URL’s. And for that way we have trouble in interlinking of blog articles to one post to another one because of wrong category URL But if any fix in functions.php can help to resolved above issue and for that we need your help. Your help would be appreciated. Thank you." Softfully 42703 WP_Query: Swap parsing date into own method Database normal normal Awaiting Review enhancement new 2017-11-26T17:32:44Z 2019-01-16T06:50:09Z "The WP_Query::get_posts also parses the date query. This is modular enough to swap it to its own method at last. A proof of concept has been made and all tests are still green. Some details and todos: - see https://github.com/ScreamingDev/wordpress-develop-1/commit/6bb681e8caf4df8ba4811690ee19f12ad1755371 - Check if the whole logic can be shifted to WP_Date_Query::get_sql Hint: The long run is about enabling WordPress to support multiple tables (per ""post-type""). To achieve this some enhancements to the current wpdb and WP_Query class are needed. This issues covers a small bit of it by refurbishing the source." screamingdev 42711 Support for symlinked themes in the themes folder Themes normal normal Awaiting Review enhancement new 2017-11-27T12:38:34Z 2017-11-27T12:38:34Z "Symlinking themes to the theme directory does not work. This feature is more important than ever, since developers usually use various build tools. The repository – almost everytime – looks something like this: {{{ . ├── build ├── src ├── package.json └── readme.md }}} The build folder contains the generated theme. Currently it is necessary to use a script to copy the build files to the Wordpress theme folder, after a successful build. It would be much easier to symlink the build folder to the WP themes directory. This way you keep your repository and the WordPress themes folder clean." Afterlame 42712 Enhance wp revisions to keep with expiration date for the revisions Revisions normal normal Awaiting Review feature request new 2017-11-27T13:16:26Z 2017-11-28T00:39:31Z "https://codex.wordpress.org/Revisions Now, the options of the revisions are: true (default), -1: store every revision false, 0: do not store any revisions (except the one autosave per post) (int) > 0: store that many revisions (+1 autosave) per post. Old revisions are automatically deleted. What about to have expiration by time also, not just with number. In that way, in big multisite installations, old revisions could desappear after X months. Decreasing the size of the database. Normally, if a post have not modifications after 1 year, is because not longer are necesary. Anyway, it would be a choice of the superadministrator of the installation. thanks" colomet 2 42714 Unit tests: Move remaining classes out of includes/utils.php into their own file has-patch Build/Test Tools normal normal Awaiting Review defect (bug) new 2017-11-27T15:15:00Z 2017-12-09T01:47:28Z "The `includes/utils.php` file includes four classes: - `MockAction` - `testXMLParser` - `MockClass` - `wpdb_exposed_methods_for_testing` The patch moves these classes into their own files, as this makes the code more transparent, and easier to add documentation. The files are now loaded during bootstrap. Moving classes out of files can lead to issues, as seen in #37523. Rather than continue loading these files always in `includes/utils.php`, one way to get around this is to check for these classes being loaded at the top `utils.php`. If not, they can be loaded, and an error message can be triggered, so that developers can update their code. This backwards compatibility layer could then be removed after having it there for one major release. " Frank Klein 1 42718 Video shortcode needs muted attribute for Autoplay to work with Safari 11.0.1+ has-patch Shortcodes 3.6 normal normal Awaiting Review defect (bug) new 2017-11-27T21:31:45Z 2020-07-10T10:19:58Z "Safari 11.0.1 disables autoplay on everything that isn't muted by default. Link here: https://techcrunch.com/2017/06/05/auto-play-block/ Chrome will disable it starting next year: https://arstechnica.com/tech-policy/2017/09/google-chrome-block-auto-play-video/ For this reason, if we're including the autoplay attribute in the video shortcode, we should add a muted attribute to make it a useable shortcode. Other than a code change, we should also update the docs about the shortcode here: https://codex.wordpress.org/Video_Shortcode How to test this now: Get on Safari 11.0.1 (or greater) Create a post with a video shortcode and an autoplay tag. Go to the front end version and see that it won't play. " deeptiboddapati 8 42721 Introduce native language name as a WP_Locale property I18N 4.9 normal normal Future Release enhancement new 2017-11-28T03:11:50Z 2019-01-08T10:27:49Z "At the moment, displaying the current locale's native name is only possible by reusing `wp_get_available_translations()`, which performs an external request to the translations API and stores the result in a transient. It would be easier if the native name was available as a `WP_Locale` instance property. Use case: [41198] introduced [source:tags/4.9/src/wp-includes/script-loader.php?marks=391-445#L391 50+ strings with language names] for MediaElement.js. Looking at the code, they are used as subtitle track labels, unless the track has its own label. This is only a subset of all locales supported by WordPress. If the goal is to make sure the current locale's name can be used as a subtitle track label, it doesn't make much sense to translate the whole list to 100+ languages." SergeyBiryukov 1 42723 Tag Cloud CSS needed for HTML minification has-patch General 4.9 normal normal Awaiting Review enhancement new 2017-11-28T05:41:29Z 2023-04-17T10:37:05Z "The new tag cloud code in Wordpress 4.9 works great except for one issue which can be improved. Because it uses {{{ display: inline-block }}} for li elements, it needs whitespace after each ending closing li tag. Else HTML minifiers will remove the spacing. It's hard for minifiers to do the job as this is a more general issue. An illustration is here: https://codepen.io/anon/pen/pdOPdr What happens is that after HTML minification, tags appear very close to each other. Undesired. The best way to tackle it would be to improve the CSS. Here's a suggestion {{{ .tagcloud ul li:after, .widget-area .widget.widget_tag_cloud li:after { content: '\00A0'; white-space: pre; } }}} " superpoincare 9 42725 Allow gender specific translations dev-feedback I18N normal normal Awaiting Review enhancement new 2017-11-28T07:50:52Z 2020-08-03T21:34:39Z "For years, the WordPress translators community has needed to resort to '''painful compromises''' for languages with grammatical gender, where women are often discriminated by default. From strings like `Lead Developer` to simply `Author` or `Editor`, some languages will always refer to these as males, regardless of the user self-identification. While modern English grammar is exceptionally capable of being gender neutral, many other languages do not share this trait. Forcing all languages to adopt a gender-neutral grammar, even when they're not capable of it, diminishes the appeal of WordPress to non-English speaking users, especially women - because in almost all languages, pseudo gender-neutral grammar just uses the male form. This ticket is a tracking ticket for the various tasks needed to allow for gender-specific translations '''How gender specific translations will work with gettext''' - We will modify some of the existing translations functions (in a backward compatible way) to accept an optional user gender value. - When this happens, the POT generation tools will create 3 different strings, differentiated by a specific context. - On output, the correct translation will be loaded based on the value of the gender property '''What needs to be done''' - Introduce a user profile field to store users' gender and a `get_user_gender()` function. See #42900 - Add unit tests to current translation functions - Add an optional `options` parameter to `__()`, `_x()`, `_n()`, `_nx()` that will be used to pass the gender to the translation functions - Update documentation - Update GlotPress to group translations. ---- '''Notes:''' - This ticket originally included proof-of-concept patches. It has since been rewritten to reference other tickets to tackle the various tasks. - The details of the implementation were discussed during contributor day at WCUS 2017. Big thanks to @gregross, @johnbillion, @nullbyte for making this happen, and thanks to @nacin for his input. - Major props to @glueckpress for being a driving force in creating this with his [https://wordpress.tv/2017/06/27/caspar-hubinger-big-little-shame-a-tale-of-empowered-user-experience-through-localisation/ WC Europe 2017 talk]. " yoavf 17 42732 Problem with usage of WP_Term_Query inside WP_Tax_Query Query 4.9 normal normal Awaiting Review defect (bug) new 2017-11-28T15:15:21Z 2017-11-28T15:15:21Z "This problem started on WP 4.9 because of #37038. In WPML plugin, we filter the tax queries in order to convert the term IDs to their translations in the current language (if any). In WP 4.8.3, `WP_Tax_Query::transform_query` was making direct calls to the DB. In WP 4.9, `WP_Tax_Query::transform_query` is using `WP_Term_Query` to fetch the terms of the meta query. The problem is that we have filters on `WP_Term_Query` (on `get_terms_args`) which applies to this. This is usually not a problem, except for a post query with tax queries and `suppress_filters` set to `true`. Here's an example: {{{ $args = array( 'post_type' => 'post', 'suppress_filters' => true, 'tax_query' => array( array( 'taxonomy' => 'category', 'field' => 'term_id', 'terms' => [ 3, 4 ] // 3 is the English category and 4 is the translation in French ), ) ); $wp_query = new WP_Query( $args ); }}} '''What is expected (and actual behavior in 4.8.3):''' This query should return all the posts attached to the category 3 or 4, whatever the current language. '''What we have now:''' The query returns the posts attached to 3 OR the posts attached to 4 (depending on the current language). So we need a way to flag that `WP_Term_Query` is used inside `WP_Query` (via `WP_Tax_Query`) and `suppress_filters` is set to `true`." strategio 42733 WordPress Embed URLs don't work for draft and scheduled posts with pretty permalinks needs-unit-tests Embeds normal normal Future Release defect (bug) assigned 2017-11-28T16:46:36Z 2023-05-29T10:41:09Z "This came up during work on #41451. Two tests fail with ''is_embed is false but is expected to be true'': - `Tests_Embed_Template::test_oembed_output_draft_post` - `Tests_Embed_Template::test_oembed_output_scheduled_post` Without pretty permalinks, the return of `get_post_embed_url()` is `http://example.org/?p=8&embed=true`. This URL is recognised as an embed URL when the request is parsed. But with pretty permalinks enabled, the return is `http://example.org/?p=8/embed/`. This is not recognised as an embed URL. The reason for the mixed URL structure seems to be `get_permalink()`. This function does not return pretty permalinks for draft or future posts, see https://core.trac.wordpress.org/browser/tags/4.9/src/wp-includes/link-template.php#L165" Frank Klein 3 42737 Add method wp.api.getModelByType for retrieving api models adamsilverstein REST API 5.1 normal normal Future Release feature request assigned 2017-11-28T17:52:54Z 2018-10-19T18:33:35Z " For Gutenberg, it will be easier and less error prone to fetch the wp.api.model by retrieving by type instead of creating a route and searching for the model that matches that route. An open detail to work out is if namespacing is needed, can objects have the same name in different API namespaces in the same instance of wp.api. A potential solution could be an optional second argument. For example: `getModelByType( type, versionString = 'wp/v2' )` Related to #41111 Original Slack Discussion at: https://wordpress.slack.com/archives/C5UNMSU4R/p1511878493000062 " mkaz 5 42743 Disable wp_options autoload for inactive widgets Widgets normal normal Awaiting Review defect (bug) new 2017-11-29T04:25:59Z 2023-09-07T11:58:23Z "Options/settings for all widgets are saved in wp_options with autoload=yes, but autoload is enabled for the wp_options even for deactivated widgets. On sites with many widgets installed (but not even activated), the size of data transferred from the DB to the PHP host on each and every page request can add significant overhead and introduce noticeable slowdowns. I can't see a reason why autoload can't be disabled on deactivation of a widget, preloaded on navigation to the widget settings page, and then re-enabled when said widget is activated." ComputerGuru 2 42751 Can we please enqueue media-views independently ? Media 4.9 normal normal Awaiting Review defect (bug) new 2017-11-29T22:14:11Z 2023-10-18T16:16:58Z "Many of theme developers are styling mediaelement to their preference and this is a first step when they do so; {{{ /* * use theme mediaelement CSS */ wp_deregister_style('mediaelement'); wp_deregister_style('wp-mediaelement'); }}} that disables the default CSS and lets us use our own. Issue with this is that buttons, imgareaselect and media-views CSS files depend on these and if anyone is using a frontend page builder or anything that needs media library in frontend, these 3 CSS files are not present. My first tought was {{{ /* * since we have deregistered medialement style * make sure media dependencies are loaded * in case of frontend editros */ if( is_user_logged_in() ){ wp_enqueue_style( 'buttons' ); wp_enqueue_style( 'imgareaselect' ); wp_enqueue_style( 'media-views' ) ; } }}} but to my surprise media-views which is a key CSS file for media library is not loading since it is a dependent. I know that I can do the direct enque but since we have a handle we should be able to use it independently from other styles. While we are at it, why are we loading mediaelement CSS files at the bottom of body http://prntscr.com/hh0808 ? CSS files should always be in head. " Themezly 2 42773 Plugin/Theme editor does not return sufficient information when loopback request fails Plugins 4.9 normal normal Awaiting Review enhancement new 2017-12-01T23:46:46Z 2017-12-01T23:46:46Z "The sandbox feature of the theme/plugin editor in 4.9 is a step in the right direction. Unfortunately there are many situations where the loopback request fails and there is no indication back to the user why that happened. The cURL/WP_Error response is just tossed away and a generic message is sent. Will attach a patch that at least returns the error message back to the user. Additional improvements could be made, but I don't have the time to implement them: Have a loopback test run before the file is saved to at least be sure that is available (save the result in a transient with a 60 sec ttl) If that loopback fails, pop up a notice that the sandboxing feature is unavailable but have a checkbox to allow the user to force the edit to save. " jamesgol 42780 Code Editor: Linter (HTMLHint) should show error if checkbox doesn't have associated <label> External Libraries 4.9 normal normal Future Release enhancement new 2017-12-03T17:32:45Z 2020-12-04T16:34:45Z "The Custom HTML Linter should show an error if an checkbox field does not have an associated label element. This would be a good improvement for accessibility. To reproduce: 1. Create a custom HTML widget 2. Enter the following code: {{{ <input type=""checkbox""> Checkbox Label }}} 3. No warning/error appears. " shooper 10 42785 Change default of `show_in_rest` in register_post_type and register_taxonomy needs-unit-tests REST API normal normal Future Release enhancement assigned 2017-12-03T19:34:14Z 2020-01-07T23:56:41Z "Right now `show_in_rest` is defaulted to `false` in `register_post_type` and `register_taxonomy`. To improve usefulness of the REST API I think the time has come to include default publicly readable data into the REST APi. This helps with https://github.com/WordPress/gutenberg/issues/1342#issuecomment-319920850 for Gutenberg too. I propose we default `show_in_rest` to `true` in the following scenarios: - Object types registered with `public => true` (only). - Object types registered with `publicly_queryable => true`. I have other future ideas for further cases (including authenticated-only cases) but I think this is a good start. " joehoyle 34 42794 Can't upload new media files when multiple media dialogues are present on a single page has-patch Media 3.7.19 normal normal Awaiting Review defect (bug) new 2017-12-04T16:01:05Z 2018-01-19T09:44:09Z "'''Layman error description''': When there are more than one Inline Media Uploader on a page in the Admin, and one tries to upload a new image or file to the Media Library, the upload gets stuck and the image is never inserted into the media library (see attached screenshot). This happens to me when using the post-types-definitely plugin to create multiple media fields in a CPT. The exact same error (including error messages) has been described before ([https://wordpress.org/support/topic/js-bug-prevents-uploading-media-in-pagepost-editor/?replies=11#post-6860868] and https://wordpress.org/support/topic/error-uploading-media-in-post-if-yoast-is-active/#post-6922117), and even though there it was related to a plugin combination, it is not in my case. The workaround proposed there is not applicable to my case and the error source I found has nothing to do with plugins.[[BR]][[BR]] '''Technical error description''': When examined in the Firefox Developer Tools, the console shows the error `TypeError: this.$index is undefined`. In Chrome, the error is `Cannot read property 'text' of undefined`. Both of them point to `wp-includes/js/media-views.js:UploaderStatus.info()` [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/media-views.js?rev=40359#L8361][[BR]][[BR]] '''Technical analysis''': Upon closer inspection of the code, the problem seems to be as follows: When we upload a file (by clicking Ok on the OS file dialogue), a callback handler calls info() on each UploadStatus object belonging to a loaded media dialogue. The method info() relies on the fact that normally, the method ready() on the same UploadStatus object is called before the call to info(). ready() uses JQuery to set (amongst others) the member variable $index inside the UploadStatus object. info() then tries to access this.$index on all UploadStatus objects and set their contents using the JQuery text() function. However, since ready() is not called before a media dialogue is opened for the first time, and our opened dialogue calls info() on all media dialogues, the access to this.$index fails in the unopened UploadStatus objects, throwing the above Javascript Error and making the script abort, therefore freezing the upload progress bar.[[BR]][[BR]] '''Workarounds''': This analysis is confirmed by the fact that when I open all media dialogues on the page at least once before uploading an image in any of them, uploading works as expected (because all of the UploadStatuses are ready() and have their $index member variable defined). A workaround for the problem is to just use the inline media dialogues for selecting existing media from the media library, and using the Media->New menu to actually upload any files. The error happened in all Wordpress versions I tested (since 4.8.3).[[BR]][[BR]] '''Proposed solution''': I can see a number of different solutions for this problem. The best one would be to only call info() on the UploadStatus belonging to the opened media dialogue. However, the info() calls are performed via a single event trigger ([https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/media-views.js?rev=40359#L8289]) that all info() methods subscribe to in the UploadStatus.initialize() function (relevant for this bug is the `""add""` trigger), and this trigger cannot distinguish its subscribers. Therefore I propose to instead call ready() at the end of the initialize() function. This way, ready() is only called once more than before per media dialogue and page load, and we can be certain that info() is only called on UploadStatuses that are ready()." carlobeltrame 4 42806 Allow installing themes in the Customizer on multisite dev-feedback Customize normal normal Future Release enhancement new 2017-12-05T17:47:40Z 2018-07-08T17:44:55Z "Currently the ""Install Themes"" section in the Customizer isn't added when using multisite. There is no technical problem with the installation process, as it still works correctly, simply by adding removing the restriction to only add the section (and enqueueing the related script) if `is_multisite()`, which I tested before opening this ticket. However, what would need to be figured out is how to deal with enabling themes, because by default an installed themes isn't enabled anywhere. And of course it would only be possible for the network administrator, but I think that would still bring a huge benefit, because right now it isn't possible in multisite at all. Here are two suggestions for possible approaches: 1. When in a multisite, there could be a notification like ""By installing a theme you also automatically enable it for this site."" Then, after the installation logic we would only need to handle that part automatically. If we go with that approach, we would need to make sure that the current user has both the `install_themes` and `manage_network_themes` capabilities. 2. When in a multisite, there could be a separate section ""Network Installed Themes"" that includes all themes installed, regardless of whether they're enabled for the site. Each themes would have a button to enable/disable it for the site. That section would require the user to have the `manage_network_themes` capability. We would furthermore need to ensure that themes are transitioned from the ""Network Installed Themes"" to the existing ""Installed Themes"" section and vice-versa when they are enabled/disabled for the site. Plus, when installing a theme through the ""WordPress.org Themes"" section, the user would need to be redirected to the ""Network Installed Themes"" section with that theme pre-seleted, to easily be able to enable and preview it. There are benefits to both ways: While the first approach will be much simpler to implement, it somewhat mixes installing and enabling themes into one. The latter approach will allow more flexibility, but may be overly complex. Especially since installing themes without being able to enable them will make the process useless in multisite, I think I prefer the first approach. Maybe a mix of both could be the right way too, where we start with implementing the first approach as a first iteration (that could even be merged into core as that), but keeping it future-compatible to possibly add a dedicated ""Network Installed Themes"" section later." flixos90 1 42822 CodeMirror: HTML attributes values hints not fully operable with a keyboard Widgets 4.9 normal normal Future Release defect (bug) new 2017-12-07T09:38:16Z 2018-09-26T14:43:42Z "To reproduce, add an HTML widget either in the Widgets screen or in the Customizer: - start typing a HTML tag, for example ""<i"" for an input field: [[Image(https://cldup.com/BYoQlC_wZw.png)]] - a list of hints appears and it is possible to use the down and up arrow keys to select one of the hints in the list, pressing Enter inserts the tag - after the input, start typing the ""type"" attribute followed by a ""="" - a list of possible values for the type attribute appears - press the down arrow key to try to select one of the hints - as soon as you release the down arrow key (on keyup), the selection moves back to the first hint thus making impossible to select any of the other hints [[Image(https://cldup.com/AGpOpY5-ZN.png)]] Worth noting: - typing a letter after the ""="" seems to make selection via arrow keys work again, for example type `type=t` and selection via keyboard works - seems the attribute values hints don't work at all in the theme/plugin editors, where typing for example `<input type=` does nothing - doesn't seem to happen in the Additional CSS in the Customizer, where all the hints appear to be operable with a keyboard I'm really not sure if this is related to something specific to the HTML widget or if it's something that should be fixed upstream. Setting the ""Widgets"" component for now." afercia 4 42825 [embed] shortcode - oembed_cache not being updated when $cached_recently is false Embeds normal normal Awaiting Review defect (bug) new 2017-12-07T12:32:01Z 2019-01-17T01:31:35Z "For my plugin ( oik ) I developed a Shortcode help facility that shows examples of my shortcodes, syntax etc. It also shows examples of the WordPress core shortcodes. For [embed] it uses a YouTube URL [embed width=""480"" src=https://www.youtube.com/watch?v=nH228-XQ-A8] During PHPUnit testing in multiple environments I found I was getting different results. In one environment the content of oembed_cache was {{{ <iframe width=""480"" height=""360"" src=""https://www.youtube.com/embed/nH228-XQ-A8?feature=oembed"" frameborder=""0"" gesture=""media"" allowfullscreen> </iframe> }}} In other environments I was getting a different result. {{{ <iframe width=""480"" height=""360"" src=""https://www.youtube.com/embed/nH228-XQ-A8?feature=oembed"" frameborder=""0"" gesture=""media"" allow=""encrypted-media"" allowfullscreen> </iframe> }}} Note: The shortcode expansion is being performed in wp-admin with no global post. Trace analysis of the `shortcode` method in shortcodes/class-wp-embed.php indicates that the `$cached_post_id` is being set by `find_oembed_post_id`, which means that `$cache` is set to the content. But the post_modified_gmt of the first example is 25th November; so `$cached_recently` is false. Since `$this->usecache` is initially set to true then the `$cached_recently` logic is ignored and the route taken is to apply the first 'embed_oembed_html' filter then return. The subsequent updating doesn't kick in. == Partial fix == It doesn't look at all logical but setting `$this->usecache=false` before the return of `$oembed_post_id` in `find_oembed_post_id` partially resolves the problem. However, since there's no further checking of `$cached_recently`, this happens every single time. Obviously, more work is needed to update out of date cached items. This is a follow on to #34115" bobbingwide 2 42829 Debugging image uploads with wp_generate_attachment_metadata Media normal normal Awaiting Review enhancement new 2017-12-07T14:24:22Z 2019-02-14T21:28:56Z "Because of the if statement declared in image.php on line 181 ([https://core.trac.wordpress.org/browser/tags/4.9/src/wp-admin/includes/image.php#L181]) it seems impossible to retrieve the error message, what is supplied by the wp_upload_bits() function. Please return this message or implement a new function what verifies what the error messages are trying to inform the user about." Fleuv 2 42833 WordPress forces non-ssl login in described circumstance even though FORCE_SSL_ADMIN is set in wp-config has-patch Administration 4.9.1 normal normal Awaiting Review defect (bug) new 2017-12-07T19:32:39Z 2021-09-21T06:59:07Z "Wordpress provides an http login page in this circumstance: 1. Put the following in wp-config.php: define('FORCE_SSL_ADMIN', true); 2. Log into your WordPress site via wp-login.php with an admin login. 3. Click Visit Site (home icon) at the top of the page. 4. Open a new brower tab. 5. Log into your Wordpress site in the new tab via wp-login.php. 6. Go back to previous tab. 7. Click on Edit Page. It then displays the login box with http instead of https. (Ideally it would not require a new login at all, but instead would use the session from the new tab.)" geomouchet 3 42838 Manipulating uploads and images can break when using stream wrappers has-patch Media normal normal Awaiting Review defect (bug) new 2017-12-08T12:30:05Z 2020-11-12T15:28:49Z "When using PHP stream wrappers for storing uploads into object storages (like S3 or Google Cloud Storage) some things break because in this context a directory merely a path which ends in a '/'. PHP's builtin `dirname` always returns the path without the trailing slash. On regular filesystems this is not a problem since `a` and `a/` are equivalent, but in the context of object storages this pose some issues. I'm attaching a patch which always add a trailing slash when the code expects to work with directories." calin 1 42839 wp_remote_post should support multipart uploads HTTP API normal normal Awaiting Review feature request new 2017-12-08T13:49:32Z 2020-01-22T11:05:19Z Currently `wp_remote_post` doesn't support multipart uploads (file uploads). Because of this many plugin authors need to workaround this by implementing their own way to upload files remotely. calin 6 42848 Twenty Seventeen: Pre-sized Header Media not used reporter-feedback Bundled Theme 4.8.3 normal normal Awaiting Review defect (bug) new 2017-12-09T00:13:00Z 2021-09-01T23:36:31Z "Theme: Twenty Seventeen Version: current The theme customizer has an option to add Header Media and recommends dimensions of 2000 x 1200 pixels. When images are uploaded, WordPress automatically creates a size 2000 x 1200 pixel. The bug When adding a new header image in the customizer, sizing of the original is still required, i.e. it does not automatically choose the pre-sized 2000 x 1200 image. Steps to replicate: 1. Upload an image. Login to your FTP space and you will see a file sized to 2000 x 1200. 2. Go into customizer, Header Media, Add new image, select the one you just uploaded. Note that it will require you to size it to 2000 x 1200." madriverweb 1 42849 Custom HTML Widget: Allow user to be able to bypass lint errors to save Widgets 4.9 normal normal Future Release feature request new 2017-12-09T00:41:41Z 2018-03-14T21:11:53Z "In the custom HTML widget I have some div ids that are the same, and for some reason I can't save the edited widget after updating to 4.9. I would like an ignore button to be able to save the content inside a widget, especially the custom HTML widget. I don't want WordPress' brand new HTML checker feature to override code that is working completely fine. Would it be possible to do that, or make it so that you can at least checkmark something to be able to save the widget. The error it is bugging me about is this: {{{ <div id=""widget4""><i class=""fa fa-arrow-circle-right""></i> <a href=""http://hamarradioen.no/om-oss/""><p>Dette er HamarRadioen</p></a></div> <div id=""widget4""><i class=""fa fa-arrow-circle-right""></i> <a href=""http://hamarradioen.no/om-oss/ansatte/""><p>Ansatte</p></a></div> }}} Because I have two or more widgets using the same formatting it actually wants me to change them, and in that case break the formatting just to please itself. I have made websites for over 20 years, I don't need a WordPress feature «for dummies» to tell me how to write my HTML code. " skoen 8 42851 Problem with video height since 4.9 Media 4.9.1 normal normal Awaiting Review defect (bug) new 2017-12-09T12:02:55Z 2018-01-02T23:19:13Z "I have a video on a page and after updating to WP 4.9.1 the following element gets a height of 0px: <div style=""width: 822px; '''height: 0px''';"" class=""wp-video"" data-aspectratio=""0""> The result is that the video area shows just the controls and nothing more (see attached screenshot on the left) . I can fix this with workarounds via CSS like styling mejs-container and mejs-mediaelement (see attached screenshot on the rigth) but that's a hassle for the responsive versions. Anyone elese facing these problems? (P.S.: I'm not an expert AND a German, so forgive me for dumb questions and bad writing …) " vhcrossmedia 1 42855 Add ability to filter header, sidebar, searchform, footer and template_part file paths dev-feedback Themes normal normal Awaiting Review enhancement new 2017-12-09T21:47:03Z 2023-06-26T10:33:47Z "I've seen several tickets that appear related but are either dead or include bigger changes compared to what I'm proposing (the most relevant being #21062). My proposal (including patch): 1. Introduce `get_template_part_hierarchy( $slug, $name = null );`. 1. Update `get_header()`, `get_sidebar()`, `get_search_form()`, `get_footer()` and `get_template_part()` to use the new function. 1. Add a `template_part_{$slug}_template_hierarchy` filter to the new function so all 5 general template functions' results are filterable. What these changes achieve: 1. Provide a way to filter the location of header.php, sidebar.php, searchform.php, footer.php and any file loaded by `get_template_part()` 1. Reduce code duplication (all metioned functions had the same $slug + $name logic to create a $templates array) Also, @MikeSchinkel has mentioned a few benefits and arguments for why such a filter is beneficial: https://core.trac.wordpress.org/ticket/21062#comment:19" atanasangelovdev 14 42872 Customize: Improve display of theme tag filters on mobile Customize 4.9 normal normal Future Release defect (bug) new 2017-12-11T19:04:32Z 2017-12-11T19:04:32Z "Split out from #42212. The filter bar disappears on screens shorter than a magic number (or narrower than a different, also magic number), unless you scroll all the way up to the top (quite difficult with one-column infinite scroll of themes). I don't happen to use this feature on any devices that would be affected by this problem, but the experience is quite subpar for those users currently. I'm guessing there might be some issues with CSS caching in the above screenshots, or, those that worked on the previous changes in this ticket may have a better idea of why certain browsers don't like something here. Probably worth exploring before 4.9 release if anyone is able to do that, though." celloexpressions 42873 Customize: Allow themes to be installed when SFTP credentials required has-patch Customize 4.9 normal normal Future Release defect (bug) new 2017-12-11T19:07:31Z 2018-01-15T18:46:31Z "Split out from #42184. Next steps: - Revert [41997] - Use [https://core.trac.wordpress.org/attachment/ticket/42184/42184.2.diff 42184.2.diff] - Fix the two known bugs: incorrect labels after cancelling the modal, and fix broken buttons after cancelling the modal Note that with [https://core.trac.wordpress.org/attachment/ticket/42184/42184.2.diff 42184.2.diff], SFTP appears to work as expected. The only issues are with canceling the modal, which happens much more in testing than in practice. [41997] seems like an overreaction to the minor bugs that we need to track down with that, which may seem worse than they are because they are more apparent in a testing workflow than in real usage. Either way, the fixes for that should not be particularly difficult. I'm not planning on working on this issue further, so someone else can take it on." celloexpressions 2 42879 Invent a “Recommended Tools” section dev-feedback Administration normal normal Awaiting Review defect (bug) new 2017-12-12T14:45:58Z 2017-12-13T08:22:52Z "We have recommended plugins and themes, and while most tools are just plugins in disguise, the importers have had the limelight for a bit too long. There are a bunch of handy WordPress tools that deserve some attention, and a dedicated box/page/something under the Tools menu in WP Admin would help bring attention to them." johnjamesjacoby 2 42883 Use sargable queries for date-based lookups for posts dev-feedback Query 3.7 normal normal Future Release enhancement new 2017-12-12T16:17:14Z 2022-06-14T11:57:10Z "Related to #41054 but a very specific and actionable, high-impact instance is the fact that the WordPress lookup for permalinks involving dates is not sargable. For a bog-standard permalink structure %year%/%slug%/, WP generates the following query: {{{ SELECT wp_posts.* FROM wp_posts WHERE 1=1 AND ( YEAR( wp_posts.post_date ) = 2017 ) AND wp_posts.post_name = 'tahoma-vs-verdana' AND wp_posts.post_type = 'post' ORDER BY wp_posts.post_date DESC }}} This runs (as a cold query) in ~0.075 seconds on a dedicated (and overpowered) MariaDB 10 instance on a pretty small WordPress DB. While indexes exist for all the fields matched against in the query, the use of {{{AND ( YEAR( wp_posts.post_date ) = 2017 )}}} cannot be matched against the database because MySQL/MariaDB is not intelligent enough to optimize that constraint. The ""same"" query adjusted to make the match against {{{post_date}}} sargable does the same in ~0.034 seconds (half the time): {{{ SELECT wp_posts.* FROM wp_posts WHERE 1=1 AND wp_posts.post_date >= DATE(""2017-01-01"") AND wp_posts.post_date < DATE(""2018-01-01"") AND wp_posts.post_name = 'tahoma-vs-verdana' AND wp_posts.post_type = 'post' ORDER BY wp_posts.post_date DESC }}} The same would apply for permalinks that reference the month and day, of course." ComputerGuru 8 42897 Hard deprecate functions deprecated before WP 3.7.0 needs-unit-tests General normal normal Future Release enhancement new 2017-12-13T21:11:36Z 2020-04-20T09:13:22Z "There are several of soft deprecated functions in `wp-includes/deprecated.php`. It's safe to hard deprecate those listed as deprecated prior to the introduction of automatic updates in version 3.7. Several tests will need to be removed, others will need to be modified to use the non-deprecated equivalent when using pre-3.7 deprecated functions to test functions deprecated in 3.7 or later. The initial patch removes the functions but needs a refresh to modify the tests." peterwilsoncc 7 42900 Add gender field to user profile for use in translations has-patch I18N normal normal Awaiting Review enhancement new 2017-12-14T13:14:27Z 2019-01-16T06:50:09Z "See #42725 for more background. '''What this solves''' To be able to properly translate numerous terms across the WP codebase, translators to some languages require knowledge of the gender of the user being referenced in the string. Adding an optional field to the user profile will enable the extension of WP's translation functions to support gender variations (see #42725) '''What's included''' - A new user profile field, and a matching get_user_gender() - Unit tests for get_user_gender() '''Gender/Pronouns - How the field was named''' The word ''gender'' has a lot of connotations - but it's used here in the grammatical sense - see [https://en.wikipedia.org/wiki/Grammatical_gender Grammatical Gender on Wikipedia]. When presented to the user, we ask what their preferred ''pronoun'' is, since that's probably the easiest way to relate to it. The wording around the field was inspired by Wikipedia's gender user profile field. '''Screenshot''' [[Image(https://cldup.com/LAj-feF0TI.png)]] " yoavf 6 42904 Speed up unit tests by disabling password hashing has-patch Build/Test Tools normal normal Future Release enhancement new 2017-12-14T19:47:17Z 2019-09-20T17:33:34Z "Whenever the factory creates a new user during a test, it calls `wp_insert_user()`. This function calls `wp_hash_password()`, which internally uses `PasswordHash::HashPassword()` to create a hash of the default password. In the context of most unit tests, users do not need hashed passwords. Hashing has a performance impact, so the tests should run a bit faster if we avoid hashing if we don't need to. The attached patch introduces a mock password hasher, that is used by the entirety of the tests The exception are a few tests that rely on authentication to work properly." Frank Klein 9 42907 Meta Queries: support ordering by meta_value but still including items without that key Query normal normal Awaiting Review enhancement new 2017-12-14T21:54:48Z 2019-01-16T06:50:09Z "Consider this scenario: - You want to order a query's results by `meta_value` of a particular `meta_key`. - Not all items have that key/value pair set. - You want to still include those items in the results. - You want them to be ordered as if the `meta_value` is `NULL` (or `0` if using `meta_value_num`). There is currently no way to do this. (But it is a desired feature, see [https://wordpress.stackexchange.com/questions/28409/way-to-include-posts-both-with-without-certain-meta-key-in-args-for-wp-query 1] [https://wordpress.stackexchange.com/questions/102447/sort-on-meta-value-but-include-posts-that-dont-have-one?noredirect=1&lq=1 2] [https://stackoverflow.com/questions/17016770/wordpress-order-by-meta-value-if-it-exists-else-date 3].) If you don't care about the items that don't have the meta key set being included, then you can use `compare` => `EXISTS`. {{{#!php <?php $query = new WP_Query( array( 'orderby' => 'meta_value', 'meta_query' => array( array( 'key' => 'test', 'compare' => 'EXISTS', ), ), ) ); }}} However, that won't work if we want to include results where the key/value pair doesn't exist. A workaround is to do something like this: {{{#!php <?php $query = new WP_Query( array( 'orderby' => 'meta_value', 'meta_query' => array( 'relation' => 'OR', array( 'key' => 'test', 'compare' => 'EXISTS', ), array( 'key' => 'test', 'compare' => 'NOT EXISTS', ), ), ) ); }}} This approach solves the problem of the items with no key/value pair not being included. However, it does not order those items in the results reliably. Instead of the `meta_value` being interpreted as `null` (which we might expect), the database will choose another `meta_value` entry for that item to order that item based on. My proposal is to add a `NONE` option for `compare`, so that it would be possible to achieve the desired ordering with a query like this: {{{#!php <?php $query = new WP_Query( array( 'orderby' => 'meta_value', 'meta_query' => array( 'relation' => 'OR', array( 'key' => 'test', 'compare' => 'NONE', ), ), ) ); }}} This would result in a query that included a `LEFT JOIN` on the meta table for that `meta_key`, but did not include any conditions in the query. (This is basically a `NOT EXISTS` query but without the `ID = NULL` requirement, so that it is just a left join and not a left outer join.) When using `meta_value_num` in particular though, ordering by `NULL` may not be desirable (those results will be after all other results); `0` may be preferred as the imputed value (consider a case when negative values are present). To make this possible, I suggest allowing the clause to also specify a `default` value, which will be used in the `ORDER BY` clause with `COALESCE`. Initial patch forthcoming." jdgrimes 3 42910 Default Post Format doesn't apply on post created from Quick Draft has-patch Post Formats 4.9.1 normal normal Awaiting Review defect (bug) reopened 2017-12-15T09:09:31Z 2018-04-15T07:24:06Z "Default Post Format doesn't keep selected while submitting posts using Quick Draft option of dashboard. '''Steps To Reproduce:''' 1. Login into the WordPress admin 2. Navigate to the Settings > Writing 3. Change the Default Post Format to any format 4. Clicked on ‘Save changes’ button 5. Now navigate to the Dashboard 6. Inside Quick Draft block Add post title and description and Clicked on ‘Save Draft’. 7. Now check the post format of added post. Note: ''it is working after 2-3 attempt but when you again change the post format then it will not work as expected.'' '''Expected result:''' default post format should be applied on post created from ""Quick Draft"" option." aiyaz 42913 Scroll widgets and widget containers independently in admin ui Widgets 5.1 normal normal Future Release enhancement new 2017-12-15T18:31:30Z 2018-05-03T19:50:32Z "A ""regular"" WordPress installation with a few plugins providing widgets can easily result in a situation where the height of the ""available widgets"" div on the left can be significantly larger than the height of the ""available widget containers"" div on the right, as a result of which one may need to scroll down significantly to reach the desired widget, then scroll back up _while dragging_ to place the widget in the desired container. If the div on the right were to be configured with {{height: 1vh; overflow-y: scroll}} and then turned into fixed (?) position div, it would remain on-screen while the user scrolled through the list of available widgets, such that installing a new widget would only require scrolling to find the widget in question, and at no point would it be necessary to drag and scroll simultaneously (which, while frustrating, is easy enough on a desktop... but with a touchpad it becomes quite the challenge). On further reflection, it might actually be easier and less hacky to assign both the left and right divs a height of 1vh (and perhaps throw in a {{min-height}}) and {{overflow-y: scroll}}, then there's no need for anything but the default positioning. Both containers would scroll independently, and no need to drag and scroll. Attaching a video of the current experience." ComputerGuru 6 42915 Don't load admin dashboard widgets if they're not shown dev-feedback Administration normal normal Awaiting Review enhancement new 2017-12-15T19:55:41Z 2020-02-15T13:08:37Z "I'm not sure how doable this is given that #23910 was closed, but some plugins load slow admin dashboard widgets that use HTTP API requests or else involve heavy db lookups and processing. (Yes, these plugins should be designed better.) Since this is the admin dashboard and not some other component that is heavily modified and reconfigured such as the post page and since #23910 was closed, would it be possible to require a page reload when an admin component is enabled (so that the page can be re-requested while calling the widget routine) instead of preloading all widgets and then simply hiding the unshown dashboard elements? Or perhaps #23910 could be revisited with consideration given to non-stock admin dashboard widgets that are not as ""no big deal"" as the ones that WP ships with out of the box." ComputerGuru 1 42920 Add support for the picture element adamsilverstein needs-unit-tests Media normal normal Awaiting Review enhancement assigned 2017-12-17T06:10:52Z 2024-02-26T18:25:22Z "The `<picture>` element is in the HTML standard and should be supported in WordPress (https://html.spec.whatwg.org/multipage/embedded-content.html#the-picture-element). Similar to the `<audio>` and `<video>` elements, the `<picture>` element can contain multiple `<source>` child attributes, providing the browser with different formats for the same resource. Each source can have its own `srcset`, `media`, and `sizes` attributes, among others, to control which source is used under specific circumstances (such as screen width). After all `<source>` tags are output, an `<img />` tag is required as a fallback. Adding support for the `<picture>` element can help in many areas. Here are a few: - Allowing support for more modern image formats, such as SVG or WebP (https://core.trac.wordpress.org/timeline?from=2017-12-16T21%3A15%3A32Z&precision=second) - Provides a way to solve the responsive image art direction problem (rough POC: https://github.com/desrosj/respect-art-direction). Adding `<picture>` elements to core's output could be tricky for backwards compatibility. Themes are most likely targeting `<img />` tags as direct children of other elements in CSS and JS. There are also a few oddities in CSS with styling the `<picture>` element. == Proposed Solution == The solution I am proposing is to add `picture` to the `html5` array in registered theme support. This would allow us to encourage themes to add support and proper styling for the picture element when they are ready. When themes adopt this feature, future releases of WordPress (or plugins) could add `<source>` elements to `<picture>` elements as more performant formats are supported. Sites would receive all of the benefits of the new enhancements without any updates needed from themes. == Unsolved == Hardcoded images in post content and widgets would not be solved with this approach. They would continue as hardcoded `<img />` tags. This may not be a bad thing but may require additional CSS rules in themes to handle correctly. Browser support for the `<picture>` element is very good. According to https://caniuse.com/#feat=picture, the only modern browser lacking support is IE11. == Other notes == Tackling this may also be dependant on #29807. == Initial Patch == My initial incoming patch adds documentation for the `html5` `picture` support for themes and wraps the `get_image_tag()`/`wp_get_attachment_image()` `<img />` output in a `<picture>` element." desrosj 13 42922 Image Scaling using get_the_post_thumbnail issue in WordPress Media 4.9.1 normal normal Awaiting Review defect (bug) new 2017-12-17T08:22:37Z 2020-11-19T15:56:40Z "Issue URL - http://www.creativescripters.com/clients/testwp/uncategorized/image-resized/ I am using wordpress (self hosted) latest version, The problem is I am looking to get a thumbnail from the resized/scaled image, and when I do that wordpress returns the test-150x150.jpg i.e. Thumbnail from the original image and not the resized image which should have been test-e1513229707262-150x150.jpg Step to reproduce the issue 1. Upload an image , Scale it (click edit on uploaded image and change width and click scale). Wordpress will rename the image and add an Suffix Id to the name so you can confirm the image have been scaled. for eg if you uploaded test.jpg after scaling image name will become test-randomstring.jpg [![enter image description here][1]][1] 2. When I call get_the_post_thumbnail($post, 'full') I get the correct image The resized one i.e. test-randomstring.jpg [![enter image description here][2]][2] 3. When I try to get a different size of the scaled image for eg I need thumbnail generated from the image size and I call function get_the_post_thumbnail($post, 'thumbnail') wordpress return the THUMBNAIL from actual image (the one I uploaded initially test.jpg and not the resized one test-randomstring.jpg) Screenshot - https://i.imgur.com/sQKoZcF.png [1]: https://i.stack.imgur.com/TTIaG.png [2]: https://i.stack.imgur.com/T3vPE.png" rigids.php 2 42936 get_adjacent_post won't find any posts that are published in the same minute johnbillion close Posts, Post Types 4.9.1 normal normal Future Release defect (bug) assigned 2017-12-19T10:34:26Z 2021-11-14T17:03:28Z "`get_adjacent_post` won't find any posts that are posted in the same minute, even if they are technically posted before or after the other post. This sounds silly but if you use a '''clone''' function to create multiple posts for a website, then you you can't navigate them using links created with `get_previous_post` or `get_next_post`." sheepysheep60 21 42947 REST API wrong total pages spacedmonkey has-patch REST API 4.9.1 normal normal Future Release defect (bug) assigned 2017-12-20T17:03:36Z 2021-10-31T05:01:59Z "When I require posts with the draft status the 'x-wp-total' and 'x-wp-totalpages' headers come with extra values ​​being that not all drafts are from the user making a request, so when I try to pick up the second page the answer comes empty. [[Image(https://i.imgur.com/223sEE3.gif)]]" elvishp2006 21 42952 Add comments about JS removal of message query_arg Administration 4.9.1 normal normal Awaiting Review enhancement new 2017-12-21T01:20:25Z 2022-03-02T22:21:43Z "This is a follow-up to #23367. Can someone '''please''' add some inline doc about how Javascript actually removes `&message=x` from the URL - Specifically in `/wp-admin/edit-form-advanced.php:186` (in WP 4.9.1). As a plugin developer who looks up source code for solutions, I was wracking my brain around seeing `$_GET['message']` as the main argument for showing admin notices, but never seeing it in backend. Took unnecessarily long time to figure out it actually exists and is just hidden." davidsword 1 42953 Created images have a larger filesize than the original Media normal normal Awaiting Review defect (bug) new 2017-12-21T12:34:42Z 2020-11-30T03:14:16Z "Images uploaded in the media library get resized to the defined sizes. However, if the image has been optimized beforehand the result can be that the generated images have a filesize larger than the originally uploaded image. It can happen due to a very high `jpeg_quality` value for example.. This should not happen under any circumstances. Uploading optimized images is something a lot of people do for SEO purposes, and larger generated images affect that negatively. Sometimes even if the image-size is smaller, the generated file's filesize is bigger. One solution would be to save the image in a temp location and have its filesize checked against the original image. If the image is smaller than the original one then move to its final location. If not, then some other solution has to be found." aristath 4 42957 Usernames ending in a period generate invalid reset password links in certain email clients hellofromTonya dev-feedback Users normal normal Future Release defect (bug) assigned 2017-12-21T16:51:13Z 2022-04-29T05:59:01Z "Password reset links contain the username appended to the end of the URL. If the user name ends in a period the email client has to decide if the period is part of the URL or part of the punctuation of the sentence. For example: <https://some-wordpress-site.com/wp-login.php?action=rp&key=V4LSmgBcwtqvFPEiFt0e&login=p.o.> Gmail generates a clickable link that stops short of the final period. Outlook successfully links the entire URL." paulcline 19 42958 create callers for loop functions to accept post id dev-feedback General normal normal Awaiting Review enhancement new 2017-12-21T17:23:36Z 2020-11-17T07:06:03Z "I've always been surprised, why the loop functions (like `the_title`, `the_content`, `the_post_thumbnail` and etc) doesnt have ability to accept post-id as argument. I think that the `get_.....` functions is not replacement in MANY MANY cases, whereas `the_...` functions automatically generate all the needed attributes and tags. using the `get_` function, it is hard to hardcode all those things manually. I suggest to revise once again and why wont WP create callers, like i.e. `_the_content($post_id, [other parameters as of now...])` `_the_title($post_id, [other parameters as of now...])` etc... this will make the things much easier for developers. If you dont believe, see how hard it is to get the same result as `the_content` for specific post id (while outside of loop): {{{ //save global variable $target_post_id = 14; $p=$GLOBALS['post']; //change global variable temporarily, to deceive WP $GLOBALS['post']=get_post($target_post_id); //ONLY NOW call get_the_content $content = get_the_content( $more_link_text='Read more', $strip_teaser=false ); $content = apply_filters( 'the_content', $content ); $content = str_replace( ']]>', ']]>', $content ); //restore the global variable $GLOBALS['post']=$p; echo $content; }}} this is real equivalent of `the_content` when you need to call outside of loop. Is it still arguable?? " tazotodua 3 42965 Widgets not restored to previous widget area after switching back to previous theme Widgets 4.9 normal normal Future Release defect (bug) reopened 2017-12-22T15:06:13Z 2020-11-04T01:59:08Z There's a bug in widgets when switching themes. Before, on version 4.8.4, if you switch themes and return it back to previous, widget will retain on its widget column. In the latest version 4.9.1, every time you switch themes and return it back to previous one, all widgets will automatically placed to Inactive widgets. probewise 14 42970 Add a 'rest_nonce_action' filter to the REST API close REST API normal normal Awaiting Review enhancement new 2017-12-23T23:22:11Z 2019-11-29T03:00:55Z "In the spirit of fully customizing the REST API, as I'm doing in my current application, some features (like the REST prefix) are customizable through filters, while the nonce name, or rather the rest nonce 'action', is not. 'wp_rest' is a bit generic and could easily have a 'rest_nonce_name' or 'rest_nonce_action' filter added in wp-includes/rest-api.php. I believe in this regard that allowing alignment with user-defined namespaces and naming conventions would really further the extensibility of the WP REST API, especially in cases where pretty much every default (including default endpoints) are being disabled or overridden/overwritten. Thoughts?" enlightenedpie 5 42978 Automatically clear file upload error messages Media normal normal Future Release defect (bug) new 2017-12-25T15:50:20Z 2020-08-31T10:09:33Z "When an error occurs on file upload in the media uploader while drafting a post, the error message persists after both a) another file is successfully uploaded, b) the media manager is closed and re-opened. In both of these cases, it is my opinion that the user is best served by having the error message automatically dismissed, as 1. Its positioning is not typical of a ""historic/cumulative"" error log, 2. It may be assumed that by successfully uploading another file the error first encountered is no longer relevant, and 3. An indefinite amount of time may have passed since the error was first encountered and the media manager subsequently closed and the next time the media manager/upload div was re-opened such that the user may have completely forgotten about the error and may be confused to see a red error box and mistakenly think it is associated with some action he/she just took, 4. As a dialog, nothing about the media manager suggests that its state should persist after being closed and re-opened. (see attachment as an example of an error)" ComputerGuru 3 42981 Sorting plugins and themes Plugins 4.9.1 normal normal Awaiting Review feature request new 2017-12-26T09:09:56Z 2019-04-02T18:51:39Z "PLEASE - Sort themes and plugins into : Premium Fremium / Cripple ware Free and fully functional Not as described in the image (Pretty picture, preview looks nothing like it = Hours of work to make it look like the demo. I'd write a theme if I wanted the work) Anything not updated in the last 12 months - ""Abandoned"" pile, not visible Anything with ratings - Sort by rating - Under 3 - not visible Not tested on latest WP version - not visible Not tested on PhP 7 - not visible Speed test rating - Google wants a 2 second load time for mobile. Let's have an apples for apples rating. 5 pages, 10 images, 1000 words and (say) Yoast, Wordfence, WooCommerce and 4 other common plugins. I am sick to death of wasting hours on sifting this garbage - Make these 'Filters' and help everybody. You tell us to update things for security reasons and some of us professionals do that. Client sees a pretty picture then it turns into a nightmare for the above reasons and who has to fix it for free or spend hours looking for a replacement? The login Username should not be the default Editor name. You've handed a hacker half the login. Security - Set permissions to prevent malware spreading - in 2017, one client had malware uploaded to his site and it spread to all other sites and within site folders. WordPress should be containerised by default and SQL / Updates / changes should require 2 factor authentication to update anything (Just a 'secret password') Yes, I know, experts can fix this. In reality, most people do not have the skills. I buy a tool and assume the manufacturer has designed it for Joe Public to use with inbuilt basic safety. Last suggestion - A fork of WP for eCom with included carts, security etc. Google wants fast loading and WP struggles, so fork it to optimised versions : Blogs eCom Membership Versatile - Current version (as is) and the revolutionary version - Offline. This is where the site is built offline and uploaded as a stripped down html5 flat file database version that is a speed demon static site. Lauyan.com looks promising. Regards" grumblenz 1 42986 Insert default filters to wp_delete_file to don't delete core files. Media 4.9.1 normal normal Awaiting Review enhancement reopened 2017-12-27T11:57:51Z 2019-03-22T13:34:35Z " I am see many plugins that don't use wordpress method to delete files ( are using unink ) and exist wp_delete_file. Really you can insert filter, but I think that if didn't have filter by default you can use method to remove anything, including core files. If all agree and approve this ticket I can implement." lenon 2 42987 is_active_sidebar returns true on after plugin deactivation Widgets 2.8 normal normal Future Release defect (bug) new 2017-12-27T12:44:45Z 2018-01-26T21:12:12Z "Hi, Steps to reproduce: code: {{{#!php <?php if(is_active_sidebar(""custom-sidebar"")) : ?> Sidebar is active, and it contains widget(s). <?php else: ?> Sidebar doesn't contain any widget. <?php endif;?> }}} 1. Add a widget plugin to the `custom-sidebar` 2. Disable the widget plugin 3. Reload the page The page is still showing sidebar is active. and `wp_get_sidebars_widgets()` still contains the disabled plugin's widget info. Is this something intended? Or is it a bug? " tpaksu 6 42990 Deprecate WP_UnitTestCase::_make_attachment has-patch Build/Test Tools normal normal Future Release enhancement new 2017-12-28T13:07:36Z 2019-10-03T21:05:47Z "In r35309, several ways of creating an attachment for an uploaded media file were consolidated into a single method, `WP_UnitTestCase::_make_attachment`. As part of r34855, a new method, `create_upload_object`, was added to `WP_UnitTest_Factory_For_Attachment`. It contains all of the code from `_make_attachment`, but additionally it also handles the upload of the media file. We should deprecate the `_make_attachment` helper method, and use the factory method instead. This reduces duplicate code, and makes the interface of `WP_UnitTestCase` cleaner." Frank Klein 1 42992 Menu Customizer - Inconsistent use of Tags and Format Menu Items close Menus normal normal Awaiting Review defect (bug) new 2017-12-28T15:03:50Z 2019-01-17T01:28:07Z "When using the standard menu administration it does not display ""Tags"" and ""Format"" to add into menu items. When using the menu controls in the customizer, it display ""Tags"" and ""Format"" options to appear as menu-items." monikarao 4 42995 WordPress XML-RPC editComment return error 500 changing date_created_gmt reporter-feedback XML-RPC 4.9.1 normal normal Awaiting Review defect (bug) new 2017-12-28T19:01:25Z 2019-06-20T14:10:09Z "Grettings, This: // Do some timestamp voodoo if (!empty($content_struct['date_created_gmt'])) { // We know this is supposed to be GMT, so we're going to slap that Z on there by force $dateCreated = rtrim($content_struct['date_created_gmt']->getIso(), 'Z') . 'Z'; $comment_date = get_date_from_gmt(iso8601_to_datetime($dateCreated)); $comment_date_gmt = iso8601_to_datetime($dateCreated, 'GMT'); } [Thu Dec 28 15:52:34.123148 2017] [php7:notice] [pid 5507] [client 127.0.0.1:39464] PHP Fatal error: Uncaught Error: Call to a member function getIso() on string in wp-includes/class-wp-xmlrpc-server.php:3533 " fpilee 3 42998 Custom HTML Widget uses widget_text twice in markup dev-feedback Widgets 4.8.1 normal normal Future Release defect (bug) new 2017-12-29T16:34:43Z 2019-01-14T22:33:01Z "In https://core.trac.wordpress.org/changeset/41117, classes were added to the Custom HTML Widget to apply the same styling as the Text Widget in themes. However, there's an extra widget_text class that isn't in the Text Widget. Example markup: Custom HTML widget - The widget_text is on the section and the widget-wrap div. {{{ <section id=""custom_html-2"" class=""widget_text widget widget_custom_html""> <div class=""widget_text widget-wrap""> <h3 class=""widgettitle widget-title"">Custom HTML</h3> <div class=""textwidget custom-html-widget""> Custom HTML Content </div> </div> </section> }}} Text Widget - The widget-wrap div has only that class. {{{ <section id=""text-2"" class=""widget widget_text""> <div class=""widget-wrap""> <h3 class=""widgettitle widget-title"">Text Widget</h3> <div class=""textwidget""> <p>Text Widget Content</p> </div> </div> </section> }}} As a result, any theme that has styled widget_text may have unintended styling issues. " dreamwhisper 10 43002 Can't order tag cloud by tag_cloud_sort filter reporter-feedback Taxonomy normal normal Awaiting Review defect (bug) new 2017-12-30T07:44:48Z 2019-01-17T01:26:34Z I can't re-order tags by tag_cloud_sort filter, because the order is same with id order. yuetyeelo2855 2 43009 Create Video/Audio Playlist hooks not working as expected has-patch Media 4.9.1 normal normal Awaiting Review defect (bug) new 2018-01-02T15:54:41Z 2022-03-25T17:43:10Z "WordPress now provides the following hooks: https://developer.wordpress.org/reference/hooks/media_library_show_video_playlist/ https://developer.wordpress.org/reference/hooks/media_library_show_audio_playlist/ We can use these to hide the “Create Video Playlist” (and Audio) button in the media library. These only seem to work on initial page load. The “Create Video Playlist” button still appears for me even though I'm using these filters. To reproduce from a fresh install. 1. Set these lines in your theme functions.php {{{#!php add_filter( 'media_library_show_audio_playlist', function() { return false; }); add_filter( 'media_library_show_video_playlist', function() { return false; }); }}} 2. Go to wp-admin/post-new.php. 3. Click 'Add Media', notice that the playlist buttons are missing. 4. Upload a video file (I used .mov). Notice that the 'Create Video Playlist' button now appears. This likely exists in versions earlier than 4.9.1, but this was the version I tested in." iforrest 10 43010 Attribute Name Escape needs-unit-tests Formatting normal normal Awaiting Review enhancement new 2018-01-02T17:03:09Z 2022-01-18T14:34:00Z "The HTML5 spec allows us to arbitrarily named attributes for tags, e.g. '''''data-my-arb-attr-name'''=""attr value""''. This allows for generated attribute names and thus, a need to escape to avoid potential security implications. I have seen several occasions of developers using `esc_attr` to resolve this case, however this is far from correct - the requirements of the name of an attribute are very different to that of the value, the best example of this simply being whitespace. The requirements of an attribute name can be found here: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2 There is a need for an `esc_attr_name` function to avoid compromises in html. I have provided a simple addition patch to wp-includes/formatting.php which should resolve this issue." joe_bopper 7 43013 Confirmation Email workaround Users 4.9.1 normal normal Awaiting Review enhancement new 2018-01-02T21:41:35Z 2018-01-02T21:41:35Z "This is a follow-up to #16470. Not after support but have a question about this new addition on single-site installs. When I set new client websites up, I change the administrator email address (mine) to a non-administrator user (the client) so I don't want them having to click an email to confirm the email change. To workaround this I access wp_options via phpmyadmin and change the email address in there, but if I refresh the General Settings there is a message stating that there is a pending change TO the email address I have changed from, so I click to cancel (which leaves the new email address set). Would just like confirmation that this method is OK for my own reasons and that no confirmation emails would be sent by doing this. Thanks" adejones 43015 function get_previous_comments_link not working in front page dev-feedback Comments 4.9.1 normal normal Awaiting Review defect (bug) new 2018-01-03T11:44:16Z 2019-06-24T16:29:01Z "Hey, function get_previous_comments_link generate wrong url in front page, but it's ok in typical page, it's because of the permalink, wordpress hasn't full permalink in front page." devlife 1 43019 Hook to validate post form data before save has-patch Database normal major Awaiting Review enhancement new 2018-01-04T13:23:07Z 2021-10-28T03:26:41Z "There doesn't seem to be a hook available to validate form data before a post is saved. In my case I'm considering using JavaScript to validate the post title, content and meta but would prefer to do this validation server side. Can we add a hook?" henry.wright 13 43023 Make Core Image Handling More Extensible Media 4.9.1 normal normal Awaiting Review enhancement new 2018-01-04T21:35:41Z 2020-08-21T03:34:07Z "As we are beginning to see many new and promising formats such as WebP (#35725), APNG, and HEIF/HEVC (#42775), it is probably time to revisit all of the image-related code in the Core, providing filters and hooks so that plugins and themes can choose to support them. Based on the work in #35725, it is clear there are a number of areas with insufficient extensibility, making it impossible for such work to be done by third-party code. [[BR]] '''WRAPPERS''' `getimagesize()`: Due to various bugs and inconsistencies within PHP, direct calls to this function should be replaced with a wrapper function capable of providing filtered responses. #35725 includes this in its patch. [[BR]] '''FILTERS''' Many functions include hard-coded datasets or conditions. By wrapping those in filters, third-party code can alter behavior accordingly. * `wp_stream_image()` * `wp_save_image_file()` * `wp_generate_attachment_metadata()` - The extensions-by-type need to be filterable. * `load_image_to_edit()` - The $mime_type switch needs a filterable default. * getid3.lib.php `ImageTypesLookup()` - Types need to be filterable. * class-phpmailer.php `_mime_types()` - Types need to be filterable. * image classes `supports_mime_type()` * class-wp-theme `get_screenshot()` - Filterable types. * `gd_edit_image_support()` - Filterable responses for both conditions. * `translate_smiley()` - Needs filterable types. * `wp_get_image_mime()` * `wp_attachment_is()` - Filterable extensions. * `wp_mime_type_icon()` - Filterable test for image files. [[BR]] '''OTHER''' There are additional areas that require more complicated solutions. * `file_is_displayable_image()` - Relies on constants which may not be defined, even in cases where an image type is actually supported. Haha. * wp-admin/includes/schema.php - $misc_exts needs to be filterable. * class-wp-image-editor-gd `load()` - Needs a filter around the resource creation. `imagecreatefromstring()` does not work consistently depending on the GD version installed. * class-wp-image-editor-gd `_save()` - Needs a filter to handle alternative MIME types. * class-wp-image-editor-gd `stream()` - Needs some means of specifying alternative headers and callbacks. * class-wp-image-editor-imagick `thumbnail_image()` - Needs some means of specifying options for different image types. * class-wp-image-editor-imagick `stream()` - Needs a shortcut filter to allow for completely different handling. (This is a quirk of the PHP extension not always properly communicating with the system binary, leading to segfaults, etc.) * class-wp-customize-media-control `to_json()` - Needs some method of altering the $type matching. [[BR]] '''ROADBLOCKS''' Additional requirements, such as defining missing PHP constants, might not be possible by the time plugin or theme code is executed. However by the time official PHP support lands, we can probably consider adding such values to the `compat.php` file (without necessarily providing a full blessing for the filetype within the Core)." blobfolio 2 43025 wp_list_filter should filter all iterable objects General 4.9.1 normal normal Awaiting Review defect (bug) new 2018-01-04T23:09:38Z 2018-02-11T17:49:28Z "#16499 introduced an issue which requires that data sent to `wp_list_filter` is an array. What it really means is the data sent to `wp_list_filter` should be iterable _like_ an array. By permitting both arrays and objects that are Transverable we can allow for anything that decends from the `\ArrayObject` class. While there is an `is_iterable` method we _could_ use, it's only availabile in PHP 7.1 so the attached is friendly to PHP v4.2 and above " jarednova 4 43028 Remove numbers before month in dropdown, it makes user confused when drowdown is not opened has-patch Date/Time 3.3 normal normal Awaiting Review defect (bug) new 2018-01-05T12:01:10Z 2020-06-22T17:18:06Z "Bug: Remove numbers before month in dropdown, it makes user confused when drowdown is not opened 1. Navigate to Header from left Rail 2. Select ""Header Media"" 3. Make anu changes 4. Select ""setting"" icon near ""publish"" button from top 5. Select ""Schedule"" radio button 6. Check Date Field " nilamacharya 10 43033 User can not see updated Icon in editing Menu with live preview Menus 4.9.1 normal normal Awaiting Review defect (bug) new 2018-01-06T06:48:54Z 2018-02-05T14:06:38Z "Bug: User can not see updated Icon in editing Menu with live preview Attachment for steps: https://www.screencast.com/t/jOBHlmVeUTdO Steps: 1. Navigate to Appearance->Menus from left rail 2. Select ""Menu with Live preview"" 3. Select Menu and click on 'Add Items"" 4. Sect ""Pages"" and add some page, User can see that ""+"" icon is changed to Tickmark sign 5. User will remove it from menu,Now User can not see previous symbol again to add Thanks" nilamacharya 2 43036 the_posts_pagination() - redirect URL for first page in category Posts, Post Types 4.9.1 normal normal Awaiting Review defect (bug) new 2018-01-06T20:51:56Z 2018-01-06T20:51:56Z "When you are on the second, third, etc. the page function `the_posts_pagination ()` outputs a link to the first page for the current category with a slash `/` at the end of the URL: {{{ /category/category-1/ }}} But when clicking on a link, a redirect to the page takes place without a slash `/` on the end: {{{ /category/category-1 }}} A link to the following pages from this category is displayed already without a slash on the end of the URL: {{{ /category/category-1/page/2 }}} Permalink at the same time on the site are configured to look like this: {{{ /%postname%.html }}}" webliberty 43039 Resize capability missing from Custom HTML widget reporter-feedback Widgets 4.9.1 normal normal Future Release defect (bug) new 2018-01-08T00:02:45Z 2018-01-08T18:19:03Z "I'm using WordPress 4.9.1 with the theme Prolio 2.6.1 I had fallen behind in updating and just updated to current versions. I'm using Text widgets on my homepage, and the text widget editor used to allow both vertical and horizontal resizing by dragging the resize icon in the lower-right corner. Now I can only resize Text widgets vertically! I also started using the Custom HTML widget, as recommended. But the Custom HTML widget is not showing a corner resize icon at all so I cannot resize it, and it is a small rectangular editing pane with a larger font than before, and very awkward to use (although it would be wonderful if I could enlarge it). I used Firefox's Tools > Web Developer > Inspector to find the CSS for the editing window: <div id=""widget-63_custom_html-2"" class=""widget open"" style=""z-index: 100; margin-left: -88px;""> ... <div class=""widget-inside""> ... <form method=""post""> ... <div class=""custom-html-widget-fields""> ... <p> ... <div class=""CodeMirror cm-s-default CodeMirror-wrap""> I find that I can change that last line to: <div class=""CodeMirror cm-s-default CodeMirror-wrap"" style=""resize: both; overflow-x: auto; overflow-y: hidden;""> and that enables the bidirectional resize corner that I need! But of course that only affects the running instance. I have no idea how to tweak the code so that change becomes the default. Before I look into creating my own customized version of the Custom HTML editor, I'm wondering whether this very minor change could be incorporated into the next release of these tools, so I don't have to do that work myself, and so other people can benefit from it. I don't actually know whether this is a request for the WP team or the Prolio team, so I'm starting with the WP team. Thanks for your consideration, -- Paul Tukey paul.tukey@gmail.com " paultukey 4 43045 Trigger events equivalent to editor:image-edit and editor:image-update in media-image-widget.js Widgets normal normal Future Release enhancement new 2018-01-08T20:51:24Z 2020-06-17T04:22:54Z "The `wpeditimage` TinyMCE plugin has helpful `editor:image-edit` and `editor:image-update` events for hooking additional metadata onto the Image object. Here's an example: {{{ wp.media.events.on('editor:image-edit',function(event){ event.metadata.pinterest_text = event.editor.$(event.image).attr('data-pin-description'); }); wp.media.events.on('editor:image-update',function(event){ event.editor.$(event.image).attr('data-pin-description', event.metadata.pinterest_text); }); }}} Although the new Image Widget reuses the `image-details` frame, it doesn't fire these equivalent events, making integration difficult. It would be helpful if the `ImageWidgetControl` implemented equivalent events." danielbachhuber 2 43046 `has_image_size()` returns false for Core image sizes dev-feedback Media 3.9 normal minor Future Release defect (bug) assigned 2018-01-08T21:37:31Z 2020-02-21T17:52:25Z "`has_image_size()` returns `false` (does not exist) for the four core image sizes (thumbnail, medium, medium_large, large). `get_intermediate_image_sizes()` returns these core image sizes merged with custom registered sizes through `add_image_size()`. `has_image_size()` should return true for the core image sizes, or the function docs should note that the core image sizes are not checked in the function." desrosj 7 43058 File search in theme & plugin editor window has-patch Plugins normal normal Awaiting Review feature request new 2018-01-10T13:39:58Z 2018-01-16T05:36:27Z "Now we have using Code mirror for updating theme/plugin files. We have also create a directory tree of theme & plugin files. It is hard to search the file in the given directory tree. So, File search filed is useful to search particular file. This patch search `file name` & `file extensions` too." Mahesh901122 5 43069 Docs: improve documentation for register_meta() function has-patch Options, Meta APIs 4.9.1 normal normal Awaiting Review defect (bug) new 2018-01-11T16:23:29Z 2018-01-11T16:33:40Z "The documentation for the `register_meta()` function would benefit from additional clarity to help developers recognize that the `$object_type` parameter does not mean custom post type and the implications that registering the meta field applies to all objects of a type. Within that method there are also missing default values and optional markers in the docblock as well as a backwards compatibility comment that could be more specific and useful in an inline comment. https://developer.wordpress.org/reference/functions/register_meta/" terriann 1 43070 srcset attribute can be overridden but not prevented Media 4.4 normal normal Awaiting Review defect (bug) new 2018-01-11T19:07:48Z 2019-04-11T13:48:00Z In `wp_get_attachment_image()`, a `srcset` attribute can be passed to the fourth parameter to override the attribute's contents. There is no way to prevent this attribute from showing, though. An empty `srcset` attribute throws a validation error. desrosj 2 43071 User without the ability to publish are unable to edit post status needs-unit-tests Editor normal normal Awaiting Review defect (bug) new 2018-01-11T21:46:21Z 2021-12-10T05:34:24Z "If a user is able to edit a post but unable to publish a post, they can change the post status from the `wp-admin/edit.php?post_type=post_type` page using the quick edit dropdown feature. However, if the user goes to the `wp-admin/post.php?post=ID&action=edit` page, they are unable to edit the post status. User who are able to edit post_type should be able to do so from the post edit page." NathanAtmoz 1 43073 Undo leaves a big blank spot where content wp-view was Editor 4.9.1 normal normal Future Release defect (bug) new 2018-01-11T22:11:14Z 2019-06-05T07:09:00Z "1. Add a Wordpress audio playlist (or video playlist, or others) 2. Select and click ""x"" to remove. 3. Undo, ctrl+z. Now there is a big blank spot... where is it?? It's there but transparent. Tested in the Twenty Fifteen theme and another theme, so it's not the theme." programmin 4 43074 Custom site identity Crop Image function does not work for images smaller than 512px Customize 4.9.1 normal normal Future Release defect (bug) new 2018-01-11T22:52:34Z 2021-05-30T17:20:37Z "Site Identity image. After the image source is selected, crop image popup window arises. Then the image is shown in a crop frame, but crop function does not work as crop frame does not react to mouse. Wordpress 4.9.1 Firefox 57.0.4 64 Internet Explorer 11.192.16299.0" obermeister8080 3 43076 current-menu-item for archive menu item on singular page audrasjb reporter-feedback Menus normal normal Future Release defect (bug) assigned 2018-01-12T09:51:43Z 2020-01-17T00:02:45Z If I have CPT with archive and singular page and I add to menu url to archive and I go to singular page of CPT then should be add current-menu-item to menu item of archive sebastian.pisula 2 43077 Misleading error when updating plugins Plugins 4.9.1 normal normal Awaiting Review defect (bug) new 2018-01-12T10:22:04Z 2018-09-16T03:45:16Z "Hi, I am in /wp-admin/plugins.php A plugin has a new update and I click ""Update now"". After a few seconds I get ""'''Update Failed: Could not copy file.'''"" However, when I refresh the page and I see that the plugin was updated. After a few tests I realise that if there are Core Translation Updates and they fail(for example due to bad filesystem permissions), you will get the error mentioned above even though the plugin was successfully updated. I would like to comment on two things: a) The translations shouldn't get updated with any plugin update. I might NOT want to update the translations. By doing it in the background without asking me that's bad. b) The error message shown is irrelevant to the plugin update and might cause confusion to some admins who might try to reinstall manually a plugin or do any other changes which might eventually end up breaking a site for nothing. Thanks in advance for your time." SGURYGF 3 43080 Allow access to triggered WP_Error when using login_errors and login_messages filters Login and Registration 4.9.1 normal normal Awaiting Review enhancement new 2018-01-12T21:39:59Z 2020-10-13T03:28:56Z "Hi, There are currently 2 filters login_errors et login_messages but everything is string. As a consequence this is translated. I would be nice to add $wp_error (WP_Error) in these filters to make it even more customizable. " jmlapam 43083 "adding ""Unlisted"" type for post visibility" Posts, Post Types normal normal Awaiting Review feature request new 2018-01-13T16:29:17Z 2018-03-02T01:27:19Z "I think there is a good reason that WP natively supported ""unlisted"" posts, in addition to PUBLIC, DRAFT and PRIVATE. Why not WP add that feature? btw, Private is not same as ""unlisted"". " tazotodua 4 43084 dashboard confuses published posts count with all posts Posts, Post Types 2.7 normal normal Awaiting Review defect (bug) new 2018-01-13T23:22:05Z 2019-05-15T08:11:35Z "the following is a good first bug for new contributors, IMO! because it's very easy to fix https://core.trac.wordpress.org/tickets/good-first-bugs in dashboard, in ""at a glance"" section there's a misleading link: 1. its hyper reference uri leads to list of '''all existing''' posts /wp-admin/edit.php?post_type=post there are currently 26 posts in my blog 2. its label is ""8 posts"" where 8 -- is the number of '''currently published''' posts /wp-admin/edit.php?post_status=publish&post_type=post there are currently 8 published posts in my blog 3. its icon is the pushpin. and the pushpin usually means '''sticky''' posts /wp-admin/edit.php?post_type=post&show_sticky=1 there are currently 1 sticky post in my blog thus, as you can see, this link confuses ""all posts (26)"" with ""published posts (8)"" AND with ""sticky posts (1)"" I know, WordPress uses pushpin icon to indicate any post, so, maybe, I'm wrong about sticky posts. But I'm definitely not mistaken in that you cannot label the link as ""8 posts"" and make it refer to the list of 26 posts -- it should be fixed. Either label should be ""26 posts"" or it should go to list of published posts. IMO, the latter choice (lead to published posts)." awardpress 3 43095 Audit the usage of `aria-haspopup` in the admin menu joedolson* Administration normal normal 6.6 defect (bug) accepted 2018-01-15T20:18:01Z 2024-02-20T15:15:16Z "In the admin menu (the one in the left sidebar, not the toolbar one) items that have a sub-menu have an `aria-haspopup` attribute. While the intent is good, I'm not sure this is a 100% appropriate usage. We've discussed this during today's accessibility team meeting and agreed it's worth investigating. In the previous ARIA 1.0 recommendation it was clearly stated that `aria-haspopup` is meant to be used on controls that require user activation to reveal additional content. Then, in the new [https://www.w3.org/TR/wai-aria/#aria-haspopup ARIA 1.1] recommendation, the sentence ""This means that activation renders conditional content"" [https://www.w3.org/2016/04/28-aria-minutes.html#item03 was removed]. Regardless, this doesn't necessarily change things and the new values for `aria-haspopup` don't seem to suggest the current usage in WordPress is 100% correct. What does ""user activation"" means? The `aria-haspopup` makes perfectly sense when users of assistive technologies land on an interactive item and need to be informed that activating the item reveals additional content. That's not the case with the admin menu. Both when tabbing or arrowing when using a screen reader, all the menu items including the sub-menu items get revealed without requiring any special user action. In this case, the information provided by `aria-haspopup` seems pointless, if not confusing. Only in the responsive view, the admin menu works differently and the top level items do require user activation to reveal the sub menus. Seems `aria-haspopup` should be used only in the responsive view. We should further investigate this issue and test with assistive technologies, not only screen readers but also, for example, speech recognition software. For reference, the major screen readers announce `aria-haspopup` this way, as of January 2018: {{{ NVDA ""sub menu"" JAWS ""has pop-up"" VoiceOver ""Menu pop-up"" }}} " afercia 9 43096 Reduce redundant calls to translate() close I18N normal normal Awaiting Review enhancement new 2018-01-16T04:22:09Z 2023-05-05T11:03:57Z "Profiling the default WordPress install I noticed translate functions where being called 1700+ times and many times with duplicate strings. This patch uses static vars in a few key places to avoid translating the same string multiple times. Gives about a 14% reduction in page response time and a very slight memory increase. See https://blackfire.io/profiles/compare/6b2513f0-de36-400d-9e39-2349644b3d57/graph " superdav42 3 43098 Defining WP_UNINSTALL_PLUGIN also when the uninstall handler is registered via register_uninstall_hook() Administration normal normal Awaiting Review defect (bug) new 2018-01-16T14:18:36Z 2019-01-17T01:26:20Z "At the moment, there's no way to ""know"" that the context execution is uninstallation until the uninstall hook is executed: {{{ do_action( ""uninstall_{$file}"" ); }}} I'd like to move the definition of `WP_UNINSTALL_PLUGIN` to be set for both uninstall handlers (the `uninstall.php` and the `register_uninstall_hook()` hook). The fix is super simple, just moving `define('WP_UNINSTALL_PLUGIN', $file);` in `/wp-admin/includes/plugin.php` outside the `if` statement. It's needed when a plugin need to execute some code prior to the `register_uninstall_hook()` execution that is later used within the callback. I couldn't think of any intentional reason why it shouldn't be defined for both uninstallation methods." svovaf 3 43100 Unexpected results from wpautop General normal normal Awaiting Review defect (bug) new 2018-01-16T19:01:25Z 2019-01-17T01:25:57Z "An empty paragraph will result in invalid HTML To reproduce using default theme add `echo wpautop( '<p></p>' );` into a template file. Expected result `<p></p>` Actual result `</p>`" pross 3 43114 FLV video - NetworkError: Exception ProgressEvent error Media 4.9.2 normal normal Awaiting Review defect (bug) new 2018-01-17T18:13:19Z 2021-04-01T14:56:40Z "Hello, FLV doesn't work any more since last versions of Wordpress. I have this error : NetworkError: Exception ProgressEvent error when I use this code in articles : [video width=""640"" height=""480"" flv=""http://mydomaine.org/wp-content/uploads/2012/02/DSC_0011.flv""][/video] and sometimes this error : ""Aucune vidéo dont le format ou le type MINE est géré n'a été trouvée"" Thank you for your help" Fred001 8 43115 Improve plugin search results Plugins 4.9.2 normal normal Awaiting Review feature request new 2018-01-17T19:05:36Z 2018-09-14T19:40:00Z "Hi there, I'm not sure if I post this at the right place, but being new to 'get involved' I find this to be the most direct place to share my thoughts. Maybe someone before me has suggested my request before, but I could not find existing tickets about it. For a long time I do miss a good filtering and sorting option in the plugin repository, both on wordpress.org/plugins and in the admin plugin section. I would like to see a filter and sorting option for the following attributes: - WP version compatiblility (tested up to ...) - WP version required - number of active installs -> if this is high, it must be a quite good plugin, otherwise not so many websites would use it - in plugin repository since -> plugin can be fairly new and therefore not yet have a high number of active installs - last updated -> to filter out plugins that are not regularly updated - rating I also would like to see that 'last updated' would be added to the info for a single plugin search result (where now only the number of active installs, developer and 'tested with' is displayed), so you can see right away if a plugin is well maintained or not. I would also suggest that plugins which have not been updated or maintained at all for over a year will be marked; for example with a traffic light: orange for 'updated more than a year ago', red for 'updated more than two years ago' (and off course green for 'updated less than a year ago'). I think the least plugin writers can do is test their plugin for compatibility with each new WP version and update this information if the plugin still works fine. Maybe make this mandatory if you want your plugin to be included in the plugin reporitory? I hope this will also encourage all plugin writers to maintain their plugins better. My goal is to separate the plugins of good quality and high developer dedication from the plugins that are less well maintained. And make this visible to users. I'm looking forward to a response from the core developers community. Thanks!" prodefu 1 43119 Allow passing empty post ID to media_handle_sideload() has-patch Media 2.6 normal normal Future Release defect (bug) new 2018-01-17T20:56:38Z 2021-09-01T10:16:11Z "I stumbled upon this via https://wordpress.stackexchange.com/questions/291344/why-does-media-handle-sideload-upload-to-last-months-folder. Basically, the person was trying to run `media_handle_sideload( $file_array, $post_id = 0 )` to upload files. This works fine in so far as it calls `wp_insert_attachment()` which accepts a post ID of `0` (it's the default) so the attachment won't be associated with a specific post. However, `media_handle_sideload()` doesn't fully support `$post_id = 0` (or `$post_id = null`, for that matter) because of the `if ( $post = get_post( $post_id ) ) { … }` condition since `get_post( 0 )` fetches the global post and overrides `$time`. This means you cannot upload a media file and have `$time` set to today. To reproduce: 1. Create a post with the date set to last month 1. Set this post as `$GLOBALS['post']` 1. Run `media_handle_sideload( $file_array, 0 )` 1. Notice that the upload folder will be the one from last month, not this month. Proposed fix: Change the condition from `if ( $post = get_post( $post_id ) ) { … }` to `if ( $post_id && $post = get_post( $post_id ) ) { … }` Consequences: The upload folder will point to the current month, not the date from the global post if using `$post_id = 0` or `$post_id = null`. Not a big deal IMHO." swissspidy 1 43120 HTML Tag Auto-Formatting in Custom HTML Widget Widgets 4.9 normal normal Awaiting Review enhancement new 2018-01-17T21:12:25Z 2018-01-18T01:28:52Z "As a developer using WordPress multisite to manage a stable of client websites, I have quickly become a big fan of the Custom HTML widget. The syntax highlighting combined with the removal of the auto-paragraph formatting of text widgets has provided a much friendlier interface for my daily work building and maintaining sites. However, in addition to syntax highlighting, the latest update has also introduced another new behavior that is quickly becoming the bane of my coding workflow. Typing the closing angle-bracket at the end of any block-level HTML tag initiates an auto-formatting routine that completely derails my coding process. For example, typing {{{<div>}}} or {{{<p>}}} automatically generates the closing {{{</div>}}} or {{{</p>}}} tag after the cursor, respectively. This behavior mimics the automations of many popular IDEs, and it is a big time-saver if implemented well. However, the current implementation in the Custom HTML widget takes the automation a step too far with block-level tags, also adding carriage returns and indentation to my code where I don't want either. I understand that many coding best-practices prescribe this format to make code easier to read and maintain, which is true for coding in an adjustable-width IDE window or frame. But for the widget editor that's limited to a width of around 340 pixels (without accounting for padding), I prefer to organize my code into segments broken into logical blocks with whitespace between them and everything flush-left. Currently, the contents of a typical Custom HTML widget in my environment look like this (line breaks added to approximate editor width): {{{ <div class=""widget-content"" id=""first- section""> <div class=""widget-content-wrapper""> <div class=""image-section-text""> <p> This is my content. </p> [tabby title=""First Tab""] <h3> First Tab Header </h3> <p> <em>Click an image below to enlarge for viewing details.</em> </p> [su_row] [su_column] [su_lightbox type=""image"" src=""/wp-content/uploads/sites/44/2018 /01/image01.jpg""]<img class=""aligncenter size-medium wp-image-201"" src=""/wp- content/uploads/sites/44/2018 /01/image01-250x300.jpg"" width=""250"" height=""300"" />[/su_lightbox] <h4> Image 1 Title </h4> <h4> <em>Image 1 Caption</em> </h4> [/su_column] [su_column] [su_lightbox type=""image"" src=""/wp-content/uploads/sites/44/2018 /01/image02.jpg""]<img class=""aligncenter size-medium wp-image-202"" src=""/wp- content/uploads/sites/44/2018 /01/image02-250x300.jpg"" width=""250"" height=""300"" />[/su_lightbox] <h4> Image 2 Title </h4> <h4> <em>Image 2 Caption</em> </h4> [/su_column] [/su_row] [tabby title=""Second Tab""] <h3> Second Tab Header </h3> <p> <em>Click an image below to enlarge for viewing details.</em> </p> [su_row] [su_column] [su_lightbox type=""image"" src=""/wp-content/uploads/sites/44/2018 /01/image03.jpg""]<img class=""aligncenter size-medium wp-image-203"" src=""/wp- content/uploads/sites/44/2018 /01/image03-250x300.jpg"" width=""250"" height=""300"" />[/su_lightbox] <h4> Image 3 Title </h4> <h4> <em>Image 3 Caption</em> </h4> [/su_column] [su_column] [su_lightbox type=""image"" src=""/wp-content/uploads/sites/44/2018 /01/image04.jpg""]<img class=""aligncenter size-medium wp-image-204"" src=""/wp- content/uploads/sites/44/2018 /01/image04-250x300.jpg"" width=""250"" height=""300"" />[/su_lightbox] <h4> Image 4 Title </h4> <h4> <em>Image 4 Caption</em> </h4> [/su_column] [/su_row] [tabbyending] </div> </div> </div> }}} Because I am using the Custom HTML widgets to build out large sections of pages within my sites, I end up having to scroll through lots of code within any single widget instance. Having a bunch of opening and closing tags on individual lines sprinkled with indents forcing extra text wraps is a pointless gesture that impairs quick-scanning and readability rather than improving it. This is especially true for sections involving deeply nested divs containing lengthy paragraph text and shortcodes. Within the constraints of the editor, I would prefer the above code to appear in the below format (again, line breaks reflect real text-wrapping in the editor): {{{ <div class=""widget-content"" id=""first- section""> <div class=""widget-content-wrapper""> <div class=""image-section-text""> <p>This is my content.</p> [tabby title=""First Tab""] <h3>First Tab Header</h3> <p><em>Click an image below to enlarge for viewing details.</em></p> [su_row] [su_column] [su_lightbox type=""image"" src=""/wp- content/uploads/sites/44/2018 /01/image01.jpg""]<img class=""aligncenter size-medium wp-image-201"" src=""/wp- content/uploads/sites/44/2018 /01/image01-250x300.jpg"" width=""250"" height=""300"" />[/su_lightbox] <h4>Image 1 Title</h4> <h4><em>Image 1 Caption</em></h4> [/su_column] [su_column] [su_lightbox type=""image"" src=""/wp- content/uploads/sites/44/2018 /01/image02.jpg""]<img class=""aligncenter size-medium wp-image-202"" src=""/wp- content/uploads/sites/44/2018 /01/image02-250x300.jpg"" width=""250"" height=""300"" />[/su_lightbox] <h4>Image 2 Title</h4> <h4><em>Image 2 Caption</em></h4> [/su_column] [/su_row] [tabby title=""Second Tab""] <h3>Second Tab Header</h3> <p><em>Click an image below to enlarge for viewing details.</em></p> [su_row] [su_column] [su_lightbox type=""image"" src=""/wp- content/uploads/sites/44/2018 /01/image03.jpg""]<img class=""aligncenter size-medium wp-image-203"" src=""/wp- content/uploads/sites/44/2018 /01/image03-250x300.jpg"" width=""250"" height=""300"" />[/su_lightbox] <h4>Image 3 Title</h4> <h4><em>Image 3 Caption</em></h4> [/su_column] [su_column] [su_lightbox type=""image"" src=""/wp- content/uploads/sites/44/2018 /01/image04.jpg""]<img class=""aligncenter size-medium wp-image-204"" src=""/wp- content/uploads/sites/44/2018 /01/image04-250x300.jpg"" width=""250"" height=""300"" />[/su_lightbox] <h4>Image 4 Title</h4> <h4><em>Image 4 Caption</em></h4> [/su_column] [/su_row] [tabbyending] </div> </div> </div> }}} Because I prefer to keep my code flush left, the editor's auto-indentation for nested block-level tags keeps offsetting my closing tags and requires backspacing/deletion of both the indents and the carriage returns. While I realize that many developers may prefer strict adherance to best-practices, I also expect those same developers ultimately prefer the ability to decide upon their own standards without having someone else assume what's best and impose those assumptions into their development environments. I believe the best implementation of IDE features into the Custom HTML widget should involve the ability to adjust such formatting presets as they are introduced. This would allow end-users to apply such enhancements according to their individual preferences and prevent distractions from the introduction of unwelcomed ""improvements"". Perhaps IDE preferences could be enabled through checkboxes below the editor pane for applying individual features: - Syntax Highlighting - Tag Completion - Quotes Completion - Auto-Indentation and maybe even - Line Numbers (to regain space in a constrained-width pane) The editor would still perform analysis on each keystroke, but ""If Tag-Completion = false"" it could skip the tag completion subroutine, for instance. My apologies for the verbosity of this ticket, but I wanted to fully illustrate my particular use-case. As a frequent user of Custom HTML widgets, I am excited by the prospects of current and forthcoming enhancements, and I can't wait to see what improvements future updates bring." JosefNT 1 43121 Custom HTML Widget Warning Tooltips Error Widgets 4.9.2 normal normal Awaiting Review defect (bug) new 2018-01-17T22:16:24Z 2018-01-19T14:26:14Z "I am using Custom HTML widgets in the current version of WordPress, and I have noticed an error in the display of warning tooltips within the current version of Firefox. When I mouseover a warning icon in the Custom HTML widget, the resulting tooltip displays beneath the editor pane, making the warning text unreadable. '''Warning Tooltip in Firefox:''' [[Image(https://img.nettech.net/Temp/CustomHTMLWidget_WarningTooltip_Firefox.jpg)]] The same warning tooltip appears correctly in the latest versions of Chrome and Edge. '''Warning Tooltip in Chrome''' [[Image(https://img.nettech.net/Temp/CustomHTMLWidget_WarningTooltip_Chrome_Edge.jpg)]] I have not tested across themes, so for reference I am currently working within Front Page sidebars in a Genesis child theme. I have tested the same widget across Firefox, Chrome, and Edge, and only Firefox exhibits the described behavior." JosefNT 2 43122 customize.php fails to load with default changeset_uuid bpayton reporter-feedback Customize 4.7 normal normal Awaiting Review defect (bug) assigned 2018-01-18T00:46:13Z 2021-05-30T17:26:42Z "I am seeing a rare condition where users are unable to load the Customizer with no specified changeset and see the message ""Cheatin, uh? This changeset cannot be further modified."" In all cases, I am seeing two `customize_changeset` posts with the same GUID post name, one with draft status and the other with published status. When WP_Customize_Manager attempts to find a changeset to load by default, it finds the draft with the GUID, and when it attempts to load the post, it finds the published post with the same GUID and dies with the message mentioned above. I read WP_Customizer and theorized how this could be happening but have no theory worth mentioning. Still, this seems like some kind of race condition." bpayton 5 43130 Add New Site: admin autocomplete search all users Networks and Sites 4.9.2 normal normal Awaiting Review enhancement new 2018-01-19T09:01:27Z 2021-04-06T17:02:11Z "When adding a new site on multisite WordPress, the ""Admin Email"" field's autocomplete will find only users attached to the first ""site"". If the user is in WordPress network user list but not in first site, it'll not be found." julienlusson 1 43140 WordPress does not allow HTML tags in the Name field of Links (blogroll) General 4.9.2 normal normal Awaiting Review defect (bug) new 2018-01-21T18:07:04Z 2018-01-26T21:33:37Z "In WordPress 4.9.2, when creating a Link (i.e. the blogroll feature) it is not possible to wrap HTML tags around the text in the Name field: WordPress will simply display those HTML tags escaped on the website. Being able to add HTML tags around the Name text is important because it allows specifying foreign-language names with the {{{<span lang=""XX"">}}} tag for the sake of accessibility (screenreaders etc.) and semantic markup. My blog, for example, is in English, but some of the blogs linked to in my blogroll have foreign-language titles. WordPress already allows adding tags like {{{<span lang=""XX"">}}} in the Title field of new blog posts, presumably for precisely this purpose, so this feature should be made available to the Links editor as well." CRCulver 3 43147 Introduce `esc_html_comment` and translation related functions dev-feedback Formatting normal normal Awaiting Review enhancement new 2018-01-23T15:27:17Z 2019-01-16T06:50:09Z "Triggered by the following PR on Yoast SEO [https://github.com/Yoast/wordpress-seo/pull/8687 #8687] I saw the need for `esc_html_comment` functionality in WordPress. This patch is based on the current API for formatting and escaping functions. The implementation is based on the specifications found on the [https://www.w3.org/TR/html51/syntax.html#sec-comments HTML specifications page]. I've added unit tests to cover the situations that I could come up with." jipmoors 7 43149 WP-API JS Client not triggering change event when using setMeta/setMetas helpers REST API 4.9 normal normal Awaiting Review defect (bug) new 2018-01-23T16:49:55Z 2020-10-25T04:19:42Z "As briefly [https://wordpress.slack.com/archives/C5UNMSU4R/p1516717879000467 mentioned] on Slack earlier today the `model.setMeta()` helper method introduce in #41055 has a couple of weaknesses. 1/ The `meta` attribute is undefined when creating a new model, which makes sense, but causes `setMetas()` to silently fail at set new meta values; using `setMeta()` causes an error. {{{#!javascript var post = new wp.api.models.Post( { id : 1234 } ); post.setMetas( { foo : 'bar' } ); // post.attributes.meta remains undefined post.setMeta( 'foo', 'bar' ); // TypeError: metas is undefined }}} 2/ When the `meta` attribute is properly defined, some changes in meta values fail to trigger a change event. Provided that the above issue does not show: {{{#!javascript var post = new wp.api.models.Post( { id : 1234 } ); post.on( 'change:meta', console.log ); post.set( 'meta', { foo : 'bar' } ); // trigger change event post.setMetas( { foo : 'BAR' } ); // Does not trigger change event post.setMeta( 'foo', 'BAR' ); // Does not trigger change event }}} Values are correctly updated; the `change` event is just not triggered as it should. The only way I found to make this work is to clone the `meta` attribute in `setMeta()`/`setMetas()`. As of now these methods simply retrieve the `meta` attribute using `get()` and then `_.extend()` to add/update properties, which doesn't seem enough to make Backbone consider it a change." caercam 1 43152 Image remains in page after deleting from Media Library Media 4.9.2 normal normal Future Release defect (bug) new 2018-01-24T00:31:39Z 2019-04-15T15:21:13Z "Whilst editing your page, if you open the Media Library (using the Add Media button), and then delete an image that is currently added to the page, the image remains on the page after closing the pop-up window. To Reproduce: - Insert Image on Page - Click Add Media button to display the Media Library popup Window - Select the image that you previously inserted on the page and delete the image - Close the media pop-up window - Image that was deleted remains on page Here's a gif to show an example - https://cl.ly/1I2r3q3H301J I originally raised this as an [https://github.com/WordPress/gutenberg/issues/4610 issue with Gutenberg], but it was suggested to raise it here since it's also an issue with the classic editor." ahortin 1 43153 Theme Preview doesn't work Themes 4.9.2 normal normal Awaiting Review defect (bug) new 2018-01-24T12:53:53Z 2020-12-18T18:23:54Z "Hi in WordPress 4.9.2 when i go to Appearance-> Themes and want to add new theme from WordPress library. i'm click on Preview button to see details about any themes but it's blank page happen. i test it on 3 different WordPress site but it's happen again." CG-TEAM 5 43155 Formatting bug with ampasands - WooCommerce Layered Nav Formatting 4.7.5 normal normal Awaiting Review defect (bug) new 2018-01-24T14:39:12Z 2018-01-24T14:39:12Z "I found a problem with the WooCommerce layered nav plugin caused by WordPress itself. When you have products shown filtered by an attribute (for example - red) and then click the number of products to show (such as 45) upon page load the ampasand (&) changes to the HTML entity instead. I commented out a few lines on wp-includes/formatting (example - line 238 - $curl = preg_replace( '/&(?!#(?:\d+|x[a-f0-9]+);|[a-z1-4]{1,8};)/i', '&', $curl );) which now stops this happening. Please have a look as I know this will be overwritten when WordPress is next updated. Best Regards, Jim." jimleeder 43156 _walk_bookmarks(): please add the link id as HTML id attribute. Formatting 4.9.2 normal normal Awaiting Review enhancement new 2018-01-24T17:28:33Z 2018-01-24T17:28:33Z "Hi, would it be possible to add an HTML attribute that contains the WP link ID when outputting the a blogroll link with _walk_bookmarks() ? It would be nice to be able to customize links with CSS. I know it is possible to do it by hooking a function on 'wp_list_bookmarks', but... what a waste of time for nothing :) Thanks" grosbouff 43159 Introduce helper function for XMLRPC checks has-patch Bootstrap/Load normal normal Awaiting Review enhancement new 2018-01-25T20:30:35Z 2018-01-26T17:40:12Z Similar to #25669, it would be nice if there was a helper function for checking if WordPress is doing a XML-RPC request. NathanAtmoz 3 43160 Reduce wp-admin/update-core.php load time by half Upgrade/Install 4.9.2 normal normal Awaiting Review enhancement new 2018-01-25T23:10:13Z 2018-04-18T20:39:35Z "I had this problem where loading this page was taking over a minute. It turns out that this is caused by premium plugins that makes remote calls to validate license and/or verify the existence of update. My whole journey is documented here: https://wordpress.org/support/topic/displaying-wp-admin-update-core-php-takes-about-50-secs/ There is not much that can be done about that but this can be mitigated a lot when you realise that wp_update_plugins() calls set_site_transient() twice and this is where the expensive hook calls are made. So here is my attempt to improve the situation: {{{ $ diff wp-includes/option.php{.orig,} 1721a1722,1759 > * Set/update the value of a site transient without calling the sometimes expensive hooks. > * > * This is particularly for the special case of wp_update_plugins() where set_site_transient() was called twice > * and the first time was only for setting up the last_checked update_plugins option. > * > * @since 4.9.2 > * > * @see wp_update_plugins() > * > * @param string $transient Transient name. Expected to not be SQL-escaped. Must be > * 167 characters or fewer in length. > * @param mixed $value Transient value. Expected to not be SQL-escaped. > * @param int $expiration Optional. Time until expiration in seconds. Default 0 (no expiration). > * @return bool False if value was not set and true if value was set. > */ > function set_site_transient_nohook( $transient, $value, $expiration = 0 ) { > > $expiration = (int) $expiration; > > if ( wp_using_ext_object_cache() ) { > $result = wp_cache_set( $transient, $value, 'site-transient', $expiration ); > } else { > $transient_timeout = '_site_transient_timeout_' . $transient; > $option = '_site_transient_' . $transient; > if ( false === get_site_option( $option ) ) { > if ( $expiration ) > add_site_option( $transient_timeout, time() + $expiration ); > $result = add_site_option( $option, $value ); > } else { > if ( $expiration ) > update_site_option( $transient_timeout, time() + $expiration ); > $result = update_site_option( $option, $value ); > } > } > return $result; > } > > /** 1767,1781c1805 < if ( wp_using_ext_object_cache() ) { < $result = wp_cache_set( $transient, $value, 'site-transient', $expiration ); < } else { < $transient_timeout = '_site_transient_timeout_' . $transient; < $option = '_site_transient_' . $transient; < if ( false === get_site_option( $option ) ) { < if ( $expiration ) < add_site_option( $transient_timeout, time() + $expiration ); < $result = add_site_option( $option, $value ); < } else { < if ( $expiration ) < update_site_option( $transient_timeout, time() + $expiration ); < $result = update_site_option( $option, $value ); < } < } --- > $result = set_site_transient_nohook( $transient, $value, $expiration ); $ diff wp-includes/update.php{.orig,} 68c68 < set_site_transient( 'update_core', $current ); --- > set_site_transient_nohook( 'update_plugins', $current ); }}} " lano1106 2 43162 Deleting a site from a multisite network leaves orphaned database tables and files has-patch Networks and Sites 3.0 normal normal Future Release enhancement new 2018-01-26T16:15:02Z 2024-02-13T12:02:10Z "Looking at the table structure of a typical multisite install, I see that tables for individual sites within the network are prefixed with wp_{siteid}_ tablename. When I delete a site from the from the network, all standard WP tables for that particular site ID are deleted; however, several plugin tables are not. As well, looking at the uploads/sites directory, the directory for that site (represented by its ID) is also still there along with all its files (media and other uploads). an earlier ticket:30673 suggested that this should be caught when uninstalling a plugin from the master site. But, I'd have to disagree. Most uninstall scripts use a type of {TABLEPREFIX} before its table names. This would delete the tables for every site in the network, wouldn't it? and that's not what the goal would be. Aside from the plugin issue are the media files that are also orphaned. Media file uploads is part of core, and that's not something a plugin author could approach. When deleting a site from the network, this is irrevocable. Wordpress even create an extra confirmation page upon delete saying so just to make sure. If that's the case, and this is by design, what's the point of keeping these extra files and tables if they are never going to be used again? Shouldn't all site specific db tables and all files in the uploads directory be deleted when a site is deleted? Or, perhaps as an enhancement, on the Delete Site confirmation page, could we have two checkboxes: ""1) delete all tables associated with this site"" and ""2) delete all files associated with this site"" Currently I have a script setup to alert me as to when a site is deleted. I then open up a cli to manually delete the db tables for that install, and then its files from the uploads directory. This doesn't feel like the intended workflow to handle the orphaned elements of the site." bluep92877 32 43163 Did you know? CSS notification needs a Dismiss button to close has-patch Themes 4.9 normal normal Awaiting Review feature request new 2018-01-26T17:09:30Z 2019-07-16T03:45:11Z "The CSS notification bar at the top of the Edit Themes editor needs a Dismiss button so that it can be closed. The notification bar I'm referring to says: ''' Did you know? There’s no need to change your CSS here — you can edit and live preview CSS changes in the built-in CSS editor.''' " pracko 5 43168 Customizer: Iris color picker handle above section title Customize normal normal Future Release defect (bug) new 2018-01-27T18:58:05Z 2019-12-16T00:49:42Z "When Iris color picker is opened, the handle displays bevor the section title – if section is visible during scroll-up. Section title styles: {{{ #customize-controls .customize-info.is-in-view, #customize-controls .customize-section-title.is-in-view { z-index: 9; } }}} Handle styles: {{{ .iris-picker .iris-square-handle { z-index: 10; } }}}" crstnio 2 43171 Image Title Not Carrying through on Insert audrasjb* Widgets 4.8 normal normal Awaiting Review defect (bug) accepted 2018-01-28T16:35:54Z 2019-02-04T17:47:17Z "If I go into a post, page, or widget and insert and image the image title does not come through on that original insert. This happens with either a new uploaded image or one from the gallery. I can set the alt-text, caption, title, and such, but when it is inserted the title is the only field not to come through. It is blank. I can then go in and edit the image and fix the title and it takes. If I am editing an image in the image widget, the same thing happens. And if it is an existing image widget that I am just changing the image in, it will actually leave the title from the previous image - not blank it out or use the newly specified title. I have verified this with new images, edited images, uploaded images, images from the media library, different image formats, etc... And verified on multiple sites, on different hosts, with any and or all plug-ins deactivated or activated. Oh, and different themes. Everything from complex magazine theme to standard WP TwentyTen theme and stuff in between. Can give access to sites where this happens. Actually, I have found no sites where it actually works correctly. " carnellm 2 43176 Nav Menu Search - add filters for query args Menus normal normal Awaiting Review enhancement new 2018-01-29T16:01:00Z 2019-01-16T06:50:09Z "On sites that have lots of content with similar names, it can be almost impossible to find the correct page using the search tab. One way to fix this is described in #38224 (changing the number of posts returned, or providing a filter so developers can change it). Another option would be to check if the search query is_numeric(), and if so, search for a page with that ID. This could either be implemented in core directly, or appropriate filters could be provided so a plugin could implement this functionality." billerickson 1 43178 Rethinking what “captions” means for video postphotos reporter-feedback Media 5.1 normal normal Future Release enhancement assigned 2018-01-29T16:32:59Z 2023-10-19T18:38:35Z "'''Because different users will use the word ""caption"" in different ways, it would be helpful to look at reducing this term in WordPress media and clarifying all media terms as a whole.''' Captions carry a meaning in the video industry that is closely related to subtitles. It's recommended that we change how we describe our images, videos, and other media used within WordPress. ''Note: For architectural reasons, the field data should be left alone, but we need a better label for the associated meta. I also talked about this a bit in #31177'' This proposal further explores the messy language in media attachments and focuses on clear description so that all users can understand them, including clarifying WordPress' use of video subtitles. A proposal to revising these terms is below. Images 1) Wherever images use {{{data-setting=""title""}}} - instead of ""Title"" the English label should read ""Media Title."" 2) Wherever images use {{{data-setting=""caption""}}} - instead of ""Caption"" the English label should read ""Image Caption."" Because the specific term ""photo captioning"" describes a widely-used industry term, it should be clarified here but not removed. 3) Wherever images use {{{data-setting=""description""}}} - instead of ""Description"" the English label should read ""Longer Description."" This is because theme developers do not output this data beyond attachment pages and having three ill-described content areas - alt, caption, description - is an anti-pattern to describe what these images. Videos 1) Wherever images use {{{data-setting=""title""}}} - instead of ""Title"" the English label should read ""Media Title."" 2) Wherever video use {{{data-setting=""caption""}}} - instead of ""Caption"" the English label should read ""Media Description."" 3) Wherever images use {{{data-setting=""description""}}} - instead of ""Description"" the English label should read ""Longer Description."" This is because theme developers do not output this data beyond attachment pages and having three ill-described content areas - alt, caption, description - is an anti-pattern to describe these images. By adjusting these terms and exposing utility of the meta values, this level of clarity will greatly enhance the ability for all users, especially those helping create content for both multi-lingual and Deaf audiences, to understand the meta values in managing media work without the need to read documentation. Goals: 1. Because videos are reused on separate posts and all subtitled videos should contain this as a part of their output, create a meta value (or some other object type) that stores associated SRTs per language. 2. Allow for a better way for all videos that stores the associated SRTs to be associated with a language or as another kind of subtitle track - i.e. commentary, descriptive text, etc. 3. Allow videos uploaded at the same time with the same subtitle file name (or in a language structure) to be associated with each other. Assume the default core language for videos with no LANG code and associate the only subtitle as belonging to default core’s. (If there’s only one SRT with no lang suffix, it’s probably a caption.) If we leave the existing labels as-is, new and old users will both continue to put the wrong information in because of the lack of context to each field. Whatever fix we decide on, this should also be further adjusted in each target language that WordPress core is released in." postphotos 26 43183 wp-comments-post.php endpoint support for OPTIONS reporter-feedback Comments normal normal Awaiting Review enhancement new 2018-01-30T17:13:04Z 2019-07-01T12:24:37Z "Under some circumstance we may need cross-posting from one domain to another (without the wp-json API). At least lets preflight requests flow normally https://github.com/WordPress/WordPress/pull/338 " drzraf 2 43189 Restoring page revision doesn't restore page template previously used Revisions 4.9.2 normal normal Awaiting Review defect (bug) new 2018-01-31T13:23:15Z 2018-01-31T15:09:27Z "I noticed this when one of the editors made a change in a page and also changed page template. We reverted the change by restoring a previous revision, but this didn't restore the previous page template. " bugnumber9 1 43197 Nesting @media rule inside @supports rule fails CSS validation dev-feedback Customize 4.9.2 normal normal Awaiting Review defect (bug) new 2018-02-01T10:13:49Z 2021-05-30T17:30:28Z "The CSS editor in the Customize panel returns 2 syntax errors when trying to insert a `@media` rule inside a `@supports` rule. It does work fine the other way around. See screenshot: [[Image(https://i.imgur.com/81b01Bp.png)]] Results are independent of specified properties & values. This might impact performance, because it is faster to skip the entire content of a feature query if a browser does not support a certain feature, rather than having multiple media queries with `@supports` in each of them. Besides, it can be functionally different, as explained here: https://stackoverflow.com/a/42438244 Tested on Chrome 63 and Windows 7. " neoqueto 3 43205 Allow filtering the list of characters to be replaced by wptexturize Formatting normal normal Awaiting Review feature request new 2018-02-01T18:41:46Z 2019-01-16T06:43:09Z "I'd like to selectively disable the replacement of a subset of the characters replaced by wptexturize. There are already filters to control which html tags & shortcodes are exempt from being texturized: `no_texturize_shortcodes` & `no_texturize_tags`. I think a similar filter should exist to control which characters are texturized. This filter would take at least two parameters: `$dynamic_characters` & `$dynamic_replacements`. I am interested in writing a patch if you'll consider it. Would this enhancement be acceptable?" cyclic 43206 Angle brackets around URLs can confuse email clients Mail 4.9.2 normal normal Awaiting Review defect (bug) reopened 2018-02-01T19:20:43Z 2018-07-17T23:16:30Z "In #14140, angle brackets were added to plain text emails sent by WordPress due to some email clients not handling long URLs correctly. However in some email clients, the trailing `>` is treated as part of the link, which also causes users to end up at the wrong URL. As there is no standardised way to make a link clickable in a plain text document I think the best solution would be for WordPress to send all mail in both `text/plain` and `text/html`." tomdxw 5 43208 Separate setting validation from sanitization needs-unit-tests Options, Meta APIs normal normal Awaiting Review enhancement new 2018-02-01T23:45:12Z 2020-11-06T23:12:25Z "As widely known, validation is different from sanitization. A value should first be validated and then be sanitized. Historically, WordPress has been mixing these two responsibilities in the `sanitize_option()` function, however it is easily possible to add an extra layer on top of that which maintains full backward-compatibility. Newer parts of core, such as the Customizer and the REST API, have been dealing with this in a better way, keeping the two separate. We can achieve the same for options themselves too. I suggest introducing a `validate_option_{$option}` filter that works somewhat similar like the `customize_validate_{$setting_id}` filter used in the Customizer. It passes an empty `WP_Error` object that can be added to. In addition to allow separate validation from sanitization, it also makes handling of validation easier, since it can then automatically set the value to the previous value and call `add_settings_error()`, passing any error messages set, which matches current core behavior." flixos90 10 43209 REST API should take settings errors into account dev-feedback Options, Meta APIs normal normal Awaiting Review enhancement new 2018-02-01T23:59:10Z 2018-02-01T23:59:10Z "The `WP_REST_Settings_Controller` should notify the client when updating a setting fails due to an invalid value provided per the setting's `sanitize_callback` (should actually be validation, see related #43208). Currently this goes completely unnoticed. While `update_option()` doesn't return any information like that, it may be possible to use the information passed to `add_settings_error()` in case of a validity issue, and forward that to the client by returning a `WP_Error` with the message." flixos90 43210 Introduce singular capabilities for managing individual options dev-feedback Role/Capability normal normal Awaiting Review enhancement new 2018-02-02T00:21:35Z 2018-04-19T21:52:52Z "We've always had `manage_options`, but it's currently impossible whether a user can manage a specific option. As part of related tickets dealing with more granular capabilities (see https://core.trac.wordpress.org/query?status=accepted&status=assigned&status=new&status=reopened&status=reviewing&keywords=~granular-capabilities&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=milestone&col=component&order=priority), I suggest adding a meta capability `manage_option`. It should accept (or basically require) the option name as argument. By default it should fallback to the regular `manage_options`, but an `auth_callback` could be passed to `register_setting()` to tweak the permissions there (such an `auth_callback` is already known from `register_meta()`). This would also be useful for the REST API so that it can use the more granular permissions." flixos90 3 43215 Allow wp_kses to pass allowed CSS properties Security 4.9.2 normal normal Awaiting Review feature request new 2018-02-02T12:31:48Z 2018-02-02T12:31:48Z "`wp_kses` takes arguments for allowed HTML elements, HTML element attributes, and allowed protocols. It takes all of these directly via the function argument through a nicely formatted assoc array. On the side side, attribute values (i.e. ""display: block; visibility: hidden;"") are configured via a hook, which means they are changed globally for all future calls. Here a sample how the system is behaving currently: {{{#!php <?php $allowed_output_html = array( 'script' => array(), 'noscript' => array(), 'iframe' => array( 'src' => array(), 'width' => array(), 'height' => array(), 'style' => array(), ), ); $allowed_output_protocol = array( 'https', 'javascript', ); $google_tag_manager_noscript <<<'ENDSTRING' <noscript><iframe src=""https://www.googletagmanager.com/ns.html?id=123"" height=""0"" width=""0"" style=""display:none;visibility:hidden""></iframe></noscript> ENDSTRING; echo wp_kses( $google_tag_manager_noscript, $allowed_output_html, $allowed_output_protocol); // Outputs as it should except for the style=""display:none;visibility:hidden"" portion // <noscript><iframe src=""https://www.googletagmanager.com/ns.html?id=123"" height=""0"" width=""0""></iframe></noscript> }}} It seems that currently the only way to allow the ""style"" attribute from showing is to write a filter for ""safe_style_css"" to add in the ""display"" and ""visibility"" attributes, however this means that we are globally altering this behavior, which in other scenarios would allow unexpected HTML to appear (ie unsafe element properties). Even when removing the items immediately after executing the code will not work because the attribute may in the future be consider secure. This then causes an inconsistent execution. For example, imagine that if we wanted to make sure the ""float"" attribute was allowed in the attribute value. Currently this value is allowed, so us adding it in won't change the array. However when we're then undoing our action (ie removing the ""float"" attribute from the list of allowed attributes, we are actually removing one that was set as ""safe"" by WordPress themselves. It is easy to imaging how this could escalate further, when plugins blanket whitelist element attributes, then remove them from the list, then meaning that no attributes are allowed. Alternatively, in this same example if we removed our filter (with remove_filter) right after our wp_kses call, it would mean that our attribute whitelist would apply to all HTML attributes (display, visibility,...) and not only the one we would want to whitelist (style). {{{#!php <?php // Function to whitelist safe CSS attributes function my_safe_css_attributes( $array ){ $array[] = 'display'; $array[] = 'visibility'; return $array; }); // Function to remove our CSS attributes from the whitelist function my_safe_css_remove_attributes( $array ){ unset $array['display']; unset $array['visibility']; return $array; } $allowed_output_html = array( 'script' => array(), 'noscript' => array(), 'iframe' => array( 'src' => array(), 'width' => array(), 'height' => array(), 'style' => array(), ), ); $allowed_output_protocol = array( 'https', 'javascript', ); $google_tag_manager_noscript <<<'ENDSTRING' <noscript><iframe src=""https://www.googletagmanager.com/ns.html?id=123"" height=""0"" width=""0"" style=""display:none;visibility:hidden""></iframe></noscript> ENDSTRING; // Telling WordPress about safe CSS attributes... add_filter( 'safe_style_css', 'my_safe_css_attributes' ); echo wp_kses( $google_tag_manager_noscript, $allowed_output_html, $allowed_output_protocol); add_filter( 'safe_style_css', 'my_safe_css_remove_attributes' ); // Outputs as it should. // <noscript><iframe src=""https://www.googletagmanager.com/ns.html?id=123"" height=""0"" width=""0"" style=""display:none;visibility:hidden""></iframe></noscript> }}} I initially expected the allowed_output_html to allow overriding allowed attribute values from the ""style"" element in the array, which I thought would have been a really neat way of overwriting the execution on a one-time basis. {{{#!php <?php $allowed_output_html = array( 'script' => array(), 'noscript' => array(), 'iframe' => array( 'src' => array(), 'width' => array(), 'height' => array(), 'style' => array( 'display', 'visibility' ), ), ); // ... }}} I think it would make sense to make the function accept this added level of depth as it allows very flexible configuration of what attributes are allowed without compromising attribute " mclaurent 43224 Extract `$utf8_pcre` from `wp_check_invalid_utf8()` into a separate function Formatting normal normal Awaiting Review enhancement new 2018-02-03T23:59:24Z 2019-01-16T06:50:09Z "The `wp_check_invalid_utf8()` function checks to confirm support for the `/u` flag in regular expressions. The result of that check is cached in a static variable within that function. However, other areas of the codebase might want to run the same check, or maybe plugins would like to check also. I'm considering a change in Gutenberg's PEG parser and that might serve as an example use case for the new `wp_can_utf8_pcre()` function I'm proposing in this ticket. Instead of running the same check all over again, having this check run once by a utility function would be nice. See: https://github.com/WordPress/gutenberg/blob/daad3f21319ec9ec73fa1b907119a7464442bfac/lib/parser.php#L1818" jaswrks 3 43225 feed_links and feed_links_extra should have filters needs-docs Feeds normal normal Awaiting Review enhancement new 2018-02-04T20:34:25Z 2019-01-16T06:50:09Z There ought to be a way to modify the way feed links are displayed by the `feed_links` function. Currently there is, for instance, no way to change the separator from `»` to something else. topdownjimmy 2 43227 Media uploaded to post should remove underscores and hyphens from text inserted into title attribute Media normal normal Future Release enhancement new 2018-02-05T11:04:43Z 2023-02-02T16:29:19Z "When adding a new image into a post my file name will typically be called something like: descriptive-name-of-image.jpg Once this image is uploaded wp will automatically set the title and will default to the name of the image ""descriptive-name-of-image"" if no title meta data is available in the image. I think a better default action would be to replace the hyphens/underscores with spaces and possibly capitalising the first letter making the title ""Descriptive name of image""." mrmadhat 2 43233 Network transients dev-feedback Networks and Sites 2.9 normal normal Future Release enhancement new 2018-02-06T09:28:25Z 2020-05-12T17:03:35Z "Currently site (network) transients do not support multi network. For sites with object caching it stores the transient as a global and for sites without object caching, it stores it on the current networks options. This is a strange behavour, as object cached sites act very differet from none. The behaviour should be the same on both types of site and how type of store a network transient should be better defined. Is it a global store or a network level store. " spacedmonkey 9 43238 `suppress_filters` not set in `pre_get_posts` hook dev-feedback Query 4.9.4 normal normal Awaiting Review defect (bug) reopened 2018-02-06T21:56:46Z 2022-05-13T09:56:29Z "After updating to 4.9.4 my media library is empty locally and on my server. I confirmed this on a handful of sites that I have updated. I cleared the cache and also checked the console. I don't see any errors or any ajax requests being made. The /wp-json/wp/v2/media does however contain a response with media. Locally I am running latest OSX, my server is Ubuntu 16.04 both with PHP ~7.0" adampatterson 9 43243 Twenty Seventeen: Menu Items are overlapped Bundled Theme 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-07T09:01:50Z 2018-02-09T04:04:28Z "Menu Items are overlapped Steps: 1. Installed WordPress 4.9.4 2. Imported file""themeunittestdata.wordpress.xml"" 3. Activate Menu 3. Try to overlap and open inner menu items Issue: Menu Items are overlapped and some part is not displayed. " nilamacharya 2 43249 Redirection issue with Japanese characters in query string on static front page Canonical 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-07T17:15:03Z 2018-02-09T10:54:03Z "Hello, I have found a bug that when a static page option is enabled from here: http://jom.x10.mx/wp-admin/options-reading.php Then, you accessed the home page with the Japanese characters on the query string, it causes redirection issues “ERR_TOO_MANY_REDIRECTS”. Example links are: http://jom.x10.mx/?%E3%83%89%E3%83%A0%E3%83%BB%E3%83%88%E3%83%AD%E3%83%94%E3%82%AB%E3%83%AB%E3%83%86%E3%82%B9%E3%83%88%E3%82%BF%E3%82%A4%E3%83%97 http://jom.x10.mx/index.php?%E3%82%B6%E3%82%AF%E2%85%A1F%E5%9E%8B%EF%BC%88%E7%A0%B2%E6%92%83%E8%A3%85%E5%82%99%EF%BC%89 You can test this on any self hosted WordPress installation with the “static page” option enabled. This causes our client’s SERP to have been ruined. http://www.almondmarketing.co.uk/index.php?%E3%83%89%E3%83%A0%E3%83%BB%E3%83%88%E3%83%AD%E3%83%94%E3%82%AB%E3%83%AB%E3%83%86%E3%82%B9%E3%83%88%E3%82%BF%E3%82%A4%E3%83%97 http://www.almondmarketing.co.uk/index.php?%E3%82%B6%E3%82%AF%E2%85%A1F%E5%9E%8B%EF%BC%88%E7%A0%B2%E6%92%83%E8%A3%85%E5%82%99%EF%BC%89" jomgapuz 1 43251 editable_roles filter doesn't exclude role on multisite Networks and Sites 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-07T19:15:54Z 2019-12-06T16:48:21Z "On a multisite installation I am trying to exclude a role using editable_roles filter. The role is removed from the dropdown but if I change the role value in the DOM using the inspector I can successfully add the excluded role. This happens only on multisite installations. On single installations if I try to add an excluded role I get the message “Sorry, you are not allowed to give users that role.” '''How to reproduce the issue:''' 1. Unset a role using editable_roles filter. 2. Login with any role that has the capability create_user. 3. Add a new user changing any role value with the excluded role (using inspector)." eArtboard 1 43256 wp_delete_post() should use get_post() not wpdb->prepare Posts, Post Types 1.0 normal normal Future Release enhancement new 2018-02-08T06:22:26Z 2018-02-13T11:24:59Z "wp_delete_post() uses a custom SQL query to pre-load the post info in a raw state and ends up adding one extra data I/O call per post/page being deleted. This bypasses the WP_Post::get_instance() wp_cache seeding. Consequently later calls to get_post() such as the 'before_delete_post' action to call _reset_front_page_settings_for_post() then falls through and calls WP_Post::get_instance() calling a nearly-identical SQL query (adds LIMIT 1 to to the same query. Is there any reason why the start of wp_delete_post() should not just call $post = get_post( $postid ) ? Replace: {{{ $post = $wpdb->get_row( $wpdb->prepare( ""SELECT * FROM $wpdb->posts WHERE ID = %d"", $postid ) ); if ( ! $post ) { return $post; } $post = get_post( $post ); }}} With: {{{ $post = get_post( $postid ); if ( ! $post ) { return $post; } }}} reference article for in-depth analysis and performance implications is online at [http://lance.bio/2018/02/08/improving-wp_delete_post-wordpress-core/] If this warrants attention I can find time to spin up my VVV box on latest build and generate a patch file when time allows. " charlestonsw 4 43258 Output buffer template rendering and add filter for post-processing (e.g. caching, optimization) General normal normal Future Release enhancement new 2018-02-08T08:01:52Z 2024-01-29T16:14:39Z "I see that more and more theme and plugin developers start to use output buffering functions for the whole site as they need to manipulate the site's content. For example: * Cache the page * Combine JS and CSS files * Lad JS and CSS files for widgets only when needed * Place SEO related things As it is not officially available in WordPress, developers need to find their way to buffer the output. Probably the most common action is the 'template_redirect', where they can place ob_start() Then they have to close their output buffer, probably the best action to do that is 'shutdown'. It wouldn't be a problem, if this method only used once on your site. When multiple plugin or theme use this technique, they should close only their output buffers. As output buffers are LIFO stacked, it is very important to close in the order they were added. For example: '''Cache plugin:''' {{{#!php <?php add_action('template_redirect', function(){ ob_start(); }); add_action('shutdown', function(){ $html = ob_get_clean(); //Let's cache the html and show it... }); }}} '''CSS minify plugin:''' {{{#!php <?php add_action('template_redirect', function(){ ob_start(); }); add_action('shutdown', function(){ $html = ob_get_clean(); //Let's find CSS files, minify them and replace the originals }); }}} In this case the page will be cached and the CSS files will be minified afterwards which will slow down the site as they should be in reverse order. We can fix that with priority, but both 'template_redirect' and 'shutdown' should get the same priority to make sure we close the related output buffer. '''Documentation''' What I propose is to have an official documentation which suggests the right way to use output buffering. It would help prevent several conflicts between plugins and themes. '''Future''' It would be great to see in WordPress core an in-built output buffering system. Then the developers wouldn't need to start and close output buffers on their own. WordPress would do the output buffering and at the end it would allow the filtering of the content. {{{#!php <?php echo apply_filters('wp_output', $output); }}} " nextendweb 13 43263 wp_audio_shortcode() preload default: should it be metadata or none? Media 3.6 normal normal Awaiting Review enhancement new 2018-02-08T19:17:59Z 2018-02-08T19:45:50Z "Using this ticket to open a discussion about the `audio` tag’s `preload` attribute defaulting to `none` in `wp_audio_shortcode()`. `none` won’t display the audio’s total time in the player (until the user hits play). So the effect of this default is millions of sites’ players display total times of “00:00”. (You can specify preload as a shortcode attr, but most sites don’t. ) Setting the `preload` attribute to `metadata` does extract and display total time upon page-load. Also `metadata` is both the `wp_video_shortcode()` default and the HTML-spec suggested default (to browser makers): https://developer.mozilla.org/en-US/docs/Web/HTML/Element/audio#attr-preload Bandwidth might be the valid concern, tho, as some browsers preload an excessive amount of metadata (I'm looking at you, Chrome) . See results of tests by @blobfolio: https://wordpress.slack.com/archives/C02SX62S6/p1518116191000138 FYI, the default `'preload' => 'none'` is here: https://core.trac.wordpress.org/browser/tags/4.9/src/wp-includes/media.php#L2223 FYI-2, you can change that with the `wp_audio_shortcode` filter (via regex on the HTML output): https://gist.github.com/hearvox/098774e9887442d39ddc6e34bedb10b1" hearvox 1 43267 "Admin editor ""Insert link"" modal on mobile seems to have incorrect styling" has-patch Editor 4.8.3 normal normal Awaiting Review defect (bug) new 2018-02-09T06:32:50Z 2018-02-14T03:58:54Z "The modal box that pops up when you hit the link button of the editor in text mode is positioned strangely, in a way that on some devices you can't even hit the Add Link button, making it impossible to add a link. I looked at the css and noticed that the modal is in a fixed position in the center of the screen when the screen is big enough (the modal is 500px by 500px), and when the screen is smaller the modal is responsive. The issue seems to be that while the class #wp-link-wrap has a margin-top of -250px to center the modal in the middle, there is a media query ( max-width: 782px ) that specifies a margin-top of -140px. There is a separate media query (max-width: 520px) that's apparently trying to make the modal responsive but because the margin-top: -140px is applied, the modal box is way lower than it should be on mobile. I noticed there is a media query for the height also but that's targeting max-width 520px as well, so any mobile device that has a screen height larger than 520px would have the modal positioned awkwardly. I added a custom css in my admin screen that forces a margin-top of -250px as a quick fix, but I was wondering if this is a styling bug that's going to get fixed. I tested on several version of WordPress that I had access to, and I reproduced this in the latest, as well as versions 4.9.2, and 4.8.3. I checked an older site with version 3.9.2 and on this version the modal has a height of 280px that expands to 500px when I click on ""Or link to existing content"". I'm guessing the -140px margin was a declaration that was written for that version of the modal box that didn't get deleted when the modal box became 500px on default. Sorry if this is duplicate, I tried searching for a ticket that was similar but could not find anything." dannymasao 2 43274 Changing $(comments|feed)_base of WP_Rewrite causes errors because of hardcoded strings in redirect_canonical() needs-unit-tests Canonical normal normal Future Release defect (bug) new 2018-02-09T21:11:37Z 2019-01-14T22:41:57Z "When you change `$comments_base`/`$feed_base` for `WP_Rewrite` instance, URLs with that base will not work because `comments` and `feed` strings are hardcoded in a few places in `redirect_canonical()`. Changing these to use `$wp_rewrite->comments_base` and `$wp_rewrite->feed_base` respectively will fix this issue. NOTE: When testing feed URLs, changing `feed` with `feed_base` in `example.com/feed/` will not work. Feed URLs work in two places: `example.com/(feed|rss2?|rdf|atom)` and `example.com/feed_base/(feed|rss2?|rdf|atom)` ([https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-rewrite.php?rev=42343#L860 see rules]). When you open `example.com/feed/` you match first rule where `feed` is type of feed. You need second rule to test it. There is quick workaround though: {{{#!php add_action( 'after_setup_theme', function() { $GLOBALS['wp_rewrite']->feed_base = 'mycustomfeedbase'; $GLOBALS['wp_rewrite']->feeds[] = 'mycustomfeedbase'; } ); add_action( 'parse_query', function( $q ) { if ( $GLOBALS['wp_rewrite']->feed_base == $q->get( 'feed' ) ) { $q->set( 'feed', 'feed' ); } } ); }}} Don't forget to flush rewrite rules." dimadin 3 43276 Install Progress Button Cover Name of Plugin Plugins 4.9.4 normal normal Awaiting Review enhancement new 2018-02-10T06:57:51Z 2019-02-04T18:12:05Z "Can we, find other position to avoid this visual error? " Marius84 4 43281 "Capitalize ""Set featured image"" media button on Media Modal" dev-feedback Media normal normal Future Release enhancement new 2018-02-10T18:49:38Z 2021-04-27T17:00:40Z "All the button on WordPress are in capitalize form except this ""Set featured image"" button so there should be consistency on all button." monikarao 8 43287 "The text ""immediately"" should be capitalize in publish meta box." has-patch Posts, Post Types 4.9.4 normal normal Awaiting Review enhancement new 2018-02-11T08:55:48Z 2019-11-18T17:36:21Z "If we see in the ""Publish"" metabox, Status and Visibility texts are capitalize. So ""immediately"" text should also be capitalize." jainnidhi 8 43294 Sticky class should be added regardless of where posts are queried Posts, Post Types normal normal Awaiting Review enhancement new 2018-02-12T12:18:27Z 2019-01-16T06:50:09Z "post_class() function is only adding `.sticky` class when `is_home()` is true, basically > ...if the query is for the blog homepage. [http://developer.wordpress.org/reference/functions/is_home/ is_home() reference] Check out [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post-template.php#L512 the code] in [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/post-template.php#L461 get_post_class()] function {{{ #!php 512 // sticky for Sticky Posts 513 if ( is_sticky( $post->ID ) ) { 514 if ( is_home() && ! is_paged() ) { 515 $classes[] = 'sticky'; 516 } elseif ( is_admin() ) { 517 $classes[] = 'status-sticky'; 518 } 519 } }}} This behavior complicates recognizing sticky post when using custom queries, as they're mostly used outside of homepage, which fails `is_home()` check, requiring extra work to add `.sticky` class where it should be. I suggest removing the `is_home()` check from the condition in `get_post_class()` function." Selrond 2 43295 One theme update notice is showing in another Theme Details popup Themes 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-12T12:23:43Z 2021-01-15T12:56:53Z "Steps to reproduce this bug: 1. Go to Appearance -> Themes 2. Click on the ""Update Now"" link showing on theme thumbnail. It will start updating the theme. 3. Now in the same time, click on the Theme Details by hovering over another theme. 4. It will display a popup of the theme details. Hold on few seconds while the theme gets updated. 5. You will see the green ""Updated"" notice in this popup of another theme. See the attached screenshots." ibachal 3 43298 Add filter to hide comment types from showing up in the default query schlessera dev-feedback Comments normal normal Awaiting Review enhancement assigned 2018-02-12T15:05:23Z 2019-01-16T06:50:09Z "Comment types are not something WordPress supports by default. However, there is some data and API support for it. The `wp_comments` table contains a `comment_type` column which can be used for this purpose. The big downside is that by default these will be shown in all comment overview. Both on the frontend and the backend. There are plugins that already do this. The examples that triggered this ticket are [https://github.com/woocommerce/woocommerce/blob/d2e9b366121166c7cb26936bd2c251f3dd7ebd5d/includes/class-wc-comments.php#L110 WooCommerce] and [https://github.com/WordPress/gutenberg/pull/4685/files#diff-df5e27f1866a42a0c24ae7c0b17b1bc6R496 this PR on Gutenberg]. These plugins use the `where` clause in the pieces of the query to make this possible. I propose we add a 'simple' filter that can hide specific comment types from view. If `comment_type` is not queried in any other way, this blacklist will make sure that all comment types in the blacklist are not returned from the query. '''Why not wait for full comment_type support?''' Full `comment_type` support is a much bigger effort. This filter would benefit us in the short run and doesn't conflict with full `comment_type` support." atimmer 1 43303 Providing hooks for html table markups in do_settings_{sections|fields} Administration normal normal Awaiting Review enhancement new 2018-02-13T00:48:48Z 2023-07-03T12:55:58Z "I Apologize if this is silly thing but having hooks may enable customization opportunity for opening/closing table markups of '''do_settings_sections''' and likewise with fields. while maintaining table markups by default for core & other Settings API pages. '''do_settings_sections''' {{{ echo '<table class=""form-table"">'; do_settings_fields( $page, $section['id'] ); echo '</table>'; }}} Something like {{{ do_action( 'do_settings_sections_opening_wrapper_{$page}, 'default_handler' ); }}} " aranwer104 1 43305 Accessibility Issue in Arranging the Menu Items: I need a combobox for selecting the parent item and a combobox for selecting the item position rcreators dev-feedback Menus normal normal 6.6 defect (bug) assigned 2018-02-13T07:03:23Z 2024-03-16T14:06:20Z "Hello I shall firstly thank WordPress team for their utmost attention to accessibility standards, which makes WordPress unique among all CMSs. All WordPress core features are fairly Accessible for me as a blind person who uses screen reader (JAWS), but I always have problems with rearranging the menu items. Although the menu-items are also very accessible for a blind person and I can re-arrange them very well, this process is very time consuming for me, because; for example, if I want to send a menu-item from position 16 to position 11, I have to press “Move Up” 5 times. The problem is: I don’t have any combobox that assigns the mother-item and the item-position. Therefore, I have to adjust the positions by moving each item one by one, level by level. Suppose I have a menu with lots of sub-menus and sub-items. Now, I want to add 6 new sub-items to the different menus. Of course, when I add them to the menu, they are at the end of menu. If I want to bring each item to a certain position near the center of menu, I have to click “Move up” and “Move down” one by one for many many times over and over. It takes me about 2 hours to rearrange those menu items. I hope I could explain clearly. Solution: Beside each menu item, there is a link called “Edit Menu Item”. When I click on the link, a set of options open up: move up, move down, name, etc. I would like to have two other options as well: mother-item, and position. For example, I adjust the mother-item of “Audio Translation” as “Translation”, and I adjust its position to “2”, which means subitem number 2 under “Translation”. I hope I could explain clearly what I mean. If I can adjust the menu positions with comboboxes, I will not have to click “move up” and “move down” many many times. " javad2000 38 43306 Creating site using wpmu_create_blog() without / prefixed with $path causes get_id_from_blogname() to fail. General 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-13T19:55:03Z 2019-04-01T22:10:10Z "The below code will result in `NULL`: $id = wpmu_create_blog( 'example.org', 'example', 'neutralized', 1 ); $result = get_id_from_blogname( 'example' ); But the below code will result in an `int`. $id = wpmu_create_blog( 'example.org', '/example', 'neutralized', 1 ); $result = get_id_from_blogname( 'example' ); The difference is in the 2nd snippet I prefix `$path` with a `/`. Without that being apparent in docs we should strip the need for the `/` or update docs. I found this while writing a unit test, and you can see it changing below: [[Image(http://aubrey.pw/d/2018/BoaRz4J88N.gif)]]" aubreypwd 3 43310 "Generic ""HTTP Error"" when uploading PDFs via Media area" Media 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-14T01:58:49Z 2018-08-19T11:13:16Z "This might be tied in with Ticket #41973. This may also be [https://make.wordpress.org/core/2016/11/15/enhanced-pdf-support-4-7/ tied into this issue], which was previously fixed for 4.7x. Currently using the following code to handle image processing: {{{ // Fix image processing add_filter( 'wp_image_editors', 'change_graphic_lib' ); function change_graphic_lib($array) { return array( 'WP_Image_Editor_GD', 'WP_Image_Editor_Imagick' ); } }}} I've done all the digging around I can. File upload max size is 140 megs (the test PDF I used is only 13 megs). I've done the .htaccess and php.ini tweaks needed to allow plenty of upload time. Images no longer return the arbitrary ""HTTP Error"" after adding the above function. PHP 7.0.27-0+deb9u1 (cli) - This is the latest stable release, [https://packages.debian.org/search?keywords=php7.0 per Debian]. This is what I passed along to our customer: ""You’ll have to “tough your way” into the PDF uploads… after you upload a PDF, give it a few minutes… then do a power refresh on the media gallery (I would recommend you upload it through the media gallery first, rather than using the “Add Media” feature on posts and pages).""" BearlyDoug 11 43313 wptexturise uses the wrong curly quote after a closing link tag Formatting normal normal Awaiting Review defect (bug) new 2018-02-14T10:29:02Z 2018-04-15T18:05:13Z "When an English possessive 's comes immediately after a closing link tag, wptexturise changes it to the wrong kind of curly quote mark. '''To reproduce:''' * Enter some text with a link followed by an 's in your post content, for example {{{ <a href=""http://bbc.co.uk/news"">BBC</a>'s approach }}} * View the post in the front end. '''What I expect''' The filter replaces the straight single quote mark with a right curly apostrophe ’ '''What I see instead''' The filter replaces the quote mark with a left curly apostrophe ‘ " andfinally 2 43318 New filter suggestion for manage_users-network_custom_column Users normal normal Awaiting Review enhancement new 2018-02-14T16:00:50Z 2019-01-16T06:50:09Z "Hi. In a multisite installation, currently a custom column for the users list table uses the filter ''''manage_users_custom_column'''' for both network users admin table and single subsite users admin table. https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/class-wp-ms-users-list-table.php#L398 This is a bit confusing for plugin development since all the other filters and actions used in the network users admin table are based on the $screen->id, which for the network users admin page is ""users-network"". For example the filters: ""'''manage_users-network_columns'''"" and ""'''manage_users-network_sortable_columns'''"" The attached is a suggestion for introducing the filter ''''manage_users-network_custom_column'''', without dropping the support for 'manage_users_custom_colunm." lenasterg 43319 Bootstrap 4 Card issue in backend General 4.9.1 normal normal Awaiting Review enhancement new 2018-02-14T16:35:15Z 2018-02-16T02:47:10Z "Hello, While working in the back-end of WordPress, I noticed that a class of .card is being applied from forms.css which is located in wp-admin. Bootstrap 4 is coming out with cards in the next version. Right now I'm building a Card Builder for use at the CDC. This is causing issues with my card builder and we don't have a very good method of changing core wordpress files in our build process. Therefore, updates will be a nightmare. If the selector .card on line 766 of forms.css was scoped to have another selector in front of it, then we could avoid having to change WP core in our project. For the sake of having this issue pop up again later in the future I would advise prefixing .card in forms.css with form or something else to make it scoped differently. This will help avoid issues with Bootstrap 4 being brought into the back-end of WP. - Jim " jimboobrien 1 43320 Harden API requests against man-in-the-middle attacks Security 3.7.1 low minor Awaiting Review enhancement new 2018-02-14T16:56:47Z 2018-02-18T05:30:49Z "API requests are allowed over standard HTTP if SSL is not correctly configured on the server. That allows those servers to continue updating, rather than being stuck on an old (and potentially insecure) version (r25956). Right now the downgrade triggers a PHP error, but users/devs will only know about it if they check the raw log files, since `WP_DEBUG_DISPLAY` is (hopefully) disabled on production servers. So users in this situation are mostly unaware of the server configuration errors, and the risks associated with unauthenticated API requests. While it's good to avoid trapping them on older versions, there are a few things that we could consider to improve the mitigate the negative side-effects: * Prompt the user to confirm they wish to continue making the request, even though it won't be secure. This would probably need to be paired with a page on the Codex explaining the problem, and giving them a message they can copy/paste to send to their hosting provider. Normally we would avoid burdening the user with technical details like this, but this instance might be worth an exception, given the security concerns? Maybe instead of linking to the Codex, we could build a user-friendly debugging/health-status page in Core? * Only downgrade to HTTP for essential requests, like Core/plugin/theme updates. This would shrink the attack surface, but it may still be wide enough that it's not worth it hurting UX. Additionally, [https://core.trac.wordpress.org/ticket/42004 Events API requests could indirectly lead to users learning about best practices for picking a better host]. * Any other ideas?" iandunn 2 43324 query_vars is not necessarely representative of the final query_vars used to build the SQL query Query normal normal Awaiting Review enhancement new 2018-02-14T23:53:57Z 2019-01-16T06:50:09Z "I've recently stumbled upon a case here where the post_type query_var changes over the process of the query building process, and the change is not reflected in the query_vars variable of the query. On the section highlighted [https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-query.php#L2067-L2088 here] (sorry for pasting a GitHub link, i just wanted to use the section highlighting feature), you can see that if there's no post_type set in the query, but you're querying taxonomies (eg a tax archive query), the post_type is set (using a separate variable), and then used on the [https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-query.php#L2345-L2366 following section] to build up the where statement. In my opinion all of the query_vars modified during the process should be reflected in the query_vars variable, so you can after see the actual value being used for querying (on the {{{posts_request}}} filter for example). You can see [https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-query.php#L2152-L2160 here] a section where the {{{$q['author']}}, {{{$q['author__in']}}} and {{{$q['author__not_in']}}}. These is an example of changes that are not reflected in the query_vars (since there's no call to fill_query_vars after all this extra parsing, sanitizing, and defaulting process is made). Let me know your thoughts." msaggiorato 43326 Delay when setting Featured Image Post Thumbnails 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-15T00:09:47Z 2018-02-15T03:49:14Z "When setting a Featured Image on a page/post, there's a delay of a few seconds after choosing the image. If you hit the page/post Update button before the Featured Image is displayed, it won't be saved. Perhaps disable the Update button until the featured image has finished setting." bluesix 43328 Add support for Web App Manifests westonruter* General normal normal Future Release feature request accepted 2018-02-15T09:33:11Z 2019-03-01T13:44:17Z "Per [https://developer.mozilla.org/en-US/docs/Web/Manifest MDN]: > The web app manifest provides information about an application (such as name, author, icon, and description) in a JSON text file. The purpose of the manifest is to install web applications to the homescreen of a device, providing users with quicker access and a richer experience. > > Web app manifests are part of a collection of web technologies called progressive web apps, which are web applications that can be installed to the homescreen of a device without needing the user to go through an app store, along with other capabilities such as being available offline and receiving push notifications. For populating the manifest: * `description` can be pulled from the `blogdescription` * `name` can be pulled from `blogname`. * `background_color` can be pulled from the `custom-background` theme support. * `lang` can be pulled from the site locale. * `icons` can be pulled from site icons. A filter can be present for themes and plugins to augment the manifest. See also #36995 for adding service worker support to core." westonruter 10 43331 Color picker breaks admin panel in many templates close Administration normal normal Awaiting Review defect (bug) new 2018-02-15T13:05:04Z 2022-12-02T11:42:09Z "The error prevents the document from beign saved. '''Console error:''' color-picker.min.js?ver=4.9.4:1 Uncaught TypeError: Cannot read property 'addClass' of undefined at a.(anonymous function).(anonymous function).close (https://www.szybkiangielski.pl/wp-admin/js/color-picker.min.js?ver=4.9.4:1:3088).... '''Error is caused by line 316 in color-picker.js''' this.inputWrapper.addClass( 'hidden' ); '''I corrected the code by replacing the code with:''' if(typeof this.inputWrapper !== ""undefined"") { this.inputWrapper.addClass( 'hidden' ); } '''This stops the error, page can now be saved and color picker works fine''' " grzecho 13 43334 Include Post/Page status when restoring the previous revision General normal normal Awaiting Review feature request new 2018-02-16T01:07:32Z 2018-02-16T20:05:03Z "I noticed page/post status is not included in the restore previous version. Would be a great addition to the next build. Thanks" necromuncher 1 43341 Proposal: new cache helper functions Cache API normal normal Awaiting Review enhancement new 2018-02-17T01:48:59Z 2018-02-17T01:48:59Z "[https://github.com/stevegrunwell/wp-cache-remember I just tagged version 1.0.0 of WP Cache Remember], which is a small WordPress library that adds six new functions: * `wp_cache_remember()` * `wp_cache_forget()` * `remember_transient()` * `forget_transient()` * `remember_site_transient()` * `forget_site_transient()` These functions all follow the same pattern, with two each for the WP object cache, transients, and site transients, respectively. The goal is to reduce this common pattern: {{{#!php function get_some_value() { $cache_key = 'some-cache-key'; $cached = wp_cache_get( $cache_key ); if ( $cached ) { return $cached; } $value = new WP_Query( /* ... */ ); wp_cache_set( $cache_key, $value ); return $value; } }}} ...to something easier to manage: {{{#!php function get_some_value() { return wp_cache_remember( 'some-cache-key', function () { return new WP_Query( /* ... */ ); } ); } }}} Of course, if the function is being used in WordPress core or anywhere else that needs to support PHP 5.2, any callable — not just closures — could be passed. The function is based on [https://laravel.com/docs/5.6/cache#cache-usage Laravel's Cache::remember() method] and is extremely useful for themes or plugins that are regularly making use of the object cache, transients, and/or site transients. The underlying code uses existing cache API functions, and thus won't require any modification in existing object cache adapters. The complementary function, `wp_cache_forget()` will retrieve and empty the cache value, saving developers a step if they only want a cached value to be returned once (for instance, a ""flash"" message). [https://github.com/stevegrunwell/wp-cache-remember#readme The GitHub README file has a full description of each function and its arguments], along with 100% test coverage. If there's any interest in including some or all of these helpers in core, I'd be more than happy to put together a PR." stevegrunwell 43347 Introduction of 'has_single' register_post_type parameter Posts, Post Types normal normal Awaiting Review feature request new 2018-02-18T18:28:45Z 2022-07-19T09:48:55Z "I have done some research but have not been able to find anything exactly on this issue. I frequently encounter use cases where I need to create a CPT with the following characteristics: 1) disable the slug display/editor from the admin post edit page (this is for usability. It is not used and having it available/displayed can confuse website editors) 2) maintain the archive page is viewable on the front end 3) disable the single page for the CPT on the front end I have found some partial solutions like this https://wordpress.stackexchange.com/questions/128636/how-to-disable-the-single-view-for-a-custom-post-type but setting `'publicly_queryable' => false` would disable the archive view. The `register_post_type` function includes the `has_archive` parameter. Is it possible to introduce a `has_single` parameter which will achieve the desired functionality stated above? I feel this can be beneficial in many cases, to the extent it is worthwhile introducing as a core feature. " stevepuddick 2 43348 Filter by 'Authors' option in wp-admin/edit.php?post_type=page Posts, Post Types normal normal Awaiting Review feature request new 2018-02-18T21:21:44Z 2018-02-20T15:03:56Z "Hey! Currently, I am able to filter by posts created by myself, It would be handy to have the option to filter by other authors contributing to the site, to keep track of who has posted what. Possibly an author drop down could be added which lists all Authors and a filter button to show their posts, similar to how the page is currently styled." lkhwt96 2 43352 Make html5 standard rather than opt in for theme development Themes normal normal Awaiting Review feature request new 2018-02-19T11:36:10Z 2019-01-16T06:42:42Z "Currently when you want to have WordPress output valid HTML5 code for certain elements ('search-form', 'comment-form', 'comment-list', 'gallery', 'caption') you have to specifically add support in functions.php via add_theme_support( 'html5', […]) to opt in for use in your theme. I propose to make these 5 elements HTML5 by default, HTML5 support in modern browsers are more than adequate and most, if not all, modern themes use HTML5 code. The HTML5 standard is also stable. WordPress should output these elements in HTML5 by default rather than having developers opt in, by now the situation should be the other way around, you should opt out if you for some unknown reason would rather not have HTML5 code." kkalvaa 2 43356 create is_403 function Query 4.9.3 normal normal Awaiting Review feature request new 2018-02-19T13:48:04Z 2018-02-19T16:04:07Z Create is_403() function and the ability to create a 403.php file in template to customize the page that visitors see when there try to access to a private content when there not loged in. fabienlege 1 43360 Third parameter for get_option function to return default value instead of empty string close Options, Meta APIs 4.9.4 normal normal Awaiting Review enhancement new 2018-02-19T21:47:16Z 2022-05-26T10:20:04Z "`get_option($option, $default = false)` function returns empty string if the required field exist but doesn't contain any value e.g. NULL or empty string. For example, there is an option field 'test' exist in the option table but without any value(NULL or empty). Now `get_option('test', 'Hello World')` function will return an empty string as it is; from the database but developer may be expecting ""Hello World"" in return. To avoid this situation third parameter may be introduced for `get_option()` function which will decide to return NULL/empty-string or default value. Here is my proposed solution `get_option( $option, $default = false, $return_null = true)` Now calling `get_option('test', 'Hello World', false)` function for above problem will return default value which is '''Hello World'''. wp-includes\options.php file requires little changes to address the above enhancement." farhan.noor 2 43363 Twenty Seventeen: Custom URL for Header Video Bundled Theme 4.9.4 normal normal Awaiting Review feature request new 2018-02-20T04:52:11Z 2021-09-01T16:44:00Z "Good Day On the bundled theme Twenty Seventeen Version: 1.4. You are only able to upload a video under the Appearance / Customize / Header Media section. This results in video content being served from the Base URL. i.e. <script type='text/javascript'>var _wpCustomHeaderSettings = {""mimeType"":""video\/mp4"",""posterUrl"":"""",""videoUrl"":""https:\/\/www.stratuscloud.co.za\/wp-content\/uploads\/2017\/06\/Flying.mp4"",""width"":""2000"",""height"":""1200"",""minWidth"":""900"",""minHeight"":""500"",""l10n"":{""pause"":""<span class=\""screen-reader-text\"">Pause background video<\/span><svg class=\""icon icon-pause\"" aria-hidden=\""true\"" role=\""img\""> <use href=\""#icon-pause\"" xlink:href=\""#icon-pause\""><\/use> <\/svg>"",""play"":""<span class=\""screen-reader-text\"">Play background video<\/span><svg class=\""icon icon-play\"" aria-hidden=\""true\"" role=\""img\""> <use href=\""#icon-play\"" xlink:href=\""#icon-play\""><\/use> <\/svg>"",""pauseSpeak"":""Video is paused."",""playSpeak"":""Video is playing.""}};</script> Thus it does not currently seem possible to serve the video from a CDN. https://cdn.stratuscloud.co.za/wp-content/uploads/2017/06/Flying.mp4 vs https://www.stratuscloud.co.za/wp-content/uploads/2017/06/Flying.mp4 Is it possible to override this value on database or file level or would this require an additional feature to be added to the Theme?" fbotha 1 43366 _default_wp_die_handler() Need filter code for update css style. reporter-feedback Administration 4.9.4 normal normal Awaiting Review feature request new 2018-02-20T10:49:46Z 2020-12-20T01:14:28Z "wp-includes\functions.php Line no 2768. " ravipatel 4 43372 $wp_query->max_num_pages return value as float Query 4.9.4 normal trivial Awaiting Review defect (bug) new 2018-02-20T16:32:40Z 2022-02-10T15:13:40Z "As a page number, Integer would make more sense than Float. This is not a big problem but kinda annoying when you do strict comparison on this value. since no one will define a page number as float." ironghost63 5 43383 Allow menu items to be inserted in place Menus 4.9.4 normal normal Awaiting Review feature request new 2018-02-21T23:47:20Z 2019-02-11T22:01:04Z "When adding menu items to a menu, they default to the bottom of the menu and then need to be dragged into the desired position. This can be time consuming when adding a lot of menu items and can also result in inadvertent changes to the position of existing menu items. My proposal is that you can select a menu item or sub-item already in the menu before adding new items to the menu and when you add the new item, it inserts itself directly under the selected item." aaronpwd 3 43390 "get_super_admins() should not return ""admin"" by default" has-patch Networks and Sites 3.0 normal normal Awaiting Review defect (bug) new 2018-02-23T01:29:44Z 2018-02-25T14:07:57Z "The function `get_super_admins()`, introduced in [14206], returns an array of users with network admin capabilities. Those are stored in the `site_admins` network option. If, for any reason, that network option does not exist, `get_super_admins()` will return a one-element array containing ''""admin""'' instead. See [https://core.trac.wordpress.org/browser/tags/4.9/src/wp-includes/capabilities.php#L761 line 761] in `wp-includes/capabilities.php`. {{{#!php return get_site_option( 'site_admins', array('admin') ); }}} This goes back to a time when `admin` was the default username for the first WordPress user. Since administrators are now discouraged from using ''admin'' as a username, `get_super_admins()` should return an empty array by default: {{{#!php return get_site_option( 'site_admins', array() ); }}}" thomaswm 2 43391 WP_User_Query bug Query 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-23T09:47:47Z 2018-03-03T08:44:40Z "I've got an issue when doing a query with WP_User_Query and trying to list from a specific role AND using 'orderby' => 'post_count'. The query simply fails to list the correct results. Here are the query arguments: {{{#!php <?php $args = array( 'fields' => array( 'ID', 'user_login', 'display_name' ), 'role' => 'expert', 'number' => $numPosts, 'offset' => $page > 1 ? $numPosts : 0, 'order' => 'DESC', 'orderby' => 'post_count' ); }}} If I remove the 'role' argument from the query it works, but with the 'role' included it doesn't. " zkingdesign 5 43393 get_user_by can return wrong user info Users normal normal Awaiting Review defect (bug) new 2018-02-23T14:38:13Z 2018-02-23T15:26:42Z "I am using memcached object cache dropin (I use https://tr.wordpress.org/plugins/memcached/) and there is two user record on wp_users table; one user's user_login is 'AlbertEinstein' other one's is 'Albert Einstein'. So there is two different user. But these codes below are returning always same user's info; AlbertEinstein's info. {{{ $user_data = get_user_by('login', 'Albert Einstein'); }}} {{{ $user_data = get_user_by('login', 'AlbertEinstein'); }}} It happens because of memcached protocol; For installs that use the memcache/memcached object-cache drop-in (and possibly others), the resulting wp_cache_get always returns false since a memcached key ""... must not include control characters or whitespace."" (per [https://github.com/memcached/memcached/blob/master/doc/protocol.txt]) (this copied from #39034)" hberberoglu 2 43394 wpautop inserts extraneous line breaks if hard return around commented content Formatting 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-23T20:02:19Z 2020-06-15T00:19:38Z "Problem: If one has code comments before content in a WordPress post/page and there are hard returns before and after the code comment, WordPress will insert an extraneous line break. Further, if there are hard returns between multiple comments an extraneous line break will be added. This problem can be reproduced by doing the following: 1. Edit a WordPress post or page. 2. Add a code comment with hard returns before and after it such as: {{{ <!-- My Code Comment--> }}} 3. Publish/preview the page. 4. Use Inspect to examine the area where you placed the above comment and you'll notice an extra line break. This may seem like a very edge case and a minor annoyance, but we ran into this issue recently when we had multiple code comments following each other like so: {{{ <p>Some regular content here.</p> <!-- This is Important --> <!-- Don't Forget This --> <!-- Why are you Forgetting? --> <!-- Adding individual comments for each line is --> <!-- fun! --> <p>Some regular content here.</p> }}} An extraneous line break now becomes four line breaks. This becomes quite confusing for editors as when they look at the post the extra returns are not apparent yet inserted when the page is actually posted. I'm thinking that resolving this issue might also resolve many other cases of wpautop gone rogue. My suggestion would be that wpautop be changed so that: 1. If there is a code comment with a hard return before and after the comment, it does not automatically add wpautop. (one can argue that this is behaving as expected, but I doubt many are thinking when they add a code comment that it will add a nice line break for them...and in any case, this can be much more obviously/easily remedied by inserting a <br> in the editor if one truly did want a line break caused in this manner, whereas it can be quite time consuming to discover why extra line breaks are mysteriously appearing) 2. Similarly, with shortcodes, if the shortcode is tested valid then don't add line breaks with wpautop around the shortcode. " davidshq 1 43395 Add Automated E2E Tests for Core Updates Upgrade/Install normal normal WordPress.org task (blessed) new 2018-02-23T20:10:48Z 2020-03-04T11:21:34Z "This is a follow up to the issues introduced in #43103 and described in https://make.wordpress.org/core/2018/02/06/wordpress-4-9-4-release-the-technical-details/ Essentially, due to the way automated updates work, we need automated tests that can confirm they are working. Due to the code loading path differences between phpunit, wp-cli, wp-cron, and the WordPress UI, it's important that this test work as close as possible to the way the majority of sites are autoupdated. " jorbin 15 43403 Improve wp_add_inline_script() Script Loader normal normal Awaiting Review enhancement new 2018-02-24T12:47:09Z 2018-02-24T12:47:09Z "Just an idea for the moment: Instead of testing if the js has script tags and adding an error messages but also fixing the problem at the same time, why not accept both. If the passed data has tags just leave them (this would potentially fix #40276) and if not surround the code with plain `<script>` tags." alpipego 43408 Dashboard screen after login when session logout reporter-feedback General 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-24T18:08:05Z 2020-11-17T05:49:41Z Sometimes when session is logout and if we again login to the dashboard then it shows the attached screen. jainnidhi 2 43413 wp_prepare_attachment_for_js missing image size medium_large Media 4.9.4 normal normal Future Release defect (bug) new 2018-02-25T18:54:29Z 2019-04-15T18:12:50Z "I have a function that creates a media size in case the size is called but is missing in meta. https://gist.github.com/danyj/2edb3d83bae4c363bf839f0dd5f1343f usage {{{ thz_create_missing_attachment_size(13031,'medium_large'); }}} every missing file size is recreated and exists in by wp_prepare_attachment_for_js size key except the media_large because it is missing here. https://github.com/WordPress/WordPress/blob/dfa68397063daf90a8758896693f137f9b981856/wp-includes/media.php#L3297-L3304 Basically if meta has been updated the wp_prepare_attachment_for_js is not checking for sizes but manually goes by that array . Not sure if the missing size key is left out on purpose but when you compare the wp_prepare_attachment_for_js to wp_get_attachment_metadata the data is not same " Themezly 1 43416 Function to Maybe Convert Tables to InnoDB Upgrade/Install normal normal Awaiting Review feature request new 2018-02-26T04:02:09Z 2023-04-17T13:32:55Z "We already have a function called {{{maybe_convert_table_to_utf8mb4()}}}, so I think it might make sense to have one to convert the table engine to InnoDB. This could be really useful for developer who want to convert tables they have added, and core can use it on core tables during upgrades. We can have checks in place for making sure the install is running MySQL 5.6.4 or higher. {{{ maybe_convert_table_to_innodb() }}} " bhubbard 3 43421 The $capabilities argument in the `add_role()` function is incompatible with `user_can` needs-unit-tests Role/Capability 4.9.4 normal normal Awaiting Review enhancement reopened 2018-02-26T17:19:26Z 2018-03-20T17:21:03Z "Reproduce: Add a role to WP using `add_role()`, and pass it custom capabilities using the third argument. Like: {{{#!php <?php $userCaps = [ 'read', 'my_cap', ]; add_role('my_new_role', 'My New Role', $userCaps); }}} Create a user of said role. Then: {{{#!php <?php $user = new WP_User($id_of_created_user); return user_can($user, 'my_cap'); // returns false, expected return true }}} If, alternatively, I create my role this way: {{{#!php <?php $userCaps = [ 'read', 'my_cap', ]; $role = add_role('my_new_role', 'My New Role'); foreach($userCaps as $cap) { $role->add_cap($cap); } }}} And repeat testing, it returns true as expected. This has to do with how the caps are saved. The first way, when capabilities are retrieved in `WP_User::has_cap()`, they look like this: {{{#!php <?php array(4) { [0]=> ""read"", [1]=> ""my_cap"", [""my_new_role""]=> bool(true) [""exist""]=> bool(true) } }}} And when done via `add_cap`, they look like this: {{{#!php <?php array(4) { [""read""]=> bool(true) [""my_cap""]=> bool(true) [""my_new_role""]=> bool(true) [""exist""]=> bool(true) } }}} The subsequent `empty` array check is true for the first, and false for the second. " eclev91 6 43425 WP_Mail BCC and CC - RCPT TO Errors Mail 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-26T22:15:08Z 2018-02-26T22:15:08Z "Adding BCC and CC Fields are having inconsistent results. Undeliverable emails, incorrect ""RCPT TO"" Addresses in SMTP Communication etc. ""RCPT TO"" is being set to ""Message-ID"". See Tests Below - I tested with standard PHP Mail and wp_mail If anyone has any pointers that would be great. Windows Server 2012R2 IIS: 8.5 PHP: 7.0.9 WP: 4.9.4 No special plugins or code. Test 1: Standard PHP Mail with CC Field {{{ $headers = 'From: Test <help@myname.com>' . ""\r\n"" . 'cc: myotheremail@myname.com'; $to = ""myemail@gmail.com""; $subject = ""TEST SUBJECT""; $body = ""Test""; if (mail($to, $subject, $body, $headers)) { echo(""Message successfully sent""); } else { echo(""Message sending failed""); } }}} Results Both emails received. Content looks ok ---- Test 2: Standard PHP Mail with BCC Field {{{ $headers = 'From: Test <help@myname.com>' . ""\r\n"" . 'bcc: myotheremail@myname.com'; $to = ""myemail@gmail.com""; $subject = ""TEST SUBJECT""; $body = ""Test""; if (mail($to, $subject, $body, $headers)) { echo(""Message successfully sent""); } else { echo(""Message sending failed""); } }}} Results: Both emails were received However. The body of each email now has the letter ""b"" appended to the content. Body Content {{{ b Test }}} Is something in WP causing this or is this an issue in Windows PHP?? ---- Test 3: WordPress wp_mail with CC Field {{{ $headers = 'From: Test <help@myname.com>' . ""\r\n"" . 'cc: myotheremail@myname.com'; $to = ""myemail@gmail.com""; $subject = ""TEST SUBJECT""; $body = ""Test""; if (wp_mail($to, $subject, $body, $headers)) { echo(""Message successfully sent""); } else { echo(""Message sending failed""); } }}} Results CC never received - SMTP Log file shows: [2018.02.26] 16:46:04 [55583] CMD: RCPT TO:<945dc26bed6e74aeec984fc4ae828e32@myname.com> Why did the CC field get changed? It looks like the ""CC"" Field is now the ""Message-ID"" as they are the same now. Gmail received the copy as expected. ---- Test 4: WordPress wp_mail with BCC Field {{{ $headers = 'From: Test <help@myname.com>' . ""\r\n"" . 'bcc: myotheremail@myname.com'; $to = ""myemail@gmail.com""; $subject = ""TEST SUBJECT""; $body = ""Test""; if (wp_mail($to, $subject, $body, $headers)) { echo(""Message successfully sent""); } else { echo(""Message sending failed""); } }}} Results Same as Test 3 -- The BCC Field ""RCPT TO"" command became the ""Message-ID""?? Gmail received the copy but still had the letter ""b"" appended into the message body. Any ideas, pointers etc? Suspecting Bug in WordPress or Windows PHP. " JWGarber1725 43428 Improve CORS headers sent to REST Api requests REST API normal normal Awaiting Review enhancement new 2018-02-27T14:24:18Z 2023-04-24T13:21:03Z "Currently some CORS headers are not sent correctly for REST API requests. This doesn't break anything yet, but can be improved for better performance. The problematic headers are these: - `Access-Control-Allow-Headers` and `Access-Control-Allow-Methods` need to be sent just to preflight requests, meaning just on requests with OPTIONS method. Now they are sent back on any REST API request, which is unnecessary - `Access-Control-Allow-Methods` doesn't need to list the OPTIONS method. Preflight requests are made to check what's allowed, and OPTIONS requests are allowed by default. Current setup says something like 'I allow myself', as the preflight request is already a OPTIONS request There's more detailed info here https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS, but the relevant part is this (it doesn't have an anchor for direct link): (Note: as described below, the actual POST request does not include the Access-Control-Request-* headers; they are needed only for the OPTIONS request.) The proposed changes are: 1. Move header `Access-Control-Allow-Headers` from `serve_request` https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/class-wp-rest-server.php#L239 to `rest_send_cors_headers` https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api.php#L536 making it easier to control the CORS headers from only one place, with one hook 2. Remove OPTIONS keyword from `Access-Control-Allow-Methods` 3. Send `Access-Control-Allow-Headers` and `Access-Control-Allow-Methods` only on request with OPTIONS method (preflight), as it's the place where they are necessary 4. While sending the Allow headers, include `Access-Control-Max-Age: 600` for caching the preflight requests, thus improving the performance for next requests (less requests between browser & server when requesting same data). Timing can be changed 5. ''Optional'' - Include `Content-Disposition` in `Access-Control-Allow-Headers`, enabling direct file upload (requested in other tickets as well) Why? To follow recommended specs for CORS and make the REST API work as expected with web apps All proposed changes were tested in the last few months on a fleet of ~500 websites with different web clients for managing WordPress data. Everything works fine" andrei.igna 4 43433 mixed-content for install page stylesheets Upgrade/Install 4.9.1 normal normal Awaiting Review defect (bug) new 2018-02-28T09:01:34Z 2020-12-18T19:11:22Z "I am trying to install wordpress 4.9.1 on my https website but the browser (chrome 64.0.3282.186 & firefox 58.0.2) gives me mixed-content error when loading wp-admin/install.php and the page looks broken. after installing wordpress I cannot login with my given username and password and default page seems broken too" mimke 3 43437 Add way for registered users to request deletion or anonymization of their private data dev-feedback Privacy 4.9.6 normal normal Future Release enhancement new 2018-02-28T16:04:55Z 2020-10-17T07:54:02Z "All registered users can edit or delete most of their data in WordPress like name, nickname, email, site, etc. The only exception is they cannot delete or anonymize their own account. Generally a registered user can contact an admin and request this, but it would be better to have a standard ""procedure"" to do that. It will need to be confirmed to avoid misuse. A good way to do that would be to have a simple button on the user profile screen where the user can request anonymization. Clicking it will email the user a confirmation link, similar to the password reset link. When clicked, it will load wp-admin again and will send email to the site admin. " azaozz 43 43444 CSS Editor Error Not Displaying Correctly reporter-feedback Customize 4.9 normal normal Future Release defect (bug) new 2018-02-28T22:55:14Z 2019-12-05T04:48:01Z "Every time I’m making a change in the custom CSS I get this annoying message that should only appear when I’m ready to publish changes. When I click publish and there’s errors, that’s when this notification needs to appear. I get it when I’m in the process of editing CSS and it always throws off my position when and I lose the location of where I was editing. It’s even worse when Inspect Element is pulled up. It should ONLY be giving me an error message when I’m going to publish the CSS changes. It’s literally notifying me of errors when I’m not finished editing the CSS. When I click “Publish” it needs to be notifying me of errors and then to confirm, not make me lose my placement and give me an error when I’m not even finished writing out what I need to… Screen capture: https://www.youtube.com/watch?v=cWyD4cYfpEA" nistuj817 3 43445 Wildcard `LIKE` support for `WP_Meta_Query` (and maybe other queries?) Query normal normal Awaiting Review defect (bug) new 2018-03-01T04:09:44Z 2018-03-02T16:15:22Z "Passing `LIKE` as the `compare` parameter for a meta query (or `compare_key`, after [42768]) results in what is essentially a ""contains"" query for the literal `value` (or `key`) string. So: {{{ array( 'compare' => 'LIKE', 'value' => 'foo', ) }}} becomes `WHERE ... value LIKE '%foo%'`. MySQL `LIKE` wildcard characters `%` and `_` are escaped, so it's not possible to do a non-standard anchored search, or any other custom `LIKE` query. It would be nice if you could pass a string like `foo%` and have the wildcard characters respected. A few considerations: 1. Syntax. A potential solution is suggested in https://core.trac.wordpress.org/ticket/42409#comment:14. Another possibility is a filter for enabling the ""non-escaped"" version 2. Security. I'm unsure that there's a way to do this without introducing security issues, specifically around the `%` character. Any potential patch would need serious review." boonebgorges 1 43451 Disallow objects as meta values Options, Meta APIs 4.9.2 normal normal Awaiting Review feature request new 2018-03-01T13:01:21Z 2018-03-01T14:13:31Z "OK, I know this is probably going to be closed before anyone even reads it, but I recon it's worth to at least try and spark a discussion. As probably many people know at this point meta functions do not like backslashes. For some reason (probably db related) meta and option add / update functions run all values through `stripslashes_deep`, which means they expect the input values to be slashed. Actually this ""requirement"" seems to be undocumented even though it's here since version 3.something, why, that's beyond me. So, imagine you're a noobie WordPress developer and for some reason you have a backslash in a string you want to persist (happens more often than one might think), so you go ahead and run the following code: {{{#!php $value = 'hello \world'; update_user_meta(get_current_user_id(), '_test', $value); $meta = get_user_meta(get_current_user_id(), '_test', true); var_dump($value, $meta); }}} You save `hello \world` and expect to get `hello \world` back, but surprise surprise, the backslash is gone. So you start scratching your head, dig through stackoverflow or the source and you discover `$meta_value = wp_unslash($meta_value);`. You think this isn't right, but who are you to argue with software that's here for more than 10 years already. So, now, you are a bit more ""experienced"" and know you need to run all your values through `wp_slash` **before** you pass it to the meta functions. Then one day you need to save an array, you read through the docs which doesn't seem to forbid it, so you glance at the source and see `$meta_value = maybe_serialize( $meta_value );` - YES! - you say, you can pass basically anything and WordPress will take care of the serialization, awesome! So, now you run: {{{#!php $value = [ 'hello' => 'again \world' ]; update_user_meta(get_current_user_id(), '_test', wp_slash($value)); $meta = get_user_meta(get_current_user_id(), '_test', true); var_dump($value, $meta); }}} Which results in the same input you gave it, now that you know you need to slash everything. You weren't sure `wp_slash` could actually handle arrays, but it does, so life's good! Later on you mature even more and decide you want to save whole objects now. You know about serialization, so no worries here, right? You adapt your previous code and try to run the following: {{{#!php $value = new \stdClass(); $value->hello = 'world \again'; update_user_meta(get_current_user_id(), '_test', wp_slash($value)); $meta = get_user_meta(get_current_user_id(), '_test', true); var_dump($value, $meta); }}} ...and you get `Warning: addslashes() expects parameter 1 to be string, object given in`. Turns out `wp_slash` can't handle objects :| Alright, maybe you don't need it, so you remove it aaand the slash is gone. Then you look at the code and realize now the slash is gone even from your original object! What the... So trying to store an object as a meta value is not only not gonna work properly, but it's also going to mess with your original object! So, what then? Serialize it into a string before and after? OK, you serialize the object so it's just a string now, then run it through `wp_slash` to fix the slashes issue and then give it to the meta function: {{{#!php $value = new \stdClass(); $value->hello = 'world \again'; update_user_meta(get_current_user_id(), '_test', wp_slash(serialize($value))); $meta = unserialize(get_user_meta(get_current_user_id(), '_test', true)); var_dump($value, $meta); }}} Whew, finally everything works just fine, even though you're not absolutely sure you've covered all possible cases making sure nothing can ever go wrong again. ---- So, can anyone elaborate on this a bit more? Why are slashes such a big problem when it comes to options and meta, shouldn't the value just be converted to a string and then treated as a black box all the way up to when it needs to go in the database? Why does object serialization cause so much trouble? You can't seriously expect users to be aware that their objects are going to be deepslashed to death, values of properties modified to god-knows how deep, and be okay with it. If meta functions can't handle objects, just don't allow objects, shift the responsibility to the user, but be blunt about it. Don't say, //it's okay, we're gonna take care of serialization for you//, then strip the slashes off of properties of deep objects which might not even be part of WordPress whatsoever. This is a debugging nightmare. Lastly I would like to apologize for my tone, but I've dealt with this issue for years now. There are bug reports opened 7 years ago that still haven't been resolved properly. If nothing else it's really surprising to me that we're at 4.9.4 and such a mundane activity (persisting objects in meta) can cause so much trouble. Is it just me having these issues? Does no one else serialize stuff?" tonybogdanov 1 43453 heartbeat_received filter requires data in order to execute reporter-feedback Plugins 3.6 normal normal Awaiting Review defect (bug) new 2018-03-01T15:38:38Z 2022-02-26T22:34:38Z "With regards to the heartbeat api, the plugin developer handbook states: Not every feature will need all three of these steps. For example, if you don’t need to send any data to the server, you can use just the latter two steps. But this does not seem to be the case given this line of of [https://core.trac.wordpress.org/browser/tags/4.9/src/wp-admin/includes/ajax-actions.php#L2808 wp_ajax_heartbeat]. This makes it less useful if you just want to include some new data on an interval. It requires an approach like: {{{ #!javascript $( document ).on('heartbeat-send', (e, data) => { data.wouldLikeFilterToTrigger = true; }); $(document).on('heartbeat-tick', (e, data) => { // do something with data generated by filter console.log(data); }); }}} If you omit the send event, the filter on the server never runs. It seems like this constraint should be lifted, or at the very least the documentation should be updated." brianscaturro 1 43456 `wp_html_split` <script> Shortcodes normal normal Awaiting Review defect (bug) new 2018-03-02T08:07:52Z 2018-03-02T08:07:52Z "The following valid HTML post content yields unexpected `wp_html_split` results: {{{ <script>1 < 4</script> <p>Welcome</p> }}} Expected: {{{ array( '', '<script>', '1 < 4', '</script>', '' ) }}} Got: {{{ array( '', '<script>', '1 ', '< 4</script>', '' ) }}} Somewhat related but invalid cases: #39153, #40191" soulseekah 43457 `wp_html_split` valid HTML attributes issues has-patch Shortcodes normal normal Awaiting Review defect (bug) new 2018-03-02T08:25:56Z 2023-11-22T15:40:07Z "There are a handful of valid HTML attributes that shatter `wp_html_split`. Since it works by looking for the `<` character we can break it in many ways, starting from: https://mathiasbynens.be/demo/crazy-class https://mathiasbynens.be/demo/html5-id And ending in the less exotic and crazy: {{{ <span data-content=""<p>abcd</p>"">loading...</span> }}} Same goes for CSS attribute selectors in <style> tags. Related #43456, #39153, #40191" soulseekah 3 43464 Search Options in Customizer Customize normal normal Future Release enhancement new 2018-03-04T07:05:30Z 2021-05-30T17:34:24Z "If a theme has more than few settings, finding the setting gets frustrating at times. A search functionality in the customizer will be helpful. Here is a plugin that we have developed as a POC: https://wordpress.org/plugins/customizer-search/ But I believe, it will benefit if it is added in the core. " brainstormforce 2 43469 Native Site Icon feature in Customizer is outdated Customize 4.3 normal normal Future Release enhancement new 2018-03-04T14:17:06Z 2021-05-31T15:07:39Z "Hi, The native Site Icon feature in Customizer is outdated and should be updated. Windows: 1) There's only 1 Windows Tile (270x270px). To cover newer devices there should be a delcaration for the small, medium, wide and large Tile. Source [https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/samples/dn455106(v=vs.85) here]. 2) There should be a colorpicker for the Windows Tile. 3) Because the wide Windows Tile is rectangular (310x150px), there should be an additional file input for this Tile. 4) To overwrite the prefered XML browser configuration file, this should be added: {{{<meta name=""msapplication-config"" content=""none"" />}}} Regarding 2 and 3 check attachment. iOS: 5) Instead of using {{{rel=""apple-touch-icon-precomposed""}}} it's more common to use {{{rel=""apple-touch-icon""}}} nowadays. Example: {{{<link rel=""apple-touch-icon"" sizes=""180x180"" href=""/apple-touch-icon.png"">}}} Guido " Guido07111975 10 43476 Fix parentheses in post status links for RTL dev-feedback Administration normal normal Awaiting Review defect (bug) new 2018-03-06T11:07:18Z 2018-03-06T13:28:33Z "When switching to a RTL language, the parentheses in the post status links can become mixed up, when the status is not translated. '''How to replicate the issue?''' Switch to e.g. the ''Azərbaycan dili'' language that is missing the ''Draft'' post status translation. '''Where to see the issue?:''' Visit the {{{wp-admin/edit.php}}} and check out the parentheses in the ''Draft'' post status link. " birgire 3 43482 Draft Posts Throw 404 on Preview when Supporting post_format Post Formats 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-07T01:07:03Z 2018-03-07T01:07:03Z "A client is reporting that they're not able to preview drafts of some of the custom post types we have running on their site. The issue is not occurring for all post types on their site. I believe I've traced the issue to the fact that the errant post types support ""post_format."" The preview URL that gets generated when I preview the ""ask-the-expert"" post is: https://www.sitename.com/?post_type=ask-the-expert&p=4063&preview_id=4063&preview_nonce=ebffa07dd9&post_format=standard&_thumbnail_id=-1 That above URL throws a 404 page. When I pull out the 'post_format=standard' part of the query, so that the URL looks like: https://www.sitename.com/?post_type=ask-the-expert&p=4063&preview_id=4063&preview_nonce=ebffa07dd9&_thumbnail_id=-1 then the preview loads correctly. Interestingly, just for giggles I also tried: https://www.sitename.com/?post_type=ask-the-expert&p=4063&preview_id=4063&preview_nonce=ebffa07dd9&_post_format=standard&_thumbnail_id=-1 and that also worked as it should. (notice the added underscore before 'post_format.' For now I think I'm just going to disable post formats for the offending post types, but methinks I found a bug. " marklavin 43484 WordPress Notification Center proposal dev-feedback Users normal normal Awaiting Review feature request assigned 2018-03-07T11:48:10Z 2024-03-14T13:06:35Z "For a long time people have been suggesting / daydreaming / [https://twitter.com/Ipstenu/status/966411791134699520 wishing for] a unified notification center in WordPress. People expect it, the notification center has become a staple of almost all apps/sites that have a lot to keep track of - and WordPress definitely fits in that lineup. So there’s no reason not to add one to WordPress core too. This ticket aims to explore the details of such an implementation. I think clear limitations, a good backwards compatibility strategy and a strong UX are key to make this work for everyone. Key features: - One location for all notifications. - Easy to hook into, should work out of the box. - Flexible enough to be useful, limited enough to not get a circus. - Accessible from anywhere. - Accessible in the a11y sense. Here’s my first basic idea for notification properties, feel free to chime in: - A text field, limited to 280 characters, the length of a tweet. Probably wouldn’t want one notification to get so long that it fills up the whole visible sidebar. Links can be added to the text to trigger actions or visit pages, same as now basically. - A timestamp. - An icon. Could be the plugin icon, author avatar, or something like a category/message type, like info, warning, question, error, update, stuff like that, to visually distinguish notifications quickly. - A status, meaning read or unread basically. - Persist/show as toast. A suggestion by Joen Asmussen. Shows the notification outside the notification center for a set amount of time in a floating div. Similar to what Android/MacOS/Windows does when a notification comes in. Maybe only WordPress itself can throw notices like that. Probably not for MVP anyway. I created a quick interactive proof-of-concept in Sketch that you can view here. Desktop: https://sketch.cloud/s/AZz0M/all/notification-center/desktop/play Mobile: https://sketch.cloud/s/AZz0M/all/notification-center/iphone-8-plus/play Riad Benguella got excited by this idea and built a basic plugin to test it in your own WordPress install. https://github.com/youknowriad/newtify, and also a previous exploration at https://wordpress.org/plugins/wp-notification-center/. Developing this as a plugin is a great way to explore the best implementation, and any help is more than welcome. Some discussion points to get this started: - Can we agree on a set of notification properties that provide a consistent experience and that plugin authors can be happy with? - Which notification categories can we define, and should it only ever be possible to assign a category, or are plugin authors allowed to supply icons for their own notifications too? - How best to approach the backwards compatibility so we don’t break (all) existing admin notices? Can some type of conversion be made? - Is it enough to only show the notifications in the sidebar, or should there be a separate notifications page, maybe with filtering? (Probably not for MVP at least) - Are there any essential features missing from the list? " hedgefield 49 43489 Strengthen resilience of wp_register_plugin_realpath to support Gutenberg needs-unit-tests Plugins normal normal Awaiting Review defect (bug) new 2018-03-07T18:25:25Z 2020-12-01T05:24:00Z "For many years now I've been working in a Windows development environment with multiple subdirectory installs referencing plugins using symlinks. Every now and then I get problems due to plugin files apparently not being present when they quite clearly are. I have not been able to track it down. I think it's a bug in PHP associated with OpCache. Anyway, the bottom line is that sometimes this problem, or something similar, results in the `$wp_plugin_paths` array containing entries with a null value for `$realdir`. This can lead to the following: `Warning: strpos(): Empty needle in C:\apache\htdocs\hm\wp-includes\plugin.php on line 658.` This message has the uncanny knack of happening at the most inappropriate times. Now, with Gutenberg looming, the problem is further reducing my ability to create content locally; Gutenberg can't handle the unexpected Warnings and Notices from a development server and fails. See https://github.com/WordPress/gutenberg/issues/5439 To reduce the likelihood of the problem I'd like to propose a change to `wp_register_plugin_path()` to cater for a false value being returned from the `realpath()` PHP function. The proposal being that if `$plugin_realpath` does appear to be null, then don't add an entry in `$wp_plugin_paths`. This change will prevent the warning message being issued from plugin_basename()'s test {{{ if ( strpos( $file, $realdir ) === 0 ) { }}} and therefore increases the robustness of the system. Bottom line. - `realpath()` may return false. - This should be catered for. " bobbingwide 3 43492 Core Telemetry and Updates dev-feedback Upgrade/Install normal normal Awaiting Review enhancement new 2018-03-07T20:37:53Z 2018-10-10T19:56:13Z "It has been discussed on the #gdpr-compliance and the question had made it's cycle around some other rooms with various replies as well occasionally but it's time to take a final decision. When WordPress requests updates it sends more than enough data needed to actually perform the update. We did a search a bit at some point to take a glimpse of the past and how all those got added in there and why but couldn't find anything specific. There's already a way to modify the call through https://developer.wordpress.org/reference/hooks/core_version_check_query_args/ (and may be more as well) but the concept here is to have everything off by default and add a proper UI and opt-in for the Admins to select what exactly they want to send." xkon 71 43494 Can't change/delete menu items in Customizer on mobile audrasjb* Menus normal normal Future Release defect (bug) accepted 2018-03-07T23:30:18Z 2023-01-06T12:25:28Z "On mobile/tablet browser (only Android, Chrome browser tested), menu items can be added and reorganized, but the drop-down toggle for further options doesn't work. As a result menu items cannot be removed. To reproduce: 1. Log in to admin in mobile / tablet browser 2. Go to Customizer -> Menus 3. Add menu item to a menu 4. Attempt to edit / delete menu item Originally reported by community user Sue Jenkins on Twitter: https://twitter.com/LuckychairNews/status/969682449176211456" mor10 8 43496 CS: Fix disabled for user-edit.php has-patch Users 4.1 normal normal Future Release defect (bug) new 2018-03-08T06:42:24Z 2019-03-24T17:02:12Z "Many apologies if this is a duplicate. I have searched but did not find it yet posted. According to W3C specifications and as per HTML Coding Standards( https://make.wordpress.org/core/handbook/best-practices/coding-standards/html/#quotes ) handbook all attributes must have a value, and must use double or single-quotes." mukesh27 11 43502 `WP_REST_Posts_Controller::prepare_item_for_response()` doesn't reset postdata after calling setup_postdata() has-patch REST API 4.9.4 normal normal Future Release defect (bug) new 2018-03-08T16:45:41Z 2023-06-09T11:19:36Z "Hi all, I seem to have stumbled upon a small oversight in `WP_REST_Posts_Controller::prepare_item_for_response()` , where it doesn't reset postdata after calling `setup_postdata()`, rendering this part of the API useless for developers who want to use this API in their custom code. Ran into it while writing a custom function, that uses this part of the API to convert a regular post object into an object that matches the json scheme of the API. I’ve fixed it temporarily by doing setting `$GLOBALS[ 'post' ] = $original_post_id` in my function (and by passing `original_post_id` as parameter to my function) - but it seems to me that this should be fixed in core. {{{#!php function convert_post_object_to_rest_response($post) { global $wp_rest_server; $post_type = get_post_type_object($post->post_type); $request = WP_REST_Request::from_url(rest_url(sprintf('wp/v2/%s/%d', $post_type->rest_base, $post->ID))); $request = rest_do_request($request); $data = $wp_rest_server->response_to_data($request, isset($_GET[ '_embed' ])); return $data; } }}} It returns the right data, which is great - but when i in turn use this function to supply a field in one of my endpoints with this dat, all fields below it seem to inherit the ID i’ve passed. i’ve traced this back to `WP_REST_Posts_Controller::prepare_item_for_response`, where it’s doing a `setup_postdata` call without resetting it later. For now i’ve fixed it by setting `$GLOBALS[ 'post' ] = $original_post_id` in my function (and by passing `original_post_id` as parameter to my function), but I figured i'd report it here so it can be fixed from the core. " gerbenvandijk 19 43505 Display of html encoded text in dashboard. Plugins normal normal Awaiting Review defect (bug) new 2018-03-08T21:59:56Z 2018-03-08T22:57:45Z "I have discussed the issue in this thread https://make.wordpress.org/polyglots/2018/02/26/hello-18/, I report here the issue of the display of the text in UI, not the editorial choice of the translation itself. In fr_FR and fr_CA, there where changes done (last year?) to accomodate french ponctuation typographic rules but also, I guess, make sure the text doesnt fall on two line inadvertantly (ex. ""text !"", so a non-breaking space is inserted instead of a space). This non-breaking space is inserted as html encoded entity and it looks like it is displayed as is, without decoding like it is visible in this exemple screenshot : https://imgur.com/a/iVy9h " anonym999999 43531 $content_width and Add Media (+ twentyseverteen?) Media 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-12T20:07:38Z 2019-01-21T22:04:59Z "I apologize in advance if this isn't a bug. However, I couldn't seem to find any documentation on the expected behavior (e.g., there's nothing on the codex page for the image_size_names_choose filter). None the less, it certainly feels odd / awkward. When adding an image (to a post / page), the size setting select (Add Media > Attachment Display Setting > Size) doesn't feel quite right. I understand the relationship between (global) $content_width and this setting. That is, the <img> tag's width= is forced / maxed to the $content_width (if the image is wider than the $content_width). I see this happening for the size = large images, as well as any image sizes I've added via add_image_size() that are too wide. However, it (i.e., the forced max width=) doesn't happen to the size Medium when the Medium width is set wider than the content width. Perhaps this is intentional? Theme was twentyseventeen. Unfortunately, I've haven't had time to try to reproduce this on another theme. The size Medium was set to 800 x 800. I'd like to suggest the Settings > Media page display the current $content_width, as well as explain a bit, as well as link to a deeper explanation. As it is, a user can select a theme, blindly set the image sizes (not realizing who they actually map to the theme), and then be hit with the experience (?) described above, AND have no idea why. Truth be told, it took me too long to figure this out. Somehow I've managed to avoid $content_width. Too many custom themes maybe? :) Or am I just missing something about the intent of what otherwise feels like a sloppy experience? I hope this helps. TIA " ChiefAlchemist 3 43535 wp-mediaelement.min.js?ver=4.9.4:1 crashes, making the Widgets in customize.php unusable General 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-13T09:57:51Z 2018-03-13T10:29:44Z "When accessing **wp-admin/customize.php** with a live preview, I am unable to add menu items or to switch between ""Text/Visual"" for the text widgets. At the first sight, it seems to be a problem with Javascript. The console looks like having an error with the media gallery - `Uncaught TypeError: Cannot read property 'indexOf' of null` (see screenshot for details). [[Image(https://cloudup.com/cLbAt2w2Kas)]] There is also a second error in the console - which does not seem related - but it may prove helpful: `Error parsing header X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube: insecure reporting URL for secure page at character position 22. The default protections will be applied.` I have also disabled live preview with a `die()`, the situation is the same - which makes me think the error is more related to the way media gallery interprets some part of the content while rendering customize.php. Everything works smoothly for **wp-admin/widgets.php** (no Javascript errors). There may be other sections that are affected, but I can confirm these two: * Widgets > Footer X > Any text widgets: cannot switch between Visual and Text (stays blocked on Visual) * Menu > Main Menu > Add items: items are not clickable (and the first one is not folded). Browser: Chrome 64.0" radual 4 43536 Network registration page sabernhardt* has-patch Login and Registration normal normal Future Release defect (bug) accepted 2018-03-13T10:23:17Z 2022-09-27T23:04:14Z "Hi, The registration page for the WordPress Multisite version, has, inside its body, the class page-id-xxx where xxx is the id of the page_on_front. This is in my opinion a bug, and makes impossible to customize this page via CSS because every rule will be also referred to the page_on_front. Then it should be useful to have a custom css on the body of the network registration page, something like network-registration-page. Thanks." SGr33n 10 43538 'No items,' should be considered to display when no Most Used Category is available has-patch Menus normal normal Awaiting Review enhancement new 2018-03-13T13:01:34Z 2019-01-16T06:50:09Z "In Menus editor, for all types `No items.` message is being shown when no item is available for respective type. I know that this use case severity is too low, Most Used category will be blank only when no post is available but so the Post test case is. In case of posts we are showing this message `No Items.` I have created the patch, before applying the patch it was showing blank under most used tab." juhise 2 43539 Custom feed types breaks redirect_canonical behavior SergeyBiryukov has-patch Canonical 4.9.4 normal normal Future Release defect (bug) reviewing 2018-03-13T15:54:47Z 2022-11-01T03:24:16Z "Hi. There's plugin ""fb-instant-articles"" which adds ""instant-articles"" feed type for facebook. final url looks like http://localhost/feed/instant-articles. But because ""redirect_canonical"" doesn't respect custom feed types it triggers 301 redirect to http://localhost/feed/instant-articles/feed/instant-articles/. ""instant-articles"" is registered with $wp_rewrite->feeds but this property isn't respected in ""redirect_canonical"" method: http://take.ms/kq0zJ http://take.ms/cbRPm We need there to support custom types too like that for example: http://take.ms/ljija " satantime 25 43540 srcset not added when the original image size doesn't exist in the database after regeneration Media normal normal Awaiting Review defect (bug) new 2018-03-14T02:54:09Z 2024-02-27T18:54:22Z "Suppose you have a post where you've inserted a 'large' image size. Any other image sizes of the same proportion are added to the srcset on the front end. Now, change the 'large' image size to something else, and regenerate thumbnails (using the plugin, CLI, etc). The image in the post continues to work (since plugins / CLI tend not to delete non-existing sizes from the file system precisely because they may be embedded in posts). However, it no longer receives any srcset - because the src_matched variable never gets set to true in `wp_calculate_image_srcset`. Can the src_matched logic be adjusted to cover this case?" smerriman 5 43544 Pages over 999 in archive return 404 reporter-feedback Rewrite Rules 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-14T11:09:15Z 2019-02-21T03:22:21Z Whenever you have more than 3 digits page numbers WordPress returns a 404. catalinnita 3 43560 Entering single quotes in Add Media dialog after recropping causes browser to hang has-patch Media 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-15T14:46:23Z 2020-02-19T16:46:40Z "'''To reproduce''' * Create a draft and insert an image into the content. * In the Visual editor, click on the image to get the tooltip image edit menu, then on the pencil icon to edit the image. * In the Image Details dialog click the ""Edit Original"" button to edit the image. * In the Edit Image dialog, click and drag on the image to create a cropping zone. * Click the crop icon in top left above the image to crop it. * Click the ""Save"" button below the image to save the crop. * Back on the Image Details dialog, try to enter several single quotes in the Alternative Text input. Tap your single quote key six or seven times. '''What I expect to see''' * I am able to continue entering text in the image dialog inputs, even if I'm prevented from entering a single quote. '''What I see instead''' * I am unable to enter any text in any of the dialog's inputs. * In most cases the page seems to lock for some time - I'm unable to interact with it at all: I can't refresh or close it normally. The Chrome task manager shows 101% CPU usage for the tab. * There are no JS errors in the console, and no requests in the network tab. * On some occasions, after leaving the page for several minutes, it eventually unlocks by itself, and some of the characters I typed in my earlier attempt to enter text are output wherever I happen to have my cursor. '''Notes''' It looks like some piece of JS is somehow capturing the keypresses in the Alternative Text input. This was reproduced in macOS and Windows Chrome 64 and macOS Chromium 62 (the Chromium with no browser extensions) on a fresh checkout of WordPress v4.9.4. It doesn't happen in FF55." andfinally 9 43564 TinyMCE bookmark not removed Editor 4.9.4 normal normal Future Release defect (bug) new 2018-03-16T00:57:23Z 2020-02-07T15:40:05Z "If cursor is placed between <iframe> and </iframe> in text mode each time I switch from Text to Visual mode what i guess (from editor.js code) is bookmark is added and not removed, it just keeps stacking with each change. code that appears between tags is: {{{ <span data-mce-type=""bookmark"" style=""display: inline-block; width: 0px; overflow: hidden; line-height: 0;"" class=""mce_SELRES_start""></span> }}} Here is example to replicate bug: {{{ <iframe width=""100%"" height=""450"" style=""border: 0;"" src=""https://www.google.com/maps/embed/v1/place?key=xxxx&q=NewYork"" frameborder=""0""></iframe> }}} Note: If possible, please use valid key and query, i had to remove them for demonstration, but bug happens even with this code. Paste that code in Text mode, click between >< of ""></iframe>"" and switch to Visual mode, then switch back to Text mode (do not click anywhere in Visual mode). Every time this is repeated, it just keeps adding mentioned code. My humble guess is that this is happening because Visual is generating map preview from iframe tag so it can not detect that same place in code when it is switched back to Text mode." waterlord93 3 43569 Post not updated in backend Posts, Post Types 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-16T17:18:47Z 2018-03-24T16:45:37Z "Hi, posts are not updated in backend panel. After edited the post's contend anche clicked the ""Update"", the older version of the post is reloaded." emmeci 2 43571 `add_feed` with regex characters breaks rewrite rules SergeyBiryukov needs-unit-tests Rewrite Rules normal normal Future Release defect (bug) reviewing 2018-03-18T17:44:20Z 2019-01-16T03:54:36Z `add_rule( 'test.json', ... )` does not get escaped with `preg_quote`. Fine for this example, but something like `add_rule( 'test[json]', ... )` will definitely yield unexpected results. Something like `add_rule( 'test???', ... )` will break the whole feed (maybe even more) regular expression. soulseekah 1 43578 Unexpected MYSQL data format dev-feedback Database 4.9.4 normal normal Future Release defect (bug) new 2018-03-19T19:36:00Z 2020-02-03T18:01:45Z "When I use field `user_id` in `$wpdb->insert` it set value to Integer, but the table I add data into has `user_id` text field. It works normally only if `format` parameter specified. Example: {{{#!php <?php $wpdb->query(""CREATE TABLE {$wpdb->prefix}_test (`id` INT, `user_id` VARCHAR(16))""); $wpdb->insert(""{$wpdb->prefix}_test"", ['id' => 1, 'user_id' => 'stringKey']); print_r($wpdb->get_row(""SELECT * FROM {$wpdb->prefix}_test WHERE id = 1"")); }}} Result: `stdClass Object ( [id] => 1 [user_id] => 0 )`" loranrendel 4 43585 Dynamically created setting not received on previewer reporter-feedback Customize normal normal Future Release defect (bug) new 2018-03-20T14:38:12Z 2019-12-15T04:40:24Z "I try to create dynamic setting & control on customizer, but setting is not propagated on previewer when setting created. Setting that dynamically created will only available on previewer when previewer refreshed. i create a simple plugin to explain this issue : https://gist.github.com/jegbagus/e6bfe04fe45f4fa91b1fdc1c3b5b7a89 please take a look at browser console to see the message" jegbagus 2 43588 Anonymize commenter IP address once a comment is no longer pending needs-unit-tests Privacy normal normal Awaiting Review enhancement new 2018-03-20T19:06:12Z 2019-01-09T19:17:26Z "A commenter's IP address is stored with each comment. The commenters IP address can often be used to identify a single individual or device at a location. To enhance commentor's privacy, and to reduce the amount of personal data stored by a WordPress site in preparation for upcoming laws like the GDPR, this issue proposes that once a comment transitions out of pending, core WordPress should zero the commentor's IP address final octet similar to how Google Analytics Anonymizes IP addresses The rationale for keeping it while a comment is pending is to continue to allow anti-spam access to the IP address which can be used to detect spam. The rationale for keeping all but the last octet is to still allow statistics to be gathered about the general geographic location of commenters based on the first three octets of the IP address." allendav 21 43589 WPDB Update change NULL values to acceptable values has-patch Database normal normal Awaiting Review defect (bug) new 2018-03-20T19:43:32Z 2019-01-17T01:19:44Z "Hello, I'm creating a plugin in which i need to create a new SQL table, that I connect to REST API. My table has several fields that can't be NULL and some that can be NULL. If i do the update via the wpdb object (cf. below), NULL fields are updated with a NOT NULL value that I've never typed (a float that can't be NULL become 0.00000, a date -0001-00-00, ....). The expected behaviour would be to not update the line because the request is not OK. If I allow NULL values on these fields, values are NULL. It's like if somewhere the value was changed to be accepted by the sql engine. NB: the generated request is OK, when i access to the wpdb->last_query value. --------- code example --------- global $wpdb; $wpdb->update($table, $fields, $where, $fieldsformats, $whereformats); where $fields = array(""mynotnulldate""=> null, ""mynotnullfloat"" => null); Dorian " dorianrd 4 43597 Modify template-loader engine Themes normal normal Awaiting Review enhancement new 2018-03-21T09:54:15Z 2019-10-04T21:01:33Z "Hi, I think it would be useful if the functionality of the template-loader.php file that determines the template to load were added directly to the template_include filter with priority 1, so that it will be accessible using a function. I have found the need in some projects in which I load the WordPress core from an external application, since once the core is loaded, it is necessary to include the template_loader.php file and it is not possible just to obtain which would be the template to load (and not ley ir load)." chespir 7 43598 site-options notoption only queried and never set in not multisite wordpress installs SergeyBiryukov dev-feedback Options, Meta APIs 4.9.5 normal normal Future Release enhancement reviewing 2018-03-21T10:08:34Z 2019-09-23T23:15:04Z "We have notoptions mechanism that works well. WordPress core does also query $network_id:notoptions regardless of multiste. However, such option is set only in multisite installs. As a result, if you are not running multisite, you are only querying for $network_id:notoptions and you never set it. It beats the idea of notoptions - we read it, but we never set it - what's the point? Possible solutions: - read $network_id:notoptions only in multisite installs - set $network_id:notoptions also in not multisite installs" Grzegorz.Janoszka 4 43601 Improve error messaging when activating multisite users has-patch Users normal normal Awaiting Review enhancement new 2018-03-21T16:15:56Z 2019-01-16T06:50:09Z "We had a user on a multisite network try to activate their account and the only error message you get it ""Could not create user"". This is not helpful. We had to go digging through core to figure out why. Right now it uses wpmu_create_user() which returns false if wp_create_user() returns an error, instead of returning the error message from wp_create_user(). An easy improvement would be for wpmu_create_user() to return this error message instead. I've created a patch for a starting point. Will involve discussion over how much we want to update messaging for other interactions that use wpmu_create_user()." bamadesigner 43604 Add option to completely disable syndication feeds Feeds normal normal Awaiting Review enhancement reopened 2018-03-21T21:04:46Z 2019-01-16T06:50:09Z "Some site owners do not want to provide RSS/Atom/whatever feeds, for various reasons. Right now, there is no way to globally disable feeds. The current way to disable feeds involves: - hiding feed URLs from the end user (by removing the ""Meta"" widget from the sidebar and removing the feed links from the header) - filtering the functions that write the feed URLs - disabling feed endpoints by deleting the array containing the feed types in WordPress core - hooking in to the `do_feed_x` actions to redirect the user to a 404 See for example the instructions for disabling feeds one user provides [https://wordpress.stackexchange.com/questions/33072/how-to-remove-feeds-from-wordpress-totally here]. It would be nice if there was a setting in `options-reading.php` to disable syndication feeds altogether, which disables display and generation of the feeds across the whole site." seanleavey 2 43608 Display missing module error for GD when on Media Settings Media 4.6 normal normal Future Release enhancement new 2018-03-22T06:16:06Z 2019-04-15T18:22:33Z "When WordPress is installed on a server is [http://php.net/manual/en/book.image.php missing the GD PHP image library], there should be an admin level warning displayed on the Media Settings admin page. Without the GD module there will be '''no intermediate image sizes created when images are uploaded in the media library''' (the media gallery just uses the full image size by default) [https://pasteboard.co/Hd2hc9L.jpg Without Admin Notice] The Media Settings page should display an admin warning / error that tells the user that they're missing that module and without it no intermediate images will be created. The whole page talks about the various images size and without GD none of these settings will be used for anything. I've created a simple gist that displays an admin notice if the '''GD library isn't loaded''' and the current user is on the '''Media Settings''' page. [https://pasteboard.co/Hd2hVdk.jpg With Admin Level Notice] [https://gist.github.com/simonrcodrington/be60b6daae0b966a559878c4ba16d9d0] This has come up a few times now where images haven't been created in the media library and no one has known why. Sometimes hosting providers don't include this extension or they are just not loaded. Having an admin level notice here would make sense. " simonrcodrington 1 43611 Duplicate _ajax_nonce input cause conflict between find_post_div and post_custom_div Administration 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-22T18:39:18Z 2018-03-22T18:39:18Z "I ran into the error today. Here is the situation On Post edit page, I’ve added the FindPost functionality. I’ve included find_posts_div using the admin_footer hook, as normal. It is added to 2 custom post types without custom-fields support and to the regular Post post type. It worked flawlessly on both custom post types, but the ajax call to get the post list from inside the Post edit page, sent back a 403. I’ve isolated the problem to the _ajax_nonce value, which was different from the 2 others post types. After checking the source of the admin page, I saw that there was 2 _ajax_nonce fields, and that the value sent to Find-Posts query was the _ajax_nonce from the Custom-Post-field. More over, I’ve checked and both _ajax_nonce inputs share the same ID (_ajax_nonce). Poor media.js can’t find the right one on line 107. So, they must be differentiated. Easiest fix would be to change the ID of the _ajax_nonce input in FindPostDiv. Further more, the Post Custom div interface creates duplicate #_ajax_nonce for each custom fields (at least with the same value). Feel free to create another ticket for this." charlesstpierre 43613 Default post format setting does not respect theme support Post Formats normal normal Awaiting Review defect (bug) new 2018-03-22T22:20:39Z 2023-08-01T16:30:49Z "In `options-writing.php`, the `Default Post Format` setting does not check whether the current theme supports the built-in formats. Would it not be more intuitive if only the formats supported by the current theme were in the list to select? Then a description could be added underneath to say ""these are the formats supported by the currently selected theme"". Alternatively, there could be a filter added to `get_post_format_strings` in `wp-includes/post-formats.php` to allow themes/plugins to remove available formats from this list. " seanleavey 3 43617 Nonce invalid messages non-informative, needs changed General normal normal Awaiting Review enhancement new 2018-03-23T10:34:11Z 2021-05-21T10:47:38Z "As a followup to the ""Cheating uh?"" patch that has gone into WP 4.9.5, I think the message for an invalid Nonce can be improved. I often run into the situation where I leave a webpage open for a day, planning to respond with a comment or something similar. By the time I post something, the Nonce is invalid. I then get an empty page with ""Are you sure you want to do that?"". I think ""Yes"" and reload the page, only to have the same error. I get slightly annoyed at the UI and have to hit the Back-button of my browser, which needs active thinking. I think I am not alone in this. It is not just spammers hitting these messages. And I think it can be improved. I think it would be good to explain what happened, even if it is too technical. The Nonce was invalid, and that needs to be conveyed. I am just not sure how what is a fitting message for most users while still informative. ""The Nonce on the page did not validate. If you are sure you want to do this, please go back and try again."" might be a better message. It could be followed by a backlink taking you back to the previous page. That could be based on the HTTP Referrer. If that is not available, a link with JavaScript with a 'history.back()' could do this job. I am not sure if that last option will refresh the page and thus the Nonce. " mpol 3 43618 get_the_excerpt breaking wp-json API Posts, Post Types 5.0 normal normal Awaiting Review defect (bug) new 2018-03-23T13:35:23Z 2019-01-17T01:18:57Z "When creating a dynamic block for Gutenberg I added this code to a plugin: {{{ register_block_type( 'my-plugin/latest-post', array( 'render_callback' => 'my_plugin_render_block_latest_posts', ) ); function my_plugin_render_block_latest_posts( $atts ) { $output = ''; $args = array( 'posts_per_page' => 3, ); $query = new WP_Query( $args ); if ( $query->have_posts() ) : while ( $query->have_posts() ) : $query->the_post(); $output .= '<li>'; $output .= get_the_excerpt(); $output .= '</li>'; endwhile; wp_reset_postdata(); else : $output .= 'No posts found.'; endif; return $output; } }}} For some reason, get_the_excerpt is causing this error in /wp-json/wp/v2/posts: Fatal error: Maximum function nesting level of '256' reached, aborting! in /app/public/wp-includes/plugin.php on line <i>899</i> When I remove get_the_excerpt() or replace it with get_the_content() the error disappears. I use 'Local by Flywheel' and this is happening on PHP5.6 and 7" DannyCooper 43621 Introduce `add_action_once` and `add_filter_once` sugar. dev-feedback Plugins normal normal Awaiting Review feature request new 2018-03-23T17:49:45Z 2018-04-06T17:12:29Z "It is often useful (especially when writing tests for filters, actions) to run a callback only once, regardless of how many times the filter/action is actually applied/done. {{{ add_filter_once( 'test_action_once', '__return_true' ); $this->assertTrue( apply_filters( 'test_action_once', false ) ); $this->assertFalse( apply_filters( 'test_action_once', false ) ); }}} This would allow developers to run anonymous callbacks that remove themselves from the filter after running once. This can currently be done with the following ugly workarounds: {{{ add_action( 'run_many_times', function() { // do stuff once and self-destruct remove_action( 'run_many_times', current( $GLOBALS['wp_filter'][ current_filter() ]->callbacks[ 10 ] )['function'] ); } ); }}} or {{{ $once = null; add_action( 'run_many_times', $null = function() use ( &$once ) { // do stuff once and self-destruct remove_action( 'run_many_times', $once ); } ); }}} This is '''not''' a duplicate of #38743, the concept is different, the naming is the same, yes. Non-clashing names here? - `​add_self_destructing_filter()` - `add_ephemeral_filter()` open to other suggestions :)" soulseekah 4 43622 Improve error messages General normal normal Awaiting Review enhancement new 2018-03-24T01:50:09Z 2019-03-23T04:08:11Z "Audit and improve error messages throughout core. Many errors contain generic text (something went wrong, expired link warnings) without further explanation, in these cases further details can be added. Others could do with a wholesale rewrite to improve clarity for non-technical users and/or shift blame away from the user - `Slow down cowboy, no need to check for new mails so often!`, for example. Follow up to #38332, related #43617. " peterwilsoncc 4 43626 Searching for tags using slugs work for English but does not work for Arabic Taxonomy 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-24T07:37:41Z 2018-03-26T06:55:22Z "If i have created a tag with name: tag1 and slug: slug1 then searching for slug1 will return tag1 in the results, if i do the same thing but with Arabic then tag1 will not be returned. Which means that searching for tags using slugs work for English but not for Arabic - probably for all other languages that don't use English characters Here is how to reproduce the bug 1) create a new tag: name: tag1, slug: slug1 2) create a new tag: name: تاج1, slug:سلج1 3) search for tags using ""slug1"" phrase => tag1 will be in the results 4)search for tags using ""سلج1"" phrase => تاج1 will '''not''' be in the results I have done the previous steps in a fresh installation of WordPress. " ehabsan 4 43630 HAVING without GROUP BY in /wp-admin/includes/template.php has-patch Administration 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-25T16:09:42Z 2020-04-15T22:39:03Z "I found in file /wp-admin/includes/template.php, that used HAVING without GROUP BY. It's syntax correct for MySQL {{{#!php <?php 614 $sql = ""SELECT DISTINCT meta_key 615 FROM $wpdb->postmeta 616 WHERE meta_key NOT BETWEEN '_' AND '_z' 617 HAVING meta_key NOT LIKE %s 618 ORDER BY meta_key 619 LIMIT %d""; }}} Official MySQL doc say: ''""HAVING is merged with WHERE if you do not use GROUP BY or aggregate functions (COUNT(), MIN(), and so on). '' But this incorrect for other databases. Such as SQLite say it's wrong, when using WP with it. Maybe in this case, need replace 'HAVING' on 'AND'? After replace like: {{{#!php <?php SELECT DISTINCT meta_key FROM $wpdb->postmeta WHERE meta_key NOT BETWEEN '_' AND '_z' AND meta_key NOT LIKE %s ORDER BY meta_key LIMIT %d }}} It's work!" vsvlad 1 43634 WP_Query returns wrong result if 10+ search terms and all negative. Query normal normal Awaiting Review defect (bug) new 2018-03-26T15:09:42Z 2019-01-17T01:18:05Z "Set up: create single post with title or body ""Don't match this one!"" Use WP_query with 's' parameter: {{{ -one -two -three -four -five -six -seven -eight -nine -ten }}} WP_Query will find and return the single post and it shouldn't. Less than 10 negative search terms works fine. I believe it has to do with a special 'if clause' in the function '''parse_search''' in ''class-wp-query.php'' {{{ // if the search string has only short terms or stopwords, or is 10+ terms long, match it as sentence if ( empty( $q['search_terms'] ) || count( $q['search_terms'] ) > 9 ) { $q['search_terms'] = array( $q['s'] ); } }}} this makes {{{ JPH q['search_terms'] : Array ( [0] => -one -two -three -four -five -six -seven -eight -nine -ten ) }}} and later in the function the search variable becomes {{{ JPH search variable is: AND (((testsite_posts.post_title NOT LIKE '{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}one -two -three -four -five -six -seven -eight -nine -ten{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}') AND (testsite_posts.post_excerpt NOT LIKE '{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}one -two -three -four -five -six -seven -eight -nine -ten{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}') AND (testsite_posts.post_content NOT LIKE '{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}one -two -three -four -five -six -seven -eight -nine -ten{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}'))) AND (testsite_posts.post_password = '') }}} " johnh10 43635 Allow to (only) store users in an external user database/backend has-patch Users 4.9.4 normal normal Awaiting Review enhancement new 2018-03-26T16:06:39Z 2018-03-26T16:18:02Z "Hi, I'm busy on a project where I want to use an external user backend. Various solutions exist to mirror the user database to a remote service, but my goal was to have an entirely empty wp_users and wp_usermeta table. If my wordpress installation were to be compromised, this would provide an extra layer of security. I was pleasantly surprised by the vast number of hooks that were already present to accommodate this, and only a few small modifications were necessary to also support my use case. Please see the attached patch. Feedback is appreciated, of course." freeaqingme 43641 Media controls in the media grid are too wide Media 4.9 normal normal Awaiting Review defect (bug) new 2018-03-27T11:14:37Z 2018-10-02T16:56:31Z "The audio and video player that's shown when viewing an individual media item in the media grid displays a control bar which is too wide for its container. Tested in latest Chrome, Firefox, and Safari on macOS." johnbillion 2 43642 Gallery titles and labels erasing reporter-feedback Gallery 4.9.5 normal normal Awaiting Review enhancement new 2018-03-27T11:42:19Z 2022-05-26T22:23:13Z "It would be great to have some ""erase all titles and labels"" button when creating new gallery. Especially when you create large one with 50 or more pics. It's very frustrating to do it manually on every imported photo." marcinmichno 3 43653 Allow to filter the final message of signup user notification email Networks and Sites 4.9.5 normal normal Awaiting Review defect (bug) new 2018-03-28T14:18:11Z 2023-06-08T08:56:08Z "When a signup user notification is sent, we cannot filter the final message contained in $message. We can only filter one part of the message. This prevent us to send nice formatted emails using HTML (to send a formatted email, we need add include the message inside an HTML template)." benoitchantre 2 43654 "Silence ""JQMIGRATE: Migrate is installed with logging active, version x.y.z""" close General low trivial Awaiting Review defect (bug) new 2018-03-28T14:56:40Z 2021-11-17T19:05:55Z "jQuery Migrate annoyingly announces itself in the console when it loads. This message is not useful. Can we silence it? `JQMIGRATE: Migrate is installed with logging active, version 1.4.1`" markjaquith 8 43658 Media attachment filter drop-down mime types in grid mode is not properly filtered by available mime types Media 4.9.4 normal normal Future Release defect (bug) assigned 2018-03-29T07:07:42Z 2023-10-18T16:51:19Z "In '''Gird''' mode media attachment filter is not properly filtered by available mime types, it shows all mime types by default via - {{{ get_post_mime_types() }}} But in '''List mode''' its already filtered by checking {{{ if ( ! wp_match_mime_types( $mime_type, $avail_post_mime_types ) ) { continue; } }}} " itzmekhokan 18 43663 Unit Test test_theme_file_uri_returns_valid_uri fails on directories with spaces dev-feedback Build/Test Tools 4.9.5 normal normal Awaiting Review defect (bug) new 2018-03-29T22:15:47Z 2018-03-30T20:56:09Z "Setting up PHPUnit and running the unit tests for the first time produced some failures because I was running from a directory with spaces in the name (WordPress Unit Tests). 4 assertions in total failed, but all 4 of them reference the same function, here is one of the examples: {{{ 1) Test_Theme_File::test_theme_file_uri_returns_valid_uri with data set #0 ('parent-only.php', 'theme-file-parent', array('theme-file-parent')) Failed asserting that two strings are identical. --- Expected +++ Actual @@ @@ -'/Users/mattkeys/Desktop/W/WordPress%20Unit%20Tests/tests/phpunit/includes/../data/themedir1/default/parent-only.php' +'/Users/mattkeys/Desktop/W/WordPress Unit Tests/tests/phpunit/includes/../data/themedir1/default/parent-only.php' }}} Looking at this test, it makes use of esc_url_raw() which encodes the spaces as %20, then compares them against the original URI which has does not have the spaces encoded, so they are not the same. If this is something that we want to fix, an easy way would be to str_replace spaces > %20 before running the assertion. Patch attached." mattkeys 3 43664 $wpdb->get_results fails in specific cases with non-latin charaters in where clause Database 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-30T08:37:47Z 2018-04-08T19:09:08Z "Let's say we have user with display name 'Алексей'; {{{$wpdb->get_results(""SELECT user_login FROM $wpdb->users where `display_name`='Алексей' "", ARRAY_A);}}} executes normally {{{$wpdb->get_results(""SELECT user_login AS 'russian person' FROM $wpdb->users where `display_name`='Алексей' "", ARRAY_A);}}} executes normally as well but {{{$wpdb->get_results(""SELECT user_login AS 'person from Russia' FROM $wpdb->users where `display_name`='Алексей' "", ARRAY_A);}}} returns empty array and results in error: [table <table_prefix> Russia.doesn't exist] SHOW FULL COLUMNS FROM `Russia` That means 'from' in 'person from Russia' somehow gets in sql It's an obscure enough situation, but might signify that something is wrong with wpdb query handling" altert 2 43665 XHR requests disregard the WP_DEBUG_DISPLAY flag General normal normal Awaiting Review defect (bug) new 2018-03-30T09:34:01Z 2018-03-30T10:41:17Z "Within `wp-includes/load.php` and the `wp_debug_mode()` method it does {{{#!php <?php if ( defined( 'XMLRPC_REQUEST' ) || defined( 'REST_REQUEST' ) || ( defined( 'WP_INSTALLING' ) && WP_INSTALLING ) || wp_doing_ajax() ) { @ini_set( 'display_errors', 0 ); } }}} This then turns off the rendering of PHP issues. This makes it very problematic when actively developing ajax endpoints via `admin-ajax.php` as you have to keep turning them back on. It seems that it should at least appreciate the `WP_DEBUG_DISPLAY` constant Is this something we could look at getting addressed?" OwenMelbz 2 43666 Check update post meta before add new post meta in WordPress Importer dev-feedback Import normal normal Awaiting Review enhancement new 2018-03-30T11:59:20Z 2018-09-04T11:01:12Z When we import any post/page content XML multiple time new post meta import multiple time so before import any post meta import we have to check if same post with meta key is exist or not if not exist then we have to add new post meta using add_post_meta function or update that post meta using update_post_meta function. mukesh27 43668 Image cropping fails for many PHP locales, if set dev-feedback Media normal normal Awaiting Review defect (bug) new 2018-03-30T16:12:10Z 2022-03-24T05:15:44Z "If{{{#!php <?php setlocale( LC_NUMERIC /*or LC_ALL */, 'nb_NO' ); }}} is used then Media image cropping fails and selection input fields show `Infinity`. It works fine with 'en_US', btw. If #17268 is implemented, I guess it includes use of `setlocale'. Anyway, image cropping, and other internal passing of numeric data insede an application, should work independently of how numbers are to displayed according to a locale. I don't know which file or script to look into, to suggest a patch. Any help appreciated." knutsp 3 43671 'Search installed plugins' on plugins page unneccesary and possibly misleading, possibly replace it for 'search new plugins' Plugins 4.9 normal normal Awaiting Review enhancement new 2018-04-01T11:46:07Z 2019-05-07T22:12:30Z "Hello! I consider 'Search installed plugins' input on plugins page unneccesary and possibly misleading. Very often I use this input to search for plugin that I want to install. Also I don't know whether there is any reason at all to have search for installed plugins, because usually user just scrolls window to check this and rarely can remember name of the plugin etc. It would be cool to replace this input with input for searching for new plugins (or totally remove it). Thanks!" Vishnja1 2 43672 wp_delete_post() function ignores `$force_delete` parameter for custom post types dev-feedback Posts, Post Types normal normal Awaiting Review defect (bug) new 2018-04-02T05:23:01Z 2023-07-05T15:55:14Z "The `wp_delete_post()` function has a second optional parameter called `$force_delete` (default false) that decides whether to send the post to trash or delete it permanently. But when the function is invoked with a post id that belongs to a custom post type, this parameter is ignored and the post is always deleted permanently and never sent to trash. Here is the relevant code inside that function that does this. {{{ if ( ! $force_delete && ( 'post' === $post->post_type || 'page' === $post->post_type ) && 'trash' !== get_post_status( $postid ) && EMPTY_TRASH_DAYS ) { return wp_trash_post( $postid ); } }}} I think the post types check in the above condition should not be made, but I am not sure why it is there and what are the implications of it. Steps to replicate this issue. - Create a post in a custom post type and note the post id. - Make the call to the function. Assuming 42 is the post id, the call will be `wp_delete_post( 42, false)` - Since the `$force_delete` parameter is set to `false`, the expectation is that the post should be sent to trash - But the post will be permanently deleted If it is agreed that it is a bug, then I can submit a patch to remove the post type check. " sudar 2 43676 .htaccess rules don't work with Plain has-patch Rewrite Rules normal normal Awaiting Review defect (bug) new 2018-04-02T21:03:48Z 2022-01-05T12:08:54Z "If I use ""Plain Url Style"" in Permalink Settings then I can't add custom rules .htaccess from mod_rewrite_rules filter. I think that this is bug. For example: {{{#!php <?php function uploads_from_remote_server( $rules ) { $rules = ""<IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule wp-content/uploads/(.*) http://example.com/wp-content/uploads/$1 [NC,L] </IfModule>\n\n"" . $rules; return $rules; } add_filter( 'mod_rewrite_rules', 'uploads_from_remote_server' ); }}} This filter not working in Plain Url Style but should." sebastian.pisula 2 43678 Add indents to default .htaccess rules has-patch Rewrite Rules normal normal Awaiting Review enhancement new 2018-04-02T21:27:13Z 2018-04-02T21:27:50Z "I think that should be: {{{ # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /wordpress.dev/ RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /wordpress.dev/index.php [L] </IfModule> # END WordPress }}} instead {{{ # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /wordpress.dev/ RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /wordpress.dev/index.php [L] </IfModule> # END WordPress }}}" sebastian.pisula 43680 Add new filter to WP_User_Query SergeyBiryukov has-patch Users 3.1 normal normal Future Release enhancement reviewing 2018-04-02T22:19:50Z 2018-10-24T17:56:36Z Add a new filter to filter the value of results returned from the WP_User_Query. This brings the WP_User_Query class inline with other query classes, like WP_Query, which already has `posts_results` filter. This filter is a powerful one, that will allow for third party code, to hook in and change the results of the query. spacedmonkey 5 43681 Incorrect HTTP status code in 'posts' query. has-patch REST API 4.4 normal normal Future Release defect (bug) new 2018-04-02T23:43:41Z 2019-05-24T19:33:58Z "I am using the WordPress (v4.9.4) JSON API, specifically this URL: {{{ http://.../wp-json/wp/v2/posts }}} This works great. When I request a 'status': {{{ http://.../wp-json/wp/v2/posts?status=draft }}} I get this error: {{{ { ""data"": { ""status"": 400, ""params"": { ""status"": ""Status is forbidden."" } }, ""code"": ""rest_invalid_param"", ""message"": ""Invalid parameter(s): status"" } }}} It took me a bit to realize that the problem is not that the request (or `status` keyword) is in valid, but that requesting drafts requires authentication. I'd like to request that HTTP status 401 (unauthorized) be returned instead of 400 (bad request). The request is not bad, just requires authentication." demitrimuna 3 43686 Shortcodes containing asterisks may create invalid regex breaking the editor dev-feedback Shortcodes normal normal Future Release defect (bug) new 2018-04-03T21:31:40Z 2019-01-16T02:41:00Z "Despite not being a reserved character an asterisk in a shortcode followed by another character will generate invalid regex which breaks the editor. This code reproduces the issue: {{{#!php <?php foreach (['*one', '*two'] as $bullet) { add_shortcode('*' . $bullet, function () use ($bullet) { return 'oh no ' . $bullet; }); } }}} Attached is a gif showing the editor tabs not working correctly along with the error in the console in Chrome 65 and Firefox 59. I know it's unconventional to use an asterisk in a shortcode, but my use case is porting a legacy CMS that used BBCode into WordPress while trying to keep as much of the original formatting possible for old content. This is an issue with all plugins deactivated (except for the above code) using the Twenty Seventeen theme." Vusys 3 43689 next_post_link()/previous_post_link() broken for custom post types in same custom taxonomy term reporter-feedback Posts, Post Types 4.9.5 normal normal Awaiting Review defect (bug) new 2018-04-04T09:11:13Z 2022-05-26T22:22:37Z "The link to the next post is being displayed however the third parameter $in_same_term seems to be completely ignored even though parameter $taxonomy is correct (https://codex.wordpress.org/Function_Reference/next_post_link). E.g. you are on singular pages of a custom post type ""Job"". You want to have the next post link of ""Jobs"" which are in the same ""Job Group"" (a custom taxonomy) e.g. ""Developer"". However next post link will deliver a next Job which is in the ""Job Group"" ""Graphic Designer"" even though $in_same_term was set to true." Blackbam 1 43695 $depth and $args are switched when using custom callback in wp_list_comments() has-patch Comments 4.9.5 normal normal Awaiting Review defect (bug) new 2018-04-05T05:55:31Z 2021-11-26T11:12:27Z "For the custom function I am using the [latest function from walker](https://github.com/WordPress/WordPress/blob/master/wp-includes/class-walker-comment.php#L343) as a base. When you use custom callback in comments.php template: {{{#!php <?php // comments.php $args = [ 'type' => 'comment', 'format' => 'html5', 'style' => 'ol', 'short_ping' => true, ]; // Use our custom callback if it's available if( function_exists( 'custom_render_comment' ) ){ $args['format'] = 'custom'; $args['callback'] = 'custom_render_comment'; } wp_list_comments( $args ); }}} The arguments that get passed to custom_render_comment function are switched: {{{#!php <?php // custom_render_comment.php function custom_render_comment( $comment, $depth, $args ) { /* var_dump($depth): array(15) { [""walker""]=> NULL [""max_depth""]=> string(1) ""5"" [""style""]=> string(2) ""ol"" [""callback""]=> string(21) ""faeiv2_render_comment"" [""end-callback""]=> NULL [""type""]=> string(7) ""comment"" [""page""]=> int(0) [""per_page""]=> int(0) [""avatar_size""]=> int(32) [""reverse_top_level""]=> bool(false) [""reverse_children""]=> string(0) """" [""format""]=> string(6) ""faeiv2"" [""short_ping""]=> bool(true) [""echo""]=> bool(true) [""has_children""]=> bool(true) } } var_dump($args): int(1) */ } }}} The result is this error: {{{ Warning: array_merge(): Argument #1 is not an array in [...]/wp-content/themes/mytheme/inc/render-comment.php on line 56 }}} I haven't found any mention of switching arguments in the WordPressCodex. The fix is easy, just switch those variables, but I think it should be addressed somewhere in the documentation." vincurekf 2 43702 Empty State UX for Posts & Pages screen when there is no content Posts, Post Types 4.9.5 normal normal Awaiting Review enhancement new 2018-04-05T16:35:04Z 2020-10-27T19:51:04Z "The default screen people see when they first visit the Posts, Pages, etc., dashboard sections is quite uninspiring. Taking a cue from WooCommerce's default product screen (screenshot included), we can enhance the default Posts & Pages screens to make it a bit more welcoming to new users." mrtortai 3 43704 pre_option_{$option} filter is case sensitive although options are not. Options, Meta APIs 4.9.5 normal normal Awaiting Review defect (bug) new 2018-04-05T18:38:44Z 2018-04-08T01:53:12Z "I noticed the filter ""pre_option_{$option}"" for myOption wouldn't filter get_option('MYOption') for example, yet get_option(name) and MySql in general does not seem to care what case the option is. Perhaps it should also do pre_option_(strtolower($option)) when necessary? Was there a reason this particular filter is case-sensitive?" programmin 2 43706 Email with link to change admin email does not include proposed new email address. SergeyBiryukov has-patch Users 4.9.5 normal normal Future Release enhancement reviewing 2018-04-05T23:56:22Z 2022-03-21T02:14:38Z "This is a follow-up to #39112. This can be precarious -- I've received this note twice since locking out the previous administrator (not sure how he is attempting to change the address yet) and there's no way to determine who is requesting the admin email change. The email with the link to change the admin email follows. Howdy [name], You recently requested to have the administration email address on your site changed. If this is correct, please click on the following link to change it: https://siteurl.com/wp-admin/options.php?adminhash=[hash] You can safely ignore and delete this email if you do not want to take this action. This email has been sent to [current admin email] Regards, All at sitename http://siteurl.com" sshanky 12 43712 Improve the user experience when a fatal error or uncaught exception occurs Bootstrap/Load normal normal Awaiting Review enhancement new 2018-04-06T14:43:43Z 2019-01-16T06:50:09Z "If a WordPress page request dies with a catchable fatal error or uncaught exception, WordPress just falls back on PHP's default error handling behavior. What this typically means is: * The page HTML gets cut off at a random point (wherever the error occurred), so the page looks broken but with no indication to the user that anything went wrong. * The request returns with a 200 status (which can result in the broken page being cached in all sorts of places). Proposed improvement: * Use set_error_handler() and set_exception_handler() early in the WordPress bootstrap process to give a better experience by default. For comparison, the way Drupal handles this is that it [https://api.drupal.org/api/drupal/includes%21theme.inc/function/theme_render_template/7.x buffers all output from the theme] (only actually printing it much later on in the page request). That way, if a fatal error or exception does occur, no output has been sent yet, so it can always [https://api.drupal.org/api/drupal/includes%21errors.inc/function/_drupal_log_error/7.x set a ""500 Service unavailable"" header and display a maintenance page instead]. There are pros and cons to that approach, but in any case, I'm not sure that WordPress could be changed to use it in a backwards-compatible way. However, what does seem possible to me is: * The error handler could check headers_sent() to see if output was already sent. * If no output was sent yet, just call wp_die() to display a standard error page with a 500 error. * If output already was sent, maybe at least try to print some kind of HTML before dying so the user can see that something is broken which wasn't their fault. I'm thinking something like an ""Oops - something went wrong and the page didn't finish loading"" message, ideally themed as a simple floating bar at the bottom of the browser window." David_Rothstein 43713 Privacy: Add a UI to allow administrators to disable individual embeds / oembeds Embeds 5.1 normal normal Future Release enhancement new 2018-04-06T16:28:33Z 2019-09-27T16:20:25Z "Builds on protecting our users from tracking that was introduced in https://core.trac.wordpress.org/ticket/41784 Embedded iframes allow 3rd parties to collect user's IP addresses and User Agents, to store and retrieve cookies on their browsers, to embed additional third party tracking, and monitor their interaction with that embedded content, including correlating your interaction with the content with their account with that service, if they are logged in to that service. That means, especially when EU residents are visitors, that all that needs to be disclosed in the site's privacy policy. To further improve site's users privacy, and give site owners more control over how their user's privacy is impacted (and how many 3rd party services they would need to disclose in their site's privacy policy) we should allow administrators to disable any/all embeds on their site. This UI could live alongside the privacy page setting controls recently added to core." allendav 15 43716 "Not work ""option_active_plugins"" filter in front-end" reporter-feedback Plugins 4.9.5 normal normal Awaiting Review defect (bug) new 2018-04-07T07:46:22Z 2022-03-07T14:42:29Z "The ""option_active_plugins"" filter work just in admin and not work in front-end. i test wp_get_active_and_valid_plugins function in wp-includes/load.php#L598 the ""$active_plugins"" correct and work in front-end but related filter not work and i have to use ""alloptions"" filter for work" hamedmoodi 1 43722 On changing of permalinks ask a confirm before to save Permalinks normal normal Awaiting Review enhancement new 2018-04-09T13:10:16Z 2018-04-09T13:10:16Z "Discussing with the support Italian team seems that one of the most common issue is that there is people that change permalinks and not remember that. After save see that website is not working anymore and complain about the issue and the support team has to ask what is happened. The ideal process can be like for changing the password where you have to check a field that confirm to change the password so that situation can be avoided." Mte90 43723 Sanitize user_contactmethods output dev-feedback Administration normal normal Awaiting Review defect (bug) new 2018-04-09T14:12:16Z 2019-01-17T01:14:01Z "Data supplied in an array to the user-edit.php page via the filter 'user_contactmethods' is not properly escaped when it is outputted. As you can see in [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/user-edit.php#L527 user-edit.php] the values of the $name and $desc variables are directly echoed using echo. I'd expect it to use the WordPress Core [https://developer.wordpress.org/reference/functions/esc_attr/ esc_attr()] as the data is used part of an html tag's attribute and therefor should be limited to what is allowed inside an html attribute. " BjornW 8 43725 Multiple instances of opening / closing shortcode only works when closing tag is provided Shortcodes normal normal Future Release defect (bug) new 2018-04-09T20:23:15Z 2020-07-16T17:49:08Z "Given the following example: {{{ [url]Now this is wrapped[/url] [url] This one is standalone [url]Now this is wrapped too[/url] }}} The middle shortcode instance doesn't render unless you close it with `[url/]`. Attached is a patch with the unit tests. I'm unsure whether this is a fixable issue though." danielbachhuber 1 43728 Implements site_enable_theme and site_disable_theme functions in WP_Theme class has-patch Themes normal normal Awaiting Review enhancement new 2018-04-10T08:21:34Z 2023-02-12T19:43:09Z "In Multisite, Themes can also be enabled per site, via the Edit Site > Themes area. They are stored in an allowedthemes option (see https://github.com/WordPress/wordpress-develop/blob/master/src/wp-includes/class-wp-theme.php#L1414 for more). When you set a theme for a site, you wouldn't expect it to suddenly work for every network - it only implies you want to have it for the one site. I think we need to implement methods WP_Theme::site_enable_theme( $stylesheets, $site_id ) and WP_Theme::site_disable_theme( $stylesheets, $site_id ). We need this enhancement in this ticket : #39318" Mista-Flo 8 43729 Pagination on static Post page not working after changing Permalink Catagory Base reporter-feedback Taxonomy 4.9.5 normal normal Awaiting Review defect (bug) new 2018-04-10T11:15:12Z 2018-04-16T17:01:33Z "Dear WP team, when I use a custom structure like: /news/%postname%/ + additionally set the catgory base to news, the pagination will not work on the static post page - it returns a 404 error. I'm also not able to open the archives for the tags anymore (404). I was able to reproduce this issue on a fresh WP installation with 4.9.5. I was neither able to find a solution in support forum nor a ticket addressing this bug. Kind regards Jo" jokr1985 2 43731 Use Webpack + NPM scripts to build all the things whyisjake* has-patch Build/Test Tools normal normal Future Release task (blessed) accepted 2018-04-10T12:44:12Z 2021-03-09T21:04:30Z "With [https://core.trac.wordpress.org/ticket/40894 the introduction of Webpack in WordPress core], we could consider using it to perform build tasks currently performed with Grunt. The main advantage of having [https://webpack.js.org/ Webpack] build everything is that this would reduce the different tools developers would have to learn in the standard development process for WordPress core. NPM scripts would also make the available tools more discoverable and understandable through `package.json`. Having a unified approach towards building / bundling also helps in other area's, such as general asset management and devtooling. It could for example be great if we could start using Webpack dev server at some point to serve assets in development and introduce [https://webpack.js.org/concepts/hot-module-replacement/ hot module replacement]. Webpack would be totally suitable for this goal, as can also be read from its documentation: > Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. Webpack provides a unified approach towards building. For example: It would be quite easy to configure Webpack to perform the following tasks: - copying files: https://webpack.js.org/plugins/copy-webpack-plugin/ - uglification: https://webpack.js.org/plugins/uglifyjs-webpack-plugin/ - Sass to CSS compilation: https://github.com/webpack-contrib/sass-loader - CSS post processing (autoprefixing) and linting: https://github.com/postcss/postcss-loader - JS linting: https://github.com/webpack-contrib/eslint-loader The above tasks are just some of the more prominent examples. But anything is possible really. NPM scripts can be used to invoke the separate tasks like linting, building etc." omarreiss 36 43733 Replace Underscores.js with Lodash.js adamsilverstein dev-feedback External Libraries normal normal Awaiting Review task (blessed) assigned 2018-04-10T14:30:08Z 2023-07-17T23:20:28Z "Should we replace Underscores.js with Lodash.js? [https://wordpress.slack.com/archives/C5UNMSU4R/p1523367735000195 Discussed in Slack today (April 10th, 2018)]. It was suggested for converting WP Core to lodash, [https://github.com/facebook/jscodeshift jscodeshift] could be leveraged. Here is a list of [https://github.com/lodash/lodash/wiki/Migrating API pairings between lodash and underscores]. Concerns: Lodash 5.0 is set to have some [https://github.com/lodash/lodash/wiki/Roadmap backwards incompatible changes] that could make the migration awkward. General backwards compatibility concerns as well. How do we want to handle Backwards Compat? Most likely only core will be changed, and a migration path/tool will be offered out to theme/plugin authors." ChopinBach 16 43734 user_profile_update_errors hook needs work-around to validate a to-be updated email address Users normal normal Awaiting Review defect (bug) new 2018-04-10T19:56:47Z 2020-02-24T12:12:27Z "The 'user_profile_update_errors' hook can be used to (in)validate (custom added) fields in the user_profile before these fields are saved. As far as I know, the 'best-practice' to do this is, is by accessing the field using it's name in {{{$_POST}}}. Grab it's value, do your thing and if this results in an error, add an error message to the $errors object and prevent the field from being saved to the database. This does not work with the email field anymore (since WordPress version 4.9.0?), because {{{$_POST['email']}}} is reset to the current value in the database in the function {{{send_confirmation_on_profile_email()}}}. See: [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/user.php#L2792 wp-includes/user.php] The reset of {{{$_POST['email']}}} to the current email address in the database prevents the 'best-practice' of accessing a field's value through {{{$_POST}}} because the new email address is now gone from {{{$_POST}}}. '''Why is there a reset on $_POST? ''' ''My assumption is:'' Resetting {{{$_POST['email']}}} to the current email address in the database is needed, because of the new flow in WordPres in which WordPress requests a user's confirmation of a proposed email change (by sending an email to the new address and requesting the user to clink a link to confirm the change) before saving the new email address. Therefor the value in the form should (at least temporarily) not be changed until the user has confirmed the change in email address. The chosen solution is such that the new email address is temporarily saved in a user meta field with the name '_new_email' including a hash. This is then processed upon when the user clicks on the link in the email requesting the email change. ''' '''Solution''' I don't have a good solution yet and by submitting this ticket I hope more people can have a look at this issue. For now I'd suggest to update docs to include detailed information on how to use the user meta field {{{_new_email['newemail']}} instead of {{{$_POST['email']}}} in the user_profile_update_errors hook. " BjornW 4 43736 Audio continues to play in Media Modal after close Media 4.9.5 normal normal Awaiting Review defect (bug) new 2018-04-11T03:21:00Z 2021-04-01T15:24:25Z "When previewing an audio file in the Media Library modal, if you click Close or Escape, the audio continues to play. I haven't tested with Video, but I am assuming audio continues as well." bahia0019 3 43738 Make the personal data Export/Delete functionality available in network-wide for super admins has-patch Privacy normal normal Future Release enhancement new 2018-04-11T10:30:27Z 2020-10-07T18:41:05Z "There are approaches where single sites in a network are not independent, but integral parts of one website, interdependent in some way, or should be handled together for other reasons. Therefore a view for GDPR export and delete similar to the one in a single site would be needed to manage network-wide requests in addition to the site-wide requests that should still work as expected if the site is part of a network. This should gather the data from all sites in a network, and export them in one file. Common use cases are: * Site utilizing network installs using plugins like Multilingual Press for different language versions of one site * Network installs where different sites in a multisite behave like one website to the end-user (same design, shared functionality, shared user base)" TZ Media 40 43740 Filter WP_Post methods (vs. removing final/'get_post' filter) dev-feedback Posts, Post Types normal normal Awaiting Review enhancement new 2018-04-11T21:33:26Z 2020-02-27T11:09:37Z "There has been a lot of demand to remove `final` from `WP_Post` and to add a `get_post` filter, for good reason. There as also be a lot of pushback on those actions, also for very good reason. Both sets of reasons can be found in ticket #24672 and #12955, respectively. In a nutshell for, there are many valid use-cases where being able to extend `WP_Post` would make for more robust and maintainable code. In the against case, removing `'final'` could easily resolve in an explosion of incompatible child classes making plugin interoperability challenging, and backward compatibility almost impossible if code decided to evolve WP_Post in any way. And the `'get_post'` filter would be almost as bad as removing `final`, and I am one who advocated for both for years. However, we actually already have an extensibility mechanism that has shown the test of time and that is the use of filter hooks. Given a judicious use of filter hooks we could actually allow developers to extend `WP_Post` in a compossible manner thus minimizing plugin integration problems and also safeguarding core's ability to add enhancements in the future. The proposal is basically to add filter hooks in the methods of `WP_Post`, and to add a `__set()` and `__call()` magic method as a companion to the existing `__get()` magic method. Here are the filters I am proposing: ||= Filter Hook=||=Method=|| || `'wp_post_supports_instance'` || `__construct()`|| || `'pre_wp_post__isset'` ||`__isset()`|| || `'wp_post__isset'` ||`__isset()` || || `'wp_post__call'` || `__call()` || || `'wp_post__set'` || `__set()` || || `'pre_wp_post__get'` || `__get()` || || `'wp_post_filter'` ||`filter()` || || `'wp_post_to_array'` || `to_array()` || And then this action hook: * `'wp_post__construct'` in `__construct()` I have attached a patch for `class-wp-post.php` that would implement these hooks." MikeSchinkel 4 43741 Improve media_sideload_image() image extensions detection Media 4.9.5 normal normal Awaiting Review enhancement new 2018-04-12T00:30:44Z 2018-04-15T21:35:07Z "**media_sideload_image()** applies a pattern to the URL trying to detect image extensions. There are cases where Image URLs don't end on jpg, png or any other extensions. They can be simply a number or any other weird urls, but they are actually just fine https://crmall.generalshopping.com.br:8097/Api/store/image/bkxjNm5LU0RzQW5rdVNvUHZVSURkQT09 So I think it would be a good idea trying to detect the image extensions on these cases, like this: {{{#!php <?php if ( ! $matches ) { $image_type = exif_imagetype( $file ); if ( $image_type ) { $fileextension = image_type_to_extension( $image_type ); $matches = array( $fileextension ); } else { return new WP_Error( 'image_sideload_failed', __( 'Invalid image URL' ) ); } } }}} It's been working on my tests pretty nice. The only other thing I have to do in order to test such urls is turning reject_unsafe_urls to false, like this: {{{#!php <?php add_filter( 'http_request_args', function($args,$url){ $args['reject_unsafe_urls'] = false; return $args; }),10,2 ); }}} " Karzin 2 43742 Add $_wp_admin_css_colors variable to front-end reporter-feedback General 3.0 normal normal Awaiting Review enhancement new 2018-04-12T07:17:43Z 2020-06-04T23:11:00Z "I've developed a plugin that uses the admin colour scheme functionality. When a colour scheme is registered (using `wp_admin_css_color`), it's added to the `$_wp_admin_css_colors` variable. This is only accessible within the dashboard though so if you try and use that variable on the front-end, it returns `null` (doesn't exist). Can this be made accessible on the front-end too?" danieltj 2 43746 Custom post type single post feed returns a 404 if has_archive is set to false when calling register_post_type() SergeyBiryukov needs-unit-tests Rewrite Rules 4.9.5 normal normal Future Release defect (bug) reviewing 2018-04-12T13:58:17Z 2019-01-16T03:58:48Z "When using {{{register_post_type()}}}, the single post feed returns a 404 if {{{has_archive}}} is set to false. This seems to happen regardless of the value of {{{feeds}}} in the {{{rewrite}}} array. For example: {{{ register_post_type( 'example', array( 'rewrite' => array( 'slug' => 'my-custom-post-type', 'feeds' => true ), 'has_archive' => false ) ); }}} {{{ $ curl -IL https://example.com/my-custom-post-type/some-text/feed/ HTTP/1.1 404 Not Found }}} I'd expect a feed for the post to be built if {{{feeds}}} is set to {{{true}}}. Note I have flushed permalinks." henry.wright 8 43748 Create new action edit_user_updated_user similar to edit_user_created_user dev-feedback Users normal normal Awaiting Review enhancement new 2018-04-12T16:11:30Z 2018-05-23T19:45:11Z I would like to see a new action `edit_user_updated_user` similar to the `edit_user_created_user` action so I can run custom actions (i.e., updating an external API with the changed data). macbookandrew 43749 Update zxcvbn to 4.4.2 has-patch External Libraries normal normal Future Release enhancement assigned 2018-04-12T16:32:33Z 2021-11-18T20:42:43Z "4.4.2 contains several bug fixes. For a full list of changes, see https://github.com/dropbox/zxcvbn/compare/v4.4.1...v4.4.2." desrosj 25 43752 ID, post_parent, menu_order on global $post object is a string in edit context; expecting int needs-unit-tests Posts, Post Types 4.9.5 normal normal Awaiting Review defect (bug) new 2018-04-12T23:34:08Z 2018-04-19T00:27:16Z "When I'm on an edit post screen, the ID, post_parent, menu_order attributes on the global $post object are strings. I expect them to be integers. To quickly check, put this in a plugin: {{{#!php <?php add_action( 'add_meta_boxes', function(){ add_meta_box( 'foo', 'bar', function( $post ) { var_dump($post->ID); }); }); }}} Here's what's happening: 1. in wp-admin/post.php the edit case happens, and within that the post gets reloaded here: https://github.com/WordPress/WordPress/blob/4.9.5/wp-admin/post.php#L167 2. that function will run the post object through its own filter with filter edit here: https://github.com/WordPress/WordPress/blob/4.9.5/wp-includes/post.php#L552 3. because at the time $this->filter = ""raw"", and the $filter is edit, that will run the object through sanitize_post here https://github.com/WordPress/WordPress/blob/4.9.5/wp-includes/class-wp-post.php#L354 4. sanitize_post will, in turn, run all the fields through sanitize_post_field here: https://github.com/WordPress/WordPress/blob/4.9.5/wp-includes/post.php#L1940 5. and even though we have 3 fields set as int (https://github.com/WordPress/WordPress/blob/4.9.5/wp-includes/post.php#L1973), by the time we get to this part (https://github.com/WordPress/WordPress/blob/4.9.5/wp-includes/post.php#L2027-L2034), those three will be ran through esc_attr 6. esc_attr will feed it through _wp_specialchars here https://github.com/WordPress/WordPress/blob/4.9.5/wp-includes/formatting.php#L3978 7. which begins with $string = (string) $string; here https://github.com/WordPress/WordPress/blob/4.9.5/wp-includes/formatting.php#L912 The part that throws me off is that `sanitize_post_field` declares these three properties to be integers at the beginning of the function, so I sort of expected them to come out as integers on the other end." javorszky 4 43754 "Problem with is_page() function when gets ""NULL"" parameter" reporter-feedback Posts, Post Types 4.9.5 normal major Awaiting Review defect (bug) new 2018-04-13T09:32:09Z 2020-06-04T23:36:40Z "Problem with function is_page() when it gets ""NULL"" parameter then return ""TRUE""" pawels 1 43759 CS: Fix violations for wp-includes/class-wp-comment-query.php has-patch Comments normal normal Awaiting Review defect (bug) new 2018-04-13T11:46:50Z 2020-10-16T00:46:01Z Working on a patch for this during WordCamp London, currently. jipmoors 2 43760 Create a revision when autosaving if the content has changed significantly dev-feedback Autosave normal normal Future Release enhancement new 2018-04-13T13:08:12Z 2019-09-19T20:52:21Z "Sometimes a user may edit a post for hours without saving it. We have autosaves to prevent any data loss. However in some cases there may be an user or a server error and the content may not be submitted or the post may be ""empty"". This doesn't happen often, but is usually devastating for the users. They just lost hours of work! To safeguard against these cases, we can create post revisions when the autosave data is significantly different than the existing post." azaozz 5 43778 Spamming via Contact Form 7 (even Contact Form 7 was deleted) General 4.9.5 normal critical Awaiting Review defect (bug) new 2018-04-16T11:27:46Z 2018-04-16T14:52:15Z "I was confused these days. I disabled Contact Form 7, then they could still spam me. I deleted that plugin, they could still send me the spam email. From: Randalphirm <janderson@glmtg.xom> Subject: Yоur Lарtoр + 30 minutes = $600,000 Message Body: Extrеmely goоd nеws. I dоwnlоaded this уеstеrday and it made me $2,421.28 Thеse guys guаrаntee that it will mаke уоu $2,000 within 24 hours. Do nоt miss out on this. Plеаse fоllоw thе linк below tо clаim your cаsh by midnight tоdaу… => Clаim yоur $2,000 herе todау http://makemoneyusasystem-3.tk/?p=53617 Congrаtulаtiоns! -- This e-mail was sent from a contact form on " knguyen2011 2 43781 adding apply_filters on $handle in localize Script Loader 4.9.5 normal normal Awaiting Review enhancement new 2018-04-16T14:26:34Z 2018-04-16T14:51:26Z "in functions.wp-scripts.php we have: return $wp_scripts->localize( $handle, $object_name, $l10n ); it would be nice to have an apply_filters on the $handle (with object_name as an argument optionally), since it would make overwriting it e.g. for a global concat minified file much easier & faster. (bc now I have to get the scripts, then loop over it, localize the group,...) while I could do the whole thing with an apply_filters within 1 line. " DuckDagobert 1 43785 wptexturize fails to skip JavaScript if code contains < Formatting normal normal Awaiting Review defect (bug) new 2018-04-17T07:51:58Z 2018-04-17T07:51:58Z "As the [https://codex.wordpress.org/Function_Reference/wptexturize documentation] states: Text enclosed in the tags <pre>, <code>, <kbd>, <style>, <script>, and <tt> will be skipped If the script tag contains < character inside, then the wptexturize functions fails and starts to encode the codes. {{{#!php <?php echo wptexturize('<script type=""text/javascript"">window&&document</script>'); //Result: <script type=""text/javascript"">if(a>b)window&&document</script> // OK }}} wptexturize -> preg_split -> $textarr value: {{{ Array ( [0] => <script type=""text/javascript""> [1] => if(a>b)window&&document [2] => </script> ) }}} ---- {{{#!php <?php echo wptexturize('<script type=""text/javascript"">if(a>b)window&&document</script>'); //Result: <script type=""text/javascript"">window&&document</script> // OK }}} wptexturize -> preg_split -> $textarr value: {{{ Array ( [0] => <script type=""text/javascript""> [1] => window&&document [2] => </script> ) }}} ---- {{{#!php <?php echo wptexturize('<script type=""text/javascript"">if(a<b)window&&document</script>'); //Result: <script type=""text/javascript"">if(a<b)window&&document</script> // ERROR }}} wptexturize -> preg_split -> $textarr value: {{{ Array ( [0] => <script type=""text/javascript""> [1] => if(a [2] => <b)window&&document</script> ) }}} && characters encoded into && which breaks the JavaScript code. This issue can happen if shortcode inserted into the editor and the editor value rendered with the wptexturize function and the shortcode contains JavaScript code. ---- More tests which works as expected: {{{#!php <?php echo wptexturize('<script type=""text/javascript"">$(""<div/>"").length&&document</script>'); echo wptexturize('<script type=""text/javascript"">$(""<div></div>"").length&&document</script>'); }}} " nextendweb 43789 the_posts_pagination() outputs the slash at the first link needs-unit-tests Permalinks 4.9.5 normal normal Future Release defect (bug) new 2018-04-17T19:25:04Z 2021-09-17T12:21:50Z "Hello. Permanent link settings: `http://wp-test.ru/%postname%` (without a slash on the end) On the second and other pages of pagination, any category has a link to the first page with a slash on the end. {{{ http://wp-test.ru/category/bez-rubriki/ (with a slash on the end, why?) http://wp-test.ru/category/bez-rubriki/page/2 http://wp-test.ru/category/bez-rubriki/page/3 (current page) ..... }}} " campusboy1987 3 43791 Add the call to pingback_url to core instead of themes dev-feedback Pings/Trackbacks 4.9.5 normal normal Awaiting Review enhancement new 2018-04-17T20:03:24Z 2021-01-13T19:44:19Z "The `<head>` section contains a lot of `<link>` items that WordPress core generates. Why should themes be responsible for outputting the `pingback_url()` `<link>`? The core code should remove this burden from the theme and ensure that it is handled every time and correctly. Currently, the theme needs code like this: {{{ function mytheme_pingback_header() { if ( is_singular() && pings_open() ) { echo '<link rel=""pingback"" href=""', esc_url( get_bloginfo( 'pingback_url' ) ), '"">'; } } add_action( 'wp_head', 'mytheme_pingback_header' ); }}} and a lot of themes don't even have it, so then there are core options that don't work correctly. This logic belongs in core. " joyously 6 43792 get_comment_excerpt filter should tell if the comment was shorted or not dev-feedback Comments normal normal Awaiting Review enhancement new 2018-04-17T22:14:58Z 2019-01-16T06:50:09Z "The design I am currently working on has long comments shortened to 100 words, and a 'show more' / 'show less' link is added. I only want to add the 'show more' text if the comment has been shortened. There is a filter before get_comment_excerpt() returns that I can use to add my link. However it does not pass along information about whether or not the comment was shortened. As a workaround I can check if the comment ends in ""…"", but it would make sense to add a boolean value to the filter arguments to make this easier/cleaner." mattkeys 7 43796 User Role with integer role name not showing in admin filter list reporter-feedback Users 4.9 lowest normal Awaiting Review defect (bug) new 2018-04-18T08:38:58Z 2024-01-17T19:20:54Z When we create a new user role using add_role function and role name is an integer then assign that role to users and that role will not display on top of User listing. aiyaz 2 43798 Add multiple parent ids in get_terms function Taxonomy normal normal Awaiting Review enhancement new 2018-04-18T12:15:40Z 2020-10-14T22:20:14Z "Please let uns use get_term parent arg as an array with multiple ids: {{{#!php <?php $args = [ 'parent' => [164, 1411] ]; $child_regions = get_terms( 'region', $args ); }}} " anonymized_8711240 43801 Need better documentation to show importance of checking for args while using wp_schedule_event and wp_next_scheduled has-patch Cron API normal normal Future Release enhancement new 2018-04-18T15:47:51Z 2021-01-29T12:44:57Z "While the user notes https://developer.wordpress.org/reference/functions/wp_next_scheduled/#user-contributed-notes do relay the importance. I believe it is important that the documentation also be more clear about the issue. When coded incorrectly something like {{{ function schedule_my_event(){ if ( ! wp_next_scheduled( 'myevent' ) ) { // This will always be false wp_schedule_event( time(), 'daily', 'myevent', array( false ) ); } } add_action('init','schedule_my_event'); }}} It's potentially disastrous for a site. The cron value in the options would keep on increasing until the database could no longer withstand it. So keeping that in mind I feel the documentation for both wp_next_scheduled and wp_schedule_event should highlight this point more." digamberpradhan 43802 Default timezone for new sites in WP multisite has-patch I18N 4.9.5 normal normal Awaiting Review feature request new 2018-04-18T19:38:19Z 2019-06-20T14:27:23Z "In WordPress Multisite, the super admin may set a default language for all newly created sites but not a default timezone. As a matter of fact, the timezone for new sites is taken from translation string ""0"" (context string ""default GMT offset or timezone string""). [https://github.com/WordPress/WordPress/blob/176a28905041fd79c439946a4ba290a87db5991f/wp-admin/includes/schema.php#L402 Relevant code] Unfortunately, language is not location. It's entirely possible for a community using WordPress multisite to use a language while not being physically based in the usual timezone for said language. Furthermore, many language are spread all over the world. For that reason I think it would be more correct to decouple default timezone from translation files and add a ""default timezone for new sites"" setting for multisite installations." moreauf 3 43804 Undefined offset: 0 in ../wp-includes/taxonomy.php on line 1903 reporter-feedback Taxonomy normal normal Awaiting Review defect (bug) new 2018-04-19T00:39:50Z 2019-01-17T01:13:20Z "The issue is pretty trivial. When there are no terms assigned to a post, the condition on 1894 will return false and this immediately will cause PHP error because $taxonomies array does not have any records inside. To reproduce the issue, simply call wp_get_object_terms function with post, page or custom post type that does not have a single hierarchical term assigned to." vasyltech 1 43809 Add personal data from posts to personal data export tz-media has-patch Privacy normal normal Future Release enhancement assigned 2018-04-19T12:35:02Z 2019-12-18T17:32:24Z Add personal data from posts to the personal data export infrastructure built in #43438 and #43546. TZ Media 32 43810 Apostrophe issue Formatting 4.9.5 normal normal Awaiting Review defect (bug) new 2018-04-19T13:31:05Z 2022-02-18T21:17:15Z "Take a look. Instead of to have normal apostrophe, we have open and close if is between tags [[Image(https://i.imgur.com/c6QDmR5.png)]] [[Image(https://i.imgur.com/1F1zfWj.png)]]" colomet 3 43811 Licence & Policy notice during installation xkon Privacy normal normal Awaiting Review enhancement assigned 2018-04-19T13:56:37Z 2023-08-29T15:33:28Z "This was a thought mentioned in #43492 originally but it deserves it's own ticket at the moment. We all know about the lovely 5 minute installation process that WordPress provides. I feel like we can create a small placeholder during the installation process ( probably on the first page even ) to notify the users about GPL license and a text on Policy. Yes the license is included in a .txt, but people are more used when installing things to see a license / policy during the installation and then continue to the actual install. I'm not personally thinking about a full blown page with a wall of text but rather a discreet placeholder to hold just the right the information needed like an excerpt from the GPL and a link refering to the full text for the ease of use etc as well as the connection between WordPress and wp.org during updates and such as stated on other tickets so we can be even more clear and upfront to any given user. @melchoyce do you think you could check this as well so we can provide a mockup/patch to see how it feels and then we can go forth adding the texts needed here as well just in case this could make it to the release also ?" xkon 13 43812 Retrieving Blog/site description in multisite dev-feedback Networks and Sites normal normal Awaiting Review enhancement new 2018-04-19T16:38:51Z 2019-01-16T06:50:09Z "Hello, In a project on a Multisite I need on site 1 (for example) to retrieve description on site 2. With {{{ get_blog_details() }}} I'm able to retrieve some info (name, url...) but not the description " sebastien@… 1 43813 Meta API should set `last_changed` cache key internally General normal normal Awaiting Review enhancement new 2018-04-19T19:06:49Z 2018-04-20T14:18:09Z "See #40669, r41848, r41849. Sorry, but I completely missed this work being done for the 4.9 release cycle. I think the individual post/comment/term/user checks should be moved directly into the appropriate meta API function calls. I can imagine 2 ways of doing this: ---- Add a `$cache_key` parameter to the following functions: * `add_metadata()` * `update_metadata()` * `delete_metadata()` When `$cache_key` is not empty, it will internally call: `wp_cache_set( 'last_changed', microtime(), $cache_key );` ---- Infer the cache-key using `$meta_type` in the following function: * `update_meta_cache()` Then call: `wp_cache_set( 'last_changed', microtime(), $meta_type . 's' );` (We already use `$meta_type` to infer things like primary keys, so it's not great, but not new. If we went this route, I believe we'd probably want to do a better job of priming meta-data caches the same way we prime primary object caches (users and posts specifically prime themselves on update, etc...) cc @boonebgorges @spacedmonkey for consult & discussion" johnjamesjacoby 4 43816 Editing Image Can Lead to Mixed Metadata Media 4.9.5 normal normal Future Release defect (bug) new 2018-04-20T00:04:30Z 2022-11-23T16:09:37Z "== Summary If an image is uploaded at a size allowing the creation of a defined image size (ie, ""large"", ""twentyseventeen-featured-image"", etc.) and the image is then edited to a size which doesn't allow that defined size to be created, the non-supported size can still be placed and will display the original image. == Steps to Reproduce 1. Upload an image which is slightly larger than a defined image size in a particular theme (for example, if using the WordPress default definition for ""large"" images, 1,024 pixels, upload an image 1,100 pixels wide) 1. Edit the image, and scale or crop it to be 1,000 pixels wide 1. Save edit 1. Within the post editor, ""add media"", select the ""large"" image size, and place within body of post === Expected Behavior * //Developer//: The ""large"" image should not be able to be selected within the ""Place Media"" dialog * //Regular user//: The ""large"" image placed should reflect the image edit === Result The ""large"" size is selectable and the **original** image is placed within the page. === Other Effects In this particular example, if the Media Library is in ""grid"" view, and our edited image is selected, the dialog which opens will display the incorrect original image, as the dialog preferentially uses the ""large"" image size. == Source of Behavior I believe the problem stems from line 880 of https://core.trac.wordpress.org/browser/tags/4.9.5/src/wp-admin/includes/image-edit.php : {{{ $meta['sizes'] = array_merge( $meta['sizes'], $img->multi_resize( $_sizes ) ); }}} * `$meta['sizes']` contains all of the sizes which were able to be created when the image was uploaded * The return from `$img->multi_resize()` only has keys set for those sizes that can be created from the edited image * Using `array_merge` keeps the original values not returned by `$img->multi_resize()`, despite the fact they are no longer valid for this edit == Fix I believe the fix may be as simple as simply returning the result of `$img->multi_resize()` without merging it into the existing `$meta['sizes']`, which are mainly used in this context to create the `_wp_attachment_backup_sizes` array. {{{ $meta['sizes'] = $img->multi_resize( $_sizes ); }}}" rogerlos 4 43818 Invalidate query caches less aggressively by using a `last_changed` key specific to metadata needs-unit-tests Options, Meta APIs normal normal Awaiting Review enhancement new 2018-04-20T08:13:55Z 2018-04-20T08:13:55Z "Currently, the meta implementations for posts, terms, comments and sites (in multisite) invalidate all respective query caches when any value is changed (via setting the `last_changed` key). This is a really aggressive method of cache invalidation and causes in query caches being too frequently invalidated, resulting in lots of unnecessary cache misses. Most queries (or at least many queries) do not make use of meta queries, and those should stay unaffected by when a meta value changes. Therefore I suggest introducing a specific `meta_last_changed` cache key, and have the meta functions set that one instead of the generic `last_changed`. In the query classes, we can then check if a meta query is present, and only then make use of the `meta_last_changed` key - otherwise we can ignore it and use the regular `last_changed` key. Regarding the initial implementation, we should think about whether we would wanna roll this out to all the above object types immediately, or whether we should rather start with an object type less popular for metadata (i.e. ''not'' posts). Related to this is #43813." flixos90 43821 Add UX in the Network Admin for setting a network-wide privacy policy Privacy normal normal Future Release enhancement new 2018-04-20T20:05:00Z 2020-07-06T23:31:01Z "Some multisite instances will need to set one privacy policy for the entire network, with controls on whether or not individual sites can modify/replace it. Other multisite instances may choose to leave the privacy policy entirely to individual sites. The UI for setting a network-wide policy should probably be similar to #43435, so snippets from plugins can be included." coreymckrill 11 43822 Add UX in the Network Admin for exporting/anonymizing/deleting personal data across the entire network Privacy normal normal Future Release enhancement new 2018-04-20T20:12:18Z 2020-07-06T20:17:20Z "It's not practical for a super admin to hunt down personal data by going to the Dashboard of each site in the network. There should be one centralized place in the Network Admin to receive and process SARs. This should look similar to the UX in #43546 and #43602, but the underlying functionality for managing the data across the entire network is being discussed in #43738." coreymckrill 10 43825 Style/script loading infrastructure: Etag header as a hash of script/style handles and their corresponding versions Script Loader normal normal Awaiting Review enhancement new 2018-04-21T08:27:55Z 2019-01-16T06:50:09Z "We've been exploring on how to bundle styles and scripts together for different block types in Gutenberg (https://github.com/WordPress/gutenberg/pull/6087#issuecomment-382888928) It looks like the inbuilt infrastructure for concatenating and bundling assets (load-styles.php and load-scripts.php) might be a good fit for bundling assets in Gutenberg. However, it looks like we will run into an issue with this approach. load-styles.php and load-scripts.php use the current WordPress version as the value of the Etag header. So if a plugin/theme developer modifies some CSS / JS for their block type, the browser will not attempt to fetch the latest content since the value of the Etag header will remain the same (since the WordPress version will remain the same). We can add some functionality in load-styles.php and load-scripts.php to support this: **Specify the value of the Etag header as a hash of the script/style handles and their corresponding versions.** So, if we get a request to load styles for paragraph and image block like this: > /load-styles.php?load=core-paragraph-block,core-image-block We can generate the Etag like this: > etag = hash_function( 'core-paragraph-block-v1.1-core-image-block-v8.3') and supply this value in the Etag header in the response to the browser. This will make sure that the next time the plugin/theme developer changes the CSS / JS for a block type (meaning changes the version of the script/style handle), the hash function will automatically generate a new value for the Etag header and the browser will therefore fetch the latest style / script bundle. **We can add this functionality in load-styles.php and load-scripts.php as an add-on to the current functionality (to preserve backward compatibility).** Maybe, this new functionality can be triggered if a specific URL parameter is included in the request to load-styles.php / load-scripts.php. Maybe, something like: /load-styles.php?etag=content_hash. Do you think we can go ahead with this approach? If yes, I can propose a patch for adding this functionality." kanishk.dudeja 43830 "Being able to set a page as a homepage under the ""Page Attribute"" meta box" General normal normal Awaiting Review enhancement new 2018-04-22T12:00:58Z 2019-01-16T06:50:09Z "Hi everyone, As the file attached shows, the idea is to allow the user to set the page as a homepage from the admin panel of the page without going to the ""settings"" -> ""reading"" section. Tank you. Team from contributor day in Madrid" dssaez 3 43835 Add thumbnail to category (like to posts) dev-feedback Taxonomy normal normal Awaiting Review feature request new 2018-04-23T07:23:28Z 2018-04-24T07:06:33Z "Was it discusses ever, to integrate thumbnail support for categories too? [https://wordpress.org/plugins/category-thumbnails/ This plugin] adds the feature to WP to add thumbnails (feature images) to categories and use functions: {{{ has_category_thumbnail(); get_the_category_thumbnail(); .... }}} However, it may be nice to have these features built-in." tazotodua 4 43839 Video Player Mobile Media normal normal Future Release defect (bug) new 2018-04-23T23:51:04Z 2019-04-15T19:51:39Z "I usually use the video player with autoplay on. \\ But I noticed that on the mobile (I know the autoplay does not work on the mobile), the video player does not display the big play button in the middle of the player. \\ And the only way to run a video is to press the play button from the control bar at the bottom of the player. \\ Print screen: \\ That's how it should look (So it was up to wp 4.8.3)[https://i.imgur.com/PkHjszD.jpg] \\ That's what it looks like now [https://i.imgur.com/l8Zp94G.jpg] \\ Does anyone know how to solve this issue? Thank you!" studiosx 1 43841 Add request confirmation and security logging for major user actions Administration normal normal Future Release enhancement new 2018-04-24T10:10:51Z 2018-04-24T11:15:16Z "This is a follow-up from #43443. We can extend the methods and functionality added for privacy request to other ""major"" user actions: - Lost password notifications. - Changing email addresses. - Deleting accounts. This will form the base for a user security log screen where admins will be able to see notifications, verify requests, and keep track of other user activities." azaozz 2 43842 get_children() function enhancement. has-patch Query normal normal Awaiting Review enhancement new 2018-04-24T12:06:31Z 2019-01-16T06:50:09Z This `get_children` function can be rewritten this way. And I think this is cleaner and better. rnaby 43844 PHP list language construct changed behaviour in PHP 7 SergeyBiryukov dev-feedback Administration normal major Awaiting Review defect (bug) reviewing 2018-04-24T12:50:14Z 2018-08-12T23:04:13Z "The inline docs for the method as of 24th April, 2018: {{{#!php /** * Get a list of sortable columns. The format is: * 'internal-name' => 'orderby' * or * 'internal-name' => array( 'orderby', true ) * * The second format will make the initial sorting order be descending * * @since 3.1.0 * * @return array */ protected function get_sortable_columns() { return array(); } }}} See https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/class-wp-list-table.php The problem is that if I define the sortable columns as the first one, with {{{#!php class My_List_Table extends WP_List_Table { protected function get_sortable_columns() { return array( 'my-column' => 'my-column', ); } } }}} Then the `list` call when building the table list header / footer will not have the `orderby` variable defined. See https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/class-wp-list-table.php#L1117 If however I use {{{#!php class My_List_Table extends WP_List_Table { protected function get_sortable_columns() { return array( 'my-column' => array( 'my-column' ), ); } } }}} everything works as expected. Diff incoming shortly." javorszky 7 43854 Add cards to the Tools page for personal data tools Privacy normal normal Future Release enhancement new 2018-04-25T00:29:46Z 2019-05-23T19:34:32Z "If the privacy tools are going to live under the Tools menu, cards should be added to the Tools page explaining each tool and linking to it. The Tools page has recently become pretty barren with the move to a plugin for Press This." desrosj 9 43860 Dead code in feed_links_extra() has-patch Feeds 3.7 normal normal Future Release enhancement new 2018-04-25T17:34:26Z 2019-01-09T06:03:08Z "Probably a detail, but in {{{general-template.php}}}, function [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/general-template.php#L2799 feed_links_extra()] contains two {{{elseif}}} statements with the same condition {{{if ( is_post_type_archive() )}}}. The second one can't be reached and can be considered as dead code." dmenard 5 43869 Do not initialize current user too early in `get_user_locale()` SergeyBiryukov dev-feedback Bootstrap/Load normal normal Future Release defect (bug) reviewing 2018-04-26T13:58:48Z 2022-01-30T16:52:09Z "The current user in WordPress is typically initialized right before the `init` action, in `wp-settings.php`. While WordPress has measures in place to initialize the current user on request, this is rather unexpected and we should try to avoid it. There is one function in core that causes the current user to be initialized in such an unexpected way, namely the `get_user_locale()` function. It is at least called by `load_default_textdomain()` (after the `setup_theme` hook), but most times even earlier, when plugins call `load_plugin_textdomain()` (usually on `plugins_loaded`). Of course it's necessary to load the user-specific locale that early, so it's not an option to set it up later. However, it shouldn't be necessary for `get_user_locale()` to set the current user. * First of all, it doesn't need to access a full user object. Initializing a user object is a heavy process (unless the current user), and all we need to do here is look up a meta value for the `locale`, for which a user's ID is sufficient. * I suggest to do the following: If no `$user_id` is passed, call `get_current_user_id()` if we're at a point in the bootstrap flow where the current user is already set up. Otherwise, we can use the filter `determine_current_user` which is internally used by `_wp_get_current_user()` and returns the current user's ID on success. We might wanna consider centralizing that logic in a utility function." flixos90 12 43877 Do not run unnecessary `user_has_cap` filter if the caps to check for include `do_not_allow` already needs-unit-tests Role/Capability normal normal Awaiting Review defect (bug) new 2018-04-27T12:27:30Z 2018-09-17T11:21:33Z "`do_not_allow` is a fake capability used essentially as a blacklist, saying that nobody can perform that action. It's typically returned in the `map_meta_cap()` result for an actual capability check. If `do_not_allow` is part of that array, it is immediately clear that the final result of the `WP_User::has_cap()` method will be `false`. Currently however, the following code in the function still executes, including a `user_has_cap` filter. Since we already know the return value if `do_not_allow` is present in the `$caps` array checked for, everything happening afterwards is entirely unnecessary overhead. Especially since [40993] it should be clear that nothing can get around a `do_not_allow` being present. For efficiency and possibly performance reasons, I suggest we check for `do_not_allow` right after the `map_meta_cap()` call, and if it is present, return false." flixos90 4 43879 Add tools for anonymizing of post authors tz-media needs-unit-tests Privacy normal normal Future Release enhancement assigned 2018-04-27T13:46:24Z 2020-09-07T08:30:09Z "Logged-in users that post content can request the removal of their personal data. So we should add functionality to add the posts to the erasure infrastructure that is already committed to trunk. See #43442 for reference (anonymize commenters)." TZ Media 14 43880 Add functionality to add an anonymous user an get its ID for anonymization of data related to a WordPress user. tz-media needs-unit-tests Privacy normal normal Future Release enhancement assigned 2018-04-27T14:05:28Z 2018-07-09T17:58:08Z "When we need to anonymize data that is (or can be) associated with a WordPress user, we anonymize it by changing the user ID of that data to a user that represents anonymized content. But currently no such user exists, so we set the ID to 0. In order to display an actual user name (at least for posts), we would need an actual user 'Anonymous' that we can re-assign the content to. This might be created on WordPress install by default (maybe even with a User ID of `0` that we can then hardcode into the anonymized functions), or by calling a function like `_wp_privacy_get_anonymous_user_id()` that creates the user if not already created and returns the user ID (that might be stored in a site_option)." TZ Media 9 43881 url_to_postid doesn't works with custom post type in PhpUnit Test Rewrite Rules normal normal Awaiting Review defect (bug) new 2018-04-27T14:10:38Z 2018-12-21T02:32:13Z "In the {{{functions.php}}} I have the following code: {{{#!php <?php function post_type_products() { register_post_type( 'products', [ 'labels' => [ 'name' => 'products', 'singular_name' => 'products', 'add_new' => 'Add New', 'add_new_item' => 'Add New Product', 'edit_item' => 'Edit Product', 'new_item' => 'New Product', 'all_items' => 'All Product', 'view_item' => 'View Product', 'search_items' => 'Search for Product', 'not_found' => 'No product found', 'not_found_in_trash' => 'No product found in the Trash', 'menu_name' => 'products', 'parent_item_colon' => '', ], 'description' => 'Product description', 'public' => true, 'rewrite' => ['slug' => 'products'], 'menu_position' => 5, 'supports' => ['title', 'editor', 'excerpt'], 'has_archive' => true, 'menu_icon' => 'dashicons-id-alt', ] ); } add_action('init', 'post_type_products'); }}} Then I need to test it. And for this test I create the test record via factory class: {{{#!php <?php $post_data = [ 'post_title' => 'Test Post', 'post_content' => 'Test Post Content', 'post_excerpt' => 'Test Post excerpt', 'post_type' => 'products' ]; $this->factory->post->create($post_data); }}} The problem is when I got URL from following code: {{{$url = get_permalink($this->factory->post->create($post_data));}}} The function {{{url_to_postid}}} return {{{0}}} {{{#!php <?php $id = url_to_postid($url) // this will return 0; }}} This is big problem because in my backend code I use the URL of the custom post type for determinate the ID of this URL. When it works outside of the context of the unit test it's work very well. And I can got ID from the URL from custom post type products. But when this is in the unit test context the function {{{url_to_postid}}} doesn't work as well. " skarabeq 3 43882 Introduce slug-specific hooks to manage plugin loading order Plugins normal normal Awaiting Review enhancement new 2018-04-27T16:48:35Z 2019-01-24T06:55:42Z "As already discussed in #41346, I'd like to propose a simple mechanism that can solve the loading order problems that inter-dependent plugins can have. The main mechanism just adds an action that is named after the plugin that was just loaded. In this way, other plugins are able to initiate actions based on when another plugin was loaded. A similar mechanism has been used in WP-CLI to solve the problems in the loading order of commands that rely on each other. You can read more about how commands can control their loading order here: https://make.wordpress.org/cli/2017/05/03/managing-command-dependencies/ Furthermore, this also allows for a small extension that can automatically resolve loading order, provided it knows about the dependency to look for. This is used in WP-CLI as well, where it is easy to deduce the parent command to look for, as described here: https://make.wordpress.org/cli/2017/05/31/command-dependencies-revisited/. For plugins, this could be solved by adding a simple plugin slug to the plugin header. I'll introduce a separate ticket to that regard. I will upload a patch that adds the above-mentioned action, together with `pre_plugin_loaded` and `post_plugin_loaded` actions that give further control to plugins. In case anyone wonders whether that might open the door to abuse and have plugins block loading of other plugins: that is already easily possible right now. A plugin can just remove whatever plugins it dislikes from the list of active plugins on activation hook." schlessera 2 43884 new is_front() function General normal normal Awaiting Review enhancement new 2018-04-27T20:24:39Z 2018-04-29T22:15:31Z "When we need to check if we doing something in front-end, we do it like this: {{{ if( ! is_admin() ){} }}} But this not convenient and not so clear because of `!`. And maybe not full, because we don't check other admin functions like: is_blog_admin(), is_network_admin(), is_user_admin(). We have so many functions in WordPress, but haven't this simple but useful function, why? Maybe its a good idea to add **is_front()** function in **/wp-includes/load.php** file? {{{ function is_front(){ return ! is_admin(); } }}} " Tkama 2 43885 WP_Role and WP_Roles::get_role() missing Display Name dev-feedback Role/Capability normal normal Awaiting Review enhancement new 2018-04-27T21:19:41Z 2019-03-15T10:02:05Z "Hello, While working with roles I found it odd that you can add a Display Name for a role but the WP_Role class and the WP_Roles function get_role don't provide this information. Please add $display_name as a public attribute of WP_Role so it's available on that object and would be returned in the get_role function. Thank you P.S. Currently to access this information you have to use the WP_Roles as follows; {{{#!php <?php $wp_roles->roles[$role]['name']; }}} " garrett-eclipse 1 43893 The maybe_create_table() function has two definitions dev-feedback Database low normal Awaiting Review defect (bug) new 2018-04-28T14:22:56Z 2020-09-01T16:05:56Z "The `maybe_create_table()` function has two definitions: 1. https://github.com/WordPress/wordpress-develop/blob/c71a898f784d8435c07bcf9ec9e30560dd3abe19/src/wp-admin/includes/upgrade.php#L2187-L2219 2. https://github.com/WordPress/wordpress-develop/blob/c71a898f784d8435c07bcf9ec9e30560dd3abe19/src/wp-admin/install-helper.php#L40-L70 The latter is contained within a `function_exists()` check, but this still means the function's behaviour can differ depending on which definition happens to load. The function is not used at all in WordPress core. It (they?) should probably be deprecated." johnbillion 5 43896 Several flex and grid CSS properties listed as Unknown property in Customizer has-patch Customize 4.9 normal normal Future Release defect (bug) new 2018-04-29T01:11:57Z 2021-05-30T17:53:57Z "When I use the CSS editor in the Customizer it suggests element properties as I start typing them. One of the properties that it suggests is the justify-items property. When I save the settings in the Customizer I get a notice of ""Unknown property 'justify-items'."" I've checked some of the other flexbox and grid properties, and there are several others that this is the case for, namely: - justify-items - grid-gap - grid-column-gap - grid-row-gap - place-self The properties still work in supported browsers, they just display an error in the Customizer. Some valid values for properties that are recognized also give errors, such as the values of start and end for several grid properties." davidjlaietta 4 43899 Move the view mode switcher into screen options for multisite users and sites Networks and Sites 4.4 normal normal Awaiting Review defect (bug) new 2018-04-29T15:37:00Z 2018-04-29T22:05:59Z "In the Posts screen, WordPress used to have two links to ""switch mode"" from the normal list view to the ""excerpt"" view. In WordPress 4.4 these links were moved to the Screen Options panel, see [35357]. However, on multisite the ""Sites"" and ""Users"" screens still show the switch mode links at the top right of the main table. For consistency, and for the design / UI reasons explained in #22222, they should be moved to the Screen Options as well. " afercia 3 43900 Add hint about blocked Javascript as possible error reason in script-loader.php Script Loader normal normal Awaiting Review defect (bug) new 2018-04-29T18:52:58Z 2018-05-02T09:41:14Z "When trying to do various things with a new site, I got the same error message over and over: {{{Connection lost or the server is busy. Please try again later.}}} I even reinstalled, but the error didn't go away. When I revisited the issue next day, finally realized what silly mistake i had made. In order to help other people with same issue, we only need to change the string above in /wp-includes/script-loader.php (around row 840) into: {{{Connection lost, the server is busy, or you may have blocked JavaScript. Please try again later.}}} " tobifjellner 8 43910 Add actions and filters so plugins can easily extend export/erasure functionality dev-feedback Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-04-30T22:24:35Z 2018-08-13T21:47:01Z "Splitting this from #43481 . We're waiting for some feedback first to add more thoughts into this, but it needs it's own ticket at the moment." xkon 19 43916 Auto update translations when the respective plugin/theme is updated dev-feedback Upgrade/Install normal normal Awaiting Review feature request new 2018-05-01T13:41:41Z 2019-01-06T02:23:13Z "I find updating translations a bit of a pain because they only seem to appear (rightly so though) once you've updated a plugin or a theme. It'd be great if translations could be automatically updated after the respective plugin or theme has been updated removing the need to check if there are any translations waiting. Most often I find myself updating a plugin and then committing the update into version control and it's not until the commit has gone through that I reload the page to see that I now have new translation strings waiting. They really should be bundled with the main update of the plugin/theme." danieltj 1 43923 Add a step to the Data Removal/Erasure UX for deleting a user account has-patch Privacy normal normal Future Release enhancement new 2018-05-01T23:19:09Z 2020-07-06T20:18:14Z "In the ERASURE.md file over on #43602, it is mentioned that processing an erasure request does not actually remove the user's account, as that should be a separate step. However, this isn't mentioned anywhere in the UX, and may not match the expectations of some admins who are trying to fulfill a request to completely remove a user. Perhaps the request could include a row action that initiates the process of deleting a user account? Or at least a blurb at the top explaining that account deletion is a separate step over on the Users table." coreymckrill 21 43930 Inaccurate width and height returned when using wp_get_attachment_image_src on the backend. Media 4.9.5 normal normal Awaiting Review defect (bug) new 2018-05-02T14:56:44Z 2018-05-08T18:30:23Z "I'm using wp_get_attachment_image_src on the backend to do image validation for a custom image selector meta box. When the image is large enough for the requested image size the source of the original image is returned but the dimensions are smaller. This is my call: {{{#!php <?php wp_get_attachment_image_src($thumbnail_id, 'custom-image-size'); }}} and return: {{{ array(4) { [0]=> string(70) ""http://localhost:8888/wp-content/uploads/2018/05/image.jpg"" [1]=> int(400) [2]=> int(400) [3]=> bool(false) } }}} The actual image dimensions are 1200x1200. The image_constrain_size_for_editor call in the image_downsize function seems to be where the problem lies. I can comment out that line and it works as expected." jwoolsch 2 43933 Make the Privacy Policy page intro text shorter and more friendly has-patch Privacy normal normal Future Release enhancement reopened 2018-05-02T17:47:48Z 2020-09-05T19:13:50Z "#43435 introduced the `Privacy Policy page` screen, which includes some intro text, intended to educate the user about their potential legal obligations, and some best practices for implementing and maintaining a privacy policy. In the rush for the 4.9.6 string freeze, there wasn't enough time to fully discuss and iterate on the text, so I think it may be beneficial to continue the conversation. Most recent discussion: https://wordpress.slack.com/archives/C9695RJBW/p1525273783000517 https://wordpress.slack.com/archives/C9695RJBW/p1525274779000367 " iandunn 28 43936 Settings: Warn when open registration and new user default is privileged audrasjb* has-patch Security normal normal 6.6 feature request accepted 2018-05-02T18:21:52Z 2024-03-13T07:36:41Z "Much like our Strong Passwords work, we can help inform site administrators when their actions may be sub-optimal. WordPress allows a site owner to open registration AND set the default new user level to ""Administrator"". While this combination may make sense for some sites (on an intranet?), this is typically a really really bad idea. We should provide some type of confirmation to ensure site administrators are intending to open their site up. If registration is open and default level is Subscriber (`read` cap only), the current behavior is fine. If registration is open and other capabilities are included in the default role, we should have some type of checkbox or ""are you sure"" notice. ""By allowing open registration and a default role of {role}, anyone who can visit the site would have the ability to {have full control of your site|publish content|etc}."" We saw this in the wild on a site in support today :)." kraftbj 45 43938 Make it clear to administrators that not all plugins support privacy policy content, personal data export and erasure xkon Privacy 4.9.6 normal normal Future Release enhancement assigned 2018-05-02T19:16:18Z 2020-06-23T00:09:22Z "It is likely that there will be many plugins that will not implement the new privacy policy content hooks nor the personal data export and erasure hooks for some time (if ever). It would be unfortunate for administrators to overlook privacy policy impacts from such plugins, or to assume that personal data export and erasure included personal data collected by such plugins. As part of privacy policy content UX, as well as export and erasure UX, we should come up with a way to prompt administrators to take this into consideration." allendav 24 43946 Inconsistent encoding of comment_content reporter-feedback Comments 4.9.5 normal normal Awaiting Review defect (bug) new 2018-05-03T10:50:13Z 2018-05-04T12:39:24Z "The contents of the comments.comment_content field in the WordPress database are stored inconsistently depending on whether the user creating the comment was logged in or not. {{{ > select comment_ID, comment_content, comment_type from wp_comments where comment_ID > 7; +------------+-----------------------------------------------------+--------------+ | comment_ID | comment_content | comment_type | +------------+-----------------------------------------------------+--------------+ | 8 | This is a good & strong comment (comment, anon) | | | 9 | This is a good & strong comment (comment, auth) | | +------------+-----------------------------------------------------+--------------+ }}} In the example above, comment 8 was left by an anonymous user, and comment 9 was left by an authenticated user. Notice how the comment_content field has been HTML-escaped for ID 8, but not for ID 9. === Steps to reproduce: * Install a fresh copy of WordPress * As the site administrator, navigate to the default ""hello-world"" post * Leave a comment including characters that should be escaped when output to HTML, e.g. & * Log out * Navigate to the default ""hello-world"" post * Leave a comment including characters that should be escaped when output to HTML, e.g. & Compare the contents of the two comments in the wp_comments table. " leewillis77 6 43949 Need filter in get_metadata reporter-feedback Plugins normal normal Awaiting Review enhancement new 2018-05-03T13:19:13Z 2018-05-23T13:55:22Z "When accessing get_post_meta('ID_HERE') Need to filter the output array. Existing get_{$meta_type}_metadata filter works before fetching data. The filter required before returning or Processing value of $meta_cache" fitehal 4 43957 check_password_reset_key could use get_user_by instead of direct query Login and Registration 4.9.5 normal normal Awaiting Review enhancement new 2018-05-04T09:58:07Z 2018-05-04T12:14:13Z "Hi Just noticed, that {{{check_password_reset_key}}} is one of only a few functions making a direct query to the users table. Wouldn't it be more consistent to use the {{{get_user_by}}} function here. I came across this because I am replacing the {{{get_user_by}}} function with my own. Not being able to hook into the user retrieval in {{{check_password_reset_key}}} forces me to take a rather hackish approach by using the 'query' filter. I cannot see any advantages of making a direct query aside from bypassing the object cache. Maybe there is a security concern that I am not aware of? " thomaslhotta 1 43962 Ziggeo oEmbed Whitelisting reporter-feedback Embeds normal normal Awaiting Review enhancement new 2018-05-04T15:30:02Z 2023-05-30T09:29:32Z "Disclaimer: Not sure this is the right place, but we were forwarded from Developer Support <developers@wordpress.com> to post this here. As per: https://make.wordpress.org/core/handbook/contribute/design-decisions/#whitelisting-oembed-providers We would like to apply to be considered from oEmbed whitelisting on Wikipedia. As per the different criteria you list there: - be well-established, popular, and mainstream services We have been around since 2012 and won a variety of awards for being the best API for video recording and playback. - properly and fully implement the oEmbed specification, We do and are being recognized as oEmbed provider by Tumblr, Embedly, Facebook, LinkedIn and Twitter. - Is the service is popular enough for core developers to have heard of it before? Is it “mainstream?” We have participated as sponsors in all major hackathons (including TC Disrupt) and have established our own yearly hackathon videohackday.com for the past four years now; we are the go to place for engineers and companies alike for all video recording and playback needs. - Does this service have a large following on Twitter, Facebook, or other social media? Is its Twitter account verified? We have around 4.5k followers on Twitter, much more than most other SaaS companies. The account is not verified because Twitter vertification has been stopped. - Is its oEmbed endpoint clearly established and properly documented? (Sometimes, they are just a developer’s pet project that may not be supported.) Yes. See https://ziggeo.com/docs - Does the oEmbed endpoint work with WordPress’ oEmbed auto-discovery? If not, could it be made to work with additional HTML tags or attributes being whitelisted? It should work with auto-discovery. - Does the service make an effort to build relationships with developers, such as through robust APIs? Our main business is an API. - How old is the service? 6 years - Does it have a well-established Wikipedia article? (Seriously.) Yes. - Has anyone written a WordPress plugin that leverages the service in some way, whether adding it as an oEmbed provider, creating a shortcode, or leveraging other APIs of the service? Do these plugins have any noticeable adoption or traction that would indicate usage and demand? Yes. Ziggeo has an official plugin on WP. Thank you for your consideration." oliverfriedmann 3 43963 Add admin body class for multisite blog ID and network admin context dev-feedback Administration normal minor Awaiting Review enhancement new 2018-05-04T16:58:17Z 2018-06-26T17:05:06Z "In multisite, it'd be great to have an admin body class to safely scope CSS to specific blogs (i.e. `blog-2` or `network-admin`) available by default. I often filter `admin_body_class` to add these. One situation where I often use this is conditional override of the text Site Title in the Admin Bar with a logo -- but only if the logo exists. PHP can certainly be used to check context before printing conditional CSS, but the body class adds a safe, client-side scope and clear approach for avoiding in-admin style collisions. Example: {{{ if ( ! empty( $logo ) ) { ?> body.blog-<?php echo esc_attr( $site_id ); ?> li#wp-admin-bar-site-name > a.ab-item:first-of-type, body.blog-<?php echo esc_attr( $site_id ); ?> #wpadminbar .ab-top-menu > li#wp-admin-bar-site-name.menupop:hover > .ab-item:first-of-type, body.blog-<?php echo esc_attr( $site_id ); ?> #wpadminbar .ab-top-menu > li#wp-admin-bar-site-name.menupop.hover > .ab-item:first-of-type { font-size: 0; // safely hide default text background-image: url(""<?php echo esc_url( $logo ); ?>""); background-size: <?php echo esc_html( $logo_width ); ?>; background-position: center; background-repeat: no-repeat; min-width: 120px; } <?php } }}} " dryanpress 2 43978 Avoid flickering on the Tools / Export page birgire has-patch Export normal normal Future Release defect (bug) assigned 2018-05-05T20:15:13Z 2020-02-20T16:03:49Z "The export filters are hidden by default on the Tools / Export page. But it's only hidden with Javascript in {{{wp-admin/export.php}}}: {{{ jQuery(document).ready(function($){ var form = $('#export-filters'), filters = form.find('.export-filters'); filters.hide(); }}} The filters can therefore be visible for a short time, before they are hidden. Here the {{{filters.hide()}}} will add a {{{display:none;}}} inline styling to the corresponding filters. We can avoid this flickering with CSS, something like: {{{ #export-filters .export-filters { display: none; } }}} " birgire 5 43989 "Allow plugin searches to be filtered by ""Requires PHP"" version information" needs-unit-tests Site Health normal normal Future Release task (blessed) new 2018-05-07T14:24:41Z 2019-06-24T16:10:01Z "**Note: This ticket is a subtask for the overarching #40934 ticket.** If plugins now start making use of the ""Requires PHP"" version information in their plugin header, we should make sure that plugin searches can be filtered by their required PHP version. This might include changes to the indexing infrastructure (indexing that information and allowing indexed queries against it) as well as changes to the UI (giving users the possibility to either use search flags in text form or faceted search mechanisms to communicate such a query." schlessera 5 43990 Use wp_delete_file instead of unlink has-patch Filesystem API low normal Future Release enhancement assigned 2018-05-07T14:35:43Z 2018-05-14T19:44:35Z Use `wp_delete` instead of `unlink` as much as possible throughout the codebase. macbookandrew 5 43993 Provide indication to admin when user downloads privacy export Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-05-07T16:17:24Z 2019-01-16T08:49:53Z "Hello, This was discussed on Slack here; https://wordpress.slack.com/archives/C02RQBWTW/p1525518891000051 Basically along with the tickets which handled updating status to completed it would be nice to indicate when a user actually downloaded the export package. This would allow the admin to assess if they should resend the email. " garrett-eclipse 1 43995 wp_dropdown_categories(array( 'pad_counts' => true ) ) doesn't correctly pad counts on post_types with custom stati Taxonomy normal normal Awaiting Review defect (bug) new 2018-05-07T17:53:33Z 2019-01-17T00:57:01Z "Suppose I have the following situation: * a custom post type (e.g., `member`) * post type `member` has custom post stati (e.g., `subscribed` and `unsubscribed`) * **ALL** posts of post type `member` have one of these custom stati (i.e., **NONE** have post_status `publish`). * a hierarchical taxonomy (e.g., `membership-status`) is registered on post type `member` * taxonomy `membership-status` looks like the following: * Membership * Current * Expired and that the term `Current` has been assigned to 10 posts, `Expired` has been assigned to 5 posts and that `Membership` has been assigned to **0** posts. If I then call {{{ #!php $args = array( 'taxonomy' => 'membership-status', 'show_counts' => true, 'pad_counts' => true, ... ); wp_dropdown_categories( $args ); }}} I expect to get a dropdown that looks like: * Membership (15) * Current (10) * Expired (5) Instead, I get the following: * Membership (0) * Current (10) * Expired (5) which is, obviously, not correctly padding the count for `Membership`. Related: #11847, #13176" pbiron 5 44000 Add notification bubble to Tools menu for data export/erase requests has-patch Privacy normal normal Future Release enhancement new 2018-05-08T00:15:10Z 2020-02-10T17:44:50Z "Currently, when a user has confirmed their GDPR export or erase request the site admin does not receive a notification or any visual indication that the request has been confirmed. Outside of visiting the Export/Erase pages they will have no way of knowing whether or not the request has been confirmed. I'm suggesting a notification bubble (similar to when there are comments or plugin updates available) that will indicate the total number of export and erase requests that have been confirmed." scott.deluzio 16 44001 oEmbed two click / local emoji scripts Privacy 4.9.6 normal major Awaiting Review enhancement new 2018-05-08T06:10:40Z 2019-12-12T20:26:56Z "Hi, the first beta release 4.9.6 has a few optimziations due to the GDPR, but I think, WordPress is missing two very relevant features. With the latest beta release, WordPress would not be legal for use within the EU - except you´re using WordPress as private notepad! 1) oEmbed two click solution: similar to the shariff plugin, all embedded items via the core WordPress oEmbed function need a two click privacy. Only when the user first clicks on the embedded item, the scripts should be active and the user can view / listen to the embedded item. 2) The emoji script is loaded from Automaticc. There is no possibility to disable this behaviour or the best would be: load all scripts locally. This is one of the relevant of GDPR: you cannot tell your users or lawyers, why it is relevant for using your site, when specific scripts like emoji are loaded from a CDN. There is no need for a CDN. It would be great, if you could still imagine to implement those both things, because they are rather important than a general privacy policy page, which the most users of WordPress had already created as a single page. And I think not all related core features needs an extra plugin, when it´s time to develop the core further. WordPress should go ahead and implement more features to the core than letting even more plugins used for a proper website. Thanks and regards," yoursql719 12 44010 Add general filters for registering various privacy policy information (cookies) from plugins Privacy normal normal Awaiting Review defect (bug) new 2018-05-08T19:04:24Z 2019-07-22T16:35:53Z "I didn't see it mentioned but during testing of integrating a real plugin, I found that it seems extremely complicated and out of order without some explicit filters for listing things like cookies. To be clear when a plugin adds additional suggested text it appears below the core text in a completely separate box. This is so detached it means if you have 10+ plugins this is gonna be an all-day process for any user to go through generating a policy for their needs. If I just append our plugin suggested text to the end and it has cookies, they will be separate from the other ""Cookies"" sections further up. I think the smarter approache is to implement something to the effect that we could register our cookies, analytics etc, just like the exporters. {{{#!php <?php add_filter( 'wp_privacy_policy_cookies_list', function ( $cookies = array() { $cookies['cookie_name'] = [ 'label' => __( 'Cookie Label' ), 'reason' => __( 'Used for reason x, y & z' ), ]; return $cookies; }); }}} Then it could automatically be output via a shortcode or block or whatever to a table of | Cookie Name | Cookie Label - Cookie Description | | wp_cookie_test | WP Test Cookie - Used to determine if cookies are available for use. | The same would apply to several other sections. I think outputting those into a simple 2 column table would be easy to work with, clean output and easy enough for plugins & themes to integrate with. You could do similar and register user meta info collected, or even specific analytics plugins could output label and info on how they use the data directly under the Analytics heading. Monster Insights, for instance, might add Google Analytics: Tracks visitor engagement with the site anonymously for use in marketing & improvement." danieliser 3 44017 Add filter to display edit post link without 'edit_post' capability reporter-feedback Posts, Post Types normal major Awaiting Review enhancement new 2018-05-09T04:40:20Z 2018-06-05T04:12:20Z "WordPress has come a long way from just being a Blogging CMS. Now we can allow our end users to Post using different plugin without bringing the users in WP Admin. So, basically users don't need the 'edit_post' capability to be just able to create and edit posts using plugins. Hence, this filter is needed so that plugins can allow any user to view the built in edit post link on front-end if needed." rafsuntaskin 3 44019 Class-wp-widget-categories.php causes js error in console. has-patch Widgets 2.8 normal normal Future Release defect (bug) new 2018-05-09T11:36:10Z 2018-05-11T18:04:02Z "The implementation of onCatChange() javascript function in class-wp-widget-categories.php causes problems in themes which use wrappers to style select boxes (drop down menus). HTML dropdowns are very limited in terms of styling possibilities. It is quite common practice for the front-end designers to use javascript to add a custom wrapper around the select boxes for further styling. For the sake of clarity, to create a style like this ([[Image(https://orionthemes.com/img/select-box.png)]]), one absolutely needs a custom wrapper. In this case select box changes html structure: {{{ <select name=""cat"" id=""cat"" class=""postform""> ... </select> }}} becomes {{{ <div class=""selectwrapper""> <select name=""cat"" id=""cat"" class=""postform""> ... </select> </div> }}} If you do this in WordPress categories widget, an error is returned in console: {{{ (index):830 Uncaught TypeError: dropdown.parentNode.submit is not a function at HTMLSelectElement.onCatChange ((index):830) }}} Interestingly, if you do the same thing with the archive widget, everything works as it should. To test this, you can add this jQuery to functions.js file in the theme: {{{ $('.widget_categories select, .widget_archive select').wrap('<div class=""selectwrapper""></div>'); }}} " arhit 2 44021 Dashboard menu disappears in Chrome beta reporter-feedback General normal normal Awaiting Review defect (bug) new 2018-05-09T14:51:22Z 2019-05-22T21:03:11Z When using Chrome 67, scrolling down the page on any dashboard page, makes the links to the left invisible (still clickable). Yet another Chrome bug, and it's reported here, but if they fail to fix it could be an easy CSS fix. https://bugs.chromium.org/p/chromium/issues/detail?id=840521 programmin 1 44027 """Enable full-height editor"" setting only saved on page refresh" Users normal minor Awaiting Review defect (bug) new 2018-05-09T18:49:19Z 2019-01-17T00:56:38Z "Testing the ""Enable full-height editor and distraction-free functionality."" setting on my personal site as well as a customer's site: * logged in: setting is enabled (Add New Post, Screen Options) * disable and logout immediately (without changing anything or refreshing page) * logged back in: still enabled * disable, refresh page and then logout * logged back in: now disabled * enable and logout immediately * logged back in: still disabled * enable, refreshed page and logged out * logged back in: now enabled I also verified this using `wp user meta get 1 rug3dk50q_user-settings` while performing the same actions. Watching the Chrome network tab, it appears that clicking the checkbox for this setting is not triggering an admin-ajax call to update this user setting, whereas the Boxes and Layout screen options do trigger the call. It does appear to correctly update the `wp-settings-1` cookie correctly when the setting is toggled. " GunGeekATX 44032 Use random_bytes() for generating keys and salts has-patch Upgrade/Install normal trivial Awaiting Review enhancement new 2018-05-09T23:21:52Z 2018-05-12T09:06:46Z "While auditing WordPress for remote queries the servers make, I noticed the generation of salts in wp-admin.php is wasteful with an unnecessary loop inside a loop. If the system php supports random_int it also supports random_bytes. Attached patch generates 64 byte (512 bit) salts without needed the 64 round loop inside the 8 round loop loop." alicewondermiscreations 1 44034 Privacy: Introduce a function to count user requests by type garrett-eclipse needs-unit-tests Privacy normal normal Future Release enhancement assigned 2018-05-10T11:13:55Z 2020-10-12T21:39:38Z "The user request list tables use {{{WP_Privacy_Requests_Table::get_request_counts( $type )}}} to count user requests by type. If export- and erase bubble counts will be added in #44000 and if e.g. plugins or core will add request stats to the dashboard ( e.g. ""At a glance"" or ""Activity"" metaboxes), then it makes sense to introduce a function like: {{{ wp_count_user_requests( $type ) }}} where type is either {{{'remove_personal_data'}}} and {{{'export_personal_data'}}}. An alternative would be if {{{wp_count_post( $post_type = 'user_request' )}}} would support {{{$post_name}}} as well, for the request types. " birgire 4 44036 Checkboxes appearing strangely in FireFox responsive view reporter-feedback Administration normal normal Awaiting Review defect (bug) new 2018-05-10T11:52:31Z 2020-04-15T04:31:10Z "When I switch to mobile view in FireFox, the checkboxes are appearing strangely! Please see screenshot. WordPress version: 5.0-alpha-43205 FireFox version: 59.0.2 (64-bit) OS: Ubuntu 14.04 Steps to reproduce: 1. Go to /wp-admin/edit.php?post_type=page 2. Press Shift+Ctrl+M to bring up smaller view" subrataemfluence 5 44039 attachment rewrite rule redirects to posts instead of showing 404 Rewrite Rules normal minor Awaiting Review defect (bug) new 2018-05-10T17:04:23Z 2018-05-10T19:33:26Z "Instead of showing 404 for an invalid attachment slug, you will be redirected to a valid post slug. The blog is set to permalink structure `%postname%` The attachment rule for this is `[^/]+/([^/]+)/?$` And the rewrite is `index.php?attachment=$matches[1]` Tested on a clean WordPress-installation running twentyseventeen if you visit /hello-world/sample-page/ you will be redirected to /sample-page. Is this really how it should be? " swedish boy 2 44042 Hook for ‘delete_option’ behaviour required dev-feedback Options, Meta APIs 1.2 normal normal Future Release enhancement new 2018-05-11T07:45:45Z 2022-06-02T13:51:37Z "Hi, I posted this about one month ago in the wordpress support forum: [https://wordpress.org/support/topic/hook-for-delete_option-behaviour-required/] I did not receive any answers there but referred to this forum, so I post it here again:\\ Hi, I would need to prevent and change the deletion of certain options by the WP core function ‘delete_option’. There is a hook {{{ do_action( 'delete_option', $option ); }}} available here: [https://core.trac.wordpress.org/browser/tags/4.9.4/src/wp-includes/option.php#L532]\\ But this does neither provide a way to exit the delete_option function before the option is deleted nor to change the option name to be deleted. In fact this existing hook seems to be pretty useless. Therefore I would need a filter in the first line of the delete_option core function like {{{ $option = apply_filters( 'delete_option_name', $option ); }}} . Or change the line 535 from {{{ $option = trim( $option ); }}} to {{{ $option = trim( apply_filters( 'delete_option_name', $option )); }}} Any chances to get this into core immediately?\\ Thx, Robert " RobertoDonPedro 6 44043 Framework for logging/retrieving a users consent state dev-feedback Privacy normal normal Future Release enhancement new 2018-05-11T09:33:28Z 2020-11-26T09:21:03Z When a users visits a website for the first time, the user should be able to opt in or out from cookies. There are a couple of WP plugins that provide such functionality. The most common cookie categories are; necessary, preference, statistics, marketing. Other plugins should be able to retrieve the users consent state through WP Core, which allows them to avoid putting unwanted cookies in the users browser, without having to explicitly support certain cookie consent plugins. cookiebot 44 44058 Include security sniffs in PHPCS ruleset Security normal normal Future Release enhancement new 2018-05-12T16:14:39Z 2018-05-16T18:31:10Z "Currently, our custom ruleset includes the sniffs for prepared queries, but not for XSS or CSRF. I couldn't find any previous discussions about why they're not included. The only thing I can think of is that there might be too many false positives? In my experience, the XSS sniff works well. The CSRF one sometimes generates false positives, but I think it'd be better to include it, and then refine our code and/or the sniff to address those, than it would be to not use it at all, and take the risk of a vulnerability slipping through. " iandunn 3 44067 Refactor get_avatar and related functions to make Gravatar a Hook instead of a Default Privacy normal normal Awaiting Review enhancement new 2018-05-14T03:24:43Z 2019-02-13T19:51:55Z "The design of get_avatar and related functions is a problem for a variety of reasons. It creates a dependency on gravatar even when a gravatar isn't being used. However, gravatar is such a long-standing part of WordPress it would hurt more to remove it. So, the logical solution is a refactoring. We've added filters are various levels. Gravatar should be hooked onto these filters, and if someone removes the hook, everything will return an anonymous image hosted in Core, that can be overridden by a plugin. Identicon, wavatar, and monsterIDs were originally plugins for WordPress that were absorbed by Gravatar(https://blog.gravatar.com/2008/04/22/identicons-monsterids-and-wavatars-oh-my/). They generate anonymous icons from the provided email or hash. Mystery person can be stored locally, and maybe we can add a few options for this. It would not change any functionality. It might pave the way for local avatars, waiting in #16020 for seven years. Gravatars are implemented are problematic from a privacy standpoint, which has come out locally as a priority issue. As noted in an 8 year old ticket, #14682, it does share your information with gravatar. 5 Years Ago, in #23179, it waas suggested that gravatars should only be used for registered users. So, we have people saying that this should be addressed. Local avatars continues to be a request, but this isn't that. While I set out a bigger agenda here to host the default icons, the scope of this ticket would be that if you remove the gravatar hunting hook from WordPress, it would just return false, as the signature of the function already has as an option. " dshanske 3 44070 Avoid flickering of admin notices General normal normal Awaiting Review defect (bug) new 2018-05-14T10:16:22Z 2018-05-14T12:50:11Z "Here's an example: - Save settings on the ''General Settings'' page ({{{wp-admin/options-general.php}}}) - Then the ""Saved settings"" admin notice displays first above the page header. - Then it moves below it, causing flickering. The admin notices are moved with Javascript in {{{wp-admin/js/common.js}}} {{{ /* * The `.below-h2` class is here just for backward compatibility with plugins * that are (incorrectly) using it. Do not use. Use `.inline` instead. See #34570. * If '.wp-header-end' is found, append the notices after it otherwise * after the first h1 or h2 heading found within the main content. */ if ( ! $headerEnd.length ) { $headerEnd = $( '.wrap h1, .wrap h2' ).first(); } $( 'div.updated, div.error, div.notice' ).not( '.inline, .below-h2' ).insertAfter( $headerEnd ); }}} See ticket #35047 and changeset [36134]. Also ticket #34570 and changeset [35516]. The same happens for notices on the other admin ''Settings'' screens, like: - {{{wp-admin/options-writing.php}}} - {{{wp-admin/options-reading.php}}} - {{{wp-admin/options-discussion.php}}} - {{{wp-admin/options-permalink.php}}} - {{{wp-admin/profile.php}}} - {{{wp-admin/user-edit.php?user_id=123}}} - ... etc ... We should avoid this flickering, e.g. hide it with CSS and display it with Javascript? I guess we should also consider the case if Javascript is turned off? Related #43978 [https://core.trac.wordpress.org/ticket/43978 Avoid flickering on the Tools / Export page] " birgire 4 44072 Plugin repository search error - cannot find plugin with Author's name close Plugins normal normal Awaiting Review defect (bug) new 2018-05-14T13:02:45Z 2023-10-20T00:33:06Z "If I search with Author option selected in plugin repository (/wp-admin/plugin-install.php), no plugin is found unless the author name is present in the Plugin name or may be somewhere in the description. Example: I searched with `Takayuki Miyoshi` as a Keyword and got a handful of result, but when I selected Author, it returned no result." subrataemfluence 5 44073 Add functionality to search plugin with double quoted keyword Plugins normal normal Awaiting Review feature request new 2018-05-14T14:22:42Z 2018-05-23T14:24:28Z "Is this possible to add a feature where plugins could be searched on `Add New Plugin` page either with: - More than one keyword wrapped inside double quotes. Example: ""my plugin"" OR - Add a filter like **Match Whole Phrase** (in existing filter dropdown) In either case, it would be much easier to locate the desired plugin as the result will become more filtered and less items would appear on screen. This can avoid scrolling through ""relevant results""." subrataemfluence 3 44074 oEmbed with many <pre> tags do not work Embeds normal minor Awaiting Review defect (bug) new 2018-05-14T14:31:21Z 2019-01-17T00:56:14Z "If an oEmbed has more than ten {{{<pre>}}} tags {{{WP_oEmbed::_strip_newlines}}} (called by {{{oembed_dataparse}}}} filter) returns a wrong result for it. All {{{<pre>}}} tags get temporarily replaced by a token, the newline stripping gets done and then the tokens {{{<pre>}}} get replaced back to their HTML. The tokens unfortunately are just {{{__PRE__}}} plus a counter (e.g. {{{__PRE__0}}}, {{{__PRE__1}}}) Thus if there are more than ten {{{<pre>}}} tags there will be tokens like {{{__PRE__10}}}. These obviously clash with previous tokens. Granted, this is ''quite'' uncommon but nonetheless it should be fixed in my opinion." jagszent 44077 Image editor not working after WP update 4.9.5 this week reporter-feedback Post Thumbnails 4.9.5 normal major Awaiting Review defect (bug) new 2018-05-14T17:36:37Z 2018-06-25T11:02:16Z "Hi: I used to upload images to my wordpress site, then resize them to fit my columns of info. After this week's update: 1. I am unable to select & copy images; it must be done at the text level. 2. If you left click on an image, you automatically jump to the bottom of the open page. 3. If you try to use the image delete (""X"") or edit (pencil image), nothing happens. I am using regular google browser, I see that some other users have inquired about this exact problem recently, but it appears unresolved. Is there a way to make it function like before? Thanks & we appreciate all you do. Paul Chandler www.pickguardplanet.com " adrianchandler 2 44078 Add an email pseudonymization function that preserves first letter and TLD Privacy normal normal Future Release enhancement new 2018-05-14T18:16:11Z 2019-09-20T03:35:24Z "In addition to the existing behavior of wp_privacy_anonymize_data( 'email', $email_address) which returns deleted@site.invalid, it would be useful, e.g. for debug logging to have another type that would return pseudonymized email addresses that retain a little bit of the original address, e.g. {{{#!php my-mailbox@mailprovider.com.ca }}} could become something like {{{#!php m*********@****************.ca }}} Where the number of * corresponds to the letters removed, and only the first letter of the email address and the TLD are retained. See also https://iapp.org/news/a/top-10-operational-impacts-of-the-gdpr-part-8-pseudonymization/" allendav 4 44082 settings_errors() wraps all notices in p and strong tags has-patch General normal normal Awaiting Review defect (bug) new 2018-05-14T19:06:59Z 2020-11-30T06:51:26Z "I noticed today that `settings_errors()` wraps every notice in a set of `<p>` and `<strong>` tags. This is undesirable for a few reasons: * Notices should be allowed to use their own formatting (they already are everywhere) * Many/most core notices that do not use `settings_errors()` are not strong, or use `strong` for emphasizing specific parts of a notice As a result, almost every plugin is forced to reinvent their own approach for putting out admin notices. Core even does this in a bespoke way in almost every other admin page, resulting in a bunch of duplication and fragmentation of approaches. (A quick grep of `.php` files in `wp-admin` with `is-dismissible` in them shows 75.) ---- A few ideas: * We could use `wpautop()` to wrap each notice to avoid duplicate `<p>` tags * We could use KSES to only allow certain tags in a notice (not certain this is necessary) * We could invent a new function for formatting admin area notices in places other than settings (which most plugins do already, so something they can use is preferable) I can also imagine this issue being a smaller part of a larger `admin_notices` initiative, but figured I'd at least document this kvetch." johnjamesjacoby 1 44083 Add action to wp_mkdir_p() when directory is created successfully SergeyBiryukov has-patch Filesystem API 2.0.1 normal normal Future Release enhancement reviewing 2018-05-15T00:11:46Z 2024-02-12T22:26:12Z "It would be nice if the `wp_mkdir_p()` function contained a hook for plugins to interact with when a directory gets created. The use-case I have currently is that Easy Digital Downloads (for example) creates `.htaccess` files and empty `index.php` files in its own `uploads/edd` directory, and each directory inside it, as one way of protecting those empty directories from being publicly browsable. Because there is no action hook here, EDD uses a daily transient, which leaves new directories potentially open until the transient expires. An action hook on directory creation would allow for EDD to create those files immediately." johnjamesjacoby 24 44084 Privacy: The personal data export file should be generated in the user's locale garrett-eclipse needs-unit-tests Privacy 4.9.6 normal normal Future Release defect (bug) assigned 2018-05-15T00:26:10Z 2020-10-08T07:01:36Z Similar to #43985, the HTML file containing the personal data export should be translated into the locale the user has selected for their profile, with a fallback to the site's locale. coreymckrill 26 44090 Reword plugin compatibility text to something more meaningful SergeyBiryukov has-patch Plugins normal minor Future Release enhancement reviewing 2018-05-15T13:52:46Z 2020-10-20T02:10:48Z "Currently, when looking at the plugins update table on the `/wp-admin/update-core.php` page, it says whether the plugin is compatible with the version of WordPress you are running and the latest version (or just the latest if you're on it). It states that it's 100% compatible. This seems to be left over from the old days when people could rate if a plugin worked on a certain version, but this doesn't apply anymore as it either does work, or it doesn't. You can't quantify it with a percentage because it's just not possible. It either works or doesn't. I'd suggest the wording here is updated to reflect the current state of plugin compatibility by replacing the percentage with either a yes or no value. It's my understanding that based on the meta data in the plugin readme, it'll either be 0% or 100%, so that's either a 0 (no) or 1 (yes). I've attached a screenshot of what I mean." danieltj 6 44094 Hook for WP_User data hydration to enable strong data security SergeyBiryukov dev-feedback Users normal normal Awaiting Review enhancement reviewing 2018-05-15T17:54:31Z 2019-08-27T18:30:21Z "Hi there! I'm one of the founders of Crypteron, a data-security platform for developers. I'm also active in the WordPress community, an organizer of the [San Diego Advanced WordPress Meetup](https://www.meetup.com/Advanced-WordPress), an admin of the [Advanced WordPress Facebook Group](https://www.facebook.com/groups/advancedwp) (with over 30,000 members) and a past speaker and organizer at WordCamp San Diego. For the past 8 months I've been working on a free plugin called **EncryptWP** that brings military-grade data-security to WordPress. It automatically encrypts and decrypts sensitive user data such as names, email addresses and physical addresses and even supports secure, searchable encryption. It's been a labor of love and is available for beta testing at https://github.com/crypteron/encryptwp. The reason I'm posting a ticket here is that I've had to resort to a non-ideal approach to automatic decryption of native (non-meta) user fields within WordPress. Ideally I would decrypt sensitive user data right after it's loaded from the database as it is hydrated into the `WP_User` object. Unfortunately, no hook is fired during this process. I strongly believe that one should be. Instead, I decrypt native user fields using a combination of the filters: `edit_user_{{$field}}`, `{{user_{{$field}}`, `the_author`, and `wp_dropdown_users`. This approach works but has some major downsides: * The `edit_user_{{$field}}` and `user_{{$field}}` filters are only fired when `$user->filter` is truthy (See line 308 of `class-wp-user.php`). I do my best to ensure that this value is set, but plenty of plugins interact with `WP_User` objects without setting their `filter` property. This results in some plugins outputing encrypted text for fields such as `display_name`. * The `edit_user_{{$field}}` and `user_{{$field}}` filters are fired in the `sanitize_user_field` method which, fundamentally, is not a logical place for this sort of operation. * Some native WordPress code bypasses the `sanitize_user_field` method so I've had to add additional filters for `the_author` and `wp_dropdown_users` (using a RegEx!) * Rather than decrypting all sensitive data once, I have to decrypt it every time it is fetched which is inefficient. Despite all of this, EncryptWP works very well. I think the plugin can be a game-changer for WordPress, making HIPAA compliant WordPress sites possible not to mention the new world of GDPR compliance. We have an ambitious, technical road map for the plugin including extending it to handle user-defined meta keys, encrypting `wp_post` and `wp_options` data, key management, and more. But I'd really love to get it 100% compatible and performant with all plugins and, in order to do that, we really need a `WP_User` hydration filter. Such a filter could benefit many other plugins as well and is guaranteed to be backward compatible with all other sites since it would not change existing behavior. I would envision that the filter could be added within the [WP_User->init](https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-user.php#L170) method: {{{#!php <?php public function init( $data, $site_id = '' ) { $this->data = apply_filters('init_user_data', $data, $site_id); $this->ID = (int) $data->ID; $this->for_site( $site_id ); } }}} Please let me know your thoughts on adding this new filter. One line of code can make all the difference! " yguez 9 44101 Personal Data Erasure Workflow - Make the Erasure Fulfilled notification admin triggered Privacy 4.9.6 normal normal Future Release enhancement new 2018-05-15T22:59:46Z 2019-05-23T19:24:27Z "Hello, This might be more for a GDPR v2, but from an admin perspective, I found it easy to overlook any manual actions the admin may need to do to properly complete an Erasure. With the current workflow the requester confirms, and on admin clicking 'Erase Personal Data' the data WP knows about is removed and the user receives a Erasure Fulfilled notification. So is it expected the admin would remove any other non-WP core data before clicking that option? I was thinking it might be nice to have that 'Erase Personal Data' conduct the erasure but hold off on the fulfilled email and have that manually triggered by the admin once they've removed any other data. Would be nice if this step prompted the admin to conduct any other erasure steps that their process might require. Hoping that makes sense, I'm just feeling that currently there's no part in the process prompting the admin to do any other erasures that the core doesn't cover. Thank you" garrett-eclipse 5 44103 change the type attribute of #menu_order from 'text' to 'number' has-patch General 4.9.5 normal normal Awaiting Review feature request new 2018-05-16T01:36:09Z 2019-12-03T17:15:38Z "Currently, when focus shifts to the input box of menu_order in the situation that the IME is turned on, an extra operation such as inputting a numerical value after turning off the IME is necessary. I would like to improve on this. Now: {{{ <input name=""menu_order"" type=""text"" size=""4"" id=""menu_order"" value=""<?php echo esc_attr( $post->menu_order ); ?>"" /> }}} Change: {{{ <input name=""menu_order"" type=""number"" id=""menu_order"" value=""<?php echo esc_attr( $post->menu_order ); ?>"" /> }}} Also, please add a style to specify the width." tmatsuur 7 44118 WordPress performs some unnecessary plugin update checks francina has-patch Upgrade/Install normal normal Future Release defect (bug) assigned 2018-05-17T01:50:49Z 2023-03-23T15:25:02Z "In the function `wp_update_plugins()`, it seems clear that the intent is not to check for updates if there has already been an update check recently (e.g., on the wp-admin/plugins.php page, ""recently"" means within the last hour). However, in some cases it will check for updates anyway because of subtle issues in the implementation. The easiest way to reproduce the issue is to install the [https://wordpress.org/plugins/query-monitor/ Query Monitor] plugin (to view HTTP requests) and then perform the following steps: 1. Visit the admin section ""Updates"" page (wp-admin/update-core.php). Look at Query Monitor's ""HTTP API Calls"" - you should see a call to https://api.wordpress.org/plugins/update-check/1.1/ to check for plugin updates. (You might also see additional HTTP API calls for theme and core update checks.) Note: if you don't see the plugin update check, it's possible that there was already a check for updates in the last minute - update-core.php is supposed to check for updates no more than once per minute. Try waiting a minute and reloading the page. 2. Once you have seen the plugin update check being made, visit the ""Plugins"" page (wp-admin/plugins.php). Look at ""HTTP API Calls"" - you will see another plugin update check being made. This doesn't make much sense, because WordPress just checked for plugin updates on the update-core.php page. 3. Note that the additional update check in only occurs once. Try reloading the plugins.php page and look at ""HTTP API Calls"" again - this time there will be no plugin update check (which is the expected behavior, since WordPress just checked for plugin updates). Looking at the code for `wp_update_plugins()`, it seems that the `update_plugins` transient is sometimes stored with a `checked` property, sometimes not. This doesn't make sense to me - when the `checked` property is not stored in the transient, the next call to `wp_update_plugins()` will always check for updates regardless of how recently the last update check occurred." siliconforks 6 44127 editing an image can result in intermediate sized images left over after the image is deleted Media 4.9.5 normal normal Awaiting Review defect (bug) new 2018-05-17T19:51:02Z 2023-08-09T17:19:13Z "Steps to reproduce: 1. set thumbnail_size to `150x150` 1. upload a `300x300` image, e.g., `foo.jpg` * will result in `/wp-content/uploads/foo-150x150.jpg` being generated 1. edit the image and scale to `200x200` * will result in something like `/wp-content/uploads/foo-e1526583456941.jpg` being generated * `/wp-content/uploads/foo-150x150.jpg` will still be present, since it is still a valid thumbnail for the scaled image 1. regenerate intermediate sized images (e.g., by calling [[https://developer.wordpress.org/reference/functions/wp_get_attachment_metadata/|wp_get_attachment_metadata()]] followed by [[https://developer.wordpress.org/reference/functions/wp_update_attachment_metadata/|wp_update_attachment_metadata()]], which the [[https://wordpress.org/plugins/regenerate-thumbnails/|Regenerate Thumbnails]] plugin does) * will result in something like `/wp-content/uploads/foo-e1526583456941-150x150.jpg` being generated 1. ""Delete Permanently"" the image Check `/wp-content/uploads` and you will see that `foo-150x150.jpg` is still there. " pbiron 10 44133 Should the Data Export indicate when we have no information on the user xkon dev-feedback Privacy 4.9.6 normal normal Future Release enhancement assigned 2018-05-17T20:45:33Z 2021-11-08T00:27:04Z "Hello, If a data export is done for a non-existent user should we indicate in the .html file provided that we have no information on the subject? Currently the file is provided and just the initial table provided. If there's nothing else should a message be there to indicate that we currently have nothing stored on them? Thanks" garrett-eclipse 60 44145 Rework Privacy settings page to use the Settings API xkon* Privacy 4.9.6 normal normal Future Release enhancement accepted 2018-05-18T12:23:18Z 2020-09-26T00:04:24Z Now that the Privacy page is under Settings, it should be reworked to utilize the Settings API. desrosj 5 44151 Personal data exports - lower priority exporters should place their data after the higher priority ones has-patch Privacy 4.9.6 normal normal Awaiting Review defect (bug) new 2018-05-18T16:55:40Z 2019-07-22T16:46:12Z "When two exporters are registered that export the data for the same group_id and the same item_id the data from the lower priority exporter is placed higher in the resulting file than the higher priority one. For example, this code: {{{#!php function exporter_1( $email_address, $page = 1 ) { return array( 'data' => array( 'group_id' => 'group-1', 'group_label' => __( 'Orders', 'woocommerce-services' ), 'item_id' => 'item-1', 'data' => array( array( 'name' => __( 'Exporter 1' ), 'value' => 1234, ), ), );, 'done' => true, ); } function exporter_2( $email_address, $page = 1 ) { return array( 'data' => array( 'group_id' => 'group-1', 'group_label' => __( 'Orders', 'woocommerce-services' ), 'item_id' => 'item-1', 'data' => array( array( 'name' => __( 'Exporter 2' ), 'value' => 4567, ), ), );, 'done' => true, ); } add_filter( 'wp_privacy_personal_data_exporters', 'exporter_1', 5 ); add_filter( 'wp_privacy_personal_data_exporters', 'exporter_2', 10 ); }}} should result in a file where 'Exporter 1' appears before 'Exporter 2' (see the priority attribute passed to the add_filter call), but this isn't the case. CC @allendav @jeffstieler" robobot3000 10 44153 Plugin privacy polices and admin notification Privacy 4.9.6 normal normal Future Release enhancement new 2018-05-18T23:14:22Z 2019-04-22T16:54:53Z "If a plugin adds a privacy policy by hooking wp_add_privacy_policy_content(), the information shows up on example.com/wp-admin/tools.php?wp-privacy-policy-guide=1. However, there's no link on the dashboard menu (esp settings->privacy) regarding that. Settings->privacy does say ""Need help putting together your new Privacy Policy page? Check out our guide for recommendations on what content to include, along with policies suggested by your plugins and theme."" with a link in the text, but it's quite obscure. How about a 2nd line: If any plugins or themes have available privacy policies, you'll find them [link]here[/link]. You can them use them on your own privacy policy page." sterndata 3 44157 the comments/[id] endpoints should have the same permissions checks as the comments endpoint dev-feedback REST API normal normal Future Release defect (bug) new 2018-05-19T21:18:59Z 2019-06-20T18:10:04Z "I noticed this because custom comment types don't show up on the `comments` endpoint but it's possible to access them via their id in `comments/[comment_id]`. `get_item_permissions_check` should do the same checks as `get_items_permissions_check` in `WP_REST_Comments_Controller`" tharsheblows 4 44159 feature request: otption for removing save my name in comments General 4.9.6 normal normal Awaiting Review feature request new 2018-05-20T04:14:29Z 2018-05-25T12:19:17Z "Hi, As I see in wordpress 4.9.6, a new option has been added under comments fields that says: sava my name, email and etc… Thant very nice. thank you so much But I think it would be better if there was an option in wordpress settings to let website owners choose whether to select it or not to show on frontend. Thank you very much" longman2020 1 44161 Expired session tokens need to be removed from database because GDPR dev-feedback Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-05-20T15:12:32Z 2019-01-17T07:42:47Z "WordPress stores the IP address (which is considered personal information) as part of its session tokens in the usermeta table. When the session expires, GDPR would seem to require the IP address to be removed from the database, as there is no longer a reason to keep it. There should be some kind of garbage collection that removes expired session tokens on a daily basis." mechter 4 44163 wpdb->update() fails, showing no error message reporter-feedback Database normal normal Awaiting Review defect (bug) new 2018-05-20T18:54:05Z 2018-05-21T13:52:46Z "It's my second report about the incompletness of wpdb->update function. 1-2 years ago I've reported the scenario when it failed to update, but `last_error` was empty. Now, another scenario, when it fails , but `last_error` is empty, is the following: i.e. create a table with ""NOT NULL"" {{{#!php <?php $x= $wpdb->query(""CREATE TABLE IF NOT EXISTS `example_table` ( `rowID` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(150) NOT NULL, `id` varchar(150) NOT NULL, `data` LONGTEXT NOT NULL DEFAULT '', PRIMARY KEY (`rowID`), UNIQUE KEY `rowID` (`rowID`) ) "". $wpdb->get_charset_collate() ."" AUTO_INCREMENT=1;"" ); }}} then insert some empty value: {{{ $wpdb->insert(""example_table"", array(""name"" => ""James"", ""id""=>""123"", ""data""=>""blabla"") ); }}} then try to update {{{ $wpdb->update(""example_table"", array(""name""=>""Jonathan""), array(""id""=>""133"") ); }}} it doesnt update. I have dumped `$this->dbh` (in wp-db.php 1887 line), and it shows affected lines: 0 `last_error` is empty. After spending much time, found that I was missing ""required"" parameter and added {{{ $wpdb->update(""example_table"", array(""name""=>""Jonathan"", ""data""=>""new-blabla""), array(""id""=>""133"") ); }}} (""NOT NULL"" requirement caused failure) so, it's good, last_error contained some information, when affected lines are 0, or like such scenarios." tazotodua 3 44171 "Flushing the rewrite rules is ""wrong"" on the front-end" kraftbj has-patch General normal normal Future Release enhancement assigned 2018-05-21T09:43:51Z 2019-03-20T15:21:26Z "Follow-up from #44142. ""Flushing"" these rules takes a lot of resources, writes to the db, and (usually) overwrites .htaccess. Because of that it should only be performed in wp-admin, especially in production. Add a `_doing_it_wrong()` notice so theme and plugin authors are aware if this." azaozz 11 44174 wp_get_http_headers does not return status code or follow redirects HTTP API 4.9.6 normal normal Awaiting Review defect (bug) new 2018-05-21T13:13:02Z 2018-05-21T13:13:02Z "wp_get_http_headers performs an HTTP HEAD request and returns a simple success or failure code. This function is listed as part of the ""HTTP API"" on https://codex.wordpress.org/Function_Reference. If the target resource issues a redirect, it is not followed, nor is the specific redirect code returned. It is possible to check for the Location header & follow the redirect manually. But wp_get_http_headers should, at least optionally, process redirects. It should also return the HTTP status code and message. One way to do this would be the Apache model - provide a Status pseudo-header in the response (e.g. 'Status' => '200 OK') If a WordPress resource returns a 404 code, the result is 'success' with an HTML page suitable for humans - HEAD, of course, simply says content-type: text/html. This is indistinguishable from 200 for the page. The underlying wp_safe_remote_head API seems to return the status, but it's not returned from wp_get_http_headers. Note that wp_safe_remote_head is not listed on the function reference page, so I assume is not intended for public use. (If context matters, I'm using it to implement a shortcode in a plugin.) I'm leaving this as a ""bug"" since failure to provide status prevents a caller from detecting errors and correctly processing a response." tlhackque 44176 Un-map Privacy Capabilities xkon has-patch Privacy 4.9.6 normal normal Future Release defect (bug) reopened 2018-05-21T14:31:43Z 2020-10-24T03:28:47Z "Three new capabilities were added in WordPress 4.9.6 to allow granular control over the new privacy features: - `erase_others_personal_data` - `export_others_personal_data ` - `manage_privacy_options ` If a site activates a role management plugin (such as [https://wordpress.org/plugins/members/ Members]), the capability is not listed under the Administrator role (which receives these capabilities by default), and is not available to be assigned to other roles. Adding this role as a custom capability does nothing because the capabilities are mapped to `manage_options` and `manage_network`. A site could create a custom role specifically for someone to manage privacy requests that should not have access to other `manage_options` related functionality. Related: #44079, ticket:44055#comment:5." desrosj 60 44177 Enhance wp_debug_backtrace_summary() with the optional ability to include arguments has-patch General normal normal Awaiting Review enhancement new 2018-05-21T14:38:52Z 2018-05-21T21:38:14Z "The attached patch for `wp_debug_backtrace_summary()`: - Adds the optional ability to include arguments in the output - Leaves the default behaviour as-is - Removes an unnecessary check on whether the PHP version is at least a value which is still lower than the minimum one that WP supports" DavidAnderson 4 44179 Use wp_update_comment instead of $wpdb->update $wpdb->comments when anonymizing comments has-patch Privacy 4.9.6 normal normal Future Release enhancement new 2018-05-21T20:13:59Z 2020-10-16T22:44:17Z "During the course of the development on #43442 we switched from `wp_update_comment` to a direct `$wpdb->update( $wpdb->comments, $anonymized_comment, $args );` Unfortunately, plugins that do things with comments when they change are more likely to hook wp_update_comment - so plugins like that are unaware when comments are anonymized Let's switch back to wp_update_comment (as it was in earlier diffs on that ticket) cc @azaozz" allendav 13 44186 Possibles enhancements to 4.9.6 privacy tools Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-05-22T13:53:05Z 2018-06-20T19:03:47Z "-- User should start a request from frontend User can create his own request starting from privacy page. Form are similar to the change password and login forms. Maybe, in first time, wordpress do not provide directly the form, but let developer start a request from a form submission hooking to a specific hook or using a function provided by the core. -- Automatic request processing User could receive first email without admins starts or confirm the process as for change password request. For large websites is unthinkable they rely on the wordpress system to manage privacy requests if tasks of this kind has to be done by admins, they will go for other plugins to do that. We need to include an options to disable automatic request processing and let things as in 4.9.6. -- Automatic send data As for request processing, user could confirm the link on the second email and get directly the datas without admins work. -- User should see their data on a webpage (Frontend Personal Data Profile Page?) I guess the zip download has been long discussed.. but in my personal opinion is a real bad practice. We are talking about privacy and data protections and we should not stimulate the proliferation of pieces of personal datas spreading in internet and devices. I’m thinking of a request started from a mobile device, the user can have his own datas and can delete it from your website. But this in some case this is not a real data erasure, but it is just a data transfer as, after the request, on his download folder of the mobile device it has a PDF containing a lot of personal informations like Addresses, Family Status, Accounts name, Phone numbers, etc… People are not educated to take care of their personal datas.. Using a web page to show the personals data we could achieve more than one goal: - we strength the overall privacy avoiding data proliferations - people will remain on the website (marketers will love it) - we could get granular erasure of datas - user can update datas -- Granular erasure of data As 4.9.6 the request of deleting personal data is an all or nothing actions. People can request to delete all the data from the website and maybe delete his / her account. People may want to delete just some part of the datas (maybe a second address, the family status, their phone number) but let other to be processed for their sake (they want to be in your interest based newsletter). And again for the sake of the website admins, the relationship with the user will continue. Example of an overall process. - User start a data export request - Website send an email to be confirmed - User confirm the email - Website send a second email with the link to see (and eventually download and erase) the personal datas - On the Frontend Personal Data Profile Page the user delete an address, his marital status and update the phone number. Every single step in the process could be automatic or manual depending on admins preferences. " mnzhc 4 44204 Privacy export codebase in 4.9.6 doesn't use WP Filesystem API Privacy 4.9.6 normal normal Future Release defect (bug) new 2018-05-23T13:01:28Z 2020-08-22T21:11:04Z "The codebase added in WP 4.9.6 for privacy was written with low-level file APIs like fopen(), file_exists(), fwrite(), etc. rather than the WP Filesystem API. Quick to see in wp_privacy_generate_personal_data_export_file(). This restricts core parts of the privacy management functionality to only operate on hosts with direct access to the local filesystem. It is recommended to instead use the WP Filesystem API so that more secure hosts are supported and a broader set of filesystems can be used, e.g. SSH, FTPext, FTPsocket, etc. https://codex.wordpress.org/Filesystem_API" diablodale 3 44211 Add cookie domain to `userSettings` script localize has-patch Script Loader normal normal Awaiting Review feature request new 2018-05-24T08:30:04Z 2020-10-12T19:56:06Z I have cookie path and secure status but I need have `domain` param in array too. I think that this will helpful. sebastian.pisula 44212 Add a new helper function for comma- or space-separated lists has-patch General normal normal Awaiting Review defect (bug) new 2018-05-24T10:26:34Z 2018-05-28T15:48:21Z "The functions `wp_parse_id_list()` and `wp_parse_slug_list()` both use `preg_split()` to convert strings to an array. Strings with leading or trailing spaces will result in an added empty value {{{''}}} or {{{0}}} returned by these functions. Example {{{ // leading space $ids = wp_parse_id_list( ' 1,2,3' ); // result array( 0 => 0 1 => 1 2 => 2 3 => 3 ) }}} This is because the `PREG_SPLIT_NO_EMPTY` flag is not used with`preg_split()`. The same regex `'/[\s,]+/'` used by these functions is also used in other places in WordPress core (also without using the flag). That's why I propose a new helper function for comma- or space-separated lists (that uses the flag by default). That function could then be used by `wp_parse_id_list()` and `wp_parse_slug_list()` and all other instances where this regex is used." keesiemeijer 4 44215 Personal data exports - Empty values are included in the report dev-feedback Privacy 4.9.6 normal normal Awaiting Review defect (bug) new 2018-05-24T14:37:40Z 2019-06-03T16:42:31Z "Empty values should not be included in the report. Otherwise, the report will be cluttered with empty values. Use the following code in `mu-plugins` to reproduce: {{{ <?php function exporter_1( $email_address, $page = 1 ) { return array( 'data' => array( array( 'group_id' => 'group-1', 'group_label' => __( 'Orders', 'woocommerce-services' ), 'item_id' => 'item-1', 'data' => array( array( 'name' => __( 'Exporter 1' ), 'value' => 1234, ), array( 'name' => __( 'Exporter 2' ), 'value' => '', ), array( 'name' => __( 'Exporter 3' ), 'value' => '0', ), array( 'name' => __( 'Exporter 4' ), 'value' => 0, ), ), ) ), 'done' => true, ); } function register_exporter_1( $exporters ) { $exporters['exporter_1'] = array( 'exporter_friendly_name' => __( 'Exporter 1' ), 'callback' => 'exporter_1', ); return $exporters; } add_filter( 'wp_privacy_personal_data_exporters', 'register_exporter_1' ); }}} Results: Before proposed patch: [[Image(https://cloudup.com/iPJ8ocUnyiz)]] After proposed patch: [[Image(https://cloudup.com/i7MqWkMZjrj)]]" bor0 13 44222 Add Archive state to privacy requests garrett-eclipse Privacy 4.9.6 normal normal Future Release enhancement assigned 2018-05-25T06:34:37Z 2020-10-20T19:46:09Z "Hello, A suggestion for v2 of GDPR is to add an archive/trash state and list view to erasure requests. Currently, the last state/phase in the erasure process is 'Completed' with the 'Next Steps' action being 'Remove request'. This automatically prompts the admin to remove and clear the deck. In many if not most cases though the site holds backups which upon site failure will be used to restore the site/content and thus the users PII data. Under GDPR my understanding is the admin is required to re-remove the users data. Backups are partially safe with GDPR because they are required for site security/integrity, but under retention can only be kept for a reasonable timeframe. So I was thinking a way to safeguard admins would be to introduce a trash/archive which would have the action for Completed be 'Archive' instead of 'Remove'. This would place the request in the trash and remove from the 'All' view to reduce the clutter. On a new Trash view you're find these requests with the ability to delete permanently. And I think I heard something about privacy settings at some point in slack which could allow a retention period setting for these archives be set and a cron to auto-remove. So admins would be able to have their database retention and erasure archive retention periods basically match. This would enable them to use the archive list, export it possible, and use it to re-remove users upon database restore. Most of it is up to the admin to disclose their backup policy and how they'll re-remove users but would definitely help safeguard them from losing requests by running through the workflow too quickly. Hope that mostly makes sense, mainly just wanted the idea out there. All the best, *Note: Most of this is to 'my understanding' so I defer to those more versed in the new regulations." garrett-eclipse 12 44226 Link to Privacy Policy in comment consent Comments 4.9.6 normal normal Awaiting Review feature request new 2018-05-25T13:18:42Z 2021-10-29T09:31:19Z "Hi! It's possible add the url to privacy policy after consent in comments? Thank You!" paolobros 44231 XML oembed discovery is not implemented correctly Embeds normal normal Awaiting Review defect (bug) new 2018-05-25T16:38:50Z 2023-05-30T09:51:54Z "When using XML in oembed discovery, WordPress still tries to encode it as JSON and fails. It doesn't retry to check if XML would work. How to reproduce this: - Add a link tag for an XML oembed: this is clearly tagged as `text/xml+oembed` and also has the file extension `.xml`: `<link rel=""alternate"" type=""text/xml+oembed"" href=""http://example.com/oembed.xml?url=http://example.com/blah""> - WordPress will now correctly resolve the provider as `http://example.com/oembed.xml?url=http://example.com/blah` - Wordpress will send a request to: `http://example.com/oembed.xml?url=http://example.com/blah&maxwidth=525&maxheight=788&dnt=1&format=json`. Note how it adds `format=json` but still uses the `.xml` file extension - The provider correctly returns an XML response, with HTTP status code 200 - Wordpress tries to parse it as JSON and fails - Wordpress doesn't retry with `format=xml` since it only tries XML if the JSON endpoint failed with HTTP status code 501 Background info from the spec: - If the format of the request is given in the file extension (e.g. `/oembed.xml`), the provider should ignore the `format` parameter. (See https://oembed.com/#section2.2). - For discovery the provider should specify the full oembed endpoint, including the `format` paramter. It's therefore wrong to override it in Wordpress. (See https://oembed.com/#section4)" rivalitaet 3 44236 Maintain consistency between privacy export report and archive filenames GripsArt needs-unit-tests Privacy 4.9.6 low minor Future Release defect (bug) assigned 2018-05-26T00:03:07Z 2019-01-27T09:03:40Z "Prior to r43180, the export `.zip` filename changed every time it was regenerated; after that commit, it was reused to ensure links aren't broken (see #43905). That commit didn't do anything to the `.html` filename, though, so after the initial regeneration, the value of `$obscura` will not match between the two filenames. I don't think this presents any issues for Core, and might not for plugins either, but it seems like they should be consistent, just to be safe. If a plugin hooks into `wp_privacy_personal_data_export_file_created`, it may reasonably assume that the filenames to match, and do something like `str_replace( '.html', '.zip', $foo )`. That seems unlikely, since both filenames are passed to the callback, but it's better to be safe than sorry." iandunn 21 44238 Add protected param to register meta has-patch Options, Meta APIs 3.1.3 normal normal Awaiting Review enhancement new 2018-05-26T12:17:19Z 2019-02-24T23:05:09Z "It has been possible for developers to make meta keys protected / not protected since 3.2.0, when the is_protected_meta filter was added. By default all meta keys that start with an underscore as seen as protected, all those this overriden by the filter. There should be a way to a meta key as protected while using register_meta function. This would make the register meta function, a point of truth for all meta keys / meta type, where a state, type and access are defined in one place. " spacedmonkey 11 44246 Add `check-node-version` to check required Node.js and npm versions are installed azaozz has-patch Build/Test Tools normal normal Future Release enhancement reopened 2018-05-27T12:16:11Z 2019-01-10T02:46:35Z "This change adds a npm script to the `preinstall` task of `npm install` to check that the required npm and Node.js versions are installed and being used in the current terminal shell instance. If the Node.js version is not `8.9.3` or npm version is not greater than `6.1.0` a warning will be displayed notifying the user to update the respective build tooling. The attached patch depends on #44245 being committed first Related: #44245, #43731 " netweb 11 44251 Wrong way of getting website root url when site is rewritten General normal normal Awaiting Review defect (bug) new 2018-05-28T13:11:44Z 2018-05-28T14:07:03Z "I have my wordpress setup on IIS and it is on https://blog.my-imaginary-blog-domain.com/blog. This is ""real"" address of my website. However user see this url https://www.my-imaginary-blog-domain.com/blog. Every page works but my homepage goes in redirect loop. I made changes to my wordpress settings and I setup that my site url is https://www.my-imaginary-blog-domain.com/blog. Inside web.config file of https://www.my-imaginary-blog-domain.com project I made rewrite rule. This is about my setup. Now about where is problem. Problem is in wp_includes/canonical.php file inside redirect_canonical method: if ( ! $requested_url && isset( $_SERVER['HTTP_HOST'] ) ) { // build the URL in the address bar $requested_url = is_ssl() ? 'https://' : 'http://'; $requested_url=$_SERVER['HTTP_HOST'] //this is wrong in my opinion, this returns // https://blog.my-imaginary-blog-domain.com/blog, and not https://www.my-imaginary-blog-domain.com, causing problem of infinite redirection loop, probably some code compares this incoreectly made $requested_url variable with something else $sURL = site_url(); $asParts = parse_url( $sURL ); $requested_url .= $asParts['host'] ; This 3 lines above are how I solved my problem.So I deleted this line:$requested_url=$_SERVER['HTTP_HOST']; and put those 3 line above instead " vladop 2 44258 Inconsistency in Export and Erase Personal data behavior Privacy 4.9.6 normal normal Awaiting Review defect (bug) new 2018-05-29T12:01:21Z 2020-01-10T09:53:46Z "I am not sure if it is done on purpose but I have noticed an inconsistency in selecting contents for `Erase Personal Data` tool compared to `Export Personal Data` tool. I have made a few comments as well as uploaded some images through Media Library. My account display name is Subrata Sarkar and the email address is gdpr-tester@emailprovider.com I created an Export Request for gdpr-tester@emailprovider.com and downloaded the `.zip` file. I see both comments and media files are considered in index.html as a part of Personal Data. On the contrary, Erase Personal Data for the same email address does not consider Media Files. In Media Library the images uploaded by me are still showing uploaded by Subrata Sarkar! Comment author is updated to `Anonymous` though. Am missing something? One more thing I have noticed. May be this is done to comply with GDPR regulations. That is, in users' list the email addresses are no longer appearing for each user, although I am logged in as the admin. Just wanted to know if this is the case." subrataemfluence 4 44259 wp_query: Post & Page Parameters doc section incorrect General normal normal Awaiting Review defect (bug) new 2018-05-29T13:15:46Z 2018-05-29T13:46:25Z "The [[https://developer.wordpress.org/reference/classes/wp_query/#post-page-parameters|Post & Page Parameters]] section of the code ref page for `WP_Query` contains the following incorrect text: {{{ post_name__in (array) – use post slugs. Specify posts to retrieve. (Will be available in version 4.4) }}} The ""Will be available in..."" text should be removed since 4.4 was released long ago." pbiron 2 44261 Export User Data includes media URLs, not the actual media files in zip file dev-feedback Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-05-29T14:06:16Z 2020-10-16T22:44:17Z "Use of media URLs rather than the media files in original in Exported User Data zip file is probably to keep the file small in size so that it could be transferred quickly. **But what if admin or any user with the same level of privilege can delete one of more media files of the user requesting a personal data export accidentally after the Export is initiated and is emailed / downloaded. ** Do we already have a guard or option to deal with such a situation? Is this possible to include the physical media files in the zip or at least create a separate area where these files would be backed up and reference URLs point to this location? We can warn user (in the same email with the download link) to download the file say within next 72 hours otherwise the download link would expire. In the background after the stipulated time period the backup would be erased automatically. A new request needs to be initiated if this happens. This will make sure that the server space is not being overused for a longer period of time. How far you see the possibility of accidental deletion and user ends up with broken media link(s)? Do you think this could be a probable solution to avoid such a situation?" subrataemfluence 6 44266 Add per-request-row delete row action for privacy actions garrett-eclipse* has-patch Privacy 4.9.6 normal normal Future Release enhancement accepted 2018-05-29T17:37:36Z 2020-10-20T19:57:26Z Right now the only way to delete a privacy request (e.g. ones created while doing periodic testing) is to use the bulk-delete flow. It could simplify things greatly to add a per-request-row Delete action below the email address. allendav 26 44267 Privacy Request List Table: A way to show the time of request when it's older than 24 hours. has-patch Privacy 4.9.6 normal normal Future Release enhancement new 2018-05-29T18:41:09Z 2019-01-27T07:21:19Z "When the request is older than 24 hours, then we can't see time of the request. An example: {{{ May 18, 2018 }}} The related methods are: - {{{WP_Privacy_Requests_Table::get_timestamp_as_date()}}}. - {{{WP_Privacy_Requests_Table::column_default()}}}. For comparison, here's an example from the ''posts'' list table in ''list'' view: {{{ <abbr title=""2018/05/14 8:41:52 am"">2018/05/14</abbr> }}} and in the ''excerpt'' view: {{{ Published <br/> 2018/05/14 8:41:52 am }}} Here's an example from the ''comments'' list table: {{{ 2018/04/20 at 5:35 pm }}} I'm not sure the {{{<abbr>}}} is suitable here, after reading: https://stackoverflow.com/a/32892825/2078474 " birgire 26 44268 GDPR concerns on the core commenting flow Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-05-29T18:41:11Z 2018-05-30T15:15:21Z "The checkbox on the comment template it's not GDPR compliant. 1. The act of submitting content implied informed consent (possible to edit this message) 2. It must be required 3. It must be have a link to privacy policies (possible to edit this link) 4. It must be to store the consent 5. It must be possible to change, export and delete this data Possible to edit this Thanks. Best regards. Patrice" patricedefago 8 44269 Add optional parameter $merge_args into paginate_links function reporter-feedback General 2.1 normal normal Awaiting Review defect (bug) new 2018-05-29T21:02:59Z 2020-12-03T02:49:03Z " I'm passing a query arg that exists on args in current url, but the value passed by parameter is different. What happens is that the value of query arg passed as tabname is overwritten by value into current url arg. I suggest an optional parameter called $merge_args and default value as true, in this way, all necessary query args to build pagination links should be passed by add_args and nothing is overwrite. {{{#!php <?php function paginate_links( $args = '', $merge_args = true ) { ... ... if ( isset( $url_parts[1] ) ) { ... ... if($merge_args) { $args['add_args'] = array_merge( $args['add_args'], urlencode_deep( $url_query_args ) ); } } } }}} " andrepoandrade 3 44270 Non-public custom post types have rewrite rules enabled by default has-patch Posts, Post Types normal trivial Awaiting Review defect (bug) new 2018-05-29T22:02:32Z 2018-10-03T17:54:46Z "Is there a reason for the pairing of `public => false` with `rewrite => true` for default custom post type arguments? If there isn't can we change the default `rewrite` to inherit `public` at runtime? I often see a large rewrite rules array from plugin/theme private post types not declaring `rewrite => false` - if there's no need for them seems bit of a waste - a default WP install is 17 rules per post type, 17 possible unnecessary regex checks per-request. Usually it's two or three CPTs I see per site and they stack up quick." TheDeadMedic 1 44277 Post type rewrite breaks page url's General 4.9.6 normal normal Awaiting Review defect (bug) reopened 2018-05-30T10:59:35Z 2018-06-04T15:50:56Z "I have a post type which we rewrite a custom url using the following: {{{ 'slug' => '%kh_product_cat%', }}} It used to work but not sure when but it stopped working and although the post type url's work, the page url's don't. Take that line out and the page url's work again, tested on a clean install of WP to make sure and get the same problem. Has something been changed in WP recently which would affect this?" garethgillman 5 44279 `get_terms()` with `child_of` and `childless` combined Taxonomy 4.9.6 normal normal Future Release defect (bug) reopened 2018-05-30T15:30:32Z 2024-02-28T23:30:40Z "Hi there! I'm not sure if I found a bug or this is intended behaviour: If I use a combination of `childless` and `child_of` in a `get_terms` call, I get zero results. My taxonomy's structure: {{{ - Genre -- Hip Hop -- Trap -- Rap - Location -- Europe --- Germany --- Sweden --- Austria -- Asia --- China --- Japan --- Taiwan }}} My code: {{{#!php <?php $location_parent = get_term(123, 'my_custom_taxonomy'); $countries = get_terms(array( 'taxonomy' => $location_parent->taxonomy, 'hide_empty' => false, 'child_of' => $location_parent->term_id, 'childless' => true )); }}} I'm trying to only list countries, basically children of 'location' that don't have children of their own." nonverbla 6 44283 Enclosure can't deal with CDN media files - WPCore redirects the URL dev-feedback Feeds 4.9.6 normal normal Awaiting Review defect (bug) new 2018-05-31T15:36:55Z 2021-06-07T09:58:21Z "When using WP as audio collection, RSS2 is needed to get podcasts spread around f.i. to iTunes ect.\\ \\ To validate the feed right from WP 4.9.6 at http://www.feedvalidator.org from source https://ferrie.audio/cat/podcasts/feed/ we recieve several errors where the most important one is the **redirection** of CDN URL's to WP URL\\ \\ **example:** **cdn.**ferrie.audio/blablabla/Can-You-hear-Me.m4a - the CDN.(= AWS3) location of the file\\ **becomes:** ferrie.audio/blablabla/Can-You-hear-Me.m4a\\ \\ **without** the CDN. urlprefix there is no audio stream - all streams are at CDN.\\ adding the CDN. urlprefix enclosure by hand and then save the blogpost results is 2 enclosures - 1 with CDN. - 1 without\\ adding the enclosure but NOT save the blogpost shows the correct enclosure - but - the RSS output shows the URL **without** the CDN. urlprefix\\ \\ have been looking into the /wp-includes/feed.php - but there is for me no place to find where this redirection takes place - an feed expert might be able to correct this problem - sorry that i can't - i'm no coder i make music." researcher 2 44284 Remove e.preventDefault(); code line from widgets.js file has-patch Widgets 4.9.6 normal normal Awaiting Review defect (bug) new 2018-05-31T17:00:16Z 2019-07-29T16:43:09Z "In wp-admin/js/widgets.js file we have some of this function that stops to display form validation errors on the page for widgets inputs... We need to remove these function. " alexvorn2 8 44288 Inconsistent saving of post slug / url field reporter-feedback Posts, Post Types 4.9.6 normal normal Awaiting Review defect (bug) new 2018-06-01T04:08:43Z 2018-06-04T13:47:08Z "Firstly see the issue I raised on the woocommerce github: https://github.com/woocommerce/woocommerce/issues/20285 I'm trying to use characters such as +, &, * etc in post (in my particular case products) urls, but encoded first obviously (e.g. + becomes %2B). My process: See my process to recreate this issue on the github link. The good people over at the woocommerce github have said this is not a problem on their end but is actually a problem with the wordpress core, in particular how it saves post slugs / urls." rhurley 1 44292 Make use of protected process_fields Database normal normal Awaiting Review enhancement new 2018-06-01T12:23:58Z 2018-06-01T12:23:58Z "I have written an 'upsert' routine and thought it would be nice to have this functionality in WordPress core. Searching for results in this ticket https://core.trac.wordpress.org/ticket/22196. Not having a method for it, is okay. I already have my own implementation. However I need some field processing like the same way has been done for the insert and update routines. Unfortunately the method for that (process_fields) has been made protected. Is it desirable to make that method public or should I copy the logic of those routines to be able to use it?" andizer 44296 Enable double-width space works as a separator in search query SergeyBiryukov has-patch Query normal normal Future Release defect (bug) reviewing 2018-06-03T05:12:28Z 2019-04-10T18:16:43Z "Related ticket: #43829 It has a bug in search query (search form). It would be recognizing as one word in case of putting double-width space in search query. So, it should be recognized as a separator like half-width space "" "". And most important thing in this ticket, it can be a clue in order to approach CJK unified ideographs. cf. ) [https://en.wikipedia.org/wiki/CJK_Unified_Ideographs] " ryotsun 12 44310 Apostrophe and/or Hyphen in Titles Rendered as ’ and – When Added as Link in Editor Editor 4.9.6 normal normal Awaiting Review defect (bug) reopened 2018-06-05T19:08:28Z 2023-10-23T20:54:27Z "I searched but did not see this issue reported previously. When an apostrophe and/or a hyphen is present in a blog post title or page title and those posts are added as links using the Insert Link option in the WordPress Editor, the apostrophe and hyphen are rendered as the following: - An apostrophe in a title is rendered as ’ in the Link Text (see attached images) - A hyphen (which is surrounded by spaces) in a title is rendered as – in the Link text (see attached images) I have tested on a vanilla WordPress 4.9.6 install with no other plugins active both on live installs on two different servers and a local development server and can reproduce this consistently. " midihead 7 44313 /wp-admin/css/forms.css problem when adding a <select> with 'restrict_manage_users' Users normal normal Awaiting Review defect (bug) new 2018-06-05T20:10:29Z 2018-06-05T20:14:10Z "When `current_user_can( 'promote_users' )`, [[https://developer.wordpress.org/reference/classes/wp_users_list_table/extra_tablenav/|WP_Users_List_Table::extra_tablenav()]] adds a dropdown of roles and a ""Change"" button. All well and good; see the `without_restrict_manage_users_current.png` attached screen shot. If something then hooks into [[https://developer.wordpress.org/reference/hooks/restrict_manage_users|restrict_manage_users]] and adds another dropdown, the ""Change"" button is located to the right of that new dropdown rather than still being next to the roles dropdown; see the `restrict_manage_users_current.png` attached screen shot, and the `restrict_manage_users_expected.png` screen shot for what I expect to see." pbiron 1 44320 Inform users when their site's privacy policy is not publicly visible Privacy 4.9.6 normal normal Future Release enhancement new 2018-06-06T19:55:31Z 2019-05-23T19:23:54Z "When a page is selected as the site's privacy policy and is not published, users that can edit the privacy policy should be notified that the page is not publicly visible. Currently, the only way to know that the selected privacy policy page is unpublished is to go to Pages in the admin and see the page listed with `- Draft` next to its title. #44100 will add `- Draft` to the page titles in the settings dropdown, but that is not visible unless viewing the Settings > Privacy page. #44131 aims to adjust some of the text on the Settings > Privacy page to indicate the page would be previewed and not viewed, but this is also only seen when on that settings page. Here are a few ideas that have been thrown tossed around. == Dashboard Widget A dashboard widget for Privacy that could indicate any issues with the site's privacy settings. Some examples of what could appear here: - ""Your site does not have a privacy policy selected."" - ""The privacy policy page selected is not publicly visible"" - Maybe further down the road, ""Several active plugins on your site do not declare support for data privacy features"" (see #43938, #43750). == Admin Notice This admin warning would be dismissible and only show up to users that have the ability to manage the privacy policy. Which pages to show this on and whether ''another'' admin notice should be introduced should be carefully considered. Related: #44100, #44131." desrosj 3 44329 current-menu-item class not applied to home link with starter content audrasjb Menus low normal Future Release defect (bug) reviewing 2018-06-08T03:12:20Z 2019-07-09T05:43:31Z "When viewing starter content in the customizer the home link does not get the current-menu-item class applied when you view the home page. The menu-item-object-{$type} class is also missing $type, so it just has the class menu-item-object- applied. When viewing a customizer changeset of the starter content before actually publishing - the home link is not given the current-menu-item class as well. The menu-item-object-{$type} class is still missing $type in this class too. After publishing the starter content the front end appears to have .current-menu-item correctly applied to the menu when navigating. However, when viewing the site in the customizer - the home link now always has the current-menu-item class applied regardless of which page you visit. This results in two links having current-menu-item applied ( the home link and the currently viewed link ). At this point the menu-item-object-{$type} class now has $type === 'custom', so the class menu-item-object-custom is properly applied. Additional notes: - I was only testing with fresh wp installs. - I was using default permalink structure. - I noticed this issue with other themes that provide starter content, but it also happens with twentyseventeen - #43401 does not seem to fix the issues outlined in the steps below. Expected results: I expected for menu items to have the current-menu-item classes properly applied when viewing changesets, the customizer preview would accurately reflect the frontend display, and that current-menu-item would not be applied to two different links when previewing pages in the customizer. Steps to replicate: 1. Use latest trunk (this does also occur on 4.9.6). 2. Have fresh_site option set to 1 to get starter_content. 3. Activate twentyseventeen theme. 4. Go to customizer. 5. Starter content should be populated - inspect the ""Home"" link which doesn't appear to have current-menu-item added, and has the incomplete class menu-item-object- as well. 6. Click on one of the other pages - the link properly reflects the current-menu-item class. 7. Save draft and open the changeset url provided. 8. Click on one of the other pages other than home, and the same issue occurs. 9. Go back into customizer, publish the changeset, and view the site now on the frontend. The home page link is now properly given current-menu-item, and menu-item-object-custom is correct. 10. Click on one of the other links, and the home link no longer has current-menu-item applied, and is applied correctly to the new page you're on. 11. Click on customize - once the customizer loads, the home link AND the link your were looking at both have current-menu-item applied, only the previewed page should have this class." timph 44333 Password hint label needs to be re-worded and needs to have a minimum password length check dev-feedback Login and Registration normal major Awaiting Review defect (bug) new 2018-06-08T14:39:10Z 2018-06-08T21:28:06Z "When resetting password, the help text under password box says: {{{ Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! "" ? $ % ^ & ). }}} Although it says **should be at least twelve characters long**, I am able to use only one character! 1. The above help text needs to be re-worded with some like: {{{ Hint: The recommended length of the password should be at least twelve characters and must have at least X characters. To make it stronger, use upper and lower case letters, numbers, and symbols like ! "" ? $ % ^ & ). }}} `X` can be a number say 6, 8 etc. 2. I believe there needs to be a minimum length check." subrataemfluence 3 44334 'Invalid username or email' can just be 'Invalid username' in retrieve_password function dev-feedback Login and Registration normal normal Awaiting Review enhancement new 2018-06-08T15:04:20Z 2018-06-08T15:56:11Z "Since `strpos` returns `false` if a character is not found in between the input string and returns `0` if found at the beginning of it the error message `There is no user registered with that email address.` will only come up if user could not be located with the supplied email address. For anything else we can just use `Invalid username`. Example: `myname@gmail.com` - Error message: There is no user registered with that email address. - This is correct since strpos only returns true if @ is somewhere within the string or at the end. Example: `@myname` - Error message: Invalid username - No need to add the phrase or email Example: `@@myname` - Error message: Invalid username - No need to add the phrase or email Example: `myname` - Error message: Invalid username - No need to add the phrase or email" subrataemfluence 2 44343 Add filter hook for parent dropdown arguments dev-feedback Taxonomy normal normal Awaiting Review feature request new 2018-06-10T07:10:21Z 2018-06-11T21:03:26Z "We can easily control parent dropdown arguments on taxonomy screen and post edit screen (1). But on post edit screen it's not possible to control the parent dropdown arguments for ajax call (2). So we need a filter hook for that. [[Image(http://pix.toile-libre.org/upload/original/1528614160.png)]]" obiplabon 4 44347 WP allows creating username that is already used email address needs-unit-tests Users normal normal Awaiting Review enhancement new 2018-06-10T22:43:02Z 2019-03-02T02:03:26Z "As reported in Support Forum (https://wordpress.org/support/topic/wp-allows-creating-username-that-is-already-used-email-address/) it seems I can create a user with wp_create_user where the user's ""username"" is set as a value that is an existing Email Address for another user in the WordPress system. (I have not submitted a bug here before, so let me know if more info is needed on this and what to do next)." phillipburger 10 44349 Posts show up multiple times in backend when they have the exact same date dev-feedback Query 4.9.6 normal normal Awaiting Review defect (bug) new 2018-06-11T15:46:38Z 2022-02-09T08:19:52Z When I import for example 200 posts with the Import WordPress tool and then go to wp-admin>posts, the posts show up in the query multiple times (for instance on page 1 and page 2). Seems like others are left out. wzshop 30 44351 "Fix ""Foreign key constraint is incorrectly formed"" when running unit tests" Build/Test Tools 4.9.6 normal normal Awaiting Review enhancement new 2018-06-11T17:09:19Z 2021-11-09T23:22:23Z "I kept getting ""Foreign key constraint is incorrectly formed"" when running tests on my plugin. This drove me nuts for a few hours. The reason is [https://github.com/WordPress/wordpress-develop/blob/9e38c2847e5f3b94785378094d17f09577215d3c/tests/phpunit/includes/testcase.php#L335 WP_UnitTestCase::start_transaction()] The WordPress testing framework changes all 'CREATE TABLE' queries to 'CREATE TEMPORARY TABLE'. [https://dev.mysql.com/doc/refman/5.5/en/create-table-foreign-keys.html From the MYSQL manual]: > Foreign key relationships involve a parent table that holds the central data values, and a child table with identical values pointing back to its parent. The FOREIGN KEY clause is specified in the child table. The parent and child tables must use the same storage engine. **They must not be TEMPORARY tables**. Please add something like: {{{#!php <?php add_filter( 'query', [ $this, '_alter_temporary_tables' ] ); // ... snip ... public function _alter_temporary_tables( $query ) { if ( 'ALTER TABLE' === substr( trim( $query ), 0, 11 ) && strpos( $query, 'ADD CONSTRAINT' ) !== false && strpos( $query, 'FOREIGN KEY' ) !== false ) { return 'SELECT 1'; // Replace borken foreign key query with a fake query } return $query; } }}} To `WP_UnitTestCase::start_transaction()` Thank you for your consideration." conner_bw 2 44358 Unable to search a user if username is an email address dev-feedback Users normal normal Awaiting Review enhancement new 2018-06-13T14:43:41Z 2019-01-16T06:50:09Z "If a user has an email address in his username, that user is not searched in admin user list page. Steps to reproduce: - Create a new user and use an email address as the username, e.g. `abc@gmail.com` - Make sure no user on the system has an email address which contains `abc@` in it - Search a user with `abc@` keyword. No user will be returned. I think since WordPress does not restrict the character `@` in username, the search should include username field even when there is `@` in search keyword. Does this make any sense? " subrataemfluence 44370 wp_privacy_delete_old_export_files runs too much on some setups Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-06-14T14:38:31Z 2019-06-19T12:10:21Z "The `wp_privacy_delete_old_export_files` cron job added in [43046] #43546 runs on an hourly schedule. On large multisite networks, this means that these cleanup are running more or less constantly. Yet they're almost never needed. It's possible to write a plugin that modifies the behavior, by changing the way that scheduling is done so that it conforms better to the needs of a large network. However, I thought it might be worth considering whether there are changes that WP itself could make that would mitigate the problem for all installations. A few ideas, some of which are mutually compatible: 1. Instead of scheduling the event on 'init', only schedule it when an export file is generated. 2. During the cleanup routine, check for the existence of export files. If none are found, unschedule the recurring event (or don't schedule the next one) 3. In combination with the above, use single events rather than recurring ones 4. Perhaps the cleanup routine itself would be a single event, while a less-frequent (say, daily) recurring event would be to check whether specific cleanup events need to be scheduled (these would be cases missed by 1) If the team thinks this is too complex, or should be left up to the maintainer of the site in cases where it makes a difference, feel free to close the ticket." boonebgorges 4 44372 WP_Query cannot properly order by nested Parent/Child relationships Query 4.9.6 normal minor Awaiting Review defect (bug) new 2018-06-14T19:28:48Z 2018-06-14T20:23:58Z "Steps to reproduce the problem: - Create a new CPT named `series`. - Create numerous parent/child relationships in no particular order. Some are nested since we have the concept of seasons and episoded in series. These will not fit properly with taxonomies because data for each ""Season 1"" is unique to the parent series. - The parent can be added after the child is created and then associated (important as the date is taken into account here as it is unreliable in this case and is a very realistic scenario). - use `menu_order` as a way to order these items. Seasons `menu_order` will be the season number and episodes are most commonly going to be used 1-10. One could argue season 2 should be 20-30 but that is not normal user expectation when using the system (I already have teams working on this and they all favor 1-10 and not 20... 30... per season. I tried...) Basically, what you are creating is a bunch of series that have seasons as their immediate children then these seasons have episodes assigned to them. Typical series structure. Series (parent) -> Season (child of Series, parent of Episode) -> Episode (child of Season). I can easily filter the results for parents and list the children. The issue I have is that I am not able to sort by children properly. What I expect is a structure like: Game of Thrones {{{ - Season 1 -- Episode 1 -- Episode 2 -- Episode 3 - Season 2 -- Episode 1 -- Episode 2 -- Episode 3 - Season 3 -- Episode 1 -- Episode 2 -- Episode 3 ... }}} What I get: Game of Thrones {{{ - Season 1 - Season 2 - Season 3 -- Episode 1 - season 3 -- Episode 2 - season 3 -- Episode 3 - season 3 -- Episode 1 - season 1 -- Episode 2 - season 1 -- Episode 3 - season 1 -- Episode 1 - season 2 -- Episode 2 - season 2 -- Episode 3 - season 2 ... }}} I have tried playing with the orderby for all available options and I can not get the structure I expect. It seems like this is a limitation with the table design as menu_order and post_parent are not enough to create this structure. In fact, you can pretty much only do what I am getting, not what I would expect. It would seem that we need a better way to handle deeper parent/child relationships for this to order properly. Perhaps a meta field would help with this. I'm not sure if there is anything that can be done here. I am very doubtful. I may have to rethink the system and add more meta fields for ordering as this is going to be a problem for the project. Reporting this here to see if it's worth anyone's time to research. I've included my class to help with testing. {{{ <?php namespace Parables\WP\Core\Backend; use Parables\WP\Core\VideoFactory; /** * Class SeriesAdminListFilter * This will add a filter option for series parents to the admin list * This allows viewing of children only for seasons * @package Parables\WP\Core\Backend */ class SeriesAdminListFilter { /** * Stores all series parents * @var array */ private $allSeriesParents; /** * Request parameter */ const REQUEST_SERIES_NAME_VARIABLE = 'series_id'; /** * Assign hooks */ public function __construct() { \add_action('restrict_manage_posts', array($this, 'addDropDownFilter'), 10, 2); \add_action('parse_query', array($this, 'filterQuery'), 10); } /** * Build the drop down menu * @param string $post_type * @param string $which */ public function addDropDownFilter($post_type, $which) { if ('series' !== $post_type) { return; //check to make sure this is your cpt } $_series = $this->_getAllSeriesParents(); if (empty($_series)) { return; } $selected = isset($_REQUEST[self::REQUEST_SERIES_NAME_VARIABLE]) ? $_REQUEST[self::REQUEST_SERIES_NAME_VARIABLE] : ''; ?> <select id=""<?php esc_attr_e(self::REQUEST_SERIES_NAME_VARIABLE); ?>"" name=""<?php esc_attr_e(self::REQUEST_SERIES_NAME_VARIABLE); ?>""> <option value=""""><?php _e('All Series', 'parables_core'); ?></option> <?php foreach ($_series as $sID => $sTitle) : ?> <option value=""<?php esc_attr_e($sID); ?>"" <?php echo ($selected == $sID) ? 'selected=""selected""' : ''; ?>><?php echo $sTitle; ?></option> <?php endforeach; ?> </select> <?php } /** * Filter the Query * @param \WP_Query $query * @return \WP_Query */ public function filterQuery($query) { // Check if backend main query if (!is_admin() || !$query->is_main_query()) { return $query; } // Ensure proper post_type and that we have the request var if ('series' !== $query->query['post_type'] || empty($_REQUEST[self::REQUEST_SERIES_NAME_VARIABLE])) { // No need to filter, not where we want to be return $query; } // Ok, let's extend the WP_Query to use our filter // Fetch Series Object so we can extract the season post IDs $_seriesObject = VideoFactory::getObject($_REQUEST[self::REQUEST_SERIES_NAME_VARIABLE]); $_seriesSeasons = $_seriesObject->getSeasons(); $_seriesSeasons = array_keys($_seriesSeasons); // gets the season post ID // build $_parentIDs to be used to limit the result set $_parentIDs = [(int)$_seriesObject->getPostID()]; $_parentIDs = array_merge($_parentIDs, $_seriesSeasons); // Modify the query object to use our new filter $query->query_vars['post_parent__in'] = $_parentIDs; $query->query_vars['orderby'] = [ 'parent' => 'ASC', 'menu_order' => 'ASC' ]; return $query; } /** * Returns all series parents * @return mixed */ private function _getAllSeriesParents() { if (NULL === $this->allSeriesParents) { // Build query for genre query $args = array( 'posts_per_page' => -1, 'post_status' => 'publish', 'orderby' => 'title', 'order' => 'ASC', 'post_parent' => 0, 'post_type' => array( 'series' ), 'ignore_sticky_posts' => 1 ); // Do query $wpQuery = new \WP_Query($args); if ($wpQuery->have_posts()) { foreach ($wpQuery->get_posts() as $p) { // Normal loop logic using $p as a normal WP_Post object $this->allSeriesParents[$p->ID] = $p->post_title; } } } return $this->allSeriesParents; } } }}} Series CPT is: {{{#!php <?php $capabilityType = 'series'; register_post_type('series', array( 'labels' => array( 'name' => __('Series', 'parables_core'), 'singular_name' => __('Series', 'parables_core'), 'featured_image' => __('Poster Image', 'parables_core'), 'set_featured_image' => __('Set Poster Image', 'parables_core'), 'remove_featured_image' => __('Remove Poster Image', 'parables_core'), 'use_featured_image' => __('Use Poster Image', 'parables_core'), ), 'public' => true, 'menu_position' => 21, 'menu_icon' => 'dashicons-video-alt2', 'hierarchical' => true, 'capability_type' => 'series', 'capabilities' => array( 'edit_post' => ""edit_{$capabilityType}"", 'read_post' => ""read_{$capabilityType}"", 'delete_post' => ""delete_{$capabilityType}"", 'edit_posts' => ""edit_{$capabilityType}s"", 'edit_others_posts' => ""edit_others_{$capabilityType}s"", 'publish_posts' => ""publish_{$capabilityType}s"", 'read_private_posts' => ""read_private_{$capabilityType}s"", 'delete_posts' => ""delete_{$capabilityType}s"", 'delete_private_posts' => ""delete_private_{$capabilityType}s"", 'delete_published_posts' => ""delete_published_{$capabilityType}s"", 'delete_others_posts' => ""delete_others_{$capabilityType}s"", 'edit_private_posts' => ""edit_private_{$capabilityType}s"", 'edit_published_posts' => ""edit_published_{$capabilityType}s"" ), 'rewrite' => array( 'with_front' => false ), 'supports' => array( 'title', 'editor', 'page-attributes', ), ) ); }}} " son9ne 44374 Remove deprecated contact methods Users 4.9.6 normal normal Awaiting Review defect (bug) new 2018-06-15T15:32:17Z 2020-06-01T16:14:10Z "AIM is dead (December 15, 2017), Yahoo Messenger will be shut down on July 17, 2018. I'm not sure about Google Talk, I think it's been retired a long time ago. In May 2013, Hangouts replaced Google Talk. The way people are managing the contact methods nowadays is: {{{#!php <?php function cinnamon_extra_contact_info($contactmethods) { // Remove default contact methods unset($contactmethods['aim']); unset($contactmethods['yim']); unset($contactmethods['jabber']); // Add extra contact methods $contactmethods['facebook'] = 'Facebook'; $contactmethods['twitter'] = 'Twitter'; $contactmethods['googleplus'] = 'Google+'; return $contactmethods; } add_filter('user_contactmethods', 'cinnamon_extra_contact_info'); }}} All three of them need to be removed." butterflymedia 7 44375 `update_option` in `WP_Widget::update` breaks Customizer Widgets normal normal Awaiting Review defect (bug) new 2018-06-15T16:24:28Z 2019-01-17T00:28:13Z "Thanks to @westi for explaining [https://github.com/WordPress/WordPress/blob/b13e73d/wp-includes/class-wp-customize-widgets.php#L1945-L1967 this code] to me. It seems that we keep track of the number of `update_option` calls which is what powers the ability for the Customizer to show a bunch of changes live that haven't been applied yet. So as a consequence, we are not supposed to change any options within `WP_Widget::update`, by design, or otherwise it will [https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-customize-widgets.php#L1456-L1459 fail]. We discussed with @westi and we both agree that it isn't expected that widgets directly manage options but instead the API manages the widget's settings for it so the widget doesn't have to be multi-use aware. However, it should be made somewhat explicit in WordPress I believe, as it only fails in the Customizer, and not when you do these changes from `wp-admin/widgets.php`. It's kind of like a ""hidden"" bug :) I am not sure if we want to just call a `_doing_it_wrong()` or rework this part to allow devs to call `update_option` within `WP_Widget::update`. Steps to reproduce: 1. Have a widget that calls `update_option` within the `update` method. Example widget [https://gist.github.com/bor0/f70a3db039f66d15cdc15b1bf8fa066f here]. 2. Change the title through `wp-admin/widgets.php` Expected = Actual: Title saves fine 3. Change the title through Customizer Actual: `An error has occurred. Please reload the page and try again.`" bor0 44377 "add filter to post_submit_meta_box() to conditionally refrain from outputting the ""Visibility"" fields" Posts, Post Types normal normal Awaiting Review enhancement new 2018-06-15T19:07:57Z 2018-06-15T19:07:57Z "I have a CPT that, by it's very nature, always has visibility `public` (not private nor password protected). Since I don't want users selecting anything other than `public`, currently, I enqueue some CSS that hides the ""Visibility"" related fields in the ""Publish"" metabox on `/wp-admin/post.php` and `/wp-admin/post-new.php`, but that just seems kludgy. **Note:** in case a ""sneaky"" user finds my CSS, unhides the fields and sets the post to be private or password protected, I also hook into [[https://developer.wordpress.org/reference/hooks/wp_insert_post_data/|wp_insert_post_data]] to ""correct"" `post_status` and `post_password`. It would be helpful if there were a filter in [[https://developer.wordpress.org/reference/functions/post_submit_meta_box/|post_submit_meta_box()]] to control whether the ""Visibility"" related fields are output. Such a filter would be similar in spirit to the [[https://developer.wordpress.org/reference/hooks/view_mode_post_types/|view_mode_post_types]] filter in [[https://developer.wordpress.org/reference/classes/wp_screen/render_view_mode/|WP_Screen::render_view_mode()]] that controls whether the ""View Mode"" related fields are output in ""Screen Options"". Prior to `view_mode_post_types` being introduced in 4.4, I used to hide those fields via CSS when appropriate. " pbiron 44378 Add privacy prompt(s) to the embeds whitelist documentation in the core handbook allendav needs-docs Privacy 4.9.6 normal normal Future Release enhancement assigned 2018-06-15T21:27:19Z 2019-01-17T20:53:33Z "There are several good prompts on https://make.wordpress.org/core/handbook/contribute/design-decisions/#whitelisting-oembed-providers to consider before adding an oembed provider to core. We should come up with and add a well worded prompt to have the developer consider the privacy implications of the embed (e.g. cookies, tracking JS, etc) in addition to the other prompts already included there." allendav 1 44381 GDPR V2 - Anticipate front-end only sites for confirm actions Privacy normal normal Awaiting Review defect (bug) new 2018-06-15T22:30:30Z 2019-06-03T16:54:06Z "Hello, This is spawned from #44376 as I realized that the confirmaction living in wp-login.php means that front-end only sites that block wp-login.php won't have the ability to execute the action. As GDPR V2 is expected to introduce front-end versions of the request forms it would make sense that these could operate without any backend or wp-login.php available. The code that drives this lives in wp-login.php here;[[BR]] https://github.com/WordPress/WordPress/blob/3ee58b55b14683af4c568bce1845c37408c88fbb/wp-login.php#L862 Cheers " garrett-eclipse 1 44386 Problem with utf8mb4_unicode_ci collation for arabic content has-patch Database 4.9.6 normal major Awaiting Review enhancement new 2018-06-17T06:52:44Z 2018-06-17T07:00:57Z "I see that since version 4.6, WordPress uses utf8mb4_unicode_ci as the default collation. I see this in the determine_charset function in the /wp-includes/wp-db.php file (CMIIW). In my experience, it looks like utf8mb4_unicode_ci has problems with content that uses arabic letters. Example: I created a tag with the name: {{{ #!span style=""font-size: 28pt"" ٱللَّهِ }}} And I created another tag with the name: {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} Then when I do a tag search (via wp-admin), with keyword: {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} the search results that appear are: {{{ #!span style=""font-size: 28pt"" ٱللَّهِ }}} and {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} tags. Whereas it should appear only tag: {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} according to the search keyword. This becomes a problem when a post wants to use the tag {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} , but can not be due to existing tag {{{ #!span style=""font-size: 28pt"" ٱللَّهِ }}} My guess is not a bug from WordPress, but a bug from MySQL. For information, perhaps this link is a related issue: [https://bugs.mysql.com/bug.php?id=76218] (CMIIW)." array064 1 44387 Add support for site meta in `register_meta()` needs-unit-tests Options, Meta APIs 5.1 normal normal Future Release enhancement new 2018-06-17T13:36:33Z 2019-09-20T23:23:10Z "#38323 adds subtype handling to `register_meta()`. These efforts include introducing a function `get_object_subtype()` which returns the object subtype of a given type and ID combination. For the initial merge, this only includes the single site types ""post"", ""term"", ""comment"" and ""user"". Since [42836], sites in a multisite also support metadata, so they should receive subtype support as well. Since sites do not actually use subtypes at this point, we basically only need to add a clause which checks whether a site with the given ID exists, and if so, return the type identifier. The tricky part into which we need to put some thought is the naming: Sites have been historically called ""blogs"", and WordPress core aims to get rid of the legacy naming in its APIs (and only the database schema remains untouched). For example, there are wrapper functions like `get_site_meta()`, but they actually call the low-level meta functions like `get_metadata( 'blog', ... )` because those are tightly coupled to the DB schema. Since registering site meta would be new, we should consider actually naming the type ""site"" here, and then only internally handling the ""blog"" part of it. However, this may introduce unexpected inconsistencies with other areas, so we need to investigate whether this is a wise choice or not. I'd generally argue the simplest solution would be to introduce `register_site_meta()` and `unregister_site_meta()` and otherwise keep the ""blog"" name (which would be consistent with the way existing site meta wrappers work) - however we decided wrappers should only be introduced for object types that use subtypes, so here with sites, developers would actually need to call `register_meta( 'blog', ... )` themselves which would be sub-optimal. Let's discuss." flixos90 12 44391 Improving the notification badges in admin menu hedgefield Administration normal normal Awaiting Review enhancement assigned 2018-06-18T10:24:13Z 2021-11-10T18:32:07Z "During the WCEU contributor day we received the request from the A11y team to look at the notification badges in the admin menu. Their red color and lack of context was seen as something that could be improved. So together with Jayman Pandya, Rich Copping, Jasper Cheyney and Vasilis Baimas we looked at different ways to improve this. We first explored ways to add more context with text or expandable rollovers or tooltips, but agreed that this was not good. So we focused on improving the styling itself. I've attached the design explorations we did below. By moving the badge onto the icon, adding a border and optionally omitting the number (this should be tested), we felt like this would be a nice improvement for the visually impaired, as well as a more calming design layout. Adrian Roselli took a look and agreed that this would be a good improvement, with his preference also going to design 3 and 4 (with 1 being the current situation). We will try to make a PR for this if this sounds like a good idea to you all too. Putting the badge on the icon is also a nice step towards the pattern of the notification center proposal: #43484" hedgefield 21 44394 Error when trying to get the columns of a three-columns gallery. has-patch Gallery 4.9.6 normal normal Awaiting Review defect (bug) new 2018-06-18T12:19:40Z 2018-06-19T08:08:11Z "It seems the `get_post_gallery` function fails to retrieve the column count if it's 3. First, create a gallery. Then, insert 2 or 3 or any number of images and set its column to 3. Then, run this code in the context of a post (content.php / single.php will do): {{{#!php <?php $gallery = get_post_gallery( $post->ID, False ); $gallery_images = explode( ',', $gallery['ids'] ); var_dump( $gallery['columns'] ); }}} It will come out as: {{{ <b>Notice</b>: Undefined index: columns in <b>C:\file.php</b> on line <b>45</b> }}} " virginthumb 2 44399 Add unique capability for oembed needs-unit-tests Embeds normal normal Awaiting Review defect (bug) new 2018-06-18T20:11:34Z 2019-01-17T00:27:46Z "Ran into a very specific use case today wherein I have a custom user role with a custom WYSIWYG editor on their profile. The user role has unique capabilities for a couple custom post types with unique capabilities. The user needs to be able to paste a YouTube URL in their profile editor, but I found that it doesn't work. After some digging, I found that the oEmbed ajax function `wp_ajax_parse_embed()` checks for `current_user_can('edit_posts')`. Also, the oEmbed REST API does the same thing in the `WP_oEmbed_Controller::wp_ajax_parse_embed()` method. This is a problem for custom post types with custom capabilities. We don't want the user to have the `edit_posts` permission, but they do have the `edit_custom_posts` equivalent. While this isn't a problem for `current_user_can('edit_post', $post_id)` calls, as it uses the post to grab the post object and thereby post object capabilities, the `edit_posts` primitive check has no context. Since we can't rely on being able to gather post object context (as, in my case, there may be no post object as we're on the user profile), I propose creating a single (or group) of oEmbed capabilities. Something like `create_oembeds`. Wanted to gather some feedback and thoughts from the community before putting together a patch. Let me know what you think! :)" jason_the_adams 3 44406 Mismatch in the default value of the optional replacement argument in do_action_deprecated(), apply_filters_deprecated() and _deprecated_hook() General 4.6 normal normal Awaiting Review defect (bug) new 2018-06-20T03:22:56Z 2018-09-17T01:51:39Z "There's a mismatch in the default value of the optional ''replacement'' argument in the functions {{{do_action_deprecated()}}}, {{{apply_filters_deprecated()}}} and {{{_deprecated_hook()}}}. We have: {{{ function do_action_deprecated( ..., $replacement = false, ... ) { ... } function apply_filters_deprecated( ..., $replacement = false, ... ) { ... } }}} but then on the other hand: {{{ function _deprecated_hook( ..., $replacement = null, ... ) { ... } }}} containing a {{{! is_null( $replacement ) }}} check. ''How to fix:'' I think adjusting the private function {{{_deprecated_hook()}}}, could be a safer route, as it's not supposed to be used by plugins or themes. Either adjust the optional input value to {{{false}}}, or e.g. replace {{{! is_null( $replacement )}}} with {{{! $replacement }}} to handle both. ''How to replicate - Example:'' {{{ add_action( 'init', function() { add_action( 'foo_action', 'foo_action_callback' ); do_action_deprecated( 'foo_action', array( '123' ), '4.9' ); remove_action( 'foo_action', 'foo_action_callback' ); } ); function foo_action_callback( $var ) { } }}} ''Actual message: '' {{{ foo_action is deprecated since version 4.9! Use instead. }}} ''Expected message: '' {{{ foo_action is deprecated since version 4.9 with no alternative available. }}} Related ticket #10441 and changeset [37861]" birgire 1 44407 Please add page_attributes_meta_box_parent action to meta-boxes.php General 4.9.6 normal normal Awaiting Review enhancement new 2018-06-20T05:47:49Z 2018-06-21T04:57:34Z "Hello, Can we add a new action after the 'Parent' label to match the one that follows after the 'Template' label. Placement for new action - https://github.com/WordPress/WordPress/blob/cd4c960a6c17e683bcc76f1efaadcb272955bb83/wp-admin/includes/meta-boxes.php#L924 Existing action for 'Template' - https://github.com/WordPress/WordPress/blob/cd4c960a6c17e683bcc76f1efaadcb272955bb83/wp-admin/includes/meta-boxes.php#L943 Thank you " garrett-eclipse 2 44412 'pre_cache_alloptions' filter in wp_load_alloptions() in option.php cannot be hooked needs-docs Cache API normal normal Future Release enhancement new 2018-06-20T12:47:32Z 2021-06-15T18:40:04Z "Whenever wordpress loads, it fetches all options with the wp_load_alloptions() function in the option.php file. There is a filter in the function before sending it to the cache: {{{#!php <?php $alloptions = apply_filters( 'pre_cache_alloptions', $alloptions ); }}}. However, there is no way to hook into this filter in the theme or plugin because the theme or plugin are loaded afterwards. So the full array is always send to the cache. We were having trouble with a site that loaded all of the options with autoload 'yes' and it crashed with a memory limit exhausted error because there were too many options. An action needs to be added to hook into this filter or move the calling of this function some steps further after a theme or plugin is loaded." redsnowcompany 1 44418 fs_unavailable while auto-updating plugins reporter-feedback Upgrade/Install 4.9.6 normal normal Awaiting Review defect (bug) new 2018-06-21T04:10:26Z 2021-05-06T22:12:24Z "This is a follow-up to #38024. This happens when plugins are updated automatically in the background (see attached screenshot)." ecomevo 2 44419 Custom classes and markup for pagination Themes normal normal Awaiting Review enhancement new 2018-06-21T04:55:54Z 2019-01-16T06:50:09Z "In most cases we can modify outputted classes and markup, so that we can have naming convention we want. [https://webdesign.tutsplus.com/tutorials/quick-tip-bem-naming-and-wordpress-filters-for-navigation--cms-31268?_ga=2.172652963.1871067249.1529556196-1741110366.1504949040 Navigation is a good example]. But using `the_posts_pagination()` function there are no filters to modify output. For example this kind of markup and classes should be possible but I think it's not at the moment: {{{ <nav class=""pagination pagination--posts"" role=""navigation""> <h2 class=""pagination__title screen-reader-text"">Posts Navigation</h2> <ul class=""pagination__items""> <li class=""pagination__item pagination__item--current""><span aria-current=""page"" class=""page-numbers current"">Page 1</span></li> <li class=""pagination__item pagination__item--number""><a class=""page-numbers"" href=""http://foxland-products.test/blog/page/2/"">Page 2</a></li> <li class=""pagination__item pagination__item--dots""><span class=""page-numbers dots"">…</span></li> <li class=""pagination__item pagination__item--number""><a class=""page-numbers"" href=""http://foxland-products.test/blog/page/5/"">Page 5</a></li> <li class=""pagination__item pagination__item--next""><a class=""next page-numbers"" href=""http://foxland-products.test/blog/page/2/"">Next page →</a></li> </ul> </nav> }}} To sum it up: - You can't add custom classes. - There is no way to add wrapping `<li>`. - I get lost when trying to figure out Singular-post, posts and comment pagination. With that said I'm sure there is a way to add all these things in backwards compatible way but I need to look the code first before I can suggest something. At first look pagination functions seems messy:) " sami.keijonen 44423 Unicode characters in get string breaks pagination reporter-feedback Posts, Post Types 4.9.6 normal normal Awaiting Review defect (bug) reopened 2018-06-21T11:59:20Z 2018-06-25T12:11:41Z "This was found when working with this plugin: [Ajax-Enabled Enhanced Layered Navigation](https://woocommerce.com/products/ajax-layered-navigation/) . If there are unicode characters used in a parameter in a get string, then it breaks pagination by not allowing access to page 2+. 1. Set your blog posts to display 1 per page 2. View blog 3. Append this to the url in address bar and hit enter: `?dddd%D7%99%D7%A6%D7%A8%D7%9F=metabo` 4. Once page reloads, try to go to page 2 5. You should receive a too many redirects error " jessepearson 4 44425 Add WP_CACHE_KEY_SALT to WordPress.org secret-key service General normal normal Awaiting Review enhancement new 2018-06-21T16:52:04Z 2018-06-22T17:32:41Z "Currently, the WordPress.org secret-key service https://api.wordpress.org/secret-key/1.1/salt/ generates `AUTH_KEY`, `SECURE_AUTH_KEY`, `LOGGED_IN_KEY`, `NONCE_KEY`, `AUTH_SALT`, `SECURE_AUTH_SALT`, `LOGGED_IN_SALT` and `NONCE_SALT`. It would be helpful if it also generated `WP_CACHE_KEY_SALT`. That way, people who install the object-cache.php drop-in would be less likely to experience unexpected behaviour. See also: https://github.com/Automattic/wp-memcached/issues/31" paulschreiber 2 44429 WP-CLI incompatibility with wp_redirect( https://... ) dev-feedback General normal major Awaiting Review defect (bug) new 2018-06-21T20:43:31Z 2018-07-24T12:28:57Z "Hello, My wordpress wouldn't update and I see errors below, I also trying to update my site URL to include www to it but I can't change it due update failure. {{{ Warning: The system could not load some of this WordPress installation’s data. Certain sections of this interface may not function correctly. (XID nw85up) The system failed to run the wp-cli batch commands with the following issues: Warning: Some code is trying to do a URL redirect. Backtrace: #0 WP_CLI\Utils\wp_redirect_handler(https://) #1 call_user_func_array(WP_CLI\Utils\wp_redirect_handler, Array ([0] => https://)) called at [/home/rsed43dqsw/public_html/wp-includes/class-wp-hook.php:288] #2 WP_Hook->apply_filters(https://, Array ([0] => https://,[1] => 301)) called at [/home/rsed43dqsw/public_html/wp-includes/plugin.php:203] #3 apply_filters(wp_redirect, https://, 301) called at [/home/rsed43dqsw/public_html/wp-includes/pluggable.php:1196] #4 wp_redirect(https://, 301) called at [/home/rsed43dqsw/public_html/wp-content/plugins/force-https-littlebizzy/core/redirect.php:91] #5 FHTTPS_Core_Redirect->redirect() called at [/home/rsed43dqsw/public_html/wp-content/plugins/force-https-littlebizzy/core/redirect.php:68] #6 FHTTPS_Core_Redirect->start() #7 call_user_func_array(Array ([0] => FHTTPS_Core_Redirect Object (),[1] => start), Array ([0] => )) called at [/home/rsed43dqsw/public_html/wp-includes/class-wp-hook.php:286] #8 WP_Hook->apply_filters(, Array ([0] => )) called at [/home/rsed43dqsw/public_html/wp-includes/class-wp-hook.php:310] #9 WP_Hook->do_action(Array ([0] => )) called at [/home/rsed43dqsw/public_html/wp-includes/plugin.php:453] #10 do_action(plugins_loaded) called at [/home/rsed43dqsw/public_html/wp-settings.php:327] #11 require(/home/rsed43dqsw/public_html/wp-settings.php) called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/WP_CLI/Runner.php:1174] #12 WP_CLI\Runner->load_wordpress() called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/WP_CLI/Runner.php:1100] #13 WP_CLI\Runner->start() called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/WP_CLI/Bootstrap/LaunchRunner.php:23] #14 WP_CLI\Bootstrap\LaunchRunner->process(WP_CLI\Bootstrap\BootstrapState Object ([] => Array ())) called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/bootstrap.php:75] #15 WP_CLI\bootstrap() called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/wp-cli.php:23] #16 include(phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/wp-cli.php) called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/boot-phar.php:8] #17 include(phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/boot-phar.php) called at [/usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar:4]" ecahost7 8 44435 Add Action / Filter in Post Details page for Screen Meta Links Posts, Post Types normal normal Awaiting Review enhancement new 2018-06-22T09:58:58Z 2019-01-16T06:50:09Z We can add action/filter in wordpress backend for Screen Meta Links so that using plugin we can add our own links with screen meta links. mohdjafarcedcoss 44441 Remove the settings for image dimensions from Settings => Media joedolson* has-patch Media normal normal Future Release enhancement accepted 2018-06-23T13:07:20Z 2022-10-26T19:31:15Z "WordPress has been using the `srcset` and `sizes` img tag attributes for quite a while now. These attributes were somewhat ""new"" several years ago, but are now ""mainstream"". When they are present the browsers disregard the `src` attribute and instead use only the `srcset` attribute. This generally means that when creating a post the users are no longer constrained by having to choose a specific image size (that has to exist). The users can add pretty much any size images, only constrained by the theme's width. Then the browser will choose the proper image file to download for the specific case/device for each visitor to the site. In that terms the ability to change the default image sizes ""by hand"" is no longer appropriate. These sub-sizes are used to support the list of available images in the `srcset` attributes. They are not useful as restrain when creating a post and inserting an image. Having the `max width` and `max height` settings for them on the Settings => Media screen doesn't make sense." azaozz 30 44445 wp_cache_init() and WP_Object_Cache constructor has a memory leak dev-feedback Cache API 2.2 normal normal Awaiting Review defect (bug) new 2018-06-24T05:00:47Z 2019-05-03T17:45:12Z "When calling `wp_cache_init()` repeated in unit testing the WP_Object_Cache::__contruct() repeatedly registers '__destruct' as a shutdown function, and each time it does it leaks memory. There is a @todo comment above the `register_shutdown_hook()` that says the following so I would assume that this is no longer needed and we could just delete the line with the register_shutdown_hook()? ''This should be moved to the PHP4 style constructor, PHP5 already calls __destruct()'' I will upload a patch to delete the list, and a different patch to only call `register_shutdown_hook()` once, depending on what is appropriate." MikeSchinkel 1 44447 Failed to load resource: net::ERR_FILE_NOT_FOUND reporter-feedback General normal normal Awaiting Review defect (bug) reopened 2018-06-24T16:47:03Z 2021-06-07T09:57:37Z "On much WordPress Installtions I get a error message in Browser Console Log: Failed to load resource: net::ERR_FILE_NOT_FOUND [[Image(https://s2.imagebanana.com/file/180624/Sr5WLwhj.png)]] " Benjamin_Zekavica 4 44450 Functions/methods do not return any value in classes should use @return void in method doc has-patch Widgets normal normal Future Release defect (bug) new 2018-06-25T07:30:40Z 2019-04-05T12:34:27Z "Several classes inside `wp-includes/widgets` directory are missing `@return void` in function docs which are `echo`-ing output but not returning any value. There are many other areas in the core which are using this approach. We need to be consistent." subrataemfluence 7 44456 srcset max-width set to image width Media 4.9.6 normal normal Awaiting Review defect (bug) new 2018-06-25T14:53:48Z 2020-04-07T03:05:48Z "My understanding is the max-width value in the image srcset should be limited to 1600px, however it is actually always set to the width of the original image. Also, max_srcset_image_width does not appear to be properly setting the max-width value either. Thanks, Mike" mikedunn 1 44459 Options added to the Permalinks admin page do not get saved Options, Meta APIs normal normal Awaiting Review defect (bug) new 2018-06-25T17:23:39Z 2018-06-26T16:10:24Z "When a new option with matching field is registered to show on the Permalink admin page, it will show there just fine but the setting will never be saved to the database. This seems due to the fact that wp-admin/options-permalink.php submits to itself, not to options.php To reproduce: 1. Register a test option to the permalink group: {{{#!php function register_test_base_setting() { $args = array( 'type' => 'string', 'sanitize_callback' => 'sanitize_text_field' ); register_setting( 'permalink', 'test_base', $args ); } add_action( 'admin_init', 'register_test_base_setting' ); }}} 2. Add settings field to the permalink group, at the optional section: {{{#!php function add_test_base_settings_field() { add_settings_field( 'test_base', 'Test base', 'test_base_settings_field', 'permalink', 'optional', array( 'label_for' => 'test_base' ) ); } add_action('admin_init', 'add_test_base_settings_field' ); function test_base_settings_field( $args ) { global $blog_prefix; $test_base = get_option( 'test_base' ); echo $blog_prefix; ?><input name=""test_base"" id=""test_base"" type=""text"" value=""<?php echo esc_attr($test_base); ?>"" class=""regular-text code"" /></td> <?php } }}} 3. Visit Settings > Permalinks and try to set a value and save the setting. What is expected: the setting gets (a) passed to the sanitize callback and then (b) saved to the DB. What happens: nothing of these two. There is really no point of the `do_settings_fields('permalink', 'optional')` and `do_settings_sections('permalink')` in wp-admin/options-permalink.php if options added though these hooks will never get treated. " RavanH 2 44461 inconsistent type for global $blog_id has-patch Networks and Sites 4.9.6 normal normal Awaiting Review defect (bug) new 2018-06-25T18:51:00Z 2019-02-01T02:06:06Z "Hi, in a single installation global $blog_id is 1, its type is integer. in a multisite context global $blog_id is a string, this might be a problem considering the fact that operator == && != have been deprecated. There is a function called get_current_blog_id() that basically applies an absint() on this global but I guess this should be an integer whatever happens." jmlapam 2 44468 Introduce infrastructure for testing primitive capabilities granted via `user_has_cap` has-patch Role/Capability normal normal Future Release enhancement new 2018-06-26T17:58:40Z 2019-09-20T23:24:47Z "There are three ways of granting capabilities to a user: * Via the database, with capabilities being granted through a role. Those capabilities are referred to as ""primitive capabilities"". * Via the `map_meta_cap` filter, with capabilities being resolved to one or more primitive capabilities. Those capabilities are referred to as ""meta capabilities"". * Via the `user_has_cap` filter, with capabilities being granted as if they were in the database too. This has existed for a very long time, but has not been used in core until recently. **So what is this about?** New capabilities introduced to core should not be added to the database. However, many of the new capabilities are not meta capabilities, and it would be wrong to use `map_meta_cap` for them. Those capabilities should be dynamically granted, but essentially behave just like primitive capabilities. There are numerous of those capabilities in core that historically use `map_meta_cap()` (for example `customize`, `manage_privacy_options`, ...), and we probably cannot change that. But for the future, we should ensure we stick to this separation and only use `map_meta_cap()` for actual meta capabilities, i.e. capabilities that receive additional arguments (like a post ID, a plugin slug, ...) and are then resolved. Originally introduced as part of #41332 (but not being suitable for discussion in there), this ticket aims at providing a comprehensive testing infrastructure for those capabilities. While currently the only capability granted like that is `install_languages`, this infrastructure will encourage granting dynamic primitive capabilities the proper way. cc @johnbillion" flixos90 5 44470 meta property=“og:image” doesn't register if an image is executed via a shortcode in WP Post and Pages dev-feedback Editor 4.9.6 normal critical Awaiting Review defect (bug) reopened 2018-06-27T03:28:41Z 2018-06-30T00:34:20Z "I want to try and explain a WordPress core issue and bug, in which I dont feel there is an available solution, at least I dont think after exhaustive research. I ran many many tests on fresh WP installations and twenty17 themes. And some may suggest this is a 3rd party plugin issue, while I am suggesting that it is both a Core and 3rd Party Plugin issue with the most widely used plugin in the world perhaps WPSEO. Applying shortcodes to WP post and Pages, of course it renders fine in the front-end, the output code that is. However, many recent updates to social media platforms Open Graph Protocols. The WPSEO plugin cannot understand that an image <img src=""file.jpg""> is being executed via php through a shortcode, unless the image is hard-coded directly into the WP page editor then it works fine. Problem is, no image executed from literally any 3rd party plugin shortcode contained within a wordpress post or page will execute the meta property=""og:image"" in the <head> .... In short WordPress Core does not support opengraph functions or plugins when shortcodes are being used. one of the last tests to try to continue to prove this is a WP core issue from their last several updates, that I am certainly of course trying to gain some attention on, that even an out of the box wordpress stock short codes like [gallery ids=""21""] to display images, cool enough that it displays visually in the post editor, still impossible to hook into the main property=og:image meta. Of course the other primary issue, no rhyme or reason either that a static front page cannot display the meta in the <head> either by any know third party plugin or hard coded functions in the theme directory. Being that exhaustive testing has been done, without the modification of stock wordpress core files, continues to lead me to believe that this is a core issue again. And after a lot of I intelligent research I believe wordpress next core update should fix this. Please read some other additional testing I have done on this issue as well. I am certainly trying to gain some attention to this issue because developers need to be able to execute php via shortcodes into wp post editors therefore execute images in a dynamic way via short codes and still be in compliance with al know third party plugins like yoasts og: settings and the social media platform og protocols. https://wordpress.stackexchange.com/questions/306973/property-ogimage-doesnt-register-with-including-a-php-file-as-a-shortcode-in" nlstm 8 44474 Add print styles to backend has-patch Administration normal normal Awaiting Review enhancement new 2018-06-27T12:38:54Z 2021-07-06T23:56:34Z "It would be great if lists and content can be printed from WordPress backend (admin). Currently the whole UI is printed which wastes space, ink and clutters everything, also content fields are clipped. A dedicated default print stylesheet for WordPress backend would use a different ink-saving, reading-friendly font, remove all unnecessary UI elements, ensure that all content fields are printed completely." strarsis 4 44476 Backend section Access based on Role/User dev-feedback Role/Capability 4.9.6 normal normal Awaiting Review feature request new 2018-06-28T06:33:37Z 2018-08-02T16:52:43Z "Hello Team, I would like to suggest a Feature which we can plan in the current/Newer Version of WordPress. In WordPress backend, we can give a setting to Administrator that he can set restriction or give access only to the limited section. For example, if Admin wants that Subscriber can only Add Posts and can only view the pages. We can do that with Access Management. I understand there are certain plugins available for this, but we can have such feature by default in wordpress it will be really helpful as nowadays Admin Panel is being operated by multiple Admins/Roles. Let me know your thoughts on this and if this is no a good idea or suggestion, please feel free to share your opinion " kartiks16 2 44485 Allow some functions from comments-template.php to accept a comment or post ID has-patch Comments normal normal Awaiting Review enhancement new 2018-07-01T14:11:57Z 2018-07-01T14:11:57Z "Nowadays, it's not uncommon to have to use some templating functions outside of the loop. Most of them already accepts a comment or post ID (get_permalink, ...). But, that's not the case for some functions related to comments. I did a small update of the file to allow that." tristanleboss 44497 get_page_link() doesn't check if a valid post object is returned before trying to access its properties has-patch Posts, Post Types normal normal Awaiting Review defect (bug) new 2018-07-03T14:05:49Z 2023-06-08T13:20:45Z "If get_page_link() receives an invalid post ID as the first parameter it will generate a PHP notice: {{{#!bash $ wp shell >>> get_page_link( -1 ) PHP Notice: Trying to get property of non-object in /vagrant/www/wccore/htdocs/wp-includes/link-template.php on line 317 }}} Should a check be added to prevent this notice from happening? I'm happy to submit a patch. I'm just not sure what is the best way to handle this. Should the function return null if `get_post()` can't find a valid post? Should it call `_doing_it_wrong()`? Something else? " rodrigosprimo 2 44498 Make `_wp_personal_data_cleanup_requests()` run on cron Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-07-03T15:17:06Z 2018-07-30T15:56:24Z "When a data export or removal request is created, a user must confirm that request within x days. By default, this is 1 day (24 hours), but it can be changed using the `user_request_key_expiration` filter. If a user does not confirm the request within that time, it is marked as failed, and the request needs to be re-initiated. Currently, requests are only marked as failed when the Export/Erase Personal Data screens are accessed. By default, only administrators can access this page, and will most likely do so very infrequently. Because of this, a cron may be more appropriate for marking requests as failed. A `posts_per_page => -1` query arg is also used to fetch expired requests, which could cause issues when a large number of requests have failed. Moving this action to a cron should cut down on the number of requests that need to be transitioned at a time." desrosj 3 44500 Mark data requests failed when an expired link is clicked has-patch Privacy 4.9.6 normal normal Future Release enhancement new 2018-07-03T15:44:54Z 2018-09-06T22:10:47Z "When a user data request expires (the user does not click the confirmation link within the specified timeframe), it is transitioned to the `request-failed` status. Currently, data export/erasure requests are only marked as `request-failed` when an administrator visits the Export/Erase Personal Data pages (which will be pretty infrequent). #44498 aims to move transitioning of expired requests to `request-failed` with a cron, but a request could also be marked as expired when a user clicks an expired link." desrosj 8 44510 count_user_posts() does not check for empty $userid has-patch Users normal normal Awaiting Review defect (bug) new 2018-07-04T09:31:42Z 2018-07-07T13:56:54Z "If `count_user_posts()` is called with a `NULL` `$userid`, it will return the total count of all site posts, rather than 0 or some error. I think this should not be expected behavior and we should bail early if `$userid` is `NULL`. This happens because `get_posts_by_author_sql()` then ignores the `$userid` arg if it is NULL. https://core.trac.wordpress.org/browser/tags/4.9.6/src/wp-includes/user.php#L347" Ste_95 1 44511 Widgets generated by wp_register_sidebar_widget can not be add via customizer reporter-feedback Customize 4.9.6 normal major Future Release defect (bug) new 2018-07-04T10:47:29Z 2022-04-22T03:50:54Z "Single use widgets, generated by `wp_register_sidebar_widget` and managed by `wp_register_widget_control` always return an ""Invalid value"" error in Customizer. They also block saving in Customizer. **We still can add them via appearance/widgets.php and go back to customizer.** Example to reproduce: {{{#!php <?php add_action('widgets_init', 'proof_of_concept_register_widget'); function proof_of_concept_register_widget(){ wp_register_sidebar_widget( 'poc_widget', 'POC Widget', 'poc_widget_display', array( 'description' => 'POC for Customize bug' ) ); wp_register_widget_control('poc_widget', 'poc_widget', 'poc_widget_control'); } function poc_widget_display(){ echo '<p>POC for Customize bug</p>'; } function poc_widget_control(){ echo '<p>You should see a red notice ""Invalid value"" just above</p>'; } }}} " bastho 7 44516 Unable to edit theme's file on multisite from default editor reporter-feedback Administration 4.9.6 normal normal Awaiting Review defect (bug) new 2018-07-04T21:38:12Z 2019-12-21T19:50:24Z "I am using WP 4.9.6 and on multisite when I tried editing theme's files from the editor it shows that it generated some fatal error. The actual message is 'Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.' Please see: https://prnt.sc/k2mshy" prashantvatsh 3 44517 Allow specifying the WordPress username to be filled in on the login form via a URL parameter. Login and Registration normal normal Awaiting Review enhancement new 2018-07-05T03:36:04Z 2019-01-16T06:50:09Z "Hi All, I have a usecase for WordPress that requires me to allow specifying the username that will be logged into for WordPress via a URL parameter. Essentially, a WordPress plugin allows creating a new username, only if a valid email has been sent. As part of the authentication flow, I want to be able to specify what the username was on the URL so that the user can just click the link that is sent to them via email, requiring only that their password be entered. I have provided a patch. Please let me know if there are any changes that should be made. Thanks!" datatim 44519 Where are the pages of the headings added with the + add-on (any) ala https://wp-kama.ru/cat/wordpress/codex+xxx Query normal normal Awaiting Review defect (bug) new 2018-07-05T10:00:29Z 2018-07-05T14:39:16Z "Here is the page for this blog (kama) - https://wp-kama.ru/cat/wordpress/codex+xxx This is a page of the rubric with the added + add-on (any) She does not give out the content, but her response code is 200 - http://joxi.ru/vAWplvLi13bNqr It's just that Kama banned the headings for indexing through meta name = ""robots"" content = ""noindex"" I have the same headings for indexing are allowed.So somehow finding such pages the search drags them to the index. This is exactly what happens to me and Yandex joyfully informs me that I have dragged another pack of such pages into the index. How to make sure that an error 404 would appear on the page https://wp-kama.ru/cat/wordpress/codex+xxx As an option - how to add them meta name = ""robots"" content = ""noindex"" Thank you." Dmitriy1973 44524 Allow Users to View Custom Post Type Admin Page dev-feedback Posts, Post Types normal normal Future Release defect (bug) new 2018-07-05T19:39:48Z 2020-02-21T00:26:01Z "Creating a custom post type and giving it custom capabilities, a user who can `edit_posts` but cannot `create_posts` cannot access the admin page: `/wp-admin/edit.php?post_type=cpt`. " wpsmith 1 44530 Post or page custom fields give wrong error message when enter value only. has-patch Posts, Post Types normal normal Future Release defect (bug) new 2018-07-06T10:20:24Z 2018-07-07T02:10:17Z "When I enter custom field's value without field name on the page and click on ""Add Custom Field"" button, The custom field gives the wrong error message ""Please provide a custom field value"". Normally, Message should ""Please provide a custom field name."" Because I entered only custom field value not a custom field name. I have attached the screenshot to get the better idea about the issue." harsh175 2 44531 Multiple bytes decimal point and thousands separator in number_format_i18n PHP < 5.4 dev-feedback I18N normal normal Awaiting Review defect (bug) new 2018-07-06T10:33:04Z 2019-01-17T00:27:15Z "PHP `number_format` has only multiple bytes support in the decimal point and thousands separator parameters since PHP 5.4.0. There is some code in place in `wp-includes/class-wp-locale.php` to work around this: {{{#!php <?php if ( version_compare( PHP_VERSION, '5.4', '>=' ) ) { // Replace space with a non-breaking space to avoid wrapping. $thousands_sep = str_replace( ' ', ' ', $thousands_sep ); } else { // PHP < 5.4.0 does not support multiple bytes in thousands separator. $thousands_sep = str_replace( array( ' ', ' ' ), ' ', $thousands_sep ); } }}} Since we don't know how translators translate `number_format_thousands_sep` and `number_format_decimal_point` i don't think this is working in all cases. In the French translation files there is currently a multibyte non-breaking space char. Above code will not replace the multibyte non-breaking space char to a regular space. Also see: https://make.wordpress.org/polyglots/2013/06/24/number_format-bug/. https://translate.wordpress.org/projects/wp/4.8.x/fr/default?filters%5Bstatus%5D=either&filters%5Boriginal_id%5D=5138840&filters%5Btranslation_id%5D=51885045 " remcotolsma 1 44537 Twenty Seventeen: submenu is not available from keyboard with disabled java script Bundled Theme normal minor Future Release enhancement new 2018-07-06T15:01:43Z 2019-01-18T20:59:07Z webest 3 44538 Provide a way to show what change occurred to the suggested privacy policy text. Privacy 4.9.6 normal normal Future Release enhancement new 2018-07-06T15:31:15Z 2020-11-24T16:11:48Z "Currently, when WordPress notifies me that the suggested privacy policy text has changed, it doesn't provide any indication of WHAT has changed. Given that I've customized the text I'm actually using, this makes it prohibitively time-consuming to track down what changed (because I'd have to download an old WordPress version, copy-paste out the suggested text, and then run the two versions through a diff utility manually). As a result, I wind up just dismissing the notification and getting on with my day. (Not to mention feeling irritated by further confirmation of my sense that I spend more time applying updates to WordPress or its plugins than actually posting... something I hope to remedy by migrating to a static site generator like Jekyll or Pelican.) Given that WordPress already has a diff implementation for showing changes between revisions of posts, it should offer to apply it to the two different versions of the suggested privacy policy, so I can easily know whether I need to update my customized version. (Ideally, it should apply it between whatever version was current when the privacy policy page was last edited and the current version.)" ssokolow 14 44539 Notify the admin when no personal data is found for a user Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-07-06T17:35:53Z 2019-12-02T17:36:32Z "When no data exists for a user's data export request, both the user and administrator handling the request should be notified that no data exists. #44133 handles the end user experience by notifying the user via email that no personal data was found. On the admin side, the person managing the data request should also be notified that no personal data was found. The ""Download Personal Data"" inline action should also be removed or changed to something like ""Recheck for Personal Data""." desrosj 3 44540 Revision restoring redirect issue when using custom wp_query inside shortcodes Revisions 4.9.7 normal normal Awaiting Review defect (bug) assigned 2018-07-07T10:43:11Z 2019-03-11T20:44:02Z "Using a custom WP_Query inside page content shortcodes leads to weird ""revisions restoring"" behavior which is redirecting to improper page id. However the page content is restored correctly. Have found this lines 55, 56 in revision.php {{{ wp_restore_post_revision( $revision->ID ); $redirect = add_query_arg( array( 'message' => 5, 'revision' => $revision->ID ), get_edit_post_link( $post->ID, 'url' ) ) }}} While wp_restore_post_revision( $revision->ID ) returns a correct post_id, the redirect is made to get_edit_post_link( $post->ID, 'url' ) and $post->ID may be broken by custom wp_query loop. Why not using wp_restore_post_revision( $revision->ID ) returned result to perform a correct redirect? " vendetta90 2 44542 Images: Option to control when to create different image dimensions Post Thumbnails 4.9.7 normal major Awaiting Review feature request new 2018-07-08T16:17:33Z 2021-09-29T08:10:33Z "Hello, I believe that wp miss the ability to control when to create different image dimensions. Because i have see that wasting space from the disk of the server without reason. Example: When we create a gallery with the native wp gallery create dozens of different image dimensions and in fact use only the thumbnail because shows the full size with the lightbox. Its great if you add the ability to disable to create different image dimensions in any case that we want." B_Dark 1 44548 Email should be encoded with UTF8 and base64 reporter-feedback I18N normal normal Awaiting Review enhancement new 2018-07-09T15:20:35Z 2018-09-14T06:37:47Z "The plugin WP Multibyte Patch included in the Japanese package is changing the Email charset from `UTF-8` to `ISO-2022-JP`. https://ja.wordpress.org/plugins/wp-multibyte-patch/ Almost all Email clients in Japan can handle UTF-8 now, so I am believing that we don't need to change email charset to `ISO-2022-JP`. Also, if we activate WP Multibyte Patch and switch language to another language like `FR_fr`, the character in the email body will be broken. But I guess email should be encoded by `base64` for non-ascii users. I know `8bit` encoding works good, but I guess base64 is reliable for us if we remove the plugin from Japanese package. Following is an example email header of the Gmail. Gmail is `UTF8` + `base64`. {{{ Subject: =?UTF-8?B?xxxxxxxxxxxxxxxxxx==?= Content-Type: text/plain; charset=""UTF-8"" Content-Transfer-Encoding: base64 }}} Related: #meta3163, #43829, #44296, #44541, #15955, #22363 Following is a list of tickets to improve multibyte enhancement. https://docs.google.com/spreadsheets/d/13oGbc7AqEN6OUvmze-JDCKXDdruFqsxqSAdI7-b6Lho/edit#gid=0" miyauchi 1 44550 The confirmaction page should also be in the user language garrett-eclipse has-patch Privacy 4.9.6 normal normal Future Release defect (bug) assigned 2018-07-09T20:51:37Z 2020-07-20T19:00:16Z "We have the ticket [https://core.trac.wordpress.org/ticket/43985 Privacy: The user request email should be sent in the user language] #43985 so it seems reasonable to also have the ""User action confirmed"" page, in the same user language as the email. Namely the page the user sees after clicking: https://example.com/wp-login.php?action=confirmaction&request_id=...&confirm_key=... from the ""Confirm Action"" email. See screenshot below:" birgire 18 44559 Alias redirected when page is set as a homepage Canonical 4.9.7 normal normal Awaiting Review defect (bug) new 2018-07-10T16:56:46Z 2018-07-10T16:56:46Z "I have two domains: - `example1.com` (hosting with WP installation) - `example2.com` (only domain, alias to `example1.com`) When I access `example2.com`, content for `example1.com` should be displayed, but instead of it, `example2.com` is redirected to `example1.com`. But when I access particular page (or post) `example2.com/contacts`, everything works and content from `example1.com/contacts` is displayed (but not redirected). It seems to me that problem is related only to homepage which is set as a `page_on_front`, see https://core.trac.wordpress.org/browser/tags/4.9.7/src/wp-includes/canonical.php#L177" pavelevap 44565 Find plural text in description of username on profile page. has-patch Users normal normal Awaiting Review defect (bug) new 2018-07-11T10:31:52Z 2020-01-21T15:25:35Z "When I logged in as admin in WordPress dashboard and check the user profile, I found the description of username is ""Usernames cannot be changed."" ""Usernames"" is a plural text I think we should use singular ""Username"" over there." harsh175 2 44571 force_balance_tags breaks JavaScript Shortcodes 4.9.7 normal normal Awaiting Review defect (bug) new 2018-07-11T21:11:07Z 2018-07-14T18:42:18Z "Input: {{{ <?php echo force_balance_tags('<script>console.log(""extest:"", 0<=1);</script>') ?> }}} Output: {{{ <script>console.log(""extest:"", 0< =1);</script></script> }}} (no longer valid JavaScript) Context: I use tiny (<20KB) JS programs for interactive illustrations inside tutorials on a WP blog. These would most commonly break on pages where excerpts are shown (post list, search) and it took a little while to narrow this down to force_balance_tags running for !--more splitter in get_the_content. Workarounds: enclosing JS code in a comment {{{ <script><!-- code --></script> }}} which is a legacy part of spec https://html.spec.whatwg.org/multipage/scripting.html#restrictions-for-contents-of-script-elements Could the script-tags be treated like the comments in this regard? This is a rather unobvious behaviour." yellowafterlife 1 44582 Notice: Undefined property:stdClass::$plugin - wordpress reporter-feedback Plugins 4.9.7 normal normal Awaiting Review defect (bug) new 2018-07-13T19:15:50Z 2022-01-29T08:12:43Z Notice: Undefined property: stdClass::$plugin in /hermes/bosnaweb07a/b1754/ipg.account_name/folder_name/wp-includes/class-wp-list-util.php on line 150 sangwan4pankaj 10 44595 wp_insert_post() inserts wrong GUID (adds http:// prefix) dev-feedback General normal normal Awaiting Review defect (bug) new 2018-07-17T14:07:48Z 2018-07-17T19:36:41Z "I manually set a GUID to e.g. `abc123` before calling `wp_insert_post()` and it was inserted as `http://abc123` to the database. Expected: `abc123`" Looimaster 3 44596 Welcome page text is repetitive dev-feedback Upgrade/Install normal normal Future Release defect (bug) new 2018-07-17T14:15:03Z 2019-02-01T16:29:25Z "Right now, the WordPress ""Welcome"" page/tab currently repeats nearly the same text 7 times in a row. The pattern is basically: `Version %number% addressed %number% bugs. For more information, see %link%.` The repetition is exacerbated by there being 7 minor releases in the 4.9 major branch, but considering this page is the first thing people see after upgrading, I think this can be communicated better. Screenshot imminent." johnjamesjacoby 3 44597 Scheduling posts adds wrong seconds as post_date Date/Time 4.9.7 normal normal Awaiting Review defect (bug) new 2018-07-17T15:41:55Z 2020-08-25T22:06:53Z "Whenever I schedule a random post on wordpress, for example I give the date 2 August 2018 18:00, wordpress inserts the wrong seconds into the database in post_date. post_date of the example given would be something like `2018-08-02 18:00:22`. WordPress would add these 22 seconds, which is wrong, because I have defined only hours and minutes in the GUI, so seconds should not be just randomly defined. Here is a database example: [[Image(https://i.imgur.com/0KM1Jpw.png)]] " katsar0v 3 44598 Main logo won't update when deleted and reuploaded with the same file name has-patch Customize normal normal Awaiting Review defect (bug) new 2018-07-17T16:37:15Z 2022-11-16T16:40:51Z "Hello, I'm experiencing the following bug: Adding a main gif logo in customizer by the media library and permanently deleting it, obviously does NOT permanently delete it but leaves some traces. When I change the color and/or the image format and reupload the slightly different file WITH THE SAME FILE NAME, WordPress displays the correct resolution in the attachment details along with the old thumbnail. Thus, although the image has been changed and rendered correctly, as I can see in the wp-content folder, the old image gets displayed on the page instead of the new main logo. Same for the cropping option before inserting. Refreshing the page doesn't help. Regards" mimoho 3 44602 meta_query to support FIND_IN_SET has-patch Query normal normal Awaiting Review enhancement new 2018-07-18T17:22:08Z 2018-07-18T17:29:14Z I got `FIND_IN_SET` working in meta_query. donjajo 44610 Allow Youtube-Player to use youtube-nocookie.com URLS to avoid setting cookies. has-patch Embeds 4.9.7 normal normal Future Release enhancement assigned 2018-07-19T07:59:59Z 2023-05-26T12:40:39Z "The file ""wp-includes/class-wp-customize-manager.php"" includes a function ""_validate_external_header_video( $validity, $value )"". The regex used in this function is incomplete, as some urls are invalidated in the customizer. What is interesting is that the regex used in ""wp-includes/js/wp-custom-header.js"" (which actually sets the youtube video), is different and validates e.g the youtube-nocookie.com URLs, that I think more people will need due to GDPR. In the javascript file, it actually quotes a stackoverflow regex found at: http://stackoverflow.com/a/27728417 **Proposal:** Update the regex in ""wp-includes/class-wp-customize-manager.php"" (line 5664) to match the one used in ""wp-includes/js/wp-custom-header.js"" (line 379)." jepperask 58 44615 """Cannot use object of type stdClass as array"" breaking update-core.php" reporter-feedback Upgrade/Install 4.9.7 normal normal Awaiting Review defect (bug) new 2018-07-20T04:22:46Z 2021-06-07T09:59:02Z "I get this error when I go to the update core page:\\ \\ {{{Fatal error: Uncaught Error: Cannot use object of type stdClass as array in /home/industryawards/public_html/wp-admin/update-core.php:258 Stack trace: #0 /home/industryawards/public_html/wp-admin/update-core.php(625): list_plugin_updates() #1 {main} thrown in /home/industryawards/public_html/wp-admin/update-core.php on line 258}}} \\ \\ It displays above the plugin list, and no plugins are displayed in the list. The page actually breaks there. I'll attach a screenshot if I can.\\ \\ However, the error does not happen on the 'Update Available' plugin page tab which can still be used to update plugins. industryawards.co.nz/wp-admin/plugins.php?plugin_status=upgrade\\ \\ The plugins installed and activated are:\\ \\ BackupBuddy – 8.2.8.1\\ Beaver Builder Plugin (Pro Version) – 2.1.3.5\\ Beaver Themer – 1.1.2.1\\ PowerPack for Beaver Builder – 2.6.6.1\\ Better Search Replace – 1.3.2\\ Blackhole for Bad Bots – 1.9.2\\ Breadcrumb NavXT – 6.1.0\\ Duplicate Page – 2.6\\ Easy Theme and Plugin Upgrades – 2.0.0\\ Google Analytics Dashboard for WP (GADWP) – 5.3.5\\ GP Conditional Pricing – 1.2.36\\ Gravity Perks – 2.0.9\\ Gravity Forms – 2.3.3\\ GravityView – 2.0.14\\ Invisible reCaptcha – 1.2.1\\ Lazy Load for Videos – 2.4.0\\ Recent Posts Widget With Thumbnails – 6.2\\ WC Custom Add to Cart labels – 1.1\\ WooCommerce Stripe Gateway – 4.1.8\\ WooCommerce - Gravity Forms Product Add-Ons – 3.3.3\\ WooCommerce PDF Invoices – 4.1.9\\ WooCommerce – 3.4.3\\ Wordfence Security – 7.1.9\\ WordPress Importer – 0.6.4\\ Yoast SEO Premium – 5.8\\ \\ Everything is at it's latest version with the exception of GravityView, but I've eliminated that as a suspect by disabling it." adamthomsonnz 1 44617 Introduce new 'hasBlock' behavior for TinyMCE 'BeforeSetContent' and 'SaveContent' events dev-feedback Editor normal normal Future Release defect (bug) new 2018-07-20T13:21:23Z 2018-07-26T02:27:11Z "When TinyMCE editor content has Gutenberg blocks in it, we can assume `<p>` paragraph tags are included too. In this scenario, `wp.editor.autop()` should not be applied to the content. However, even when `wp.editor.autop()` isn't applied, TinyMCE applies `<p>` paragraph tags to all root nodes (e.g. the content of Shortcode Blocks). We can mitigate this behavior by stripping `<p>` paragraph tags from Shortcode Blocks on the 'SaveContent' event. From [https://github.com/WordPress/gutenberg/issues/4672 wordpress/gutenberg#4672]" danielbachhuber 8 44628 Repair DB rehashes password to md5 has-patch Upgrade/Install normal normal Future Release defect (bug) new 2018-07-23T17:33:29Z 2020-01-14T10:39:53Z "How to replicate: Corrupt the database: {{{ truncate $wpdb->options; insert into $wpdb->options (option_name, option_value) values('siteurl', 'http://localhost'); }}} Navigate to http://localhost/ and repair the database. Observe user_pass for all users in $wpdb->users it is now md5 hash." yani.iliev 3 44629 UI Add scrollbars for webkit on Update Plugins Upgrade/Install 4.9.7 normal normal Awaiting Review defect (bug) new 2018-07-24T06:58:31Z 2018-07-24T06:58:31Z "Hello, I've found with the Update Plugins iframe it often completes almost silently and it appears almost stuck as at first glance there's no indication there's more hidden in the fold of the iframe. For instance my recent update left the last visible line as 'Disabling Maintenance mode...' but then it seemed to go silent and even though lines were written below they were hidden from view. This made me sit thinking I'd have to go remove the .maintenance file. *Screen to come. I'm on chrome webkit and would assume safari would be the same. It would be nice to override the browser and force the scrollbar to be visible. I often find the scrollbar almost acts as a progress meter as it gets smaller the longer the content gets so having it visible would be nice. I hope that makes sense, just wanting to improve the cognitive feedback on the iframe to avoid leaving the user assuming the execution has suddenly stopped. Thank you " garrett-eclipse 44630 WP_Term_Query does not return all terms when 'number' and 'object_ids' are specified has-patch Taxonomy normal critical Awaiting Review defect (bug) new 2018-07-24T09:03:10Z 2019-01-17T00:24:34Z "When querying for taxonomy terms assigned to certain objects, WP_Term_Query's query is LIMIT'ed if the 'number' argument is specified. This introduces a problem similar to hierarchical taxonomies where results must not be limited in order to retrieve children. In particular, the issue arises because each term_taxonomy_id, or ""(term, taxonomy) couple"", has more than one relationship in wp_term_relationships thus more than 1 row could be returned for the same term_taxonomy_id. It is worth to notice that in order to replicate the problem in the attached test, the 'order' argument must be set to DESC which is the opposite of WP_Term_Query's default." ettoredn 44631 Limit the displayed search phrase for the posts list table has-patch Posts, Post Types normal normal Awaiting Review defect (bug) new 2018-07-24T09:31:00Z 2018-07-24T09:42:25Z "When searching for long text in the ''comments'' list table, the displayed search phrase is limited by 50 characters by using {{{wp_html_excerpt()}}}. On the other hand when searching for long text in the ''posts'' list table, the displayed search phrase is unlimited. It would be nice to have this consistent between those two tables. Later (another ticket) we could also consider ''plugins'', ''users'', ''media'', ''sites'', ... list tables that also display unlimited search phrase." birgire 1 44634 multisite: WP_User compatibility keys inacessible after switch_to_blog Users 4.9.7 normal normal Awaiting Review defect (bug) new 2018-07-24T18:19:52Z 2018-07-24T18:19:52Z "Some WP_User attributes are accessed using $back_compat_keys and get_user_meta: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-user.php#L121 https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-user.php#L312 $back_compat_keys is static and defined when the first WP_User is instantiated. This process hardcodes $wpdb->prefix into some keys (e.g. user_level), preventing it from functioning correctly after switch_to_blog(). Additionally, unsetting any of these attributes for one user will unset it for all Users, due to $back_compat_keys being static: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-user.php#L374" flaviozavan 44637 Escape strings in wp-admin/themes.php reporter-feedback Security normal normal Awaiting Review defect (bug) new 2018-07-24T20:11:01Z 2021-06-07T10:00:44Z A lot of translatable strings are not escaped. milana_cap 2 44641 Customizing Button Text in Custom Media Manager Frame Doesn't Work Anymore antpb dev-feedback Media 4.9.7 normal normal Future Release defect (bug) assigned 2018-07-25T12:16:47Z 2022-01-30T16:52:29Z "= Summary I have a plugin that calls up the Media Manager. I use the ""gallery"" state, and customize the main button text via the `wp.media` arguments. I've noticed a regression. The text in the primary button is no longer overridden by the arguments that I pass. = What I'm Doing (Code is simplified) {{{ var file_frame = wp.media.frame = wp.media({ frame: 'post', state: 'gallery', library : { type : 'image'}, button: {text: 'Edit Image Order'}, // <----- LINE IN QUESTION multiple: true }); file_frame.open(); }}} = What Should Happen The text inside the primary button in the media manager modal should change from ""Create a new Gallery"" to ""Edit Image Order"". [[Image(https://imgur.com/faJevb7)]] = What Actually Happens The button ignores my arguments and retains its default text. [[Image(https://imgur.com/6gLdtLv)]] " Kelderic 13 44645 Expose download link Privacy normal normal Awaiting Review enhancement new 2018-07-25T22:28:52Z 2020-10-16T22:41:05Z "When representing an organisation or business, not just a web site, one may have several systems and files containing personal data, plus some manual editing. Then I want to compose the email to the requester myself, via a template, add other links or files than the export from one WordPress site. I could do with an action to just create the export file and expose the link for copying/pasting into an email." knutsp 2 44651 Make the excerpt explanation filterable needs-docs Posts, Post Types normal normal Awaiting Review enhancement new 2018-07-26T15:38:35Z 2019-01-16T06:50:09Z Excerpts are used in different ways by different post types. The explanatory text below the textarea should be filterable to allow plugin authors to provide details relevant to their implementation. sillybean 1 44655 Introduce alternative srcset option for custom logo Media normal normal Awaiting Review enhancement new 2018-07-27T15:06:23Z 2018-07-30T12:00:04Z "When adding theme support for custom-logo I can define the recommended size for the logo: {{{#!php <?php add_theme_support( 'custom-logo', array( 'height' => 38, 'width' => 186, 'flex-width' => true, 'flex-height' => true, )); }}} The user will then be notified that they should upload their image at these dimensions. If they follow the advice the_custom_logo() will output: {{{ <img width=""186"" height=""38"" src=""http://www.domain.co.uk/wp-content/uploads/2018/07/img.png"" class=""custom-logo"" alt=""test"" itemprop=""logo""> }}} Due to the small size srcset is not included and viewing on mobile could produce a blurry image. So to get srcset increase the height and width 3x making height 114 and width 558 we will now get: {{{ <img width=""558"" height=""114"" src=""http://www.domain.co.uk/wp-content/uploads/2018/07/paul-reeve-logo-2.png"" class=""custom-logo"" alt=""test"" itemprop=""logo"" srcset="" http://www.domain.co.uk/wp-content/uploads/2018/07/img.png 558w, http://www.domain.co.uk/wp-content/uploads/2018/07/img-350x72.png 350w, http://www.domain.co.uk/wp-content/uploads/2018/07/img-186x38.png 186w, http://www.domain.co.uk/wp-content/uploads/2018/07/img-372x76.png 372w "" sizes=""(max-width: 558px) 100vw, 558px""> }}} We now have srcset but have had to use a larger image than we want, we have the option to resize the image via css to produce the correct dimensions but we are still potentially loading an image larger than needed. Also, from my testing I cannot seem to get this method to swap images at all, this could be due to my own error/misunderstanding however, I did find another person with a similar issue on SO [https://stackoverflow.com/questions/49177239/srcset-and-sizes-not-working-consistently-across-browsers] and viewing the following page always shows large.jpg as the image being used in my browser (chrome): [https://simpl.info/srcsetwvalues/] It would be good if we could specify the type of srcset to use e.g use 1x, 2x, 3x instead of 350w, 500w... {{{ <img srcset="" http://www.domain.co.uk/wp-content/uploads/2018/07/img-186x38.png 1x, http://www.domain.co.uk/wp-content/uploads/2018/07/img-372x76.png 2x, http://www.domain.co.uk/wp-content/uploads/2018/07/img.png 3x"" src=""http://www.domain.co.uk/wp-content/uploads/2018/07/img-186x38.png"" alt=""test""> }}} This way we could specify the required logo size to be 3x then server the appropriate size according to the pixel density of the device the user is viewing on." mrmadhat 4 44656 Multiple themes: Empty site title leaves empty anchor tag in header Bundled Theme normal normal Future Release defect (bug) new 2018-07-27T15:53:04Z 2023-06-09T23:51:09Z "I just noticed something weird the other day with Twenty Twelve. I removed the title all together (no I did not hide it) and when I looked at the source code this is what I saw: {{{ <h1 class=""site-title""> <a href=""http://localhost/dev/"" rel=""home""></a> </h1> }}} It's an H1 tag with an empty anchor? This shouldn't happen I don't think. So I download a few other themes and did the same thing and sure enough all that was left was an empty H1 tag with an empty anchor tag. I do not know why anyone would want to do this **BUT** If the site title is removed completely, meaning not hidden and not entered not entered either in ""**Settings**"" or ""**Site Identity**"" in the customizer, then the site H1 site title tag should not be displayed. I am not sure if this is a bug so I thought I would enter it in. I looked all over and could not find any information or any other tickets regarding this. I apologize if its a waste of time. Thanks in advance." tsquez 6 44658 Support BETWEEN for term names in WP_Tax_Query/WP_Term_Query dev-feedback Query normal normal Future Release feature request new 2018-07-27T20:23:30Z 2019-09-11T15:56:51Z This patch adds `name__between` parameter in `WP_Term_Query` and `between` operator in `WP_Tax_Query`. soulseekah 6 44659 Display custom fields Options, Meta APIs normal normal Awaiting Review feature request new 2018-07-27T23:10:34Z 2019-01-16T06:40:52Z "There should be an option to display custom field data without having to acquire a plugin, rely on a theme supporting it, or hack a theme; surely this can be achieved in core, programmatically. Options could/should include (in order of importance): Global Admin settings to: 1. Enable/disable the display of raw custom field data in a post 2. Option to rewrite outputted field data (add wrapper) that may include HTML 3. Specify where in a post, the field is output, depending of available hooks 4. Specify optional regex validation 5. Specify optional data regex replacement on output 6. Specify which options above, are returned via the API to other plugins 7. Specify optional CSS for any classes and IDs added in (2) above. 8. Specify whether a custom field should be a requirement/optional 9. Specify where the custom field box should appear on the post edit page 10. Option to rewrite outputted field data using PHP snippet Even implementing only items 1-3 would provide a powerful and flexible way to manage meta data, and provide WP v5 with a significant improvement over earlier versions." iantresman 4 44665 "Add a ""Create New Menu"" button to the menu widget" has-patch Customize 4.3 normal normal Future Release enhancement new 2018-07-29T00:32:39Z 2020-11-30T00:20:15Z "Menu widgets in the customizer have buttons to edit the selected menu, which cross-link to the menus customizer panel. Before a menu is selected, there should be a ""Create New Menu"" button that links to the new menu section and automatically assigns the menu to the corresponding widget. This would be a big improvement in user flow, particularly for new users trying the menu widget for the first time, who may not understand the relationship between widget and menu objects. The UI should match the existing edit menu button." celloexpressions 44669 Privacy Notification doesn't clear after dismissing notification garrett-eclipse Privacy 4.9.7 normal normal Future Release defect (bug) assigned 2018-07-30T06:38:39Z 2019-09-30T19:08:08Z "Every time the 'Suggested privacy policy text' is changed, the **Settings > Privacy** page displays a notification. Clicking the Close (x) icon doesn't clear the notification. If I navigate away from the page, the Privacy Policy notification reappears. The only way to clear the notification is to click the ''review the guide'' link. If a site has a custom privacy policy page, like most typical business sites, then they shouldn't be forced to view this page every time it changes as it's not going to be relevant to them. The Close icon should clear the notification in the same way that clicking the ''review the guide'' link does. Screenshot: https://cl.ly/3r0Y3m0P452X" ahortin 25 44678 Introduce Bulk Copy or Copy All to Privacy Policy Guide Privacy 4.9.6 normal normal Awaiting Review enhancement new 2018-07-30T18:24:52Z 2020-10-16T22:41:24Z "As @desrosj pointed out in #44588 it would be nice to have a method for bulk copy of all privacy snippets. This could be a 'Copy All to Clipboard' button at the top of the guide. Or if the selective copy is preferred maybe checkboxes beside the copy actions with a 'Bulk Copy to Clipboard' at the bottom." garrett-eclipse 2 44683 Export and Erase personal data - emails sent to wrong address if username is an email address which is different from the actual email address xkon dev-feedback Privacy 4.9.6 normal normal Future Release enhancement reviewing 2018-07-31T13:28:29Z 2021-01-27T18:05:13Z "This issue might had been already discussed in another ticket but I was unable to find it. When a user has set his username to an email address (may not be a valid one), then WordPress will be forced to send the verification request to wrong one. Here is an example: Username: `fake@bbbb.com` For the above, the following code block won't execute: {{{ if ( ! is_email( $username_or_email_address ) ) { ... } }}} but this line will be executed: {{{ $email_address = $username_or_email_address; }}} Which means email is now supposed to be sent at `fake@bbbb.com`. I would suggest even a username looks to have a valid email address pattern like above, rather than directly assign it against `$email_address` variable, we might take an extra step to find the real email address attached to this account before sending the request. Here is a suggestion: {{{#!php <?php if ( ! is_email( $username_or_email_address ) ) { ... } else { $user = get_user_by( 'login', $username_or_email_address ); if ( $user instanceof WP_User ) { $email_address = $user->user_email; } else { $email_address = $username_or_email_address; } } }}} Please let me know if this makes any sense!" subrataemfluence 9 44684 Page/Post revisions don't seem to load into preview has-patch Revisions 4.9.7 normal normal Awaiting Review defect (bug) new 2018-07-31T14:27:24Z 2018-08-01T19:24:56Z "Two different websites had this problem, but it now seems only the one I look after has it. Video attached. It seems that whenever you use the slider on the revisions page of a page/post, it fails to load. Instead it spits out an error in relation to ""admin-ajax.php"" file. This is with initial install, default theme, no plugins. Chrome / Firefox / Safari." ckhatton 1 44689 Convert user sites (my-sites.php) to table dev-feedback Networks and Sites 3.0 normal normal Awaiting Review enhancement new 2018-08-01T07:02:10Z 2021-01-12T11:52:01Z "I think for better consistence we could add a table in the user's sites in a multisite like everything else in WordPress (super admin sites, users, posts etc.). The Primary Site option could change from the bulk actions." eArtboard 8 44690 Username should not accept space dev-feedback Users normal normal Awaiting Review enhancement new 2018-08-01T11:19:00Z 2021-02-27T16:17:02Z "The `username` field accepts `space`, not leading or trailing ones though. Space is usually not in the list of accepted characters. I am not sure if it is there in purpose. Ideally it should not accept this character. `Username` also accepts `@`, which is not an issue. But the problem starts when the username looks like an email address! When sending verification requests for Export and Erase private data the issue can be noticed. However, if `username` has to accept `@`, WordPress should first check whether it is validating email address pattern. If it does, I think that should be reported rather than allowing it to get saved. I explained the above issue in #44683." subrataemfluence 3 44694 Extra and un-neccessary query when no posts found in Posts Rest Controller REST API 4.9.7 normal normal Awaiting Review enhancement new 2018-08-01T16:46:27Z 2018-08-02T06:15:21Z "In the 'get_items' method in class-wp-rest-posts-controller.php there is some conditional logic that re-executes the query without the 'paged' param if no results are found ( line 317 ). This seems like poor logic here. The query should only be executed again IF a paged parameter has been specified in the params. I have a REST request that returns an empty array, but the query is run twice even though the results are the same. This leads to some errors for me because I'm supplying non-standard parameters and using one time filters to handle them when building the request. After the initial query my filters have been removed so when the query executes again ( un-neccessarily ) my objects in the params end up triggering notices / warnings in the WP_Query class. Long story short, this extra query should have better logic protecting it. Something as simple as: {{{#!php <?php if ( $total_posts < 1 && $paged > 1 ) { // Out-of-bounds, run the query again without LIMIT for total count. unset( $query_args['paged'] ); $count_query = new WP_Query(); $count_query->query( $query_args ); $total_posts = $count_query->found_posts; } }}} " pat@… 1 44695 WP_Term_Query unexpected 'orderby' behaviour. needs-unit-tests Query 4.9.7 normal normal Awaiting Review defect (bug) new 2018-08-01T21:19:14Z 2019-08-27T18:33:22Z "I expected that `orderby` would behave in a similar way with `WP_Term_Query` as it does on other `*_Query` classes but it seems that `meta_value_date` and possibly some others is unsupported. Additionally `meta_type` doesn't function as expected either. These args: {{{ $args = array( 'taxonomy' => 'issues', 'number' => 5, 'meta_key' => 'issue_date', 'meta_type' => 'DATE', 'orderby' => 'meta_value_date', ); }}} Result in this query that has disregarded both `meta_type` and `orderby` in it's generation: {{{ SELECT DISTINCT t.*, tt.* FROM wp_terms AS t INNER JOIN wp_termmeta ON ( t.term_id = wp_termmeta.term_id ) INNER JOIN wp_term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy IN ('issues') AND tt.count > 0 AND ( wp_termmeta.meta_key = 'issue_date' ) ORDER BY t.name ASC LIMIT 5 }}} Could we get similar support for same named keys in `WP_Term_Query` as we have in other queries?" williampatton 1 44696 Plugin Deactivation Page Jump Plugins 4.9.7 normal minor Awaiting Review defect (bug) new 2018-08-01T21:22:58Z 2020-06-22T16:58:18Z "This isn't so much a bug as it is a gripe with the plugin management interface that has long annoyed me. If you have a number of plugins installed and activated: 1. Scroll down the list of plugins 2. Deactivate a plugin near the bottom 3. Page refresh jumps back to top of the list Often, I am deactivating and reactivating plugins for testing or development purposes, or to check for potential conflicts. Having the page jump back to the top after deactivation, then having to scroll down the list of plugins and find the same or similarly named plugin again tends to waste a lot of my time. I think it would be much more convenient to load an anchor link to the deactivated plugin upon the page refresh, rather than sending the user back to the top of the list with every deactivation. Just a suggestion that would help me, and I'm sure many others. Thanks! :D" organicthemes 2 44704 `wp.media.view.EmbedLink` and `oembed/1.0/proxy` don't work as expected Embeds 4.9.7 normal normal Awaiting Review defect (bug) new 2018-08-02T14:43:51Z 2018-08-07T08:43:17Z "It seems that `wp.media.view.EmbedLink` and the REST route `oembed/1.0/proxy` don't respect the `maxwidth` oEmbed parameter in all cases. **To Reproduce** Steps to reproduce the behaviour: 1. Create a new post. 2. Click on ""Add Media"" button. 3. Choose ""Insert from URL"" interface. 4. Paste a valid YouTube URL: https://www.youtube.com/watch?v=KA_CLal14u4 5. See the YouTube `<iframe>` with a `600px` width. 6. Click on ""Insert into post"" button. 7. Publish post. 8. Edit the YouTube video. 9. See the YouTube `<iframe>` with a tiny `200px` width. **Expected behaviour** The embed contents from Facebook or other services should have the same width when you add or edit them. **Reason found** After some researches, it seems that the problem comes from `media-view.js` and this part of code: {{{#!js this.dfd = wp.apiRequest({ url: wp.media.view.settings.oEmbedProxyUrl, data: { url: url, maxwidth: this.model.get( 'width' ), maxheight: this.model.get( 'height' ) }, type: 'GET', dataType: 'json', context: this }) }}} I don't know why the embed content `this.model.get( 'width' )` is egal to `0` when we edit it :/ As a result, the default value for the `maxwidth` argument of the REST route `oembed/1.0/proxy` can't be used like the first time. Here is the requested URL: 1. when we try to embed YouTube video: `http://v10.helloprojets.test/wp-json/oembed/1.0/proxy?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DscAxBpppwcQ%26list%3DPLoSIOFPSXQoOXzR8tpGC484wjgKFwIbWL%26index%3D78`. 2. when we edit the YouTube video: `http://v10.helloprojets.test/wp-json/oembed/1.0/proxy?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DscAxBpppwcQ%26list%3DPLoSIOFPSXQoOXzR8tpGC484wjgKFwIbWL%26index%3D78&maxwidth=&maxheight=`. This problem is a bit weird and complex. I hope I was clear in my explanations ;)" 7studio 2 44705 Edit embed contents without saving post breaks previews Embeds 4.9.7 normal normal Awaiting Review defect (bug) new 2018-08-02T14:50:19Z 2018-08-02T14:50:19Z "It seems that when we insert embed content and edit it just after without saving the post, the embed preview isn't displayed. **To Reproduce** Steps to reproduce the behaviour: 1. Create a new post. 2. Click on ""Add Media"" button. 3. Choose ""Insert from URL"" interface. 4. Paste a valid YouTube URL: https://www.youtube.com/watch?v=KA_CLal14u4 5. See the YouTube `<iframe>` with a `600px` width. 6. Click on ""Insert into post"" button. 7. Edit the YouTube video. 8. See nothing. **Expected behaviour** The embed content should be displayed. **Reason found** None. The problem is present in all browsers. The Google Chrome console logs `Cross-Origin Read Blocking (CORB) blocked cross-origin response https://www.youtube.com/watch?v=KA_CLal14u4 with MIME type text/html. See https://www.chromestatus.com/feature/5629709824032768 for more details.`." 7studio 44710 Upload plugin and theme functionalities are not removing uploaded files after failure conditions. Administration 4.9.7 normal normal Awaiting Review defect (bug) new 2018-08-03T00:11:59Z 2020-12-25T07:25:08Z "Within wp-admin, an administrator user may upload files by using the Upload Plugin functionality (Plugins -> Add New -> Upload plugin) and the Upload Theme functionality (Appearance -> Themes -> Add New -> Upload Theme) These processes uploads the user submitted file to /wp-content/uploads/{month} first, then attempts to extract it to the plugins or theme directory (The form expects a .zip file, yet allows any mime-type or extension for uploaded files, such as images, or .php files). If the process fails for any reason the uploaded file remains in /wp-content/uploads/ and/or /wp-content/upgrade/ It would be best if the plugin and theme upload functionalities properly clean up the uploaded files if a plugin or theme fail to properly get extracted and/or installed. Note: On successful installations of a plugin or theme, the uploaded file is being properly removed from /wp-content/uploads/ and/or /wp-content/upgrade/ " rawrly 3 44723 The user ID in a `WP_User_Request` is not an integer as stated Privacy 4.9.6 normal normal Future Release defect (bug) assigned 2018-08-03T21:00:02Z 2022-01-30T16:54:53Z Discovered this while debugging something in #43985. The value of `WP_User_Request->user_id` is a string, not an integer as stated by the inline documentation. This was causing some unexpected behavior in `get_user_locale()`, which performs a strict comparison for `0` and was causing the condition to incorrectly evaluate as `false`. desrosj 15 44728 Quick edit for taxonomies is using filtered data dev-feedback Taxonomy 4.9.7 normal normal Awaiting Review defect (bug) new 2018-08-04T17:00:16Z 2019-05-08T19:46:20Z "Looks like #8146 was not fixed, or is back again. To reproduce: * Add a tag with a HTML entity in the name, such as `½`. * Use Quick Edit on the tag page or Quick Edit on the Posts page, and the special character will be shown instead of the `½`. * If you save the tag or post, a new tag with the character is created (instead of using the one with the spelled out entity). I'm unsure of whether the special characters should be in the slug, but my test showed it was." joyously 4 44737 WP_Query: in searches post_status should consider exclude_from_search SergeyBiryukov has-patch Query normal normal Future Release defect (bug) reviewing 2018-08-05T22:53:44Z 2019-11-29T16:12:56Z "When `post_status` is empty and we are running a search, this code is executed (wp-includes/class-wp-query.php:2446): {{{#!php // Add public states. $public_states = get_post_stati( array( 'public' => true ) ); foreach ( (array) $public_states as $state ) { if ( 'publish' == $state ) { // Publish is hard-coded above. continue; } $where .= "" OR {$wpdb->posts}.post_status = '$state'""; } }}} That way the `exclude_from_search` parameter isn't considered. " felipeelia 6 44744 Bug on canonical redirect with Hebrew query string. SergeyBiryukov needs-unit-tests Canonical 4.9.8 normal major Future Release defect (bug) reviewing 2018-08-06T14:52:40Z 2019-11-09T10:42:56Z "Hello, Example URL: http://domain.com/?שלום The example comes after having problems with Woocommerce product filters. Line 491-493 in {{{/wp-includes/canonical.php}}} we have this: {{{#!php <?php if ( ! $redirect_url || $redirect_url == $requested_url ) { return; } }}} **The problem:** This will fail because the $redirect_url is not URL safe format and encoded like $requested_url. **Possible solution:** One line before we can use {{{wp_sanitize_redirect}}} function like this: {{{#!php <?php $redirect_url = wp_sanitize_redirect( $redirect_url ); if ( ! $redirect_url || $redirect_url == $requested_url ) { return; } }}} " yehudah 5 44752 wp_get_archives() with the parameter limit = 0 generates an error SergeyBiryukov has-patch Posts, Post Types 1.2 normal normal Future Release defect (bug) reviewing 2018-08-08T08:52:28Z 2019-01-06T17:24:56Z "Hello. I'm working on an extension of the `WP_Widget_Archives` class, in which I implement the ability to specify the archive type and the limit of output links. These parameters are then passed to the `wp_get_archives()` function. It is noticed that if the parameter `limit=0`, then the query to the database turns out to be wrong and the following error is generated: {{{ [You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '0' at line 1] SELECT YEAR(post_date) AS `year`, count(ID) as posts FROM wp_posts WHERE post_type = 'post' AND post_status = 'publish' GROUP BY YEAR(post_date) ORDER BY post_date DESC 0 }}} Of course, I can check this parameter from my side and zero is replaced by an empty string, but it is logical that the function itself does this." campusboy1987 3 44754 Error saving data from 'custom fields' of type select / checkbox (multiple) in Attachment Modal Media normal major Future Release defect (bug) new 2018-08-08T12:41:01Z 2019-04-15T21:43:45Z "It's my first ticket, and I have little idea of English, I apologize if I did wrong. The method used to save the custom fields in the Attache modal, I think, is poorly implemented. The problem comes when you have a field of multiple type (select or checkbox). At the time of parsing the form, the jQuery serializeArray function is used. This returns an array of key / value objects with all the items in the form. The moment you have a field of multiple type whose name value has '[]', if there are multiple values selected, they are overwritten with the selected item from the list of elements. Error is located in the _.each of line 72 of the file: https://core.trac.wordpress.org/browser/trunk/src/js/media/views/attachment-compat.js {{{ 65 save: function( event ) { 66 var data = {}; 67 68 if ( event ) { 69 event.preventDefault(); 70 } 71 72 _.each( **this.$el.serializeArray()**, function( pair ) { 73 data[ pair.name ] = pair.value; 74 }); 75 76 this.controller.trigger( 'attachment:compat:waiting', ['waiting'] ); 77 this.model.saveCompat( data ).always( _.bind( this.postSave, this ) ); 78 }, }}} The result of serializeArray () is [[Image(https://actycrea.com/img/wordpress/before.png)]] And the result after the _.each is: [[Image(https://actycrea.com/img/wordpress/after.png)]] As you can see, it deletes all the elements previous to the last one of the same key. I think the best way to fix it is this: {{{ 65 save: function( event ) { 66 var data = {}; 67 68 if ( event ) { 69 event.preventDefault(); 70 } 71 72 _.each( this.$el.serializeArray(), function( pair ) { 73 if ( $.trim( pair.name ).length ) { 74 if ( typeof( data[ pair.name ] ) == 'object' ) { 75 data[ pair.name ].push( pair.value ); 76 } else if ( pair.name.indexOf( '[]' ) > -1 ) { 77 data[ pair.name ] = new Array( pair.value ); 78 } else { 79 data[ pair.name ] = pair.value; 80 } 81 } 82 }); 83 84 this.controller.trigger( 'attachment:compat:waiting', ['waiting'] ); 85 this.model.saveCompat( data ).always( _.bind( this.postSave, this ) ); 86 }, }}} By doing this, it would return the following data object: [[Image(https://actycrea.com/img/wordpress/finally.png)]] I explained? I'm very sorry for my English ... Fernando. " fobiaxx 1 44759 Percent-encoded unicode characters in CPT rewrite slug prevent finding the CPTs on the front-end Posts, Post Types normal normal Awaiting Review defect (bug) new 2018-08-08T18:03:23Z 2018-08-09T03:17:11Z "If you register a custom post type whose rewrite slug has percent-encoded unicode characters in it, the posts can't be found on the front-end. Eg {{{#!php <?php function register_unicode_cpt() { register_post_type( 'unicode_cpt', array( 'label' => 'unicode-cpts', 'public' => true, 'rewrite' => array( 'slug' => '%E6%BC%A2%E8%AA%9E%3B' // doesn't work // 'rewrite_slug' => '漢語' // works ) ) ); } add_action('init','register_unicode_cpt'); }}} Seems to initially work fine, the ugly percent-encoded unicode characters don't appear in the post editor (Eg https://drive.google.com/a/eventespresso.com/file/d/1d1j6skbgxrA7IJocGvYi5UMQ_Xw3sCrV/view?usp=drivesdk), but when I go to view the CPT, I'm being redirected to the homepage, (or, when my homepage displays latest posts, I'm seeing those without being redirected). It seems some code needs to recognize percent-encoded rewrite slugs are the same as the unicode character ones. The workaround is to use the unicode characters directly, which is technically against the RFC (see https://stackoverflow.com/questions/2742852/unicode-characters-in-urls/2742985#2742985)" mnelson4 44762 Suggested changes to get_cat_name and get_cat_link to provide support for custom taxonomies Taxonomy normal minor Awaiting Review enhancement new 2018-08-09T10:53:19Z 2018-08-09T11:31:32Z "I discovered today that these functions only support the taxonomy 'category'. Can I suggest something along the following lines so that a custom taxonomy can easily be used?: {{{#!php <?php function get_cat_name( $cat_id, $tax_type ) { $cat_id = (int) $cat_id; if ( isset($tax_type) ) $tax_type = $tax_type; else $tax_type = 'category'; $category = get_term( $cat_id, $tax_type ); if ( ! $category || is_wp_error( $category ) ) return ''; return $category->name; } }}} {{{#!php <?php function get_cat_link( $category, $tax_type ) { if ( ! is_object( $category ) ) $category = (int) $category; if ( isset($tax_type) ) $tax_type = $tax_type; else $tax_type = 'category'; $category = get_term_link( $category, $tax_type ); if ( is_wp_error( $category ) ) return ''; return $category; } }}} " geoffcourtauld 1 44765 Uploaded image corrupted after resizing reporter-feedback Media 4.9.8 normal normal Awaiting Review defect (bug) new 2018-08-09T13:49:17Z 2021-04-28T18:00:00Z "When I upload .jpg larger image and turn on resizing, image is corrupted after upload is done. I tried it on two websites on latest version. In v. 4.9.6 its working normally. When i Set in SETTINGS - MEDIA zeroes everywhere, its not resizing and picture is fine. Screenshots are below: [[Image(https://ctrlv.cz/shots/2018/08/09/lnGX.png)]] [[Image(https://ctrlv.cz/shots/2018/08/09/t6CU.png)]] [[Image(https://ctrlv.cz/shots/2018/08/09/bb0t.png)]]" lurbanek 6 44766 Microsoft-IIS/6.0 problem with wp_fix_server_vars Bootstrap/Load 4.9.8 normal major Awaiting Review defect (bug) new 2018-08-09T16:38:39Z 2018-08-09T16:38:39Z "The current function assumes problems that are fixed in many IIS versions nowadays and causes more problems. Currently, the function fails to detect mod_rewrite correctly in some instances and duplicates the query_string because it falls in the third condition on load.php:75 (duplication of the query string happens at load.php:90. Suggestion : just look in the already existing REQUEST_URI if the query string exists." davidwebca 44767 dbDelta allow spaces between column names and between lines SergeyBiryukov has-patch Upgrade/Install normal normal Future Release enhancement reviewing 2018-08-09T17:08:37Z 2019-09-23T15:35:11Z SQL is hard :( make it accept nicer schema definitions with arbitrary space alignments, blank lines, etc. soulseekah 8 44768 Twenty Seventeen: Ordered and unordered both lists overlap outside of the main container has-patch Bundled Theme 4.9.8 normal normal Awaiting Review defect (bug) new 2018-08-09T20:26:07Z 2018-08-11T11:45:59Z "Unordered and ordered list both overlap the main container to left for both frontend and backend (Editor). Twentyseventeen has custom styles for the ul and ol. I've attached a patch with few screenshots for better understanding. " mmaumio 5 44772 Optimize `get_the_post_thumbnail_url` call reporter-feedback Post Thumbnails normal normal Awaiting Review enhancement new 2018-08-10T19:10:33Z 2023-02-02T19:27:04Z This function merely returns the post meta using the post ID. In cases where an ID is passed there's no need to fetch the complete WP_Post object, use it directly as the post ID in the get_post_meta call. soulseekah 4 44773 Non Existing Child Page of Custom Post Redirects Instead of 404 dev-feedback Rewrite Rules 4.9.8 normal critical Awaiting Review defect (bug) new 2018-08-10T19:33:17Z 2020-09-11T05:07:03Z "Steps to reproduce: 1. Register Custom Post Type with hierarchical set to true (We'll call it events) 2. Create the following structure in the CPT: * Test * Test 2 * Child (Child of Test 2) 3. Go to https://localhost/events/test/child and this will redirect you to https://localhost/events/test-2/child instead of returning a 404. Extra Step: If you create a normal page of ""Test"" and try to navigate to https://localhost/test/child, it will redirect to https://localhost/test-2/child. All this was done on vanilla WordPress on Twenty Seventeen theme. {{{ function register_my_cpts_events() { /** * Post Type: Events. */ $labels = array( ""name"" => __( ""Events"", """" ), ""singular_name"" => __( ""Event"", """" ), ); $args = array( ""label"" => __( ""Events"", """" ), ""labels"" => $labels, ""description"" => ""Event overview and resource pages"", ""public"" => true, ""hierarchical"" => true, ""menu_icon"" => ""dashicons-calendar-alt"", ""supports"" => array( ""title"", ""editor"", ""thumbnail"", ""excerpt"", ""revisions"", ""page-attributes"" ), ); register_post_type( ""events"", $args ); } add_action( 'init', 'register_my_cpts_events' ); }}} " Asitha 1 44777 Multiple bundled themes ignore/override ordered list types has-patch Bundled Theme normal normal Future Release enhancement new 2018-08-11T21:02:47Z 2023-09-14T18:59:09Z If you set up an ordered list in Twenty Sixteen or Twenty Seventeen, and then try to add a type to it, WordPress ignores the type. You can get only a numbered list. Greg Raven 12 44786 Autosave: Conditionally allow revisions to be saved reporter-feedback Revisions normal normal Awaiting Review enhancement new 2018-08-13T22:45:46Z 2019-01-16T06:50:09Z "As is, when the `DOING_AUTOSAVE` constant is truthy, calling `wp_save_post_revision` immediately exits. One of the first things that endpoints responsible for `autosave`s are doing is set this constant -- making it impossible to save a revision using the Revisions API during the same request context. See: - [https://github.com/WordPress/gutenberg/blob/751a2fcdd7952fd4359984af292cc669cee065c8/lib/class-wp-rest-autosaves-controller.php#L169 Gutenberg] - [https://github.com/Automattic/jetpack/blob/585238715b2d3ff0a10615562001a729f12ed477/json-endpoints/class.wpcom-json-api-update-post-v1-2-endpoint.php#L165 Jetpack] Endpoints (& other plugins) would benefit from a filter allowing revisions to be saved. A particular use case is to occasionally save revisions for drafts during an `autosave` call (so there is less chance of irrecoverable data loss when the autosave is overwritten)." jblz 6 44790 Attachment Overlay does not trigger spinner for compat fields close Media normal normal Future Release defect (bug) new 2018-08-14T08:03:53Z 2023-10-19T18:35:25Z "we are using ACF and some other custom fields in the attachment library, when we change values of those ""compat"" fields - the spinner/loader does not show up, which leads to the situation that the editor/user, may think everything is saved, and clicks assign/close to the overlay, and behind the overlay he/she may click on publish, which in some situations cancels the XHR requests and leads to data loss. i have prepared a patch, not 100% sure if it is in the right place, let me know if you'd want me to adopt/change anything." hjanuschka 5 44793 "remove_accents() doesnt escape all versions of ""i""" SergeyBiryukov dev-feedback Formatting normal normal Future Release defect (bug) reviewing 2018-08-14T17:42:24Z 2019-09-22T20:30:02Z "The version with both dieresis and accent is missing. Suggested addition is the following {{{ plus '΅Ι' => 'I', 'ΐ' => 'i', }}} " bagosm 13 44795 WordPress Heartbeat Interval stuck on 15 secs General 4.9.8 normal normal Awaiting Review defect (bug) new 2018-08-14T21:14:44Z 2019-06-12T13:57:09Z "Hi! I think I've found a bug with the WordPress Heartbeat API, in short, on some installs ( Only some ) I am unable to alter the interval. On some of our installs ( we manage 200+ ) we are finding admin-ajax.php hitting our servers pretty hard and on occasion will cause a 503 error. To try and resolve this ourselves, we have tried: - Deactivating all plugins, switched to the twenty fifteen theme. - Tried using specific plugins to alter this value ( 3 in total and all didn't alter this value ). - Tried using the code from the codex - this doesn't correct the issue on an affected install. - Tried asking WordPress Stack Exchange here: https://wordpress.stackexchange.com/questions/311123/unable-to-change-the-wordpress-heartbeat-interval-on-some-installs-others-allow - Tried the WordPress support forum here: https://wordpress.org/support/topic/wordpress-heartbeat-interval-problems-stuck-on-15-secs/ - Tried asking two hosting companies ( Still investigating ). - Tried asking Advanced WordPress Facebook group - no luck with anything here yet. As you can see, we've made significant effort to try and resolve this problem on our own without any luck. **Function causing the issue** Locating where this is coming from, I've tracked it to the heartbeat.js file. The function is interval on line 612 of the non minified version. If I alter the same function in heartbeat.min.js ( Altering 15e3 to 60e3 ), the interval will now be set to 60 and admin-ajax.php requests drop dramatically. With all the effort I've put in to fix this and failing, I can only assume this is a bug of some kind. **Other info** - This is not every website we have, on different hosting platforms. - Some websites are completely fine, others are not. - Doesn't seem to make a difference which browser ( Firefox and Chrome tested ). - All websites are updated often with the latest core version. **Expected Result** We expected to be able to adjust to heartbeat interval to a slower rate. Hopefully this covers everything needed, please let me know if not! Thanks Steven" Nicksws 3 44801 `image_constrain_size_for_editor()` forcing the `$content_width` messes up dimensions needs-unit-tests Media normal normal Future Release defect (bug) new 2018-08-15T09:27:19Z 2019-04-15T21:58:52Z "The `image_constrain_size_for_editor()` currently looks at the `$content_width` global that themes may define. For `medium_large`, `large` and any custom image sizes, the actual image size's width will be evaluated against the `$content_width`, and the minimum will be used. This results in the following (example): * Let's say `$content_width` is 640. * Let's say your `large` image size constraints are 1280x1280. * Let's say your image in `large` size is 1280x960. * Instead of using the image size width (1280), it will use the `$content_width` since it's smaller (640), resulting in 640x480 being used for the dimension of the image in `large` size. This makes sense for the default behavior, but that computed size is used in many different areas, including `wp_prepare_attachment_for_js()`, where the `sizes` property then would show something like this for the `large` size (continuing the above example): ```js { width: 640, height: 480, url: '.../my-image-1280x960.jpg', orientation: 'landscape' } ``` Regarding what I want to accomplish with the custom image sizes, this results in unexpected behavior. For example in my case, I was looking into dynamically generating media queries for a background image, using the sizes. I was expecting for my code to generate `@media (max-width: 1280px) ...` for the image, but it would generate `@media (max-width: 640px) ...` due to the changed size. As I already said, the `$content_width` global makes sense to take into account by default. However, it is currently hardcoded into the function. I think it should be moved into a filter (we already have `editor_max_image_size` which is perfect for that), so that someone could temporarily unhook that behavior for custom use-cases." flixos90 2 44802 WP Generate Tag cloud not generating Link (href) tag value and Role tag value. reporter-feedback Taxonomy 4.9.8 normal major Awaiting Review defect (bug) new 2018-08-15T12:48:32Z 2021-05-03T23:06:43Z "See demo: https://www.atsspec.com/blog/. The tags are generated using wp_generate_tag_cloud function but are not clickable and has ""role"" tag associated with each hyperlink." tpkahlon 3 44803 Add a page to a menu by its ID or slug Menus 4.9.8 normal normal Awaiting Review feature request new 2018-08-15T15:07:48Z 2019-01-30T05:38:39Z "I'm ""porting"" a college's website from Joomla to WordPress. Said website has +2000 pages, which span from ~2013 onwards. It's the biggest mess you can imagine. There are many repeated pages, repeated categories, empty categories and so on. Building the main menu for this website has been a pain in the ass, too, because the ""adding pages to a menu"" in WordPress is meant for small websites: For example, I was trying to add a page named ""Evaluación docente"". There are several pages called exactly the same, but typing ""Evaluación docente"", or ""Evaluacion docente"" (without accents), ""evaluacion docente"" or even """"Evaluación docente"""" (with the quotes, hoping them would help to do a exact match search) returned other pages that weren't the one I was looking for - nor even the other ""Evaluación docente"" pages! Seems like a very fuzzy search. Sometimes you're lucky and you get the page you're looking for, but sometimes you don't. So I think it would be wonderful if there were some sort of way to add a page to a menu by typing its id or its slug." milerm 1 44804 pretty_permalinks capability may not be detected correctly during a fresh install on a server without mod_rewrite Upgrade/Install 4.9.8 normal normal Awaiting Review defect (bug) new 2018-08-15T22:25:08Z 2018-08-15T22:25:08Z "I have a lighttpd server that has a pretty standard setup: no active `mod_rewrite` rules, but a [https://redmine.lighttpd.net/projects/lighttpd/wiki/Index-file-names_Details index-file] rule that names `index.php` as a index file (thus a sort of one-off rewrite). I don't know about other servers, but this may be not that uncommon as a default setup. Now look at [https://core.trac.wordpress.org/browser/tags/4.9/src/wp-admin/includes/upgrade.php#L298 wp_install_maybe_enable_pretty_permalinks()] in wp-admin/includes.upgrade.php. If you look closely, the routine to test for active mod_rewrite functionality will ping for `get_permalink( $first_post->ID )`, if it already exists. During a fresh install, it doesn't, and an empty string is used for testing. This leads to a false positive, since the empty path is rerouted despite the absence of true rewrite rules. Option `permalink_structure` is set to `/%year%/%monthnum%/%day%/%postname%/`, without the leading file name. If you go to the settings page later and change the permalink settings, the error is corrected and the file name inserted - now the `$first_post` exists. For almost all practical purposes, this poses no problems, but came to the fore in the most obscure of all places: while testing Gutenberg on a fresh install, the editor crashed - see https://github.com/WordPress/gutenberg/issues/8899." ccprog 44805 Resurrecting post from trash reverts its slug dev-feedback Posts, Post Types 4.9.7 normal normal Awaiting Review defect (bug) assigned 2018-08-16T06:26:13Z 2018-08-30T00:53:02Z "=== Steps to reproduce Using the REST API: * Create a post * Delete the post (not forced) * Update the post's slug * Update the post's status to `publish` ==== Create `POST wp-json/wp/v2/posts` {{{#!json { ""status"": ""publish"", ""slug"": ""a"", ""title"": ""a"" } }}} ==== Delete `DELETE wp-json/wp/v2/posts/<id>` ==== Update slug `POST wp-json/wp/v2/posts/<id>` {{{#!json { ""slug"": ""foo"" } }}} ==== Update status `POST wp-json/wp/v2/posts/<id>` {{{#!json { ""status"": ""publish"" } }}} === Expected Post should be published with a slug of `foo` (the updated value) === Actual Post is published with a slug of `a` (the old value) " ajmccluskey 4 44806 If commenter doesn't check (cookie) consent checkbox, don't use Gravatar. Privacy normal normal Awaiting Review enhancement new 2018-08-16T15:07:38Z 2020-10-16T22:41:12Z "I think it would be a safe assumption that if a user doesn't want cookies, they most likely don't want their image or a hash of their email to be publicly facing. If this is done, I propose we change the string for the checkbox, to specify this in particular. Related to #44067, #14682 " lakenh 8 44814 User table same schema, single and multisite dev-feedback Networks and Sites 3.3 normal normal Future Release enhancement new 2018-08-19T16:16:33Z 2019-01-25T17:28:07Z Currently, there is a difference between the users table database schema between single and multisite. I think this is problematic, as it is an unnecessary difference between single and multisite. It means conditional logic that is unnecessary and could make issues for developers querying the users table. spacedmonkey 4 44820 CodeMirror in Customize - copy & paste bug has-patch Customize 4.9 normal minor Future Release defect (bug) new 2018-08-20T16:10:30Z 2023-02-26T14:56:51Z "Wrong behavior in CodeMirror: I go to **Customize > Additional CSS** and copy one selector including the opening curly bracket ""{"". I paste the copied text at the end of the content of the CSS textarea and press enter to create a new line. The new line won't be created, instead Autocompletion of CodeMirror is executed and the CSS attribute **''align-content''** is added. Animated screen capture as GIF: [https://hipp.design/media/code-mirror-copy-paste.gif] It only happens, when the selector is pasted at the end (of the textarea) and if the CSS field was already filled out and the Customize have been saved before. " dionysous 4 44829 Twenty Sixteen: Microsoft Edge -- List Item Display Problem Bundled Theme 4.9.8 normal normal Awaiting Review defect (bug) new 2018-08-21T16:54:21Z 2021-07-01T16:42:08Z "When a left-aligned image is adjacent to a UL in MS Edge browser, a large gap appears between the list-item disc and the text within the LI. This problem does not occur in Chrome or Firefox. [https://imgur.com/NPYJ7Pw]" pracko 4 44835 Add a hidden input for 'original_post_status' to the inline-edit rows so it's available on the $_POST in save_post SergeyBiryukov has-patch Editor normal normal Future Release defect (bug) reviewing 2018-08-23T20:14:05Z 2019-01-21T22:49:01Z "Hello, Can we add a hidden input for 'original_post_status' into the '.inline-edit-save' div found in the inline-edit rows so that it's available on the $_POST object form save_post as it is when you save a post from the post edit screen. Background: I am writing a plugin for a client to introduce Draft Revisions on published posts. I have a cleanup function tied to save_post which purges the Draft Revisions if the post being saved has a status of 'publish' or was previously 'publish'. From normal post submission the original_post_status is available on the $_POST as it's a hidden input on the post editor. From inline-edits this fails as there's no hidden input for original_post_status. I searched for some time to come up with a solution and settled on a jquery trigger which injected the missing input when the inline-edit row opens. With it present the existing ajax/etc fires properly and populated the missing `$_POST['original_post_status']` that I required. Proposition: Add the hidden input for original_post_status onto the inline edit rows to make that information available to save_post. Thank you " garrett-eclipse 3 44837 Coding Indentation Issues dev-feedback Administration 4.9.8 normal minor Awaiting Review enhancement new 2018-08-24T09:00:25Z 2019-04-01T22:07:36Z "I am seeing in wp-admin files that coding indentation is missing like this file edit-tags.php The codes are written like this {{{ <form class=""search-form wp-clearfix"" method=""get""> <input type=""hidden"" name=""taxonomy"" value=""<?php echo esc_attr( $taxonomy ); ?>"" /> <input type=""hidden"" name=""post_type"" value=""<?php echo esc_attr( $post_type ); ?>"" /> <?php $wp_list_table->search_box( $tax->labels->search_items, 'tag' ); ?> </form> }}} which needs to be indented properly to make it more understandable. This can be check in other files as well where we are writing HTML as well as PHP. In this tickets preview how exactly the code is written so I am adding a screenshot as well https://prnt.sc/kmcjeu" prashantvatsh 2 44842 Search post box in mobile Posts, Post Types normal normal Future Release enhancement new 2018-08-25T06:15:19Z 2022-05-18T16:41:22Z "In mobile view when I go to posts screen, I found that search box is not on the top so I dragged all the way down and found that search box is there which is bit odd because why someone will go all the way down looking at posts to search any post. Please see: https://prnt.sc/kmo3jn We can make it like themes screen https://prnt.sc/kmo3k4 by just leaving the search box with a placeholder to search posts and since just typing and entering the text in the box works so they will be able to search the post " prashantvatsh 12 44844 switch_to_locale does not handle plugins/themes properly in multisite I18N 4.9.8 normal normal Awaiting Review defect (bug) new 2018-08-26T22:17:17Z 2018-11-05T19:26:22Z "Running the following test script should enable switching of languages in a multisite. {{{#!php require_once( dirname( __FILE__ ) . '/wp-load.php' ); switch_to_blog(2); switch_to_locale('sv_SE'); var_dump(__('my text','my-domain')); }}} However do to complexities I am not familiar with in unload_textdomain and get_translations_for_domain it does not work. Breaking it down unload_textdomain flags it as unloaded which _load_textdomain_just_in_time via get_translations_for_domain checks and aborts. the only way I have been able to do this is via some hacky filtering and mangling language globals. Example: {{{#!php switch_to_blog( $object['blog_id'] ); unset( $GLOBALS['locale'] ); $locale = get_locale(); unset( $GLOBALS['locale'] ); restore_current_blog(); add_filter( 'locale', [ $this, 'one_time_false' ] ); add_filter( 'override_unload_textdomain', [ $this, 'unload_textdomain' ], 10, 2 ); switch_to_locale( $locale ); remove_filter( 'locale', [ $this, 'one_time_false' ] ); remove_filter( 'override_unload_textdomain', [ $this, 'unload_textdomain' ] ); switch_to_blog( $object['blog_id'] ); }}} $this->unload_textdomain being: {{{#!php <?php public function unload_textdomain( $value, $domain ) { if ( isset( $GLOBALS['l10n'][ $domain ] ) ) { unset( $GLOBALS['l10n'][ $domain ] ); } return $value; } }}} and $this->one_time_false being: {{{#!php <?php public function one_time_false() { remove_filter( 'locale', [ $this, 'one_time_false' ] ); return false; } }}} Not sure how this should be refactored but this so far should really be unnecessary to do. Thanks." pcfreak30 2 44845 _get_list_table: Support for privacy requests tables dev-feedback Privacy 4.9.6 normal normal Future Release enhancement assigned 2018-08-27T09:32:12Z 2020-02-21T17:52:46Z "The admin table classes are served with {{{_get_list_table()}}}. I wonder if we should add a support for the classes: - {{{WP_Privacy_Data_Export_Requests_Table}}} - {{{WP_Privacy_Data_Removal_Requests_Table}}} in {{{_get_list_table()}}} for consistency. " birgire 8 44847 Redirect old date-based permalinks on structure changes needs-unit-tests Permalinks normal normal Awaiting Review defect (bug) new 2018-08-27T13:43:48Z 2019-01-08T07:14:12Z "If someone switches from `/%year%/%monthnum%/%day%/%postname%/` to `/%postname%/`: * `/%year%/%postname%/` redirects to the correct URL. * `/%year%/%monthnum%/%postname%/` shows a 404 error. * `/%year%/%monthnum%/%day%/%postname%/` shows a 404 error. All of these URLs should redirect to the correct one." SergeyBiryukov 2 44848 Ensure that empty author profiles have proper 404 behaviour dev-feedback Query normal normal Awaiting Review defect (bug) new 2018-08-27T14:33:38Z 2019-09-17T19:09:53Z "** Summary ** - WordPress 'creates' a ''profile posts archive'' (i.e., ""See all posts by [author name]"") for each user in the system. This can be reached by clicking 'view' from the Users table in wp-admin. - It does so, ''even if they have no posts'' - and even if they lack the permission to publish posts entirely. - Whilst the empty profile pages ''look'' like they serve a standard 404 error, in fact, they return a 200 HTTP header status, and just call the 404 template part for the main page body. - This results in many 'soft 404' pages/errors, which can adversley impact the way in search engines and other systems (Facebook, Twitter, etc) crawl, extract information from, and value/evaluate websites (see Google's documentation on soft 404s at https://support.google.com/webmasters/answer/181708?hl=en). It's important that we correct this behaviour in WordPress Core for numerous reasons; from compliance with basic web standards (error pages should return an appropriate HTTP header status), to adherence with the guidelines and preferences of external platforms (search engines, social networks, etc), to consistency with other page/template handling processes. ** Example ** A newly created `subscriber` user on a test site (called 'Test User 2') with no authored posts has an author archive accessible at https://yoast.jonoalderson.com/author/test-user-2/. Although this presents as a 404 error, the page returns meta data and behaviour consistent with a valid author request (see the tags contained in the `<head>` of the HTML source; particularly the `<meta>` tags). The body template then just calls the 404 template part. ** Solution ** We should ensure that these scenarios return proper/consistent 404 behaviour. Specifically, requests to author profiles where the author has zero posts should trigger normal 404 behaviour (including headers, query behaviour, etc), as opposed to just calling the 404 template. E.g., {{{ // If author archive has zero posts global $wp_query; $wp_query->set_404(); status_header(404); include( get_query_template( '404' ) ); die(); }}} As opposed to just: {{{ // If author archive has zero posts include( get_query_template( '404' ) ); die(); }}} " jonoaldersonwp 6 44849 Post type parameter not preserved when editing/deleting custom taxonomy term Taxonomy 4.9.8 normal normal Awaiting Review defect (bug) reopened 2018-08-27T15:54:23Z 2018-09-04T16:51:29Z "I get linked or redirected back to the Posts area in the admin menu after editing or deleting a custom taxonomy rather to the custom post type for which I registered the taxonomy. Steps: 1. Plugin registers custom post type then custom taxonomy 1. Visit custom taxonomy page via automatically generated link in admin menu: https://foo.example/wp-admin/edit-tags.php?taxonomy=CUSTOMTAX&post_type=CUSTOMPOST (custom post type section of admin menu is highlighted and open) 1. Add a term (term is added to the table at right) 1. Click term's name to open full edit page; delete link and form have no reference to the `post_type` that is in the URL of the current edit page. 1. Editing/deleting the term works, but afterwards I'm back at the terms list page in the context of Posts, not my custom post type. I can maintain the context, when editing, with this code: {{{ add_action( CUSTOMTAX . '_term_edit_form_top' , function() { ?><input type=hidden name=post_type value=<?= CUSTOMPOST ?>><?php } ); }}} I tried correcting the delete URL, and it got the parameter but the final redirect was missing it, thus the Posts submenu was open again: {{{ add_filter( 'admin_url' , function($url) { return preg_replace( '#/edit-tags\\.php\\?action=delete&(?:amp;)?taxonomy='. CUSTOMTAX . '(?=&)#' , '$0&post_type=' . CUSTOMPOST , $url ); } ); }}} " wallfur 4 44853 Remove extra condition dev-feedback Plugins normal minor Awaiting Review enhancement new 2018-08-28T03:45:58Z 2018-09-04T17:06:56Z Remove extra `if` condition from `get_plugins` function. abhijitrakas 1 44854 Bulk action missing/hidden on taxonomies has-patch Taxonomy 3.8 normal minor Awaiting Review defect (bug) new 2018-08-28T06:20:44Z 2021-11-09T15:16:06Z "I have found this issue on mobile. When I go to taxonomies like category/tags the bulk action on top of the table is missing. After inspecting it I found that it is getting hidden using CSS. We can make it visible there because if someone wants to bulk delete then they have to select from top and then have to scroll down to do so. Just because it is hidden using CSS still there are CSS rules putting margins and all there. For this we have to remove this css only: {{{ @media screen and (max-width: 782px){ .form-wrap>p, .tablenav .view-switch, .tablenav.top .actions, .tablenav.top .displaying-num, .tablenav.top .tablenav-pages.one-page { display: none; } } }}} This will explain what I want to say : https://screencast-o-matic.com/watch/cFju1nqupU Also here I am seeing that search box is at bottom we can put it just before the table." poojasahgal 4 44857 get_object_subtype uses get_user_by before it's defined reporter-feedback Users 4.9.8 normal normal Awaiting Review defect (bug) new 2018-08-28T09:35:18Z 2019-04-03T09:36:44Z "In 'get_object_subtype' on line 1308 in wp-includes/meta.php, the function 'get_user_by' is used. This function is defined in wp-includes/pluggable.php (line 87-109). However, 'pluggable.php' is not loaded until after the plugins have initialized (see wp-settings.php line 160). Therefore, the situation can occur that 'get_object_subtype' calls a function that isn't defined yet. Concretely, this situation occurs in the WPML plugin, in combination with a multisite installation. However, there are many other situations where it could occur (anywhere in any plugin initialization code). If you add a new site, the WPML plugin will try to assign the network admin new capabilities by calling (WP_User)->add_cap for all of the network administrators. 'add_cap' calls 'update_user_meta', which calls 'get_object_subtype', which results in a fatal error, which then displays a HTTP 500 error whenever the user is trying to access the WordPress dashboard. Fairly dramatic, indeed. For any googlers, you can resolve this issue by creating a file 'wpml-multisite-fix.php' in 'wp-content/mu-plugins', with the following content: {{{ <?php if ( ! function_exists( 'get_user_by' ) ) { /** * Define the 'get_user_by' function here instead of in pluggable.php, because WP 4.9.8 has a bug - * it uses 'get_user_by' before it's included (see meta.php line 1308, and see that it isn't * included yet in wp-settings.php line 160). * * @param string $field The field to retrieve the user with. id | ID | slug | email | login. * @param int|string $value A value for $field. A user ID, slug, email address, or login name. * @return WP_User|false WP_User object on success, false on failure. */ function get_user_by( $field, $value ) { $userdata = WP_User::get_data_by( $field, $value ); if ( ! $userdata ) { return false; } $user = new WP_User(); $user->init( $userdata ); return $user; } } }}}" infostreams 2 44862 Create REST API endpoints to lock, release and takeover post edition timothyblynjacobs REST API normal normal Awaiting Review feature request assigned 2018-08-29T13:05:41Z 2022-01-07T18:58:06Z "**Context** In this Gutenberg PR, we're trying to introduce post locking https://github.com/WordPress/gutenberg/pull/4217 To do so, we're reusing the existing ajaxActions, and the the non-REST API URLs to take over the posts. Ideally, we'd like to be able to lock, unlock and takeover edition of posts without the need of a page refresh or usage of ajax actions. **Questions** - I wonder if we should return an error in the PUT/DELETE requests on single posts if the post is locked by another user. (Not required for the ticket as a V1 but might be good to think about it). " youknowriad 13 44863 Modify the WordPress importer to handle .zip as well as .xml files Import normal normal Awaiting Review feature request new 2018-08-29T15:15:16Z 2018-08-29T15:34:49Z "Wordpress.com exports sites in two ways, as a .zip file (full of XML files) or as a single XML file, depending on whether the export is done from Calypso or wp-admin. The importer is expecting a single XML file, and fails if the user tries to import the zip file. Suggestion: Modify the importer to accept the .zip file, unzip it into tmp, and then import each of the included XML files." sterndata 1 44867 image editor: save modified image as a new copy joedolson* has-patch Media 5.2 normal normal Future Release enhancement accepted 2018-08-30T13:11:43Z 2024-02-12T20:33:11Z "WordPress allows multiple image sizes to be defined by a theme : they will affect how hard-crop/soft-crop is being used. Sometimes no autocropping is desirable because editors want to care themselves about it. For example blog posts having two images ratios (thumbnail for listing, 3:1 for wide-width header). Giving the possibility to derive one image from the other is very interesting : it avoid uploading two different images but still gives editor ability to do fine-tuned cropping. For this to work the image editor must be able to save a modified image as a COPY of the original image. Would an implementation be accepted? https://wordpress.org/ideas/topic/image-editing-option-to-save-a-copy " drzraf 22 44868 Upload plugin and theme functionalities do not check on PATHINFO_EXTENSION before upload. Upload normal normal Future Release enhancement new 2018-08-30T13:18:42Z 2018-08-31T06:39:52Z If you go to /wp-admin/plugins.php click the button **Add new** and you upload a .sql file or whatever file then this is possible. The fille end-up in the wp-uploads/ folder and will not be removed. There should which will check the extension and removes it if it is not a .zip file. csorbamedia 44884 "Notice something like ""Notice: Constant WP_UNINSTALL_PLUGIN already defined in testsite\wp-admin\includes\plugin.php on line 1016"" appears when try to delete multiple plugins by ""delete_plugins()"" function" has-patch Plugins 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-03T06:18:33Z 2018-09-10T21:48:13Z "When i try to uninstall multiple plugins, I am getting warning like ""Notice: Constant WP_UNINSTALL_PLUGIN already defined in testsite\wp-admin\includes\plugin.php on line 1016"". To demonstrate this issue i have developed testcode. Issue reproduce steps: * Please ensure that debug mode is on in your WordPress setup by ensuring below constant is on root/wp-config.php file: {{{#!php <?php define('WP_DEBUG', true); }}} * Install these plugins: Contact Form 7, Gutenberg, Jetpack by WordPress.com, WooCommerce and Yoast SEO * Please make new file as wp-content/mu-plugins/test.php and pate below code in it: {{{#!php <?php add_action('admin_init', function() { if (isset($_GET['t']) && 1 == $_GET['t']) { $uninstallable_plugins = array( 'contact-form-7/wp-contact-form-7.php', 'gutenberg/gutenberg.php', 'jetpack/jetpack.php', 'woocommerce/woocommerce.php', 'wordpress-seo/wp-seo.php', ); var_dump(delete_plugins($uninstallable_plugins)); die; } }); }}} * Open browser and open the address ""yoursite.com/wp-admin/?t=1"" and you will see error https://photos.app.goo.gl/BHeCDSF4uB2Eh4HNA" pmbaldha 1 44891 Activate button showing after theme activated has-patch Themes 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-05T06:24:28Z 2018-09-06T15:17:33Z "How to get bug:- First go on Appearance - > Theme After that active theme i will go on next page add new theme on this page my activated theme showing again active button." anilhada 4 44892 Theme install button showing again Themes 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-05T06:44:56Z 2019-03-13T18:39:28Z "How to get bug:- First go on Appearance - > Theme -> add new Click on install button and same time click on Preview button. on theme preview window again showing install button. and one more thing if again i am click on install button error massage will appear. " anilhada 1 44894 Add support for an optional `$roles` parameter to `populate_roles()` flixos90 needs-unit-tests Upgrade/Install normal normal Future Release enhancement assigned 2018-09-05T08:05:50Z 2019-01-23T23:22:19Z It should be possible to provide custom roles (and capabilities) to `populate_roles()` when populating a new site with its roles. This came up during work on #41333. flixos90 4 44897 Theme installed success message not showing when installing multiple themes Themes 4.9.8 normal normal Future Release defect (bug) new 2018-09-05T09:39:35Z 2021-04-17T08:35:03Z "How to get bug:- First go on Appearance - > Theme -> add new 1. Click on uninstall theme Preview button. after that preview page will open. 2. Click on install button and same time click on next button near by install button. 3. Next theme preview page open again click on install button and click on close button. In this case we are install two theme but install massage will appear on only one theme. " anilhada 2 44899 redirect_canonical redirects to another URL when it should not needs-unit-tests Canonical 4.9.8 normal critical Awaiting Review defect (bug) new 2018-09-05T14:34:56Z 2018-09-06T07:32:25Z "Hi, on a fresh install of WordPress 4.9.8 : http://sub.yourdomain.com/?xtor=AD-4970-%5BSocial%5D-%5B%5D-%5BPPL%5D-%5BFacebook%5D-%5B228284160&105478095%5D-%5B0%5D will be redirected to : http://sub.yourdomain.com/?xtor=AD-4970-%5BSocial%5D-%5B%5D-%5BPPL%5D-%5BFacebook%5D-%5B228284160&105478095]-%5B0%5D Problem is : it does an 301. And, combined with Facebook mobile on Iphone link to the WordPress, it retries forever. 21 000 hits / 5 minutes on our server. Glad it was strong enough to sustain until we find the bug and temporarily deactivated {{{ redirect_canonical }}} with : {{{#!php <?php remove_action('template_redirect', 'redirect_canonical'); }}} " melicerte 44900 add post lock display to Media Library has-patch Media normal normal Future Release enhancement new 2018-09-05T16:53:06Z 2020-03-26T17:44:05Z "`WP_Posts_List_Table` shows which posts are currently being edited by other users (screenshot coming). `WP_Media_List_Table` should do so as well (screenshot coming). Much of the support for post locks on media already exists in core: 1. when media is edited (in list mode, see below for discussion on grid mode), core already correctly updates the `_edit_lock` and `_edit_last` postmetas for the attachment 1. both ends of the ""Take Over"" modal dialog already function as expected when editing media (screenshots coming) To support post locks for media several other things need to happen: 1. add the appropriate markup to the output of `WP_Media_List_Table` (in list mode, see below for discussion on grid mode) 1. `/wp-admin/upload.php` needs to enqueue: 1. the Heartbeat API 1. JS that uses the Heartbeat API to update the post lock display A patch that does the above is coming shortly. As hinted at above, handling post locks in grid mode will require more work: 1. design work will be needed for how to display the fact that there is a post lock in grid mode (screenshot coming) 1. once that design work is done then code (probably JS) will need to be written to implement the design 1. several changes will be needed to the ""Attachment Details"" screen that comes up when an attachment is clicked on from grid mode: 1. the `_edit_lock` and `_edit_last` postmetas will need to be updated when the user enters this screen 1. some JS based on the Heartbeat API will need to check for newly acquired post locks and fire the ""Take Over"" modal dialog 1. I think the previous item will take care of things when the user clicks on the ""Edit Image"" button from the ""Attachment Details"" screen, but that remains to be seen 1. Note: when a user clicks on the ""Edit more details"" link the existing core functionality and the changes to list mode above take over and no more changes are needed to handle that I'm unfamiliar with the JS-side of grid mode so at this point can't provide a patch for those changes, but would gladly help someone else work on that (if only so I can learn that JS piece)." pbiron 16 44903 Multisite - Archive Main Query Duplicate Paged Posts reporter-feedback Query 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-06T16:15:45Z 2018-09-13T08:23:59Z "Hi there, I noticed today, on my multisite, a post type archive such as posts, etc, while using the main query that wordpress sets, and pagination /page/2/ for example, this shows duplicate posts. I tested this on a fresh multisite install of wordpress with a fresh database. " barryhanbury 3 44906 "Include greek accent characters on ""remove_accents"" function" dev-feedback Formatting 4.9.8 normal minor Awaiting Review enhancement new 2018-09-06T19:53:57Z 2018-09-13T01:19:43Z "Hi, I extended the ""remove_accents"" function to support greek accents. If you wish you can add it in core. I have just added greek characters after: {{{#!php elseif ( 'el' == $locale ) { }}} Thanks {{{#!php <?php function remove_accents( $string ) { if ( !preg_match('/[\x80-\xff]/', $string) ) return $string; if (seems_utf8($string)) { $chars = array( // Decompositions for Latin-1 Supplement 'ª' => 'a', 'º' => 'o', 'À' => 'A', 'Á' => 'A', 'Â' => 'A', 'Ã' => 'A', 'Ä' => 'A', 'Å' => 'A', 'Æ' => 'AE','Ç' => 'C', 'È' => 'E', 'É' => 'E', 'Ê' => 'E', 'Ë' => 'E', 'Ì' => 'I', 'Í' => 'I', 'Î' => 'I', 'Ï' => 'I', 'Ð' => 'D', 'Ñ' => 'N', 'Ò' => 'O', 'Ó' => 'O', 'Ô' => 'O', 'Õ' => 'O', 'Ö' => 'O', 'Ù' => 'U', 'Ú' => 'U', 'Û' => 'U', 'Ü' => 'U', 'Ý' => 'Y', 'Þ' => 'TH','ß' => 's', 'à' => 'a', 'á' => 'a', 'â' => 'a', 'ã' => 'a', 'ä' => 'a', 'å' => 'a', 'æ' => 'ae','ç' => 'c', 'è' => 'e', 'é' => 'e', 'ê' => 'e', 'ë' => 'e', 'ì' => 'i', 'í' => 'i', 'î' => 'i', 'ï' => 'i', 'ð' => 'd', 'ñ' => 'n', 'ò' => 'o', 'ó' => 'o', 'ô' => 'o', 'õ' => 'o', 'ö' => 'o', 'ø' => 'o', 'ù' => 'u', 'ú' => 'u', 'û' => 'u', 'ü' => 'u', 'ý' => 'y', 'þ' => 'th', 'ÿ' => 'y', 'Ø' => 'O', // Decompositions for Latin Extended-A 'Ā' => 'A', 'ā' => 'a', 'Ă' => 'A', 'ă' => 'a', 'Ą' => 'A', 'ą' => 'a', 'Ć' => 'C', 'ć' => 'c', 'Ĉ' => 'C', 'ĉ' => 'c', 'Ċ' => 'C', 'ċ' => 'c', 'Č' => 'C', 'č' => 'c', 'Ď' => 'D', 'ď' => 'd', 'Đ' => 'D', 'đ' => 'd', 'Ē' => 'E', 'ē' => 'e', 'Ĕ' => 'E', 'ĕ' => 'e', 'Ė' => 'E', 'ė' => 'e', 'Ę' => 'E', 'ę' => 'e', 'Ě' => 'E', 'ě' => 'e', 'Ĝ' => 'G', 'ĝ' => 'g', 'Ğ' => 'G', 'ğ' => 'g', 'Ġ' => 'G', 'ġ' => 'g', 'Ģ' => 'G', 'ģ' => 'g', 'Ĥ' => 'H', 'ĥ' => 'h', 'Ħ' => 'H', 'ħ' => 'h', 'Ĩ' => 'I', 'ĩ' => 'i', 'Ī' => 'I', 'ī' => 'i', 'Ĭ' => 'I', 'ĭ' => 'i', 'Į' => 'I', 'į' => 'i', 'İ' => 'I', 'ı' => 'i', 'IJ' => 'IJ','ij' => 'ij', 'Ĵ' => 'J', 'ĵ' => 'j', 'Ķ' => 'K', 'ķ' => 'k', 'ĸ' => 'k', 'Ĺ' => 'L', 'ĺ' => 'l', 'Ļ' => 'L', 'ļ' => 'l', 'Ľ' => 'L', 'ľ' => 'l', 'Ŀ' => 'L', 'ŀ' => 'l', 'Ł' => 'L', 'ł' => 'l', 'Ń' => 'N', 'ń' => 'n', 'Ņ' => 'N', 'ņ' => 'n', 'Ň' => 'N', 'ň' => 'n', 'ʼn' => 'n', 'Ŋ' => 'N', 'ŋ' => 'n', 'Ō' => 'O', 'ō' => 'o', 'Ŏ' => 'O', 'ŏ' => 'o', 'Ő' => 'O', 'ő' => 'o', 'Œ' => 'OE','œ' => 'oe', 'Ŕ' => 'R','ŕ' => 'r', 'Ŗ' => 'R','ŗ' => 'r', 'Ř' => 'R','ř' => 'r', 'Ś' => 'S','ś' => 's', 'Ŝ' => 'S','ŝ' => 's', 'Ş' => 'S','ş' => 's', 'Š' => 'S', 'š' => 's', 'Ţ' => 'T', 'ţ' => 't', 'Ť' => 'T', 'ť' => 't', 'Ŧ' => 'T', 'ŧ' => 't', 'Ũ' => 'U', 'ũ' => 'u', 'Ū' => 'U', 'ū' => 'u', 'Ŭ' => 'U', 'ŭ' => 'u', 'Ů' => 'U', 'ů' => 'u', 'Ű' => 'U', 'ű' => 'u', 'Ų' => 'U', 'ų' => 'u', 'Ŵ' => 'W', 'ŵ' => 'w', 'Ŷ' => 'Y', 'ŷ' => 'y', 'Ÿ' => 'Y', 'Ź' => 'Z', 'ź' => 'z', 'Ż' => 'Z', 'ż' => 'z', 'Ž' => 'Z', 'ž' => 'z', 'ſ' => 's', // Decompositions for Latin Extended-B 'Ș' => 'S', 'ș' => 's', 'Ț' => 'T', 'ț' => 't', // Euro Sign '€' => 'E', // GBP (Pound) Sign '£' => '', // Vowels with diacritic (Vietnamese) // unmarked 'Ơ' => 'O', 'ơ' => 'o', 'Ư' => 'U', 'ư' => 'u', // grave accent 'Ầ' => 'A', 'ầ' => 'a', 'Ằ' => 'A', 'ằ' => 'a', 'Ề' => 'E', 'ề' => 'e', 'Ồ' => 'O', 'ồ' => 'o', 'Ờ' => 'O', 'ờ' => 'o', 'Ừ' => 'U', 'ừ' => 'u', 'Ỳ' => 'Y', 'ỳ' => 'y', // hook 'Ả' => 'A', 'ả' => 'a', 'Ẩ' => 'A', 'ẩ' => 'a', 'Ẳ' => 'A', 'ẳ' => 'a', 'Ẻ' => 'E', 'ẻ' => 'e', 'Ể' => 'E', 'ể' => 'e', 'Ỉ' => 'I', 'ỉ' => 'i', 'Ỏ' => 'O', 'ỏ' => 'o', 'Ổ' => 'O', 'ổ' => 'o', 'Ở' => 'O', 'ở' => 'o', 'Ủ' => 'U', 'ủ' => 'u', 'Ử' => 'U', 'ử' => 'u', 'Ỷ' => 'Y', 'ỷ' => 'y', // tilde 'Ẫ' => 'A', 'ẫ' => 'a', 'Ẵ' => 'A', 'ẵ' => 'a', 'Ẽ' => 'E', 'ẽ' => 'e', 'Ễ' => 'E', 'ễ' => 'e', 'Ỗ' => 'O', 'ỗ' => 'o', 'Ỡ' => 'O', 'ỡ' => 'o', 'Ữ' => 'U', 'ữ' => 'u', 'Ỹ' => 'Y', 'ỹ' => 'y', // acute accent 'Ấ' => 'A', 'ấ' => 'a', 'Ắ' => 'A', 'ắ' => 'a', 'Ế' => 'E', 'ế' => 'e', 'Ố' => 'O', 'ố' => 'o', 'Ớ' => 'O', 'ớ' => 'o', 'Ứ' => 'U', 'ứ' => 'u', // dot below 'Ạ' => 'A', 'ạ' => 'a', 'Ậ' => 'A', 'ậ' => 'a', 'Ặ' => 'A', 'ặ' => 'a', 'Ẹ' => 'E', 'ẹ' => 'e', 'Ệ' => 'E', 'ệ' => 'e', 'Ị' => 'I', 'ị' => 'i', 'Ọ' => 'O', 'ọ' => 'o', 'Ộ' => 'O', 'ộ' => 'o', 'Ợ' => 'O', 'ợ' => 'o', 'Ụ' => 'U', 'ụ' => 'u', 'Ự' => 'U', 'ự' => 'u', 'Ỵ' => 'Y', 'ỵ' => 'y', // Vowels with diacritic (Chinese, Hanyu Pinyin) 'ɑ' => 'a', // macron 'Ǖ' => 'U', 'ǖ' => 'u', // acute accent 'Ǘ' => 'U', 'ǘ' => 'u', // caron 'Ǎ' => 'A', 'ǎ' => 'a', 'Ǐ' => 'I', 'ǐ' => 'i', 'Ǒ' => 'O', 'ǒ' => 'o', 'Ǔ' => 'U', 'ǔ' => 'u', 'Ǚ' => 'U', 'ǚ' => 'u', // grave accent 'Ǜ' => 'U', 'ǜ' => 'u', ); // Used for locale-specific rules $locale = get_locale(); if ( 'de_DE' == $locale || 'de_DE_formal' == $locale || 'de_CH' == $locale || 'de_CH_informal' == $locale ) { $chars[ 'Ä' ] = 'Ae'; $chars[ 'ä' ] = 'ae'; $chars[ 'Ö' ] = 'Oe'; $chars[ 'ö' ] = 'oe'; $chars[ 'Ü' ] = 'Ue'; $chars[ 'ü' ] = 'ue'; $chars[ 'ß' ] = 'ss'; } elseif ( 'da_DK' === $locale ) { $chars[ 'Æ' ] = 'Ae'; $chars[ 'æ' ] = 'ae'; $chars[ 'Ø' ] = 'Oe'; $chars[ 'ø' ] = 'oe'; $chars[ 'Å' ] = 'Aa'; $chars[ 'å' ] = 'aa'; } elseif ( 'ca' === $locale ) { $chars[ 'l·l' ] = 'll'; } elseif ( 'sr_RS' === $locale || 'bs_BA' === $locale ) { $chars[ 'Đ' ] = 'DJ'; $chars[ 'đ' ] = 'dj'; } elseif ( 'el' == $locale ) { $chars[ 'Ά' ] = 'Α'; $chars[ 'ά' ] = 'α'; $chars[ 'Έ' ] = 'Ε'; $chars[ 'έ' ] = 'α'; $chars[ 'Ί' ] = 'Ι'; $chars[ 'ί' ] = 'ι'; $chars[ 'ΐ' ] = 'ϊ'; $chars[ 'Ύ' ] = 'Υ'; $chars[ 'ύ' ] = 'υ'; $chars[ 'ΰ' ] = 'ϋ'; $chars[ 'Ή' ] = 'Η'; $chars[ 'ή' ] = 'η'; $chars[ 'Ό' ] = 'Ο'; $chars[ 'ό' ] = 'ο'; $chars[ 'Ώ' ] = 'Ω'; $chars[ 'ώ' ] = 'ω'; } $string = strtr($string, $chars); } else { $chars = array(); // Assume ISO-8859-1 if not UTF-8 $chars['in'] = ""\x80\x83\x8a\x8e\x9a\x9e"" .""\x9f\xa2\xa5\xb5\xc0\xc1\xc2"" .""\xc3\xc4\xc5\xc7\xc8\xc9\xca"" .""\xcb\xcc\xcd\xce\xcf\xd1\xd2"" .""\xd3\xd4\xd5\xd6\xd8\xd9\xda"" .""\xdb\xdc\xdd\xe0\xe1\xe2\xe3"" .""\xe4\xe5\xe7\xe8\xe9\xea\xeb"" .""\xec\xed\xee\xef\xf1\xf2\xf3"" .""\xf4\xf5\xf6\xf8\xf9\xfa\xfb"" .""\xfc\xfd\xff""; $chars['out'] = ""EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy""; $string = strtr($string, $chars['in'], $chars['out']); $double_chars = array(); $double_chars['in'] = array(""\x8c"", ""\x9c"", ""\xc6"", ""\xd0"", ""\xde"", ""\xdf"", ""\xe6"", ""\xf0"", ""\xfe""); $double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th'); $string = str_replace($double_chars['in'], $double_chars['out'], $string); } return $string; } }}} " papazetis 3 44910 function for discriminating during auto saving has-patch Autosave normal trivial Awaiting Review feature request new 2018-09-07T05:33:12Z 2018-09-07T06:01:17Z "I want a function to distinguish auto saving like **wp_doing_cron** or **wp_doing_ajax**. The following code can be simplified. before {{{ if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) { //do something } }}} after {{{ if ( wp_doing_autosave() ) { //do something } }}} " mt8.biz 44921 User nicename discovery is slow to return has-patch Users 2.0 normal normal Awaiting Review defect (bug) new 2018-09-08T12:12:26Z 2019-01-07T01:51:33Z "In the function `wp_insert_user` it checks to is if the user nicename is in use by another user before saving. This is because, a nicename should is required to be unique. Unlike usernames, however, that rejects already in use usernames, if first checks to see if the nicename is in uses, then runs a while loop to try and find the next available nicename with a suffix. So nicename jonny becomes jonny_2 if jonny is already in use. The behaviour is fine, however it uses a while loop to find the next available nicename, which can result in an extremely high number of queries. Take the following use case. You have a script that generates 10000 test users for a site. The call to wp_insert_user, passed `'user_nicename' => 'test_user'`. Within the function call, it will run the while loop and find next available nicename. By the 9999th call, it would have to loop around 9999 to find the next slot, making the return of wp_insert_user extremely slow. For testing scripts and sites with lots of registered users, this could make `wp_insert_user` almost unusable. " spacedmonkey 3 44923 Filter .children class on nested comments list Comments normal normal Awaiting Review enhancement new 2018-09-09T20:52:44Z 2019-04-21T07:19:28Z "The `start_lvl()` method of `Walker_Comment` should have a filter hook to customize the `.children` class. This will allow theme authors to utilize their preferred system or CSS framework for handling nested comment lists. And, `.children` is generic and requires writing nested CSS selectors to target it. This change would put the comment walker on par with the nav menu walker, where we have the `nav_menu_submenu_css_class` filter hook." greenshady 6 44929 Revisions: wp_get_revision_ui_diff only displays existing meta fields of the current post Revisions normal normal Awaiting Review defect (bug) new 2018-09-11T08:38:42Z 2019-01-16T23:01:18Z "For reproducing the issue: 1. Turn on revisions 2. Create a post 3. Save 4. Create a custom field with some value 5. Save 6. Delete the custom field 7. Save 8. Go to the revision comparison 9. The field added and deleted won't display in the comparision After doing some debug I found out that the the foreach loop in the function wp_get_revision_ui_diff in wp-admin\includes\revision.php uses _wp_post_revision_fields( $post ) which only takes into consideration of the custom fields of the actual post. Solution: Change: {{{ foreach ( _wp_post_revision_fields( $post ) as $field => $name ) { }}} To: {{{ $fields_from = array(); $fields_to = array(); if ( $compare_from != null ) $fields_from = _wp_post_revision_fields( $compare_from ); if ( $compare_to != null ) $fields_to = _wp_post_revision_fields( $compare_to ); $fields = array_merge( $fields_from, $fields_to, _wp_post_revision_fields( $post ) ); foreach ( $fields as $field => $name ) { }}} " luisarn 1 44937 Add _doing_it_wrong to load_plugin_textdomain dev-feedback I18N 4.7 normal normal Future Release enhancement new 2018-09-13T07:03:43Z 2024-02-28T14:33:21Z "Hello, Came across a race condition when the load_plugin_textdomain is called (for lack of a better term) 'naked' in plugins, most recently Github Updater. This only affects WP 4.7+ as it relates to the User Locale vs. the Site Locale within the admin area. If you call load_plugin_textdomain in your plugin outside of a init or plugins_loaded action then your plugin will load it's strings based on the site locale rather than the admin's locale. The Codex - https://codex.wordpress.org/Function_Reference/load_plugin_textdomain It provides an example using plugins_loaded but doesn't indicate any issue. I'm unsure the root of the issue but I assume the plugin loads prior to the user so their locale isn't available when the MO object is loaded into the $l10n global. I don't know if it's possible to make the user locale available to plugins running load_plugin_textdomain prior to init and since the issue isn't present prior to 4.7 feel a _doing_it_wrong prompt will help plugin developers avoid the pitfall. I haven't tried with other plugins or examples but to reproduce; 1. Install clean WP 2. Install GitHub Updater <8.3 - (8.2.1 - https://github.com/afragen/github-updater/tree/8.2.1) 3. Set Site Locale to de_DE or fr_FR or .... 4. Set User Locale to en_US 5. Install all translations 6. Visit GitHub Updater dashboard And you'll find it's not in en_US it's in the site locale. *If it's half en and half your site locale those are from missing strings on the site locale. Then if you replace with 8.3+ (https://github.com/afragen/github-updater/tree/develop) you'll find the panel in user locale as 8.3 fixed this issue by wrapping load_plugin_textdomain in a plugins_loaded action function. And I'll wrap up with a concept snippet for the load_plugin_textdomain function; {{{#!php <?php if ( ! did_action( 'init' ) && ! did_action( 'plugins_loaded' ) ) { _doing_it_wrong( 'load_plugin_textdomain', sprintf( /* translators: 1: function 2: init, 3: plugins_loaded */ __( 'The %1$s should be called from the %2$s or %3$ hooks.' ), '<code>load_plugin_textdomain</code>', '<code>init</code>', '<code>plugins_loaded</code>' ), '4.7.0' ); } }}} And it seems I'm not alone; https://status301.net/why-load_plugin_textdomain-would-not-work/ Cheers" garrett-eclipse 7 44940 Empty confirm_key property in WP_User_Request when hooking in the user_request_action_email_content dev-feedback Privacy 4.9.6 normal normal Awaiting Review defect (bug) new 2018-09-13T14:42:39Z 2020-10-16T22:44:17Z "I need to change the look (and the url) of the link for the request personal data deletion/export, so I hooked to `user_request_action_email_content` filter, and inspected the `$email_data` so that I can get the request `ID` and the `confirm_key` in my email. But upon inspecting the data provided I can see the confirmation key in the `confirm_url` key of the `$email_data`, but the field in the object is empty. This is intentional or a bug? {{{#!php Array ( [request] => WP_User_Request Object ( [ID] => 334 [user_id] => 20 [email] => my.email.[at]example.com [action_name] => export_personal_data [status] => request-pending [created_timestamp] => 1536847994 [modified_timestamp] => 1536847994 [confirmed_timestamp] => 0 [completed_timestamp] => 0 [request_data] => Array ( ) [confirm_key] => ) [email] => my.email.[at]example.com [description] => Export Personal Data [confirm_url] => https://my-site.com/wp-login.php?action=confirmaction&request_id=334&confirm_key=wjjeDD3mx5J02U51F7Zt [sitename] => My Cool site [siteurl] => https://my-site.com/ ) }}} " dingo_d 3 44958   character in title generates a permalink (and slug) with space has-patch Permalinks 4.8 normal normal 6.6 defect (bug) assigned 2018-09-17T20:44:22Z 2024-02-12T16:22:54Z "If a title has an   character copy pasted or if the permalink has a   copy pasted It will generate a permalink and slug with an space breaking some elements on the site I generated an empty wordpress install without any plugins to test it, and it has the same problem" ace2_heart 26 44960 wp-login.php does not allow redirecting 'read' capability (Subscriber) to Dashboard instead of Profile upon login Login and Registration normal normal Awaiting Review defect (bug) new 2018-09-18T15:34:01Z 2018-09-18T15:34:01Z "Re: https://github.com/WordPress/WordPress/blob/4.9.8/wp-login.php#L965 I understand checking if $redirect_to is empty, but why specifically intercept users without 'edit_posts' capability that do have 'read' capability? Here's some code that I am using to override this: https://gist.github.com/cliffordp/35d74c3bceec9fbd10547b5d1ba988e5 I'm hoping this snippet will not be needed in the future. Thank you." cliffpaulick 44964 `redirect_guess_404_permalink` doesn't support array in `post_type` var needs-unit-tests Query 4.9 normal normal Awaiting Review defect (bug) new 2018-09-19T09:35:59Z 2018-10-01T12:37:02Z `redirect_guess_404_permalink` doesn't support array in post_type var, but other core WordPress parts support it. viliamkopecky 1 44965 WordPress Core strips $_GET['error'] occasionally SergeyBiryukov* dev-feedback Query normal normal Future Release defect (bug) accepted 2018-09-19T13:30:20Z 2022-09-21T09:08:29Z "I have a plugin that is an OAuth2 consumer for integrating with Stripe Connect. I created a new custom endpoint by adding a query var, and a rewrite rule, so everything that lands on `/stripe_connect` will get dealt with by my plugin's code. If user denies the connection request at Stripe, they are redirected back to my site with roughly the following URL params in tow: `/stripe_connect?state=3__5e4e4d4c9df8e6948a33fdfb44f75c0f&error=access_denied&error_description=The+user+denied+your+request` * `state` is a custom param I set that gets replayed to me * `error` is `access_denied`, which is the standard that Stripe will do in this case, see https://stripe.com/docs/connect/oauth-reference#get-authorize-errors * `error_description` is a human readable problem However in `parse_request`, a variable by the name of `$error` gets set to `404` at the beginning, and as it matches the rules, if it's still 404 (ie no other error popped up, it will then unset `$_GET['error']`. Link to code: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp.php#L260 Which is something I'd actually need to deal with. Currently the way to get around it is to use `$_REQUEST` instead of `$_GET`, however `$_REQUEST` also has POST variables in it, so I can't make sure that the `error` I'm getting is actually due to a query param. I also haven't found a ticket that had this listed as a problem. What was the reasoning for unsetting that $_GET var? I see that they were added originally in [1570] (14 years ago), however is that still a valid reason?" javorszky 6 44968 Header Text color option doing two jobs, so both suffer dev-feedback Customize normal normal Awaiting Review defect (bug) new 2018-09-19T20:39:00Z 2020-11-04T06:09:37Z "There are two issues, both of which have been addressed before. #23761, #22498 The Header Text color option and the Display Site Title and Tagline option use the same storage space (theme_mod), so there is no way to hide the title and use the color for other header text, and when the title is unhidden the color is (sort of) the default. Steps to reproduce: 1. In Customizer, note the header text color for comparison later. 2. Hide the site title. 3. Save and exit the Customizer. 4. Open Customizer and unhide the site title. 5. Look at the header text color and compare to value from step 1. What I expect: 1. The header text color could be used for other header text besides the site title. Hiding the title should not hide the color selection. 2. The color set before the title was hidden should be restored when the title is unhidden. What actually happens: 1. The color option is used to indicate the visibility of the site title, so the color is set to 'blank'. 2. Other text in the header cannot be styled with the header text color if the site title is hidden. 3. When the site title is unhidden, the header text color option shows a color for the swatch that is the default color, but the text input box is empty and the color indicator shows black (as if it were 0). Or just set the color of the header text, hide it, unhide it, and the color you chose is gone. I think it should be two separate options for color and hiding. I don't know how that would affect backward compatibility, but it is the best solution." joyously 4 44969 Add support to limit results in get_objects_in_term() dev-feedback Taxonomy normal normal Awaiting Review enhancement new 2018-09-20T02:43:36Z 2020-05-03T04:28:16Z "The `get_objects_in_term()` function currently returns all object IDs related to a term in a taxonomy. On sites with many term relationships, this may result in tens of thousands of them. Without a way to limit the results, developers currently need to write their own custom database query just to inject their own `LIMIT` clause. Conveniently, the `get_objects_in_term()` function already has a third `$args` parameter that's currently only used to pass in a sort-order of `ASC` or `DESC`, so adding support for other query clauses is technically straight forward." johnjamesjacoby 1 44971 Enable WP_Community_Events to find cached events even if it's instantiated without a user location has-patch Administration normal normal Awaiting Review enhancement new 2018-09-20T13:59:25Z 2019-01-16T06:50:09Z "The ""WordPress Events and News"" dashboard widget in `wp-admin` makes requests to the `http://api.wordpress.org/events/1.0/` endpoint for details about WordPress community events in a particular location. The class that powers the widget caches the event data for a location in a transient, using the user's IP address as the key. At the moment, the localisation function that retrieves this cached data for the dashboard JS, `wp_localize_community_events`, relies on the fact that the ajax request handler that fetches it, `wp_ajax_get_community_events`, saves the user's last known location as a user option. We'd like to show the community events in Calypso too. We've created an endpoint on public-api.wordpress.com (D18510-code) which instantiates `WP_Community_Events` and fetches the events. We're not persisting the user's last known location, so we're not generally passing a location array to the constructor. To avoid putting too much pressure on the `api.wordpress.org` endpoint, we'd like to make sure the class's `get_cached_events` method checks if there are cached events for the user's network IP before it makes a request to the API. We have a workaround for this in our endpoint (D18510-code), which calls `get_unsafe_client_ip` to create a location for the user if none is provided in search params; but it seems to make more sense to enable the class to handle this case. `WP_Community_Events` currently tries to retrieve cached events before it makes a request to the API. If nothing's found in the cache, it calls `get_unsafe_client_ip` before making the request. This patch moves that call to before the cache search, so that even if the class is instantiated without a location, it'll still be able to find any events cached for the user's current IP. " andfinally 44972 wp_get_current_user() misbehavior Users normal normal Awaiting Review defect (bug) new 2018-09-20T16:30:06Z 2018-09-23T14:54:22Z "You might say that the problem is coming from plugins, but wanted to mention this: Sometimes, I've found that some plugins use: `$smth = get_bloginfo('language'...);` 1) directly in plugin php file (i mean out of the hook, just directly as a new line), 2) or sometimes that code is used in `class` `__construct` method (not different than first one - you know, constructor is executed directly too). to reproduce the problem, just place that line in any plugin/functions.php, then enter WP dashboard, and you get: `Sorry, you are not allowed to access this page.` yes, just using that code in XYZ plugin (without any further action, just that code), causes you to be blocked out from wp. I've researched and the chain goes like -> get_bloginfo()->get_user_locale() ->wp_get_current_user()----> `wp_set_current_user( $user_id );` <---- this one makes the issue i think. so, i dont know, but i think get_bloginfo function (or get_current user function) which may be **EVEN** fired incorrectly, shouldnt cause that problem." tazotodua 2 44973 Issues with $wpdb->get_col_info has-patch Database 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-20T21:37:49Z 2018-09-23T14:50:24Z "When attempting to get certain column information using $wpdb->get_col_info I get the following error notice: Notice: Undefined property: stdClass::$primary_key in ..../wp-includes/wp-db.php on line 3211 Similar for 'not_null' and several of the other options. Name, type, etc. work just fine. It looks like not all the properties are set for all the options listed in the docs - https://codex.wordpress.org/Class_Reference/wpdb#Getting_Column_Information" drocks13 44976 Proposal to add deregister_control_type(), deregister_panel_type() and deregister_section_type() methods to WP_Customize_Manager dev-feedback Customize normal normal Awaiting Review enhancement assigned 2018-09-21T06:17:24Z 2019-06-01T15:47:37Z "Today was the time I wish I am able to remove a registered customizer control. I also have a patch to implement a deregister_control_type()" Collizo4sky 14 44977 Transient fill fail delete to itself if it's timeout option is missing Options, Meta APIs normal normal Awaiting Review defect (bug) new 2018-09-21T11:25:44Z 2018-09-23T12:47:02Z "Just faced this issue - for some reason, the transient was not deleting itself. While checking the DB, the option with the transient was there, while the timeout option was missing (probably a glitch while saving to DB). Now, if you check get_transient() in option.php (quick link https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-includes/option.php#L0 ) you can see that these are deleted only if both exist and both pass the test: {{{ [...] if ( false !== $timeout && $timeout < time() ) { DELETING TRANSIENT} [...] }}} Otherwise transient will hang... forever. This should be tuned up so it also checks that these options exist, and delete transient if timeout is absolete." nlozovan 44980 When using a mobile browser (iOS 12) and the Visual Editor you won’t be able to properly select/highlight text has-patch Editor 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-21T23:46:00Z 2019-03-02T06:35:18Z "Hi folks! I was able to reproduce this issue by using the latest version of WordPress.org and also on a WordPress.com site. **Steps to reproduce the problem:** 1. Log in to your WordPress site using a browser (Safari or Chrome) on any device with iOS 12. 2. Edit or create a post/page with text on it using the Visual Editor 3. Select/highlight any word. Then try to highlight the next or previous word. **What happens** It won't let you highlight what you want. Instead, it will highlight all the paragraph or nothing. Here's a video: http://cld.wthms.co/NwMb1X (You will notice this only happens with the Visual Editor and not the Text Editor) **What I expected** To be able to highlight the text as in the Text Editor ---- **Devices where I was able to replicate this:** iPhone 6 Plus and iPad Air 2 (A1567) **OS:** iOS 12.0 **Browser:** Safari & Chrome" Geost 4 44981 Make notice on Privacy Policy page to 'Check out our guide' dismissable garrett-eclipse has-patch Privacy 4.9.6 normal normal Future Release enhancement assigned 2018-09-22T07:15:38Z 2019-04-01T16:19:41Z "This ticket branches from #44669 with this comment from @norcross; https://core.trac.wordpress.org/ticket/44669?replyto=4#comment:4 The notice reference can be found here; https://github.com/WordPress/WordPress/blob/f7ba175491b725a5f3d636072c8b432774d38ae3/wp-admin/includes/misc.php#L1613-L1629 With this notice the `is-dismissable` class could be added; https://codex.wordpress.org/Plugin_API/Action_Reference/admin_notices If a new Privacy Policy page is created this notice should re-appear until dismissed." garrett-eclipse 10 44991 wp-login.php postpass no redirect dev-feedback Posts, Post Types 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-25T14:52:12Z 2018-09-26T17:47:34Z "I'm running wordpress 4.9.8 on an Archlinux host. Whenever I try to password protect a post, the redirection after entering the correct password fails. Going back to the post using the browser history works, and the post is unlocked, but only a blank page is visible to the user after entering the password. I suspect {{{ wp_get_referer(); }}} to be the root of the problem. I've added some debug output to the code: {{{ $referer = wp_get_referer(); if ( $referer ) { $secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) ); print ""True""; } else { $secure = false; print ""False""; } }}} and it prints ""False"" on that formerly blank white page after entering the password. Also adding {{{ print $referer; print $_SERVER['HTTP_REFERER']; }}} to the code prints nothing. I've tested different up-to-date browsers: Firefox, Chromium on Linux, Firefox, Opera on Windows 8.1, Firefox Klar, Safari on iOS, to no avail. Only Internet Explorer on Windows 8.1 works as expected, the redirect occurs immediately. Any ideas what could cause this problem, or how to further debug this?" lukelr 1 44992 Filter for screen option 'Number of items per page' value has-patch Administration normal normal Awaiting Review enhancement new 2018-09-25T15:04:14Z 2019-02-28T16:14:55Z "Under 'Screen Options' we have 'Number of items per page' option to set post per page value. I found that we don't have any filter to change the default max limit of 'Number of items per page'. I think it will be helpful if we have such filter. Scenario which is cover by filter: Suppose the admin of a WooCommerce site who gave access of site to other user to process orders. The user who has access to the site increases the default 'Number of items per page' value, lets say 500. Because of this number of orders fetched, will be more. Suppose the database is huge, this process will take time and the site gives slow response to all users. In this case suppose if the admin wants to change the default max limit to 100 then this filter will be useful. " abhijitrakas 1 44997 Parent page of a page is not kept when saved as draft then published dev-feedback Posts, Post Types 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-26T15:44:14Z 2018-09-27T17:56:40Z "Write a page (page1) Write an other page (page2). Make that page parent of page1. Save it as draft. Then publish it: clic on publish, change the published date, then publish. The parent page of page2 is not page1 anymore" korsani 3 45000 "Eliminating ""Add New"" Button Beside Titles in Admin" dev-feedback Administration 4.9.8 normal normal Awaiting Review enhancement new 2018-09-26T21:20:53Z 2020-01-06T17:45:29Z "This is apart of a bigger project for my staff and I, you can find the context here https://www.theportlandcompany.com/2017/09/10/proposed-improvements-to-the-wordpress-ui/. Our goal is to clean up the UI, especially to reduce scrolling on mobile, with three principles in mind: - Context Visibility - Only show something when it's in context. - Add With Purpose - If something, such as padding or margins, don't serve a purpose, don't add them. - Simplify Number of Actions - If a step can be avoided in a process, avoid it. We propose eliminating the Add New button that appears beside Titles when on various admin pages because: - There is already a button in the admin menu on the left. - The position of the button changes depending on the length of the title, disorienting users. - On mobile, especially, it makes the page look broken as a result of the above mentioned issue. - Feedback from dozens of clients we've trained concur - for some reason - that they are confused by multiple ""Add New"" links/buttons. Maybe this is subjective - we're not confused by it and feel multiple access points is helpful, but only when it's in a sensible and easy to accessible place. We think maybe because ""Add New"" is appearing next to the page title they don't understand it's creating a new Post, but rather something related to whatever they titled that page." s3w47m88 4 45001 Relocate Admin Alerts to a new Alert Icon dev-feedback Administration normal normal Awaiting Review defect (bug) new 2018-09-26T21:41:46Z 2020-01-06T17:47:39Z "This is apart of a bigger project for my staff and I, you can find the context here https://www.theportlandcompany.com/2017/09/10/proposed-improvements-to-the-wordpress-ui/. Our goal is to clean up the UI with two principles in mind: - Context Visibility - Only show something when it's in context. - Add With Purpose - If something, such as padding or margins, don't serve a purpose, don't add them. - Simplify Number of Actions - If a step can be avoided in a process, avoid it. This ticket is about Alerts. Like updating WordPress, appear in the main body of the admin pages. We believe this is a disruptive experience and has many bugs associated with it: - Some notifications, such as the WordPress Core Update notification, cannot be dismissed. Sometimes authors intend this, other times it's not intentional, but it's always a nuisance because it persists across all pages. - This requires scrolling on *every* page load, if the alert is persistent across pages. On mobile this can make WP virtually unusable for rapid actions. - The dismiss button often is broken. *Many* plugins out there don't use it properly or code their own dismiss button because of a few limitations with the current function. Resulting in alerts never disappearing. - These alerts are disorienting to users who are not developers. Especially when they overrun the page. - If there is a dismiss button, often times the styling of that is inconsistent. Sometimes it's text that says ""Dismiss"". Sometimes it's a circle icon with an x. Other times it's a literal x. Sometimes it's in the top right. Sometimes it's in the bottom right. Etc... This behavior is uncommon throughout the web when you compare to GitHub, Amazon, Google anything, MacOS, etc... We propose: - Introducing an alert icon in the upper right of the admin bar. - When an alert is registered it introduces a badge count. Could be AJAX / jQuery Hearbeat, etc... - When hovered or selected you see the alerts in a menu that shifts the page body from right to left (just like MacOS notification center). - From there each item has a dismiss icon. When clicked it is *permanently* dismissed (another topic, many Plugins don't respect this for various reasons). - The dismiss icon is always a circle x icon right aligned and vertically centered. - Clicking on the alert could take the user to a new page that is contextual to the Plugin that is displaying it where they can read more information or take action. This would result in a cleaner UI, less scrolling - especially on mobile - less distraction that can and does cause confusion for some users, but maintains full functionality. Optionally we could implement growl-like notifications that hang for a moment when a new alert is registered. No dismiss buttons on those, rather they fade out automatically so Plugin authors don't use them to cause the same problem somewhere new. We'd be happy to do some design mockups and code a feature as Plugin if the leadership is interested in accepting this." s3w47m88 3 45006 On Bulk Actions either suppress until checkboxes selected or provide feedback that the action had no items to act on Administration normal normal Awaiting Review enhancement new 2018-09-27T07:06:42Z 2022-01-22T10:11:06Z "Hello, It seems to be the convention in core to simply have no action response when you attempt to execute the Bulk Actions and have no items selected. In #44081 the 44081.3.2.diff provided a concept for the error; {{{#!php <?php if ( empty( $request_ids ) ) { add_settings_error( 'bulk_action', 'bulk_action', __( 'There were no requests to act on.' ) ); return; } }}} Or it may be a better queue to simply disable the button when no checkboxes are checked. This avoids triggering the action in the first place. Thanks " garrett-eclipse 4 45008 Inconsistent use of 'script_loader_src' and 'style_loader_src' filters when performing concatenation has-patch Script Loader 2.8 normal normal Awaiting Review defect (bug) new 2018-09-27T09:21:24Z 2018-09-27T09:21:24Z "When in admin, scripts and styles from default directories (in other words, from `/wp-includes` and `/wp-admin`) will by default be concatenated. But, there is inconsistency in how `script_loader_src` and `style_loader_src` filters are used in that case. `style_loader_src` is [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class.wp-styles.php?rev=43564#L162 not used] when doing concatenation. It receives only full URL of style and is used only in [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class.wp-styles.php?rev=43564#L329 that case]. `script_loader_src` is used twice. [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class.wp-scripts.php?rev=43583#L332 One case] is the same as for `style_loader_src`: only for final, full URL of script. But in [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class.wp-scripts.php?rev=43583#L279 second case], it is used when doing concatenation. It is not only inconsistent with its first usage or usage of `style_loader_src`, it also doesn't really makes sense. It filters path relative to root, not final URL, and result of that filtering is only used when checking if source is in default directories and nowhere else. I don't see what it can really do. This second case was introduced in [10357] by @azaozz. Before that, filter [https://core.trac.wordpress.org/browser/trunk/wp-includes/class.wp-scripts.php?rev=10356#L73 was used] the same way it is used now for the other case. In that same changeset, concatenation was also added for styles, but counterpart filter [https://core.trac.wordpress.org/changeset/10357#file7 was not added]. I propose that we remove second case of `script_loader_src`, used when doing script concatenation." dimadin 45013 Wrong links when installing in subdirectory = has-patch Administration 4.9.8 normal normal Awaiting Review defect (bug) new 2018-09-29T20:32:21Z 2018-10-10T16:23:16Z "I just found that WordPress is giving me wrong links after I installed my WordPress installation into subdirectory ""="" (../=/wp-admin) When I select Plugins option from left menu, it displays the Plugins, but the links from left menu lose the ""="" . Also the structure of the link in address bar changes. [[Image(https://i.imgur.com/k7toQ5N.jpg)]] I don't know if it posses any risks, but it's still a bug. I can give access for a developer to see the website. Thank you" BogdanStorm 2 45021 Media: Gallery modal has wrong focus and image detail joedolson* Media 6.1.1 normal normal Future Release defect (bug) accepted 2018-10-02T01:06:04Z 2024-02-05T20:21:21Z "When you first click on Add Media from the post editor, the existing images are shown, and nothing has specific ""focus"" (blue outline). Clicking on Create Gallery first, the Search box is focused. Clicking on images first, and then Create Gallery, the last image selected is focused. Once images are selected, clicking on the Create New Gallery button, the Cancel Gallery link is focused. On the Edit Gallery page, before clicking on an image, the sidebar shows Gallery Settings for link, columns, size. Once an image is selected, there is no way to unselect it, and although the Gallery settings remain the same, it is unclear whether this applies to the image selected or the entire gallery. Regardless, the image details are shown in the sidebar. However, if you Cancel Gallery and choose different images, when you get back to the Edit Gallery page, it will still be showing the image details for the old image, not any of the newly chosen ones (but none of the images are focused when you get there). So the Cancel didn't actually cancel. If you close the modal without inserting the gallery into the post, and then click on Add Media again, it will show the values from the last attempt. This is unexpected, and unwanted if you had selected a lot of images and wanted to start over. There ''is'' a Clear link, but it is small and at the bottom. The last selected image is focused, but not after you click Create Gallery (the Cancel Gallery link is), so the image detail is the wrong one. If you go ahead and insert the gallery, and click Add Media again, then nothing is remembered from the previous gallery. While in Edit Gallery, if you had selected two images and click on Add to Gallery, you can select more and click Add, they will all be shown, with one image focused and showing the correct image detail. Clicking Cancel Gallery at this point returns to the media list, but with the original two selected and perhaps a different image focused than the previous list. The added ones are forgotten." joyously 31 45023 Improve parent and child category description example dev-feedback Taxonomy normal minor Awaiting Review enhancement new 2018-10-02T15:10:28Z 2018-10-03T17:56:54Z "The descriptive text under the Parent Category section of the Category page describes an example that may not be as easily understood or translatable compared to more universally translated words. Before: parent category ""jazz"" + child categories ""bebop"" and ""big band"". Screenshot: https://cloudup.com/inms-imkM-I After: parent category ""music"" + child categories ""jazz"" and ""rock"". Screenshot: https://cloudup.com/i31WAPdv7Wp This ticket proposes changing the description to the ""after"" example. Please see attachment below." joanrho 4 45035 "allow register_post_type() arg to control whether a CPT's counts are added to the ""At a Glance"" Dashboard widget" has-patch Posts, Post Types normal normal Awaiting Review enhancement new 2018-10-03T15:38:28Z 2019-08-16T19:02:06Z "It would be nice if there an arg to `register_post_type()` that controlled whether the CPT's counts were added to the ""At a Glance"" Dashboard widget, e.g. {{{#!php <?php register_post_type( 'mycpt', array( ..., 'at_a_glance' => true, ... ) ); }}} Ideally, I think it should default to the value of `show_in_menu`, but as current behavior is the equivalent of `false` I'd be OK with that as the default as well. Another ""nice to have"" would be to allow the param to take a string value that would be interpreted as a `post_status` to show the count for, e.g., show counts for custom post_status = `mycustompoststatus` instead of `publish`. I have code that does all of the above, but it would have to be refactored a little bit to submit as a patch (especially to account for the `_builtin` post_types that already appear in AAG). If folks think this would be a good enhancement I'd be glad to work on that refactoring and submit a patch." pbiron 4 45047 user_registered returned as UTC Time instead of Local Time has-patch Date/Time normal normal Future Release defect (bug) new 2018-10-04T13:01:31Z 2020-04-22T15:52:04Z "I apologize if this has been discussed/covered before or I am missing something obvious, but I did a few searches, both through the code base and also bug-tracker/google, and couldn't find anything on this subject. While trying to debug a timezone issue for a client, I noticed that user_registered appears to be set to GMT/UTC time by default, rather than the local time set via settings. I searched the code and found where I think this is set: //wp-includes/user.php {{{#!php <?php $user_registered = empty( $userdata['user_registered'] ) ? gmdate( 'Y-m-d H:i:s' ) : $userdata['user_registered']; }}} I also tested adding a user on a relatively clean site via the default add user option and verified it gets set to UTC, regardless of the local time setting in wordpress. So, when you grab the user via get_userdata(), the $user_data->user_registered field looks like it will always be UTC time, unless presumably the user is created manually(wp_create_user or equivalent) and you set the time during creation. I think setting it in ALL cases to UTC probably makes sense, as you never know when a person is going to change their timezone settings in wordpress, the settings on their server, etc. And, timezones can be a pain to work with in general, so having it be UTC by default makes sense. However, when returning it back to the end-user, it would be useful to have it take into account their local timezone setting in WordPress, at least by maybe adding a $user_data->user_registered_local field to the user object. " kcrnc 2 45052 WP Oembed in multisite fail when the permalink structure is not default SergeyBiryukov dev-feedback Embeds normal normal Future Release defect (bug) reviewing 2018-10-05T05:36:34Z 2019-04-11T17:37:07Z "This is a follow up of #40673 In case blogs are using pretty urls (which should be the most common case), when you try to embed a post from the main site into a sub site, the embedded URL is not interpreted and we keep that simple URL. Thats because the main site is using a reserved blog prefix {{{/blog}}} we need to remove before using {{{get_sites()}}}. I've added a unit test to illustrate the bug." imath 8 45054 "Widget deletion: Add an ""Are you sure you want to delete?"" popup before it gets deleted" dev-feedback Widgets 4.9.8 normal normal Awaiting Review enhancement new 2018-10-05T10:24:33Z 2020-05-25T18:16:56Z "For the widgets the ""Delete"" and ""Done"" buttons are close to each other, and if you accidentally click Delete, there is no obvious option to restore the widget. Not great if you have added lots of html code... I would have liked to see here a ""Are you sure you want to delete this widget?"". " Vibeque 6 45056 Show Active plugins at the top of the plugin list in plugin-editor.php has-patch Plugins normal minor Awaiting Review enhancement new 2018-10-05T18:52:50Z 2020-06-29T17:34:44Z This is something I've thought would be useful for quite a while. codente 17 45058 Proposal for plugin/theme public hashes to prove authenticity of installed code Upgrade/Install normal normal Awaiting Review enhancement new 2018-10-06T16:05:56Z 2018-10-10T16:38:57Z "There have been some discussions recently online about issues surrounding nulled (pro) themes and plugins, as well as unauthorized, possibly modified versions of themes and plugins hosted on WordPress.org, but installed from other sources. I would like to propose adding a plugin/theme hashing mechanism to the deployment system (i.e. when you tag a plugin or theme, part of the package generation process generates the archive hash for display publicly on the associated plugin/theme page of wordpress.org, and also available via the API to the plugin page and auto-updater within WordPress). Ultimately this would let both end-users and WordPress itself potentially understand whether or not a plugin or theme had been modified. Possibly as part of the nightly cron WordPress could check the local plugin/theme hashes against the published ones -if they didn't match, it indicates something has been changed locally. Conceivably Pro plugin authors could implement a similar approach, the goal of course not being to prevent people from taking advantage of the freedoms associated with the GPL, but to help alleviate issues where ZIP files floating around have malicious code in them but the end-user doesn't have the ability to detect that themselves. At the bare minimum providing hashes would allow someone to know if a plugin or theme had been modified after the author(s) officially released them. I have seen various other open source projects now provide hashes of the official downloads online. It might be a good direction for WordPress to go towards in the future as well. I wanted to post this to possibly generate some discussion around it. Cheers. " duanestorey 2 45060 Allow users to leave sites on a multisite network Users normal normal Awaiting Review feature request new 2018-10-06T20:55:38Z 2020-06-02T18:23:41Z "In a multisite network, especially one supporting open registration of user accounts, it should be possible for users to manage the sites of which they are members. At this time: * Global administrators (super admins) can add/remove users on any site. * Site administrators can (pending network config) add/remove users on sites they own. * Global administrators can **not** remove themselves from sites. See #41439. * Site administrators can **not** remove themselves from sites. * Users with other roles are not able to remove themselves from sites. It seems like the My Sites screen could be a good place to provide a UI that allows for self-removal via a ""leave"" or ""unsubscribe"" type action link. This would have to account for any content that user may have created on the site, which we could probably leave as is by default. Props to [http://bionicteaching.com/user-choice-hiding-some-sites-in-my-sites-in-wordpress-multisite/ Tom Woodward's blog post]. :)" jeremyfelt 3 45062 tinyMCE editor breaks captions with HTML dev-feedback Editor 4.9.8 normal normal Awaiting Review defect (bug) new 2018-10-06T23:13:04Z 2019-12-19T14:27:07Z "This looks similar to ticket #18311 If I enter HTML into an image caption (eg. <ul> <span> <div> <table>, and then in tinyMCE I switch from Text to Visual, my caption breaks; sometimes it is reformmatted, sometimes the caption shortcode is removed. Test caption:[[br]] <table>[[br]] <tr><td>Label</td><td>Description</td></tr>[[br]] <tr><td><span>Text</span></td><td>More text</td></tr>[[br]] </table>" iantresman 2 45075 wp_delete_attachment() has unreliable return and wrong process order Media normal normal Future Release defect (bug) new 2018-10-11T04:48:13Z 2019-04-15T22:36:10Z "When doing permanent deletion, this function should also remove the files of the target attachment. However successful return of this function does **not** guarantee this even though it still can delete the attachment object and its relations. Problems when permanent deletion is in process: 1. {{{wp_delete_attachment()}}} must check for {{{wp_delete_attachment_files()}}}'s return and should fail too when {{{wp_delete_attachment_files()}}} fails 2. {{{wp_delete_attachment_files()}}} should be called first - what is the point of deleting object and it's relations when physical data could not be removed... " jave.web 2 45076 Category counter is not updated dev-feedback Taxonomy normal normal Awaiting Review defect (bug) new 2018-10-11T06:08:01Z 2018-12-09T21:13:46Z "When we create new category from admin panel category successfully added in right category panel but it's counter is not updated. Suppose i have create five category like !''Category 1!'', !''Category 1.1!'', !''Category 2!'', !''Category 2.1!'', !''Uncategorized!'' system show counter as 5 items but when i create new category called !''Category 3!'' it will added successfully in category list but total counter still show 5 items it should show 6 items but when i refresh that page it show counter as 6 items. Check video https://youtu.be/rBmziC5_0XQ" mukesh27 2 45078 null is being set on a NOT NULL options_value column in the options table. has-patch Options, Meta APIs normal normal Awaiting Review defect (bug) new 2018-10-11T07:01:48Z 2020-01-05T21:50:59Z "The {{{options}}} table doesn't allow a NULL value in the {{{options_value}}} column. https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/schema.php#L144 But, if an option is unchecked, it is set to null by default here: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/options.php#L275 This throws a {{{Column ‘option_value’ cannot be null}}} error if strict mode({{{STRICT_TRANS_TABLES}}}) is enabled in the database. If strict mode isn't enabled, MySQL converts the null value to a default value, in this case, an empty string, before adding it to the {{{options}}} table. If you are not using strict mode, then whenever you insert an “incorrect” value into a column, such as a NULL into a NOT NULL column or a too-large numeric value into a numeric column, MySQL sets the column to the “best possible value” instead of producing an error https://dev.mysql.com/doc/refman/5.7/en/constraint-invalid-data.html The proposed fix changes the default value from null to an empty string(following MySQL). This will prevent the error being thrown when strict mode is enabled and otherwise won't alter the values inserted into the {{{option_value}}} column." wpshades 3 45083 use `image_default_size` option in WP_Widget_Media_Image instead of hard-coded value has-patch Widgets 4.8 normal normal Future Release enhancement new 2018-10-11T15:44:18Z 2019-01-04T15:36:16Z "default image size in WP_Widget_Media_Image is 'medium'. Should be used `get_option( 'image_default_size', 'medium' )` " Toro_Unit 1 45084 WP_Term_Query multiple 'orderby' support needs-unit-tests Query normal normal Future Release enhancement new 2018-10-11T16:15:36Z 2021-03-03T20:27:19Z "Just like in the regular WP_Query it would be awesome if it supported multiple orderby values (array or space separated). I'm currently busy with a patch but the I would like some feedback and help with creating unit tests. Examples: {{{#!php <?php get_terms( 'orderby' => 'meta_value name', 'order' => 'ASC', ); }}} {{{#!php <?php get_terms( 'orderby' => array( 'meta_value' => 'ASC', 'name' => 'ASC', ), ); }}} " keraweb 5 45085 "different args passed to ""term_name"" and ""term_{$field}"" filters" Taxonomy normal normal Awaiting Review enhancement new 2018-10-11T16:46:32Z 2023-10-17T23:17:14Z "In `/wp-admin/edit-tags.php`, for each row in the `WP_Term_List_Table`, both [[https://developer.wordpress.org/reference/hooks/term_name/|term_name]] and [[https://developer.wordpress.org/reference/hooks/term_field/|term_{$field}]] (with `$field == 'name'`) get applied before the term's name is displayed in the table. As far as I can tell, there is no way to hook into `term_name` without also hooking into `term_{$field}` (when `$field == 'name'`). When `term_name` is applied, the 2nd argument is a `WP_Term` object; when `term_{$field}` (when `$field == 'name'`) is applied, the 2nd argument is an int (`term_id`). Given that both of these filters have been around for **many** years, I don't think it would be a good idea to change either one of them so that their argument lists were the same. However, I think it would be a good idea to add some explanation of this conflict in the DocBlocks of both filters. Of course, I could add comments to both entries in the Code Reference, but I think it would be **much** better if that explanation were in the DocBlocks." pbiron 1 45088 Update package-lock.json for Mac, Linux, and Windows cross-platform compatibility Build/Test Tools normal minor Future Release defect (bug) new 2018-10-12T11:53:43Z 2018-10-29T12:07:42Z "Doing a ""clean"" `npm install` after #45064 on Windows 10 changed the package-lock.json a bit, adding a few `""optional"": true`. " azaozz 8 45092 WP_Query->is_category wrongly calculate current category when WP_Term is passed Taxonomy 4.9.8 normal normal Awaiting Review enhancement new 2018-10-15T12:45:06Z 2018-10-15T12:45:06Z "Let's analyze this piece of code, part of class WP_Query, file wp-includes/class-wp-query.php ... {{{#!php <?php public function is_category( $category = '' ) { if ( !$this->is_category ) return false; if ( empty($category) ) return true; $cat_obj = $this->get_queried_object(); $category = array_map( 'strval', (array) $category ); if ( in_array( (string) $cat_obj->term_id, $category ) ) return true; elseif ( in_array( $cat_obj->name, $category ) ) return true; elseif ( in_array( $cat_obj->slug, $category ) ) return true; return false; } }}} now, trying to pass 2 WP_Term, something really funny happens (i know specifications want the $category variable as a single id or slug or term_name, and not as class, but there was nothing blocking the thing to work, so i tried, and i wanted to report results). $cat_obj value was {{{#!php <?php object(WP_Term)#9010 (16) { [""term_id""]=> int(7) [""name""]=> string(8) ""Consigli"" [""slug""]=> string(8) ""consigli"" [""term_group""]=> int(0) [""term_taxonomy_id""]=> int(7) [""taxonomy""]=> string(8) ""category"" [""description""]=> string(0) """" [""parent""]=> int(0) [""count""]=> int(4) [""filter""]=> string(3) ""raw"" [""cat_ID""]=> int(7) [""category_count""]=> int(4) [""category_description""]=> string(0) """" [""cat_name""]=> string(8) ""Consigli"" [""category_nicename""]=> string(8) ""consigli"" [""category_parent""]=> int(0) } }}} the first WP_Term was {{{#!php <?php object(WP_Term)#9123 (16) { [""term_id""]=> int(7) [""name""]=> string(8) ""Consigli"" [""slug""]=> string(8) ""consigli"" [""term_group""]=> int(0) [""term_taxonomy_id""]=> int(7) [""taxonomy""]=> string(8) ""category"" [""description""]=> string(0) """" [""parent""]=> int(0) [""count""]=> int(4) [""filter""]=> string(3) ""raw"" [""cat_ID""]=> int(7) [""category_count""]=> int(4) [""category_description""]=> string(0) """" [""cat_name""]=> string(8) ""Consigli"" [""category_nicename""]=> string(8) ""consigli"" [""category_parent""]=> int(0) } }}} The second term was instead: {{{#!php <?php object(WP_Term)#9154 (16) { [""term_id""]=> int(5) [""name""]=> string(4) ""News"" [""slug""]=> string(4) ""news"" [""term_group""]=> int(0) [""term_taxonomy_id""]=> int(5) [""taxonomy""]=> string(8) ""category"" [""description""]=> string(0) """" [""parent""]=> int(0) [""count""]=> int(7) [""filter""]=> string(3) ""raw"" [""cat_ID""]=> int(5) [""category_count""]=> int(7) [""category_description""]=> string(0) """" [""cat_name""]=> string(4) ""News"" [""category_nicename""]=> string(4) ""news"" [""category_parent""]=> int(0) } }}} Please be aware that $cat_obj->term_id is 7, first term term_id is 7, and second term category_count is 7. When the WP_Term object passes into this {{{#!php <?php $category = array_map( 'strval', (array) $category ); }}} it becomes an array of value, as it's converted in array, so method {{{#!php <?php if ( in_array( (string) $cat_obj->term_id, $category ) ) return true; }}} will return true for both searched terms. More generally, if {{{$cat_obj->term_id}}} or {{{$cat_obj->name}}} or {{{$cat_obj->slug}}} are in some ways contained in searched WP_Term, this method will always return true. I know you need to respect old styled code, but nowadays we're best working with objects, so i'm wondering if you could do a more pointed and precise logging of these kind of errors. For example, you could hook a logger in each is_something method of class WP_Query, when you can check if we passed an instanceof the correct class (WP_Term for is_tag, is_category, is_tax etc) and warn if we passed a wrong class. Or if you have a better way to solve this, my ears are opened :)" matteowebsolution 45106 Concerns related to moving mce_external_plugins filter to WP_Scripts::__construct Script Loader 5.0 normal normal Awaiting Review defect (bug) new 2018-10-17T13:19:26Z 2019-01-16T22:59:17Z "In r43723 the `mce_external_plugins` filter was moved to a function called via `wp_default_scripts` which, in turn, is called from `WP_Scripts::__construct` (via `WP_Scripts::init`). While the `wp_default_packages_inline_scripts` function calling the `apply_filters( 'mce_external_plugins'` is only triggered in case the `did_action( 'init' )` returns true, there might be cases when the `WP_Scripts` object is being reinitialised after the `init` and thus code hooked to `mce_external_plugins` trying to enqueue or register a script causes an infinite loop, since the constructor of the `WP_Scripts` class is calling the filter, which calls the constructor again. This does not feel like something what would matter in 99% of time, but, for instance, this breaks core unit tests which are reinitialising the WP_Scripts object, eg.: `Test_WP_Customize_Selective_Refresh::test_register_scripts`. in case such a piece of code is being used. An example of a code used in a mu-plugin and breaking the mentioned test: {{{#!php <?php add_filter( 'mce_external_plugins', function( $plugins ) { wp_enqueue_script( 'somescript', plugins_url( 'someplugin/somescript.js' ), array(), false, true ); return $plugins; } }}} I think it should be easy to change the plugin in question, but this used to work perfectly fine up to recent changes to the script loading in r43723 and thus it might be considered being a regression." david.binda 45107 Taxonomies should only be allowed to support one object type needs-unit-tests Taxonomy normal normal Awaiting Review enhancement new 2018-10-17T16:48:28Z 2019-02-12T21:00:32Z "Currently, taxonomies can be registered to any object type (posts, comments, users, etc.). But core does not enforce a one to one limit for object types to taxonomies, which can be problematic. For example, if a taxonomy is registered to both users and posts, there can be unintended consequences. Adding a term to a post with an ID of 3 would also cause a user with an ID of 3 to have that term. Removing that term from the user would also affect the post. Unique IDs are only enforced on a per object type basis, not accross all types. The approach here would be to introduce a `_doing_it_wrong()` notice (and possibly even return a `WP_Error`) when a taxonomy is registered to multiple object types. **Good:** `register_taxonomy( 'custom_tax_name', array( 'post', 'page', 'cpt' ) );` **Bad:** `register_taxonomy( 'custom_tax_name', array( 'post', 'user' ) );` == Why == Adding this to Core would open the door for the following potential features: - `WP_Tax_Query` support could be added to users (see #31383), comments, etc. - Built-in fields for taxonomy could be added to the REST API for users, comments, etc. - UIs could be added for users (also see #31383), comments, etc. == Backward Compatibility == To continue supporting backward compatibility for sites that are registering a taxonomy for multiple object types, `register_taxonomy()` could continue working as is. The only change would be to return a `WP_Error` and a `_doing_it_wrong()` notice. In the future, `register_taxonomy()` could be changed to only register objects with the same type as the first specified object type. Example: `register_taxonomy( 'custom_tax_name', array( 'post', 'user', 'page' ) );` would only register the taxonomy for posts and pages (same object type)." desrosj 2 45126 Expired session post editing continuation bug Editor 4.9.8 normal normal Awaiting Review defect (bug) new 2018-10-18T21:59:36Z 2020-11-12T05:59:06Z "While editing or creating a new post, it's not possible to continue your workflow in the same post when your WordPress session expires and you're asked to log in again. Attempting to save or publish from the existing screen after re-logging in from the pop-up dialogue will produce a ""link expired"" error. You then have to navigate back to the Dashboard and re-open the post you were working on. " ChrisDca 3 45130 Defer jQuery WordPress Admin & Customizer doesn't work properly Administration normal normal Awaiting Review defect (bug) new 2018-10-19T13:35:56Z 2019-07-01T19:21:09Z "If I defer jQuery or put jQuery in the footer. I get Uncaught ReferenceError: jQuery is not defined errors in the WordPress Customizer and the Customizer doesn't work, like for example changing theme logo, adding widgets or other things directly possible in the page. When I remove defer, everything works as expected. Maybe this is because document ready is not used? I have been checking this issue myself. The following files are effected: - wp-includes/js/mediaelement/mediaelement-migrate.min.js - wp-includes/js/wp-a11y.min.js - wp-includes/js/customize-base.min.js - wp-includes/js/customize-preview.min.js - wp-includes/js/mediaelement/wp-mediaelement.min.js - wp-includes/js/wp-util.min.js - wp-includes/js/mediaelement/wp-playlist.min.js - wp-includes/js/customize-selective-refresh.min.js - wp-includes/js/customize-preview-widgets.min.js - wp-includes/js/customize-preview-nav-menus.min.js" remzicavdar 10 45132 Explore better implementation of Autosaves Controller unit tests Build/Test Tools normal normal Future Release enhancement new 2018-10-19T13:55:25Z 2019-02-14T18:07:09Z "In [43768], we had to introduce an edge case where `tests/rest-api/rest-autosaves-controller.php` is run last in the test suite because the definition of `DOING_AUTOSAVE` pollutes the test suite. We can't remove `DOING_AUTOSAVE`, but we could potentially avoid defining it during a test suite run. Or maybe there are other ideas we can explore. ""Done"" for this issue would be a solution where `tests/rest-api/rest-autosaves-controller.php` can be tested as a part of the standard test suite execution order, not last." danielbachhuber 4 45135 Dashboard Menu Conflict on Mobile Devices when menu is active Administration 4.9.8 normal normal Awaiting Review defect (bug) new 2018-10-19T18:20:13Z 2018-10-24T17:40:43Z "Bug on dashboard while scrolling down on the same page when menu is active. **Steps to easily reproduce the issue:** 1) Visit any page on the dashboard 2) Tap the Menu Icon (keep it as active) 3) Scroll down the page which you are already visited from the center of the down of page (not via the admin menu). 4) The menu will seems to be hidden and the admin bar will seems to be broken As for getting the admin menu options again, the user need to refresh the page." josevarghese 45138 mixed line endings: wp-config-sample.php uses CRLF (windows) line endings close Upgrade/Install normal trivial Awaiting Review defect (bug) new 2018-10-20T14:05:48Z 2022-07-12T13:26:35Z " Not sure if this is on purpose? Looks like it has always been that way. {{{ # curl -s -N ""https://core.trac.wordpress.org/browser/trunk/src/wp-login.php?format=txt"" | head -n1 | hexdump -c 0000000 < ? p h p \n 0000006 }}} {{{ # curl -s -N ""https://core.trac.wordpress.org/browser/trunk/wp-config-sample.php?format=txt"" | head -n1 | hexdump -c 0000000 < ? p h p \r \n 0000007 }}}" mattpr 5 45140 REST API: Increase upper bound allowed on per_page argument needs-unit-tests REST API normal normal Future Release enhancement new 2018-10-21T17:16:19Z 2018-10-31T11:38:29Z "In contexts where a REST API client needs to fetch ''all'' entries for a resource, it would be more practical to fetch entries in sets of 200, 300, or 400, instead of sets of 100. Fetching entries in sets of 100 can cause excessive memory usage because WordPress is loaded over and over again. Increasing the limit will provide a better balance between memory consumption in a single request vs. total memory consumption across all requests. The original `per_page=100` limit was [https://github.com/WP-API/WP-API/issues/1609#issuecomment-177169125 somewhat arbitrary]; if I recall correctly, we picked `100` as a nice round number that was reasonably certain not to cause performance issues. Before we pick `per_page=200` vs. `per_page=300` vs. `per_page=400`, we should: 1. Profile memory consumption of each. 2. Identify what amount of memory we can reasonably expect on shared hosting these days. After we've done this, we can pick the best available option. Notably, we can't go above `500` as we'll hit `split_the_query` which has negative performance implications. Previously https://github.com/WordPress/gutenberg/issues/6694" danielbachhuber 4 45143 "If the ""recover password"" form submit button is double-clicked two emails will be sent" dev-feedback Login and Registration normal minor Awaiting Review enhancement new 2018-10-22T08:44:48Z 2019-03-18T12:11:56Z "Some users tend to double-click all buttons and links. On the password recovery form (/wp-login.php?action=lostpassword) when the submit button is double-clicked, two emails will be sent. At this point the user is confused about which link to use to recover the password and fails finishing the recovery. It would be good for the submit button to have a time limit or some other means to prevent a double-click from happening." Tiia Rantanen 2 45149 Configure NPM to save exact versions Build/Test Tools normal normal Future Release defect (bug) new 2018-10-23T06:59:33Z 2019-01-18T05:27:27Z "In #43055 and [https://github.com/WordPress/gutenberg/pull/2512 #GB2512] an `.npmrc` file was added to `/trunk` to Gutenberg to save npm package versions as exact versions in the `package.json` file. This should also be performed for the 5.0 branch, this will ensure everyone is using the same p[ackage versions > Exact versions are ensured by configuring a project-level `.npmrc` with `save-exact = true`. > > Using exact versions helps avoid avoid and reduce debugging cost of bugs by guaranteeing that two installations of ~~Gutenberg~~ WordPress are running the same dependency versions. It is typically recommendable for applications, whereas a library may want to allow some flexibility in the dependencies it supports (assuming trust in SemVer). Note: ''Due to the complexity of the commits in #43055 I'm creating this ticket instead of reopening that ticket''" netweb 3 45154 Convert Privacy Policy content to indexed array and filter array to allow easy unsetting. Privacy 5.0 normal normal Future Release enhancement new 2018-10-23T21:57:17Z 2019-03-27T20:04:40Z "Following a discussion from #45151 it would be nice to investigate the privacy policy content to see if it can be converted to an indexed array for easier manipulation through a new filter run prior to the foreach so that plugins/devs can add content or adjust the array without having to worry about the block editor markup. Comment - https://core.trac.wordpress.org/ticket/45151?replyto=8#comment:8" garrett-eclipse 3 45164 Added URL to error blocked requests SergeyBiryukov has-patch HTTP API 5.1 normal normal Future Release enhancement reviewing 2018-10-24T14:21:35Z 2023-12-06T16:12:24Z "Hello, i have set in wp-config.php: {{{#!php define( 'WP_HTTP_BLOCK_EXTERNAL', true ); define( 'WP_ACCESSIBLE_HOSTS', 'api.wordpress.org,downloads.wordpress.org' ); }}} When i installed plugin which need make request, i have error: ""User has blocked requests through HTTP."". If i want to add this host to whitelist, i dont know which host i should add, so i change error communicate to print URL. " wiuempe 2 45166 Prevent deleting default term for any kind of taxonomy has-patch Taxonomy normal normal Awaiting Review enhancement new 2018-10-24T16:03:18Z 2019-01-16T06:50:09Z "Right now `wp_delete_term` doesn't have any check point to prevent deleting default term for a taxonomy except `category`. For example, WooCommerce introduced `default_product_cat` from v3.3.0. Though, it is not possible to delete this default product category from admin panel, but one can delete this term programmatically or with REST API. There is no hook to prevent this. We have to manually check every time before deleting a term. So, I propose a change in `wp_delete_term` function to prevent deleting default term for any kind of taxonomy if we have an option `default_{$taxonomy}` set in options table." ediamin 1 45168 Additional CSS complains of markup inside CSS comments Customize 4.7 normal normal Future Release defect (bug) new 2018-10-24T20:17:17Z 2021-05-30T19:36:39Z "When adding CSS to a site via Appearance > Customize > Additional CSS, the syntax validator will complain if it finds markup regardless of it being inside a /* */ comment. Steps to replicate: 1. Go to Admin > Appearance > Customize > Additional CSS 1. Add a comment with some markup in it `/* this is <a> markup test */` 3. Hit Publish 1. See attached error message - but note that no indicator as to what line contains the markup appears. The only workaround is to remove the markup from the comment. Ideally the syntax validator should not care about anything in CSS comment blocks." useStrict 2 45177 admin bar View page button is missing in mobile view has-patch Toolbar normal normal Awaiting Review enhancement new 2018-10-25T06:34:29Z 2021-07-24T16:12:37Z "In a post, we can see the view post button in the admin bar. but that button is hidden in the mobile view https://discourse.pressbooks.org/t/is-not-view-chapter-missing-in-mobile-view/746" colomet 3 45186 Admin notice jumps from above the H1 to below it when created. Administration 2.7 normal normal Awaiting Review defect (bug) new 2018-10-25T13:39:59Z 2022-07-24T00:11:42Z "Admin notices first appear above the H1 of a page, and then jump to just below it one second later. It is easy to reproduce by going to Settings->General-> Click ""Save changes"". You will see the ""Settings Saved"" notice jump from above the H1 to below it. You can see it in the gif below: [[Image(https://www.dropbox.com/s/438bwkztew9349s/admin_notice.gif?dl=0)]] This also happens for custom notices, for example any class=""notice notice-warning"" will also jump. " dschalk 10 45197 Introduce `user_can_for_blog()` johnbillion needs-unit-tests Role/Capability normal normal 6.6 enhancement reviewing 2018-10-26T11:05:51Z 2024-03-07T16:46:56Z "The available user capability checking functions include: * `current_user_can()` * `user_can()` * `current_user_can_for_blog()` What's missing is `user_can_for_blog()` so that both a user ID and a site ID can be passed in order to check a given user's capabilities on a given site." johnbillion 2 45212 mediaelement.js WordPress .mp4 videos not playing/working on certain browsers/devices Media normal normal Awaiting Review defect (bug) reopened 2018-10-28T04:46:14Z 2020-04-10T18:11:46Z "Instead of the normal embedded Media Element video player working properly, on Safari Desktop and Safari/Chrome/Firefox on iPhone, the video player does not work. It's black and provides the actual video download beginning with mejs.download-file: https://cdn.elitesportsny.com etc. ... Please help. Thanks. " robsabo10 2 45218 On Custom Widget Page: Title and Content missing when Text Widget is added to Widget area reporter-feedback Widgets 4.9.8 normal normal Awaiting Review defect (bug) new 2018-10-29T05:13:05Z 2019-01-04T15:54:16Z "Situation: I have a theme that has multiple dynamic layouts ( 'front-page', 'single', 'archive' ). These layouts are widgetized as below. front-page -> widget area 1, widget area 2 single -> widget area 3 archive -> widget area 4, widget area 5 The layouts have different page slug and depending upon the page slug, only the related widget areas are shown so that it will be easier for users to customize layouts. The layouts simply uses the wordpress 'includes/widgets.php' and customizes the layouts for better user experience. Now, the problem is when I try to add text-widget to these areas, text-widget is added but I cannot see the title and content field. If I access the widgets from '/widgets.php' then everything works, but its of no use to me as I want nice widgetized custom layout pages. I thought this might be my theme issue but i copied '/admin/widgets.php' to '/admin/widgets-test.php' and accessed the page but the same issue occurred. This issue is appearing on wordpress >= 4.8 where visual editor is added to text-widget. I looked at the core and found out that on versions >= 4.8, text-widgets.js is required but this hook: do_action( ""admin_print_scripts-{$hook_suffix}"" ); which is responsible for enqueuing the script, is only enqueuing the script for page ($hook_suffix) 'widgets.php' only. I manually enqueued the text-widgets.js script but got js error. Also, this issue appears on other widgets like video, image etc. Steps to replicate the issue: -> just copy 'admin/widgets.php' to 'admin/widgets-test.php' or any other page-slug and access it directly. Then try to add text-widget." limvus 1 45252 Reconsider the `context` argument in REST API calls REST API normal normal Awaiting Review enhancement new 2018-11-01T12:20:51Z 2019-11-21T16:50:32Z "When creating an abstraction on top of the REST API, the line is often blurry between `edit` context and `view` context. This issue is made visible in https://github.com/WordPress/gutenberg/issues/11335 The data module of Gutenberg is an abstraction layer allowing the consumer (logged-in users) to fetch WordPress data organized in entities (posts, taxonomies, ...). Each entity in the abstraction layer has a well-defined ""format"". At the moment, this format is defined by the returned value of the REST API in the `edit` context. This makes it impossible for users that don't have access to the `edit` context to use the data layer because conceptually the data layer is not a layer on top of the REST API, it uses the REST API as just an implementation detail, it's a layer to retrieve WordPress data. So while I think we should rethink if we need the `context` argument entirely, I propose to do this iteratively and not change everything at the moment. Can we consider this? - Instead of returning 403 when users don't have access to the `edit` context, consider returning 200 but limiting the returned fields to the fields the current user has access to. An argument for context could be to limit the size of the response or the time spent to compute all the fields, for me this is redundant with `_fields` and we shouldn't mix both use-cases: Security and Performance." youknowriad 2 45273 get_postmeta: Inconsistent behavior of the 'single'-argument dev-feedback Options, Meta APIs normal normal Awaiting Review defect (bug) new 2018-11-03T19:29:48Z 2019-01-16T22:58:54Z "The phpdoc of the ''get_postmeta''-function in meta.php mentions that the ''single''-argument has no effect if ''meta_key'' is not specified. This is not true when the ''get_{$meta_type}_metadata''-filter is used. If this filter returns an array and ''single'' is true only the first item of the array is returned. This not the expected behavior when ''meta_key'' is empty. In my opinion this part: {{{#!php $check = apply_filters( ""get_{$meta_type}_metadata"", null, $object_id, $meta_key, $single ); if ( null !== $check ) { if ( $single && is_array( $check ) ) { return $check[0]; } else { return $check; } } }}} should be replace by: {{{#!php $check = apply_filters( ""get_{$meta_type}_metadata"", null, $object_id, $meta_key, $single ); if ( null !== $check ) { if ( $meta_key && $single && is_array( $check ) ) { return $check[0]; } else { return $check; } } }}} (Notice how I added {{{$meta_key && }}}) NOTE: This is a breaking change in the rare occasion that ''get_{$meta_type}_metadata''-filter is used in combination with an empty ''meta_key'' and ''single'' == true. If a fix is not desired; phpdoc must be changed to document this inconsistent behavior. " josk79 45293 Bundled themes: Add editor styles for form elements Bundled Theme normal normal Future Release enhancement new 2018-11-06T01:19:18Z 2020-02-24T20:51:06Z "Please add editor styles for basic form elements, e.g.: * input[type=text] * input[type=submit] * etc I am developing a block that generates a custom search form for a CPT. On the front-end, the block is styled by whatever the current theme uses for such elements. It would be great if Twenty Seventeen had editor styles for those elements so that it looked the same in the editor. I have opened this [[https://github.com/WordPress/twentynineteen/issues/480|same issue on GitHub for Twenty Nineteen]]. Doing this for all Twenty XXX themes would be great, but Twenty Seventeen & Nineteen are the only really important ones for me." pbiron 1 45296 Serious side-effects when login in another tab after session expiration in first tab Users normal normal Awaiting Review defect (bug) new 2018-11-06T08:31:26Z 2018-11-06T22:24:04Z "= A. STEPS TO REPRODUCE: 1. Start editing a new blog post. 2. Open a preview of it in some other browser tab. 3. Leave it open and hibernate computer for several hours (or otherwise expire the session without refreshing / closing the editor). 4. Add a new comment to that blog that requires moderation or otherwise cause owner to receive e-mail with a link to a blog. 5. Click on received link. New browser tab or window will open. Session is expired so login screen appears (correct!). 6. Login to WordPress. 7. Go back to the other / left open / hibernated browser tabs and try to do anything. In that ""old"" / other tab you're logged-off / you have session expired (even though you have just logged in again), but WordPress isn't able to handle this situation gracefully. = B. SIDE-EFFECTS == B1. UNABLE TO ADD AN IMAGE 1. An attempt to add an image causes image browser to display ""loading knob"" infinitely. == B2. UNABLE TO SAVE THE DRAFT 1. An attempt to save the draft actually DESTROYS the draft in the database. 2. Clicking this button causes WordPress to display login screen (even though you're already logged in; see below). 3. From this moment on your draft preview (the other ""old"" tab) will be constantly showing ""Page not found"". 4. After publishing and unpublishing the page it gets even worse -- only ""Page not found"" page title appears in tab and tab is constantly being refreshed endlessly by the browser. == B3. UNABLE TO LOGIN 1. An attempt to refresh the page displays login screen (even though you're already logged in). 2. Logging in is impossible. After login WordPress displays login page again and says that browser has cookies disabled (not true). 3. To solve this problem one must restart entire browser (cleaning session cookies?) and login again. = C. Conclusions Restarting browser solves the B3 and B1 problems only. B2 problem partially remains. Wordpress is able to save the draft, but still doing this incorrectly and later isn't able to show preview of the post, claiming that page is not found or reloading page forever. To solve last part of B2 problem one must restart browser, re-login and save the draft several times." trejder 1 45313 Multisite site deletion email contains misleading language about user account dev-feedback Administration normal normal Awaiting Review enhancement new 2018-11-08T15:35:10Z 2018-11-08T15:35:10Z "In Multisite, you can initiate the deletion of a site via wp-admin/ms-delete-site.php. This triggers an email https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-admin/ms-delete-site.php?marks=58#L43 that contains the line: > (But remember your current site and username are gone forever.) But the delete link does not, in fact, delete users or usernames. See https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-admin/ms-delete-site.php?marks=20#L18 This language dates from the MU merge in 3.0. See [12603]. I imagine it was linked to the original conception of WPMU that each user account would correspond to a specific site on the network, a legacy concept that plagues us elsewhere. See #17904, especially https://core.trac.wordpress.org/ticket/17904#comment:14 and subsequent comments. This entire block of text could probably reuse a rethink, since the intended use of Multisite has changed considerably since 2010. I'd suggest changing the email text to something like (using `wpmu_welcome_notification()` as a template): {{{ $content = __( ""Howdy ###USERNAME###, You recently clicked the 'Delete Site' link on your site and filled in a form on that page. If you really want to delete your site, click the link below. Please note that the URL ###SITE_URL### will be unavailable for further use, even after the site is deleted. You will not be asked to confirm again, so only click this link if you are absolutely certain that you'd like to delete your site: ###URL_DELETE### -- The Team @ ###SITE_NAME###"" ); }}}" boonebgorges 45331 'rest_url_prefix' filter fails to impact flush_rewrite_rules() on plugin activation reporter-feedback Permalinks 4.9.8 normal major Awaiting Review defect (bug) new 2018-11-12T14:39:16Z 2020-10-25T04:25:29Z "'rest_url_prefix' filter fails to impact flush_rewrite_rules() on plugin activation ========================================================================= So here is the bug - 'flush_rewrite_rules' is called on plugin activation after 'rest_url_prefix' filter added with new API ENDPOINT, but if I go to '<MY-DOMAIN>/<NEW-ENDPOINT>/' it gives me 404 error. And if I access '<MY-DOMAIN>/wp-json/' on Firefox Developer Edition in 'Header' section I see:\\ `Link <http://<MY-DOMAIN>/<NEW-ENDPOINT>/>; rel=""https://api.w.org/""`\\ So the header is correct here. And it will fix the issue if I go to WP Settings -> Permalinks -> Save.\\ But that is a bug. As you won't have to instruct that to your plugin user, after his activation he will see that API is not working.\\ \\ Install Controller class - 'flush_rewrite_rules' is called on plugin activation after 'rest_url_prefix' filter added with new API ENDPOINT: {{{#!php <?php namespace GreatestEverManager\Controllers\Admin; final class InstallController { <...> public function setCustomWP_RestAPI_Prefix() { // NOTE: Do not forget to do the same on install with flush_rewrite_rules(); after it. add_filter('rest_url_prefix', function() { return ConfigurationInterface::WP_REST_API_PREFIX; }, 10, 1); // NOTE: As there is no custom post types or custom taxonomies registration later, we perform rewrite rules flush right now flush_rewrite_rules(); } <...> } }}} \\ Main Controller class: {{{#!php <?php namespace GreatestEverManager\Controllers; use SoftwareLicenseManager\Models\Configuration\ConfigurationInterface; <...> final class MainController { <...> public function __construct(ConfigurationInterface $paramConfWithoutRouting) { <...> if(!is_null($this->confWithoutRouting)) { register_activation_hook($this->confWithoutRouting->getPluginPathWithFilename(), array(&$this, 'networkOrSingleActivate')); register_deactivation_hook($this->confWithoutRouting->getPluginPathWithFilename(), array(&$this, 'networkDeactivate')); <...> } } /** * Activate (enable+install or enable only) plugin for across the whole network * @note - 'get_sites' function requires WordPress 4.6 or newer! */ public function networkOrSingleActivate() { if(is_multisite()) { // A workaround until WP will get fixed // SHOULD be 'networkActivate' but WordPress does not yet support that feature, // so this means as long as the 'MULTISITE' constant is defined in wp-config, we use that method $this->multisiteActivate(); } else { // A workaround until WP will get fixed $this->activate(); } } public function activate() { try { <...> // Install plugin for single site $objInstaller = new \GreatestEverManager\Controllers\Admin\InstallController($conf, $lang, $conf->getBlogId()); // Install <...> $objInstaller->setCustomWP_RestAPI_Prefix(); <...> } catch (\Exception $e) { if(StaticValidator::inWPDebug()) { // In WP activation we can kill the install only via 'trigger_error' with 'E_USER_ERROR' param $error = sprintf(static::LANG_ERROR_IN_METHOD_TEXT, __FUNCTION__, $e->getMessage()); trigger_error($error, E_USER_ERROR); } } } public function run() { if($this->canProcess) { <...> add_filter('rest_url_prefix', function() { return ConfigurationInterface::WP_REST_API_PREFIX; }, 10, 1); add_action('rest_api_init', array(&$this, 'frontEndAPI_Callback'), 0); <...> } } <...> } }}} \\ Plugin main file (wp-content/plugins/GreatestEverManager/GreatestEverManager.php): {{{#!php <?php /** * Plugin Name: Greatest Ever Manager * <...> */ namespace GreatestEverManager; require_once 'Models/Configuration/ConfigurationInterface.php'; require_once 'Models/Configuration/Configuration.php'; require_once 'Controllers/MainController.php'; <...> use GreatestEverManager\Models\Configuration\Configuration; use GreatestEverManager\Controllers\MainController; if(!class_exists('GreatestEverManager\GreatestEverManager')) { final class GreatestEverManager { // Configuration const REQUIRED_PHP_VERSION = '5.4.0'; const REQUIRED_WP_VERSION = 4.6; const OLDEST_COMPATIBLE_PLUGIN_VERSION = 6.0; const PLUGIN_VERSION = 6.0; // Settings private static $params = array( 'plugin_id' => 0, 'plugin_prefix' => 'greatest_ever_manager_', 'plugin_api_namespace' => 'gem/v1', 'plugin_handle_prefix' => 'greatest-ever-manager-', <...> ); private static $objConfiguration = NULL; private static $objMainController = NULL; <...> /** * @return Configuration */ public static function getConfiguration() { if(is_null(static::$objConfiguration) || !(static::$objConfiguration instanceof Configuration)) { // Create an instance of plugin configuration model static::$objConfiguration = new Configuration( $GLOBALS['wpdb'], get_current_blog_id(), static::REQUIRED_PHP_VERSION, phpversion(), static::REQUIRED_WP_VERSION, $GLOBALS['wp_version'], static::OLDEST_COMPATIBLE_PLUGIN_VERSION, static::PLUGIN_VERSION, __FILE__, static::$params ); } return static::$objConfiguration; } /** * Creates new or returns existing instance of plugin main controller * @return MainController */ public static function getMainController() { if(is_null(static::$objMainController) || !(static::$objMainController instanceof MainController)) { // NOTE: This is not passing by reference! static::$objMainController = new MainController(static::getConfiguration()); } return static::$objMainController; } <...> } <...> // Run the plugin GreatestEverManager::getMainController()->run(); } }}} \\ The coding pattern is S.O.L.I.D. MVC, Version 6, based on PSR-4 Autoloaders and PSR-2 Coding Standards. To deeply inspect load process (without the REST_API part), you can inspect 'Expadandable FAQ' - SolidMVC boiler-plate plugin: [https://wordpress.org/plugins/expandable-faq/]" KestutisIT 2 45341 WSOD when editing a page with define( 'SAVEQUERIES', true ); set in wp-config.php has-patch Editor 5.0 normal normal Awaiting Review defect (bug) new 2018-11-14T06:43:28Z 2020-11-16T06:43:02Z "WSOD when editing a page (Issue introduced between v5Beta3 and v5Beta4) {{{ [1542177584 ] PHP 7. trigger_error() /var/www/wordpress/wp-includes/functions.php:4112 [1542177584 ] PHP 6. _deprecated_hook() /var/www/wordpress/wp-includes/plugin.php:629 [1542177584 ] PHP 5. do_action_deprecated() /var/www/wordpress/wp-admin/includes/post.php:2210 [1542177584 ] PHP 4. the_block_editor_meta_box_post_form_hidden_fields() /var/www/wordpress/wp-admin/includes/post.php:2066 [1542177584 ] PHP 3. the_block_editor_meta_boxes() /var/www/wordpress/wp-admin/edit-form-blocks.php:394 [1542177584 ] PHP 2. include() /var/www/wordpress/wp-admin/post.php:160 [1542177584 ] PHP 1. {main}() /var/www/wordpress/wp-admin/post.php:0 [1542177584 ] PHP Stack trace: [1542177584 ] PHP Notice: edit_form_advanced is <strong>deprecated</strong> since version 5.0.0! Use block_editor_meta_box_hidden_fields instead. This action is still supported in the classic editor, but is deprecated in the block editor. in /var/www/wordpress/wp-includes/functions.php on line 4112 [1542177584 ] PHP Notice: edit_form_after_title is <strong>deprecated</strong> since version 5.0.0! Use block_editor_meta_box_hidden_fields instead. This action is still supported in the classic editor, but is deprecated in the block editor. in /var/www/wordpress/wp-includes/functions.php on line 4112 }}}" timhibberd 25 45343 $query->post is null when WP_Query `fields` parameter is present dev-feedback Query normal normal Awaiting Review defect (bug) new 2018-11-14T08:07:12Z 2018-11-14T10:23:21Z "Normally, WP_Query returns an object where `$query->posts` contains an array of posts and `$query->post` contains the first post. But if the `fields` parameter is present then `$query->post` returns `null`. Is it a bug or an expected behaviour? If it's expected then it should be documented because it's confusing and unintuitive. **Example:** {{{#!php <?php // Works as expected $query = new \WP_Query([ 'post_type' => 'my-post-type', ]); if ($query->have_posts()) { $firstPost = $query->post; // returns the same as $query->$posts[0] } // Weird behaviour $query = new \WP_Query([ 'post_type' => 'my-post-type', 'fields' => 'ids', ]); if ($query->have_posts()) { $firstPost = $query->post; // returns null } " wujek_bogdan 1 45344 Add Two New Theme Tags on Theme Directory Themes normal normal Future Release task (blessed) reopened 2018-11-14T09:15:49Z 2024-02-02T04:07:07Z "As per the [https://wordpress.slack.com/archives/C02RP4Y3K/p1542132120930800 discussion] of theme review team, we want to add two tags `align-wide` and `block-styles`. * `align-wide` - Support for Wide Align * `block-styles` - Has styles for the block editor Also, we need this tags on the theme filter. " kafleg 5 45353 Homepage title none static homepage when static blog page is set Options, Meta APIs 4.9.8 normal normal Awaiting Review defect (bug) new 2018-11-14T16:28:58Z 2020-12-22T18:56:19Z "Hi I have issue with the title of teh page in the browser tab. When i use a seo plugin and i have a static blog page set and a non static homepage the none static home page show the static blog page title in the browser tab. I have tested this with wp 20-17 and various other themes and they all have the same issue. I tried AIOSEO and YOAST SEO and even if i enter the title for the nin static homepage i get the title for the static blog page. I reported to both plugin builders and they sais i had to be at wordpress core team. You can read all details here. https://github.com/Yoast/wordpress-seo/issues/11548 1) static blog page none static home page. When Index.php is called is_home = true is_front_page=false 2) static home page none static blog page. When front_page.php is called is_home = false is_front_page=true 3) none static home page and none static blog page (set it to ""your latest posts""). When Index.php is called is_home = true is_front_page=true; Exactly as it should be, But only in case 1) the browser tab has the wrong title ! Please advice how to resolve this issue as the none static home page is not equal to the static homepage and can have different content then the static blog page. It all depends on the theme used if the theme is also pulling the default page content and or has a setting for adding content into the non static home page. One can easily detect the homepage id.... for the none static homepage it is 0 https://github.com/Yoast/wordpress-seo/issues/11548#issuecomment-438643740 is_home() should only be true in case 3) and not in case a static blog page is used and a none static home page. I would like to get this resolved. Please advice. Thanks" BackuPs 2 45354 Adding index for meta_key and post_id in postmeta dev-feedback Database normal normal Awaiting Review enhancement new 2018-11-14T21:43:31Z 2023-12-19T22:49:54Z "We should add an index on post_id and meta_key as queries that contain these columns are incredibly common (even in loop in core on every page load basically). An index will improve query speed up to 100% even when only 1000 posts are in db. Test it yourself: {{{ ALTER TABLE `wp_postmeta` ADD INDEX `wp_postmeta_key_id` (`meta_key`,`post_id`); }}} " DuckDagobert 11 45356 adding a featured image takes forever now, what's going on with that. reporter-feedback Post Thumbnails 5.0 normal minor Future Release defect (bug) assigned 2018-11-15T01:48:06Z 2018-12-16T23:33:11Z "If I try to quickly add a featured image, and click publish the featured image won't save. I have to wait until the thumbnail appears indicating that it's actually saved the featured image. The only problem with this is that it takes likes 5 seconds, whereas it used to be near instantly. This could be improved, I may take a look into it myself and see if I can figure anything out to improve the performance there. I experienced this issue on Ubuntu 16.04 LTS on Google Chrome" coffeywebdev 1 45359 Add checkbox to enable or disable sending out emails on password changes from backend dev-feedback Users 4.9.8 normal normal Awaiting Review enhancement new 2018-11-15T16:54:29Z 2023-01-21T13:14:12Z "Could we please add a checkbox on the user backend, that will toggle the sending of emails when something is changed in the backend, eg. and most important, the password? It is a huge mistake trigger when developing sites or debugging staging/live sites with users or customers. A little checkbox below the password field to stop WP from sending out a notification would be so great!" atz 7 45363 Allow Thumbnail generation for other filetypes such as ODT has-patch Media normal normal Awaiting Review enhancement new 2018-11-16T10:14:33Z 2019-01-17T23:27:09Z "#31050 introduced the possibility to add previews to PDF files. This is great, but why stop there? There are many files that really are a ZIP file including a preview thumbnail (e.g. ODT files), or that allow easy generation of a thumbnail. In a first step, WordPress should enable plugin devs the possibility to add those thumbnail generators over the same path as PDF does (Image Editors). Later, it would be possible to add common filetypes such as ODT to core." benjaminpick 1 45366 Optimize wp_get_post_revisions() call in wp_list_post_revisions() has-patch Revisions 4.9.8 normal normal Awaiting Review defect (bug) new 2018-11-16T18:40:35Z 2018-11-17T20:15:51Z Currently, `wp_list_post_revisions()` calls `wp_get_post_revisions()` with the current post's ID as the only argument. This fetches full post objects for each revision. When the current post is very large and has an extensive revision history, this can cause out-of-memory issues (this has been observed when loading a post with ~43,000 words and 158 revisions). While limiting the number of revisions can address this issue, as far as I can tell there is no reason to load full post objects for all revisions, as all of the subsequently called functions in `wp_list_post_revisions()` only require a revision ID. Calling `wp_get_post_revisions( $post->ID, array( 'fields' => 'ids' ) )` significantly improves the performance of this function under such circumstances. greatislander 3 45370 Filter Issue blocks.registerBlockType Editor 5.0 normal normal Future Release defect (bug) new 2018-11-18T12:48:48Z 2019-01-12T12:36:59Z "My developer tells me there are changes regarding this filter within the latest Gutenberg release not yet added to WP5 beta blocks.registerBlockType We are using this for block visibility controls for 3rd party blocks." davedunn 3 45374 apply_filters_ref_array() no longer passes arguments by reference needs-unit-tests Plugins 4.7 normal normal Awaiting Review defect (bug) new 2018-11-19T10:58:35Z 2019-01-25T13:54:36Z "It appears that since the introduction of the `WP_Hook` class in WordPress 4.7 (#17817), `apply_filters_ref_array()` no longer passes its arguments by reference. Example: {{{ add_filter( 'posts_clauses', function( $clauses, &$query ) { return $clauses; }, 10, 2 ); }}} The above code will trigger the following PHP warning: {{{ Parameter 2 to {closure}() expected to be a reference, value given }}} cc @jbrinley FYI" johnbillion 8 45376 Search not working as described in codex Query normal normal Awaiting Review defect (bug) new 2018-11-19T13:07:01Z 2018-12-07T01:56:14Z "In the codex it says if I sort my search query results by relevance it should behave as follows: ""Order by search terms in the following order: First, whether the entire sentence is matched. Second, if all the search terms are within the titles. Third, if any of the search terms appear in the titles. And, fourth, if the full sentence appears in the contents."" That actually is not right, because the third case never happens! Example: I have 3 Posts with titles: ""Keyword"", ""Key"" and ""Word"" If I search for ""?s=key+word"" the result ist only ""Keyword"" but it should be ""Key"" and ""Word"" too!?" totatari 45377 Video Shortcode Ajax Issue Shortcodes 5.0 normal minor Future Release defect (bug) new 2018-11-19T13:34:23Z 2018-12-06T10:59:35Z "Hi guys, I have the problem with wp_video_shortcode element settings on ajax trigger, where defaults_atts variable override settings I forward to shortcode. Because is_admin() conditional inside shortcode function return true on ajax calling. Example code {{{ <div class=""video-player-element""> <?php // Get video meta src $video_meta = get_post_meta( get_the_ID(), 'video_player_src', true ); // Video player settings $settings = apply_filters( 'video_player_settings', array( 'width' => 1300, // Aspect ration is 16:9 'height' => 731, 'loop' => true ) ); // Init video player echo wp_video_shortcode( array_merge( array( 'src' => esc_url( $video_meta ) ), $settings ) ); ?> </div> }}} When I call ajax to load the new content on frontend, video player element is loaded with my settings but on rendering video, wp_video_shortcode function override my settings with default because function enters inside this conditional {{{ if ( is_admin() ) { // shrink the video so it isn't huge in the admin if ( $atts['width'] > $defaults_atts['width'] ) { $atts['height'] = round( ( $atts['height'] * $defaults_atts['width'] ) / $atts['width'] ); $atts['width'] = $defaults_atts['width']; } } }}} Is there any solutions to skip this check, or if you add some filter around defaults_atts so I can be able to change that values? Thanks for your solutions Best regards, Nenad " Nenad Obradovic 5 45381 importer should remap attachment IDs when they appear in a block's attributes dev-feedback Import normal normal Awaiting Review enhancement new 2018-11-19T18:07:45Z 2021-12-22T19:20:43Z "Related: https://github.com/WordPress/gutenberg/issues/10535 > One idiosyncrasy of the WordPress Importer is that attachment ids can change in the import process. If an existing WordPress site already has a number of posts, those existing post ids can conflict with the post ids included in the import file. > > To accommodate the changing ids, the WordPress Importer has backfill_parents() (ref) and remap_featured_images() (ref). Both of these methods use a mapping of old=>new post ids to update existing references to the old ids. > > Along the same lines, Image Blocks will need their attachment ids updated, otherwise they can end up in a crashed state. To replicate what the user will experience, simply insert an Image Block and change its attachment id reference to an invalid id: I've done some experimenting and the mods to importer to support such remapping are fairly minor. Before submitting a patch I'll have to account for the recent change in the Gallery block (https://github.com/WordPress/gutenberg/pull/11540). The mods I have work only if the attachments in question are included in the same export/import as the posts that have blocks that reference them. For example, if you export posts separately from Media and do 2 separate imports the IDs are not remapped. If the attachments are not included in the same export as the posts that reference them, then the importer currently does not remap the URLs in post_content either whether the media is referenced in a block or in ""classic"" content (i.e., they still point to URLs on the exporting host)...so I do not think that is a major flaw in what I've written :-) I do not see any way around that, but wanted to mention it in case anyone has any bright ideas...before I finalize and submit that patch." pbiron 2 45387 Valid HTML get mangled on the frontend has-patch Editor normal normal Awaiting Review defect (bug) new 2018-11-20T18:12:49Z 2023-11-22T15:40:07Z "Open the HTML editor, paste this HTML code {{{ <p>To make this thing happen, go to Pages <a href=""http://google.com/"" target=""_blank"" rel=""noreferrer noopener"" aria-label=""This is > an aria label"">http://google.com</a></p> }}} And preview the post in frontend. The HTML is a big mangled in the output, the link don't show up properly. I suspect that it's related to one of `the_content` filters. Reproduced in 4.9.8" youknowriad 19 45389 trackback_url_list() trackback excerpt for multibyte correspondence SergeyBiryukov needs-unit-tests Pings/Trackbacks normal normal Future Release defect (bug) reviewing 2018-11-21T08:15:18Z 2019-01-16T02:57:17Z In the case of multibyte, the last letter of the trackback excerpt may be garbled. ishitaka 2 45393 categories don't work in brand-new wordpress instance (return 404) Taxonomy 4.9.8 normal normal Awaiting Review defect (bug) new 2018-11-21T17:32:35Z 2018-11-21T17:48:03Z "steps to reproduce: 1. install new wordpress instance 2. create a category `test` 3. go to its url http://example.com/category/test/ (i also tried /category/test (without closing slash)) expected result:\\ http status 200, ""no items found"" message\\ NOTHING FOUND It seems we can’t find what you’re looking for. Perhaps searching can help. actual result:\\ http status 404, ""page not found"" message\\ OOPS! THAT PAGE CAN’T BE FOUND. It looks like nothing was found at this location. Maybe try a search? even if you continue: 4. add a post to the category 5. visit category page again -- you'll get the same result. workaround: 6. switch theme to `twenty fifteen` 7. switch back to `twenty seventeen` 8. visit category page again -- now you get the expected result, the bug won't reproduce anymore versions:\\ PHP Version 5.6.38\\ Chromium Version 70.0.3538.77 (Official Build) Built on Ubuntu , running on Ubuntu 18.10 (64-bit) " awardpress 1 45394 get_posts fails to return results when accessing admin with a custom user role reporter-feedback Query 4.9.8 normal normal Awaiting Review defect (bug) new 2018-11-21T17:35:55Z 2018-12-10T15:05:42Z "Not sure if this is intentional or not, or if there are some capabilities required for custom user roles for 'get_posts' to work, but I'm finding that using 'get_posts' in a CPT metabox works exactly as expected and returns the correct results when accessing the admin as an admin or editor, however, accessing the same screen as any number of custom user roles results in 'get_posts' not returning any data. There are no error messages and no indication anywhere online that get_posts() is somehow dependent on user role. To my best estimation this appears to be a bug - get_posts() would work on the front end without a user being logged in, so the user level/role on the back end shouldn't be relevant to whether or not results are returned. Here's an example: {{{#!php <select name=""mwss_session""> <option value="""">Please select a Session</option> <?php $get_sessions = get_posts( array( 'post_type' => 'seasonal_sessions', 'post_status' => 'publish', 'posts_per_page' => -1, 'meta_key' => 'mwss_session_status', 'meta_value' => 'true', 'meta_compare' => '=' ) ); $selected_session = $mwss_session; foreach( $get_sessions as $active_session ) { $session_name = get_the_title( $active_session->ID ); echo '<option value=""' . $session_name . '""'; if( $selected_session === $session_name ){ echo 'selected'; } echo '>' . $session_name . '</option>'; } ?> </select> }}} To recap: - In wp-admin, logged in as Admin or editor, the dropdown is populated with results - On front end, logged in with custom user role (most basic level, almost equivalent to a subscriber), the dropdown is populated with results - in wp-admin, logged in as custom user role, (consistent with editor caps), the dropdown is empty" tonydjukic 2 45400 last of query_vars contains anchor Query 4.9.8 normal normal Awaiting Review defect (bug) new 2018-11-22T16:23:44Z 2018-12-05T17:17:29Z "Anchor links (at least individual comment links) are generated basically by appending ""/#Comment-XX"" to the end of URL. In which case $wp_query->$query_vars returns last variable with appended ""/"" in it. " visnevskis 45404 Autosave fails for custom post type item that belongs to a non-publicly_queryable post type Editor 5.0 normal normal Future Release defect (bug) new 2018-11-23T13:34:35Z 2018-12-11T15:30:21Z "To reproduce this create a CPT: {{{#!php <?php function custom_post_type() { $labels = array( 'name' => _x( 'Post Types', 'Post Type General Name', 'text_domain' ), 'singular_name' => _x( 'Post Type', 'Post Type Singular Name', 'text_domain' ), 'menu_name' => __( 'Post Types', 'text_domain' ), 'name_admin_bar' => __( 'Post Type', 'text_domain' ), 'archives' => __( 'Item Archives', 'text_domain' ), 'attributes' => __( 'Item Attributes', 'text_domain' ), 'parent_item_colon' => __( 'Parent Item:', 'text_domain' ), 'all_items' => __( 'All Items', 'text_domain' ), 'add_new_item' => __( 'Add New Item', 'text_domain' ), 'add_new' => __( 'Add New', 'text_domain' ), 'new_item' => __( 'New Item', 'text_domain' ), 'edit_item' => __( 'Edit Item', 'text_domain' ), 'update_item' => __( 'Update Item', 'text_domain' ), 'view_item' => __( 'View Item', 'text_domain' ), 'view_items' => __( 'View Items', 'text_domain' ), 'search_items' => __( 'Search Item', 'text_domain' ), 'not_found' => __( 'Not found', 'text_domain' ), 'not_found_in_trash' => __( 'Not found in Trash', 'text_domain' ), 'featured_image' => __( 'Featured Image', 'text_domain' ), 'set_featured_image' => __( 'Set featured image', 'text_domain' ), 'remove_featured_image' => __( 'Remove featured image', 'text_domain' ), 'use_featured_image' => __( 'Use as featured image', 'text_domain' ), 'insert_into_item' => __( 'Insert into item', 'text_domain' ), 'uploaded_to_this_item' => __( 'Uploaded to this item', 'text_domain' ), 'items_list' => __( 'Items list', 'text_domain' ), 'items_list_navigation' => __( 'Items list navigation', 'text_domain' ), 'filter_items_list' => __( 'Filter items list', 'text_domain' ), ); $args = array( 'label' => __( 'Post Type', 'text_domain' ), 'description' => __( 'Post Type Description', 'text_domain' ), 'labels' => $labels, 'supports' => array( 'title', 'editor' ), 'taxonomies' => array( 'category', 'post_tag' ), 'hierarchical' => false, 'public' => true, 'show_ui' => true, 'show_in_menu' => true, 'menu_position' => 5, 'show_in_admin_bar' => true, 'show_in_nav_menus' => true, 'can_export' => true, 'has_archive' => true, 'exclude_from_search' => false, 'publicly_queryable' => false, 'capability_type' => 'page', 'show_in_rest' => true, ); register_post_type( 'post_type', $args ); } add_action( 'init', 'custom_post_type', 0 ); }}} Then create an item and publish. After the item is saved, edit the title and wait until the autosave is triggered. The autosave fails without any JS error. Also if you make the CPT set ""public"" to false but ""publicly_queryable"" to true and create and publish an item after I refresh the editor I get the following JS error: {{{ TypeError: Cannot read property 'prefix' of null at PostLink (edit-post.js?ver=3.1.2:4769) at ph (react-dom.min.js?ver=16.6.3:97) at eg (react-dom.min.js?ver=16.6.3:125) at fg (react-dom.min.js?ver=16.6.3:126) at wc (react-dom.min.js?ver=16.6.3:138) at fa (react-dom.min.js?ver=16.6.3:137) at gg (react-dom.min.js?ver=16.6.3:135) at Ca (react-dom.min.js?ver=16.6.3:133) at Object.enqueueSetState (react-dom.min.js?ver=16.6.3:191) at ComponentWithSelect.q.setState (react.min.js?ver=16.6.3:20) }}} " kmgalanakis 3 45406 Add additional default image sizes for srcset to accommodate wider viewports joemcgill Media 5.0 normal major Future Release defect (bug) assigned 2018-11-23T22:56:02Z 2020-02-24T18:50:10Z "Related Gutenberg issues: - 6177 https://github.com/WordPress/gutenberg/issues/6177 - 6131 https://github.com/WordPress/gutenberg/issues/6131 - 11973 (PR) https://github.com/WordPress/gutenberg/pull/11973 Duplicate of Gutenberg issue 11821 https://github.com/WordPress/gutenberg/issues/11821. == Problem Images aligned to `alignwide` and `alignfull` need proper size options from the `srcset` attribute. Currently the sizes generated for a large image (eg 4000px wide) by core are: - original - 300px - 768px - 1024px (Themes and plugins can generate additional sizes.) This means for image displays wider than 1024px, the original size image file will be used which imposes a significant performance hit on the end-user. These sizes should be closely tied to real-world data about viewport widths. Currently the only readily available data is screen sizes. One source is StatCounter's worldwide screen resolution stats http://gs.statcounter.com/screen-resolution-stats. They break down as follows (October 2018): ||= Screen size =||= Usage percentage =|| || 360x640 || 20.04% || || 1366x768 || 11.84% || || 1920x1080 || 9.4% || || 375x667 || 5.07% || || 1440x900 || 3.26% || || 768x1024 || 2.61% || == Proposal Align automatically generated image sizes to browser stats taking into account 2x and 3x displays. Proposed new sizing array: - 375px (covers <=375px widths) - 768px (covers 768px and 375x2 widths) - 1125px (covers <=1125px and 375x3 widths) - 1440px (covers <=1440 widths) - 1920px - 2304px (covers <=2304px and 768x3 widths) - 2880px (covers <=2880px and 1440x2 widths) - 3840px (covers 1920x2 widths) This might seem like a lot, but for most images only the smaller sizes will be generated. For larger images, providing these additional sizes available for the `srcset` attribute will ensure the browser pulls down the smallest possible image for wide images displayed in wider viewports. == Note This permanently disassociates the physical image sizes from the classic display widths defined by WordPress. Which makes sense because the old modality of pixel widths defining small/medium/large image sizes no longer applies anyway." mor10 17 45407 Add block attributes to `wp_calculate_image_sizes` to allow for proper handling of `sizes` attribute joemcgill dev-feedback Media high major Future Release defect (bug) assigned 2018-11-23T23:17:04Z 2022-02-03T15:13:41Z "Related Gutenberg issues: - 6177 https://github.com/WordPress/gutenberg/issues/6177 - 6131 https://github.com/WordPress/gutenberg/issues/6131 - 11973 (PR) https://github.com/WordPress/gutenberg/pull/11973 Related Trac tickets: - #45406 - #37840 == Problem For images with no alignment or images where the image block is aligned `alignwide` and `alignfull`, the `sizes` attribute reads: {{{ sizes=""(max-width: 1024px) 100vw, 1024px"" }}} This means regardless of the displayed width of an image, the largest image file pulled by the browser is the generated 1024px image. If the displayed image width is wider than 1024px, the browser will stretch the image to compensate causing blur and artifacts. Historically this was solved by theme developers by augmenting the `sizes` attribute using the `wp_calculate_image_sizes` filter. The new `alignwide` and `alignfull` widths **cannot currently be accommodated** using this filter because the filter does not contain information about the alignment value of the containing block. == Proposed solution Modify the `wp_calculate_image_sizes` filter to include a new fifth parameter `$block_attr` containing an array which includes `[align]` which holds the alignment value for the containing block. This is a stop-gap measure as we wait for Gutenberg PR 11973 https://github.com/WordPress/gutenberg/pull/11973 to merge. == Why this is a blocker From my perspective, this is a blocker to 5.0 for three main reasons: 1. As stated earlier, the current implementation of images means images with no alignment or images where the image block is aligned `alignwide` and `alignfull` are supplied with an incorrect `sizes` attribute by core. Theme developers cannot fix this because they have no way of filtering for different block widths. The end result is the visitor experiences blurry and/or artifact-heavy images which will be interpreted as an error. No theme (Twenty Nineteen included) handles responsive images correctly at the moment meaning all ""Gutenberg-ready"" themes with wide and full image options will display blurry/artifact-full images. 2. A solution to this problem must be one which stands the test of time. Once a solution is introduced, every theme (including core themes) must be updated. Shipping an interim solution which will later be changed puts an undue burden on theme developers and will impose legacy debt on WordPress Core to provide support for the interim solution in the long term. The proposal to add `$block_attr` with the `[width]` value to the `wp_calculate_image_sizes` filter is a mini version of what is proposed in Gutenberg PR 11973 and will be forward-compatible to more advanced images handling by themes. 3. 5.0 is shipping to millions of sites world wide. WordPress has a responsibility to follow web standards and use them correctly. The current implementation of the `sizes` attribute is insufficient and causes incorrect behavior for the end-user. == Further context - https://github.com/WordPress/twentynineteen/issues/50#issuecomment-436829300 - https://github.com/WordPress/gutenberg/issues/6177#issuecomment-400095305 - https://github.com/WordPress/twentynineteen/pull/629/files" mor10 44 45417 Lack of actions when wp_cache_flush is called dev-feedback Cache API normal trivial Future Release enhancement new 2018-11-26T14:08:25Z 2018-12-02T22:48:40Z "The function definition of wp_cache_flush doesn't have a do_action call, and neither does WP_Object_Cache->flush. https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-includes/cache.php#L97 https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-includes/cache.php#L498 I want to be able to run additional code whenever the object cache is flushed but currently I can't. Fixing this should be as trivial as adding {{{ do_action('wp_cache_flush'); }}} to the function definition of wp_cache_flush. I don't care about the name of the action or if it runs before or after the flush, I'd just like to have this functionality in the core. Preferably before WordPress 6.0. " k1sul1 1 45435 Port Gutenberg's `removep` Function to Php has-patch Editor 4.9.8 normal normal Awaiting Review enhancement new 2018-11-27T19:15:23Z 2020-11-24T02:44:43Z "Gutenberg has `autop` and `removep` functions, code is here: https://github.com/WordPress/gutenberg/tree/master/packages/autop `autop` in JS is equivalent to `wpautop` in PHP. There is no `removep` or `wpremovep` in PHP. I have often needed it. Please port it into WordPress for PHP developers. Thank you for your consideration." conner_bw 11 45437 On plugin update screen, offer more information and options Upgrade/Install normal minor Future Release enhancement new 2018-11-27T23:20:20Z 2023-08-29T15:26:10Z "On the plugin update screen, where all available updates to plugins show, there would be some really neat information to be able to see: * Is this plugin active on my website right now? * Delete this (or these) plugin(s) rather than update There is currently not a lot of information on this screen, and some of that information could be useful, particularly in eliminating cruft or unnecessary and no longer used plugins. I did a very rough sketch of what I mean, and some information / actions that could be useful. Now that we have synchronous same-screen plugin actionability this may even end up being able to be somewhat elegant. [[Image(https://www.dropbox.com/s/5un8qycsy017jov/plugin-updates.png)]] " krogsgard 4 45439 Add a link to plugins/themes details in dashboard to translation page Plugins normal normal Awaiting Review enhancement new 2018-11-28T06:48:19Z 2019-01-16T06:50:09Z "Currently locale translators don't get credit for their contributions, I know there are pages in translate.wp.org, But WordPress users usually can't reach those pages easily, because they install plugins directly via dashboard I think we can add a link in dashboard plugin details, a link to current language translators page, For example: if our current language is Persian, for woocommerce plugin, we can add a link (Translation Team, Help us!) to related Persian translators page: https://translate.wordpress.org/locale/fa/default/wp-plugins/woocommerce And the link can be auto generate for any other active language in dashboard This help users to find that area easily and encourage them to participate in those translations, And also help plugin/themes developers to get more translation for their product, And will give a credit to that translators I think the dashboard credit would make more sense So we can have more plugin translation updates and more contributors This can be also for Themes " parsmizban 6 45457 get_terms returns incorrect terms set for indirect children Taxonomy 4.9.8 normal normal Awaiting Review defect (bug) new 2018-12-01T13:07:15Z 2018-12-02T21:00:37Z "I created categories as below. 未分類(term_id=1) has two children, C1(term_id=2) and C2(term_id=3).\\ C1 has three children, C3(term_id=4), C4(term_id=5) and C5(term_id=6).\\ C2 has two children, C6(term_id=7) and C7(term_id=8). If I query as below, it returns correct answer. {{{#!php <?php get_terms(array('taxonomy' => 'category', 'hide_empty' => false, 'name' => 'C1', 'child_of' => 1)); }}} This query returns C1 term. But I query as below, it returns no terms. I think this behavior is incorrect. {{{#!php <?php get_terms(array('taxonomy' => 'category', 'hide_empty' => false, 'name' => 'C4', 'child_of' => 1)); }}} " mh35 3 45459 Infinite Loop By redirect_canonical (canonical.php) due to mishandling of Port Information in URL creation/rebuilt Canonical 4.9.8 normal major Awaiting Review defect (bug) new 2018-12-02T05:14:24Z 2018-12-06T22:30:32Z "**Background** Fresh install version 4.9.8 for a simple website (no SSL, using standard theme twentyseventeen). Standard installation went well without any hiccup. However immediately after installation ""Too many redirect errors"" occurred using any browser. **Infinite loop Symptoms** * Happen on URL that required index.php e.g: http://[domain.com] , http://[domain.com]/ (with or without trailing slash) * Full permalink URL such as: * http://[domain.com]/2018/12/01/hello-world/ * http://[domain.com]/category/uncategorised/ will render without any problem This symptom actually is actually has happened before in this particular server and all my other website on this server requiring the removal of redirect_canonical function. Applied in functions.php of the themes file as follow: {{{ remove_filter('template_redirect', 'redirect_canonical'); }}} With the removal of redirect_canonical above, the infinite loop is mitigated. But I decided this time to try to pin out the real problem because removing canonicalization is not a very good thing for SEO. **Investigation** * This fresh install infinite loop happen in my server that uses ""reverse proxy"" setting using Nginx, i.e the requested url is passed around between reverse proxy and upstream server using http://[domain.com]:80 and http://[domain.com]:8080 (or any other arbitrary port) * Trace the problem to canonical.php and catch the bug as follows * Original snippet of canonical.php (in wp-includes) {{{ 530 if ( $do_redirect ) { 531 // protect against chained redirects 532 if ( !redirect_canonical($redirect_url, false) ) { 533 wp_redirect($redirect_url, 301); 534 exit(); 535 } else { 536 // Debug 537 // die(""1: $redirect_url<br />2: "" . redirect_canonical( $redirect_url, false ) ); 538 return; 539 } 540 } else { 541 return $redirect_url; 542 } }}} * Minor modification to catch the bug (reverse the logic in line 532 so it goes to the debug section and add $requested_url to be printed as well): {{{ 530 if ( $do_redirect ) { 531 // protect against chained redirects 532 if ( redirect_canonical($redirect_url, false) ) { 533 wp_redirect($redirect_url, 301); 534 exit(); 535 } else { 536 // Debug 537 die(""1: $redirect_url<br />2: $requested_url<br />3: "" . redirect_canonical( $redirect_url, false ) ); 538 return; 539 } 540 } else { 541 return $redirect_url; 542 } }}} * From the print out of the debugging, it is confirmed that the differences between the $requested_url and $redirect_url is causing the infinite loop: (i.e: the port "":80"" is missing in the $redirect_url, causing it to recursively redirected to the same http://[domain.com]/) * $redirect_url: http://[domain.com]/ * $requested_url: http://[domain.com]:80/ If the url were http://[domain.com]/2018/12/01/hello-world/ it will not produce the infinite loop as the result of the debugging is: * $redirect_url: http://[domain.com]/2018/12/01/hello-world/ * $requested_url: http://[domain.com]/2018/12/01/hello-world/ (no port number produced by the function) * Trace further how the function handle port, and found this ""lazy"" snippet (original): {{{ 386 // Handle ports 387 if ( !empty($user_home['port']) ) 388 $redirect['port'] = $user_home['port']; 389 else 390 unset($redirect['port']); 391 }}} Apparently from the code above, if the $WP_HOME doesn't have port component it just removes the component for redirection. Seems a bit lazy to me. True enough, I add below line in wp-config.php and fix the problem {{{ define('WP_HOME','http://[domain.com]:80'); }}} But of course, it is never that simple. While the infinite loop for the home page is handled, the other link is affected. In this case, going back to the debuging mode, the result os requesting url http://[domain.com]/2018/12/01/hello-world/ produced: * $redirect_url: http://[domain.com]:80/2018/12/01/hello-world/ * $requested_url: http://[domain.com]/2018/12/01/hello-world/ (i.e: the port "":80"" is now added on the $redirect_url) * Trace further up as the source of the port, it seems that it come from $original[] variable within the function {{{ 70 $original = @parse_url($requested_url); }}} which sometimes have port information parsed, but sometimes is not. **TEMPORARY SOLUTION (so far okay)** The idea is how the code could handle ""port"" better: * if there is no port information in $original variable, why bother adding port info to the redirection * but if there is one, the redirection needs to also include the port info to prevent mismatch (hence infinite loop) i.e http://[domain.com]:80/ redirect to http://[domain.com]/ which then redirect to http://[domain.com]:80/ and so on. Here is the code that I come up that solve this issue so far {{{ 386 // Handle ports 387 if ( isset($original['port']) && !empty($original['port'])) { 388 if ( !empty($user_home['port']) ) 389 $redirect['port'] = $user_home['port']; 390 else { 391 $redirect['port']='443'; 392 if (isset($original['scheme']) && !strcmp($original['scheme'],'http')) $redirect['port']='80'; 393 } 394 } }}} i.e: if user is using exoctic/unusual port they need to put it on the $WP_HOME anyway - otherwise assuming 80 and 443 would be quite common. What causing the port number to come up? I assume it is due to the reverse proxy configuration in 1 server where parameter passing is using the port number that is not common. (e.g between https:443 to http:8080), but nevertheless, the more proper handling of port info as described above should be logical and necessary to prevent the unnecessary infinite loop. I categorize this bug initially as ""major"" because it happens without any variety of user data, it is from a fresh install and reverse-proxy caching is a common technique used even in a shared hosting environment. The expert at WordPress can determine whether the solution is robust enough to be implemented in more permanently. So, with modification of that, people that use reverse proxy setting can still use canonicalization feature from WordPress without infinite loop problem. Also they can remove: {{{ remove_filter('template_redirect', 'redirect_canonical'); }}} from their functions.php Thanks, hope this helps." dkristanda 1 45471 Allow caching of parse_blocks results francina dev-feedback Cache API 5.0 normal normal Future Release enhancement assigned 2018-12-03T12:08:15Z 2023-03-29T14:48:39Z "A *lot* of Gutenberg implementations are going to have to parse the blocks in a post. Core itself already parses the blocks on output, but also when trimming an excerpt in `excerpt_remove_blocks`. All this parsing is done with `parse_blocks`. Unfortunately, the only thing passed to `parse_blocks` right now is a string, with no way of caching it. My suggestion would be to add a cache key to the `parse_blocks` function, which defaults to false. I've attached a proposed patch to the function, if we agree on this we could then look at how to implement this in core itself." joostdevalk 15 45473 Twenty Nineteen: Avoid html code in translatable strings dev-feedback Bundled Theme normal normal Future Release defect (bug) new 2018-12-03T14:20:45Z 2023-04-28T04:05:03Z "As always only the translatable part should appear for translators to avoid issues. I came across this one: {{{#!php <span class=""meta-nav"">Published in</span><br><span class=""post-title"">%title</span> }}} " Presskopp 9 45493 Square brackets in caption shortcode produce improper formatting has-patch Editor 4.9.8 normal normal Future Release defect (bug) reopened 2018-12-05T21:29:24Z 2023-07-27T03:14:55Z "If [square] brackets are placed inside of a {{{ [caption] }}} shortcode, the resulting formatting is broken when the captioned image is surrounded by text content. If you paste the following into the text editor, switch to visual, and then back to text, you'll notice the line break after the caption disappears. {{{ Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. [caption id=""attachment_143591"" align=""aligncenter"" width=""700""]<img class=""size-full wp-image-143591"" src=""https://placehold.it/700x800"" alt="""" width=""700"" height=""800"" /> This is a caption with some [square] braces that make it appear like another shortcode.[/caption] Duis autem vel eum iriure dolor in hendrerit in vulputate velit esse molestie consequat, vel illum dolore eu feugiat nulla facilisis at vero eros et accumsan et iusto odio dignissim qui blandit praesent luptatum zzril delenit augue duis dolore te feugait nulla facilisi. Lorem ipsum dolor sit amet, consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. }}} I'm not sure why this is happening, it may be related to some code thinking that the square brace inside the caption indicates it may be another shortcode. Escaping the shortcode using double brackets didn't have any affect." Christian1012 5 45498 Wrong order of arguments in call_user_func() for Walker_Comment::start_el() SergeyBiryukov needs-unit-tests Comments normal normal Future Release defect (bug) reviewing 2018-12-06T16:52:14Z 2019-01-16T05:46:01Z "Arguments order for rendering all types of comments is `$comment, $depth, $args` except for the custom callback: `call_user_func( $args['callback'], $comment, $args, $depth );` This causes every custom callback to throw an error when you use `$args` and `$depth` as you'd expect. For example, `comment_reply_link()` inside callback can not be used like it's suppose to be used, like so: {{{#!php <?php comment_reply_link( array_merge( $args, array( 'add_below' => 'div-comment', 'depth' => $depth, 'max_depth' => $args['max_depth'], 'before' => '<div class=""reply"">', 'after' => '</div>' ) ) ); }}} You need to replace `$depth` and `$args`, like so: {{{#!php <?php comment_reply_link( array_merge( $depth, array( 'add_below' => 'div-comment', 'depth' => $args, 'max_depth' => $depth['max_depth'], 'before' => '<div class=""reply"">', 'after' => '</div>' ) ) ); }}} " milana_cap 1 45505 get_post_custom() doesn't pull values Options, Meta APIs 5.0 normal normal Awaiting Review defect (bug) new 2018-12-06T21:37:29Z 2018-12-06T22:07:14Z "When you are on a post or page and change the content and reload, so that the autosave post pops up at the top, the get_post_custom() values in custom metaboxes aren't being pulled in. get_post_meta() values however still works in that scenario." dryane 1 45516 Auto Draft title issue for custom post types SergeyBiryukov has-patch Posts, Post Types 5.0 normal minor Future Release defect (bug) reopened 2018-12-07T08:52:14Z 2023-02-09T13:15:40Z "I have register post type without title support {{{ $labels = array( 'name' => _x( 'Social posts', 'post type general name', 'text-domain' ), 'singular_name' => _x( 'Social post', 'post type singular name', 'text-domain' ), 'menu_name' => _x( 'Social posts', 'admin menu', 'text-domain' ), 'name_admin_bar' => _x( 'Social post', 'add new on admin bar', 'text-domain' ), 'add_new' => _x( 'Add New', 'social-post', 'text-domain' ), 'add_new_item' => __( 'Add New Social post', 'text-domain' ), 'new_item' => __( 'New Social post', 'text-domain' ), 'edit_item' => __( 'Edit Social post', 'text-domain' ), 'view_item' => __( 'View Social post', 'text-domain' ), 'all_items' => __( 'All Social posts', 'text-domain' ), 'search_items' => __( 'Search Social posts', 'text-domain' ), 'parent_item_colon' => __( 'Parent Social posts:', 'text-domain' ), 'not_found' => __( 'No social-posts found.', 'text-domain' ), 'not_found_in_trash' => __( 'No social-posts found in Trash.', 'text-domain' ) ); $args = array( 'labels' => $labels, 'description' => __( 'Description.', 'text-domain' ), 'public' => true, 'publicly_queryable' => true, 'show_ui' => true, 'show_in_menu' => true, 'query_var' => true, 'rewrite' => array( 'slug' => 'social-post' ), 'capability_type' => 'post', 'has_archive' => true, 'hierarchical' => false, 'menu_position' => 10, 'menu_icon' => 'dashicons-id', 'delete_with_user' => true, 'can_export' => true, 'show_in_rest' => true, 'supports' => array( 'editor' ) ); register_post_type( 'social-post', $args ); }}} And if i add post the list post page shows title as ""Auto Draft"" " rajanit2000 35 45519 updates count differs on public area and in admin area Upgrade/Install 4.9.8 normal normal Awaiting Review defect (bug) new 2018-12-07T09:54:40Z 2018-12-07T09:54:40Z "when there are available 4 updates: 1 wp core update, 2 plugins updates ans 1 theme update -- then in public area there's a notification about 3 updates available, while in the same time in admin area -- about 4 ones. wp version 4.9.8. i know i should upgrade before i post a ticket. but if i upgrade, there will be no updates available! this requirement contradicts with reproducing the bug!" awardpress 45527 Jumping Cursor in Gutenberg Editor Editor 5.0 normal normal Awaiting Review defect (bug) new 2018-12-07T19:22:15Z 2020-05-28T03:37:48Z "While typing in a block / paragraph, the cursor jumps to the ''beginning'' of the paragraph. It happens while autosaving or language-correction. I testet Firefox 63, Edge and Chromium (all Windows 10). All WordPress-plugins were disabled, alls browser-plugins disabled. No mouse-movement at this moment, no keybord-buttons pressed. This problem happens since the 5.0 update. Video of the problem: [https://youtu.be/yJ2qSLq9hMs] In the video: I type some text and wait. While waiting the cursor jumps to the start of the paragraph. If I go on writing, the text is written at the beginning." pascalts 6 45532 WordPress 5.0 preview does not show updated content Editor 5.0 normal normal Awaiting Review defect (bug) reopened 2018-12-08T03:34:48Z 2018-12-13T03:09:59Z "When making an update to a page using the WordPress 5.0 code editor and then clicking ""Preview,"" the preview page does not display the updated content. Steps to reproduce: - Log in as an admin - Click Pages - Select a page to edit - Click the 3 dots menu on the right - Select ""Code Editor"" - Make changes to code within the editor - Click Preview in the top right Expected result: Updated code will be displayed in the preview page Actual result: The preview page displays the unedited page until the ""Update"" button is clicked" JoshCrawford 2 45544 Headers already sent at Plugins Page Install reporter-feedback Plugins 5.0 normal minor Awaiting Review defect (bug) new 2018-12-08T23:21:02Z 2018-12-13T03:39:53Z "I updated to the latest version (Bebo 5.0) and began to appear this alert and this error on the plugins installation page. [[Image(https://lunestudio.com.ar/wp-colaborate/warnnings.png)]]" lunestudio 1 45558 Move _draft_or_post_title() from wp-admin/includes to wp-includes dev-feedback Editor 5.0 normal normal Future Release defect (bug) new 2018-12-09T21:47:23Z 2019-04-08T06:38:33Z "In the WordPress 5.0 release package, the `wp_latest_comments_draft_or_post_title()` and `render_block_core_latest_comments()` functions don't exist because they were overwritten during `npm install` in the build process. That's because the changes from https://github.com/WordPress/gutenberg/pull/12326 were manually added to core, before that PR was merged (which happened today). Instead, we have `gutenberg_draft_or_post_title()` and `gutenberg_render_block_core_latest_comments()` in core now. That's certainly less than ideal. Not only because the prefix is wrong, but also because `gutenberg_draft_or_post_title()` / `wp_latest_comments_draft_or_post_title()` duplicated the existing `_draft_or_post_title()` function. We should fix this as soon as possible, before people try to use `gutenberg_` prefixed functions in their projects. That function was duplicated in Gutenberg because they didn't want to include admin functions in front-end facing code, which makes sense. Suggested solution: 1. Move `_draft_or_post_title()` to `wp-includes/template.php` 2. In the `block-library` package in Gutenberg, rename `wp_latest_comments_draft_or_post_title()` / `gutenberg_draft_or_post_title()` from `latest-comments.php` to `_draft_or_post_title()` and add a `function_exists()` check. This way, nothing should break. 3. Use that function in `render_block_core_latest_comments()` Alternatively to step 2, Gutenberg should just bump the minimum WP version to 5.0.1, which makes sure the `_draft_or_post_title()` function is available at all times. Benefits: 1. No duplicated code. 2. No `gutenberg_` prefixes in core" swissspidy 5 45562 drag and drop file upload fails with empty files when dragging from macOS Preview into WP on Safari 12 Media 5.0 normal normal Awaiting Review defect (bug) new 2018-12-10T00:27:48Z 2020-11-19T15:39:30Z "Part of my workflow involves opening multiple files in Preview (on macOS), and then adding them to WordPress by dragging and dropping them to the Add Media page in WordPress (running in Safari). That used to work fine, but when I upgraded to Safari 12.0, I get the error: ""File is empty. Please upload something more substantial. This error could also be caused by uploads being disabled in your php.ini or by post_max_size being defined as smaller than upload_max_filesize in php.ini."" I'm using self-hosted WordPress (on both Ubuntu 11.04 or 11.10, with Apache 2.4 as the web server); I don't think I made any server-side configuration changes when this started happening, though it's possible I upgraded Apache versions at about the same time? This occurs in WordPress 5.0, and also occurred in WP 4.x versions; again, I don't think it was caused by a WP change, though I can't rule out a WP upgrade at about the same time. This works fine when dragging and dropping from Finder, it's only when dragging and dropping from Preview. To reproduce: * Select multiple images and open them up in Preview. * Go to Add Media in WordPress in Safari 12. * Drag one of the images from the Preview sidebar to Wordpress. I get the above file upload error when I do this." dbcarlton 2 45569 @var array tag is not present in class WP_Upgrader_Skin SergeyBiryukov has-patch Upgrade/Install 5.0 normal minor Future Release enhancement reviewing 2018-12-10T18:54:34Z 2019-01-08T05:21:39Z There is a class WP_Upgrader_Skin{} which is having line number 29 @var array $options but not in the comment. utsav72640 3 45585 comments ordering by date, orders them only for the current page. Comments 4.9.8 normal normal Awaiting Review defect (bug) new 2018-12-11T15:35:05Z 2018-12-12T08:15:33Z "'''Tested''': on 5.0 and 4.9.8 (found it on 4.9.8) '''Steps to reproduce''': 1. add comments (skip if existing) 2. change the comment dates 3. activate pagination in comments in wp-settings -> discussion and set comments display ""newest"". '''Mentions''' I did testing on both Twenty Seventeen and Twenty Nineteen, the result is the same, it will order comments by date for the current page, not all comments and then split in pages. '''Expected behaviour''' Order comments then split them in pages, now it does vice-versa, where it orders the comments by date after they are being split in pages." rwky 2 45589 resized images does not delete after delete main image in media library Media 5.0 normal normal Awaiting Review defect (bug) new 2018-12-11T20:18:31Z 2018-12-23T21:25:00Z "1) upload image 2) check the uploading folder - image-100x100.jpg image-540x750.jpeg and etc 3) delete image.jpg in media library 4) image-100x100.jpg image-540x750.jpeg and all other are still exist Looks like 10 years old bug #8309 " alexufo 3 45600 Suboptimal pasting from Word in block editor Editor normal normal Awaiting Review defect (bug) new 2018-12-12T15:11:39Z 2018-12-12T15:35:35Z "Hi, working with twenty seventeen. The backend interface has changed, and since then pasting from Word doesn't work well. Some spaces between words disappear. " RonnieK 3 45620 Issues with WordPress 5.0 Editor normal normal Awaiting Review defect (bug) new 2018-12-13T10:54:40Z 2018-12-17T00:00:56Z "I have loved using WordPress over the last few years but cannot express how horrible this new version of WordPress is. It has made WP the least user friendly web editor in the universe... Here's a few of the things I find most irritating: Get rid of the multiple scrolling, including the ""Document"" panel on the right of screen (Permalinks, Categories, Tags etc) Preview button displays the existing published paged, not most recent edits Adding an image is more complicated, as is adding a link to media item such as a PDF document. Need to add a block, upload the PDF, copy the link, delete the block then create a hyperlink. Clicking the Use classic WordPress editor button doesn't work/no change Switching between visual editor and code editor involves more navigation. Please add it to the main tool bar If you preview a webpage it opens in the same tab as WordPress. Sometimes it is helpful easily view both the editor and the previewed page in order to make the required changes. Occassionally the Add hyperlink field is locked open, cannot close it, so it floats over the webpage being edited. Auto save can take too long. Even for a standard page of text with a feature image. " lccwgtn 1 45633 finfo_file() returns text/plain for json file instead of application/json joemcgill has-patch Upload 5.0.1 normal normal Future Release defect (bug) assigned 2018-12-13T21:42:12Z 2022-11-07T06:53:52Z "In our plugin, to offer an import/export feature of the settings, we were relying on a json file as a way to save them, and allowing json upload using the upload_mimes filter. With the security update in 5.0.1, additional validation is performed in wp_check_filetype_and_ext() to determine the real type of an uploaded file. The issue is that a json file uploaded will return a application/json mime type from wp_check_filetype(), but a text/plain mime type by finfo_file(). So the new verification will always fail for json files, even though the file itself is fine, and allowed using the filter. Currently I don't see any workaround allowing a json file to be uploaded without recreating a complete custom upload logic." tabrisrp 9 45640 get_blogs_of_user improvements alexstine needs-unit-tests Networks and Sites 3.0 normal minor Awaiting Review enhancement assigned 2018-12-14T11:59:18Z 2021-11-16T13:59:24Z "get_blogs_of_user function is often pulling more data than it needs. This often won't cause any issues but in some cases when user is attached to big number of blogs, it may lead to out of memory error. Attached patch has changes that can lead to more improvements like pagination for ""My Sites"" admin page, limitation of listed sites in admin bar and on ""access denied"" page." maniu 4 45649 Please provide a 'Update Minor' option to the Updates page for minor updates Upgrade/Install normal normal Awaiting Review feature request new 2018-12-14T17:42:51Z 2018-12-15T08:23:36Z "Hello, With the most recent security release (thanks to all who worked on that) I upgraded numerous sites to 4.9.9 as we're not quite ready for the 5.x plunge on all of them. To accomplish the update I resorted to wp-cli and the command; `wp core update --minor` This worked beutifully, but I had to take the time to train some staff on using wp-cli and the command line. I was hoping along with the `Update` button which updates to the latest provide an 'Update Minor' button which would keep the site on the same major branch and just make the minor update. This is especially handy for security releases where the auto-update failed or is disabled as it allows admins to adopt the security fixes without having to do a major update. Thank you for taking my idea into consideration. Cheers " garrett-eclipse 2 45653 Embed a youtube video block in gutenberg editor shows black screen area does not display video Embeds 5.0.1 normal normal Awaiting Review defect (bug) new 2018-12-15T01:19:05Z 2018-12-16T13:34:32Z "Wordpress version 5.0.1. Dreamhost Linux/apache host. When i add a post to wordpress using the embed youtube block, it requests for a link and I have tried using both the share youtube link as well as the browser link and the video appears to play in the editor. however, once you preview draft or publish and view the post, the video is just black and you cannot click on it. I tried to used the youtube embed iframe and was successful if I put it in a custom html block. The video displays fine. It must the way the code embeds and not the system because the embed iframe really uses the same link src but the parameters are different than when you use the embed block." merylh 45666 "adding ""order"" as query arg to the homepage url you are redirected to the last posts page" Query normal normal Awaiting Review defect (bug) new 2018-12-16T19:30:08Z 2018-12-18T11:38:25Z "I've tested it on many sites, with different plugins, no plugins, different themes, default WordPress themes. If you add ?order=something to the home page url you have a redirection to the last posts page. " giuse 3 45669 Theme Default Suggested Header Image Not display reporter-feedback Customize 5.0.1 normal normal Awaiting Review defect (bug) new 2018-12-17T08:03:45Z 2019-11-09T09:15:31Z " After Theme Setup, changes on default we select default image will not save after the publish of suggested image in customize section in every them i tested please resolve this bug." deepaksk45 2 45670 Getting different MIME type from function finfo_file. dev-feedback Upload 5.0.1 normal normal Awaiting Review defect (bug) new 2018-12-17T09:41:57Z 2019-01-09T23:07:37Z "Getting different REAL MIME type from function `finfo_file`. The issue maybe the different Operating Systems or due to Different PHP versions. But, While debugging the issue, When I try to upload the XML on localhost I got the `text/xml` as a real MIME type and on live site its `application/xml`. Below is the debugging steps: File: `/wp-includes/functions.php` line 2346 {{{ // Validate files that didn't get validated during previous checks. if ( $type && ! $real_mime && extension_loaded( 'fileinfo' ) ) { $finfo = finfo_open( FILEINFO_MIME_TYPE ); $real_mime = finfo_file( $finfo, $file ); finfo_close( $finfo ); // @DEBUGGING... echo '<pre>'; var_dump( FILEINFO_MIME_TYPE ) . '<br/>'; var_dump( $finfo ) . '<br/>'; var_dump( $file ) . '<br/>'; var_dump( $real_mime ) . '<br/>'; wp_die(); }}} The output of the above code is below on LOCALHOST: - PHP: Version 7.2.4 - System: Windows NT M 6.3 build 9600 (Windows 8.1 Professional Edition) i586 {{{ int(16) resource(767) of type (Unknown) string(46) ""C:\Users\Yum\AppData\Local\Temp/wxr-LccAYF.tmp"" string(8) ""text/xml"" }}} But, It is different on the LIVE site. - PHP: Version 7.0.32-4+ubuntu16.04.1+deb.sury.org+1 - System: Linux ip-172-31-25-204 4.4.0-134-generic #160-Ubuntu SMP Wed Aug 15 14:58:00 UTC 2018 x86_64 {{{ int(16) resource(747) of type (Unknown) string(19) ""/tmp/wxr-YNkiH5.tmp"" string(15) ""application/xml"" }}}" Mahesh901122 3 45673 Twenty Nineteen: Front page entry-title should be h1, not h2 Bundled Theme normal minor Future Release defect (bug) new 2018-12-17T11:08:42Z 2023-11-08T07:49:40Z Posts published on the front page should use h1. This is encouraged with HTML5, and prevents wrong content structure as seen here: http://take.ms/DWnFH perandre 10 45680 New Page Bug reporter-feedback Posts, Post Types 5.0.1 normal normal Awaiting Review defect (bug) new 2018-12-17T20:23:10Z 2018-12-18T00:44:30Z I have installed an updated WordPress. When I create a new Page, I cannot add it to an existing menu because it is created as a new post versus a new page. LadySylvia 1 45683 WP 5.0.1 Throwing Warning on site when running PHP 7.1 Bootstrap/Load 5.0.1 normal normal Awaiting Review defect (bug) new 2018-12-17T21:41:04Z 2018-12-18T00:31:08Z "Visible warning appears when running 5.0.1 on PHP 7.1 ""Warning: array_merge(): Argument #2 is not an array in /[redacted]/wp-includes/load.php on line 63"" error appeared on front end after autoupdate to 5.0.1. Error persistent on both themes twenty nineteen and twenty seventeen (although hidden behind the main image) with every plugin deactivated, and 5.0.1 freshly reinstalled. When I changed PHP version to 7.2 the error went away. Back to 7.1.25 it reappeared. " Wendy__D 1 45687 URL params get lost because of canonical redirect on static front page Canonical 5.0.1 normal minor Awaiting Review defect (bug) assigned 2018-12-18T12:13:31Z 2018-12-18T12:24:43Z "Please see #25143. A shortcode that changes its output via (prettified) URL params, i.e. `/test/1/`. Use the shortcode on a **static front page**. The params are added either with `add_rewrite_rule()` or `add_rewrite_endpoint()`, but **without adding query vars**. This is basically what the patch in #25143 fixed (3rd param ''false''): {{{ add_rewrite_endpoint( 'test', EP_PERMALINK | EP_ROOT | EP_PAGES, false ); }}} However, the later change on line 175 in changeset [36237] causes a request such as `/test/1/` to redirect to `/` **and the shortcode can't work with the param**. On a side note, adding the params as query vars causes the intended static front page to use the posts template because `is_home()` is ''true''.\\ I understand that if I don't want URL params to modify the query, I should not register them as query vars (see [ticket:25143#comment:21 boonebgorges]). However, the template change feels rather wrong to me, too (see [ticket:25143#comment:20 mordauk]). Thanks for listening." captain.crash 45688 admin_post_thumbnail_html filter no longer works in WordPress > 5.0 Post Thumbnails 5.0 normal normal Awaiting Review defect (bug) new 2018-12-18T15:35:21Z 2018-12-18T15:41:12Z "Hello, It seems the admin_post_thumbnail_html filter not longer working in latest WordPress ?" nik00726 1 45691 In Code View Bolded Text Has Strong tag wrapped around each character Editor 5.0.1 normal normal Awaiting Review defect (bug) new 2018-12-18T17:50:14Z 2018-12-19T17:03:48Z "When copying a word document over to create a new page, the formatting carries over...mostly. But when you look at the content in code view there are extra tags that is added which make the code look sloppy. Here is a sample of the extraneous code added when viewing the code; <p><strong>S</strong><strong>H</strong><strong>A</strong><strong>RING INFORMATION WITH ADVERTISERS </strong><strong>OR </strong><strong>OTHER THIRD </strong><strong>P</strong><strong>A</strong><strong>R</strong><strong>T</strong><strong>I</strong><strong>E</strong><strong>S</strong></p> Why is it adding a strong tag around each character? I am adding a screengrab of the Dev Tools and of WordPress 5.0 UI." codingsince007 2 45694 Undefined Index: caption_id SergeyBiryukov reporter-feedback Media 5.0.1 normal normal Future Release defect (bug) reviewing 2018-12-18T21:41:16Z 2019-01-16T05:56:42Z "Discovered this randomly on a local project. {{{ Notice: Undefined index: caption_id in /var/www/html/wp-includes/media.php on line 1572 }}} Discovered with PHP 7.2.10 and WordPress 5.0.1 It's just a warning but one nonetheless. Attached will be the patch." Soben 1 45697 Database: Upgrading field collations Database normal normal Future Release enhancement new 2018-12-19T02:54:27Z 2022-08-22T15:43:24Z "[37523] added support for the `utf8mb4_unicode_520_ci ` collation, and #38036 exists to look at adding support for the `utf8mb4_0900_ai_ci` collation. With these variations, it's possible for a WordPress site to be installed, then MySQL is upgraded sometime later. Subsequent table changes (for example, a plugin creating a new table) would use the newer collation, while the original tables would use the older collation. This will cause `JOIN` queries between fields of different collations to fail." pento 6 45702 make_clickable() doesn't handle linked text being a URL with spaces within it needs-unit-tests Formatting low trivial Future Release defect (bug) new 2018-12-19T07:22:42Z 2019-04-03T16:39:31Z "As reported in https://meta.trac.wordpress.org/ticket/3998 > {{{ > <a href=""https://codex.wordpress.org/Roles and Capabilities"">https://codex.wordpress.org/Roles and Capabilities</a> > }}} > turns into: > {{{ > <a href=""https://codex.wordpress.org/Roles and Capabilities"" rel=""nofollow""></a><a href=""https://codex.wordpress.org/Roles"" rel=""nofollow"">https://codex.wordpress.org/Roles</a> and Capabilities > }}} > Looks like either `make_clickable()` or `bbp_make_clickable()` is trying to make the URL clickable without taking the existing `<a>` tag into account. As I've commented on the ticket: ---- This is a problem in `bbp_make_clickable()`, but is also present in `make_clickable()`. Given the input string of `<a href=""https://codex.wordpress.org/Roles and Capabilities"">https://codex.wordpress.org/Roles and Capabilities</a>` both will return the invalid output. Both contain the following to correct it: {{{ return preg_replace( '#(<a([ \r\n\t]+[^>]+?>|>))<a [^>]+?>([^>]+?)</a></a>#i', ""$1$3</a>"", $r ); }}} But as the resulting HTML is the following it's not matched (due to the `</a></a>` - which assumes that neither the linked text never has spaces or isn't a URL) {{{ <a href=""https://codex.wordpress.org/Roles and Capabilities""><a href=""https://codex.wordpress.org/Roles"" rel=""nofollow"">https://codex.wordpress.org/Roles</a> and Capabilities</a> }}} Adjusting the regular expression to the following does work however for this specific case: {{{ return preg_replace( '#(<a([ \r\n\t]+[^>]+?>|>))<a [^>]+?>([^>]+?)</a>([^<]*)</a>#i', ""$1$3$4</a>"", $r ); }}} As a work around, you can remove the spaces from the linked text, which avoids it: `<a href=""https://codex.wordpress.org/Roles and Capabilities"">https://codex.wordpress.org/Roles and Capabilities</a>`. ---- Also created https://bbpress.trac.wordpress.org/ticket/3237" dd32 3 45709 Suggestion for User Roles Role/Capability normal normal Awaiting Review enhancement new 2018-12-19T17:51:47Z 2019-01-29T18:13:49Z "Hello, User Roles on WordPress works through a serialized object in a record at the wp_options table in the database. I understand that this might be considered enough. Although, I have a suggestion for improvement: I had a problem while working with multisites: I imported one website, and it happens that multisites depends on the name of the option at the wp_options table. Because I only updated the name of the tables, I couldn't see my user roles because that part is in the name of the option. After importing/updating it I could see. I believe that it would be more maintainable if we had a separate table wp_roles instead. I would like to hear some comments on that.If enough people agrees or have some positive thoughts on that, I might prototype a plugin for the community to try it out. Thanks! Savio Resende" lotharthesavior 3 45710 New feature: deleted related files when deleting a page or post Media 4.9.8 normal normal Awaiting Review feature request new 2018-12-19T20:26:22Z 2020-10-02T04:11:21Z "Hello, Nowadays, when you delete a page or post there's the downside that the related images will remain on the server. It would be great if WordPress keep track of where this image is being used. For example, image.png is used on 3 pages and 2 posts. So, when you're sending a page or post to the trash can, it will be great if WordPress could check if the related images are being used on another pages or posts. If not, the system could show a message: ""X image is not being used on any page or post. Do you wish to send it to the trash can as well?"" The user would have the final choice if he wants to leave that file at the server or not. And this would also could lead to a new function to find orphan images/files." gmr1970 1 45714 Allow all valid email formats when editing accounts in the dashboard has-patch Users normal normal 6.6 defect (bug) new 2018-12-19T22:14:32Z 2024-02-19T20:17:58Z "When updating an email address in the dashboard wp-admin/includes/user.php:80 uses sanitize_text_field which strips out a substring like ""%ed"" even though that is valid in the local part of an email address. Eg, the valid email address ""user%edition@site.com"" is saved as ""userition@site.com"". This ticket requests to using sanitize_email instead, similar to the REST API that checks using is_email. (A related, fixed issue is in #18039 which also recommended using sanitize_email)" chrisl27 12 45722 add markup to highlight the active tag Taxonomy normal normal Awaiting Review feature request assigned 2018-12-20T06:22:51Z 2018-12-20T06:22:51Z "I would like to use the tag cloud in a prominent way, and have the tag highlighted when a visitor is viewing its archive, the way the current page is highlighted in the navigation menu. any suggestions? " probablepossible 45724 Getting Warning: Cannot modify header information ..\wp-includes\pluggable.php on line 1223 reporter-feedback Upgrade/Install 5.0.2 normal normal Awaiting Review defect (bug) new 2018-12-20T11:30:16Z 2018-12-20T16:39:18Z "Hello Team, I have upgraded my WordPress from 4.8 to 5.0. while updating I am getting the warning ""Warning: Cannot modify header information - headers already sent by (output started at C:\wamp64\www\valud\current\speed_improve\wp-includes\script-loader.php:2338) in C:\wamp64\www\valud\current\speed_improve\wp-includes\pluggable.php on line 1223"" I tried and reinstalled WordPress multiple times but even thought maybe some bug will fix in upcoming version but still getting the issue in 5.0.2 please find attachment for more reference. http://nimb.ws/32qPyW Thanks Aniket " abahalkar 4 45725 Unable to use the UPLOADS constant with WordPress in a different directory needs-docs Upload normal normal Awaiting Review enhancement new 2018-12-20T13:07:46Z 2019-01-16T06:50:09Z "=== The problem === When WordPress is installed in a different directory (you can achieve that by following [[https://codex.wordpress.org/Giving_WordPress_Its_Own_Directory|these instructions]]), the **UPLOADS** constant is unable to function correctly in some cases according to the **wp_upload_dir()**'s output. Occasionally the constant accepts a relative path what will be appended to the **ABSPATH** constant to determine the **basedir** and to the **site_url()** function to determine the **baseurl** for the uploads location. Although WordPress does let you move the CMS (it actually can be anywhere on the filesystem), however the uploads directory will always be relative to the CMS directory (**ABSPATH** constant) when using the **UPLOADS** constant. === The use case === There are multiple use cases which will be affected by this but let's consider the next few parameters: * Website URL: example.com * Website DIR: /foo/bar * WordPress URL: example.com/wordpress * WordPress DIR: /foo/bar/wordpress Our goal is to store uploads at: * Uploads URL: example.com/uploads * Uploads DIR: /foo/bar/uploads However when we defining the UPLOADS constant as 'uploads', will result in the following: * Uploads URL: example.com/wordpress/uploads * Uploads DIR: /foo/bar/wordpress/uploads You might wonder what will happen when we use an absolute value for the constant instead, in this case '/foo/bar/uploads' is used: * Uploads URL: example.com/wordpress//foo/bar/uploads * Uploads DIR: /foo/bar/wordpress//foo/bar/uploads === The solution === Possible solutions where I could came up with are, the two following: * Add another constant like **ABSPATH** to the index.php, this could be tricky for some people to update but the benefits of it are very useful. It will allow you to use one WordPress installation for all your WordPress websites. How you might wonder? [[https://stackoverflow.com/a/39195424/3157038|This is how]], I've been using this already for years! * Another solution could be to introduce a new constant specifically for the uploads directory path and only use the current **UPLOADS** constant for the url. Both of these solutions require to be implemented into the **_wp_upload_dir()** function [[https://core.trac.wordpress.org/browser/tags/5.0/src/wp-includes/functions.php#L1972|on line 1972 in wp-includes/functions.php]] Have a look at the patch attached to this ticket, with the patch WordPress will introduce both the **UPLOADS_DIR** and **INDEX_ABSPATH** constant. According to some tests I did it should also be backward compatible." Fleuv 1 45730 WordPress upgraded 5.0.1 after password field is not working on add/edit user form reporter-feedback Users 5.0.1 normal normal Awaiting Review defect (bug) new 2018-12-21T07:34:28Z 2019-01-02T04:41:28Z "Hello, WordPress upgraded 5.0.1 after password field is not working on add/edit user form. Please help me. Thanks in advanced. Regards, Pooja Joshi." poojabeeline 4 45737 Starter Content: Add support for terms and taxonomies Customize 4.9 normal normal Future Release enhancement new 2018-12-21T21:52:56Z 2019-12-14T01:53:55Z "Starter content has been a great tool not only for themes to showcase what they can do, but for some interesting work around custom onboarding flows that reduce the difficulties of getting started for various groups of new users. As work around these things matures though, it's starting to push against the boundaries of what starter content currently supports. I'd like to see support added for terms. They could work similar to how nav menus, featured images, etc work, allowing terms to be added and a symbol referencing them to be added to the post. {{{#!php <?php [ 'posts' => [ 'blog-post' => [ 'post_type' => 'post', 'post_title' => 'Blog post', 'post_content' => 'Lorem ipsum', 'term_ids' => [ '{{foo-category}}' ], ], ], 'terms' => [ 'foo-category' => [ 'name' => 'Foo', 'slug' => 'foo', 'taxonomy' => 'category', ], ], ] }}} " aaroncampbell 3 45741 Theme block style dependencies while enqueuing Bundled Theme 5.0.2 normal trivial Awaiting Review enhancement new 2018-12-22T13:17:50Z 2021-11-30T16:02:34Z "Bundled themes enqueue a block style, such as /css/blocks.css in twentytwelve. These css rules sometimes overwrite the rules in the files with handles ''wp-block-library'' and ''wp-block-library-theme'' While the dependencies seem to be maintained, for the sake for completeness, shouldn't dependencies be made explicit in bundled themes' functions.php files? For example, dependencies in this enqueue? {{{ wp_enqueue_style( 'twentytwelve-block-style', get_template_directory_uri() . '/css/blocks.css', array( 'twentytwelve-style' ), '20181018' ); }}} " superpoincare 1 45742 "When using HTTPS, ""preview post"" fails." Editor 5.0.2 normal normal Awaiting Review defect (bug) new 2018-12-22T17:21:41Z 2018-12-28T15:31:54Z "I am using WordPress 5.0.2 hosted at HostGator, but have been seeing this issue since 5.0 was released. I am using the Classic Editor plugin. If I log into my WordPress site using https://(site), write a post, and then click ""preview"", WordPress will wait and then say the post cannot be displayed. If I log into my WordPress site using http://(site), write a post, and then click ""preview,"" WordPress with show a preview of the draft as expected. I have tried disabling all plug-ins and it did not fix the problem. HostGator forces WordPress users to use ""Endurance Page Cache"" plug-in, so I cannot disable that one. I have multiple WordPress sites hosted on HostGator (RobOHara.com, Review-o-Matic.com, OHaraPress.com) and all of them have been having this issue since upgrading to 5.0. Hopefully I found a legitimate bug and didn't waste anyone's time. Keep on 'Pressin!" robohara 2 45743 revisions issue with block editor Editor 5.0.2 normal major Awaiting Review defect (bug) new 2018-12-22T19:17:24Z 2018-12-28T15:33:50Z "Okay, I just upgraded my site to WordPress 5.0.2 I tried to edit an existing post, when I converted the contnt to block editor, the auto save kept telling me update did not happen ""Updating failed"", when I tried a preview, it never showed just keeps drawing he WordPress logo and ""Generating preview…"" I installed and activated the ""classic editor"" plugin and tried to edit the edit box is totally blank! I went back and deactivated the classic plugin then went to the post to edit but it was totally blank except for the header box and bellow a faint box with the title of ""Classic"" Fortunately I found an option ""Convert to Blocks"" when i did that, the content re-appeared but the ""preview still does not genrate. My current theme is Twenty Seventeen Version: 1.9 I went back to the post to try to recover a previous version, but there is no revisions history and found no option to activate. I searched the forum for help on reviosions and found * * adding line to save post revisions per WordPress {{{ */ https://codex.wordpress.org/Revisions */ and at https://codex.wordpress.org/Editing_wp-config.php#Post_Revisions */ }}} I have edited wp-config with these lines, I am guessing I have o log out close the browser and revisit the site for that code change to activate. I have no idea what to do from there." kyborn 1 45744 post preview does not work Editor normal critical Awaiting Review defect (bug) new 2018-12-22T19:43:15Z 2018-12-28T15:34:08Z "As I mentioned in my issue with revisions, there seems to be a real problem with the Preview feature in v 5.02 I created a NEW post using the Blocks editor. When I ask to Preview I get a page which does a continuous re-draw of the WordPress logo and the message Generating preview… The URL says only ""about:blank"" And again when I go to save I get the error Updating failed If I attempt to go to another part of admin I get the message ""Changes you made may not be saved. The theme I am using is Twenty Seventeen Version: 1.9" kyborn 1 45750 Twenty Nineteen: Bug in the menu on mobile devices; only partially visible desktop version of the menu sometimes shown instead of fullscreen mobile menu Bundled Theme 5.0 normal normal Future Release defect (bug) new 2018-12-23T11:35:44Z 2020-02-24T21:01:15Z When I click on the menu icon on websites (I've tried multiple websites, including uncustomized new installs) with the Twenty Nineteen theme, using a mobile device (iPhone 5s), it opens the mobile (fullscreen) version of the menu about half the time, but it otherwise opens the desktop version of the menu (non-fullscreen) which is only partially visible on a mobile device and not possible to use properly. I experienced this problem with the 5.01 and 5.02 versions of WordPress and the 1.0 and 1.1 versions of Twenty Nineteen. jklv 3 45755 Theme Editor WSOD functionality doesn't work with Multisite has-patch Networks and Sites 4.9 normal normal Future Release defect (bug) reviewing 2018-12-24T09:07:45Z 2020-04-26T12:17:23Z "The WSOD prevention code for the Theme & Plugin Editors don't work correctly for Multisite installations, which causes the entire feature to fail to update files. The problem is caused by `wp_edit_theme_plugin_file()` which uses `/wp-admin/admin-ajax.php` on multisite (we don't have a network admin ajax handler) and subsequently calls `admin_url( 'theme-editor.php' );` which will ultimately be a URL which redirects to `wp-admin/network/theme-editor.php` and thus fail the checks placed upon the response (`loopback_request_failed`). Instead of using `admin_url( 'theme-editor.php' )` it can be done like so: {{{ // Theme Editor on Multisite is always network-wide is_multisite() ? network_admin_url( 'theme-editor.php' ) : admin_url( 'theme-editor.php' ) }}} Unfortunately as `admin-ajax.php` has no context of whether it's being called from a Network Admin, `self_admin_url()` isn't a viable option here. " dd32 9 45761 consistency between $wpdb->blogid and get_current_blog_id() dev-feedback Networks and Sites 3.0 normal normal Awaiting Review defect (bug) new 2018-12-24T20:52:41Z 2019-03-15T13:31:35Z "On a single install (not multisite), you have $wpdb->blogid => 0 get_current_blog_id() => 1 Must be a very old one !!!" arena 2 45764 blog page and homepage the same list pages and not posts dev-feedback Posts, Post Types 5.0.2 normal minor Awaiting Review defect (bug) reopened 2018-12-25T11:47:36Z 2019-12-12T19:24:07Z "Hi I don't know when this was changed but if you set the same page as blog page aswell as your homepage the website starts listing pages on that blog and home page and not posts. Why was this changed and when? Thanks for any advice. " BackuPs 9 45779 probable issue in Plugin activation hook Plugins normal normal Awaiting Review defect (bug) new 2018-12-27T13:38:13Z 2019-01-07T00:17:08Z "i.e. if we have a simplest plugin: {{{ <?php /* * Plugin Name: example-1 */ register_activation_hook(__FILE__, ""my"" ); function my($network_wide) { if($network_wide || is_network_admin()) { die(""Activation from Network""); } } }}} and you try to activate it from Network, you get such empty screen: [[Image(https://i.imgur.com/Jhib3Pm.png)]] Probably the reason, as far as I can understand, is that, as the plugin is activated within the external sandbox call, and if it sees an error, it returns with activation-failure and then in `iframe`, it tries to load the activated plugin in order to be able to see the error message. However, as I doubt, in the first call, the `$newtork_wide || is_network_admin()` is evaluated to true, causing the `die` to be triggered. however, while WP tries to show the `iframe`, then there is not seen the error, as i suspect that `$newtork_wide || is_network_admin()` is evaluated to false. that makes some problems to plugin developers if they target activation from Network or Single-Site. Will be good if that will be addressed." tazotodua 3 45782 Images in blocks auto left align when centre align selected close Editor 5.0.2 normal normal Awaiting Review defect (bug) new 2018-12-27T22:25:43Z 2021-07-27T20:08:20Z When using Gutenberg block editor, images are automatically left aligning in preview and publish mode although in edit mode images are centre aligned. Confirmed in CSS code too. lifeadventurers 5 45783 Upgrades Page: Improve design Upgrade/Install normal normal Awaiting Review feature request new 2018-12-27T23:27:00Z 2021-06-05T12:35:41Z "I am opening a new ticket as I am not sure if there already is one available. The following is based on initial wireframes made two years ago: https://make.wordpress.org/core/2016/06/02/proposal-more-shiny-updates/ I have broaded it. I am including two wireframes suggesting how we can handle automatic updates for Core. I also have a blog post that I made in relation to this here: https://easywebdesigntutorials.com/automatic-updates-for-wordpress-core/ " paaljoachim 5 45784 Pages and archives containing /[0-9]/ should redirect or redirect correctly Permalinks 5.0.2 normal normal Awaiting Review defect (bug) new 2018-12-28T03:56:06Z 2019-01-07T00:33:55Z "With default settings, https://www.example.com/0 should redirect to https://www.example.com/ but doesn't and instead redirects to https://www.example.com/0/ https://www.example.com/page/0 should redirect to https://www.example.com/ but doesn't and instead redirects to https://www.example.com/page/0/ https://www.example.com/2018/1/25/post-name/ should redirect to https://www.example.com/2018/01/25/post-name but doesn't. So basically there is some issue about redirection with pages containing /[0-9]/ " superpoincare 1 45795 Twenty Nineteen: missing license information for assets williampatton has-patch Bundled Theme high normal Future Release defect (bug) assigned 2018-12-30T14:54:22Z 2023-07-11T04:41:15Z "The themes readme.txt file is missing license and copyright information for the bundled svg icons. In twentynineteen\classes\class-twentynineteen-svg-icons.php we can find references like: {{{ 'link' => /* material-design – link */ ' }}} But there is no other information about where the icons are from, The theme needs to be 100% compatible with GPL, and it needs to include the license and copyright information for all assets. If there are other assets included that are missing this information, that needs to be added as well. " poena 35 45796 Twenty Nineteen: Mobile menu needs improvement for navigating on touchscreen via keyboard Bundled Theme 5.0 normal normal Future Release defect (bug) new 2018-12-30T19:32:14Z 2020-02-24T21:03:04Z "Copied over from https://github.com/WordPress/twentynineteen/issues/723#issuecomment-450173083 (hattip @afercia): When the ""more"" menu is expanded on a touchscreen device, there are several hidden tab stops that cause issues when navigating the site via keyboard. These are: * hidden sub-menu items are still focusable * all the links in the page are still focusable When the menu is open it's still possible to tab away from the menu and navigate with the keyboard through all the focusable elements in the page. If the intent is to show a full-screen menu, the menu should behave like a modal and tabbing should be constrained within the modal." laurelfulford 2 45801 Duplicate post publish action Posts, Post Types 5.0.2 normal normal Awaiting Review defect (bug) new 2018-12-31T21:53:44Z 2019-01-07T08:37:45Z "I'll try to keep this short. Action ""publish_to_publish"" is being called twice when updating a published post under some circumstances. Web server registers two calls (one to index.php, one to /wp-admin/post.php). First call appears to update the content and non-meta data. Second call updates data from meta blocks. Specifics: Any theme or plugin that adds meta data to a post forces a second call to the update process with the meta block data. Problem: Any plugin that performs actions based on ""publish_to_publish"" is being called twice. In my specific instance the Better Notifications for WordPress plugin sends notifications mails doubled. Wordpress version: 5.0.2 Theme: Customify, no plugins Or Theme: TwentyNineteen, and Plugin: Profile Builder Basically anything that adds meta-data to a post object causes a second, duplicate, action. If meta-data updates should trigger a second action, how can a plugin detect that there has been an additional call?" bmettee4 45802 media_upload_tabs not supported in 5.0? Media normal normal WordPress.org defect (bug) reopened 2019-01-01T04:37:22Z 2019-06-04T19:16:22Z "I noticed the instructions here are incorrect at least for the latest WordPress 5.0 https://codex.wordpress.org/Inserting_Media_into_Posts_and_Pages At least, I can't seem to find the add media and it appears to be replaced by Gallery and Image, which shows upload/media-library/insert-from-url. Unfortunately it looks like there is no longer a way to get to this dialog and use extra upload-tabs to the left on the dialog shown in the tutorial linked above. In other words [https://developer.wordpress.org/reference/hooks/media_upload_tabs/ media_upload_tabs] doesn't do anything? If so, it should probably note this on that filter page and on the codex page. " programmin 3 45804 Make WP_Hook gather callback performance information Plugins normal normal Awaiting Review enhancement new 2019-01-01T09:46:09Z 2019-09-23T19:14:00Z "The Hook API represents one of the most interesting parts of core from performance point of view. It is both widely used and implementation is in userland code, as opposed to language features (such as standalone function calls). However as of current implementation (`WP_Hook` class) it is a huge challenge to gather profiling information from it in safe and compatible way. Class itself is `final` and instances cannot be effectively replaced. Injecting custom logic at `all` hook and reimplementing hook execution in extension code is possible, but risky. I suggest we implement `WP_Hook` natively logging origin and duration times for executed callbacks. The information can be added to callback record which is in public access space and will not cause any backwards incompatible changes. My draft suggestion would be something like this (notably to account for multiple executions of hook/callback): {{{ [ 'function' => ... 'accepted_args' => ... 'runs' => [ [ 'start' => ..., 'duration' => ... ], [ 'start' => ..., 'duration' => ... ], [ 'start' => ..., 'duration' => ... ], ] ] }}} Main concern would be resource cost, with sites possibly calling tens of thousands of hooks. I think resource overhead should be reasonable with only adding two floats to array and no complex calls or calculations. This can be tested and profiled on a proof of concept implementation. The possible mitigation to runtime costs can be making the feature opt–in with flag analogous to `SAVEQUERIES`, for example `SAVE_HOOK_TIME`. The possible mitigation to memory costs can be implementing cut off limit to amount of timings stored, e.g. start discarding old records when a certain limit of X records is reached for a callback. If there is agreement on feasibility I will work on a patch." Rarst 5 45813 PDF preview images are not generated Media normal normal Future Release defect (bug) new 2019-01-02T20:33:24Z 2023-07-02T13:39:07Z "I discovered this when the test suite started failing in my local environment using VVV. Recently, ImageMagick updated it's `policy.xml` file to [https://git.launchpad.net/ubuntu/+source/imagemagick/tree/debian/patches/300-disable-ghostscript-formats.patch?id=be94d865776b391a60323603b1cc002213c37c39 remove rights for PDF files from Ghostscript]. After this change, a `WP_Error` is [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/image.php#L264 returned by `wp_get_image_editor()` when a PDF file is passed]. This prevents preview images from being generated and causes the test failures due to lack of metadata. The PDF tests check that the selected image editor supports PDF images using `wp_image_editor_supports()` before running, but this does not seem to be catching this change (`Imagick::queryFormats()` indicates support for PDFs even when rights are removed). This can be fixed bychanging the `rights` attribute for PDFs to `read|write`, or commenting out that line in the `/etc/ImageMagick/policy.xml` file. More info: https://alexvanderbist.com/posts/2018/fixing-imagick-error-unauthorized " desrosj 13 45816 Reset password is not working reporter-feedback Login and Registration 5.0.1 normal normal Awaiting Review defect (bug) new 2019-01-03T14:58:29Z 2019-01-07T10:18:55Z "Hello When I update wordpress version-5.0.1, I have not getting reset link on mail. I am using ""Pie Register – Custom Registration Form and User Login WordPress Plugin"" this plugin for login-registration." poojabeeline 1 45818 ALLOW_UNFILTERED_UPLOADS does not work on multisite Upload normal normal Awaiting Review defect (bug) new 2019-01-03T16:25:01Z 2022-09-22T17:34:48Z "In a multisite environment ALLOW_UNFILTERED_UPLOADS does not work. It only works for super admin. /wp-includes/capabilities.php line ~385. {{{#!php <?php case 'unfiltered_upload': if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin( $user_id ) ) ) $caps[] = $cap; else $caps[] = 'do_not_allow'; break; }}} I have a site where the client needs to be able to upload files that are created by various CAD applications, too numerous to name them all, I don't even know them all. The mime type varies on these file depending on what application is creating them, there seems to be no standardization for extension/mime type in CAD applications and each file extension is only allowed a single mime type. Due to this I must constantly fiddle with the allowed files and mime types so that they can upload them. This is ridonkulous as there seems to be no other way on multisite to allow unfiltered uploads." Hube2 4 45819 when {category|tag}_base include spaces their rewrite rules don't get generated correctly, resulting in 404's Permalinks normal normal Awaiting Review defect (bug) new 2019-01-03T17:00:58Z 2019-01-03T17:00:58Z "Steps to reproduce: 1. Go to Settings > Permalinks 2. Enter ""this is a test"" in the `category_base` field 3. Click ""Save Changes"" 4. Notice that `category_base` gets saved as ""this%20is%20a%20test"". 5. Notice that the rewrite rules such as the following get generated: {{{ 'this%20is%20a%test/(.+?)?$' => 'index.php?%20was%$matches[1]&%20test%$matches[2]' }}} instead of (what I imagine the correct rule would be) {{{ 'this%20is%20a%test/(.+?)?$' => 'index.php?category_name=$matches[1] }}} I'm not sure whether the best thing to do is to disallow spaces in `{category|tag}_base` or to fix`WP_Rewrite::generate_rewrite_rules()` to generate correct rules if they do include spaces." pbiron 45825 Use of same loop variable in inner foreach loop can be error-prone has-patch Upgrade/Install 5.0.2 low trivial Future Release enhancement new 2019-01-04T11:06:20Z 2019-04-15T06:24:06Z "It is not a good practice and not recommended to use the same loop variable in both outer and inner loop. In `wp-admin/install-helper.php` function `maybe_drop_column` does the following: {{{ function maybe_drop_column( $table_name, $column_name, $drop_ddl ) { ... foreach( ... as $column ) { ... foreach( ... as $columns ) { ... } } } }}} I would recommend to change the inner loop variable to `$recheck_column`." subrataemfluence 2 45829 New editor replaces > with > within <pre> tag dev-feedback Editor 5.0.2 normal major Awaiting Review defect (bug) new 2019-01-04T13:09:07Z 2020-01-14T19:07:58Z "Hi, I just updated to WordPress 5 and started using the new block editor. I typeset source code in my posts using a <pre> tag. This code contains a > comparison operator. Upon saving my draft, > gets replaced with >, and this entity is also displayed in the article preview. This happens even if I disable the visual editor. The old editor does not present this bug and installing the Classic Editor extension allowed me to work around this." yannsalmon 2 45830 wp_update_user does not use the pluggable wp_set_password to change a user password has-patch Users 5.0.2 normal normal Awaiting Review defect (bug) new 2019-01-04T13:56:01Z 2019-01-10T17:34:54Z "wp_update_user does not use the pluggable wp_set_password to change a user password and instead updates it directly in the DB. This means that any plugin replacing wp_set_password will be incorrectly bypassed. It directly means the `reset_password` hook is skipped. The comment at the start of wp_update_user should also be removed as it encourages bad behaviour: {{{ * It is possible to update a user's password by specifying the 'user_pass' * value in the $userdata parameter array. }}} I would suggest a simple code fix. Replace this: {{{ if ( ! empty( $userdata['user_pass'] ) && $userdata['user_pass'] !== $user_obj->user_pass ) { // If password is changing, hash it now $plaintext_pass = $userdata['user_pass']; $userdata['user_pass'] = wp_hash_password( $userdata['user_pass'] ); }}} with this: {{{ if ( ! empty( $userdata['user_pass'] )) { wp_set_password($userdata['user_pass'], $ID); }}} " couling 1 45832 php-pm support General normal normal Future Release feature request new 2019-01-04T14:03:25Z 2019-01-14T21:52:28Z "Hi, this is more of a question/discussion starter about [[https://github.com/php-pm/php-pm|php-pm]] support. On php-pm github page it's stated that: > For all WordPress lovers out there: PPM is not going to work with WordPress due to the lack of request-response abstraction. We highly doubt that WordPress is ever going to be compatible because its architecture is written in a way that makes it currently impossible to serve multiple requests in one application process. Are there any plans to support it? Has anyone thought about adding support for request-response abstraction?" calin 2 45839 Use site meta for blog details dev-feedback Networks and Sites 4.6 normal normal Awaiting Review enhancement new 2019-01-05T06:32:13Z 2020-03-29T18:18:06Z Currently details about each site is received from each site's options. This means, that every time a WP_Site object is loaded, it may end up calling switch_to_blog. This is expensive and wasteful. This fields should be cached in site meta, which will improve load times and makes it easier to manage. spacedmonkey 45852 Tick Box Open link in new tab... Editor 5.0.2 normal normal Awaiting Review defect (bug) new 2019-01-07T14:30:58Z 2020-01-22T06:26:44Z "I've found that when I insert a link into a new page and I edit the link, although I can tick in the edit box, open link in new tab, it does not work. The link opens in the same page and when I go back and tick the box again, it still does not work. The check-box isn't sending the command to open the link in a new tab. Many thanks. I can wait. " Motorised 3 45853 Videos embedded in a plugins readme.txt does not load while searching for a plugin in an actual WP install (not wp.org) Plugins 5.0.2 normal normal Awaiting Review defect (bug) new 2019-01-07T16:06:38Z 2022-03-07T15:37:45Z "If you embed a video within your plugins readme.txt file it only shows the video on the wp.org website, videos do not load when you're searching for a plugin via an actual WordPress install. In addition, if you install a plugin and click on ""View Details"" to learn more about the plugin, the video also does not load here either. Inspect element shows an empty span tag: {{{ <span class=""embed-youtube""></span> }}} This should either embed the video or at the least display a link to the video. Here's an example plugin for reference: https://wordpress.org/plugins/simple-icons/" thememason 1 45854 "Avoid printf/sprintf strings to be ""double-quoted""" close General normal normal Awaiting Review defect (bug) new 2019-01-07T18:31:46Z 2021-08-04T18:33:58Z "No need to have double quoted strings in printf/sprintf. Strings do not need to be evaluated by php. Less cpu, less energy and a nicer planet ! patch sample hereattached. " arena 3 45858 Twenty Nineteen: Container content cut off on the right for specific browser widths has-patch Bundled Theme normal normal Awaiting Review defect (bug) new 2019-01-08T04:20:56Z 2019-01-31T22:20:41Z "Originally reproduced here: https://github.com/Automattic/jetpack/issues/11058 **Steps to reproduce:** - Install Twenty Nineteen on a site - Create a post or a page - Write content (or, what works best for reproducing is when one is using Jetpack's tiled gallery with circles layout) - Add a few images on that tiled gallery **What is expected?** The images appear in circles layout in full **What happens instead?** A few images are cut off, on the right **Notes:** After a bit of investigation on that Jetpack issue, the issue seems to be specific to this CSS declaration: {{{ @media only screen and (min-width: 1168px) { .entry .entry-content > *, .entry .entry-summary > * { max-width: calc(6 * (100vw / 12) - 28px); } } }}} It seems to impact all containers at specific browser widths." arunsathiya 1 45861 Global variable in plugin main file dev-feedback Plugins normal normal Awaiting Review defect (bug) new 2019-01-08T10:51:14Z 2019-01-09T06:59:04Z "In the main plugin file, if we declare a variable, it will be used as a global variable in WordPress. This might lead to conflict for global variable names. The code is in [https://core.trac.wordpress.org/browser/trunk/src/wp-settings.php#L342 wp-settings.php] file. A simple fix is creating a function to load a plugin and include main plugin file inside that function. So the scope is function scope, not global scope." rilwis 2 45864 On list page All(x) count does not consider Trash items. Hence Trash should appear differently dev-feedback Posts, Post Types 5.0.2 normal normal Awaiting Review enhancement new 2019-01-08T13:29:48Z 2019-05-22T12:33:17Z "I find it confusing with the way WordPress shows `All(xx)` along with a broken down counts of each status when we have trashed items, `All(xx)` only considers un-trashed posts. So I feel displaying `Trash(xx)` exactly as rest of the status is not visually right. Since Trashed items are not considered in `All` count, it needs to be displayed a bit differently. I think if we can do something like the following it will look more logical. 1. Increase left margin before `Trash(xx)` so that it looks a bit separated. 2. Change the color of Trash link to `#dc3232`. Since `Delete Permanently` and `Trash` links are also using red color. 3. One more observation. We are writing `Published`, `Scheduled`, so I think rather `Trashed` could be used instead of `Trash` to match the rest. Here is a proposed solution: File: `/wp-admin/css/common.css` {{{ .subsubsub li.trash-posts { margin-left: 2rem; } .subsubsub li.trash-posts a { color: #dc3232; } }}} File: `wp-admin/includes/class-wp-list-table.php` {{{#!php <?php public function views() { ... foreach ( $views as $class => $view ) { if( 'trash' === $class ) { $views[$class] = ""\t<li class='$class trash-posts'>$view""; } else { $views[$class] = ""\t<li class='$class'>$view""; } } ... } }}} File: `wp-includes/post.php` {{{#!php <?php register_post_status( 'trash', array( 'label' => _x( 'Trash', 'post status' ), ... ... 'label_count' => _n_noop( 'Trash <span class=""count"">(%s)</span>', 'Trashed <span class=""count"">(%s)</span>' ), ... ) ); }}} Please let me know if this makes sense." subrataemfluence 45874 Content Section is overlapping the menu background valentinbora* reporter-feedback Administration 5.0.2 normal trivial Awaiting Review enhancement accepted 2019-01-09T12:36:13Z 2024-01-17T20:19:39Z "Hi, Just uploading some content into WordPress dashboard and saw a little layout bug, I'm not sure if it is kept like this but I thought, maybe it should be behind the menu background completely. As I have uploaded a screenshot, once the menu height finishes then the content is showing below. it should be behind the menu bar. [[Image(http://ahmadgulzar.com/wpscr.png)]] it can be fixed by just changing z-index of #adminmenuback from 1 to 3 {{{ #adminmenuback { position: fixed; top: 0; bottom: -120px; z-index: 3; } }}} Thanks " ahmadgulzar 1 45878 Twenty Nineteen: Search widget input field width is too narrow on wide screens has-patch Bundled Theme 5.0.2 normal normal Awaiting Review enhancement reopened 2019-01-09T14:02:14Z 2019-03-05T16:37:55Z "At screens below ~600px, the search input field is 100% of the parent container, but above that it changes to `width: auto;` which causes it to shrink to ~170px. I suggest we make that a little larger by removing auto and setting a max-width in the CSS. Below 598px: [[Image(https://cldup.com/N7c64xcdCn-2000x2000.png)]] Above 600px: [[Image(https://cldup.com/8WGvnHWHLQ-3000x3000.png)]] --- This issue was migrated over from Twenty Nineteen's GitHub repository: https://github.com/WordPress/twentynineteen/issues/747" crunnells 1 45879 WP_User::set_role() does not remove previous roles Role/Capability normal normal Awaiting Review defect (bug) new 2019-01-09T14:28:45Z 2019-01-09T14:39:00Z "If a user has a role that has been removed from WordPress by using remove_role() this role is not removed when using WP_User::set_role() on the user. Example: remove_role('subscriber') has been used on the install removing the subscriber role from available roles. A new user is created with wp_create_user() The new user is automatically assigned the role subscriber (which does not exist) The new users role is set using WP_User::set_role() In the database, the usermeta row with capabilities for the new user still contains the subscriber role and the new role is given an index of 1 instead of 0 in the $user->roles array. Expected result: WP_User::set_role() should effectively remove all previous roles from the user even if they have been removed from WordPress with remove_role(). " fried_eggz 45882 REST Block Renderer: Fails when using the Advanced > Additional CSS Class functionality Editor normal normal Future Release defect (bug) new 2019-01-09T15:16:52Z 2019-05-31T10:17:17Z "When creating a block with a `ServerSideRender` component and using the ""Additional CSS Class"" block option, the rendering breaks with this HTTP response: `{""code"":""rest_invalid_param"",""message"":""Invalid parameter(s): attributes"",""data"":{""status"":400,""params"":{""attributes"":""className is not a valid property of Object.""}}}` The reason for this is that the Block Renderer just takes the list of default attributes and `className` is not one of them. I came across this when actually introducing another attribute via a `editor.BlockEdit` filter which adds an attribute to all blocks but there is no chance to tell the REST renderer about it. I first submitted this as https://github.com/WordPress/gutenberg/pull/13249" akirk 8 45886 Media modal .edit-attachment link opens in new tab rather than in modal antpb Media 5.0.2 normal normal Future Release defect (bug) assigned 2019-01-09T19:52:31Z 2020-09-05T12:12:37Z "Using the `wp.media` JavaScript API creates a link ""Edit Image"" (`.edit-attachment`) in the right sidebar of the Media modal. Expected behavior would be to open the ""Edit Image"" modal, as does the Featured Image media modal. However, the custom Media modal does not behave consistently with the Featured Image modal - the `.edit-attachment` link opens in a new tab instead of the modal - which is both unintuitive and frustrating to end-users. The console does not display any warnings or errors. Custom media modal as documented: [https://codex.wordpress.org/Javascript_Reference/wp.media] As a side note, I have noticed similar behavior in the WordPress Media page: Media (Admin Sidebar) -> Click a picture -> Edit more Details This also fails to open the modal - and opens in the current page instead. " statelessstudio 7 45894 is_home conditional tag returns incorrect value with home pagination has-patch Query 5.0.2 normal normal Awaiting Review defect (bug) new 2019-01-10T00:29:26Z 2019-01-10T12:23:45Z "I create a index page with simple posts loop that paginate with 'the_posts_pagination' function, in default index 'is_home' returns true but when I navigate to page 2, 'is_home' returns true again! The reading options is set on default values. I check $wp_query in these 2 page, when 'is_page' is true we aren't in home. So I add this condition and create the patch." man4toman 2 45897 Chinese page uri dump fail has-patch I18N 5.0.2 normal normal Awaiting Review defect (bug) new 2019-01-10T07:17:56Z 2022-06-22T01:19:11Z "In theme home page , dump fail when clike message page if uri is chinese. In file wp-includes/class-wp.php, should modify like this: {{{ list( $req_uri ) = explode( '?', urldecode( $_SERVER['REQUEST_URI'] ) ); }}}" zh1995 2 45900 Twenty Nineteen: WordPress embed width does not match between front and back end has-patch Bundled Theme 5.0.2 normal normal Awaiting Review defect (bug) new 2019-01-10T14:28:39Z 2019-01-10T14:56:16Z "As originally reported by @bph on the Twenty Nineteen GitHub repository: https://github.com/WordPress/twentynineteen/issues/736 It's possible this applies to more types of embeds as well. ---- **Editor Screenshots** Normal [[Image(https://cldup.com/BHgla9VUPO-1200x1200.png)]] Wide [[Image(https://cldup.com/Ux-6Cf5s92-1200x1200.png)]] Full [[Image(https://cldup.com/aHoyAtD_gQ-3000x3000.png)]] ---- **Front End Screenshots:** Normal [[Image(https://cldup.com/3qmWq9UaLu-3000x3000.png)]] Wide [[Image(https://cldup.com/3qmWq9UaLu-3000x3000.png)]] Full [[Image(https://cldup.com/OeugId-DEO-3000x3000.png)]]" kjellr 1 45901 Twenty Nineteen: On single posts with featured images, tall menus appear clipped Bundled Theme normal normal Future Release defect (bug) new 2019-01-10T14:56:59Z 2021-05-11T20:00:58Z "When viewing posts with featured images on desktop screens, tall menus are contained only within the featured image/header area. Overflow is cut off: [[Image(https://cldup.com/qMVpzNV5XH.thumb.png)]] A fix (removing `overflow: hidden;` from `.site-header.featured-image`) was pursued over on the Twenty Nineteen Github, but it led to problems in Internet Explorer: https://github.com/WordPress/twentynineteen/pull/724 --- Originally reported on the Twenty Nineteen GitHub repository: https://github.com/WordPress/twentynineteen/issues/720 " kjellr 3 45902 Twenty Nineteen: Mobile menu isn't scrollable Bundled Theme 5.0 normal normal Future Release defect (bug) new 2019-01-10T15:08:19Z 2020-02-24T21:08:50Z "As originally reported by @anevins in the Twenty Nineteen GitHub repo: https://github.com/WordPress/twentynineteen/issues/713 Twenty Nineteen's mobile menu uses a `fixed` position, and does not allow for vertical scrolling when menu items extend beyond the screen height. In this screenshot for instance, it's impossible to scroll down and see the additional menu items: [[Image(https://cldup.com/-nMFdadUIZ-3000x3000.png)]] Normally, this would be solved by applying `display: block` (instead of `table`), and `overflow-x: scroll` to the submenu. However, in this case, that results in long menus visible under their children submenus: [[Image(https://cldup.com/x3H73ceFfZ.gif)]]" kjellr 45903 Twenty Nineteen: Some menu clicks trigger console errors audrasjb has-patch Bundled Theme 5.0 normal normal Future Release defect (bug) assigned 2019-01-10T15:50:18Z 2023-06-21T21:30:27Z "There are two scenarios where the Twenty Nineteen menu javascript triggers console errors: ---- First, on desktop screens, clicking the main navigation arrows produce the following error: {{{ TypeError: event.target.matches is not a function[Learn More] 4 touch-keyboard-navigation.js:285:9 toggleSubmenuDisplay/< ../wp-content/themes/twentynineteen/js/touch-keyboard-navigation.js:285:9 }}} [[Image(https://cldup.com/PqsNUSgudV.gif)]] Originally reported by @joyously in: https://github.com/WordPress/twentynineteen/issues/596 ---- Second, on touch-enabled screens, tapping menu items that have empty (`#`) `href` attributes result in the following console errors: {{{ TypeError: event.target.nextSibling is null[Learn More] touch-keyboard-navigation.js:223:5 toggleSubmenuDisplay/< ../wp-content/themes/twentynineteen/js/touch-keyboard-navigation.js:223:5 sendTouchEvent resource://devtools/server/actors/emulation/touch-simulator.js:301:5 handleEvent resource://devtools/server/actors/emulation/touch-simulator.js:212:7 TypeError: event.target.matches is not a function[Learn More] touch-keyboard-navigation.js:277:9 toggleSubmenuDisplay/< http://core.test/wp-content/themes/twentynineteen/js/touch-keyboard-navigation.js:277:9 }}} Originally reported in: https://github.com/WordPress/twentynineteen/issues/726 ---- It looks like a possible fix for one of these was explored by @jmau in the following PR, but it has not yet been tested: https://github.com/WordPress/twentynineteen/pull/753/files" kjellr 19 45904 Twenty Nineteen: .button doesn't override link color Bundled Theme 5.0 normal normal Future Release defect (bug) new 2019-01-10T16:00:41Z 2024-02-01T08:48:17Z "Originally reported by @crunnells in Twenty Nineteen's GitHub repo: I noticed this one [https://2019.wordpress.net/ the theme demo site] when I tried to change the ""Get in touch"" button into a link. If you put a link inside of an element with the `.button` class, the link color is the same color blue as the background, so the text can't be read. The same thing occurs when you try `<a href=""#"" class=""button"">`, so we'll need to have an override on the link color so that it's readable. Moved over from: https://github.com/WordPress/twentynineteen/issues/746" laurelfulford 2 45906 Twenty Nineteen: Wide alignment does not match front-end when the sidebar is active Bundled Theme 5.0.2 normal normal Future Release defect (bug) new 2019-01-10T16:28:48Z 2019-01-23T21:00:24Z "Originally reported in Twenty Nineteen's GitHub repo by @afercia: When viewing in the editor, the 'wide' block is not the same width as it appears on the front-end, when the sidebars in the editor are open. In the front-end, the wide image is always larger than the paragraph content even at smaller viewports, until it goes fully responsive under 768. This is not the case in the editor, so the views don't match. Steps to replicate: 1. In the editor, add an Image block and set it to 'wide' width. 2. Add a paragraph block, and give it a background colour (to better see it's size). 3. Compare their widths when the editor sidebars are open; the paragraph and wide image appear to be the same width. 4. Publish the page. 5. View the front-end, and note the 'wide' image and paragraphs are not the same width. Original ticket here: https://github.com/WordPress/twentynineteen/issues/667" laurelfulford 45907 Twenty Nineteen: Right-aligned, uncaptioned images inserted via the Classic Editor do not extend beyond the text column has-patch Bundled Theme 5.0 normal normal Future Release defect (bug) new 2019-01-10T16:33:20Z 2020-02-21T15:15:42Z "Originally reported by @joyously on the Twenty Nineteen GitHub repo: https://github.com/WordPress/twentynineteen/issues/688 The Twenty Nineteen is designed to have right-aligned elements extend beyond the text column like so: [[Image(https://cldup.com/jqNamSAitA-1200x1200.png)]] This works in all cases ''except'' under the following conditions: 1. An image has been inserted via the Classic Editor. 2. The image is floated right. 3. The image does not have a caption. In that case, the image will appear tucked into the text column: [[Image(https://cldup.com/b_oMnbi4XQ-1200x1200.png)]] In that case, the images are housed within paragraph tags. For example: {{{ <p> <img src=""#"" class=""alignright""> This is some text that the image will float around. </p> }}} The `<p>` inherits our max-width styles, and prevents the image from extending beyond the content column. In order to have the image extend beyond the paragraph's width, we'd need to pull it out via negative margins or relative positioning of some sort. The markup would be very different from the markup we're currently using for all other cases though — I'm not personally sure it's worth sorting out for this single use case, but leaving the issue here in case anyone comes across a simple solution. " kjellr 9 45910 Improve and extend focus styles for Windows High Contrast mode joedolson* Administration normal normal 6.6 defect (bug) accepted 2019-01-10T16:54:41Z 2024-02-20T15:18:52Z "See [44544] and #41286. [44544] introduced new focus styles for the Windows High Contrast mode only for the main user interface elements like buttons, links, media views elements. In order to cover all the controls in the admin, there's the need to explore the admin parts that make use of uncommon styles or don't inherit the relevant CSS, for example the Customizer, the themes browser, etc. Some thorough testing on Windows would be greatly appreciated. " afercia 9 45911 Twenty Nineteen: Add archive descriptions dev-feedback Bundled Theme 5.0.2 normal normal Awaiting Review enhancement new 2019-01-10T16:56:53Z 2023-04-17T11:02:28Z "Originally reported by @dannycooper in Twenty Nineteen's GitHub repo: Archive descriptions weren't originally included in the theme's design, but it's been suggested they be added now. @kjellr created a mockup of what they should look like. Original issue here: https://github.com/WordPress/twentynineteen/issues/256" laurelfulford 2 45913 wp_enqueue_media() - slow query Media 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-10T17:11:32Z 2020-04-01T09:25:14Z "I have sites with very large databases and I've noticed some slow queries since 5.0.3 on new/edit post screens: {{{ SELECT DISTINCT YEAR( post_date ) AS year, MONTH( post_date ) AS month FROM wp_posts WHERE post_type = 'attachment' ORDER BY post_date DESC }}} This query is coming from wp_enqueue_media() I am using php 7.2.1, MySQL 5.7.24" lubimow 2 45917 Twenty Nineteen: Consider adding a search option in the page header Bundled Theme 5.0.2 normal normal Future Release enhancement new 2019-01-10T18:50:26Z 2019-08-12T19:08:09Z "Originally noted by @dartiss in the Twenty Nineteen GitHub repository: https://github.com/WordPress/twentynineteen/issues/583 Twenty Nineteen only has one widget area (in the page footer) and does not allow users to place a search field on the top of the page. Many users would likely benefit from that functionality, so it could be considered for a future release. " kjellr 1 45919 Twenty Nineteen: Improve comments in `twentynineteen_setup` Bundled Theme 5.0.2 normal normal Future Release enhancement new 2019-01-10T19:07:51Z 2020-11-25T00:04:40Z "Originally reported by @joyously in the Twenty Nineteen GitHub repo: The new interfaces for the editor should be clear and instructive. Many people will look to this theme for ""How To"" information. The comments need to indicate what the add_theme_support really does. The call for the old editor should be marked as such. Currently, it's a bit sparse: {{{ // Add support for Block Styles. add_theme_support( 'wp-block-styles' ); // Add support for full and wide align images. add_theme_support( 'align-wide' ); // Add support for editor styles. add_theme_support( 'editor-styles' ); // Enqueue editor styles. add_editor_style( 'style-editor.css' ); // Editor color palette. add_theme_support( 'editor-color-palette', array( array( 'name' => __( 'Primary Color', 'twentynineteen' ), 'slug' => 'primary', 'color' => twentynineteen_hsl_hex( 'default' === get_theme_mod( 'primary_color' ) ? 199 : get_theme_mod( 'primary_color_hue', 199 ), 100, 33 ), ), ) ); // Add support for responsive embedded content. add_theme_support( 'responsive-embeds' ); }}} There is also a separate function for enqueuing `twentynineteen-editor-customizer-styles` which should have good comments. This handle name is questionable, because it is editor and customizer, so it's confusing. Does it need to say customizer? If I'm looking at this to figure out how to change my theme for the new editor, I can't really tell what's what. Copied over from: https://github.com/WordPress/twentynineteen/issues/634" laurelfulford 1 45924 "Twenty Nineteen: Consider making the ""—"" divider in the header translatable." has-patch Bundled Theme 5.0.2 low normal Future Release enhancement new 2019-01-10T20:32:57Z 2019-04-24T14:38:01Z "Twenty Nineteen uses an em dash to separate the site title from the tagline: [[Image(https://cldup.com/n92WHtHO2t-3000x3000.png)]] As originally noted by @pixolin in the Twenty Nineteen GitHub repository, in non-english languages, the em dash is not always the most appropriate/common character for this situation. To address this, we should consider allowing this to be translatable. Note that the em dash is currently inserted (and hidden when appropriate) via CSS, so this could require a bit of a reworking of that functionality. Original report: https://github.com/WordPress/twentynineteen/issues/557" kjellr 1 45928 Twenty Nineteen: Add a filter to the $primary_color variable has-patch Bundled Theme normal normal Future Release enhancement reviewing 2019-01-10T22:21:51Z 2020-02-21T17:51:36Z "There should be a filter added to the `$primary_color` variable, so that child-themes and plugins can override the built-in default primary color if they choose. Currently, saturation, lightness, and selected text-color can all be filtered. Once the primary color is also filterable, it’ll allow for child themes and plugins to fully customize the color dynamics in the theme. See: https://core.trac.wordpress.org/browser/trunk/src/wp-content/themes/twentynineteen/inc/color-patterns.php#L15" allancole 17 45936 Insert empty record reporter-feedback General normal normal Awaiting Review defect (bug) new 2019-01-11T08:52:24Z 2019-01-12T08:19:30Z "I fall upon a small bug when trying to insert an empty record in a custom table. To reproduce, just create a basic table 'my_table' and use this code: {{{ $wpdb->insert( 'my_table' array(), array() ); }}} which produce this mysql: {{{ ""INSERT INTO `my_table` (``) VALUES ()"" }}} which throw an error. So instead I would like it produces this result: {{{ ""INSERT INTO `my_table` () VALUES ()"" }}} Which would just achieve the expected result: create an empty record. Now the fixing is very easy: just replace this line (/wp-include/wp-db.php line 2087, {{{_insert_replace_helper}}} function) {{{ $fields = '`' . implode( '`, `', array_keys( $data ) ) . '`'; }}} by {{{ $fields = $data ? '`' . implode( '`, `', array_keys( $data ) ) . '`' : ''; }}} " maximeschoeni 2 45938 Adding new term meta fails if column is wrapped in a conditional dev-feedback Taxonomy 5.0.2 normal normal Awaiting Review defect (bug) new 2019-01-11T12:06:33Z 2019-02-01T05:29:27Z "I have created two custom taxonomies in my custom post type, and I have added one callback to render new columns in the taxonomy screen. Since the two taxonomies share one column, but don't share another I created something like this: {{{#!php <?php add_filter( 'manage_edit-tax1_columns', 'taxonomy_additional_columns' ); add_filter( 'manage_edit-tax2_columns', 'taxonomy_additional_columns' ); function taxonomy_additional_columns( $columns ) { $columns[ 'column1' ] = esc_html__( 'Column 1', 'plugin-name' ); if ( isset( ( get_current_screen() )->taxonomy ) && ( get_current_screen() )->taxonomy === 'tax2' ) { $columns[ 'column2' ] = esc_html__( 'Column 2', 'plugin-name' ); } return $columns; } // Render content in columns add_filter( 'manage_tax1_custom_column', 'render_column_content', 10, 3 ); add_filter( 'manage_tax2_custom_column', 'render_column_content', 10, 3 ); function render_column_content( $content, $column_name, $term_id ) { switch ( $column_name ) { case... // render content from term meta } return $content; } }}} While this works, it has a strange bug that's related to the fact that the taxonomy terms are added using ajax and the added conditional check. When you create a term in the second taxonomy, the term is added but the second column is empty until you refresh the page. I haven't dug much deeper as to why this happens. I guess that the `get_current_screen()` isn't available in the ajax callback or something like this. The workaround is to create two separate functions for adding columns and duplicate the first column." dingo_d 45939 Coding Standards: fix <br/> in core files has-patch General normal normal Future Release defect (bug) reviewing 2019-01-11T12:21:14Z 2020-02-21T17:56:52Z "In order to [https://make.wordpress.org/core/handbook/best-practices/coding-standards/html/#self-closing-elements self-closing-elements], a single space should precede the self-closing slash. I created this patch for version 5.0.3, but this version isn't on ticket version selector." man4toman 2 45943 Twenty Nineteen: Consider adding additional social media icons has-patch Bundled Theme 5.0 low normal Awaiting Review enhancement new 2019-01-11T19:10:22Z 2022-10-04T02:26:09Z "There have been a handful of requests for additional icons to be added to the social media links iconset in Twenty Nineteen: - Wikipedia (Proposed by @klaas1): https://github.com/WordPress/twentynineteen/pull/707 - Discord (Proposed by @silas2209): https://github.com/WordPress/twentynineteen/pull/705 - Mastodon (Proposed by Marko Saric): https://github.com/WordPress/twentynineteen/issues/711 Wikipedia and Discord have working patches already (attached): [[Image(https://cldup.com/e-JpiWU-h9-3000x3000.png)]] Twenty Seventeen has a similar social media iconset included, and has received similar requests: #43342, #45328 I don't see an issue with adding these ones (especially the ones that have patches already), but I will note that we should probably agree on some limitations around these sorts of additions: there are a near-infinite number of social media services out there, and we won't be able to include them all. In addition, each icon added provides a (admittedly very tiny) file size bump, and as these services update their logos over time, there'll be maintenance required to keep these up to date. Here is the current list of supported icons in Twenty Nineteen, for reference: https://codex.wordpress.org/Twenty_Nineteen#Add_Social_Icons" kjellr 3 45944 Twenty Nineteen: Added URL in :after styles for print.css is unreliable has-patch Bundled Theme 5.0.3 low normal Future Release defect (bug) new 2019-01-11T19:29:13Z 2022-07-20T23:47:48Z "The print styles for Twenty Nineteen include a little snippet meant to append the URL to links so it's visible when printed: {{{ a[href^=http]:after { content: "" < "" attr(href) ""> ""; } }}} Via: https://themes.trac.wordpress.org/browser/twentynineteen/1.2/print.css#L85 [[Image(https://cldup.com/iUgRDksax1-3000x3000.png)]] This snippet is based on recommendations in this article: https://www.jotform.com/blog/css-perfect-print-stylesheet-98272/ In practice, this appears to be fairly unreliable. In testing, @Joyously and I only see those URLs sporadically, and haven't been able to pin down why. More details: https://github.com/WordPress/twentynineteen/issues/609#issuecomment-439489841 If these rules aren't working correctly, I suggest we remove them from the theme. " kjellr 2 45945 Twenty Nineteen: Consider adding a filter for the featured image color filter functionality. dev-feedback Bundled Theme 5.0.3 normal normal Awaiting Review enhancement new 2019-01-11T19:35:36Z 2023-06-21T23:03:26Z "Originally raised by @hvianna and @grapplerulrich in this GitHub thread: https://github.com/WordPress/twentynineteen/issues/722 To make it easier for child themes to disable the featured image filter built into Twenty Nineteen, it might be helpful to add a filter for that functionality. Something along the lines of: {{{ function twentynineteen_image_filters_enabled() { return apply_filters( 'twentynineteen_image_filters_enabled', 0 !== get_theme_mod( 'image_filter', 1 ) ); } }}}" kjellr 1 45946 Twenty Nineteen: Consider adding a slide-out animation when the touch menu is closed Bundled Theme 5.0.3 low normal Awaiting Review enhancement new 2019-01-11T19:42:29Z 2019-01-12T01:33:49Z "For the mobile menu, we have a nice slide-in animation for when the menu opens, but we do not have a slide-out animation when the menu closes. This would be a nice additional level of polish to include. Current slide-in animation for reference: [[Image(https://cldup.com/ap0GOkaZQe.gif)]]" kjellr 1 45948 WSOD protection message formatted incorrectly on windows Bootstrap/Load normal normal Awaiting Review defect (bug) new 2019-01-11T22:41:08Z 2019-01-11T22:48:36Z When the WSOD protection in 5.1 beta1 pauses a plugin on a windows host, the message that displays in `wp-admin/plugins.php` the file path where the error occurred doesn't display properly (the path separator has been stripped). See the attached screenshot. pbiron 1 45949 Allow plugins or themes to supply their own message when they caused a WSOD Bootstrap/Load normal normal Awaiting Review enhancement new 2019-01-11T22:55:16Z 2019-01-16T16:55:08Z "#44524 ""introduces a WP_Shutdown_Handler class that detects fatal errors and which extension (plugin or theme) causes them. Such an error is then recorded, and an error message is displayed."" which is super cool. That change adds a generic recommendations for getting support that I think are a great default. I was talking about this with @antpb the other day and we discussed how if a plugin causes the crash, that plugin or theme should be able to communicate how to get help. If not, the WordPress user is going to go to WordPress.org/support or the host and eventually, hopefully make it to the plugin's actual support system, which for a commercial plugin is likely not WordPress.org. They might also go to the host who can help identify which plugin or theme is to blame and then send the user to the plugin/ theme support. That's a really bad user experience, they have a problem they want to go right to how to fix it. If plugins and themes could supply a message for how to get support right away when things broke, that would be so much better. The main problem we saw was that if there is a filter for the messages, but how does the plugin that just got deactivated due to error hook into that filter? https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-shutdown-handler.php?rev=44524#L171 So we figured it could be a markdown file in the plugins repo. WordPress could look in its file system for a file called error.md in the main directory of the plugin/ theme that just errored or it could look on WordPress.org for that file. Either way, it doesn't have to load the plugin's main PHP file and the content of that file would be covered by the WordPress.org plugin guidelines. " Shelob9 4 45955 Twenty Nineteen: get_the_archive_title filter issues dev-feedback Bundled Theme normal normal Awaiting Review enhancement new 2019-01-12T05:36:49Z 2019-01-12T06:37:21Z "I was testing the theme with a plugin that adds a custom post type and allows to set a custom title for the custom post type archive view using the following filter: {{{ add_filter( 'get_the_archive_title', 'slug_set_the_archive_title' ); }}} While this filter works fine in the previous WordPress themes, such as Twenty Seventeen, Twenty Sixteen and Twenty Fifteen, it does not work in Twenty Nineteen. It's possible to fix it by setting a priority parameter in the filter. For example: {{{ add_filter( 'get_the_archive_title', 'slug_set_the_archive_title', 99 ); }}} The problem is that it breaks a header style, meaning the title will have the style of the archive view prefix text (grey color and serif font style). Any idea what is the better way to use this filter in the Twenty Nineteen theme?" taskotr 2 45958 Errors displayed on shutdown handler has-patch Bootstrap/Load high normal Awaiting Review defect (bug) new 2019-01-12T13:59:04Z 2019-09-16T16:09:54Z "PHP errors are displayed on shutdown handler screen for REST API requests. See attached screenshot." spacedmonkey 13 45960 plugin_basename() fails on windows path reporter-feedback General normal normal Awaiting Review defect (bug) new 2019-01-12T16:14:10Z 2019-01-16T22:27:24Z "I happened upon this little bug with plugin_basename(). Namely if a file path include the C: (Windows), it will fail. So here's a quick fix. {{{#!php <?php if ( substr( strtoupper($file), 0, 2 ) === ""C:"" ) { $file = ltrim($file, 'C:'); $file = ltrim($file, 'c:'); } }}} If we add this as initial sterilization, it will work as expected. Otherwise, the wrong string is returned." dovyp 4 45970 "in IIS if web.confing <configuration has xmlns=""http://schemas.microsoft.com/.NetConfiguration/v2.0"" attribute the WordPress creates new <configuration> section and the site craches with wrong web.config" Rewrite Rules 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-13T12:12:37Z 2019-01-13T22:34:19Z "in IIS if web.confing <configuration has xmlns=""http://schemas.microsoft.com/.NetConfiguration/v2.0"" attribute the WordPress creates new <configuration> section and the site craches with wrong web.config error (2 <configuration> sections). It happens/triggers by example if you are trying to change the ""Permalink Settings"". The code responsible for this check is located in \wp-admin\includes\misc.php (line 748) {{{ // First check if the rule already exists as in that case there is no need to re-add it $wordpress_rules = $xpath->query('/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'wordpress\')] | /configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'WordPress\')]'); if ( $wordpress_rules->length > 0 ) return true; }}} The fix could be to register the namespace: {{{ $xpath->registerNamespace(""x"", ""http://schemas.microsoft.com/.NetConfiguration/v2.0""); }}} and then in `$xpath->query` to check also for `/x:configuration/x:system.webServer/x:rewrite/x:rules/x:rule[starts-with(@name,\'WordPress\')]` In this way it works without problem and does not break the site." boychev 45977 on the dashboard, cannot expand/collapse dashboard boxes. reporter-feedback Administration 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-14T03:25:22Z 2019-02-01T02:43:17Z "I just recently upgraded to 5.0.3 and noticed that I cannot expand/collapse dashboard boxes in admin (with the little triangle button at the upper right corner of boxes) " eynugget 1 45978 Excerpt always become empty after save draft / publish reporter-feedback Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-01-14T03:57:46Z 2019-01-14T14:48:00Z "It's happen one time for a **new post**.. Excerpt always become empty after save draft or publish or schedule a post.. [[Image(https://i.postimg.cc/P5G8SKcD/aaa.jpg)]] well, we need to update the post again to save the excerpt" KakiNetwork 1 45980 WordPress 5.0.3 PDF is opening empty page in Chrome and not showing content Media 5.0.3 normal normal Awaiting Review defect (bug) reopened 2019-01-14T10:34:54Z 2019-01-30T07:38:23Z "Hi, I have some links that open pdf. On firefox or safari, when I clic on the link, the pdf is opend on another page. I can see the pdf. On Chrome, when I clic, anoter page is open but the page is empty. I can see on the url that the pdf is open https://www.....de/wp-content/uploads/2018/07/TEST.pdf but it is empty. And it worked before (not with WordPress 5.0.1) And it doesn't work with new pdf too. MAny thanks for you help" Timama 7 45982 PDF thumbnails have a default black background Media 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-14T13:45:47Z 2023-06-13T21:47:43Z "I wouldn't necessarily call this a bug, but when a PDF is uploaded where the page has no solid background colour its thumbnail image background is rendered black. As most paper used is white ( I would hazard a guess... :) ), it feels like the default background colour of thumbnails should be set to white. I have created a fix within'' /wp-includes/class-wp-image-editor-imagick.php'' {{{#!php <?php try { $this->image = new Imagick(); $file_extension = strtolower( pathinfo( $this->file, PATHINFO_EXTENSION ) ); $filename = $this->file; if ( 'pdf' == $file_extension ) { $filename = $this->pdf_setup(); } // Reading image after Imagick instantiation because `setResolution` // only applies correctly before the image is read. $this->image->readImage( $filename ); if ( ! $this->image->valid() ) return new WP_Error( 'invalid_image', __('File is not an image.'), $this->file); // Select the first frame to handle animated images properly if ( is_callable( array( $this->image, 'setIteratorIndex' ) ) ) $this->image->setIteratorIndex(0); $this->mime_type = $this->get_mime_type( $this->image->getImageFormat() ); // !bb modification to default to white backgrounds if ( 'pdf' == $file_extension ) { if ($this->image->getImageAlphaChannel()) { // Remove alpha channel (use 11 if constant does not work... see https://stackoverflow.com/questions/10805122/imagemagick-setimagealphachannel-not-working-php) $this->image->setImageAlphaChannel(Imagick::ALPHACHANNEL_REMOVE); // set image background color to white $this->image->setImageBackgroundColor('#ffffff'); } }// !bb end modification to default to white backgrounds } }}} " nebrekab 23 45985 Twenty Nineteen: Introduce better theme support for responsive images Bundled Theme 5.0.3 normal normal Future Release enhancement new 2019-01-14T17:11:10Z 2022-12-21T17:52:53Z "As originally reported by @mor10, in the Twenty Nineteen GitHub repository: https://github.com/WordPress/twentynineteen/issues/50 ---- Currently, for images inserted within posts, the sizes attribute of the responsive images markup does not map to the actual displayed width of images. According to my tests (using a `1920x1080px` non-aligned image, inserted via Gutenberg (and set to `Image Size: Full`): The `sizes` markup is output as: `(max-width: 1920px) 100vw, 1920px` - At viewports `<300px`: A `300px` image is loaded - At viewports `>300px`: A `768px` image is loaded - At viewports `>768px`: A `1024px` image is loaded - At viewports `>1024px`: A `1568px` image is loaded - At viewports `>1568px`: The original `1980px` image is loaded Since this is not a full-width image, each of those image sizes is actually wider than necessary, resulting in a larger file size. For a more specific example: at a screen width of `1024px`, this non-aligned sample image is loaded in at `1568px` wide. As per theme rules, it actually appears only `700px` wide in the layout. On a non-retina screen, there's no need to load a `1568px` image for a `700px` space. Twenty Nineteen should include some theme-specific markup to properly assign `sizes` values that map to theme styles. This was done in Twenty Seventeen for instance: https://github.com/WordPress/WordPress/blob/master/wp-content/themes/twentyseventeen/functions.php#L491-L517 At the time of writing, this issue is blocked by Gutenberg: We can currently issue a custom `sizes` attribute for non-aligned images like the example above, but it is not currently possible to have the theme customize the `sizes` attribute for full/wide images. See the following GitHub issues for reference: https://github.com/WordPress/gutenberg/issues/6131 https://github.com/WordPress/gutenberg/issues/6177 https://github.com/WordPress/gutenberg/pull/11973 ---- I'm including patches ported over from two of @mor10's PRs on the original Twenty Nineteen repository: **Modifying the `sizes` attribute for non-aligned body images** (This currently causes negative results for `full` and `wide` images) https://github.com/WordPress/twentynineteen/pull/701 [attachment:""45985-regular-images.patch""] **Adding custom `sizes` attributes, including `wide` and `full` variants** (This is dependent on [https://github.com/WordPress/gutenberg/pull/11973 Gutenberg #11973] being merged): https://github.com/WordPress/twentynineteen/pull/629 [attachment:""45985-all-images.patch""]" kjellr 5 45991 Twenty Nineteen: Post titles are overflowing the content area reporter-feedback Bundled Theme 5.0.3 normal normal Future Release defect (bug) new 2019-01-15T10:11:02Z 2023-11-08T08:34:03Z "Post titles are overflowing the content area. In Twenty Seventeen the following code in style.css prevents titles from overflowing the content area. This code should be added to Twenty Nineteen as well. {{{ #page { word-wrap: break-word; } }}} " Dejan85 1 45993 Twenty Nineteen: Image aligncenter inside column is broken has-patch Bundled Theme 5.0.3 normal normal Future Release defect (bug) new 2019-01-15T15:09:31Z 2019-04-24T15:31:37Z "Since Twenty Nineteen v1.2, the images set to aligncenter aren't centered on the front-end when placed inside a column (they're centered inside the editor). [[Image(https://i.imgur.com/ud1ZuvJ.png)]] " dianeco 4 45998 Comments trashed after reply reporter-feedback Comments 5.0.3 normal normal Awaiting Review enhancement new 2019-01-16T02:58:34Z 2019-01-16T16:42:52Z "I found A Bug into your software. Which is Whenever I click on **Approve and Reply** option in comments, then it's automatically trashed.. Please Fix it." pkkarn 1 46000 non empty post object in case of error 404 Rewrite Rules 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-16T09:21:09Z 2019-01-16T09:21:09Z "In case of an 404 error the Posts Object is not empty if permalink setting is something like {{{ /blog/%postname%/ }}} The attached plugin can be used to debug this issue. == How to reproduce the problem **Step 1** Change permalink setting to {{{ /%postname%/ }}} Request a non existing URL like example.com/non-existent. Result: the Posts Object is empty **Step 2** Change permalink setting to {{{ /blog/%year%/%monthnum%/%postname%/ }}} Request a non existing URL like example.com/non-existent. Result: the Posts Object is empty **Step 3** Change permalink setting to {{{ /blog/%postname%/ }}} Request a non existing URL like example.com/**blog**/non-existent. Result: the Posts Object is empty **Step 4** permalink setting is still {{{ /blog/%postname%/ }}} Request a non existing URL like example.com/non-existent. Result: **the Posts Objec is NOT empty** == Impact == Plugins that use **the_posts** filter may produce wrong results. I've tested it with 5.0.3 but I'm pretty sure, previous versions are affected also." petersplugins 46003 Improve toolbar CSS Toolbar normal normal Future Release enhancement new 2019-01-16T10:42:03Z 2020-03-04T06:42:01Z "The admin toolbar has been around for years and has been iterated on many times. Its [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/css/admin-bar.css?rev=44544 CSS file] is now over 1000 lines long and weighs 24 KB. Even minified it's still over 20 KB, which I think is way too much. Given that the admin bar is loaded most of the time for many users, this just slows things down unnecessarily. I believe there's an opportunity to clean up the CSS file, get rid of legacy selectors targeting things like IE 7 and IE 8, and perhaps even make it DRY by leveraging Sass. It should be possible to reduce the size of the admin bar CSS without reducing functionality or usability." swissspidy 2 46004 Allow actions based on blocks in the current content francina dev-feedback Bootstrap/Load normal normal Future Release enhancement assigned 2019-01-16T11:12:17Z 2021-05-10T18:49:18Z We're finding ourselves having to do stuff based on which blocks are in the page, and others are probably experiencing the same thing. So I think it's wise to add an action in the WP bootstrap that allows for people to do something based on which blocks will be on the page. For now only for singular pages, but as Phase 2 of Gutenberg is expanded, this should probably be expanded to other page types. joostdevalk 5 46010 "Auto-generated term slugs can be greater than 200 characters, giving ""Could not insert term into the database."" error" needs-unit-tests Taxonomy normal normal Awaiting Review defect (bug) new 2019-01-16T14:37:23Z 2019-01-16T16:31:12Z "When a slug is not user defined, WordPress attempts to generate it from the term name within `wp_insert_term`. If the slug exists, when inserting subcategories, WordPress prefixes the slug with the top level term name. https://core.trac.wordpress.org/browser/tags/5.0.2/src/wp-includes/taxonomy.php#L2093 Because of this, long term names can go over the slug length limit and error. WordPress admin simply shows: > Could not insert term into the database. There is no reasoning provided, and when using wp_insert_term programatically it's hard to know what's at fault. This issue is more apparent when using cyrillic characters since they are stored encoded in the DB. Take ""Категория на продукта"" as an example. In the database this gets stored as: {{{ %d0%ba%d0%b0%d1%82%d0%b5%d0%b3%d0%be%d1%80%d0%b8%d1%8f-%d0%bd%d0%b0-%d0%bf%d1%80%d0%be%d0%b4%d1%83%d0%ba%d1%82%d0%b0 }}} This is 116 characters. The maximum allowed slug length defined in the wp_terms database schema is 200 characters. Steps to reproduce: - Add a top level category ""Категория на продукта"" - Add another ""Категория на продукта"" term as a subcategory of ""Категория на продукта"" - See error This is what WordPress attempted to insert into the database: {{{ ( [name] => Категория на продукта [slug] => %d0%ba%d0%b0%d1%82%d0%b5%d0%b3%d0%be%d1%80%d0%b8%d1%8f-%d0%bd%d0%b0-%d0%bf%d1%80%d0%be%d0%b4%d1%83%d0%ba%d1%82%d0%b0-%d0%ba%d0%b0%d1%82%d0%b5%d0%b3%d0%be%d1%80%d0%b8%d1%8f-%d0%bd%d0%b0-%d0%bf%d1%80%d0%be%d0%b4%d1%83%d0%ba%d1%82%d0%b0 [term_group] => 0 ) }}} The slug is too long. We either need error checking for this, or we need to truncate the slug length to avoid the issue and keep slug < 200 chars." mikejolley 3 46016 Unable to move blocks in editor Editor 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-16T21:08:39Z 2019-01-17T17:50:01Z "As I understand it: an active block can be moved up or down with arrows at the left of the block, which appear with mouse pointer hover. Arrows do not appear with hover. When I highlight two blocks (click & drag), I can see the arrows and moving works. However, there is no handle for dragging. OS: windows 10 Browser: chrome wp: v. 5.0.3 Theme: Twenty Seventeen (version is up-to-date) - Jon " Sophie_Kath 2 46017 """Mine"" comment count isn't updated when replying to or moderating a comment." has-patch Comments 5.1 normal normal Future Release defect (bug) new 2019-01-17T02:59:49Z 2019-01-24T04:40:53Z "To reproduce: - Visit `/wp-admin/edit-comments.php`. - Click Reply on a comment. - Type some text in the comment, click Reply. The ""All"" and ""Approved"" counts update as expected, but the ""Mine"" count doesn't." pento 3 46032 Plugin details text direction layout (RTL) SergeyBiryukov has-patch Plugins normal normal Future Release defect (bug) reviewing 2019-01-18T07:55:21Z 2021-11-13T22:56:51Z "Hi, This RTL CSS minor was noticed before 5.0 release, but with increasing number of plugins that have been translated to RTL languages! It would be nice fix it at present. **In the plugin details screen**, when site language or admin choosing RTL panel: Text direction for plugin Description, Changelog, Screenshots captions, and Reviews tabs appears LTR and some phrases become not quickly understood. (Screenshot attached [https://moqbel.net/s/WP-admin-plugins-description-RTL-PrtScn]). In this case (especially for those plugins that have been translated to any RTL language) I think the following needs to be fixed: direction: ltr; {{{ #plugin-information .section { direction: rtl; } }}} And for section ul class: margin-left: 24px; {{{ #plugin-information .section ol, #plugin-information .section ul { list-style-type: disc; margin-right: 24px; } }}} ---- **For Reviews tab (RTL):** 1. star-rating: float: left; {{{ #plugin-information .reviewer-info .star-rating { float: right; } }}} 2. review-title-section h4 float: left; margin: 0 6px 0 0; {{{ #plugin-information .review-title-section h4 { display: inline-block; float: right; margin: 0 0 0 6px; } }}} 3. reviewer-info .avatar float: left; margin: 4px 6px 0 0; {{{ #plugin-information .reviewer-info .avatar { float: right; margin: 4px 0 0 6px; } }}} ---- Finally will be displayed correctly as this PrtScn: [https://moqbel.net/s/WP-admin-plugins-description-RTL-PrtScn-fixed] Many thanks," nabilmoqbel 15 46033 Please fix redirect in wp-login.php has-patch Login and Registration 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-18T10:45:43Z 2019-01-19T22:32:26Z "On line 619 in wp-login.php there is a redirect that does not take in account site_url setting which is braking experience in some cases. Therefore, the suggested fix is replace {{{#!php <?php wp_safe_redirect(remove_query_arg( array( 'key', 'login' )) ); }}} with {{{#!php <?php wp_safe_redirect( site_url(remove_query_arg( array( 'key', 'login' )) ) ); }}} " tinodjwp 2 46035 Add set_display_name method to WP_Roles class dev-feedback Users normal normal Awaiting Review enhancement new 2019-01-18T13:44:45Z 2019-02-01T05:29:27Z "Currently, people are following tutorials on line on how to 'change' the display name of certain user roles in WordPress, by basically overwriting the name property every time on either `init` or `admin_init` hook. This is total overkill, and a hacky way to change the role display name (not role name which governs the capabilities stored in the database). If there was a method `set_display_name` (and a corresponding getter `get_display_name`) this cosmetic change could be done only once on plugin activation - this change would then be permanent in the database and you wouldn't need to run the 'rewrite' all the time just to change name (Editor to Blog Editor for instance, or Administrator to Operations). Only way, to do this now is to copy the entire `WP_Role` object, then remove the original one, change one property and add a 'new' role. This feels super hacky to me. Thoughts, opinions, suggestions?" dingo_d 46040 Broken symlinks prevent updates has-patch Upgrade/Install 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-18T21:36:58Z 2022-10-16T01:50:32Z "Soon after cPanel updated EasyApache 4 (EA4) (ea-php-cli-1.0.0-3.3.1.cpanel.x86_64) to use caching (a faster way to select the PHP executable, such as php-cli), I noticed some failed plugin updates. If appears that updated cPanel servers now create "".ea-php-cli.cache"" broken symbolic links in the directory where a PHP script was executed by CLI (such as a CRON job or manual call). The links are to a fake target (such as ""ea-php71""), which is used by the perl script to select the executable. I already submitted https://github.com/CpanelInc/php-cli/issues/2 to cPanel, and already received a response. The author of the pull request https://github.com/CpanelInc/php-cli/commit/883e8f1f3f37998d4501de4d4276c8a9d290fae3 may be changing how it caches; possibly creating the cache files in the ""~/.cpanel"" directory and cleaning up the littered files in the users' web directories. I have a working fix for WordPress, that I will attach in a moment. The cause and effect is not limited to cPanel and WordPress, and the issue should be fixed on both sides. To replicate: 1. Have WordPress 5.0.3 installed on a cPanel server that has ea-php-cli-1.0.0-3.3.1.cpanel.x86_64 installed. -- You can check using `rpm -q ea-php-cli-1.0.0-3.3.1.cpanel`. Also '/usr/local/bin/php' is a text (perl) file, and not a binary/executable. 1. Login into SSH/CLI and call any PHP file in a plugin, such as `php wp-content/plugins/akismet/class.akismet-cli.php`. a. You should then see a broken symlink in the ""wp-content/plugins/akismet/"" directory. 1. Change the version number in the main plugin file ""wp-content/plugins/akismet/akismet.php"" to something lower, such as ""4.0"". 1. Go to the WordPress >> Updates page and try to update the plugin. a. You will see an error ""An error occurred while updating Akismet: The update cannot be installed because we will be unable to copy some files. This is usually due to inconsistent file permissions. .ea-php-cli.cache"" 1. You can delete the symlink or apply the patch, and the update will be successful. " joemoto 4 46042 wp_nav_menu always returns a container Menus normal normal Awaiting Review defect (bug) new 2019-01-19T16:03:15Z 2019-01-19T20:20:35Z "wp_nav_menu('container' => false) is returning an empty div when there is no menu items. This should return either false or an empty string. You can change the div to a different element, but you cannot remove the container. This makes it difficult to test whether the menu is empty or not. Checking !empty($menu) no longer works like it used to." thememason 3 46048 Twenty Nineteen: Latest posts block: Post title overlaps other titles on certain screen widths has-patch Bundled Theme 5.0.3 normal normal Future Release defect (bug) new 2019-01-21T15:56:20Z 2020-01-13T17:37:10Z "Affects: Only Twenty Nineteen. Does not affect other core themes like Twenty Seventeen or Twenty Sixteen. On certain screen widths, with the ""Latest posts"" Gutenberg block, the long post title overlaps with the nearby titles. This seems to happen only for titles having characters like ""/"" on it, at the end. I haven't been able to see if this is the case with other special characters. The attached images can help understand this better. Video https://cloudup.com/c2G8sjrlp1b showing that this is not affected with other themes like Twenty Seventeen." arunsathiya 3 46055 Twenty Seventeen: Blockquotes aligned right are not rechecked when widgets are added in the Customizer Bundled Theme normal normal Future Release defect (bug) new 2019-01-21T22:02:28Z 2019-01-23T19:19:31Z "While working on testing #40103 using the Customizer I discovered that when a widget is added, removed, or updated in the sidebar Twenty Seventeen does not recheck that the sidebar is empty enough to push the blockquote to the right. To reproduce: - Create a post with a blockquote two or three paragraphs down the page. - Give the blockquote the `alignright` class. - Remove widgets from the sidebar so that there is only one (none works too). - Open the Customizer. - You should see the [https://cldup.com/ygEYYBp6Bv-3000x3000.png example image posted] on #40103. - Add or change widgets in the sidebar to make the height of the sidebar pass the blockquote. The content will overlap the blockquote and it will not be pushed back into the content area as it should." desrosj 1 46058 Extra database calls when use get_the_excerpt() and posts have images General 5.0.3 normal major Awaiting Review defect (bug) new 2019-01-21T23:49:51Z 2020-06-25T22:26:56Z "**To reproduce this issue:** 1. Install clear wordpress (5.0.3) 2. Create post with image in post content. Assign it to one category (e.g. ""uncategorized""). 3. Open this category page and check database calls in it (with get_num_queries()). 4. Add one more post with image in it - and database calls will increase with every additional post (+2 queries for 1 additional post). **Info:** 1. This issue dissapear when you delete get_the_excerpt() from the category template. 2. This issue does not exist when posts have no image in it. **The reason of this issue is in function get_the_excerpt():** 1. function get_the_excerpt() applies filter 'get_the_excerpt' in wp-includes/post-template.php:397 {{{#!php <?php return apply_filters( 'get_the_excerpt', $post->post_excerpt, $post ); }}} 2. we have 'wp_trim_excerpt' by default for 'get_the_excerpt' in ""wp-includes/default-filters.php:172"": {{{#!php <?php add_filter( 'get_the_excerpt', 'wp_trim_excerpt' ); }}} 3. function wp_trim_excerpt() applies filter 'the_content' in wp-includes/formatting.php:3314 {{{#!php <?php $text = apply_filters( 'the_content', $text ); }}} 4. we have 'wp_make_content_images_responsive' by default for 'the_content' in ""wp-includes/default-filters.php:165"": {{{#!php <?php add_filter( 'the_content', 'wp_make_content_images_responsive' ); }}} 5. and lastly function wp_make_content_images_responsive() produce 2 extra database calls on every post in category-page (guess with wp_get_attachment_metadata) in wp-includes/media.php:1344 {{{#!php <?php foreach ( $selected_images as $image => $attachment_id ) { $image_meta = wp_get_attachment_metadata( $attachment_id ); $content = str_replace( $image, wp_image_add_srcset_and_sizes( $image, $image_meta, $attachment_id ), $content ); } }}} " kg69design 1 46059 cyrillic capitalization in tag search reporter-feedback I18N normal normal Awaiting Review defect (bug) new 2019-01-22T01:14:30Z 2020-07-20T12:42:11Z When doing ''search tags'' using Cyrillic if you didn't guess right capitalization in existing tag, then it won't be in search result. It's impossible to find all tags with given substring if they are saved with different capitalization in this substring. anonymized_15879810 3 46061 Canonical prevents accessing paginated results of feed-named tags Canonical 2.7.1 normal normal Awaiting Review defect (bug) new 2019-01-22T05:41:38Z 2022-11-01T03:22:24Z "Given a tag of the name 'rss' (or any of `(feed|rss|rdf|atom|rss2)`) Canonical will cause a redirect for a paginated result to an incorrect url lacking the 'rss' For example: {{{ $ curl -Is http://wordpress.dev/tag/rss/page/2/ | grep Location Location: http://wordpress.dev/tag/page/2/ }}} This appears to be caused by https://core.trac.wordpress.org/browser/trunk/src/wp-includes/canonical.php?rev=43571&marks=297-302#L290 This was originally reported as https://meta.trac.wordpress.org/ticket/2945" dd32 5 46072 add a $metas param to wpmu_create_blog() has-patch Networks and Sites normal normal Awaiting Review enhancement new 2019-01-22T21:37:51Z 2019-01-23T18:41:47Z `wpmu_create_blog()` should accept an additional param for blogmeta for the new blog, analogous to the existing `$options` param for site options. pbiron 3 46080 "Twenty Seventeen: Pullquote Block - ""Write citation…"" Text color not working at frontend" Bundled Theme 5.0.3 normal normal Future Release defect (bug) new 2019-01-23T11:39:10Z 2019-01-30T19:42:33Z When I add Pullquote Block in editor and assign text color from the Color setting it's working properly in backend but it's not working properly in frontend. iamjaydip 1 46082 Why returning $menu_array[x] instead of $title dev-feedback Administration normal normal Awaiting Review enhancement new 2019-01-23T16:02:40Z 2021-12-08T12:38:49Z " {{{ File: wp-admin/includes/plugin.php Function: get_admin_page_title() }}} In lines `1613, 1616, 1637, 1645 and 1660` the following pattern of assignments and return the value are used: {{{ $title = $menu_array[x]; return $menu_array[x]; }}} where `$tile` is `global`. What is the difference between the following returning patterns {{{ $title = $menu_array[x]; return $menu_array[x]; }}} AND {{{ $title = $menu_array[x]; return $title; }}} Since we are already updating the the global variable `$title` with that of `$menu_array[x]`, why can't we just return `$title` instead of `$menu_array[x]`? For every single request `global $title` will receive a new value. In `line 1620` the return pattern is usual: {{{ $title = $menu_array[0]; return $title; }}} " subrataemfluence 46087 Short-circuit `page_on_front` check during site creation dev-feedback Rewrite Rules normal normal Awaiting Review enhancement new 2019-01-23T22:58:45Z 2019-01-23T22:58:45Z "During site initialization, `wp_installing()` is set to `true`. Among other things, this toggle disables all caching from `get_option()`. While I think that this behavior could use a general review (it's legacy behavior from MU that may have been an overly-broad fix for a narrow `alloptions` problem), there's one specific offender I'd like to consider addressing: `page_on_front`. `generate_rewrite_rules()` calls `get_option( 'page_on_front' )` several times for each rewrite rule, and each of these calls requires a database read. Since `page_on_front` is set to 0 in the default schema, I propose that we short-circuit the check during site initialization (`wp_install_defaults()`). Something like: {{{ add_filter( 'pre_option_page_on_front', '__return_empty_string' ); $wp_rewrite->init(); $wp_rewrite->flush_rules(); remove_filter( 'pre_option_page_on_front', '__return_empty_string' ); }}} Not terribly elegant, but it can reduce DB I/O by many dozens of reads." boonebgorges 46089 Memory exhaustion when setting script translations on `wp-i18n` needs-unit-tests Script Loader normal normal Future Release defect (bug) new 2019-01-24T00:47:26Z 2021-02-04T05:53:32Z "A memory exhaustion occurs given the following snippet of code: {{{#!php <?php add_action( 'admin_enqueue_scripts', function() { wp_set_script_translations( 'wp-i18n', '' ); } ); }}} {{{ <b>Fatal error</b>: Allowed memory size of 268435456 bytes exhausted (tried to allocate 262144 bytes) in <b>/srv/www/editor/htdocs/wp-includes/class.wp-dependencies.php</b> on line <b>324</b><br /> }}} Memory exhaustion occurs here: https://github.com/WordPress/WordPress/blob/4e3e9ca9cf893190609728848caf224034fd1ef0/wp-includes/class.wp-dependencies.php#L338 I think it stems from this line: https://github.com/WordPress/WordPress/blob/4e3e9ca9cf893190609728848caf224034fd1ef0/wp-includes/class.wp-scripts.php#L517 Where `wp-i18n` is adding itself as a dependency. Could probably do for a simple check to ensure that the incoming handle is not `wp-i18n`." aduth 14 46100 Custom field validation is not working in Gutenberg Editor Editor normal major Awaiting Review defect (bug) new 2019-01-25T06:56:11Z 2019-01-25T14:28:29Z "In Latest Version 5.0, Gutenberg doesn't allow validation with WCK plugin. Lets create a custom post type and add the custom field with required. And when we add custom post type with the custom field, required field doesn't shows validation. This validation is working with old editor." kalpanasharma19 1 46102 Documentation improvement General normal normal Awaiting Review enhancement reopened 2019-01-25T11:08:01Z 2019-01-27T03:15:05Z We have found grammatical mistake in comment of wp-activate.php file. chinteshprajapati 2 46108 Twenty Nineteen: Include contributing.txt file with Sass compiler instructions has-patch Bundled Theme 5.0.3 normal normal Awaiting Review enhancement new 2019-01-25T18:26:30Z 2019-01-29T13:57:39Z "In the GitHub repository, there is a `CONTRIBUTING.md` document with instructions for how to compile the Sass for Twenty Nineteen. This file was not migrated over to core. For those working with the theme (both for direct contributions, and for their own purposes), it'd be helpful to bundle instructions for working with the Sass via the included build tool. The attached patch ports over the ""Compiling SCSS"" section from the document on GitHub, as a new `contributing.txt` file. https://github.com/WordPress/twentynineteen/blob/master/CONTRIBUTING.md#compling-scss" kjellr 5 46110 "IE11: JS ""Syntax error"" related to wp-polyfill-formdata" atimmer has-patch Build/Test Tools 5.0 normal normal Future Release defect (bug) assigned 2019-01-26T12:33:26Z 2021-02-08T16:43:00Z "In Internet Explorer 11, there's a JavaScript ""Syntax error"" related to `wp-polyfill-formdata`. The error happens in various pages, e.g. in `edit.php` and `post.php`. [[Image(http://cldup.com/-UPS1EV0FC.png)]] IE11 doesn't support ""arrow functions"" and other ES6 features in that file. Asked for feedback on Slack #core-editor and it was pointed out that seems core is using the wrong file from the package. Wrong version used in core: https://github.com/WordPress/wordpress-develop/blob/e01f30a/tools/webpack/packages.js#L104 Correct version used in the Gutenberg plugin: https://github.com/WordPress/gutenberg/blob/2d7035b/lib/client-assets.php#L619 Introduced in [43719] /Cc @omarreiss @atimmer " afercia 21 46128 "Custom header ""Hide image"" button not displayed when randomizing images via theme setup" has-patch Customize 3.4 normal normal Awaiting Review defect (bug) new 2019-01-28T16:10:39Z 2019-12-11T21:33:31Z "**DESCRIPTION** When registering multiple [https://codex.wordpress.org/Custom_Headers custom header] images via theme code, and setting them to randomize (by enabling `random-default` custom header attribute), there is no ""**Hide image**"" button displayed. But the image should be displayed even in this case. The only way to enable ""**Hide image**"" button is to set `default-image` attribute during custom header registration in the theme code. But this actually effectively disables images randomization... ---- **HOW TO TEST/REPRODUCE** Append this code to Twenty Nineteen theme's `functions.php` file (without opening `<?php`) to test - see the code comments for more details: {{{#!php <?php function test_custom_header_hide_button() { /** * Registering custom header support. * * The issue description: * ====================== * When 'default-image' is set, there is ""Hide image"" button * displayed in ""Header Image"" section of customizer. But now * the 'random-default' does not work. * On the other side, if 'default-image' is not set, ""Hide image"" * button is not displayed in ""Header Image"" section of customizer * when we have 'random-default' enabled. * In both cases the ""Hide image"" button should be available. * * How to test: * ============ * Simply (un)comment the 'default-image' to see the difference * in ""Header Image"" section of customizer. * But do not save/publish your customizer as we are testing * how the theme code is treated in customizer! */ add_theme_support( 'custom-header', array( // 'default-image' => 'https://via.placeholder.com/1000x200/000099/ffffff?text=Image+default', 'random-default' => true, // Irrelevant, but required options: 'height' => 200, 'width' => 1000, ) ); // Registering some images to randomize from: register_default_headers( array( 'image-1' => array( 'url' => 'https://via.placeholder.com/1000x200/990000/ffffff?text=Image+1', 'thumbnail_url' => 'https://via.placeholder.com/250x50/990000/ffffff?text=Image+1', 'description' => 'Image 1', ), 'image-2' => array( 'url' => 'https://via.placeholder.com/1000x200/009900/ffffff?text=Image+2', 'thumbnail_url' => 'https://via.placeholder.com/250x50/009900/ffffff?text=Image+2', 'description' => 'Image 2', ), ) ); } add_action( 'after_setup_theme', 'test_custom_header_hide_button' ); // Display the custom header in theme footer for preview: add_action( 'wp_footer', 'the_custom_header_markup' ); }}} ---- **SCREENSHOT** [[Image(custom-header-setup-via-theme.png)]]" webmandesign 1 46129 Inconsistent logic in allowed_block_types Editor normal normal Awaiting Review enhancement reopened 2019-01-28T18:05:51Z 2021-02-11T21:44:41Z "There are many filters like that in WP (for example `mime_types`, `manage_posts_columns`, and so on) and all of them are getting a full list of items as `$allowed` param. This way developers can easy manipulate the list (add, remove and so on). On the other hand `allowed_block_types` takes a totally different approach. If all blocks are allowed, you get ""true"" as list of allowed blocks. OK, it may look convenient, but... 1. It's inconsistent with any other WP filter... 2. It makes it really hard to blacklist blocks (let's say we want to remove only 2 blocks). 3. It makes getting the list of registered blocks impossible. PS. I know - you can do this in JS. But I don't think that it's very convenient to put some options in PHP, store these options in DB and then in every request pass this value to JS and process it on client-side..." drozdz 2 46134 Allow filtering of `$header` object in `get_header_image_tag()` function (for custom header image override) dev-feedback Media 5.0.3 normal normal Future Release enhancement new 2019-01-29T14:38:10Z 2022-01-20T15:50:13Z "Currently, when trying to override custom header image, it is only possible to filter header image URL (via `theme_mod_header_image` [https://developer.wordpress.org/reference/hooks/theme_mod_name/ filter hook]) or the actual image [https://developer.wordpress.org/reference/hooks/get_header_image_tag/ output HTML] in [https://developer.wordpress.org/reference/functions/get_header_image_tag/ get_header_image_tag()] function. It would be beneficial to allow filtering also the `$header` object of `get_header_image_tag()` function: in case of override via theme code we can set not only an image URL, but an image attachment ID too. That way the `get_header_image_tag()` function can do better job with image overrides (such as setting correct image `srcset` and `sizes` attributes and also [https://core.trac.wordpress.org/ticket/46124 the image alt text])." webmandesign 8 46136 WordPress install impossible when using symlinks in apache vhost Upgrade/Install 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-29T16:08:58Z 2019-07-27T01:20:50Z "Hello. Fresh install here. As always, in let's say `/var/www`, I creating directories for my apps. I like to have my apache virtualhost pointed on symlinks, so when I have to swap version, I don't have to restart apache (only have to edit symlinks). For instance, let's say I have: {{{ /var/www/myblog_all /var/www/myblog_all/myblog_wordpress /var/www/myblog_all/myblog_spip /var/www/myblog -> /var/www/myblog_all/myblog_wordpress/ }}} (last line is symlink) In apache, I have : {{{ ServerName myblog.com DocumentRoot /var/www/myblog }}} Well, in that case, I cannot install wordpress when acceding to the URL `http://myblog.com`. I'm redirected to `http://myblog.com_all/myblog_wordpress/wp-admin/setup-config.php` (so a 404) !! Why ? My guess is in the `index.php` file: {{{#!php <?php require( dirname( __FILE__ ) . '/wp-blog-header.php' ); }}} is returning `/var/www/myblog_all/myblog_wordpress` instead of what I expected `/var/www/myblog`. I know this is ""correct"" for a PHP point of view, but I'm sure I'm not the first one playing with symlinks. **Is there a way to give to wordpress the vhost settings?** Thanks in advance!" bracol 1 46145 dbDelta runs same updates on every execution Database normal normal Awaiting Review defect (bug) new 2019-01-30T08:37:30Z 2019-01-30T08:37:30Z "Given a SQL column with a definition such as: {{{ created_at TIMESTAMP NULL }}} The dbDelta detects the following changes: {{{ Changed type of table_name.created_at from timestamp to TIMESTAMP }}} But then executes a query using part of the original SQL: {{{ ALTER TABLE table_name CHANGE COLUMN `created_at` created_at TIMESTAMP NULL }}} Which leads to the same changes being detected again on the next run. This applies not only to case of the type but to many other cases such as ""int"" vs. ""int(11)"", ""bigint"" vs. ""bigint(20)"", etc. This will actually happen in every case when the given SQL differs from the exact ""expected"" form. " janjakes 46146 dbDelta not parsing enum correctly Database normal normal Awaiting Review defect (bug) new 2019-01-30T08:41:12Z 2022-11-17T19:28:49Z "Given an enum definition such as: {{{ enum('a', 'b') }}} The dbDelta function parses it as: {{{ enum('a', }}} Which causes a change to be detected on every execution. I'm also afraid other cases with spaces (like strings with spaces in enum values, etc.) will cause similar problem since the regular expressions in the dbDelta function seem to cover only some particular cases." janjakes 1 46153 Leading space after past text from docx Editor 5.0.3 normal normal Awaiting Review defect (bug) new 2019-01-31T01:09:31Z 2020-08-24T23:36:55Z "Please copy and past text from atatchment to block editor. You will see space before every text line. " alexufo 1 46155 Responsive images (srcset) not working on cropped files. joemcgill reporter-feedback General normal major Awaiting Review defect (bug) assigned 2019-01-31T02:51:55Z 2019-05-15T13:36:42Z "When adding images to a page or using wp_get_attachment_image() function in a page template, responsive images do not get generated if the image size is set to 'crop' (e.g. thumbnail or a custom size). Basically, srcset is not added in html. Other sizes are OK though. To reproduce the bug, make sure an image size is set to 'crop'. Then upload a new image and add it to a page selecting a **full size first**. Update the page and then remove the image from the page. Update and then insert it again and this time make sure to select the **cropped image size**. Update. You will see that a standard <img> tag is generated in the frontend. E.g.: {{{ <img class=""alignnone size-thumbnail wp-image-10"" src=""/wp-content/uploads/photo-360x360.jpg"" alt="""" width=""360"" height=""360""> }}} instead of {{{ <img class=""alignnone size-thumbnail wp-image-10"" src=""/wp-content/uploads/photo-360x360.jpg"" alt="""" width=""360"" height=""360"" srcset=""/wp-content/uploads/photo-360x360.jpg 360w, /wp-content/uploads/photo-720x720.jpg 720w, /wp-content/uploads/photo-768x768.jpg 768w, /wp-content/uploads/photo.jpg 1280w"" sizes=""(max-width: 360px) 100vw, 360px""> }}} I have tested it on WP 5.0.3 and even tried downgrading to 4.9.9 and 4.9.8 but it's the same. Tested with all plugins deactivated and on the default twenty-something theme. I have tried it on PHP 7.1, 7.2 and 5.6. Tested both Guttenberg and the classic editor." olgri 4 46158 Twenty Nineteen: Slight flash of desktop menu when closing mobile menu Bundled Theme 5.0.3 normal minor Future Release defect (bug) new 2019-01-31T19:45:21Z 2019-01-31T19:47:30Z "Moved over from the discussion on #45905: When using Twenty Nineteen on a mobile device, you sometimes get a brief flash of the desktop menu when closing the mobile menu. Steps to reproduce: 1. Start with a test site with a longer menu, so you have the `...` more button. 2. Tap on the `...` button on a mobile device. 3. Click the 'Back' button. " laurelfulford 46162 get_taxonomies by post_type no output Taxonomy 5.0.3 normal normal Awaiting Review defect (bug) new 2019-02-01T06:47:14Z 2020-05-12T06:29:29Z "if: {{{#!php <?php register_taxonomy('area', array('demand'), $args); $taxonomies = get_taxonomies( 'object_type' =>array('demand'), $output, $operator ); }}} that is ok! but if: {{{#!php <?php register_taxonomy('area', array('profile', 'resource', 'demand'), $args); $taxonomies = get_taxonomies( 'object_type' =>array('demand'), $output, $operator ); }}} There is no output. " tangfou 46166 wp_update_term sanitizes the description, removing all html Taxonomy 4.9.8 normal normal Awaiting Review defect (bug) new 2019-02-01T13:56:53Z 2019-02-01T13:56:53Z "The function wp_update_term automatically sanitizes the description of the term, thereby removing all html tags added to it. This happens even when no description is passed via the $args parameter. This does not seem intended, as the description field is basically the content of the term and should be able to hold html information (which is in fact the case if I edit it within the WordPress backend and save it). " sighan 46171 "Add ""backing up this post in your browser"" label to post-type" dev-feedback Posts, Post Types normal normal Awaiting Review enhancement new 2019-02-01T20:58:56Z 2019-02-01T20:58:56Z "When the internet connection is lost, on a non-block-based post-type, some helpful text appears in an admin notice to alert users their content will not be lost: ""We’re backing up this post in your browser, just in case"" Keyword: **post**. It would be nice if that string were post-type specific, perhaps part of the `labels` array of the post-type registration process." johnjamesjacoby 46179 Make fetch_array accessible in $wpdb Database normal normal Awaiting Review enhancement new 2019-02-04T09:38:25Z 2019-02-04T09:38:25Z "Hi, I want to suggest a change in $wpdb. I'd like to see a possibility to use fetch_array by myself rather than taking the result of a query as an array or object. Let me explain why. WordPress doesn't scale very well when you handle large amounts of data from the database. For example, if you want to display a list of all posts and you have like 5000 of them. You'd use WP_Query for that. Which is fine, I guess, for a limited number, but slow in this use case. So you'd query yourself. {{{ SELECT * FROM wp_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_title ASC }}} If you give that to $wpdb, you'd receive an array with all 5600 posts and all the jazz attached to it. It takes 5 seconds and takes about 500 MB of PHP memory. I have now added an own class and established a second database connection. With that, I run the query above but the result remains in mysql. Instead of {{{#!php <?php foreach($results as $current) { // do stuff } }}} I now run {{{#!php <?php while($current = $mydb->fetch_array($results)) { // do stuff } }}} And I only need 30 MB of PHP RAM and 0.4s of time. This saves a lot of resources because you are able to get rid of a lot of PHP overhead. See, the MySQL result is in memory either way (because you did run the query) but you don't have to store everything from the result in PHP memory as well. You process them one at a time and only store (or output or whatever you need to do) what you actually need. I know this is nothing you'd usually do but there are other use-cases where an accessible fetch_array would come in handy in the interest of performance optimization - for example if your plugin utilizes a cronjob which has to handle large amounts of data. I don't assume this would break anything compatibility-wise as it is an additional method inside this class, so it would be a very nice addition. All you'd need is to add a new return method to $wpdb->query that returns the MySQL resource and a new method that exposes a fetch_array function to the public accepting said resource. Thank you a lot for reading my proposal and at least considering it :) -alduin" alduinwf 46180 get_permalink: Ability to pass required information for better performance Permalinks normal normal Awaiting Review enhancement new 2019-02-04T09:47:46Z 2019-02-04T09:47:46Z "Hi, somewhat related to this ticket: https://core.trac.wordpress.org/ticket/46179 I have another proposal. get_permalink accepts a post object or an ID to create a permalink. If you only pass the ID, the function will get all post information from the database and generate the permalink. However, this might not be necessary every time. Look at the use-case in 46179, when I already have loads of information. For example, when my permalink structure is /%Y/%M/%TITLE%/, I can easily get all information I need from the one query. So my proposal is that you can not only pass an ID or a WP_Post object to get_permalink but also an array with all available information (from the database). And if the information provided is sufficient to create the permalink, then use it, otherwise fall back to get_post($id). This won't save ""much"" time and not even crazy much memory but it takes off a lot of load from the database when you have to not use the API for some reason and this could be interesting in a high-load environment. Thank you, -alduin" alduinwf 46184 Add WP_Tax_Query support to WP_Site_Query Networks and Sites normal normal Awaiting Review enhancement new 2019-02-04T15:59:24Z 2019-02-12T21:00:32Z "Because sites are just another object type in WordPress, taxonomies can already be added to the `site` object type. Even though there are no user interfaces in Core for taxonomies when assigned to object types other than `post` (for example, see users #31383), it would be nice to add `WP_Tax_Query` support to `WP_Site_Query`. One thing to be aware of though is that there are issues in Core when a taxonomy is assigned to multiple object types. I don't think this should be added until that is addressed. #45107 has a more detailed breakdown of that." desrosj 4 46188 esc_html does not have support for multiline output. esc_br_html or line-breaking parameter for esc_html is missing Formatting 5.0.3 normal normal Awaiting Review enhancement new 2019-02-05T12:40:02Z 2019-03-02T12:24:33Z "Let's say that we want to save not a title, but a block of text in the database. So we have to support multiline escaping. Now I have to do this: {{{#!php <?php $escapedMultilineItemDescriptionArray = array_map('esc_html', explode(""\n"", $data['item_description'])); $printItemDescription = implode(""\n"", $escapedMultilineItemDescriptionArray ); $objView = new View(); $objView->itemDescription = $printItemDescription; }}} But then the reviewers at Envato and other coding standards fans are not happy that at the template file I use: {{{ <div class=""item-description""><?=nl2br($itemDescription);?></div> }}} While following the concept of of 'escaping at the template' would could be instead 'esc_br_html': {{{ <div class=""item-description""><?=esc_br_html($itemDescription);?></div> }}} or with `fuction esc_html($text, $escapeLineBreaks = FALSE) {...}` {{{ <div class=""item-description""><?=nl2br(esc_html($itemDescription, TRUE));?></div> }}} I just see a lot of confusion and misinterpreation of escaping of text that has multiple lines, and there is NO function. And we should not do explode, implode, array_map things inside the template code, as the template is for designers, and ever CSS developer has to be able easily understand the template, so there so be no explodings, implodings. " KestutisIT 4 46190 Firefox Emoji Detection Slow has-patch Emoji 5.0.3 normal normal Awaiting Review enhancement new 2019-02-05T18:52:24Z 2022-07-06T19:25:57Z "The emoji detection script loaded by default on WordPress is parser blocking but it still progressive enhancement as it a) it runs fast, b) finishes before the style requests are being downloaded. However Firefox seems to have an issue in recent versions. I tested the times it takes on Browserstack and sometimes it goes as high as more than 1s on both Windows and Mac. The way I tested is by adding this code to functions.php {{{#!php <?php add_action( 'wp_head', function() { ?> <script>var e=new Date()</script> <?php }, 6 ); add_action( 'wp_head', function() { ?> <script>var n=new Date()-e;console.log(n)</script> <?php }, 7 ); }}} so the the wp-emoji-loader.min.js inlined in the html head is sandwiched between getting the timestamps. On other browsers it is like 8ms, 20ms but Firefox is really slow. Likely a Firefox bug, but should be a workaround for it in WP." superpoincare 2 46206 Strange behaviour with links inside a table reporter-feedback Editor 5.0.3 normal normal Awaiting Review defect (bug) new 2019-02-07T20:53:49Z 2020-11-23T16:54:45Z "I'n currently using WP 5.0.3. There is some strange behaviour with links that are inside a table. Check box ""open link in a new window"" did nothing until I switched to HTML and added a space before link text (<td> <a href... instead of <td><a href...). Is this a bug or a ""feature""? :D Sincerely, Jari Honkonen" multiankunta 1 46208 Improve Menu experience by making it easier to delete multiple menus at once audrasjb Menus 5.0.3 normal normal Future Release enhancement reviewing 2019-02-07T21:35:19Z 2019-05-03T22:03:30Z "If possible, please make it easier to delete multiple menus with a one click button (same as the plugin interface). For example add an extra tab next to ""Manage Locations"". - Right now, we've to select a menu (to edit) then remove it. If you have like 10 menus... then this task simply takes too much time. The menus are saved all over different tables wp_terms, wp_posts, etc. inside the database. Wouldn't it be better to simple create a seperate db table for menus instead and have all data placed in there (with object cache)? Mireille" mireillesan 1 46209 mediaelement CSS loading at bottom of body Media 4.9 normal normal Future Release defect (bug) new 2019-02-07T21:55:20Z 2023-01-31T13:55:35Z "The question was asked in #42751 why we are loading mediaelement css in the body. It was agreed in the recent Media meeting that this is better fit for it's own ticket for discussion. ---- Mentioned by @themezly : While we are at it, why are we loading mediaelement CSS files at the bottom of body http://prntscr.com/hh0808 ? CSS files should always be in head. " antpb 7 46210 Add helpers for default/empty datetime value has-patch Database normal normal Awaiting Review enhancement new 2019-02-07T22:37:30Z 2023-02-24T20:17:08Z "Typing `0000-00-00 00:00:00` is error prone, and tedious. There are a few dozen usages of it sprinkled through-out WordPress. Hundreds of plugins also. I offer up the idea of 2 helper functions: * `__return_empty_datetime()` that simply returns `0000-00-00 00:00:00` * `is_empty_datetime( $datetime = '' )` to check if a variable is `empty()` or `0000-00-00 00:00:00`" johnjamesjacoby 5 46215 Twenty Nineteen: Aligning table to center not working on front end has-patch Bundled Theme 5.0.3 normal normal Future Release defect (bug) new 2019-02-08T12:36:18Z 2023-05-26T08:49:20Z "When i add **Table block** in editor and assign Alignment ""Center"" from the toolbar it's working properly in backend but it's not working properly in frontend." iamjaydip 2 46217 wp_mail() not sending messages on PHP7.3.x has-patch Mail 5.0.3 normal major Awaiting Review defect (bug) new 2019-02-08T14:57:30Z 2019-11-21T08:10:30Z "Hi, I believe that this is a bug but my PHP-fu is not yet the belt color needed to further debug and fix this. I have tested this behavior on WordPress 5.0.3 and GitHub sources from 2019-02-07, on FreeBSD and Linux Ubuntu 18.04, with PHP 7.3.1. PHP versions 7.2 and older work as expected. While PHP's mail() sends e-mails flawlessly, there are no attempts to open connection to a SMTP server when using wp_mail(). This issue covers all WordPress e-mails including the initial ""New WordPress Site"" message. Example code, working on PHP 7.2 but not on 7.3. {{{#!php <?php require('./wp-config.php'); $headers = 'From: whatevs <tester@proper-and-existing-domain.net>' . ""\r\n""; wp_mail('something@proper-and-existing-domain.com','wp mail test','test test test', $headers ); }}} The above example works with PHP 7.3 when ""wp_mail"" is replaced with ""mail"". 3rd party PHPmailer also works on PHP 7.3 with no issues. Upon testing this behavior with tcpdump I can see that with PHP 7.2, WordPress opens a connection to 127.0.0.1:25 and tries to send the message. With PHP 7.3 there are no attempts to establish such connection on lo interface nor any other. The following change results in: ""Invalid address: (setFrom) tester@proper-and-existing-domain.net"" {{{ --- wp-includes/pluggable.php 2019-02-08 15:37:38.459579000 +0100 +++ wp-includes/pluggable.php-debug 2019-02-08 15:37:29.683718000 +0100 @@ -364,7 +364,8 @@ $mail_error_data['phpmailer_exception_code'] = $e->getCode(); /** This filter is documented in wp-includes/pluggable.php */ - do_action( 'wp_mail_failed', new WP_Error( 'wp_mail_failed', $e->getMessage(), $mail_error_data ) ); + //do_action( 'wp_mail_failed', new WP_Error( 'wp_mail_failed', $e->getMessage(), $mail_error_data ) ); + print('DEBUG '.$e->getMessage().' DEBUG'); return false; } }}} " whatevs 4 46224 The additional CSS is not reflected in the editor has-patch Editor normal normal Future Release enhancement new 2019-02-10T06:24:54Z 2021-09-29T20:49:07Z "I think that the additional CSS should be reflected to the editor. What do you think? I did not know which file to write the code, so I made a sample plugin. https://github.com/inc2734/additional-css" inc2734 4 46226 PeerTube 'automatic' embed reporter-feedback Embeds normal trivial Future Release feature request new 2019-02-10T14:55:06Z 2019-09-03T18:42:12Z "Would it be possible to add support for automatic Peertube embeds, the same as YouTube embeds work. https://peertube.video/videos/watch/217eefeb-883d-45be-b7fc-a788ad8507d3 " haywardgb 3 46227 Add Rel-Feed Link to Header needs-unit-tests Feeds low trivial Future Release enhancement reviewing 2019-02-10T17:35:29Z 2021-05-13T20:03:29Z "When the front page is not the posts page, proposing that Core add a link in the header to the actual posts page, using the rel=feed designator. https://blog.whatwg.org/feed-autodiscovery Example <link rel=""feed"" type=""text/html"" href=""/posts"" title=""Posts Page"" /> This would allow a system to figure out where the posts page is." dshanske 35 46229 Email Direction dev-feedback Mail normal normal Future Release defect (bug) new 2019-02-10T21:53:27Z 2019-04-01T21:06:26Z "Hello WordPress, Thank you so much for changing the world. I am using the RTL layout of WordPress and all emails that I receive from WordPress, like changing password, reviewing a comment are in LTR direction. Hope you fix this in the next update or let me know that how can I fix it. Regards, Rahim" rahimvaziri 1 46232 "Merge or make-closer ""Customize"" and ""Edit {Thing}"" top-level toolbar items" dev-feedback Toolbar normal normal Awaiting Review enhancement new 2019-02-11T07:46:53Z 2023-05-10T00:07:14Z "As the lines start to blur between editing post-content and editing site-content, the purposes of the top-level toolbar ""Customize"" and ""Edit Post/Page"" type links is also. In a block-based world, the left-to-right order of these 2 links seems a bit odd: * Customize Site * Moderate Comments * Add New Stuff * Edit Thing Screenshot imminent." johnjamesjacoby 4 46233 Twenty Sixteen: Theme includes Screen Reader Text inside Card reporter-feedback Bundled Theme low trivial Awaiting Review defect (bug) new 2019-02-11T12:47:41Z 2021-10-26T23:35:14Z The function twentysixteen_entry_meta includes the screen reader text inside the span property using the author mf class. That means when parsed it would say, 'Author David Shanske' The screen reader text should be inside the byline span but outside the author vcard span. dshanske 2 46238 REST API: Allow conditional field registration needs-unit-tests REST API normal normal Awaiting Review enhancement new 2019-02-12T00:42:00Z 2020-10-25T12:49:27Z "`register_rest_field()` allows us to add additional fields to API call responses but it doesn't allow us to do so conditionally. in prior art we add a field and then remove it later when it's not needed. why would inclusion of a field be conditional? what is wrong with returning `null`? we came across this when wanting to add metadata to video files, which are `post` types and conflated with posts and other media attachments. we'd like to be able to just add fields to video file media requests and not pollute the responses for all of the other ""subtypes."" we'd also like to do it without resorting to surprising behaviors like adding and later removing them. in this ticket I'd like to propose two approaches to accomplishing this goal. the first is a bit clever but should make it possible to extend existing behaviors without breaking any code and without introducing further confusion on how to add fields. it uses a ""sentinel value"" passed into the `get_callback()` function which can be returned to indicate that the field should not exist. the second approach creates a new function `register_conditional_rest_field()` and provides a wrapped response format to indicate whether the field should be added. this approach is less idiomatic in my opinion as we're not used to returning wrapped values. --- I thought for sure I'd seen a discussion around this before but I couldn't find any tickets with my search. that being said I'm curious why this doesn't already exist as it seems like it could be a common need, though I'm not sure how the fact that media attachments are a bit odd in comparison to custom post types comes into play." dmsnell 7 46241 Bug Report: Creating Multiple Gallerys with Gutenberg and Latest WordPress antpb* Gallery 5.0.3 normal major Future Release defect (bug) accepted 2019-02-12T17:55:22Z 2020-02-21T01:23:38Z "Problem: All images in media library are added to Gallery after creating a new Gallery on the same page and choosing to edit it. Exact Steps to Reproduce: 1) Create a new gallery block using Gutenberg editor. Choose Upload and upload 3 images to the gallery. 2) Add a heading block to the page 3) Add another gallery block below that using the Gutenberg editor. Upload 3 new images to this gallery. 4) Once this is done, click the pencil icon to edit this gallery block What happens: You will see all the images in the entire media library are added and selected, and you have to manually deselect them. If you don't and hit Update Gallery it will add all of the images in the library to the gallery. " starcrescendo 6 46242 Heartbeat Posts, Post Types 5.0.3 normal normal Awaiting Review enhancement new 2019-02-12T21:51:08Z 2019-02-12T21:51:08Z "While Heartbeat has its merits, on some pages it isn't fully needed and it's also too hard to disable it properly. Would it be possible to add extra arguments to register_post_type with options to enable/disable heartbeat (and depending scripts (e.g. autosave, wp-remove-post-lock))? If it's not possible at least load heartbeat related files at the end of a page load (footer). With query monitor I noticed these ajax calls are loaded first before anything else. Kind regards, Kiarashi" mireillesan 46243 WordPress Comments Core Query dev-feedback Comments 5.0.3 normal normal Awaiting Review defect (bug) new 2019-02-13T03:48:45Z 2021-03-26T16:16:24Z "Hello, **Issue:** We have over 400K+ posts and I saw this slow query on any WordPress area on each page. We had 2M+ comments. **Question:** This Query is working on all pages on Dashboard or Settings, Plugin section and any sections why does it? It should works on only all Posts list? **Solution:** I have noticed that Header Bar has Comments Icon and that has displayed the Pending Comments count. I have tried to disable it via custom Filter for following. {{{ function admin_bar_remove_comments(){ global $wp_admin_bar; $wp_admin_bar->remove_menu('comments'); } add_action( 'wp_before_admin_bar_render', 'admin_bar_remove_comments' ); }}} **Slow Query:** {{{ SELECT comment_approved, COUNT( * ) AS total FROM wp_comments GROUP BY comment_approved }}} **Environment Information:** WP Version 5.0.3 (also tested 4.9.8) Theme: Twenty Seventeen (other themes) Plugins: Query Monitor Thanks." Uranbold 5 46250 smaller fonts for page navigation in admin in 5.1 Administration normal normal Awaiting Review defect (bug) reopened 2019-02-14T03:47:05Z 2019-03-22T13:25:45Z "In WordPress 5.1 I noticed the font used for going to the next page and previous page on admin pages got smaller (and thus harder to use). Here's what it looks like [https://drive.google.com/open?id=1itgRoXGUB8tIW8iJtog2tHe_5uPJ6s4d] The ""Posts"" page is okay since it uses the ""Tablenav-pages"" class. But for other plugins that don't use that class, it doesn't look very good. I found two with this problem: GigPress and AIOWPS. I see it's related to this change: https://make.wordpress.org/core/2019/01/14/new-styling-for-admin-table-pagination-links-in-wordpress-5-1/" joneiseman 2 46257 Deleting a page can break the permalink of other pages if it had media uploaded to it Permalinks 5.0.3 normal normal Awaiting Review defect (bug) new 2019-02-14T16:36:50Z 2020-06-04T23:30:48Z "Trashing and deleting a page can cause the permalink of another page to break the next time that page is edited. It is not obvious to the user that this will happen. It is also not obvious how to fix this, because when an image is not ""Uploaded To"" a particular page, it is not possible to edit the permalink. 1. Start with vanilla WP installation using twentynineteen and no plugins 1. Add New Page > Title: ""Cat"" 1. Add Block > Image > Upload > Pick the image > Open 1. Publish... > Publish 1. Media > Click on the image that was just uploaded, see that it says ""Uploaded To Cat"" 1. Edit more details > Edit (permalink) > Set to ""dog"" > OK > Update 1. The permalink should now be `http://localhost/cat/dog/` 1. Add New Page > Title: ""Dog"" > Publish... > Publish 1. See that ""Page address"" is `http://localhost/dog/` 1. Visit `/dog/` to confirm the page is displayed 1. Pages > Trash (Cat) > Trash (at the top of the page) > Empty Trash 1. Pages > Dog > Make a change, such as adding text to the existing block > Update 1. Document > Permalink > Notice that URL is now `dog-2` 1. Visit `/dog/` to see that instead of the page, the image is instead displayed " mallorydxw 46262 Twenty Nineteen: odd content_width in theme Bundled Theme 5.0.3 normal normal Future Release defect (bug) new 2019-02-16T17:54:33Z 2019-02-20T19:16:16Z "The global value $content_width is set to 640px in Twenty Nineteen. I can't see anywhere that this value even makes sense. Any text within an article is in a box 932px wide, and the posts themselves are in a container that is 1524px. Now, what does it matter? The theme displays things correctly via CSS, but this value is used by image optimization features in Jetpack and EWWW Image Optimizer (possibly others). The result is that we have 640px images (roughly) displaying in containers that are at least 932px. Best I can tell, Twenty Nineteen will display them at whatever size the user chooses: large=1024px, while full-width is 1905px, and wide-width is 1404px. Perhaps there is information from Gutenberg itself that can be leveraged by these plugins, but setting content_width to a more sensible default would be a good start." nosilver4u 1 46264 Page attributes 'ORDER' does not saving data for post-type 'post'. has-patch Editor 5.0 normal normal Awaiting Review defect (bug) new 2019-02-17T11:06:28Z 2024-02-20T10:15:46Z "I used {{{ add_post_type_support()}}} function to support 'page-attributes' for Menu Order at post-type 'post'. {{{#!php <?php function prefix_add_posts_order() { add_post_type_support( 'post', 'page-attributes' ); } add_action( 'admin_init', 'prefix_add_posts_order' ); }}} When I save the post after putting an integer value in the Order field then no value is saving on 'wp_posts' table 'menu_order' column and it does not also update on the editor page. But when I switch to TinyMCE editor it's working fine. " tanvirul 8 46266 Add auto-draft to list of statuses faked in get_sample_permalink() has-patch Permalinks normal normal Awaiting Review defect (bug) new 2019-02-17T15:07:12Z 2019-06-19T13:09:54Z "In the new editor, we currently have to wait for a manual save or publish in order to edit the permalink. I'm working on resolving this in https://github.com/WordPress/gutenberg/pull/12009. To facilitate immediate editing of the permalink, we need to know the permalink structure at the time the editor is initialized. #45017 added added the `permalink_template` to the REST posts controller. The solution there uses `get_sample_permalink()` to generate the `permalink_template` value. This works for certain non-published post statuses by [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/post.php?rev=44670&marks=1339-1343#L1339 faking the post status] to `publish` when running `get_permalink()`. However, when we initialize a new post in the block editor, the status is `auto-draft`. So it returns a standard non-pretty permalink in the format `/?p=123`. We don't know the permalink structure until a draft is manually saved, or the post is published. By adding `auto-draft` to this list of statuses that are faked as published, it will return the proper `permalink_template` for `auto-draft` posts. " earnjam 46267 Add generated_slug to REST API autosaves endpoint REST API normal normal Awaiting Review enhancement new 2019-02-17T15:24:09Z 2020-10-25T03:28:33Z "#45017 led to adding `generated_slug` and `permalink_template` to the posts controller. In order to facilitate more timely and accurate editing of permalinks in the new block editor, it would also be helpful to know about any unique slug conflicts by returning the `generated_slug` value on the autosaves endpoint as well. Otherwise we have to wait until a manual save or publish in order to check the true `generated_slug` value. See https://github.com/WordPress/gutenberg/pull/12009 for work on this and [https://wordpress.slack.com/archives/C02RQC26G/p1550404177056100 this Slack comment] for more details." earnjam 2 46278 Consider internationalization of delimiter: human_readable_duration has-patch I18N 5.1 normal normal Future Release enhancement new 2019-02-19T05:37:48Z 2019-02-19T13:42:11Z "I have a request for the human_readable_duration function added in version 5.1. Please make it possible to change the delimiter of concatenation by language. {{{ return implode( _x( ', ', 'duration' ), $human_readable_duration ); }}} " tmatsuur 3 46281 WP Query breaks if there are term_ids in tax_query are more than 192 General 5.0.3 normal normal Awaiting Review defect (bug) new 2019-02-19T16:30:06Z 2019-02-19T19:46:26Z "Hello. I have faced a very wired issue. I am using a WP_Query to get custom posts (more specific 'product') with a tax query of around 193 term_ids as array as NOT IN. The wired problem is that WordPress adds odd term_ids in the $query->request... It works great until I have 192 term_ids, but if I add more, the query gets wired and blocks everything. I am attaching the args and the query on a txt file. Check that I dont filter term_category 239 but you will see it in request" Seldimi 4 46283 Allow filtering post-type archive rewrites has-patch Posts, Post Types 3.1 normal normal Awaiting Review enhancement new 2019-02-20T02:59:18Z 2019-02-20T02:59:18Z If one wishes to introduce additional query arguments into a post-type archive's rewrite structure, the current options are rather cumbersome: filter the rewrites as they're generated, filter the whole rewrites array, or reproduce a considerable amount of logic from `WP_Post_Type::add_rewrite_rules()`. By introducing a few filters on the archive-specific rewrites, it becomes far easier to customize a post type's archive rewrites. ethitter 46285 Search colums of WP User Query vars is not updated after applying user_search_columns filter Query 4.9.8 normal trivial Awaiting Review defect (bug) new 2019-02-20T08:21:54Z 2019-02-20T08:21:54Z While preparing the query variables of WP_User_Query , it appears that, after applying user_search_columns filter, the possibly modified array search_columns in WP_User_Query->query_vars argument is not updated . wonderyan 46287 Add insert_ignore() method to wpdb to avoid unecessary boilerplate code has-patch Database normal normal Awaiting Review feature request new 2019-02-20T09:43:09Z 2019-02-20T10:44:33Z It's a very useful query, and easy to add to the core. Its usage would be less error prone, and code a lot DRYer if it were officially supported. lev0 46288 'get_extended' breaks when using 'more' gutenberg block Posts, Post Types 5.0 normal normal Future Release defect (bug) new 2019-02-20T10:21:14Z 2019-04-24T06:21:18Z "'get_extended' returns the closing tag <!-- /wp:more -->' in the extended content, which prevents 'the_content' filter from working correctly. Steps to replicate: {{{#!php <?php // Fetch post content $content = get_post_field('post_content', get_the_ID()); // Get content parts $content_parts = get_extended($content); echo apply_filters('the_content', $content_parts['extended']); }}} Quick workaround (wp-includes/post.php line: 592): {{{#!php <?php $post = str_replace('<!-- /wp:more -->', '<!-- /more -->', $post); }}} " joewebber 1 46292 Bump `set_time_limit()` at the start of the update process, instead of mid-way. dev-feedback Upgrade/Install normal normal Awaiting Review defect (bug) new 2019-02-21T02:23:37Z 2022-12-15T21:44:11Z "Currently WordPress calls `set_time_limit( 300 )` before it installs an update, however it calls this at the point between unzipping the files, and copying them into place. For plugins/themes/translations/etc it's [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/class-wp-upgrader.php?marks=466#L447 this call] for core it's [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/update-core.php?marks=882#L869 this one]. This, combined with the much higher core package sizes (More than doubled since 3.7) results in some people hitting the default php execution cap of 30 seconds during the download phase when testing locally (For example, 11MB @ 2.5mbit/s = 35 seconds). To make it more 'annoying', The `core_upgrader` Lock is put in place before the package is downloaded, so if they run into the timeout during downloading, the lock will still be in place in `wp_options` for 15 minutes. `set_time_limit` should be set at the start of the process, likely at the point of the locks being created, before downloads have begun." dd32 1 46294 wp rest api fails to paginate page requests correctly when ordering on menu_order Query 5.4.1 normal normal Future Release defect (bug) new 2019-02-21T06:00:48Z 2021-04-12T21:58:19Z "**Describe the bug** Gutenberg and wordpress fails to render the parent page dropdown correctly when there are more than 100 pages and the pages have various menu_order values set. The problem is that gutenberg calls the wordpress rest api like this, getting 100 items at a time. http://server/wp-json/wp/v2/pages?per_page=100&exclude=890&parent_exclude=890&orderby=menu_order&order=asc&context=edit&_locale=user http://server/wp-json/wp/v2/pages?per_page=100&exclude%5B0%5D=890&parent_exclude%5B0%5D=890&orderby=menu_order&order=asc&context=edit&_locale=user&page=2 This results in the following 2 sql queries: `SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.ID NOT IN (890) AND wp_posts.post_parent NOT IN (890) AND wp_posts.post_type = 'page' AND ((wp_posts.post_status = 'publish')) ORDER BY wp_posts.menu_order ASC LIMIT 0, 100` `SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.ID NOT IN (890) AND wp_posts.post_parent NOT IN (890) AND wp_posts.post_type = 'page' AND ((wp_posts.post_status = 'publish')) ORDER BY wp_posts.menu_order ASC LIMIT 100, 100` When ordering on a non unique field like menu_order you need to also add a second unique ordering field like ID ,, See https://bugs.mysql.com/bug.php?id=72076 See the answer from Tor Didriksen. This is very critical bug because it means that if the current pages parent is missing in the parent page dropdown and you click update it means that the menu order for that page will be reset and this means i cant use gutenberg. **To Reproduce** Steps to reproduce the behavior: 1. Create around 200 pages. 2. Set menu_order != on some of the pages. 3. edit any of the pages. 4. the parent page dropdown is missing pages **Expected behavior** the rest api should add some unique order by field to prevent the same items from coming on page 1 and 2 of the requests. " hobzhobz 19 46296 Posts set to 'private' and password protected should return a 403 HTTP header status has-patch Posts, Post Types normal minor Awaiting Review defect (bug) new 2019-02-21T09:47:51Z 2023-07-10T16:17:33Z "These currently output a 200 status, which may result in search engines and external agents indexing them. If the user doesn't have access permissions, a 403 header status should be returned. [[Image(https://ci3.googleusercontent.com/proxy/1s4a4RyK3Oxal9c6hENPJ8kBEsn7Dc3AnwjdTUsFPg-Yg2Eb5PSOTCZWzm6v6CM3Jb_F7Oerojh9MPVkkivaxGdsuITKENP-D7FbF8a9JDFDFH-D77zEKyKXnHM3nqHrtOgMFCrg68sS4j1HtnO5m3j3PQaA=s0-d-e1-ft#https://user-images.githubusercontent.com/487629/53154266-af22e680-35ba-11e9-9f4e-eb520634ffff.png)]]" jonoaldersonwp 5 46301 Customizer iframe warning reporter-feedback Customize 5.1 normal minor Awaiting Review defect (bug) new 2019-02-21T22:46:34Z 2021-05-30T19:44:25Z "The preview in customizer (customize.php) causes a warning message in the browser console: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing. Content Security Policy: Ignoring ‘x-frame-options’ because of ‘frame-ancestors’ directive." mensmaximus 1 46305 Update emails w/ placeholders to use sprintf I18N normal normal Awaiting Review enhancement new 2019-02-22T05:45:55Z 2019-02-22T06:48:49Z "In #32263 several comments for 'Do not translate...' placeholders in email content were introduced. This has been the convention it seems throughout core. This puts the onus on translators to read those comments as well as not accidentally change them or drop one of the surrounding # characters on many of them. Can this simply be switched to sprintf functions with numeric placeholders and the translator comments be updated to indicate the placeholders. This seems a little nicer of an approach than simply saying don't do something and hoping for the best. Here's all the instances I've found; https://github.com/WordPress/WordPress/blob/56c162fbc9867f923862f64f1b4570d885f1ff03/wp-admin/ms-delete-site.php#L49-L67 https://github.com/WordPress/WordPress/blob/50ddffbac37fdae9298d1f11fe1dd7b8535fc839/wp-includes/user.php#L2015-L2029 https://github.com/WordPress/WordPress/blob/50ddffbac37fdae9298d1f11fe1dd7b8535fc839/wp-includes/user.php#L3036-L3052 https://github.com/WordPress/WordPress/blob/0b15142c0bb375fee19f9576356bf2aac2a56d2a/wp-includes/ms-functions.php#L1544-L1560 https://github.com/WordPress/WordPress/blob/0b15142c0bb375fee19f9576356bf2aac2a56d2a/wp-includes/ms-functions.php#L2275-L2289 https://github.com/WordPress/WordPress/blob/dcdfd7f412cb83f43116f6e37d7bfba4b4673cde/wp-admin/includes/file.php#L2204-L2218 https://github.com/WordPress/WordPress/blob/729c8e875fd84e29cb26103ee43eec7f67a61f6e/wp-admin/includes/misc.php#L1244-L1262 https://github.com/WordPress/WordPress/blob/c204ac4bc7972c9ca1e6b354ec8fb0851e255bc5/wp-includes/functions.php#L6473-L6486" garrett-eclipse 3 46307 Custom admin menu items don't provide their title on medium breakpoint garrett-eclipse Administration normal normal Future Release defect (bug) assigned 2019-02-22T06:52:05Z 2019-02-22T17:11:21Z "With custom admin menus if no submenu is provided for them they don't have a flyout on hover which on medium breakpoint leaves them only identified by their icon. Note: Core menus all have submenus so this only affects custom menus developers introduce. It would be nice to still provide the submenu flyout with only the wp-submenu-head item present as that would provide the title of the item. The submenu items are introduced here with the first item being the wp-submenu-head. Am thinking moving the empty check into the ul would leave the flyout providing the title. https://github.com/WordPress/WordPress/blob/92aa2f9e92a4e1ad5471d87d5292587c5cee5702/wp-admin/menu-header.php#L178-L250" garrett-eclipse 3 46309 Image upload failures when using Gutenberg gallery block. Media 5.1 normal major Awaiting Review defect (bug) reopened 2019-02-22T10:11:29Z 2019-04-10T17:54:51Z "Transferring a Gutenberg issue from Github over to trac: https://github.com/WordPress/gutenberg/issues/8935 Many users are experiencing a ""The response is not a valid JSON response"" error when uploading images, usually caused by a timeout on the server. In response to this, there was a change to the client side code in Gutenberg to upload images serially rather that in parallel. This improved things, but the error still seems to be happening for some users. In my own testing I had to use multiple huge images to reproduce an error. Errors happened much more frequently uploading directly to the gallery block than when using the standard media uploader—I'm not sure if there's a chance the REST endpoint might be somehow less optimised than the async-upload endpoint that the media library uses. Some details of the timeouts I received are here: https://github.com/WordPress/gutenberg/issues/8935#issuecomment-466306820" talldanwp 10 46314 JSON strings in postmeta issue Options, Meta APIs 5.2 normal normal Awaiting Review enhancement new 2019-02-22T11:02:38Z 2019-02-22T13:44:07Z "Using and storing data as JSON is becoming more and more widely used. Also in the course of the increased future use of JavaScript for the WordPress admin area. JSON strings could be part of an serialized array in the postmeta database value. Unfortunately update_post_metadata() removes all backslashes and may destroyes JSON string syntax if protected quotes are included in the JSON string. In general all stored backslashes in postmeta will removed whether from a JSON string or part of an code example value etc. update_post_metadata() should not change the value at all. This is what to expect from this and any other function that takes a value to store that value in the database. update_post_metadata() is used by many plugins and themes without providing wp_slash() to the value before. Is there a chance to solve that problem? Cheers Johann " Jonua 4 46315 Block editor columns left margin issue on reduced screen width General 5.0 normal normal Awaiting Review defect (bug) new 2019-02-22T11:51:18Z 2019-02-24T23:02:42Z "Hi, I noticed a problem when using columns and reducing the screen width below about 768px the child columns still have a left margin (32px) included which means they are offset from the first instance. This has been evident in all versions of the block editor so far and is still there in 5.1. See image attached. Steve" ScalarEnt 5 46321 "rel=""noopener noreferrer""" General normal normal Awaiting Review defect (bug) new 2019-02-22T14:59:08Z 2019-02-22T15:34:59Z "It seems that version 5.1 adds noopener noreferrer to all links automatically. When i save blocks, they always crash beacause of this new feature. This happens, because when i save a block, it adds automatically rel=""noopener noreferrer"" to any of my a links. Then back in editor, the block breaks because the editor expects the rel value, but that value is no present. in js console, i can see that the expected and actual difference is just missing the rel value. Funny is, when i check the differenc in editor mode with the diff tool, there is no difference. At this point, the rel value is added to all of the links." berginformatik 1 46329 sanitize_text_field after 5.1 update should account for __toString() methods Formatting 5.1 normal normal Awaiting Review enhancement new 2019-02-23T15:34:50Z 2019-02-24T22:54:46Z "Since 5.1 the `sanitize_text_field` changed to check if the parameter is an object or array. That broken one of my codes and possibly for other people too because I was passing a `SimpleXMLElement Object`. It has a magic `__toString()` method that gets called when you do that type conversion. As @iCaleb suggested in #41450, we may want to add another check. {{{#!php <?php if ( ( is_object( $str ) && ! method_exists( $str, '__toString' ) ) || is_array( $str ) ) { return ''; } }}} " fclaussen 1 46330 Preview showing commented HTML reporter-feedback General 5.1 normal normal Awaiting Review defect (bug) new 2019-02-23T15:54:17Z 2019-02-24T22:48:15Z "The way previews are generated in WP 5.1 have changed from 4.x. IIRC, previously the page was saved to the database and a preview was read as HTML from there. Now previews feel slower and seem to be generated through another mechanism A number of errors are appearing in the new (?)generated(?) pages. 1) Commented HTML is showing when it should be hidden. 2) On my own site, some duplicate database results appear when they should be consolidated into one line. In my case, these are for events that ran across several days. Note: pages show as intended when page is saved and viewed normally. This issue with preview only appeared for me when I moved to WP 5.1" painter602 1 46333 wp_mail successfully working but not sending mails - WordPress 5.1 needs-unit-tests Mail 5.1 normal major Awaiting Review defect (bug) new 2019-02-23T19:00:10Z 2020-06-04T17:53:02Z The function wp_mail is used by many plugins and always giving a success message but never really sending mails out. JulesPryla 3 46334 wp_localize_script did not output anything in wp_print_footer_scripts hook although document suggested that it should be working Script Loader 4.9.8 normal major Awaiting Review defect (bug) new 2019-02-24T01:10:11Z 2019-02-24T01:10:11Z "Note: it should be WordPress 4.9.9 but the version list did not provide this option According to this page, there is a statement showing that the ""localize"" can be achieved at the last chance hook ""wp_print_footer_scripts"" https://codex.wordpress.org/Function_Reference/wp_localize_script The last chance to localize your script would then be on the 'wp_print_footer_scripts' hook. However, I have tried the following code, it did not showing up. I tried to trace back the original localize() function and even looking into the WP_Dependencies class, I only find that it is added to the queue for localize() but it is gone at print_extra_script() stage. Cannot find out the exact reason, maybe due to the enqueue process and timing is only allowed to be used in the ""wp_enqueue_script"" hook. The following is working. {{{#!php <?php function theme_enqueue_scripts() { wp_enqueue_script( 'handle_name_js', SOMEWHERE . '/js/custom.js', array( 'jquery' ), false, true); wp_localize_script( 'handle_name_js', 'memberMeta', array('member' => 'list') ); } add_action( 'wp_enqueue_scripts', 'theme_enqueue_scripts', 12 ); }}} Since my page have a variable appear almost end of the page so I need to localize it in later time and considered ""wp_print_footer_scripts"" hook, so I tried like this: Adding the handle first and localize it in later time. {{{#!php <?php function theme_enqueue_scripts() { wp_enqueue_script( 'handle_name_js', SOMEWHERE . '/js/custom.js', array( 'jquery' ), false, true); } add_action( 'wp_enqueue_scripts', 'theme_enqueue_scripts', 12 ); function set_member_meta() { global $team_member_meta; // var_dump() something here, proved that this function is called and got the variable // where $team_member_meta is as simple as even array('1234') or array('member' => 'list') // tried also putting here but not working as well, the handle is also being queued but gone in output // wp_enqueue_script( 'handle_name_js', SOMEWHERE . '/js/custom.js', array( 'jquery' ), false, true); // did not output anything wp_localize_script( 'handle_name_js', 'memberMeta', $team_member_meta ); } add_action( 'wp_print_footer_scripts', 'set_member_meta', 20 ); }}} I have traced through core, the handle data is added actually. But it is out of my ability to trace the exact point of problem because it is pointing from a to b and b to c with many checking or modifiers, I am not familiar enough with the core nor have enough debugging technique in dealing with wordpress hooks. I run the above code inside functions or functions required php files in theme folder. Because it is not working as expected nor as suggested in the document and the trace of the code is also showing that the handle is finally gone before using it. So I think it is possibly a bug. " simongcc 46338 taxonomy_meta_box_sanitize_cb_checkboxes: Warning: array_map(): Expected parameter 2 to be an array, string given Taxonomy 5.1 normal normal Awaiting Review defect (bug) new 2019-02-25T02:30:33Z 2019-02-25T02:30:33Z "Since upgrading to WordPress 5.1.0, when editing a custom post type I get a PHP error: > ( ! ) Warning: array_map(): Expected parameter 2 to be an array, string given in wp-admin/includes/post.php on line 2005 {{{ /** * Sanitizes POST values from a checkbox taxonomy metabox. * * @since 5.1.0 * * @param mixed $terms Raw term data from the 'tax_input' field. * @return array */ function taxonomy_meta_box_sanitize_cb_checkboxes( $taxonomy, $terms ) { return array_map( 'intval', $terms ); } }}} register_taxonomy: `hierarchical` is set to true. The $_POST looks like: `tax_input[chapter-type]: -1` The value of `$terms` passed to `taxonomy_meta_box_sanitize_cb_checkboxes` is equal to `-1` The HTML that sends this info along, rendered by extended-cpts, looks like: {{{ <select name=""tax_input[chapter-type]"" id=""chapter-typedropdown"" class=""postform""> <option value=""-1"">No chapter type</option> <option class=""level-0"" value=""55"">Numberless</option> <option class=""level-0"" value=""54"">Standard</option> </select> }}} If I manually specify `'meta_box_sanitize_cb' => 'taxonomy_meta_box_sanitize_cb_input'` as an arg in `register_taxonomy` the bug goes away. The problem is, since no callbacks are specified, and since hierarchical is true, WordPress 5.1 sets up `taxonomy_meta_box_sanitize_cb_checkboxes` which doesn't work on $terms that are not an array. It was working fine before. Commit that broke things: * [WordPress/wordpress-develop@4ec5d65](https://github.com/WordPress/wordpress-develop/commit/4ec5d65dcc2e480506c22dc77e56af8a6334a33e) Change in 5.1.0 that weren't in 5.0.3 * https://github.com/WordPress/wordpress-develop/blob/5.1.0/src/wp-includes/class-wp-taxonomy.php#L360 * https://github.com/WordPress/wordpress-develop/blob/5.0.3/src/wp-includes/class-wp-taxonomy.php#L346 Related: * https://github.com/johnbillion/extended-cpts/issues/116" conner_bw 46342 Error messages in the Dashboard for Editor Role General normal normal Awaiting Review defect (bug) new 2019-02-25T15:31:00Z 2019-02-27T15:18:08Z "After logging in and clicking on All Posts tab in the left sidebar, I have an editor that gets an error screen that prevents him from entering the Posts page. It says: ""The editor has encountered an unexpected error."" And there are only three buttons to click, they say: ""Attempt Recovery"" ""Copy Post Text"" ""Copy Error"" This has happened now on two accounts on the same computer, since I created a new account for the editor. Another editor logged into his corrupted account and did not experience the problem Computer specs are: Processor: Intel(R) Atom(TM) x5Z8350 CPUT @ 1.44GHz. Ram: 4.00GB (3.83GB Usable) System Type: 64-bit operating system, 64x based processor Windows: Windows 10 Home Edition Version 1803, OS build 17134.590 Browsers: Opera and Chrome Do you think his computer is causing the problem?" rexxertt 2 46346 Page counts and related calculations typically expect and document ints but are actually floats SergeyBiryukov has-patch General normal minor Future Release defect (bug) reviewing 2019-02-26T02:22:17Z 2021-10-13T18:27:34Z Should be an int, not calculated using rounding, preventing off-by-one errors. lev0 20 46347 WP_Term_Query where sql_clauses oddity Query normal normal Awaiting Review defect (bug) new 2019-02-26T02:37:08Z 2019-02-26T03:03:52Z "Hello, I was messing around with a customized version of the WP_Term_Query and noticed something odd. In the function get_terms, there are a lot of places where {{{$this->sql_clauses['where'][somekey]}}} variables are created. However, on line [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-term-query.php#L642 643], this code : {{{#!php $where = implode( ' AND ', $this->sql_clauses['where'] ); }}} only uses the first sub array value found and ignores all the other keys. Shouldn't this be: {{{#!php $where = implode( ' AND ', array_values($this->sql_clauses['where'])); }}} so that all array elements are included in the where?" vrandom 46350 "If a term is '0' clicking on its ""Count"" value displays all posts" has-patch Taxonomy 3.1 normal normal Future Release defect (bug) new 2019-02-26T15:12:09Z 2019-04-26T22:21:47Z "To replicate: * Create a post category named ""0"" (just the number without quotes). * Assign a few posts to this category. * Go to WP-Admin > Categories and the ""Count"" column in the ""0"" row will display the number of posts assigned to this category. Click on this number. Now instead of displaying posts with the category ""0"", all posts are displayed irrespective of the category. This issue isn't unique to post categories. It happens with custom taxonomies too." jesin 3 46352 Using a single quote locks up UI reporter-feedback Customize normal normal Awaiting Review defect (bug) new 2019-02-26T20:52:41Z 2021-12-15T06:11:40Z "Using the latest versions of WP and WC, and the Twenty-Sixteen theme while updating the appearance, and entering the Site Header Tagline, I tried to use a single quote. The entire UI locks up and goes to la-la land.. After a few Chrome says ""this page is unresponsive..."" Thought maybe someone might like to know about it.. Havent tried other themes or text lines.. Thanks " grampysbbq 1 46354 Update Count - Value Should Change as Updates are Applied dev-feedback Administration 5.1 low trivial Future Release enhancement new 2019-02-26T22:58:59Z 2020-02-14T10:54:33Z "The Update Count, shown in the Admin Bar, and the Admin Menu (against 'Dashboard' > 'Updates', and optionally against 'Plugins') should change to reflect the outstanding number of Updates available as Updates are Applied, whether they are applied individually on the Plugin Screen, or in bulk through the Updates Screen. This is not a high priority issue at all, but an extremely minor cosmetic change. I suspect that Javascript could be used to change the value as an Update completes successfully in any scenario. " Lucanos 1 46361 WPMU - HTTP Request at root path with special character in query key name causes endless loop Networks and Sites 5.1 normal critical Awaiting Review defect (bug) new 2019-02-27T15:38:41Z 2020-12-15T18:46:45Z "Dear WP Team, I observe the following erroneous behavior running WPMU at the latest Version (5.1), but this behavior regards at least version 4.98. If I call a site from a WPMU instance without a context path but with a query key containing a sepcial character, the http-request ends in an endless loop. Affected are at least german umlaut and special characters like [öäüÖÄÜß], but charachters like [§] as well. **For instance www.pleaseuseyourdemowpmuinstance.com?äöüfoo** I'm quite sure that this is a WordPress bug, cause the http response has following header. **""x-redirect-by WordPress""** So the redirect doesnt seem to be from any loadbalancer, cache server or webserver. I hope to have contributed a bit to your great work, thank your very much! Best Regards, Reza Anwar " ranwar 1 46364 update.php coding standards:trigger_error() function has-patch Administration normal normal Awaiting Review defect (bug) new 2019-02-27T19:26:33Z 2019-04-01T18:56:43Z "Update.php in trigger_error() used three time code, but i do make one function and pass this function name and his variables. **See the patch :**" utsav72640 2 46366 Posted Date - Field Arrangement - Reflect Locale Format OR Combine Fields Date/Time 5.1 normal trivial Awaiting Review enhancement new 2019-02-27T23:01:22Z 2019-05-27T17:19:04Z "In the ""Quick Edit"" form, as well as the Classic Editor's ""Publish"" Metabox, show 5 fields for entering the Publish Date for a Page/Post. [Month (Select)] [Day (Text)], [Year (Text)] @ [Hour (Text)]:[Minutes (Text)] This is the American format, with Month first, but is not a common format outside of the US. Even when the Date format is changed in Settings, that selected format is not used to arrange the Date Entry fields noted above. Suggestion: Integrate a JS Library which allows DateTimes to be entered in various formats, in a single field, and then be processed to produce a value in the format which is required. Example: I should be able to write a DateTime as ""2019-2-28 10:00"" and for that to be converted to ""2 Feb 2019 10AM""." Lucanos 1 46372 Missing Proxy Support in Requests/Transport/cURL.php HTTP API 5.1 normal normal Awaiting Review defect (bug) new 2019-02-28T11:14:06Z 2019-02-28T11:14:06Z "A Request via wp_remote_get() tries to connect directly to the external URL and returns ""cURL error 28: Connection timed out after 10000 milliseconds"". During research i found the reason in the Requests/Transport/cURL.php because it ignores the WP_PROXY settings from the config.php. solution/workaround: {{{#!php //added curl_setopt( $this->handle, CURLOPT_PROXY, 'proxy.xxx.de' ); curl_setopt( $this->handle, CURLOPT_PROXYPORT, 80 ); curl_exec($this->handle); }}} " einxperiment 46376 Right hand column (update page) gets stuck reporter-feedback Editor 5.1 normal normal Awaiting Review defect (bug) new 2019-02-28T16:43:03Z 2020-11-30T04:50:15Z "Not sure how to explain this: 1) Edit a page 2) If page has a warning notice at top, e.g ""there is a more recent version of this page, restore?"" 3) Right hand menu will scroll down as you go down the page, but not back up. So if you edit something at the bottom of the page, you can't get back to the save button. 4) Dismiss the warning notice before you scroll and the menu works normally." TPDave 1 46379 REST API posts/pages response to include scripts needed for display of post content REST API normal normal Future Release feature request new 2019-02-28T19:11:35Z 2020-10-24T05:25:49Z "Often post body is dependent on external scripts and stylesheets in order to be displayed correctly, but there is no way to discover what those scripts/stylesheets are. This problem was encountered in Gutenberg on https://github.com/WordPress/gutenberg/pull/9734, and the fix was to filter the REST API response to include the list of scripts. You can't know what the scripts are required ahead of time, especially if the API client code is being run from a different server. Shortcodes and Gutenberg blocks can dynamically add scripts and stylesheets. So, I think the problem is three-fold: 1. How to detect what scripts/stylesheets are required to display a particular page/post body 2. How to return that information over the REST API 3. How can API clients (like the backbone client) use that to display the post's body correctly (with the required javascript/stylesheets)" mnelson4 6 46382 [walker-nav-menu] Undefined property stdclass::$current in class-walker-nav-menu.php has-patch Menus 5.1 normal normal Awaiting Review defect (bug) new 2019-03-01T08:24:53Z 2023-06-14T15:34:35Z "In **wp-includes/class-walker-nav-menu.php line 177** there's a missing ''empty();'' function around ''$item->current''. Causes PHP errors everywhere ''wp_nav_menu();'' function occurrence: {{{ $atts['aria-current'] = $item->current ? 'page' : ''; }}} Should be: {{{ $atts['aria-current'] = ! empty( $item->current ) ? 'page' : ''; }}}" winston_wolf 5 46388 WP_User::get_data_by(): Cache non-existent users to prevent triggering multiple queries reporter-feedback Cache API 5.2 normal normal Future Release enhancement new 2019-03-01T11:24:01Z 2021-06-15T19:14:20Z "Assume you use the WP_User::get_data_by() function to get the main user fields queried against an ID: {{{ WP_User::get_data_by('ID', 1337); }}} If you call this function multiple times - by calling the function directly or indirectly by using functions like get_userdata or get_avatar - and an user with the given ID does not exist, the database-query is getting executed multiple times resulting in duplicate queries: {{{ SELECT * FROM wp_users WHERE ID = '1337' }}} To prevent triggering multiple queries, non-existing users should get stored inside the WP Object Cache similar as in the get_option() function for non-existing options. The attached patch checks if the user ID exists in the WP Object Cache inside of the notusers-array so the WP_User::get_data_by() function returns FALSE if this is the case: {{{ // Prevent non-existent users from triggering multiple queries $notusers = wp_cache_get( 'notusers', 'users' ); if ( isset( $notusers[ $user_id ] ) ) { return false; } }}} If the user is not existent in the notusers-array but he also does not exist inside of the database, the user gets added to the WP Object Cache before the WP_User:get_data_by() function returns FALSE: {{{ // User does not exist, so we must cache its non-existence if ( ! is_array( $notusers ) ) { $notusers = array(); } $notusers[ $user_id ] = true; wp_cache_set( 'notusers', $notusers, 'users' ); }}} " Asgaros 2 46389 Post Form Code Editor Issue has-patch Editor 5.1 normal normal Awaiting Review defect (bug) new 2019-03-01T11:29:05Z 2020-11-12T06:02:03Z "I saw this on my mobile. When I switched to code editor then the title box and content box got cut and there was a scroll bar to scroll left-right, but this is fine with the visual editor. Please see: https://uploadfiles.io/jgnls" prashantvatsh 3 46390 image_default_link_type is not seen by Gutenberg Media 5.1.1 normal normal Awaiting Review defect (bug) reopened 2019-03-01T12:34:42Z 2022-04-05T02:26:53Z "I have in option.php the image_default_link_type set to file so that by default the ""link to "" for all media files is by default set to media. Since upgrading to Gutenberg 5.1, this feature appears to be deactive." brianjcameron 7 46394 Create a Function to Allow the WordPress Search to Only Return Results from a Specified Post Type General normal normal Awaiting Review feature request new 2019-03-01T17:24:37Z 2019-03-01T17:54:34Z "Hi I'd like to install the WP search box on a custom post type archive page and have it only return results from this custom post type. Is there any way in the future WordPress could allow you to add a parameter to the get_search_form() function (or create a similar function) that would allow this? An example being, if I had a custom post type called jobs, when I add the WP search box on the jobs archive page I could add 'jobs' as a parameter so it only returned matches from the jobs post type i.e. get_search_form('jobs') This would be so awesome." pauljohnknight 1 46404 Emoji detection not working on Android 8.1/Chrome 72 Emoji 5.1 normal normal Future Release defect (bug) assigned 2019-03-03T08:49:30Z 2021-01-14T20:24:22Z "On my phone with Android 8.1, emoji detection script doesn't seem to work. I have created this site based on wp-themes.com for demo: https://output.jsbin.com/teyocehaci Here's how it displays. [[Image(https://i.imgur.com/K8n0WU3.png)]] The two emoji are: Man Facepalming: Light Skin Tone and Woman: Medium-Light Skin Tone, Red Hair The first emoji displayed is native, implying that the test thinks that the browser supports Unicode 11. " superpoincare 26 46405 The editor has encountered an unexpected error Editor 5.1 normal normal Awaiting Review defect (bug) new 2019-03-03T11:46:32Z 2019-03-03T16:21:06Z "Hello My website is perkune.com I am using Mac OS 10:14:3 and everything updated OK I have been using the editor since it came out latest version 5.1 I have been tring to edit an existing blog and insert a new image but a message says The Editor has encountered an unexpected error also This block has encounted an unexpected error This is when I want to add an image - I can add text OK - Please canb you help Best regards paul " paulgoodwin 2 46412 Make shortcode attributes case-insensitive? shortcode_parse_atts Shortcodes 5.1 normal normal Awaiting Review enhancement new 2019-03-04T15:44:12Z 2019-03-04T18:49:11Z "**When specifying default attributes in the callback function of my registered shortcode:** {{{#!php <?php function some_shortcode_callback( $user_attributes = array() ) { $default_attributes = array( 'someShortcodeAttribute' => null, ); $attributes = shortcode_atts( $default_attributes, $user_attributes ); print_r($default_attributes); print_r($user_attributes); print_r($attributes); // .... } }}} **If the user requested this:** {{{ [some_shortcode someShortcodeAttribute=""test""] }}} **I would expect this:** {{{ Array ( [someShortcodeAttribute] => ) Array ( [someShortcodeAttribute] => test ) Array ( [someShortcodeAttribute] => test ) }}} **but instead, I'm getting this:** {{{ Array ( [someShortcodeAttribute] => ) Array ( [someshortcodeattribute] => test ) Array ( [someShortcodeAttribute] => ) }}} This would always produce the default shortcode attribute and never honor the user specified shortcode attribute. Which, in my opinion, is wrong. The user requested a camel-case shortcode attribute and the shortcode was built to accept camel-case shortcode attributes. The result should be a parsed camel-case array key and respective value pair. Can we remove the `strtolower` calls on the shortcode attributes? " michael.ecklund 1 46415 Twenty Nineteen: Responsive featured image Bundled Theme normal normal Awaiting Review defect (bug) new 2019-03-05T07:48:06Z 2019-11-14T16:02:37Z "Hi, On twentynineteen theme the srcset feature use a worst image quality. If the screen is e.g. 1600 pixels wide it takes the 1200 pixels thumbnail. I don't know if it's wanted. Thanks." SGr33n 46418 Use wp_die() instead of die() function in wordpress close Administration normal normal Future Release enhancement reviewing 2019-03-05T12:01:39Z 2023-09-15T09:54:03Z "When use the wp_json_encode() function that time you should use wp_die function instead of die() function. Because wp_die() function do Kill WordPress execution and display HTML message with error message." immeet94 16 46422 "Improve the Customizer header ""placeholder""" Customize normal normal Awaiting Review defect (bug) new 2019-03-05T18:42:24Z 2020-03-23T18:52:51Z "Splitting this out grom #43151. In #43151, all the Customizer ""placeholders"" used for the site logo, site icon, background image, and media widgets have been replaced with real `<button>` elements. For more details, please refer to that ticket. There's one special case left though: the header image ""placeholder"". This ""box with dashed border"" looks like a clickable thing but it's not clickable. The header image control works in a very peculiar way and its ""placeholder"" is only informative. Also, it has a few different states, depending on the current setting (see screenshot below). Its purpose is to communicate different states: - no image - randomizing uploader headers - randomizing suggested headers - finally, when a single image is set as header, it's replaced by the image To remove the potential confusion, I'd like to propose the simplest option: just make it look ''not'' clickable. Making it look like an ""info"" notice (the one with the blue border on the left), would make it clear it just communicates the current state and it's not clickable. " afercia 1 46423 Posts on wp-admin page should be ordered by date_gmt and not date Posts, Post Types normal trivial Awaiting Review defect (bug) new 2019-03-05T19:28:23Z 2021-02-08T16:37:24Z "I believe the dates should be ordered by the absolute value of time (ie, UTC time) instead of by timezone. To illustrate, Current post sequence > Two [@ UTC 1900 (my timezone is set to New York UTC-5 1300)] > One [@ UTC 1800 (my timezone is set to UTC 1800)] Since 1300 is before 1800. Ordered by my `date` ---- Proposed post sequence > One [@ UTC 1800 (my timezone is set to UTC 1800)] > Two [@ UTC 1900 (my timezone is set to New York UTC-5 1300)] Since 1800 is before 1900. Ordered by absolute `date_gmt`." nickylimjj 3 46440 WP_Roles data doesn't load correctly when 'switch_to_blog' is called in a multisite. Role/Capability 5.1 normal normal Awaiting Review defect (bug) new 2019-03-08T03:07:08Z 2019-03-08T16:35:38Z On `switch_to_blog` call, eventually it will come to `get_roles_data` method of `WP_Roles` through `switch_blog` hook. Then this method checks `is_multisite() && $this->site_id != get_current_blog_id()`, but `$this->site_id != get_current_blog_id()` will always be false, because the current blog id is already set in `switch_to_blog`, hence it fails to load the data. syammohanm 2 46451 wp_dropdown_users() does not pass all applicable arguments on to get_users() Users normal normal Awaiting Review defect (bug) new 2019-03-08T23:17:09Z 2019-03-09T19:56:38Z "The docs for `wp_dropdown_users()` say of the `$args` param: Array or string of arguments to generate a drop-down of users. See WP_User_Query::prepare_query() for additional available arguments. However, not **every** argument accepted by `WP_User_Query::prepare_query()` is passed on to `get_users()`: there is a specific whitelist, and some very useful args are not included in that whitelist (e.g., `meta_query`). Instead, the arguments used by `wp_dropdown_users()` for generating the HTML markup of the dropdown should simply be removed from `$args` and anything left over should be passed to `get_users()`. Not only would this bring the behavior of `wp_dropdown_users()` into conformance with its docs, it would have the added benefit of future proofing it: if a future release adds additional args to `get_users()`, the whitelist in `wp_dropdown_users()` wouldn't have to be adjusted to accept them." pbiron 3 46452 dbDelta given the same PRIMARY KEY and normal KEY produces no error, reports table created successfully, but the table is not created Database 5.1 normal trivial Awaiting Review defect (bug) new 2019-03-09T00:07:34Z 2019-03-09T00:07:34Z "I spent about 45 minutes trying to find out why one of several dbDelta functions was not creating a table. It wasn't giving a warning, and in fact was saying ""Created table wp_dtl_exam_resultmeta"". But the table was not created. I eventually found the problem which was that I had a key called ""meta_id"" and ""answer_id"" and simply had put the wrong primary key, which should have been meta_id. But I had: PRIMARY KEY (answer_id), KEY answer_id (answer_id) This gives a success message without creating a table - which doesn't seem right. Of course this isn't a problem with WordPress, it is a problem with my code. But it seems a check is missing from dbDelta, which is what I want to report. Here is the full code to reproduce the problem, just put it in a plugin or functions.php: {{{#!php <?php if ( !defined( 'ABSPATH' ) ) exit; /** * Creates/updates custom database tables for the plugin: * -> wp_dtl_exam_results * -> wp_dtl_exam_resultmeta */ function example_database_creation_for_wordpress_trac() { global $wpdb; require_once( ABSPATH . 'wp-admin/includes/upgrade.php' ); $charset_collate = $wpdb->get_charset_collate(); $table_name = $wpdb->prefix . 'dtl_exam_resultmeta'; // MY ERROR IS: PRIMARY KEY (answer_id), // IT SHOULD BE: PRIMARY KEY (meta_id), // But the dbDelta function doesn't notice that, and says it created a table when it didn't. $sql = <<<MYSQL CREATE TABLE $table_name ( meta_id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT, answer_id BIGINT(20) UNSIGNED NOT NULL DEFAULT 0, meta_key VARCHAR(255) NULL DEFAULT NULL, meta_value LONGTEXT NULL, PRIMARY KEY (answer_id), KEY answer_id (answer_id), KEY meta_key (meta_key) ) $charset_collate; MYSQL; $result = dbDelta( $sql ); // Debug this: echo '<pre>'; echo 'The table creation SQL:' . ""\n\n""; echo $sql; echo ""\n -- \n""; // This should give some warning or at least say table creation failed. It doesn't. It says the table was created. echo 'dbDelta results: ' . ""\n\n""; if ( $result ) foreach( $result as $m ) echo $m . ""\n""; else echo '(no results from dbDelta)'; echo ""\n -- \n""; // This should show the table name by checking information_schema, but it's an empty array echo 'Table query from INFORMATION_SCHEMA, this should show the table name: ' . ""\n\n""; $table_exists = $wpdb->get_results( ""SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = '"". DB_NAME .""' AND TABLE_NAME = '"". $table_name .""';"" ); var_dump( $table_exists ); echo '</pre>'; exit; } example_database_creation_for_wordpress_trac(); }}} " radgh 46457 Embed Block to a Reusable Block General 5.1 normal normal Awaiting Review defect (bug) new 2019-03-09T22:09:06Z 2020-03-20T11:34:21Z "If I add an Embed Block to a Reusable Block, only the URL is output. Add on functions.php {{{#!php global $wp_embed; add_filter( 'the_content', array( $wp_embed, 'autoembed' ), 9 }}} " ryoraspp 5 46470 Image srcset and sizes not output in classic block. Image attachment removed Media 5.1 normal normal Awaiting Review defect (bug) new 2019-03-12T03:16:28Z 2019-04-04T13:56:29Z "I installed the Gutenberg plugin on one of my sites, which was eventually updated to WP 5.0.3 and then WP 5.1. In all that time, most of the content remained unchanged. Looking at it now, most of the images in the library are unattached and embedded images produce the old/simple ""IMG"" tag, with no ""srcset"" or ""sizes"" attributes. I've tried attaching images in the media library. No change. I've tried setting $content_width. No change. Than only thing that makes any difference is editing the post/page, removing the embedded image and simply embedding it again. In the editor's HTML view, the respective ""IMG"" tag looks almost identical, except possibly the order of attributes. When converting tinyMCE content to blocks, WordPress should convert all of the required metadata, but seems like it doesn't." galbaras 2 46481 Empty response if page template return zero General 5.1 normal normal Awaiting Review defect (bug) new 2019-03-13T15:37:52Z 2019-03-25T14:53:07Z "Hello together, for an API that pulls data from WordPress, I created a page template that outputs a certain number based on the requested parameters. As long as this number is not equal to zero, everything is fine. But if the page template should output only ""0"", the WordPress page is completely empty. As soon as a space is added, e.g. ""0 "", the output works again." pattyland 2 46482 Non-hierarchical taxonomies using checkbox display are not saving in quick edit Taxonomy 5.1 normal normal Awaiting Review defect (bug) new 2019-03-13T15:52:28Z 2023-03-16T13:00:16Z "**What steps should be taken to consistently reproduce the problem?** 1) Register a custom taxonomy with these arguments to make a non-hierarchical taxonomy use checkbox display***: {{{ 'meta_box_cb' => 'post_categories_meta_box', 'meta_box_sanitize_cb' => 'taxonomy_meta_box_sanitize_cb_checkboxes' }}} *** ''I am aware it does not display this way with Gutenburg, but not everyone uses Gutenburg and CPTs do not use Gutenburg'' 2) Quick Edit a post of a post type that uses the custom taxonomy 3) Add terms to the custom taxonomy 4) Click Update **What is the expected output or result? What did you see instead?** The terms entered into taxonomy field should be added to the post. Instead, all terms are removed from the post for this taxonomy. " mooberrydreams 1 46484 Cleaning WP from any reference to php4 early General normal normal Future Release enhancement new 2019-03-13T17:17:50Z 2019-05-22T20:45:28Z "I think the time as come ! [https://wordpress.org/news/2010/07/eol-for-php4-and-mysql4/ PHP 4 and MySQL 4 End of Life Announcement] Posted July 23, 2010 by Mark Jaquith. Filed under Hosting. {{{ wp51\wp-admin\includes\class-ftp.php 281: // Validate the IPAddress PHP4 returns -1 for invalid, PHP5 false wp51\wp-admin\includes\deprecated.php 504: * PHP4 Constructor - Sets up the object properties. wp51\wp-admin\includes\file.php 201: 'php4', 258: 'php4', wp51\wp-includes\IXR\class-IXR-base64.php 22: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-client.php 55: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-clientmulticall.php 22: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-date.php 32: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-error.php 24: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-introspectionserver.php 52: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-message.php 39: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-request.php 39: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-server.php 32: * PHP4 constructor. wp51\wp-includes\IXR\class-IXR-value.php 36: * PHP4 constructor. wp51\wp-includes\pomo\entry.php 67: * PHP4 constructor. wp51\wp-includes\pomo\streams.php 26: * PHP4 constructor. 152: * PHP4 constructor. 231: * PHP4 constructor. 297: * PHP4 constructor. 318: * PHP4 constructor. wp51\wp-includes\Text\Diff\Renderer.php 47: * PHP4 constructor. wp51\wp-includes\Text\Diff.php 59: * PHP4 constructor. 339: * PHP4 constructor. 398: * PHP4 constructor. 430: * PHP4 constructor. 462: * PHP4 constructor. 494: * PHP4 constructor. wp51\wp-includes\atomlib.php 102: * PHP4 constructor. wp51\wp-includes\cache.php 740: * @todo This should be moved to the PHP4 style constructor, PHP5 wp51\wp-includes\class-json.php 152: * PHP4 constructor. 950: * PHP4 constructor. wp51\wp-includes\class-phpass.php 59: * PHP4 constructor. wp51\wp-includes\class-phpmailer.php 3558: 'php4' => 'application/x-httpd-php', wp51\wp-includes\class-pop3.php 69: * PHP4 constructor. 657: // For php4 compatibility wp51\wp-includes\class-wp-widget.php 177: * PHP4 constructor. wp51\wp-includes\class-wp-widget-factory.php 36: * PHP4 constructor. wp51\wp-includes\functions.php 4348: * remove PHP4 style constructors. 4352: * This function is to be used in every PHP4 style constructor method that is deprecated. wp51\wp-includes\general-template.php 3437: case 'php4': wp51\wp-includes\rss.php 102: * PHP4 constructor. 735: * PHP4 constructor. }}} " arena 1 46490 Clarify documentation that page-templates folder is not necessary for theme templates williampatton* Themes normal minor Awaiting Review defect (bug) accepted 2019-03-14T15:39:59Z 2019-11-13T18:36:51Z " Hi, While browsing [https://developer.wordpress.org/themes/template-files-section/page-template-files/#file-organization-of-page-templates Page Templates in the Theme Handbook] to refresh myself on recommend theme structures and page templates; I became a little confused and suggest some clarification for users. [https://developer.wordpress.org/themes/template-files-section/page-template-files/#file-organization-of-page-templates The File Organization of Page templates] section initially confused me because it states ''""WordPress recognizes the subfolder page-templates.""'' This is misleading and can give readers the impression that WordPress would only recognize that specific folder name. [https://nacin.com/2012/03/29/page-templates-in-subdirectories-new-in-wordpress-3-4/ As of WordPress 3.4, any subdirectory folder] can be used (as far as I know). I suggest rephrasing it something like to be can be placed in any subdirectory but suggest a folder like page-templates or templates. You cannot use a 2nd-level subdirectory (e.g. pages/templates/). " skorasaurus 2 46537 Can't use Emoji in the Custom HTML widget SergeyBiryukov Emoji 4.8.1 normal normal Future Release defect (bug) reopened 2019-03-16T07:21:54Z 2019-10-09T17:15:11Z Type emoji. Then the cursor does not move. hirofumi2012 8 46538 Aligning gallery results in conflicting classes added reporter-feedback Gallery 5.1 normal normal Awaiting Review defect (bug) new 2019-03-16T07:55:15Z 2019-08-08T12:44:26Z "When a gallery is created in the Visual editor it's class is set to alignundefined. After it is saved and I view the result it's class has no alignment set. So far so good. When I close the editing and go back to manage posts list and I reopen the same post to be edited the gallery class is still set to alignundefined. Still good. When I set the alignment to 'Align left' and save the post, the result is that the gallery class is set to 'alignleft'. Still good. But here it comes: When I close the editing again and go back to manage posts list and I reopen the same post to be edited the gallery class is now set to 'alignleft alignleft', so twice the same class. And from there on, one 'alignleft' class will be staying in the class attribute. So if I change the alignment to 'Align center' and save the post, the result will be that the class attribute of the <ul> gallery tag holds the value 'aligncenter alignleft'. This can cause some layout issues, plugin issues etc, etc." janpaulkleijn 2 46540 Admin bar CSS shouldn't be added in the customizer dev-feedback Customize 4.5 normal normal Future Release defect (bug) new 2019-03-16T19:42:48Z 2021-05-30T19:49:09Z "I was playing with the Customizer selective refresh and noticed that the admin bar class WP_Admin_Bar doesn't check if the user is in the Customizer, thus it may add the 46px top margin and whatnots even if there is no admin bar. So to reproduce the bug, create a partial where the `render_callback` has wp_head() in it. " nabil_kadimi 11 46541 widget class name sent in headers is incorrect when the widget has a namespace Widgets 5.1 normal normal Awaiting Review defect (bug) new 2019-03-16T19:56:30Z 2019-03-17T02:50:47Z "It looks like WordPress is removing the '\' from a class name in the headers, this leads to difficulties making Oxygen to function with Multisite Language Switcher for instance. Here is what is done in Oxygen to integrate a widget: {{{#!php <?php $component_json = file_get_contents('php://input'); $component = json_decode( $component_json, true ); $options = $component['options']['original']; ... if ( $GLOBALS['wp_widget_factory']->widgets[$options['class_name']] ) { ... do stuff } else { printf( __(""<b>Error!</b><br/> No '%s' widget registered in this installation"", ""component-theme""), $options['class_name'] ); } }}} This does not work with multisite language switcher plugin since it is registered as ""llocMslsMslsWidget"" in `$options` and ""lloc\Msls\MslsWidget"" in `$GLOBALS`. I think it is a WordPress bug because there is no reason to register a class name without the '\'. Alternatively you may want to replace the '\' with '_' but then you'd have to do the same in `$GLOBALS['wp_widget_factory']` " dlorre 46544 mp3 file with different file mime type and content type when uploading should not be rejected Media 5.1 normal major Awaiting Review defect (bug) new 2019-03-17T02:51:33Z 2023-01-27T02:33:41Z "{{{#!php <?php $files = [ 'recording6021333337014136895.mp3', 'SampleAudio_0.7mb.mp3', 'to_test_on_timby_voice_note.m4a' ]; if ( extension_loaded( 'fileinfo' ) ) { foreach ($files as $file ) { $finfo = finfo_open( FILEINFO_MIME_TYPE ); $real_mime = finfo_file( $finfo, $file ); finfo_close( $finfo ); echo ""$file $real_mime\r\n""; } } }}} Results: recording6021333337014136895.mp3 video/mp4 SampleAudio_0.7mb.mp3 audio/mpeg to_test_on_timby_voice_note.m4a application/octet-stream All the files are valid, but `recording6021333337014136895.mp3` and `to_test_on_timby_voice_note.m4a ` because of the mime type. https://github.com/WordPress/WordPress/commit/3af00578e46efa3b59fb8ed9f4177d632a123a2e is the commit which introduces this issue " soleo 5 46550 Uncaught TypeError: setcookie() expects parameter 5 to be string, bool given in... has-patch Networks and Sites 5.2 normal minor 6.6 defect (bug) new 2019-03-18T05:18:36Z 2024-02-17T13:42:20Z "https://github.com/WordPress/WordPress/blob/5e62e6b2034516c0bb366f808673752030d2d2b7/wp-includes/default-constants.php#L303 {{{#!php <?php /** * @since 2.0.0 */ if ( ! defined( 'COOKIE_DOMAIN' ) ) { define( 'COOKIE_DOMAIN', false ); // The value maybe '', not boolean } }}} " kmvan 18 46554 Uploaded images goes to wrong folder/date structure antpb Media 5.1 normal normal 6.6 enhancement assigned 2019-03-18T11:24:37Z 2024-02-12T09:21:41Z "Hello Team All test are from fresh install, default theme, no settings change, no plugin… ""Organize my uploads into month- and year-based folders” option checked. Images upload date: 17/03/2019 Single “Test Page” published date: 27/11/2018 In WordPress 4.7 – 4.7.13 – 4.8 – 4.8.9: images uploaded from Media Library goes to …/2019/03 folder… RIGHT images uploaded from single “Test Page” goes to …/2018/11 folder… RIGHT In WordPress 4.9 – 4.9.10 – 5.0.4 – 5.1.1: images uploaded from Media Library goes to …/2019/03 folder… RIGHT images uploaded from single “Test Page” goes to …/2019/03 folder… WRONG!!! From 4.9 version has anything changed in the way WordPress handles image uploads? If YES, how to go back to the old way (thus images uploaded from single “Test Page” goes to “published date” folder… and not to “upload date” folder)? Thanks!" kartiks16 18 46555 update fails when I have a print statement in my code. reporter-feedback Posts, Post Types 5.1 normal minor Awaiting Review defect (bug) new 2019-03-18T11:38:41Z 2019-03-18T18:12:42Z "I get the the pink bar message ""update failed"", when I attempt to update a page that has an executed print statement in the code. The file saves/updates, even though there is an error message. Can the message be changed to ""update returned unexpected characters"" or some such. running wordpress 5.1.1 " rweil55 3 46557 Dragging image to uploader directly from another website causes redirection Upload normal normal Awaiting Review defect (bug) new 2019-03-18T16:28:19Z 2019-03-18T16:28:19Z "1. Drag image from another website to editor 2. Image is handled correctly and embeded in content (by hotlink, but some may argue it's desired behavior) 1. Open Media Library modal (or Media admin page) 2. Drag and drop image from another website 3. Dropzone overlay is presented indicating ability to drop image to upload 4. Redirection to image URL is fired instead There is no issue when image is dragged to Desktop first and then from Desktop to Library." marsjaninzmarsa 46559 Could not embed some content Embeds normal normal Awaiting Review defect (bug) reopened 2019-03-18T18:41:06Z 2019-07-02T11:14:16Z "When trying to embed `https://www.instagram.com/p/Br3FKiDAqCs/` to freshly installed WordPress it says: `Sorry, we could not embed that content`. Embedding other Instagram posts usually work. In wp_postmeta table, appropriate meta_key `_oembed_...` has meta_value `{{unknown}}` Using utf8mb4_unicode_ci collation for both meta_key and meta_value fields. Maybe this has something to do with emojis, like #36456. " Krstarica 4 46560 Personal Data Export email unit tests found in erasure fulfillment Privacy 4.9.6 normal normal Awaiting Review enhancement new 2019-03-19T08:21:55Z 2019-03-19T08:21:55Z "Hello, While working on #44721 and #46056 I found there's some unit tests for the erasure fulfillment email that aren't covered in the data export email. Specifically, the test on post_type and post_status found here; https://github.com/WordPress/wordpress-develop/blob/5.1.1/tests/phpunit/tests/privacy/wpPrivacySendErasureFulfillmentNotification.php#L240-L277 We should be checking these to have consistent coverage between unit test suites for the two similar emails. Cheers" garrett-eclipse 46561 Make wp_normalize_path() on Windows resolve drive letter for drive–relative paths dev-feedback Filesystem API 3.9 normal minor Awaiting Review enhancement new 2019-03-19T09:18:48Z 2023-03-12T08:45:38Z "Though rarely used, Windows allows to omit drive letter in file path to treat is as drive–relative. This causes inconsistency where paths pointing to the same dir are not normalized to the same representation by `wp_normalize_path()`: {{{#!php <?php var_dump( wp_normalize_path( 'C:\server\www\dev' ) ); // ""C:/server/www/dev var_dump( wp_normalize_path( '\server\www\dev' ) ); // /server/www/dev << same path, but mismatch after normalize var_dump( wp_normalize_path( realpath( '\server\www\dev' ) ) ); // C:/server/www/dev << resolved drive letter before normalize }}} I think drive letter should be explicitly resolved as part of normalization for this case." Rarst 3 46562 Add rand orderby to the WP_User_Query and get_users to match get_posts Users 3.2.1 normal normal Awaiting Review enhancement new 2019-03-19T16:47:30Z 2019-03-19T16:47:30Z "Hello, I understand that #23368 and #20606 were closed as `wontfix` for this request but I wanted to raise it to discussion again. I understand there's a filter to allow you to custom code this; http://www.codecheese.com/2014/05/order-wordpress-users-random/ And the concerns on larger databases; http://www.titov.net/2005/09/21/do-not-use-order-by-rand-or-how-to-get-random-rows-from-table/ But from a developer standpoint could their life not be made easier by the param and simply accommodate the concerns by adding a note to the Codex? Then a developer can just add a single arg rather than write a `pre_user_query` which has the potential for conflicting with any other `pre_user_query` if it's not setup properly? I appreciate you taking this into account again and understand if there's no desire to implement this. I'm just thinking it would be nice to have parity between user and post queries. Cheers" garrett-eclipse 46565 Mixed engine in tables, could bring to major WP failure! Also there is a small fix that could avoid that. Database 4.9.8 normal normal Awaiting Review enhancement new 2019-03-19T18:49:44Z 2019-03-20T07:40:01Z "''First of all ... after MySQL decided to make InnoDB the default engine ... many of us have mixed database with both InnoDB and MyisAM labeled tables. If a plugin add a new table now (it happened to us with both WPML and Woocommerce) the new table will be mostly InnoDB but old table could be MyIsAM. That can bring to JOIN failures, that in our case made us lost primary key or foreign key links, but will definitely cause also tables **permanent locks** (due to plugin/software crash), and that took finally to the main problem: **data (rows) inserted with ID = 0** THAT alone should be advertised a lot around plugin developers, that should check if their plugin tables are equal to the current-default-engine and if they are not, they should: ""alter TABLENAME engine = current-default-engine"".'' **Straight to the point:** Data with ID = 0 actually can make crash WordPress because of this: wp-includes/post.php:4867 Please note that this code will make WordPress go into a recursive infinite loop (causing ""fatal error memory exhausted"") if the ID = 0. I know that ID = 0 is an abnormal situation, but believe me, if having locked tables makes this happen, you want to add a handbreak to that. **This is a small fix, but you surely can do better:** {{{ // Start the search by looking at immediate children. if ( isset( $children[ $page_id ] ) ) { // Always start at the end of the stack in order to preserve original `$pages` order. $to_look = array_reverse( $children[ $page_id ] ); while ( $to_look ) { $p = array_pop( $to_look ); if (!array_key_exists($p->ID,$pidx)) { $pidx[$p->ID]=true; $page_list[] = $p; if ( isset( $children[ $p->ID ] ) ) { foreach ( array_reverse( $children[ $p->ID ] ) as $child ) { // Append to the `$to_look` stack to descend the tree. $to_look[] = $child; } } } } } }}} " Nokao 46571 Fix contributors list in plugin information + duplicate CSS dev-feedback Plugins 5.2 normal normal Awaiting Review enhancement new 2019-03-20T08:28:07Z 2019-03-20T09:07:32Z I think the contributions list can be better with this change. mostafa.s1990 1 46576 short-circuit filter for dbDelta Database normal normal Awaiting Review enhancement new 2019-03-20T15:32:29Z 2019-03-20T15:32:29Z "`dbDelta` function can cause strange things on the large-scale WordPress installations. When you have large amounts of data, you don't really want to schema changes apply directly on the production. (at least we don't do that) So, I recommend adding new short-circuit filter to avoid that. (I know, returning an empty array with `dbdelta_queries` might be a workaround but not ideal for this job.)" m_uysl 46577 Improve tests related to file permissions for privacy export requests Build/Test Tools normal normal Future Release defect (bug) new 2019-03-20T17:46:23Z 2019-03-20T17:46:23Z "Continuation of #44233, which tackled adding unit tests for privacy export requests (also see [43630], [44792]). Some issues were discovered in certain situations with tests asserting the correct behavior when file and directory permissions were incorrectly configured." desrosj 46580 Is there a reason we add noopener noreferrer on all anchor tags with target=? General 5.1 normal minor Awaiting Review enhancement new 2019-03-20T22:20:45Z 2019-03-21T14:20:00Z "{{{#!php <?php /** * Adds rel noreferrer and noopener to all HTML A elements that have a target. * * @param string $text Content that may contain HTML A elements. * @return string Converted content. */ function wp_targeted_link_rel( $text ) { // Don't run (more expensive) regex if no links with targets. if ( stripos( $text, 'target' ) !== false && stripos( $text, '<a ' ) !== false ) { $text = preg_replace_callback( '|<a\s([^>]*target\s*=[^>]*)>|i', 'wp_targeted_link_rel_callback', $text ); } return $text; } }}} I have run into an issue with a Gutenberg block failed to validate because target=""_self"" is getting rel=""noopener noreferrer"" added. Is there a reason we cannot put a strpos conditional for ""_blank"" or something similar? " heller_benjamin 2 46582 WordPress Core Updates: 'Last updated' date not showing correctly dev-feedback Upgrade/Install 5.1 normal normal Awaiting Review defect (bug) new 2019-03-21T06:44:12Z 2019-03-21T10:33:52Z "For the WordPress Core Updates the date for last search is constantly showing January 1st 1970. My WordPress version is 5.1.1 in Development Mode." markustippner 4 46586 `determine_current_user` filter only run once per request Users normal normal Awaiting Review feature request new 2019-03-21T09:23:54Z 2019-03-21T09:43:00Z "The `determine_current_user` filter (source:trunk/src/wp-includes/user.php#L2698) in `_wp_get_current_user()` (source:trunk/src/wp-includes/user.php#L2639) was introduced by @nacin in changeset:27484/trunk/src/wp-includes/pluggable.php. It is only run ''once'' per request, i.e. if the global variable `$current_user` is still empty. This leads to problems when a plugin calls `wp_get_current_user()` early and other plugins that are executed later rely on the filter callback to be executed. Example (pseudo code): {{{#!php <?php /** * Plugin Name: Plugin A */ add_action( 'plugins_loaded', function() { add_filter( 'determine_current_user', function($user_id) { // Do something here with $user_id. // If Plugin B is active, this will never be executed. return $user_id; } ); $user = wp_get_current_user(); // Do something here with $user. }, 5 ); }}} {{{#!php <?php /** * Plugin Name: Plugin B */ add_action( 'plugins_loaded', function() { $user = wp_get_current_user(); // Do something here with $user. }, 1 ); }}} My suggestion is to either move the filter up in the function so that it is executed every time the function is called, call the filter before any `return` statements, or introduce a new filter that is executed at the beginning of the function (e.g. `pre_determine_current_user`). What do you think of that? Thanks!" Tyrannous 1 46596 WP_Customize_Date_Time_Control class - date format ignores day of the month suffix (S) has-patch Customize 4.7 normal normal Awaiting Review defect (bug) new 2019-03-21T22:57:07Z 2019-03-22T18:32:31Z "When adding a date time control to the customizer using the WP_Customize_Date_Time_Control class with the add_control() method, the character for the day of the month suffix (S) is not replaced/stripped when formatting the date and gets displayed in the customizer. See attached image. Like other date formatting characters, the suffix should either be replaced with the get_option( 'date_format' ) value or be removed completely." F.Ilona 1 46604 Twenty Seventeen: Front page panels allow pages of any status to be shown. has-patch Bundled Theme normal normal Awaiting Review defect (bug) new 2019-03-22T11:55:51Z 2021-08-17T00:21:05Z "I noticed that if you have a published page set to a `Front Page Section X Content` and that page is then set to `private`, `draft`, `pending`, or `trash` at some point in the future, the content still appears on the homepage. And if the page is deleted permanently, an error is shown and the content of the ""Homepage"" is shown again. When going back into the Customizer > Theme Options, pages that do not have the status `publish` no longer show up in the select box. This makes it unclear to the user what has happened. Choosing `— Select —` and publishing the Customizer changes removes the page(s), but I think that's a suboptimal experience. It's easy enough to check the `post_status` of the page before displaying the panel, but some thought will need to go into how to handle that situation in the Customizer." brettshumaker 1 46609 Incorrect posts date on saving scheduled posts draft Date/Time 5.1 normal normal Awaiting Review defect (bug) new 2019-03-22T16:19:24Z 2022-12-05T15:16:15Z "Hello: When a scheduled post is saved, the created post date is keept, instead of the scheduled date the user wanted to program. So, when the user make a preview of the post, the date showed is incorrect, because not correspond to the scheduled post date but to the present date. The date is corrected only when the post is programmed. I think the date of the post must be changed when the post was saved as a draft too. Best regards, Javier." Marlimant 8 46610 In Multisite The Edit Page Is Missing From Toolbar And Root of Multisite Gets Displayed Networks and Sites 5.1 normal normal Awaiting Review defect (bug) new 2019-03-22T17:11:07Z 2019-06-14T22:06:21Z "I reported an issue here: https://github.com/WordPress/gutenberg/issues/14562 A contributor there referred me to post this here because it might not be a Gutenberg issue. In a multisite network, the Toolbar site displayed after My Sites is changed to the root of the site when the admin User adds the Toolbar to the URL so they can edit the page. The Edit Page is also not displayed in the Toolbar. Steps to reproduce the behavior: login to WordPress -- in a multisite network select one of your multisites verify the correct site is loaded after My Sites create a simple test page publish the test page copy the link for the page and open the link in a new tab paste ?bar=yes to the url and press return on the url to display the toolbar notice that the multisite display after My Sites shows the main root site now instead of the multisite you are in based on the url you selected notice that the Edit Page does not show either Expected behavior: The selected site should display properly after My Sites and the Edit Page should display to the User. used WordPress 5.1.1 and the Gutenberg release installed with this version OS: Windows 7 Enterprise Browser chrome Version 73.0.3683.75 It could possibly relate to Gutenberg because a test of 4.9.10 with Gutenberg plugin not installed and Gutenberg not a part of WordPress core in that release doesn't have that problem. " wordpressdevtester 1 46614 Category/tag/taxonomy names on admin screens has-patch Administration normal normal Awaiting Review enhancement assigned 2019-03-23T01:23:59Z 2021-09-07T14:15:04Z "Hello, I'd like to suggest that when browsing categories, tags any taxonomies in general the admin screen display the taxonomy title/name somewhere preferably at the very top as I see that newbie users feel confused when browsing posts from a specific category/tag/taxonomy. Examples: [[Image(https://i.postimg.cc/xjHx4Nvt/01.png)]] ''When browsing the ""Succulents"" tag'' [[Image(https://i.postimg.cc/pXHGbVkx/02.png)]] ''When browsing the ""Plants from Mexico"" category'' I also searched for some way to add this myself for some clients and can't find how to do so. Thanks (sorry if this is out of scope/wrong place)" Dianakc 5 46618 Change login behaviour to only set the test cookie when a user attempts to login instead of just on visiting the login page dev-feedback Login and Registration normal normal Awaiting Review enhancement new 2019-03-23T09:02:24Z 2019-04-05T05:13:50Z "Hello, I'm branching this from #44175 to account for the idea presented by @SergeyBiryukov; > I wonder if we could change the behavior to match the text, so that the test cookie is only set upon trying to log in, as that probably makes more sense. I'd be more comfortable with doing that in a major release though. The change would be to move the logic for the test cookie to be triggered upon the login action rather than the login page visit. Cheers" garrett-eclipse 8 46625 username and password automatically change to dexter Database 4.9.1 normal normal Awaiting Review defect (bug) new 2019-03-24T07:32:46Z 2019-03-24T10:18:13Z "Dear sir, username and password automatically change to dexter " ram181 4 46629 Allow replacing placeholders in starter content posts/pages content Customize 4.7 normal normal Future Release feature request new 2019-03-24T21:43:51Z 2019-06-12T18:32:59Z The ability to create posts/pages doesn't really offer a whole lot of use out the gate unless a theme uses hardcoded urls for images in the content. It would be a great improvement if the same handling for placeholders in menus/theme_mods/options could be applied in context of posts/pages content. timph 2 46635 Improve identifying of non–trivial callbacks in hooks has-patch General normal normal Awaiting Review enhancement new 2019-03-25T09:41:35Z 2023-08-28T08:39:52Z "The API for hooks provides comprehensive support for adding any kind of valid PHP callback. However there are currently no easy way to identify non–trivial (non–string) callbacks in any other operations, such as `has_*` or `remove_*`. Rather than discouraging use of complex callbacks, I would like to suggest API is improved to better support them. In my experience the best take I had seen is to identify complex callbacks with a string representation in [https://brain-wp.github.io/BrainMonkey/docs/wordpress-hooks-added.html Brain Monkey] testing library. Tentatively I would imagine support for following expressions (up for discussion and refinement): - `ClassName()` object instance (such as invokable object) - `ClassName->foo()` concrete method callback - `ClassName->*` any concrete method callback - `class()` verbatim, anonymous class instance - `function()` a closure instance - `function( $argument )` a closure instance with specific signature E.g. `remove_action( 'init', 'ClassName->*' )` should remove all method callbacks belonging to instances of that class." Rarst 27 46637 Corrupted functions.php file after editing in built-in theme editor Themes 5.6.1 normal normal Awaiting Review defect (bug) new 2019-03-25T11:32:11Z 2021-02-12T13:12:21Z "Got [https://ru.wordpress.org/support/topic/%d0%bf%d1%80%d0%be%d0%bf%d0%b0%d0%bb-%d1%80%d0%b5%d0%b4%d0%b0%d0%ba%d1%82%d0%be%d1%80/#post-318693 at least two reports] of the following scenario. When editing the `functions.php` file of a theme, WordPress says: ""Unable to communicate back with site to check for fatal errors, so the PHP change was reverted."" However, the reverted file has 0 bytes length, and has to be recovered from a backup copy. From what I can see, this can only happen in two cases: * [https://core.trac.wordpress.org/browser/tags/5.1.1/src/wp-admin/includes/file.php?marks=474#L473 file_get_contents()] could not properly read the file contents. * The file is writable and [https://core.trac.wordpress.org/browser/tags/5.1.1/src/wp-admin/includes/file.php?marks=485#L474 fwrite()] succeeded, but [http://core.trac.wordpress.org/browser/tags/5.1.1/src/wp-admin/includes/file.php?marks=588#L585 file_put_contents()] did not. Don't have any more details at this point, created the ticket as a reference for investigation." SergeyBiryukov 1 46639 unit test for wp_is_numeric_array() has-patch General low normal Future Release defect (bug) reviewing 2019-03-25T12:58:57Z 2020-09-10T15:10:13Z just a missing unit test pbearne 1 46641 Add site_id to WP_Post object Networks and Sites 5.1 normal normal Awaiting Review enhancement new 2019-03-25T14:07:42Z 2022-10-26T13:50:49Z "Hi, I work on a multisite, where each website can get all posts (from one post type or not). It seem interesting to add new line in object response (get_post() for example) : ""site_id"" (where site_id is an int) - site_id is 1 per default (if no multisite) {{{ WP_Post Object ( [ID] => [post_author] => [post_date] => [post_date_gmt] => [post_content] => [post_title] => [post_excerpt] => [post_status] => [comment_status] => [ping_status] => [post_password] => [post_name] => [to_ping] => [pinged] => [post_modified] => [post_modified_gmt] => [post_content_filtered] => [post_parent] => [guid] => [menu_order] => [post_type] => [post_mime_type] => [comment_count] => [filter] => [site_id] => ) }}} If this feature is good for some people, I can make this change and submit here " Spidlace 7 46642 Comment form content textarea shouldn't be a required field dev-feedback Comments 5.1 normal major Awaiting Review defect (bug) new 2019-03-25T17:40:00Z 2020-01-23T11:07:04Z "there's a note on the top of the comment form that states: "" Required fields are marked "" and the comment <textarea> is marked required but not marked with an ""*""" bckelley 1 46652 "Add ""template_loaded"" action after a template has been included as part of the template hierarchy" reporter-feedback Bootstrap/Load 5.1 normal normal Awaiting Review enhancement new 2019-03-26T10:59:34Z 2020-01-02T11:58:20Z "As part of the template hierarchy, WordPress works out what template it should use. It then passes this template through the `template_include` filter, which allows you to change the template name. This template is then included and that's the end of things. Here's the current snippet showing the filter and the include (from here https://core.trac.wordpress.org/browser/tags/5.1.1/src/wp-includes/template-loader.php#L77) {{{#!php <?php // ... if ( $template = apply_filters( 'template_include', $template ) ) { include( $template ); } elseif ( current_user_can( 'switch_themes' ) ) { // ... }}} However, we need to run some code ''after'' the template has been included. We can't rely on the next action to fire (which is `get_header` I believe) --- **I suggest that a new action is added after the template is included. For example: ** {{{#!php <?php // ... if ( $template = apply_filters( 'template_include', $template ) ) { include( $template ); // Add an action here do_action('template_included', $template); } elseif ( current_user_can( 'switch_themes' ) ) { // ... }}} --- For some context, as to why we need this change... we have some code that allows us to use PHP classes (controllers) in these template files. We currently hook into ""template_include"", do the include ourselves then prevent WP from doing the include by not returning anything. However we are running into issues where other hooks on ""template_include"" not behaving correctly now because we are not returning the template. We can get around this for now by making sure our filter runs last by setting a high priority. However it would be ideal for us to run our code after the include has been done. Happy to provide more details or code if needed." adamtomat315 2 46655 Block editor adding line breaks between blocks Editor 5.1 normal minor Awaiting Review defect (bug) new 2019-03-26T13:09:51Z 2020-09-24T09:50:37Z When a post is created in the block editor the generated HTML receives 3 line breaks in between blocks. This isn't much of an issue in the browser but the line breaks are also inserted into feeds which are then displayed in some RSS readers. jchristopher 3 46658 Twenty Nineteen: Navigation menu is messy with RTL language SergeyBiryukov has-patch Bundled Theme normal normal Future Release defect (bug) reviewing 2019-03-26T14:46:38Z 2019-10-15T14:25:23Z "Hello, For our languages switcher, we can add it in primary navigation menu with an options for adding country flag for each language. With a rtl language like arabic, we have a strange behaviour because of the first li tag does not have the behaviour expected. See first screenshot attached Unlike in twenty seventeen {{{ display: inline; }}} is used instead of {{{ display: inline-block; }}} When I corrected to {{{ display: inline-block; }}} it works well again in this case. See second screenshot attached Regards " manooweb 5 46659 Suggestion: add action hook before admin menu nav in the sidebar Administration normal normal Awaiting Review enhancement new 2019-03-26T16:02:53Z 2019-03-26T16:02:53Z "To increase customizability in the admin sidebar menu, I added an action hook in the file **wp-admin/menu-header.php**. I needed this to implement a menu with the company logo, user avatar , username, some_meta_data, logout link. I removed the top horizontal menu for some user roles. It looks nice and this was the only way I managed to do it without using javascript. Using CSS I change the company logo to a small version of it when the menu is minimized. **wp-admin/menu-header.php** {{{ ... <div id=""adminmenuwrap""> <?php do_action('do_custom_before_admin_menu');?> <ul id=""adminmenu""> ... }}} First time creating a ticket here, sorry if something is wrong." umagrama 46660 PHP Warning: Countable Error in update_metadata() reporter-feedback Options, Meta APIs normal normal Future Release defect (bug) reopened 2019-03-26T16:07:33Z 2019-05-27T05:38:24Z "i have updated to the latest wordpress and php 7.3 but somehow i get this error over and over again {{{ PHP Warning: count(): Parameter must be an array or an object that implements Countable in /srv/users/.../apps/.../public/wp-includes/meta.php on line 210: // Compare existing value to new value if no prev value given and the key exists only once. if ( empty( $prev_value ) ) { $old_value = get_metadata( $meta_type, $object_id, $meta_key ); if ( count( $old_value ) == 1 ) { if ( $old_value[0] === $meta_value ) { return false; } } } }}}" betimademi 7 46662 "Networked WP ""Deactivate"" a blog site then later ""Activate"" it loses posts and comments" Networks and Sites 4.9.8 normal normal Awaiting Review defect (bug) new 2019-03-26T20:47:38Z 2020-02-20T00:26:55Z "Site dashboard shows WP version as 4.9.10 (does that equal 5.0?). Using network administration, the list of sites shows the following when hovering over a given site: Edit | Dashboard | Deactivate | Archive |Spam | Delete | Visit Selecting ""Deactivate"" appears to work. The blog site is **not** deleted (confirmed) and none of the posts appear to be retrieved. Attempting to access the blog site provides an appropriate message (versus a 404 not found or similar). However, a day or two later, when the site is ""Activated"", all the recent posts and comments appear to have been deleted (i.e. no longer visible). This involved the years 2016 - 2019. Previous posts and comments going back several years were retained and can be displayed. The only vaguely similar issue I could find is #44515; but clearly I used ""Deactivate"" or I would not have been able to re""Activate"" the blog site. Note 1: The networked setup uses sub-domains. Note 2: Using phpMyAdmin to view the records in wp_13_posts (the particular blog site involved has the Id 13), there are rows for the years 2018 and 2019 -- 8 for 2018 and 7 for 2019. The ""post_content"" column for these records appears blank. The ""post_title"" column appears to indicate these are entries associated with a post, but not the ""main"" post. Those with a post_title like ""Rev-9-MAR-2019-Sectional.jpg"" have a post_type of ""attachment"" and post_title ""Auto Draft"" have a post_type of ""post"". " johngoold 46673 Update esc_url function (default https). Formatting normal normal defect (bug) reopened 2019-03-27T15:26:34Z 2021-12-06T15:25:28Z "Hello, If by default the link doesn't contain a protocol, WordPress adds http. Today I think it's better to use https. I think this is a position to take because in both cases (http or https) the redirection may be bad. This ticket follows the modification of the protocol in the menu (#46312)." aksl95 3 46705 "Harden WP core against ""update option"" endpoint vulnerabilities" Options, Meta APIs 5.2 normal normal Awaiting Review feature request new 2019-03-28T19:46:36Z 2019-11-25T11:01:24Z "A fairly frequent problem is plugins failing to perform nonce and permission checks on endpoints servicing their admin pages. Following discovery of such a vulnerability it is usually very straightforward for an attacker to perform a large scale attack defacing or establishing persistent administrative access by modifying the options `siteurl`, `default_role`, `users_can_register`, and likely more. I propose that all updates to these selected critical options in a web context warrant validating there has been a nonce verification and the current user has the capability to manage_options. This would force an attacker to follow a more difficult exploit path, potentially preventing large scale exploitation of these issues. The goal I have in mind here is not to be bulletproof, just to defend against a seemingly common bug class." tsewlliw 1 46713 Comment reply link uses inconvenient eventlistener has-patch Comments 5.1 normal normal Awaiting Review defect (bug) new 2019-03-29T09:04:48Z 2023-06-17T02:01:37Z "When comment-reply.js was rewritten recently the behavior of the reply-button changed. It now seems to use 'touchstart' as eventlistener which makes it really ""touchy"" to use on mobile. It's almost impossible to use scroll now since you always trigger the touchstart event which opens the reply-box." szandman 14 46716 Site owner unable to control admin level users in Word Press dashboard Role/Capability normal normal Awaiting Review feature request new 2019-03-29T12:25:21Z 2019-03-30T04:27:00Z "Issue details: I just created my website using WordPress. I am not a web developer and wordpress dashboard is pretty native and lacks default functionalities like giving sub headings in your page or blog ( editor should at least be as good as MS Word). Also I can create new page under parent page but can't view their title under parent page in menu after publishing the page.( expected behavior) So I need to take help of a web developer to get proper page templates, theme, plugin etc. I created a second administrator in my site to give access to a web dev to my site dashboard. Now I ( site owner ) and the web developer have equal rights in the site. the Web developer can even change my password or delete me as an administrator, or log me out!! How can wordpress allow that? There are plug ins which give different User roles but this is a core capability to add, edit or delete users including site owner. Plugins can be removed by an admin user so not useful to protect rights of site owner if he/she has to create other admins. If I do not give admin rights to web developer, he can not add templates/plugins/theme so I have to give admin rights.. Expected Behavior: To make wordpress websites secure, the site owner should have Master admin rights. Site owner should be able to add or remove other admins but other admins should not be able to view - site owner( master admin) among list of users. other admins should not be able to view, edit or delete any details of Master admin profile. Also Publishing rights should be restricted to not allow every user to publish anything they write/change. in fact there should be check box for different capabilities while creating users: 1. User Management (All- master admin) 2. User management ( all but not master admin) 3. Developer capabilities ( templates, plug ins, coding ) 4. Read, write, edit posts (self only- Jr. blog writer) 5. Read, write, edit, publish posts (self only- blog writer) 5. Read, write, edit, publish posts ( all contributors- editor) 6. Read write,edit, publish, delete posts, review publish comments ( all contributors- Sr.editor) Additional improvements: Today most blog sites have basic editing features which make them more user friendly for nontechnical bloggers. WordPress try to keep everything simple and is great for developers but please think from beginners' perspective and add basic capabilities to page editor. Also add menu editor or create core functionality to automatically add child page under parent page in main menu. " anu24 2 46737 Admin panel Plugin pagination issue close Plugins 5.1 normal normal Awaiting Review defect (bug) new 2019-03-30T09:50:36Z 2023-10-20T00:49:40Z "Hello Team, I found one issue while plugin listing pagination. Admin dashboard plugin listing pagination some time return 36 per page and some times 25 per page Link with issue: https://www.useloom.com/share/dd872eee74bd412e8484d01e415b3117 Thanks, Hitendra" Hitendra Chopda 2 46739 post attributes order not working correctly Database 5.1 normal normal Awaiting Review defect (bug) new 2019-03-30T18:28:38Z 2019-03-30T18:28:38Z "I set up the post attributes order with the code attached to be modified within the editor. add_post_type_support('post', array('page-attributes')); The post attributes section with the order field shows up but unfortunately does not save any values and does not show up the value set in the database. Please find more information here: https://stackoverflow.com/questions/55433707/wordpress-post-custom-order-not-working-showing-up-but-not-saving" nikischin 46748 authenticate filter hook does not behave as expected for priority values less than 20 SergeyBiryukov* dev-feedback Login and Registration 3.7 normal normal Future Release defect (bug) accepted 2019-04-01T12:33:38Z 2022-04-04T06:23:03Z "Returning null or a WP_Error object from functions bound to the [https://codex.wordpress.org/Plugin_API/Filter_Reference/authenticate authenticate] filter at priority values less than 20 does not prohibit a user from logging in. Consider the following snippet: {{{#!php <?php <?php /* Plugin Name: Prohibit Login Description: Proves that the authenticate filter does not work as expected with lower priority Author: Robert Peake Version: 0.1 */ function prohibit_login($user_or_email, $username = null, $password = null) { return new WP_Error('authentication_failed','Prohibit Login plugin prohibited login'); } add_filter('authenticate', 'prohibit_login', 20, 3); }}} This code when activated as a plugin prohibits an admin user from logging in using wp-login.php and displays the message ""Prohibit Login plugin prohibited login"" as expected. Changing the value from 20 to e.g. 19 on the final line does not prohibit an admin user from logging in using wp-login.php. No message is displayed, and the login proceeds. (Note: this has been tested with all other plugins deactivated with the Twentynineteen theme using the latest nightly build.) While this is not a security problem in itself, because it is undocumented behaviour it could lead to security issues in plugins where an author assumes that, like other filter hooks, e.g. the default priority of 10 can be explicitly stated without side-effects. For this reason, I initially [https://hackerone.com/reports/519283 submitted a ticket on the HackerOne platform] just to be sure, but the ticket was closed as being a ""hypothetical"" vulnerability with out a ""clear PoC"", so I am filing this bug report instead." robert.peake 18 46763 Improve plugin search results with already active plugins Plugins normal normal Awaiting Review enhancement new 2019-04-02T10:52:13Z 2022-11-02T14:05:37Z "Currently if you search for a plugin to do X, and X is something that a plugin you already have matches for, this is what you get: https://cloudup.com/c0GYNTynpF4 The disabled ""Active"" button there is not very useful, as it doesn't provide any context as to why that button is disabled. I'd like to propose a change: let's turn this into two separate groups of results, one that says ""these plugins you already have installed might be able to help"" and then a second group below that with other plugins. In my ideal world, we'd even have an ""admin search"" function, where you could be taken straight to the appropriate page for that keyword. This could be useful even for WordPress core, so I'm splitting that out into a second issue: #46764." joostdevalk 48 46764 Admin search functionality Administration normal normal Awaiting Review enhancement new 2019-04-02T10:54:41Z 2019-04-04T05:54:53Z "I would like an interface + API to for instance search for ""privacy"" and get a search result that points to `/wp-admin/privacy.php`. If we can make these results filterable, it could be very useful in interfaces like #46763." joostdevalk 2 46771 Twenty Eleven: Negative values for padding dev-feedback Bundled Theme 4.9.8 normal minor Awaiting Review defect (bug) new 2019-04-02T12:27:37Z 2023-11-08T09:50:29Z "Line 2799 #ie7 article.intro Value Error : padding-left -7.6% negative values are not allowed : -7.6% Line 2800 #ie7 article.intro Value Error : padding-right -7.6% negative values are not allowed : -7.6% " Malae 4 46775 Cannot allow multiple MIME for same file extension Upload 5.1 normal major Awaiting Review enhancement new 2019-04-02T15:55:20Z 2023-08-27T08:06:45Z "Using 5.1.1, .zip are being detected as application/zip on my PC, but the same file (exact same) is being detected as application/x-zip-compressed on another PC. I've attempted to DISABLE_UNFILTERED_UPLOADS and temporarily removed the is_super_admin constraint from wp-includes/functions.php but still no luck. I also wasn't able to add this as an array without throwing a PHP exception. This prevents me from allowing users to upload .zip from their PC. It's not appropriate for me to ask the user to make any changes to their PC. Any advice?" thedanhealy 2 46777 Pass attachment ID to image_resize_dimensions to allow reliable per image cropping has-patch Media normal normal Awaiting Review enhancement new 2019-04-02T18:48:30Z 2019-04-13T09:43:32Z "This patch passes optional attachment ID parameter to `image_resize_dimensions` filter. The purpose of this patch is to allow plugin developers to hook into `image_resize_dimensions` filter and implement reliable per image cropping. Currently many plugins rely on ugly ""capture ID"" hacks like WP Smartcrop plugin: https://plugins.svn.wordpress.org/wp-smartcrop/trunk/wp-smartcrop.php See `capture_attachment_id ` method for details. The patch doesn't change the default crop behaviour, but makes cropping functionality extendable." arkimedia 3 46780 wpColorPicker() close() method uses iris 'toggle' instead of 'hide' which can unexpectedly open the color pane has-patch General 5.1 normal minor Awaiting Review defect (bug) new 2019-04-03T07:09:04Z 2019-05-23T09:49:02Z "Using the close() method, one would expect that the color picker will get closed anyway and that nothing else would happen, even if the picker in question was already closed. However, when calling the close() method on an already closed picker (e.g. when you call close() on a set of three pickers, where only 2 might be open), the color pane will get displayed. While the close() method correctly will remove the wp-picker-open class and will set the aria-expanded attribute to false regardless, the actual iris picker is just using toggle: {{{ this.element.iris( 'toggle' ); }}} Instead, it would be safer to use {{{ this.element.iris( 'hide' ); }}} which would also be more in line with how the class and attribute are handled." maximus80 2 46785 Twenty Seventeen: Floated Images appear with extra space on top on the front end. has-patch Bundled Theme 5.1 normal normal Awaiting Review defect (bug) new 2019-04-03T13:22:17Z 2021-08-17T00:01:38Z "''Ported over from Gutenberg's repo, since this is a Twenty Seventeen issue:'' https://github.com/WordPress/gutenberg/issues/14782 **Steps to reproduce** 1. Create a new page, add an image block and insert image. 2. Add a paragraph block below with text. 3. Resize image and change to left alignment. Text wraps around image. 4. Preview/publish **What I expected** Expected the image and text to be almost exactly aligned, as it appears in the editor. **What happened instead** When previewed/published, the first line of text has a gap above it. Workaround: Adding an empty paragraph block above the image block removes the gap. **Browser / OS version** Chrome Version 73.0.3683.86 macOS Mojave 10.14.3 ---- **Screenshots** Page creation: [[Image(https://cldup.com/whURZYOf-k.gif)]] Before adding empty paragraph block: [[Image(https://cldup.com/QiGnsXicGs-1200x1200.png)]] Empty paragraph block applied in editor: [[Image(https://cldup.com/QOrcLW8iWM-3000x3000.png)]] After adding empty paragraph block: [[Image(https://cldup.com/AgAjLakQ6b-3000x3000.png)]]" kjellr 1 46791 esc_url() adding http:// to a relative URL to parent directory '../pathname/' has-patch Formatting 5.1 normal normal Awaiting Review defect (bug) reopened 2019-04-04T09:50:03Z 2019-05-23T10:37:12Z "{{{esc_url()}}} adds '!http://' when it shouldn't. Line 4191 wp-includes/formatting.php states If the URL doesn't appear to contain a scheme, we presume it needs !http:// prepended (unless a relative link starting with /, # or ? or a php file). This is prepending !http:// to a relative url to a parent directory i.e. '''../path-to-page/''' Funtion needs ../ adding to the array or some regex code." OrangePixelNath 3 46792 CPANEL Directory Privacy DoesNOT work With WordPress Admin Directory reporter-feedback Security 5.1 normal blocker Awaiting Review defect (bug) new 2019-04-04T10:27:36Z 2019-04-05T06:31:11Z "Hello WordPress, Protecting my wordpress admin directory using CPANEL Directory privacy feature doesn't work. And I tried to replace the default wordpress rule in htaccess file: {{{ # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> }}} Replaced with this by adding another / after Dot: {{{ RewriteRule ./ /index.php [L] }}} IT WORKS 100% But the problem is: When I update the permalinks, it will rewrite the default rules again. What is the solution?" ephremfirew 3 46793 Uploading files that the filename contains LTR and RTL characters cause filename change Media 4.9.1 normal major Awaiting Review defect (bug) new 2019-04-04T11:03:32Z 2019-04-11T13:32:52Z I have uploaded some pdf files in the Media. The process goes well but when I am trying to access them the files are not found. I reviewed the uploads with ftp and I saw that the file names changed. For example a file that was uploaded with filename אילן-גל-פאר-english.pdf is changing to english.pdf-גל-פאר- with result to get 404 error. VSotiris 2 46794 wp_authenticate_email_password fails due to incorrect evaluation of $user object dev-feedback Users 5.1 normal normal Awaiting Review defect (bug) new 2019-04-04T11:16:40Z 2019-04-05T14:00:12Z "While testing an authentication method that uses wp_authenticate where I was passing in a correct email address and password combination that was failing, I traced the code through to the wp_authenticate_email_password method in wp_includes/user.php in wp 5.1.1. Line 251 executes wp_check_password with $password, $user->user_pass and $user->ID, however $user->user_pass does not exist in $user, rather it exists in $user->data->user_pass. See attachments for Xdebug code and local variables. " Csassaf 3 46802 Twenty Eleven: Dark Mode Featured Post gradient overlay is overlapping ianbelanger Bundled Theme normal normal Future Release defect (bug) assigned 2019-04-04T18:48:57Z 2019-04-04T19:59:12Z While reviewing #46770 @desrosj noticed that the gradient overlay on `.featured-post .feature-image.small:after` is 10px lower than it should be while in the `Dark Color Scheme`. It becomes very noticeable due to the fact that the background it overlaps is a dark grey, while the gradient overlay is black. See screenshot ianbelanger 2 46804 wp-phpunit calls _delete_all_posts() too early during bootstrap Build/Test Tools normal normal Awaiting Review defect (bug) new 2019-04-04T23:55:17Z 2019-04-05T06:40:05Z "Bootstrap file looks like so {{{#!php <?php // ... _delete_all_posts(); require dirname( __FILE__ ) . '/testcase.php'; require dirname( __FILE__ ) . '/testcase-rest-api.php'; require dirname( __FILE__ ) . '/testcase-rest-controller.php'; require dirname( __FILE__ ) . '/testcase-rest-post-type-controller.php'; require dirname( __FILE__ ) . '/testcase-xmlrpc.php'; require dirname( __FILE__ ) . '/testcase-ajax.php'; require dirname( __FILE__ ) . '/testcase-canonical.php'; require dirname( __FILE__ ) . '/exceptions.php'; require dirname( __FILE__ ) . '/utils.php'; require dirname( __FILE__ ) . '/spy-rest-server.php'; }}} In one of my mu-plugins, I have a function hooked into before_delete_post and wp_trash_post {{{#!php <?php add_action( 'before_delete_post', function() { wp_remote_request( ... ); } ); }}} But since file spy-rest-server.php isn't loaded yet, I can't run test units (errors regarding Spy_Server class which does not exist). The ''_delete_all_posts()'' should be called AFTER requiring the files " mynameiskermit 46835 unnecessary image size created Media 5.1 normal normal Awaiting Review enhancement new 2019-04-08T21:14:39Z 2019-04-09T08:38:57Z "[[Image(https://i.stack.imgur.com/JDFyd.png)]] This is hard to explain. I have the medium size set to 640px wide. If i upload an image that is exactly 640px wide. It creates an unnecessary copy of it that matches the original image in every sense. The problem is that when i upload an image that's exactly 640px wide it makes a copy like so: image.png (is 640x640 px) image-640x640.png (is ALSO 640x640 px, so why create it?) The medium (640px) size should only be created if the original image is Wider than that, not equal. I hope i explained it well enough. Let me know if it needs clarification." ctrlaltdelete 1 46846 Tight comparisons and use of Yoda conditions are not consistent dev-feedback Formatting normal normal Awaiting Review defect (bug) new 2019-04-09T11:30:29Z 2019-04-09T11:30:29Z In `wp-includes/formatting.php`, as I have seen comparisons and use of Yoda conditions are not consistent through out the file. I have made some changes and uploading a proposed patch here. Let me know if this helps! subrataemfluence 46869 Fix PHPCS configuration has-patch Build/Test Tools normal normal Future Release defect (bug) new 2019-04-09T23:58:11Z 2019-05-28T18:01:17Z "Some current rules used in PHPCS don't fully match the WordPress PHP Coding Standards or recent developments/changes. Many of them can be fixed by changing core's `phpcs.xml.dist`. In addition, optional rules can be set to lower priority so they are only displayed when needed." azaozz 8 46883 Blog Configs being overridden by Hacker Bots Posts, Post Types 5.1 normal critical Awaiting Review defect (bug) new 2019-04-11T15:59:11Z 2019-04-11T15:59:11Z "We consider this as a Bug since no malicious damages to Sites or Servers have been found. We have multiples of instances on sites where Robots can Auto Submit posts to Blog pages even though the sites are configured not to allow public posts/discussion. Currently we have over a dozen end users that have reached out to us to make sure their sites have not been hacked. Main configuration: Configured not to allow Posts/Discussion and not to allow Posts by anyone not logged in. User account creation is also turned off. Thankfully some of these sites are setup to be moderated and these malicious posts only have been caught this way, however the end users that are not moderating are seeing an increase in issues with this Bug/Backdoor. This is happening with sites with multiple theme types, Multiple versions of PHP, and also Multiple Web Server Platforms. At first I thought maybe it was a Theme issue working with the Core, however further research from dealing with other end users is showing that it looks related to the Core, since multiple Theme types are being used by multiple end users, However to try and rule out any CORE Issue we are having End Users send us their Web Server, PHP, and Database Logs to research this issue deeper." zsystech 46884 Add option to allow individual child-site Privacy Policy pages on multisite has-patch Privacy normal normal Future Release enhancement new 2019-04-11T17:44:39Z 2020-10-16T22:44:17Z "This is a follow-up to #43935. I run a couple of multisite installations (all currently running the latest WordPress 5.1.1), none of which fall in the category of ""we need only a single privacy policy page to cover all child sites"". I just ran into a situation where I (as superadmin) was helping edit content on a child site, and selected the Privacy Policy / Terms page for that site as the official Privacy Policy page (if I remember, it was in response to a notice suggesting I select a Privacy Page). I don't remember seeing any warning / notification that by doing so I would be disabling editing that page for the regular site admins of the child site. In order to restore editing of this page for site admins, my choice was to either give them `manage_network` capabilities (not ideal), or unselect the page as the official Privacy Policy for the site, which is what I ended up doing (and also lose the useful functionality that the built-in Privacy Policy stuff gives, suggested inclusions from plugins etc). I see from the discussion in #43935 that it's suggested to use a plugin to allow admins to assign (and then edit) indvidual privacy policy pages. My suggestion is to change the behavior to allow setting individual child site Privacy Policies (thereby increasing usage & adoption of this feature), or alternately add some UI / messaging if the behavior is going to stay the same to reduce confusion. **Preferred suggestion for improved functionality and adoption of Privacy Policy functionality:** Add a new Network > Settings option that toggles between a single selectable network-wide Privacy Policy page (this would address the use case envisioned in #43935 where it is desirable to have a single Privacy Policy), or (new behavior) allow individual child sites to set their own Privacy Policies (in which case, let normal page editing capabilities apply and keep it a regular page that has extra options / suggestions). Proposed new Network > Settings option: **Network Privacy Policy:** [ x ] Allow child sites to specify their own Privacy Policy page ''(default)'' [ ] Use a single network-wide Privacy Policy page <select site, then select page> << reveal if radio button is selected If the first option is selected, disable Privacy Policy functions on child sites (maybe include in menus as an option though (""Network Privacy Policy"" as a type of URL to include in a menu might be helpful). **If the behavior is not going to change in the short term, let's please improve the messaging:** On multisite, clearly state that selecting a page as a Privacy Policy page will then cause it to only be editable by superadmins, and if editing the selected Privacy Policy page, display a similar notice so that people aren't confused why regular site admins or editors can't edit the page. " gserafini 6 46885 Improvements/Issues with srcsets, additions to wp_calculate_image_srcset joemcgill Media 5.1 normal normal Awaiting Review enhancement assigned 2019-04-11T19:29:39Z 2019-04-13T06:47:47Z "Hello All, I had a few issues that I've also found references to online without fixes. From the most basic to (slightly) more complicated. 1) Include a way to not include the original src in srcset. When you are developing a theme there are many reasons you don't want to the original src. The most obvious is that the original src can be uncompressed/unoptimized for better derivatives, or simply because editors upload whatever they have. You could also be using a lq-placeholder replacement method where you load a low resolution image in the src for better UX and would like that to go first in the srcset load order. 2) There is something strange with the way the srcset is ordered. In a current setup I'm getting original first(for ios 8 bug), followed by 360 wide, 180 wide, 720wide, 1280wide. Not sure why the 360 is swapped with 180. 2) Accept an array of named image sizes to create custom srcsets instead of generating all registered image sizes. Thanks." pinktank 5 46886 "wp_targeted_link_rel adds the rel attribute when the link has data-target=""""" Formatting 5.1 normal normal Awaiting Review defect (bug) new 2019-04-11T20:07:45Z 2019-04-13T13:58:32Z "To reproduce: Create a link element (easiest to see bug in classic editor): {{{ <a href=""https://example.com"" data-target=""thisandthat"">click here</a> }}} Save the post, and the link will have the rel=""noopener noreferrer"" attribute. " jakeparis 5 46897 Personal Data Export Report: Mobile friendly xkon Privacy 4.9.6 normal normal Future Release enhancement assigned 2019-04-12T13:13:04Z 2020-11-03T16:10:04Z "The reports are HTML files and I think we should consider making them more mobile friendly. For example: - Increase the margins around the report. - Make the data tables responsive. - Viewport - ... We could look into the admin list tables for ideas. " birgire 6 46905 Erase Personal Data without verify enable erase option and change status issue dev-feedback Privacy normal normal Awaiting Review defect (bug) new 2019-04-13T06:41:39Z 2019-04-15T05:13:16Z "Erase Personal Data 1) without verify request enable erase data option 2) Personal data but when erase data then display massage no personal data. 3) pending request change status completed when erase data without verify. See attached images 1) No personal data issue.png 2) change status automatically without varify.png 3) completed status.png" mehulwpos 2 46910 Allow wp_die to called after html has started output SergeyBiryukov* has-patch Site Health 5.2 normal normal Future Release defect (bug) accepted 2019-04-13T14:36:59Z 2020-01-31T16:52:54Z "Currently if wp_die is called in either front end or in the cms, after html has started to render html, it makes an extremely broken looking page. This is because the default wp_die will output another html / body tag and css. The wp_die function could somehow detect that html render had started, by saying checking an action has been run or a constraint was set, then instead of outputting the html start tags and would instead just output Javascript. This Javascript could display either an overlay dialog or even an a pure Javascript based alert displaying the message. This feature would be specially useful for the fatal error protection feature in WordPress 5.2. " spacedmonkey 14 46911 iframe in update-core.php Upgrade/Install 5.1.1 normal minor Awaiting Review defect (bug) new 2019-04-13T15:14:00Z 2020-11-30T09:48:24Z "''Flagged as component ""upgrade/install"" purely because i see nothing for core, and plugin/theming are two seperate areas'' `update_core` uses an iframe to display the update progress. The problem with this it uses height:100% (which does not cause browsers to use the whole available space, I wish it did, but alas), and a min-height property which is set sufficiently small enough to not make small browsers force scrolling, but not large enough to fill even half of the usable space on my desktop. Often leaving a large void, and a scroll bar at the side which isn’t immediately obvious. As far as I've ever noticed, this is the only place (in themes and plugin updates) this is specifically used, although anywhere that uses frames, it's possible. Many other places scroll elegantly, just not here. The only solutions I have involve jquery or similar scripting, albeit relatively minor (ie requesting page size and injecting it into the document). Is this type of scripting taboo in WP?: 1. As mentioned, retrieve the page height when loaded and insert that into `div.wrap`. 1. Make sure each parent above the iframe is set to 100% (caveat below). 1. don't use an iframe! I have tried mucking around with it, unfortunately it is only testable when you have several plugins or themes that need updating and I've just finished all the updates I need to do. The only way I can get it to achieve 100% of the usable space is to manually add “height 100%” to each of the parents above it. This isn't elegant as it spreads over the ""thank you for creating with wordPress"" and the version number at the bottom. Obviously the last `div#WPWRAP` goes too far, or, probably more correctly, this is influenced by the fact `#wpfooter` is positioned absolutely to the bottom and they simply overlap. I would love to actually have a solution, as i'd love to contribute, but I don't know the fix (other than not using an iframe!). " madivad 1 46921 Improper use of ’ (quotation mark) I18N normal minor Awaiting Review defect (bug) new 2019-04-14T10:00:16Z 2020-02-06T19:30:01Z "I am a member of the Italian Polyglots team (and also a developer). While looking at strings to be translated for version 5.2 I have noticed a large number of strings containing the HTML entity `’`. I.e. To enhance your site’s security, we recommend you remove any themes you’re not using. You should keep your current theme, %1$s, and %2$s, its parent theme. According to W3C Char ref (https://dev.w3.org/html5/html-author/charref), the entity `’` is an equivalent of `’` which is a **right single quotation mark**. I am not a native English speaker but according to different sources (see links below) the single quotation mark is often confused with the **apostrophe**, which has its own HTML entity (`'`). In most of the core strings (if not all) where the entity `’` is present, it appears to be misused, as an apostrophe should have been used instead. Quotation marks should only be used for quotations and they should always come in pairs. By the way, I would suggest using a plain apostrophe (`'`) rather than the equivalent HTML entity (`'`). I don't see any advantage in using an HTML entity here. If there's any issue related to escaping the `'` it should be addressed at code-level and not relying on the strings inserted by the translators. From a translator perspective strings without HTML entities are much more readable and easier to translate, so I would avoid the usage of entities whenever possible. So my proposal is to review all the core strings that include occurrences of `’` and replace them with a plain apostrophe `'` (excluding possible cases where there's a real quotation). P.s. Here are a few links on this topic: * https://english.stackexchange.com/questions/36046/apostrophe-vs-single-quote * https://www.ergonis.com/products/tips/punctuation-apostrophes-quotation-marks.php * https://webdesignledger.com/common-typography-mistakes-apostrophes-versus-quotation-marks/" marcochiesi 2 46923 $wpdb->get_var() — empty sting becomes a NULL Database 5.1.1 normal normal Awaiting Review defect (bug) new 2019-04-14T15:47:24Z 2019-04-15T17:07:42Z "Because of the following condition, we get `NULL`, even if a real field value is an empty string! {{{#!php <?php return ( isset( $values[ $x ] ) && $values[ $x ] !== '' ) ? $values[ $x ] : null; }}} [source:tags/5.1.1/src/wp-includes/wp-db.php?marks=2460-2478#L2455 See `wp-db.php` Line 2477] I think it is better to delete `$values[ $x ] !== ''` check and return field value as it is if it exists - what is usually meant by NULL in PHP (empty string is not null!). " Tkama 46931 Argument type mismatch has-patch Comments normal normal Awaiting Review defect (bug) new 2019-04-15T11:26:11Z 2020-10-16T00:36:26Z "In `wp-includes/comment-template.php`, we have argument types mismatched in DOC block of `comment_form_title` function. Please check if the proposed patch works." subrataemfluence 8 46932 dbDelta does not account for MySQL keywords being used as key names Database normal minor Awaiting Review defect (bug) new 2019-04-15T12:14:29Z 2019-04-16T00:46:51Z "This, is a bug, but it is an edge case. I realize that. In processing data coming from a third party, my plugin sets up a table in MySQL that uses the field name `key`. MySQL allows this because it is wrapped in back-ticks. The field does not cause a problem in the WordPress code, but I also index on that field and that does cause a problem. {{{ KEY `i_key` (`key`) }}} This causes a small problem with `dbDelta()`. The regex starting at line 2650 will not properly identify the index. Thus, the next line, 2676, will try to use the array element `$index_type['index_type']` which does not exist. This throws a warning in PHP. There are two possible solutions I see. 1. The simple solution is to add a check for an empty array above 2767. This won't solve the problem but it will stop the warning. 2. The more complete solution would be to change the regex to exclude the keyword matches if they are inside of backticks. This will solve the problem properly. There may be other solutions, those are just the ones I have identified. Cheers! :) =C= " CalEvans 46943 Settings ->Discussion bad view dropdown in mobile version Comments normal normal Awaiting Review defect (bug) new 2019-04-15T23:00:28Z 2019-10-21T16:44:39Z "Settings ->Discussion all dropdown are bigger on the responsive view. so need to make it size small same as desktop view and content align proper same as desktop view. " ketanumretiya030 3 46947 ‘❤’ in Comment Generates DB Error reporter-feedback Database 5.1.1 normal normal Future Release defect (bug) new 2019-04-16T13:02:03Z 2019-04-17T11:51:53Z "I got the following error message notice when a post comment included the ‘’ special character. When I approved the comment, there was no further error message generated. I have not seen this message before – but then again, we rarely get special character in comments. I am using WordPress 5.1.1. The WP-config: ‘define(‘DB_CHARSET’, ‘utf8′);’ Can someone please advise how to fix this? Regards and thanks, Angus Error message: *** [Thu Mar 21 02:17:57.574584 2019] [php7:notice] [pid 24789] [client 68.40.22.245:41759] WordPress database error Illegal mix of collations (utf8_general_ci,IMPLICIT) and (utf8mb4_unicode_ci,COERCIBLE) for operation ‘=’ for query SELECT comment_ID FROM xxxcomments WHERE comment_post_ID = 134978 AND comment_parent = ‘0’ AND comment_approved != ‘trash’ AND ( comment_author = ‘Rhonda Lott’ AND comment_author_email = ‘xxx@yahoo.com’ ) AND comment_content = ‘Amen And Amen! Thank you Rabbi!\xe2\x9d\xa4\xf0\x9f\x94\xa5\xf0\x9f\x92\xaf\xf0\x9f\x99\x8c’ LIMIT 1 made by wp_handle_comment_submission, wp_new_comment, wp_allow_comment, referer: https://www.hiskingdomprophecy.com/its-time-to-unearth-the-truth/ ***" HisKingdomProphecy 3 46948 Twenty Nineteen - JS error on mobile menu when no visible items reporter-feedback Bundled Theme normal normal Awaiting Review defect (bug) new 2019-04-16T15:00:46Z 2019-07-04T14:43:59Z "Looks like there's an issue with the JS that populates the 'more' (...) menu on mobile. If there are no visible menu links inside the main menu on mobile and all of them are inside the 'more' menu, then the JS will break. I do not think this is an issue on a Child Theme. Line 128 priority-menu.js: {{{ prependElement( hiddenList, ! visibleList.lastChild || null === visibleList.lastChild ? visibleList.previousElementSibling : visibleList.lastChild ); }}} Regarding `.lastChild`. The `visibleList` element: {{{ // Adds the necessary UI to operate the menu. var visibleList = container.parentNode.querySelector('.main-menu[id]'); }}} If no items are inside the visible list (and all items are inside the more menu) then `visibleList` will indeed return as a Node, however `lastChild` will return null. This means the value will not be catched properly by this inline condition: {{{ visibleList.previousElementSibling : visibleList.lastChild }}} And `null` will be passed to the second argument of the `prependElement` function when it is not a node - and cause a JS error. _https://wordpress.org/support/topic/javascript-error-on-child-theme/#post-11433882_ " anevins 5 46963 Comments meta box offset bug for custom comment types has-patch Comments normal normal Awaiting Review defect (bug) new 2019-04-17T13:13:39Z 2019-04-30T09:57:56Z "There is a conflict in the 'comments' meta box when used in combination with custom comment types. The `Show more comments` link loads duplicates, without an offset due to this line of code: https://github.com/WordPress/WordPress/blob/72979b167d913bf49745fa737654bdf6d13168de/wp-admin/js/post.js#L99 {{{ this.st = jQuery('#the-comment-list tr.comment:visible').length; }}} For custom comment types, the `comment` class may not exist. See how comment classes are generated here: https://github.com/WordPress/WordPress/blob/03240dd3f4442546562824bc6a10ed7c197bd6b2/wp-includes/comment-template.php#L466 {{{#!php <?php $classes[] = ( empty( $comment->comment_type ) ) ? 'comment' : $comment->comment_type; }}} You can see an example of this with WooCommerce which uses a comment type named 'review' (https://github.com/woocommerce/woocommerce/issues/23313). Because the comments out output without the `comment` class and instead they have a `review` class, the JS code fails to set the correct offset. Possible solutions: - Output `comment` class for custom comment types in addition to their custom class. - Revise jquery selector to be more generic e.g. count the `tr` elements instead." mikejolley 1 46964 "ID attribute value are used multiple times in ""Custom Field"" form" has-patch Editor 5.0 normal normal Future Release defect (bug) assigned 2019-04-17T13:34:14Z 2021-07-27T14:24:37Z "I have found that, ID attribute value like ""poststuff"" and ""postbox-container-2"" are used in multiple times in form of custom filed HTML. > Ex. id=""poststuff"" and id=""postbox-container-2"". I thought that, It will need to update for better coding standard & improve acessibility. Any suggestions are more welcomes...!!! " jankimoradiya 50 46966 urlencode query string parameters Formatting normal major Awaiting Review defect (bug) new 2019-04-17T22:09:07Z 2019-08-20T23:16:53Z "When adding query string arguments to a URL through add_query_arg() the arguments are not being URL encoded. An example of this {{{#!php add_query_arg( 'autofocus[panel]', 'themes', admin_url( 'customize.php' ) ) }}} The [ ] characters should URL encoded Output: /wp-admin/customize.php?autofocus[panel]=themes Expected: /wp-admin/customize.php?autofocus%5Bpanel%5D=themes " developernichemarketing 1 46967 Site health, info tab: show the current uploads directory info on network installs dev-feedback Site Health 5.2 normal normal Future Release defect (bug) new 2019-04-18T00:21:04Z 2019-06-20T14:44:58Z "Follow-up from #46954. Most of the information shown in the ""Directories and Sizes"" section doesn't apply for sites on a network install. Useful debug info would be to show the current site's upload directory path, size, and percentage of used space. Other info that may be useful there is the max file size allowed, as set in the network settings." azaozz 4 46969 During customize theme - preview body/icons get cuts on left side dev-feedback Customize 4.7 normal normal Awaiting Review defect (bug) new 2019-04-18T07:45:12Z 2021-05-30T19:53:46Z "Hello, While we customize the theme from admin dashboard (Dashboard > Appearance > Customize), the preview body gets cut from the left side resulting the icons to be not displayed properly in iPod landscape and portrait mode. " shashank3105 2 46970 Remove white Space - iPhone 6/7/8 Media 5.2 normal normal Future Release defect (bug) new 2019-04-18T08:42:03Z 2023-05-20T07:27:13Z "Hello, While we edit image from admin dashboard (Dashboard > Media > Library - edit), there is much white space displayed in iPhone-6/7/8 landscape and portrait mode. So for that, we can make that element in full width. Thanks, Shashank." shashank3105 2 46971 Selected Image gets overflow in Edit Image in Media upload - iPhone - 6/7/8 dev-feedback Media normal normal Awaiting Review defect (bug) new 2019-04-18T09:01:10Z 2019-04-30T17:27:52Z "Hello, While we edit image from admin dashboard (Dashboard > Media > Library - edit), the selected image gets overflow in iPhone-6/7/8 portrait mode. So for that, we can apply max-width: 100%. Thanks, Shashank." shashank3105 4 46973 Suggestion for selection boxes in Reading setting > settings > Dashboard dev-feedback Administration 5.2 normal normal Awaiting Review enhancement new 2019-04-18T09:46:30Z 2019-04-19T13:17:28Z "Hello, I got across with a suggestion while going through Reading setting > Setting > Dashboard. It would be more convenient if the two selection box(under Reading setting header) will be placed side by side using the white space right side. It will enhance the user experience and will result in clean design." monarkpatel 1 46976 Twenty Nineteen: remove postcss-focus-within Bundled Theme 5.0 normal normal Awaiting Review defect (bug) new 2019-04-18T10:22:35Z 2019-04-18T12:02:59Z "Maybe I'm missing something but seems to me [https://github.com/jonathantneal/postcss-focus-within postcss-focus-within] added in https://github.com/WordPress/twentynineteen/pull/392 doesn't do anything. It's supposed to be used together with its companion [https://github.com/jonathantneal/focus-within focus-within JS polyfill] which is not used in the theme. It is supposed to work this way: - `postcss-focus-within` processes the CSS and duplicates all the `:focus-within` rules with rules that use a `[focus-within]` attribute selector - `focus-within` adds the `[focus-within]` data-attribute in the DOM As Twenty Nineteen doesn't use `focus-within`, there are no `[focus-within]` data-attributes in the DOM. However, all the related CSS rules are in the stylesheet and appear to be unnecessary. Worth noting that to make the nav menu work in IE 11, a custom solution has been implemented in `touch-keyboard-navigation.js` which uses an `is-focused` CSS class. Also, ideally the `is-focused` CSS class should be added in the DOM only for browsers that don't support `:focus-within`. " afercia 1 46982 Avoid loading dot files in the mu-plugins directory. has-patch Plugins 2.8 normal normal Awaiting Review defect (bug) new 2019-04-18T19:08:07Z 2022-03-10T21:41:15Z "In some circumstances, metadata files are generated in the `mu-plugins` directory. For example, editing a plugin file `my-mu-plugin.php` folder using a Mac via SMB can result in a metadata file `._my-mu-plugin.php` being created. Because of the way `wp_get_mu_plugins()` works, this metadata file will be loaded as a valid plugin and the contents of the file will be output in the page header. I'm attaching a small patch to avoid loading `._` files in the unfortunate event that they are created." dcavins 2 46986 DNT Parameter automatically for Vimeo oEmbed requests garrett-eclipse* dev-feedback Embeds 4.9 normal major Future Release defect (bug) accepted 2019-04-18T21:28:42Z 2023-10-05T07:04:07Z "This is a follow-up to #41784. **Summary:** The “do not track” (?dnt=1) embed parameter is currently being automatically applied to all oEmbed requests for Vimeo videos, seemingly those embedded in self-hosted versions of WordPress only. We’ve traced this back to the change made to address this ticket #41784 (https://core.trac.wordpress.org/changeset/41345) The reason this is only coming up now is that Vimeo only just recently added oEmbed support for DNT- https://github.com/vimeo/player.js/pull/403 The issue with this WordPress change is that adding a DNT parameter to Vimeo embeds is intended to automatically block'' all'' tracking in the Vimeo player, including player statistics. Stats are a big feature of Vimeo which many users rely on, so adding this parameter is currently leading to user confusion when stats are not collected. Many users aren’t aware that this parameter is being added for them by WordPress, nor do they understand the implications. Vimeo support currently receives 1-2 support tickets from users a day who are affected by this change and unaware of the parameter being added by WordPress, and it's ability to disable stats. Documentation for the DNT parameter on Vimeo can be found here- https://vimeo.zendesk.com/hc/en-us/articles/360001494447-Using-Player-Parameters Example webpages with DNT: https://foodtv.dk/video/verdens-hurtigste-pastaret/ https://foodsthathealyoucbd.com/cbd-buyer-beware-know-what-youre-buying/ Check out this link for evidence of the DNT parameter in the iframe **Proposal:** WordPress should **not** automatically append the DNT parameter. Users should have the option to add DNT if they determine that it fits their needs. Note that unlike Twitter (which was mentioned in the initial report, the Vimeo player does not contain cookies which are unessential to player functionality (like saving language preferences or viewer statistics) It does not track 'non-essential' cookies like google analytics and other third party cookies (used for ad serving, etc). " djc71889 28 46988 Theme dir hardcode Themes 5.1.1 normal normal Awaiting Review defect (bug) new 2019-04-19T07:19:34Z 2019-05-03T18:50:03Z "This is about the get_raw_theme_root() function in wp-includes/theme.php When the $wp_theme_directories global has only one theme directory in it, the functions returns a hardcoded path of /themes which will be treated later as relative to the content folder. The correct behaviour would be to return the actual string from the $wp_theme_directories global. This is a problem when a user is using a custom theme directory and has deleted the themes directory in the content folder. Then his global $wp_theme_directories will contain only one path - the one to his themes directory, but WP will be looking in the content/themes directory instead in the Themes admin page. I had this issue on multisite, but should be the same on single sites I think. " studioreforma 2 46991 Stop propagation on actions or filter dev-feedback Plugins low normal Awaiting Review feature request new 2019-04-19T12:05:17Z 2020-11-19T12:02:38Z "It would be great to stop further filter-hooks/action-observer when we reached a state that should not continue. This helps especially for custom implementations: * Rejection actions that should not run. * Return filtered values without giving other plugins the chance to change them. All just for specific cases. Possible implementation: * Normal but impossible: Event-Class as wrapper reflecting whether to continue or stop. * Semi-normal-way: Throwing a exception like `\WP_Stop_Propagation_Exception` telling WP_Hook to stop. * Absolute absurd way: Setting a global variable like `$stop_propagation = true` ... and there may be more." screamingdev 4 47002 Create wp_theme_directory_constants() function and dynamic WordPress Themes folder has-patch Themes normal normal Awaiting Review enhancement new 2019-04-20T14:05:24Z 2019-04-25T07:24:49Z "One of the needs of WordPress users is to dynamically modify the themes folder. For Change themes folder name in (wp-content dir) you can added this code in wp-config.php : {{{ define( 'WP_THEMES_DIR', ""template"" ); }}} also for change complete path and url : {{{ define( 'WP_THEMES_PATH', ABSPATH . ""/public/template"" ); define( 'WP_THEMES_URL', WP_SITEURL . ""/public/template"" ); }}} This item works for WordPress Multi-site without problems. " mehrshaddarzi 3 47004 WordPress email subject update - phase 2 has-patch Mail normal normal Awaiting Review enhancement assigned 2019-04-21T00:39:30Z 2020-01-07T23:35:44Z "WordPress send emails, using `wp_mail()` function, to inform the site admin when some important tasks are done and when it needs user confirmation. In #37940 we standardized **email subjects** used by WordPress. We updated subject texts, added unified translation comments and added site title as a prefix to all the email subjects. Now we should standardized the filters used to filter WordPress emails. Why? Because not all emails can be filtered. I prefer to do this in two steps: 1. Separate the email subject from the `wp_mail()` function. 2. Add new filters to filter the email subject. See the attached patches." ramiy 4 47009 WP_Query bug with author=0 Query normal normal Awaiting Review defect (bug) new 2019-04-22T07:10:12Z 2019-04-22T08:17:08Z "Hi all, I found a weird behaviour of WP_Query using the argument author. If author is set to 0, the query returns all the posts and not an empty set. Is this a wanted behaviour or a bug?" mikylucky 47012 Proposal: Simplify WordPress Admin Navigation dev-feedback Administration normal normal Future Release enhancement new 2019-04-22T15:40:53Z 2022-02-08T07:56:17Z "About 3 months ago [https://wordpress.slack.com/archives/C02S78ZAL/p1548265528434800?thread_ts=1548092047.364700&cid=C02S78ZAL joen shared some rough mockups] in Slack for proposed changes to the left sidebar navigation in core. My goal below (with Joen’s blessing) is to resurface those mockups a little more publicly to see if we can gather some more feedback and potentially gain a little more momentum with this project. === Summary The current sidebar has served us well for a long time. But with a few improvements, we can improve accessibility and usability, and allow it to better scale to extensions. === Challenges with the current design * The hover/flyout menus are difficult to make accessible, and they do not scale well to mobile interfaces. * There are a lot of top-level menu items that are rarely if ever used, contributing to cognitive weight by still being permanently visible. * Given the additional menu items that plugin add, people are likely to end up with many menu items, despite a large number of them perhaps not being used that often. === Mockup **Important disclaimer:** this is just an initial concept, it is subject to feedback and discussion and iterations: [[Image(menu-mockup.png)]] Props to joen for coming up with this v1 concept. === Major Changes * Flyout menus are replaced with accordion behavior. This scales all the way from mobile to desktop, and affords better accessibility. * Menu is made 80px wider (240px vs. 160), affording a 14px minimum font size for all items, perhaps bigger icons in the future, more relaxed spacing, enhancing usability and accessibility. * Sidebar is grouped in major sections, “Site”, “Design”, “Tools” and “Manage”. * “Updates” are moved to a subsection of “Manage”, making Home a single item. * Items related to content on your site (such as “Posts” and “Pages”) are moved under “Site”. * Clicking major menu items just opens or closes the accordion, as opposed to go directly to the first subsection. This unifies the mobile and desktop behavior. You can keep the accordion open if you use it all the time (each click will save state, so you’ll see the same open/closed sections upon page refresh). * All “Settings” subsections are moved under “Manage”, along with “Plugins & Blocks” and “Users”. * Separators group major categories, like “Site” and “Design” together * Dashboard is renamed “Home”, because all of WordPress is a Dashboard, and “Home” is where you can get an overview at a glance. === Custom Post Types & Taxonomies * Custom Post Types show up below Pages (top item) and Posts (2nd item). * A separator cordons these off from Media & Comments, which show content from all. * Categories & Tags, and even custom taxonomies, are accessible from each section, as opposed to having a permanent presence in the sidebar. For example if you have a taxonomy called “Ingredients” tied to “Recipes”, you first click “Recipes”, and on the archive page you can manage existing Ingredients under a tab. The argument for putting them under this page is that taxonomies are usually added in the editor itself, and only managed on the archive pages. * When you have custom post types, an additional, short, separator shows up below the post types. === Where's the ""Add New"" menu item? One idea would be to make this permanently visible in the top toolbar. [[Image(add-button.png)]] Clicking this button produces a dropdown. By moving it there, you have a single destination to create new content, and we reduce the amount of tab-stops in the navigation menu, especially for sites with a lot of custom post types. === Related Helen opened [https://core.trac.wordpress.org/ticket/32678 this ticket] over 4 years ago. There are a number of different ideas and threads in that ticket. If someone decides that these two tickets should be merged, that is fine. === Feedback Please keep in mind that this is just a ''very early, exploratory concept''. Nothing here is set in stone. The goal of this exercise would be to improve the overall usability and accessibility of the left nav. What thoughts, concerns, questions, and feedback do you have?" lessbloat 64 47029 Custom Taxonomies, with no post_type association and custom submenu location, UX experience is broken when on Taxonomy management page Taxonomy 5.1.1 normal normal Awaiting Review defect (bug) new 2019-04-24T14:52:15Z 2019-04-24T14:52:15Z "When creating a custom taxonomy with no `post_type` association, then adding a `add_submenu_page` option for it under any specific menu, the link will show in the proper location. The problem is when you view the taxonomy management page, the UX is not as expected. One would expect the main menu location to be open and the submenu to be bolded (normal nav UX). e.g. - Posts - Custom Main Menu Item - Add New - **Custom Taxonomy** What actually happens is that the Posts main menu is open and nothing is highlighted. e.g. - Posts - All Posts - Add New - Categories - Custom Main Menu Item When you do go to the main menu location that the taxonomy is assigned to, you do see what is expected. Meaning, the submenu option is bolded, the main menu just is closed and not opened. Only the Posts main menu item is open. The issue appears to be that when there is no post_type association, the Posts main menu is always the open main menu item. I provided an example below. This example adds a new taxonomy to the plugin: [https://wordpress.org/plugins/query-wrangler/] (This was a quick way to duplicate the issue but to be honest, I have this exact issue on every custom taxonomy with no `post_type` association. ) It creates the menus structure: - Query Wrangler - Add New - Import - Settings - Content Groups When I click on the Content Groups taxonomy, I am taken to the taxonomy management page as expected. The issue is the admin nav now shows: - Posts - All Posts - Add New - Categories - Custom Main Menu Item Instead of: - Query Wrangler - Add New - Import - Settings - **Content Groups** {{{ <?php /** * Class Content_Groups * Allows building content groups by associating Query Wrangler and Custom queries */ class Content_Groups { /** * Taxonomy identifier */ const TAX_NAME = 'content-groups'; /** * Query Wrangler page slug */ const MENU_SLUG = 'query-wrangler'; public function __construct() { \add_action('init', array($this, 'register')); \add_action('admin_menu', [$this, 'add_sub_menu'], 99999); // Must be lower than Query Wrangler's value: 9999 } /** * Registers Taxonomy * @link https://codex.wordpress.org/Function_Reference/register_taxonomy * @link https://core.trac.wordpress.org/ticket/28033 */ public function register() { $capability_type = str_replace('-', '_', self::TAX_NAME); $args = array( 'hierarchical' => false, 'labels' => [ 'name' => _x('Content Groups', 'taxonomy general name', 'text-domain'), 'singular_name' => _x('Content Group', 'taxonomy singular name', 'text-domain'), 'menu_name' => _x('Content Groups', 'menu_name', 'text-domain'), 'all_items' => _x('All Content Groups', 'all_items', 'text-domain'), 'edit_item' => _x('Edit Content Group', 'edit_item', 'text-domain'), 'view_item' => _x('View Content Group', 'view_item', 'text-domain'), 'update_item' => _x('Update Content Group', 'update_item', 'text-domain'), 'add_new_item' => _x('Add New Content Group', 'add_new_item', 'text-domain'), 'new_item_name' => _x('New Content Group Name', 'new_item_name', 'text-domain'), 'parent_item' => _x('Parent Content Group', 'new_item_name', 'text-domain'), 'parent_item_colon' => _x('Parent Content Group:', 'parent_item_colon', 'text-domain'), 'search_items' => _x('Search Content Groups', 'search_items', 'text-domain'), 'popular_items' => _x('Popular Content Groups', 'popular_items', 'text-domain'), 'separate_items_with_commas' => _x('Separate content groups with commas', 'separate_items_with_commas', 'text-domain'), 'add_or_remove_items' => _x('Add or Remove Content Groups', 'add_or_remove_items', 'text-domain'), 'choose_from_most_used' => _x('Choose from the most used content groups', 'choose_from_most_used', 'text-domain'), 'not_found' => _x('No content groups found', 'not_found', 'text-domain'), ], 'capabilities' => [ 'manage_terms' => ""manage_{$capability_type}"", 'edit_terms' => ""edit_{$capability_type}"", 'delete_terms' => ""delete_{$capability_type}"", 'assign_terms' => ""assign_{$capability_type}"", ], 'show_ui' => true, 'show_menu_ui' => true, 'query_var' => true ); // Register the taxonomy \register_taxonomy(self::TAX_NAME, NULL, $args); } /** * Builds the menu */ public function add_sub_menu() { $capability_type = str_replace('-', '_', self::TAX_NAME); \add_submenu_page( self::MENU_SLUG, _x('Content Groups', 'menu_name', 'text-domain'), _x('Content Groups', 'menu_name', 'text-domain'), ""manage_{$capability_type}"", 'edit-tags.php?taxonomy=' . self::TAX_NAME ); } } }}} " son9ne 47041 Custom Post type author empty Posts, Post Types 5.1.1 normal normal Awaiting Review defect (bug) new 2019-04-25T11:30:05Z 2020-04-22T06:20:09Z "If I created Custom post type with rest enabled [ for Gutenberg support ] and I try to created/publish custom post type then Post author is empty instead of the current user I checked with bbPress Post type forum, For enabled rest support, refer the following code {{{#!php function twentyseventeen_rest_support_bbpress() { global $wp_post_types; $forum_post_type = bbp_get_forum_post_type(); if (isset($wp_post_types[$forum_post_type])) { $wp_post_types[ $forum_post_type ]->show_in_rest = true; } } add_action('init', 'twentyseventeen_rest_support_bbpress', 25); }}} " dipesh.kakadiya 1 47044 Twenty Nineteen: Add padding for full-aligned text blocks inside of a full-width column block. has-patch Bundled Theme normal normal Future Release defect (bug) new 2019-04-25T13:19:46Z 2019-10-03T22:05:35Z "As noted by @dianeco, after #46999, text-based blocks inside of a full-width columns block now bump up against the edges of the screen: [[Image(https://cldup.com/KnBH49tlCQ-3000x3000.png)]] In the case of media/image blocks, it's likely that users ''will'' want these to bump right up against the edge of the page, so we should try adding some padding only to text-based blocks if possible. Note that this needs to be fixed in both the editor and front-end. " kjellr 2 47049 Unzip_file causing Media file upload error Upload 5.1.1 normal normal Awaiting Review defect (bug) new 2019-04-26T01:03:53Z 2019-04-28T17:10:43Z "When I attempt to use the unzip_file function below in my functions.php: {{{ require_once(ABSPATH . 'wp-admin/includes/file.php'); WP_Filesystem(); $destination = wp_upload_dir(); $destination_path = $destination['path']; $unzipfile = unzip_file( $destination_path.'/filename.zip', $destination_path); if ( is_wp_error( $unzipfile ) ) { echo 'There was an error unzipping the file.'; } else { echo 'Successfully unzipped the file!'; } }}} I get the following error when trying to upload any files into the Media library in Media > Add New: {{{ An error occurred in the upload. Please try again later. }}} I am using Twenty Nineteen theme with no plugins activated and I don't get the error when I remove the function. https://codex.wordpress.org/Function_Reference/unzip_file " troytempleman 3 47050 Recovery Email - Keep consistent newline spacing around ###CAUSE### mergetag has-patch Site Health 5.2 normal minor Future Release defect (bug) new 2019-04-26T03:59:17Z 2021-05-08T13:55:08Z "Hello, While translating I came to the recovery email which uses several mergetags. They're all surrounded by empty lines with the exception of ###CAUSE### which I felt odd. Current Email; {{{ Howdy!↵ ↵ Since WordPress 5.2 there is a built-in feature that detects when a plugin or theme causes a fatal error on your site, and notifies you with this automated email.↵ ###CAUSE###↵ First, visit your website (###SITEURL###) and check for any visible issues. Next, visit the page where the error was caught (###PAGEURL###) and check for any visible issues.↵ ↵ ###SUPPORT###↵ ↵ If your site appears broken and you can't access your dashboard normally, WordPress now has a special ""recovery mode"". This lets you safely login to your dashboard and investigate further.↵ ↵ ###LINK###↵ ↵ To keep your site safe, this link will expire in ###EXPIRES###. Don't worry about that, though: a new link will be emailed to you if the error occurs again after it expires.↵ ↵ ###DETAILS### }}} Code Reference - https://build.trac.wordpress.org/browser/trunk/wp-includes/class-wp-recovery-mode-email-service.php?marks=134#L139 Opening this ticket to introduce empty lines around ###CAUSE### The cause strings I found are; ""In this case, WordPress caught an error with one of your plugins, %s."" ""In this case, WordPress caught an error with your theme, %s."" Both could use the space and not be sandwiched between the first two large paragraphs. Cheers" garrett-eclipse 8 47051 Twenty Nineteen theme sub-menu returns error in WAVE accessibility tool nataliemac Bundled Theme 5.0 normal normal Future Release defect (bug) assigned 2019-04-26T16:21:38Z 2019-11-03T21:23:14Z "I'm building a site in (a child theme of) Twenty Nineteen. In the top menu, each instance of a menu item that has a child item is returning one error in the WAVE accessibility tool. The reported error is ""empty button"" and below is the explanation: What It Means A button is empty or has no value text. Why It Matters When navigating to a button, descriptive text must be presented to screen reader users to indicate the function of the button. How to Fix It Place text content within the <button> element or give the <input> element a value attribute. The Algorithm... in English A <button> element is present that contains no text content (or alternative text), or an <input type=""submit"">, <input type=""button"">, or <input type=""reset""> has an empty or missing value attribute. Standards and Guidelines 1.1.1 Non-text Content (Level A) 2.4.4 Link Purpose (In Context) (Level A) This is the HTML that is returning the alleged error: <button class=""menu-item-link-return"" tabindex=""-1""><svg class=""svg-icon"" width=""24"" height=""24"" aria-hidden=""true"" role=""img"" focusable=""false"" viewBox=""0 0 24 24"" version=""1.1"" xmlns=""http://www.w3.org/2000/svg"" xmlns:xlink=""http://www.w3.org/1999/xlink""><path d=""M15.41 7.41L14 6l-6 6 6 6 1.41-1.41L10.83 12z""></path><path d=""M0 0h24v24H0z"" fill=""none""></path></svg>About us</button> " johnfclifford 10 47064 User Profile has-patch Users 5.1.1 normal normal Awaiting Review defect (bug) new 2019-04-28T08:50:00Z 2019-05-03T10:39:52Z "Hi, there is a bug when updating someone's user's profile by leaving a required field blank. Example leaving the nickname field as blank, it will show some error that you need to fill out the field. But when you refresh the page, the page will be ""Invalid user ID."". The ?user_id in the url has been removed. Thank you" jdan21 2 47068 get_queried_object() returns null date archives and on homepage with blog on front settings Posts, Post Types 5.1.1 normal normal Awaiting Review defect (bug) reopened 2019-04-29T12:12:22Z 2019-05-03T10:59:18Z get_queried_object() returns null if permalink is plain. bplv 1 47072 Hierarchical post types missing attributes meta box if post type doesn't support 'page-attributes' or have templates Posts, Post Types 5.1.1 normal minor Awaiting Review defect (bug) new 2019-04-29T17:11:09Z 2019-04-29T17:11:09Z Setting the hierarchical argument to true in the register post type function doesn't enable the post parent automatically. In order for this meta box to show up you must also enable post type support for page-attributes or the post type must have templates. I would think the post parent dropdown should be visible by default if the post type is hierarchical. This applies to both the Classic and Gutenberg editor. natereist 47083 "Site Info Update Not Adjusting ""Last Updated"" Value" Networks and Sites 5.1.1 normal normal Awaiting Review defect (bug) new 2019-04-30T14:30:27Z 2019-05-09T17:14:48Z " + Navigate to `/wp-admin/network/site-info.php?id=XXX` where XXX is a valid Site ID. + Checkmark: Spam + Click: Save Changes Expected: ""Last Updated"" changed to current time. Actual: ""Last Updated"" not changed. --- This is in contrast to `/wp-admin/network/sites.php` -> Bulk action -> Mark as Spam. Doing it bulk updates the Last Updated field to current time. --- In fact, behaviour is broken since 5.1.0 `update_blog_details` function used to do: {{{ $details = array_merge($current_details, $details); $details['last_updated'] = current_time('mysql', true); }}} https://github.com/WordPress/wordpress-develop/blob/5.0/src/wp-includes/ms-blogs.php#L297 --- This is a problem because we use ""Last Updated"" field to purge spam. It gives users X days from the ""Last Updated"" value to dispute the spam. " conner_bw 3 47085 Site Health appear on individual sites in Multisite has-patch Site Health 5.2 low minor Future Release enhancement new 2019-04-30T19:45:15Z 2020-10-19T06:18:41Z "The tests are all related to the server or the network of sites, rather than individual sites. Individual site admins are unlikely to be able to perform most of the recommended actions. Would it make more sense to place the page in the Network Admin area, rather than on individual sites? " iandunn 26 47088 Visting wp-login.php whilst logged in logs you out Login and Registration 3.0 normal normal Awaiting Review defect (bug) reopened 2019-05-01T08:00:01Z 2023-10-10T00:28:18Z "I leave multiple, regularly-used WP admin tabs open in a browser window. The login sessions time out, as expected, resulting in tabs with URLs like https://example.com/wp-login.php?redirect_to=https%3A%2F%2Fexample.com%2Fwp-admin%2Fadmin.php%3Fpage%3Dfoo-bar&reauth=1 If log in on such a tab to do something, then switch to another tab that also has that type of auto-logged-out URL, I am immediately logged out of the site. I would expect WP to realise that I am logged in and simply honour the redirect already in the URL, or at least provide the choice of logging out or going to the redirect page/dashboard." lev0 7 47091 REST get wp/v2/media sizes to include add_image_size() reporter-feedback Media normal normal Awaiting Review enhancement new 2019-05-01T15:42:44Z 2020-10-25T04:29:41Z "Media returned from the API returns as sizes attribute. These sizes are only the default sizes from wordpress. Sizes added via add_image_size() are not available. This would be a great feature for wordpress, allowing users to upload an image once, do all the cropping there, and insert that image in the ways that they want through gutenberg. The current experience is broken up due to the need to do production work outside of gutenberg." shaneyu 2 47101 Improve contrast when deleting terms in list table via AJAX Taxonomy 2.5 normal normal Future Release defect (bug) new 2019-05-02T20:45:52Z 2019-06-24T09:06:36Z "When deleting a term via the inline ""Delete"" link in the taxonomy list table, the background will turn red (`#FF3333`) while the request is passed via AJAX and remain so until the term is deleted. For terms with few associations, this won't take more than a second, so it disappears very quickly. For terms with many associations, this can hang on the screen for a while and the contrast of the text in that row becomes very poor. Background: `#FF3333` (I believe set in `lists.js` Slug text: `#555555` (2.04:1 ratio) Anchor text: `#0073AA` (1.43:1 ratio) Hover text: `#00A0D2` (1.2:1 ratio) Delete text: `#AA0000` (2.13:1 ratio) Delete hover text: `#DC3232` (1.27:1 ratio) It seems like there may be a better color than red that can be used to convey that the row's removal is in progress." jeremyfelt 5 47105 Not focusing on input control when validate that input control Taxonomy normal normal Future Release defect (bug) new 2019-05-03T07:08:45Z 2019-06-28T14:23:13Z "This issue is generated in form validation (category,tag,taxonomy,etc...) in input controls. When anyone submits or save categories without a fill input box then showing red box validation but currently, it's not focusing validate a field (input field). Expected: When anyone submits or save category without fill input box then autofocus on validating input field that showing to the user to enter some value in the input box. Please follow this GIF steps: [[Image(https://s3.gifyu.com/images/screencast-localhost-2019.05.03-11-19-35.gif)]] " hardipparmar 3 47111 Dynamically added notifications need ARIA role alert or status joedolson* Administration normal normal 6.6 defect (bug) accepted 2019-05-03T17:19:49Z 2024-02-20T15:20:06Z "Follow up to #46995. In the various admin screens, all the notifications / warnings and the like that are rendered ""on the fly"" and injected in the DOM need either an ARIA role `alert` or `status` to be properly perceived by assistive technologies and users using these technologies. This doesn't apply to the standard ""admin notices"" that are normally rendered on page load. It only applies to JavaScript-rendered notices that appear at some point in a page. There are a few of them across the admin that would greatly benefit from a standardized component. References: https://www.w3.org/TR/wai-aria-1.1/#alert https://www.w3.org/TR/wai-aria-1.1/#status Quoting from the Aria Authoring Practices (emphasis mine): > Dynamically rendered alerts are automatically announced by most screen readers, and in some operating systems, they may trigger an alert sound. **It is important to note that, at this time, screen readers do not inform users of alerts that are present on the page before page load completes.** W3C role=alert example: https://www.w3.org/TR/wai-aria-practices/examples/alert/alert.html" afercia 7 47121 Featured image modal: content disappears when changing device orientation Media 5.0 normal normal Awaiting Review defect (bug) new 2019-05-04T09:27:12Z 2019-08-29T13:51:28Z "To reproduce: - emulate a mobile device via the Chrome dev tools - edit a post in Gutenberg - click Featured Image > Set featured image in the sidebar - the ""Featured Image"" media modal opens - depending if your initial device orientation is landscape or portrait, click once or twice on the Chrome dev tool ""Rotate"" button to change device orientation - once the orientation is ""portrait"", the whole content of the modal disappears - ie: the content container becomes totally empty: `<div class=""media-modal-content""></div>` - change orientation again: still empty See attached screenshots." afercia 1 47124 "Admin menu: restore ""Add New"" in the Themes section" has-patch Themes 3.8 normal normal Future Release feature request new 2019-05-04T15:11:03Z 2021-10-29T04:55:56Z "Many sections in the admin menu have an ""Add New"" link to navigate directly to the add new Post, Page, Media, Plugin, etc. pages. Except the Themes (Appearance) section. Personally, not having the ability to directly navigate to the ""Add Themes"" page has always been a bit annoying for me. Good motivation for some software archeology: In WordPress 2.9 there was an ""Add New Themes"" link: [[Image(http://cldup.com/JwtyIkudcV.png)]] It was removed 9 years ago for WordPress 3.0 in [13533], in favor of a ""tabbed interface"", see #12412 (see also [13583]): [[Image(http://cldup.com/v-lQIXw5rD.png)]] Finally, the tabbed interface was removed in WordPress 3.8 in [26141], with the THX redesign, see #25948. However, the link in the admin menu wasn't restored. I'm pretty sure this was considered at that time, but I couldn't find any related discussion to point to. Today, the lack of and ""Add New"" link is inconsistent with other menu sections. For example, I'm not sure why the Plugins section does need an ""Add New"" link and the Themes section doesn't. Also, this requires some exploration and an additional click each time users want to navigate to the Add Themes page. Worth also considering that on the multisite admin menu, the ""Add New"" link does exist. See in the screenshot below: single site on the left and multisite on the right. [[Image(http://cldup.com/P5_aKjtGBg.png)]] If the concern is that the Theme Installer screen requires JavaScript, this can be solved with an admin notice as done in the multisite screen. Also, the admin menu items can take an optional CSS class and `hide-if-no-js` would work. Unless I'm missing some important consideration, I'd propose to restore the missing ""Add New"" link for better usability and consistency. Related: #47012" afercia 8 47127 Parameter Error in class-wp-hook files Cron API 5.1.1 normal major Awaiting Review defect (bug) new 2019-05-05T12:57:33Z 2019-05-09T02:26:49Z "After update, I am getting these in the logs, tens of thousands of lines of the same thing over and over again. I have to delete logs daily as the size grows into the 10+ megs. It is odd. This repeats over and over again without ceasing. I removed all plugins and switched to the default theme and the error still persists. It has to do with the core. [05-May-2019 12:50:43 UTC] PHP Warning: call_user_func_array() expects parameter 2 to be array, null given in /home/public_html/wp-includes/class-wp-hook.php on line 286 [05-May-2019 12:50:43 UTC] PHP Notice: Undefined index: args in /home/public_html/wp-cron.php on line 118 [05-May-2019 12:50:43 UTC] PHP Notice: Undefined index: args in /home/public_html/wp-cron.php on line 122 [05-May-2019 12:50:43 UTC] PHP Notice: Undefined index: args in /home/public_html/wp-cron.php on line 133 [05-May-2019 12:50:43 UTC] PHP Warning: count(): Parameter must be an array or an object that implements Countable in /home/public_html/wp-includes/class-wp-hook.php on line 272 " walkinverse 4 47130 Drop files to upload is also available except Upload Media tab Media 5.1.1 normal normal Future Release defect (bug) reopened 2019-05-06T10:31:46Z 2021-08-12T14:38:08Z "Howdy Developers, As per my understanding, `Drop files to upload` feature should be enabled during `Upload media` only. Instead of that, I have noticed that whenever Crop Image or any other popup for media is open, then `Drop files to upload` is still there. " malavvasita 15 47137 Insufficient form semantics joedolson* Media normal minor Future Release defect (bug) accepted 2019-05-06T14:33:17Z 2024-02-01T20:40:12Z "Moved from the WPCampus accessibility report issues on GitHub, see https://github.com/WordPress/gutenberg/issues/15305 * **Severity**: * Low * **Affected Populations**: * Blind * Cognitively Impaired * **Platform(s):** * All / Universal * **Components affected**: * Media Dialog **Issue description** The ""Media Library"" panel of the ""Featured Image"" modal dialog lists some filtering of options, a group of checkboxes, a sub-form of relevant meta-data, and a ""Select"" button. However there are no semantics which associate these controls together, nor give the orphan ""Select"" button any meaning relative to the selected checkbox/image. Additionally, a link taking users to a new window/tab with an editing form does not inform users that it opens a new window or tab. Semantic markup is vital for assistive technology users, to convey the structure and relationships between information. When appropriate semantic markup is not used, it may be more difficult for such users to understand what the content means, and to comprehend the structure that the visual presentation conveys. **Issue Code** {{{ <div class=""attachments-browser"">... <div class=""media-toolbar""> <div class=""media-toolbar-secondary""> <label for=""media-attachment-date-filters"" class=""screen-reader-text"">Filter by date</label> <select id=""media-attachment-date-filters"" class=""attachment-filters"">...</select> </div> <div class=""media-toolbar-primary search-form""> <label for=""media-search-input"" class=""screen-reader-text"">Search Media</label> <input type=""search"" placeholder=""Search media items..."" id=""media-search-input"" class=""search""> </div> </div> <ul tabindex=""-1"" class=""...""><li ...>...</li></ul> ... <div tabindex=""0"" data-id=""159"" class=""attachment-details save-ready""> <h2>Attachment Details <span>...</span></h2> <div class=""attachment-info""> <div class=""thumbnail thumbnail-image"">...</div> ... <div class=""dimensions"">1820 × 1213</div> <a class=""edit-attachment"" href=""...&action=edit..."" target=""_blank"">Edit Image</a> <button type=""button"" class=""..."">Delete Permanently</button> </div> </div> <label class=""...""> <span...>URL</span> <input type=""text"" value=""...this-is-fine.jpg"" readonly=""""> </label> ... </div> <form class=""compat-item""></form> </div> </div> <div class=""media-toolbar-primary search-form""> <button type=""button"" class=""..."">Select</button> </div> </div> }}} **Remediation Guidance** Turn the form into an actual `<form>` element. Wrap `<fieldset>` tags (with accompanying `<legend>` elements) around groups of controls explaining what they are. Use the id on the `<form>` element with the form attribute on the ""Select"" button to designate this as the form's submit button. Add text to the ""Edit"" link that opens in a new window or tab, informing users that this will happen. When the form in the new tab/window is submitted, users should be brought back to the original form. **Recommended Code** {{{ <div class=""attachments-browser"">... <form id=""media_form""> <fieldset class=""media-toolbar""> <legend class=""screen-reader"">Filter media options</legend> <div class=""media-toolbar-secondary""> <label for=""media-attachment-date-filters"" class=""screen-reader-text"">Filter by date</label> <select id=""media-attachment-date-filters"" class=""attachment-filters"">...</select> </div> <div class=""media-toolbar-primary search-form""> <label for=""media-search-input"" class=""screen-reader-text"">Search Media</label> <input type=""search"" placeholder=""Search media items..."" id=""media-search-input"" class=""search""> </div> </fieldset> <fieldset> <legend class=""screen-reader"">Media options result</legend> <ul tabindex=""-1"" class=""...""><li ...>...</li></ul> </fieldset> ... <fieldset tabindex=""0"" data-id=""159"" class=""attachment-details save-ready""> <legend>Attachment Details <span>...</span></legend> <div class=""attachment-info""> <div class=""thumbnail thumbnail-image"">...</div> ... <div class=""dimensions"">1820 × 1213</div> <a class=""edit-attachment"" href=""...&action=edit..."" target=""_blank"">Edit Image <span class=""screen-reader""> Opens in a new window</span></a> <button type=""button"" class=""..."">Delete Permanently</button> </div> </div> <label class=""...""> <span...>URL</span> <inputtype=""text"" value=""...this-is-fine.jpg"" readonly=""""> </label> ... </div> </fieldset> </form> <div class=""media-toolbar-primary search-form""> <button form=""media_form"" type=""button"" class=""..."">Select</button> </div> </div> }}} **Relevant standards** * 1.3.1 Info and Relationships (Level A) https://www.w3.org/TR/WCAG20/#content-structure-separation-programmatic * 1.3.3 Sensory Characteristics (Level A) https://www.w3.org/TR/WCAG20/#content-structure-separation-understanding * 3.3.2 Labels or Instructions (Level A) https://www.w3.org/TR/WCAG20/#minimize-error-cues * 4.1.2 Name, Role, Value (Level A) https://www.w3.org/TR/WCAG20/#ensure-compat-rsv **Note**: This issue may be a duplicate with other existing accessibility-related bugs in this project. This issue comes from the Gutenberg accessibility audit, performed by Tenon and funded by WP Campus. This issue is GUT-50 in Tenon's report" anevins 35 47139 function wp_logout_url urlencode causes issues in items wrap nav walker. audrasjb reporter-feedback Menus normal normal Awaiting Review defect (bug) reviewing 2019-05-06T14:42:44Z 2019-08-02T11:09:52Z "Hi The function wp_logout_url returns a encoded logout url. This used to work before without any issues. {{{ string(128) ""http://wprtdev.tst/wp-login.php?action=logout&_wpnonce=72f1be58e4&redirect_to=http%3A%2F%2Fwprtdev.tst%2F%3Floggedout%3Dtrue"" }}} But if you parse this url as a list element in the menu walker you get a warning and error {{{ <b>Warning</b>: sprintf(): Too few arguments in <b>/var/docs/wprtdev.tst/public/wp-includes/nav-menu-template.php</b> on line <b>261</b><br /> }}} because the walker uses %3$s for the items wrap and the encoded url has %3Afor : and %3F for ? It is not possible to add a logout url into the items wrap like this {{{ 'items_wrap'=>'<ul id=""%1$s"" class=""%2$s"">%3$s<li id=""woo-menu-logon-main"" class=""menu-item menu-item-type-post_type""><a href=""http://wprtdev.tst/wp-login.php?action=logout&_wpnonce=72f1be58e4&redirect_to=http%3A%2F%2Fwprtdev.tst%2Fblog%3Floggedout%3Dtrue"" title=""Logout from shop"" itemprop=""url""><i class=""wooicon icon icon-exit""></i>Logout</a></li>', }}} How to fix this? Thank you ! " BackuPs 3 47144 Text inadvertently rendered by assistive technologies joedolson* Media normal normal Future Release defect (bug) accepted 2019-05-06T14:58:01Z 2022-10-28T15:49:23Z "Moved from the WPCampus accessibility report issues on GitHub, see https://github.com/WordPress/gutenberg/issues/15296 * **Severity**: * Medium * **Affected Populations**: * Blind * Low-Vision * Cognitively Impaired * **Platform(s):** * Windows - Screen Reader * Mac - VoiceOver * Android - TalkBack * iOS - VoiceOver * **Components affected**: * Block Panel * Document Panel * Media Dialog **Issue description** Users of assistive technologies such as screen readers who navigate to the bottom of the Settings panels will find a button which they cannot activate (nor see if sighted) called ""Select files"". Additionally, if users change the color modes in the popup custom color picker, the current mode is announced in a live region. However, long after users are done with choosing a color, even after choosing to edit another block on the page, when they reach the bottom of the Block panel they'll still hear ""hex color mode active"". At this point, users may not remember what this was for and have no idea what this is referencing, as it no longer has any context. **Issue Code** {{{ <!-- color announcement --> <div id=""wp-a11y-speak-polite"" aria-live=""polite"" aria-relevant=""additions text"" aria-atomic=""true"" class=""screen-reader-text wp-a11y-speak-region"">Hex color mode active</div> <!-- select files --> <div class=""wp-uploader-browser"" id=""wp-uploader-browser-o_1d2saqvj4l3skgruvl1ejo1ejp3"" style=""position: fixed; top: -1000px; left: -1000px; height: 0px; width: 0px;""> <button type=""button"" class=""browser button button-hero"" id=""__wp-uploader-id-1"" style=""display: inline-block; position: relative; z-index: 1;"">Select Files</button> </div> }}} **Remediation Guidance** When users have performed an action, such as clicking another block (or whatever action causes ""No block selected"" to appear in the Block panel), clear the live region so that users who encounter it while manually reading do not hear it. Refill the live region when users change color modes. The hidden file selection button should be hidden from all users with display: none whenever it is not visible nor meant to be used. **Recommended Code** {{{ <!-- color announcement --> <div id=""wp-a11y-speak-polite"" aria-live=""polite"" aria-relevant=""additions text"" aria-atomic=""true"" class=""screen-reader-text wp-a11y-speak-region""> </div> <!-- select files --> <div class=""wp-uploader-browser"" id=""wp-uploader-browser-o_1d2saqvj4l3skgruvl1ejo1ejp3"" style=""display:none;""> <button type=""button"" class=""browser button button-hero"" id=""__wp-uploader-id-1"" style=""display: inline-block; position: relative; z-index: 1;"">Select Files</button> </div> }}} **Note**: This issue may be a duplicate with other existing accessibility-related bugs in this project. This issue comes from the Gutenberg accessibility audit, performed by Tenon and funded by WP Campus. This issue is GUT-41 in Tenon's report ''**Note**: The a11y-speak live regions are used in core as well. In several places. Thus, clearing the live regions shouldn't depend on a specific user action or scenario. It would require a more generic solution, preferably avoiding setTimeout() which seems to me a very fragile solution by its own nature.''" anevins 32 47148 Insufficient labelling and inappropriate nesting of form controls joedolson* Media normal minor Future Release defect (bug) accepted 2019-05-06T15:16:18Z 2024-02-05T20:03:21Z "Moved from the WPCampus accessibility report issues on GitHub, see: https://github.com/WordPress/gutenberg/issues/15288 * **Severity**: * Low * **Affected Populations**: * Blind * Low-Vision * Cognitively Impaired * **Platform(s)**: * Windows - Screen Reader * Windows - ZoomText * Mac - VoiceOver * Android - TalkBack * iOS - VoiceOver * **Components affected**: * Media Dialog **Issue description** In the ""Featured Image"" modal dialog's ""Media Library"" tab, users can choose an image to be the featured image; this is presented as a series of checkbox elements which, once checked, show a button to uncheck inside the custom checkbox element. This button is in the Tab order, however its only name is ""Deselect"", it doesn't tell the user what is being deselected. Users must infer what this button does from context, and may wonder why it's next to seemingly-ordinary checkboxes which themselves are natively unselectable. The button role of these buttons does not convey that the user is checking or unchecking an item, and their placement inside the checkbox elements is semantically confusing, and may be functionally confusing since one focusable element is nested inside another. Screen reader users hear that a list is present, yet find that they cannot navigate by list-items. **Issue Code** {{{ <ul tabindex=""-1"" class=""attachments ui-sortable ui-sortable-disabled"" id=""__attachments-view-53""> <li tabindex=""0"" role=""checkbox"" aria-label=""Marianne_Williamson"" aria-checked=""true"" ... class=""...""> <div class=""...""> <div class=""thumbnail""> <div class=""centered""> <img src=""...this-is-fine-300x200.jpg"" draggable=""false"" alt=""""> </div> </div> </div> <button type=""button"" class=""check"" tabindex=""0""> <span class=""...""></span> <span class=""screen-reader-text"">Deselect</span> </button> </li> ... </ul> }}} **Remediation Guidance** Allow the list semantics to remain available by not overriding the `<li>` elements' native list-item roles. Remove the `<button>` inside the checkbox and allow the original checkbox itself to be hidden and shown (perhaps styled with the custom checkmarks and ""-"" symbols, using the :before pseudo-element, as used in other checkboxes); hiding elements with opacity still allows speech recognition and screen readers to perceive the checkbox as though it were visible. The alt attribute inside the image will be able to label the checkbox if it's inside the `<label>` element. The checkbox now can offer both the image name and its state together in one unit, allowing users to always know what they are deselecting. **Recommended Code** {{{ <fieldset> <legend class=""screen-reader"">Media options result</legend> <ul tabindex=""-1"" class=""attachments ui-sortable ui-sortable-disabled"" id=""__attachments-view-53""> <li ... class=""...""> <input type=""checkbox"" id=""data_159""> <label for=""data_159""> <img src=""...this-is-fine-300x200.jpg"" draggable=""false"" draggable=""false"" alt=""Marianne_Williamson""> </label> </li> ... </ul> </fieldset> li { position: relative; } li>input { position: absolute; opacity: 0; ... } li input+label img { ... } li input:focus+label img { /* styles for focussed input */ /* include an actual outline in addition to box-shadow for high contrast users */ } li input:checked { opacity: 1; } li input:checked:focus, li input:checked:hover { /* change from checkmark to dash */ } li input:checked+label img { ... } }}} **Relevant standards** * 1.3.1 Info and Relationships (Level A) https://www.w3.org/TR/WCAG20/#content-structure-separation-programmatic **Note**: This issue may be a duplicate with other existing accessibility-related bugs in this project. This issue comes from the Gutenberg accessibility audit, performed by Tenon and funded by WP Campus. This issue is GUT-49 in Tenon's report" anevins 24 47154 "Prevent ""Call to undefined function: get_header()"" error in theme files" Bundled Theme 5.1.1 normal minor Awaiting Review enhancement new 2019-05-06T16:43:44Z 2021-05-11T18:29:15Z "Referencing a ticket from 14 years ago(!) (#1530), I would like to propose that the default WordPress themes - and the theme developer guidelines - be updated to include protection from accessing theme files directly. Accessing these files give PHP warnings, usually as follows: {{{ Fatal error: Call to undefined function: get_header() }}} Whilst @markjaquith was correct in stating that theme files are not supposed to be accessed directly, bots are finding their ways into theme folders (and triggering index.php) specifically, resulting in the errors being logged. I believe it'd be good practice to extend the recommendation from the ""Writing a Plugin"" documentation ([https://codex.wordpress.org/Writing_a_Plugin#Plugin_Files]) to the ""Theme Handbook"" ([https://developer.wordpress.org/themes/template-files-section/page-template-files/]) Following that recommendation, updating twentynineteen et al to include this (or at least code similar in intention) as the first lines of PHP coding. {{{ defined( 'ABSPATH' ) or die( 'No script kiddies please!' ); }}}" devonto 6 47160 Backport blocking of plugin updates if required PHP version is not supported dev-feedback Plugins 5.2 normal normal Future Release defect (bug) new 2019-05-06T21:46:08Z 2019-10-07T23:38:51Z "Follow-up from #43987 and #44350. Description from https://core.trac.wordpress.org/ticket/43987?cnum_edit=46#comment:41 With WordPress 5.2 requiring at least PHP 5.6, many plugin authors will start updating their plugins to also require PHP 5.6. This is fine for users running WordPress 5.2, but for users on older versions of WordPress they'll start receiving update notifications for plugins that they may no longer be able to run if they're using a version of PHP older than 5.6. If the user updates such a the plugin then they'll likely start seeing fatal errors. Backporting the changes that prevent updates from being served to sites that don't meet the plugin's minimum PHP version will help avoid users on older branches finding themselves updating a plugin to a version that no longer works. " azaozz 14 47164 map_deep in formatting.php do not handle null-byte dev-feedback Formatting 5.2.2 normal critical Future Release defect (bug) new 2019-05-07T08:40:16Z 2023-02-23T23:52:33Z "{{{#!php <?php foreach ( $object_vars as $property_name => $property_value ) { $value->$property_name = map_deep( $property_value, $callback ); } }}} The above code snippet in the function map_deep in formatting.php will trigger a fatal error if for some reason $property_name starts with a null-byte. null-bytes can exist in this context if $object_vars for some reason is from an object cast to an array. private and protected properties will be prefixed with null * null We've encountered it in the wild with serialized objects, and even though this is because of faulty programming (child classes with stricter access for properties than the parents) wordpress should handle this. The simples solution I can think of id to add: {{{#!php <?php foreach ( $object_vars as $property_name => $property_value ) { **if (ord($property_name) === 0) { continue; }** $value->$property_name = map_deep( $property_value, $callback ); } }}} " bitcomplex 18 47165 Admin menu: submenu for active menu doesn't have box-shadow dev-feedback Administration normal normal Awaiting Review enhancement new 2019-05-07T08:49:12Z 2020-08-03T17:12:39Z Submenu for active menu doesn't have box-shadow, please check screenshots. man4toman 7 47166 When option gmt_offset is blank, wordpress will give a 500 error Options, Meta APIs 5.1.1 normal minor Awaiting Review defect (bug) new 2019-05-07T11:05:16Z 2019-05-07T11:05:16Z "If for any reason the gmt_offset option is """", wordpress will give a type error: A non-numeric value encountered in /wp-includes/functions.php on line 70 and 162 This can then only be solved by editing the database or reinstalling wordpress as the settings page cannot be loaded. If a default value would be set (e.g. 0), the user can fix the problem in the settings page. " silvanthus 47170 wp_sensitive_page_meta breaks login on iPad devices Login and Registration 5.0 normal major Awaiting Review defect (bug) new 2019-05-07T16:28:57Z 2019-05-17T10:58:38Z "iPad Safari will throw a {{{ Failed to set referrer policy: The value 'strict-origin-when-cross-origin' is not one of 'no-referrer', 'origin', 'no-referrer-when-downgrade', or 'unsafe-url'. Defaulting to 'no-referrer'. }}} on wp-login.php page because it does not understand strict-origin-when-cross-origin value for the referer policy. This effectively breaks the login completely at least on nginx sites. Present starting with 4.9.10 (5.0.0 if chronologically)." madhazelnut 3 47171 Incorrect cursor used on buttons Administration normal normal Future Release defect (bug) assigned 2019-05-07T17:15:59Z 2022-02-04T16:23:50Z "Moved from the [https://github.com/WordPress/gutenberg/issues/created_by/karlgroves WPCampus accessibility report issues on GitHub]. [https://github.com/WordPress/gutenberg/issues/15343 Issue #15343] Severity: Low Affected Populations: - Low-Vision - Cognitively Impaired Platform(s): - All / Universal Components affected: -Global == Issue description Buttons throughout the application use the pointer cursor instead of the default. The use of consistent and relevant cursors may be important for users who have a cognitive disability, since cursors give a visual clue as to an element's functionality. Using the pointer cursor for elements which do not typically show that cursor may be confusing or counter-intuitive for users. **Issue Code** {{{ label { cursor: pointer; } .wp-core-ui .button, .wp-core-ui .button-primary, .wp-core-ui .button-secondary { cursor: pointer; ... } input[type=checkbox], input[type=radio] { cursor: pointer; ... } .components-button { cursor: pointer; ... } }}} **Remediation Guidance** Only controls that navigate users to new pages/views should have the cursor set to pointer, while controls performing push-button type actions use default. **Recommended Code** {{{ label { cursor: default; } .wp-core-ui .button, .wp-core-ui .button-primary, .wp-core-ui .button-secondary { cursor: default; ... } input[type=checkbox], input[type=radio] { cursor: default; ... } .components-button { cursor: default; ... } }}} **References** [https://www.w3.org/TR/CSS22/ui.html#cursor-props] Note: This issue may be a duplicate with other existing accessibility-related bugs in this project. This issue comes from the Gutenberg accessibility audit, performed by Tenon and funded by WP Campus. This issue is GUT-9 in Tenon's report" nrqsnchz 34 47187 <!--more--> tag on same line as content prevents any edits to that line SergeyBiryukov* has-patch Editor 5.2 normal normal Awaiting Review defect (bug) accepted 2019-05-08T17:42:54Z 2020-11-23T02:56:44Z "Hi, We have noticed a bug in WordPress that prevents any edits to the line with a <!--more--> tag if the tag is on the same line at the end, like so: {{{ Test. <!--more--> Test2 }}} If you enter this into Text mode, then switch to Visual mode and move the cursor right after ""Test."" you won't be able to insert any characters. I tested this on 5.1 and 5.2." archon810 12 47188 Ensure that valid json is return for rest api, even when correct headers not sent. spacedmonkey REST API 4.4 normal normal Future Release defect (bug) assigned 2019-05-08T17:46:47Z 2021-01-03T22:00:19Z "Current when wp_die is called in php fatal error handler, valid json is only returned when json headers are returned as the function `wp_is_json_request` is used. See [https://core.trac.wordpress.org/ticket/45933 #45933]. However, core could do more to return json when it knows the current request is a REST API call. " spacedmonkey 30 47192 Allow users to enter recovery mode via their registered email has-patch Site Health 5.2 normal normal Awaiting Review enhancement new 2019-05-08T18:28:43Z 2020-04-22T18:11:50Z "In WordPress 5.2 recovery mode was added. Recovery mode is entered when by clicking on a special link sent in an email. The email is sent to the `admin_email` which is stored as an option. However, the current manager / administrator may not have access to this email inbox. Users with the `activate_plugins` capability should be able to request a recovery link sent the user's register email via form, similar to the forgotten password form. This request recovery link form, should always be available (default recovery mode on this single page). The unique recovery link key, should likely be stored in user meta with the possibility to work with multisite setups in the future. " spacedmonkey 20 47194 Posts endpoint: Enable collection parameters for querying by custom field REST API 4.7 normal normal Future Release enhancement new 2019-05-08T20:40:35Z 2020-10-25T03:29:27Z "Before the REST API was merged into Core, meta queries were possible via a filter parameter: {{{ posts?filter[meta_key]=foo&filter[meta_value]=bar }}} This was [ticket:38378 removed] when the API was merged. In a [https://wordpress.slack.com/archives/C02RQC26G/p1557261445107000 recent Slack discussion] @kadamwhite mentioned this was due to the potential for very expensive DB queries, but that improvements to meta registration in subsequent versions of WP may have made this more possible. There are abundant use cases for being able to query posts via the API based on postmeta values, but I haven't been able to find any other Trac tickets about this. So I'm asking the question: would this be feasible now?" coreymckrill 2 47207 Specific custom permalink 404 on archive page Permalinks 5.2 normal normal Awaiting Review defect (bug) new 2019-05-10T00:22:54Z 2019-05-10T02:15:23Z "If we set a custom permalink of /%year%/%monthnum%/%day%/%postname%/ archive pages will be /2019/05/ If we want european/asian/african/southamerican D/M/Y date format /%monthnum%/%year%/%postname%/ archive pages will be /2019/05/ US format but doesn't matter, at least it works but with this permalink: /%day%/%monthnum%/%year%/%postname%/ archive pages (at least on archive widget) will be /05/2019/ Which looks good But returns 404 with default wp and theme and WP 5.1.1 or 5.2 tried to go to /2019/05/ but 404 too" briandd 1 47210 Allow html on site health titles and description dev-feedback Site Health 5.2 normal minor Awaiting Review enhancement new 2019-05-10T07:37:41Z 2022-09-05T20:27:28Z "Hello there, In /wp-admin/site-health-info.php#L115 we have this: {{{ <?php echo esc_html( $details['label'] ); ?> }}} So we don't allow HTML content ? why!? I propose the usage of wp_kses_* to allow clean html content. Also line#141 we have this: {{{ printf( '<p>%s</p>', $details['description'] ); }}} We clearly allow any html, so I propose to sanitize using wp_kses_* too, we don't want embed/iframe/script here right? Thank you for your feedback." juliobox 7 47211 using amp in search show all post / pages with the & Query normal normal Awaiting Review defect (bug) new 2019-05-10T08:50:16Z 2019-05-10T13:19:59Z "as the & is a & i get all pages in the search result with a &, when searching for an amp. this happens on various wordpress page where a & is in the name. but as a result, this is wrong. i found this bug, as i'm building a page for a lending company, lending amp (amplifiers)." paolo_wp 47218 Update TinyMCE to 5.X.X or 6.X.X dev-feedback TinyMCE normal normal Awaiting Review enhancement new 2019-05-10T17:41:21Z 2023-09-08T21:08:30Z "TinyMCE Version 5.0.5 has been released on May 9, 2019, see: https://www.tiny.cloud/docs/release-notes/release-notes50/ https://www.tiny.cloud/docs/changelog/ Don't we want to keep it up to date? It ''could'' break things, though, see : https://www.tiny.cloud/docs/migration-from-4x/ related: #47205" Presskopp 34 47221 Plugin Search Menu (Enhancement Suggestion) Plugins normal normal Awaiting Review enhancement new 2019-05-10T20:35:21Z 2019-05-10T20:35:21Z "Hello dear developers, when I want to install new plugins, and I search for a popular keyword (within the WP CMS), I can look through thousands of plugins. But what makes the search more tiresome and frustrating **is that the search results include all ages of plugins**, also those that are not recommended for my WordPress version, because they have not been updated, some of them for a VERY LONG TIME. It would be a relieve for me and other WP users if the dear WP developers could create a check box or something similar that will refine from the beginning the search results by a criteria of **actuality**, so that only those plugins appear that can be handled safely by my current WP version. It could be turned off by more experienced WP developers, so I think it should be optional (checkbox?), but still recommended. Thank you very much." ibkarpowski 47237 Used different escape function on options-media.php has-patch Media normal trivial Awaiting Review enhancement new 2019-05-11T16:02:00Z 2019-05-11T16:33:37Z "I have checked the options-media.php file and found two different escape function. Example: {{{ 1) <input name=""upload_path"" type=""text"" id=""upload_path"" value=""<?php echo esc_attr( get_option( 'upload_path' ) ); ?>"" class=""regular-text code"" /> 2) <input name=""thumbnail_size_w"" type=""number"" step=""1"" min=""0"" id=""thumbnail_size_w"" value=""<?php form_option( 'thumbnail_size_w' ); ?>"" class=""small-text"" /> }}} " dilipbheda 1 47243 Importers aren't being maintained Import normal normal Awaiting Review defect (bug) new 2019-05-12T08:31:45Z 2022-09-29T05:49:51Z "There's some discussion about the Tools Menu, like in #46458, #46745 or #47012 etc. I say the Tools > Import screen is deprecated. We find here some old, not maintained and sometimes even unusable Tools. This needs a cleanup. Blogger (Blogger Importer) Version: 0.9: Last Updated: **2 years ago** / Active Installations: 100,000+ Blogroll (OPML Importer) Version: 0.2: Last Updated: 10 months ago / Active Installations: 20,000+ Categories and Tags Converter (Categories to Tags Converter) Version: 0.5: Last Updated: **5 years ago** / Active Installations: 80,000+ LiveJournal (LiveJournal Importer) Version: 0.5: Last Updated: **5 years ago** / Active Installations: 10,000+ Movable Type and TypePad (Movable Type and TypePad Importer) Version: 0.4: Last Updated: **3 years ago** / Active Installations: 60,000+ RSS (RSS Importer) Version: 0.2: Last Updated: 10 months ago / Active Installations: 50,000+ Tumblr (Tumblr Importer) Version: 0.8: Last Updated: 1 year ago / Active Installations: 20,000+ WordPress (WordPress Importer) Version: 0.6.4: Last Updated: 5 days ago / Active Installations: 4+ Million " Presskopp 7 47256 Use composer to install and update external PHP libraries has-patch Build/Test Tools 5.2 normal normal Awaiting Review enhancement new 2019-05-13T18:23:42Z 2019-09-17T14:04:26Z "As of WordPress 5.2, the minimum version of PHP requires was changed to 5.6. This opens up some options around how PHP dependencies can be managed. [https://getcomposer.org/ Composer] is a popular PHP dependency manager similar to npm or yarn for javascript. WordPress core has support already got [https://github.com/WordPress/wordpress-develop/commit/39a145e0e1e442b4bed8921029c86800a804af60#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780 support for composer] since 4.7. Since 5.0, many of the javascript dependancies are now loaded in using npm, php should have a similar build step. Here are a list of dependancies that could be loaded in using composer. - [https://github.com/JamesHeinrich/getID3 ID3] - [https://github.com/rmccue/Requests Requests] - [https://github.com/LeoColomb/pomo Pomo] - [https://github.com/simplepie/simplepie SimplePie] - [https://github.com/paragonie/sodium_compat sodium_compat] - [https://github.com/paragonie/random_compat random_compat] - [https://github.com/pear/Text_Diff Text_Diff] If there are modification to these library in core, these libraries should be forked and maintained outside of core. Composer has a custom install path feature, that may allow us to maintain the current file structure. However, it may mean creating a new vendor directory (wp_vendor) and use autoloading. Loading composer these via composer will remove a lot of the bloat of the code case, will make it easier for the core to manage updates in the future. " spacedmonkey 10 47266 Template of shutdown handler for fatal errors should not be displayed for CLI scripts Site Health 5.2 normal normal Awaiting Review defect (bug) new 2019-05-14T17:27:13Z 2019-06-24T16:10:01Z "When running a CLI script that has a syntax error, the template's raw HTML and CSS are output to the command line. I don't think that the shutdown handler for fatal errors should be loaded in a CLI context; instead, the default PHP behavior should be used instead. This should handle the case where the CLI script is being run through WP-CLI, and also older scripts that were built before WP-CLI existed, which just load WP manually (i.e., check `'cli' === php_sapi_name()` rather than `defined( 'WP_CLI' )` )." iandunn 3 47268 Vimeo videos not working on Chrome audrasjb reporter-feedback Widgets normal normal Awaiting Review defect (bug) reviewing 2019-05-14T18:19:54Z 2019-09-06T19:27:03Z "I noticed that if you use the Video widget to add a video from Vimeo, it will not work in Chrome browsers (at least on Mac). It works fine in other browsers. Visually, a second set of video controls appear on top Vimeo's video controls. Confirmed this on different servers, with different sites, and with different themes. Steps: 1. Go to Appearance > Widgets or Appearance > Customize, 2. Add Video widget 3. Click ""Add Video,"" then ""Insert from URL,"" then enter a Vimeo URL. 4. Visit a page on Chrome which has that widget. 5. Observe that pressing play has no effect." luciantucker 21 47278 General settings page allows html tag. reporter-feedback Options, Meta APIs 5.2 normal normal Awaiting Review defect (bug) new 2019-05-15T11:38:45Z 2019-05-15T20:07:55Z In the General Settings page, when we add HTML tags into the text fields. It allows admin to save those settings with HTML tags. Please see the screenshot link: [https://prnt.sc/nout9b] parthsanghvi 1 47279 $post object passed to clean_post_cache action can contain outdated values needs-unit-tests Posts, Post Types normal normal Future Release defect (bug) new 2019-05-15T14:28:45Z 2019-05-15T21:57:01Z "This occurs when publishing or deleting a post. In the `clean_post_cache()` function, `get_post( $post )` is called and assigned to `$post`. At that moment, the value of the `$post` parameter `post_status` = `draft` if publishing, `publish` if deleting the post. There is then a call to `wp_cache_delete( $post->ID, 'post_meta' );`, which correctly updates the value of post_status, if you perform another `get_post()` right after. But, the `$post` object is then passed to the action `clean_post_cache`, with the outdated values instead. So if someone hooks a function on `clean_post_cache`, and uses the `$post` object passed, it's going to receive incorrect values compared to what would be expected. But if you perform a `get_post()` inside that function, you will get the correct values. I only tested this with the `post_status` parameter, but this might be affecting others too. I would expect that the `$post` object passed to the `clean_post_cache` action contains up-to-date values." tabrisrp 47280 SQL_CALC_FOUND_ROWS is deprecated as of MySQL 8.0.17 johnbillion has-patch Database normal normal Future Release enhancement reviewing 2019-05-15T14:34:03Z 2024-02-22T07:49:16Z "Per https://dev.mysql.com/doc/refman/8.0/en/information-functions.html#function_found-rows > The SQL_CALC_FOUND_ROWS query modifier and accompanying FOUND_ROWS() function are deprecated as of MySQL 8.0.17 and will be removed in a future MySQL version. As a replacement, considering executing your query with LIMIT, and then a second query with COUNT(*) and without LIMIT to determine whether there are additional rows. This is not yet immediately important because most hosts are on 5.5, or 5.6, rarely 5.7, but given the speed with which trac tickets move that impact very core functionalities, I thought it best to open this ticket to get the work started. This impacts all the 6 places where it's being used, though one of them is in the WP_Query definition." javorszky 59 47285 Better Management of External Asset Dependencies Script Loader normal major Awaiting Review feature request new 2019-05-15T18:36:15Z 2021-01-25T22:53:10Z "**Tl;Dr**: there **must** be a way for WordPress Plugins to indicate compatible versions of external dependencies, so as to reduce enqueuing multiple copies of the same external library. The issue is urgent with the ecosystem's migration to Blocks. **Problem** We've all been there; you install 3 plugins, and your website is enqueuing four copies of FontAwesome, and two copies of Bootstrap. Plus an extra one of each from your theme. Plus 3 different datepicker libraries and two `<select>` enhancements. For most end-users, the buck stops there a their websites are left wasting precious resources loading things they don't need, further proof for detractors that WordPress and Performance are contradictory. For tech-savvy users and developers the headache just begins, and they begin to dequeue assets by trial-and-error, making sure everything is still compatible. And again each time anything updates. Then there's the impending nightmare scenario: with the move from encompassing plugins to individual functionality Blocks, and the encapsulated dependencies each one will inevitably need to include to function autonomously (especially if/when the new Block Installer kills the need for All-in-One block plugins), **the number of unnecessary, duplicate dependencies is about to grow exponentially**. **Solution** WordPress needs to allow developers to define what external libraries and compatible versions their code requires, so it can automatically load only one copy of the necessary assets. **Proposal** ''Warning: I'm nowhere close to being a DevOps expert. While I stand by the issue and generic solution, there's a 95% chance that the the proposal is ineffecient at best, and inherently flawed at worse. This goes doubly for any functions I'm making up on the spot.'' **1.** Allow users to semantically define what external dependencies they're using. While WordPress is smart enough not to load identical asset handles, those handles are semantically meaningless. It's bad practice to give your external asset a generic name (there are times where you ''need'' a specific version or copy of an asset, else you'll have conflicts and incompatibilities), you currently end up with `plugin-bootstrap`, `my-bootstrap`, `bootstrap-four`, and `bootstrap`, with no way to know that 2 of them are the exact same file, and the 3rd one's source will work perfectly with that version. A function, such as `wp_define_asset_library($handle, $library_name)`, would let WordPress know that all four files are actually Bootstrap, and you probably need to enqueue only one one them. Want to use FontAwesome Pro instead of the free version? You could then simply dequeue all of them with the `$library_name`, instead of trying to figure out what each plugin author decided to call the one they bundled. **Bonus**: Throw in a conditional `is_library_registered($library_name)`, and Block Authors could support both jQuery.Datepicker and PickaDate, and you wouldn't need to be running two JS libraries that do the same thing just because you're using blocks from two different authors! Hashtag Open Ecosystem. ''Note: a standard naming convention for dependency names would need to be agreed upon. I'd suggest using the official repository name, but as I said in my disclaimer, I don't know squat.'' **2.** Let Developers define supported versions of the library. By giving a extra argument to our function above, and we've solved the headache of version conflicts! Defining `$vers`, WordPress will be able to look at all 3 different versions of `bootstrap` and automagically know which one to include! Plugin A requires `4.1.1`, Plugin B `^4.0`, and Plugin C is still stuck with `~3.0.5`, and suddenly you've been able to drop a redundant library but your legacy plugin is still working fine! Imagine a world where you could use jQuery 3.4 without worrying about WordPress' precious back-compat. Heck, imagine being confident enough to get rid of jQuery as a frontend dependency althogether, because you know for certain only one plugin is using it, and it offers a vanilla JS alternative (via the conditional in #1)! **Bonus**: If two versions need to be included, WordPress could even tell the plugin to 'auto-encapsulate' one of them! Say goodbye to manual 'No Conflict Modes' and hours of plugin support time wasted telling end-users ""Our plugin is incompatible with one of your other installed plugins. Disable them one-by-one until you find the culprit, and then bet it's developer to update it's version of select2"", and hello to increased interoperability! ''Note: suggested practice would be for the developer to include the most up-to-date version compatible with their plugin, while declaring compatibility for earlier versions. WordPress would would then include the most-recent version(s) from whichever source meets the criteria.'' **Implementation & Backwards Compatibility** Again, I'm no expert, but from my utterly uninformed point of view, this is easy to implement both without breaking backwards compatibility, and possible improving it going forward. `wp_register_script` and `wp_register_style` get one extra parameter: `$library_name`. `$ver` gets a check to see if it's a number or the min/max version syntax. If we're worried about human readability then you put `$library_name` as the fifth argument and if it's a boolean you treat it as the old in footer. Ditto for if you use `wp_enqueue_whichever` to register the asset when enqueuing. If the script is already registered, it checks whether there's an associated library before doing the enqueue process (below). A new function `wp_define_asset_library($handle, $library_name, $ver)` (yeah this shouldn't be the actual name) lets either the plugin developer, or ''more importantly'' the user, easily associate any external assets declared the old way with an external library. The `$wp_scripts` global, essentially stays the same but with the new array value. I'm not a performance expert but maybe another global `$wp_script_libraries` contains a multidimensional array of `$library_name`s, with the defined handle and version of each. The enqueue process checks if `$library_name` is defined, and if so begins the automagical process of figuring out which asset to enqueue: -parses the version requirements for all the same libraries. -If several are in the same range it enqueues the highest compatible version version. -any versions that aren't in a range, and any assets that don't have an external library are enqueued normally. `wp_dequeue/deregister_style_library($library_name, $versions)` and `wp_dequeue_script_library`, gets rid of all associated assets in that range. `is_library_registered($handle, $vers)` let's you do cool things like support multiple libraries based on what other plugins, or choose whether to to register an asset altogether (e.g. use jQuery.Datepicker if it - or jQuery is enqueued, else register a vanilla JS version). Similarly, `$is_enqueued_multiple_times(handle)`, let's authors prepend a `$noconflict_prefix` when necessary. --------------------- Again, I'm sure there's a bunch of unseen issues with this, but end of the day the switch to Blocks (and especially the push for individual blocks decoupled from a larger plugin) is going to bring around an external library apocalypse. We need to find and implement a solution, and soon! " justlevine 5 47292 Heartbeat API cause Apache/PHP to exhaust memory Administration 5.2 normal critical Awaiting Review defect (bug) new 2019-05-16T11:11:46Z 2019-05-16T12:17:26Z "WordPress 5.2 Apache/2.4 MPM Prefork (Debian9) PHP 7.0 Also tried upgrading to PHP 7.2 What you expected to happen: Apache memory footprint should remain stable. Steps to reproduce: Install click-to-deploy-images-wordpress-ha from Google Marketplace. Upgrade to WordPress 5.2 Import and edit some posts in WordPress Admin Observe Client side: Examine headers in Chrome Console specifically /wp-admin/admin-ajax.php Observe Server side on Admin VM : Monitor apache memory with: free -m or htop Tried: Upgrading to PHP 7.2. Tweaks in wp-config.php define( 'AUTOSAVE_INTERVAL', 600 ); define( 'WP_POST_REVISIONS', false ); define( 'MEDIA_TRASH', true ); define( 'DISABLE_WP_CRON', true ); define( 'WP_MEMORY_LIMIT', '256M' );" mailandguardian 1 47296 Attachments with very long filenames fail to save to the database Upload normal normal Awaiting Review defect (bug) new 2019-05-16T17:51:39Z 2022-01-04T19:22:50Z "When an attachment is uploaded and the `attachment` post is inserted into the database, the `guid` is set to the attachment URL. The `guid` database column is limited to 255 characters, so a very long domain/filename combination can result in the post failing to save to the database with the vague message ""Could not insert post into the database"". The uploaded file does not get deleted from the uploads directory, and further attempts to upload the same file without renaming it will result in a different error, ""The uploaded file could not be moved to {location}"". The issue occurs in `wpdb::strip_invalid_text()` and `wpdb::process_fields()`. `wpdb::strip_invalid_text()` trims the field contents down to 255 characters, and `wpdb::process_fields()` fails as a result of this data change. The root cause is the same as #32315, though I believe this should still be tracked and handled separately. Judging by the trajectory of #32315, the user would be presented with a cryptic database-focused error message, whereas a better solution for this problem would be that the attachment successfully inserts. === To Replicate 1. Create a file and give it a name composed of 240+ characters (the ""tipping point"" length depends on the site's domain, amongst other factors, so this error can occur with shorter filenames). 2. Upload the file to WordPress anywhere media can be added. 3. The database insert should have failed with the error message, ""Could not insert post into the database"". 4. Attempt to upload the same file again to observe the error message, ""The uploaded file could not be moved to...""" mboynes 3 47301 Core_Upgrader class not extending or working properly reporter-feedback Upgrade/Install normal normal Awaiting Review defect (bug) new 2019-05-17T07:55:53Z 2019-05-20T01:06:07Z "It might be the first time as I am trying to create manual functionality via extending **Core_Upgrader** class. And it's not working same like WordPress Updates doing by default or not giving response too! Ref. https://wordpress.org/support/topic/looking-for-the-help-core_upgrader/ Let me attach some screenshots here. --- Actually, what I am trying to do? Getting a list of WordPress Updates and selecting the latest one and do a manual update with Ajax call. Ref. https://developer.wordpress.org/reference/functions/get_core_updates/ " techeshta 3 47305 PHP Warning with PHP 7.3 reporter-feedback HTTP API 5.2 normal normal Awaiting Review defect (bug) reopened 2019-05-17T11:14:56Z 2020-04-24T00:27:00Z "My PHP version: 7.3 I can see following error in the error_log {{{ [17-May-2019 11:09:51 UTC] PHP Warning: http_build_query(): Parameter 1 expected to be Array or Object. Incorrect value given in /home/onnetsri/public_html/wp-includes/Requests/Transport/cURL.php on line 508 }}} Please make a fix for this issue" onlanka 5 47306 comment reply event listener: need ability to run custom js function Comments 5.1 normal normal Future Release enhancement reopened 2019-05-17T16:24:11Z 2019-06-20T16:32:16Z "I wrote the comment-tweaks plugin, which adds the tinymce editor to the comments field. When threaded comments are enabled, clicking on a Reply link moves #comment within the dom, and that breaks tinymce - I need to be able to run a bit of js when a Reply link is clicked to remove the editor, then move the element, then add the editor back. Prior to 5.1, the comment reply link had an onclick attribute calling moveForm(), and I simply overwrote the single onclick handler with a custom one. This is/was a bit of a hack, but worked fine (as long as no other plugin was hoping to also take over onclick). Recent changes (#46260) to comment replying changed how event listeners are handled for the comment Reply and Cancel reply buttons, which now uses a MutationObserver to (re)add click/touchstart listeners every time the document body changes. I can no longer overwrite the onclick handler, as it will be re-added in subsequent document changes. I could probably add my own MutationObserver, handle the race of which fires first, and continue to overwrite the core click/touchstart event handlers, but this is just another hack and I would rather fix it correctly, where other plugins could utilize event handlers on those links as well. Note that I need more than just the ability to add my own event listeners, as they fire in the order they were added, and I need to remove the editor prior to moving #comment (addComment.clickEvent() firing), and add it again afterwards. A javascript ""action hook"" that fires in clickEvent() ahead of moveForm() and another which fires afterwards may be a viable solution. (And another pair of ""action hooks"" in cancelEvent().) Probably could make the entire click/cancel event handlers just call the action hook and add the current clickEvent/cancelEvent code in functions called via those same hooks, so they could be overridden if needed? (I don't need to overwrite them myself if I can order a call before and after them, but perhaps other plugins would.)" jnorell 7 47307 wp_insert_post: status 'future' is saved although 'publish' selected has-patch Posts, Post Types 5.2 normal normal Awaiting Review defect (bug) new 2019-05-17T16:55:15Z 2019-05-17T16:55:15Z "If I change the title of the page using the customizer, the changes are not saved because the changeset post is saved with status 'future' although 'publish' selected. I debugged the issue and found the following fragment of code of wp_insert_post is causing the issue: {{{#!php <?php if ( mysql2date( 'U', $post_date_gmt, false ) > mysql2date( 'U', $now, false ) ) { $post_status = 'future'; } }}} This piece of code has no sense, because when the status is set as ""publish"", we don't want to change artificially to ""future"" because the publish date is now. It seems an issue with some versions of PHP/MYSQL, since is working on my local host (Windows) but not on the production server (PHP7.0, Ubuntu). I debugged the components of the comparison: {{{ $now => 2019-05-17 16:32:59 $post_date_gmt => 2019-05-17 18:32:59 mysql2date( 'U', $post_date_gmt, false ) => 1558110779 mysql2date( 'U', $now, false ) => 1558103579 }}} The date/time configuration of the server is: {{{ root@srvde1 ~ # date Fri May 17 18:33:24 CEST 2019 }}} There are other affected users over the years, searching on the Internet ""customizer does not save changes"". " daniol 47310 Add Column Taxonomy Links Filter to Media List Table Taxonomy normal normal Awaiting Review enhancement new 2019-05-17T19:13:30Z 2021-12-12T06:46:06Z "The [https://developer.wordpress.org/reference/hooks/post_column_taxonomy_links/ 'post_column_taxonomy_links' filter] allows the taxonomy links in the post list tables to be filtered. This could be useful in the media list table as well (especially to ensure consistency). It would be great if there were a corresponding filter in the WP_Media_List_Table that behaved the same way. Perhaps 'media_column_taxonomy_links'? See ticket:42669 / changeset:44822" drivendevelopment 47314 "Add ""parent"" parameter to get_term_by" Taxonomy normal normal Awaiting Review feature request new 2019-05-17T22:13:02Z 2019-12-13T16:33:20Z "There has been some discussion around some inconsistencies in the way `term_exists()` handles the input string and sometimes can have unexpeceted results. The most recent discussions about this can be seen in #47099, #45333 and #32248. The current recommendation is to use `get_term_by()` instead, so you can explicitly inform what field you are checking and get the right result. However, `get_term_by()` does not support a `parent` argument, which makes it not a full `term_exists()` replacement. In #47099 @boonebgorges suggested we opened an enhancement ticket to discuss this addition to this function. And here it is! :) Looking at the function and all parameters it gets, we would have to decide how to support this. This would be the first question to ask if one was to try an approach for this. Adding as a new parameter does not look so good because there already many and it would force the developer to use all of them if he/she wanted to use `parent`. However adding support for a field like `name_and_parent` or something like this, and having an array passed as the `$value` doesn't look so pretty either. What do you think? " leogermani 2 47315 Download authenticity message has no actionability Upgrade/Install 5.2 normal normal Future Release defect (bug) new 2019-05-18T11:11:24Z 2023-08-22T01:57:18Z "== Problem While testing some upgrades of themes I noticed the following message: The authenticity of twentynineteen.1.4.zip could not be verified as no signature was found. As a user I have no idea what this means and more importantly, what I can do about it. == Proposed solution Add more context about what it means, why it is a not a blocker (soft-fail) when this is the case. This could be a page on WordPress.org or explained in-line. Provide a context on where this should be solved, locally/server/WordPress.org === Expectations I would have expected the theme update to be verified as it is downloaded from WordPress.org directly. " jipmoors 13 47316 Improve the admin User Profile page, the user interface is not user friendly. reporter-feedback Users normal minor Awaiting Review enhancement new 2019-05-18T12:15:56Z 2019-05-18T16:12:50Z "The admin User Profile page, which allows you to edit a user's details and credentials, is horrendous. The edit User Profile page, is used by many plugins, namely woocommerce. For non-techy types, such as staff members of a online retail company who work in admin or operations, the user interface of this edit user profile page is very difficult to use. I have considered creating a plugin for a completely separate admin panel so staff do not need to access /wp-admin, which could be more user friendly then the existing admin edit user profile page. Please make the admin pages more user friendly." sirwan 2 47322 scenario based-bug in the file load-style.php Script Loader 5.2 normal normal Awaiting Review defect (bug) new 2019-05-20T01:29:27Z 2019-05-20T12:04:06Z "Technically the file load-style.php has a bug, however it is a scenario based-bug so it rarely occurred. Not going in to so much details of PHP the problem is with the variable $out concatenation of ""$contents"" used in the foreach loop, i.e., O(n) complexity issue - the allocated buffer is exhausted assigned by PHP during the single http request execution. The better and optimized way is: move the ""header"" just the above ""foreach ( $load as $handle )"" loop statement. remove ""$out"" , i.e., echo $content rather concatenating into $out. I had this issue during installing app on my local machine, and solved it happily by doing changes that way." asimbaki 47336 Consider adding a JS/Client based Site Health Check for the REST API close Site Health 5.2 normal normal Awaiting Review enhancement new 2019-05-21T10:01:07Z 2020-10-25T07:33:16Z "Related discussion https://wordpress.slack.com/archives/C02RQC26G/p1558429627205600 At the moment, the Site Health Page includes a REST API check that is based on a `wp_remote_get` call to the posts endpoint. The problem with this approach is that it only catches issues if they're on the PHP side of things. In the Gutenberg repo, we noticed that there are a lot of issues related to Firewalls... breaking the REST API calls. The idea here is to consider adding a check to the site health page performing a REST API endpoint call triggered from the client (JS). That way it will go through the regular flow of REST API endpoint calls gutenberg and other clients will use. " youknowriad 4 47338 is_super_admin() should check a different capability Role/Capability normal normal Awaiting Review defect (bug) new 2019-05-21T14:07:18Z 2019-09-23T09:56:35Z "Currently is_super_admin() returns true in case the user has the delete_users cap (in case of a single site). Since admins may want to delegate users managemente capability, IMHO a more appropriate capability to check is 'activate_plugins' or, better, check more than a single capability." lllor 2 47339 Tags S and Š Taxonomy 5.2 normal normal Awaiting Review defect (bug) new 2019-05-21T14:57:16Z 2023-07-09T16:43:46Z "I've made tags with initial letters ... So i have two tags ""S"" and ""Š"" (slug ""s"" and ""s-2""). When I try to add the tag ""Š"" in the post, after I save the post WP, I tag ""S"" instead of ""Š""? Is this a mistake or how can I fix my problem by adding the tag I want? The same problem is with letters - C, Č and Ć - Z and Ž" Colics 9 47350 Add method to get JSON from a file without using file_get_contents() Script Loader 5.3 normal normal Awaiting Review enhancement new 2019-05-22T18:39:40Z 2019-05-22T19:51:49Z "This came up on a discussion about the use of `file_get_contents()` in WP Themes. Right now that function is banned and for good reason on w.org themes since it can be grossly abused and lead to malicious code. However, recently it became a recommendation in https://github.com/WordPress/gutenberg/blob/9ce596cd568d30c76fd4a0257e2872da91d4966a/packages/dependency-extraction-webpack-plugin/README.md#wordpress There was further discussion in the #core-editor slack channel - see https://wordpress.slack.com/archives/C02QB2JS7/p1558546491251400 for reference. The suggestion was to add a new method/function to get what is required, without forcing plugin and theme authors to use `file_get_contents()`, and we could add any security checks required in that function." aristath 3 47352 Take into account the current admin email address when rate limiting the recovery mode email dev-feedback Site Health 5.2 normal normal Future Release defect (bug) new 2019-05-22T20:28:27Z 2022-09-19T17:02:17Z "Here's a process which I've seen occur twice in the last few days: * A change to a site was deployed and a fatal error gets triggered somewhere. * The recovery mode email was sent out. * The developer checks the current value of the admin email address and discovers it belongs to someone who left the company years ago. * They change the admin email address to their own email address and re-trigger the fatal error, but the recovery mode email doesn't get re-sent to the new address because there's a one day rate limit in place. This prevents the user from enabling recovery mode for at least a day. The option that acts as the ""last sent"" record for the recovery mode email (`recovery_mode_email_last_sent`) should take into account the admin email address, for example by hashing it and including it in the option key. Aside: Is there a reason an option is used instead of a transient?" johnbillion 9 47359 Unable to distinguish post formats when viewing list tables on mobile Post Formats 5.2.1 normal normal Future Release defect (bug) new 2019-05-23T01:03:32Z 2021-04-27T16:51:41Z "Post format icons were recently removed from post list tables and a post format dropdown menu introduced to allow people to filter posts by format. See #46591 and [44961]. On narrow screens, however, the filter tools are hidden leaving mobile users with no way distinguish the format of their posts. I suggest we revisit the decision to remove post format icons and consider the mobile user experience." ajfleming 9 47389 Display warning message on the Updates screen when a VCS is in use Upgrade/Install 3.7 normal normal Awaiting Review enhancement new 2019-05-25T13:42:18Z 2023-02-15T20:13:29Z "When a version control system is in use, an appropriate warning message should be shown on the Updates screen, recommending that updates be performed via their VCS instead. The update action shouldn't be blocked, though. Similarly, for every plugin and theme that has an update available, WordPress should check whether the individual plugin or theme's directory is under version control and present a similar warning because updating a plugin or theme will completely wipe out its directory, therefore allowing version history to be lost. The `WP_Upgrader::is_vcs_checkout( ... )` method can be used to detect VCS usage." johnbillion 1 47393 Comment form submission with invalid fields incorrectly returns 200 OK response has-patch Comments 4.1 normal normal Awaiting Review defect (bug) new 2019-05-26T15:28:48Z 2020-10-25T04:31:58Z "This follows up on #11286. I just noticed that a bunch of error responses are returning 200 status code: * `comment_author_column_length` * `comment_author_email_column_length` * `comment_author_url_column_length` * `comment_content_column_length` * `require_name_email` * `require_valid_email` * `require_valid_comment` The origin of this seems to be this [https://core.trac.wordpress.org/ticket/11286#comment:44 comment]: > * Validation errors: 200. I agree completely w/bpetty. This isn't a 4xx error: the request was understood and the client received a response. I don't think this is right. Sure the request was understood, but it was understood to be incorrect. Should they not be 400 (Bad Request)? The argument against 400 was this [https://core.trac.wordpress.org/ticket/11286#comment:21 comment]: > The HTTP Specification says that 400 is for when ""the request could not be understood by the server due to malformed syntax"". So whilst this might be an appropriate response for invalid inputs (e.g. bad email address), I don't think it should be used in wp-includes/comment.php for duplicate comments and comment flooding. There 403 is more appropriate. Nothing here specifically arguing against using 400 for invalid fields. Also, more recently the REST API sends 400 status code responses in `\WP_REST_Comments_Controller::create_item()` for these errors: * `rest_comment_exists` * `rest_invalid_comment_type` * `rest_comment_content_invalid` * `rest_comment_author_data_required` * `comment_author_column_length` * `comment_author_email_column_length` * `comment_author_url_column_length` * `comment_content_column_length` * `comment_flood` The exceptions are `comment_duplicate` which returns [https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/409 409] (Conflict), and the generic DB error `rest_comment_failed_create` which returns with a 500 error code, as expected. For the length errors, a [https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/413 413] (Payload Too Large) code may be more specific. Also, for comment flooding, what about the status [https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429 429] (Too Many Requests)? The REST API should perhaps be updated to use this instead of 400. All this to say, to align with the REST API the comment form submission errors should use 400+ error codes instead of 200." westonruter 7 47408 At the time user_register fires, the user_login field in the database is actually set to user_nicename Users 5.2.1 normal minor Awaiting Review defect (bug) new 2019-05-27T13:28:40Z 2019-05-27T13:28:40Z It appears that `user_login` gets set to the correct login as defined in `$_POST['reg_username']` (i.e. from the registration form) later in the registration sequence. As a result, functions hooking on `user_register` will receive confusing results from `get_userdata` and similar. robert.peake 47413 nested paragraphs in comment post errors has-patch Comments 4.5 normal normal Future Release defect (bug) reviewing 2019-05-28T05:32:48Z 2021-05-15T22:42:25Z "Line 30 in ‘wordpress/wp-comments-post.php’: {{{#!php <?php '<p>' . $comment->get_error_message() . '</p>' }}} An example of the Html code generated: {{{ <p><p><strong>ERROR</strong>: please fill the required fields (name, email).</p></p> }}} The reason is that in function **_default_wp_die_handler**, line 3072 in ‘wordpress/wp-includes/functions.php’ (WordPress 5.2.1), there already is a paragraph tag. {{{#!php <?php $message = ""<p>$message</p>"" }}} I would suggest removing the paragraph in ‘wp-comments-post.php’. Simply: {{{#!php <?php $comment->get_error_message() }}} ought to do. " tnbnicer 4 47419 If emojis or embeds JavaScript is not loaded, variable wp is undefined in the front-end. General normal normal Awaiting Review defect (bug) new 2019-05-28T16:42:09Z 2019-05-29T14:01:40Z "In my plugin I am using wp.createElement in the front-end and using `wp_enqueue_scripts( 'wp-element' )` to load it. If emojis are disabled, the error ""uncaught reference error, variable wp not defined"" happens when trying to access wp.createElement. I could be wrong, but I think the problem is that if emojis are disabled, this line, which sets up the `wp` variable does not run. https://github.com/WordPress/WordPress/blob/master/wp-includes/js/wp-emoji.js#L290-L295 Related bugs: * https://github.com/wp-media/wp-rocket/issues/1720 * https://github.com/CalderaWP/Caldera-Forms/issues/3141 * https://wordpress.org/support/topic/2-errors-in-console/" Shelob9 1 47420 Block markup containing HTML in block attributes is corrupted when using wp_insert_post dev-feedback General normal normal Awaiting Review defect (bug) new 2019-05-28T17:12:15Z 2023-08-30T18:26:32Z "**Issue** Some blocks allow HTML in their block attributes, which display correctly in the editor and the front end. An example is the Pricing block in Atomic Blocks: https://wordpress.org/plugins/atomic-blocks/ If block content copied from the block editor as raw code contains HTML in its block attributes, inserting that content with wp_insert_post() results in corrupt blocks. This appears to be due to the way block attributes like this: {{{ {""price"":""<strong>49</strong>"",""currency"":""$"",""term"":""/mo""} }}} Are encoded like this when saved: {{{ {""price"":""\u003cstrong\u003e49\u003c/strong\u003e"",""currency"":""$"",""term"":""/mo""} }}} **To reproduce** 1. Install Atomic Blocks and activate Twenty Nineteen. 2. Add this code to your theme's functions.php, refresh any page to trigger the code, then remove the code: {{{#!php <?php $post_content = <<<CONTENT <!-- wp:atomic-blocks/ab-pricing --> <div class=""wp-block-atomic-blocks-ab-pricing ab-pricing-columns-2""><div class=""ab-pricing-table-wrap ab-block-pricing-table-gap-2""><!-- wp:atomic-blocks/ab-pricing-table --> <div class=""wp-block-atomic-blocks-ab-pricing-table ab-block-pricing-table-center ab-block-pricing-table"" itemscope itemtype=""http://schema.org/Product""><div class=""ab-block-pricing-table-inside"" style=""border-width:2px;border-style:solid""><!-- wp:atomic-blocks/ab-pricing-table-title {""title"":""\u003cstrong\u003ePrice Title\u003c/strong\u003e"",""fontSize"":""medium"",""paddingTop"":30} --> <div itemprop=""name"" style=""padding-top:30px;padding-right:20px;padding-bottom:10px;padding-left:20px"" class=""wp-block-atomic-blocks-ab-pricing-table-title ab-pricing-table-title has-medium-font-size""><strong>Price Title</strong></div> <!-- /wp:atomic-blocks/ab-pricing-table-title --> <!-- wp:atomic-blocks/ab-pricing-table-subtitle {""subtitle"":""Price Subtitle Description"",""customFontSize"":20} --> <div class=""wp-block-atomic-blocks-ab-pricing-table-subtitle ab-pricing-table-subtitle"" style=""font-size:20px;padding-top:10px;padding-right:20px;padding-bottom:10px;padding-left:20px"">Price Subtitle Description</div> <!-- /wp:atomic-blocks/ab-pricing-table-subtitle --> <!-- wp:atomic-blocks/ab-pricing-table-price {""price"":""\u003cstrong\u003e49\u003c/strong\u003e"",""currency"":""$"",""term"":""/mo""} --> <div class=""wp-block-atomic-blocks-ab-pricing-table-price ab-pricing-table-price-wrap ab-pricing-has-currency"" style=""padding-top:10px;padding-right:20px;padding-bottom:10px;padding-left:20px""><div itemprop=""offers"" itemscope itemtype=""http://schema.org/Offer""><span itemprop=""priceCurrency"" class=""ab-pricing-table-currency"" style=""font-size:24px"">$</span><div itemprop=""price"" class=""ab-pricing-table-price"" style=""font-size:60px""><strong>49</strong></div><span class=""ab-pricing-table-term"" style=""font-size:24px"">/mo</span></div></div> <!-- /wp:atomic-blocks/ab-pricing-table-price --> <!-- wp:atomic-blocks/ab-pricing-table-features {""customFontSize"":20,""paddingTop"":15,""paddingBottom"":15} --> <ul itemprop=""description"" class=""wp-block-atomic-blocks-ab-pricing-table-features ab-pricing-table-features ab-list-border-none ab-list-border-width-1"" style=""font-size:20px;padding-top:15px;padding-right:20px;padding-bottom:15px;padding-left:20px""><li>Product Feature One</li><li>Product Feature Two</li><li>Product Feature Three</li></ul> <!-- /wp:atomic-blocks/ab-pricing-table-features --> <!-- wp:atomic-blocks/ab-pricing-table-button {""buttonText"":""Buy Now"",""buttonBackgroundColor"":""#272c30"",""paddingTop"":15,""paddingBottom"":35} --> <div class=""wp-block-atomic-blocks-ab-pricing-table-button ab-pricing-table-button"" style=""padding-top:15px;padding-right:20px;padding-bottom:35px;padding-left:20px""><div class=""ab-block-button""><a class=""ab-button ab-button-shape-rounded ab-button-size-medium"" style=""color:#ffffff;background-color:#272c30"">Buy Now</a></div></div> <!-- /wp:atomic-blocks/ab-pricing-table-button --></div></div> <!-- /wp:atomic-blocks/ab-pricing-table --> <!-- wp:atomic-blocks/ab-pricing-table --> <div class=""wp-block-atomic-blocks-ab-pricing-table ab-block-pricing-table-center ab-block-pricing-table"" itemscope itemtype=""http://schema.org/Product""><div class=""ab-block-pricing-table-inside"" style=""border-width:2px;border-style:solid""><!-- wp:atomic-blocks/ab-pricing-table-title {""title"":""\u003cstrong\u003ePrice Title\u003c/strong\u003e"",""fontSize"":""medium"",""paddingTop"":30} --> <div itemprop=""name"" style=""padding-top:30px;padding-right:20px;padding-bottom:10px;padding-left:20px"" class=""wp-block-atomic-blocks-ab-pricing-table-title ab-pricing-table-title has-medium-font-size""><strong>Price Title</strong></div> <!-- /wp:atomic-blocks/ab-pricing-table-title --> <!-- wp:atomic-blocks/ab-pricing-table-subtitle {""subtitle"":""Price Subtitle Description"",""customFontSize"":20} --> <div class=""wp-block-atomic-blocks-ab-pricing-table-subtitle ab-pricing-table-subtitle"" style=""font-size:20px;padding-top:10px;padding-right:20px;padding-bottom:10px;padding-left:20px"">Price Subtitle Description</div> <!-- /wp:atomic-blocks/ab-pricing-table-subtitle --> <!-- wp:atomic-blocks/ab-pricing-table-price {""price"":""\u003cstrong\u003e49\u003c/strong\u003e"",""currency"":""$"",""term"":""/mo""} --> <div class=""wp-block-atomic-blocks-ab-pricing-table-price ab-pricing-table-price-wrap ab-pricing-has-currency"" style=""padding-top:10px;padding-right:20px;padding-bottom:10px;padding-left:20px""><div itemprop=""offers"" itemscope itemtype=""http://schema.org/Offer""><span itemprop=""priceCurrency"" class=""ab-pricing-table-currency"" style=""font-size:24px"">$</span><div itemprop=""price"" class=""ab-pricing-table-price"" style=""font-size:60px""><strong>49</strong></div><span class=""ab-pricing-table-term"" style=""font-size:24px"">/mo</span></div></div> <!-- /wp:atomic-blocks/ab-pricing-table-price --> <!-- wp:atomic-blocks/ab-pricing-table-features {""customFontSize"":20,""paddingTop"":15,""paddingBottom"":15} --> <ul itemprop=""description"" class=""wp-block-atomic-blocks-ab-pricing-table-features ab-pricing-table-features ab-list-border-none ab-list-border-width-1"" style=""font-size:20px;padding-top:15px;padding-right:20px;padding-bottom:15px;padding-left:20px""><li>Product Feature One</li><li>Product Feature Two</li><li>Product Feature Three</li></ul> <!-- /wp:atomic-blocks/ab-pricing-table-features --> <!-- wp:atomic-blocks/ab-pricing-table-button {""buttonText"":""Buy Now"",""buttonBackgroundColor"":""#272c30"",""paddingTop"":15,""paddingBottom"":35} --> <div class=""wp-block-atomic-blocks-ab-pricing-table-button ab-pricing-table-button"" style=""padding-top:15px;padding-right:20px;padding-bottom:35px;padding-left:20px""><div class=""ab-block-button""><a class=""ab-button ab-button-shape-rounded ab-button-size-medium"" style=""color:#ffffff;background-color:#272c30"">Buy Now</a></div></div> <!-- /wp:atomic-blocks/ab-pricing-table-button --></div></div> <!-- /wp:atomic-blocks/ab-pricing-table --></div></div> <!-- /wp:atomic-blocks/ab-pricing --> CONTENT; wp_insert_post([ 'post_title' => 'Test block import with HTML in attributes', 'post_content' => $post_content ]); }}} 3. View the newly imported post. You'll see “this block contains unexpected or invalid content” where you expect to see blocks. If you repeat the above steps but use unencoded attributes as follows (find and replace '\u003c' with '<' and '\u003e' with '>'), the blocks import as expected: {{{ {""price"":""<strong>49</strong>"",""currency"":""$"",""term"":""/mo""} }}} **Environment** WordPress 5.2.1, Twenty Nineteen, no plugins active except for Atomic Blocks. macOS/Chrome. **Further info** This isn't limited to Atomic Blocks, as other blocks use HTML in block attributes. This issue was originally reported against the Gutenberg repo by another user who encountered the same, but it was suggested the issue belongs in Trac. I couldn't find a corresponding ticket here. https://github.com/WordPress/gutenberg/issues/14068" modernnerd 5 47426 Site Health should check for incompatible plugins and plugins no longer maintained Site Health 5.2.1 normal normal Awaiting Review enhancement new 2019-05-29T10:24:01Z 2020-12-29T06:21:04Z "WordPress no longer supports installing plugins from the repository that have not been tested with the respective core version. However, site health doesn't report such plugins when core has been updated beyond what the plugins have been tested for. I think this should be added and reported with low severity. When a plugin has not been tested with the 3 releases prior to the respective core version, the severity should be higher to match the current standard on the plugin repository. The severity should be higher again when the plugin has been discontinued. This is relevant for wp.org plugins, but can be extended to plugins from other sources using standards for compatibility statements and/or programming hooks. Themes should be checked and reported in a similar manner." galbaras 5 47427 deleted pages for a plugin prevent page creation during re-installation of plugin reporter-feedback Posts, Post Types 5.2.1 normal normal Awaiting Review defect (bug) new 2019-05-29T13:56:00Z 2019-06-01T12:07:13Z "Plugin xyz creates pages 'login' and 'registration' when it is installed. Those pages are subsequently deleted (moved to trash) and the plugin is uninstalled. If the plugin is then re-installed it will not be able to create 'login' and 'registration' because these pages are sitting in trash. That should not happen because an active 'login' page should not be equal to a 'login' page in trash, they should be separate and distinct page instances which cannot affect each other unless the user takes explicit action (similar to the philosophy behind package installation in Linux): 1. The current behavior should be modified to allow concurrent active and trash instances of the same page. 2. A plugin should have a force option for creating pages. 3. There should be a force restore from trash option. The user would need to be warned, but it should be their choice. " nbi1 3 47428 Site Health: Remove duplicate code in VCS test Site Health 5.2 normal normal Future Release defect (bug) new 2019-05-29T14:05:53Z 2019-08-11T23:33:49Z "In `WP_Site_Health_Auto_Updates::test_vcs_abspath()`, almost the entire `WP_Upgrader::is_vcs_checkout()` function is duplicated. This test should be updated to use `WP_Upgrader::is_vcs_checkout()` instead. There are a few issues with this that would need to be solved, though. In the message to the user, the directory under version control and the type of version control used are specified. This currently can't be determined without duplicating the logic. Also, in order to determine if the `automatic_updates_is_vcs_checkout` filter is overriding the function's result to allow updates, the filter would need to be run twice. Props @johnbillion for the suggestion in #47388." desrosj 3 47436 Menu depth doesn't affect menu-item-has-children Menus 5.2.1 normal trivial Awaiting Review defect (bug) new 2019-05-30T17:19:32Z 2021-08-21T22:47:18Z "Hi, When you add a depth of 1 to wp_nav_menu it removes all the sub menus, but it leaves menu-item-has-children class on the original menu li tags, which means it is styled like it has a dropdown." mikeybinns 2 47438 "do_action will convert ""single array object"" as ""object""" Plugins 5.1.1 normal normal Awaiting Review defect (bug) new 2019-05-30T19:42:28Z 2019-10-21T14:53:03Z " {{{ /* Correct if $object is not object*/ $orders = array(); $orders[] = 'abc'; do_action( 'action123', $orders); add_action('action123', 'func123'); function func123($orders){ //$orders will be array here (CORRECT) } /* BUG: if $orders is an object */ $orders = array(); $orders[]=new stdClass(); $orders->name='Order1'; do_action( 'action123', $orders); add_action('action123', 'func123'); function func123($orders){ //$orders will be non-array here (BUG?) } }}} Note: This will run correctly if $orders[] is not object " erikdemarco 2 47443 REST-API prevents users with edit_published_posts capability updating published posts has-patch REST API 5.2.1 normal normal Future Release defect (bug) new 2019-05-31T10:02:59Z 2024-01-27T08:04:49Z "When a user has `edit_posts` and `edit_published_posts` capabilities but **not** `publish_posts` capability and they edit a published post they they get following error: {{{ 'Sorry, you are not allowed to publish posts in this post type.' }}} Because the Block Editor relies on the REST-API, you can see this behavior in the Gutenberg Editor as well. In Gutenberg they don't see the above error. Instead you see a ""Submit for Review"" button instead of an Update Button. == To Reproduce 1. Create a user with edit_pages and edit_published_pages capabilities but not publish_pages capability 2. Login as that user and edit a published page in the Classic Editor 3. See that the primary action button is ""Update"" 4. Switch to the Block Editor and see that the primary action button is ""Submit for Review"" == I think there are two changes that need to be done: === 1. in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:1825 The if statement should be changed to: {{{#!php <?php if ( 'attachment' !== $this->post_type && ( ( 'publish' == $post->post_status && current_user_can( $post_type->cap->edit_published_posts ) ) || current_user_can( $post_type->cap->publish_posts ) ) ) { }}} After this first change you will have the ""Update"" Button back in the editor, but you still can't update the post. You will receive the above `Sorry, you are not allowed to publish posts in this post type.` answer from the REST-API. A additional change must be done: === 2. in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:1148 The if statement should be changed to {{{#!php <?php if ( ! current_user_can( $post_type->cap->publish_posts ) && ! current_user_can( $post_type->cap->edit_published_posts ) ) { return new WP_Error( 'rest_cannot_publish', __( 'Sorry, you are not allowed to publish posts in this post type.' ), array( 'status' => rest_authorization_required_code() ) ); } }}} == Related Github Issue for Gutenberg: https://github.com/WordPress/gutenberg/issues/13342 I am concerned about introducing security risk with this changes. " derweili 35 47445 Unable to set rows attribute for textarea input in the Customizer has-patch Customize 5.2.1 normal normal Future Release defect (bug) new 2019-05-31T12:58:10Z 2021-05-31T16:18:48Z "Hi there, Currently, when a textarea input is added to the Customizer via WP_Customize_Manager::add_control(), the number of rows is fixed to 5. See [[https://core.trac.wordpress.org/browser/tags/5.2/src/wp-includes/class-wp-customize-manager.php#L4140|line 4140 of the Customize Manager]]. Could this be fixed to be 5 by default, but enables me to override this?" timhavinga 2 47446 Tools > Export does not include term meta data for a custom post type Export 5.2.1 normal normal Awaiting Review enhancement assigned 2019-05-31T15:38:54Z 2019-05-31T15:38:54Z "Steps: # Register a public custom post type # Register a custom taxonomy with a custom term_meta # populate with dummy posts, terms and term meta values # go to tools > export and select your custom post type # The resulting XML is perfectly valid and includes all posts along with the terms of the taxonomy. Observe that none of the terms have their corresponding term_meta Expected: When exporting content of one custom post type, the term_meta should be included. Solution: I have not found one. Looking at wp-admin/includes/export.php:148 I can see that $terms is only populated when $args['content'] is set to all (""All Content""). Here the source I am referring to: https://github.com/WordPress/WordPress/blob/5.2.1/wp-admin/includes/export.php#L148 Environment: WP 5.2.1, WAMP, PHP7.2 " mclaurent 47447 Allow client-side storing of comment meta Comments normal normal Awaiting Review enhancement new 2019-05-31T15:46:52Z 2019-05-31T15:46:52Z "As a modern counterpart to #12431, I think it'd be nice if plugins could add comment meta from the client side as well. An example use case would be [https://github.com/iandunn/compassionate-comments a plugin that identifies toxic comments, and then encourages the author to rephrase it to be more kind before it gets submitted]. It's currently possible by adding a `preprocess_comment` callback that examines `$_POST`, verifies and sanitizes the data, and then adds it to `$commentdata` before that gets passed to `wp_insert_comment()`. It could be much easier and standardized, though. Ideally, I think a client-side script should be able to just append a hidden input field named `comment_meta[]` to the `.form-submit` element, and have it be automatically added via `wp_insert_comment()`, rather than being ignored by `wp_handle_comment_submission()`. Since it's coming from the client side, the data can't be trusted. We need to verify that it was added by the enqueued script, and then sanitize it. Maybe there could be something similar to `register_post_meta()` with a `allow_in_form` boolean param, and a `sanitize_callback` param." iandunn 47452 WordPress taking time to login and throwing time-out error on upgrading dev-feedback Upgrade/Install 5.2.1 normal critical Awaiting Review defect (bug) new 2019-06-01T07:08:56Z 2022-11-15T18:21:31Z "**Description**: When new updates are available, I upgraded to the new version but after the upgrade successful, I still see the upgrade version and after that WordPress started working very slow. Any operation performed on the platform will take more time to load and sometimes it comes up with ""connection time out"" error too. **Steps to reproduce** 1. Check for update 2. update your WordPress version from your site to version 5.2.1 3. Route to the dashboard, where you will see update button to version 5.2.1 4. Perform any operation like (user info, plugin page, widget page) it takes time to load and sometimes it throws ""connection time out"". **System Info:** System: Windows, Linux Browser: Chrome 74.0.3729.131 (Official Build) (64-bit) " kevintran094 2 47453 WP_Http_Parser warning on plugins page reporter-feedback Upgrade/Install 5.0.3 normal normal Awaiting Review defect (bug) new 2019-06-01T07:41:31Z 2019-06-04T15:42:02Z "Warning: call_user_func() expects parameter 1 to be a valid callback, class 'WP_Http_Parser' not found. Happens when update_plugins transient is deleted. Possible fix: {{{#!php // On line 519 (before call_user_func call) if (class_exists($class)) { }}} " indeveler 1 47456 Improve the user interface to ensure correct usage of the image alt text joedolson* Media high normal Future Release defect (bug) accepted 2019-06-01T11:15:23Z 2024-03-12T11:15:33Z "Splitting this out from the [https://github.com/WordPress/gutenberg/issues/created_by/karlgroves WPCampus accessibility report issues on the Gutenberg GitHub], see https://github.com/WordPress/gutenberg/issues/15309 as part of the reported issue applies to the Media Views in core. Related: #41467 == Problem A common misconception is that the image alt text should always be a ""description of the image"". In most of the cases, this is misleading. Actually, the image alt text needs to describe the purpose of the image in its specific context. For more details, see the W3C Alt Text Decision Tree tutorial (https://www.w3.org/WAI/tutorials/images/decision-tree/). WordPress stores a ""default"" alt text in the media object. While storing a default value may help users when they build their content, it also promotes a misunderstanding of the purpose of the alt text. In the accessibility team, we think this is more an user interface problem rather than a data model problem. The user interface should ensure users clearly understand that alt attributes are context sensitive and that the ""default"" alt value needs to be changed (or even removed) based on the specific usage. == Data model problem: The alt text is not constant: it needs to describe the image purpose on a case by case basis. == User interface problem: The alt text from the media library is automatically assigned as the alt text within the post: this is not always correct. Actually, in most of the cases it produces wrong alt text. == Improvements to evaluate Credits: Some of the following points come from @carlseibert and @joedolson comments on #41467, and from the Gutenberg GitHub issue. 1. allow saving multiple alt attributes for a given media object: a default attribute and a set of alternates users can select from 2. have something in the editor UI that would let users know whether the alt text was filled, and what it says 3. modifications on the Media views side to differentiate between the alt text describing the image and the alt text for a specific usage, which might override the normal alt text without changing it 4. all linked images must have alternative text if the image is the sole content of the link, and the action should be blocked if this is not true 5. any guidance given should inform users that the text provided needs to inform the user of the link action 6. include a warning about linking directly to the image file: linking directly to images is inadvisable, because the resulting image view in the browser does not include alternate text 7. when the image is linked to the image file itself, the alt text can remain the normal alternative text for that image, with an appended indicator that the link is to view the image 8. worth considering plugins that add ""lightbox"" modals, sliders and the like often use the alt text value to add contextual text within their UI 9. images used to link to other resources should offer a field to add dedicated link text separate from the image's own description; in this case the alt text should be empty. Example markup (simplified):" afercia 47 47460 Twenty Nineteen: heading style breaks headings in content added by core or plugins in the front end Bundled Theme normal normal Awaiting Review defect (bug) new 2019-06-02T10:53:15Z 2019-06-02T10:53:15Z "The Twenty Nineteen style for headings uses some CSS generated content to draw a short horizontal line before the headings. This comes from the `post-section-dash` mixin used for various elements, for example the h1-h2 headings, `entry-title`, `author-title`, and `comments-title`. So far so good. But when ""external"" content is added to a Twenty Nineteen page, the horizontal line CSS rule targets any H1 and H2 headings. For example, when adding the media modal in the front end, the modal headings break. See attached screenshots. This also applies to any content added by plugins when the added content includes H1 and H2 headings. Seems to me this CSS selectors should be better scoped to try to target only the headings within the theme content: https://github.com/WordPress/twentynineteen/blob/b604f127c2cae10bd48bbbec0fbbbff2cd31f957/sass/elements/_elements.scss#L55-L58 " afercia 47465 current_action function - return types reporter-feedback Administration 5.3 normal minor Awaiting Review defect (bug) new 2019-06-03T12:32:37Z 2019-06-06T09:18:44Z "I received a PHP notice ""Array to string conversion"" that led me to the current_action() function in class-wp-list-table.php. This function can return an array as a valid value. For example this request will return an array: http://localhost/site/?action[]=1&action[]=2 But in this case: PHPDoc is incorrect. Should be: {{{ @return string|false|array }}} or/and this may break some of the scripts that use this function. simply because they use the result value as a string. Possible solution: add an additional check: IF array THAN take only the first value of the result. Thanks!" madeinua 2 47468 Cookie Expiry & Login Popup causes loss of any work currently busy with Users 5.2.1 normal normal Awaiting Review defect (bug) new 2019-06-03T15:06:19Z 2019-10-01T12:54:03Z "This is the most annoying thing in 5.x I will often start working on a post, do some extensive work and then very annoyingly at some point get a login popup due to the cookie having expired. Results after this happens is being taken to a very nasty page saying ""That link is no longer available"" (< something like that) result: all work lost. It's now happened to me a number of times and I do not recall having this on 4.x and prior versions. If I actually start working inside Admin even 5 minutes before a cookie is due to expire, the system should be smart enough to detect I am actually an Admin and I am currently active and it should extend the cookie. Unless I can somehow bypass this annoying behavior myself?" mitchellk 4 47470 XML parsing error: undefined entity (revisited) Feeds 5.2.1 normal normal Awaiting Review defect (bug) new 2019-06-03T18:55:49Z 2019-06-03T23:45:13Z "After 10 years, bug #8464 seems to be back in 5.2.1 On a completely fresh install (no plugins, default theme) I added a tag with a ' (single quote) in the title. This converts to ’ in the feed title. This in turn, generates {{{ This feed does not validate. line 11, column 9: XML parsing error: <unknown>:11:9: undefined entity }}} for the tag's feed on https://validator.w3.org/feed/ See https://validator.w3.org/feed/check.cgi?url=https%3A%2F%2F2607.fr%2Ftag%2Flapostrophe%2Ffeed%2F for example" RavanH 2 47483 Add filters for included CA bundle path has-patch HTTP API normal normal Awaiting Review enhancement new 2019-06-05T07:31:23Z 2021-10-14T16:21:24Z "Allow overriding of CA bundle path. See also #45807" skithund 2 47488 "add ""extensibility"" to WP_Privacy_Requests_Table" Privacy normal normal Awaiting Review enhancement new 2019-06-05T20:09:01Z 2019-06-06T23:53:37Z "`WP_Privacy_Requests_Table` (and its 2 sub-classes `WP_Privacy_Data_Removal_Requests_List_Table` and `WP_Privacy_Data_Export_Requests_List_Table`) lack some of the ""extension"" points that other list tables (e.g., `WP_Posts_List_Table`) in core have. A short list of what is missing includes: * an `extra_tablenav()` method and the `restrict_manage_xxx` and `manage_xxx_extra_tablenav` actions that accompany it * the ability to add custom columns (via a `xxx_columns` filter) * the ability to add/remove row actions (via a `xxx_row_actions` filter) * the ability to add ""display states"" (via a `display_xxx_states` filter) I do **not** have a concrete use-case for needing any of the above **at this time**, but feel that **all** core list tables should support them **unless there is a concrete reason not to**. I'll add a patch shortly." pbiron 8 47491 Avoid double colouring in privacy request rows w/ notices Privacy 4.9.6 normal normal Future Release defect (bug) new 2019-06-06T07:28:54Z 2020-05-11T19:46:57Z "As initially raised here - https://core.trac.wordpress.org/ticket/44135#comment:16 @karmatosed; > I would note a caution in double colouring as seen with blue and green combined in messages. I have to ask why are we showing blue and green together? I would say the following works: > - No color around the actual email itself. > - If successful green > - If no personal data found blue > Grey doesn't really mean anything in terms of this UI so I think lets just not have a double notice color combination and we're set. It after all should only have a notice for information about the state change, not wrap everything. Branching this ticket to keep trac of the issue here." garrett-eclipse 6 47492 Multisite Feature for Plugins reporter-feedback Plugins normal normal Awaiting Review feature request new 2019-06-06T13:40:33Z 2020-12-27T18:35:48Z It would be great to see on the dashboard which plugins are running on what sites on a multisite. anonymized_16100632 4 47493 Meta Query Sorting with relation => OR not behaving as expected Query 4.8.2 normal normal Awaiting Review defect (bug) new 2019-06-06T13:45:36Z 2019-06-06T14:18:32Z "When sorting on multiple meta query clauses with the default AND relation the sorting works as expected. When sorting with an OR relation the sorting does not function as expected. {{{ 'meta_query' => array( //'relation' => 'OR',// when turning this on the sorting does not work.. 'cornerstone_clause' => array( 'key' => '_yst_is_cornerstone', 'compare' => 'EXISTS', 'type' => 'BINARY', ), 'count_clause' => array( 'key' => 'erp_post_views_count', 'compare' => '>', 'value' => 0, 'type' => 'NUMERIC', ), ), 'orderby' => array( 'cornerstone_clause' => 'DESC', 'count_clause' => 'DESC', ), }}} The idea of the query is to first show any posts that contain '_yst_is_cornerstone' and sort the remaining by 'erp_post_views_count'." tcaneeaglepub 47500 Optimize customizer load time dev-feedback Customize normal normal Awaiting Review enhancement new 2019-06-07T00:42:58Z 2021-05-31T16:22:13Z "Please see some discussion in slack for background and ideas https://wordpress.slack.com/archives/C0381N237/p1559852377000600 TLDR; More plugins and themes are using the customizer. It's a very good experience when making changes to options that affect the display of the site. As more controls are added the initial page render is taking longer and longer. Searching for things like ""WordPress customizer long load times"" results in tickets like https://wordpress.org/support/topic/customizer-takes-12-seconds-to-load/ In my own tests against a plugin I develop for I've found DOM Ready load times approaching 10 seconds. In default usage this is not apparent, but as themes and plugins use the customizer it becomes very slow. Ideally the initial page render should be more complete and then panels, sections, and controls can be added. This will make the page ""feel"" complete and more responsive." Nick_theGeek 2 47505 Create a comprehensive input validation API for WordPress editor and administration interface audrasjb* needs-unit-tests Administration normal normal Future Release defect (bug) accepted 2019-06-07T14:24:03Z 2019-10-04T15:43:46Z "Currently, WordPress lacks a comprehensive API for validating form input and alerting users to errors or missing fields. One example of how this can cause problems was captured by @conner_bw in #47018 -- failing to fill in the required ‘Name’ field when creating a new taxonomy term highlights the field in red but provides no textual message indicating that a required field is missing. As noted by @afercia: > there are at least two WCAG success criteria (1 is level A, the other one is level AA) that requires a clear identification of the item in error and clear suggestions for correction. ([https://wordpress.slack.com/archives/C02RP4X03/p1556291609088300 See Slack discussion]) The lack of input validation mechanisms has also been noted as a shortcoming in Gutenberg ([https://twitter.com/thespacedmonkey/status/1136570949048909824 see tweet] from @spacedmonkey about this). In the [https://wordpress.slack.com/archives/C02RP4X03/p1556291406082600 Slack discussion] of #47018, the Accessibility team agreed that the broader goal of researching and planning a comprehensive form validation API would be a valuable project that would benefit all users. This ticket should serve as a starting point for that exploration process. One example of how this could work shared during the discussion was something along the lines of Tenon’s React-based form validation library: [https://www.tenon-ui.info/forms-full-demo] Two use cases that this API should cover: - Required input is missing - Required input is not the expected type To be continued!" greatislander 11 47511 "Add specific ""default settings"" for different locales" I18N normal normal Future Release enhancement new 2019-06-08T23:49:56Z 2022-09-30T13:33:48Z "In the UI there are several settings that are locale-specific, like ""Date Format"", ""Time Format"", ""Week Starts On"", etc. Also some locale specific differences in displaying information, like user's name on the Profile screen. In East Asia and some parts of Europe (and others) it is not accepted to have ""John Doe"", it is ""Doe, John"" (with or without the comma). For these locales the order of the form fields for First Name and Last Name should be swapped. This is handled well in MacOS and Windows. Not sure if we need all the options they offer, but a default per-locale settings would be great to have. Then they can include word-count methods (""words"" vs. characters), default lengths for strings/excerpts, (perhaps) some encoding changes for emails, decimal separator (`3,14` vs. `3.14`), grouping separator (`1 000 000` vs. `1,000,000`), and anything else that is locale-specific." azaozz 19 47514 Change priority of make_clickable callback to boost performance Comments 5.2.1 normal minor Awaiting Review enhancement new 2019-06-09T21:16:48Z 2019-06-12T18:58:25Z "Hi! Preemptive: please excuse me if this ticket is inappropriate. Since WordPress' HackerOne states explicit disinterest in DoS related issues, I hesitated at first to create this ticket here. However, the effectiveness of the DoS attack and the signifcant performance boost I gained after I understood the logic behind the attack and changed a line of code made me think this might be worth sharing here. Last week one of our clients who runs a very high profile site with WordPress fell victim to a sophisticated DoS attack where attackers spammed the site with comments containing thousands of strings such as {{{ftp.z}}}. The processing of requests that displayed these comments took a huge portion of the server's available RAM. Long story short, we identified the following callbacks as the troublemakers: 1. {{{make_clickable}}} 2. {{{wp_kses_post}}} 3. {{{wptexturize}}} 4. {{{convert_chars}}} 5. {{{convert_smilies}}} 6. {{{force_balance_tags}}} 7. {{{wpautop}}} They all have in common that they operate on the entire comment string and attempt to parse out all HTML tags contained within them via REGEX functions, which takes up a lot of RAM. As a solution for our client, we established some more spam filtering for created comments. However, out of personal interest in how this attack worked I tried to understand the logic behind the attack. The reason the attackers had created comments containing thousands of strings such as ftp.x is that the {{{make_clickable}}} callback converts these strings into full {{{<a>}}} tags via PHP's built-in {{{preg_replace_callback}}}. Per default, comments can only contain 65500 characters. The string {{{ftp.x }}} (including the whitespace) contains only 6 characters. Thus it is possible to have the string {{{ftp.x }}} contained 10916 times within a single comment. {{{make_clickable}}} then turns those 10916 strings into 10916 tags, leading to a comment containing over 500.000 characters. Since {{{make_clickable}}} runs first, all of the other 6 callbacks that operate on the comment string use REGEX to parse 10916 * 2 (one opening and one closing) tags, leading to a huge memory overhead. I figured that changing the priority of the {{{make_clickable}}} filter so that it runs after {{{force_balance_tags}}} significantly increased the efficiency of the RAM usage of our server when confronted with comments containing links. Since the {{{<a>}}} tags are properly generated by WP itself, there is no reason to have it run through functions such as {{{force_balance_tags}}}. To reproduce the problem, just open a test setup of WordPress and navigate to a post that has comments enabled. Create a new one and open the developer console of the browser and type {{{comment.value = ""ftp.x "".repeat(10916)}}} Submit the comment and notice how long it takes to load the site. Imagine hundreds of such comments being loaded by hundreds of bots at the same time, then you get what happened to our client's site. The following shows the patch I applied (also attached as a diff file): {{{ --- a.php 2019-06-09 22:47:58.744746903 +0200 +++ b.php 2019-06-09 22:49:00.080742874 +0200 @@ -190,7 +190,7 @@ add_filter( 'comment_text', 'wptexturize' ); add_filter( 'comment_text', 'convert_chars' ); -add_filter( 'comment_text', 'make_clickable', 9 ); +add_filter( 'comment_text', 'make_clickable', 26 ); add_filter( 'comment_text', 'force_balance_tags', 25 ); add_filter( 'comment_text', 'convert_smilies', 20 ); add_filter( 'comment_text', 'wpautop', 30 ); }}} Best regards, Olliver " olliverh87 2 47517 Left Navigation Disappeared dev-feedback Administration normal normal Awaiting Review defect (bug) new 2019-06-10T09:27:48Z 2019-06-11T18:49:07Z "Hello, Left navigation is disappeared when we open inspect element/tool in google chrome browser after reaching to the bottom of the page on Admin Dashboard > settings > discussion. Please checked attached video. Thanks." shashank3105 2 47518 Add an explanatory message to the Revisions screen for locked posts adamsilverstein Revisions normal normal Awaiting Review enhancement assigned 2019-06-10T15:30:43Z 2021-04-30T17:44:27Z "It's possible for a user to navigate to the revisions screen for a post that's locked due to another user editing it, and not be able to restore any revisions due to the fact that the post is locked. In this situation no message is shown on the Revisions screen that explains why the `Restore This Revision` button is disabled. Under normal operating procedure it's not easy to get to the Revisions screen for a locked post, but it is possible. A workflow related plugin, audit trail, or revisions list can make it possible to navigate directly to a revision without going via the otherwise locked editing screen. 1. User A navigates to the revisions screen for a non-locked post. 2. User B visits the editing screen for the post. 3. User A clicks `Return to editor` on the revisions screen. 4. User A chooses not to take over, and clicks `Go back`. User A is now shown the revisions screen for a locked post and the `Restore This Revision` button is disabled for all revisions but with no explanatory information." johnbillion 1 47520 [WP5.2.1] Crop images in IE11 not working Editor 5.2.1 normal normal Awaiting Review defect (bug) new 2019-06-10T17:20:19Z 2023-03-12T21:54:32Z "Hello, I'm using IE11 with WordPress 5.2.1 and if I create a gallery with the Gutenberg editor and turn off the function ""crop images"" on the right bar the last picture is not resized (I created a four column gallery and the last picture is one in the last line). The last picture is 100% width on the complete site. In Firefox and Edge it works, the picture has the right size. " vincenz17 1 47526 Flagging system needed to help flush rewrite rules on post type registration from a plugin dev-feedback Rewrite Rules 5.2.1 normal normal Awaiting Review feature request new 2019-06-11T16:31:51Z 2019-07-11T21:59:40Z "When activating or deactivating a plugin with post types or taxonomies the timing of flushing rewrite rules is very cumbersome. There are also inconsistencies on how flushing rewrite rules ""should"" be handled when activating vs deactivating. Further, some plugins remove the rewrite rules added for a post type by other plugins. I think it is worth considering the implementation of a unified API for flushing rewrite rules to help plugin developers flush permalinks registering with post types and taxonomies. I believe a good starting point would be to add a flagging system to the database. The flagging system would allow authors to check for the flag and execute code when the flag is available. This seems to be a common practice already. Example implementation: {{{#!php <?php // Plugin Name: My Plugin add_action( 'init', function() { register_post_type('book', ['public' => true]); }); function my_plugin_activate() { update_site_state_changed( 'flush_rewrite_rules' ); } function my_plugin_deactivate() { update_site_state_changed( 'flush_rewrite_rules' ); } register_activation_hook(__FILE__, 'my_plugin_activate'); register_deactivation_hook(__FILE__, 'my_plugin_deactivate'); }}} The applied patch is for proof of concept. Not intended to be final. " kevindees 4 47527 Add visible class to media library sidebar on library frames joemcgill has-patch Media 5.3 normal normal Future Release defect (bug) reviewing 2019-06-11T20:42:27Z 2021-04-27T20:12:16Z "The visible class as the code comment specifies is used to ""''Show the sidebar on mobile''"". This ensures that when a user selects an image on the media library even on mobile, the user can still see the image/file details. This class is only added for insert frames. Insert frames are used by the classic editor to insert images, audio, and the media widgets also use them. Most tutorials I checked related to media library usage in plugins end up using the ""library"" frame, so I guess most plugins use this frame. The block editor also uses the library frame most of the times, so the block editor contains a bug where on mobile the media sidebar with the details of the selected file does not appear. I think this bug will also affect the media sidebar of most WordPress plugins. I don't think there is a reason to not add the visible class in the library frame, and in my tests, I did not found any regression with this change. With these changes when we are on a small screen e.g:600px, we add an image block on the block editor, we press the media upload button to open the media library and then we select a file we are able to see the file details, without this changes we don't see the sidebar at all. More details of the issue are available in the Gutenberg repository https://github.com/WordPress/gutenberg/issues/10232." jorgefilipecosta 16 47528 Site Health: Add test for file checksums has-patch Site Health normal normal Future Release enhancement new 2019-06-12T09:14:05Z 2023-09-08T23:40:42Z "For a while now there has been [https://github.com/wp-cli/checksum-command a WP-CLI command] to verify the current installation's integrity by comparing checksums. This makes it easy to detect suspicious modifications to core files and even plugins (if the plugin is hosted on WordPress.org) I think Site Health would be a good place to possibly add such a checksum verification to WordPress core itself. If a user is presented with a warning that core files have been modified, they could be offered the opportunity to re-install WordPress (just like you can do under Dashboard -> Updates) The same goes for plugin checksums." swissspidy 19 47529 Media manager doesn't display cropped images dev-feedback Media 4.9 normal normal defect (bug) reopened 2019-06-12T09:19:59Z 2019-06-14T14:59:22Z "Media manager doesn't display cropped images We should change the display to list mode to view cropped images " dedidata 2 47531 Handling WP embed (native) Audioplayer's Volume Slider with keyboard defective Media 5.2.1 normal normal Future Release defect (bug) new 2019-06-12T12:05:25Z 2019-08-29T14:35:16Z " As I underestand, handling audioplayers with Tab/Arrows/Enter should be universal with all browsers. I have built a test-webpage from my main web page, consisting some audio-books for children. There are several single WP embed (native) players: https://midripai.ee/s3/pai/pai-kuulata-yksiti-wpn/. Moving with Tab-key onto volume slider, it should be increasing volume by Right Arrow, and decrease by Left Arrow (at least Screenreader Orca in Linux tells to do so). Instead of that, the Down Arrow decreases volume, and ''the Up Arrow does nothing''. Of course, the volume can be handled by Up/Down arrow, being either on Time Slider; or on Mute Button (it seems not to depend of web browser: at least Chrome and Firefox do work similarly.) Yet bringing volume down, being on Volume Slider by Down Arrow could be annoying for visually impaired, as one needs to move back onto Mute Button or Time Slider of the same player to increase volume again. Being on the Play/Pause button, the Down Arrow also decreases volume; and Up Arrow does nothing. The same problem occurs also with WP embed (native) Playlist Player. Tested: Win7-64 bit: Both Chrome (74; 75.0.3770.80 = the latest) and Firefox (67.02); and Linux Mint Mate 18.3 64 bit: Chromium 73.0.3683.86 and Firefox (67.0) Laptops: Fujitsu E8420 and Lenovo w500 internal keyboards and also external ps2 and USB-keyboard. Both with Blocks and blocks switched off (with plugin Classic editor); and also disabled all plugins for test). I did not use special Audio-blocks though." Juhan108 2 47539 Incomplete sanitization of upload file name. SergeyBiryukov has-patch Media 2.1.1 normal normal Future Release enhancement reviewing 2019-06-14T05:03:01Z 2019-12-06T05:09:27Z "The newline code is replaced with ""-"" in sanitize_file_name, but other control characters have not been sanitized. For example, `^ P` ( ` \ x10` ) This allows uploading with the control characters included in the file name. {{{ # ls -la -rw-r--r-- 1 root root 19058 Jun 14 04:21 ???wapuu_escape-150x150.png -rw-r--r-- 1 root root 41163 Jun 14 04:21 ???wapuu_escape-297x300.png -rw-r--r-- 1 root root 31022 Jun 14 04:21 ???wapuu_escape.png }}} After applying the patch: {{{ # ls -la -rw-r--r-- 1 www-data www-data 19058 Jun 14 04:27 wapuu_escape-150x150.png -rw-r--r-- 1 www-data www-data 41163 Jun 14 04:27 wapuu_escape-297x300.png -rw-r--r-- 1 www-data www-data 31022 Jun 14 04:27 wapuu_escape.png }}} Attach a test file. " mt8.biz 4 47544 Code Editor not listing files/folders in the right order Administration 5.2.1 normal minor Future Release enhancement new 2019-06-15T08:13:32Z 2019-08-28T17:28:38Z "On new installations on test sites, I have seen the correct order for listing of files/folders in the code editor. ie: - important files - folders - files in the root. However, in my installation, I don't get the same order. Example screenshot attached. [[Image(https://i.imgur.com/MSaqTUc.png)]] readme.txt and composer.json should be lower in the list. " superpoincare 3 47545 Getting undefined wp.media.frame.state() after click on featured image preview antpb reporter-feedback Media 5.2.1 normal normal Future Release defect (bug) assigned 2019-06-15T13:29:15Z 2023-02-26T04:43:26Z " In WP 5.x: - When I click on the featured image preview the wp.media.frame.state().get('selection') is undefined. - But, when I click on the ""Replace image"" button wp.media.frame.state().get('selection') returns the selected attachment object (which is the expected behaviour). While in WP 4.x it returns correctly the attachment when I click on the featured image preview. " nlemsieh 8 47546 The language used for the `lang` attribute isn't validated before being used I18N normal normal Awaiting Review defect (bug) new 2019-06-15T13:48:41Z 2024-02-28T14:14:35Z "In the admin area, the `lang` attribute can be populated directly from the `WPLANG` option or the user's `locale` meta field. In these cases, no check is performed to ensure that the corresponding language files exist before using the value for the `lang` attribute. This can come about if the language files that are used by a user or the site are deleted, or the value is otherwise modified to include an incorrect value. For example, running `wp user meta update admin locale it_IT` will result in `lang=""it_IT""` being added to the `<html>` element, even if the corresponding language files don't exist. This can result in the browser being confused about the language of the page, and can also result in assistive technology handling or pronouncing text incorrectly. It would be preferable if the existence of the corresponding language files was checked before the `lang` attribute was output, falling back to `en_US` as necessary. I'm not sure if it's best to make this change in the `get_language_attributes()` function, or lower in the `determine_locale()` or `get_bloginfo()` functions." johnbillion 3 47547 switch_to_locale( 'en_US' ) is unreliable johnbillion* close I18N normal normal Awaiting Review defect (bug) accepted 2019-06-15T18:10:36Z 2024-02-29T11:09:48Z "Given a site that uses `en_US` as its language, a user with their user language set to something else, and that user logged into the admin dashboard, calling `switch_to_locale( 'en_US' )` appears to be unreliable. 1. ❌The return value of `determine_locale()` is the user's language, not `en_US`. 2. ✅Localised text without a textdomain (ie. text from core) is correctly displayed in `en_US`. 3. ❌Localised text with a textdomain (ie. text from plugins or themes) is incorrectly displayed in the user's language. This may be related to #39210. Given a site that itself uses a language other than `en_US`, calling `switch_to_locale( 'en_US' )` does appear to work although I haven't tested it extensively." johnbillion 5 47549 Http proxy not passing Auth request Basic header HTTP API normal normal Awaiting Review defect (bug) new 2019-06-17T13:32:55Z 2019-07-25T09:46:04Z "Hi, I've configured WordPress to use an HTTP Proxy, using WP_PROXY_* consts in wp-config.php All outgoing communications are passed to the proxy, but we have an authentication problem. It seems that, using libCurl transport, in curl_before_send are set only CURLOPT_PROXYAUTH e CURLOPT_PROXYUSERPWD but not ""Proxy-Authorization: Basic"" header. Just for test, I've disabled curl transport ( in Request/Transport/cURL.php - function test() I've done a shortcircuit to false ), so using fsockopen I can authenticate regularly. Maybe there is an implementation bug? Have you a solution for this or some test to run to help you? Thank you, Simone. " smarx80 1 47550 Some Unicode characters not saving in customizer Customize 5.2.1 normal minor Awaiting Review defect (bug) new 2019-06-17T13:47:59Z 2021-05-31T16:23:54Z "If you use upcoming Emojis (Like U+1F90D White Heart - https://emojipedia.org/white-heart/ ), WordPress is unable to save the change. Works at some places, doesn't work at other places. In the customizer, i can use the Emoji for the site title and description without any problems. If i instead try to use the emoji for a widget title the preview works, but saving does not. There is no error message, all other things i changed will be saved, just the affected field keeps it old value. Workaround: In areas where i am allowed to insert HTML, i can just write F90D; to use the emoji. " marvinside 2 47552 post_name when inserting is not guaranteed to be unique Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-06-18T00:41:05Z 2019-06-18T03:59:14Z "Hi all, In wp_insert_post, there is a gap between the allocation of the post_name (as wp_unique_post_slug), and the insertion ($wpdb->insert) of the post. This is problematic because another WordPress instance can insert a post with the same post_name in this gap, which would result in two posts being inserted with the same post name See here for an example: https://github.com/domsleee/wp_insert_post_duplicate I suppose a solution may be to obtain a table lock, then find a unique slug and insert the post, and then release the table lock... but this doesn't seem very performant. What do you guys think?" domslee 1 47554 Post history dev-feedback Editor 5.1.1 normal major Future Release defect (bug) new 2019-06-18T10:11:49Z 2020-11-24T04:07:38Z "Hello everybody. This ""bug"" might be a timeout issue or might have something to do with the server times, but it could be fixed from software side, as far as I see it. It also might be a Gutenberg issue, but its look like it is from the core. Classic: - User A opens the post and write some content. - User B also opens the same post an clicks on take over. - User A gets pop up with info about the take over and can go to ""all posts"" Problem (Version 5.1.1): 1. Popup for user comes to late -> content not saved 2. Popup doesn't appear -> user saves post which will be override from user B's content. Solution: 1. auto save e.g. every 10 seconds 2. History besides the post, e.g. on the very right column. History contains lets say the last 5 or 10 (configurable) versions of the post. Users can see a diff or can restore the whole last version of the entry. - History doesn't contains versions of auto save (only last auto save) --- User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Iridium/2018.11 Safari/537.36 Chrome/71.0.0.0 " d3n15 1 47555 Add per_page filter to nav-menu.php audrasjb has-patch Menus low normal Future Release enhancement reviewing 2019-06-18T12:55:54Z 2021-08-12T21:17:18Z "Right now there is a hardcoded number of posts / terms (50) displayed per page in wp-admin/includes/nav-menu.php, which might be ok for posts, but it's a nightmare when having a lot of terms (hierarchical). For example in WooCommerce, I have like 200 categories and some of those are having the same name (but different parent). When I go through the list of those categories, it's quite hard to find exactly the one I'm looking for if the parent is on previous page. Having pagination as default is ok, but there should be a simple filter that will allow plugins / themes to change the per_page variable value (at least in wp_nav_menu_item_taxonomy_meta_box), so you could list more than 50 terms per page." Martin Snajdr 8 47557 Sanitize Email Suggestion needs-unit-tests Formatting 5.2.1 normal minor Awaiting Review enhancement new 2019-06-18T15:19:58Z 2023-03-23T16:11:52Z "I am using WooCommerce and I've noticed several customer emails come through like... {{{ example@example.com1234 example@example.com1234567812345678 }}} It's mostly due to the email input being the last one before the credit card step, but these emails are passing the validation and sanitization that exists: is_email and sanitize_email. I am doing something like the following to fix... {{{#!php <?php public function clean_billing_email_address( $value ) { return trim( preg_replace( '/\d*$/', '', $value ) ); } add_filter( 'woocommerce_process_checkout_field_billing_email', 'clean_billing_email_address' ); }}} You may consider adding something like this to the sanitize_email function since no TLD ends with numbers anyways, at least at this point in time." dandersoncm 1 47563 Update get_template_part() function dev-feedback Themes normal normal feature request reopened 2019-06-19T12:31:29Z 2021-03-21T18:49:44Z "I think it would be good to add the ability to programmatically override the output of posts in the loop without interfering with the theme files ( for example, archive.php and others ). This will allow you to change the display of posts through plugins. **For example.** To adapt the theme to work with Woocommerce, you need to edit the theme code. For users, this is sometimes very difficult. My code: {{{#!php <?php function get_template_part( $slug, $name = null ) { /** * Fires before the specified template part file is loaded. * * The dynamic portion of the hook name, `$slug`, refers to the slug name * for the generic template part. * * @since 3.0.0 * * @param string $slug The slug name for the generic template. * @param string|null $name The name of the specialized template. */ do_action( ""get_template_part_{$slug}"", $slug, $name ); $templates = array(); $name = (string) $name; if ( '' !== $name ) { $templates[] = ""{$slug}-{$name}.php""; } $templates[] = ""{$slug}.php""; /** * Fires before a template part is loaded. * * @since 5.2.0 * * @param string $slug The slug name for the generic template. * @param string $name The name of the specialized template. * @param string[] $templates Array of template files to search for, in order. */ do_action( 'get_template_part', $slug, $name, $templates ); $templates = add_filter( 'get_template_part', $templates ); locate_template( $templates, true, false ); } }}} " yanalexandrov 3 47564 Protect against recursive customizer navigation menu data has-patch Customize normal normal Future Release defect (bug) new 2019-06-19T19:54:58Z 2021-05-31T16:27:33Z "Recursive data can slip into navigation menu structure but client-script currently has no protection against, resulting in browser freezing when trying to edit navigation menus. Attached patch changes `getDepth()` to keep track of parent navigation menu item ID to avoid recursion." donpark 5 47565 WordPress permalinks flip in hebrew has-patch Permalinks 4.9.8 normal normal Awaiting Review defect (bug) new 2019-06-19T20:13:06Z 2022-07-07T00:07:33Z "I have a WordPress website in hebrew. My problem is when have a parent page and a child page, the child page url permalink is backward(the child page slug is after the parent page slug). I want first the parent slug then the child. When click Edit it shows it right, but when click ok it's not. The problem is only with this language, when it is english it is ok - Parent slug/Child slug. Here is Child slug/Parent slug [[Image(1.jpg)]] If i click Edit: Parent slug/Child slug [[Image(2.jpg)]]" alexstan92 2 47579 Featured image Drag and Drop UI / UX Administration normal normal Future Release enhancement new 2019-06-20T13:48:34Z 2019-07-31T19:11:46Z "Hello! I've been advised this applies to Core / Design so I'm going to report my feedback here as well. This is an issue related to Gutenberg but it's not a part of the Block Editor. It's a Gutenberg feature but one that's in Core. **Original GitHub issue:** https://github.com/WordPress/gutenberg/issues/10426 **Issue:** The featured image visually appears as drag and drop, however, it's just a button. Drag and drop does not work. **Motivation:** I personally find it confusing and when I raise the question to other WordPress users their feedback is the same. They assumed it was drag and drop but never tried it. **Suggestions:** Option 1. Update the UI (technically a roll back) to appear as a button or link. This would match the UI with the user experience. Option 2. Add drag and drop support. Since this is a part of Gutenberg, the necessary JavaScript / API for this function should already be there. " emaildano 6 47590 Add unit tests for requests to wp-cron.php needs-unit-tests Cron API normal normal Future Release defect (bug) new 2019-06-22T13:51:07Z 2019-06-30T22:07:49Z "1. Ensure scheduled events are rescheduled correctly 1. Ensure single events are removed from the cron array 1. Ensure future events are not changed. 1. Ensure `doing_cron` transient is deleted." peterwilsoncc 3 47593 A Role Setting is missing on Users page for Bulk Actions has-patch Users normal normal Awaiting Review defect (bug) new 2019-06-23T12:27:08Z 2020-06-30T08:10:06Z " On a User’s Edit Profile page it is possible to set the ROLE as “- No Role for this site -” On the Users page (list of all users) this is displayed as Role = None But the option is not available in the CHANGE ROLE selection for Bulk Actions. This is a useful feature and seems to have been missed. Ref:[https://wordpress.org/support/topic/wp-5-2-2-missing-feature/]" jim5471 1 47594 Add nbsp symbol codes to convert throught sanitize_title SergeyBiryukov* has-patch Formatting 5.3 normal minor Future Release enhancement accepted 2019-06-23T17:06:42Z 2021-10-28T21:01:12Z "Default filters needs to be supplemented nbsp codes such as {{{ [ '%e2%80%af', '%e2%80%87', '%e2%81%a0' ] }}} and {{{ [ ' ', ' ', ' ', ' ', '⁠', '⁠' ] }}} " hokku 22 47595 Re-evaluate whether comment form should still get the HTML5 novalidate attribute has-patch Comments 3.6 normal normal Future Release enhancement new 2019-06-24T08:15:42Z 2024-01-12T14:59:01Z "Given a theme that declares theme support for `html5` via: {{{#!php <?php add_theme_support( 'html5', array( 'comment-form' ) ); }}} The result is that not only are the HTML5 input types used (e.g. `email`) but the comment form itself also gets a `novalidate` attribute added to it. This prevents HTML5 client-side validation from being performed on comment form when submitting which was added due to [https://core.trac.wordpress.org/ticket/15080#comment:2 concerns] about browsers implementing validation in very different ways. Nevertheless, this concern was about browsers ''9 years ago'' so it would be worthwhile to see if this is still a problem. (The attribute was added in #15080 via r23689.) If `novalidate` remains important to keep there is a case for optionally allowing it to be removed in order to rely only on client-side validation only. The [https://wordpress.org/plugins/pwa/ PWA feature plugin] adds support for '''Offline Commenting'''. This works by having the service worker intercept the `POST` submission to `wp-comments-post.php`: it then makes the request, and if it fails fails due to the user being offline, the service worker will replay it later when the user comes back online via the [https://github.com/WICG/BackgroundSync BackgroundSync API]. However, if client-side validation was not performed then it is possible the user omitted a required field or provided a bad email address, so when they do come back online and the comment is synced, the server would then reject it and it would be more difficult for the user then to find out that their previously-posted comment actually failed. If no filter is available for removing the `novalidate` attribute, then it has to get removed via hacks like using JS or via PHP with output buffering. But again, is there still a case for adding the `novalidate` attribute in the first place? Is not client-side validation a ''better user experience'' (if browsers now are now consistent in validation)? For that matter, is there even a case for the `format` attribute and shouldn't HTML5 ''always'' be used?" westonruter 15 47605 Email sender name change with site title in wp-includes/pluggable.php has-patch Mail 2.2 normal normal Awaiting Review feature request new 2019-06-25T06:12:20Z 2020-01-03T10:00:08Z "A variable $from_name has default WordPress name as sender on line 316 in file name pluggable.php exist in wp-include folder. Where there is a line replacement with site name of WordPress website. The result will show in email with Site title of website in email of sender name." viitorcloudvc 6 47616 Enhancement: doing_shortcode() function similar to doing_filter() audrasjb* needs-unit-tests Shortcodes normal normal Future Release enhancement accepted 2019-06-27T12:42:53Z 2021-11-09T08:46:59Z "Currently there is no way to determine whether the current code is run from a shortcode callback. Similar to actions and filters it would be nice to have a `doing_shortcode()` function. My idea is to have an optional parameter for the shortcode tag. If the parameter is passed it will check if that exact shortcode is running. If no parameter is passed it will return true if any shortcode is running. Though I believe it's not officially supported, if shortcodes are triggered within shortcodes it would be best to keep an array of current shortcodes and only remove an active shortcode tag if the callback is finished." keraweb 17 47618 Email sent to blank address on email change for user with no previous email address Users normal minor Awaiting Review defect (bug) new 2019-06-27T14:24:25Z 2019-06-27T20:05:07Z "1. Install/active some email logger og logging functionality for outgoing emails 2. Import some content from other WP site 3. Let importer create a new username for some of that content, when prompted 4. Edit the newly created user and add an email address 5. Observe the email log: ""To:"" field is empty Expected: No email (attempted to be) sent when previous email is blank." knutsp 1 47619 i got error in /wp-includes/media.php Media normal normal Awaiting Review defect (bug) new 2019-06-28T06:17:58Z 2019-06-28T12:38:30Z in media php at line 3633 in $strings array you use objects without to check if this objects is exist... thanks! Asaf Azoulay 1 47623 Feeds: <lastBuildDate> has incorrect date has-patch Feeds 5.2.2 normal major Awaiting Review defect (bug) new 2019-06-29T00:39:32Z 2019-06-29T01:56:58Z "The feed shouldn't use only the 'post_modified_gmt' to define the lastBuildDate it does not always correspond to the date to be used. So, on the file wp-includes/feed.php Instead of {{{#!php <?php // Extract the post modified times from the posts. $modified_times = wp_list_pluck( $wp_query->posts, 'post_modified_gmt' ); }}} Should be {{{#!php <?php // Extract the post modified times from the posts. $modified_times = wp_list_pluck( $wp_query->posts, 'post_modified_gmt' ); $modified_times = array_merge( $modified_times, wp_list_pluck( $wp_query->posts, 'post_date_gmt' ) ); }}} this is causing the feed to not update the lastBuildDate when you schedule the post. " gustavogomes 1 47630 Multisite: Admin dashboard links are malfunctioning on mapped domain Networks and Sites 5.2.2 normal blocker Awaiting Review defect (bug) new 2019-06-30T07:03:31Z 2019-07-10T03:49:37Z "I realize this may not qualify as a Trac issue. However, I have already tried the wp support forums, and read multiple pages of the wp forums, codex, stack exchange, etc. No one has an explanation for what I'm seeing, nor even do I find a similar description of it anywhere. Bottom line: Domain mapping on admin dashboard is not working as expected. The default (un-mapped) dashboard link for any mapped domain takes me to the primary site's dashboard. The mapped domain dashboard link takes me to a login screen. Background: About 10 days ago, out of the blue, “something” failed miserably on my production site. The primary symptom was that sites with a mapped domain were in a redirect loop on the front end. I had not done any updates or made any changes to the site. There were other symptoms at first, seemed causative. In retrospect, they may have been resultant or coincidental. I can explain if it is of interest, but I am trying to keep this brief. I was using the WPMUDEV Domain Mapping plugin, and it had been in place since the development of the site 3 years ago. I got the site working again by reverting to standard built-in WP domain mapping. However, the admin toolbar was missing (not the issue I am reporting today) and links to the mapped domain dashboards were malfunctioning. In my research, I have learned that some people who were using the MU Domain Mapping plugin (a different domain mapping plugin than I was using) experienced very similar issues around the same time. They also reported missing toolbars and redirect loops. For troubleshooting purposes, I created an exact duplicate of my production site with a primary domain of dev.xxxxxxxxxx.org and a mapped domain of dev.yyyy.org I assumed that I could work through a plugin conflict test and find out the cause. But after stripping the site down to bare bones, I still have the same problem. I cannot say for sure that it is a bug -- it may very well be something with my site. But I simply do not know where else to turn at this point. I need advice from those who know domain mapping best and might be able to identify what the root cause of this problem is. You can see a screencast demonstrating the problem here: https://cl.ly/7eee36f3aa13 You can see screenshots of my folder structure and database entries here: http://bit.ly/2Jbm2fT Here are my site specs: - Multisite - WP 5.2.2 ( was on 5.1 with several out of date plugins when the original ""out of the blue"" problem happened and updated to 5.2.2 during troubleshooting) - AWS hosting - Apache/2.4.18 (Ubuntu) - PHP 7.0.33-0ubuntu0.16.04.5 - multisite is in the webroot - subdirectory multisite setup - All plugins, mu-plugins, and drop-in plugins are moved into temp folders. - All sites are set to Twenty-Nineteen theme. - Domain mapping (using wp in-built options) for two domains, mapped to two of the subsites - On the frontend, domain mapping works as expected. - In the dashboard, domain mapping is NOT working correctly. – it was originally set up with the WPMUDEV Domain Mapping plugin (which is now legacy b/c of domain mapping since wp 4.5) – auto updates disabled I expect: My Sites >> [Mapped Site] >> Dashboard - should take me to the dashboard for that site (not any other) - I should not need to login because I am already logged in as superadmin What happens: My Sites >> [Mapped Site] >> Dashboard - I am taken to a login screen and my superadmin login returns a ""wrong email or password"" error - If I manually change the URL to the non-mapped URL for the dashboard (primarydomain.com/zzzzz/wp-admin), I am immediately taken to the primary site's dashboard instead. There is no 301/302 redirect. There are no errors in the apache error log. There are no errors in the WP debug log. The browser console shows no errors. I have tested this by creating a new sub-site and mapping the domain there instead. When I do this, the newly created test site's dashboard is inaccessible, and I am taken to the primary domain's dashboard. Now I can get to the previously mapped domain's dashboard easily, via the My Sites menu. This is demonstrated in the screencast above. Relevant portions of wp-config: {{{ /* Multisite */ define( 'WP_ALLOW_MULTISITE', true ); define('MULTISITE', true); define('SUBDOMAIN_INSTALL', false); define('DOMAIN_CURRENT_SITE', 'dev.xxxxxxxxxx.org'); define('PATH_CURRENT_SITE', '/'); define('SITE_ID_CURRENT_SITE', 1); define('BLOG_ID_CURRENT_SITE', 1); // define('COOKIE_DOMAIN', ''); // define('COOKIE_DOMAIN', $_SERVER['HTTP_HOST']); // define('DOMAINMAPPING_ALLOWMULTI', true); // define('FORCE_SSL_ADMIN', true); /* these were recommended for fixing a redirect loop, but they are not helping now */ // define('ADMIN_COOKIE_PATH', '/'); // define('COOKIE_DOMAIN', ''); // define('COOKIEPATH', ''); // define('SITECOOKIEPATH', ''); /* baseline home and siteurl */ define( 'WP_HOME', 'https://dev.xxxxxxxxxx.org' ); define( 'WP_SITEURL', 'https://dev.xxxxxxxxxx.org' ); }}} Relevant portions of .htaccess: (Keep in mind this is a copy of my production site, which does not have dev. in front of the domain name. Since the problem exists in both places identically, and given the use of the domain in these functions, I do not think it is relevant. Please correct me if I am wrong.) {{{ # BEGIN HTTPS Redirection Plugin <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule> # END HTTPS Redirection Plugin # Stop spam attack logins and comments <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} .*/(wp-comments-post|wp-login)\.php.* [OR] RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$ [OR] RewriteCond %{REQUEST_URI} ^(.*)?log-in(.*)$ RewriteCond %{HTTP_REFERER} !.*xxxxxxxxxx.org.* [OR] RewriteCond %{HTTP_USER_AGENT} ^$ #RewriteRule (.*) http://%{REMOTE_ADDR}/$1 [R=301,L] RewriteRule ^(.*)$ - [F] #RewriteRule ^(.*)$ http://xxxxxxxxxx.org/misc/block.html [R=301,L] # BEGIN WordPress <IfModule mod_rewrite.c> RewriteRule ^index\.php$ - [L] # add a trailing slash to /wp-admin RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ - [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] RewriteRule . index.php [L] </IfModule> # END WordPress }}} I will be very grateful for any assistance you can provide in determining if there is something wrong with my site, or if this is a bug in WP. Thank you in advance! " kalico 1 47635 expand wp-config.php file with default settings reporter-feedback Bootstrap/Load 5.3 normal normal Awaiting Review feature request new 2019-07-02T10:50:10Z 2019-07-03T06:19:05Z "It would be very beneficial to add some settings into wp-config.php file like: define('WP_TIMEZONE', 'UTC'); define('WP_DATEFORMAT', 'F j, Y'); define('WP_TIMEFORMAT', 'g:i A'); define('WP_WEEKSTARTS', 'Monday'); so it should work the same way as WP_URL settings. In case of MU this still might apply to default blog. then consider (General,Writing,Reading,Discussion,Permalinks): WP_SITETITLE WP_TAGLINE WP_EMAIL WP_MEMBERSHIP WP_DEFAULT_ROLE etc... Hope there is no obligation like security or functionality breakdown for such request. " tradik 3 47637 Enhance excerpt_remove_blocks to handle more types of group blocks Posts, Post Types 5.2.2 normal normal Future Release defect (bug) reopened 2019-07-02T11:29:15Z 2021-11-22T07:21:00Z "The function excerpt_remove_blocks only considers top-level Blocks in an allowed list for the autogeneration of excerpts. However, since there is now a Group Block in Core (and a lot of self-developed Grouping Blocks out there), this can lead to autogenerated Excerpts being empty although there is plenty of content within the Post. I propose to add a new filterable ""group blocks"" array, which adds another level to be included in the autogeneration. Additionally, there should be a possibility to register a callback which can be used to generate a custom excerpt dynamically if needed for custom blocks. Change function excerpt_remove_blocks to this: {{{ function excerpt_remove_blocks($content){ $allowed_inner_blocks = array( // Classic blocks have their blockName set to null. null, 'core/freeform', 'core/heading', 'core/html', 'core/list', 'core/media-text', 'core/paragraph', 'core/preformatted', 'core/pullquote', 'core/quote', 'core/table', 'core/verse', ); $group_block_excerpt_functions = array( 'core/group' => 'parse_group_block_excerpt', ); $allowed_blocks = array_merge( $allowed_inner_blocks, array( 'core/columns' ) ); /** * Filters the list of blocks that can contribute to the excerpt. * * If a dynamic block is added to this list, it must not generate another * excerpt, as this will cause an infinite loop to occur. * * @since 4.4.0 * * @param array $allowed_blocks The list of allowed blocks. */ $allowed_blocks = apply_filters( 'excerpt_allowed_blocks', $allowed_blocks ); $group_blocks = apply_filters('excerpt_allowed_group_blocks',$group_block_excerpt_functions); $blocks = parse_blocks( $content ); $output = ''; foreach ( $blocks as $block ) { if(in_array($block['blockName'],$group_blocks,true)){ //We have a group Block with no extra excerpt function $output.= parse_group_block_excerpt($block,$allowed_inner_blocks); } elseif(in_array($block['blockName'],array_keys($group_blocks),true)){ //The Block registered a custom callback for autogenerating an Excerpt $output.=call_user_func($group_blocks[$block['blockName']],$block,$allowed_inner_blocks); } elseif( in_array( $block['blockName'], $allowed_blocks, true ) ) { if ( ! empty( $block['innerBlocks'] ) ) { if ( 'core/columns' === $block['blockName'] ) { $output .= _excerpt_render_inner_columns_blocks( $block, $allowed_inner_blocks ); continue; } // Skip the block if it has disallowed or nested inner blocks. foreach ( $block['innerBlocks'] as $inner_block ) { if ( ! in_array( $inner_block['blockName'], $allowed_inner_blocks, true ) || ! empty( $inner_block['innerBlocks'] ) ) { continue 2; } } } $output .= render_block( $block ); } } return $output; } }}} Add a function parse_group_block_excerpt {{{ function parse_group_block_excerpt($block,$allowed_blocks){ $output = """"; if(!empty($block['innerBlocks'])) { foreach($block['innerBlocks'] as $inner_block){ if('core/columns' === $inner_block['blockName']){ $output .= _excerpt_render_inner_columns_blocks( $inner_block, $allowed_inner_blocks ); continue; } // Skip the block if it has disallowed or nested inner blocks. foreach($inner_block['innerBlocks'] as $inner_inner_block){ if ( ! in_array( $inner_inner_block['blockName'], $allowed_inner_blocks, true ) || ! empty( $inner_inner_block['innerBlocks'] ) ){ continue 2; } } } } return $output; } }}} After that, a custom block can register itself as an group block just by using {{{ add_filter('excerpt_allowed_group_blocks','add_my_awesome_group_block_to_excerpt'); function add_my_awesome_group_block_to_excerpt($allowed_blocks=array()){ $allowed_blocks[] = 'my-awesome/groupblock'; return $allowed_blocks; } }}} or even by using a custom excerpt function for dynamic blocks by using {{{ add_filter('excerpt_allowed_group_blocks','add_my_awesome_group_block_to_excerpt'); function add_my_awesome_group_block_to_excerpt($allowed_blocks=array()){ $allowed_blocks['my-awesome/groupblock'] = 'my_awesome_group_block_custom_excerpt'; return $allowed_blocks; } }}} (I hope i did this right as this is my first ticket)" kuchenundkakao 16 47640 "WP_Posts_List_Table::get_views() doesn't allow the ""Mine"" counts to be filtered" has-patch Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-07-02T16:37:23Z 2021-05-08T18:51:27Z "[https://developer.wordpress.org/reference/classes/wp_posts_list_table/get_views/ WP_Posts_List_Table::get_views()] calls [https://developer.wordpress.org/reference/functions/wp_count_posts/ wp_count_posts()] to get the counts for the various post statuses. It then computes the count for posts owned by the current user for use in the ""Mine"" view. That computation uses `$this->user_posts_count` which is computed in [https://developer.wordpress.org/reference/classes/wp_posts_list_table/__construct/ WP_Posts_List_Table::__construct()] with custom SQL. The problem is that if you hook into the [https://developer.wordpress.org/reference/hooks/wp_count_posts/ wp_count_posts] filter and alter the counts for each post status you can end up with a situation where the ""Mine"" count is very different than the sum of the post status counts. For example, I've got a CPT where some (but not all) of the posts of that type are just ""placeholders"" for posts of another CPT. I hide those ""placeholder"" posts from the list table by hooking into [https://developer.wordpress.org/reference/hooks/request/ request] and altering the request that the list table uses. I then hook into `wp_count_posts` to adjust the counts by post status accordingly (e.g., don't count the ""hidden"" posts). This results in a situation that could be **very** confusing for users (see screenshot). Thus, I suggest that a filter be added to filter the value of `$this->user_posts_count`. " pbiron 1 47642 Order by comment count - posts list tables johnbillion has-patch Posts, Post Types normal normal Future Release defect (bug) reviewing 2019-07-02T23:20:20Z 2023-07-18T16:21:07Z "Results from posts list tables with enabled ordering by comment count are mixed (posts are missing and aren't unique). Pagination required. Links: wp-admin/edit.php?orderby=comment_count&order=asc wp-admin/edit.php?orderby=comment_count&order=asc&paged=2 No matter which post type. You need to set 'Number of items per page' in screen options in order to get a pagination. [[Image(https://i.imgur.com/HupwtnS.png)]] Set sorting by comment count in comments column. [[Image(https://i.imgur.com/zFDU7Oj.png)]] In lists of posts some of them are missing. Page number 1 and number 2 don't have unique posts. I was testing it for some cases: 30+ posts and 'posts_per_page' = 20 30+ posts and 'posts_per_page' = 10 250+ posts and 'posts_per_page' = 20 24 pages and 'posts_per_page' = 20 Results in all cases were wrong. The official queries are from wp-includes/class-wp-query.php (line: 2984) [https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-query.php#L2984], variable: $this->request. Below applied filter are generated ids for current posts. [[Image(https://i.imgur.com/tWevfpW.png)]] SQL queries from debugging (official queries): **Page number 1 (paged=1):** {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'future' OR wp_posts.post_status = 'draft' OR wp_posts.post_status = 'pending' OR wp_posts.post_status = 'private') ORDER BY wp_posts.comment_count ASC LIMIT 0, 20 }}} Result: [[Image(https://i.imgur.com/rFyTHjE.png)]] **Page number 1 (paged=2):** {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'future' OR wp_posts.post_status = 'draft' OR wp_posts.post_status = 'pending' OR wp_posts.post_status = 'private') ORDER BY wp_posts.comment_count ASC LIMIT 20, 20 }}} Result: [[Image(https://i.imgur.com/THMM1Ri.png)]] What's funny if I added **'wp_posts.post_title'** to query the problem is solved (unique posts): [[Image(https://i.imgur.com/nxn3tCy.png)]] [[Image(https://i.imgur.com/whvDFaI.png)]] I think that problem is actually in the database queries/ settings what's caused the bad output in admin's panel. For other sorting like title or date this problem doesn't occur. " alektabor 49 47650 Add hooks to installed themes screen to allow control and customization has-patch Administration 5.3 normal normal Awaiting Review enhancement new 2019-07-04T16:09:58Z 2019-07-23T10:10:15Z "Add the following hooks to themes screen to allow customization. - Add filter `current_theme_actions` to allow manipulation of the current theme action buttons array. - Add action hook `after_active_theme_actions` to allow customized buttons after active themes action buttons. - Add action hook `after_inactive_theme_actions` to allow customized buttons after inactive themes action buttons. - Add action hook `after_theme_actions` to allow customization after all themes action buttons. - Add action hook `after-theme-info` to allow adding customized theme info. " pedromendonca 1 47651 Provide required PHP version for plugins with minimum PHP requirement dev-feedback Site Health 5.2 normal normal Awaiting Review enhancement new 2019-07-04T16:13:52Z 2021-06-15T16:51:58Z "Hello, When a plugin has an update but the update bumps the minimum required PHP version to a version higher than the server's current setup it would be very helpful to provide that information in the messaging. I had to go to the plugin page to find it's minimum required PHP version. Current messaging; `This update doesn't work with your version of PHP. Learn more about updating PHP.` Would be nice to have something like; `This update requires a minimum of PHP 7.2 which is higher than your version of PHP. Learn more about updating PHP.` OR a simpler and shorter version `This update requires a minimum of PHP 7.2. Learn more about updating PHP.` Appreciate any thoughts" garrett-eclipse 29 47652 wp_dashboard_right_now() emits debug notices on unregistered core post types Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-07-04T20:31:23Z 2019-07-05T02:26:47Z "When you unregister a core 'post' or 'page' post type (I know... I know...) if they have posts in the database, the dashboard ""Right Now"" widget will output a debug notice for each unregistered type: {{{ Undefined property: stdClass::$publish; wp-admin/includes/dashboard.php:270 }}} This is because the code inside of `wp_dashboard_right_now()` always expects a `WP_Post_Status` object as the return type of each `wp_count_posts()` key, however a `stdClass` return type is also possible when no registered type or status is currently registered at the time the widget is rendered. ---- Unregistering ""built in"" post types is normally considered to ""void the warranty"" and the `unregister_post_type()` function explicitly throws an error when you try, but the patch I'm about to attach is a small and bit of code hardening that prevents filling debug logs for those of us that frequently work with out-of-warranty installation types." johnjamesjacoby 4 47653 Site Health plugin security check dev-feedback Site Health 5.2 normal normal Awaiting Review enhancement new 2019-07-05T04:28:58Z 2021-09-07T17:01:22Z "Having inactive plugins is not necessarily a bad thing. It is if they're up to date, if they haven't had an update in a few months or if they're untested with the current version of WordPress core. Also, when there are outstanding updates and inactive plugins, the main notice (H4, visible while collapsed) should be about the updates, not the inactive plugins." galbaras 4 47657 Menu: In wp_link_pages() function add new args to wrap a tag dev-feedback Menus normal normal Awaiting Review feature request new 2019-07-06T00:33:05Z 2019-07-08T06:54:27Z "In the function `wp_link_pages()` the `$args` `link_before` and `link_after` are confusing for me. IMHO `link_before` should be before link. Because `pagelink` is for wrapping the text inside the link: `'pagelink' => '<span class=""test"">%</span>'` for example will be ’<a href=""…"" class=""…""><span class=""test"">3</span></a>’. But you can do the same thing with `'link_before' => '<span class=""test"">', 'link_after' => '</span>'`. If there are new `$args` params, `link_wrap_before` for example, would be much easier to create a bootstrap pagination for example. `$args = [ 'link_wrap_before' => '<li class=""list-item"">', 'link_wrap_after' => '</li>']` should output: `<li class=""list-item""><a href=""…"">…</a></li>`" sandrowuermli 1 47669 Content UI ISSUE:'Was' helping verbs looks wrong in plugin tab. reporter-feedback Plugins 5.2.2 normal minor Awaiting Review defect (bug) new 2019-07-09T13:29:13Z 2019-07-10T09:43:36Z "**Content UI ISSUE:** 'Was' helping verbs looks wrong in plugin tab. removed helping verbs 'was' from validation alert comes after deleted the plugin **Snapshot:** https://www.screencast.com/t/ZIzFEqsgh Video URL: https://www.screencast.com/t/0O2l59eXosj " jadhavravindra 2 47670 RSS widget creates an accessibility problem when used more than once audrasjb dev-feedback Widgets normal normal Future Release defect (bug) reviewing 2019-07-09T18:49:02Z 2021-11-12T17:46:02Z "Please consider the following patch to improve accessibility. Accessibility guidelines in WCAG's standard 2.4.4 Link Purpose requires that link text should provide a purpose or context for the link. In the RSS widget, the link text for the link to the RSS feed itself is an image of the RSS icon; its alt text is ""RSS"" which programmatically determines the link text. This passes the referenced standard. A problem occurs when multiple instances of the RSS widget are used. There are then multiple links with link text ""RSS"", each of which lead to different URLs. The text ""RSS"" then does not provide enough context for visitors to know what each ""RSS"" link leads to. The solution is the make each RSS link text unique to each feed's title, thus providing the necessary context. Simply prepending the title of the widget instance adds the necessary context to the link text without using any additional words which could has i18n issues. In class-wp-widget-rss.php (lines 89-91 in 5.2.2): From: {{{#!php <?php // lines 89-91 in wp-includes/widgets/class-wp-widget-rss.php (WP 5.2.2) if ( $title ) { $title = '<a class=""rsswidget"" href=""' . esc_url( $url ) . '""><img class=""rss-widget-icon"" style=""border:0"" width=""14"" height=""14"" src=""' . esc_url( $icon ) . '"" alt=""RSS"" /></a> <a class=""rsswidget"" href=""' . esc_url( $link ) . '"">' . esc_html( $title ) . '</a>'; } }}} To: {{{#!php <?php if ( $title ) { $title = '<a class=""rsswidget"" href=""' . esc_url( $url ) . '""><img class=""rss-widget-icon"" style=""border:0"" width=""14"" height=""14"" src=""' . esc_url( $icon ) . '"" alt=""' . esc_html( $title ) . ' RSS"" /></a> <a class=""rsswidget"" href=""' . esc_url( $link ) . '"">' . esc_html( $title ) . '</a>'; } }}} No harm is done when only a single instance of the RSS widget is used because the RSS link text is simply more explicit." tpaw 23 47674 Users forbidden to confirm email changes Users 5.2.2 normal normal Awaiting Review defect (bug) new 2019-07-10T16:15:54Z 2019-07-10T17:05:55Z This is the same problem as #38451, and I believe the solution is similar, except that it has to be done in wp-includes/user.php jean-gui 47675 No way to select Standard post format in Formats filter Post Formats 5.2 normal normal Awaiting Review defect (bug) new 2019-07-10T17:04:09Z 2019-07-10T17:04:09Z "Background: #35497, #46591, #47359. [45136] removed post format icons from the posts list table. For some users, as noted in comment:52:ticket:35497, these icons were a convenient way to quickly distinguish posts with a format from standard posts. Use case: when most of the posts have a non-standard format, you'd like check if there are any posts where you accidentally forgot to assign a format. Even with the new Formats filter introduced in [44961], that's no longer possible, as it does not have a Standard option. This seems a bit inconsistent with the Categories filter, where you can filter by Uncategorized. Brought up by @dimalash on support forums." SergeyBiryukov 47676 Add support for If-Unmodified-Since header to make a conditional request when updating posts via REST API (for offline and collaborative editing) has-patch Editor 4.7 normal normal Future Release defect (bug) new 2019-07-11T00:52:43Z 2019-07-18T18:44:50Z "In order to guard against accidentally overwriting someone else's changes when updating a post via the REST API, there should be support added for [https://tools.ietf.org/html/rfc7232 Conditional Requests]. If a post update request includes an [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Unmodified-Since If-Modified-Since] header and the supplied date is ''before'' the post's `post_modified_gmt` then the request should fail with a [https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/412 412 Precondition Failed] response, with no change to the post being made. It seems generally useful to include this `If-Unmodified-Since` header when making requests to update posts in the editor as additional protection on top of post locking. Additionally, this header will be important when adding support for [https://github.com/WordPress/gutenberg/issues/6322 offline editing], in particular when a [https://developers.google.com/web/fundamentals/primers/service-workers/ service worker] (see [https://github.com/xwp/pwa-wp PWA feature plugin]) is sending queued REST API requests which were made while the user was offline (via [https://developers.google.com/web/updates/2015/12/background-sync background sync]). Since it could be several hours or days between when a post was edited and the user goes back online, there needs to be protection against overwriting the post on the server if it has been modified in the mean time. When the service worker uses background sync to re-send the request and it fails with a 412 Precondition Failed response, this would then be a signal for the service worker to re-submit the changes as an autosave revision which could then be shown to the user via some conflict resolution UI the next time they access the editor. As such, this is also important for the '''collaborative editing''' in a future phase. See also comments at https://github.com/WordPress/gutenberg/issues/6322#issuecomment-410578818" westonruter 3 47682 "The links ""hover"" color has insufficient color contrast" joedolson* Administration normal normal 6.6 task (blessed) accepted 2019-07-11T12:32:43Z 2024-02-06T15:50:53Z "Supersedes #35622 and #47157. During the contributor day at WCEU 2019, it was proposed to merge #35622 and #47157. They're strictly related and the root issue needs to be tackled holistically across the whole WordPress admin. == Problem Default links (and ""button-links"") in WordPress are blue. The ones for destructive actions are red. Generally, the default colors for their normal state do have a sufficient color contrast ratio of 4.5:1 with the background. However, the colors used for the ""hover"" (and ""active"") state don't. == Relevant standard W3C Web Content Accessibility Guidelines (WCAG) [https://www.w3.org/TR/WCAG21/#contrast-minimum 1.4.3 Contrast (Minimum) (Level AA)] == Details #35622 dived into the red links issue and after some exploration it became clear that finding a color **pair** (one color for the normal state and one for the hover/active state) that always works across the admin, is nearly impossible given the several, different, background colors used in the admin pages. Part of the problem is that the hover color is ""lighter"" than the default one. Worth noting the color used for the ""focus"" state is darker instead. More importantly, there are several different background colors, including [https://core.trac.wordpress.org/ticket/35783 an arguable amount of grey shades]. Trying to summarise the reason why #35622 didn't progress: - darkening the ""hover"" red forced to darken also the default red - once a new color pair was identified, it worked well on ''some'' backgrounds - however, it didn't work on other darker backgrounds - started from scratch and further darkened the color pair - it worked on more backgrounds - found edge cases - darkened the color pair again - at some point the normal red was so dark to look almost ""brownish"" - failure The same problem applies to the blue links, as reported in the WPCampus accessibility report. See #47157. == Some examples **The ""hover"" blue `#00a0d2`:** 3.02 contrast ratio on white background 2.67 contrast ratio on the admin default grey background `#f1f1f1` 2.87 contrast ratio on the tables zebra-stripe grey `#f9f9f9` **The ""hover"" red `#dc3232`:** 4.62 contrast ratio on white background (which is OK) 4:39 contrast ratio on the tables zebra-stripe grey `#f9f9f9` 4.09 contrast ratio on the default grey `#f1f1f1` 4.16 contrast ratio on media views grey `#f3f3f3` 3.98 contrast ratio on customizer grey `#eee` Note: these are just a few examples. There are more background colors to take into consideration and also edge cases, e.g. the yellow background for unapproved comments. == Some screenshots [[Image(http://cldup.com/q5MYm6DKL1.png)]] [[Image(http://cldup.com/rawfy7Eth9.png)]] [[Image(http://cldup.com/IoW1cBF-Pl.png)]] [[Image(http://cldup.com/PGDfF4zXTZ.png)]] [[Image(http://cldup.com/PMx2qmF8zQ.png)]] [[Image(http://cldup.com/Kgp8htI4g5.png)]] [[Image(http://cldup.com/vdAtUeFEyZ.png)]] == Questions and possible options - Does the hover state needs to be communicated with a color change in the first place? - If so, does the hover color needs to be ""lighter""? Using the darker color already used for the ""focus"" state may help. Generally, the color used for the hover state shouldn't be ""lighter"", as that reduces contrast right in the moment when users need it the most. - Are there better ways other than a color change? For example: toggling the link underline, or using a border, or an additional shape, would allow to use just one color and greatly simplify things. == Background colors Background colors are an important part of this problem. I do realise design considerations led to use different background colors in different parts of the WordPress admin. For example, the media views and the customizer made some autonomous design choices for their background colors. There are historical reasons for that. However, this led over time to a great inconsistency across the admin. For the greater good of maintenance, consistency, and simplification, I'd strongly suggest to start by exploring a way to drastically standardise the shades of grey used as background in WordPress. Ideally, there shouldn't be more than 3-4 shades of ""light"" grey used for the background. Some work in this regard was done in #35783 but there's still a lot of work to be done. == Note on accessibility standards for links According to [https://make.wordpress.org/core/handbook/best-practices/coding-standards/accessibility-coding-standards/#links-underline-or-no-underline the WordPress accessibility coding standards]: > When links can be identified as such by the context, for example because they're part of a menu, or a set of links clearly identified as user interface controls, they don't necessarily need to be underlined. In all the other cases, especially for links surrounded by other text (in a line or block of text), links need to be always underlined. " afercia 39 47686 Always flush rewrite rules when active plugins changes & on plugin upgrades Rewrite Rules normal normal Awaiting Review defect (bug) new 2019-07-11T21:02:29Z 2021-12-18T14:09:24Z "I think it's odd that plugins each need to roll their own rewrite rule flushing. It's definitely nice to have the freedom to decide when it's necessary, but it is inconvenient as a developer to reinvent a new way with every new plugin whenever a rule needs to be changed. It's also inconvenient to users when a plugin forgets to flush rules, or when a developer is unaware that it is their responsibility to flush their own rules. I'm proposing here that WordPress core could improve the lives of both developers and users by automatically flushing rewrite rules every time a plugin is activated, deactivated, or updated. For context, `flush_rewrite_rules()` is already called inside of `check_theme_switched()` which in hooked to `init` and always flushes rewrite rules when a new theme is activated, and I'm suggesting we consider doing this for plugins too." johnjamesjacoby 8 47690 remove_submenu_page() doesn't remove corresponding entry from $_wp_submenu_nopriv johnbillion dev-feedback Administration normal normal Future Release defect (bug) reviewing 2019-07-12T10:41:09Z 2020-04-13T10:43:50Z "It can sometimes be desirable to give access to a submenu to a user that wouldn't normally have access to it. Calling `remove_submenu_page()` and then calling `add_submenu_page()` to re-register the screen with a different user capability doesn't work completely because the entry that gets added to the `$_wp_submenu_nopriv` global by `add_submenu_page()` doesn't get removed by `remove_submenu_page()`. This means the menu item appears but access to the screen is denied when `user_can_access_admin_page()` is called, resulting in a `Sorry, you are not allowed to access this page` error. " johnbillion 4 47692 Optgroup in Customizer Select Control has-patch Customize 3.4 normal normal Future Release enhancement new 2019-07-13T07:11:07Z 2020-07-27T02:09:14Z Optgroup add in Customizer Select Control chintan1896 27 47694 Adding a filter for $searchand variable Query normal normal Awaiting Review enhancement new 2019-07-13T11:38:03Z 2019-07-13T11:55:05Z "Hi, I wish to know if we can add a filter to the $searchand variable in parse_search method to give the developer the option to modify the logic to OR instead of AND. I believe it will help a lot as it happens in some websites where people search for many words will not be accurate. In these cases OR may be better." bebro 47700 My Sites text is confusing Networks and Sites 5.3 normal normal Awaiting Review enhancement new 2019-07-14T17:12:00Z 2019-07-19T00:51:30Z "To me the ""My Sites"" wording indicates I own the lists of sites shown. This isn't the case. I just need to be able to ""read"" a site for it to be shown in the ""My Sites"" list" henry.wright 9 47713 image_get_intermediate_size does not return size if it equals original size SergeyBiryukov needs-unit-tests Media 5.2.2 normal major Future Release defect (bug) reviewing 2019-07-16T12:44:11Z 2020-09-10T14:45:20Z "Function `image_get_intermediate_size` does not return size if it equal original size. 1. WordPress itself doesn't generate `sizes` metadata item for size equal original image size. 2. `image_get_intermediate_size` looks throught `sizes` metadata and doesn't see necessary size. 3. It doesn't check original image size. More details here: https://github.com/Yoast/wordpress-seo/issues/10863" mahnunchik 13 47719 "Consistency issue with `include` parameter set to ""0"" in `WP_Term_Query`" SergeyBiryukov dev-feedback Query normal normal Future Release defect (bug) reviewing 2019-07-17T09:10:48Z 2021-02-17T07:24:39Z "There is a consistency issue with `include` parameter when used in `WP_Term_query`. If `include` is set to/contains `[0]`, the query returns all terms. This is not consistent with other query classes, like `WP_query` (using corresponding `post_in` parameter) and even more like `WP_User_query` (using the same `include` parameter). Those doesn't return any result. See reproductible examples below: **WP_Query** {{{#!php $args = array( 'post_type' => 'post', 'post__in' => [0], ); $wp_query = new WP_Query( $args ); if ( $wp_query->have_posts() ) : while ( $wp_query->have_posts() ) : $wp_query->the_post(); echo $post->ID; endwhile; endif; }}} `=> returns no post` **WP_user_query** {{{#!php $args = array( 'role' => '', 'include' => [0], ); $wp_user_query = new WP_User_Query( $args ); $users = $wp_user_query->get_results(); if ( ! empty( $users ) ) : foreach ( $users as $user ) : echo $user->ID; endforeach; endif; }}} `=> returns no user` **WP_Term_Query** {{{#!php $args = array( 'taxonomy' => 'category', 'include' => [0], ); $wp_term_query = new WP_Term_query( $args ); if ( ! empty( $wp_term_query->terms ) ) : foreach ( $wp_term_query->terms as $term ) : echo $term->term_id; endforeach; endif; }}} `=> returns all terms` Credits @loicblascos for the initial bug report." audrasjb 9 47726 Uploading new media to existing posts/pages backdates file location dev-feedback Media 2.7 normal normal Future Release enhancement reopened 2019-07-17T18:13:57Z 2022-05-23T18:29:08Z "This is a follow-up to #10752. Hello, I just want to know, who thought this was a great idea? This causes so many media managing problems.. Why can't we just simply get to the July folder to get our images uploaded in July? And about the [41964] : Good fix and at the same time it's bad, it only fixes it for pages! And it's not like pages are that different from posts or custom posts, they can serve the same purpose, so why would it be different? Hoping to get a fix soon!" gaelgwp 6 47730 Function plugins_api is not triggered for non wp-marketplace plugins dev-feedback Plugins 5.2.2 normal normal Awaiting Review defect (bug) new 2019-07-18T07:32:17Z 2019-08-23T07:28:43Z "I currently try to setup a private-hosted repository for my own plugins / themes and tried to do that with the filter hooks in the plugin-install.php file - the documentation of it indicates that this should be possible, even on the latest version (5.2.2). I activated my own plugin on my bedrock (https://roots.io/bedrock/) setup and following the tutorial https://rudrastyh.com/wordpress/self-hosted-plugin-update.html#comments i tried to implement the update mechanism. I think while doing that i stumbled upon a bug that causes wordpress to not trigger the plugins_api method at all - i can hook into the ""site_transient_update_plugins"" filter to display the update-badge next to the plugins navbar item but the update text / button and show-details button for my plugins wont show up." marthm 2 47732 Change user email link Users 5.2.2 normal normal Awaiting Review defect (bug) new 2019-07-18T13:33:17Z 2019-08-30T11:23:08Z "If you are not logged in, Email doesn't change when you click on confirm link in the email. Steps to reproduce: 1. From Users > profile add new email address 2. Log out of your wp-admin 3. Open the received email and click on the link to confirm the change 4. wp-admin asks for login, you input your username/password and click login the email address is not changed. Another example, where I used 2 devices (mobile and pc): 1. From Users > profile add new email address 2. Switch to another device/browser where you are not logged into your site 2. Open the received email and click on the link to confirm the change 3. wp-admin asks for login, you input your username/password and click login the email address is not changed. I figured out that clicking the confirm link again while logged in does in fact change the email address. Which might be a security feature that checks if the user that is trying to change email address is logged in, but shouldn't this work also after the user logs in?" stefanpejcic 1 47733 Undefined index HTTP_HOST in wp-includes/ms-settings.php on line 57 SergeyBiryukov dev-feedback Bootstrap/Load 5.2.2 normal minor Future Release defect (bug) reviewing 2019-07-18T17:10:16Z 2024-02-21T14:31:47Z "We get requests on our server of the form {{{ 175.143.12.??? - - [30/Jun/2019:10:22:45 +0200] ""GET / HTTP/1.0"" 500 73873 ""-"" ""-"" (dinse.eu) }}} This request uses HTTP/1.0 and results in a status code 500. The related entry in the PHP error log is {{{ [30-Jun-2019 08:22:45 UTC] PHP Notice: Undefined index: HTTP_HOST in /usr/www/xxxx/wp-includes/ms-settings.php on line 57 }}} 1. In ms-settings.php on line 57 it is not checked if {{{ $_SERVER['HTTP_HOST'] }}} is set. 2. Also I've found that in the case of this specific request {{{ $_SERVER['SERVER_NAME'] }}} is defined and not empty and can be used as a replacement. My suggestion is to first check if {{{ $_SERVER['HTTP_HOST'] }}} is set else check if {{{ $_SERVER['SERVER_NAME'] }}} is set and if both are not set to implement a graceful error handling. This may be related to #34353. WP 5.2.2 PHP 5.6.40 Server: Apache/2.4.25 (Debian) WP_DEBUG = true " JochenT 9 47735 Separate sites I have created and sites I have joined in a network install Networks and Sites normal normal Awaiting Review enhancement new 2019-07-18T21:31:53Z 2019-07-19T00:51:13Z "In a network install there doesn't seem to be a way to separate ""My Sites"". For example, ""My Sites"" in wp-admin/my-sites.php includes both sites I have created and sites I have joined. As a user I would like to see the sites I have created and manage in a different area to the sites I have joined. " henry.wright 1 47742 sorting by date incorrect Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-07-19T17:36:02Z 2019-07-20T20:34:46Z Sorting pages by date should be doing date modified. It seems to be going off another date, possibly date published. lamaan 2 47743 autosave locks db and is slow Autosave normal normal Awaiting Review defect (bug) new 2019-07-20T18:00:47Z 2019-07-20T18:32:35Z "If I have 2 tabs open editing pages, they have apparently got synchronised autosaves. These seem to compete for the db connection resulting in delays and occasional failures to autosave. As a suggested way to fix this, you should consider only autosave queuing in the server side. Another annoyance in autosave is that it prevents a normal save. If autosave is in progress I should be able to queue up a proper save to happen immediately after the autosave. " lamaan 47744 WordPress default galleries do not display properly on Safari 10.1 and possibly other older browsers Gallery 5.2.2 normal minor Awaiting Review defect (bug) new 2019-07-20T20:48:07Z 2019-07-25T21:38:27Z "The following thread details the problem: [https://stackoverflow.com/questions/33636796/chrome-safari-not-filling-100-height-of-flex-parent] Images are nested inside a flex container. The child elements have a height of 100% which does not work on these older browsers such as Safari 10.1. This is because the parent element does not have a set height. So the child element doesn't know what 100% height is. The correct way to do it is to remove the 100% height from everything and use flex throughout the elements. {{{ .wp-block-gallery .blocks-gallery-image, .wp-block-gallery .blocks-gallery-item { flex-direction: row; } .wp-block-gallery .blocks-gallery-image figure, .wp-block-gallery .blocks-gallery-item figure { height: auto; align-items: stretch; } .wp-block-gallery.is-cropped .blocks-gallery-image a, .wp-block-gallery.is-cropped .blocks-gallery-image img, .wp-block-gallery.is-cropped .blocks-gallery-item a, .wp-block-gallery.is-cropped .blocks-gallery-item img { height: auto; display: flex; } .wp-block-gallery .blocks-gallery-image figcaption, .wp-block-gallery .blocks-gallery-item figcaption { left: 0; } }}} The above CSS fixes the issue and should replace the current CSS. " billybidley 1 47752 Fix upload of .srt files dev-feedback Upload 5.0.1 normal normal Future Release defect (bug) new 2019-07-22T08:19:27Z 2019-09-22T21:49:24Z "See #45615, #45622, [44438], [44439], and [44443]. Files with `.srt` extension are meant for video subtitles (captions), much like `.vtt` files. After the changes to make the mime type check stricter in WordPress 5.0.1 (backported to 4.9.9, etc.), uploading `.srt` files can fail because of mismatched MIME type check. Actually, `.vtt` can be served as `text/plain` depending on the server configuration. Before WordPress 5.0.2, `.srt` files could be uploaded without issues. For example, on a standard VVV install, the upload fails. Test file from the `mediaelement-files` GitHub repo: https://github.com/mediaelement/mediaelement-files/blob/master/mediaelement.srt " afercia 11 47755 Permalink in RTL version not correct Permalinks normal normal Future Release defect (bug) new 2019-07-22T23:23:47Z 2023-07-06T00:14:44Z "I have notice many problem with permalink in version RTL: 1- for example : https://www.byarabic.com/category/دروس/تعلم-السياقة/ تعلم-السياقة = child دروس = parent in LTR this is how it was : `http://www.example.com/category/parent/child` but in RTL it display like this : `http://www.example.com/category/child/parent` so the correct direction is `http://www.example.com/category/parent/child` all url must be in LTR direction even if it in arabic letter. so the correct direction for my permalink must be like this : https://www.byarabic.com/category/تعلم-السياقة/دروس *if you have an arabic support please let him to write the link manual and you will see the first word after ""category"" will write like this : category/دروس/ but the second word in arabic after category/دروس will write like this : category/دروس/تعلم-السياقة this is a problem , because the second word in arabic must be the last word in url , like this category/تعلم-السياقة/دروس 2- setting -> permalink : the input field it appear behind text : https://prnt.sc/oi7t8x the correct way to show input field it like version LTR, like this : https://prnt.sc/oi7u63 3- also the same problem in article ''(block editor)'' : — first about the title of the post it show like this https://prnt.sc/oi7v2a but the correct way is like this : https://prnt.sc/oi7w42 — other place show wrong direction of permalink, like this : https://prnt.sc/oi7wjy 4- about decode url: if I copy an arabic permalink from browser and I past it in other place like here it will display some symbols like `%%%%%` : example of my permalink : `https://www.byarabic.com/category/%d8%af%d8%b1%d9%88%d8%b3/%d8%aa%d8%b9%d9%84%d9%85-%d8%a7%d9%84%d8%b3%d9%8a%d8%a7%d9%82%d8%a9/` so I have to decode link to fix the problem and then I can send it to my friend I use this website to decode it : https://www.url-encode-decode.com/" rachid84 17 47765 Email from improved fatal error protection Site Health 5.3 normal minor Awaiting Review enhancement new 2019-07-23T13:17:10Z 2019-12-05T09:53:21Z "Hi WordPress team! Your new feature about fatal error protection is really great! But I can see one thing that doesn't look good to me. In the email sent to the administrator of the site, you tell to the user to contact his/her hoster. In reality, a hoster won't intervene on the site/application of his customers and they won't understand why they don't receive any help whereas WordPress told them to contact their hoster. Furthermore, there are no more logs in php error.log file, which is more often the only one accessible to the hoster. Maybe it would be better to add some links to ""good practices"" for debugging, or to the WordPress community. Whet do you think? xakan, a hosting support guy" xakan 4 47781 Site Health: mark installed default themes Site Health 5.2 normal normal Awaiting Review enhancement new 2019-07-26T13:37:30Z 2019-11-21T10:28:31Z In the list of installed themes, it would be good to somehow indicate which of the installed themes that are default themes (and therefore could be good to leave installed). tobifjellner 1 47788 send_headers hook does not work in wp-login or wp-admin dev-feedback Administration 5.2.2 normal normal Awaiting Review defect (bug) new 2019-07-28T10:18:17Z 2019-10-20T11:56:12Z "Assume that I want to start using CSP (Content Security Policy) on my website. I add this to my theme's functions.php: {{{#!php <?php add_action('send_headers', 'set_CSP_header'); function set_CSP_header() { $CSP = ""Content-Security-Policy: default-src 'self';""; header($CSP); } }}} You would assume that this would add the CSP everywhere on the website, but that is not so. This does NOT add the CSP header to wp-login or wp-admin. Instead website admins have to use the 'login_init' and 'admin_init' hooks in addition to 'send_headers', to get CSP everywhere on the website. This is unintuitive and seems like a bug to me." kysymysteke 1 47789 "NGINX: Request for media-view.js leads to ""zero size buf in writer""" Script Loader normal normal Awaiting Review defect (bug) new 2019-07-28T13:14:52Z 2019-10-20T11:56:28Z "I do currently have an issue loading the media-view.js file in backend, which leads to multiple js errors on pages or media grid. Checking the logs show an ""zero size buf in writer"" error for these requests. The error occurs even on deactivated plugins and default theme. So I tried to debug this down. I am running multiple WordPress sites locally over NGINX (laravel) in development mode, where SCRIPT_DEBUG is true; so it tries to load the unminidfied version of the file. Replacing it´s content with the minified version solves the bug. I do currently not know, what causes the empty buffer." d.sturm 4 47794 EuGH ruling - opt-in obligation for cookies and social media Privacy 4.9.6 normal normal Future Release enhancement new 2019-07-29T12:24:25Z 2019-12-17T06:59:50Z "Hi. I have a very important question. The European Court of Justice has ruled that websites are now responsible for all internal and external cookies or affiliations (social media). My question is whether WordPress now incorporates a management of cookies, making it easier for both WordPressadmin and website visitors to individually allow or block each cookie. I think it will be very important that this feature comes from WordPress itself. Otherwise, every plugin will eventually have its own function, which makes WordPress just more vulnerable and bigger. It would be best if WordPress asks each plugin developer which cookies are collected and the system WordPress can then recognize and manage. In the privacy policy you can then write an explanation for each cookie or function and also insert a shortcut via shortcode. That would be the best and easiest way. Then a cookie-consents and actually everything should be done. In addition, it also comes that an attractive core element ""Embed function"" comes directly from Wordpress. And for that you need an opt-in now. This embed function must be deactivated until the visitor has specified that he wants to see it. It would be good if the first time a window is loaded, that the user has not yet allowed the display of this embed and that he can do it now in the privacy policy or in the Consents window. It seems very important that people react very quickly. The use of such functions is now illegal after this judgment. Quelle: https://datenschutz-generator.de/eugh-urteil-like-button-cookie-opt-in-abmahnbarkeit/ (german) https://translate.google.de/translate?hl=de&tab=wT&authuser=0&sl=de&tl=en&u=https%3A%2F%2Fdatenschutz-generator.de%2Feugh-urteil-like-button-cookie-opt-in-abmahnbarkeit%2F (English Google translate)" DjPD 5 47802 WP_Query get_posts sometimes inserts contradictory taxonomy queries Query normal normal Awaiting Review defect (bug) new 2019-07-30T18:15:54Z 2020-09-04T15:17:24Z "In our website, we have a custom taxonomy called 'section.' It figures prominently in a query we're doing. Here's a (lightly anonymized) dump of the array we pass to the WP_Query constructor, before calling get_posts() on the query created: {{{ [posts_per_page] => 25 [post_type] => post [tax_query] => Array ( [0] => Array ( [operator] => IN [taxonomy] => section [field] => slug [terms] => Array ( [0] => section1 [1] => section2 [2] => section3 [3] => section4 ) ) [1] => Array ( [operator] => NOT IN [taxonomy] => section [field] => slug [terms] => Array ( [0] => section5 ) ) [relation] => AND ) [orderby] => post_date [order] => DESC }}} We had a problem where many posts that should be returned here, are not. After much digging, I found the problem in get_posts. specifically in the segment of code commented: {{{ /* * Set 'taxonomy', 'term', and 'term_id' to the * first taxonomy other than 'post_tag' or 'category'. */ }}} It's true, the code is doing just that. It's adding a taxonomy parameter. But it's picking up one of the sections that is supposed to be one of several possibilities the section can be IN, not required. It then makes that one single section required in an appended AND! Sample (again, lightly anonymized) SQL segment of the obviously self-contradictory conditions created (where 1001-1005 are the IDs corresponding to sections 1-5) {{{ wp_term_relationships.term_taxonomy_id IN (1001, 1002, 1003, 1004) AND wp_posts.ID NOT IN ( SELECT object_id FROM wp_term_relationships WHERE term_taxonomy_id IN (1005) ) AND tt1.term_taxonomy_id IN (1001) ) }}} That third clause, the final IN (1001) is being added by get_posts in the above-commented section. That's why we only get a fraction of the posts we're supposed to get. It's effectively overriding most of our IN list! I can work around this by prepending to my tax_query an effective no-op using some custom taxonomy, but this seems like a problem that should be addressed in the WP core. thank you," nstevensdc 1 47813 permalinks broken when article name is numeric(if the post id above 1000) reporter-feedback Permalinks 5.2.2 normal normal Awaiting Review defect (bug) new 2019-07-31T20:17:19Z 2019-08-01T01:32:07Z "This is a follow-up to #5305. The problem on ticket #5305 stil happens if the post have the id above 1000 Steps to reproduce: Create a post without title(it shout have the id above 1000) Change the permalink structure to post name (/%postname%/) Click on the post permalink and try view it it sends back to the archive page of the post_type instead of the single page of the post " guigmonteiro 1 47816 Shortcodes being run in editor when gutenberg is active Editor 6.1 normal normal Awaiting Review defect (bug) new 2019-08-01T21:35:38Z 2022-11-12T09:25:04Z "Hello, We have a shortcode that makes an API call to a remote site. We noticed that it was making calls when we were editing pages on our website, even if the shortcode was not loaded on that page. This does not happen when gutenberg is disabled. I made up a test shortcode that appends to a file in the uploads directory. I added it to a test page. It ran when I opened the editor view of the page. It ran when I saved the page. It ran when I viewed the page, which is the only time it should run. I can see when it runs because it writes to my file. Even more surprising is that the shortcode ran when I edited a different page, a page without the shortcode. We have good reason to believe that the pages API is running the shortcode when it runs to create the parent page drop down selector. Why do we believe that is the issue? Because in the first incident, the one where we were sending out unexpected API calls to a remote system, the shortcode was just echoing text without doing a proper return. The echoed text interrupted the Parent page drop down selector build and so that drop down did not appear. We saw the shortcode's misplaced response text in our browser console as part of the page API response. Once we properly wrapped the echo statement, that issue went away, but the API calls were still occurring, and so I did the simple test for you. In summary, the shortcode is run when I edit any page. We believe that the page API call that is used to create the parent page dropdown is running the shortcode. Is this on purpose behaviour? Regards, Karla " karlazz 2 47817 Using file editor ignores schema and always uses http reporter-feedback Filesystem API 5.2.2 normal normal Awaiting Review defect (bug) new 2019-08-01T22:52:15Z 2023-03-11T03:26:19Z "When editing a template/theme or plugin file with the WordPress file editor, the internal loopback which I assume uses wp-json does not honor the schema of the siteurl. For example: Siteurl: https://kinsta.com The request will come through as http://kinsta.com If SSL is forced at the server level, this will force the https:// schema. This was recently discovered and was failing because a user's SSL intermediate chain was missing, so the site would edit fine without HTTPS forced, but with SSL forced it would fail. We were able to identify the chain issue due to this error occuring when force HTTPS was enabled in Nginx: ```Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.```" jeffpaulkinsta 2 47818 $wpdb should update ->insert_id also when `LAST_INSERT_ID(...)` is found Database normal normal Awaiting Review enhancement new 2019-08-02T06:44:28Z 2019-08-02T06:44:28Z "It is possible to set the insert id pointer manually by in including `LAST_INSERT_ID(column)` anywhere in the statement. `$wpdb` however does not update it's internal `insert_id`, it does this only when the statement is 'insert' or 'replace'. This makes it harder to get the ID of an updated row. https://stackoverflow.com/a/46335863" cpiber 47827 wp_notify_moderator email error when Site Language is fr_CA Mail normal normal Awaiting Review defect (bug) new 2019-08-04T02:31:38Z 2019-10-03T16:32:18Z "WordPress version: 5.2.2 PHP version: 5.6.27 Hosting: GoDaddy ""Please moderate:"" email is sent without issue when Site Language is en_US. However, when Site Language is fr_CA, the following error occurs: {{{ [04-Aug-2019 01:51:40 UTC] WP_Error Object ( [errors] => Array ( [wp_mail_failed] => Array ( [0] => Could not instantiate mail function. ) ) [error_data] => Array ( [wp_mail_failed] => Array ( [to] => Array ( [0] => wpadmin@example.com ) [subject] => [WPSite] Demande de modération pour « Foo » [message] => Un nouveau commentaire sur l’article « Foo » attend votre approbation http://blog.example.com/foo/ Auteur : JoeUser (adresse IP : xx.xx.xxx.xxx, joe.example.com) Adresse courriel : joe_user@example.com Adresse web : Commentaire : Commentaire en français L’approuver : http://blog.example.com/wp-admin/comment.php?action=approve&c=12#wpbody-content Le mettre dans la corbeille : http://blog.example.com/wp-admin/comment.php?action=trash&c=12#wpbody-content Le marquer comme indésirable : http://blog.example.com/wp-admin/comment.php?action=spam&c=12#wpbody-content En ce moment, 4 commentaires attendent vos approbations. Veuillez vous rendre sur le panneau de modération : http://blog.example.com/wp-admin/edit-comments.php?comment_status=moderated#wpbody-content [headers] => Array ( ) [attachments] => Array ( ) [phpmailer_exception_code] => 2 ) ) ) }}} " zzzz4 1 47830 Something prevents code edition of the theme through HTML on the theme editor for test automation purposes Administration 5.2.2 normal major Awaiting Review defect (bug) new 2019-08-04T10:04:15Z 2020-11-05T03:26:54Z "This should be considered as a bug, because it's preventing code edition straight from the HTML source code of the page hence preventing test automation from working. I'm using Selenium with the Chrome webdriver for test automation purposes. This is a stock WordPress install with the default nineteen theme activated, with no plugins. The URL on which the problem is occurring is /wp-admin/theme-editor.php The fields are properly changed, whether it is the textarea id=""newcontent"" or the code mirror wrapper, but upon clicking on the save button the changes are reverted back BEFORE the Ajax request is sent to make the modifications, hence preventing any sort of modifications when it's made through HTML. To reproduce the error. [Optional] Use Google Chrome if possible 1. Go to /wp-admin/theme-editor.php 2. Make sure the style.css is loaded 3. Inspect element and find the textarea id=""newcontent"" 4. Remove a whole line 5. Save 6. Look at the textarea and see that the changes were reverted back You can see that the changes are reverted back before the submit button callback is called by placing a JS breakpoint at b.submit inside the file theme-plugin-editor.min.js Sadly I'm not experienced when it comes to Javascript at all so I just can't get further than that. Hope someone can get through this bug as our tool depends on this! " xhat 1 47831 Compare any two revisions: Improve the distinction of From/To columns Revisions normal normal Awaiting Review enhancement new 2019-08-04T12:35:04Z 2019-11-12T23:55:04Z "This is a continuation from ticket #43532. We have a {{{From/To}}} when the ""Compare any two revisions"" is checked, but it might not be obvious what column is {{{From}}} and what column is {{{To}}}. Here are relevant comments from the #43532 ticket: @adamsilverstein suggests using e.g. ""added"" and ""removed"" (see here https://core.trac.wordpress.org/ticket/43532#comment:5 ) @kjellr mentioned that this was discussed in design chat https://core.trac.wordpress.org/ticket/43532#comment:19 >The Design team discussed this briefly in our triage today: >https://wordpress.slack.com/archives/C02S78ZAL/p1564417984166900 >(A WordPress.org slack account is required to view that link) >Both of these updates seem like solid improvements, and the screenshots look good. We're >going to remove ux-feedback for now. >Thanks, all! I'm adding the screenshots here below:" birgire 3 47833 "User deletion: Using the link ""deletion"", one won't be asked about what to do with this users content after deletion" reporter-feedback Users 5.2.2 normal normal Awaiting Review defect (bug) new 2019-08-04T18:24:07Z 2019-08-04T21:18:25Z "Hi WP-Team! There are two ways how deletions of users are being handled by WordPress: 1) If you delete a user by selecting ""delete"" underneath the username, the user will be deleted. 2) If you insted first select the users name and then select ""Bulk action/delete"" (via drop-down), you will be asked about what you'd like to do with the users contents after deletion. The expected behaviour would be, that one is always being asked about what to do with the users contents after deletion. Cheers, Kai " kosmicon 1 47837 Proposal: Componentized Upgrades dev-feedback Upgrade/Install normal normal Awaiting Review enhancement new 2019-08-05T15:58:02Z 2021-03-02T16:14:50Z "Recently there has been some talk about the cadence of updates for components of WordPress compared to the core updates. The current practice is that new functionality is added into subversions (5.1, 5.2, etc) and only bug fixes are in minor versions (5.2.1, 5.2.2, etc). However there are components that are having releases quicker then core, meaning that users may not see additional functionality until the next version release, which can be months away. This proposal, at a high level, is intended to propose a solution that allows for a user to update components outside of the core updates. === Mockup '''Important''': this is just a concept mockup for discussion purposes to highlight some of the functionality. === Accessibility Note The mockup above and the functionality described below is most likely not the ideal way to implement the functionality in a completely accessible way. Those who are more knowledgable on the subject should be consulted to modify the functionality in a way that works for all users. === Functionality The main concept is to have the ability to update components independently from core if they become available. The mockup above represents a timeline between the currently installed version of Core (v5.2.2 above) and the currently planned version (v5.3). The '''WordPress Core''' line, by default is collapsed and would not show the components below it. This would then function as the current upgrade functionality does and update all components at the same time. Expanded, this allows the user to upgrade individual components as they wish. In the mockup: * '''Black Dots''' indicate the current installed version for Core and components. * '''Green Dots''' are versions available to install. * '''Red Dots''' are unavailable to install (see more below). * '''Yellow Dots''' are next versions in development with estimated release schedule. * '''Red Line''' Current Day. * '''Dotted Line''' future. * '''Solid Line''' past. === Reading The Version State The user has the '''Wordpress Core''', '''Customizer''', '''Site Health''', and '''Passwords''' installed at v5.2.2. They have 4 newer versions of Gutenberg installed and one newer version of the Rest API installed. If the user upgraded Core to v5.2.3, it would update all components to that point, meaning that Core defines the minimum version for all components. On the Gutenberg line, for example, the user has a version installed and can, if they wish, go back up to two versions (two grey dots), however, because of an update change in the version + 2 (first grey dot), they are unable to back port the version before that (two red dots). Perhaps a DB change or something. The user can, however, upgrade an additional version (which was released the same day at v5.2.3 core) but the next newer version requires core to be at v5.2.3 so it is unavailable to update (or another reason, who knows). The '''Site Health''' component is unable to be updated because it might require the newer version of '''Rest API''' as an example. Hovering or clicking on the dots allows the user (either via popup, tool tip or another means) to see details on that release, upgrade to it if available, and link to release notes. On future releases (yellow dots), the information can show the estimated release date, etc. === Expanded Plugin Support The concept above could also be expanded to third-party plug-ins and themes. Integration with Site Health could be included as well, for example, if 5.2.4 required a newer version of PHP then is currently installed, the dot for it would go red and allow the user to see what is blocking the upgrade to it before the release of it." mdwolinski 7 47839 Extended file management in Media Library Media normal normal Awaiting Review enhancement new 2019-08-06T10:01:16Z 2022-09-28T15:32:08Z "Following enhancements should be made to the Media Library: 1) Option to organize media in custom folders, not only by month and year, but let the user choose a folder or create a new one in ""wp-content/uploads"" to save the item. 2) Ability to move files is essential for keeping them organized. This should be possible with an inbuilt file manager like [https://tempspace.net/plugins/?page_id=111] while updating all posts and pages the item is associated with. 3) I prefer to keep all my images in its original quality. I've set the image sizes to 0 in the Media settings, but WordPress still produces reduced image files. For thumbnails in the gallery, I'd prefer to view my untouched files as thumbnails in its original size without getting cropped in. Thus, the media gallery could arrange all items in a way that the height stays the same while the width is displayed in full." mimoho 7 47849 Post excerpts accept spaces SergeyBiryukov has-patch Posts, Post Types 5.2.2 normal normal Future Release defect (bug) reviewing 2019-08-07T23:10:00Z 2019-10-15T14:21:59Z "Post excerpts accept spaces. This is image shows the spaces https://d.pr/i/2th5zq " adeltahri 11 47855 PHPMailer::validateAddress() fails on PHP 7.3 with libpcre2 < 10.32 Mail 5.2.2 normal minor Awaiting Review defect (bug) new 2019-08-08T20:27:05Z 2019-09-21T01:43:11Z "Due to a bug in libpcre2 < 10.32-RC1 https://bugs.exim.org/show_bug.cgi?id=2300, this email regex validation fails in PHP 7.3 with PCRE_VERSION < 10.32. One consequence of this is being unable to send a password reset link from the login page - the user sees the error ""The email could not be sent. Possible reason: your host may have disabled the mail() function."" A simple test script https://gist.github.com/yolabingo/68b4f037661e702742c5abb324a3d992 PHP < 7.3 uses libpcre 8.x PHP 7.3 uses libpcre2 10.x" yolabingo 1 47863 Fix odd, unexpected output from shortcode_parse_attts SergeyBiryukov dev-feedback Shortcodes normal normal Future Release defect (bug) reopened 2019-08-11T12:55:03Z 2020-02-24T20:50:33Z "When passing a full shortcode to this function, I'm expecting only an array of key/value attributes of the shortcode to be returned, however this is not the case. Basic example (though my diff of unit tests have many), this shortcode: `[unittest title=""unittest"" link=""https://unit.test/""]` will return an array that looks like this: {{{ ( 0 => '[unittest' 'title' => 'unittest' 1 => 'link=""https://unit.test/""]' ) }}} rather than one that looks like this {{{ ( 'title' => 'unittest' 'link' => 'https://unit.test/' ) }}} I've already created a patch for this. I will put it in two parts. First unit tests with a data provider of 6 unit test format examples. 5 out of 6 will fail. I will then include another patch that includes the unit tests plus the proposed fix to the function." mauteri 32 47865 Custom Post Types – Published Posts – Preview Changes URL’s – Page not Found reporter-feedback Editor 5.2.2 normal normal Awaiting Review defect (bug) new 2019-08-12T14:45:41Z 2020-11-05T03:36:39Z "Seeing as I started a forum discussion on this, perhaps the best place to start is there: https://wordpress.org/support/topic/custom-post-types-published-posts-preview-changes-urls-page-not-found/ It includes all I believe should be relevant to the topic." SwansonPhotos 1 47868 wp_delete_attachment returning successfully, deleting all DB data, but NOT deleting files, and NOT returning false dev-feedback Media normal normal Awaiting Review defect (bug) new 2019-08-13T12:03:06Z 2019-08-20T04:16:29Z "from https://wordpress.stackexchange.com/questions/344976/wp-delete-attachment-returning-successfully-deleting-all-db-data-but-not-delet?noredirect=1#comment505976_344976 I digged into wp_delete_attachment here https://core.trac.wordpress.org/browser/tags/5.2.1/src/wp-includes/post.php#L5450 , it calls wp_delete_attachment_files wp_delete_attachment_files returns false on failure, but this is ignored! in wp_delete_attachment. Now I'm not gonna go on a rant how bad that 'design' is. My question is, how can I make sure that the files DO get deleted? I'm calling {{{ $attachments = get_attached_media('', $post->ID); foreach ($attachments as $attachment) { wp_delete_attachment($attachment->ID, true); wp_delete_attachment never returns falsy. }}} How can I figure out and fix wp_delete_attachment ? in my case it seems that some post_meta might be damaged, as the file location sometimes can be lost for some reason. This should return false or better throw and error" Jossnaz 4 47878 Permalink issue when using sub categories. Why does it entirely rely on ID? Permalinks normal major Awaiting Review enhancement new 2019-08-14T19:33:04Z 2021-10-12T09:04:39Z "There seems to be come confusion and inconsistency with the way permalink structure work with categories (specifically sub categories). Hear me out. Hopefully you're able to follow: Assuming you have a permalink structure of `/%category%/%postname%/`, then posts can indeed have a slug of `/category-parent/category-child/post-name/`. This is the expected outcome. **HOWEVER**, the issue here is that if a post is assigned the full ""tree"" of categories (parent > child > sub-child), then it will only have the parent category slug in the permalink (assuming the Parent category was created first, and therefore has a lower ID # ... which is often the case). Somewhat strangely though, if you assign ONLY the Sub Child category — which likely has a higher ID than Parent and Child, then the permalink will have the entire tree in the permalink. This is because, even though only Sub-Child was chosen, it cannot have only a sub-category within the permalink... since the sub-categories rely on the parent. But anyway... Here are some examples, and why it's an issue to rely heavily on the Category ID for permalink. I think this needs to be resolved somehow... Example, where Children categories were created before parents (and therefore children had lower ID): **Test Parent (ID: 163) > Test Child (ID: 162) > Test Sub Child (ID: 161)** No matter what category I assign (whether only one of them, or the entire tree), the permalink returned is **idea**l (it includes the full path, up to the chosen category) * E.g., if I chose ONLY “Test Child”, the permalink is `/test-parent/test-child/post-name/` * E.g., if I chose ONLY “Test Sub Child”, the permalink is `/test-parent/test-child/test-sub-child/post-name/` * E.g., if I chose “Test Parent” and “Test Sub Child” (and didn’t choose “Test Child”), the permalink is still the full path of `/test-parent/test-child/test-sub-child/post-name/` * E.g, if I chose ALL 3 (entire tree), the permalink is still `/test-parent/test-child/test-sub-child/post-name/` * All of these are ''ideal'', as I have `/%category%/%postname%/` as the permalink structure. Therefore if/when there are sub-categories, it should add them to the permalink structure as a new directory. Yes please. ''However, this isn’t always the case.'' I also have another category structure of: **Example Parent (ID: 120) > Example Child (ID: 142) > Example Sub Child (ID: 160)** * In THIS case, the only difference is that the IDs become higher for the children. * In the other example, the sub-child was made first, then the child, then the parent. Therefore, because the sub-child has the lower ID #, the Post would always try to use that slug if it is assigned to it. Then, because it does use that slug… it also relies on using the child and parent too. That is ideal, where a post with a parent/child category has the full structure in the permalink. * But, based on the Example directly above, why on earth should the slug ID # determine how the permalink structure is? If I have a parent/child category selection in my Post, then it should ALWAYS use the full structure in the permalink. Yet, if the Parent’s ID is LOWER than the Child’s ID, it will only ever use the parent slug in the permalink. While I realize this probably isn't considered a bug; at the very least, it should be considered unexpected behavior. Perhaps, there should be an option somewhere to choose whether the admin wants to have the full permalink structure when using sub-categories… or if they only want the parent category (or maybe only the child category). But the fact that it’s ''entirely dependent'' on the ID is a bit silly, as it now requires the IDs to be in a certain [backwards] sequential order (in order for the full path to show up). This makes it near impossible to have a full permalink structure of `/parent/child/sub-child/` without going through all existing categories and ensuring the Parent/Child category relationship has lower IDs the further into the tree you go." freshyjon 1 47880 Extend unit tests for Site Health component. needs-unit-tests Site Health 5.2 normal normal Future Release task (blessed) new 2019-08-15T00:49:49Z 2020-07-06T23:20:09Z "A file for site health check unit tests has been added in `tests/phpunit/tests/site-health.php`. At the time of writing it only includes tests for various states of cron, expanding these would help with future development of the component." peterwilsoncc 9 47882 [Plugins][Add new]: Can't install plugin from More details pop-up Plugins 5.2.2 normal normal Awaiting Review defect (bug) new 2019-08-15T08:39:51Z 2019-08-16T10:40:15Z "1. Go to http://something/wordpress/wp-admin/plugin-install.php 2. Chose a plugin and click on More details. 3. Click on Install Now. Current: The button is depressed, but nothing happens. Expected: The plugin should be installed and the pop-up should disappear. Chrome Version 76.0.3809.100 (Official Build) (64-bit)" daniela1104 3 47889 uploading image contains special characters will return a wrong image url has-patch Media 5.2.2 normal normal Awaiting Review defect (bug) new 2019-08-17T10:57:02Z 2019-08-18T03:46:56Z "How to reproduce this bug? 1> ready an image, make sure it contains a special character, such as `^`. In my case, this image file is `test^image.jpg` 2> goto page 'Upload New Media', that is './wp-admin/media-new.php' 3> select your image file and upload it. 4> in the completion list, you will see a thumbnail and the image that you uploaded. (see attachment ) 5> the thumbnail is broken, and the URL of the thumbnail is `'.../testimage.jpg'`. actually, it's should be `'.../test^image.jpg'` " sockscap64 2 47890 Indentation within Post Publish (Classic Editor) and Comment Save Metaboxes: Administration normal normal Awaiting Review enhancement new 2019-08-17T12:53:54Z 2021-12-14T18:43:02Z "This is a spinoff from ticket #43587, as suggested by @melchoyce https://core.trac.wordpress.org/ticket/43587#comment:23 to add an indentation for subitems of the Post Publish Metabox for the Classic Editor and the Comment Save Metabox. " birgire 1 47897 Introduce method to introduce new roles and caps independently of db upgrades. Role/Capability normal normal Awaiting Review defect (bug) new 2019-08-18T22:42:27Z 2019-08-18T22:42:27Z "Presently adding new roles and caps is avoided to guarantee backward compatibility with sites that don't update the database schema. This has resulted in: * a bunch of capabilities being used for purposes other than their original purpose * abuse of meta caps of faux primitives * filters added to the `user_has_cap` to introduce faux capabilities (three and counting) It's a little confusing and these hard coded capabilities make it more complex for sites with custom roles to manage granular capabilities. Additionally, it has lead to problems in which custom roles that should be given the capability are not. For example a custom role with page editing permissions but no post editing permissions should probably be allowed to add shared blocks. For the majority of sites which run database upgrade routines, it would be helpful to upgrade the roles and capabilities in the database. For sites which do not, faux capabilities can be added to the `user_has_cap` filter in a single function, based on the database version. For sites with hard coded arrays, the presence of the new capability can be detected and added as a faux capability if it is not. As an initial construct, a faux capabilities function can be added: {{{#!php <?php function wp_update_capabilities( $user_caps ) { if ( /* database version < block editors */ ) { // Add caps matching user's `*_posts` cap } if ( /* database version < site health upgrade */ ) { // Add caps for users wiht `install_plugins` } // etc return $user_caps; } add_filter( 'user_has_cap', 'wp_update_capabilities' ); }}} Additional design decisions to be made: * how to use the same function for db updates * to filter or not to filter faux capabilities * handling the hard coded arrays" peterwilsoncc 47899 Drafts not saving revisions reporter-feedback Revisions normal normal Awaiting Review defect (bug) new 2019-08-19T07:49:54Z 2019-08-21T08:33:18Z "Revisions are supposed to work on drafts but is not working. Just lost an original post this morning because of this and no way to get it back. Working on posts but not drafts. " mitchellk 2 47900 "Error on update MCE Views in gutenberg block ""Classic Editor""" Editor 5.2.2 normal major Future Release defect (bug) new 2019-08-19T13:49:45Z 2020-12-29T00:00:27Z "By steps: • Install new site on WordPress 5.2.2. • Create new page. • Add editor block ""Classic"". • Add media gallery into classic editor with 2+ images. • Open edit gallery window. • Switch to another tab in the browser. • Little wait... • Back to tab with WordPress. • Any change in ""edit gallery window"" and click ""Update gallery"". • Gallery do not update and error in browser console. Error in browser console: {{{ wp-tinymce.js?ver=4940-20190515:3 Uncaught TypeError: Failed to execute 'setStart' on 'Range': parameter 1 is not of type 'Node'. at wp-tinymce.js?ver=4940-20190515:3 at Object.map (wp-tinymce.js?ver=4940-20190515:3) at Object.select (wp-tinymce.js?ver=4940-20190515:3) at mce-view.min.js?ver=5.2.2:1 at Function.s.findKey (underscore.min.js?ver=1.8.3:1) at Function.s.find.s.detect (underscore.min.js?ver=1.8.3:1) at N.d.update (mce-view.min.js?ver=5.2.2:1) at mce-view.min.js?ver=5.2.2:1 at N.d.<anonymous> (mce-view.min.js?ver=5.2.2:1) at s (backbone.min.js?ver=1.2.3:1) }}} ---- I think reason of problem in the following: after open ""edit gallery window"" gutenberg block updated, and after click ""Update gallery"" node for update (use in ""update"" function in mce-views) no longer in the document. The problem is also observed in other plugins that use MCE Views for pretty view shortcodes." vjik 6 47901 Admin menu variable is not always considered as global dev-feedback Administration normal normal Awaiting Review defect (bug) new 2019-08-20T07:56:15Z 2019-08-24T12:47:43Z "In ""wp-admin/menu.php"", the variable $menu is used as global but never declared as global, this cause issue if you are displaying admin from a router script in PHP by using a require_once. Bug can be solved by adding to ""wp-admin/menu.php"" {{{#!php <?php /** * Build Administration Menu. * * @package WordPress * @subpackage Administration */ /** * Constructs the admin menu. * * The elements in the array are : * 0: Menu item name * 1: Minimum level or capability required. * 2: The URL of the item's file * 3: Class * 4: ID * 5: Icon for top level menu * * @global array $menu */ global $menu; // <- This line }}} " philippevienne 2 47922 src attribute in Image Gallery Block is inconsistent with image inserted outside of gallery. Gallery 5.2.2 normal normal Awaiting Review defect (bug) new 2019-08-22T17:20:40Z 2019-08-22T17:20:40Z "Steps: 1. Create an Image Gallery Block. 2. Upload an Image 3. Select ""Link To"" ""Media File"" 4. Preview / Publish post. == What I expect to happen: A thumbnail of my uploaded image shown in the gallery that links to the original uploaded image. i.e. The behaviour should be consistent with images inserted outside of galleries. I expect the resulting source to look like this: (The same as it would be if the image was outside of a gallery) {{{ <figure class=""wp-block-image""><a href=""http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5.png""><img src=""http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-420x530.png"" alt="""" class=""wp-image-4868"" srcset=""http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-420x530.png 420w, http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-238x300.png 238w, http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-768x970.png 768w, http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-811x1024.png 811w, http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5.png 1109w"" sizes=""(max-width: 420px) 100vw, 420px"" /></a></figure> }}} == What actually happens: The gallery uses the 1024x sized images that link to the same 1024px sized images, seemingly ignoring the ""Link to"" ""Media File"" specification. The 1024px down-scaled image seems to be selected arbitrarily and the visitor cannot access the full-sized image by clicking on the image in the gallery. This is the corresponding source I actually get: {{{ <figure><a href=""http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-811x1024.png""><img src=""http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-811x1024.png"" alt="""" data-id=""4868"" data-link=""http://www.ekran.org/ben/wp/2019/early-full-resolution-explorations/23-sigma35-e0-5/"" class=""wp-image-4868"" srcset=""http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-811x1024.png 811w, http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-420x530.png 420w, http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-238x300.png 238w, http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5-768x970.png 768w, http://www.ekran.org/ben/wp/wp-content/uploads/2019/08/23.sigma35.e0.5.png 1109w"" sizes=""(max-width: 811px) 100vw, 811px"" /></a></figure> }}} Seems the offending issues are that: a. the href points to the down-scaled image, not the media file. b. {{{sizes=""(max-width: 811px) 100vw, 811px""}}} when it should be {{{sizes=""(max-width: 420px) 100vw, 420px""}}} where 420px is my default thumbnail size." bbogart 47925 Twenty Nineteen: Size of style.css seems excessively large (225% as large as the next largest theme's CSS) Bundled Theme 5.0 normal normal Future Release enhancement new 2019-08-22T21:34:10Z 2022-10-26T20:59:22Z "I just did a check of the size of each core theme's `style.css` and here's what I found (first column is byte size): {{{ 221622 twentynineteen/style.css 98458 twentyfifteen/style.css 83559 twentyseventeen/style.css 81216 twentyfourteen/style.css 70311 twentysixteen/style.css 57356 twentyeleven/style.css 57106 twentythirteen/style.css 37606 twentytwelve/style.css 24688 twentyten/style.css }}} The `style.css` for Twenty Nineteen is 225% the size of the next-largest core theme stylesheet, for Twenty Fifteen. Between 5.2.2 and 5.3-alpha, the size of Twenty Nineteen's CSS has grown yet another 9KB. Prior to Twenty Nineteen, themes primarily had their CSS hand-written, I believe. As of Twenty Nineteen, SASS was used for the first time. Depending on how SASS is written, a little bit of code can end up generating a lot of CSS. Is this the case here for Twenty Nineteen? It doesn't seem the large amount of CSS is directly due to styling blocks, since the other themes have also been updated to style blocks. A large amount of CSS has negative impact on performance. Not only does it increase the amount of time to render the page (as CSS is render-blocking) through increased data transfer time and CSS parsing time, it also hurts performance once the page has loaded, as there is more CSS in memory and more selectors to be evaluating. How can the amount of CSS in Twenty Nineteen be reduced to be more in-line with the other core themes? ---- A few resources related to CSS performance: * [https://developers.google.com/web/fundamentals/performance/rendering/reduce-the-scope-and-complexity-of-style-calculations Reduce the Scope and Complexity of Style Calculations] * [https://developers.google.com/web/fundamentals/performance/critical-rendering-path/render-blocking-css Render Blocking CSS] * [https://css-tricks.com/efficiently-rendering-css/ Efficiently Rendering CSS]" westonruter 4 47926 Disable website field in comment section Comments normal normal Awaiting Review feature request new 2019-08-23T06:03:40Z 2023-11-20T10:29:42Z "Hi, Please make it possible to hide website field in comment section. It is not useful at all. Just spammers post fake comments for link building. I know It can be hide via css code, but not all users know how to do that. And I noticed that the css code for hiding this field may not be the same for all themes. Thanks a lot" longman2020 17 47930 Photo gallery captions bug Editor 5.2.2 normal critical Awaiting Review defect (bug) new 2019-08-23T20:58:24Z 2019-10-19T12:06:12Z "I detected an error in the Gutenberg photo gallery photo captions. If gallery photos contain captions (the text that is in the black gradient over each image), when you make any changes to this gallery (include or remove photos, for example), all captions disappear. The error happens in the latest version of WordPress (5.2.2) regardless of the theme used." mvaweb 1 47940 Introduce privacy tools (Export/Erasure) to the Network Admin for network-wide handling Privacy normal normal Future Release enhancement new 2019-08-27T21:42:04Z 2020-10-16T22:44:17Z "Spawned from @iandunn's comment [https://core.trac.wordpress.org/ticket/47085#comment:7 here]. It would be nice to provide the Export and Erasure privacy tools to this new Tools menu being introduced to the Network Admin in #47085. This would give network administrators a way to conduct privacy requests across their entire network of sites." garrett-eclipse 4 47941 URL with umlaut is sanitized in user-edit.php form reporter-feedback Users normal normal Awaiting Review defect (bug) new 2019-08-27T23:53:17Z 2019-08-29T03:08:51Z "I'm trying to add the LinkedIn URL to a user whose URL is `https://www.linkedin.com/in/frank-rösner-83736/` When I copy that URL from the browser, the ö in the url becomes `https://www.linkedin.com/in/frank-r%C3%B6sner-83736/` Pasting that in the LinkedIn url makes `%C3%B6` disappear." smaffulli 4 47943 "Multisite: Allow site administrators to add new users option and ""Add New"" wording" has-patch Users normal normal Awaiting Review defect (bug) new 2019-08-28T10:41:18Z 2019-12-17T18:25:10Z "If I disable the option Allow site administrators to add new users in Network Admin > Settings and then visit a site as an administrator, I continue to see the text ""Add New"" in the left hand side menu under ""Users"" See the attached image" henry.wright 3 47954 Create a sanity check for siteurl and home changes has-patch Administration normal normal Awaiting Review enhancement new 2019-08-30T21:57:23Z 2019-09-29T21:11:38Z "One of the most common problems is when people change the site URL fields on the settings general screen, without full understanding of what it means. It's a common enough problem that we've had documentation on ways to fix it for ages: https://wordpress.org/support/article/changing-the-site-url/ The idea is to enhance this field so as to perform some kind of sanity check before actually changing the fields. Health check exists, we have checks for plugin and theme changes to some degree. This could be checked as well. Concept: Change the field, make an internal request, see if it fails, if so change them back, then warn the user with a ""hey, this change seems like it's gonna break things real bad, are you really sure?"" Or equivalent. Second thought: when these change, email the admin user about them, with a revert link that will work no matter what. I'm sure that other ideas exist as well." Otto42 11 47962 Allow apiRequest to do requests on external WordPress sites has-patch REST API 5.3 normal normal Awaiting Review enhancement new 2019-09-02T17:40:13Z 2019-09-02T21:09:12Z "Hi, It's not possible to use the `wp.apiRequest` function to do REST requests on external WordPress sites as it forces the addition of the `X-WP-Nonce` header from the site where the request was made which of course doesn't match with the one generated by the external WordPress site. I think it's a bit too bad :( Here's a [https://gist.github.com/imath/00630617d731b51e4db4ef9f81752eb5 Gist] to test what I'm describing above on my personal site. If you run the code, you'll get a cross domain issue: `blocked by CORS policy: Request header field x-wp-nonce is not allowed by Access-Control-Allow-Headers in preflight response.` Now if you run the code after applying the attached patch, you'll get 10 of my posts where I link to this site. Is there something wrong about allowing these external requests ? Else I think it would be pretty useful." imath 1 47971 HTML markup bugs when using custom HTML editor Editor normal normal Awaiting Review defect (bug) new 2019-09-04T15:10:26Z 2019-09-04T15:52:30Z "Bonjour, Je hurle. Ca fait 10 versions que ce bug n'est toujours pas corrigé ! Quand on utilise à l'ancienne un seul champ pour les articles et pages et qu'on fait de l'édition HTML, l'éditeur rajoute des balises à la volée en ajax avant même que l'on est fini de terminer son code de fermeture de balise par exemple. Pire quand il manque une balise il fait des copier coller hallucinants de codes qui peuvent se répéter jusqu'à 10 fois partout : ce qui oblige à se retaper tout le code de la page pour enlever les dizaines d'ajouts inutiles mis à la volée par WordPress. Ce qui devait partir d'une bonne intention est en fait une catastrophe. Il n'est plus possible d'éditer le code html et à la moindre erreur toute la page est à refaire par le code rajouté.. Merci de corriger ce problème qui pour moi est très grave. Editer le code html à la main dans WordPress, c'est une base. Hello, I scream. It's 10 versions that this bug is still not fixed! When using an old field for articles and pages and making the HTML edition, the editor adds tags on the fly in ajax even before we are done finishing his code of tag closure for example. Worse when it misses a tag it makes copy glue hallucinating of codes that can be repeated up to 10 times everywhere: which forces to retype all the code of the page to remove the dozens of useless additions put on the fly by WordPress. What had to start from a good intention is actually a disaster. It is no longer possible to edit the html code and the slightest error the whole page is to be redone by the code added .. Thank you for correcting this problem which for me is very serious. Edit html code by hand in WordPress is a base." nantesweb 2 47973 Invalid HTML output from image_caption + wpautop combination Formatting normal normal Awaiting Review defect (bug) new 2019-09-04T16:24:04Z 2020-07-11T17:55:50Z "Hello, We are using WordPress on our site https://www.bonus.ca, and the HTML output on the page contains extra </p> tags. I have traced the problem into wpautop() function, which leaves these extra </p> tags on. An example: Caption shortcode like this: {{{ [caption id=""attachment_4413"" align=""alignnone"" width=""800""]<img class=""size-full wp-image-4413"" src=""/images/online-gambling-bonuses.jpg"" alt=""top Online Gambling Bonuses"" width=""800"" height=""394"" /> Internet has changed the way we gamble. Live dealer casinos are a new way to enjoy the thrills of Roulette and Blackjack from the comfort of your own home, even on your phone. Visit <a href=""/leovegas"">LeoVegas</a> for the best <a href=""/casino/live"">live casino experience</a>. You can also get a rare live casino bonus at LeoVegas.[/caption] }}} After shortcode filter has run on the block, the result is: {{{ <div id=""attachment_4413"" style=""width: 810px"" class=""wp-caption alignnone""><img aria-describedby=""caption-attachment-4413"" class=""size-full wp-image-4413"" src=""/images/online-gambling-bonuses.jpg"" alt=""top Online Gambling Bonuses"" width=""800"" height=""394"" /><p id=""caption-attachment-4413"" class=""wp-caption-text"">Internet has changed the way we gamble. Live dealer casinos are a new way to enjoy the thrills of Roulette and Blackjack from the comfort of your own home, even on your phone. Visit <a href=""/leovegas"">LeoVegas</a> for the best <a href=""/casino/live"">live casino experience</a>. You can also get a rare live casino bonus at LeoVegas.</p></div> }}} After running wpautop filter, the output is: {{{ <div id=""attachment_4413"" style=""width: 810px"" class=""wp-caption alignnone""><img aria-describedby=""caption-attachment-4413"" class=""size-full wp-image-4413"" src=""/images/online-gambling-bonuses.jpg"" alt=""top Online Gambling Bonuses"" width=""800"" height=""394"" /></p> <p id=""caption-attachment-4413"" class=""wp-caption-text"">Internet has changed the way we gamble. Live dealer casinos are a new way to enjoy the thrills of Roulette and Blackjack from the comfort of your own home, even on your phone. Visit <a href=""/leovegas"">LeoVegas</a> for the best <a href=""/casino/live"">live casino experience</a>. You can also get a rare live casino bonus at LeoVegas.</p> }}} Here, there is an extra </p> tag after the <img> tag. The following part of wpautop() function is supposed to remove the closing tag, but it fails: {{{#!php <?php // If an opening or closing block element tag is followed by a closing <p> tag, remove it. $pee = preg_replace( '!(</?' . $allblocks . '[^>]*>)\s*</p>!', '$1', $pee ); }}} The code doesn't remove the extra </p> because the regex only matches to defined block level tags, and in this case, the previous tag is an <img /> tag. In general, I think the approach to use regex to modify a HTML document is an invalid one. One could generate proper regular expressions to properly match everything in HTML language, but the regular expressions will be huge. The proper way to do this would be to somehow generate a DOM from the source code, and do the adjustments on that. Or then it might be that the way WP is mixing HTML and plain text is simply impossible to implement correctly..." terokilkanen 2 47974 Fatal error without explanation close General 5.2.2 normal normal Awaiting Review defect (bug) new 2019-09-04T16:30:54Z 2024-02-26T22:27:31Z "Hello, Today, sudenly wp-admin return this error https://prnt.sc/p1sz3t I discoverd is from digitalaccespass plugin. if i disable it, wp admin works ok. Now, the strange thing is that dap dont work even if i disable all plugins/all themes So it something related to this site. What disturbs me and is not the first time is that i dont receive an email with the error. The message says it was send an email to administrator, but i dont receive any email. I also enabled debug but no info there . How can i help you to make send emails with fatal error every time? Also, is there anything i can do to find the error? Thank you" cristianciuberea 3 47976 HTML attributes in uppercase show error in widgets dev-feedback Widgets 4.9 normal normal Awaiting Review defect (bug) reopened 2019-09-05T04:43:40Z 2022-10-18T08:29:01Z "'''[=#point1 (1)] How to reproduce''' go to p-admin/widgets.php and add custom HTML. in custom html box if i add this html, it will error. `<div id=""abcd"" DATA-HREF=""xerjss""></div>` '''[=#point1 (2)] Error -''' the attribute name of [ ""DATA-HREF"" ] must be in lowercase. '''[=#point1 (3)] Why need this''' some ad providers (such as flipkart) supply code where attributes are uppercase." sudhir600 5 47977 "some of the typo mistakes in plugin menu & update related small correction in ""bulk action selector top""" Plugins normal normal Awaiting Review defect (bug) new 2019-09-05T08:29:20Z 2019-09-05T09:29:46Z "Steps to reproduce behaviors: Issue 1: 1. There are 3 inactive plugins which show under an Active tab. 2. Now I made the ""Classic Editor"" plugin deactivate. 3. it should be shown under ""Recently deactivate"" tab. (we need to change tab name) Issue 2: 1. in plugin menu, we should use one label for the nonactive plugin ( deactivated or inactive). in somewhere it shows deactivate and somewhere it shows inactive. 2. Also, need to change in ""Bulk Actions"" dropbox menu. Issue 3: 1. When all plugins are updated then there is no need to display ""Update action"" in ""Bulk Actions"" dropbox menu because it confuses the person OR There should display some proper message. Screenshots: [[Image(https://www.dropbox.com/s/9h4yh6dlo7xe4em/plugin%20menu.png?dl=0)]] --- issue 1 [[Image(https://www.dropbox.com/sh/oyixvjhdf92lpit/AAB8XIHD68YeSmCMvJ6w9cC-a?dl=0)]] --- Issue 2 " sonali86 1 47978 Upload files with Media Library takes much load time to upload image reporter-feedback Editor 5.2.2 normal normal Awaiting Review defect (bug) new 2019-09-05T13:34:08Z 2020-11-05T04:48:54Z "Theme: Twenty Nineteen Version: 5.2.3 Steps to Reproduce: 1) Go to Gallery 2) Select Media Library 3) Go to Upload image with less than 2 mb size 4) The image will take much more time to upload and it will continue to stay in progress. Note: Please check the screenshot link below for the same. https://www.screencast.com/t/8nP8shWWW2UY" anjalirai 1 47983 Menus: Only send non-empty values on menu save on nav-menus.php Menus normal normal Awaiting Review enhancement new 2019-09-05T22:17:02Z 2019-09-06T15:04:17Z "In an effort to do some admin navigation menu customization (adding additional metaboxes/properties to individual menu items), I noticed that all menu properties (even ones that may be hidden due to ""Screen Options"") are being submitted to the server. And it actually began to cause the following PHP warning: {{{ [05-Sep-2019 21:48:58 UTC] PHP Warning: Unknown: Input variables exceeded 1000. To increase the limit change max_input_vars in php.ini. in Unknown on line 0 }}} Would it be better to make sure only menu properties that have been explicitly set are submitted to the server and saved to the database? ~~When building a nav-menu and utilizing custom links the entered value isn't trimmed. Once you click 'Add to Menu': If you have whitespace at the start: no url added to the custom link in the menu item If you have whitespace at the end: %20 is added to the custom linkprevent PHP warning max_input_vars~~" metalandcoffee 3 47984 Filter pre_do_shortcode has-patch Shortcodes normal normal Awaiting Review feature request new 2019-09-05T22:25:29Z 2019-09-05T22:25:29Z "I have some situations where an ability to override the shortcode parse/render logic would be very useful. I've prepared and will attach a draft version patch. An example to demonstrate its need for my use case: currently, the $content is first processed by `do_shortcodes_in_html_tags`, then the rest of the text. This is problematic for some nested shortcodes where the ""parent"" shortcode provides a context for its ""child"" shortcodes - if any of the latter are in an HTML attribute, they're rendered ''before'' the parent shortcode is passed its inner content. I'd like a filter to handle it so that parent and child shortcodes are rendered in the expected order. Another point in favor of this filter is that it would be useful to hook onto all places where shortcodes are being rendered outside `the_content`, for example, inside a rich text editor field. I modelled the patch after the `pre_do_shortcode_tag`." miyarakira 47988 Unexpected behaviour when draft post has the same page_name as published post Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-09-06T02:49:20Z 2019-09-06T06:35:15Z "> What steps should be taken to consistently reproduce the problem? {{{ wp rewrite structure '/%postname%/' wp post create --post_title=""Example post title"" --post_status=publish --post_name=my-chosen-post-name wp post create --post_title=""A draft post"" --post_status=draft --post_name=my-chosen-post-name }}} Visit http://www.example.com/my-chosen-post-name > In case it's relevant to the ticket, what is the expected output or result? We're expecting the published post to be displayed. > What did you see instead? If you're authenticated and have permission to view drafts, the draft post will populate the `Global $post` object and be displayed. Anonymous users will get a 404 page or the browser will throw a `Too many redirects` error. > Does the problem occur even when you deactivate all plugins and use the default theme? Yes. > Please provide any additional information that you think we'd find useful. (OS and browser for UI defects, server environment for crashes, etc.) The core behaviour of the WP Admin post edit screen doesn't allow us to get into this state because `post_name` values are not stored for a post until it transitions to the `publish` post status. When this transition does happen `wp_unique_post_slug()` ensures the `post_name` being saved unique. We first encountered this issue via the Yoast SEO plugin metabox which allows a ''Slug'' to be saved for draft posts. As you can see with the WP-CLI commands above, however, there are other ways of getting to this state. The draft post is loaded for authenticated requests because the default query vars `order_by => post_date` and `order => DESC` means the draft post created after the published post populates the `WP_Query->post` property. Anonymous requests are not able to view the draft post, so before returning a 404, `redirect_canonical()` calls `redirect_guess_404_permalink()` which builds a query for a published post where `page_name` is `LIKE` the post name and finds the published post and redirects to it... and the loop continues." ajfleming 47990 Opening/Closing the 'Add Items' slideout in the Customizer Menu editor loses the check icon Customize 4.3 normal normal Future Release enhancement new 2019-09-06T08:09:50Z 2021-06-01T00:47:14Z "Hello, While testing [https://core.trac.wordpress.org/ticket/46830 46830] I came across a separate issue I'll open here. The checkbox to indicate an item (page/post) is in the menu gets reverted to the + add icon if you click 'All Items' button to open and close the select menu item drawer. It would be nice if the checkbox icon was persistent to continue to indicate to the user what items are selected in the menu. Thank you " garrett-eclipse 6 47994 The additions of a new wp_posts table columns called post_level and post_patriarch Database normal normal Awaiting Review enhancement new 2019-09-06T23:29:48Z 2019-09-06T23:29:48Z "Many user are looking for an easy solution to sort table by page children. I understand their are functions like get_children, pre_get_posts, get_posts, wp_query. But if I wanted to extract the children directly from the db table wp_posts, their is no easy way. So I am suggest the Core team to add in an additional column: post_level. This is already noticed with the post list table's html row/td as a class (level-0) so it should be in the table. {{{ //Get all 1st generations of post based on 2 parents who are cousins SELECT p.* FROM $wpdb->posts p WHERE p.post_level = 1 AND p.post_parent = 123 OR p.post_parent = 345) //Get all 2nd generation pages of parent post id 1 SELECT p.* FROM $wpdb->posts p WHERE p.post_level = 2 AND p.post_patriarch = 1 }}} post_level depends on what level of Parent (0), Child (1) or Grandchild(2) or GreatGrandChild (3) a page is within the Hierarchy. post_patriarch (or lack of a better word) is always the level 0 parent ID This should also be consider for other tables as well(e.g menu_level) I hope this make sense. " samjco 48004 JS error while Widget saving functionality Widgets 5.2.3 normal critical Awaiting Review defect (bug) assigned 2019-09-09T06:14:40Z 2019-09-10T01:39:36Z "When I tried to update any existing widget and Save it then I am getting a JS error and because of that changes are not being saved. Issue is with the ajaxurl variable used in a post ajax call in widgets.js (widgets.min.js) in Save function. This variable is holding the object and not a string (ideally string containing the url). While inspect in Network, ajax url looks like, http://www.expertise.com/wp-admin/[object%20Object] " prashantdu 3 48006 post_date not as expected has-patch Posts, Post Types 5.2.3 normal normal Awaiting Review defect (bug) new 2019-09-09T15:22:29Z 2019-09-17T09:18:04Z "I have noticed this when scheduling a post. 1) From wp-admin choose Pages. 2) Add new. 3) Change from publish immediately to selecting time and date. 4) Select a date, for example, 2019-09-09 17:00 5) Save the post. 6) Look in the wp_posts table in the database for the post and the post_date column will be something like 2019-09-09 17:00:21 It is not really as expected since you, as a user, are not able to set which second the page should be published you assume it would be at 00. In this case you expect that is is 17:00:00. The problem is that if you have a scheduled crontab that runs every 5 minutes (*/5) it will get missed schedule the first time since the cron will run at 17:00:00 and the publish time of the post is 17:00:21. From my experience most users choose the schedule at top of the hour so we get this missmatch a lot. For us it would be easier if assumed that it is 00 seconds always." marrank 11 48007 Setup Windows CI environment Build/Test Tools normal normal Future Release enhancement new 2019-09-09T17:22:55Z 2020-12-08T18:34:56Z "Would bugs like #47980 be more likely to be caught before release if we had a Windows environment setup in Travis, and/or [https://make.wordpress.org/hosting/test-results/ test results] from a Windows host? If so, there may still be some things like #40856 that would need to be resolved first, though. " iandunn 4 48009 Expand upon the Media item data in Export Requests has-patch Privacy 4.9.6 normal normal Awaiting Review enhancement new 2019-09-10T06:26:41Z 2019-12-13T06:33:29Z "Hello, While reviewing an export containing Comment items and Media items it came to my attention the lack of information provided for media items. Currently, it's just the Media URL. It would be nice to use some of the attachment meta and possibly EXIF data if present to supplement that information. As EXIF data can possess PII (Personally Identifiable Information) such as location it would be good to disclose to the user what information is known if available. Thank you" garrett-eclipse 2 48013 Can't make a new post < default> reporter-feedback Posts, Post Types normal normal Awaiting Review defect (bug) assigned 2019-09-10T22:41:31Z 2019-10-08T19:22:07Z "{{{ TypeError: Cannot read property 'show_ui' of undefined at https://tjinews.xyz/wp-includes/js/dist/editor.min.js?ver=9.2.6:17:119556 at i (https://tjinews.xyz/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.11:6:91) at An.filter (https://tjinews.xyz/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.11:99:338) at https://tjinews.xyz/wp-includes/js/dist/editor.min.js?ver=9.2.6:17:119521 at Td (https://tjinews.xyz/wp-includes/js/dist/vendor/react-dom.min.js?ver=16.8.4:82:11) at hi (https://tjinews.xyz/wp-includes/js/dist/vendor/react-dom.min.js?ver=16.8.4:102:385) at Qg (https://tjinews.xyz/wp-includes/js/dist/vendor/react-dom.min.js?ver=16.8.4:144:217) at Rg (https://tjinews.xyz/wp-includes/js/dist/vendor/react-dom.min.js?ver=16.8.4:145:76) at Sc (https://tjinews.xyz/wp-includes/js/dist/vendor/react-dom.min.js?ver=16.8.4:158:109) at Z (https://tjinews.xyz/wp-includes/js/dist/vendor/react-dom.min.js?ver=16.8.4:156:492) }}}" tjinews 6 48015 Unexpected results from wp_nav_menu() Menus 5.2.3 normal major Awaiting Review defect (bug) new 2019-09-11T13:01:16Z 2019-10-03T08:44:11Z "I'm using wp_nav_menu() in a shortcode. That is, I'm creating / placing a menu within a page (or post) and using a shortcode to that (as opposed to hardcoding it into the theme in a specific place). Specifically, I'm placing that shortcode via the core Gutenberg block for such things, but I don't believe that matters. - If I pass in an empty array - wp_nav_menu([]) - it **echos** (?) a random menu, and return null. - If I start with the default args for the function and unset both 'theme_location' and 'menu' and then pass that array in - wp_nav_menu([$args]) - , a random menu (same as the one echo'ed) is returned. How can it return an menu when none were specified. - If I specify an invalid menu name / location (i.e., it's not registered), it returns a random array. - For the menu it is returning, Admin > Appearance > Menus, I've unchecked all the Display Locations. That is, the menu does exit, but it's not associated with any locations. Still, wp_nav_menu() returns this menu. I've done some other variations on the above trying to get empty or null back and I get a menu. Long to short, I'm getting results when - afaik - I shouldn't be getting anything at all. I'm going to add a check against the global $_wp_registered_nav_menus before I do anything with wp_nav_menu(), perhaps wp_nav_menu() should do similar? I assigned a Severity = major mainly because this is a common function that gets used A LOT. I would think / hope it should, at this point, work flawlessly. " ChiefAlchemist 3 48020 Queries display in inconsistent order when ordering by meta_value_num Query normal normal Awaiting Review defect (bug) new 2019-09-11T17:00:10Z 2019-09-11T18:22:09Z "So I caught this the other day. When ordering a query by {{{meta_value_num}}}, multiple posts sharing the same meta value display in a random order such that if you run two identical queries, the order of the posts could differ between the two. Example use case. I have a custom {{{class}}} post type with a {{{date}}} post meta. Many classes share the same date. On the frontend, I am displaying 12 classes at a time, ordered by date, and when users select to load more I fetch more posts from the server with and query more classes with {{{'offset' => $classes_showing}}} and {{{'orderby' => 'meta_value_num'}}}. Classes belonging to the same show up in different orders from query to query, which occasionally results in multiple classes shown on the frontend. Hopefully that was clear enough. Let me know if you need more code. Thanks." truheart 48026 Always show selected image even if it doesn't match search string Media normal normal Awaiting Review defect (bug) new 2019-09-12T06:35:43Z 2019-11-04T01:25:45Z "When embedding an image in a post, if there is a pattern in the search box and an image is uploaded that doesn't match it, the new image details are not shown until the search pattern is cleared. Steps: 1. Click ""Add Media"" 2. Enter search pattern, e.g. ""abc"" 3. Switch to ""Upload Files"" tab and upload a file, e.g. ""xyz"" 4. Once the file is uploaded, you see the ""Media Library"" tab again, but no details are showing in the ""Attachment Details"" area, although the newly-uploaded file is selected 5. Clear the search pattern 6. Selected image details appear The correct behavior is to always show the details of the selected file, even if it doesn't match the search pattern, at least immediately after it's been uploaded." galbaras 2 48027 WP_Comment fields (e.g. user_id) have wrong types has-patch Comments normal minor Awaiting Review defect (bug) new 2019-09-12T09:37:44Z 2019-09-16T04:27:51Z "WP_Comment objects retrieved e.g. with get_comment have wrong types for some member variables, e.g. user_id. Example: {{{#!php class TestInsertBug extends \WP_UnitTestCase { public function test_insert() { $comment_id = wp_insert_comment( [ 'user_id' => 1, ] ); $comment = get_comment( $comment_id ); // will fail because $comment->user_id is a string $this->assertSame( $comment->user_id, 1 ); } } }}} The constructor of WP_Comment just applies the data to the variables, without setting/fixing the types (as e.g. WP_User does for the ID)." cneumann 9 48029 WP_Query::query only using a single post_status Query normal normal Awaiting Review defect (bug) new 2019-09-12T18:27:51Z 2020-05-12T05:01:09Z "While investigating why `bbp_forum_get_subforums()` was not returning private forums while being a keymaster, I found that WP_Query::query() will only use the first post_status of a given array. E.g: {{{ WP_Query Object ( [query] => Array ( [post_parent] => 5420 [post_type] => forum [post_status] => Array ( [0] => publish [1] => private [2] => hidden ) [posts_per_page] => 50 [orderby] => menu_order title [order] => ASC [ignore_sticky_posts] => 1 [no_found_rows] => 1 ) ... [request] => SELECT wpp_posts.ID FROM wpp_posts WHERE 1=1 AND wpp_posts.post_parent = 5420 AND wpp_posts.post_type = 'forum' AND ((wpp_posts.post_status = 'publish')) ORDER BY wpp_posts.menu_order ASC, wpp_posts.post_title ASC LIMIT 0, 50 }}} The same thing applies if you pass it a comma-separated string of statuses: {{{ WP_Query Object ( [query] => Array ( [post_parent] => 5420 [post_type] => forum [post_status] => publish,private,hidden [posts_per_page] => 50 [orderby] => menu_order title [order] => ASC [ignore_sticky_posts] => 1 [no_found_rows] => 1 ) ... [request] => SELECT wpp_posts.ID FROM wpp_posts WHERE 1=1 AND wpp_posts.post_parent = 5420 AND wpp_posts.post_type = 'forum' AND ((wpp_posts.post_status = 'publish')) ORDER BY wpp_posts.menu_order ASC, wpp_posts.post_title ASC LIMIT 0, 50 }}} Steps to replicate (taken from bbpress/includes/forums/template.php): {{{ $r = bbp_parse_args( $args, array( 'post_parent' => 0, 'post_type' => bbp_get_forum_post_type(), 'post_status' => implode( ',', $post_stati ), // 'post_status' => $post_stati, 'posts_per_page' => get_option( '_bbp_forums_per_page', 50 ), 'orderby' => 'menu_order title', 'order' => 'ASC', 'ignore_sticky_posts' => true, 'no_found_rows' => true ), 'forum_get_subforums' ); $r['post_parent'] = bbp_get_forum_id( $r['post_parent'] ); // Create a new query for the subforums $get_posts = new WP_Query(); // No forum passed $sub_forums = !empty( $r['post_parent'] ) ? $get_posts->query( $r ) : array(); }}}" useStrict 48047 Querying (non-CPT) posts from more than one (native) category only returning posts from first category Posts, Post Types 5.2.3 normal normal Awaiting Review defect (bug) new 2019-09-16T08:23:54Z 2019-09-16T08:51:26Z "I tried selecting posts from two categories using this code: {{{ $wpQuery = new WP_Query([ 'post_type' => 'post', 'posts_per_page' => 30, 'post_status' => 'publish', 'category__in' => [5, 6], ]); $posts = $wpQuery->get_posts(); }}} This code only returns posts from the first category. I tracked this back to the query variables `category_name` and `cat` being set to the first queried category in the `get_posts()` method. Code from core, `class-wp-query.php`, line 2173: {{{ if ('category' === $queried_taxonomy) { $the_cat = get_term_by($queried_items['field'], $queried_items['terms'][0], 'category'); if ($the_cat) { $this->set('cat', $the_cat->term_id); $this->set('category_name', $the_cat->slug); } unset($the_cat); } }}} It was the same with any equivalent of the `category__in` option, such as using a comma separated list as an argument (`'category_name' => 'news,video'`) or writing my own `tax_query`. When I access the `posts` property on the query object (`$wpQuery->posts`), the correct number of posts is returned. The problem only surfaces when `get_posts()` is called. The bug persists on the Twenty Ninetheen theme without any plugins enabled. Why is `category_name`/`cat` even set to the first category term? If there is a reason, it would make sense to filter out any ""duplicate"" category query vars present before the SQL query is built, because ''both'' `category__in` and `category_name`/`cat` don't make sense. I'm looking forward to insights on this. " lialyn 1 48048 Parent pages are not visible in the Page Attributes metabox Administration 5.2.3 normal normal Awaiting Review defect (bug) new 2019-09-16T08:46:42Z 2019-09-16T08:46:42Z "This appears to have only started happening regularly after I had already set a few pages to have parents. Eventually, the behaviour was consistent. In this metabox there should be a page called **MOVAX Manipulator**, but as you can see there is not. (metabox.gif attached) But, the page **is** visible and can be selected when in quick edit mode (quick-edit.gif attached). I was able to replicate this on a fresh instance of WordPress using Twenty Nineteen theme and no plugins activated. As I am able to work around this issue by using the quick edit option, I'm labelling this issue as normal severity." mikeyott 48050 Development Build: Provide structure to auto-install plugins dev-feedback Build/Test Tools normal normal Awaiting Review enhancement new 2019-09-16T16:39:11Z 2019-09-17T19:53:34Z "When doing local development, I never use a completely blank version of WordPress. I always install a plugin like Query Monitor to help me debug and monitor development on the fly. Additionally, for some themes and plugin development, a developer may always or often need particular plugins installed. I propose automatically installing Query Monitor (FYI @johnbillion ) for Core development while also creating a structure to allow other developers using this box for other types of work to define as an environmental variable other options. I suggest only installing, not activating, to ensure that the running code is intentional as compared to the pristine environment. In our Travis config, for tests, we should not have anything different than a production build, so a `false` variable will disable anything from being installed. For other uses, a comma-separated list would provide a way to install multiple plugins. cc: @pento" kraftbj 6 48051 Keeping default theme but removing inactive themes? Site Health normal trivial Awaiting Review enhancement new 2019-09-16T16:46:18Z 2019-09-16T16:50:22Z "Let me start by saying the default site-health report under Tools > Site Health is quite useful. Many of my clients have praised the addition by the WP team! However, while studying the site health report undert Tools >> Site Health on a couple of clients websites I found something interesting in the confusing type of way…. when there are unused themes it says “Remove inactive themes” then when you remove all unused themes it switches over and says “Have default theme available” I understand the reason it suggests this but why not add text in the “remove unused themes” suggestion accordion that says “keep one default theme” or something to that effect. Personally, I would make the accordion title say ""Keep one default theme, remove all other unused themes"". But that is just me. This is a trivial thing that would make the report a bit more useful to inexperienced users. " binarywc 1 48054 wp.sanitize.stripTags should iterate instead of using recursion has-patch General 5.2.3 normal minor Awaiting Review enhancement new 2019-09-16T21:23:38Z 2020-10-08T21:27:54Z "The changes to wp-sanitize.js seemed wasteful and like it produced dead code in the final return. https://github.com/WordPress/WordPress/commit/90d9bdc54c82229b3aa5a6e60d775f14b1f9a9dc#diff-9bedaa5d6abc6cb127b2f496bb2f7835 When I got into it to fix the dead code, I also felt a way about the recursion, because stack and memory exhaustion are two other potential issues. So this way should *at most* be one function call and only duplicate memory instead of being O(n*memory). https://github.com/WordPress/WordPress/commit/d9b128f50546a65c9cf0944ee61237e35ff269c0 This is probably a drive-by commit and for that I apologize. I hope it's more useful than not, but your mileage may vary. Thank you for making WordPress." jrchamp 2 48060 Save sent emails in local Docker environment has-patch Build/Test Tools 5.3 normal normal Future Release enhancement new 2019-09-17T17:12:22Z 2023-08-15T17:04:06Z "It would be great to be able to save emails to disk for review and testing. cc @clorith @azaozz." pierlo 2 48062 "Twenty Nineteen: ""NonBreakingSpaceOverride"" breaks ""ch"" CSS unit" Bundled Theme 5.2.3 normal normal Awaiting Review defect (bug) new 2019-09-17T22:46:06Z 2024-01-20T05:25:00Z "Took me a while to figure out why some of our columnar layouts were all broken and wrapping in odd places with the new theme. Turns out, the Twenty Nineteen theme prevents usage of the ""ch"" CSS unit, because it replies on your ""NonBreakSpaceOverride"" font. In Chrome, Mobile Safari (and Edge/IE11), the ch width is calculated as TWICE the correct width vs. the native Hoefler font. In Firefox it renders identical. On the other hand, the ex width is calculated slightly smaller (incl. Firefox, but NOT Mobile Safari), but that would be tolerable. This sample page will render the FIRST set of DIVs precisely - the SECOND set of DIVs demonstrates the problem: {{{ <html> <head> <style> @font-face { font-family: 'NonBreakingSpaceOverride'; src: url(data:application/font-woff2;charset=utf-8;base64,d09GMgABAAAAAAMoAA0AAAAACDQAAALTAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGh4GYACCahEICjx3CywAATYCJANUBCAFhiEHgWwbXQfILgpsY+rQRRARwyAs6uL7pxzYhxEE+32b3aeHmifR6tklkS9hiZA0ewkqGRJE+H7/+6378ASViK/PGeavqJyOzsceKi1s3BCiQsiOdn1r/RBgIJYEgCUhbm/8/8/h4saPssnTNkkiWUBrTRtjmQSajw3Ui3pZ3LYDPD+XG2C3JA/yKAS8/rU5eNfuGqRf4eNNgV4YAlIIgxglEkWe6FYpq10+wi3g+/nUgvgPFczNrz/RsTgVm/zfbPuHZlsuQECxuyqBcQwKFBjFgKO8AqP4bAN9tFJtnM9xPcbNjeXS/x1wY/xU52f5W/X1+9cnH4YwKIaoRRAkUkj/YlAAeF/624foiIDBgBmgQBeGAyhBljUPZUm/l2dTvmpqcBDUOHdbPZWd8JsBAsGr4w8/EDn82/bUPx4eh0YNrQTBuHO2FjQEAGBwK0DeI37DpQVqdERS4gZBhpeUhWCfLFz7J99aEBgsJCHvUGAdAPp4IADDCAPCEFMGpMZ9AQpTfQtQGhLbGVBZFV8BaqNyP68oTZgHNj3M8kBPfXTTC9t90UuzYhy9ciH0grVlOcqyCytisvbsERsEYztiznR0WCrmTksJwbSNK6fd1Rvr25I9oLvctUoEbNOmXJbqgYgPXEHJ82IUsrCnpkxh23F1rfZ2zcRnJYoXtauB3VTFkFXQg3uoZYD5qE0kdjDtoDoF1h2bulGmev5HbYhbrjtohQSRI4aNOkffIcT+d3v6atpaYh3JvPoQsztCcqvaBkppDSPcQ3bw3KaCBo1f5CJWTZEgW3LjLofYg51MaVezrx8xZitYbQ9KYeoRaqQdVLwSEfrKXLK1otCWOKNdR/YwYAfon5Yk8O2MJfSD10dPGA5PIJJQMkah0ugMJiv6x4Dm7LEa8xnrRGGGLAg4sAlbsA07sAt76DOsXKO3hIjtIlpnnFrt1qW4kh6NhS83P/6HB/fl1SMAAA==) format(""woff2""), url(data:application/font-woff;charset=utf-8;base64,d09GRgABAAAAAAUQAA0AAAAACDQAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAE9AAAABwAAAAchf5yU0dERUYAAATYAAAAHAAAAB4AJwAbT1MvMgAAAaAAAABJAAAAYJAcgU5jbWFwAAACIAAAAF4AAAFqUUxBZ2dhc3AAAATQAAAACAAAAAgAAAAQZ2x5ZgAAApAAAAAyAAAAPL0n8y9oZWFkAAABMAAAADAAAAA2Fi93Z2hoZWEAAAFgAAAAHQAAACQOSgWaaG10eAAAAewAAAAzAAAAVC7TAQBsb2NhAAACgAAAABAAAAAsAOQBAm1heHAAAAGAAAAAHQAAACAAWQALbmFtZQAAAsQAAAF6AAADIYvD/Adwb3N0AAAEQAAAAI4AAADsapk2o3jaY2BkYGAA4ov5mwzj+W2+MnCzXwCKMNzgCBSB0LfbQDQ7AxuI4mBgAlEAFKQIRHjaY2BkYGD3+NvCwMDBAALsDAyMDKhAFAA3+wH3AAAAeNpjYGRgYBBl4GBgYgABEMnIABJzAPMZAAVmAGUAAAB42mNgZlJhnMDAysDCKsKygYGBYRqEZtrDYMT4D8gHSmEHjgUFOQwODAqqf9g9/rYwMLB7MNUAhRlBcsxBrMlASoGBEQAj8QtyAAAAeNrjYGBkAAGmWQwMjO8gmBnIZ2NA0ExAzNjAAFYJVn0ASBsD6VAIDZb7AtELAgANIgb9AHjaY2BgYGaAYBkGRgYQSAHyGMF8FgYPIM3HwMHAxMDGoMCwQIFLQV8hXvXP//9AcRCfAcb///h/ygPW+w/vb7olBjUHCTCyMcAFGZmABBO6AogThgZgIUsXAEDcEzcAAHjaY2BgECMCyoEgACZaAed42mNgYmRgYGBnYGNgYAZSDJqMgorCgoqCjECRXwwNrCAKSP5mAAFGBiRgyAAAi/YFBQAAeNqtkc1OwkAUhU/5M25cEhcsZick0AwlBJq6MWwgJkAgYV/KAA2lJeUn+hY+gktXvpKv4dLTMqKycGHsTZNv7px7z50ZAFd4hYHjdw1Ls4EiHjVncIFnzVnc4F1zDkWjrzmPW+NNcwGlzIRKI3fJlUyrEjZQxb3mDH2fNGfRx4vmHKqG0JzHg6E0F9DOlFBGBxUI1GEzLNT4S0aLuTtsGAEUuYcQHkyg3KmIum1bNUvKlrjbbAIleqHHnS4iSudpQcySMYtdFiXlAxzSbAwfMxK6kZoHKhbjjespMTioOPZnzI+4ucCeTVyKMVKLfeAS6vSWaTinuZwzyy/Dc7vaed+6KaV0kukdPUk6yOcctZPvvxxqksq2lEW8RvHjMEO2FCl/zy6p3NEm0R9OFSafJdldc4QVeyaaObMBO0/5cCaa6d9Ggyubxire+lEojscdjoWUR1xGOy8KD8mG2ZLO2l2paDc3A39qmU2z2W5YNv5+u79e6QfGJY/hAAB42m3NywrCMBQE0DupWp/1AYI7/6DEaLQu66Mrd35BKUWKJSlFv1+rue4cGM7shgR981qSon+ZNwUJ8iDgoYU2OvDRRQ99DDDECAHGmGCKmf80hZSx/Kik/LliFbtmN6xmt+yOjdg9GztV4tROnRwX/Bsaaw51nt4Lc7tWaZYHp/MlzKx51LZs5htNri+2AAAAAQAB//8AD3jaY2BkYGDgAWIxIGZiYARCESBmAfMYAAR6AEMAAAABAAAAANXtRbgAAAAA2AhRFAAAAADYCNuG) format(""woff""); } .hoefler { font-family: ""Hoefler Text""; } .nbspover { font-family: ""NonBreakingSpaceOverride"", ""Hoefler Text""; } .w20ch { width: 20ch; height: 1em; border: 1px solid red; } .w20ex { width: 20ex; height: 1em; border: 1px solid green; } </style> </head> <body> <div class=""hoefler""> <p>00000000000000000000</p> <p>xxxxxxxxxxxxxxxxxxxx</p> <div class=""w20ch""> </div> <div class=""w20ex""> </div> </div> <div class=""nbspover""> <p>00000000000000000000</p> <p>xxxxxxxxxxxxxxxxxxxx</p> <div class=""w20ch""> </div> <div class=""w20ex""> </div> </div> </body> </html> }}} " Andy Schmidt 3 48068 Weird behavior when setting hierarchical to false on the built-in taxonomy category Taxonomy 5.2.3 normal normal Awaiting Review defect (bug) new 2019-09-18T19:00:29Z 2019-09-20T17:39:10Z "When altering the taxonomy args of the built-in taxonomy category and setting hierarchical to false unexpected things started to happen - tested on a fresh install of WordPress. {{{#!php <?php add_filter('register_taxonomy_args', function($args, $taxonomy) { if ($taxonomy == 'category') { $args['hierarchical'] = false; } return $args; }, 10, 2); }}} After adding the code above as a simple plugin and activating it: When moving the default post 'Hello world!' into trash the category changes from 'Uncategorized' to '1'. Restoring it changes the category again. This time to '2'. Looking at the edit-tags.php?taxonomy=category page there are now two additional terms ('1' and '2') which have been automatically created. When creating a new post it gets the newly created term '1' assigned instead of 'Uncategorized'. When creating a new term with the name 'Test' and assigning it to my newly created post another term is automatically created ('5') which seems to replace term '2' since it is gone. The 'new' term names seem to be generated based on the ID from a previous term. On a side note: On the edit-tags.php?taxonomy=category page everything is now labeled with 'Tag' instead of 'Category'." kwellmann 2 48078 Some WP_XXX_Query::query() methods produce incorrect results when called in a loop dev-feedback Query normal normal Awaiting Review defect (bug) new 2019-09-19T18:28:19Z 2019-09-20T11:47:58Z "While testing a [https://core.trac.wordpress.org/attachment/ticket/37392/37392.9.patch patch] for #37392 I came across what ''may'' be a bug in `WP_Site_Query::query()`. That patch creates a `WP_Site_Query` object and then in a loop does various different `query()`'s, as in: {{{#!php $q = new WP_Site_Query(); $args = array( 'network_id' => $network_id, 'number' => 1, 'fields' => 'ids', 'no_found_rows' => false, ); foreach ( array( 'public', 'archived', ... ) as $status ) { $_args = $args; $_args[ $status ] = 1; $q->query( $_args ); // do something with the results of this site query. } }}} However, calling `query()` in a loop like that doesn't produce the expected results other than the 1st time through the loop. Why? Because when `query()` calls `WP_Site_Query::get_site_ids()` on subsequent iterations, the protected class member `$sql_clauses` still has its value from the previous iteration through the loop and the ""new"" query basically gets added to the previous queries. In the case of the above code this results in the query for `archive = 1` to actually be `public = 1 AND archive = 1` which is **not** what is intended. Looking at other `WP_XXX_Query()` classes, I ''think'' the following suffer from the same thing (although I haven't written code to test that): 1. `WP_Network_Query` 2. `WP_Term_Query` but the following do **not**: 1. `WP_Query` (because it doesn't use a class member for the clauses) 2. `WP_User_Query` (because it uses a `prepare_query( $query )` method which resets the class member(s)) So, I guess the question is: should these `query()` methods be expected to work when called multiple times in a loop (with different queries each time) or is that **not** an intended use?" pbiron 2 48085 use wp_safe_redirect() function close Administration normal normal Awaiting Review defect (bug) new 2019-09-20T10:23:31Z 2019-09-20T17:40:08Z dkarfa 1 48086 Add required extensions and libraries to composer.json has-patch Build/Test Tools 5.2.3 normal normal 6.6 task (blessed) new 2019-09-20T12:00:49Z 2024-02-26T16:59:03Z "Composer offers a way to require or suggest certain platform packages: https://getcomposer.org/doc/01-basic-usage.md#platform-packages Ticket 48081 addresses the PHP version, and this one covers the required libraries and extensions. I've used the WP-CLI ext package (https://github.com/johnbillion/ext) to generate all the required and suggested extensions and libraries. " dingo_d 14 48088 Anonymous Avatar should be served locally Comments low normal Future Release enhancement new 2019-09-20T17:12:35Z 2019-11-01T17:09:20Z "Right now, even the mystery man is retrieved by querying gravatar. We should have a local copy of the anonymous avatar that is served. At the least, if there is no requirement for an email, which is what is used to provide the gravatar requests, why make requests to gravatar? We could say caching gravatar responses is plugin territory, and while I would like to do with with gravatar for performance, this is about not making a call in the first place." dshanske 1 48103 Bulk image resizing Media normal normal Awaiting Review enhancement new 2019-09-22T22:02:00Z 2019-09-23T01:44:07Z When adding multiple images, it would be good to be able to select multiple and resize them all at once. Currently, if you have, say, 20 images on a page and you want to change their image sizes, you'd have to do all individually, which takes a fair amount of time. scottscrivens 1 48106 Revisit post GUID sanitization on `&` Posts, Post Types 5.2.3 normal normal Awaiting Review defect (bug) new 2019-09-23T08:26:37Z 2019-09-28T13:40:16Z "=== The source code of core which needs to be revisit When a new post/attachment is inserted into the database, the post GUID is sanitized and the `&` character in GUID is converted to `&`. More specifically, in `wp-includes/default-filters.php`, function `wp_filter_kses` is added as a default `pre_post_guid` filter. {{{#!php // Save URL foreach ( array( 'pre_comment_author_url', 'pre_user_url', 'pre_link_url', 'pre_link_image', 'pre_link_rss', 'pre_post_guid' ) as $filter ) { add_filter( $filter, 'wp_strip_all_tags' ); add_filter( $filter, 'esc_url_raw' ); add_filter( $filter, 'wp_filter_kses' ); } }}} Before a post GUID is saved, function `wp_filter_kses` in `wp-includes/kses.php` is called, and eventually function `wp_kses_normalize_entities` does the real conversion, so that `&` is converted to `&`. === The problem it causes The plugin External Media without Import (https://wordpress.org/plugins/external-media-without-import/) inserts external image URLs as post GUIDs into database so that users can add external images into their media libraries without actually uploading the image files to their WordPress servers. If the image URL contains `&`, such as https://pbs.twimg.com/media/D_NKa3yWkAYwZwn?name=900x900&format=png it is converted to https://pbs.twimg.com/media/D_NKa3yWkAYwZwn?name=900x900&format=png The result is that the image is not correctly displayed in some places, such as the media library page of the admin dashboard. There're also other plugins, such as Imposer (https://github.com/dirtsimple/imposer/) and Postmark (https://github.com/dirtsimple/postmark/), encountering the same issue. Imposer fixes the issue by forcing to save post GUIDs again with the unsanitized version. I think it is equivalent to removing `wp_filter_kses` from the default `pre_post_guid` filters. === The reason of post GUID sanitization Post GUID sanitization was added with a commit in 2011: https://github.com/WordPress/WordPress/commit/81a5f821fbfb63be6c5517d033b8e7a0a4172f07. The commit log message does not state why post GUIDs need to be sanitized on save and display. Also, the commit is so long time ago that seems that even the members of the core channel of WordPress Slack group can't tell the reason. At first it was thought that it is because when exporting RSS feeds, `&` needs to be converted due to XML specification. But I did some experiments and inspected the core source code, and found that in fact WordPress core does convert `&` to `&` while exporting RSS2 feed, even if I changed the `&` back to `&` in the database via MySQL client. The convertion is done by function `wptexturize` in `wp-includes/formatting.php`. The function is added as a default `the_content` filter. So I really don't understand why post GUIDs should be sanitized, especially for the `&` issue. This might be a core issue rather than a plugin issue. It might be fine to not add `wp_filter_kses` as a default `pre_post_guid`, i.e. not do the post GUID sanitization. This issue has also been discussed here: https://github.com/zzxiang/external-media-without-import/issues/17" zzxiang 2 48111 Update usage of `multi_resize` to utilize new `wp_create_image_subsizes()` function kirasong Media 5.3 normal normal Future Release defect (bug) assigned 2019-09-23T17:48:40Z 2020-02-21T09:41:15Z "As mentioned in https://core.trac.wordpress.org/ticket/40439#comment:61 There are two uses of `multi_resize()` that will need to be updated to use the new `wp_create_image_subsizes()` function introduced in #40439. - In the [https://github.com/WordPress/WordPress-develop/blob/master/src/wp-admin/includes/image-edit.php#L947 image editor] (`src/wp-admin/includes/image-edit.php`). - In [https://github.com/WordPress/WordPress-develop/blob/master/src/wp-admin/includes/image.php#L583 PDF Thumbnails/Fallback Thumbnail Support] (`src/wp-admin/includes/image.php`). " antpb 15 48114 New category page does not update on button click Taxonomy 5.2.3 normal minor Awaiting Review defect (bug) new 2019-09-24T00:04:56Z 2019-10-19T00:54:19Z When a new category is added and the button is clicked, I expect to see the category added to the list of categories on the right hand side of the page but the page is not updated. If I refresh the page, the new category shows up so it appears it has been added successfully, it just does not show up on the page after button click. dra_red 3 48115 Sidebar starter content issue with Twenty Twenty dev-feedback Customize 4.7 normal normal Awaiting Review enhancement new 2019-09-24T00:15:38Z 2021-06-01T00:50:40Z "Hello, While testing the beta I found the sidebar contents functioned a little odd. On initial install the sidebars showing on the front-end match what was in Appearance > Widgets which is; Footer #1 (Search, Recent Posts, Recent Comments) and in Footer #2 (Archives, Categories, Meta) But navigating the Appearance > Customizer > Widgets showed the defaults as Footer #1 (About this site) and Footer #2 (Find Us) and once I published the Customizer I found the front-end showed these two and then now the Appearance > Widgets also showing these. So it seems the default widget content from TwentyTwenty only loads into Customizer as a default and isn't the actual defaults found on install in Appearance > Widgets. Thanks" garrett-eclipse 4 48119 Logout does not work when using cookie prefixes Users normal normal Awaiting Review defect (bug) new 2019-09-24T07:04:24Z 2019-09-24T10:36:42Z "When renaming the WordPress cookies to use the `__Host-` or `__Secure-` cookie prefix, logging out no longer works. The wp_clear_auth_cookie() function needs to use the ""Secure"" cookie flag to ensure that modern browsers will allow in to overwrite the login cookies when cookie prefixes are used. How to reproduce: 1. Use HTTPS 2. Set cookie prefixes in wp_config.php: {{{ if (@$_SERVER['HTTPS'] == 'on') { define( 'COOKIEHASH', md5( WP_HOME ) ); define( 'USER_COOKIE', '__Host-wpse_user_' . COOKIEHASH ); define( 'PASS_COOKIE', '__Host-wpse_pass_' . COOKIEHASH ); define( 'AUTH_COOKIE', '__Host-wpse_' . COOKIEHASH ); define( 'SECURE_AUTH_COOKIE', '__Host-wpse_sec_' . COOKIEHASH ); define( 'LOGGED_IN_COOKIE', '__Host-wpse_logged_in_' . COOKIEHASH ); define( 'TEST_COOKIE', '__Host-wpse_test_cookie' ); // __HOST- cookies MUST have their path set to / otherwise they will be ignored by the browser define( 'COOKIEPATH', '/' ); define( 'SITECOOKIEPATH', '/' ); define( 'ADMIN_COOKIE_PATH', '/' ); define( 'PLUGINS_COOKIE_PATH', '/' ); } }}} 3. Login 4. Try to logout. Inspect the cookies. Notice how the login cookies still have their original content and have not been overwritten. Solution: wp_clear_auth_cookie() needs to use the ""Secure"" cookie flag under all the same circumstances in which wp_set_auth_cookie() uses the ""Secure"" cookie flag. " lflobbe 48122 Add separator argument for wp_get_document_title() dev-feedback Themes normal normal Awaiting Review feature request new 2019-09-24T08:26:08Z 2019-10-19T04:36:55Z "As far as I know, there is an official way to customize WordPress title-tag support. And my suggestion that we should allow devs change separator of title-tag. So, I decided to modify lines: (the lines' position is a bit relative) **1027** : Add a new argument ($separator) with '-' as default value which allow to change $sep variable. **1116** : Replace value '-' with $separator. **1151** : Add a new argument ($sep) with '-' as default value. This will allow devs add their own separator through hook. **1156** : Pass $sep to wp_get_document_title() function." ngdangtu 2 48124 Cant disable SSL verification when using Requests::request_multiple reporter-feedback HTTP API 5.3 normal normal Awaiting Review defect (bug) new 2019-09-24T12:02:11Z 2019-10-15T18:52:03Z "When using the Requests::request_multiple method, it is not possible to disable SSL verification using verify or verifyname. setup_handle in wp-includes/Requests/Transport/cURL.php configures CURL options but does not configure any options for verify or verifyname. " Josh Stopper 1 48133 Please add filter on wp walker li element Menus normal normal Awaiting Review enhancement new 2019-09-25T11:12:48Z 2019-10-01T22:26:44Z "Can you please add a filter in the menu li elements so we can add structured data to the li element? http://schema.org/SiteNavigationElement" BackuPs 1 48143 Unstyled error message when activating broken plugin Plugins normal minor Awaiting Review enhancement new 2019-09-26T01:52:43Z 2019-09-26T01:52:43Z The font of the error message shown in the iframe when activating a broken plugin doesn't match that of the rest of the page. See the attached image for an example. pierlo 48146 Google breadcrumbs problem reporter-feedback Permalinks 5.2.3 normal normal Awaiting Review defect (bug) new 2019-09-26T05:47:42Z 2020-07-20T15:34:53Z "It is discussed at the Yoast support forum: https://wordpress.org/support/topic/google-webmaster-reporting-breadcrumb-problems/ Last post I made up to date with some tests/conclusions: I find that not only my website shows the “funny” links. Some examples: https://techcrunch.com/page/6/?cat=-1 http://www.bbcamerica.com/page/3/?cat=-1 https://variety.com/page/4/?cat=-1 I tested on a test website. https://test.bikegremlin.com/page/2/?cat=-1 Installed Twenty Nineteen and disabled ALL the plugins. If I make all the posts uncategorized, the “strange links” are no longer working (as they shouldn’t work any time). Looks like a WordPress itself is a problem, but it just got reported by Google after the Breadcrumb reports introduction." bikegremlin 3 48151 Setting featured image appears to use site URL instead of WordPress URL Editor 5.2.3 normal normal Awaiting Review defect (bug) new 2019-09-26T13:56:15Z 2019-10-09T13:51:31Z "Steps to reproduce: - have a site with a different WordPress URL and site URL (i.e. our site uses WPML and is configured to have the English site on example.com and the Dutch site on example.nl) - go to a page/post/custom post type - try to set a featured image WP does a fetch call to https://www.example.com/wp-json/wp/v2/media/2919?context=edit&_locale=user instead of https://www.example.nl/wp-json/wp/v2/media/2919?context=edit&_locale=user which fails because I am logged in to the .nl site, not the .com site The request fails, no featured image is stored and the spinner keeps spinning." ZanderZ 2 48153 Allow the admin email verification capability to be filtered needs-unit-tests Site Health 5.3 normal normal Future Release defect (bug) assigned 2019-09-26T14:35:07Z 2020-02-21T17:53:27Z "Currently, the capability used to determine if the admin email verification screen should be displayed is hard coded as `manage_options`. There are scenarios where a plugin or site owner would want to change this capability." desrosj 24 48167 "Increase discoverability of, and describe, ""Anyone can register"" and other settings" dev-feedback Administration normal normal Awaiting Review enhancement new 2019-09-29T10:44:07Z 2019-10-02T13:13:32Z "Right now, after installation, it is not possible to register until the user enables Anyone Can Register option from Settings -> General area. Which is confusing for the general user. If it can be enabled by default that would be really time-saving. Also, this option can be added to the installation setup-wizard of WordPress. Screenshot- https://prnt.sc/pcf1xf" nazmulhassann20 21 48175 Allow Template Resolution Algorithm to be Replaceable needs-unit-tests Themes normal normal Awaiting Review feature request new 2019-09-30T03:08:16Z 2019-10-04T21:45:06Z "While I was writing a custom theme that doesn't use the results of the template hierarchy algorithm (THA), I noticed that a lot of work is done for nothing. That is, ultimately, several calls to PHP's `file_exists` is made inside `locate_template`. But I have a `template_include` filter that ignores the result of the template hierarchy algorithm. I was checking out the performance of the THA and found out that the calls to `file_exists` are relatively time intense. I wrapped some calls to `microtime` around the THA and found out that it takes about 1100 μs to run on my laptop with an SSD. So, I investigated how I could minimize the time in the THA knowing that I ultimately don't need the result. I discovered the `{$type}_template_hierarchy` and `{$type}_template` filter hooks. I used the `{$type}_template_hierarchy` filter to return an empty array which causes all the `file_exists` calls to be avoided. I also used a `{$type}_template` filter to quickly short circuit the THA. This allowed the execution time of the THA to go to about 35 μs. Much improved! Then I thought if there was a quicker way this could be done. So, I tried adding a filter called `skip_template_hierarchy` that returns false by default. When true is returned, then the entire THA is skipped. Therefore, false is passed to the `template_include` filter. In this filter is where I return the template based on my theme's template resolution algorithm. This made this section of code execute in about 5 μs. Even better. Then I thought whether there is a better way to do this, and I thought ""what if we can make the template resolution algorithm (TRA) replaceable?"" By default, the current THA would be used as the TRA. But a filter could be put into place that lets the user/developer choose a different TRA. So, I am writing a patch to add this functionality/feature. I am planning to name the filter `template_resolution_algorithm`. When the filter is applied, it will get `'resolve_template_hierarchy'` which will be a reference to a new function of the same name to be placed in `wp-includes/template.php`. This function is the default template resolution algorithm which of course resolves by using the THA we've all known for the longest time. After implementing this, I was surprised to see that it actually took about 6-7 μs to run. Not quite as fast as just skipping the THA with the `skip_template_hierarchy`. **Example** So, now I can use a custom template resolution algorithm like so: {{{ // Add the following to the theme's function.php add_filter( 'resolve_template_hierarchy', function () { return function () { $template = TEMPLATEPATH . '/templates/index.php'; return $template; }; } ); }}} The following works too: {{{ function dh__resolve_theme_template () { $template = TEMPLATEPATH . '/templates/index.php'; return $template; } add_filter( 'template_resolution_algorithm', function () { return 'dh__resolve_theme_template'; } ); }}} **Benefits** Obviously this can have performance benefits by being able to choose a different algorithm instead of running the THA and then ignoring its results. This would be ideal for implementing themes as single-page applications with minimal use of WP hooks. It would be useful if building a theme with an MVC-like architecture that utilizes a router mechanism. **Feedback** I'll upload my patch really soon. In the meantime, I am hoping I can get some feedback. Please note that I've only been doing PHP development for about 3 years off and on. Also, I've only been working with WP for a little over two years but only off and on. So, I can use some help making sure I am following PHP and WP conventions/idioms. But, I've been doing web development for 14 plus years. So, I am not a complete noob. **Testing** I can also use some guidance on where to add the unit tests for this particular feature. But before I write the tests, I'd like to get feedback first just in case this is something not even desired or maybe we come up with a better solution. I do see that there is a `tests/phpunit/tests/template.php` file to put `wp-includes/template.php` related tests in. Could someone who is familiar with the code base (core committers) point me at a good example of writing tests on filter hooks? I also need a little help with getting the unit tests to run. I've read the instructions at https://make.wordpress.org/core/handbook/testing/automated-testing/phpunit/ but they seem to be outdated, along with `tests/phpunit/README.md`. I tried the instructions in the project's `README.md`. They seem to work. The unit tests pass for commit 47643f7621..., but there are 6 new commits. The tests don't pass with these 6 new commits. I didn't try to narrow down which one is causing the error. Here are there errors: There were 12 errors: {{{ 1) Tests_Rel_Ugc::test_add_ugc Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:14 2) Tests_Rel_Ugc::test_convert_ugc Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:23 3) Tests_Rel_Ugc::test_wp_rel_ugc with data set #0 ('<a href="""">Double Quotes</a>', '<a href="""" rel=""nofollow ugc""...es</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 4) Tests_Rel_Ugc::test_wp_rel_ugc with data set #1 ('<a href=""https://wordpress.or...es</a>', '<a href=""https://wordpress.or...es</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 5) Tests_Rel_Ugc::test_wp_rel_ugc with data set #2 ('<a href='https://wordpress.or...es</a>', '<a href='https://wordpress.or...es</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 6) Tests_Rel_Ugc::test_wp_rel_ugc with data set #3 ('<a href=""https://wordpress.or...es</a>', '<a href=""https://wordpress.or...es</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 7) Tests_Rel_Ugc::test_wp_rel_ugc with data set #4 ('<a title=""Title"" href=""https:...es</a>', '<a title=""Title"" href=""https:...es</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 8) Tests_Rel_Ugc::test_wp_rel_ugc with data set #5 ('<a data-someflag href=""https:...es</a>', '<a data-someflag href=""https:...es</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 9) Tests_Rel_Ugc::test_wp_rel_ugc with data set #6 ('<a data-someflag title=""Tit...ce</a>', '<a data-someflag title=""Tit...ce</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 10) Tests_Rel_Ugc::test_wp_rel_ugc with data set #7 ('<a href=""http://example.org/s...p)</a>', '<a href=""http://example.org/s...p)</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 11) Tests_Rel_Ugc::test_wp_rel_ugc with data set #8 ('<a href=""https://example.org/...s)</a>', '<a href=""https://example.org/...s)</a>') Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:31 12) Tests_Rel_Ugc::test_append_ugc_with_valueless_attribute Error: Call to undefined function wp_rel_ugc() /var/www/tests/phpunit/tests/formatting/WPRelUgc.php:81 ERRORS! Tests: 9960, Assertions: 44191, Errors: 12, Skipped: 11. }}} **Patch** Should I include changes to the `package-lock.json` even though I made no changes to the dependencies in `package.json`? " dhurlburtusa 4 48180 extend export with filter for join and where clause Export 5.2.3 normal normal Awaiting Review enhancement new 2019-09-30T10:29:31Z 2019-09-30T11:37:29Z "In attachment I send a patch to add two lines for filters to change external the join and where clause to make it possible to export only the right posts. **I hope your can take it into the core.** Background: I have an user defined post type ""bp-blog"", which extends the default blog with buddypress group functionality. Therefor I save the buddy press group id in postmeta. Now I want export only the ""bp-blog"" posts for a specific group. Without the filter I cannot modify the request query and all ""bp-blog"" posts are exported. Here my usage of the the new filter: {{{#!php <?php add_filter('export_filter_join', 'export_filter_join', 0, 2); public function export_filter_join($join, $args = array()) { if ($args['content'] != 'bp-blog' && !isset($args['group'])) { return $join; } global $wpdb; $join .= "" INNER JOIN {$wpdb->postmeta} ON ({$wpdb->posts}.ID = {$wpdb->postmeta}.post_id)""; return $join; } }}} and {{{#!php <?php add_filter('export_filter_where', 'export_filter_where', 0, 2); public function export_filter_where($where, $args = array()) { if ($args['content'] != 'bp-blog' && !isset($args['group'])) { return $where; } global $wpdb; $where .= "" AND wp_postmeta.meta_key = '_bp_group' AND wp_postmeta.meta_value = {$args['group']}""; return $where; } }}} " mgleich 3 48187 Missing admin color scheme causes incorrect body class dev-feedback Administration normal normal Awaiting Review defect (bug) new 2019-09-30T19:49:02Z 2019-09-30T19:49:02Z "If you pick a non-core admin color scheme (one that is added via some available plugin) but later that color scheme is no longer available (by deactivating said plugin) the admin-area body class continues to reflect the now missing color scheme. To test: 1. Install and activate [https://wordpress.org/plugins/admin-color-schemes/ this plugin] (or one like it) 2. Change the color scheme in Your Profile to ""80's Kid"" (or any other non-core one) 3. Deactivate the above plugin 4. Open inspector in your web browser 5. See that the incorrect color scheme class is added to the body element Ironically, the way WordPress admin CSS is coded, this does not appear to cause any obvious styling breakage, though I do consider this an unintended behavior that can still be corrected." johnjamesjacoby 48190 Show information from Plugins Directory into WP-Admin plugins page Plugins normal normal Awaiting Review feature request new 2019-10-01T08:33:45Z 2019-10-04T08:51:39Z "Hello everyone, This is my first ticket/suggestion here. First of all, hope this is not a duplicate request. Recently one of the websites my company has been maintained got hacked: https://www.wordfence.com/blog/2019/09/rich-reviews-plugin-vulnerability-exploited-in-the-wild/ Issue was on the Rich Review plugin. The root cause of the problem was that we had installed on that website (was a theme requirement) the Rich Review plugins. We kept up to date all the plugins, WP core itself and themes on that websites and still the website got hacked. The general guideline to keep your WordPress website safe is update everything. In this case though it failed. It failed because we did not know that the Rich Review plugin was abandoned. On plugin directory it clearly tells that the plugin has been closed for security reasons: https://wordpress.org/plugins/rich-reviews/ So my question, request is, can it be made that we show this kind of information right away on the plugins list? To improve it even further, show a WordPress notice on wp-admin when an administrater logins and he can directly see that plugin X has been abandoned or has been closed. Thank you, Arber." arberbr 3 48192 get_blogs_of_user not setting public parameter has-patch Networks and Sites normal normal Awaiting Review enhancement new 2019-10-01T13:04:23Z 2019-10-06T07:01:27Z "Hello. For multisite installations get_blogs_of_user uses get_sites to retrieve all multisite instances. This contains parameters such as archived, deleted, etc, and also the public parameter. The get_blogs_of_user function iterates through the results of get_sites and sets the blogs array of blog objects. It matches and sets all parameters from get_sites, but omits the 'public' parameter, probably by oversight. For example a blog from get_blogs_of_user: {{{ stdClass Object ( [userblog_id] => 2 [blogname] => Site 2 [domain] => example.com [path] => /de/ [site_id] => 1 [siteurl] => http://example.com/de [archived] => 0 [mature] => 0 [spam] => 0 [deleted] => 0 [blog_id] => 2 [description] => 2 [language] => de_DE ) }}} No way apart from using the 'get_blogs_of_user' filter to reiterate the sites and set the value. Requires the public parameter to be set." tifosi 1 48193 Improve the WordPress loop dev-feedback Query normal normal Awaiting Review enhancement new 2019-10-01T18:53:57Z 2024-01-20T15:01:13Z "Currently, there are a number of ways that the ""loop"" can be handled in WordPress. Each depends on whether you are using the WP_Query global, a custom WP_Query instance, or an array of posts. I propose that we add a PHP 5.6+ compatible generator function called `wp_loop()` that will simplify all of these use cases into a single, more modern approach. See [https://wpscholar.com/blog/creating-better-wordpress-loop/]" wpscholar 6 48194 "Unregistered image sizes used for IMG tag ""srcset""" Media normal normal Awaiting Review defect (bug) new 2019-10-02T02:16:24Z 2020-07-21T06:25:14Z "Following design changes, previously-generated thumbnails remain on the site, along with matching post meta entries linked to the respective attachment. WordPress then uses those to produce IMG tags. In fact, these thumbnails are referenced even when the files don't exist on the site anymore, following a cleanup. I think WordPress should only use thumbnail URLs for registered image sizes. For bonus points, there can be a way to remove unregistered size references from attachment meta, perhaps in a Media > Audit admin page, which lets the user decide what to remove and what to keep. For context, I've just cleaned images on a site and found a lot of legacy references to thumbnails of previously registered sizes in IMG tags. Media management and cleanup plugins I used could only detect the redundant meta data when I re-registered the old sizes temporarily." galbaras 5 48196 The Code Editor generates tag soup with empty paragraphs in td elements reporter-feedback Editor 5.2.3 normal normal Awaiting Review defect (bug) new 2019-10-02T10:57:51Z 2023-12-12T15:02:56Z "When using the Code Editor with WordPress 5.2.3, the opening `<p>` and closing `</p>` tags do not appear in the editor and are automatically handled by the editor. If I try to add them to fix things, they are automatically removed. So, now the problem with this automatic handling: The Code Editor generates tag soup with empty paragraphs in td elements. For instance, the generated HTML code looks like this: {{{ <td>text<br /> text</p> <p>text<br /> text</p> <p>text</td> }}} There are two issues (maybe related). First, this is tag soup. For various reasons (parsing with XML tools, better HTML code understanding and maintenance...), the Code Editor should not omit opening and closing tags. Here, the first `</p>` does not have a matching opening tag and the last `<p>` does not have a matching closing tag. Moreover, in HTML5 parsing, the first `</p>` is parsed as if it were `<p></p>`, i.e. an empty paragraph; and the text before it should really be in a paragraph for consistency. If the Code Editor thought that the `<td>` implied an opening `<p>` just after it, it is wrong! In short, the generated code should be: {{{ <td><p>text<br /> text</p> <p>text<br /> text</p> <p>text</p></td> }}} " vinc17 2 48201 post_updated_messages event stop working version 5.2.3 reporter-feedback Posts, Post Types 5.2.3 normal normal Awaiting Review defect (bug) new 2019-10-03T11:35:18Z 2019-10-09T08:10:20Z "I really think that there is some problem with post_updated_messages event in 5.2.3 version. Tried the same code in vanila vrsion 4.9.11 and vanila 5.2.3. In 4.9.11 messages are overwritten and they are working good in 5.2.3 nothing’s happened. Try to add next code in wp-content/plugins/hello.php and activate Hello Dolly plugin: {{{#!php <?php function frl_change_post_updated_labels($messages) { global $post; $permalink = get_permalink($post->ID); $messages['post'] = array( 0 => '', 1 => sprintf( __('Article updated. <a href=""%s"">View post</a>', 'frl'), esc_url($permalink)), 2 => __('Custom field updated.', 'frl'), 3 => __('Custom field deleted.', 'frl'), 4 => __('Article updated.', 'frl'), 5 => isset($_GET['revision']) ? sprintf(__('Article restored to revision from %s', 'frl'), wp_post_revision_title((int)$_GET['revision'], false)) : false, 6 => sprintf( __('Article published. <a href=""%s"">View post</a>'), esc_url($permalink)), 7 => __('Article saved.', 'frl'), 8 => sprintf( __('Article submitted. <a target=""_blank"" href=""%s"" rel=""noopener noreferrer"">Preview</a>', 'frl'), esc_url(add_query_arg('preview','true', $permalink))), 9 => __('Article scheduled. <a target=""_blank"" href=""%2$s"" rel=""noopener noreferrer"">Preview</a>', 'frl'), 10 => sprintf( __('Article draft updated. <a target=""_blank"" href=""%s"" rel=""noopener noreferrer"">Preview</a>', 'frl'), esc_url(add_query_arg('preview', 'true', $permalink))) ); return $messages; } add_filter('post_updated_messages', 'frl_change_post_updated_labels'); }}} Also tried adding new category ‘article’ instead of ‘post’ and create new array $messages[‘article’] and assinged post to article category but it is working the same. So the problem exists in both cases: – when we want to overwrite existing messages (post, page, attachment) – when we want to add the new message type I would be very thankful if someone helps me with solving this. Tnx." majavsc 3 48204 wp_exif_date2ts throws notice on empty date has-patch Date/Time 5.2.3 normal minor Future Release defect (bug) new 2019-10-03T19:39:39Z 2023-06-29T01:45:04Z "When an image has the EXIF field DateTimeDigitized defined, but set to an empty timestamp, like {{{ : : : : }}} a PHP notice is thrown during upload. I don't know how common this is, but I've seen it on several family photos that were scanned by my aunt. The EXIF info mentions both HP Scanjet 4370, FinePixViewer Ver.4.2, and FUJIFILM. Anyway, it can be pre-empted with this between the two calls to explode(): {{{ if ( ':' === $date ) { return ''; } }}} I've attached a sample file to replicate the problem." nosilver4u 11 48207 Implement new Comment Date Functions needs-unit-tests Date/Time normal normal Awaiting Review defect (bug) new 2019-10-04T03:33:42Z 2019-11-08T11:42:21Z WordPress 5.3 introduces get_post_datetime() and get_post_timestamp(). Suggesting that these be mirrored with the equivalent functions get_comment_datetime and get_comment_timestamp. dshanske 4 48220 Category Dropdown Layout Issue Taxonomy 5.2.3 normal major Awaiting Review defect (bug) new 2019-10-05T09:17:39Z 2019-10-05T09:17:39Z "I have 2 websites. One is using WordPress 5.2.3 and another one is WordPress 4.9.10. So now problem is with category Dropdown layout. If you will check below code on both versions with nested subcategories you will see the difference. {{{#!php <?php wp_dropdown_categories( 'show_count=1&hierarchical=1&child_of=2' ); }}} Nested Category Example : Home Landscape & Urbanism Campus Masterplan ....... Issue : On latest version of WordPress dropdown not showing subcategories name (Example : Landscape & Urbanism) Please help me to sort out this issue. Thanks " anjalimdn 48221 Improve punctuation consistency for labels on Add New User and Edit User screens has-patch Users normal normal Awaiting Review defect (bug) reopened 2019-10-05T09:44:53Z 2022-09-25T06:33:47Z " In the WordPress dashboard in Users->Add New -> Send User Notification. There is one checkbox in at last (. dot ) there is not suitable please follow the link https://monosnap.com/file/OWnvrbDahfTn93eh1NaRodpuQJy4Mb" sarvarshaikh 7 48222 """Show password"" button overlaps with the LastPass icon" has-patch Login and Registration 5.3 normal normal Future Release enhancement assigned 2019-10-05T14:29:48Z 2022-09-15T20:51:47Z "The new ""Show password"" button added to login screen in [46256] overlaps with the LastPass extension icon. Tested with Google Chrome 77 on Windows 10. This only happens on Log In and Reset Password screens. The Edit User screen is OK, as the button there is separate from the input." SergeyBiryukov 67 48223 parse_request(): When request has multiple matching rewrite rules, and matched rule returns 404 - iterate to next rewrite rule dev-feedback Rewrite Rules normal normal Awaiting Review defect (bug) new 2019-10-05T14:34:30Z 2020-05-13T20:43:55Z "A request might have multiple matching rewrite rules. {{{parse_request()}}} will take the top rule and attempt to parse it. If that rule results in an empty query, {{{is_404()}}} is set. In the case of a 404 error on the first matched rule, {{{parse_request()}}} should iterate to the next matched rule and attempt the next query. Example: A request might match all these rules=>queries: 1. {{{(.?.+?)(?:/([0-9]+))?/?$}}} => {{{pagename=$matches[1]&page=$matches[2]}}} 2. {{{([^/]+)(?:/([0-9]+))?/?$}}} => {{{name=$matches[1]&page=$matches[2]}}} If first query {{{pagename=$matches[1]&page=$matches[2]}}} returns 404, {{{parse_request()}}} should attempt the second query before returning a 404 error." apedog 5 48224 Refactor paginate_links and add 4 new functions (paginate_array and format_paginate_link) has-patch Themes 5.3 normal normal Awaiting Review enhancement new 2019-10-05T16:04:19Z 2019-10-05T16:16:08Z "The current paginate_links has limited the creativity of making pagination. It returns a fixed template rather than a plain data. Because of that, frontend dev will have a hard time in query necessary data to make a custom pagination. My suggestion is create 4 new functions. The first function, called paginate_array, only return plain data. Almost 90% its code is from paginate_links. Its job will only return data array in this format: (see pseudocode below) {{{ [ [""prev""] => [ [""url""] => ""http://localhost/wp/page/20/"", [""class""] => ""prev page-numbers"" ], [""pages""] => [ [ [""type""] => ""page"", [""url""] => ""http://localhost/wp/"", [""label""] => 1, [""class""] => ""page-numbers"" ], [ [""type""] => ""etc"", [""label""] => ""…"", [""class""] => ""page-numbers dots"" ], [ [""type""] => ""page"", [""url""] => ""http://localhost/wp/page/19/"", [""label""] => 19, [""class""] => ""page-numbers"" ], [ [""type""] => ""page"", [""url""] => ""http://localhost/wp/page/20/"", [""label""] => 20, [""class""] => ""page-numbers"" ], [ [""type""] => ""page"", [""url""] => NULL, [""label""] => 21, [""class""] => ""page-numbers"" ], [ [""type""] => ""page"", [""url""] => ""http://localhost/wp/page/22/"", [""label""] => 22, [""class""] => ""page-numbers"" ] ], [""next""] => [ [""url""] => ""http://localhost/wp/page/22/"", [""class""] => ""next page-numbers"" ] ] }}} From here dev can pass data to a loop and put it in any kind of layout they want. The second function is format_paginate_link which is a supported function for the first one. Beside that job, it can be use for quick format paginate link from place with strict context and only a link needed. For example, if only a link of total page is needed, there is no reason to call paginate_array. Dev can just get total pages from WP_Query class. The third and fourth functions are default_paginate_base and default_paginate_format. Those are extracted from the paginate_links. The two functions were created due to the fact that both paginate_array and format_paginate_link are need those code, and it cannot be place in one side. I hope somebody could find it useful someday. The original/mother function now becomes a template warp. It gets data from paginate_array and add it to the default layout. It is kept for backward reason. The original default args also upgrade **base**, **total**, **current** and **format** as well. It default code won't be pre-executed, it will check the inputs first and only execute if inputs are empty." ngdangtu 48227 extend import with preselect of existing or pre-fill to create new users Import normal normal Awaiting Review enhancement new 2019-10-06T12:17:51Z 2019-10-06T12:17:51Z "Attached patch will be checking, while importing wordpress posts, imported user existing. If so he will be preselected to map to him. Or if he not exists he will be pre-filled in field to create him. Additionally the result sentence ""Remember to update the passwords and roles of imported users."" will be only shown, if a new user was created." mgleich 48229 Console error when running QUnit Test Suite close Build/Test Tools normal minor Awaiting Review defect (bug) new 2019-10-06T14:48:03Z 2023-06-20T20:09:43Z "There is a 404 (Not Found) error reported in the browser console for the `admin-ajax.php` file while running QUnit Test Suite. After selectively running the tests, I could narrow it down to the [https://core.trac.wordpress.org/browser/trunk/tests/qunit/wp-admin/js/widgets/test-media-image-widget.js#L11 image widget control] tests in the `Image Media Widget` module. Although all the tests are passing, this error should be fixed." Hareesh Pillai 5 48236 Media attachment browser no longer provides id of attachment has-patch Media 5.2.3 normal normal Future Release defect (bug) new 2019-10-07T06:49:48Z 2020-02-21T01:39:38Z "This is a follow-up to #47458. Issue #47458 removed the data-id attribute from the media attachment browser. This was a useful attribute, used by an (internal) plugin on our site to access the details of the currently displayed attachment. We used code similar to this to hook into the dialog: {{{ wp.media.view.Attachment.Details.prototype.on('ready', function() { var postid = $('.attachment-details').data('id'), details = wp.media.attachment(postid); // do stuff with details }); }}} This functionality is now broken, and I can’t see another way to access the id of the attachment details being shown. (The item id in the query string is not reliable, as it’s not always updated in time, or at all.) Could this useful attribute be restored? It doesn’t seem to affect the problem addressed in #47458 in any way." slebog 10 48241 Using `add_theme_support( 'custom-background' )` enables both background color and background image. Themes normal normal Awaiting Review enhancement new 2019-10-07T18:30:09Z 2019-10-30T08:10:47Z "Both custom color and custom image options for appear in the customizer when `add_theme_support( 'custom-background' )` is defined. In some instances it is designer preference to have no custom color option or no custom image option. Currently it is not possible to have one or the other - it is both or none. The code responsible for this is here: https://github.com/WordPress/wordpress-develop/blob/5.2/src/wp-includes/theme.php#L2535-L2545 It could be adjusted to first detect a newly added default value before adding the support. That way would keep it working in a backwards compatible way while allowing others to pick and choose which their theme supports going forward." williampatton 1 48256 WP remove first <p> in <td> needs-unit-tests Editor 5.2.3 normal major Future Release defect (bug) new 2019-10-08T12:41:01Z 2020-11-23T04:18:22Z "When I create table and add text inside it remove first <p> but let </p> Example : <td><span class="""" ></span></p>" Sebafaim 5 48257 REST API: post-process endpoint cannot be discovered from media creation endpoint REST API 5.3 normal normal Future Release defect (bug) new 2019-10-08T14:24:14Z 2019-10-08T14:24:14Z "Split out from #47987: In #47987 we introduced a new `/wp/v2/media/{id}/post-process` endpoint, which may be hit with a POST to resume media processing in the event the initial POST to `/wp/v2/media` fails. Clients may know to utilize this new endpoint through the presence of a new non-standard header `X-WP-Upload-Attachment-ID`, but @rmccue caught that we do not provide any Link-based method of discovering the existence of this endpoint from the initial media collection. @TimothyBlynJacobs proposes using the `edit-media` relation for this link. We should add an additional `Link` to the header of the failing POST response (or any POST response, potentially, with the understanding a link is only necessary in the event of failure). Implementing this Link was punted from 5.3 because the `$response` object on which we can call add_link was not available at the time we set the initial X-header, which we can work around but did not have time to resolve before the final 5.3 beta. ''Aside:'' If we're able to resolve the order-of-operations issue, it's possible that the Link could become the preferred method of signalling that post-processing should occur, rather than the non-standard header. However the X-header is more appropriate for the other media paths in `media.php` and `admin-ajax.php`, so this may not be feasible." kadamwhite 48260 WordPress beta 5.3 - Unable to type Password when I login.... reporter-feedback Login and Registration 5.3 normal normal Awaiting Review defect (bug) new 2019-10-08T17:02:50Z 2019-10-14T05:18:36Z I'm unable to type anything at the password field at WordPress 5.3-beta2-46428 william13110 1 48261 """noopener noreferrer"" mis-parses links with ""rel="" parameters" has-patch Formatting 5.2.3 normal normal Awaiting Review defect (bug) new 2019-10-08T21:39:20Z 2019-10-09T22:55:14Z "If a link contains a url parameter named ""rel"" and the rel=""noopener noreferrer"" attribute is triggered (ie. the link has the target=""_blank"" attribute as well) then it botches the parsing, and you wind up with a link that looks like: {{{ <a href=""https://www.somesite.com/index.php?v=yes&rel=0" noopener noreferrer"" target=""_blank"">Anchor Text</a> }}} " mvandemar 6 48265 The privacy export files cleanup can run unlink on directories throwing an error. dev-feedback Privacy 4.9.6 normal normal Awaiting Review defect (bug) new 2019-10-09T18:02:19Z 2021-11-24T09:25:40Z "Looking into some test failures on VVV flagged in Slack here; https://wordpress.slack.com/archives/C02RQBWTW/p1570445063460400 It was found that the `wp_privacy_delete_old_export_files` function runs `unlink` on all files and subdirectories older than `wp_privacy_export_expiration`, this becomes an issue as directories can't be removed via `unlink` and will throw an Operation is not permitted error. This occurs as the `$export_files` list is collected from a `list_files` call which has a level of 100 resulting in subdirectories being included. So the question for me is should the export cleanup only do files in the current `$export_dir`, or should it recurse into subdirectories and if so should the directories also be cleaned up if older than `wp_privacy_export_expiration`. If we do go to the extent of removing subdirectories should the `list_files` call be updated with an exclude filter so plugins can have custom directories in that location which would be avoided during the cleanup? Note: If subdirectories are to be removed as well we'll have to recursively traverse them and remove their contents so `rmdir` will work. Along with addressing the issue in `wp_privacy_delete_old_export_files` the cause of the original VVV test failures should also be addressed. What lies in the privacy unit test that creates the test_contents folder but doesn't clean it up here; https://github.com/WordPress/wordpress-develop/blob/master/tests/phpunit/tests/privacy/wpPrivacyGeneratePersonalDataExportFile.php#L244 * simply removing this directory at the end of the test should suffice." garrett-eclipse 4 48268 Updating failed. Error message: The response is not a valid JSON response. reporter-feedback Posts, Post Types normal critical Awaiting Review defect (bug) new 2019-10-10T05:26:03Z 2021-03-31T21:52:09Z "Hi, When i try to update the Page Template from default to full page then i am getting that error ""Updating failed. Error message: The response is not a valid JSON response."" in WordPress Version 5.3" phpdocs 8 48270 Add space before first parentheses of if condition for JS consistency has-patch Administration 5.3 normal minor Awaiting Review enhancement new 2019-10-10T09:02:29Z 2019-10-12T01:47:15Z mehidi258 2 48272 """Undefined offset"" warning in add_query_arg()" reporter-feedback General 5.2.3 normal normal Awaiting Review defect (bug) new 2019-10-10T11:09:26Z 2022-02-01T05:48:25Z "Hi, When I am login admin side then getting notice. because I have enabled error_log true in the config file. ===========Notice error============= {{{ <br /> <b>Notice</b>: Undefined offset: 1 in <b>/var/www/html/wpfdemo/wp-includes/functions.php</b> on line <b>964</b><br /> }}} ============Solution=============== {{{ $qs[ $args[0] ] = $args[1]; }}} To {{{ $qs[ $args[0] ] = $args[0]; }}} ================================= Please let us know if this helps. Thanks" sumitsingh 6 48279 Avoid block markup in starter content and default pages Editor 5.0 normal normal Awaiting Review enhancement new 2019-10-10T17:28:28Z 2020-11-24T04:11:49Z "In #45151 the Hello World, Sample Page and Privacy Policy content were updated to supply block markup for the editor. The Privacy Policy was the only one that took into account the classic editor and avoided providing the markup in that case as it was also used on the guide which isn't an editor page. In #48130 the starter content is being updated to account for the block editor by adding the necessary markup. It would be nice for users of the classic editor to suppress that markup when they're not using the block editor similar to what was done for the Privacy Policy content." garrett-eclipse 2 48280 orderby meta_value breaks with newer versions of MySQL Query 5.2.3 normal normal Awaiting Review defect (bug) new 2019-10-10T19:01:27Z 2020-01-30T23:03:53Z "When running a query like this: {{{#!php <?php $posts = new WP_Query(array( 'post_type' => 'course_record', 'posts_per_page' => -1, 'orderby' => 'meta_value', 'meta_key' => 'start_date' )); ?> }}} which results in the following SQL query: {{{#!sql SELECT wp_posts.* FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) WHERE 1=1 AND ( wp_postmeta.meta_key = 'start_date' ) AND wp_posts.post_type = 'course_record' AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_postmeta.meta_value DESC }}} On MySQL v5.7.25, it works fine and returns posts as expected. On MySQL v8.0.16, it returns zero posts without any errors. The weird thing is, if I try to run the SQL statement from above directly into the MySQL console '''on either MySQL version''', I get the following error: {{{#!text ERROR 1055 (42000): Expression #1 of ORDER BY clause is not in GROUP BY clause and contains nonaggregated column 'wp_artofed.wp_postmeta.meta_value' which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by }}} I also get the same error if I try the SQL statement directly in PHP outside of WordPress '''again, on either MySQL version''': {{{#!php <?php $conn = new mysqli($db_host, $db_user, $db_pass, $db_name); if ($conn->connect_error) die(""Connection failed: $conn->connect_error""); if (!$results = $conn->query(""SELECT wp_posts.* FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) WHERE 1=1 AND ( wp_postmeta.meta_key = 'start_date' ) AND wp_posts.post_type = 'course_record' AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_postmeta.meta_value DESC"")) { die(""Query Error: $conn->error""); } ?> }}} However it works if I use `$wpdb->get_results` '''on MySQL v5.7.25''' but not v8.0.16: {{{#!php <?php global $wpdb; $results = $wpdb->get_results(""SELECT wp_posts.* FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) WHERE 1=1 AND ( wp_postmeta.meta_key = 'start_date' ) AND wp_posts.post_type = 'course_record' AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_postmeta.meta_value DESC""); ?> }}} I was able to get everything working however by adding `wp_postmeta.meta_value` to the `GROUP BY` clause: {{{#!php <?php add_filter('posts_groupby', 'fix_wp_only_full_group_by', 10, 2); function fix_wp_only_full_group_by($groupby, $query) { if ( !empty($groupby) && array_key_exists('orderby', $query->query_vars) && $query->query_vars['orderby'] === 'meta_value' ) { global $wpdb; $groupby .= "", {$wpdb->postmeta}.meta_value""; } return $groupby; } ?> }}}" KodieGrantham 2 48284 MIsleading behavior and documentation in include argument of WP_Term_Query Taxonomy normal normal Awaiting Review defect (bug) new 2019-10-10T23:19:46Z 2019-10-12T02:06:49Z "The documentation for the `include` argument of the WP_Term_Query class states: ''Array or comma/space-separated string of term ids to include.'' (https://core.trac.wordpress.org/browser/tags/5.2/src/wp-includes/class-wp-term-query.php#L111) This, and also the argument name, gives the impression that these are IDs that will be included in the results, adding terms on the top of the list retrieved by other query arguments. However, what `include` actually does is to restrict the results to terms with the informed IDs. We can see how the class parses this argument here: {{{#!php $inclusions = ''; if ( ! empty( $include ) ) { $exclude = ''; $exclude_tree = ''; $inclusions = implode( ',', wp_parse_id_list( $include ) ); } if ( ! empty( $inclusions ) ) { $this->sql_clauses['where']['inclusions'] = 't.term_id IN ( ' . $inclusions . ' )'; } }}} https://core.trac.wordpress.org/browser/tags/5.2/src/wp-includes/class-wp-term-query.php#L412 And, later, it implodes everything using `AND` as glue, thus reducing the results: {{{#!php $where = implode( ' AND ', $this->sql_clauses['where'] ); }}} https://core.trac.wordpress.org/browser/tags/5.2/src/wp-includes/class-wp-term-query.php#L643 This can also be tested with a simple test like this: {{{#!php function test_include() { $term1 = wp_insert_term('black', 'category'); $term2 = wp_insert_term('blue', 'category'); $term3 = wp_insert_term('green', 'category'); $query = new \WP_Term_Query(['search' => 'bl', 'hide_empty' => false]); $found_ids = array_map(function($el) { return $el->term_id; }, $query->terms); $this->assertEquals(2, sizeof($query->terms)); $this->assertContains($term1['term_id'], $found_ids); $this->assertContains($term2['term_id'], $found_ids); $new_query = new \WP_Term_Query(['search' => 'bl', 'hide_empty' => false, 'include' => $term3['term_id']]); // returns empty results $found_ids = is_array($new_query->terms) ? array_map(function($el) { return $el->term_id; }, $new_query->terms): []; // All tests fail $this->assertEquals(3, sizeof($query->terms)); $this->assertContains($term1['term_id'], $found_ids); $this->assertContains($term2['term_id'], $found_ids); $this->assertContains($term3['term_id'], $found_ids); } }}} = Proposal = Change this behavior is not recommended because there might be many people relying on this, especially because **there is no other argument to get terms by term_id** (!!!), so this is the one to use in these cases. However, we should: * Change the documentation, and explain it better what this argument does = Suggestion = We could also: * Change the argument name for something more straight forward, such as `include_only` (or simply `term_ids`), deprecating but keeping the old `include` for backward compatibility * Implement another argument that does this include" leogermani 48285 wp-config-sample.php should default to `utf8mb4` instead of `utf8` character set has-patch Database 5.3 normal minor Awaiting Review enhancement assigned 2019-10-11T03:50:07Z 2022-09-27T22:57:02Z "MySQL's `utf8` character encoding is not a correct implementation of the standard and doesn't work with 4-byte characters, which includes many emoji. `utf8mb4` is the corrected implementation. See https://medium.com/@adamhooper/in-mysql-never-use-utf8-use-utf8mb4-11761243e434 or just google ""mysql utf8 vs utf8mb4"" It would seem wise for `wp-config-sample.php` to default then to `utf8mb4` instead of `utf8` so that new installations have the improved character set." bchecketts 9 48289 wp_normalize_path() breaks path_is_absolute() in Windows. SergeyBiryukov needs-unit-tests Filesystem API 5.2.3 normal normal Future Release defect (bug) reviewing 2019-10-11T08:49:20Z 2021-04-08T07:28:58Z "Apologies in advance if this is considered correct behaviour, but it's strange that this is the case. On **Windows**, when you take an absolute file system path and use `wp_normalize_path()` and then pass this result to `path_is_absolute()`, you get `false` instead of `true`. Super simple demo: {{{#!php <?php var_dump( path_is_absolute( __FILE__ ) ); var_dump( path_is_absolute( wp_normalize_path( __FILE__ ) ) ); }}} *nix Result: {{{ bool(true) bool(true) }}} Windows Result: {{{ bool(true) bool(false) }}} " paultgoodchild 9 48299 "When ""big_images"" are automatically scaled, communicate with a UI message" Media normal normal Awaiting Review enhancement new 2019-10-12T19:36:49Z 2019-10-25T15:33:39Z "The new big_image handling is done behind the scenes automagically which has a couple of downsides: 1. If a user actually wants a huge image for some reason, they’re going to be confused about what’s happening. 2. By fixing the issue for them with no communication, we’re missing out on the opportunity to better inform people about why they shouldn’t be uploading massive images to begin with. Proposal: Add a UI message to communicate “hey, we fixed this huge image for you. Here’s why [insert link to helpful article]” I would be happy to help contribute to such a document. The addition of the Alt text message in the UI is a great model for how such communication can help educate and inform site owners. " webtrainingwheels 8 48300 metadata registered using register_meta() do not persist through several tests Build/Test Tools 5.1.1 normal normal Awaiting Review defect (bug) new 2019-10-14T15:09:21Z 2023-03-24T18:59:13Z "When you register a metadata using `register_meta()` function, or one of its variants, such as `register_post_meta()`, the metadata is present in the response of `get_registered_meta_keys()` only in the first test of a file... I found this issue writing tests for a plugin, in a structure created based on the `wp scaffold plugin-tests` cli command. = How to reproduce = Write a plugin with jus this simple code: {{{#!php <?php add_action('init', 'test_register_post_meta'); function test_register_post_meta() { register_post_meta('post', 'test_meta', [ 'show_in_rest' => true, 'single' => true, 'type' => 'number', 'description' => 'test metadata' ]); } }}} And then run these simple tests: {{{#!php <?php class TestRegisterPostMeta extends \WP_UnitTestCase { function test_register_post_meta() { $registered_meta = get_registered_meta_keys('post', 'post'); $this->assertArrayHasKey('test_meta', $registered_meta); // it passes! } function test_register_post_meta_again() { $registered_meta = get_registered_meta_keys('post', 'post'); $this->assertArrayHasKey('test_meta', $registered_meta); // it fails! } } }}} This is very odd, but the second test, which is identical to the first, fails. " leogermani 8 48308 Is it possible to make Phone number as a default field in Contact Info section in users admin details page. Users 5.2.3 normal normal Awaiting Review feature request new 2019-10-15T08:31:14Z 2019-10-15T08:31:14Z It would be better if WordPress provide default field for Phone Number in Users admin page since Phone Number is a common field same as email id now a days. rajilesh 48311 "Page removal in wp clean install ""The response is not a valid JSON response""" Editor 5.2.4 normal normal Awaiting Review defect (bug) new 2019-10-15T15:50:28Z 2019-11-11T22:29:49Z "Question to hosting provider support bug launch conditions: Clean wp install today, basic Theme, no plugins. Created test site can not be removed from editor - ""The response is not a valid JSON response"" response."" The page can only be removed from wp pages overview. Sorry for my talk awkwardness (i have no idea what is it about just forwarding) Vladimir extasica.com bug report cause from hosting provider: we found a bug in WordPress itself, when pressing the ""Remove"" button is sending a POST request to the webserver with JSON data, but they do not have the correct end. The data includes an EOF character (the end of the file - this should end the data), followed by another character - n (new line). Therefore, the JSON parser crashes in our Modsecurity application firewall and the application receives a ""The response is not a valid JSON response"" response. Original Czech hosting provider text ""nalezli jsme chybu v samotné aplikaci WordPress, kdy po stisknutí tlačítka ""Odstranit"" je odeslání POST požadavek do webserveru s JSON daty, která však nemají správný konec. Součástí dat je znak EOF (konec souboru - tímto by měla data končit), za kterým ale následuje ještě další znak - n (nový řádek). Z toho důvodu JSON parser v našem aplikačním firewallu Modsecurity zhavaruje a aplikace obdrží odpověď ""The response is not a valid JSON response""." motmat 1 48315 Scheduling already published posts or pages causes 404 error on page Revisions normal normal Awaiting Review enhancement new 2019-10-15T20:44:41Z 2023-10-12T14:21:33Z "Scenario: If you have a live published page and need to make some changes to it but those changes shouldn't be visible until a certain time. **Steps** 1. Edit a published post 2. Change the publish date to future date and click update Result: The post is now unpublished! (404 error) Expected: New changes I made to update/appear on the scheduled date without taking down the page with a 404 error in the meantime. Solution: Draft a revision of a published post without un-publishing it? There is discussion about it here from a while ago, but none of the solutions or plugins are good: https://wordpress.stackexchange.com/questions/3986/is-there-any-way-to-draft-a-revision-of-a-published-page-or-post-what-workaroun https://redearthdesign.com/help-center/update-live-wordpress-page-post/ This seems like a common workflow?" wpfed 6 48316 "Changeset 46482 breaks upload when using "".."" in upload_path." dev-feedback Filesystem API 5.2.4 normal normal defect (bug) reopened 2019-10-15T21:01:42Z 2024-02-07T13:39:06Z "Hi, We just found out that changeset [46482] in the latest WordPress 5.2.4 broke a huge number of our customer's sites (tens or thousands). We uses a separate subdomain as upload directory. This is done by changing the option ""upload_path"" to ""../../media.example.com/www/"" (and ""upload_url_path"" to ""http://media.example.com""). This change means that new directories (for example ""./2019/10/"") can't be created, which breaks the entire upload functionality. If this changeset fixed some critical vulnerability which can't be fixed another way or if we are the only ones utilizing this feature, so be it. Otherwise this change might have to be reverted and reimplemented some other way. " xpoon 31 48323 Signup link redirect is not filtered on multisite when a blog is not found has-patch Networks and Sites normal normal Awaiting Review defect (bug) new 2019-10-16T10:47:16Z 2019-10-16T19:29:18Z "The signup link redirect is not filtered for multisite when a blog is not found. Usually, the links are generated using `network_site_url( 'wp-signup.php' )` which applies the `network_site_url` filter but not when a redirect occurs because the blog is not found. The relevant piece of code is here: https://github.com/WordPress/WordPress/blob/5.2.3/wp-includes/ms-load.php#L396-L435 I know that this code loads before plugins, but it is loaded after `sunrise.php`, so the filter cand be added in that file. I've attach a patch for this." calin 48328 IIS 7+ with standard FCGI an URL_REWRITE mangles REQUEST_URI Bootstrap/Load 5.2.3 normal major Awaiting Review defect (bug) new 2019-10-16T15:45:55Z 2019-10-16T15:51:41Z "Currently, line 65 in load.php will ONLY recover the original URL, IF IIS is still run in the outdated ISAPI mode, and using third-party Rewrites. {{{#!php <?php // Fix for IIS when running with PHP ISAPI if ( empty( $_SERVER['REQUEST_URI'] ) || ( PHP_SAPI != 'cgi-fcgi' && preg_match( '/^Microsoft-IIS\//', $_SERVER['SERVER_SOFTWARE'] ) ) ) { // IIS Mod-Rewrite if ( isset( $_SERVER['HTTP_X_ORIGINAL_URL'] ) ) { }}} However, if IIS is run with the now-standard FASTCGI, and IIS' own URL-REWRITE module, then the original URL is NOT recovered from IIS' URL-REWRITE module. URLs like: www.wordpress.site/somepath/ferrari-166-mm-0308m-%e2%8b%9f-0328m/?queryparameters=something are mangled to: www.wordpress.site/somepath/ferrari-166-mm-0308m-?-0328m/?queryparameters=something resulting in multiple ""?"" occurrences in the URL. The following patch at line 93 in wp-includes/load.php will add compatibility with the IIS versions of the past 10 years: {{{#!php <?php } // PATCH STARTS HERE *** Fix for IIS when running URL_REWRITE elseif ( ( PHP_SAPI == 'cgi-fcgi' ) and isset( $_SERVER['IIS_UrlRewriteModule'] ) and isset( $_SERVER['UNENCODED_URL'] ) ) { $_SERVER['REQUEST_URI'] = $_SERVER['UNENCODED_URL']; // Note: 'HTTP_X_ORIGINAL_URL' actually holds an encoded (non-original) version. } // Fix for PHP as CGI hosts that set SCRIPT_FILENAME to something ending in php.cgi for all requests }}} " Andy Schmidt 2 48331 Snoozing the admin email verification screen when a user initiates/confirms a site email change dev-feedback Site Health normal normal Awaiting Review enhancement new 2019-10-16T19:45:01Z 2019-12-06T14:21:48Z "When presented with the admin email verification screen, clicking update takes you to the `Settings > General` page where the user can update the email address. But, even if the user initiates an admin email address change (which requires a confirmation URL in an email to be clicked), they will continue to see the verification screen until they click to confirm the email is correct or ""Remind me later"", even if the email change request is confirmed. When a user navigates to the Settings > General page from clicking Update on the verification screen and follows through to initiate a request to change the admin email, the verification screen should be snoozed the same as clicking ""Remind me later"". Being consistently presented with the verification screen could cause the user to confirm the email just to get the notice to stop. When a request to change the email is confirmed, both the old and new email receive a notification informing them of the action. The verification screen could probably be snoozed same amount of time as `admin_email_check_interval` at that point." desrosj 3 48336 Global block editor image styles causing problems Editor 5.3 normal normal Awaiting Review defect (bug) new 2019-10-17T05:34:17Z 2019-10-18T01:54:32Z "I was just testing WordPress 5.3 RC1 on my site and I noticed that the images layout was broken in one of the elements. The element is a custom theme element that is outside the main content area (it is not added from the editor). Then I noticed the following global CSS that is added globally for all images on the front-end in the /wp-includes/css/dist/block-library/style.css: {{{ img { max-width: 100%; height: auto; } }}} I think that there will be many others affected by this global CSS, especially the `max-width: 100%;` property. Some more dynamic elements (like sliders) that assume the default image max-width being none, and need the image to overflow its parent will now look broken with this global rule. I'm not very familiar with the block editor internals, but I believe that those styles should be somehow scoped to the block editor elements only and not applied globally to all elements on the front-end. " dennis_f 4 48345 Add Caps lock message to login screen Login and Registration normal normal Future Release feature request new 2019-10-17T12:05:10Z 2023-05-23T07:36:58Z "Users are often experiencing issues logging in which is a result of them having CAPS LOCK on, without them realising. Many wireless keyboards too don't have a light on them, which makes noticing this even trickier. There are a number of plugins available that will flag to the user when the CAPS LOCK is on (a message rather than a warning as it may be intentional!) but it would make sense for this to be added into core (possibly alongside other request improvements, such as the ability to display the typed password). Apologies if this is already a ticket - I did look but my search-fu on Trac isn't great." dartiss 8 48360 `meta_value` is ignored when empty string is provided Query 3.2 normal normal Awaiting Review defect (bug) new 2019-10-17T16:40:23Z 2020-02-13T12:30:59Z "When trying to create a custom query using `meta_*` parameters, `WP_Meta_Query` will ignore `meta_value` if it is an empty string. This does appear to be somewhat intentional, since `WP_Query` will set the default value for `meta_value` to an empty string. This can be seen here: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-meta-query.php#L255 The problem comes when you want to write a query that specifically targets meta keys that have empty values. The `'meta_value' => ''` parameter is stripped, and then the query does not behave properly. Here's an example query: {{{#!php <?php $args = array( 'post_type' => 'product', 'posts_per_page' => 10, 'meta_key' => '_regular_price', 'meta_value' => '', 'meta_compare' => '=', ); $query = new WP_Query( $args ); }}} I would like to propose that an empty string be allowed for `meta_value`. Alternatively, the fact that an empty value will be stripped should at least be documented more clearly so that developers know to expect that behavior. Props also to @richardbuff for helping identify the issue." JPry 3 48361 Select Files on iOS doesn't trigger on modal if start on Upload Files tab and switch to Media Library tab adamsilverstein Media normal normal Awaiting Review defect (bug) assigned 2019-10-17T23:27:06Z 2019-11-03T19:46:59Z "Hello, I came across an odd issues on a client site recently using ACF and the Gallery field so I did a fresh install and found the issue resides in core as well. In short the 'Select Files' button doesn't trigger the uploader if you trigger the media modal starting on 'Upload Files' and then switching to 'Media Library' when there's no files present. To reproduce use an iOS device (iPad/iPhone); 1. Install a clean WordPress 2. Create a new post. 3. Add a Gallery block 4. Click the 'Media Library' button. 5. If your Media Modal opens with 'Media Library' tab selected then switch to 'Upload Files' and reload the screen. 6. Your Media Modal should open on 'Upload Files' now. 7. Switch to the Media Library tab now. 8. Click the 'Select Files' button that appears below the 'No items found' text. 9. Note the uploader isn't triggered. This seems to only occur when there's no items in your media library and you are using the Media Modal but your settings have it open on 'Upload Files' first and then you switch to 'Media Library'. I initially came across this with an ACF Gallery field, but in my clean install it was the Gallery block that I was able to reproduce the issue with. All the best, Cheers " garrett-eclipse 2 48364 (Needs confirmation) When updating plugins, WordPress won't update any new plugin updates that are found Upgrade/Install 5.2.3 normal minor Awaiting Review enhancement new 2019-10-18T02:14:15Z 2019-10-18T02:56:04Z "On a number of occasions, I've noticed that when I go to wp-admin/update-core.php and tell it to update my plugins, the system will: 1. Update most of the plugins 2. Report that all the plugins were successfully updated 3. Still report that a few plugins need to be updated That's very confusing to end users, because how can there be more plugin updates if all of their plugins were supposedly just updated? I've seen that bug happen many times, but only just now did I notice something else; after you click the ""Update Plugins"" button, the little orange notification number will sometimes increase after a second or two. That makes me think that the update function is checking for new updates but not adding them to the list of plugins to update. Since the only plugins that get updated are the ones that were ""checked"", it does make sense that new updates wouldn't automatically be added. That said, the process still seems clunky overall. Maybe it would be better to check for updates before the wp-admin/update-core.php page loads? That way the user would be presented with the actual list of plugins that need to be updated, rather than a partial list. It would block the page load for a few seconds, which is undesirable, but in most cases I think that would be a better behavior that the current one, which occasionally requires you to update your plugins twice and gives little explanation of what's going on. Note that there's a lot of partial speculation above, and the nature of this issue makes it hard to consistently reproduce." pikamander2 48365 No 301 redirection for Numeric style permalink structure Permalinks normal normal Awaiting Review defect (bug) new 2019-10-18T02:43:11Z 2019-11-11T22:34:52Z " Hi :) If permalink structure is **Post name** style and I changed it to **Numeric**. the post get a 301 redirect from http://newwp.local/hello-world/ to http://newwp.local/archives/1 but not so happen with permalink structure **Numeric**. when the current permalink structure is **Numeric** and I changed it to **Post name** or anything else. ideally, the post should get 301 redirection from http://newwp.local/archives/1 to http://newwp.local/hello-world/ but this is not happening. post giving 404 error instead of 301 redirecting to the correct URL format. when I try to access the post with http://newwp.local/archives/1 Thanks Naveen Giri " 1naveengiri 1 48366 Export valid paragraphs HTML with wpautop applied Export normal normal Awaiting Review enhancement new 2019-10-18T12:26:13Z 2021-05-25T18:23:11Z "WordPress exports post content mostly as is from database. It runs through `the_content_export` filter, which does not by default have any of the typical `the_content` filters added. The most visible impact is that `wpautop()` is not applied and paragraphs have no `<p>` tags around them. Effectively this makes exported content corrupted for systems other than WordPress itself. In spirit of ""own your data"" I suggest this is reconsidered, in favor of exporting valid platform-agnostic HTML markup. From a quick look on implementation levels it seems just adding `wpautop()` might not be sufficient due to a special blocks-related logic in WP 5+ ? Or can that be ignored for export purposes?" Rarst 48369 Uploaded media files created with incorrect permissions if directory set to 751. Upload 5.2.3 normal normal Awaiting Review defect (bug) new 2019-10-18T17:20:11Z 2021-04-22T02:23:44Z " I discovered a very strange issue.. Files uploaded in the Media Library are having permissions set of 640 instead of 644. I’ve tried setting a umask in the wp-config.php file, eg define(‘FS_CHMOD_FILE’,0644); This seems to have no effect. Strangely, there are a number of wordpress sites on this box. Only 2 of these have this issue and the others all work fine and set the permissions to 644. I have uploaded a simple PHP upload script to see if this is a PHP issue, but using the simple upload script the permissions are set to 644.. So I’m sure this is a wordpress issue. I’ve then re-installed wordpress in the Admin interface, this didnt make any difference, I’m running 5.2.4 – the latest, I don’t think we had this issue before the last update but I cannot be 100% sure of that.. After digging in File.php I added some debug code: // Set correct file permissions. $stat = stat( dirname( $new_file ) ); error_log(“JSG: STAT MODE $stat[mode]”); // new line $perms = $stat[‘mode’] & 0000666; error_log(“JSG: $perms”); // new line [18-Oct-2019 15:18:13 UTC] JSG: STAT MODE 16873 [18-Oct-2019 15:18:13 UTC] JSG: 416 <– this is bad right? On another site which works fine with the same debug code I have: DRT JSG: STAT MODE 16877 DRT JSG: 420 This made me look at the code and realise the issue.. If the DIR is set to 751, then the permissions on uploaded files are changed to 640.. but if the dir is 755 the permissions are set to 644.. Having permission of 751 is acceptable from a security point of view because the server does only needs to excuse permission on the dir to access the files within it. " jonathangilpin 2 48370 "Add ""next/previous"" links to Edit Post screen" dev-feedback Posts, Post Types normal normal Awaiting Review feature request new 2019-10-18T17:37:06Z 2019-10-19T10:39:15Z "Maybe a good idea for blogs or shops to have some sort of ""next/previous"" links inside the edit post page so it's easier to navigate through posts, pages and products without leaving the edit page. At the moment it's a bit un-logical since when i am on page 5 and i open a post i want to edit then after i have updated it i want to edit the next one or the previous one in the list. Only way possible is to click on all posts but then your back to page 1. You can do a go back through the browser back tab but that's not the proper way to work. " Hein35 2 48373 Widgets area grouping Widgets normal normal Awaiting Review feature request new 2019-10-20T03:57:29Z 2019-10-20T03:57:29Z "The recent wordpress project I have been working on is news magazine, which has over 30 widgets areas for some reasons. I find it so difficult to drag and drop widget to specific widget area, just for the reason that there are so much areas. We can also place widgets to an specific area by selecting name, but here too, so much names. I though that grouping areas would solve this problem, so, how do we group? {{{#!php <?php /** * `Homepage` group */ register_sidebar(array( // Existing parameters + 'name' => __('Banner area', 'td'), 'group' => 'Homepage' //@here )); register_sidebar(array( // Existing parameters + 'name' => __('Footer1', 'td'), 'group' => 'Homepage' //@here )); /** * `Single page` group */ register_sidebar(array( // Existing parameters + 'name' => __('Banner area', 'td'), 'group' => 'Single page' //@here )); register_sidebar(array( // Existing parameters + 'name' => __('Footer1', 'td'), 'group' => 'Single page' //@here )); }}} So, based on these sidebar registrations, wordpress will show dropdown having two options, Homepage and Single page on the widgets page right above areas listing. I think this thing is much likely to be related to core WP. I am interested to contribute WP too, but have never done before. Can I directly make pull request to git wordpress repo, or how do I?" dipakw 48375 Introduce a separate capability for trashing a post Posts, Post Types normal normal Awaiting Review enhancement new 2019-10-20T20:40:44Z 2020-01-06T20:06:53Z "Related: #41674 It's sometimes desirable to allow users to trash posts but not permanently delete them once trashed, nor empty the trash. There should be a meta capability, `trash_post|trash_posts`, which by default maps to `delete_post|delete_posts` which is used when a post is trashed instead of deleted. This would allow a plugin to grant a user the ability to trash posts but not permanently delete them." johnbillion 1 48385 Gutenberg blocks in the WP admin dashboard Administration normal normal Awaiting Review feature request new 2019-10-21T13:44:16Z 2019-10-21T13:44:16Z "It would be nice to have Gutenberg blocks available in the WordPress admin backend Dashboard. Adding blocks to the dashboard we would be able to create a more informative dashboard for clients. For instance adding a video, a custom message and other blocks. Having a dashboard that we can customize. I originally made the issue here: https://github.com/WordPress/gutenberg/issues/16430 " paaljoachim 48393 Fix from #38903 prevents options autoload parameter update SergeyBiryukov* dev-feedback Options, Meta APIs normal major Future Release enhancement accepted 2019-10-22T07:46:00Z 2023-08-28T21:00:43Z "This is a follow-up to #38903. 3 years ago fix for not * If the new and old values are the same, no need to update. * But this condition does not check if method call intention was to update autoload field of the option. Currently the issue can be resolved by force update options when update_option method is called with autoload != null and check * If the new and old values are the same, no need to update. * should be skipped." anonymized_16833402 11 48399 Recovery mode can stick the admin in a bad state Site Health 5.2 normal normal Awaiting Review defect (bug) new 2019-10-22T16:18:42Z 2019-11-21T10:54:55Z "I got an error because a local class hadn't been copied to test wp directory, and got the ''Your Site is Experiencing a Technical Issue''. I tried the enter_recovery_mode link in the email and got a different looking login, and the frontend site is blank. Even after the issue is fixed and all theme files are copied over, no fatal errors in the log, it still is blank. When I open in new container tab or different browser, the site is fine, seems like this could cause more confusion than help since this recovery-mode can make the site blank and it is cookie-based, it probably should mention this in the email that they will be seeing not what everyone else sees, even if issue is fixed?" programmin 1 48408 Introduce eagerloading of meta data reporter-feedback Query normal normal Awaiting Review enhancement new 2019-10-23T13:49:00Z 2019-10-23T14:01:39Z "I believe it should be possible to introduce eagerloading to postmeta/attachments. In ""Laravel"" language you would do: <?php $posts = Post::with('meta')->take(10)->get(); ?> Which would produce two queries: 1) for the posts table 2) for the post_meta table where post ids IN posts result. That would produce TWO queries to fetch 10 posts and ALL of its meta data, instead of currently where it produces a lot of requests to the database. A SO user produced a draft that illustrates how it could work, see: https://wordpress.stackexchange.com/a/225743/50042 Speed is alfaomega in these times, and I think WordPress should take it way more serious." mattiasf 2 48410 `wp_insert_post()` can result in duplicate post data Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-10-23T15:04:14Z 2020-01-02T02:10:25Z "If 2 identical calls to `wp_insert_post()` are made close enough together, 2 posts are added to the database instead of 1. These posts differ by post ID only. The slug for example is the same. This seems to happen because `wp_insert_post()` does a fair amount of processing before the database write takes place. The check to determine if a post already exists can be _stale_ at the point of insertion." henry.wright 2 48414 Enhancement: feed_links_extra needs filter to remove a feed from pages Feeds normal normal Awaiting Review enhancement new 2019-10-23T19:40:25Z 2019-10-23T19:40:25Z "Use case: If your site doesn't have comments, or uses a service like disqus, the singletitle feed is useless and always empty (since comments are open, just not using wordpress native commenting). I'd like to be able to remove it from the header. Other use cases are if people do not want to provide an RSS feed for a tags or authors. Suggestion: allow a filter on feed_links_extra to eliminate the echoing of that feed into the header. This ticket proposes filtering the default values: https://core.trac.wordpress.org/ticket/43225 Perhaps modify that to accept null or false values for things like 'singletitle' and if false, skip the creation of that item. " sgatz 48425 `wp_is_mobile()` doesn't detect iPad Safari anymore General normal normal Awaiting Review defect (bug) new 2019-10-24T16:32:48Z 2019-10-24T22:19:48Z With iOS 13.1.3 (at least) `wp_is_mobile()` doesn't detect Safari on iPad anymore, `$_SERVER['HTTP_USER_AGENT']` returns now exactly the same result you get on desktop. manuelmasia 2 48426 Can't update meta via the REST API if an identical value for a field you don't have permission to update is included Options, Meta APIs 4.7 normal normal Future Release defect (bug) new 2019-10-24T18:20:55Z 2020-10-26T21:36:10Z "On WP 5.3-RC2-46575, if you update any meta via the REST API via Gutenberg, all meta gets updated. If any of those meta update attempts fail because of user cap requirements, all meta updates fail because of that user cap requirement. Thus, all registered meta require the same user caps. This happens because all passed-in meta values are iterated through here: https://github.com/WordPress/WordPress/blob/master/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php#L135 And then updated here: https://github.com/WordPress/WordPress/blob/master/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php#L187-L191 From Gutenberg, those update calls fire regardless of whether the value is being changed. I believe this is because the entire Redux store is passed in and iterated over. This causes the issue I mentioned in regards to capability checking with protected meta. Because you can require a user capability for protected meta through the auth_callback when running register_meta, any unrelated meta could prevent another unrelated piece of meta from being updated. For example, if User A has cap_a, and tries to update _custom_meta_a, but _custom_meta_b requires cap_b, that user cannot update _custom_meta_a without getting a WP_Error here: https://github.com/WordPress/WordPress/blob/master/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php#L258 If we only update meta that has been changed, this should help here. **To replicate the problem follow these steps (props @modernnerd):** 1. Install WP 5.3-RC1 via the WP beta tester plugin by choosing “bleeding edge nightlies” at Tools → Beta Testing. 2. Activate the Twenty Twenty theme (these steps will work with any theme, though). 3. Add this PHP code to the Twenty Twenty theme's functions.php file to add custom post meta exposed to the REST API: {{{ function custom_register_post_meta() { $args = [ 'auth_callback' => 'custom_prefix_require_update_plugins', 'type' => 'boolean', 'single' => true, 'show_in_rest' => true, ]; register_meta( 'post', '_custom_post_meta_one', $args ); $args = [ 'auth_callback' => 'custom_prefix_require_non_existing_cap', 'type' => 'boolean', 'single' => true, 'show_in_rest' => true, ]; register_meta( 'post', '_custom_post_meta_two', $args ); } add_action( 'init', 'custom_register_post_meta' ); function custom_prefix_require_update_plugins() { if ( current_user_can( 'update_plugins' ) ) { return true; } else { return false; } } function custom_prefix_require_non_existing_cap() { if ( current_user_can( 'this_cap_does_not_exist' ) ) { return true; } else { return false; } } }}} 4. Edit a post or page. Make a change to the post content and click “Publish” or “Update” to confirm that changes work as expected. 5. In the browser console, display the post meta exposed to the REST API by pasting this command and typing enter: {{{ wp.data.select( 'core/editor' ).getEditedPostAttribute( 'meta' ); }}} You should see an object that includes your new custom meta: {_custom_post_meta_one: false, _custom_post_meta_two: false} 6. Update _custom_post_meta_one to 'true' with this command (this persists the data to the Redux store, but not the database): {{{ wp.data.dispatch( 'core/editor' ).editPost( { meta: { _custom_post_meta_one : true } } ); }}} Note that this is just a simplified test case. It emulates a plugin or theme updating meta via the WP API, without having to install a plugin or theme that uses custom post meta and Gutenberg. 7. Click Update in the post editor to save your post meta changes to the database. You'll see **“Updating failed. Error message: Sorry, you are not allowed to edit the _custom_post_meta_two custom field.”.** The thing is, _custom_post_meta_two wasn't actually updated or changed by the user, yet their lack of permissions for _custom_post_meta_two is preventing them from updating _custom_post_meta_one. I looked at doing a comparison check prior to saving for the saved value vs the new value, but because the saved value is always a string when coming from the database, you can't do strict checking, which could be problematic. So I am not sure what the fix needs to be here. " johnstonphilip 8 48432 WordPress updates broken with proxy and non routed environment HTTP API 5.2.4 normal major Future Release defect (bug) reopened 2019-10-25T11:41:39Z 2022-02-17T17:05:29Z "Hi, This change [46475] broke updates when you're using proxy and you don't have DNS resolution/routing for the outside world. (like corporate networks) Issue came up with this url https://downloads.wordpress.org/plugin/multiple-domain.zip parsed_url: {{{ Array( [scheme] => https [host] => downloads.wordpress.org [path] => /plugin/multiple-domain.zip ) }}} I think it worked before because {{{ if ( empty( $parsed_url['port'] ) ) { return $url; } }}} returned the URL and not false. I tested changing it back to {{{ $ip = false;}}} and I was able to update plugins." sooslaca 12 48435 WordPress update: updating by transferring partial packages Upgrade/Install normal normal Awaiting Review enhancement new 2019-10-26T10:09:57Z 2019-11-16T14:50:09Z "This is a request or enhancement, more than a bug. It is inspired by looking at https://wordpress.org/download/counter/ and the mostly unknown impact of the internet ([https://www.theguardian.com/environment/2015/sep/25/server-data-centre-emissions-air-travel-web-google-facebook-greenhouse-gas]) on our environment. Disclaimer: I am not technical enough to be able to judge the impact of this request or the possibility of implementing it. Nevertheless... So, WordPress' size is increasing with every release. Its size determines how much electricity is needed to transfer the zip file from server to server. Since the internet is still largely running on non-renewable energy, each WP install and update has an impact on the environment. It would be great to reduce this impact.co2 I think that there is a lot of thinking about what gets into WP core, but it is always interesting to reconsider things or at least keep the impact of adding another library in mind. However, I wonder whether it could be possible to update WP without having to transfer the whole package. If this is already the case: great, please close this ticket! Thanks and I am sorry. We're doing fine. ;-) If not, could we consider to implement something like updating WP by sending only the parts that are necessary (modified)? This would not only decrease the impact of each update on the environment, but also make updates much quicker. I realise that this means adding additional complexity. There should be packages available for different cases. For example, an update from 4.9 to 5.3 would be a different package than from 5.2 to 5.3. Also for minor updates. We could start incrementally, like minor updates? If I am not mistaken, this is how operating system updates happen for Apple OS and Windows. Oh, WP 5.2 has been downloaded about 1000 times **while writing this ticket**. ''That is roughly about 16 kg of CO2 emitted and equals to driving more than 120 km (75 miles) by car (130 g CO2/km (https://ec.europa.eu/clima/policies/transport/vehicles/cars_en))." LittleBigThing 3 48436 Media: fix the layout of Gallery settings in the media modal dialog Media 3.9 normal normal Awaiting Review defect (bug) assigned 2019-10-26T12:53:10Z 2020-11-01T11:47:20Z "In WordPress 3.8, the gallery settings in the media modal right sidebar were well aligned: [[Image(http://cldup.com/eEOQrDgtO6.png)]] The alignment broke pretty soon in WordPress 3.9, see [27487] / #26631. The CSS was changed to adjust the styling for the audio / video playlists settings but it broke the gallery details settings: Screenshot from WordPress 3.9: [[Image(http://cldup.com/EP_dN25J_v.png)]] That's because the playlist settings are not intended to be aligned in two ""columns"": [[Image(http://cldup.com/9djN13Naos.png)]] The gallery settings are fully operable, so this is just a minor visual glitch. Regardless, the layout is broken since March 2014 and still needs a fix on current trunk, even after the many changes to the media modal form controls markup and CSS, see [45499] / #47122. [[Image(http://cldup.com/XfzKug_020.png)]] " afercia 4 48442 "deleting a site leaves ""orphaned"" user options" Networks and Sites normal normal Awaiting Review defect (bug) new 2019-10-27T20:15:02Z 2019-10-27T20:15:02Z "When a site/blog is deleted, whether from the Network > Sites screen or via `wp_delete_site()`, most ""per site"" user options (i.e., those added with `update_user_option()` where `$global == false`) remain in the `usermeta` table. The `capabilities` and `user_level` ones are deleted, but all others remain. Core adds at least the following such user options: * `dashboard_quick_press_last_post_id` * `media_library_mode` * `user-settings` * `user-settings-time` and plugins often add others (e.g., classic editor adds `classic-editor-settings`). In a large network (with many users and many sites that have been deleted) this can result in significant bloat to the `usermeta` table. To reproduce: 1. create a network and add at least 1 site in addition to the main site (e.g., with `blog_id == 2`) * can be either sub-domain or sub-directory network 2. visit the dashboard of the site with `blog_id == 2` * this will create the `wp_2_dashboard_quick_press_last_post_id` user meta 3. delete the site with `blog_id == 2` 4. see that `wp_2_capabilities` and `wp_2_user_level` user metas have been deleted from the `usermeta` table but that `wp_2_dashboard_quick_press_last_post_id` remains" pbiron 48452 Proposal: improve distinction between buttons and other controls Administration normal normal Future Release enhancement new 2019-10-28T21:08:05Z 2021-03-02T16:32:57Z "New button styles were introduced in ticket #34904. As discussed in the comments on this blog post, [https://make.wordpress.org/design/2019/09/06/discussion-higher-contrast-form-fields-and-buttons/ Discussion: Higher contrast form fields and buttons], the secondary (or default) button style is no sufficiently distinct from input fields and other similar UI controls. This ticket attempts to remedy the issue and create a consistent styling of UI controls that is more usable. By seeing a set of UI controls together, we can figure out the best approach holistically. **The main concern that was raised is that the new default buttons are styled similarly to inputs, and it could be confusing for folks if they can't differentiate them.** Example: [[Image(http://cldup.com/wvn2VchDdY.png)]] Proposed solutions, compared directly: [[Image(http://cldup.com/vYhbr_PI36.png)]] - Option A: subtle background color, bold text - Option B: blue and bold text - Option C: subtle drop shadow, bold text In context, with more UI: Option A [[Image(http://cldup.com/7nma8vFVbm.png)]] Option B [[Image(http://cldup.com/XYDICcgCV7.png)]] Option C [[Image(http://cldup.com/bThhBvpVUp.png)]] --- Something to be considered separately from color and shadow is shape. What about using square corners for text inputs? [[Image(http://cldup.com/z8G9_qr_AX.png)]] Note: - These mockups do not include interactive states, although those will need to be explored. I think it's important these styles stand on their own first. - Testing these styles in the context of a real UI in WordPress will be the next step. - Please ignore labels and text. This is just to test the UI styling. - Text is using the default macOS system font. - Even though dark mode doesn't exist in WP, it's a good test to see how the styles hold up in an inverted color scheme. - I believe all proposed solutions meet AA color contrast guidelines. - Shadows will be removed it Windows high contrast mode, and we need some other visual indication other than color to distinguish the UI elements. This is my first ticket, so apologies if I missed any standard practices." drw158 22 48456 Update CodeMirror to latest version early External Libraries normal normal Future Release enhancement new 2019-10-29T07:55:36Z 2022-10-05T19:48:17Z "From what I can see in the [https://core.trac.wordpress.org/browser/trunk/src/js/_enqueues/vendor/codemirror/codemirror.min.js JS file], we are using CodeMirror version 5.29.1 which is over 2 years old, according to https://codemirror.net/doc/releases.html A lot has happened since then, with the current release being 5.49.2. We should update and set a good example. Getting this in early for 5.4 will allow for testing." TobiasBg 5 48457 Requests library depends on PHP zlib close External Libraries 4.6 normal normal Awaiting Review defect (bug) new 2019-10-29T10:56:23Z 2022-10-05T13:36:34Z "Currently the Requests library checks for zlib in some locations, but not others, before using it. This means it's possible to get a fatal error because `gzinflate()` is undefined, for example when trying to fetch content from the WordPress.org API. Specifically noticed in `compatible_gzinflate()`, at line 947." Clorith 1 48459 Unable to list users with 'No role for this site' Users 5.2.4 normal normal Awaiting Review defect (bug) new 2019-10-29T17:07:37Z 2019-10-30T09:26:54Z "I noticed that I had one user registered on my site with 'No role' in the summary. However, clicking on 'No Role' lists all [?] users, rather than the one I wanted [so I could remove it]. The only way to find it was to page through all the users (in my case the 3rd) until I found one with a role of 'None'. To reproduce: Create a user; Edit the user and set role to 'No role for this site'; List all users; Click on 'No role' in the summary. This **should** display just the one user? [Is it significant the summary shows as 'No role' but the listing shows 'None'] " ahall41 4 48462 Download from Media in Backend Media 5.2.4 normal normal Awaiting Review feature request new 2019-10-30T10:48:12Z 2019-11-15T15:26:41Z "It would be great to quickly download multiple images/files from the media in the backend. This would speed up the editing process, when an editor needs help with image editing. Mark multiple images > click download." diebombe 3 48464 Issues with non-breaking spaces on Windows Editor normal normal Awaiting Review defect (bug) new 2019-10-30T11:01:40Z 2020-08-17T14:21:36Z "Hello, I recently noticed an issue with non-breaking spaces: when inserted with keyboard shortcuts (like `ALT+255` on Windows or `ALTGr+<` using an enhanced keyboard), they seem to be removed by WordPress (or not interpreted as such at all). We need to add them either by typing ` ` or by pasting it from an external file. Which is not very convenient. With @webaxones and @audrasjb we did some digging, here's what we found: 1/ It seems to appear only on Windows (tested on Windows 10) since JB tested it on his Mac and couldn't reproduce it 2/ It does not seem to be browser specific since we reproduced the bug on Chrome 78.0.3904.70 and Firefox 70.0; 3/ It's not plugin related since I've been able to reproduce it on a fresh install; 4/ It's not somehow Gutenberg related since I've been able to reproduce it on a totally random old version: WP 4.7.7 (fresh install as well, haven't tried with older versions); 5/ It may be related to #26842; 6/ Other shortcuts works fine; 7/ We tested the shortcuts on other browser-based editors (like Google Docs) and they work fine. As far as we know, it could be either (or both): - A very old issue with WordPress - A bug related to a change made in Windows or in browsers that affects how WordPress interacts with these shortcuts. Thanks, " peexy 5 48469 Selecting Media File as image block link creates blob URL if large image still being processed Media 5.3 normal normal Future Release defect (bug) new 2019-10-30T17:05:54Z 2019-11-05T21:46:36Z "Steps to reproduce... 1. In post editor, select image block. 1. Use ""Upload"" button. 1. Select a large file, e.g. 5120x2880 image. 1. While the image is still being processed (has spinner overlay), select link button on the block and pick ""Media File"". When the post is then saved and viewed, the wrapping link will have an `href` with a value like ""blob:http://example.com/cee61eeb-3bf1-984a-9930-5660bba8a2f8"". If you then go back and edit the post, remove the link from the block, and then re-select Media File as the link type and save the post, expected URL used in post, e.g. ""http://example.com/wp-content/uploads/2019/10/image-scaled-2560.png"" Tested with WP 5.3-RC3." ianmjones 3 48470 Remove the Custom Header and Custom Background admin pages dev-feedback Administration normal normal Awaiting Review enhancement new 2019-10-30T17:30:46Z 2019-10-30T17:30:46Z "I fell into a rabbit hole today looking into why the `custom-header.js` file is [https://core.trac.wordpress.org/browser/branches/5.3/Gruntfile.js#L689 specified to not get minified] in `Gruntfile.js`. I did not find an answer to that question (it has been like that since Core switched to the new build process in [25001] and I couldn't find prior discussion), but I realized that the custom header and background pages in the admin should probably be officially deprecated in favor of the Customizer. This is a follow up of #25569, #25571, #28032, which proposed removing these pages, but instead settled on an intermediary set of changes to encourage users, and theme and plugin developers to use the Customizer for this feature instead. Those changes were: - Change the admin menu links from links to `themes.php?page=custom-header`/`themes.php?page=custom-background` to deep links in the Customizer (`https://site.com/wp-admin/customize.php?autofocus[control]=header_image`) - Added an admin notice informing users that the feature can now be managed with live-preview in the Customizer. - Hid the Background and Header links in the admin bar and with CSS when Customizer support is present. This was in version 4.1 (5 years ago). Proper due diligence needs to be performed first, but I'd like to propose removing support for these pages in the admin in favor of redirecting users to the appropriate areas of the Customizer. The pages have been neglected for some time, and the previews are pretty broken for most themes providing a bad experience whenever a plugin or theme has linked to these pages directly." desrosj 48473 WordPress installer should prompt to configure options like comments Upgrade/Install normal normal Awaiting Review enhancement new 2019-10-30T20:15:32Z 2022-02-06T14:09:53Z "It may be useful to prompt users on installation if they want to turn on features e.g. blog comments during installation. My concern is that many newcomers to WordPress may install a site on production and not consider the security and spam implications of leaving comments on. They may only discover the issues later on. My motivation for the above is that WordPress is used by many non-tech savvy users. Thus any assistance to secure the default installation would be helpful. Alternatively, consider making blog comments disabled by default." loopy78 1 48477 Add a hook before creating image sub-sizes dev-feedback Upload 5.3 normal normal Future Release enhancement new 2019-10-31T22:49:49Z 2020-02-10T18:21:29Z "Since things are moving for media thumbnails lately, it could be a good time to add a hook that fires right before thumbnails are created. It would allow plugins to perform operations on the main file for example." GregLone 14 48478 Allow omitting meta keys from the REST API response if they do not exist Options, Meta APIs 4.7 normal normal Awaiting Review enhancement new 2019-10-31T22:54:18Z 2019-10-31T22:54:18Z "Currently, the REST API will include all `show_in_rest` registered meta keys in a response, even if that meta key has no value. When the meta key has no value, either the empty value or a custom default in `show_in_rest.schema.default` is used. If an API client PUTs back this response, the meta key will be created with this default value. This may be undesirable if a user hasn't actually interacted with that meta key. This could be addressed by allowing the user to specify that the meta key should not be included in the REST API if it does not exist. For instance, `show_in_rest.omit_if_not_exists`. Related Gutenberg ticket: https://github.com/WordPress/gutenberg/issues/17864" TimothyBlynJacobs 48480 Add comment_form_opening_tag and comment_form_closing_tag filters Comments normal normal Awaiting Review enhancement new 2019-11-01T12:12:17Z 2019-12-03T15:38:11Z "I'd like to be able to customize the `div#respond.comment-respond` wrapper around the comment form and replace it with a suitable HTML5 element, but it seems to be one of the few things one _can't_ change within the form. Therefore I'd like to suggest two filters added to `comment-template.php:2451`: `apply_filters( 'comment_form_opening_tag', '<div id=""respond"" class=""comment-respond"">' );` And `comment-template.php:2643`: `apply_filters( 'comment_form_closing_tag', '</div>' );`" powerbuoy 1 48481 don't apply wp_initialize_site_args filter until after wp-admin-includes/update.php is loaded has-patch Networks and Sites normal normal Awaiting Review enhancement new 2019-11-01T17:46:04Z 2019-11-01T18:05:36Z "A recent [https://wordpress.slack.com/archives/C03BVB47S/p1572621303020200 slack thread] discussed the desire to have sub-domain installs default the siteurl and home options to https (at least on a given install). in that thread it was suggested that one could hook into `wp_initialize_site_args` to accomplish that. It would be great if one could hook into `wp_initialize_site_args` in a custom `WP_CONTENT_DIR . '/install.php'`. Unfortunately, that isn't loaded until after `wp_initialize_site_args` is applied. Therefore, I suggest that `wp_initialize_site()` should apply `wp_initialize_site_args` only after `wp-admin-includes/update.php` has been loaded (that file in turn loads `WP_CONTENT_DIR . '/install.php'`). Doing that would allow a site owner that new all of the sub-domain sites they were going to add would support https to add something like the following to their `WP_CONTENT_DIR . '/install.php`: {{{#!php add_filter( 'wp_initialize_site_args', 'mysite_https_siteurl_and_home' ), 10, 3 ); function mysite_https_siteurl_and_home( $args, $site, $network ) { if ( is_subdomain_install() ) { $args['options'] = array_merge( array( 'home' => untrailingslashit( 'https://' . $site->domain . $site->path ), 'siteurl' => untrailingslashit( 'https://' . $site->domain . $site->path ), ), $args['options'] ); } return $args; } }}} Related: #14172, #27499" pbiron 2 48485 Custom image size not generated if identical to original size joedolson* Media 5.2.4 normal minor Future Release enhancement accepted 2019-11-03T09:31:22Z 2024-01-29T20:19:18Z "When defining a custom image size using `add_image_size` and uploading an image that has exactly the same dimensions of that image size, the new image size is not added. This also means that -- when adding the newly defined image size -- to the Insert Media screen using the `image_size_names_choose`-filter, the custom image size does not appear in the dropdown menu. Even though I can understand why this happens from a server load / storage point of view, I feel the unexpected behaviour (to end users) is a bigger problem. An even prettier fix would be to detect the custom image size is identical to the original size and map the custom image size URL to the original file URL (e.g. through a symbolic link). {{{#!php <?php if ( function_exists( 'add_image_size' ) ) { add_image_size( 'project-photo', 1920, 1080, false); } function custom_media_sizes( $sizes ) { return array_merge( $sizes, array( 'project-photo' => __( 'Project-foto' ), ) ); } add_filter( 'image_size_names_choose', 'custom_media_sizes' ); }}} " brampeerlings 22 48486 Add compliance tab to plugin repository pages on WordPress.org Plugins 5.3 normal normal Awaiting Review feature request new 2019-11-03T18:46:36Z 2022-01-14T16:01:25Z "== Overview ""Compliance tab"" is a working title that can be amended to be less intimidating and/or more generalized. The benefit of this tab is to provide WordPress site owners who are researching plugins with privacy, accessibility, and other information to determine if this plugin will meet their site needs prior to installation and activation. Ideally, this information can also be used in search and filter scenarios on WordPress.org to find tools compatible with the needs of site owners. == Privacy A privacy statement could include testing done against specific regulatory standards, and a statement of where data is transferred and stored at rest. It should also include any statements that need to be added to a site owner's privacy policy as part of using this plugin. This could potentially leverage the privacy policy post box information currently available under ''Settings > Privacy'', added in WordPress 4.9.6. == Accessibility An accessibility statement could include the WCAG level that the plugin targets (A, AA, etc) and where to file any issues found. == Security A security statement should include code standards followed, measures taken, and who to contact if you find a vulnerability. == Certifications Any certifications that this plugin has undergone for compliance." katwhite 39 48488 Easier disabling of PDF thumbnail creation dev-feedback Media 4.7 normal normal Future Release feature request new 2019-11-03T20:14:48Z 2019-12-03T16:49:09Z "Since #31050 wordpress automatically creates thumbnails for uploaded PDF Files by creating a second attachment post object with the extracted image. While this may be useful for many use cases, in some like ours it is not. Furthermore, it is possible to turn of thumbnail creation for audio and video by using the following simple code ( {{{#!php <?php remove_post_type_support( 'attachment:audio', 'thumbnail' ); remove_post_type_support( 'attachment:video', 'thumbnail' ); }}} ). It would be great to have a similar concept for pdf thumbnails in wp-admin/includes/image.php" pampfelimetten 1 48489 Big image size threshold should take into account registered image sizes. needs-unit-tests Media 5.3 normal normal Future Release defect (bug) new 2019-11-03T20:22:54Z 2023-11-16T11:42:00Z "The ""big image"" upper size threshold is set to `2560`. If an image size is registered that has a width or height larger than this, then the image will be unexpectedly cropped to `2560`. The value that gets passed through to the `big_image_size_threshold` filter should be set to the maximum value of either `2560` or the largest width or height from all registered image sizes. " johnbillion 6 48492 Add 'before_widgetcontent' and 'after_widgetcontent' attributes to register_sidebar Widgets normal normal Awaiting Review enhancement new 2019-11-04T08:21:13Z 2019-11-04T08:21:13Z "I want to address the widget HTML produced by WordPress which makes it unnecessarily difficult to write CSS rules targeted to content area in widgets. The following register_sidebar(): {{{ register_sidebar(array( 'name' => esc_html__('Primary Sidebar','theme'), 'id' => 'theme_sidebar', 'description' => esc_html__('Primary Sidebar will be shown on the right side of the site if widgets are added here.', 'theme'), 'class' => '', 'before_widget' => '<div class=""widget %2$s"" id=""%1$s"">', 'after_widget' => '</div>', 'before_title' => '<h3 class=""title"">', 'after_title' => '</h3>', )); }}} will produce this HTML for Recent Posts widget: {{{ <div class=""widget widget_recent_entries"" id=""recent-posts-3""> <h3 class=""title"">Recent Posts</h3> <ul> <li><a href=""https://test-site.local/markup-html-tags-and-formatting/"">Markup: HTML Tags and Formatting</a></li> <li><a href=""https://test-site.local/markup-image-alignment/"">Markup: Image Alignment</a></li> <li> <a href=""https://test-site.local/markup-text-alignment/"">Markup: Text Alignment</a></li> </ul> </div> }}} If we have to style widgets like shown in this screenshot [[Image(https://i.postimg.cc/D0c9LwTB/widget-style.jpg)]] **with consistent padding for widget content in all widgets in one go**, an obvious way is to wrap the widget content by adding opening and closing div in before_title and after_title respectively like following. {{{ register_sidebar(array( 'name' => esc_html__('Primary Sidebar','theme'), 'id' => 'theme_sidebar', 'description' => esc_html__('Primary Sidebar will be shown on the right side of the site if widgets are added here.', 'theme'), 'class' => '', 'before_widget' => '<div class=""widget %2$s"" id=""%1$s"">', 'after_widget' => '</div></div>', 'before_title' => '<h3 class=""title"">', 'after_title' => '</h3><div class=""widget-content"">', )); }}} However, **this won't work nicely and will break the theme if user has not set a title for the widget**. Some WordPress widgets will show a default title even if user has not explicitly set a title which causes confusion among users. This is how Twenty Sixteen targeted styling specific to widget content area: {{{ .widget-area > :last-child, .widget > :last-child { margin-bottom: 0; } }}} But **this fails to target Archives widget content when ""Display as Dropdown"" is selected** since the last child is a script element. **That's an inconsistency**. If WordPress could **introduce optional 'before_widgetcontent' and 'after_widgetcontent' to register_sidebar(**), it will be possible to wrap the widget content and target the widget content area for all widget, with or without title in one go. {{{ register_sidebar(array( 'name' => esc_html__('Primary Sidebar','theme'), 'id' => 'theme_sidebar', 'description' => esc_html__('Primary Sidebar will be shown on the right side of the site if widgets are added here.', 'theme'), 'class' => '', 'before_widget' => '<div class=""widget %2$s"" id=""%1$s"">', 'after_widget' => '</div></div>', 'before_title' => '<h3 class=""title"">', 'after_title' => '</h3>', 'before_widgetcontent' => '<div class=""widget-content"">', 'after_widgetcontent' => '</div>', )); }}} Developers can save their time from writing unnecessary complicated CSS code to get a consistent style ( padding in my case ) for the widget content area. == Relevant Stackoverflow question about this issue with complicated solutions: https://wordpress.stackexchange.com/questions/185294/add-before-content-and-after-content-to-register-sidebar https://wordpress.stackexchange.com/questions/74732/adding-a-div-to-wrap-widget-content-after-the-widget-title https://wordpress.stackexchange.com/questions/107814/sidebar-widgets-dynamic-css-problem-with-widget-title?rq=1 https://wordpress.stackexchange.com/questions/128063/customizing-the-widget-content-markup?rq=1 " stwnigel 48496 Filters post_row_actions and page_row_actions not apply at AJAX inline-save action reporter-feedback Quick/Bulk Edit 5.2.4 normal normal Awaiting Review defect (bug) new 2019-11-05T04:23:05Z 2023-02-28T16:25:04Z "At page /wp-admin/edit.php after inline post/page edit and save updated table row loads by AJAX with default actions - without apply post/page_row_actions filter" andrejovdienko 4 48497 "If preformatted block contains ""<script>"" tag page would not save" General 5.2.4 normal normal Awaiting Review defect (bug) new 2019-11-05T06:02:20Z 2021-03-31T22:00:56Z "If preformatted block content contains ""<script>"" (with or without any attributes), saving page fails with an error ""Updating failed"". This happens even with < and > are encoded: {{{ <pre class=""wp-block-preformatted""><script></pre> }}} " martynasma 3 48498 Walker_Category should also accept the `item_spacing` parameter. Taxonomy normal minor Awaiting Review enhancement new 2019-11-05T08:11:19Z 2019-11-06T01:27:16Z "In WordPress 4.7 wp_list_pages(), Walker_Page and Walker_Nav_Menu were updated to accept an additional parameter `item_spacing` so that they can more robustly be styled using inline-blocks - see #27762 wp_list_categories() and Walker_Category would also benefit from accepting the `item_spacing` parameter for the same reasons." husobj 48499 request: bundle unminified jQuery External Libraries 5.2.4 normal normal Awaiting Review enhancement new 2019-11-05T10:24:47Z 2019-11-05T15:53:15Z "This is a follow-up to #47020. WordPress is including a patched jQuery 1.12.4 now as we require this version but need to patch in security related fixes; whereas jQuery is supporting only newer versions. However we do not include an unminified jQuery. As a result this makes this makes it very hard to verify certain which patches are included, as the source code is not available, and the minification process differs from jQuery's therefore an online diff contains a lot of false positives. To have verifiable patches I'd like to request that we please keep a list of fixes somewhere (whether it's ticket numbers or full documentation), start including an unmodified jQuery, and verify the bundled jQuery contains all patches post 1.12.4. " pacifika 1 48501 Enhancement: improve tertiary button styles General normal normal Future Release enhancement new 2019-11-05T17:41:20Z 2020-11-03T16:27:43Z "In WordPress, there are primary, secondary, and tertiary button styles, as shown below. [[Image(http://cldup.com/L3baQu0gZK.png)]] I think there is an opportunity to improve tertiary button styles, and document the rationale. Please forgive me, but I've seen discussions about ""link"" buttons or ""plain text"" buttons before, but I can't find them. Otherwise, I'd link them here. The only one I could find is an [https://github.com/WordPress/gutenberg/issues/15358 issue in Gutenberg], where a button was styled to look like a link. I'd like to prevent these issues in the future. I did a bit of research to see how other design systems implement a tertiary button style: [[Image(http://cldup.com/6OIfWseUGN.png)]] A note I'd like clarification on, regarding accessibility and WCAG: I've read that buttons need another visual indicator other that color to appear active/interactive. This is why sometimes you see tertiary buttons with ALL CAPS or an underline. I've read the [https://www.w3.org/WAI/WCAG21/Understanding/non-text-contrast.html success criterion for non-text contrast] recently, and it seems that this might not be the case: > This success criteria does not require that controls have a visual boundary indicating the hit area, but if the visual indicator of the control is the only way to identify the control, then that indicator must have sufficient contrast. If text (or an icon) within a button [...] is visible and there is no visual indication of the hit area then the Success Criterion is passed. But it does seem like a ''recommendation'': > Note that for people with cognitive disabilities it is recommended to delineate the boundary of controls to aid in the recognition of controls and therefore the completion of activities. Here is the image they provide. Apparently both are ok: [[Image(http://cldup.com/gvHYXQXz3O.png)]] Does this mean that we don't need a visual boundary for buttons? ---- **With this information, I have a proposal for buttons** Here are the options that I see for tertiary buttons: - Plain text: This is what we currently do, but I believe we could make it look a tad more like a button. - ALL CAPS: This seems like great solution — it provides another visual indication in addition to color. But there is some debate on whether or not all caps text is ideal. Some studies say it’s generally more readable. For some, it can be harder to read. It has been recommended that we don't use all caps in WordPress. - __Underlined__: This makes the button look like a link, which we don't want to do. - **Bold text**: This seems like a good solution too. It might be subtle, but I believe it's an improvement. I propose that we go with the last option. Here's what that look like: Semibold: [[Image(http://cldup.com/8YaRMfZ74t.png)]] Bold: [[Image(http://cldup.com/nRwzpiTX8T.png)]] In addition, I've found this on the use of italic, bold, and ALL CAPS from [https://webaim.org/articles/evaluatingcognitive/ webaim]: > Use stylistic differences to highlight important content, but do so conservatively. Use various stylistic elements (italics, bold, color, brief animation, or differently-styled content) to highlight important content. Overuse can result in the loss of differentiation. Do not use italics or bold on long sections of text. Avoid ALL CAPS. Please let me know what you think. " drw158 8 48508 User cache needs to be cleaned after updating user_activation_key via wpdb Users normal normal Awaiting Review defect (bug) new 2019-11-06T10:27:32Z 2019-11-06T10:27:32Z "The r45716 has replaced direct SQL query for getting `user_activation_key` for `get_user_by` function call. However, it `get_user_by` takes advantage of cache and may return a cached user object. In case a WP install is using a persistent cache backend (memcache, redis ...), a direct update of `user_activation_key` via `$wpdb->update` (eg.: done by a plugin), would not invalidate the cache, and newly added activation key would then get rejected as invalid. There are some plugins / pieces of code out there, which are performing the direct SQL update and which might stop working under mentioned conditions (persistent cache backend). Eg.: * https://plugins.trac.wordpress.org/browser/bnfw/tags/1.7.5/includes/overrides.php#L97 * https://plugins.trac.wordpress.org/browser/sailthru-widget/tags/3.3.0/sailthru_mail.php#L115 * https://github.com/haekalby/fkp/blob/442fec37333faba4e1a84a346ca5384bee54138/wp-content/themes/forumengine/includes/core/class-email-confirmation.php#L92 * https://github.com/localymine/medican/blob/da89cb3354c3fe6139caa562a7063dae870cf4da/wp-content/themes/medican-child/woocommerce/myaccount/resetpassword.php#L13 A hotfix for the issue in affected plugins/code would be to call `clean_user_cache` function or use the `get_password_reset_key` function or `wp_update_user`, which, since r45714, uses `wp_update_user`, and thus is properly clearing the caches." david.binda 48512 Post editor can show wrong author, if user role was changed dev-feedback Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-11-06T14:29:47Z 2019-11-06T17:23:53Z "* Go to Add New User. Create a new user who is a Contributor. * Go to Add New Post. Type any random text as the content. Set the Author (in the dropdown list) to the author you just created. Save the post. * Go to the user you created, and change their role to ""No role"". * Go back to Posts, and find the post you created. Edit it. * Observe that the Author dropdown now shows the wrong author, since the user is no longer eligible to appear in the dropdown list. * Fortunately, even if you edit and save the post, it does not actually overwrite the correct author with the wrong one. Still, the display is very misleading. A bug in my opinion." equin0x80 2 48513 Maximum execution time of 600 seconds exceeded in /var/www/html/releases/20191106150212/wp-includes/class-wp-image-editor-imagick.php on line 155 Media normal normal Awaiting Review defect (bug) new 2019-11-06T15:52:03Z 2020-01-16T15:14:49Z "When running wp media regenerate --only-missing --image_size=lazy it fails after 6490 entries. It fails with the following error: {{{ 6490/15784 No ""lazy"" thumbnail regeneration needed for ""model13-32"" (ID 35894). PHP Fatal error: Maximum execution time of 600 seconds exceeded in /var/www/html/releases/20191106150212/wp-includes/class-wp-image-editor-imagick.php on line 155 Fatal error: Maximum execution time of 600 seconds exceeded in /var/www/html/releases/20191106150212/wp-includes/class-wp-image-editor-imagick.php on line 155 }}} If I go to the specific image (that I THINK is failing, model13-32) and then click ""rebuild thumbnail"" inside WordPress it works just fine. Hmmm.." mattiasf 1 48519 Comment reply form in admin incompatible with most custom fields plugins Comments 5.2.4 normal normal Awaiting Review defect (bug) new 2019-11-06T22:17:16Z 2019-11-06T22:17:16Z "If you are using any plugin that adds custom (meta) fields to comments the admin interface for replying isn't compatible. The front-end comment template includes various hooks for plugins to use. The admin however does not (at all). See: Front-end: `wp-invludes/comment-template` function: `wp_comment_reply()` from around line 2393 Admin: `wp-admin/includes/template.php` function `comment_form()` from around line 437 In my case it's a compatibility bug with required fields created by Pods. Within WP Admin it won't show the custom fields and this doesn't save any comments because required fields are not filled. Some missing hooks: Filters: - `comment_form_default_fields` - `comment_form_fields` - `comment_form_logged_in` (Not needed as it's in WP admin) - `comment_form_field_comment` - `comment_form_field_{$name}` - `comment_form_submit_button` (Not sure if this is desirable in WP admin) - `comment_form_submit_field` (Not sure if this is desirable in WP admin) Actions: - `comment_form_before` - `comment_form_must_log_in_after` (Not needed as it's in WP admin) - `comment_form_top` - `comment_form_logged_in_after` - `comment_form_before_fields` - `comment_form_after_fields` - `comment_form` " keraweb 48522 Attachment size not generated when large images uploaded needs-unit-tests Media 5.3 normal normal Future Release defect (bug) new 2019-11-07T01:33:39Z 2020-10-16T20:03:30Z "I've noticed that some images during upload do not generate attachment sizes at all, or generate the sizes partially. An example of such an image: https://upload.wikimedia.org/wikipedia/commons/f/ff/Pizigani_1367_Chart_10MB.jpg Upload is successful, but there's no scaled image, as well as no attachments. " vanyukov 37 48524 Notice: Undefined variable: matches reporter-feedback Query 3.3 normal minor Awaiting Review defect (bug) new 2019-11-07T07:56:40Z 2019-11-09T11:24:17Z " {{{#!php <?php /wp-includes/class-wp.php in WP::parse_request at line 251 }}} {{{#!php <?php // Substitute the substring matches into the query. $query = addslashes( WP_MatchesMapRegex::apply( $query, $matches ) }}} " kevinmrlw 2 48527 Wrong upgrade notification reporter-feedback Upgrade/Install normal normal Awaiting Review defect (bug) new 2019-11-07T11:59:57Z 2023-02-15T20:17:06Z I am running on WordPress 5.2.3 and but it gives me to update to 5.2.2 dkarfa 1 48531 Regression: styling of most form elements is uneven or off-center audrasjb* Administration 5.3 normal normal Future Release defect (bug) accepted 2019-11-07T19:51:35Z 2020-07-21T20:15:42Z "Introduced in #47477. The change that caused this is the overriding of line-height and adding min-height to all ""single-line"" form elements: {{{ input[type=""text""], input[type=""password""], input[type=""date""], input[type=""datetime""], input[type=""datetime-local""], input[type=""email""], input[type=""month""], input[type=""number""], input[type=""search""], input[type=""tel""], input[type=""time""], input[type=""url""], input[type=""week""] { padding: 0 8px; /* inherits font size 14px */ line-height: 2; /* 28px */ /* Only necessary for IE11 */ min-height: 30px; } }}} This causes problems in many plugins and in some external packages like the UI in the classic editor/TinyMCE." azaozz 19 48535 Incompatibility with PHP 7.3.11 General 5.2.4 normal critical Awaiting Review defect (bug) new 2019-11-08T08:34:27Z 2019-11-09T09:39:42Z "I set up totally new env with WordPress 5.2.4 on PHP 7.3.11 and I found a couple of problems. In the main opinion, these problems are critical. 1. Ajax response always contains '0' on the end of the response - default code wp_die('0') is always execute. Below is an example response for install the new plugin (chosen randomly) {{{ {""success"":true,""data"":{""install"":""plugin"",""slug"":""health-check"",""pluginName"":""Health Check & Troubleshooting"",""activateUrl"":""http:\/\/woocommerce.local\/wp-admin\/plugins.php?_wpnonce=6a458d9d59&action=activate&plugin=health-check\/health-check.php""}}0 }}} And message displayed in the admin panel informs that installation failed, but module is installed correctly. 2. After clicking on the Activate button, after installation module from the zip file, redirect to page like {{{ <url>/wp-admin/plugins.php?action=activate&plugin=wp-serverinfo%2Fwp-serverinfo.php&_wpnonce=2740398a2b }}} but on the page is error message: **The link you followed has expired.** but module is activated correctly. 3. The next one is related to admin wizard setup for WooCommerce plugin, but in my opinion, this is problem with core code, because setup form is loaded correctly, but code is not dying, and try to load this as a normal plugin. I'm attaching a screenshot with this. " szymon.nosal 2 48536 Allow cmd/ctrl-enter to submit comment forms in wp-admin davidbaumwald* dev-feedback Comments normal normal Future Release enhancement accepted 2019-11-08T12:02:30Z 2020-02-10T19:19:27Z "This is a follow-up on #41545 which says: > I think it'd be a nice enhancement for comment forms in both the admin and front end to submit this way. However, the r45790 introducing the feature does so only for frontend. Submitting comment by pressing ctrl/cmd + 'enter' does not seem to be working in wp-admin. It would be cool if the new feature could be added to wp-admin as well." david.binda 6 48539 WordPress Editor sometimes chops off titles in Chrome Editor 5.2.4 normal minor Awaiting Review defect (bug) new 2019-11-08T15:16:20Z 2019-11-08T22:38:19Z "Somtimes the WordPress Editor chops titles at the top of a page when editing. Unlike the ""missing images"" problem I reported, this one does NOT show up in Firefox. Example Attached" cube1us 1 48540 wp-pass.php and wp-register.php should be deleted on update Upgrade/Install 5.2.4 normal normal Awaiting Review defect (bug) new 2019-11-08T20:12:46Z 2019-11-08T23:46:21Z "Hi IMHO wp-pass.php and wp-register.php should be deleted on update. I find this issue when checking core checksums after big WP update." wojsmol 1 48553 """Admin Color Scheme"" should not be saved before hitting the ""Update Profile"" button in profile page" has-patch Users 3.8 normal normal Awaiting Review defect (bug) assigned 2019-11-10T11:29:13Z 2023-05-26T09:54:34Z "On the profile page (''/wp-admin/profile.php'') when you click on a color scheme, it instantly updates (via AJAX) in the user meta and changes the color. I think this should not happen. User meta should be updated only after they hit the ""Update Profile"" button. It's OK to show the color (preview) as soon as they click an option, but storing the value in the database should be updated along with other info after clicking the save button. [[Image(https://s.nimbusweb.me/attachment/3516583/0ug6f4ro5vxd2e91ggdm/alEdMIiK5cCc8V2P/screenshot-core.wp-2019.11.10-17_25_46.png)]]" mukto90 2 48563 Changing site admin email address is backwards dev-feedback Users normal normal Awaiting Review enhancement new 2019-11-11T16:31:28Z 2021-04-27T00:43:26Z "The current process for changing the admin email address in the General settings tab seems pretty sketchy to me. Currently: 1. Change the email address. 2. Confirmation email is sent to the NEW admin. 3. New admin confirms 4. Email sent to OLD admin to inform him or her it was done. It should be: 1. Change the email address. 2. Confirmation email sent to OLD admin to be sure it’s ok to change this very important information. 3. Old admin confirms it’s ok (or freaks out and starts changing passwords because he or she did not initiate this process). 4. Email is sent to NEW admin to accept the invite and to verify the address. 5. NEW admin confirms address and accepts new responsibility. 6. Email goes to old admin to let them know the process has been completed." maguijo 6 48573 Permalinks Settings screen unnecessarily calls sanitize_option( 'permalink_structure' )... dev-feedback Options, Meta APIs normal normal Awaiting Review defect (bug) new 2019-11-12T17:56:31Z 2019-11-12T23:49:29Z "...just before it calls [https://developer.wordpress.org/reference/classes/wp_rewrite/set_permalink_structure/ WP_Rewrite::set_permalink_structure()]. It is unnecessary because `sanitize_option()` will be called by the `update_option()` call in `WP_Rewrite::set_permalink_structure()` if it the value needs to be sanitized (i.e., it has changed). " pbiron 1 48574 Create better post diff screens Revisions 5.3 normal normal Awaiting Review enhancement new 2019-11-12T19:45:19Z 2019-11-12T23:54:46Z "Post diffs showing the difference between post revisions have always been in raw form, showing differences in post HTML and not ''visual'' differences. With the addition of the Gutenberg editor to WordPress, there is now even more HTML shown due to the inclusion of block settings as comments. Additionally, Gutenberg blocks such as figures or lists create one-line HTML strings so small changes to list items result in one huge line change on the diff screen. It seems like now is the time to consider improving the post diff screen, and changing the way Gutenberg blocks generate their HTML to allow for cleaner diffs. See the attached image for an example of a block that could have been generated across multiple lines such that the addition of a link didn't generate 12 lines of diff. I suppose this feature request is twofold: - Improve the diff page UI to show visual diffs (but keep the current ""raw"" mode as an option). - Make sure Gutenberg block HTML is cleanly formatted across multiple lines to improve line-based diffs used on the post diff screen." seanleavey 1 48576 chmod(): Operation not permitted on WP v5.3 update. reporter-feedback Upgrade/Install 5.3 normal normal Awaiting Review defect (bug) new 2019-11-12T20:30:46Z 2023-02-23T03:39:46Z "I get a long list of the following errors during the WP v5.3 update: Warning: chmod(): Operation not permitted in /.../wordpress/wp-admin/includes/class-wp-filesystem-direct.php on line 168 There is no information on the file being modified, and looking at the source of that PHP script, there is no error handling for a failed chmod(). js." jsmoriss 1 48579 Should we reconsider the External Libraries mentions on the credits.php page? Help/About low normal Future Release enhancement new 2019-11-12T21:45:01Z 2021-10-25T21:13:28Z "Initially added in #17518 At that time the number of third-party libraries used was pretty small. These days we have over a million npm dependencies. I don't have the exact number of ""direct dependencies"" but that's probably more than a hundred. I was wondering if we should rethink that part? Should we just highlight the big dependencies? How to decide if a dependency is big enough? Or maybe we can just remove it?" youknowriad 3 48580 Update status in save_post hooks always true in WordPress 5.0 Posts, Post Types 5.2.4 normal normal Awaiting Review defect (bug) new 2019-11-12T21:47:58Z 2019-11-12T21:47:58Z "I think this issue shown after integration of Gutenberg editor, The {save_post} and {save_POST_TYPE} hooks always triggers {$update} as TRUE. I made some tests, The {$update} is TRUE on saving the post for the first time and on updating also, it's always true. {{{#!php <?php add_action( 'save_post', array( $this, 'cpt_metas_save' ), 10, 3 ); public function cpt_metas_save( $post_ID, $post, $update ) { $db_values = array( 'is_new' => 'No' ); if( $update ) { /* Saving New Post trigger this -- always {Yes} */ $db_values['is_new'] = 'Yes'; } else { $db_values['is_new'] = 'No'; } /* Connect to IBM Server */ /* Update DB */ update_post_meta( $post_ID, 'postmetas_save_test', wp_unslash( $db_values ) ); } }}} " oxibug 48586 Problems updating to WordPress 5.3. reporter-feedback Upgrade/Install 5.3 normal major Awaiting Review defect (bug) new 2019-11-13T01:41:43Z 2023-02-15T20:20:10Z "Hi. I've tried to update to 5.3. from the dashboard as I've done for the last 10 years and it didn't worked. Now, after talking with the people in charge of the server (because it affected the whole server), the web is accesible, but trying to access to the dashboard, WordPress is asking me to update the database to the last version and everytime I try to do this, it DOESN'T work and ends up messing the whole server again. Do you know if it's happening with other website and how I could fix it? Thanks in advance." jcbsep 1 48587 Allow customization of Admin Color Schemes for dashboard General normal normal Future Release feature request new 2019-11-13T01:47:15Z 2021-03-10T12:39:05Z "This issue -- #48585 -- highlights the need for a sorely missed core accessibility feature: the ability for users to customize the preset Admin Color Schemes for the administrative dashboard. I know there are plugins that can customize the dashboard, but I believe this feature belongs in core for these reasons: 1. It affects users' ability to access and manage the basic functions of any WordPress installation. 2. The necessary styles already exist in core and there is already provision to save specific color scheme settings in the user profile. This functionality would be a refinement of pieces already baked in. 3. The accessibility shortcomings of the default set of Admin Color Schemes are already a known issue. 4. For intermediate users, being able to make certain customization choices to an existing scheme or palette is typically the easiest way to achieve a desired result. (More complex functionality, like altering the button layouts, would probably be best left to plugins aimed at more advanced users.) As a user, I want to emphasize that color selection for accessibility is very much an individual choice. There are, for example, W3C standards-validated high-contrast color schemes that are very hard on my eyes. Regardless of whatever other changes may be made to the default Admin Color Schemes for accessibility, it would be beneficial to allow users to further tailor those schemes to suit their own needs. Since the Admin Color Scheme choices are saved in the individual user profile and the color choices are not publicly facing, there's no obvious reason why WordPress users shouldn't have that option. Ideally, such a customization option would include some kind of color picker interface. In a pinch, providing a hyperlink to an external color chooser with clear instructions to copy and paste the hexadecimal code for the desired color into the appropriate spot would probably be adequate and would still be a significant improvement. I'm not a developer, so the engineering of such a feature is beyond my scope, but I figured it was worth asking." Ate Up With Motor 3 48617 Twenty Twenty: Figure elements with inline style can overflow content bounds nielslange has-patch Bundled Theme 5.3 normal normal Future Release defect (bug) assigned 2019-11-13T22:30:45Z 2020-05-13T11:05:22Z "In content created in the classic editor, images that have captions and are set to alignnone or aligncenter can exceed the width of the entry content. This is caused by the inline style on the figure element overwriting the `width` set on `.entry-content > *` in style.css. **Steps to reproduce:** 1. Add an image while using the classic editor. 2. Set it to alignnone or aligncenter. 3. Add a caption. 4. Check on a screen size thinner than the width of the image. **Suggested solution:** (Condensed for clarity) {{{#!css .entry-content figure.alignnone[style*=""width""], .entry-content figure.aligncenter[style*=""width""] { max-width: calc(100% - 4rem) !important; } @media ( min-width: 620px ) { body:not(.template-full-width) .entry-content figure.alignnone[style*=""width""], body:not(.template-full-width) .entry-content figure.aligncenter[style*=""width""] { max-width: 58rem !important; } } @media ( min-width: 1280px ) { body.template-full-width .entry-content figure.alignnone[style*=""width""], body.template-full-width .entry-content figure.aligncenter[style*=""width""] { max-width: 120rem !important; } } }}} First reported by @derlynad." Anlino 9 48622 `editable_slug` filter does not pass the correct value Posts, Post Types 5.3 normal normal Future Release defect (bug) new 2019-11-14T05:23:52Z 2019-11-14T15:36:42Z "''Originally reported in https://github.com/WordPress/gutenberg/issues/15802.'' **Describe the bug** When using the block editor, the 1st param $post_name passed to the editable_slug filter hook is not the same as the classic editor, which is the expected one. **To reproduce** 1. Install Classic Editor to switch from block to classic 2. Create a draft post with title ""the post title"" and slug ""this-is-the-slug"" 3. Create a muplugin with: add_filter( 'editable_slug', function( $post_name ) { wp_die( $post_name ); } ); 4. Refresh your edit page **Expected behavior** With the classic editor you should have ""this-is-the-slug"" but when using block editor you have ""the-post-title"", sounds like the post_title sanitize with sanitize_title, it should be the real post_,name like classic is doing." noisysocks 3 48641 Discussion: links that look like buttons (and vice versa) dev-feedback Administration normal normal Future Release enhancement new 2019-11-14T17:23:30Z 2021-03-04T21:51:54Z "''This issue has been moved from GitHub to Trac to increase visibility.'' Original GitHub discussion: https://github.com/WordPress/gutenberg/issues/7534#issuecomment-549980093 == Summary Sometimes, `<a>` elements are made to look like visual buttons to users, even though they are not actually using the `<button>` element. This can be problematic for some users. The reverse can also cause problems — `<button>` elements that look like links. This is less of a problem, because `<button>` elements should **not** use __underlined text__ styling. There needs to be some resolution or decision on this matter. ''To clarify, this is a visual/interaction issue''. It's less about whether the element technically works and more about the users' expectations around what will happen when they interact with an element. == Specific issues Here is a non-exhaustive list of potential problems: === `<button>` elements that look like links Again, I think the following issues could be solved easily because of what I stated above in the summary. - Users who right-click on the link would expect to see options in the context menu relating to links, such as Open in a new tab – which they would not see if that link was actually a button. - Users of dictation software who see the link on the page would expect to be able to trigger it by saying ‘click link save and return to overview’, which may not work if the link is actually a button. - Users of assistive technology would not see the link in their rotor / list of links, despite being able to see it on the page. === `<a>` elements that look like buttons - Pressing the Space key or Enter triggers a button, whereas pressing the Enter key only triggers a link. - Users of assistive technology may have problems interacting with the visual buttons if they are actually `<a>` elements (**would love clarification from an expert on this**). === `<a>` elements should always look like links (plain, __underlined text__) This is problematic because: - The interface calls for a primary action to look prominent. Links are inherently less prominent than buttons. - When related actions are grouped together, it's ideal to style them the same to show relation. Sometimes it's a mix of `<a>` and `<button>` elements. Simple links don’t always catch a user’s attention when they’re scanning a website. So a link is sometimes styled to look like a button where you want to give it greater prominence. Source: [https://href.li/?https://designsystem.gov.au/components/buttons/#links-as-buttons gov.uk] = Current solution I believe attempts have been made in the past to make links more visually more prominent without looking like a button: [[Image(http://cldup.com/PUWq1ghJb7.png)]] This is a commendable attempt, but in my opinion it still looks like a button, therefore the problem it attempts to solve still persists. Additionally, it creates a problem by introducing another type of visual ""button"" that is inconsistent with standard WordPress buttons. As we make `<a>` elements bigger and visually more prominent, I think they'll inevitably look close to a visual button. I understand they don't have to look like a button, but as you add more padding, and a background/outline to indicate click area, it immediately starts to look like a button. Any differences with a button will be subtle, and we'll probably still have some confusion with interactions. = Proposal Considering a11y and design concerns, and understanding there is no ""correct"" answer, I believe this is the optimal compromise: - ''Visual'' buttons should be able to use either the `<a>` or `<button>` element. This flexibility is provided so developers can make the most semantic markup possible. This also allows designers to ensure a consistent and usable visual experience. - `button` elements should **not** look like links (plain, __underlined text__). Additionally, we could provide a bit more affordance for `<a>` elements that look like visual buttons, by adding an icon to the right (similar to how we add an ""external"" icon to external links. [[Image(http://cldup.com/0fa8NiUWOZ.png)]] ---- Related discussions and prior work done on button/link semantics: - Enhancement: improve tertiary button styles: #48501 - https://core.trac.wordpress.org/ticket/40470#comment:11 - https://github.com/WordPress/gutenberg/issues/7534#issuecomment-510534529 - Semantic elements for non-link links: #26504 - https://core.trac.wordpress.org/query?keywords=~semantic-buttons" drw158 9 48644 Establish guidelines for button order Administration normal normal Future Release enhancement new 2019-11-14T21:23:53Z 2022-03-09T14:03:04Z "''This issue has been moved from GitHub to Trac to increase visibility.'' Original GitHub discussion: https://github.com/WordPress/gutenberg/issues/7534#issuecomment-549980093 There is a need to establish guidelines for button ''group'' position and button ''order'' within the group. There are two patterns that need to be documented: - **A pattern for the button group position**. It's OK for the group position to be different based on context ( e.g. right-aligned group in dialogs). This also includes making sure that related buttons are in close proximity (existing trac issue: #40822). - **A pattern for button order**. A consistent button order is important for accessibility so that the first and second actions are predictable throughout the UI (e.g. confirm is always first and cancel is always second). Important to note that currently the [https://github.com/WordPress/gutenberg/blob/ed31b3a27be2faf6a60a52609e4e13c263989bfe/packages/components/src/modal/README.md WordPress Component documentation] aligns buttons to the right, with the primary action second in the visual order: [[Image(http://cldup.com/g0FeStpTYa.png)]] == Button group placement This one is a bit easier because as explained above, it's OK for the group position to be different based on context. Usually you want the buttons on the left for screens with forms because that’s where the eye travels. Same logic can be applied to dialogs as well — actions are usually on the right because that’s where the eye travels. We can figure out what patterns to standardize and document them. == Button order === Platform conventions For dialogs: on Windows, primary is always first. For Apple and Google, primary is always second: [[Image(http://cldup.com/2XlrtvLb_N.png)]] In some cases primary first is the ideal order, but sometimes primary second is the ideal order. This is where we are blocked. If we deviate and have inconsistent ordering, then this is not ideal from an a11y point of view. === Button order options ==== Option A [[Image(http://cldup.com/Dq0URpOzDD.png)]] - Primary action is always first (to the left), regardless of button alignment - Secondary action is to the right of the primary action The disadvantage here is that it’s in conflict with the idea that primary or confirming actions suggest ''forward motion'' and secondary or dismissive actions suggest ''backward motion''. Sometimes it can be subtle like: - **Ok** (forward) and **Cancel** (backward) - **Agree** (forward) and **Disagree** (backward) Sometimes it’s more literal like: - **Continue** (forward) and **Cancel** (backward) - **Next** (forward) and **Back** (backward) If the primary action is the first action, it can look wrong and unnatural: [[Image(http://cldup.com/-TPEm9EuQl.png)]] Here’s a real example in WP Admin, of where I think Option A falls short: [[Image(http://cldup.com/Y70_6ejJtu.png)]] Notice in the second dialog how the “Go Back” button is on the right, when it should be on the left to indicate backward motion. Additionally, in a NUX or wizard type of interface where there are multiple steps, it usually makes sense to have a ""Back"" and ""Next"" button (Next is usually the primary action). It would look unnatural if the Back button was on the right. ==== Option B [[Image(http://cldup.com/Qc2C_OthsH.png)]] - Primary action is always second (to the right), regardless of button alignment - Secondary action is to the left of the primary action The disadvantage here is that it feels “unnatural” for the primary action to be second in a settings form context. It seems like the primary action should be the leftmost one because that’s where the eye travels. ==== Option C [[Image(http://cldup.com/NvNzBm60xG.png)]] - The visual and DOM button order is different, depending on button group alignment - If button group is aligned to the right, the primary action is second (to the right) - If button group is aligned to the left, the primary action is first (to the left) More reading: - [https://adamsilver.io/articles/where-to-put-buttons-in-forms/ Where to put buttons on forms] by Adam Silver - [https://www.nngroup.com/articles/ok-cancel-or-cancel-ok/ OK-Cancel or Cancel-OK? The Trouble With Buttons] by NN/g " drw158 8 48655 "Improve the ""Add-item"" function in menus (esp. for pages)" audrasjb Menus normal major Future Release enhancement assigned 2019-11-15T15:30:28Z 2020-12-16T23:58:43Z "When the number of pages is getting higher and higher (~30+) it is really hard to find pages when adding them to a menu. Suggestion: - Make the #pagechecklist bigger (or adjustable) for more overview I have to say, that sometimes i don't get the search. 2. suggestion: - limit the search to the title Thank you so much! " diebombe 9 48656 Views details blocked by SAMEORIGIN Plugins 5.3 normal major Awaiting Review defect (bug) new 2019-11-15T19:43:41Z 2019-11-17T17:19:12Z "Hello, On multisite, the ""view detail"" link on this page /wp-admin/plugins.php (in each plugin) is bloked by an error {{{ Chargement refusé par X-Frame-Options : « SAMEORIGIN » à l’adresse « https://example.com/wp-admin/network/plugin-install.php?tab=plugin-information&plugin=loco-translate& », le site ne permet pas l’utilisation de cadres multiorigines depuis « https://example.com/wp-admin/plugins.php ». }}} " sebastienserre 2 48658 Post, Page, and Attachment permalinks can be silently overwritten when Permalinks are set to /%postname%/ Permalinks 5.4 normal normal Awaiting Review defect (bug) new 2019-11-15T21:28:17Z 2019-11-16T11:05:13Z "When a new post is created with a permalink that matches an existing attachment page permalink, the attachment page permalink is silently overwritten. The expected behavior of having `-2` appended to the new post permalink does not occur and instead the existing attachment page becomes inaccessible via its permalink, which starts pointing to the new post instead. Steps to reproduce: 1. Ensure pretty permalinks are enabled in Settings -> Permalinks (e.g., `/%postname%/`) 1. Upload something to the Media Library (e.g., `happy-pumpkin.jpg`) 1. Note the Attachment Page permalink generated from the upload (e.g., `/happy-pumpkin/`) 1. Publish a new post with a title that will produce the same permalink (e.g., a post title of ""Happy Pumpkin"" will generate a new post permalink of `/happy-pumpkin/`, ''not'' `/happy-pumpkin-2/` as expected) 1. Now both the attachment page and the new post have the same permalink (`/happy-pumpkin/`, in this example) and the attachment page permalink has been silently overwritten. When the attachment page permalink is overwritten, there's no way to access that attachment page on the front-end (it now points at the new post). There's also no obvious way to manually change the permalink. In testing, what works is to edit some detail of the attachment in the Media Library—once the change is saved, the permalink is regenerated and updated to include `-2`, which then makes the attachment page accessible again." raamdev 2 48682 Introduce WP_Labels class dev-feedback Taxonomy normal normal Awaiting Review enhancement new 2019-11-17T11:24:49Z 2019-11-17T11:24:49Z "Classes like `WP_Taxonomy` and `WP_Post_Type` return a `stdClass` object for the `$labels` property. The way this is done right now, it should be an array not an object. A solution would be to introduce an abstract `WP_Labels` class that holds all shared the properties (`name`, `singular_name`, `search_items`, etc.) and concrete classes, e.g. `WP_Taxonomy_Labels` for type-specific properties (`choose_from_most_used`, `separate_items_with_commas`, etc). see also #48681." alpipego 48684 Twenty Twenty: Issue with primary color in the block editor Bundled Theme 5.3 normal normal Awaiting Review defect (bug) new 2019-11-17T14:10:12Z 2024-01-11T07:09:58Z "Hi there, I found an error in css , when working with gutenberg editor in backend. When I select the primary color as background color the row editable functions dont work due to css error. This class should be fixed: {{{ .has-background.has-accent-background-color *:not(.has-text-color) { color: #f9f9f9; } }}} We can just delete this class or where else is it needed? Thanks Niko " grafruessel 9 48689 PHP warnings after updating to WP 5.3: ftp_nlist() and ftp_pwd() expect missing parameters costdev needs-unit-tests Filesystem API 5.3 normal minor 6.6 defect (bug) assigned 2019-11-17T23:24:37Z 2024-02-06T05:48:16Z "I updated several websites to WP 5.3 without any problems. But on one wesite I got these PHP warnings both in the backend and in the website: {{{ Warning: ftp_nlist() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 402 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_nlist() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 402 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 681 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: ftp_pwd() expects parameter 1 to be resource, null given in /wp-admin/includes/class-wp-filesystem-ftpext.php on line 226 Warning: Cannot modify header information - headers already sent by (output started at /wp-admin/includes/class-wp-filesystem-ftpext.php:402) in /wp-includes/functions.php on line 5946 Warning: Cannot modify header information - headers already sent by (output started at /wp-admin/includes/class-wp-filesystem-ftpext.php:402) in /wp-admin/includes/misc.php on line 1252 Warning: Cannot modify header information - headers already sent by (output started at /wp-admin/includes/class-wp-filesystem-ftpext.php:402) in /wp-admin/admin-header.php on line 9 }}} I suppressed the ouput by ""muting"" the function calls with '@' in the file 'class-wp-filesystem-ftpext.php', i.e. changed {{{ftp_nlist()}}} to {{{@ftp_nlist()}}} etc.. I will be glad if any reason can be found and fixed until the next WP upgrade. " Hinjiriyo 30 48691 Twenty Twenty: Audio block alignment issue nielslange Bundled Theme 5.3 normal normal Future Release defect (bug) assigned 2019-11-18T03:17:49Z 2024-01-11T10:03:54Z "Hello The Amazing Team of Twenty Twenty, I am playing around with audio block and found alignment issue. See the attached image that best explains it better. [[Image(https://i.imgur.com/57TRzlj.png)]] I have searched previous tickets and didn't find it has been reported. I hope this isn't duplicate ticket. Best, Kharis " kharisblank 15 48693 Silence ini_set caused error or check if function_exists first SergeyBiryukov* has-patch Bootstrap/Load 5.3 normal normal Future Release defect (bug) accepted 2019-11-18T09:01:40Z 2020-02-21T00:45:15Z "https://core.trac.wordpress.org/browser/tags/5.3/src/wp-includes/load.php#L352 should be either {{{#!php <?php @ini_set( 'display_errors', 0 ); }}} to silence the error or {{{#!php <?php if ( function_exists( 'ini_set' ) ) { ini_set( 'display_errors', 0 ); } }}} for the same reason as https://core.trac.wordpress.org/browser/tags/5.3/src/wp-admin/includes/class-wp-debug-data.php#L627 The same login could be applied to other ini_set lines in the wp_debug_mode() function" drazon 11 48698 "Update fails if there’s a ""Custom Html"" block and an Iframe inside it" Editor 5.3 normal normal Awaiting Review defect (bug) new 2019-11-18T12:10:39Z 2020-04-01T18:33:54Z "When creating a new post or updating an old post, If there's a ""Custom Html"" block with an Iframe inside it, save always fails - regardless of what's in that block. It gives the following error: Updating failed. Error message: The response is not a valid JSON response." ozgurnevres 5 48703 Update compressed images for a clean precommit:image output SergeyBiryukov Build/Test Tools normal normal Future Release task (blessed) assigned 2019-11-18T16:43:35Z 2023-08-07T18:38:46Z "Previously: * #48206 (5.3) Background: #48203 `grunt-contrib-imagemin` was updated in [46404] and some GIF images were re-minified, however I still get a bunch of changed files after running `grunt imagemin`: {{{ src/wp-admin/images/loading.gif src/wp-admin/images/media-button-image.gif src/wp-admin/images/media-button-video.gif src/wp-admin/images/resize-2x.gif src/wp-admin/images/resize-rtl-2x.gif src/wp-admin/images/resize-rtl.gif src/wp-admin/images/resize.gif src/wp-admin/images/sort-2x.gif src/wp-admin/images/spinner-2x.gif src/wp-admin/images/spinner.gif src/wp-admin/images/wpspin_light-2x.gif src/wp-admin/images/wpspin_light.gif src/wp-includes/images/smilies/icon_cry.gif src/wp-includes/images/smilies/icon_lol.gif src/wp-includes/images/smilies/icon_redface.gif src/wp-includes/images/spinner-2x.gif src/wp-includes/images/spinner.gif src/wp-includes/images/wpspin-2x.gif src/wp-includes/images/wpspin.gif }}} Per a [https://wordpress.slack.com/archives/C18723MQ8/p1574082406038400 quick check in Slack], this is the case for other committers as well, so it seems like the files should be updated." SergeyBiryukov 26 48705 Admin email confirmation language should be changed Users 5.3 normal normal Awaiting Review defect (bug) new 2019-11-18T17:02:05Z 2019-11-18T17:02:46Z The new confirmation regarding the admin email is confusing, as many sites will have multiple admin level users. The language doesn't make it obvious that the email being confirmed is the overall site's admin email address, as opposed to the email of the admin person logging in. This will result in the main admin email getting changed back and forth between users, and notifications ending up not where they belong. mywebmaestro 48710 PDF uploads are treated like images: empty alt attribute and PHP notices joedolson* dev-feedback Media normal normal 6.6 defect (bug) accepted 2019-11-18T20:42:21Z 2024-02-25T20:11:41Z "uploading a .pdf image in posts reads the following; ""this image has an empty alt attribute: its file name is.... .pdf"" I am a regular user since 1.5 versions of WP and this is my first bug, or error report. I tried downgrading, but it kept coming back error." worddean 41 48712 For large images, wp_generate_attachment_metadata is breaking WordPress Media 5.3 normal normal Awaiting Review defect (bug) new 2019-11-18T21:33:48Z 2020-01-16T15:19:46Z "I have this code in a custom plugin of mine: {{{ $screens_attach_id = wp_insert_attachment( $attachment, $file ); require_once( ABSPATH . 'wp-admin/includes/image.php' ); $attach_data = wp_generate_attachment_metadata( $screens_attach_id, $file ); wp_update_attachment_metadata( $screens_attach_id, $attach_data ); }}} It worked until now, however, in the current version, wp_generate_attachment_metadata is breaking execution without any error in any log, when called for some (large?) images. Example image: https://i.ibb.co/k1FVrCh/apex-jpg5dd30be89f32b-1024x603.jpg " coderevolution 1 48718 Twenty Twenty: Block Left/Right Align Display Issues nielslange Bundled Theme 5.3 normal normal Future Release defect (bug) assigned 2019-11-19T00:08:27Z 2024-02-16T11:57:04Z "When adding an Embed block into the editor, the default alignment is center which displays correctly on the front end of the site: [[Image(https://i.snipboard.io/dvqUFb.jpg)]] However, if you attempt to align the embed block either to the left or right, the page/post navigation no longer clears correctly [[Image(https://i.snipboard.io/L8ZHxt.jpg)]]" JarretC 14 48720 Define all debugging constants for developers in wp-config.php Bootstrap/Load 5.3 normal normal Awaiting Review enhancement new 2019-11-19T05:18:52Z 2019-11-19T18:45:43Z "In `wp-config.php`, in the ""For developers"" section, we have: {{{ define( 'WP_DEBUG', false ); }}} I suggest we also add: {{{ define( 'WP_DEBUG_LOG', true ); define( 'WP_DEBUG_DISPLAY', false ); define( 'SCRIPT_DEBUG', true ); }}} This would mean that changing the value of `WP_DEBUG` to `true` would enable the log file but not the display, while making it easy to enable the display. I've been a WordPress developer for many years. This is the first ticket I've created. I'm a proponent of good defaults. I occasionally change the value of `WP_DEBUG`, but then need to disable it so that I can use the WordPress dashboard without scrolling through a list of errors and warning from third party themes and plugins. And to be honest, I never opened the `@link` to https://codex.wordpress.org/Debugging_in_WordPress Thanks for considering this enhancement! " davidnash 11 48724 Button text type when editing a comment reporter-feedback Comments normal normal Awaiting Review defect (bug) new 2019-11-19T12:21:37Z 2019-12-05T05:29:09Z "When editing a comment in wp-admin the button to update says ""Update How"" instead of Update Now. As per attached screenshot. (on latest WordPress 5.3)" tchburn 5 48726 Twenty Twenty: Wrong Text Color for Background Color & Subtle Background when used as background color for blocks Bundled Theme 5.3 normal normal Future Release enhancement new 2019-11-19T16:22:07Z 2024-01-16T14:59:39Z "To reproduce the issue: - In the customizer inside the Colors panel set the Background Color to `#000`, it will generate a white text color - In the editor, insert a block that supports background color (e.g. Paragraph) and select Background Color or Subtle Background as the background color using the color palette. The text color is black instead of white, which makes the text unreadable. The issue (front-end and editor) is caused by the CSS (which set the text to black) at the following lines: - [source:tags/5.3/src/wp-content/themes/twentytwenty/style.css#L2730 style.css line 2730] - [source:tags/5.3/src/wp-content/themes/twentytwenty/style.css#L2739 style.css line 2739] - [source:tags/5.3/src/wp-content/themes/twentytwenty/assets/css/editor-style-block.css#L198 editor-style-block.css line 198] - [source:tags/5.3/src/wp-content/themes/twentytwenty/assets/css/editor-style-block.css#L207 editor-style-block.css line 207] " collet 1 48729 Twenty Twenty: Margin reset for first-child and last-child is overridden for heading and blocks with alignment has-patch Bundled Theme 5.3 normal normal Awaiting Review defect (bug) new 2019-11-19T16:47:08Z 2024-01-16T15:59:55Z "By default Twenty Twenty set the first-child margin top to 0 and the last-child margin bottom to 0. {{{ entry-content > *:first-child { margin-top: 0; } .entry-content > *:last-child { margin-bottom: 0; } [class=""_inner-container""] > *:first-child { margin-top: 0; } [class=""_inner-container""] > *:last-child { margin-bottom: 0; } .wp-block-column > *:first-child { margin-top: 0; } .wp-block-column > *:last-child { margin-bottom: 0; } .wp-block-media-text__content > *:first-child { margin-top: 0; } .wp-block-media-text__content > *:last-child { margin-bottom: 0; } }}} For blocks that support alignment such as Columns, Cover, Embed, Gallery, Group, Image, Pullquote…, this code is overridden. For example by the following lines: https://github.com/WordPress/WordPress/blob/8e4b0c2c45c3702dc4650d3dc281a1909f28e5de/wp-content/themes/twentytwenty/style.css#L2842-L2863: {{{ .wp-block-archives:not(.alignwide):not(.alignfull), .wp-block-categories:not(.alignwide):not(.alignfull), .wp-block-columns:not(.alignwide):not(.alignfull), .wp-block-cover:not(.alignwide):not(.alignfull):not(.alignleft):not(.alignright):not(.aligncenter), .wp-block-embed:not(.alignwide):not(.alignfull):not(.alignleft):not(.alignright):not(.aligncenter), .wp-block-gallery:not(.alignwide):not(.alignfull):not(.alignleft):not(.alignright):not(.aligncenter), .wp-block-group:not(.has-background):not(.alignwide):not(.alignfull), .wp-block-image:not(.alignwide):not(.alignfull):not(.alignleft):not(.alignright):not(.aligncenter), .wp-block-latest-comments:not(.aligncenter):not(.alignleft):not(.alignright), .wp-block-latest-posts:not(.aligncenter):not(.alignleft):not(.alignright), .wp-block-media-text:not(.alignwide):not(.alignfull), .wp-block-pullquote:not(.alignwide):not(.alignfull):not(.alignleft):not(.alignright), .wp-block-video:not(.alignwide):not(.alignfull) { margin-bottom: 3rem; margin-top: 3rem; } }}} and the responsive margin values (4rem) at lines https://github.com/WordPress/WordPress/blob/8e4b0c2c45c3702dc4650d3dc281a1909f28e5de/wp-content/themes/twentytwenty/style.css#L5066-L5087 The margin reset CSS is also overridden for Full Width blocks {{{.alignfull}}} The margin reset CSS is also overridden for headings inside columns: https://github.com/WordPress/WordPress/blob/master/wp-content/themes/twentytwenty/style.css#L5096-L5103 {{{ .entry-content .wp-block-columns h1, .entry-content .wp-block-columns h2, .entry-content .wp-block-columns h3, .entry-content .wp-block-columns h4, .entry-content .wp-block-columns h5, .entry-content .wp-block-columns h6 { margin: 3.5rem 0 2rem; } }}} To respect Twenty Twenty design, when a block is first-child its margin-top should always be set to 0. When a block is last-child its margin-bottom should always be set to 0. " collet 1 48730 Twenty Twenty: Wide and Full Width blocks top and bottoms margins don't respect original design causing layout issues has-patch Bundled Theme 5.3 normal normal Awaiting Review defect (bug) new 2019-11-19T16:58:13Z 2023-10-06T05:37:19Z "In the original design: - wide width blocks had vertical margins of 4rem on small devices, 6rem for @media (min-width: 700px) and 8rem for @media (min-width: 1000px) - full width blocks had vertical margins of 5rem on small devices, 6rem for @media (min-width: 700px), 8rem for @media (min-width: 1000px) and 10rem for @media (min-width: 1220px) Currently: - wide width blocks have vertical margins of 4rem on all screen sizes - full width blocks have vertical margins of 5rem on all screen sizes except 10rem for @media (min-width: 1220px) The correct values don't appear because there is an error in the CSS declarations at the lines below. While they intend to set the margins, they do nothing as complex selectors can't be set in the :not() pseudo-class (https://developer.mozilla.org/en-US/docs/Web/CSS/:not) https://github.com/WordPress/WordPress/blob/master/wp-content/themes/twentytwenty/style.css#L5255-L5259 {{{ .entry-content > .alignwide:not(.wp-block-group.has-background), .entry-content > .alignfull:not(.wp-block-group.has-background) { margin-bottom: 6rem; margin-top: 6rem; } }}} https://github.com/WordPress/WordPress/blob/master/wp-content/themes/twentytwenty/style.css#L5901-L5905 {{{ .entry-content > .alignwide:not(.wp-block-group.has-background), .entry-content > .alignfull:not(.wp-block-group.has-background) { margin-bottom: 8rem; margin-top: 8rem; } }}} it's important to set these margins back to their original values because currently 2 consecutive wide columns blocks don't display properly (because the negative margin-top calculation for the second columns block was based on the original margin values https://github.com/WordPress/WordPress/blob/master/wp-content/themes/twentytwenty/style.css#L5756-L5759). [[Image(https://i.imgur.com/5FJUYRr.png)]] " collet 2 48734 Twenty Twenty: [em] tag with blank string inside ruins theme layout audrasjb* has-patch Bundled Theme 5.3 normal normal Future Release defect (bug) accepted 2019-11-19T19:21:36Z 2020-05-25T19:13:37Z "Hello! I’ve found a layout issue, concerning to ""em"" tag. When we use the ""em"" tag and try to separate paragraphs inside this tag with blank strings, all the parts that are not in “touch” with opening and closing tags are ""on their own"" in layout. Tags were used in Classic Editor. See the screenshot below. Here’s the source: https://drive.google.com/file/d/1KWMwDFlodidBTqjDJRfP9j0mmw6QMuo8/view?usp=sharing And here’s the result: https://drive.google.com/file/d/1Tzhi-hsaGDLDdJax8kMUonHe7tJaX2Q7/view?usp=sharing Here's addition example in English. The source code: {{{ <em>This is some random text on the first line Here is more text on a second line Additional text on a 3rd line with the closing EM tag</em> }}} And here's the result https://drive.google.com/file/d/1v9R127wdjPHjlXThMe9zjKXWz6V3xk8Y/view?usp=sharing Tested on clean Twenty Twenty theme without any additionsl CSS code. Tested on two different sites. The issue is recreated for WordPress versions 4.7.15, 5.2.4 and 5.3. One more experiment: if I put the strings in <p>...</p> tag, all the strings go to the left and ignore theme styles. Also tested the case for Twenty Nineteen: there is no such issue." derlynad 10 48740 Add constant for database date format dev-feedback Date/Time normal normal Awaiting Review enhancement new 2019-11-20T13:08:57Z 2019-11-20T14:18:36Z "A lot of core Date/Time code is dealing with `Y-m-d H:i:s` format, as stored for posts and other objects in database. This is effectively a so-called ""magic"" string, which is not self-explanatory and prone to user error if typed by hand (I messed up `i` with `m` for minutes more than once probably). Since there is no upstream PHP constant for this format, I suggest we introduce one in core and use it in place of magic string: {{{#!php define( 'WP_DATE_MYSQL', 'Y-m-d H:i:s' ); }}} Not absolutely sure about the name, I used `DATE_MYSQL` as class constant before, but `WP_DATE_DATABASE` might be more appropriately generic. To my knowledge there isn't a specific ISO or RFC designation for such format. If there is agreement on the need and the name I'll work on a patch for replacement and switch from strings in core." Rarst 2 48745 Disable Admin Email Verification Screen by Variable in wp-config.php (or other means) has-patch Users 5.3 normal normal Awaiting Review feature request reopened 2019-11-20T17:46:25Z 2020-09-06T17:46:47Z "After discussing the new admin email verification screen in this week's #hosting-community team Slack meeting, some members would like to be able to disable the admin email verification screen by setting a value in wp-config.php instead of adding filters to the websites they manage on behalf of their customers. Could this (using a variable in wp-config.php) be a possible alternative for disabling the admin email verification screen? If this is not an acceptable alternative, are there other acceptable alternatives?" jadonn 9 48746 Disable admin email verification screen on a per-user basis reporter-feedback Users normal normal Awaiting Review feature request new 2019-11-20T18:09:59Z 2019-11-29T16:31:08Z "During this week's #hosting-community team meeting, some members said they would like to be able to disable the admin email verification screen for some of their administrator users instead of for all administrator users. This would be a useful feature for our team members who manage WordPress websites on behalf of their customers. Would it be possible to add this feature?" jadonn 3 48751 "Make the list table ""action links"" always visible or provide an option for that" audrasjb Administration normal normal Future Release defect (bug) reviewing 2019-11-21T11:02:33Z 2020-10-09T14:34:08Z "I usually approve comments via the notification email which takes me to a page where there's an ""Approve"" button like this: https://i.19ft.com/525a403c.png However, another comment came in while I was on the site and I navigated via the menu system to the Pending comments to this page: https://i.19ft.com/d855a816.png I am a sighted user with full ability to use a keyboard. However, rarely use a mouse due to RSI-type pain and so struggled to work out how to approve this comment. I eventually worked out that you have to hover over the comment to get a set of links up with ""Approve"", ""Reply"", ""Quick Edit"", etc available. As a non-mouse-using user, it should be possible to access these links, Maybe by making them always visible via a setting in my user profile. (I've also attached the image files that I've linked to)" akrabat 47 48758 Repurpose 'Hello World' post to also serve as a Gutenberg tutorial General normal normal Awaiting Review enhancement new 2019-11-21T23:14:42Z 2021-04-10T11:18:28Z "(This ticket has been migrated from GitHub: https://github.com/WordPress/gutenberg/issues/17874) On new WordPress installs, users get a 'Hello World' post by default. The post's content is minimal and does not do a great job of explaining users what to do next. [[Image(https://cldup.com/fI5eLunpwG.png)]] I'm wondering if we can instead make better use of the 'Hello World' post and maybe have some pre-loaded content that can help new users learn the basics of the Block Editor and maybe serve as a little showcase of the cool things you can do. ---- **The new 'Welcome to WordPress"" demo post** [[Image(https://cldup.com/MtjDPstIuV.png)]] ☝️ The above is a quick example that hopefully can serve as starter to iterate to something better. Because the guide is in the block editor, the idea is that the guide itself shows what users can do by using different types of blocks and features. For example, the guide can make use of column blocks, video, group, etc. We can use it as a nice showcase of what can be done with Gutenberg. We can also probably use better images or even fancy illustrations, to make it more interesting and engaging. In the example above, which again is just a quick attempt, the guide starts by showing users how to add a block using the Block Inserter in the top toolbar. That right there communicates to the new user that the plus sign icon adds blocks and when/if they find it somewhere else in the interface, they will already know what it does. It also discretely shows that there's more options in the toolbar that the user can then explore. The guide then moves on to explain that there are different types of blocks and that they can be customized by using the options in the Block Toolbar. And finally, the guide explains that there's a sidebar with additional settings for the document and the blocks. Again, this could be improved in so many different ways: - we can iterate on the contents and topics of the guide, - we can use better images or illustrations, - we can be more clever and use different blocks and make the guide more interesting I'd love to hear your thoughts on this." nrqsnchz 18 48768 WordPress 5.3 ajax bug with Elementor 2.7.5 Query 5.3 normal critical Awaiting Review defect (bug) new 2019-11-22T15:17:38Z 2019-11-22T15:17:38Z "To whom it may concern, I was working on my WordPress site and updated it to the latest version available (5.3), before had the 5.2.4 version, i also updated the plugin Elementors to the latest version 2.7.5 . I noticed that when i was trying to access their build in option, build query, for the elements, it would give and ajax error of type : **core-query uncaught TypeError: Cannot read property 'ajax' of undefined** . I tried to downgrade the Elementor to a previous version but it didn't work, than i downgraded the WordPress one version older and it worked normally. " argentum95 48769 meta_input, tax_input, tags_input and post_category arguments are not available in functions or methods hooked to wp_insert_post dev-feedback Posts, Post Types normal normal Awaiting Review enhancement new 2019-11-22T15:24:55Z 2020-01-02T02:12:39Z "Functions and methods hooked to `wp_insert_post` are currently passed `$post_ID`, `$post` and `$update`. When a call to `wp_insert_post()` is made we can pass an array argument. The array can have `meta_input`, `tax_input`, `tags_input` and `post_category` elements. Current call to `do_action()`: {{{ do_action( 'wp_insert_post', $post_ID, $post, $update ); }}} Proposal: {{{ do_action( 'wp_insert_post', $post_ID, $post, $update, $postarr ); }}} Thoughts: `$postarr` could be either the raw array passed to `wp_insert_post()` or the result of the raw array being merged with the set of defaults used. There are more hooks in the `wp_insert_post()` function such as `save_post`. These could be updated in the same way for consistency. " henry.wright 3 48779 Twenty Twenty: Copyright and WordPress as text widget dev-feedback Bundled Theme 5.3 normal normal Awaiting Review feature request new 2019-11-24T11:46:32Z 2022-07-08T16:08:09Z "I would request to have all content elements easily editable. The only elements I couldn't change from the wp-admin interface were the footer copyright and wordpress text. I would like to change the Copyright to make it linkable and add creative commons to it. Now I had to do it a technical way by child theming, but not everyone is that technical. Custom HTML (copyright) & Text widgets (wordpress link) with a third footer or so could be a solution? Only disadvantage is that WordPress doesn't support PHP by default for security reasons so you can't add the actual site name by code. But a lot of sites doesn't use their company name as site name so it can also be some lorum ipsum text. e.g. © <script>document.write(new Date().getFullYear())</script> My Company " jurjendevries 4 48784 Search box in Select / Upload image pop-up not working with cropped images Media 5.3 normal normal Awaiting Review defect (bug) reopened 2019-11-24T20:52:28Z 2020-03-28T20:10:45Z "Hi, it seems that the search field in the pop-up of selecting or uploading images can not find the images which have been cropped before. For example, if I go to Appearance / Customize and want to change the Logo image, and I am asked to cropped the image, that image won't show in the search field. It will show the non cropped image, but not the cropped one. Thank you! In the attached image you can see how the search field can do find the filename ""Foto-de-Javier-1.jpg"" using just the letters ""jav"". But there is another image in the Media which name is ""cropped-Foto-de-Javier-1.jpg"" and this one does not appear." javierr 4 48786 Wrong URLs to categories, authors etc. to a site in a multisite Permalinks 5.3 normal normal Awaiting Review defect (bug) new 2019-11-25T01:41:48Z 2023-03-15T15:37:53Z "WP returns a wrong URL to a term if the term is in another site of a multisite. Terms like categories, tags, authors, date archives and other terms. How to reproduce: execute this code, with site ID and post ID as examples of valid values in the current installation, in a subsite different to site ID = 3: {{{#!php <?php $site_id = 3; $post_id = 1389; $category_links = array(); switch_to_blog( $site_id ); $categories = get_the_terms( $post_id, 'category' ); foreach ( $categories as $category ) { // get link to category $category_links[] = sprintf( '<a href=""%s"">%s</a>', esc_url( get_category_link( $category->term_id ) ), esc_html( $category->name ) ); } print join( ', ', $category_links ); restore_current_blog(); }}} If other base names for the category and tags are used (being specified on the Permalinks Settings page) the bug is more obviuos. In the next example the subsite is the german version of the main site, so the site path is '/de' and the category base name is specified to 'kategorien', and the german name for the category 'General' is 'Allgemein': On the english main site the code prints this URL to the german category 'Allgemein': {{{https://www.example.com/de/blog/category/allgemein/}}} which is wrong. The correct URL is {{{https://www.example.com/de/kategorie/allgemein/}}} On the german subsite the code prints this URL to the english category 'General': {{{https://www.example.com/kategorie/general/}}} which is wrong. The correct URL is {{{https://www.example.com/blog/category/general/}}} The code sets correct links if it is executed in the site with the ID = 3 (e.g. is current site is same as the site being switched to). Same is with similar functions like: {{{ get_author_posts_url() get_category_link() get_month_link() get_post_format_link() get_post_type_archive_link() get_tag_link() }}} " Hinjiriyo 1 48787 "Classic Editor user interface CSS inconsistencies when toggling ""Enable full-height editor ...""" sabernhardt* has-patch Editor normal normal Future Release defect (bug) accepted 2019-11-25T10:28:30Z 2021-11-15T22:09:14Z "Splitting this out from #47477 after @johnjamesjacoby's feedback. When toggling the ""Enable full-height editor and distraction-free functionality"" setting, it appears the Classic Editor toolbar gets some CSS rules that make it look inconsistent depending on the state of the setting. Part of these inconsistencies are new in WordPress 5.3, while other inconsistencies can be reproduced on WordPress 5.2 thus are pre-existing to the recent CSS changes. Please refer to the attached animated GIFs below for better clarity. - #48101 changed the border color of various ""boxes"" in the admin from `#e5e5e5` to `#ccd0d4`. In the Classic Editor, seems that the new color applies only to the toolbar top border and only when ""Enable full-height ..."" is on. - The other toolbar borders and the bottom padding change when toggling the setting also on WordPress 5.2. Not sure this is intentional or if there's a good reason to have a different styling. I'd tend to think these are probably inconsistencies happened over time that should be fixed. Worth noting the Classic Editor will still be supported for a couple years but it's not meant to get new functionalities or improvements. Only bug fixes will be addressed. Personally, I'd be in favour of fixing these inconsistencies because they don't appear to be terribly complicated and the fix won't likely break anything. I'd also suggest to use the new border color `#ccd0d4` for better contrast." afercia 9 48788 Run time crop image not working using wp_get_image_editor reporter-feedback Media 5.3 normal normal Awaiting Review defect (bug) new 2019-11-25T14:16:27Z 2020-01-16T15:35:00Z "it's not working run time crop image {{{#!php <?php $editor = wp_get_image_editor($filePath); $editor->set_quality($quality); $editor->crop($srcX, $srcY, $srcW, $srcH, $destWidth, $destHeight); $saved = $editor->save($destFileName); }}} ============================= Problem for ""$editor->crop()"" while source image size is smaller than destination image size. {{{#!php <?php $editor->crop($srcX, $srcY, $srcW, $srcH, $destWidth, $destHeight); }}} " ahmed17 2 48789 Provide ability to drag and drop images among and between Gutenberg Blocks reporter-feedback Editor 5.3 normal normal Awaiting Review enhancement new 2019-11-25T17:59:19Z 2020-11-24T23:44:04Z "It is not possible to drag and drop images between the different GB blocks. For Example, if I make an image Block I cannot drag the image out of the block and drop into another block. Therefore, to improve UX WordPress should provide the ability to drag and drop images among and between Gutenberg Blocks" Pcosta88 4 48793 Issue in selecting option from auto-suggest drop-down using plugin editor. Administration 5.3 normal normal Future Release defect (bug) new 2019-11-26T05:39:39Z 2020-11-05T06:14:27Z "Hello Team, I noticed that when I edit the plugin/theme using the editor in the backend, it gives auto-suggest. But when I start typing, I could not select any option from the drop-down (by navigating using up/down arrow keys). It is selected sometimes only if I could manage to press enter at the same time. PFA " sonali1215 1 48796 "Image size reporting as ""thumbnail"" after most recent update" reporter-feedback Editor normal normal Awaiting Review defect (bug) new 2019-11-26T15:53:35Z 2020-11-05T06:16:41Z "Recently, I noticed, when editing images in my existing blog posts, that the image size reported for all of the images on my blog is ""thumbnail"", when in fact, they were inserted into the post as ""large"" or ""full"". Is this a glitch that will be fixed? I hope so because there are old images in my blog, which were originally inserted incorrectly, and ARE in fact inserted as thumbnails. I correct these when I come across them in my editing, but now it's impossible to tell which ones are wrong because every image reports as being a ""thumbnail image"". Will this be corrected? " happy hooligans 1 48800 Twenty Twenty: Conditional loading of language/locale specific css and php files dev-feedback Bundled Theme 5.3 normal normal Awaiting Review feature request new 2019-11-26T20:52:30Z 2019-11-26T22:01:42Z "First reported on GitHub by @nukaga https://github.com/WordPress/twentytwenty/issues/970 In the current site design, the title is too large in Japanese and Chinese. The center alignment is also extraordinary. https://github.com/WordPress/twentytwenty/issues/118#issuecomment-541292567 https://github.com/WordPress/twentytwenty/issues/118#issuecomment-538964579 Solution Is it possible to separate the title and body CSS in several languages?" ianbelanger 1 48801 Twenty Twenty: Starter Content could be improved Bundled Theme 5.3 normal normal Awaiting Review enhancement new 2019-11-26T21:16:22Z 2019-12-09T14:34:00Z "Originally reported on GitHub by @collet https://github.com/WordPress/twentytwenty/issues/959 The ""The New UMoMA Opens its Doors"" page is supposed to showcase what the user can do with the blocks (and how to do it) and be used as a starting point. Currently, a part of this page has a bad structure that can lead the users to use the block editor in a wrong manner. [[Image(https://user-images.githubusercontent.com/54663751/68325713-4472f600-00ca-11ea-86fe-2b3a39b399db.jpg)]] * This kind of layout should be built using 2 Columns blocks instead of one. The content for ""Theatre of Operations"" and ""From Signac to Matisse"" should be placed inside a second Columns block. * With a proper structure, it isn't necessary to use Group blocks inside Column block. * The Image block shouldn't be set to Full Width As a result the design is off, there is way too much spacing between a title and its image. With a proper structure, it should look like http://2020.wordpress.net/" ianbelanger 2 48802 Twenty Twenty: Fixed Background Image on Cover template bugs on iPad Bundled Theme 5.3 normal normal Awaiting Review defect (bug) new 2019-11-26T21:26:10Z 2022-06-24T09:54:38Z "Originally reported on GitHub by @collet https://github.com/WordPress/twentytwenty/issues/956 In the Customizer, if the user selects the ""Fixed Background Image"" option for the Cover template (which is activated by default), the cover image on an iPad (iOS 13) is blown-up." ianbelanger 5 48804 Twenty Twenty: Attach template parts with actions instead of directly including dev-feedback Bundled Theme 5.3 normal normal Awaiting Review enhancement new 2019-11-26T21:42:41Z 2019-11-26T21:54:34Z "Originally requested on GitHub by @thomasplevy https://github.com/WordPress/twentytwenty/issues/947 **The Problem** Not all custom post types are created equal. Some custom post types are like blog posts where meta information, post author information, and navigation between post types makes sense. Other custom post types behave more like native pages where navigation between pages is undesirable. This is a pretty generic and blanket statement and it's not always true. Custom post types are custom and the requirement differ greatly depending on the developer creating them. I am working to add Twenty Twenty theme support for my plugin [LifterLMS](https://github.com/gocodebox/lifterlms) and I have several custom post types which I'd like to be able to remove author and custom post type navigation for. Given the fact that custom post types utilize template at `template-parts/content.php` it is currently only possible for me to remove the navigation and author information by using custom CSS. The meta information I am able to disable using the filter `twentytwenty_disallowed_post_types_for_meta_output`. **Proposed Solution** I'd like to modify the template in question to either be wrapped in a filter which allow the inclusion of `template-parts/entry-author-bio.php` and `template-parts/navigation.php` to be disabled via a filter. For example: https://github.com/WordPress/twentytwenty/blob/dea9290e7ca3d38b7067c3b7107787db6554249a/template-parts/content.php#L68-L72 {{{ if ( is_single() ) { get_template_part( 'template-parts/navigation' ); } }}} Could become: {{{ if ( is_single() && apply_filters( 'twentytwenty_display_single_navigation', true ) ) { get_template_part( 'template-parts/navigation' ); } }}} If this does seem like an acceptable addition I'd be more than happy to write and submit the PR but I didn't want to spend time without a blessing from a core contrib or maintainer first. Thank you for considering this!" ianbelanger 1 48816 Use get_bloginfo in the REST API index dev-feedback REST API 4.4 normal normal Awaiting Review enhancement new 2019-11-27T19:35:39Z 2019-11-29T18:39:35Z "The REST API provides data in the site ""index"" when making a request to `https://example.org/wp-json`. This describes the site and the APIs available. In particular it returns the name of the website, and the tagline. These values are retrieved using `get_option` directly instead of `get_bloginfo`. Because this data would be used presentationally, it seems like it'd be more useful if it returned the ""presentation"" version of these strings. As far as I could tell, the index has more or less worked the same since the GSOC version of the REST API, so I wasn't able to find any description of why it was built that way. I opened this because of [https://github.com/WordPress/gutenberg/pull/18760 a Gutenberg PR] which would display the site title." TimothyBlynJacobs 2 48822 Indicate partial success/error of a REST API request REST API 4.7 normal normal Awaiting Review enhancement new 2019-11-28T03:24:50Z 2020-10-24T05:14:31Z "Currently, when the REST API encounters an error, that error is typically immediately returned and any context about what processing has occurred is lost. A good example of this is creating a post. After the post is created an error can be returned after inserting terms, meta, and additional fields. The response does not provide a way to determine the ID of the post so updates could be made to the existing post, instead you must create a new post. As a first step, it'd be great if we could return a `Link` to the single item route. This is similar to the post-process link in the media endpoint except that we know there is a `WP_Error` instance, we don't have to always send the header. I think we'd do this by adding link support to `WP_Error`. A further step might be to add a way to allow returning a partial response. For instance, if I successfully inserted a post, but just inserting some meta values failed, it'd be ideal if I could receive back the prepared item as well as the errors that were encountered. This would probably require changing the output format. We could only return the different format if the client indicated that it could process it, possibly via the `Accept` header." TimothyBlynJacobs 1 48831 WP Admin Bar doesn't display on wp-login.php page has-patch Toolbar normal normal Awaiting Review enhancement new 2019-11-28T23:46:08Z 2021-09-02T18:38:31Z "I like to display the WP Admin Bar on all pages even if a user isn't authenticated because we get the WordPress logo and menu and a search button. To always show the WP Admin Bar we can do this: {{{ add_filter( 'show_admin_bar', '__return_true' ); }}} This will display it everywhere except wp-login.php. I think it _should_ display on this page if we return true in the filter" henry.wright 6 48837 Twenty Twenty: Wrong cover height in Chrome mobile Bundled Theme 5.3 normal normal Future Release defect (bug) new 2019-11-29T13:36:04Z 2020-02-19T15:04:11Z "WordPress 5.3 with Twenty Twenty theme, all plugins disabled. Using Chrome mobile on Android the down arrow doesn't appear on screen unless you scroll down a little. Using Samsung browser it displays correctly. Can be reproduced opening http://endorfinamente.com.br on Android Chrome. Screenshots: [[Image(http://endorfinamente.com.br/tmp/Screenshot_20191129-102354_Chrome.jpg)]] [[Image(http://endorfinamente.com.br/tmp/Screenshot_20191129-102414_Samsung%20Internet.jpg)]]" oldnapalm 2 48842 Fix calculation error when resampling images before resizing in class-wp-image-editor-imagick.php dev-feedback Media 4.5 high normal Future Release defect (bug) new 2019-11-30T18:34:34Z 2020-10-15T14:23:17Z "Seems there is a calculation error when resampling large images before resizing them to a much smaller sub-size. Looking at #33642 and [36700], the idea is to efficiently reduce the size of the original image before resizing by using ImageMagick's `sampleImage()`. However in some cases the resampled image may be larger than the original. Caused by doing the resampling when the destination image is about 1/3 of the size of the original, and using a (hard-coded) `$sample_factor = 5`, see https://core.trac.wordpress.org/browser/tags/5.3/src/wp-includes/class-wp-image-editor-imagick.php#L333. Example: for an original image of 1000x500 and destination image of 300x150, the resampled source image will be 1500x750 (the `$resize_ratio` in this case is `0.09`)." azaozz 18 48855 Updating transient to remove expiration fails Options, Meta APIs 5.3 normal normal Awaiting Review defect (bug) new 2019-12-02T19:50:42Z 2019-12-03T14:09:21Z "When updating a transient using the set_transient method, it fails to update the transient's expiration date. Looking at the code, it appears it's only looking for the expiration and deleting it if a new expiration date is specified. This renders it impossible to switch a transient from having an expiration date to not having one. ex. code: {{{#!php <?php //new transient set to expire in one hour set_transient('new_transient', 'data', 5000); //Update transient and remove expiration set_transient('new_transient', 'new_data', 0); }}} At this point, if you look in the options table for the _transient_new_transient_expiration you'll find the previous value of 1 hour for the expiration instead of the expiration having been removed. One thing I recognize, that may render this from being a ""bug"" is the nature of transients would be if transient information isn't available, it shouldn't be relied upon, but rather rebuilt. In this use case above, a transient that's set to not expire, but actually still has an expiration date, would expire and in theory then be regenerated later if the data is requested after the expiration." stndrdsnz 48860 get_queried_object return false when executed in parse_query hook Query 5.3 normal normal defect (bug) reopened 2019-12-03T08:47:53Z 2019-12-03T22:42:20Z "When this function is executed in parse_query hook (i.e. woocommerce-perfect-seo-url) on author page ( /author/XXX/ ) it results with this notice. {{{ #13 E_NOTICE: Trying to get property 'ID' of non-object }}} It's because 'author_name' is not converted into 'author' field in parse_query. It's only used to mark page as ""is_author"". {{{ if ( '' != $qv['author_name'] ) { $this->is_author = true; } }}} And get_queried_object relies on 'author' variable. {{{ } elseif ( $this->is_author ) { $this->queried_object_id = (int) $this->get( 'author' ); $this->queried_object = get_userdata( $this->queried_object_id ); } }}} " fliespl 2 48861 Twenty Seventeen inserts an empty .entry-footer content for custom post type posts with no taxonomy Bundled Theme normal normal Awaiting Review defect (bug) new 2019-12-03T09:10:50Z 2019-12-03T10:51:38Z "Hi there, Just reporting that the Twenty Seventeen theme v2.2 checks whether the entry footer is empty in order to avoid a huge blank space. ''/inc/template-tags.php'' {{{#!php <?php // We don't want to output .entry-footer if it will be empty, so make sure its not. if ( ( ( twentyseventeen_categorized_blog() && $categories_list ) || $tags_list ) || get_edit_post_link() ) { }}} However, this check fails for cases of posts of a custom post type with no taxonomy terms associated and a big empty space gets inserted at the bottom of the singular page. `$categories_list` is not empty as the string value `Uncategorized` is assigned by `get_the_category_list()` (/wp-includes/category-template.php) " umchal 48865 Multisite Set up - Input field getting remove from filter when other user user roles except Super Admin filter on page/post Role/Capability 5.3 normal major defect (bug) reopened 2019-12-03T14:12:12Z 2019-12-04T05:44:07Z "When any user except super admin edit page or post having Input field or filter in that case WP automatically removes Input list. It is a major issue. Step to reproduce: **1) Multisite Set Up 2) Super Admin user - admin created user [xyz] having user role as administrator. 3) Super Admin created one post and added classic block with input fields(select, input type text etc.) or added any custom block which contain input fields. 4) Now update the page and it's working fine both side(front & Admin). 5) Now Administrator user[xyz] edit same post and add the heading tag or something else and update the post. After refreshing the page on both side you can see that input field get removed. Issue exist on both WordPress 5.3 and WordPress 5.2.4 See below video for detail : [https://www.screencast.com/t/06MPnPuwtu ]**[]" mohitdadhich10 2 48873 CSS Selectors in style tags containing greater than signs are escaped Formatting 5.3 normal normal Awaiting Review defect (bug) new 2019-12-04T09:25:20Z 2019-12-04T09:45:03Z "If you have unfiltered html disallowed, and you have in your content a style tag with a `>` selector, the selector will be escaped into `>` preventing the CSS from working. I've used the `wp_kses_allowed_html` filter to allow `style` tags in wp_kses. I also have this defined to disallow unfiltered html: {{{ define( 'DISALLOW_UNFILTERED_HTML', true ); }}} Sample content: {{{ <style> body > header { background: red; } </style> }}} Saving this with unfiltered html disallowed would result in: {{{ <style> body > header { background: red; } </style> }}} Since it's escaped, the CSS stops working. I don't think there's a way to allow allow `>` signs in `<style>` tags." bfintal 48879 Changing Site Admin Email Assumes Username and Who Took the Action (which may be incorrect) dev-feedback Users 5.3 normal minor Future Release enhancement new 2019-12-04T20:12:16Z 2024-03-15T16:47:52Z "(Note that this is on MultiSite and I don't know exactly how it functions on a single site install.) I think the email message that is sent when someone updates a Site Admin Email Address should be modified as to NOT be addressed: Dear CURRENT_USER_NAME, and shouldn't say that ""YOU"" have recently requested to update the email. If I want to change the site admin email for a site, the confirmation email goes to the new email address (say, a client), but the email says ""Dear MadtownLems,"". We have had a few cases now where these emails alarmed users and thought they were phishing attempts or had been hacked. This is very confusing for our users, as they have received an email addressed to someone else, and it tells them that they tried to do something that they may not have tried to do. Rather, I believe the text would be much cleaner if it said something like: ""Someone ('MadtownLems') has requested to update the email address for the site..."" " MadtownLems 7 48880 Using JSON.parse instead of an actual object literal when localizing scripts has-patch Script Loader normal normal Awaiting Review enhancement new 2019-12-05T00:34:18Z 2019-12-06T20:17:43Z "As the V8 team at Google stated in their ""The cost of JavaScript in 2019"" [https://v8.dev/blog/cost-of-javascript-2019#json]"" blog post using {{{JSON.parse()}}} is generally faster (~18%) for configuration object literals such as the output of the localize method of the WP_Scripts class. As the output of the localize method is already rendered using {{{wp_json_encode()}}} the change would be quite trivial and backward compatible. Added a diff with additional changes to the block editor init script using the same method." naxvog 5 48881 Fix inline SVG error with wp_admin_css_color reporter-feedback Administration normal normal Awaiting Review defect (bug) new 2019-12-05T04:31:07Z 2023-05-30T18:35:46Z "To get to the point, `url-friendly-colour` in `wp-admin/css/colors/_admin.scss` currently has: `@return '%23' + str-slice( '#{ $color }', 2, -1 );` but both Firefox and Safari (possibly others) are having an issue with CSS generated based on this (at least inline SVG assets). Safari (and possibly others) doesn't like the fact that `'` is used to wrap the str-slice color value since inline SVG assets are using `'` to wrap the parameters/attributes so it then breaks the SVG's syntax by having that value use `'` within itself being wrapped in a `'`. Then, Firefox (and possibly others) doesn't like the fact that `#` is used within an inline SVG since it's expecting `%23` as with the rest of the SVG being encoded. I've found that switching this out for: `@return '%23' + str-slice( %23{ $color }, 2, -1 );` resolves these issues experienced by both of these web browsers (and possibly others.) I haven't tested thoroughly for any potential side-effects, but I don't foresee all that much given how little it seems like `url-friendly-colour` is used (with this then just resolving browser issues for its current usage.) Btw, I came across this with the Admin Color Schemer plugin (with it patched for PHP 7.x per the approved code on its GitHub; not sure why it hasn't been pushed out to WP.org yet... the dev should maybe do that. Either way, this plugin is using WP's own `_admin.scss` and it's not creating compliant results, currently, and this should resolve that issue.)" KZeni 7 48885 REST API: Support reading public settings, implement context handling spacedmonkey dev-feedback REST API 3.7 normal normal Future Release enhancement assigned 2019-12-05T17:09:25Z 2022-07-18T09:32:20Z "It would be good to make it possible to read and update individual site settings at `/wp/v2/settings/title` for example. This is needed as part of https://github.com/WordPress/gutenberg/pull/18760" scruffian 38 48887 New action hooks: admin_body_open, login_body_open & embed_body_open has-patch Administration normal normal Awaiting Review enhancement new 2019-12-05T17:29:43Z 2019-12-17T08:06:35Z "== Background == In changeset [changeset:""45042"" 45042] WordPress 5.2 finally introduced the long waited [https://developer.wordpress.org/reference/functions/wp_body_open/ wp_body_open()] function which fires the [https://developer.wordpress.org/reference/hooks/wp_body_open/ wp_body_open] action hook immediately after the opening `body` tag. This little action helps developers to insert JavaScript right after the opening body tag required by 3rd party services like Google Tag Manager. Dev note: https://make.wordpress.org/core/2019/04/24/miscellaneous-developer-updates-in-5-2/ We did a very good job but the hooks are not consistent on other pages (dashboard, login pages and embed templates). This will allow developers to insert code not only to the theme. === Theme Structure === The new theme structure uses several basic functions which fires action hooks: * `wp_head` action fired by `wp_head()` * `wp_footer` action fired by `wp_footer()` * `wp_body_open` action fired by `wp_body_open()` But the front end is not the only place where developers need to insert JavaScript. === WP Admin === The WordPress dashboard uses the following action hooks: * `admin_head` action * `admin_footer` action Missing `admin_body_open` action. === Login Page === The login page uses the following action hooks: * `login_head` action * `login_footer` action Missing `login_body_open` action. === Embed Templates === The embed templates uses the following action hooks: * `embed_head` action * `embed_footer` action Missing `embed_body_open` action. === Other === The attached patch added the missing `{$page}_body_open` hooks. If you know about other pages that missed, please comment bellow and I'll update the patch. " ramiy 1 48888 HTML being stripped from shortcode blocks in blog posts reporter-feedback Editor normal normal Awaiting Review defect (bug) new 2019-12-05T18:24:31Z 2020-12-07T05:26:55Z "Hi team I have a MailChimp newsletter signup form in the sidebar of my blog. Occasionally I add the same signup form to the body of my blog posts. Previously when I have done this, the one from the sidebar has been removed and just the one in the blog post is displayed. I tried to do this yesterday and discovered that wherever I have done this, now neither signup form shows. I asked my tech guy to take a look and he found that whenever the shortcode for the newsletter signup form is included in a blog post, the HTML is being stripped from the code meaning it’s not displayed. He suggested I try adding the form to a blank page and embedding it in my blog post to fix the issue. I did this using Elementor and it didn’t work. My tech guy is fairly sure this is a bug as he doesn’t think any of the HTML should be being messed with. And he said he’s fairly sure it’s a WordPress bug not a plugin or theme bug. I am unsure how long this issue has being going on for. Has anyone else reported a similar bug? I’m using the latest stable version of WP." kmwade 2 48890 Twenty Twenty: Customizer Controls Uncaught Errors reporter-feedback Bundled Theme 5.3 normal normal Awaiting Review defect (bug) new 2019-12-05T22:59:26Z 2020-11-13T01:41:07Z "I noticed that the customizer.js file in the Twenty Twenty theme is loading in the customizer no matter if the theme is being edited or if a plugin is using the customizer. When using any plugin that takes advantage of the customizer you will see the attached type error. Offending Code: {{{ api.control( 'accent_hue_active' ) }}} Uncaught TypeError: Cannot read property 'setting' of undefined. That's because plugins are loading their settings. So far I've seen this cause issues with the jQuery UI Slider controls, they just won't load. Switching back to the TwentyNineteen theme or TwentySeventeen theme resolved the issue. Adding a try catch block around this twenty twenty setting specific code solves the problem for me. Try catch is fully supported now so I think this could be a great, minimal code, solution to this bug. " fmixell 3 48894 Improve the small user sub window at the right corner on the admin bar a.k.a. the Howdy fly-out has-patch Toolbar normal normal Future Release enhancement reviewing 2019-12-06T06:44:41Z 2021-08-06T16:29:19Z I always accidentally click the link in the small user sub window when I want to publish a post. Does anyone have any ideas to improve this motion? For example, disable the hover effect and display the small window after clicking the link at the right corner. ixkaito 74 48899 Verification admin email again after just changed/updated email? Login and Registration 5.3 normal normal Awaiting Review enhancement new 2019-12-06T08:03:07Z 2019-12-06T14:21:41Z "Show the admin email varification after logged in, user is want to change the admin email. 1. Logged in. 2. Show the **verification admin email**. 3. Click the ""Update"". 4. Change the admin email on admin options setting screen. 5. Get the confimation email. 6. Update the admin email. 7. Logged out. 8. Logged in. 9. **Verification admin email again**. I think add the admin email check internal when just update admin email." gqevu6bsiz 1 48901 WordPress multisite with subdirectories sites using the same 'Site Title' Networks and Sites 5.3 normal normal Awaiting Review enhancement new 2019-12-06T10:32:25Z 2019-12-06T10:32:25Z "I want to create a WordPress multisite with subdirectories sites using the same 'Site Title'. I’ll be implementing an English version, Italian version, Spanish version, and so on. The URL will be: mysite.com mysite.com/it mysite.com/es By clicking on 'My Sites', the sites list on the My Sites screen will show the same name. A change in the file my-sites.php may resolve this annoying problem Instead of: {{{#!php <?php foreach ( $blogs as $user_blog ) { switch_to_blog( $user_blog->userblog_id ); echo '<li>'; echo ""<h3>{$user_blog->blogname}</h3>""; $actions = ""<a href='"" . esc_url( home_url() ) . ""'>"" . __( 'Visit' ) . '</a>'; if ( current_user_can( 'read' ) ) { $actions .= "" | <a href='"" . esc_url( admin_url() ) . ""'>"" . __( 'Dashboard' ) . '</a>'; } ?> }}} Would it possible to change as described below ? {{{#!php <?php $site_name = array_unique(array_column($blogs, 'blogname')); foreach ( $blogs as $user_blog ) { switch_to_blog( $user_blog->userblog_id ); echo '<li>'; if ( count($site_name) == 1 ): echo ""<h3>{$user_blog->siteurl}</h3>""; else: echo ""<h3>{$user_blog->blogname}</h3>""; endif; $actions = ""<a href='"" . esc_url( home_url() ) . ""'>"" . __( 'Visit' ) . '</a>'; if ( current_user_can( 'read' ) ) { $actions .= "" | <a href='"" . esc_url( admin_url() ) . ""'>"" . __( 'Dashboard' ) . '</a>'; } }}} " simpleform 48902 Customizer code editor CSS breaks on activate() (Or breaks when loaded later) has-patch Customize 4.9 normal normal Awaiting Review defect (bug) new 2019-12-06T13:37:55Z 2019-12-11T06:43:00Z "I've added css editor via {{{ WP_Customize_Code_Editor_Control() }}} which is hidden by default with provided active_callback. When activating control via JS in Customizer ex: {{{ wp.customize.control('my_custom_css').activate(); }}} it shows, but CodeMirror CSS is broken. " vukvukovich 5 48903 Drafts or pending posts overwrites existing published post with same url Permalinks 5.3 normal normal Awaiting Review defect (bug) new 2019-12-06T16:33:57Z 2021-01-13T22:02:59Z "The creation of a draft with post_name set to as an existing post will prevent the reachability of the older until the pubblication of the new one. The cause of the issue is that the function ''wp_unique_post_slug'' only acts if the post isn't in the status of draft or pending so in the database will be stored two posts with the same post_name. In the frontend side (in a installation with permastruct set to /%postname%/) the executed query is {{{ SELECT wp_posts.* FROM wp_posts WHERE 1=1 AND wp_posts.post_name = 'example' AND wp_posts.post_type = 'post' ORDER BY wp_posts.post_date DESC }}} This query will return 2 posts and the wordpress considers the most recent (the draft) so the url returns 404. " uatania 2 48915 Gutenberg Paragraph Block, Drop Cap missing sanitize rule for initial hard return line <br> Editor 5.3 normal minor Awaiting Review defect (bug) new 2019-12-09T05:01:54Z 2020-01-10T21:15:46Z "When content has dirty markups, or mistaken is made with hard return before input, more specifically a <br> markup as first element, Drop Cap option can be enable but there is no effect on the first letter in the rendered content. See example: {{{ <!-- wp:paragraph {""dropCap"":true} --> <p class=""has-drop-cap""><br>Lorem Ipsum quam quasi mollitia</p> <!-- /wp:paragraph --> }}} " Giorgio25b 2 48919 Images wont upload with new Big Images fiunctionality dev-feedback Media 5.3 normal normal Awaiting Review defect (bug) new 2019-12-09T15:20:52Z 2020-05-22T04:14:34Z "With version 5.3 came a new ability to create a big optimized image if the client uploads a very large image. This sort of replaces the full image, although it seems to retain the original image on the server. (not sure why but thats another issue...?) Seen here: https://make.wordpress.org/core/2019/10/09/introducing-handling-of-big-images-in-wordpress-5-3/ Unfortunately there seems to be some bugs. Clients can no longer upload files. They get an error: ""Post-processing of the image failed. If this is a photo or a large image, please scale it down to 2500 pixels and upload it again."" The images uploaded are over 2500, but under 2MB. I tried setting this new functionality to false using the hook I keep finding online: {{{ add_filter( 'big_image_size_threshold', '__return_false' ); }}} This did not work. I tried returning a new size over 2500 and it still wont work. Is this a bug or am I and everyone on the internet using this hook wrong? Thank you. " shamai 3 48928 Align selects in .form-table's within admin settings with their neighbour inputs for a more uniform feel Administration normal normal Awaiting Review enhancement new 2019-12-10T18:43:46Z 2022-09-09T08:11:09Z "Hello, Reviewing the admin settings on several screens I feel they can be given a more uniform appearance if the selects matched the width of their neighbour .regular-text inputs. See attached screens. Having these select a uniform width with the inputs provides a more consistent alignment. Thoughts? Thanks" garrett-eclipse 15 48935 Need to Remove strtotime() usage from core needs-unit-tests Date/Time 6.2 normal normal Awaiting Review enhancement new 2019-12-11T12:58:07Z 2023-04-06T10:38:43Z "`strtotime()` is routinely used in core for processing timezone-ambiguous input. Since it is affected by default PHP time zone setting (set by core to UTC on boot) it is also vulnerable to this setting being changed by third party code. Related change of `date()` to `gmdate()` in 5.3 release caused some new issues, because in some places while changing default time zone broke things combination of `strtotime()` and `date()` meant things got broken ''by the same amount'' and outputs were ""correct"" (ignoring the fact they would be implied in absolutely different time zone from intended). Dropping use of `strtotime()` in favor of date parsing with explicit time zone handling (such as `DateTimeImmutable` objects) is logical next step to make core insensitive to PHP time zone context." Rarst 3 48936 Remove mysql2date() usage from core needs-unit-tests Date/Time normal normal Awaiting Review enhancement new 2019-12-11T13:04:27Z 2023-02-24T15:20:34Z "`mysql2date()` was originally meant from processing times as stored by WP in database. Unfortunately its design is very limited because both time zone of input and output is ambiguous. It is interchangeably used for local and UTC times. As implementation detail that meant that it would produce incorrect output for formats including time zones for local time inputs. Time zone would happen be UTC from WP core setting PHP time zone to UTC on load. In 5.3 release this behavior was flipped to produce correct local time output for local time input, as considerably more common. Accordingly now ''UTC'' input produces incorrect output for formats with time zone. While the function is common and familiar, it is hardly irreplaceable and its design is so limited it seems to be unsalvageable. I propose we move towards eliminating its use in core and eventually formally deprecating it." Rarst 1 48937 Auto-refresh maintenance mode screen dev-feedback Upgrade/Install normal normal Future Release enhancement new 2019-12-11T15:35:48Z 2022-08-08T07:48:44Z "''I [https://wordpress.org/support/topic/feature-request-with-solution-auto-refresh-maintenance-mode-screen/ already posted this] on the community forums, and was advised to post here instead.'' While WordPress updates a theme, a plugin or its core, it conveniently displays a message to any visitor: > Briefly unavailable for maintenance. Check back in a minute. Unfortunately, when presented with such a bland screen, most visitors will immediately leave and find a different website. If the visitor hasn’t disabled Javascript in his browser, it would be most helpful to make this a little more informative and add some automation: > Briefly unavailable for maintenance. > This page will automatically load when it is available. Have the webpage automatically refresh the page every (say) 10 seconds. Obviously, if the user has disabled Javascript, you can only display the brief message. = Solution I’m not really a programmer, but I’ve taken the default WordPress method and modified it to do just this — see below. You are welcome to use it as is, or to use the ideas and code within, to implement this feature automatically. I have tested this and it seems to work perfectly. A programmer might find a better way to implement it than I have done. There is one problem with what I’ve done, and that is the lack of translation for other languages. I don’t know how to cater for that. Thank you = Revised contents I took the file /wp-content/maintenance.php and modified it as follows. All that I did was to add a <script> section and modify the <div> section within the <body>. I changed nothing else. {{{ <!DOCTYPE html> <html xmlns=""http://www.w3.org/1999/xhtml"" dir='ltr'> <head> <meta http-equiv=""Content-Type"" content=""text/html; charset=UTF-8"" /> <meta name=""viewport"" content=""width=device-width""> <title>Maintenance

    Sorry… Briefly unavailable for scheduled maintenance.

    Please try again in a minute.

    Thank you for your patience.

    }}}" Paddy Landau 11 48951 email_too_short is not good email validation candidate dev-feedback Mail 5.4 low trivial Awaiting Review feature request new 2019-12-12T14:23:07Z 2020-08-09T18:18:07Z "Currently, both `is_email` and `sanitize_email` will invalidate/sanitize valid emails: {{{#!php 'admin@mailserver1' 'm@m' }}} Both are valid emails. ICANN just discourages using them. The problem comes when you work with decoupled WordPress, and the front end is using custom validation that allows such emails, but WordPress doesn't so you don't have consistent behavior. Plus this is just wrong, as the official specification allows such mails. https://en.wikipedia.org/wiki/Email_address#Valid_email_addresses " dingo_d 1 48953 Improved revision control related to posts and the numerous auxiliary benefits Revisions 5.4 normal major Awaiting Review enhancement new 2019-12-12T19:27:54Z 2019-12-18T15:30:24Z "Imagine for a moment, the Gutenberg full-site editing capability is in full swing: - How does a user restore defaults? - How does a user easily undo actions? - How does a user easily go back to a previous theme? - If the user deletes a theme, how can all the associated custom post versions for that theme be deleted as well? That (and more) could be easily achieved if posts revisions worked in a different way. In the Gutenberg full-site editor example above, each theme could create a ""branch"" of revisions. There would then be major and minor versions. I propose that the default should be to keep all major versions (unless the user manually deletes them of course), as well as all minor versions since the last major version up to the current version. This would allow for the user to ""back space"" in the full site editor, but in a way that is actually meaningful. It has been suggested that a user could simply set the revisions constant. However, particularly in an environment that encourages ""tinkering"" like the Gutenberg full site editor would be, it is entirely possible that a user could create a thousand revisions in a very short period of time. Since there is no way to know which revision is which / search revisions, allowing users to ""backspace"" isn't meaningful. Having ""branches"" would also allow plugin authors to create simple mechanisms to do A/B split testing on appearance (not content, that should still be possible). Moreover, this has a huge implication on the size of the mySQL database, particularly in shared hosting environments and particularly when site content is exported and imported using the core Tools. While it is not feasible to keep 35 trivial changes to the background colour, every semi-colon change to a Terms of Service may very well be crucial. The core infrastructure should allow (whether inside core or via plugin) for different treatment of different post types in regards to revisions. This ticket is related to https://core.trac.wordpress.org/ticket/21666, but is not a duplicate." carike 5 48954 """Sticky"" post state shows even for non-Post post-types" Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-12-12T21:54:48Z 2019-12-12T22:15:24Z "Reported in the support forums: https://wordpress.org/support/topic/sticky-tag-remains/ When users of my Post Type Switcher plugin switch a Post into a Page, that page still shows as ""Sticky"" in the Pages list-table UI, even though Pages do not support the ""sticky"" functionality." johnjamesjacoby 2 48955 WP 5.3.1 changes cause potential backwards compatibility breakage with kses Security 5.3.1 normal normal Future Release defect (bug) new 2019-12-12T22:49:11Z 2020-08-12T09:15:43Z "Kses used to allow an array to be (incorrectly) passed in, and would just return the same array. Now it will return an empty string. Before: {{{#!php $test = ['this', 'is', 'an', 'array', 'but', 'shouldnt', 'be']; // Returns the above array wp_kses_post( $test ); }}} After 5.3.1: {{{#!php $test = ['this', 'is', 'an', 'array', 'but', 'shouldnt', 'be']; // Returns empty string wp_kses_post( $test ); }}} Now to be clear, passing an array and not a string into wp_kses is wrong and in the past wouldn't do anything for you. But this kind of just ""worked by accident"" I guess. So while it is incorrect usage, this release does change behavior. This stems from the changes with the new `wp_pre_kses_block_attributes` filter I believe that is hooked onto `pre_kses`. Looking at the changes, I don't think it technically needed to cause this break, was more of a side effect. At a minimum, I'm thinking maybe we should add some tests around this behavior to catch this sort of change in the future?" iCaleb 28 48962 Start using namespaces in Core dev-feedback General normal normal Awaiting Review enhancement new 2019-12-13T09:39:16Z 2019-12-13T13:04:19Z "After moving WordPress minimum PHP version to 5.6 with plans for 7.x there was a big reason to upgrade core to modern PHP-development approaches. The biggest advantage of namespaces is autoloading. Nowadays many plugin developers using Composer or their own autoloaders in every plugin. Some part of developers just ""include(_once)"" everything. And Composer is more preferable solution. But it is a big problem. Many plugins are using their local directory autoloader/composer. And that can be easily solved by using Composer in WordPress distibution. Composer can simplify work with dependecies and plugin updates or even WordPress updates. I don't think that WordPress need own autoloader when in PHP-world exists de-facto standard in face of Composer. But it is just my personal opinion. There are no extraordinary problems to upgrade code to namespace basis. It can be done by some script. To avoid BC changes we need just use \class_alias() for namespaced classes to make copy in global namespace. Old class-files can be marked as deprecated. " taraschr 1 48967 Twenty Twenty: gallery and page cover image overlap each other on iPad audrasjb reporter-feedback Bundled Theme 5.3.1 normal normal Awaiting Review defect (bug) reviewing 2019-12-13T23:19:05Z 2019-12-16T20:42:36Z On iPad, page titles(cover or featured images) and galleries overlap each other. This happens only on the pages that have galleries and only on iPad. They work well on PC and iPhone. juliahsun 3 48973 wp_text_diff() out of memory with 10GB memory limit on certain revisions Revisions 5.3.1 normal normal Awaiting Review defect (bug) new 2019-12-14T16:33:35Z 2019-12-16T20:59:38Z "Hi, I have identified a bug with wp_text_diff on a blank WP install on PHP 7.2.8 and 7.3.12 The bug causes the system to run out of memory no matter how much is available. I found it while trying to edit some revisions. The texts are large (50KB), maybe it has something to do with it. To replicate the bug you need to use this code. I will provide the files. {{{#!php should return HTTP200 - localhost?p=2 -> should return HTTP200 - localhost?p=404 -> should return HTTP404" hideokamoto 1 48978 Add a new test case for E2E test (Show admin bar if user logged in) hellofromTonya has-patch Build/Test Tools normal normal Future Release defect (bug) assigned 2019-12-15T05:37:52Z 2022-10-10T13:30:46Z "We can add a new test case for our e2e test. ** Case - When: User logged in. - Where: Go to own website. - Expect: Should show admin bar top of the page" hideokamoto 19 48982 Unable to update the wordpress reporter-feedback Upgrade/Install 5.2.5 normal normal Awaiting Review defect (bug) new 2019-12-15T09:25:05Z 2022-11-04T09:14:08Z "Hi, I have facing issue with WordPress 5.2.5 to WordPress 5.3.1 update. when i am trying to update then some time timeout issue & now we are getting some other error ( other update is currently in progress). for more information see mention below video link & screenshot link. https://www.loom.com/share/d3ad963dcb6544cc82211feb0384ab62 Thanks" iihglobal 3 48988 WordPress Does Not Generate JPG Sizes After 5.3.1 reporter-feedback Media 5.3.1 normal normal Awaiting Review defect (bug) new 2019-12-15T12:23:16Z 2020-03-12T15:32:41Z "I have a strange problem on all my wordpress sites after upgrading to 5.3.1 When uploading an image to the site, it does not create any additional size nor the thumb 375x175 it should create ... I've tried using plugins that generate image sizes and they didn't work either ... The strange thing is that if the image is PNG it does create the other sizes, the error happens only with JPG images. Even if I rename a JPG image to PNG the process doesn't work ... Remembering that wordpress uploads the image normally, it just doesn't generate the extra JPG sizes, absolutely no additional sizes. " kevinbkt10 5 48989 Blocks properly not showing on mobile device Editor 5.3 normal normal Awaiting Review defect (bug) new 2019-12-15T12:43:55Z 2019-12-16T09:02:25Z Gutenberg Blocks properly not showing on mobile passoniate 1 48992 MP3 artwork issue in WordPress 5.3.1 Media 5.3.1 normal normal Awaiting Review defect (bug) new 2019-12-15T21:01:49Z 2020-04-12T21:13:27Z "Hello! I've had an issue with WordPress ever since I installed it where MP3 files would lose their artwork, which split into a separate file. This might sound familiar to some, as it was the core of the following closed issues: #40085 / #40075 The problem: This has never stopped happening for me. I've disabled add-ons related to the uploader and media library to no avail once I found out that this was apparently a solved issue. I have a test-site which I am going to try disabling all add-ons. Any other" mattgcn 5 48996 Add lang attribute to the content in the backend I18N 4.7 normal normal Future Release defect (bug) new 2019-12-16T09:08:21Z 2020-05-08T14:14:59Z "Since WordPress 4.7, it is possible for a user to display the backend in a language different than the current site's language. In this case, the html 'lang' attribute is set to the user's language. I am not an accessibility expert but I expect that this causes an issue for screen readers as the site's content will be read with a wrong language. Also I am not sure if this is an issue to often switch the language of a screen reader. Anyway, I propose to add a 'lang' attribute to all the html tags displaying content. This 'lang' attribute must be filterable for multilingual plugins being able to select the correct language for each content. " Chouby 8 49008 Twenty Twenty: Design issue in Customizer on iPad has-patch Bundled Theme 5.3.1 normal normal Awaiting Review defect (bug) new 2019-12-17T10:08:17Z 2022-02-01T05:45:54Z "Hi, Design issue in customize.php on Twenty Twenty theme. For more information sees mention screenshot. Thanks" sumitsingh 3 49009 Customizer header overlaps top of preview at small screen sizes has-patch Customize 5.3.1 normal normal Awaiting Review defect (bug) new 2019-12-17T10:19:20Z 2023-06-07T13:56:08Z "Hi, Design issue in customize.php on Twenty Twenty theme when preview page. For more information sees mention screenshot. Thanks" sumitsingh 3 49012 Date format output incorrect in Finnish Date/Time 5.3.1 normal normal Awaiting Review defect (bug) new 2019-12-17T15:31:34Z 2022-04-29T22:49:19Z "Pretty much exactly the duplicate of previous tickets reporting this issue with at least Italian and Russian languages, like here: #48606 In my case the problem occurs with Finnish using 5.3.1. The date format ""F j, Y"" shows up as ""2 joulukuun, 2019"", which basically has F and j reversed." kipex 3 49014 Silence set_time_limit() call in wp-admin/includes/class-wp-upgrader.php Upgrade/Install normal trivial Awaiting Review defect (bug) reopened 2019-12-17T15:39:09Z 2019-12-24T04:03:22Z "Aggiornamento delle traduzioni per Twenty Twenty (it_IT)… Warning: scandir(/home/.dummy/temp/): failed to open dir: Permission denied in /home/user/wp/wp-includes/functions.php on line 2479 Warning: scandir(): (errno 13): Permission denied in /home/user/wp/wp-includes/functions.php on line 2479 Warning: array_diff(): Argument #1 is not an array in /home/user/wp-includes/functions.php on line 2479 Notice: set_time_limit() has been disabled for security reasons in /home/user/wp-admin/includes/class-wp-upgrader.php on line 468 Le traduzioni sono state aggiornate con successo. Tutti gli aggiornamenti sono stati completati. {{{#!php suppress_filters` which would be set to false by default." aurovrata 6 49030 Twenty Twenty: video resize functionality also impacts other elements on the page dev-feedback Bundled Theme 5.3 normal normal Awaiting Review defect (bug) new 2019-12-18T17:34:13Z 2020-05-14T15:37:38Z "Twenty Twenty bundles a functionality named ""Intrinsic Ratio Embeds"", allowing videos ({{{iframe}}}, {{{object}}}, {{{video}}}) to be automatically resized on demand. This is practical, but can be problematic for some elements on the page that may not behave like a video, or that may not be in the post content at all. While plugins can use the {{{.intrinsic-ignore}}} CSS class to avoid being impacted by this, I wonder if we could be a bit more specific within the theme, and only target videos inside the post content. This would avoid conflicting with plugins adding iFrames and / or videos outside of the post content, like in widgets. " jeherve 4 49032 Introduce __return_value() General normal normal Awaiting Review feature request new 2019-12-18T18:40:32Z 2019-12-18T19:25:11Z "WordPress has, since quite long time, helper functions like `__return_true` and [[https://developer.wordpress.org/?s=__return_&post_type%5B%5D=wp-parser-function|others]]. These are useful to be added to filters. Now that minimum PHP version is 5.6 we could have something like: {{{#!php New Patient Packet
    the recent updated made the same link format like this when you click on it: https://www.aspirefamilydental.com/%22/wp-content/uploads/NT-transfer-records-to-sister-office-form.pdf/%22 I had to go in and change the text to this in order to make it work. New Patient Packet I manage over 200 sites. I have easy way of finding every link in every widget on all the sites I manage. Please fix the text widget to accept links without quotes like it used to. " spherman 5 49046 Add filter to send_confirmation_on_profile_email() SergeyBiryukov dev-feedback Users normal normal Future Release enhancement reviewing 2019-12-19T17:54:41Z 2020-02-10T18:47:17Z To be consistent with the other user notifications, all aspects of this email should be filterable, not just the content. jfarthing84 4 49055 Standardise Plugin Notices With a Fly-Out Right-Hand Menu close Administration normal normal Awaiting Review enhancement new 2019-12-20T16:19:38Z 2019-12-20T19:18:56Z "Following on from my previous ticket, I have another suggestion, borne out of frustration. Background: I'm primarily a developer, but with a background in UI design. I've been building with WP for 8 years, and work with client sites day-to-day when they're loaded with plugins, rather than 'vanilla' installs. I'd like to suggest standardising plugin notices. There's such a varying approach to plugin notices. In addition to the top 'header area', being misused for adverts: * Some plugin authors post notices under the 'upgrade' link in the plugin list (Woo is bad for this) * Some launch a notice in the header area after upgrading their plugin, and loading a page, with a 'What's new' etc. * Random adverts displaying occasionally 'do you like our plugin?' * I've started seeing notices pop-up on the front end. An analytics plugin, notifying you if you're signed in that you're not tracked. Plugin authors all think their notices are useful, but they're not if you update 15 plugins doing the same thing, all in different ways, often at inconvenient times, within the **global template**. The plugins own pages are fair-game though. My suggestion for standardisation would be a right-hand fly-out menu for plugin notices. Perhaps an icon top right could indicate new notices are available - click the icon to fly-out the right-hand menu. Within the right-hand menu, plugins can place a notice of their choice - whether informative, up-selling or whatever. End-users could then dismiss an individual notice, or mute a plugin entirely." crdunst 2 49056 Can we stop bundling default themes? close Upgrade/Install normal minor Awaiting Review defect (bug) new 2019-12-20T16:36:08Z 2022-12-09T20:01:38Z "Maybe this has been raised before - I searched, but couldn't find the same suggestion. Can WordPress stop bundling themes with upgrades? I understand a default theme (such as TwentyTwenty) makes sense with a fresh install, but not on existing websites, for a number of reasons: **1)** Bundled, but unused themes just mean more code overhead. More guessable directories/files for malicious actors to hack. **2)** Extra disk space is needed to store these mostly unused themes. Individually it's not much space, but multiply it up into millions of installs, and cumulatively it's significant. **3)** Extra bandwidth when they're downloaded for both WordPress.org CDNs, and also for end-user sites. I deleted 2020 theme from a client's website when upgrading to 5.3, and I've just had to delete it again, presumably after 5.3.1 or 5.3.2 self-installed. They're never going to use one of the default themes (as good as they are) for their corporate site, so it's just a waste of everyone's time. I'm maintaining dozens of sites, so this gets annoying. There's an argument for 'what about if they delete their only theme - it needs a theme to default to'. This doesn't stack up though if the end-user can manually delete the default theme, and find themselves in the same position. UI can overcome this to a degree when no themes are available with a 'search the repo for a theme, how about twentytwenty (maybe the interface does? I've never tried deleting all themes on an install). Anyway, just my feedback from a regular user/maintainer. " crdunst 11 49057 Add tag for any WP_Query for simple access in pre_get_post action Query normal normal Awaiting Review feature request new 2019-12-21T04:54:24Z 2019-12-21T04:54:24Z "At current time it is difficult for find out which query is running at pre_get_post action I offer add extra property to WP_Query as tag-name. by this way i simply find out which query is running just by custom tag that added in any WP_Query object" hamedmoodi 49059 Whitespace inside p element in wp-signup.php should be removed dev-feedback Networks and Sites 3.0 normal normal Future Release enhancement assigned 2019-12-21T14:49:34Z 2020-02-11T15:32:03Z "In wp-signup.php there is a paragraph of text with a lot of left and right whitespace. {{{

    Welcome back, Peter. By filling out the form below, you can add another site to your account. There is no limit to the number of sites you can have, so create to your heart's content, but write responsibly!.

    }}} We should remove the whitespace because it isn't necessary." henry.wright 32 49069 Multisite: 404 template isn't used in network installs when a file extension is used in the URL dev-feedback General normal normal Awaiting Review defect (bug) new 2019-12-23T15:31:00Z 2020-04-15T09:08:50Z "The WordPress 404 template isn't used when certain URLs are visited. For example: - https://commons.gc.cuny.edu/sites/file.php - https://blogs.harvard.edu/file.php Note this seems to happen in network installs only. I can't reproduce when using a single install." henry.wright 8 49071 None of the images with the file name ending -300x250 will work as expected after downloading Media 5.3.2 normal minor Awaiting Review defect (bug) new 2019-12-23T22:22:52Z 2019-12-23T22:29:46Z "If I upload an image called image-300x250.jpg (or any other with ending -300x250) via media gallery I can see the image (and 150x150 version) in the upload folder but the image thumbnail is blank in the media gallery. The image is blank also in the Gutenberg editor screen and in the front end. Anyway the correct img src url seems to be found in the front end html code. " mmoro 1 49072 Move readme.html & license.txt out of project root (maybe into Uploads?) General normal normal Awaiting Review enhancement new 2019-12-23T23:13:06Z 2021-11-16T00:22:49Z "On the majority of WordPress installations, it is possible to navigate to 2 files that are outside of the control of PHP: * https://nacin.com/license.txt * https://nacin.com/readme.html One could argue that it is a good thing these files are visible; that the GPL license is something worth sharing at the root, or that the Famous 5 Minute Install is still an idea worth promoting. However, it is not uncommon to re/move these files, or otherwise obscure them via other means (server configurations, running WordPress in a subdirectory, etc...) * https://ma.tt/license.txt * https://wordpress.com/license.txt * https://wordpress.org/license.txt All of the immediately above URLs do not work, and result in a 404 page. ---- Some folks recommend removing these files as a security precaution, though I'm not confident this ultimately protects from very much. Some folks delete these files from their internal WordPress forks simply to reduce their maintenance footprint, particularly when they do not need to distribute their changes. Ultimately though, I have always considered these files to be assets that belong ''inside'' of WordPress, not ''outside'' of it. `license.txt` is important to the person who downloaded and installed it, not to any visitor of the site, and the same can be said about `readme.html`. That's why, I believe, these assets would be better served as part of the Default Site Content, specifically inside the Media Library. I'm imagining that, upon a successful installation, these files would be moved out of the root of the installation, and into corresponding Media Attachments, as the very first 2 files in the Media Library. * This helps promote the ideologies of the GPL to end users, and hopefully forces us to consider how valuable the content inside of `readme.html` really is these days (it still links to Planet, IRC, the Codex, and a number of other deprecated locations.) * This helps users familiarize themselves with what kinds of files can exist inside the Media Library (`.html` is not an allowed file type, so this would likely need a total rethink, maybe a `.txt` file is sufficient?) The reason I'm including the proposed solution above, is because I think these files still need to exist in the root as part of the pre-installation experience. Once installed, though, these files become invisibly burdensome on the web server, as they are untracked in PHP and rarely changing in the WordPress project. This is another one of those far-out JJJ ideas that I'm not expecting much serious traction on, but I do think would be a welcome improvement to the overall WordPress installation process. Other OSS projects do something similar with their own bundled assets (NextCloud, GitLab, etc...) so this is not a completely new idea." johnjamesjacoby 5 49075 Twenty Twenty: Inserted images not responsive at smaller browser widths reporter-feedback Bundled Theme 5.3 normal normal Future Release defect (bug) reopened 2019-12-24T08:32:24Z 2020-02-20T16:50:26Z "Reported on the forums here initially: https://wordpress.org/support/topic/posts-images-are-not-responsive When decreasing the browser width down to the > 600px width you'll start to see some images being cut off. This is due to the following code: {{{ .entry-content > *:not(.alignwide):not(.alignfull):not(.alignleft):not(.alignright):not(.is-style-wide) { max-width: 58rem; width: calc(100% - 4rem); } }}} As inserted images are placed inside of a
    element the code sets the max-width to something wider than what the browser width is. If the inserted image has a width set inline, it'll cause it to display past the border of the browser. max-width could be set to either 100% in this case or could be targeted using media queries to something where if the browser width is less than 600px the max-width is then set to 100% " JarretC 4 49077 Add https://github.com/WordPress/wordpress-develop to Packagist Build/Test Tools normal normal Awaiting Review enhancement reopened 2019-12-24T11:03:11Z 2020-09-25T19:25:02Z Currently, the WordPress Develop repo is not on Packagist, even though it now has a composer.json file (thanks to #43558). In order to use as a dependency, for example to use as a foundation to building an automated testing suite for a theme or plugin, you need to manually add the Github URL as an additional repository definition in your project's composer.json file. Normally this wouldn't be much of an issue, but due to the large number of branches and tags, Composer has to search the entire repo to generate a list of tags and branches available on every install/update, which takes several minutes! Adding WordPress Develop to Packagist (to be alongside https://packagist.org/packages/wordpress/phpdoc-parser), would parse and cache branches and tags as they are released via the Packagist Github hook. clarinetlord 7 49078 Media Library permission checks in WordPress reporter-feedback Media 5.3.2 normal major Awaiting Review defect (bug) new 2019-12-24T13:19:41Z 2020-03-12T14:36:07Z " If permissions to ~/uploads/ are not set correctly (or was modified in some manner), deleting media will only delete database references (item(s) will disappear from the Media Library view) but the actual files are not deleted. However, when uploading media, permission errors are displayed. This seems to be the the default behavior. When was the last time you checked the contents of ~/uploads/ directory? " danskoya 3 49086 "The ""site_icon"" option isn't always removed when the site icon is deleted" dev-feedback Media normal normal Awaiting Review defect (bug) new 2019-12-27T17:38:05Z 2022-01-06T02:32:21Z "If you delete the site icon image by going to Media > Library, the ""site_icon"" option isn't deleted from the database. Note the option is deleted if you go Appearance > Customize and remove the icon through the Site Identity tab." henry.wright 3 49093 get_posts Some fields of the $args argument are not documented close Posts, Post Types 5.4 normal minor Awaiting Review defect (bug) assigned 2019-12-29T20:28:02Z 2020-01-14T14:45:13Z "Some fields of the $args argument are not documented in get_posts. I believe it is important to describe all the optional arguments for this function. https://developer.wordpress.org/reference/functions/get_posts/" Marcio Zebedeu 3 49094 preg_match() expects parameter 2 to be string on line 417 of wp-includes/class-wp-block-parser.php Editor 5.3.2 normal critical Awaiting Review defect (bug) new 2019-12-29T20:45:06Z 2020-04-04T13:36:50Z "wp version 5.3.2 os MacOS 10.15.2 browser FireFox 71.0 Building a custom theme and on a very simple page if I have a qry param in the url that is an array ''(ex. ?c[]=3&c[]=6)'' I get the following warnings. If I change the url param to a string like ''c=3'' then the warnings go away. {{{ Warning: preg_match() expects parameter 2 to be string, array given in /wp-includes/class-wp-block-parser.php on line 417 Warning: strlen() expects parameter 1 to be string, array given in /wp-includes/class-wp-block-parser.php on line 489 }}} The reason the url has these params is for a custom data filter with a multi-select menu. After a google search it appears that this bug was introduced in version 5.3.1 and based on my findings to fix the issue that is accurate. The bug appears to be related to the parse_blocks() function, I was able to trace the issue back to this location: blocks.php line 271 function filter_block_content(); If I update the function like so, {{{ function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) { $result = ''; if ( !is_array( $text ) ) { $blocks = parse_blocks( $text ); foreach ( $blocks as $block ) { $block = filter_block_kses( $block, $allowed_html, $allowed_protocols ); $result .= serialize_block( $block ); } } return $result; } }}} by adding the **if !is_array()** condition the page works properly and warnings go away. I'm not 100% sure if this is the correct place for this fix but wanted to let you know about the issue, since I don't believe WP should be trying to parse qry params this way. Hope this information is helpful." thenerdcave 1 49102 Multisite: removed_user_from_blog hook SergeyBiryukov has-patch Users 5.3.2 normal minor Future Release feature request reviewing 2019-12-30T23:11:28Z 2020-09-06T12:39:10Z "I useful hook would be something like ""removed_user_from_blog"". As it is now there is not a way to hook in once a user has been removed from a multisite blog. There could be many use cases for this such as a custom notice to the user that was removed, doing something with the user after they are removed, etc." kevinu 8 49109 Array offset access notice problem with `remove_meta_box()` and `add_meta_box()` function. Posts, Post Types 5.3.2 normal critical Awaiting Review defect (bug) new 2019-12-31T13:57:29Z 2020-02-26T10:56:19Z "When I use `remove_meta_box()` function: {{{#!php FROeHLICH KÖNNEN -> KOeNNEN If it was changed to be all uppercase, it would work much better: FRÖHLICH -> FROEHLICH KÖNNEN -> KOENNEN When used at the start of a word, it would also work fine, if capitalized: ÖFFENTLICH -> OEffentlich ÜBERGANG -> UEbergang Therefore, I would propose changing the table located in wp-includes/formatting.php:1941 (https://github.com/WordPress/WordPress/blob/master/wp-includes/formatting.php#L1941) to the following: {{{ if ( 'de_DE' == $locale || 'de_DE_formal' == $locale || 'de_CH' == $locale || 'de_CH_informal' == $locale ) { $chars['Ä'] = 'AE'; $chars['ä'] = 'ae'; $chars['Ö'] = 'OE'; $chars['ö'] = 'oe'; $chars['Ü'] = 'UE'; $chars['ü'] = 'ue'; $chars['ß'] = 'ss'; }}} Though, to be entirely correct, the surrounding characters would have to be checked, which would be difficult, given the current architecture. There even is a capital ß now, which would be substituted with SS. I am happy to hear any second opinions on this. Best regards, Benedikt" bmuessig 3 49136 White screen in password protected posts, referrer policy Posts, Post Types 5.3.2 normal normal Awaiting Review defect (bug) new 2020-01-05T17:19:32Z 2020-03-06T15:20:10Z "**Background** Under some circumstances WP is displaying a white screen refering to URL ..../wp-login.php?action=postpass after entering either correct or incorrect password into password protected posts. It turns out this behaviour occurs reproducably in case WP site is set to no-referrer policy e.g. by Nginx configuration. This behaviour was observed since about July last year. **Steps to reproduce** 1. Force no-referrer policy in Nginx .conf file add_header Referrer-Policy no-referrer; service nginx restart 2. Protect any post by password 3. Verify no-referrer policy in e.g. Chrome F12->network 4. Enter password into your password protected post 5. /wp-login.php?action=postpass white screen pops up, no error message, no debugg hints. These steps reproduce in any WP configuration (under ubuntu server 18.04 LTS, LEMP stack) with or without themes/plugins. Exception: Safari and Edge (as of August last year) do not show white screenn. Reason: These browsers do not support referrer policy. **Work around** Set referrer policy to any other policy than no-referrer. In my case strict-origin-when-cross-origin did the job. **Suggestion** This issue might not be too common but it might become more relevant due to GDPR in Europe. It seems that wp-login.php requires a reference to the calling URL to be able to redirect to that URL after verifying the password. In case of no-referrer policy this reference is not disclosed, hence wp-login.php cannot return to its caller. If that is the case in order to ensure stable operation of password protected posts WP must not allow no-referrer policy but should force any other secure policy." derfuchs98 2 49149 Write tests for WP_Query needs-unit-tests Query normal normal Awaiting Review enhancement assigned 2020-01-07T22:01:10Z 2020-02-20T02:32:06Z "WP_Query is one of the most critical classes in WordPress. It holds a lot of features and complicated rules to generate the SQL queries to fetch posts from the databases. Working on bug fixes and new features for it is very tricky because one is always afraid that any change to it could silently break things and tear the world apart. One way to make us feel more secure when working with this class is to have better test coverage for it. Looking at the tests we currently have I found very few tests for this class. I've created this ticket to organize and receive patches to add tests to this class. Below I organized the WP_Query parameters we should, at first, create tests for. Once we have tests for them individually, we can think of a way to write tests that combine different parameters. {{{ * Author params * author * author_name * author__in * author__not_in * Category params * cat * category_name * category__and * category__in * category__not_in * Tag params * tag * tag_id * tag__and * tag__in * tag__not_in * tag_slug__and * tag_slug__in * Tax_query * Meta_query * date_query * post_mime_type * fields * name * page_id * pagename * post_parent * post_parent__in * post_parent__not_in * post__in * post__not_in * post_name__in * has_password * post_password * post_type * post_status * comment_count * nopaging * posts_per_page * offset * paged * ignore_sticky_posts * order and orderby paramaters }}} PS - what motivated me to open this ticket (and start working on these tests) was #48556 and #44737" leogermani 9 49151 Show a warning for plugins in WP admin that haven't received updates in a long time audrasjb* dev-feedback Site Health normal normal Future Release feature request accepted 2020-01-08T10:09:36Z 2024-02-23T13:13:08Z When upgrading plugins in WordPress admin users are very likely to miss plugins that aren't receiving regular updates from their authors. The same warning (or similar) that's displayed on WordPress.org plugin repo should be displayed in the same manner as available plugin updates on the WordPress admin plugin page. vincenthasselgard 66 49153 Undefined Variable Warning reporter-feedback Posts, Post Types normal normal Awaiting Review defect (bug) new 2020-01-08T18:25:24Z 2020-01-09T19:21:08Z "Notice: Undefined property: WP_Post::$filter in wp-includes/class-wp-post.php on line 342 The fix is simple change the if statement to: if ( !empty( $this->filter ) ) {" tweidman 2 49154 Twenty Twenty: group blocks do not clear children Bundled Theme 5.3 normal normal Future Release defect (bug) new 2020-01-08T20:01:30Z 2020-04-29T15:50:46Z "**reproduced by:** 1. Create a group block 2. add a button within the group block 3. make the button float right **issue:** the group block will not clear floating children producing probably unwanted results in the frontend (and backend). **fixed by:** {{{ .wp-block-group__inner-container::after { content: """"; display: table; clear: both; } }}} " anonymized_14254218 1 49155 WP_HOME constant will force-redirect static front page but not posts on front page Rewrite Rules 5.3.2 normal normal Awaiting Review defect (bug) new 2020-01-09T03:42:32Z 2020-01-09T03:42:32Z "When a static front page is set and I have an HTTPS URL configured with the `WP_HOME` constant (such as `https://example.org`) and I try to navigate to `http://example.org`, I'll be redirected to `https://example.org`. When the front page is set to show latest posts and I do the same thing, WP will respond successfully to `http://example.org` with no redirect. I imagine this isn't specific to http/https. If my server is configured to respond to other URLs with the WP app, I ''think'' it would respond to anything. This behavior seems like it ought to be consistent. The code in `wp-includes/canonical.php` around line 192 is responsible, and perhaps another case should be added?" eclev91 49161 Disabling big_image_size_threshold via filters does NOT work Media normal major Awaiting Review defect (bug) new 2020-01-09T18:50:29Z 2021-11-06T02:27:00Z "Trying to disable the new image sizes in WordPress but this has no effect! I'm still seeing the new large sizes being saved on my server even after using this code. {{{ add_filter( 'big_image_size_threshold', '__return_false' ); }}} This is a very serious issue for me. My site accepts user uploads but I've been overwriting the full size images with the thumbnail not just to save space on server but also so that I don't have large images stored on my server in case of possible copyright abuse. This should have been a feature you need to turn on, not something that automatically happened after a site is auto upgraded. I absolutely need this disabled but the ability to disable this is NOT working. " bbtodd 5 49164 Page List Order Posts, Post Types normal major Awaiting Review enhancement new 2020-01-10T15:30:24Z 2020-01-13T19:27:23Z "By default, pages in the WP Page List should default to the last added/edited page. Currently, the order of pages seems unfathomable. I have 247 pages and after I have created a new one, I then have to search for it, often by saying show me only pages I created or edited this month. This is a constant waste of time. As well as a proper and useful default order, you should be able to set the order you want to see permanently via settings or by being able to save the current set up of the Page List" jfortune 4 49166 need a function to know if a dashicon exists. dev-feedback Administration normal normal Awaiting Review enhancement new 2020-01-10T18:27:24Z 2022-05-31T12:36:08Z "Hello, Is there a way to know if a dashicon exist or not? I think there's currently no function and I don't really know if this is possible to create it or not... In my mind, it would be a function as is_dashicon_exists( 'dashicons-linkedin') returning true or false. Do you think it should be possible to create?" sebastienserre 6 49168 is_post_type_archive( $post_types = '' ) doesn't work with underscore (_) has-patch Query 5.3.2 normal normal Awaiting Review defect (bug) new 2020-01-11T04:18:59Z 2020-01-11T05:04:34Z "I define my custom post type slug using underscore, e.g. 'post_type'. But it always returns false when I try to check with `is_post_type_archive( 'post_type' )`. It turns out I have to use hyphen (-) instead of underscore (_), e.g. `is_post_type_archive( 'post-type' )`. It is confusing because I defined the CPT using underscore, but the `is_post_type_archive()` doesn't accept underscore. The issue is `is_post_type_archive()` uses `$post_type_object->name` instead of `$post_type_object->slug` to check against. For backward compatibility, should we accept both underscore (_) and hyphen (-) in the `is_post_type_archive( $post_types )`?" maurisrx 2 49169 Action Hook 'edited_terms' in function 'wp_update_term()' needs the Form POST Parameters Taxonomy normal normal Awaiting Review enhancement new 2020-01-11T14:40:44Z 2020-01-12T09:46:32Z "Hello, In order to implement the Term Meta Data Form as documented in #48000 I found that the Edit Form POST Parameters are not passed the Action Hook `edited_terms` in the function `wp_update_term()`. The Filter `wp_update_term_data` does receive the POST Parameters in the `$args` Variable but the later Action `edited_terms` does not. According to the Relationship between the Term Meta Data and the Term it is required that the Term is a valid Database Entry in order to insert savely the Term Meta Data. So only AFTER checking that the Term is correct and exists the Term Meta Data can be inserted. So I would love to change the Action Function Call accordingly." bodohugobarwich 3 49171 Trying to get property 'post_type' of non-object in wp-includes/link-template.php on line 682 Feeds normal normal Awaiting Review defect (bug) new 2020-01-11T17:19:45Z 2020-06-04T17:34:55Z "Hi there, I believe this maybe a bug or at least an unchecked condition (post/page does not exist) throwing the above error. I have legit crawlers visiting that cause these errors. Running 5.3.2. All plugins disabled (except for Health Check & Troubleshooting). Theme: Twenty. How to re-produce : https://your.site.com/news2020/feed/atom/ It is key that the slug for the post/page does NOT (NO longer) exists. Stack trace: 1. {main}() /Users/me/root/index.php:0 2. require() /Users/me/root/index.php:17 3. require_once() /Users/me/root/wp-blog-header.php:19 4. do_action() /Users/me/root/wp-includes/template-loader.php:13 5. WP_Hook->do_action() /Users/me/root/wp-includes/plugin.php:478 6. WP_Hook->apply_filters() /Users/me/root/wp-includes/class-wp-hook.php:312 7. redirect_canonical() /Users/me/root/wp-includes/class-wp-hook.php:288 8. is_front_page() /Users/me/root/wp-includes/canonical.php:498 9. WP_Query->is_front_page() /Users/me/root/wp-includes/query.php:456 10. WP_Query->is_page() /Users/me/root/wp-includes/class-wp-query.php:3879 PHP Notice: Trying to get property 'post_type' of non-object in /Users/me/root/wp-includes/link-template.php on line 682 A variant (same sort of problem) throws an error in class-wp-query.php with the following: https://your.site.com/news2020/feed/ " ronald2020 1 49173 Allow sanitized inline styles on oEmbed iframes has-patch Embeds 4.4 normal normal Awaiting Review defect (bug) new 2020-01-11T21:31:58Z 2020-01-13T17:09:44Z "Embeds from the New York Times are currently broken because the oEmbed ` >> this width / height seems large and does not seems to come from the site theme either. " Trouffman 2 53938 replace core uses of wp_parse_url() with PHP's native parse_url() close HTTP API normal normal Awaiting Review enhancement new 2021-08-16T20:58:40Z 2021-08-17T16:38:31Z "[https://developer.wordpress.org/reference/functions/wp_parse_url/ wp_parse_url()] was introduced in #34408 to get around URL parsing failures of PHP's [https://www.php.net/manual/en/function.parse-url parse_url()] in PHP < 5.4.7. With the minimum supported PHP for core now 5.6.20, `wp_parse_url()` no longer seems necessary and `parse_url()` can be used directly. For background on this ticket, see the [https://wordpress.slack.com/archives/C02RQBWTW/p1629146151384100 slack thread]. " pbiron 9 53941 When converting images after uploading the original image may not be converted Media 5.8 normal normal Future Release defect (bug) new 2021-08-17T03:12:58Z 2021-11-16T18:57:42Z "This is less noticeable when the original image is larger than the ""big image threshold"" (and not a PNG) as the scaled image is converted. To reproduce: - Set image conversion, for example GIF to JPEG. - Upload image.gif that is smaller than 2560x2560px. - Note that image.gif is listed in the Gallery and present in the uploads directory but it's sub-sizes have been converted to JPEGs like image-150x150.jpg, etc. Expected behavior: the original image should be converted." azaozz 4 53942 Non-single post meta multiple value update breaks post save through REST API REST API 5.8 normal blocker Awaiting Review defect (bug) assigned 2021-08-17T13:00:31Z 2021-08-17T15:21:25Z "This is a follow-up to #52787. Same situation as in #52787, but this time while updating **non-single** meta **multiple values at once** like `{ meta: { metaKey: [1, 2, 3] } }`, REST API fires `update_multi_meta_value()`, which tries first to delete old values in the database. When no meta value is present in database, `get_metadata()` returns defaults as `$current_values` and then trying to delete them anyway (non-existent in fact). This causes `update_multi_meta_value()` to return `WP_Error('rest_meta_database_error')` on `delete_metadata()` failure. BTW, error messages could be more specific from `'Could not update the meta value of %s in database.'` to `'Could not update/delete...'` and `'Could not update/add...'`." iknowsomething 1 53944 Video resolution in portrait orientation has-patch Media 5.8 normal normal Awaiting Review defect (bug) new 2021-08-17T14:17:33Z 2021-08-17T17:07:51Z "Hi! I uploaded mp4 video file having portrait orientation and found that attachment metadata contains swapped width and height parameters. I see that WP is using getID3 library to read video metadata and found that it can detect when video is rotated. I used following filter to fix that: {{{#!php set_role( /* some role */ ); restore_current_blog(); } }}} The end result is that the role is only applied to the root site, because the user object's `cap_key` property is never updated when the site is switched. However, the user's ""user level"" ''is'' updated correctly for each site — because WP_User's `update_user_level_from_caps` method generates the user meta key dynamically from the blog prefix ''when the method is called'' ([https://github.com/WordPress/WordPress/blob/87bd00ac5b41674810cdc5b125561407ee827868/wp-includes/class-wp-user.php#L672 ref]). I would propose changing the `cap_key` to be generated dynamically every time it is referenced, rather than only when the object is instantiated or `WP_User::for_site()` is explicitly called." chrisvanpatten 53963 Block editor tools slots are empty reporter-feedback Editor 5.8 normal critical Awaiting Review defect (bug) new 2021-08-20T03:16:17Z 2021-08-20T14:48:04Z "Hello. I lost my editor tools in some point, when I click block I get No block selected. Also, there are fewer around the menu where you edit your text, no image icon etc. I am using WP 5.8 " dreamsofbeauty 1 53965 Legacy widgets used inside a normal block fail when salts are changed Widgets 5.8 normal major Awaiting Review defect (bug) new 2021-08-20T05:27:30Z 2022-03-02T20:30:19Z "When a legacy widget is added to the new block based widget area and it's a 1st level block, its data is stored the way widgets have always stored data. However if a legacy widget block is used inside of a normal block its data is no longer stored separately in the options table, but is encoded and stored with its parent block. The legacy widget data is stored by base64 encoding its serialized data then generating a hash of it using `wp_hash()`. Both pieces of data are stored in the parent block. When viewing the widget block editor this data is hydrated. The problem is the default scheme `AUTH` is used for `wp_hash()` when none is specified. The value of AUTH is volatile. Salt keys should be rotated occasionally and they can be changed via the `salt` filter, when that happens all the embedded legacy widgets will break. I can think of several ways to fix this: - Use a more stable salt. - Encode data using a method that doesn't rely on a hash for verification. - Remove the hash check. I don't see anywhere in the codebase (but I'm far from an expert) where serialized data is compared against a hash before sending it to `unserialize()`, so I don't think it adds any more risk as it is supposed to be trusted data. To me this is the cleanest solution, the first two methods would require a backwards compatibility fix: if the data failed to unserialize the new way, try the old method. The hash check to remove is in `\wp-includes\rest-api\endpoints\class-wp-rest-widget-types-controller.php` on lines 447 - 453. A couple other places in the method also need the hash references removed. Luckily the `encode_form_data()` method is new and only used here so any changes won't be painful. I originally came across this issue because my new WP 5.8 site was having widget errors whenever it was migrated to the staging server. My local server and staging server have different salt values, so it caused all the nested embedded widgets to fail. I was using some Navigation Menu widgets, which failed with the error `The ""nav_menu"" block was affected by errors and may not function properly. Check the developer tools for more details.` In dev tools this was the REST response `{""code"":""rest_invalid_widget"",""message"":""The provided instance is malformed."",""data"":{""status"":400}}`. I verified the differing `AUTH_KEY`s were the issue by syncing them, which temporarily enabled the legacy widgets to work, however that isn't a realistic fix." Enchiridion 4 53968 In 5.8 Metaboxes hide post editor completely reporter-feedback Editor 5.8 normal normal Awaiting Review defect (bug) new 2021-08-20T11:11:34Z 2021-09-10T15:21:29Z "In 5.8, when editing posts, pages or anything else, metaboxes hide the page title and the page content by default every time you open a post for editing. I use page as euphemism for all custom post types. Expected behaviour: metaboxes are below the page title and page content as is normal Current behaviour: metaboxes hide the title and the content, which cannot be edited without closing the metaboxes each time you open the page. The problem: 90% of the time the user wants to edit the title or content, most metaboxes are meant to be edited once and forgotten. browser: Safari, Mac OS" robertjakobson 8 53970 Add HTML mark tag support on Gutenberg Editor normal normal Awaiting Review enhancement new 2021-08-20T12:33:37Z 2021-08-20T14:57:34Z "Hi, In Gutenberg when we are writing a paragraph or a list item, sometimes it is needed to highlight a certain part of the text without bolding them. In HTML 5 there is a specific tag for this called `mark`. Using the mark tag we can highlight a certain part of the text so it will look like we have highlighted that text without doing anything crazy. Here is an example code: {{{#!php

    I have a car and that car is super fast even on bad roads.

    }}} You can take a deep drive into the `mark` tag [https://developer.mozilla.org/en-US/docs/Web/HTML/Element/mark here on the MDN Docs]. Currently, the only way to achieve it is by writing the paragraph or list item in the Gutenberg and then edit them as HTML and add the tag at which point Gutenberg doesn't recognize the element as the same element and ask users to convert it to HTML block. It would be really awesome if a new icon can be added in the Gutenberg formatting menu just beside the icons of Bold, Italics etc. This Highlight icon will simply add the `mark` tag to the selected text and the rest will be automatically taken care of by the browser. It can further be custom styles in CSS if someone wants to do it. Honestly, it would be awesome to see it in Gutenberg." isaumya 1 53972 Improper capability check when viewing attachment of private custom post type Users 5.8 normal normal Awaiting Review defect (bug) new 2021-08-20T22:12:45Z 2021-08-20T22:12:45Z "WP 5.8 Create custom post type: * Created a unique custom post type (e.g. ""sample"") with custom capability_type (e.g. ""sample"") * Create a new post under this post type, set to private * Upload attachment as featured image (so it's parent is set to the custom post type post) Set capabilities: * Customize subscriber role capabilities to allow ""read_private_samples"" Create user: * Create new Subscriber user * View the attachment URL EXPECTED: User to be able to view this URL ACTUAL: User cannot view the URL, 404 page From what I can tell, it is checking for the existence of the ""read_private_posts"" capability for the currently logged in user when it should be checking for the ""read_private_samples"" capability." sccr410 53973 WordPress <= 5.8 - Authenticated Persistent XSS (User role name) dev-feedback Security normal normal Awaiting Review defect (bug) new 2021-08-21T01:03:21Z 2022-12-23T12:29:58Z "Hi there, First of all, I need to mention this (as requested by @ehtis / H1): >When creating the ticket, please mention in it that the security team has evaluated this and asked you to open a public ticket for discussion. \\ == Intro: In versions of WordPress, including the latest v5.8, it's possible to inject malicious JavaScript code in the name (`$display_name`, `$details['name']`) of any user role. This vulnerability could be used to infect a website with malicious code or to keep a backdoor for future exploitations. Not all security plugins will detect such injections, cause adding or editing any user role is a legitimate process and all data is stored in the DB. Important to note that the functionality of adding custom roles is available in many plugins and themes, some of which aren't properly protected from CSRF attacks. Given this vulnerability, such attack vectors can be combined to successfully compromise a website. \\ == Impact: Malicious JavaScript code injections, the ability to combine attack vectors against the targeted system, which can lead to a complete compromise of the resource. \\ == Steps To Reproduce: 1. Use attached PoC plugin (this is the fastest way to reproduce the JS injection) or use this code in any PHP file on your WordPress website: {{{ #!php add_role( 'hacker', __( 'Hacker' ), array( 'read' => true, 'edit_posts' => true ) ); }}} 2. Activate the plugin (you can turn it off right away cause we don't need it anymore - our custom user role will be already injected). Our new role will appear in the database like this: {{{ s:5:""hacker"";a:2:{s:4:""name"";s:37:""Hacker"";s:12:""capabilities"";a:2:{s:4:""read"";b:1;s:10:""edit_posts"";b:1;}} }}} 3. After that injected payload will be triggered on many pages inside the dashboard, f.e.: /wp-admin/users.php | /wp-admin/profile.php | /wp-admin/options-general.php etc. In my PoC plugin there will be a simple alert window. \\ == Additional Information: Another way to add custom user role is by using plugin, f.e. '''uListing''' [https://ru.wordpress.org/plugins/ulisting/ulisting.2.0.4.1.zip v2.0.4.1] (CSRF scenario): {{{ POST /wp-admin/admin-ajax.php HTTP/2 Host: example.com Cookie: [admin cookies] User-Agent: Mozilla/5.0 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 925 action=stm_save_user_roles&roles%5B0%5D%5Bis_delete%5D=0&roles%5B0%5D%5Bname%5D=Visse%3Cscript%3Ealert(%2FVisse%2F)%3B%3C%2Fscript%3E&roles%5B0%5D%5Bslug%5D=visse&roles%5B0%5D%5Bcapabilities%5D%5Bdefault%5D=1&roles%5B0%5D%5Bcapabilities%5D%5Blisting_limit%5D=1553&roles%5B0%5D%5Bcapabilities%5D%5Blisting_moderation%5D=1&roles%5B0%5D%5Bcapabilities%5D%5Bstm_listing_role%5D=1&roles%5B0%5D%5Bcapabilities%5D%5Ballow_delete_listings%5D=0&roles%5B0%5D%5Bcapabilities%5D%5Bcomment%5D=1&roles%5B1%5D%5Bis_delete%5D=0&roles%5B1%5D%5Bname%5D=Hacker%3Cscript%3Ealert(%2FHacker%2F)%3B%3C%2Fscript%3E&roles%5B1%5D%5Bslug%5D=hacker&roles%5B1%5D%5Bcapabilities%5D%5Bdefault%5D=1&roles%5B1%5D%5Bcapabilities%5D%5Blisting_limit%5D=1337&roles%5B1%5D%5Bcapabilities%5D%5Bcomment%5D=1&roles%5B1%5D%5Bcapabilities%5D%5Blisting_moderation%5D=0&roles%5B1%5D%5Bcapabilities%5D%5Bstm_listing_role%5D=1&roles%5B1%5D%5Bcapabilities%5D%5Bis_open%5D=1 }}} \\ == Possible solution: File: /wp-includes/class-wp-roles.php, line 162: `'name' => $display_name,` change to `'name' => strip_tags( $display_name ),`. \\" visse 8 53975 Send Reset Password bulk-action/link missing for non-super admins (multi-site only) Users 5.8 normal normal Awaiting Review defect (bug) new 2021-08-22T00:26:24Z 2021-08-22T10:49:56Z "Admin users in multi-site do not have the ability to send password reset emails from /wp-admin/users.php. Repro Steps: On a site with multisite, create a user, assign admin role. Go to /wp-admin/users.php. Expected Results: Admin can send a reset password email to any user. Actual Results: Send password reset link missing from actions links Send password reset option missing from bulk-actions drop-down Other Information: class-wp-users.php -> get_bulk_actions() uses ""if ( current_user_can( 'edit_users' ) )"" as the condition to determine if this can be allowed. The same check is performed in the single_row() method when the actions are specified. I understand there are restrictions in multi-site for user creation/editing for non-super admins, however I believe this is not a security action and should not be restricted for site administrators." jcutler 53976 Twenty Twenty-One: Anchor link on the same page causes the menu button icon to turn upside down Bundled Theme normal normal Awaiting Review defect (bug) new 2021-08-22T14:00:07Z 2021-08-22T16:55:40Z "As reported and requested in [https://wordpress.org/support/topic/menu-button-auto-scrolls-to-top-when-pressed-scroll-to-top-change-button-icon/]. If you have an anchor link on the same page, the icon turs upside down. Example. In website.com/one/ if you add a link to website.com/one/#anchor, this will cause the issue. An example will be a scroll to top button as in the report mentioned. Video showing (the bug report is for the second option. The first one was solved too in the report, but may not be the best solution, and, as the theme is not prepared to have a fixed header, and the problem is that when clicking the menu button, it automatically scrolls to the top, may not be relevant, but you can check on the report mentioned at first). In the video you can see in 0:09 when I click ""ARRIBA"", that is a scroll to top in casael.com using casael.com/#inicio [https://youtu.be/zW7R58KM_BA] Problem is in primary-navigation.js {{{ document.addEventListener( 'click', function( event ) { // If target onclick is with # within the href attribute if ( event.target.hash && event.target.hash.includes( '#' ) ) { wrapper.classList.remove( id + '-navigation-open', 'lock-scrolling' ); twentytwentyoneToggleAriaExpanded( mobileButton ); // Wait 550 and scroll to the anchor. setTimeout(function () { var anchor = document.getElementById(event.target.hash.slice(1)); anchor.scrollIntoView(); }, 550); } } }}} Possible Solution: Change {{{ document.addEventListener( 'click', function( event ) { }}} to {{{ document.querySelector('.primary-menu-container').addEventListener( 'click', function( event ) { }}} The function was being activated all the time, and that function should only work when the mobile menu is open. Now, you can use #anchors to move on the same page off the menu without “glitching” the menu icon. That change is tested and working without any problems." joelbermudez 1 53979 Non-valid plugins should be removed from the 'active_plugins' option has-patch Plugins normal normal Awaiting Review defect (bug) new 2021-08-23T14:00:49Z 2022-01-03T20:57:22Z "**Issue as found** Failed auto-update of WooCommerce resulted in an empty `/woocommerce/` plugin folder, but `woocommerce/woocommerce.php` remaining inside the `active_plugins` option resulted in a dependent plugin throwing a fatal error, since its internal checks against the `active_plugins` option still returned true. To recreate this issue, a default install with WooCommerce & WooCommerce Subscriptions plugins installed is enough. Empty the contents of the `/woocommerce/` plugin folder to simulate a failed auto-update, there will now be a fatal error on front-end and admin. ''Note'' that whilst I ran into this issue with WooCommerce & WooCommerce Subscriptons, this issue could theoretically happen with any plugin and extension plugin combination that uses the `active_plugins` option to determine if dependency has been met. **Outline** Plugins which fail to validate inside `wp_get_active_and_valid_plugins()` should also be removed from the `active_plugins` option to avoid further clashes and potential fatal errors. Currently the function excludes the plugins from loading, but leaves the plugin key inside the `active_plugins` option which can be problematic if dependant plugins are checking that option for the parent plugin key. Expected outcome would be that a plugin which fails to validate for any reason should also be removed from the `active plugins` option. **Proposed solution** If a plugin fails to validate it should not just be excluded from loading at runtime, but also its key removed from the `active_plugins` option to avoid loading attempts in the future, and further issues caused by dependant plugins. I have tested a patch within `wp_get_active_and_valid_plugins()` which resolves this, should this bug report be accepted. **Acknowledgement of plugin specific issue** I appreciate that at first glance this appears like a plugin specific issue in that without the parent / dependant plugin structure using `active_plugins` as a dependency check then there would be no issue here. However given the ubiquitous nature of something like WooCommerce and their [https://docs.woocommerce.com/document/create-a-plugin/] developer docs pointing toward using `active_plugins` as a dependency check, it's clear that WordPress users getting a WSoD from a failed plugin update could be avoided with a core patch. " tommusrhodus 4 53981 The 'media_buttons' hook does not work for contributors. has-patch Media 2.7 normal normal Awaiting Review defect (bug) new 2021-08-23T19:10:13Z 2021-08-26T14:40:16Z "##Problem Details## Plugins are given the `media_buttons` hook to be able to add additional buttons to the editor interface. The way this is implemented in _WP_Editors::editor(), the user role must include the `upload_files` capability. While this makes sense when it comes the default `Add Media` button, it doesn't make sense for some other buttons such as Post And Page Builder's Add Block button, or WeForms' Contact Form buttons. The plugin developers should be able to decide what capabilites the user needs to have for their custom buttons before hooking into that action. ##Suggested Resolution## My suggestion is that the existing `media_buttons` hook remain as it is, but that we add another hook just afterwards called `after_media_buttons` . This will allow those custom buttons to be rendered whenever the developer wishes them to be. " jamesros161 3 53982 Adding pages to menus could be more user friendly Menus 5.8 normal normal Awaiting Review enhancement new 2021-08-23T19:15:16Z 2021-09-10T06:35:13Z "It's difficult to find pages or visually see the page hierarchy when working with the site's menus. **Appearance / Menus** For a site that has a lot of content and multiple levels is hard to manage in the tiny Pages tab, it would be ideal if the height was adjustable. Adding a page places the item at the bottom of the list where the user needs to manually move the item up the stack. It would be ideal to drag the item from the Pages section into the menu. **Appearance / Customize / Menus** For some reason, this interface doesn't represent the page hierarchy making it hard to see the structure. Same height restriction as above, there are only a small number of pages visible here making it hard to use with a lot of content. The text input beside `+ Add` makes me think that I can search the page list based on some interactions in the `Appearance / Menus` area. It would be ideal to drag the item from the Pages section into the menu." adampatterson 2 53983 Bugs with Widgets with Blocks reporter-feedback Widgets 5.8 normal normal Awaiting Review defect (bug) new 2021-08-23T20:18:05Z 2021-10-02T19:46:13Z Ever since the new update(5.8) I am having major bugs with Widgets with Blocks. I am trying to remove all of my inactive widgets as many of them are throwing errors but I am getting a There was an error, invalid parameter(s) when I remove them and click save. I've tried using default theme and deactivated all plug ins as well as all of my chrome extensions. stephscheersandjeers 1 53987 add tests for wp_list_filter has-patch Build/Test Tools normal normal Future Release enhancement new 2021-08-23T22:08:17Z 2022-01-09T00:26:03Z pbearne 14 53994 REST API requests with session cookies but an invalid/missing nonce are considered authenticated for most of the request Security normal normal Awaiting Review defect (bug) new 2021-08-24T17:29:07Z 2021-08-24T17:29:07Z "**Note: the security team reviewed this and asked that I post a public report as a hardening issue.** If a REST API request has valid session cookies but does not include a nonce, there is a significant portion of the process where the user is considered validly authenticated and signed in until the nonce is finally checked and the user account is nulled out. This period of the request is, practically speaking, the entire portion of the request where a plugin or theme would perform any operations before the REST response was sent (the obvious exception is if the REST endpoint were a custom one created by the theme or plugin, in which case, any code in direct service of dispatching the response would be after the nonce was checked). Therefore, if a request contains valid session cookies but an invalid or absent nonce, plugins and themes will almost always treat the request as if the user were validly authenticated, potentially voiding the purpose of the nonces. In WordPress Core, the first place the user account is accessed is in `\WP::init()`. After that, the init action fires, which of course, is a common hook for plugins and themes. In addition, there is nothing stopping a plugin or theme from accessing the user account well before `\WP::init()`, e.g. immediately as it is loaded. In other words, a user session is validated as early as an mu-plugin loading. Out-of-the-box, WordPress does make some decisions based on the user's logged-in status and capabilities, e.g. which mime types are allowed for an attachments REST request and how widget content is processed. In fact, even the REST API code itself decides whether or not to send nocache headers based on the user's authentication state before the nonce is checked. The request isn't de-authenticated again until the nonce is checked when `\WP_REST_Server::check_authentication()` runs, which is immediately before the response is dispatched in `\WP_REST_Server::serve_request()`. === Steps To Reproduce: 1. Sign into a WordPress site 2. Add the following code to your theme/plugin to confirm that you are considered ""signed in"", even though you didn't provide a nonce {{{#!php }}} Notes: We also found that the Twenty-twenty-one theme does fine UNTIL you add a custom page with the codex formatting suggestions like above. As soon as you save and try to swap templates the break happens. " juliacramer 53998 Use network_home_url() instead of $_SERVER['HTTP_HOST'] for added safety. dev-feedback General normal normal Awaiting Review enhancement new 2021-08-24T23:29:09Z 2022-08-07T18:04:12Z "Would it not be safer from XSS if uses of **$_SERVER[''HTTP_HOST'']** were replaced with **network_home_url()**? It looks to me like **network_home_url()** reads the server host name from the site settings instead of relying on a possibly manipulated **$_SERVER[''HTTP_HOST'']** value. For example, I came across this code in /wp-admin/includes/class-wp-list-table.php... {{{#!php post_date_gmt; $data['post_modified_gmt'] = $post->post_date_gmt; return $data; }; add_filter( 'wp_insert_post_data', $function, 10, 2 ); $updated = wp_update_post( $args ); remove_filter( 'wp_insert_post_data', $function ); }}} This function needs to make get_post() call for each insert and this slows the process in a big way I have added a filter that allows us to turn off the modification and set the date if needed {{{#!php date1, 'post_date_gmt' => date2 ) */ $update_date = apply_filters( 'wp_update_post_preserve_dates', false, $postarr ); if( false === $update_date ) { $post_modified = current_time( 'mysql' ); $post_modified_gmt = current_time( 'mysql', 1 ); } elseif ( ! is_array( $update_date ) && strtotime( $update_date ) ){ $post_modified = $update_date; $post_modified_gmt = get_gmt_from_date( $update_date ); } elseif ( is_array( $update_date ) && isset( $update_date['post_modified'] ) && isset( $update_date['post_modified_gmt'] ) ){ $post_modified = $update_date['post_modified']; $post_modified_gmt = $update_date['post_modified_gmt']; } else { $post_modified = $postarr['post_modified']; $post_modified_gmt = $postarr['post_modified_gmt']; } } else { $post_modified = $post_date; $post_modified_gmt = $post_date_gmt; } }}} " pbearne 8 54024 Internal links with href=outdated-slug and a data-type data-id as fallback should use that and update href=new-slug instead of resulting in broken link (404) Editor normal normal Awaiting Review feature request new 2021-08-27T13:16:19Z 2021-09-06T19:35:30Z "**1) The main expectation is in the issue title:** - Internal links, that are inline A elements with href=outdated-slug and which have the attributes data-type data-id as fallbacks should indeed use that fallback and update href=new-slug instead of resulting in a broken link (404), as I experienced it on **Wordpress 5.8 on a PHP 8 server with the Astra theme**. Thoughts: - Maintaining and updating internal pretty-URLs, I deem that a core feature of a CMS. - I really hope it's only a bug, but that use case in general is handled by WordPress or if not by a pretty - robust and popular plugin (recommendations appreciated, if that's the case!). **2) An appreciated feature would be: When changing a post's title (for all post types!) offer an option to bulk process the link text of incoming links.** - Definition of ""link text"" a.k.a. ""link label"" a.k.a. ""navigation label"": - That is the text between the opening and closing of the html a tag: {{{ Link Label was like Old Title or was a Custom Label ` }}} - Overall expectation: If a link has a custom link text, I'd expect that no automatic mechanism of WordPress ever kicks in, but the link text remains as is, as the link creator surely put some (contextual) consideration into it. - When changing a page's title or slug, it would be cool to have these ""Processing options"" in a ""Title Widget"" of Gutenberg or the Classic Editor: {{{ For internal incoming links update their link text to the new title? (•) Don't change existing link text at all! ( ) Only if the old link text was exactly the old title [√] and in the same case ( ) Regardless of the old title ⚠️ }}} - Note: The options and also the defaults are sorted from no changes at all to most destructive. - Hover/click on ⚠️ gives this tooltip: Warning: Authors probably put special contextual consideration when creating custom link text (aka label). This resets all those link texts to the new title. It is an un-doable batch operation! In doubt, first perform a backup. **Followup** - For both 1+2 see my screenshot series full with annotations, which will be attached below. - Questions: - I'm not sure into which component this falls. - Whether 2) should be a separate ticket. - I used Gutenberg's ""Insert link"" feature and this creates the markup. But I am pretty sure what I observed is not Gutenberg-specific, but that generated markup and its handling the the database for rendering, is core functionality." abitofmind 2 54026 One admin menu item from different plugins has-patch Administration normal normal Awaiting Review enhancement new 2021-08-27T14:43:43Z 2021-09-03T15:11:56Z "Hello. In this example i have two plugins (which cannot be merged) which should use one admin menu item. plugin 1: {{{ function test1_admin_menu() { add_menu_page(""Test Plugin"", ""Test Item"", ""manage_options"", ""test-plugin-admin""); add_submenu_page(""test-plugin-admin"", """", ""Subitem for plugin 1"", ""manage_options"", ""test1-admin-subitem""); // remove the automatically created submenu remove_submenu_page(""test-plugin-admin"", ""test-plugin-admin""); } add_action(""admin_menu"", ""test1_admin_menu""); }}} plugin 2: {{{ function test2_admin_menu() { add_menu_page(""Test Plugin"", ""Test Item"", ""manage_options"", ""test-plugin-admin""); add_submenu_page(""test-plugin-admin"", """", ""Subitem for plugin 2"", ""manage_options"", ""test2-admin-subitem""); // remove the automatically created submenu remove_submenu_page(""test-plugin-admin"", ""test-plugin-admin""); } add_action(""admin_menu"", ""test2_admin_menu""); }}} This works - and the menu is also shown, if only one plugin is active/enabled. BUT: The menu ""Test Item"" in the admin backend is shown twice. Same ID in HTML, same subitems, same links, same names ... completly copied. Is there a way to avoid that behaviour ? I will use a clean admin menu and all my plugins should use one (own) admin menu item as parent." kimjo 6 54028 Fix improper use of the hooks API has-patch General 5.8 normal normal Future Release defect (bug) new 2021-08-27T19:43:07Z 2023-01-17T17:19:24Z "Using lambda functions as callbacks for `add_action()` and `add_filter()` is not supported as it breaks part of the WP Hooks API. It prevents the removal of such callbacks, `remove_action()` and `remove_filter()` stop working. It seems there are few cases of such breakage in core: - https://github.com/WordPress/wordpress-develop/blob/master/src/wp-admin/edit-form-blocks.php#L32 - https://github.com/WordPress/wordpress-develop/blob/master/src/wp-admin/options-privacy.php#L21 - https://github.com/WordPress/wordpress-develop/blob/master/src/wp-admin/privacy-policy-guide.php#L20 - https://github.com/WordPress/wordpress-develop/blob/master/src/wp-includes/script-loader.php#L2448 - https://github.com/WordPress/wordpress-develop/blob/master/src/wp-includes/sitemaps/class-wp-sitemaps-renderer.php#L254 (and possibly other). Generally hooks should be added to either `wp-admin/includes/admin-filters.php` or `wp-includes/default-filters.php` as much as possible. It's also acceptable to add them from functions or ""template"" files. However hooks should never be added from ""include"" files (for security reasons), and lambda callbacks are not acceptable." azaozz 15 54029 Rename WordPress native expectDeprecated() and @ExpectedDeprecated to avoid confusion with PHPUnit native expectDeprecation and for future-proofing Build/Test Tools normal normal Awaiting Review task (blessed) new 2021-08-27T19:50:02Z 2022-06-20T18:16:15Z "WordPress' test suite has a native expectation and annotation for expecting a deprecation notice: `expectDeprecated()` and `@ExpectedDeprecated`. [https://phpunit.readthedocs.io/en/8.5/writing-tests-for-phpunit.html#testing-php-errors-warnings-and-notices PHPUnit 8 introduced a new set of deprecation expectations]: `expectDeprecation()`, `expectDeprecationMessage()`, and `expectDeprecationMessageMatches()`. Notice naming conventions between WordPress and PHPUnit. They are very similar. ||= WordPress =||= PHPUnit =|| || `expectDeprecated()` || `expectDeprecation()` || || `@ExpectedDeprecated` || - || == What is the problem? The names are too similar. As such, confusion over which to use can happen. There's a potential of using the wrong one. Future-proof against future PHPUnit changes: Luckily PHPUnit used ""deprecation"" instead of ""deprecated"". However, there's the potential of future changes which may conflict with the native WP ones. == Proposal Rename the expectation to include `WP` and deprecate the currently ones. Why deprecate? To avoid a backwards-compatibility break for any extenders using WordPress' native one. 1. Confusion and potential to use the wrong one: the names are too similar. 2. Future-proof: https://youtu.be/SAtiKaUwLU4?t=12019" hellofromTonya 5 54034 Update jQuery UI Touch Punch to the latest version Hareesh Pillai dev-feedback External Libraries normal normal Future Release enhancement assigned 2021-08-28T19:39:10Z 2023-03-23T17:20:07Z A new version of jQuery UI Touch Punch is available ([https://github.com/furf/jquery-ui-touch-punch/blob/master/jquery.ui.touch-punch.min.js v 0.2.3]). However, this version was released 7 years ago and might have issues while updating. Hareesh Pillai 15 54039 site health can probably do better job at detecting if imagick supports PDF Site Health normal normal Awaiting Review enhancement new 2021-08-30T15:20:21Z 2021-09-09T14:54:57Z "The current code is {{{ if ( function_exists( 'exec' ) ) { $gs = exec( 'gs --version' ); if ( empty( $gs ) ) { ..... }}} `exec` is probably disabled on many hosts which means the test will not run at all. From looking at https://www.drupal.org/project/media_thumbnails/issues/3207465 it seems that imagick reports whether it supports PDF format as part of its phpinfo output. Maybe there is a direct API to get th information as well. If this is not robust enough, maybe the test should try to generate an image from a test pdf file. " mark-k 3 54040 Changing element text or background color should only affect color Editor 5.8 normal normal Awaiting Review defect (bug) new 2021-08-31T11:40:02Z 2021-09-07T13:33:39Z "Page elements get unintended padding when changing background or font color, violating the [https://en.wikipedia.org/wiki/Principle_of_least_astonishment principle of least astonishment]. In effect, the end-user is expecting that a change to the background color would have only one outcome. Instead, there is a second side-effect where the element gets padding. Padding is added to many elements via CSS selectors that mostly target "".has-background,"" such as the following. - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/heading/style.css#L76-L78 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/heading/style-rtl.css#L76-L78 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/list/style.min.css#L1 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/list/style-rtl.min.css#L1 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/group/_editor.scss#L18-L23 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/list/style-rtl.css#L72-L74 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/list/style.css#L72-L74 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/paragraph/style-rtl.css#L101-L103 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/paragraph/style.css#L101-L103 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/rss/_editor.scss#L104-L107 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/rss/_style.scss#L104-L107 - https://github.com/WordPress/WordPress/blob/8a11188d0f5728bc9bbdf331ff9174d45b1768a6/wp-content/themes/twentytwentyone/assets/sass/03-generic/vertical-margins.scss#L159-L161 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/paragraph/_editor.scss#L4-L6 - https://github.com/WordPress/WordPress/blob/1a7033e75ff6b5911b2b9d34ceee38e80084b85e/wp-content/themes/twentytwentyone/assets/sass/05-blocks/query-loop/_style.scss#L3-L8 - https://github.com/WordPress/WordPress/blob/1a7033e75ff6b5911b2b9d34ceee38e80084b85e/wp-content/themes/twentytwentyone/assets/sass/05-blocks/query-loop/_editor.scss#L3-L7 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/paragraph/_style.scss#L6-L8 - https://github.com/WordPress/WordPress/blob/0a2b52dfeb4e28e4ff3714899a2890a779c3748f/wp-content/themes/twentytwentyone/assets/sass/05-blocks/latest-posts/_style.scss#L112-L115 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/preformatted/style.css#L75-L77 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/preformatted/style-rtl.css#L75-L77 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/group/editor.css#L83-L86 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/group/editor-rtl.css#L83-L86 - https://github.com/WordPress/WordPress/blob/c3ea09ebb8034be04f42e5aaf5f523cbead7e2a4/wp-includes/blocks/columns/style.css#L85-L87 - https://github.com/WordPress/WordPress/blob/c3ea09ebb8034be04f42e5aaf5f523cbead7e2a4/wp-includes/blocks/columns/style-rtl.css#L85-L87 - https://github.com/WordPress/WordPress/blob/0638de4c60de0d9cf800ca887177b67ba8ad68f0/wp-content/themes/twentynineteen/style-editor.scss#L868-L880 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentyseventeen/assets/css/editor-blocks.css#L496-L498" brylie 6 54042 Extending wpdb::prepare() to support IN() operator dev-feedback Database normal normal Future Release enhancement new 2021-08-31T14:23:26Z 2023-09-17T10:53:12Z "wpdb::prepare() helps avoid SQL Injection vulnerabilities, by escaping most variables correctly. WP 6.1 added support for Identifiers (table/field names) with `%i`, in #52506. But it's also fairly common to make a mistake to include values with the `IN()` operator, for example: {{{#!php prepare('WHERE id IN (%...d)', $ids); }}} Where `%...d` or `%...s` would safely (and easily) include a comma separated array of integers or strings - taking the idea of using '...' for variadics in PHP. https://wiki.php.net/rfc/variadics https://www.php.net/manual/en/functions.arguments.php#functions.variable-arg-list https://dev.mysql.com/doc/refman/8.0/en/comparison-operators.html#operator_in" craigfrancis 46 54046 Uncaught SyntaxError: Invalid regular expression Editor 5.8 normal normal Awaiting Review defect (bug) new 2021-08-31T22:34:14Z 2021-09-11T23:50:56Z "Hi I am trying to install a fresh version of WordPress on my server but the problem is, on the add new post page, I am getting this error: {{{ Uncaught SyntaxError: Invalid regular expression: /[!-/:-@[-`{-~б─-б©ц≈ц╥Б──-Б╞©Б╦─-Б╧©]/: Range out of order in character class at new RegExp () at Module.pC98 (wordcount.min.js?ver=61ab1af9326f4d5fda7ed01990e1be70:2) at t (wordcount.min.js?ver=61ab1af9326f4d5fda7ed01990e1be70:2) at wp.wordcount.YLtl (wordcount.min.js?ver=61ab1af9326f4d5fda7ed01990e1be70:2) at wordcount.min.js?ver=61ab1af9326f4d5fda7ed01990e1be70:2 }}} however everything is fine even with this error until I try to install SEO plugins, like Yoast SEO and Rank Math SEO, but the cause of the problem is WordPress I tried everything to see if this problem will gone away or not Tested with php 7.4 and 8.0 Tested with chrome, firefox and opera Tested with mysql and mariadb, also tested with different charset " mmakenzi 2 54048 improve preloaded REST API requests in widget editor has-patch Widgets 5.8 normal normal Awaiting Review enhancement new 2021-09-01T10:29:13Z 2021-09-04T15:04:38Z Preload more REST API requests in the widget editor. spacedmonkey 2 54051 Making a sentence or paragraph bold is intermittent Editor 5.8 normal normal Future Release defect (bug) new 2021-09-01T13:16:09Z 2021-11-02T15:39:00Z When I highlight a sentence and attempt to bold it, only part of the sentence gets bold. I then highlight and press bold again and might get the full sentence bold. Sometimes I have to go through this process a number of times to make the sentence bold. This slows me down and is a bug. MikeLev 7 54053 Multisite Users screen Mark as Spam status is not documented Users 5.8 normal normal Awaiting Review enhancement new 2021-09-01T15:09:21Z 2021-09-06T05:28:07Z "This issue was brought up in the support forums - https://wordpress.org/support/topic/finding-documentation-for-mark-as-spam-button/. I was also not able to find and clear documentation around what marking a user as spam actually means." welcher 2 54058 Kickstarter videos do not play in Google Chrome Embeds normal normal Awaiting Review defect (bug) new 2021-09-02T07:14:23Z 2021-09-07T15:58:35Z "Tested my page in Firefox without any issues. Video plays: https://gutt.it/pikvm-jetzt-bei-kickstarter/ But with the recent Google Chrome it doesn't (tested Inkognito Tab as well). This is also valid for the official announcement page of this feature: https://wordpress.com/support/videos/kickstarter/ Clicking on the playing button does nothing. Javascript error logs: {{{ jquery-migrate.min.js?ver=3.3.2:2 JQMIGRATE: Migrate is installed, version 3.3.2 vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:196 [Honeybadger] Ignoring cross-domain script error: enable CORS to track these types of errors Arguments(5) [""Script error."", """", 0, 0, null, callee: (...), Symbol(Symbol.iterator): ƒ]0: ""Script error.""1: """"2: 03: 04: nullcallee: (...)length: 5Symbol(Symbol.iterator): ƒ values()get callee: ƒ ()set callee: ƒ ()[[Prototype]]: Object core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:26 Uncaught DOMException: Failed to read the 'localStorage' property from 'Window': Access is denied for this document. at https://a.kickstarter.com/assets/modules/core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:26:26036 at Object.ZCIj (https://a.kickstarter.com/assets/modules/core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:26:26262) at c (https://a.kickstarter.com/assets/modules/runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1:561) at Object.2UXI (https://a.kickstarter.com/assets/modules/core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:20:24154) at c (https://a.kickstarter.com/assets/modules/runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1:561) at Module.8y1c (https://a.kickstarter.com/assets/modules/core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:20:40255) at c (https://a.kickstarter.com/assets/modules/runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1:561) at Object.0 (https://a.kickstarter.com/assets/modules/core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:20:17293) at c (https://a.kickstarter.com/assets/modules/runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1:561) at t (https://a.kickstarter.com/assets/modules/runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1:430) (anonymous) @ core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:26 ZCIj @ core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:26 c @ runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1 2UXI @ core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:20 c @ runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1 8y1c @ core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:20 c @ runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1 0 @ core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:20 c @ runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1 t @ runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1 r @ runtime.17b741e2ab6166c9b55724db4a9e1d08d96f8d257e94554eefe8b7dd91521597.js:1 (anonymous) @ core.1c5a74cb6e9c29bd8586e3f8e7e39dd331ae42843950f9939c831206b31b7a20.js:1 vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:196 [Honeybadger] Ignoring cross-domain script error: enable CORS to track these types of errors Arguments(5) [""Script error."", """", 0, 0, null, callee: (...), Symbol(Symbol.iterator): ƒ] videoplayer.225cc837c23cbef217eb174198c34d722120c9d62d72377bad6c35cacb8c8cc5.js:7 Uncaught TypeError: Cannot read property 'getItem' of undefined at HTMLDocument. (videoplayer.225cc837c23cbef217eb174198c34d722120c9d62d72377bad6c35cacb8c8cc5.js:7) at u (vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:120) at Object.fireWith [as resolveWith] (vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:120) at Function.ready (vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:120) at HTMLDocument.M (vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:120) (anonymous) @ videoplayer.225cc837c23cbef217eb174198c34d722120c9d62d72377bad6c35cacb8c8cc5.js:7 u @ vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:120 fireWith @ vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:120 ready @ vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:120 M @ vendor.6d98fce841e9b7784b1d951f4a130ad08f8a6fd5d65516db8123b7eaf6668f09.js:120 }}} " mgutt 6 54063 "Customizer: First autosave after publish moves you out of the ""Block Settings"" area" Customize normal normal Awaiting Review defect (bug) new 2021-09-02T19:11:59Z 2022-01-03T21:48:03Z "Inside the customizer, I can open the widget section and edit blocks using gutenberg. For any block, I'm able to use the 3 dots menu and choose ""Show more settings"" to access Gutenberg's ""Block Settings"" area. Here, I may want to make several changes, like changing the text color, the background color, and the font size. However, in some circumstances, after making a single change, I'm taken out of the ""Block Settings"" area for seemingly no reason. I've found that certain plugins and themes can make this happen on more occasions (for example, on every autosave instead of only the first), but I have steps to recreate on a completely new, out of the box install using `wp-env`. As of now, this is 5.9-alpha-51726. My gutenberg repo is on da052f066b0f from 2021-09-02. Steps to reproduce - Cloned https://github.com/WordPress/gutenberg - Cd into it and `wp-env destroy && wp-env start` to create a clean WP - Visit http://localhost:8888/wp-admin/ and login with admin:password - Appearance -> Customize in sidebar menu - Widgets in sidebar menu - Plus sign button to create a new block, select paragraph block, type ""hello"" into it - Click on the block you just added to see the floating gutenberg bar - Click the three dots menu then select ""Show More Settings"" - Change the text color - Click 'publish' - Click on the block you just added to see the floating gutenberg bar - Click the three dots menu then select ""Show More Settings"" - Change the text color - Expect to see: Remain in the ""Block Settings"" area - Actually see: You are taken out of the block settings area Video: https://user-images.githubusercontent.com/937354/131900785-c9f3e678-349d-43fa-9862-ba712740ed03.mp4 This has something to do with Autosave in conjunction with [https://github.com/WordPress/wordpress-develop/blob/40edc2addb5284804e698beda487206f8dd70992/src/js/_enqueues/wp/customize/controls.js#L7207-L7216: this code] from the customizer. I remove the line `api.state( 'saved' ).bind( updateSectionActive );`, the bug no longer happens. I am confused why it happens sometimes and other times it does not. However, my steps to reproduce should always work. The reason this is an issue is when using blocks with complicated interfaces in this section, it becomes very difficult to use in the customizer, since potentially every change can bring you back and force you to choose ""... -> Show More Settings"" before doing more work." mreishus 4 54064 Add phpcs run command to Docker has-patch Build/Test Tools normal normal Awaiting Review defect (bug) new 2021-09-02T19:35:48Z 2021-09-03T18:40:33Z "I keep on getting formatting error in githib actions but have no easy way to see what they are so have added phpcs commands to the Docker build this runs phpcs on the tests folder {{{ npm run phpcs:tests }}} This runs phpcs in the src folder {{{ npm run phpcs:src }}} " pbearne 6 54069 "Media title change in ""Attachment Details"" dialog opened via Media Library Grid View is not informing API/plugins properly" Media normal normal Awaiting Review defect (bug) new 2021-09-03T10:52:50Z 2023-02-03T23:08:50Z "**Problem**: If WordPress offers different UIs to edit media titles, then all those should properly inform the respective plugin/event APIs about that change. It seems there is a discrepancy, in one place it works, in the other not. See the reproductions. **Environment / How I discovered the bug** I noticed this bug when using the plugin [https://wordpress.org/plugins/media-file-renamer/ Media File Renamer] 5.2.4 on WordPress 5.8. What I observed is very likely a bug in WordPress and not from the plugin according to the [https://wordpress.org/support/topic/no-file-renaming-if-title-changed-via-media-library-thumbview-edit-popup/#post-14834202 support reply of the plugin developer @TigrouMeow]: > Unfortunately, I think the problem is on the Media Library ThumbView Edit Popup side [remark: The documentation calls this ""Media grid view"" and ""Attachment details dialog"" respectively]. Media File Renamer renames files based on a title change depending on specific actions in WordPress, and those actions can be also fired by other plugins. Since this plugin is mimicking the Edit Media Page of WP, it should also includes the actions. Otherwise, that will break not only the process of my plugin, but also many more. **✅ Reproduction I** 1) Media Library in [https://wordpress.org/support/article/media-library-screen/#media-library-list-view List View] 2) Hover over a media post > Click “Edit” 3) You get to “Edit Media” 4) Change the “title” 4) Be sure that the “Renamer” widget has the file name not locked 5) In the “Save” widget click “Update” * Outcome as expected: The filename is changed accordingly. * The slug is also changed from the filename change, due to the [https://wordpress.org/plugins/media-file-renamer/ Media File Renamer] plugin config: * Advanced > Fields Syncing > Slug/Permalink: `[√] Sync with filename` **❌ Reproduction II** 1) Media Library in [https://wordpress.org/support/article/media-library-screen/#media-library-grid-view Grid View] 2) Click on a media thumbnail 3) A dialog/popup opens, entitled [https://wordpress.org/support/article/media-library-screen/#attachment-details Attachment details] 4) Change the “title” 5) Optional step for observation purposes: Click into the next field, or TAB into the next field. You see a saving indicator. 6) Close the popup. (If you skipped 5, you very briefly see the saving indicator while the popup closes) * **Actual**: The title is changed, the filename not! * **Expected**: Whichever of [https://wordpress.org/plugins/media-file-renamer/ Media File Renamer]'s sync settings are active (title, filename, slug) kick in here in this editing method as well." abitofmind 3 54070 "Increase CPT ""machine name"" limit from its current maximum of 20 characters." dev-feedback Database 2.1 normal normal Awaiting Review feature request new 2021-09-03T13:30:04Z 2022-10-04T18:08:03Z "In order to accommodate proper namespacing for Custom Post Types (as well as, potentially, transliteration from non-Latin alphabets), 20 characters is often not enough. Custom Taxonomies currently have a machine name limit of 32 characters. It would be nice to see CPTs have at least that many, although 64 characters would be even better." taupecat 15 54073 Plugin removes menu items with no submenu page Administration 5.8 normal minor Awaiting Review defect (bug) new 2021-09-03T17:36:26Z 2021-09-03T17:36:26Z "I have a plugin which adds a menu page with the update_plugins capability. There is another plugin I noticed which removes the plugin icon from the menu bar, but the plugin page can still be accessed directly via URL. Instead of the plugin icon, there is only a black void (see image). Workarounds: 1) When I change the update_plugins capability in the add_menu_page method to activate_plugins, the problem is resolved. 2) If I were to have submenu pages for the plugin, the problem is resolved and the plugin icon is visible as it should be. To reproduce: 1) add menu page: {{{#!php allcaps['update_plugins'] = 0; }}} I have using WP 5.8, PHP 8.0.8, non-multisite install (locally and on prod). I have noticed this happens for other matching capabilities too (`activate_plugins`) for example. Screenshot: [[Image(https://imgur.com/LlXaxPl)]] The two conflicting plugins I am using are “Pre Party Browser Hints” (adds submenu page) and “Disable All WordPress Updates (removes update_plugins operation). I suspect this could be an issue with WP core code, because it does not seem like an intentional feature." samperrow 54078 Underscore appended to media file on upload dev-feedback Upload 5.8 normal normal Awaiting Review defect (bug) new 2021-09-06T14:02:07Z 2021-09-07T14:35:04Z "I noticed that a random underscore is appended to media files, when uploading them in an article. Im using the Classic Editor. The original file name was: **AB-LET.2018.133.AXH1.jpg** Once uploaded, it became: **AB-LET.2018.133.AXH1_.jpg** There was no prior file uploaded with that name (at least the media gallery does not find any)." spielautomat4 4 54080 Dashboard > My Sites could use a list table for displaying the list of sites dev-feedback Networks and Sites 3.0 normal normal Awaiting Review feature request new 2021-09-07T07:59:55Z 2021-09-08T09:13:36Z "Dashboard > My Sites uses an unfamiliar display when listing a user's sites if compared with the rest of the pages in the administration area such as Posts > All Posts. For consistency, could My Sites make use of a [https://developer.wordpress.org/reference/classes/wp_list_table/ list table]?" henry.wright 2 54086 bloginfo language issue reporter-feedback Networks and Sites 3.0 normal normal Awaiting Review defect (bug) new 2021-09-08T16:50:55Z 2021-09-23T22:06:39Z "hi, the code snippet below only returns the name of the blog well, not the language, it is always the same. even though the language is changed in the site admin settings. {{{#!php blog_id ); echo get_bloginfo( 'name' ); echo get_bloginfo( 'language' ); restore_current_blog(); } }}} " kukac7 4 54091 Attachment details pane navigation not working after opening 81st (or greater) item and refreshing the browser antpb dev-feedback Media 5.8 normal trivial 6.6 defect (bug) assigned 2021-09-08T19:02:34Z 2024-02-21T16:16:25Z "Setup: - clean 5.8; - twentytwentyone active; - no plugins active. Steps to reproduce: - open media page; - click on the 41st item in the list; - notice the left arrow is enabled (which is to be expected, since there are previous items); - refresh the page. Notice the left arrow now - it's disabled. Not sure if this is intended, but since the item isn't loaded (in the grid), there's no previous but there's only next, which points to the first item. Clicking the right arrow goes to the it and you can't go back to the previous item." ppetrov2c 34 54093 wp_ajax_send_password_reset() calls retrieve_password() with the user_login but retrieve_password first uses email to find user has-patch Users 5.9 normal normal defect (bug) reopened 2021-09-08T20:02:49Z 2021-09-08T21:34:58Z "In the function wp_ajax_send_password_reset() calls retrieve_password() with the user_login but retrieve_password first tries to use email to find user for falling back to user_login So if there is an @ in the user_login value this is used to attempt to find user by email address as the user_login is not logged to the user_email address this fails The fix in this patch is to always pass the email (if not empty) " pbearne 3 54095 Echo local wp-env URL when running env:start has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2021-09-08T20:41:21Z 2021-09-09T04:08:03Z "In an effort to make the wp-env tools a wee bit friendly to new devs I’ve added a `console.log` to echo the local URL when running `env:start` `http://127.0.0.1:` is hard-coded, the port number is added using the variable ` process.env.LOCAL_PORT` On my machine the console output looks like this: {{{ $ npm run env:start > WordPress@5.9.0 env:start > node ./tools/local-env/scripts/start.js Starting wordpress-develop_mysql_1 ... done Starting wordpress-develop_php_1 ... done Starting wordpress-develop_wordpress-develop_1 ... done ------------------------------------------- wp-env now running on http://127.0.0.1:8889 ------------------------------------------- }}} " danfarrow 3 54096 Get URL by post ID in WP-Admin Administration 5.8 normal normal Awaiting Review feature request new 2021-09-08T21:39:03Z 2021-09-08T21:39:03Z "Would it be feasible to add search by ID to the [https://github.com/WordPress/gutenberg/blob/trunk/packages/core-data/src/fetch/__experimental-fetch-link-suggestions.js#L70 fetchLinkSuggestions] function? There are times when I'm working on large sites and I have pages with identical names in different sections of the site. If I could just plug the ID in, it'd save me a fair bit of time and hassle." jhned 54097 Menu Dividers Menus 5.8.1 normal normal Awaiting Review feature request new 2021-09-09T07:58:38Z 2021-09-09T07:58:38Z On the Menus page — along with Pages, Posts, Categories, Custom Links and other available items — it would be nice to have a Divider item so that users can organize menu items in logical groups separated by a horizontal dividing line. That divider line would not be clickable. rti451 54098 WordPress 5.8 - Cannot read properties of undefined (reading 'clientId') Editor normal blocker Awaiting Review defect (bug) new 2021-09-09T09:45:40Z 2021-09-21T13:38:46Z "Hi, We updated our wordpress to 5.8 (we also tried 5.8.1 today), and just after that, we have an error on post edit page, in the console {{{ data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2 An error occurred while running 'mapSelect': Cannot read properties of undefined (reading 'clientId') The error may be correlated with this previous error: TypeError: Cannot read properties of undefined (reading 'clientId') at we (https://mywebsite.com/wp-includes/js/dist/block-editor.min.js?ver=fc8c27c6e95e7e0d59b4e344cb9ddfed:12:100185) at https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:13742 at r (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:13559) at https://mywebsite.com/wp-includes/js/dist/block-editor.min.js?ver=fc8c27c6e95e7e0d59b4e344cb9ddfed:12:285498 at Object.current (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:21206) at https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:20809 at __experimentalMarkListeningStores (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:16751) at Object.__experimentalMarkListeningStores (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:17238) at https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:20171 at e (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:20801) Original stack trace: }}} When we downgrade to version 5.7.2 of wordpress, error disappear We found the problem, and it is coming from our custom post taxonomy named ""selection"", in the args we put ""show_in_rest"" true, when it is false it is ok but we dont see that in Gutenberg so it is not the solution, and when we rename ""selection"" to ""selectiontest"" for example it is works but we lost our datas inside this taxonomy We looked at ""Reserved Terms"" of wordpress, but ""selection"" is not in the list ([https://codex.wordpress.org/Reserved_Terms]) Our code {{{#!php $labels, // $labels is our labels array 'hierarchical' => true, 'public' => false, 'show_ui' => true, 'show_admin_column' => true, 'show_in_nav_menus' => true, 'show_in_rest' => true, 'show_tagcloud' => false, 'rewrite' => false ); register_taxonomy('selection', array('post'), $args); }}} For the args, we are using the same config for other taxonomies too but the only ""selection"" is a problem, maybe something was added in the 5.8 and create a conflict with this name ?" ahsynv 4 54102 Users with email address's containing & shows up as HTML & breaking certain connectivity Users 5.8 normal normal Awaiting Review defect (bug) new 2021-09-09T11:01:47Z 2021-09-23T08:53:21Z "The email address is set to tes&123@go6.co.uk but WordPress back end-user panel is treating it as tes&123@go6.co.uk which is causing malformed results when trying to perform other actions we need. See screenshot - https://i.snipboard.io/VHAgmO.jpg" waynep16 2 54109 Classic Editor - Image edit popup toolbar no longer appears when image has link TinyMCE 5.8 normal normal Awaiting Review defect (bug) new 2021-09-11T07:55:44Z 2021-09-21T13:29:02Z "After inserting an image into the Classic Editor, you can click on it and a small popup toolbar will appear with several alignment buttons and an Edit button. Image without link, showing popup toolbar after being clicked: [[Image(https://p377.p0.n0.cdn.getcloudapp.com/items/o0uPJNdL/c547caaf-3ab0-4d26-9f4a-f413da275bbf.png?source=viewer&v=7d5ba87b66148f1b317100ac3baa1cf0)]] After you add a link to the image, or if you add a link while inserting the image, this popup toolbar no longer displays when clicking on the image. The popup will flash and then disappear. Vid: https://share.getcloudapp.com/8Lu5YGzD macOS Big Sur 11.5.2 Firefox 92.0 WP 5.8.1 TwentyTwenty Classic Editor (No other plugins) " ahortin 2 54113 Override core/gallery block Editor 5.8.1 normal normal Awaiting Review defect (bug) new 2021-09-12T17:34:11Z 2022-01-31T09:45:08Z "Hello, I did override the core block for the gallery using in my ''functions.php'' file : {{{#!php 'my_gallery_render', ) ); } add_action( 'init', 'my_register_gallery', 10 , 1 ); }}} It was perfectly working, but since a few days (I did the last update of wordpress 5.8.1), and maybe a little bit before, but I am not totally sure, I have an issue : If I use the ''unregister_block_type'' function I cannot override it with ''register_block_type'' and the block disappear in the editor. And a strange thing occurs, I have this message on the former existing gallery blocks : {{{ Your site doesn’t include support for the THRON block. You can try installing the block, convert it to a Custom HTML block, or remove it entirely. }}} If I don't use ''unregister_block_type('core/gallery');'' before, I have this message : {{{ Notice: WP_Block_Type_Registry::register was called incorrectly. Block type ""core/gallery"" is already registered. Please see Debugging in WordPress for more information. (This message was added in version 5.0.0.) in /Users/the_user/wordpress_folder/wp-includes/functions.php on line 5663 }}} All of that was working before with no alert. I tried with all my plugins deactivated, and with removing all my function.php files actions. " lohic 5 54114 paginate_links() ajax has-patch General 5.8.1 normal normal Awaiting Review defect (bug) new 2021-09-12T17:55:31Z 2021-09-21T13:37:56Z "`paginate_links()` may not work incorrectly for AJAX requests and other requests that pass `$_GET` parameters. Let's look how `paginate_links()` works in AJAX request handler function. I wrote a demo plugin: {{{#!php

    admin_url( 'options-general.php?page=paglinkstest&paged=%_%' ), 'format' => '%#%', 'total' => 20, 'current' => max( 1, (int) ( $_GET['paged'] ?? $page ?? 1 ) ), 'merge_query_vars' => false, ); $pagination = paginate_links( $args ); ?>
    $_GET[url]: ' . $_GET['url'] . '

    '; wp_parse_str( wp_parse_url( $_GET['url'], PHP_URL_QUERY ), $query_vars ); paginate_links_test( $query_vars['paged'] ); exit; } }}} Let's install + activate this plugin, go to it's page (under settings menu item) and click on the pagination links: First paginate links looks good: `
    20` But with each click the link to the page grows additional unnecessary parameters Second click: `20` Third: `20` This happens because paginate_links() forcibly add current request $_GET parameters to each pagination link and we have no way to disable this behavior. So we can't normally use paginate_links() in AJAX requests in some circumstance. **The best solution** is to somehow cut out the merge of additional parameters, because this function is designed to build pagination links based on the passed data and this side effect only spoils everything. But I don't know what it is about backward compatibility. **So, the easiest solution** is to add additional argument to paginate_links(), which allow to disable merge of additional GET parameters. It will at least allow to use this function in AJAX requests and any other requests, where it's not necessary to add request parameters to pagination links. " Tkama 2 54116 Check ImageMagick version 6/7 Site Health normal normal Awaiting Review enhancement new 2021-09-13T08:52:32Z 2024-01-24T09:26:50Z "From #52654 **Context** WordPress uses ImageMagick to create, edit, compose, or convert digital images. It can read and write images in a variety of formats (over 200) including PNG, JPEG, GIF, WebP, HEIC, SVG, PDF, DPX, EXR and TIFF. ImageMagick can resize, flip, mirror, rotate, distort, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves. **ImageMagick recommendation** But, we recommend using ImageMagick, although the last WordPress versions supports WebP and ImageMagick 6 does not support it. Moreover, a lot of OS have the version 6 by default because version 7 needs to be compiled manually (at least, at this moment). **Site Health** Should the Site Heath check the version? Yes. because for some functionalities, there are some things different. **How we can check it?** https://www.php.net/manual/en/imagick.getversion.php The array returns something like: {{{ Array ( [versionNumber] => 1632 [versionString] => ImageMagick 6.6.0-4 2010-11-16 Q16 http://www.imagemagick.org ) }}} But, we should get the version with this example: {{{#!php ID, get_object_taxonomies( 'post' ) ); }}} 2. But in block editor, hope we are separately storing the category and terms(Please correct me if am wrong) 3. In block editor on old post status as ""new"" and new post status as ""publish"" (This would the first time publish of that post), in wp_insert_post() we are not getting the category or terms to store in that post, so while entering transition_post_status action hook, we are not able to get the corresponding selected category instead we are getting the Uncategory for that post as a default. 4. In block editor we are getting the corresponding post category for action hook transition_post_status, but the post status are incorrect, the old post status and new post status is ""publish"", which is equivalent to update, so we are not able to identify whether the post has been published first or update. Please let me know if the above is unclear. Thanks M A Vinoth Kumar" vinoth06 3 54125 Rest API tax_relation=OR doesn't seem to work correctly REST API 5.8 normal major Awaiting Review defect (bug) new 2021-09-15T07:02:38Z 2021-09-15T07:02:38Z "Let's say we have posts of a custom post type. Post 1 has custom-tax1 with ID1 and custom-tax2 with ID2. Post 2 has custom-tax2 with ID2. Post 3 has custom-tax1 with ID3. Post 4 has no custom taxonomies attached. When querying {{{ /wp/v2/custompost?&_fields=id,title&custom-tax1=ID&custom-tax2=ID2 }}} it returns only Post 1 as expected. {{{ /wp/v2/custompost?&_fields=id,title&custom-tax2=ID2 }}} returns Post 1 and Post 2 as expected Querying {{{ /wp/v2/custompost?&_fields=id,title&custom-tax1=ID1&custom-tax2=ID2&tax_relation=OR }}} I expect it to return Post 1 and Post 2 as well, but instead it returns all 4 Posts. As soon as tax_relation=OR is added to the query, it seems all prior tax queries are just ignored. Unless I'm misreading this https://make.wordpress.org/core/2020/02/29/rest-api-changes-in-5-4/ and it should somehow work differently." roverlap 54126 Twenty Twenty: Left and right image alignment issue in front side has-patch Bundled Theme normal normal Awaiting Review defect (bug) new 2021-09-15T09:19:49Z 2022-07-26T02:42:44Z "In the twentytwenty theme, when we give alignment left and right to the image from the backend, the design is breaking due to some properties on that image in the front side. " aezazshekh 3 54135 `nav_menu_meta_box_object` filter doesn't work on taxonomies Menus normal normal Awaiting Review defect (bug) new 2021-09-16T19:16:45Z 2021-09-16T19:44:03Z "I am trying to remove the pagination on main category taxonomy but it doesn't work {{{#!php name ) { $post_type->_default_query['number'] = -1; } return $post_type; } add_filter( 'nav_menu_meta_box_object', 'disable_pagination_in_category_meta_box', 9 ); }}} Think it's bug but not sure " papazetis 54136 Slideshow gallery shown as a tiled gallery when using shortcode with Classic Editor close Gallery 5.8.1 normal minor Awaiting Review defect (bug) new 2021-09-16T19:18:33Z 2021-12-15T03:15:56Z "The issue is happening with the Gallery Block, [https://wordpress.com/support/wordpress-editor/blocks/gallery-block/2/ when added through the Classic Editor as explained here.] Adding it with the shortcode {{{[gallery]}}} and the variable {{{type: slideshow}}} outputs it as a tiled gallery instead of showing a slideshow. [https://wordpress.org/support/topic/what-options-are-currently-available-in-the-wordpress-gallery-shortcode-2 This was initially reported here as a Jetpack issue], but I was able to reproduce it without Jetpack installed, and with a default theme (Twenty Seventeen). " muffinpeace 1 54138 wp_strip_all_tags should remove scripts/styles content recursively has-patch Formatting normal normal Awaiting Review defect (bug) new 2021-09-16T20:19:53Z 2021-09-16T20:31:18Z "If we try to run the next code `pt>alert(""krya"");` via the `wp_strip_all_tags` function it remove the script content only once. So, the next hack allows passing the script content throw the function. ## In details. First iteration: - input: `pt>alert(""krya""); - output: `` Thankfully the `strip_tags` removes scripts tags later, but the content is still present. " wppunk 1 54144 The New Blocks Widgets Causes a Huge Load on the Database Widgets 5.8.1 normal critical Awaiting Review defect (bug) new 2021-09-18T16:26:14Z 2023-04-20T13:52:18Z "Hi There! My host on DigitalOcean with 4GB RAM which is too large for any small WordPress site, and I had no issues until you released the new Widgets. Just while loading the widgets in the Admin Dashboard, I receive a DB error message (which I made to know about an overload) in every Widget box. This is a very wired situation not suitable for my server's resources, I don't know if someone else report this issue before but now all my websites upgraded to v5.8 always down in the Widgets pages because of overload on database. Thanks hope to fix soon [[Image(https://awscdn.oxibug.com/cdn/wp-content/uploads/2021/09/WordPress-v581-Widgets-DB-Overload-Issue.jpg)]]" oxibug 3 54145 new widget feature broke database reporter-feedback Widgets 5.8.1 normal critical Awaiting Review defect (bug) new 2021-09-19T02:47:16Z 2021-09-28T00:59:22Z "https://prnt.sc/1srrhlp == **Error establishing a database connection **when i install new themes or develop websites uses astra or paid themes this new widget module creates critical bugs and broke database also after going to this page it makes my website says ""Error establishing a database connection"" but host is worked well and wp-config is correct; so in two condition i test sometimes create php errors and make database corrupt so my suggestion is make a site owner to decide what he want to use new module or not and suggest to put old widget plugin in main plugin page side classic editor and i hope to fix it soon in coming updates thanks for making wordpress open for everyone" starmido213 1 54147 XMLRPC API ignores empty terms_names array has-patch XML-RPC normal normal Awaiting Review defect (bug) new 2021-09-20T17:46:31Z 2021-09-20T18:44:15Z "There is a bug in the XMLRPC API that causes API clients who use the terms_names field to set tags or other terms to be unable to completely remove tags from a post using this API. I'm attaching a patch that addresses the problem by ensuring that if there is an input entry for terms_names on a given taxonomy, that at least an empty array is established as the updated terms property for the updated post. I'll add a unit test update to this ticket soon." redsweater 1 54149 Audit `get_comment()` response checks. hellofromTonya has-patch Comments 5.9 normal normal Future Release defect (bug) assigned 2021-09-21T02:14:44Z 2022-09-27T16:55:50Z "There are currently 164 calls to `get_comment()` across 36 files in the codebase (see attached file), with more pending with at least one upcoming PR. Some of these calls check the response of `get_comment()` in one of the following ways: {{{#!php comment_ID ) {... if ( ! empty( $comment->comment_ID ) {... }}} Some do not check the response at all. A [https://wordpress.slack.com/archives/C02RQBWTW/p1630738445035900 discussion on Slack] between myself and @jrf led to the suggestion that we audit the use of `get_comment()`. @hellofromtonya suggested two alternative checks on the response: {{{#!php }}} ... wordpress thinks that the ""system.webserver"" is not present, so it append it at the end of the web.config. And, we get a ""500 error"" because that new edited web.config is invalid. We fixed it temporary by disabling ""write"" access to web.config for our app pool, but you should fix it, and correctly find the ""rewrite rule"" even if it's under the xml path." foxontherock 54171 Twenty Twelve: Replace frontend jQuery usage with vanilla JS flixos90 has-patch Bundled Theme normal normal Awaiting Review enhancement assigned 2021-09-23T19:10:28Z 2022-02-17T21:02:12Z "Using jQuery for a few simple JS interactions in WordPress themes is a common performance problem, which is in most cases relatively straightforward to address: Vanilla JavaScript has for the better part of a decade included enough APIs that work across all popular browsers so that the remaining benefits of jQuery are around a few utility functions, that could be re-implemented in a few lines of code. Using jQuery for such simple use-cases results in around 80% more JS code being loaded in the frontend. This ticket focuses on removing jQuery as a **frontend** dependency for Twenty Twelve - specifically the frontend, as for example in the Customizer jQuery is loaded anyway (and performance is a bit less of a concern there)." flixos90 4 54172 Twenty Fifteen: Replace frontend jQuery usage with vanilla JS flixos90 has-patch Bundled Theme normal normal Awaiting Review enhancement assigned 2021-09-23T19:11:38Z 2022-02-17T21:02:23Z "Using jQuery for a few simple JS interactions in WordPress themes is a common performance problem, which is in most cases relatively straightforward to address: Vanilla JavaScript has for the better part of a decade included enough APIs that work across all popular browsers so that the remaining benefits of jQuery are around a few utility functions, that could be re-implemented in a few lines of code. Using jQuery for such simple use-cases results in around 80% more JS code being loaded in the frontend. This ticket focuses on removing jQuery as a **frontend** dependency for Twenty Fifteen - specifically the frontend, as for example in the Customizer jQuery is loaded anyway (and performance is a bit less of a concern there). Also see #54171, which does the same for Twenty Twelve." flixos90 4 54173 Twenty Twenty-One: Social icons dev-feedback Bundled Theme normal normal Awaiting Review feature request new 2021-09-23T19:34:24Z 2021-10-05T16:44:29Z "twentytwentyone/classes/class-twenty-twenty-one-svg-icons.php in that beautiful theme mail is take into account and and mailto: links are shown with an envelope icon shouldn't be the same with a tel: link ? (a phone icon) IMHO yes" marco.milone 5 54179 Raw JS is prematurely ended with a tag when HTML tags are present within JS strings. reporter-feedback General normal normal Awaiting Review defect (bug) new 2021-09-24T13:42:03Z 2021-09-26T01:26:06Z "We are using a custom JS file that is reaching out to a web service, building a string from the data, and setting it as the innerHTML to a DOM Element already on the page. For some reason, HTML tags in this string were causing our script to get cut short, and whatever remained would instead by interpreted as HTML. A JavaScript snippet such as the following: {{{ myElement.innerHTML = ‘

    My Content

    ’; }}} would cause a tag to be inserted between the

    and tags, cutting the JS short, leaving the rest to be read as HTML. The fix was to replace every tag in these strings with a chain of concatenations: {{{ myElement.innerHTML = ‘<’ + ‘div>’ + ‘<’ + ‘p>My Content’ + ‘<’ + ‘/p>’ + ‘<’ + ‘/div>’; }}} I don’t know what was causing this, but this workaround prevented whatever was processing our JavaScript from recognizing and interpreting the HTML tags." joshuapeck9898 1 54180 tests fot _wp_mysql_week() has-patch Build/Test Tools normal normal Awaiting Review defect (bug) new 2021-09-24T19:59:07Z 2021-09-24T20:02:14Z pbearne 1 54182 Use wp_unslash() for $_REQUEST Parameter in wp-admin/admin-post.php file reporter-feedback General 5.8.1 normal normal Awaiting Review enhancement new 2021-09-25T11:13:03Z 2021-09-30T20:56:30Z Need to use the `wp_unslash()` for `$_REQUEST['action']`, you can see screenshot. yagniksangani 3 54183 Tests: decide on how to handle deprecations in PHPUnit SergeyBiryukov has-patch Build/Test Tools normal normal Future Release task (blessed) assigned 2021-09-25T14:55:56Z 2022-10-05T09:42:35Z "PHPUnit just released version 9.5.10 and 8.5.21. This contains a particular (IMO breaking) change which I believe we should have a think about how to handle: > Changed > > * PHPUnit no longer converts PHP deprecations to exceptions by default (configure `convertDeprecationsToExceptions=""true""` to enable this) > * The PHPUnit XML configuration file generator now configures `convertDeprecationsToExceptions=""true""` == Let's unpack this: Previously (PHPUnit < 9.5.10/8.5.21), if PHPUnit would encounter a PHP native deprecation notice, it would: 1. Show a test which causes a deprecation notice to be thrown as **""errored""**, 2. Show the **first** deprecation notice it encountered and 3. PHPUnit would exit with a **non-0 exit code** (2), which will fail a CI build. [[Image(ticket:54183:deprecations-in-phpunit-9.5.9.png)]] As of PHPUnit 9.5.10/8.5.21, if PHPUnit encounters a PHP native deprecation notice, it will no longer do so. Instead PHPUnit will: 1. Show a test which causes a PHP deprecation notice to be thrown as **""risky""**, 2. Show the **all** deprecation notices it encountered and 3. PHPUnit will exit with a **0 exit code**, which will show a CI build as passing. [[Image(ticket:54183:deprecations-in-phpunit-9.5.10.png)]] == Options IMO, there are three options here: ==== 1. Leave as is. Deprecation notices means something will still work for the time being and will not change the behaviour of WordPress. **Pro:** - All deprecations caused by a particular test will be shown, not just the first. **Con:** - As CI builds pass, deprecations may go unnoticed, while they will eventually still need to be fixed as in the next PHP major will become errors. - More deprecations will stay in WP, causing more churn from end-users reporting notices seen. ==== 2. Revert to the previous behaviour by adding `convertDeprecationsToExceptions=""true""` to the PHPUnit configuration. **Pro:** - Deprecation notices can not go unnoticed as CI builds will fail on them. **Con:** - You will only see the first deprecation notice for a test, there may be more issues hiding behind a deprecation. - (minor) The PHPUnit configuration will no longer validate against the XSD scheme on PHPUnit 5/6/7. ==== 3. Add `failOnRisky=""true""` to the PHPUnit configuration. **Pro:** - All deprecations caused by a particular test will be shown, not just the first. - Deprecation notices will cause the CI builds to fail, so can not go unnoticed. **Con:** - The WP test suite contains a number of other tests which are currently marked as ""risky"". These will now also cause a build to fail. I personally favour option 2 or 3, but would love to see some more opinions on this. Pinging @hellofromtonya @johnbillion @sergey @netweb for visibility. Changelogs: * https://github.com/sebastianbergmann/phpunit/blob/9.5/ChangeLog-8.5.md * https://github.com/sebastianbergmann/phpunit/blob/9.5/ChangeLog-9.5.md Related: #53363 " jrf 28 54184 HTML entities get decoded in Customizer text fields Customize 5.8.1 normal normal Awaiting Review defect (bug) new 2021-09-26T00:19:10Z 2021-09-26T00:19:10Z "= Part 1 1. Use `WP_Customize_Manager::add_setting()` and `WP_Customize_Manager::add_control()` to create a `text` setting/control with the default value `©`; 2. Navigate to the newly added setting in the Customizer. == Expected Result The literal text `©` is in the edit box (as specified for the default value). == Actual Result A copyright symbol (`©`) is in the edit box. = Part 2 1. Enter the text `&` in the above edit box (replacing what was there); 2. Publish (save) settings; 3. Reload the page and navigate to the setting once again. == Expected Result The literal text `&` is in the edit box (as originally entered). == Actual Result Only a single ampersand symbol (`&`) is in the edit box. = Note Same results if the setting is given type `textarea`. Whatever is entered into text controls, or provided for a default value, should be preserved as is. The WordPress Customizer has no knowledge of how it is going to be used and should not make presumptions that it is going to be used in HTML output. " jqz 54190 sanitize_file_name disallows acute accents and left smart apostrophe dev-feedback Media 5.5 normal normal Awaiting Review defect (bug) new 2021-09-27T14:23:29Z 2023-10-04T19:21:40Z "The following change to line 1991 of wp-includes/formatting.php will disallow acute accents and left smart apostrophe in file names {{{ $special_chars = array( '?', '[', ']', '/', '\\', '=', '<', '>', ':', ';', ',', ""'"", '""', '&', '$', '#', '*', '(', ')', '|', '~', '`', '´', '!', '{', '}', '%', '+', 'ʻ','’', '«', '»', '”', '“', chr( 0 ) ); }}}" jdorner 20 54192 `get_header_image_tag` doesn't add `srcset`/`sizes` reporter-feedback General normal normal Awaiting Review defect (bug) new 2021-09-27T16:38:57Z 2021-10-10T14:45:45Z "Currently the `get_header_image_tag` method (and all other methods calling it like `the_custom_header_markup` and `get_custom_header_markup`) outputs an `` without `srcset` and `sizes` attributes. This is important for header images that are normally quite large. The custom header image method doesn't use the normal WordPress `wp_get_attachment_image` method for outputting the actual ``, instead it constructs the `` markup with its own code. Related issue: https://core.trac.wordpress.org/ticket/46134#comment:6" strarsis 8 54193 PHP fileinfo extention identifies JSON as text/plain; wp_check_filetype_and_ext then prevents upload has-patch Media normal normal Awaiting Review defect (bug) new 2021-09-27T16:54:56Z 2021-09-28T09:48:02Z "For hosts that make available the PHP fileinfo extension, uploaded files of mime type `application/json` are identified by that extension as `text/plain`. Within the `wp_check_filetype_and_ext` function, it's noted that ""a few common file types are occasionally detected as `text/plain`"", but `application/json` is not listed as one of those common types. For reference, the following types are listed: csv, rtf, tsv, and vtt. I propose adding `application/json` to this list. Otherwise, I believe it may be impossible to upload a JSON file on a host that uses this extension." dashifen 2 54202 Bad display of images with transparent background. reporter-feedback Media 5.8.1 normal minor Awaiting Review defect (bug) new 2021-09-28T12:27:12Z 2023-03-15T15:38:28Z "Hello, The file system incorrectly displays images with a transparent background. Please repair. Thank you" michalrama 6 54204 Twenty Twenty-One: }}} The browser default button appears with such code. It would be great if they have a style like other default themes. " umchal 2 55113 category widget block has-patch General 5.9 normal normal Awaiting Review defect (bug) new 2022-02-08T13:40:35Z 2022-02-09T18:53:30Z The dropdown category widget block doesn't fill out on a Samsung smartphone. There are no problems on a Samsung tablet s6 and also not on a windows pC. I use twenty twelve theme on www.razenberg.nl willem 2 3 55115 Change deprecated wpdb::escape() method close Database normal normal Awaiting Review enhancement new 2022-02-08T15:47:19Z 2022-02-12T15:46:30Z "the function wpdb::escape( string|array $data ) is depreciate as per documentation [https://developer.wordpress.org/reference/classes/wpdb/escape/], but it's still using depreciated function such as wpdb::_weak_escape and itself. I think we shouldn't use depreciated functions since charity begins at home." azouamauriac 3 55120 """wp_editor_settings"" filter not working for the Classic block TinyMCE settings" TinyMCE normal normal Awaiting Review defect (bug) new 2022-02-08T21:49:55Z 2022-02-08T21:49:55Z "This filter was added in the #45348 to Classic Block but I think it's not working. To run this filter we need to use return value of `array_merge` [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/script-loader.php#L517/ reference]. I double check if there is an any version of PHP could support this usage but I couldn't found: https://3v4l.org/v4YBT You can find below my must use plugin for test, it doesn't effect any option of Classic block. {{{#!php 'bold,italic' ]; return $settings; } }}} I hope I don't miss anything 🙂 " oztaser 55121 classic widgets with no settings won't show up in 5.9 has-patch Widgets 5.9 normal normal Future Release defect (bug) reopened 2022-02-08T23:55:53Z 2023-08-03T21:37:13Z "Before 5.9 the WP_Widget class would use array_key_exists (within the display_callback method) when loading the widget, but now it uses isset. https://github.com/WordPress/WordPress/commit/df4834caea2c4e2be8595c12bb98b2849cdcf0c2 We have some widgets with no settings so the instance is there, but has a value of null and because of that, isset returns false. This causes the widget to not load at all. Would really like these setting-less widgets to work again, on PHP 7.4 and 8." joncampbell 30 55126 Twenty Sixteen: Replace frontend jQuery usage with vanilla JS sergiomdgomes has-patch Bundled Theme normal normal Awaiting Review enhancement assigned 2022-02-09T16:04:02Z 2023-05-19T09:06:26Z "`jQuery` is a large library, at around 90KB uncompressed, or 30KB gzipped. To make matters worse, it's usually enqueued in the head, and thus becomes part of the critical path, delaying first paint and subsequent metrics. Nowadays, the library is being enqueued for relatively little gain in many situations, given that the platform supports much of the functionality. Twenty Sixteen is an example of this, as it's relatively trivial to reimplement its functionality in native JS. This ticket focuses on removing jQuery as a frontend dependency for Twenty Twelve - specifically the frontend, as for example in the Customizer `jQuery` is loaded anyway (and performance is a bit less of a concern there). See also #54171 and #54172, which do the same for other themes." sergiomdgomes 9 55128 REST API /media leaves holes in the result, making it virtually impossible to paginate through them REST API 5.9 normal normal Awaiting Review defect (bug) new 2022-02-09T18:09:03Z 2022-02-09T18:09:03Z "A request to the REST API for say /media?per_page=20 can unexpectedly return any number of results up to 20, including an empty array when there are more pages to follow. This happens when some of the media library entries are attached to unpublished posts, and the media were added in the post, not directly to the media library. Now it may be reasonable to omit these when not authenticated, but not by post-processing the array after it has been fetched from the database, as seems to be happening currently. Doing that makes it extremely difficult to paginate through them, or to choose an appropriate page size. This is compounded by the fact that it is more likely the missing images will be near the beginning, as those are the ones less likely to have been published yet. Consider just displaying a matrix of the thumbnails, as obtained from the API, 20 at a time. So you ask for a page of 20 and get 5. OK, let's get another page before returning it to the client: you get 18 this time, so you take the first 15 of those and along with the first 5 give those to the client. The user clicks ""show more"". Where do I start? I can't start on page 3 because there were some left over on page 2. But I have no idea where the gaps are so I can't set an appropriate offset - offset apparently _includes_ the missing entries! And there is no information about where the missing entries might be. Basically using offset is not possible. The only solution is to start from the beginning every time, and then omit the first however many results already delivered to the client. This defeats the point of pagination, and gets slower and slower as they ask for more. I could provide randomly more than they requested, up to some maximum (set as per_page), and work entirely in pages, noting the page number highwater mark on each request, each time fetching as many pages as needed to get some minimum number of images. This doesn't require starting again each time, but can also result in hundreds of API requests retrieving empty arrays each time if there are many unpublished images, which is also very slow. It also makes it impossible to work to a UI where the user specifies how many to retrieve at once. Or I could work with page_size = 1, which means I can use page number where I would have liked to have used offset, but that is also very slow: at least 20 requests, probably many more to skip unpublished images, where I would expect only to need one request. And it makes it much harder to implement either way, as the obviously intended implementation is to set offset to the currently retrieved images, and a number up to 100 as the page size, and just fetch that page. " frankieandshadow 55133 Using an array containing a single object as first $arg in do_action() dev-feedback Plugins normal normal Awaiting Review defect (bug) new 2022-02-10T07:55:43Z 2022-06-17T09:36:19Z "When passing an array containing 1 single object as the first argument of `do_action()`, the array is automatically flattened and all functions triggered by the hook will receive a single object as the first argument (instead of an array). **Example:** {{{#!php $var = [ (object) [ 'key' => 'name', 'value' => 'Pierre', ] ]; do_action( 'hook_name', $var ); }}} Any function hooked to `hook_name` receives this first argument: {{{#!php stdClass Object ( [key] => name [value] => Pierre ) }}} …instead of an array containing this object. I've found that this is because of some **PHP4** backward compatibility in the `do_action()` function: {{{#!php } elseif ( is_array( $arg[0] ) && 1 === count( $arg[0] ) && isset( $arg[0][0] ) && is_object( $arg[0][0] ) ) { // Backward compatibility for PHP4-style passing of `array( &$this )` as action `$arg`. $arg[0] = $arg[0][0]; } }}} This is a weird and unexpected behavior, could we add an additional condition in this `elseif` in order to check for the PHP version to apply this hack?" pskli 7 55135 Media URLs break when migrating WordPress content to different domains Export 5.9 normal normal Awaiting Review defect (bug) new 2022-02-10T08:28:16Z 2022-02-10T10:58:10Z "All media assets use absolute URLs when exporting WordPress content, including the domain name and port if present. When importing the content on a new WordPress installation located at a different domain or port, page/post media fail to render since they point to the previous domain/port. https://github.com/creativecommons/project_creativecommons.org/issues/225 The hard-coded links require post-processing the XML file for the content to be portable across domains and environments (e.g., development, staging, and production). Ideally, media URLs in the export file would be relative to the WordPress root, such as described in the following issue from 11 years ago: #17048." brylie 1 55139 TypeError: k is not iterable Editor 5.9 normal normal Awaiting Review defect (bug) new 2022-02-10T19:19:27Z 2022-02-10T19:19:27Z "When I am in the block editor and try typing something in the box search get the below error, see image 01 and 02. [[Image(https://inqmatic.com/wp-content/uploads/2022/02/image_01.png)]] [[Image(https://inqmatic.com/wp-content/uploads/2022/02/image_02.png)]] The error is: {{{ TypeError: k is not iterable at f (https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:26:86949) at https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:26:86506 at Array.map () at m (https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:26:86496) at p (https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:26:86043) at https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:12:14633 at Object.useMemo (https://c0.wp.com/c/5.9/wp-includes/js/dist/vendor/react-dom.min.js:220:462) at c.useMemo (https://c0.wp.com/c/5.9/wp-includes/js/dist/vendor/react.min.js:30:236) at Wg7J.t.a (https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:12:14608) at Le (https://c0.wp.com/c/5.9/wp-includes/js/dist/vendor/react-dom.min.js:100:3) }}} further, this error appear then update to wordpress 5.9. Thanks." zirtrex 55140 Erase Personal Data Email Validation Issue dev-feedback Privacy normal normal Awaiting Review defect (bug) new 2022-02-10T23:34:17Z 2022-09-27T14:11:42Z "Erase Personal Data work fine with invalid username but not working with email. When i added random text email auto inserted. " ravipatel 6 55142 Custom, external or 3rd party styles are not loaded inside the preview iframe Editor 5.9 normal normal Awaiting Review defect (bug) new 2022-02-11T12:10:29Z 2022-02-11T12:10:29Z "Hello, Unfortunately, you messed a lot of things with the new iframe editor preview, conditional you set are ""crazy"" and work only for your cases otherwise you blocked or removed any custom/external/3rd party scripts. In this file src/components/iframe/index.js you made function **styleSheetsCompat** and that function has 2 problems: 1. If we include any external CSS file that file will not be loaded because of this case {{{ try { // May fail for external styles. // eslint-disable-next-line no-unused-expressions styleSheet.cssRules; } catch ( e ) { return; } }}} External files on Chrome browser will be blocked and cssRules result will be ""Failed to read the 'cssRules' property from 'CSSStyleSheet': Cannot access rules at CSSStyleSheet"" - https://stackoverflow.com/questions/48753691/cannot-access-cssrules-from-local-css-file-in-chrome-64/49160760#49160760 Please check Google Font file issue - https://imgur.com/a/SPIPNvZ 2. The Second problem is 3rd party styles or theme custom styles. In the same file -> same function -> you can find this piece of code {{{ const isMatch = Array.from( cssRules ).find( ( { selectorText } ) => selectorText && ( selectorText.includes( `.${ BODY_CLASS_NAME }` ) || selectorText.includes( `.${ BLOCK_PREFIX }` ) ) ); }}} where {{{ const BODY_CLASS_NAME = 'editor-styles-wrapper'; const BLOCK_PREFIX = 'wp-block'; }}} If we have for example 3rd party style - Swiper.css you will block it because inside that file there is no **editor-styles-wrapper** or **wp-block** classes as selector https://www.screencast.com/t/YxASDqA97u0 and that file will not be executed/loaded. The same issue is with any custom theme or plugin styles that don't contain these classes. In my case, I have several CSS files which don't contain these classes and all files are blocked. Could you please consider changing this logic or adding some hooks/JS variables so we can be able to extend/change or add our items? Best regards, Nenad Obradovic" Nenad Obradovic 55146 WP5.9 Customizer partially white-screens in Safari browser Customize 5.9 normal normal Awaiting Review defect (bug) new 2022-02-11T16:54:41Z 2022-02-11T17:07:42Z "Running (Mac) Safari 13.1.2, WordPress 5.9, on multiple sites. When loading the Customizer, I get a partial white screen – no left-column menu items (although the frame is there) and no page preview. Screenshot attached, and console error messages as follow: {{{ [Error] Failed to load resource: the server responded with a status of 404 (Not Found) (gutenberg.css, line 0) [Error] TypeError: o.addEventListener is not a function. (In 'o.addEventListener(""change"",function(e){r=e.matches})', 'o.addEventListener' is undefined) (anonymous function) (load-scripts.php:6:132) Global Code (load-scripts.php:6:111258) [Error] TypeError: undefined is not an object (evaluating 'c.Panel.extend') (anonymous function) (customize-nav-menus.min.js:2:10976) Global Code (customize-nav-menus.min.js:2:45601) [Error] TypeError: undefined is not an object (evaluating 'wp.customize.Control.extend') Global Code (slider-customizer.js:1:92) [Error] TypeError: undefined is not an object (evaluating 'wp.customize.Control.extend') Global Code (slider-control.js:1:86) [Error] TypeError: undefined is not an object (evaluating 'api.Control.extend') (anonymous function) (spacing-customizer.js:4) Global Code (spacing-customizer.js:160) [Error] TypeError: undefined is not an object (evaluating 'api.Control.extend') (anonymous function) (backgrounds-customizer.js:2) Global Code (backgrounds-customizer.js:31) [Error] TypeError: undefined is not an object (evaluating 'api.Control.extend') (anonymous function) (copyright-customizer.js:2) Global Code (copyright-customizer.js:12) [Error] TypeError: undefined is not an object (evaluating 'api.Section.extend') (anonymous function) (upsell-control.js:2) Global Code (upsell-control.js:12) [Error] TypeError: undefined is not an object (evaluating 'wp.customize.Control.extend') s (customizer.js:1:121358) (anonymous function) (customizer.js:1:131873) o (customizer.js:1:863) t (customizer.js:1:729) (anonymous function) (customizer.js:1:1826) Global Code (customizer.js:1:1829) [Error] Error: Minified React error #200; visit https://reactjs.org/docs/error-decoder.html?invariant=200 for the full message or use the non-minified dev environment for full errors and additional helpful warnings. (anonymous function) (react-dom.min.js:243:307) [Error] TypeError: The superclass is not an object. Oe (customize-widgets.min.js:2:28659) ke (customize-widgets.min.js:2:32932) (anonymous function) (customize.php:3105) [Error] TypeError: undefined is not a function (near '...wp.customize.section...') (anonymous function) (load-scripts.php:2:31711) }}} Selected Element {{{
    }}} :Benjamin" schmedia@… 1 55147 WordPress Designers Stops Working due Incomplete Widget Settings Widgets normal normal Awaiting Review defect (bug) new 2022-02-11T17:06:06Z 2022-02-11T17:35:37Z "I had a theme since wordpress 4 installed, and in some of the recent updates the WordPress Designer Mode was broken (Stops loading with Javascript error). I finally found the rootcause which is array missing array settings for 2 widget zones in the widget theme config entry. This was the entry I am talking about: a:9:{s:19:""wp_inactive_widgets"";N;s:23:""himalayas_right_sidebar"";a:0:{}s:22:""himalayas_left_sidebar"";a:0:{}s:28:""himalayas_front_page_section"";a:0:{}s:32:""himalayas_error_404_page_sidebar"";a:0:{}s:28:""himalayas_footer_sidebar_one"";a:0:{}s:28:""himalayas_footer_sidebar_two"";i:8409;s:30:""himalayas_footer_sidebar_three"";i:8401;s:13:""array_version"";i:3;} For two zones, the array entry is missng: a:0:{} I corrected the entry manually in the database and the problem was fixed for me: a:9:{s:19:""wp_inactive_widgets"";N;s:23:""himalayas_right_sidebar"";a:0:{}s:22:""himalayas_left_sidebar"";a:0:{}s:28:""himalayas_front_page_section"";a:0:{}s:32:""himalayas_error_404_page_sidebar"";a:0:{}s:28:""himalayas_footer_sidebar_one"";a:0:{}s:28:""himalayas_footer_sidebar_two"";a:0:{}i:8409;s:30:""himalayas_footer_sidebar_three"";a:0:{};i:8401;s:13:""array_version"";i:3;} However there are certain areas where the existence of this Array is not checked causing unexpected errors." deltaray 1 55149 Secondary sites disappear from My Sites menu reporter-feedback Toolbar 5.9 normal major Awaiting Review defect (bug) new 2022-02-11T18:41:22Z 2023-04-25T20:21:22Z "If you create a new multisite, only **Network Admin** and the **Main Site** appear in the **My Sites** dropdown, the secondary sites do not appear. To change to another Site you need to go to **My Sites > Network Admin > Dashboard** and then select **All Sites** in the **Sites** menu. In old installations it works correctly, it only happens in new installations. " jose64 2 55152 Cannot delete post content if the title is empty Posts, Post Types 2.1 normal normal Awaiting Review defect (bug) new 2022-02-12T04:54:56Z 2022-02-14T04:07:37Z "Hi, I installed WordPress on my new website at [https://openinghours.co.il/] I've created a custom theme and custom fields and taxonomies for ""post"", in a custom php file, that is called in functions.php. When I try to test and see if custom fields are saved, I noticed something interesting: when the WordPress default post title (the_title) is empty, and the_content and custom fields are filled, I cannot delete the content that's in ""the_content"" on update or on save draft. I can delete content from custom fields and it works, but if the content is not empty, I try to delete the content and save draft, the content is still there. However, after testing, I've found that if ""the_title"" is not empty, I can delete the content that's located in ""the_content"". The problem accrues only when ""the_title"" (The default post title) is empty. I am not sure, but I think it doesn't have any relation to the custom fields. However, I I didn't tested it on a site without custom fields. I hope that I described it clearly, if you have any questions please ask. " wpdans 2 55169 Twenty Twenty-Two: use custom units spacer blocks has-patch Bundled Theme normal normal Awaiting Review enhancement new 2022-02-15T16:19:32Z 2022-02-15T16:43:49Z "Once https://github.com/WordPress/gutenberg/pull/36186 is backported to trunk and a minor release, we can use custom values in spacer blocks instead of static ones in the following templates, patterns, and parts: - header-dark-small (pattern and part) - header-dark-large (pattern and part) - home - index - search - archive" jffng 1 55174 "revert to the default ""checked"" behavior of blog_public switch in install.php" reporter-feedback Upgrade/Install normal normal Awaiting Review defect (bug) new 2022-02-16T03:26:00Z 2022-02-16T13:14:33Z "Good day, https://core.trac.wordpress.org/changeset/10574/trunk/wp-admin/install.php Please I think that is necessary to changed the default behavior of the 'Allow my blog to appear in search engines...' checkbox from checked to unchecked. This has caused a lot of issues before, and someone has corrected/commented about it in this forum below,.. https://paddicity.com/threads/are-you-launching-a-new-self-hosted-wordpress-site-check-this-out.25/" paddicity 2 55175 Widgets: Allow filtering args in `the_widget` has-patch Widgets normal normal Future Release enhancement new 2022-02-16T05:10:26Z 2022-02-16T06:52:21Z "Originally reported in https://github.com/WordPress/gutenberg/issues/36830. --- ### Description currently it's not possible to change widgets `before_title` from `

    ` to `

    ` when you use new gutenberg widgets environment and legacy widgets like `nav_menu` it's calling `the_widget` with `$arg` without any `apply_filter` in `wp-includes/blocks/legacy-widget.php` ### Step-by-step reproduction instructions 1. Go to `/wp-admin/widgets.php` 2. add Legacy Widget - Navigation Menu 3. Enter some title 3. On frontend it will be rendered as `

    ` but there is no way how to change it to something else, like `

    ` - no hook ### Screenshots, screen recording, code snippet _No response_ ### Environment info _No response_ ### Please confirm that you have searched existing issues in the repo. Yes ### Please confirm that you have tested with all plugins deactivated except Gutenberg. Yes" noisysocks 2 55180 Twenty Seventeen: Comments not showing up on the frontpage dev-feedback Bundled Theme 5.9 normal normal Awaiting Review defect (bug) new 2022-02-16T20:13:32Z 2023-06-07T17:56:39Z "Hi there, I'm not able to find any further information on this, but it looks like the comments aren't showing up on a static homepage with Twenty Seventeen. I have tested this with the latest update of WordPress(5.9) and the last version of the theme. **Steps to reproduce** 1. Switch theme to twenty seventeen 2. Enable ""Allow comments"" within the discussion tab on the sidebar on the homepage. 3. Check the page and search for the comments area. Original request: https://github.com/Automattic/themes/issues/5545 If this is intended, I found this as a potential workaround: https://wordpress.stackexchange.com/questions/268305/display-comments-on-homepage-of-twenty-seventeen-theme" robertghetau 1 55183 Twenty Thirteen: Table color not reflect on the frontpage has-patch Bundled Theme 5.4 normal normal Awaiting Review defect (bug) new 2022-02-17T08:31:44Z 2023-12-29T16:19:25Z "Steps: 1. Switch theme to Twenty Thirteen 2. Create Table and change color after update 3. Check the frontpage Add the video Link below: [https://www.loom.com/share/6ce4c74eb3314d7bb593b0e7173e637b]" umesh84 4 55184 Custom style handle attached to a custom block style is never load even if the block is in the page. Script Loader 5.9 normal normal Awaiting Review defect (bug) new 2022-02-17T11:12:39Z 2024-01-30T05:12:10Z "== Description I have a custom block based theme running on WP 5.9 that declares custom styles for certain blocks via the register_block_style function, but when I specify a style_handle the style is never enqueue even though the block is present in the page content (and core block assets are only loaded when they are rendered). This issue ref to ticket #54457 https://core.trac.wordpress.org/ticket/54457 == Step-by-step reproduction instructions 1. Create a theme 2. Register a custom ""Display"" block style for the ""Heading"" block via register_block_style with ""my-theme-block-style-css"" style_handle 3. Register a ""my-theme-block-style-css"" style via wp_register_style 4. Add ""Heading"" block in page content with our ""Display"" style 5. Check CSS, ""my-theme-block-style-css"" is not loaded == The relevant code It seems that the render_block filter callback in enqueue_block_styles_assets from script-loader.php never fire. script-loader.php [https://github.com/WordPress/wordpress-develop/blob/master/src/wp-includes/script-loader.php#L2463-L2477] [https://core.trac.wordpress.org/changeset/52262] " alexandrebuffet 5 55189 "Automatic removal of ""Zero-width non-joiner"" in URL" needs-unit-tests Permalinks 5.9 normal critical Future Release defect (bug) new 2022-02-17T14:30:25Z 2023-02-23T23:37:32Z "There is a big problem in recent version of WordPress, ""[https://en.wikipedia.org/wiki/Zero-width_non-joiner Zero-width non-joiner]"" in the URLs is removed automatically. This will have a very bad effect on SEO (and has affected many sites) because the page with ""Zero-width non-joiner"" in their URL will goes to be 404. " man4toman 20 55192 unit tests for _wp_check_existing_file_names hellofromTonya dev-feedback Build/Test Tools normal normal Future Release defect (bug) assigned 2022-02-17T23:25:24Z 2022-11-16T22:04:53Z pbearne 10 55193 login-form: Use the same id and class value between wp_login_form() and wp-login.php dev-feedback Login and Registration normal normal Awaiting Review enhancement new 2022-02-18T05:57:43Z 2023-08-18T12:05:40Z "Hi, below are the codes of login forms html output of `wp_login_form()` function, and wp-login.php page {{{

    }}} {{{

    }}} Look into same field between the two html outputs, you can see most of the p, label, and input tag has different values of the css ids and classes. for example: wp_login_form(): {{{}}} wp-login.php: {{{}}} the ids are the same, but wp_login_form(): {{{

    }}} wp-login.php: {{{

    }}} the classes are different Can you make the ids and classes same, so it will be easier for me to make the two login forms ( `wp_login_form()` and wp-login.php ) with consistent style? " syshut 2 55200 Cannot add caption to images on mobile Media 5.9 normal normal Awaiting Review defect (bug) new 2022-02-19T01:05:50Z 2023-06-14T11:45:43Z On the mobile view of the admin section you cannot add ally text, captions, or descriptions to media uploads vincepettit 4 55202 A proper (error) message should be show when mysql setting autocommit=0 Database 5.9 normal normal Awaiting Review enhancement new 2022-02-19T16:35:11Z 2022-02-19T20:03:07Z "A proper (error) message should be show when mysql setting autocommit=0 Somewhere is the text: [https://make.wordpress.org/core/handbook/contribute/design-decisions/#some-esoteric-mysql-settings-are-not-supported Some esoteric MySQL settings are not supported] But why not add a simple error message? (Just because it takes tooo long to find out why the installer will not work without this message). " Luuk34 55206 wp core api memory leaks dev-feedback Database normal normal Awaiting Review defect (bug) assigned 2022-02-20T05:37:43Z 2022-04-29T04:44:55Z "I've experienced the following two memory leaks in WP core. One involves $wpdb when `SAVEQUERIES` is defined truthy, and the other involves `$wp_object_cache` growing as a consequence of calling core api functions that themselves save to the object cache. Both have happened for me in cases where I'm doing large batch processing involving thousands or tens of thousands of posts. I've had memory usage exceed 512MB and cause crashes. I'm including unit tests here showing each memory leak and also the fix that I've used to prevent the memory leak and keep my batch jobs running. {{{#!php queries particularly has a tendency to blow up. */ class WP_Memory_Leak_Tests extends WP_UnitTestCase { /** * This tests a condition which exposes a memory leak in the WPDB class. * If 'SAVEQUERIES' is defined as truthy, then the $wpdb->queries property * can grow indefinitely. */ public function test_WPDB_Memory_Leak() { // Once a constant is defined, it can't be undefined, it's often defined in dev or staging environments. define( 'SAVEQUERIES', true ); // I'll just start my cron job to read the import file I've got. It's // got a decent number of records. $number_of_records = 1000; global $wpdb; $memory = memory_get_usage( true ); $peak = memory_get_peak_usage( true ); foreach ( [ 'first', 'second' ] as $pass ) { // first pass through, we'll apply a fix for this memory leak. // second pass through, we'll bypass the fix and the tests will fail. for ( $i = 1; $i <= $number_of_records; $i ++ ) { if ( 'first' === $pass ) { $wpdb->queries = []; } // for this test, we'll do direct calls to $wpdb $wpdb->query( $wpdb->prepare( ""SELECT * FROM $wpdb->posts WHERE ID = %d"", $i ) ); } $this->assertEquals( $memory, memory_get_usage( true ), ""$pass pass"" ); $this->assertEquals( $peak, memory_get_peak_usage( true ), ""$pass pass"" ); } } /** * This tests a condition which exposes a memory leak in wp cache API. If * a large batch job attempts to do a lot of something that ends up caching * things ( like, for example, get_post or wp_insert_post ), then unless * the cache is flushed regularly, the memory usage grows indefinitely. */ public function test_WP_Cache_Memory_Leak() { // I'll just start my cron job to read the import file I've got. It's // got a decent number of records. $number_of_records = 1000; global $wpdb; $memory = memory_get_usage( true ); $peak = memory_get_peak_usage( true ); foreach ( [ 'first', 'second' ] as $pass ) { // first pass through, we'll apply a fix for this memory leak. // second pass through, we'll bypass the fix and the tests will fail. for ( $i = 1; $i <= $number_of_records; $i ++ ) { if ( 'first' === $pass ) { wp_cache_flush(); } // Because our last test defined 'SAVEQUERIES', we need to // always apply this fix, otherwise that memory leak manifests. // With us doing a core API function `wp_insert_post`, the number // of queries is quite large and memory __really__ grows. $wpdb->queries = []; // let's say we're inserting posts, maybe from an excel file. // this caches some things, so $wp_object_cache grows. wp_insert_post([ 'post_type' => 'post', 'post_title' => ""post $i"", 'post_content' => ""pass $pass"" ]); } $this->assertEquals( $memory, memory_get_usage( true ), ""$pass pass"" ); $this->assertEquals( $peak, memory_get_peak_usage( true ), ""$pass pass"" ); } } } }}} " sllimrovert 3 55207 WP_Query returns published sticky posts when post_status is set to draft early Query normal normal Future Release defect (bug) new 2022-02-20T14:06:52Z 2022-03-28T05:37:33Z "Originally reported here - [https://github.com/wp-cli/entity-command/issues/278] **Error:** If a sticky post is published, the following query returns the published sticky post: {{{ 'draft', ) ); ?> ?> }}} Steps to reproduce: 1. Create a sticky post and publish it 2. Create a WP_Query with its 'post_status' set to 'draft' 3. Run the query 4. Observe that the published sticky post is returned **Expected behaviour:** Setting `post_status` to `draft` should not return published sticky posts. " NomNom99 8 55215 Unknown file in WordPress core: wp-includes/SimplePie/Cache/adf416701234bb74c7b67e4f1dc6eede.spc Type: File Feeds normal normal Awaiting Review defect (bug) new 2022-02-21T14:18:11Z 2022-02-21T16:03:28Z "Hi, Just got three notices as above. Is it an issue or a leftover file causing a problem? Thanks" marian57 55220 Legacy widgets lack access to some usual server-side globals Widgets normal normal Future Release defect (bug) new 2022-02-22T00:59:03Z 2022-03-02T13:21:05Z "Copied from https://github.com/WordPress/gutenberg/issues/33404. --- ## Description Legacy widgets whose behavior depends on the `$pagenow` global might not render as expected via the new `/wp/v2/widget-types/fm-demo/encode` REST API endpoint because `$pagenow` during these requests is `index.php`, not `widget.php`. Additionally, legacy widgets are no longer able to rely on the `$_POST['action']` variable during requests to save widget data, which is usually set to `save-widget`, and these widgets might not be able to save data as expected. Similarly, legacy widgets are no longer able to rely on `DOING_AJAX` or `wp_doing_ajax()`, although that is typical of the REST API. ## Step-by-step reproduction instructions The easiest way to observe this behavior is to observe `$pagenow` and `$_POST` using Xdebug with a breakpoint inside of `WP_REST_Widget_Types_Controller::encode_form_data()`. To see the effect of the behavior on a real-world library: 1. Clone and include the Fieldmanager library: https://github.com/alleyinteractive/wordpress-fieldmanager 2. Clone and include the Fieldmanager Widgets extension: https://github.com/alleyinteractive/fm-widgets/ 3. Load the demo widget included in the README: https://github.com/alleyinteractive/fm-widgets/blob/296d5aef0585f3ff9bcf223e30867e069c13e2ca/README.md 4. Step through the `\fm_widgets_calculated_context()` function, which relies on all of the signals mentioned in the description. ## Expected behaviour With respect to legacy widgets, `$pagenow` will be `widgets.php` during form rendering, and `$_POST['action']` will be `save-widget` during saving. ## Actual behaviour `$pagenow` is `index.php`, and `$_POST['action']` is unset. ## Code snippet (optional) See README link above. ## WordPress information - WordPress version: 5.8-RC2 - Gutenberg version: Not installed - Are all plugins except Gutenberg deactivated? No, see repro steps. - Are you using a default theme (e.g. Twenty Twenty-One)? Yes ## Device information - Device: Desktop - Operating system: macOS 10.14 - Browser: Chrome 91" noisysocks 1 55228 Provide Option to Remove Password Visibility Button and Dashicons from WordPress' Login Form close Security 5.9.1 normal normal Awaiting Review feature request new 2022-02-22T19:08:39Z 2022-02-25T16:15:23Z "**Request:** I would like to recommend adding a feature to WordPress that will allow the removal of WordPress' login form password visibility button (toggle) and dashicons (eyes). **Details:** https://ibb.co/Xp2Mh8P **Reasons:** (1) Security Enhancement (2) Cleaner UI **Implementation:** (1) Add a new checkbox field label, titled ""**Login Form**"", with the following checkbox text: ""**Disable Password Visibility Button and Dashicons**"" to **WordPress Dashboard > Settings > General** (2) When the checkbox is selected, the code associated with the password visibility button and dashicons is removed, or, activates the code snippet [provided here]https://wordpress.org/support/topic/help-appreciated-remove-visibility-eye-dashicon-from-wp-login-form/. **Scenario:** A website Administrator goes to his/her WordPress login page and login form is auto-filled by the browser but the ""Log In"" button is never clicked. Suddenly, the Administrator is summoned away from his/her desk leaving open the opportunity for a co-worker, visitor, disgruntled employee, or ""hacker in disguise"" to click the password visibility button thus exposing critical website login information. A quick toggle back to ""hidden"" by the perpetrator and the Administrator will never know what happened. **Conclusion:** By implementing this feature request, WordPress is offering its Administrators an optional, valuable login security layer. Thank you for reading!" generosus 2 55242 Time options in Settings have changed to uppercase AM and PM instead of lowercase Date/Time 5.9.1 normal normal Awaiting Review defect (bug) new 2022-02-23T19:06:14Z 2022-03-08T13:46:47Z "Not sure exactly when this change has crept in, but it should ideally be reverted as uppercase use of AM and PM isn't considered correct. https://writingexplained.org/am-or-a-m-pm-or-p-m-do-i-capitalize-am-and-pm https://capitalizemytitle.com/ufaqs/are-am-and-pm-capitalized/ https://en.wikipedia.org/wiki/Date_and_time_notation_in_the_United_Kingdom All of the sources above state that lowercase use of am and pm should be used. " leecollings 3 55247 SVG logos generate warnings from _wp_get_image_size_from_meta() Media 5.9 normal minor Awaiting Review defect (bug) new 2022-02-24T12:50:48Z 2022-03-01T16:31:16Z "If I set an SVG image as my logo in the customizer, my debug log gets filled with the following notices: ``` PHP Notice: Trying to access array offset on value of type bool in /{redacted}/wp-includes/media.php on line 1182 ``` Looking at that file, that section refers to the following function: {{{#!php `, but it needs to be `` " Frank Klein 2 55255 error wordpress 5.9.1 php 8.1 Upgrade/Install 5.9.1 normal critical Awaiting Review defect (bug) new 2022-02-24T21:07:02Z 2022-03-08T13:38:48Z "since wordpress automatic updated to 5.9.1 it is not anymore delivered using php 8.1. and gives 503 error tested on a empty wordpress installation with no plugins and the twenty twenty-two theme" flxstnhff 1 55257 map_deep() function incompatibility with incomplete objects in PHP 8.0+ dev-feedback Formatting 5.9.1 normal major Future Release defect (bug) new 2022-02-25T12:14:00Z 2023-08-08T17:18:22Z "Incomplete objects (`__PHP_Incomplete_Class`) used to have no issues with `map_deep()` before PHP 8.0 because it ignores any incomplete object. With PHP 8.0 - this now returns fatal error and PHP cannot continue processing. This disrupts an otherwise normal processing (before PHP 8.0). Example of uncaught error in debug.log are as follows: `PHP Fatal error: Uncaught Error: The script tried to modify a property on an incomplete object. Please ensure that the class definition ""SuperCustomXyz"" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide an autoloader to load the class definition in /wp/wp-includes/formatting.php:4998` For the `map_deep()` function to be truly compatible with PHP 8.0 ( as it was with earlier PHP versions) - can we modify this to check for incomplete objects? And if the value to be processed is an incomplete object - we skipped processing. This will make the function to behave like it was being used before PHP 8.0. As a result - the function still returns an array with incomplete objects as it was used to be working. This issue can be reproduced as follows: Environment: * PHP 8.0 * WordPress 5.9.1 * Create a dummy test PHP script as follows in the WP root directory: {{{#!php __PHP_Incomplete_Class Object ( [__PHP_Incomplete_Class_Name] => SuperCustomXyz [ SuperCustomXyz x] => test ) [testdata] => Array ( [a] => 1 [b] => 2 ) ) }}} " codex-m 17 55260 Update Codex Page to Include Password Visibility Button and Language Switcher needs-docs Login and Registration 5.9.1 normal normal Awaiting Review enhancement new 2022-02-25T16:43:24Z 2022-02-25T16:43:24Z "The Codex page, [https://codex.wordpress.org/Customizing_the_Login_Form /Customizing the Login Form], needs to be updated to include the [https://ibb.co/1dZ23W1 /login form password visibility button and the language switcher]. To assist, the following can be added to the updated page for the benefit of all WordPress users: **Code to Disable the Password Visibility Button:** {{{ function remove_wp_hide_pw_button() { ?> initHooks(); } /** * Initialize Hooks. * * @author Siavash Ebrahimi * @since 1.0 * @return void */ public function initHooks() { // Register size column for media library table add_filter( 'manage_media_columns', [ $this, 'registerSizeColumn' ], 15 ); add_action( 'manage_media_custom_column', [ $this, 'populateCustomColumns' ], 15, 2 ); add_action( 'added_post_meta', [ $this, 'addFileSizeMetadataToImages' ], 15, 4 ); add_filter( 'manage_upload_sortable_columns', [ $this, 'registerColumnSortableFileSize' ], 15 ); add_action( 'pre_get_posts', [ $this, 'sortableFileSizeSortingLogic' ], 15 ); } /** * Column sorting logic (query modification) * * @param $query */ public function sortableFileSizeSortingLogic( $query ) { global $pagenow; if ( is_admin() && 'upload.php' == $pagenow && $query->is_main_query() && ! empty( $_REQUEST['orderby'] ) && 'filesize' == $_REQUEST['orderby'] ) { $query->set( 'order', 'ASC' ); $query->set( 'orderby', 'meta_value_num' ); $query->set( 'meta_key', 'filesize' ); if ( 'desc' == strtolower($_REQUEST['order']) ) { $query->set( 'order', 'DSC' ); } } } /** * Make column sortable * * @param $columns * * @return mixed */ public function registerColumnSortableFileSize( $columns ) { $columns['filesize'] = 'filesize'; return $columns; } /** * Ensure file size meta gets added to new uploads * * @param $meta_id * @param $post_id * @param $meta_key * @param $meta_value */ public function addFileSizeMetadataToImages( $meta_id, $post_id, $meta_key, $meta_value ) { if ( '_wp_attachment_metadata' == $meta_key ) { $file = get_attached_file( $post_id ); update_post_meta( $post_id, 'filesize', filesize( $file ) ); } } /** * Populate media custom columns * * @return string * @since 1.0 * @access public */ public function populateCustomColumns( $column_name, $post_id ) { if ( 'filesize' == $column_name ) { if ( ! get_post_meta( $post_id, 'filesize', true ) ) { $file = get_attached_file( $post_id ); $file_size = filesize( $file ); update_post_meta( $post_id, 'filesize', $file_size ); } else { $file_size = get_post_meta( $post_id, 'filesize', true ); } echo size_format( $file_size, 2 ); } } /** * Register size column * * @param array $cols * * @return mixed * @since 1.0 */ public function registerSizeColumn( $cols ) { $cols['filesize'] = __( 'File Size' ); return $cols; } } }}} Then initialize the class : {{{#!php Settings -> Settings. (Should probably be renamed to General so that we do not have a Settings Settings screen.) Here is a plugin: https://wordpress.org/plugins/multisite-multidomain-single-sign-on/" paaljoachim 55264 Twenty Twenty-Two Looks Bad on Firefox reporter-feedback Bundled Theme 5.9 normal critical Awaiting Review defect (bug) new 2022-02-26T14:51:04Z 2022-03-04T22:35:16Z "There are two issues in twenty twenty-two that I have. Unfortunately, the 1.1 release has not fixed them. Others have reported the same issues to the support forum. I am using a staging site to test and customize the new theme for one of my sites. I am about ready to go public with it but for these issues. The customized theme looks good with the Google Chrome and Microsoft Edge browsers, and on my iPhone. But with Firefox the header navigation bar is always expanded, and the page content appears in plain text. I have made no customization to the fonts or to the navigation bar. The problem must be the way Firefox renders the core code. A less critical issue is that on Chrome and Edge, pages load in plain text before quickly becoming formatted. This is not a disabling issue, as is the Firefox issue, but it is annoying. Where should I go from here? I don’t think I should go online when I can’t deliver a decent looking site to Firefox users." aichedvs 7 55265 Setting colour in 5.9.1 General 5.9.1 normal major Awaiting Review defect (bug) new 2022-02-26T17:40:30Z 2022-04-27T07:59:39Z "Hi! I have been used to changing the colour of text, headings and buttons by simply typing in the colour code; 043D06. This works on some things (advanced lists) but not on others (buttons, plain text, headings). I assume this is a glitch? The option to change colour is there, so is the colour wheel and what seems to be a typing box but there is no way of typing in the required code. The only way to change colour is to hover over the colour wheel - it is impossible to pick the precise colour needed in this way. " hicklingadmin 2 55268 Title Becomes Non-Editable reporter-feedback General 5.9.1 normal normal Awaiting Review defect (bug) new 2022-02-26T23:39:51Z 2022-02-27T20:13:46Z "Compose a new WordPress post or edit an existing post. Place an imag on the post. Click the image and edit the image caption. From this point, the title becomes un-editable. You cannot click in the title, nor select text in the title. You can still edit content elsewhere in the post, but not the title. The title remains unable to edit until you leave the page and return to it or refresh it in the browser." franklinveaux 1 55271 Featured Image Section Disappears In Block Editor reporter-feedback Editor normal normal Awaiting Review defect (bug) new 2022-02-28T05:37:56Z 2022-03-08T14:18:32Z For some reason, the Featured Image Section just plain disappears in the Block Editor. I have to download the Classic Editor Plugin to see it. I thought this was a one time problem but it's a constant one when using WordPress 5.9.1 zennie62 4 55274 Special chars in attachment filename breaks srcset audrasjb Media 4.4 normal normal Future Release defect (bug) reviewing 2022-02-28T09:18:25Z 2022-04-27T05:03:17Z "There is currently fix that handles spaces in filenames, but it doesn't handle other special characters e.g. $! or any other special char Spaces issue was reported there: https://core.trac.wordpress.org/ticket/36549 And fixed here: https://core.trac.wordpress.org/changeset/38052" dravnic 7 55280 Unsupported operand types in Site Health Site Health 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-01T09:30:26Z 2024-02-27T09:04:35Z "I get the following error: {{{ AH01071: Got error 'PHP message: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string - int in [..]/wp-admin/includes/class-wp-site-health.php:2521 Stack trace: 0 [..]/wp-admin/includes/class-wp-site-health.php(1728): WP_Site_Health->has_missed_cron() 1 [..]/wp-admin/includes/class-wp-site-health.php(192): WP_Site_Health->get_test_scheduled_events() 2 [..]/wp-admin/includes/class-wp-site-health.php(137): WP_Site_Health->perform_test() 3 [..]/wp-includes/class-wp-hook.php(307): WP_Site_Health->enqueue_scripts() 4 [..]/wp-includes/class-wp-hook.php(331): WP_Hook->apply_filters() 5 [..]/wp-includes/plugin.php(474): WP_Hook->do_action() 6 [..]/wp-admin/admin-header....', referer: https://[..]/wp-admin/ }}} This is on a WordPress 5.9.1 multisite running on PHP 8.0.13 which was just upgraded from WP 5.5.8/PHP 7.3.33." lw5 7 55281 Twenty Twenty-One: Consider decreasing the selector specificity Bundled Theme 5.6 normal normal Awaiting Review enhancement new 2022-03-01T10:08:37Z 2022-08-11T19:36:08Z There is a CSS selector that selects almost any `a` tags and applies white background on focus. This forces users to use at least 4 classes on elements to override by specificity and complicate the code. You can see mentioned selector and how it overrides the focus color of a button with 3 classes already in attached screenshots. Why such strong selector is used there, is it really necessary, can we remove it or decrease the specificity? orkunaybek 1 55284 thumbnails issue has-patch Editor 5.9.1 normal major Awaiting Review defect (bug) new 2022-03-01T11:14:14Z 2022-05-10T10:18:06Z After updating to the latest version of wordpress, the space between elements in the frontend is not respected. For example, the thumbnails of image galleries created with WordPress blocks are aligned abnormally, spaces are not respected. See Attachment. simobenedettidesign 7 55285 Add image brakes page Editor 5.9.1 normal blocker Awaiting Review defect (bug) new 2022-03-01T13:22:42Z 2022-03-01T13:22:42Z "Hello there, i've problems with adding images using the default block and acf add image functions. After clicking no modal appears anche the page brokes and i have to reload the page. I did a downgrade to 5.9.0 and everything works greate. Hope this helps " Gugan 55287 Allow for DISTINCT in WP_Query method Posts, Post Types 6.0 normal normal Awaiting Review feature request new 2022-03-01T15:55:09Z 2022-03-01T15:55:09Z "Dear wordpress developers, Currently I'm working with a plugin to create designs. This plugin has an element called a repeater element that basically makes use of the core WP_Query method in order to fetch custom post types or normal post types. However, since I'm using this page builder or theme builder, I am in no way capable of using DISTINCT within the filter https://developer.wordpress.org/reference/hooks/posts_distinct/ Because this requires me to send the WP_Query instance, which is basically only used within the repeater element and can not be set to a variable in this particular case. This means I'll have to rebuild everything through code, instead of being able to use my page or theme builder. Now I get the idea of saying this is a bug with the page or theme builder plugin. But in fact, what I want to know is why are we using a filter to create a DISTINCT query inside of WP_Query? Isn't it possible to implement this inside of the WP_Query arguments instead? I basically want to say: fetch posts with unique titles. This seems much more logical as the SQL query is build from WP_Query... I've already looked through the entire codex, and couldn't find any possible parameter that could be used for this... My question to you is: Can this please be added to wordpress core? I find it highly frustrating that WP_Query doesn't have this sort of capabilities out of the box." simbaclaws 55288 Site Editor on 5.9.1 fails to find homepage template for FSE themes, on WP subdirectory installation dev-feedback Editor 5.9.3 normal critical Awaiting Review defect (bug) new 2022-03-01T18:47:29Z 2022-08-11T19:29:10Z "I'm getting an error when launching the site editor on 5.9.1, stating “The editor is unable to find a block template for the homepage”. This happens on both Twenty-Twenty-Two and a custom FSE theme (otherwise functional, has templates/single.html and templates/index.html). **My WP installation is in a subdirectory**, using the [[https://github.com/roots/bedrock|Bedrock]] site structure, so the editor URL is `https://example.test/wp/wp-admin/themes.php?page=gutenberg-edit-site` I've tried it on PHP 7.4.25 and 8.0.14. I've confirmed it still happens with all plugins deactivated. Notably, activating the Gutenberg plugin version 12.6.1 eliminates the error and the editor loads correctly. There are several other reports of the same error in this Twenty-Twenty-Two forum thread: https://wordpress.org/support/topic/the-editor-is-unable-to-find-a-block-template-for-the-homepage/ The error code output from the copy button is {{{ Error: `getHomepageParams`: HTTP status error, 404 at https://example.test/wp/wp-includes/js/dist/edit-site.js?ver=403e01f2b098b6a656118a51787581cb:8766:13 at async getHomepageParams (https://example.test/wp/wp-includes/js/dist/edit-site.js?ver=403e01f2b098b6a656118a51787581cb:8762:20) at async redirectToHomepage (https://example.test/wp/wp-includes/js/dist/edit-site.js?ver=403e01f2b098b6a656118a51787581cb:8797:28) at async reinitializeEditor (https://example.test/wp/wp-includes/js/dist/edit-site.js?ver=403e01f2b098b6a656118a51787581cb:9067:5) }}} " andronocean 10 55289 Large image fails to create a `scaled` version and subsizes Media 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-01T21:41:41Z 2022-03-03T02:27:17Z "When uploading a large image into WordPress it fails to create the `scaled` version, due to the usage of too many resources, because the `-scaled` resized version can't be created, no additional subsize is created. The resize fails with the following error message: > cache resources exhausted Even with the resized failure, only the full-size image is uploaded and no additional image sizes are generated. Steps to recreate the problem: 1. Upload the provided image. 2. Inspect the metadata of the image and observe no `-scaled` version was created and no subsizes was created either. Observe how only the full image size is uploaded, no `-scaled` version can't be found. == Problems 1. As described before the full size image is uploaded and no `scaled` version is created. 2. When loading the media library the full image size is loaded due no subsizes were created. 3. No subsizes are created for this image due to the resized image failing to be created. == Setup Sharing the details of my current setup: {{{ ### wp-core ### version: 5.9.1 site_language: en_US user_language: en_US timezone: +00:00 permalink: /%year%/%monthnum%/%day%/%postname%/ https_status: true multisite: false user_registration: 0 blog_public: 1 default_comment_status: open environment_type: production user_count: 1 dotorg_communication: true ### wp-paths-sizes ### wordpress_path: /app wordpress_size: 152.90 MB (160327567 bytes) uploads_path: /app/wp-content/uploads uploads_size: 22.75 MB (23851112 bytes) themes_path: /app/wp-content/themes themes_size: 6.47 MB (6780262 bytes) plugins_path: /app/wp-content/plugins plugins_size: 208.42 MB (218539593 bytes) database_size: 3.96 MB (4149380 bytes) total_size: 394.49 MB (413647914 bytes) ### wp-active-theme ### name: Twenty Twenty-Two (twentytwentytwo) version: 1.0 (latest version: 1.1) author: the WordPress team author_website: https://wordpress.org/ parent_theme: none theme_features: core-block-patterns, post-thumbnails, responsive-embeds, editor-styles, html5, automatic-feed-links, block-templates, widgets-block-editor, wp-block-styles, editor-style theme_path: /app/wp-content/themes/twentytwentytwo auto_update: Disabled ### wp-themes-inactive (3) ### Twenty Nineteen: version: 2.2, author: the WordPress team, Auto-updates disabled Twenty Twenty: version: 1.9, author: the WordPress team, Auto-updates disabled Twenty Twenty-One: version: 1.5, author: the WordPress team, Auto-updates disabled ### wp-plugins-inactive (1) ### Performance Lab: version: 1.0.0-beta.1, author: WordPress Performance Group, Auto-updates disabled ### wp-media ### image_editor: WP_Image_Editor_Imagick imagick_module_version: 1691 imagemagick_version: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org imagick_version: 3.7.0 file_uploads: File uploads is turned off post_max_size: 100M upload_max_filesize: 100M max_effective_size: 100 MB max_file_uploads: 20 imagick_limits: imagick::RESOURCETYPE_AREA: 122 MB imagick::RESOURCETYPE_DISK: 1073741824 imagick::RESOURCETYPE_FILE: 786432 imagick::RESOURCETYPE_MAP: 512 MB imagick::RESOURCETYPE_MEMORY: 256 MB imagick::RESOURCETYPE_THREAD: 1 imagemagick_file_formats: 3FR, 3G2, 3GP, AAI, AI, APNG, ART, ARW, AVI, AVIF, AVS, BGR, BGRA, BGRO, BIE, BMP, BMP2, BMP3, BRF, CAL, CALS, CANVAS, CAPTION, CIN, CIP, CLIP, CMYK, CMYKA, CR2, CR3, CRW, CUR, CUT, DATA, DCM, DCR, DCX, DDS, DFONT, DJVU, DNG, DOT, DPX, DXT1, DXT5, EPDF, EPI, EPS, EPS2, EPS3, EPSF, EPSI, EPT, EPT2, EPT3, ERF, EXR, FAX, FILE, FITS, FRACTAL, FTP, FTS, G3, G4, GIF, GIF87, GRADIENT, GRAY, GRAYA, GROUP4, GV, H, HALD, HDR, HEIC, HISTOGRAM, HRZ, HTM, HTML, HTTP, HTTPS, ICB, ICO, ICON, IIQ, INFO, INLINE, IPL, ISOBRL, ISOBRL6, J2C, J2K, JBG, JBIG, JNG, JNX, JP2, JPC, JPE, JPEG, JPG, JPM, JPS, JPT, JSON, K25, KDC, LABEL, M2V, M4V, MAC, MAGICK, MAP, MASK, MAT, MATTE, MEF, MIFF, MKV, MNG, MONO, MOV, MP4, MPC, MPG, MRW, MSL, MSVG, MTV, MVG, NEF, NRW, NULL, ORF, OTB, OTF, PAL, PALM, PAM, PANGO, PATTERN, PBM, PCD, PCDS, PCL, PCT, PCX, PDB, PDF, PDFA, PEF, PES, PFA, PFB, PFM, PGM, PGX, PICON, PICT, PIX, PJPEG, PLASMA, PNG, PNG00, PNG24, PNG32, PNG48, PNG64, PNG8, PNM, POCKETMOD, PPM, PREVIEW, PS, PS2, PS3, PSB, PSD, PTIF, PWP, RADIAL-GRADIENT, RAF, RAS, RAW, RGB, RGBA, RGBO, RGF, RLA, RLE, RMF, RW2, SCR, SCT, SFW, SGI, SHTML, SIX, SIXEL, SPARSE-COLOR, SR2, SRF, STEGANO, SUN, SVG, SVGZ, TEXT, TGA, THUMBNAIL, TIFF, TIFF64, TILE, TIM, TTC, TTF, TXT, UBRL, UBRL6, UIL, UYVY, VDA, VICAR, VID, VIDEO, VIFF, VIPS, VST, WBMP, WEBM, WEBP, WMF, WMV, WMZ, WPG, X, X3F, XBM, XC, XCF, XPM, XPS, XV, XWD, YCbCr, YCbCrA, YUV gd_version: bundled (2.1.0 compatible) gd_formats: GIF, JPEG, PNG, WebP, BMP ghostscript_version: 9.53.3 ### wp-server ### server_architecture: Linux 5.15.12-1-MANJARO x86_64 httpd_software: nginx/1.17.10 php_version: 7.4.28 64bit php_sapi: fpm-fcgi max_input_variables: 10000 time_limit: 3 memory_limit: 1G max_input_time: 900 upload_max_filesize: 100M php_post_max_size: 100M curl_version: 7.74.0 OpenSSL/1.1.1k suhosin: false imagick_availability: true pretty_permalinks: true ### wp-database ### extension: mysqli server_version: 10.3.27-MariaDB client_version: mysqlnd 7.4.28 max_allowed_packet: 33554432 max_connections: 151 ### wp-constants ### WP_HOME: undefined WP_SITEURL: undefined WP_CONTENT_DIR: /app/wp-content WP_PLUGIN_DIR: /app/wp-content/plugins WP_MEMORY_LIMIT: 40M WP_MAX_MEMORY_LIMIT: 1G WP_DEBUG: true WP_DEBUG_DISPLAY: true WP_DEBUG_LOG: true SCRIPT_DEBUG: false WP_CACHE: false CONCATENATE_SCRIPTS: undefined COMPRESS_SCRIPTS: undefined COMPRESS_CSS: undefined WP_ENVIRONMENT_TYPE: Undefined DB_CHARSET: utf8mb4 DB_COLLATE: undefined ### wp-filesystem ### wordpress: writable wp-content: writable uploads: writable plugins: writable themes: writable mu-plugins: writable }}} " mitogh 5 55290 Not all image edits are applied to all subsizes joedolson* needs-unit-tests Media normal normal Future Release defect (bug) accepted 2022-03-01T22:05:28Z 2024-02-05T20:24:32Z "When editing an image using the admin editor, not all edits are applied correctly to all image subsizes. Specifically, the problem occurs when an edit results in a smaller size than the defined image size. Given the following image subsizes, and the attached image. {{{ => array(6) { [""thumbnail""]=> array(3) { [""width""]=> int(150) [""height""]=> int(150) [""crop""]=> bool(true) } [""medium""]=> array(3) { [""width""]=> int(300) [""height""]=> int(300) [""crop""]=> bool(false) } [""medium_large""]=> array(3) { [""width""]=> int(768) [""height""]=> int(0) [""crop""]=> bool(false) } [""large""]=> array(3) { [""width""]=> int(1024) [""height""]=> int(1024) [""crop""]=> bool(false) } [""1536x1536""]=> array(3) { [""width""]=> int(1536) [""height""]=> int(1536) [""crop""]=> bool(false) } [""2048x2048""]=> array(3) { [""width""]=> int(2048) [""height""]=> int(2048) [""crop""]=> bool(false) } } }}} ''The defined sizes above are the ones coming by default with the setting provided below. '' == Steps to replicate the problem: 1. Upload the image into your installation. 2. After the image is uploaded, click on edit to open the image editor or go to the image editor from within the media library. 3. Click on Edit image 4. Click on rotate image (either right or left) only once. 5. Make sure the changes are applied to all images by checking that the setting Apply changes to: All image sizes is set 6. Click on save After the image is saved observe the changes were applied only to the following image sizes: - `thumbnail` - `medium` - `large` - `full` The only size that was not updated as expected was: - `medium_large` == Setup {{{ ### wp-core ### version: 5.9.1 site_language: en_US user_language: en_US timezone: +00:00 permalink: /%year%/%monthnum%/%day%/%postname%/ https_status: true multisite: false user_registration: 0 blog_public: 1 default_comment_status: open environment_type: production user_count: 1 dotorg_communication: true ### wp-paths-sizes ### wordpress_path: /app wordpress_size: 152.90 MB (160327567 bytes) uploads_path: /app/wp-content/uploads uploads_size: 22.75 MB (23851112 bytes) themes_path: /app/wp-content/themes themes_size: 6.47 MB (6780262 bytes) plugins_path: /app/wp-content/plugins plugins_size: 208.42 MB (218539593 bytes) database_size: 3.96 MB (4149380 bytes) total_size: 394.49 MB (413647914 bytes) ### wp-active-theme ### name: Twenty Twenty-Two (twentytwentytwo) version: 1.0 (latest version: 1.1) author: the WordPress team author_website: https://wordpress.org/ parent_theme: none theme_features: core-block-patterns, post-thumbnails, responsive-embeds, editor-styles, html5, automatic-feed-links, block-templates, widgets-block-editor, wp-block-styles, editor-style theme_path: /app/wp-content/themes/twentytwentytwo auto_update: Disabled ### wp-themes-inactive (3) ### Twenty Nineteen: version: 2.2, author: the WordPress team, Auto-updates disabled Twenty Twenty: version: 1.9, author: the WordPress team, Auto-updates disabled Twenty Twenty-One: version: 1.5, author: the WordPress team, Auto-updates disabled ### wp-plugins-inactive (1) ### Performance Lab: version: 1.0.0-beta.1, author: WordPress Performance Group, Auto-updates disabled ### wp-media ### image_editor: WP_Image_Editor_Imagick imagick_module_version: 1691 imagemagick_version: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org imagick_version: 3.7.0 file_uploads: File uploads is turned off post_max_size: 100M upload_max_filesize: 100M max_effective_size: 100 MB max_file_uploads: 20 imagick_limits: imagick::RESOURCETYPE_AREA: 122 MB imagick::RESOURCETYPE_DISK: 1073741824 imagick::RESOURCETYPE_FILE: 786432 imagick::RESOURCETYPE_MAP: 512 MB imagick::RESOURCETYPE_MEMORY: 256 MB imagick::RESOURCETYPE_THREAD: 1 imagemagick_file_formats: 3FR, 3G2, 3GP, AAI, AI, APNG, ART, ARW, AVI, AVIF, AVS, BGR, BGRA, BGRO, BIE, BMP, BMP2, BMP3, BRF, CAL, CALS, CANVAS, CAPTION, CIN, CIP, CLIP, CMYK, CMYKA, CR2, CR3, CRW, CUR, CUT, DATA, DCM, DCR, DCX, DDS, DFONT, DJVU, DNG, DOT, DPX, DXT1, DXT5, EPDF, EPI, EPS, EPS2, EPS3, EPSF, EPSI, EPT, EPT2, EPT3, ERF, EXR, FAX, FILE, FITS, FRACTAL, FTP, FTS, G3, G4, GIF, GIF87, GRADIENT, GRAY, GRAYA, GROUP4, GV, H, HALD, HDR, HEIC, HISTOGRAM, HRZ, HTM, HTML, HTTP, HTTPS, ICB, ICO, ICON, IIQ, INFO, INLINE, IPL, ISOBRL, ISOBRL6, J2C, J2K, JBG, JBIG, JNG, JNX, JP2, JPC, JPE, JPEG, JPG, JPM, JPS, JPT, JSON, K25, KDC, LABEL, M2V, M4V, MAC, MAGICK, MAP, MASK, MAT, MATTE, MEF, MIFF, MKV, MNG, MONO, MOV, MP4, MPC, MPG, MRW, MSL, MSVG, MTV, MVG, NEF, NRW, NULL, ORF, OTB, OTF, PAL, PALM, PAM, PANGO, PATTERN, PBM, PCD, PCDS, PCL, PCT, PCX, PDB, PDF, PDFA, PEF, PES, PFA, PFB, PFM, PGM, PGX, PICON, PICT, PIX, PJPEG, PLASMA, PNG, PNG00, PNG24, PNG32, PNG48, PNG64, PNG8, PNM, POCKETMOD, PPM, PREVIEW, PS, PS2, PS3, PSB, PSD, PTIF, PWP, RADIAL-GRADIENT, RAF, RAS, RAW, RGB, RGBA, RGBO, RGF, RLA, RLE, RMF, RW2, SCR, SCT, SFW, SGI, SHTML, SIX, SIXEL, SPARSE-COLOR, SR2, SRF, STEGANO, SUN, SVG, SVGZ, TEXT, TGA, THUMBNAIL, TIFF, TIFF64, TILE, TIM, TTC, TTF, TXT, UBRL, UBRL6, UIL, UYVY, VDA, VICAR, VID, VIDEO, VIFF, VIPS, VST, WBMP, WEBM, WEBP, WMF, WMV, WMZ, WPG, X, X3F, XBM, XC, XCF, XPM, XPS, XV, XWD, YCbCr, YCbCrA, YUV gd_version: bundled (2.1.0 compatible) gd_formats: GIF, JPEG, PNG, WebP, BMP ghostscript_version: 9.53.3 ### wp-server ### server_architecture: Linux 5.15.12-1-MANJARO x86_64 httpd_software: nginx/1.17.10 php_version: 7.4.28 64bit php_sapi: fpm-fcgi max_input_variables: 10000 time_limit: 3 memory_limit: 1G max_input_time: 900 upload_max_filesize: 100M php_post_max_size: 100M curl_version: 7.74.0 OpenSSL/1.1.1k suhosin: false imagick_availability: true pretty_permalinks: true ### wp-database ### extension: mysqli server_version: 10.3.27-MariaDB client_version: mysqlnd 7.4.28 max_allowed_packet: 33554432 max_connections: 151 ### wp-constants ### WP_HOME: undefined WP_SITEURL: undefined WP_CONTENT_DIR: /app/wp-content WP_PLUGIN_DIR: /app/wp-content/plugins WP_MEMORY_LIMIT: 40M WP_MAX_MEMORY_LIMIT: 1G WP_DEBUG: true WP_DEBUG_DISPLAY: true WP_DEBUG_LOG: true SCRIPT_DEBUG: false WP_CACHE: false CONCATENATE_SCRIPTS: undefined COMPRESS_SCRIPTS: undefined COMPRESS_CSS: undefined WP_ENVIRONMENT_TYPE: Undefined DB_CHARSET: utf8mb4 DB_COLLATE: undefined ### wp-filesystem ### wordpress: writable wp-content: writable uploads: writable plugins: writable themes: writable mu-plugins: writable }}} " mitogh 40 55302 Improve media library upload progress indicator Media normal normal Awaiting Review defect (bug) new 2022-03-03T04:56:51Z 2022-07-06T16:47:18Z "When uploading in the media library, the progress bar shows the ''upload progress'' of the image. Once the image is fully uploaded WordPress creates the sub-sized images used to serve images on the front end. Depending on your configuration (theme, plugins, server), and the upload size this can take quite a while to complete. During sub-sized image creation, the progress bar for the image shows as ""full"". Finally, when the image sub size generation completes, the image changes from a gray box to the thumbnail of the uploaded image and if multiple images have been uploaded, the uploader moves on to the next image. Screencast attached. The problem here is that no progress is shown for the image regeneration phase. Uploading in the block editor works a bit differently: as soon as the image is dropped onto the editor to upload, a grayed out version of the image is shown with a spinner. The spinner spins during the upload and continues spinning during sub-size creation. Finally, when all sub sizes are created, the image becomes fully saturated and the spinner goes away. **Looks like this is changing to a progress bar though**, see https://github.com/WordPress/gutenberg/issues/13984 & https://github.com/WordPress/gutenberg/tree/trunk/packages/block-editor/src/components/media-upload-progress Two potential improvements we could make in the media library: 1. immediately show the thumbnail of the dropped image instead of the gray box 2. switch to a spinner entirely, or for the image regeneration phase or try to show actual progress. The challenge with showing progress is we don't know how long the request will take on the server." adamsilverstein 2 55306 Before posts/pages listing if there multiple filter drop-downs, view of pagination buttons are not better looking. has-patch Posts, Post Types 5.9.1 normal normal Awaiting Review enhancement new 2022-03-03T12:21:37Z 2022-04-27T11:50:32Z "While working on multiple drop-downs for particular post type, I came to find this bug when there is pagination is involved, UI is slightly damaged. Check the attachments for more details. " haritpanchal 55309 Incorrect post comment count after deleting comment with replies dev-feedback Comments 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-03T16:29:07Z 2022-03-03T17:50:55Z "If you move a comment to the trash, and that comment has sub-comments, none of those comments are visible (which is desired) but post->comment_count is reduced by 1 rather than by the total number of comments that have now been hidden. For example: post has 1 comment with 3 replies. Comment count is 4. Delete the first comment. Now no comments are visible but comment count is 3. The first comment has comment_approved set to 'trash' but the other 3 comments are still '1'. Perhaps the right fix is that when trashing a comment, all of its sub-comments are also trashed explicitly rather than implicitly." jwz 1 55314 When saving edits to the footer in editor (beta), saving fails Editor 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-04T00:09:24Z 2022-03-04T00:09:24Z "When editing the page template, saving changes made to the footer fails while saving changes to other blocks works. When saving changes to the footer, this request {{{ POST https://apgtest.dreamhosters.com/wp-json/wp/v2/template-parts/twentytwentytwo//footer?_locale=user }}} {{{

    Proudly powered by WordPress

    }}} results in this response {{{ 418 I'm a teapot }}} " garnitchique 55315 SVGs in editor (beta) Editor 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-04T00:11:38Z 2022-03-04T00:11:38Z When adding an SVG to the header as logo or image, it uploads fine (after installing an SVG plugin) and is displayed when viewing the site, but it disappears in the editor. garnitchique 55320 Twenty Twenty-Two: Add Drop cap feature and the ability to change color of individual words other than links Bundled Theme normal normal Awaiting Review enhancement new 2022-03-04T13:39:24Z 2024-02-01T09:16:50Z "The monitor of the Twenty Twenty-Two forum asked me to relay this information to you: t-p wrote: If the theme is to be as flexible as suggested by the authors then the Drop cap as an option should be set true from the start so that all users can benefit, irrespective of technical knowledge. Please report that via https://core.trac.wordpress.org/newticket Please use the “Bundled Theme” component and start the Summary field with Twenty Twenty-Two Post Link: https://wordpress.org/support/topic/theme-upgrades-please/?view=all#post-15424860 ----------- Thank you." daveydo 1 55321 Adding new themes in releases without a global theme auto-update setting renders installations insecure pbiron Upgrade/Install normal normal Future Release enhancement assigned 2022-03-05T01:23:28Z 2022-11-02T22:37:42Z "I'm a member of a student organisation offering hosting to other student organisations at a Belgian university. Thanks to WordPress, organisation with a complete lack of technical ability are able to maintain a website, largely through enabling automatic updates of WordPress, its plugins and its themes. I understand it's a conscious choice of WordPress to add a theme every year through its releases. While I'm personally not a huge fan of these themes being added, I understand there isn't much we can do about that. However, many of our organisations assume that once they have enabled auto-updates, they're largely safe from maintenance issues. This isn't the case however since our a twentytwentytwo has only been installed a few months ago and very recently received its first update. There doesn't seem to be a global setting to enable all auto-updates or auto-updating for all themes anywhere in the web interface of WordPress. This will mean that we will have to email each organisation to try to explain what they have to do and how. This seems contradictory to the idea of WordPress being very user-friendly even for those with little technical skills. I would therefore either recommend a global setting concerning auto-updates, or ending the practise of adding a new theme every year without user consent." bertvandepoel 15 55323 When an image is edited the URL of the image is not updated Media 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-06T01:31:01Z 2022-03-07T19:34:24Z "When an image is edited from the image editor, after an edit has been applied, the URL of the image is not updated due it always references back to the original image instead of referencing the image to the updated image (when the edit has been applied to all images sizes). == Steps to replicate the problem. 1. Upload an image into the media library 2. After the image is uploaded into the media library click on Edit image 3. Apply an edit to the image, either rotate, flip or crop, 4. Make sure that the option is applied to all images sizes. 5. Click on Save 6. Observe how the URL of the image (see attached image), by clicking on Copy URL to the clipboard 7. Open the copied URL into a new tab the copied URL still references to the original image, and not the edited image instead. " mitogh 2 55324 Twenty Twenty: Scroll to top not working reporter-feedback Bundled Theme normal normal Awaiting Review defect (bug) new 2022-03-06T08:56:27Z 2022-06-24T07:11:04Z "For whatever reason, in my installation the scroll to top arrow doesn't work. I changed {{{#!php }}} to {{{#!php }}} and it was working again. Maybe worth patching? Another alternative would be {{{#!php }}} " Presskopp 4 55326 Conditional classes directives in formatting Formatting 5.9.1 normal normal Awaiting Review feature request new 2022-03-06T18:01:43Z 2022-03-07T02:02:55Z "Hey people, I am here with a suggestion and core feature request for conditional classes directive for HTML class attribute. Similar to [Laraval conditional-classes](https://laravel.com/docs/9.x/blade#conditional-classes) If this function is already available in WP then please let me know about it, I wasn't able to find a similar function. There are many cases in development where we're creating a `$clasess` array variable and then with if-else or using conditional statements adding classes into it. While working with PHP code the code/file format in files look good and it's easy to manage but sometimes with HTML and PHP combination writing inline if-else make the code/file format ugly. and we also have to repeat the escape and echo things again n again if we have a couple of conditional CSS to write. I have created this custom code to use in my custom development, which allows passing set or array or single sting or strings with comma/space and then it conditional validate and output the string. {{{#!php $class_name ) { // Check if array has integer key, which means no conditions // are set for this class, if class is not empty then keep it. if ( is_int( $key ) && is_string( $class_name ) && ! empty( $class_name ) ) { $class_set[] = trim( $class_name ); } elseif ( ! empty( $class_name ) && ! empty( $key ) ) { $class_set[] = trim( $key ); } } /** * Filter array with empty values. * Make array unique. * Sanitize class name. * Implode by space. */ $output = implode( ' ', array_map( 'sanitize_html_class', array_unique( array_filter( $class_set ) ) ) ); } } if ( $echo ) { echo esc_attr( $output ); } else { return esc_attr( $output ); } } }}} so using this function we could save time to not write a few lines of if-else and keep the code look clean and simple as well, e.g. {{{#!php '; }}} this will convert into this. {{{#!php has_post_thumbnail(), 'is-featured' => has_term( 'featured', 'category' ), ), ); echo '
    ; // false is for returning the values. }}} however, it does not save too many lines but we are repeating things less and I feel it looks clean in code reading. :) But this function can be very useful while writing mixed HTML and php. {{{#!php "">
    }}} {{{#!php is_sidebar_active( 'right-sidebar' ) && is_sidebar_active( 'righleft-sidebar' ), 'col-md-8' => ! is_sidebar_active( 'right-sidebar' ) && is_sidebar_active( 'righleft-sidebar' ), 'col-md-8 md-offset-4' => is_sidebar_active( 'right-sidebar' ) && ! is_sidebar_active( 'righleft-sidebar' ), 'col-md-8 md-offset-2' => ! ( is_sidebar_active( 'right-sidebar' ) && is_sidebar_active( 'righleft-sidebar' ) ), ); ?>
    "">
    }}} Please let me know what you people think about having a directive function for classes. Thanks," vijayhardaha 2 55328 PHP warning on rename() inside download_url() in /wp-admin/includes/file.php dev-feedback Filesystem API 5.9 normal normal Awaiting Review defect (bug) new 2022-03-07T12:34:54Z 2023-03-17T19:11:01Z "Hi, I struggle with the following warning on my WordPress site (version 5.9.0 and currently 5.9.1) whenever I update the plugins: {{{ PHP Warning: rename(/tmp/plugin-name.tmp,plugin-name.plugin-version.zip): Permission denied in /wp-admin/includes/file.php on line 1201, referer: siteURL/wp-admin/plugins.php }}} The warning is triggered by rename() function inside download_url()in /wp-admin/includes/file.php on line 1201. It's been logged on the site since support for Content-Disposition filename was added in WP 5.9: developer.wordpress.org/reference/functions/download_url/ The warning is also getting logged in WP 5.9.1. My site uses ftpext filesystem and I believe this is why 'permission denied' warning is triggered. The plugins update successfully, with no other issues, however, the above warning is logged every single time. Would it be possible to exclude Content-Disposition filename support if website uses ftpext filesystem method? " devbd 3 55329 add_clean_index function throws PHP notice error Upgrade/Install normal normal Awaiting Review defect (bug) new 2022-03-07T13:59:36Z 2022-03-08T17:45:01Z "When I tried to add index for newly created column my error log filled with php notice 25 times because of the function `drop_index` which is called inside the function `add_clean_index`. Sample snippet: {{{#!php base_prefix . 'defender_lockout_log'; $column_name = 'country_iso_code'; $create_ddl = ""ALTER TABLE {$table_name} ADD {$column_name} CHAR(2) DEFAULT NULL""; maybe_add_column( $table_name, $column_name, $create_ddl ); add_clean_index( $table_name, $column_name ); } }}} Error: {{{ [Mon Mar 07 18:45:40.809008 2022] [php:notice] [pid 1167] [client 127.0.0.1:48886] WordPress database error Can't DROP 'country_iso_code_1'; check that column/key exists for query ALTER TABLE `wp_defender_lockout_log` DROP INDEX `country_iso_code_1` made by require_once('wp-admin/network/admin.php'), require_once('wp-admin/admin.php'), require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('init'), WP_Hook->do_action, WP_Hook->apply_filters, WP_Defender\\Upgrader->run, WP_Defender\\Upgrader->upgrade_2_8_1, WP_Defender\\Upgrader->add_country_iso_code_column, add_clean_index, drop_index, referer: http://multi.test/wp-admin/network/update.php?action=upload-plugin&package=55&overwrite=update-plugin&_wpnonce=c8b371f5b8 }}} ---- Error log screenshot: [https://i.postimg.cc/2jqsb3Z4/bug-report.png] " gvgvgvijayan 1 55330 Set global_styles_svg_filters transient to return true causing symbol `1` to be appeared on the screen in a production mode General 5.9.1 normal trivial Awaiting Review enhancement new 2022-03-07T18:14:12Z 2022-03-08T06:49:37Z "WordPress 5.9.1 PHP 8.0.15 When I set `global_styles_svg_filters` to return true (to prevent from being set - I don't use `theme.json` but request is sending so I want to disable it) it renders `1` at the top of the website Steps to reproduce on TwentyTwentyTwo theme: 1. Paste these lines in `functions.php` {{{#!php get_error_code() || 'empty_password' === $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : ''; } }}} Then: {{{ class=""input"" value="""" size=""20"" autocapitalize=""off"" /> }}} Fix is to late escape only, and remove the top one." johnjamesjacoby 3 55336 Query strings with reserved characters get wrongly redirected to encoded variant at the root level. dev-feedback General normal normal Awaiting Review defect (bug) new 2022-03-08T09:18:23Z 2022-05-01T03:59:49Z "The asterisk (""*"", ASCII 2A hex) and exclamation mark (""!"" , ASCII 21 hex) are reserved for use as having special significance within specific schemes. Source: https://www.w3.org/Addressing/URL/4_URI_Recommentations.html More here: https://developers.google.com/maps/url-encoding WordPress however, redirects to a URI encoded variant when the query string at the root level contains these reserved characters. So, https://wordpress.org/plugins/?test=123*456 doesn't redirect. While https://wordpress.org/?test=123*456 redirects to https://wordpress.org/?test=123%2A456. This is quite problematic for all WordPress sites that use for example Google Analytics 4 (GA4) cross-domain tracking. GA4 relies on a query string containing asterisks. Source: https://support.google.com/analytics/answer/10071811?hl=en " madstegge 4 55339 Date changes to ordered list (and default 1. 1.) when at beginning of line Date/Time normal normal Awaiting Review defect (bug) new 2022-03-08T11:54:11Z 2022-03-08T11:54:11Z "Hi, I have found that when I write a date (e.g. ""5. dubna 2022"" that is 5th of April, but in Czech format) at the beginning of line in post that WordPress renders it to default 1.1. at frontend. Text remains the same at backend but generated post at frontend: - changes to 1. 1. 2022 - and in html code there is ordered list When any characters are before the date on that line, nothing changes at frontend." jhn11 55343 "Add Tooltip to ""Remember Me"" (WP Login Form)" rajinsharwar dev-feedback Login and Registration normal normal 6.6 enhancement assigned 2022-03-08T16:33:44Z 2024-02-12T14:59:54Z "Currently, WordPress' login form has a checkbox labeled ""Remember Me."" Over the years, there's been some debate over the verbiage used for ""Remember Me"" (say, versus ""Stay Logged In"" or ""Keep Me Logged In"") and what it really means. To eliminate any confusion, this is to request the [https://ibb.co/fkqN7Vz /addition of a tooltip] next to ""Remember Me"" in the form of a question (?) mark. Further, the tooltip can offer a security warning to all users. The content (text) for the tooltip could be: ""**Selecting Remember Me reduces the number of times you’ll be asked to log in using this device. To keep your account secure, use this option only on your personal devices.**"" Also, in anticipation that this enhancement request will be approved, I would like to recommend updating the [https://developer.wordpress.org/reference/functions/wp_login_form /affected codex page] for the login form to add a code snippet that will allow developers to change the content (text) of the tooltip to suit their needs. The above would be a nice addition or update to WordPress' login form. Thank you." generosus 7 55344 Resources for hidden widgets are loaded on WP dashboard adamsilverstein* Administration normal normal Future Release feature request accepted 2022-03-08T17:39:03Z 2023-07-21T10:00:14Z "When plugins are placing widgets on the WordPress dashboard and these are hidden via the Screen Options the resources of those widgets are still loaded. In the Sources tab of the browser console this can easily be checked. I've noticed this with multiple plugins, so it looks like a core bug. It would save resources and increase performance of the dashboard if hidden items are not loaded. I've asked in the #performance Slack channel, where I was asked to create a ticket to report this as a bug." josklever 9 55345 When uploading image through featured image section, the image item count is wrong. Media normal normal Awaiting Review defect (bug) new 2022-03-08T17:45:56Z 2022-06-08T14:17:41Z "When uploading image through featured image section, the image item count is wrong. === Env * 5.9.1 * Brave, Chromium * Win 10 * Theme : TT2 * Plugins: None === Test Instruction * Open Post Editor and click on 'Set featured image' option. * Notice the total number of existing images * Upload a new image into the featured image section. * Now notice the number of images (+2) * Reload the page, and now the count corrects itself. When uploading image directly to the featured image section of the post editor, the media item count works correctly. " alanjacobmathew 1 55358 Passing int term term_exists parent param not respected has-patch Taxonomy normal normal Future Release defect (bug) new 2022-03-09T18:31:11Z 2024-02-05T21:30:21Z "If a developer calls terms_exists, with an int as term and parent as an int, the parent value is not respected. So example this will not work. {{{#!php $term = term_exists( 123, 'category', 1); }}} The code will check to see if term 123 exists, but will ignore parent value. This may result in correct / unexpected results. " spacedmonkey 3 55361 WordPress database error Deadlock found when trying to get lock on wp_get_global_styles_svg_filters close Editor 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-10T07:36:33Z 2023-10-30T16:59:30Z "I don't know where to ask this question but i have these error messages in my log file. The template just calls wp_body_open after the body tag. I can see a filter is added for body open that renders svg filters in the default_filters.php in wordpress. https://share.getcloudapp.com/5zuLpONl https://share.getcloudapp.com/6quZ7Jvz But how do i get rid of these entries in the error log and where are they coming from? It seems that wordpress is triggering these. Can you please advice on how to get rid of these messages in the error log WordPress database error Deadlock found when trying to get lock; try restarting transaction for query DELETE FROM `wp_options` WHERE `option_name` = '_transient_global_styles_svg_filters_champion' made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/champion/template_sections.php'), get_header, locate_template, load_template, require_once('/themes/champion/header.php'), wp_body_open, do_action('wp_body_open'), WP_Hook->do_action, WP_Hook->apply_filters, wp_global_styles_render_svg_filters, wp_get_global_styles_svg_filters, get_transient, delete_option " BackuPs 2 55368 Handle ajax failure when doing actions on themes/plugins Administration 5.9.2 normal normal Awaiting Review defect (bug) reopened 2022-03-11T05:36:32Z 2022-05-30T17:21:05Z "When maintenance mode is active or the server is unresponsive for any reason, there are some ui issues in ajax-related messages like: - When trying to delete a plugin: ""Deleting..."" forever. No error shown. - When trying to enable auto-updates on a plugin: ""Enabling..."" forever. ""The request could not be completed"" error is shown. Same for disabling. - When trying to delete a theme: ""Deletion failed: undefined"" error shown. - When trying to enable a theme: ""Enabling..."" forever. ""The request could not be completed."" error shown. Same for disabling. Check the screenshots attached below. I tried to stay short in title description but I'm not sure it's 100% clear." mirkolofio 4 55369 Block styles preview are unstyled since 5.9 if styles are in a global editor styles css reporter-feedback Editor 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-11T05:45:09Z 2022-03-11T18:49:16Z "Hello, Block stlyes registered with {{{ wp.blocks.registerBlockStyle( 'acf/featured-news', { name: 'featured-news-black', label: 'Featured news black', isDefault: false, } ); }}} Editor stylesheet enqueued with: {{{ function legit_block_editor_styles() { wp_enqueue_style( 'legit-editor-styles', get_theme_file_uri( '/style-editor.css' ), false, '11.0', 'all' ); } add_action( 'enqueue_block_editor_assets', 'legit_block_editor_styles' ); }}} Since WordPress 5.9 the iframe that shows the block styles show them unstyled as doesn't include the style-editor.css Thank you " JohnDBB 2 55376 Use wp_filesize in core has-patch General normal normal Future Release enhancement new 2022-03-11T14:42:42Z 2023-07-10T13:05:00Z Introduced in [52837] as part of #49412, the `wp_filesize` function is a wrapper around filesize. It has some improves on this function, like casting to int and filters. The filesize function is call throughout core functions. This function may be useful in more contexts. spacedmonkey 11 55380 Updating from 5.8.2 to 5.9.2 breaks default website (no additional plugins) Upgrade/Install 5.9.2 normal major Awaiting Review defect (bug) new 2022-03-11T21:14:36Z 2022-03-11T21:25:08Z "I wanted to test some plugins on my local server. I had old WordPress 5.8.2 archive. I installed it and then it automatically updated. Immediatelly after that my website broke. I didn't install any additional plugins. Server: Apache 2.4 PHP: 7.4 MySQL: 8.0 {{{ Fatal error: Uncaught Error: Call to a member function switch_to_blog() on null in C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\cache.php:239 Stack trace: #0 C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\load.php(727): wp_cache_switch_to_blog() #1 C:\OpenServer\domains\visualelementor.nodomain.me\wp-settings.php(131): wp_start_object_cache() #2 C:\OpenServer\domains\visualelementor.nodomain.me\wp-config.php(95): require_once('C:\\OpenServer\\d...') #3 C:\OpenServer\domains\visualelementor.nodomain.me\wp-load.php(50): require_once('C:\\OpenServer\\d...') #4 C:\OpenServer\domains\visualelementor.nodomain.me\wp-admin\admin.php(34): require_once('C:\\OpenServer\\d...') #5 C:\OpenServer\domains\visualelementor.nodomain.me\wp-admin\index.php(10): require_once('C:\\OpenServer\\d...') #6 {main} thrown in C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\cache.php on line 239 Fatal error: Uncaught Error: Call to undefined function __() in C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\class-wp-fatal-error-handler.php:188 Stack trace: #0 C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\class-wp-fatal-error-handler.php(152): WP_Fatal_Error_Handler->display_default_error_template() #1 C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\class-wp-fatal-error-handler.php(57): WP_Fatal_Error_Handler->display_error_template() #2 [internal function]: WP_Fatal_Error_Handler->handle() #3 {main} thrown in C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\class-wp-fatal-error-handler.php on line 188 }}} " rinart73 1 55385 Error in Search reporter-feedback Posts, Post Types normal normal Awaiting Review defect (bug) new 2022-03-13T13:12:40Z 2022-03-26T02:59:53Z "Hi Support, When we are searching any keyword which start from .profile it send the backend normal post and page search to the frontend not found. Instead it should stay on same page and show not found. For example please search this www.profile.com and it will send you to frontend. Can you please advise why it is happening ? Regards, Himanshu" himanshushokhanda 2 55387 $wp_filesystem->dirlist() can return false and that should be checked for before iterating over the return value pbiron has-patch Filesystem API 2.8 normal normal Future Release defect (bug) assigned 2022-03-13T19:22:47Z 2022-04-30T16:17:06Z There are a number of cases in core (e.g., https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/class-wp-upgrader.php#L500) where the return value of `$wp_filesystem->dirlist()` is assumed to be an array. But since that method can return `false`, we should always check for that before iterating (or calling `array_keys()` or `array_values()` on it) over the return value. pbiron 2 55390 Not able to choose Color picker in customizer when the blocks are added in widget Editor 5.9.2 normal major Awaiting Review defect (bug) new 2022-03-15T13:21:58Z 2022-03-16T09:17:28Z "Hi Team, I hope you are doing well and safe! I would like to highlight an issue with the color picker in the customizer when using the blocks in widgets. 1. For choosing the custom color, whenever you click on the color selection, it will trigger a click event where it will ask you to leave the site or not? Here is the screenshot: https://share.bsf.io/YEur81BW 2. The color selection palette is not properly displayed. Here is the screenshot: https://share.bsf.io/wbuzJ0zq Furthermore, I have gone ahead and found that this issue is coming from WordPress version 5.9.2 Also, I have demonstrated a video that would help you check it on your end too. This issue is occurring on default themes as well as other famous themes as well. Here is the screencast: https://share.bsf.io/yAuKoy2J I would suggest you please check this on priority and release a patch for this issue, as users are facing lots of issues due to this. Looking forward to your response." nileshc 1 55401 Subpages of a web page can be called twice dev-feedback Permalinks 5.9.3 normal major Awaiting Review defect (bug) new 2022-03-16T15:48:12Z 2023-07-20T18:41:13Z "Subpages of any website created with WordPress can be accessed twice. If you add a /0/ to the end of the regular URL, the same page can be called again. This page with /0/ at the end of the URL will also be indexed in Google. Example: https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/ https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/0/" manuel10503 8 55404 Twenty Twenty-Two, Site Edit, Group with Background Color Overflows Page Size on Mobile Bundled Theme 5.9.2 normal minor Awaiting Review defect (bug) new 2022-03-16T16:56:30Z 2022-03-16T18:38:56Z "When you add a group block with a background color to a footer template in the full site editor, the group block will overflow the page on a mobile device by a few pixels. For example, on a device that is 360 pixels wide will have approximately 10 pixels of overflow. The offending party is this CSS code: {{{ .wp-site-blocks .alignfull, .wp-site-blocks > .wp-block-group.has-background, .wp-site-blocks > .wp-block-cover, .wp-site-blocks > .wp-block-template-part > .wp-block-group.has-background, .wp-site-blocks > .wp-block-template-part > .wp-block-cover, body > .is-root-container > .wp-block-cover, body > .is-root-container > .wp-block-template-part > .wp-block-group.has-background, body > .is-root-container > .wp-block-template-part > .wp-block-cover, .is-root-container .wp-block[data-align=""full""] { margin-left: calc(-1 * var(--wp--custom--spacing--outer)) !important; margin-right: calc(-1 * var(--wp--custom--spacing--outer)) !important; width: unset; } }}} Where margin-right is the source of the problem. Turning that style off in my browser's developer console eliminates the extra space." joshuanan 55406 Shortcodes don't work inside srcset attribute Shortcodes 5.8.3 normal normal Awaiting Review defect (bug) new 2022-03-16T21:54:43Z 2022-04-08T10:11:09Z "Hello, I have a simple shortcodes which replaces [uploads_directory] with the actual path. It doesn't work if I put it in a srcset attribute, while it works fine in a src attribute. {{{ }}} This is the code of the shortcode function {{{#!php suppress_errors` * the raw error string * the DB query associated with the error The result of filtering would determine whether `$wpdb->print_error()` returns early or logs the error, like `$wpdb->suppress_errors` does today. I have a patch for this and plan to submit a PR shortly after creating this ticket." bpayton 18 55415 Pluggable.php file is causing Fatal Errors reporter-feedback Plugins normal major Awaiting Review defect (bug) new 2022-03-17T17:46:55Z 2022-03-17T19:06:42Z "I'm facing an issue with my WordPress install. I have two plugins getting a PHP Fatal Error due to the pluggable.php file on my site using PHP 8.0. My host is Closte (closte.com). The host doesn't allow changes to WP core files. The plugin developers are saying that the issue is WordPress and not the plugin. I'm using the latest versions of the plugins and the latest version of WP. Here is the error I'm seeing: 1. PHP Fatal error: Uncaught Error: Call to undefined function wp_get_current_user() in /wp-content/plugins/updraftcentral/site-management.php:486 Would really prefer not to downgrade my PHP version so any help would be appreciated. " ceceet 8 55417 Text Highlighting Broken reporter-feedback Editor 5.9.2 normal normal Awaiting Review defect (bug) new 2022-03-17T21:25:47Z 2022-03-19T03:35:13Z Trying to add a custom HEX, RGB, or HSL colors using the UI is just broken. Trying to input values or paste in values doesn't work. I have tried disabling all plugins and have tested it on multiple wordpress.org sites. Editing the value in the code editor still works, but it's just less convenient. Hopefully, this can get fixed next update, thanks! notgeo 3 55421 Different CSS order causes inconsistency between editor and actual page Editor normal normal Awaiting Review defect (bug) new 2022-03-18T12:16:36Z 2022-03-18T12:16:36Z "Fresh WordPress, 2022 theme, no plugins. There are some styles loaded as an external file by ""load-styles.php"" in the editor while being inlined in the actual page. This creates different cascading between editor and actual page, and hence a different design. About the screenshot - the margin above the image disappears on the actual page because of the issue described. There is no way of recreating it without custom CSS." asafm7 55426 Two Categories in one URL; Shows Posts that are in BOTH Categories doesn’t work reporter-feedback Taxonomy 5.9.3 normal normal Awaiting Review defect (bug) new 2022-03-19T19:33:56Z 2022-05-17T21:23:45Z "Hey, so usually i was able to add two categories in the URL and it would only show Posts, that are listed in BOTH categories. The Link was always domain.com/category/cat1+cat2 and worked for years. When using that link it would only show the posts that are marked in BOTH categories. But i just tried to look for a post this way and that simply doesn’t work anymore. It only uses the first Category and ignores the Seconds. Has there been a change in the WP Core that i’m not aware of and is there a way to get back to that?" gooloode 12 55429 Coding Standard: Use spaces for JSON instead of tabs Build/Test Tools normal normal Awaiting Review feature request new 2022-03-21T09:15:09Z 2022-03-21T12:22:30Z "When PHP outputs JSON using `json_encode`, there's no option to output it with tabs instead of spaces. This is particularly relevant in since https://github.com/WordPress/gutenberg/pull/39048 merged - we now convert theme.json files that were using tabs to spaces. We could use a regex to convert these spaces back to tabs, but maybe its simpler to default to spaces for JSON files since that is the format that PHP uses. Opening this ticket to start the discussion..." scruffian 3 55437 Bugfix: Display correct theme in site editor SergeyBiryukov dev-feedback Themes 5.9 normal normal Future Release defect (bug) reopened 2022-03-22T03:31:29Z 2024-02-20T09:50:02Z "Scenario: Child themes inherit template parts from the parent theme but on the site editor page, the ""Added by"" column defaults to displaying the child theme even though the template parts are inherited from the parent. This creates confusion as to where the actual templates are located. Patch: https://github.com/ptahdunbar/WordPress/commit/25bbf034af03c9a4ea33a79d01f4d9c079750344 Probably should look into _build_block_template_result_from_post() as well. Possibly related to [52062]" ptahdunbar 16 55438 Flaky result when saving widgets in the Widgets Editor Widgets normal normal Awaiting Review defect (bug) new 2022-03-22T07:19:13Z 2022-03-31T09:47:43Z "I discovered this while trying to migrate the [https://github.com/WordPress/gutenberg/blob/3b1674a147c8e943b0d3727e0f4cbe379c2d9922/packages/e2e-tests/specs/widgets/editing-widgets.test.js#L123-L233 editing-widgets] e2e tests in Gutenberg. I think the test is currently skipped for the same reason. By un-skipping the test and running it several times, it sometimes fails at the last step where the snapshot doesn't match. It mysteriously contains a `wp_inactive_widgets: ''` field in the serialized result. I think the bug is from a race condition in the REST API. I managed to record a HAR file so that you can plug it in Chrome's devtools and inspect it. I'm not familiar with the PHP side of the code, but it seems like sometimes a widget block won't be saved to the specified sidebar, and instead be put inside `wp_inactive_widgets`. Maybe someone with more knowledge around this can help debugging it? Sorry that there's isn't a reliable reproduction steps though." kevin940726 1 55440 Introduce a wrapper fro setcookie() has-patch General normal normal Awaiting Review enhancement new 2022-03-22T10:54:04Z 2022-03-22T10:56:58Z "Recent browsers expect the parameter `samesite` to be set. A new parameter `sameparty` is on its way too. The old (PHP < 7.3) `setcookie()` signature doesn't accept these new parameters. It's however possible to set them with a hack. I propose to introduce a new `wp_set_cookie()` function to support all versions of PHP. I also propose to introduce a filter in this function. This should help for #37000." Chouby 1 55442 count(): Parameter must be an array or an object that implements Countable in /var/www/html/wp-includes/post-template.php on line 319 reporter-feedback Posts, Post Types normal normal Awaiting Review defect (bug) new 2022-03-22T21:59:34Z 2022-03-22T23:41:57Z "Call get_the_content() with no arguments and $post is null. If post is null then this is ran: {{{#!php $elements = compact( 'page', 'more', 'preview', 'pages', 'multipage' ); }}} Associate array has keys with null values. Then on lin3 319 is {{{#!php if ( $elements['page'] > count( $elements['pages'] ) ) { }}} Which causes this notice: {{{ Warning: count(): Parameter must be an array or an object that implements Countable in /var/www/html/wp-includes/post-template.php on line 319 Notice: Trying to access array offset on value of type null in /var/www/html/wp-includes/post-template.php on line 325 }}} " davidscpl 2 55443 Create WebP sub-sizes and use for output adamsilverstein needs-docs Media 6.0 normal normal Future Release enhancement reopened 2022-03-22T23:15:33Z 2023-03-02T18:51:15Z "=== Summary This ticket introduces core support for generating and using additional mime types for sub-sized image uploads, with a focus on the WebP format. In addition, it filters frontend content to use the modern format when available for an image. After this change, WordPress will generate and use WebP sub sizes by default when available. Currently, when users upload images in a supported mime type like JPEG or WebP, WordPress creates sub-sized images of the same type for use on the front end. In WordPress 5.8 we introduced the `image_editor_output_format` filter to enable filtering the mime type used to save images. This ticket introduces the capability to generate more than a single mime type. For example, when users upload JPEG images, WordPress can automatically generate both WebP and JPEG sub-sized images. Then WordPress can use the WebP images when serving up the front end. JPEG images are still being generated by default, to support other use-cases outside of common web browsers (e.g. email newsletters) where WebP may not be supported yet. The above is only the default though - the behavior of which image formats are generated and used can be customized via filters. === New Filters This patch introduces two new filters, one to control the mime types WordPress generates when you upload an image and one to control which image mime type is used for displaying images on the front end of the website. ==== Mime type image generation filter This patch adds a new filter named `wp_upload_image_mime_transforms` (and similarly named function) that maps the upload image mime type to an array of one or more output mime types: By default, the mapping is: {{{ array( 'image/jpeg' => array( 'image/jpeg', 'image/webp' ), 'image/webp' => array( 'image/webp', 'image/jpeg' ), ); }}} The attachment id is also passed to the filter for context. ==== Mime type front end output filter This patch adds a new filter `wp_content_image_mimes` for the front end that specifies the preferred format(s) to use for content output (as long as the image file is available). When outputting images in the content, the first mime type available will be used. The attachment id and context are also passed to the filter. === WebP as a default output format for images On the front end, sites will benefit from using WebP in place of JPEG for their images. Research on https://github.com/WordPress/performance/issues/7 indicates images will average around a 30% overall file size reduction. This work also includes verifying the visual image quality of the output using [https://github.com/kornelski/dssim dssim]. === Developers Note The function `make_subsize` in both of core’s bundled WP_Image_Editor implementations (WP_Image_Editor_Imagick and WP_Image_Editor_GD) has been updated to accept a `$mime_type` parameter which in turn passed the mime type to the `_save` function (which already supports a `$mime_type` parameter). If your code implements `​​WP_Image_Editor::make_subsize()` make sure you update your function to support the `$mime_type` parameter. Plugins that modify image use (CDN, S3) or already create alternate mime types should test integrating with the code on this ticket and consider supporting the new sources meta data. === How to Test Test with this patch or the Performance Lab [https://wordpress.org/plugins/performance-lab/ plugin] Create a post and upload a jpeg image, placing in the post Publish the post and view it’s source code, the image URLs should be “.webp” images === Technical Details * In src/wp-admin/includes/image.php::wp_create_image_subsizes: loop through all of the mime types returned from the `​​wp_upload_image_mime_transforms` filter, generating sub-sized images for every mime format supported by the system. Default when a type isn’t mapped in the array is outputting in the mime type of the uploaded image. * `_wp_get_primary_and_additional_mime_types` extracts the primary and additional mime types * “Full” sized images are created for each mime type supported by the system with a `-{mime extension}` appended to the file name * When images over `big_image_size_threshold` are uploaded, the primary image gets a `-scaled` suffix (unchanged), alternate types get a `-{mime extension}-scaled` suffix * Similarly, alternate mime rotated images get a `-{mime extension}-rotated` suffix * New image meta `sources` array stores each mime type created for each full sized image and for each sub-sized image - both the file name (`file`) and size (`filesize`) are stored. * In src/wp-admin/includes/image.php::_wp_make_subsizes: * Using a mapping (from the input file mime type) provided by `wp_upload_image_mime_transforms`, output sub sized images in one or more output mime types * In src/wp-admin/includes/image.php * Add a new function `wp_upload_image_mime_transforms` as well as a matching filter named `wp_upload_image_mime_transforms` . Returns an array with the list of valid mime types that a specific mime type should be converted into. * In src/wp-includes/class-wp-image-editor-gd.php and src/wp-includes/class-wp-image-editor-imagick.php: * Update `make_subsize` to accept a new `mime_type` parameter that gets passed to the `_save` function when set (which already has a mime_type parameter). Add the new parameter to internal function calls as well. * In src/wp-includes/media.php: Adds new function `wp_image_use_alternate_mime_types` that is called for every image in `wp_filter_content_tags`. This function: * Adds a new filter `wp_content_image_mimes` that returns the mime type(s) to try to use for output, in the order they should be tried. The default order to try is array( 'image/webp', 'image/jpeg' ), meaning if a WebP version of the image exists, WordPress will use that image for the image tag output * Replaces all image components (including urls in the `src` and `srcset` attributes) when the same image is available in the preferred mime type * Returning an empty array will skip any image mime type substitution ( ie. `add_filter( ‘wp_content_image_mimes’, ‘__return_empty_array’ );` * In src/wp-includes/post.php::wp_delete_attachment_files: * Delete additional mime type images referenced in the image meta root ‘sources’ array as well as each sizes->sources array when present. This ensures that additional mime images are cleaned up if the original image is deleted. * In src/js/_enqueues/vendor/plupload/wp-plupload.js and src/js/_enqueues/vendor/plupload/handlers.js retry count is raised from 4 to 8. (Should this be filterable)? This change is to accommodate the larger potential number of images that need to be created. Note: needs to be changed in Gutenberg as well, see https://github.com/WordPress/gutenberg/blob/23f11a18726bf69717595451ab3250cb67b426f6/packages/api-fetch/src/middlewares/media-upload.js#L38 === PHPUnit test changes New sources data added to expected results in ` test_wp_generate_attachment_metadata_pdf`, `test_crop_setting_for_pdf` Remove new `wp_content_image_mimes` filter for tests in tests/phpunit/tests/media.php === Todo items remain for this patch: - Add tests for new filters `wp_content_image_mimes` and `wp_upload_image_mime_transforms` - Add full sized alternate mime creation for PDF upload special handling, see https://github.com/WordPress/wordpress-develop/pull/2393/files#r832651580 - Add REST support from https://github.com/WordPress/performance/pull/224 (or in follow up ticket) - Improve naming of rotated/cropped alternate mime images " adamsilverstein 200 55445 Should WP_Post_Type preserve Array of capability_type? Posts, Post Types normal minor Awaiting Review defect (bug) new 2022-03-23T03:57:40Z 2022-03-23T03:57:40Z If I register a post type with `capability_type` as an array `capbility_type => array( 'singular', 'plural' )`. The WP_Post_Type object only holds onto the singular capability_type. Should the object preserve the array since it has singular and plural? Howdy_McGee 55449 "More filter options for searching theme's & plugins - ""Last updated"" / ""Test with my WP version""." Plugins normal normal Awaiting Review enhancement new 2022-03-23T11:30:36Z 2022-03-23T11:30:36Z "When I'm looking in WP to install a new theme/plugin I find it quite annoying that I'm unable to filter my search results a bit more. When I'm looking for a new plugin for a certain goal, I would love to filter on two things. 1) If the plugin is tested or not (and working) on my current WP version. 2) If the plugin got a recent update. (Maybe this might be a setting the user can choose. Since, for some is recent 1 year and for others it's 1 month.) I think these filter options, with maybe checkmarks ...? could fit nicely on where I placed green in the attached screenshot. " NekoJonez 55452 `safecss_filter_attr` removes background-images with URL parameters Formatting normal normal Future Release defect (bug) new 2022-03-23T21:41:18Z 2022-04-20T20:22:16Z "If you try to add a background-image using an inline style, and the URL has query parameters (specifically, an `&`), the background-image will be stripped from the content. What seems to be happening: the `&` is encoded, and becomes `&`, and when `safecss_filter_attr` splits the `$css` into separate declarations, it does so just by [https://github.com/WordPress/wordpress-develop/blob/ee96cedcb891c6a6e5b7b30a6f1c247345161b88/src/wp-includes/kses.php#L2242 breaking on a semicolon], which breaks the URL value. For example, `background-image:url(https://fake.test/image.png?a=1&b=2);` becomes `background-image:url(https://fake.test/image.png?a=1&` and `b=2)`, and neither are valid CSS. **To reproduce:** Try adding this Media & Text block, which uses this image: [https://img.rawpixel.com/s3fs-private/rawpixel_images/website_content/a005-scottw-465.jpg?w=1200&h=1200&fit=clip&crop=default&dpr=1&q=75&vib=3&con=3&usm=15&cs=srgb&bg=F4F4F3&ixlib=js-2.2.1&s=06d4e5a9962096a6010029591ae36198 https://img.rawpixel.com/s3fs-private/rawpixel_images/website_content/a005-scottw-465.jpg?w=1200&h=1200…] {{{

    ""Palm trees at Cape Town, South Africa"" by Scott Webb is marked with CC0 1.0.

    }}} When you save and view the post, the background-image is gone." ryelle 1 55454 clean_site_details_cache() doesn't clean all site caches Networks and Sites 4.7 low minor Awaiting Review defect (bug) new 2022-03-24T03:42:33Z 2022-07-20T07:39:54Z "clean_site_details_cache() clear's two caches: {{{ wp_cache_delete( $site_id, 'site-details' ); wp_cache_delete( $site_id, 'blog-details' ); }}} https://github.com/WordPress/wordpress-develop/blob/0b800e21c311e302824e4a025946a6fdb4f6c794/src/wp-includes/ms-blogs.php#L322-L337 But there's a third used within `get_blog_details()` that's closely related to those two caches: {{{ if ( $get_all ) { $details = wp_cache_get( $blog_id . 'short', 'blog-details' ); } else { $details = wp_cache_get( $blog_id, 'blog-details' ); }}} One could argue that the `blog-details` caches are not related to the `site-details` caches, but one would expect that if it clears some of them, that it'll clear all of them. `clean_blog_cache()` is a [https://developer.wordpress.org/reference/functions/clean_blog_cache/ much more comprehensive function] though: {{{ wp_cache_delete( $blog_id, 'sites' ); wp_cache_delete( $blog_id, 'site-details' ); wp_cache_delete( $blog_id, 'blog-details' ); wp_cache_delete( $blog_id . 'short', 'blog-details' ); wp_cache_delete( $domain_path_key, 'blog-lookup' ); wp_cache_delete( $domain_path_key, 'blog-id-cache' ); wp_cache_delete( $blog_id, 'blog_meta' ); }}}" dd32 1 55456 Double escaping wp_user-settings dev-feedback Users 2.7 normal normal Future Release defect (bug) new 2022-03-24T09:27:13Z 2022-05-02T10:41:08Z "Fresh install of WordPress with no plugins and using default Twenty Twenty Two theme. Either directly insert test data; {{{ INSERT INTO wp_usermeta (user_id, meta_key, meta_value) VALUES (1, 'wp_user-settings', 'foo=1&bar=1'); }}} Or activate this plugin; {{{ $media_title, 'tmp_name' => $tmp_name, ); try { $media_id = media_handle_sideload( $file, 0, null, array( 'post_author' => 0, 'post_name' => sanitize_title( $media_title ), ) ); } catch ( \Exception $e ) { error_log( print_r( $e, true ) ); } if ( is_wp_error( $media_id ) ) { error_log( print_r( $tmp_name, true ) ); } } }}} === Testing I've tried to test adding these `error_log` lines into method `pdf_load_source` of class `WP_Image_Editor_Imagick` (file `wp-includes/class-wp-image-editor-imagick.php`) {{{#!php pdf_setup(); error_log( ""Filename: "" . print_r( $filename, true ) ); if ( is_wp_error( $filename ) ) { return $filename; } try { error_log( ""Trying with "" . print_r( $this->image, true ) ); // When generating thumbnails from cropped PDF pages, Imagemagick uses the uncropped // area (resulting in unnecessary whitespace) unless the following option is set. $this->image->setOption( 'pdf:use-cropbox', true ); error_log( ""Option use cropbox true"" ); // Reading image after Imagick instantiation because `setResolution` // only applies correctly before the image is read. $this->image->readImage( $filename ); error_log( ""Image read tried"" ); } catch ( Exception $e ) { error_log( ""Catched"" ); // Attempt to run `gs` without the `use-cropbox` option. See #48853. $this->image->setOption( 'pdf:use-cropbox', false ); error_log( ""Option use cropbox false"" . print_r( '', true ) ); $this->image->readImage( $filename ); error_log( ""Image read"" . print_r( '', true ) ); } return true; } // ... } }}} with this result in `debug.log`: {{{ [23-Mar-2022 14:36:23 UTC] Into pdf_load_source [23-Mar-2022 14:36:23 UTC] Filename: //wp-content/uploads/2022/03/Product-XXXXX-FilamentClear_2018-1.pdf[0] [23-Mar-2022 14:36:23 UTC] Trying with Imagick Object ( ) [23-Mar-2022 14:36:23 UTC] Option use cropbox true }}} And none of the following `error_log` prints coming after this last line. === Other details * This happens with some pdf files (the one from the url in the code being one of them) * I've tried changing php version to the latest 8.1, but the issue persists " alceomazza 55459 Change Login Label name dev-feedback Login and Registration normal normal Future Release enhancement new 2022-03-25T09:31:21Z 2024-02-12T14:57:37Z "I wanted to change the Login Labels of my Login Page and couldn't find anything to hook as it is only labeled with raw values. It would be a lot better if there was anything else than gettext function to change the value. Maybe a filter. " wparslan 20 55463 Add a limit to _prime_*_cache functions spacedmonkey dev-feedback Cache API normal normal Future Release enhancement assigned 2022-03-25T12:18:10Z 2023-07-09T22:24:31Z "The _prime_*_cache functions, like `_prime_post_cache` do a simple query to prime caches. This does a IN request to get all the objects. As we know the number of objects we wish returned, as have an array, we can add a simple LIMIT to the query to improve the performance of the query. Example: {{{#!php $fresh_posts = $wpdb->get_results( sprintf( ""SELECT $wpdb->posts.* FROM $wpdb->posts WHERE ID IN (%s) LIMIT %d"", implode( ',', $non_cached_ids ), count( $non_cached_ids ) ) ); }}} " spacedmonkey 8 55465 Fix hiding playlist buttons from Add Media modal dialog has-patch Media 5.9.2 normal minor Awaiting Review defect (bug) new 2022-03-25T17:31:46Z 2022-03-25T18:59:18Z "==== How to reproduce On a fresh installation of WordPress 5.9.2 with [[https://wordpress.org/plugins/classic-editor/|Classic Editor]] plugin enabled, add the following lines to the default theme's `functions.php`: {{{#!php PHP Warning: ssh2_exec(): Unable to request command execution on remote host and on those severs all calls to `WP_Filesystem_SSH2::chmod()` basically become noops. Luckily, starting with version [https://pecl.php.net/package/ssh2/0.12 0.12], the ssh2 extension introduced [https://www.php.net/manual/en/function.ssh2-sftp-chmod.php ssh2_sftp_chmod()], and `WP_Filesystem_SSH2::chmod()` should be changed to use it." pbiron 1 55470 Allow for finer-grained callbacks for wp_list_comment Comments 2.7 normal normal Awaiting Review enhancement new 2022-03-27T17:48:00Z 2022-03-27T18:16:41Z "I've implemented a variety of different custom comment types, so logically, I'd like to allow for default customized comment output for these different types and still allow a theoretical theme to provide its own callback. Unfortunately, the only two options are a custom callback or a custom Comment Walker. Using the 'wp_list_comments_args' filter to make a custom comment walker the default, and reimplementing the start_el option is the only way to do this...but this means again, the possibility of unanticipated interaction. So, in thinking about this, proposing two enhancement options...looking for thoughts before I write up some code for consideration. 1. Enhance the callback argument in wp_list_comments. Allow it to be an associative array or a string. If an associative array, the key would be comment_type. It would allow the 'all' parameter key, which would mean that the 'all' callback would be used if nothing more specific was provided. If this is a string, it would just set that to the all parameter and use the same logic. This would allow differing callbacks to be called per comment...if you choose to display them mixed. 1. Add a filter inside start_el to allow for greater logic at this point before triggering the built-in or custom callback on a per-comment basis. Now, ideally, the solutions would be found in #35214 with some form of comment registration, but as that would have to be backward compatible, and that it has been 6 years since that conversation started suggests this simpler solution may make sense in the interim and even afterward." dshanske 1 55475 Add Lists to Favorites for Plugins Plugins normal minor Awaiting Review enhancement new 2022-03-28T19:42:42Z 2022-03-28T19:42:42Z "Currently, you can click the ""heart"" icon next to a plugin name in the WordPress.org plugins directory. Example for Gutenberg: https://wordpress.org/plugins/gutenberg/ Screenshot: https://cloudup.com/c-Uk_AX1Vg0 Your favorites show up in your WordPress.org profile. Example here: https://profiles.wordpress.org/dansoschin/#content-favorites I would like to propose the ability to create lists of favorites so that you can ""heart"" a favorite and then are prompted to add it to a new list, add it to an existing list, or add it to all lists. The purpose of this would be for folks who work on multiple projects and might like to create groups of plugins for various types of projects." dansoschin 55477 Add Custom Post Types Archive Pages to Sitemap Sitemaps 5.9.2 normal major Awaiting Review enhancement new 2022-03-29T14:41:52Z 2022-03-29T14:41:52Z "The CPT archive pages do not appear in the sitemap, and there are no suitable hooks to add them (e.g. `wp_sitemaps_posts_query_args`, `wp_sitemaps_posts_pre_url_list`, etc.). In my opinion it is necessary: * automatically include all archive pages of custom posts with `has_archive` other than `false`, and * insert a hook to add additional links Thanks!" delitestudio 55484 class-wp-editor.php line 1697 Editor 5.9.2 normal normal Awaiting Review defect (bug) new 2022-03-30T00:46:36Z 2022-03-31T19:32:19Z "Line 1697 of class-wp-editor.php should end with a semicolon. Otherwise, if the page is compressed errors are in the console and the editor isn't functioning correctly." karin2 2 55485 Clarify `wp_should_load_separate_core_block_assets()`, `block.json` script expectations Script Loader normal normal Awaiting Review defect (bug) new 2022-03-30T00:49:10Z 2023-10-25T10:27:44Z "In the `block.json` [https://github.com/WordPress/gutenberg/blob/45a8e6be0eb7fca87d64ce8140792b30e6bc4a20/schemas/json/block.json schema], the `script` property is described as: > ""Block type frontend and editor script definition. It will be enqueued both in the editor and when viewing the content on the front of the site."" From that description, I expect the `script` set in my block's `block.json` to load in the editor and on the front-end when my block is in use. I do not expect the script to load on the front-end when my block is not in use. If I activate TwentyTwentyTwo, everything works as expected. If I activate TwentyTwentyOne, my script appears on every front-end view, whether or not the block is loaded. The cause of this can be tracked to `wp_should_load_separate_core_block_assets()`, which has a short description of: > Checks whether separate styles should be loaded for core blocks on-render This implies at the beginning of the function documentation that the function will only apply to **core** blocks. The longer description helps a bit, but is muddied up in talking about core and third-party blocks separately when in reality it seems that they are treated the same. It mentions `block-library/style.css`, which itself implies this _might_ be talking about styles rather than all assets. The filter inside the function, `should_load_separate_core_block_assets`, defaults to `false` for themes that are not FSE and has a short description of: > Filters whether block styles should be loaded separately. The longer description refers only to ""core block assets"". ----- == Proposal My guess is that we can't just change the filter to default to `true`, though that would be ideal. :) I think the function docs could be clarified with something like: {{{ /** * Checks whether block assets should always load or only on-render. * * When this function returns true, block assets defined by the `script` and * `style` properties in `block.json` are loaded on-render. * * When this function returns false, these block assets are always loaded, * regardless of whether the block is rendered in a page. * * This only affects front end and not the block editor screens. }}} And the filter docs with something like: {{{ * Filters whether block assets should always load or load only on-render. * * Returning false loads all block assets, regardless of whether they are rendered * in a page or not. Returning true loads block assets only when they are rendered. }}} Previously #53505 " jeremyfelt 1 55486 register_block_type_from_metadata does NOT work within a theme but as a plugin General 5.9.2 normal minor Awaiting Review defect (bug) new 2022-03-30T01:02:26Z 2023-05-30T12:34:44Z "I created a wordpress block and it guides me to the official documentation and it came to work as an external plugin, taking into account the architecture of block.json for its use, however it has not worked for me when the block is required to be integrated into a theme, delivery wrong path request looking in plugin folder plus adding another path. example error peticion https://domain.local/wp-content/plugins/D:/xampp/htdocs/wp-content/themes/NewsPaper/inc/gutenberg/myblock/index.js?ver=d395fe5d9d90bd6565685c91d8d38888" andre3600 2 55488 Add a filter to array of allow ported number in multisite. Networks and Sites normal normal Awaiting Review enhancement new 2022-03-30T13:39:42Z 2022-03-30T13:39:42Z "The allowed port numbers to setup a multisite are fixed. See this line. {{{#!php if ( ( false !== $has_ports && ! in_array( $has_ports, array( ':80', ':443' ), true ) ) ) { }}} However, a site maintainer may want to change these values to help enable serving their multisite from a custom port. This ticket is a breakout from #21077" spacedmonkey 55490 wp-enqueue error generated by Appearance => Widgets Widgets 5.9.2 normal normal Awaiting Review defect (bug) new 2022-03-30T20:39:06Z 2022-03-30T20:39:06Z "Many complaints about this but I don't think issue has been resolved. Bringing up the admin screen for Appearance => Widgets generates this message: PHP Notice: wp_enqueue_script() was called incorrectly. ""wp-editor"" script should not be enqueued together with the new widgets editor (wp-edit-widgets or wp-customize-widgets). Please see Debugging in WordPress for more information. (This message was added in version 5.8.0.) in /home/dh_kscwksp/lirworkshop.dreamhosters.com/wp-includes/functions.php on line 5768 AND I seem unable to turn off the display you see in the screenshot using WPDEBUGGER, no matter what I do to settings, deactivation, removal." ksmithcamp 55492 `Dismiss Errors` button alignment is not centered in Media Library. has-patch Media 5.9.2 normal normal Awaiting Review defect (bug) reopened 2022-03-31T04:20:58Z 2022-05-11T07:15:04Z "When I drag/upload an SVG image in the Media library then it shows a mime types error and the ""Dismiss Errors"" button is not aligned properly." iamjaydip 2 55494 Include only Sticky Posts bug Editor 5.9.2 normal critical Awaiting Review defect (bug) new 2022-03-31T09:22:20Z 2022-03-31T13:21:19Z Hi there, in wordpress 5.9 last version, using editor to compose pages template, you may verify that if in 'Query loop' block you choose to select and view only sticky posts, it does not work. It shows instead all posts. Even Include and Exclude options are not working. ricoverato 1 55501 Multiple loader issue on admin general setting page. has-patch Administration 5.9.2 normal normal Awaiting Review defect (bug) new 2022-03-31T13:56:36Z 2023-10-26T20:18:00Z "When you select a new language from the general settings page and click submit multiple times, multiple loader images are appended. Step 1: Open settings -> general page Step 2: Select a new language from the site language option. Step 3: click the ""Save Changes"" button multiple times." bhaveshkhadodara 1 55503 Post Date display issue if we set empty from General Settings page Date/Time normal normal Awaiting Review defect (bug) new 2022-03-31T14:04:23Z 2022-03-31T16:41:44Z "Hello, I have faced one issue with the post date field on the backend side. If we set empty Date and Time format from the General Settings page then the post date will be empty displaying on the edit screen of an article(any post type). We need to set any default date and time format to display or make the Date format and Time format field required. If any admin set it empty mistakenly then it will take hours to figure out the root cause of the issue." rishishah 1 55509 CSS conflict in Custom Fields table has-patch Editor 5.9.1 normal normal Awaiting Review defect (bug) new 2022-03-31T21:33:26Z 2022-04-29T09:49:44Z "When using the [https://wordpress.org/support/article/custom-fields/ Custom Fields] feature, there are two conflicting CSS styles. More specifically the background-color in the following CSS bit: {{{ #postcustomstuff table { margin: 0; width: 100%; border: 1px solid #dcdcde; border-spacing: 0; background-color: #f6f7f7; } }}} with the background-color in the following CSS bit: {{{ .alternate, .striped > tbody > :nth-child(2n+1), ul.striped > :nth-child(2n+1) { background-color: #f6f7f7; } }}} resulting in all rows of the table in div#postcustomstuff to have the same background color (#f6f7f7)" princeofabyss 2 55514 2FA by default for WordPress Security normal normal Awaiting Review feature request new 2022-04-02T00:09:13Z 2023-03-06T10:25:11Z "Hi WordPress! Hope this message finds you well! I'm a senior security analyst/researcher from Sucuri and I wanted to reach out to you all with an inquiry and feature request. I initially reached out to Fio (my old colleague) from WordPress.com and he directed me here. Apologies if I should have submitted this to HackerOne instead, but it's not a specific ""vulnerability"" ''per se''. I'm writing a piece for our Sucuri blog on how 2FA-by-default should be in WordPress, similar to how Akismet is included in a default WordPress installation to combat comment spam. A HUGE number of website compromises that we deal with on a daily basis at Sucuri could have been avoided by a simple 2FA additional authentication. With WordPress being over 40% of the web, I think that 2FA-by-default could be a game changer in terms of making the web a much safer place and avoiding a LOT of headaches and malware issues for WordPress website admins. Adobe made 2FA default in all new Magento2 installations, as they were dealing with exactly the same chronic issues of security (abuse of public-facing login pages with no additional authentication). You can turn it off afterwards if you want, but it's included by default during the installation process. What are your thoughts on including 2FA by default in new wordpress.org installations? I know JetPack includes 2FA, but it's linked to wordpress.com and I understand that .com and .org need to remain rightfully separate. I'd like to include your thoughts in my blog piece if that's ok. Looking forward to hearing back! Cheers, Ben" jamsec 3 55515 About the problem that the php file of the theme editor and plugin editor cannot be edited in multi-site has-patch Networks and Sites 5.9.2 normal normal Awaiting Review defect (bug) new 2022-04-02T13:45:22Z 2022-04-02T14:30:49Z "Nice to meet you. Create a ticket for the first time. If you do not follow the rules, please let me know. In multi-site, when editing with the theme editor and plugin editor of the management screen, the php file is in an uneditable state. After verification, it was possible to solve it by changing the admin_url function on lines 552 to 562 of wp-admin / includes / file.php to the network_admin_url function. https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/file.php#L552-L562 The problem is that I'm making a validation request containing wp_scrape_key for a php file, but even for multi-site the request is now sent to /wp-admin/theme-editor.php. Therefore, when verifying wp_scrap_key, it will be redirected to /wp-admin/network/theme-editor.php and cannot be verified, resulting in loopback_request_failed that cannot be edited. This seems to be happening at all multi-sites. If anyone knows, please let me know." ishihara takashi 1 55521 Use dashicons-class in `wp_dashboard_quota` and `wp_dashboard_right_now` has-patch Administration 3.8 normal normal Awaiting Review enhancement new 2022-04-03T18:06:18Z 2023-12-01T08:06:21Z "Proposal: Replace hardcoded css-rules for each item in the `At a Glance`-widget, use dashicons-classes for each item. This makes adding new items to the widget easier, simply just add a `dashicons-before`-class the your new items. Background: So using `dashboard_glance_items` to add custom items to the post list is easy, but changing icons without adding new css with a file or inline to the admin views is hard, since the hardcoded rules overrides `dashicons-before` on my added items. " kebbet 3 55522 Misleading method names plugin_dir_path and plugin_dir_url has-patch Plugins 5.9.2 normal normal Awaiting Review enhancement new 2022-04-04T05:43:45Z 2022-04-07T17:18:01Z "The method names `plugin_dir_path` and `plugin_dir_url` names are very misleading. Both the methods, as their names suggest should either return the path and URL of the base plugin directory i.e. `wp-content/plugins` or a specific plugin directory based on plugin file path that is supplied in the methods. But in practice, they are designed to reurn any path starting from application root to theme and everything. Logically this is fine but ideally the behaviour should match the method names! The best option would be to have different method names for differnt purposes, e.g. `plugin_dir_path` and `file_path` although they are doing the same thing! But adding two new methods, that too for doing the same thing might not be a good idea. So I would suggest the following so that at least the methods can return base plugin dierectory pth and URL with no or empty value `_FILE_` is passed. {{{#!php create a new menu. See attached screenshots." afercia 1 55543 `add_menu_page` incorrectly requires SVG icon data URIs be base64 encoded Administration normal normal Future Release enhancement new 2022-04-07T23:00:35Z 2022-10-29T22:24:46Z "To determine if a developer is using an SVG in a menu, `add_menu_page` checks for a string beginning with `data:image/svg+xml;base64,`. [https://css-tricks.com/probably-dont-base64-svg/ SVGs aren't required to be base64 encoded] and encoding with base64 can increase the size of the attribute. The check ought to be modified to allow for additional encodings. " peterwilsoncc 55545 Twenty Fourteen: featured posts slider not working with an odd number of slides on mobile Bundled Theme normal normal Awaiting Review defect (bug) new 2022-04-08T04:46:25Z 2022-06-02T03:30:42Z "Hi there, I was able to replicate a bug on mobile where the featured image slider arrows would not work if the slider has an odd number of slides(3,5,etc) Tested with the latest version of WordPress and theme. I was able to see it in Chrome 100 and Safari 15" robertghetau 1 55548 "Unchecked ""Uncategorized"" checkbox re-checks itself upon publish or update of a post" dev-feedback Editor 5.9.3 normal normal Awaiting Review defect (bug) new 2022-04-08T21:02:10Z 2022-04-08T21:02:10Z "A WordPress-based news website's editorial team has problems with the ""Uncategorized"" category. 1. They create a post and check the desired category and uncheck the default ""Uncategorized"" category. 2. Then they click ""Publish"". 3. At the last second during the Publish operation, the Block Editor unchecks the user-selected category and re-checks ""Uncategorized"". 4. Then they have to go back into the post and attempt to uncheck ""Uncategorized"" and recheck the desired category. They have to do step 4 three or four times to get the result they want. Or they just use ""Quick Edit"" to change it in the post list. It doesn't happen every time and is sometimes difficult to reproduce. But it happens often enough to be a problem. I cannot find a way to consistently reproduce it. Nor can I find any indication that this is a known issue with WordPress. It will happen with or without plugins enabled. If there's no easy way to investigate or fix this in core, is there a way to add a script somewhere in the theme's functions.php or a jQuery script somewhere to ensure that ""Uncategorized"" *never* gets checked and that the originally-intended category remains checked? All the searches I do on Google for this topic ironically just reveal a bunch of posts on peoples' blogs that are set to ""Uncategorized""." rcwatson 55553 update_blog_option should accept autoload parameter dev-feedback Options, Meta APIs 5.9.3 normal normal Awaiting Review enhancement new 2022-04-10T21:22:46Z 2024-01-31T21:27:10Z The function update_blog_option doesn't accept any autoload parameter, even though it calls the function update_option that accepts an autoload parameter. giuse 2 55556 WP cron daily issue Cron API normal normal Awaiting Review defect (bug) new 2022-04-11T08:36:02Z 2022-04-11T08:36:02Z "In wordpress, a day is defined as having 24 hours: wp-includes/default-constants.php: define( 'DAY_IN_SECONDS', 24 * HOUR_IN_SECONDS ); but that doesn’t take summer/winter time into account of course. While it is being stated above the definition that these values are approximate and are provided for convenience, the DAY_IN_SECONDS is being used in the “daily” cron definition. This means - in case of DST - if you plan something to happen daily at midnight (say membership status recalc, half of the year it will happen one hour later/earlier (depending on the day you planned it initially). So, in order to be sure something happens daily “as soon as the new day starts”, you need to plan it at 01:00 at the earliest to be sure it is always on the same day (in case of DST). Since the fixed wp schedules are in fact “fixed”, why not have them calculate “daily” as the DateTime function “+1 day”? The same goes for weekly, monthly, yearly. The basic schedules could even be thrown away and WP could e.g. translate 'daily' to '+1 day' on the fly. I know WP cron doesn’t run exactly the moment you want it (unless you use system cron), but if running something “daily” at around midnight and it causes it to be ran at 23:00 instead, you might be giving people an extra free day entrance (again for memberships). Moreover, getting rid of ""schedules"" and moving cron to its own database table would be even better (planning a recurring action should not require the need for a schedule definition via a filter, but use ""last executed time"" + the recurrence definition in datetime notation as a cron-definition). But this last remark is a whole other discussion, so not for this issue (but I would be willing to invest time in this to help develop it)." liedekef 55561 Twenty Seventeen: Blurry header image on mobile Bundled Theme 5.9.3 normal normal Awaiting Review defect (bug) new 2022-04-12T08:32:41Z 2024-02-14T21:39:33Z "Steps to reproduce - Add a custom header image via the Customizer on Twenty Seventeen - View the site on desktop - View the site on mobile/use responsive design mode to see image on a smaller screen Image used: https://philnicktestahome.files.wordpress.com/2019/09/cropped-pexels-photo-2745258.jpeg This appears to be caused by the Responsive images settings inside the theme." robertghetau 2 55563 The function get_allowed_mime_types should check wp_get_current_user dev-feedback Formatting 5.9.3 normal normal Awaiting Review defect (bug) new 2022-04-12T10:19:16Z 2022-04-12T18:53:52Z "The function get_allowed_mime_types checks if the function current_user_can before using it, as you can see at https://developer.wordpress.org/reference/functions/get_allowed_mime_types/. The function current_user_can calls wp_get_current_user, as you can see at https://developer.wordpress.org/reference/functions/current_user_can/ If the function get_allowed_mime_types is called when wp_get_current_user doesn't exist yet, it triggers a fatal error. I think get_allowed_mime_types should check also if wp_get_current_user exist. I would write something like this: {{{#!php .wp-container-2 .alignleft { float: left; margin-right: 2em; }.wp-container-2 .alignright { float: right; margin-left: 2em; } }}} So a better output would be: {{{ }}} Or even no output at all, since those are default values. Now to the topic of Cumilative Layout Shift. Currently `wp-container` inline styles are being output in the `wp_footer` action unless user theme supports newest templates feature. This results in the following behaviour during the loading (Default Social Block as an example): [[Image(https://i.ibb.co/kmCtVVC/2-Annotation-2022-04-18-070146.png)]] And after page is fully loaded it looks like it's intented to be: [[Image(https://i.ibb.co/v3smntX/1-Annotation-2022-04-18-070139.png)]] Those styles either should be output in the `wp_head` action or right before block tags." rinart73 1 55586 `get_block_wrapper_attributes` generates PHP notices. dev-feedback Editor 5.6 normal normal Awaiting Review defect (bug) new 2022-04-18T16:12:37Z 2022-04-21T20:48:43Z "To replicate this issue: 1. Set both `WP_DEBUG` and `WP_DEBUG_LOG` in wp-config.php to `true` so that errors will be logged to `wp-content/debug.log`. 2. Using WP-CLI, run `wp shell`. 3. Call `get_block_wrapper_attributes();` in the terminal. 4. Note the errors and call stack output in `wp-content/debug.log`. It will look something like this: [18-Apr-2022 16:05:27 UTC] PHP Notice: Trying to access array offset on value of type null in wp-includes/class-wp-block-supports.php on line 94 [18-Apr-2022 16:05:27 UTC] PHP Notice: Trying to access array offset on value of type null in wp-includes/class-wp-block-supports.php on line 96 `get_block_wrapper_attributes()` makes a singleton call to retrieve the `WP_Block_Supports` object, which in turn calls `apply_block_supports` on that object. The `apply_block_supports` method presumes that there is an editor block already assigned to the object, and attempts to retrieve the block type by using the `blockName` set on in the array of the `$block_to_render` property. Since the default value on the `WP_Block_Supports` object is `null`, this generates the error. It seems that the easiest solution here is to return an empty array from `apply_block_supports` if `$block_to_render` is not set. Since `get_block_wrapper_attributes` is a public function that does not accept a block, it can be called outside of a sequence where `WP_Block_Supports` might already have set properties on the object. " jmichaelward 1 55587 Customize preview removes URL query parameters of the same name and keeps only the last one Customize normal major Awaiting Review defect (bug) new 2022-04-18T17:41:22Z 2022-04-18T17:41:22Z "It seems that when the customizer is rebuilding some of the URLs on the page if there are multiple query parameters of the same name/key (an array) in the URL, it only keeps the last one and removes the others. For example, while in Customizer, if you add a menu item with a custom link of `/my-page/?myvar[]=A&myvar[]=B` the URL of the menu for the preview is rewritten to `/my-page/?myvar[]=B&customize_changeset_uuid=...`, losing `myvar[]=A`. This is also happening to the URL of the page itself (the preview's IFRAME src) when for example there is a form with a multi-select field submitted. Assume we have the form below on /my-page/: {{{
    }}} If you select A and B and C and submit the form, it is expected that that page refreshes with the new URL of `/my-page/?myfield[]=A&myfield[]=B&myfield[]=C&customize_changeset_uuid=...`, however, I am seeing the following URL instead with the A and B values lost in the preview's IFRAME src: `/my-page/?myfield[]=C&customize_changeset_uuid=...`" xParham 55588 Enhancement request: Allow me to prevent admin_email changes Administration 5.9.3 normal minor Awaiting Review enhancement new 2022-04-18T19:06:11Z 2022-04-18T19:06:11Z "Subject says it all :) I would like a way to prevent changes to the admin_email option (the ""Administration Email Address"" on Settings -> General). The first/most obvious way to do this, to me at least, would be to create a new define, similar to WP_SITEURL, that always overrides the value of admin_email. That seems more comprehensive, but would involve digging into a lot of different places. Another possible implementation is to add a filter to update_option_new_admin_email (in wp-admin/misc.php) that lets you abort that call early." desmith 55589 geo URI scheme reporter-feedback General normal normal Awaiting Review enhancement new 2022-04-19T10:08:30Z 2022-05-12T19:24:25Z "Hello core team, since the URI scheme ""geo"" is becoming increasingly relevant, especially for mobile applications, I would like to suggest including it in the WordPress core. https://www.rfc-editor.org/rfc/rfc5870.html With kind regards" emedia3 1 55590 Twenty Twenty Two - Single Post Comment Form Button Font Family has-patch Bundled Theme 5.9 normal normal Awaiting Review defect (bug) new 2022-04-20T05:36:47Z 2022-04-29T15:33:11Z "In TT2 theme, the font of the Post Comment button of the comment form in the single post is different than others. Added a CSS code to fix that. https://github.com/WordPress/wordpress-develop/pull/2606 " kafleg 3 55596 Twenty Twenty-Two: font-smoothing antialiasing setting Bundled Theme normal normal Awaiting Review enhancement new 2022-04-21T03:40:13Z 2022-06-14T19:14:11Z "Currently, at the top of 2022's style.css, font-smoothing is enabled by default by the following: `body {-moz-osx-font-smoothing: grayscale;-webkit-font-smoothing: antialiased; }` Critics of such anti-aliasing font smoothing say that it actually degrades the clarity of fonts on computer screens, particularly dark text on a light background. It switches rendering from subpixel-rendering to pixel level rendering: https://usabilitypost.com/2012/11/05/stop-fixing-font-smoothing/ https://github.com/google/fonts/issues/1170 Perhaps, font-smoothing should not be enabled by default in the default WordPress theme. Cheers, Sam " happysadhu 1 55597 WordPress 6.0-beta2-53224 not creating .htaccess Permalinks 6.0 normal critical Awaiting Review defect (bug) assigned 2022-04-21T10:58:53Z 2022-05-24T18:46:49Z "on my development site (Plesk Obsidian, Centos 7.9) a fresh installed latest WP 6.0 beta2 does not create an .htaccess file at all. Steps: - wordpress-6.0-beta2.zip does not contain .htaccess - unzipped and uploaded to site - domain opened in browser - run set up process until login - no .htaccess created - table wp_options 'permalink_structure' contains ""/index.php/%year%/%monthnum%/%day%/%postname%/"" - login as admin - selecting a permalink structure and saving on /wp-admin/options-permalink.php - table wp_options 'permalink_structure' contains ""/%postname%/"" as expected - no .htaccess created - repeated saving of permalink structure does not help to create .htaccess - no entry in debug.log - as to be expected: permalinks not working in front end - only solution: create a basic .htaccess manually To me this seems a severe bug. Found this while testing one of my plugins on WP 6.0 before updating it to plugin repository Chris PS: no answer required " campation 17 55600 Can't save registered post meta field of type string that equals registered default value via REST API Options, Meta APIs normal normal Awaiting Review defect (bug) new 2022-04-21T13:47:24Z 2022-04-21T13:47:24Z "== Current behaviour Currently if you register a post meta key as string and set a default value: {{{ register_post_meta( 'my_cpt, 'my_meta', [ 'show_in_rest' => true, 'single' => true, 'type' => 'string', 'default' => 'foo' ] ); }}} and then save the default value it is not actually being written to the database. If you save any other type, e.g. a boolean {{{ register_post_meta( 'my_cpt, 'my_meta', [ 'show_in_rest' => true, 'single' => true, 'type' => 'boolean', 'default' => true ] ); }}} it is being written to the database. Also not saving via the REST API, but via `update_metadata()` works for strings. == What seems to happen The problem seems to happen like this: - Post meta is only saved if it differs from the currently stored value. - So before saving each field the new value is compared with the stored value. - When doing so the assumption is (rightfully) that all stored data is a string since that is how post meta is stored in the DB. - If the key doesn't exist though, the comparison happens with the default value. - The default value though isn't necessarily a string, but is handled as such in the strict equality check. - So the strict equality check fails on anything but a string field. **-> String fields can't save the default value, anything else can.** == How did it come to this? I am not absolutely sure what is actually the intended behavior, but I assume if there is nothing stored in the DB the value should be saved, even if it equals the default. I assume this because the behavior of `update_metadata()` [https://core.trac.wordpress.org/changeset/48402 got changed] to only consider DB data, not default values for the comparison by retrieving the stored data using `get_metadata_raw()` instead of `get_metadata()`. `WP_REST_Meta_Fields` duplicates some of the checks in `update_metadata()` ([https://github.com/WordPress/wordpress-develop/blob/14d9ca8da64688f799695eb9683e6ac8166cd4ee/src/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php#L382 even explicitly states that in a comment]) but `WP_REST_Meta_Fields::update_meta_value()` (and some other places in that class) didn't get the change to use `get_metadata_raw()` instead of `get_metadata()`. I assume this got overlooked when introducing the default metadata values in https://core.trac.wordpress.org/changeset/48402 It seems that replacing get_metadata with get_metadata_raw in that class should fix the issue, but I haven't found time yet to prepare a patch, so I thought I'd at least document the issue for now to see if someone else finds time for a fix before me." kraftner 55603 PHP 8.2: address deprecation of the utf8_encode() and utf8_decode() functions hellofromTonya dev-feedback General 6.0 normal normal 6.6 task (blessed) assigned 2022-04-21T19:24:21Z 2024-03-06T17:40:19Z "== Context The [https://wiki.php.net/rfc/remove_utf8_decode_and_utf8_encode PHP RFC to remove the `utf8_encode()` and `utf8_decode()` functions] from PHP in PHP 9.0 has recently been accepted. This means in effect that as of PHP 8.2, those functions will be deprecated and a deprecation notice will be thrown whenever they are called. The reasoning behind the deprecation and removal is that these functions are confusing and rarely used correctly. See the [https://wiki.php.net/rfc/remove_utf8_decode_and_utf8_encode#usage Usage section] of the RFC for an analysis of the various (mostly incorrect) uses of the functions. == The Problem The [https://wiki.php.net/rfc/remove_utf8_decode_and_utf8_encode#alternatives_to_removed_functionality typical replacements for these functions] are using the [https://www.php.net/manual/en/book.mbstring.php MBString extension] and/or the [https://www.php.net/manual/en/book.iconv.php Iconv extension]. As these extensions are both ''optional'' extensions in PHP, they cannot be relied on to be available in an open source context. WordPress uses the `utf8_encode()` function a few times in the codebase: * 1 x `utf8_encode()` in `src/wp-admin/includes/export.php` * 2 x `utf8_encode()` in `src/wp-admin/includes/image.php` * 1 x `utf8_encode()` in `tests/phpunit/tests/kses/php` Aside from that the external dependency [https://github.com/JamesHeinrich/getID3 GetID3] also uses both these functions a number of times. A search of the plugin and theme directory shows more worrying results with a plenitude of matches: * [https://wpdirectory.net/search/01G16P0SWHB37G2965MP8R4ZYK 11247 matches in 3315 plugins], including 15 plugins with over a million installs. * [https://wpdirectory.net/search/01G16P2K39TQ538M9KRTVXT4CA 40 matches in 22 themes]. == Options So, what are the options we have ? In my opinion, especially seeing how these functions are used so often in plugins, there are only two realistic options: === 1. We could polyfill these functions. While some functions which may not be available are polyfilled by WP, this is generally only done to have access to ''new'' PHP functionality or to allow for using functions which require certain optional extensions to be enabled. As far as I know, no PHP native function has ever been polyfilled due to it being removed from PHP. **Pro**: Relatively simple solution and everything keeps working (deprecation notices will still show when running on PHP 8.x, though these could silenced). **Con**: As most uses of these functions are likely to be incorrect usage (especially in plugins), these ""bugs"" will remain and not be reviewed or addressed, undercutting the improvement PHP is trying to make. === 2. We could make the MbString (or the Iconv) extension a requirement At this moment, [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/class-wp-site-health.php#L876 both the MbString as well as the Iconv extension are recommended, but not required by WP]. A couple of MbString functions are also polyfilled in WP, so now might be a good time to make the MbString extension a requirement for WP. **Pro**: MbString being available will allow for fixing the deprecations in a forward-compatible manner. It will also allow for other code improvements to be made to improve WPs support for languages using non-latin based scripts. **Con**: A new requirement would be added to WP which should not be taken lightly. At the same time, it should be noted that MbString is generally enabled already anyway, so this will impact only a small percentage of users. ==== Why MbString instead of Iconv ? While both are included (though not enabled) by default with PHP, Iconv [https://www.php.net/manual/en/iconv.requirements.php requires the `libiconv` library], which may not be available, while MbString has [https://www.php.net/manual/en/mbstring.requirements.php no external dependencies]. MbString is [https://www.php.net/manual/en/mbstring.installation.php not enabled by default in PHP], but generally ''is'' enabled in practice. [https://www.php.net/manual/en/mbstring.installation.php Iconv is enabled by default] in PHP, but can be disabled. Having said that, MbString offers much more functionality than the limited functionality offered by Iconv and - as indicated by a number of functions being polyfilled - is already in use in WP. Still, it would be helpful if someone with access to the underlying statistics data collected by WP could add figures to this issue showing how often either extension is enabled on systems running WP. == Recommendation I'd strongly recommend option 2, but would like to hear the opinions of additional Core devs. == Action lists === General - [ ] Report the issue to GetID3 === Action list for option 1 - [ ] Polyfill the functions. - [ ] Review the uses of the functions in WP Core anyhow to see if those could/should be removed/the code using them should be refactored. - [ ] Add a note about the polyfills in a dev-note with a recommendation for plugin/theme authors to review their use of these functions anyhow. === Action list for option 2 - [ ] Make the MbString a requirement for installing WP/in the WP bootstrapping. - [ ] Change the MbString extension from optional to required in the Site Health component. - [ ] Remove the current MbString related polyfills from the `compat.php` file. - [ ] Review the uses of the functions in WP Core and replace with more appropriate alternatives. - [ ] Add a note about the deprecation in the PHP 8.2 dev-note with a recommendation for plugin/theme authors to review their use of these functions and noting that the MbString extension can be relied upon to be available (as of WP 6.1). " jrf 66 55604 Update SimplePie to version 1.7.0 needs-unit-tests External Libraries 6.0 normal normal Future Release task (blessed) new 2022-04-21T20:05:26Z 2024-02-05T20:11:34Z "A new version of SimplePie has just been released. This version contains a few enhancements and some bug fixes. The most notable change, however, is that this release contains a ''forward-compatibility'' layer for the change to PSR-4 namespaced classes which is targetted for SimplePie 2.0.0. With some similarity to Requests - the namespaced versions of the classes are in a different base directory (`src`) from the original versions (`library`). As WP currently only includes the files in the `library` directory, I would like to suggest to continue doing so for now. This still makes the ''forward-compatibility'' layer available as all files in the `library` directory now create a ''class alias'' to their namespaced version. Once 2.0.0 has been released, the files included in WP, should be switched to the files from the `src` directory (which is currently in place mostly to allow for Composer autoloading) and should start using the namespaced names for the SimplePie classes. I'd recommend for this update to be mentioned in a dev-note, so plugins/themes directly using SimplePie can decide for themselves when they want to change to using the namespaced names for SimplePie classes. Refs: * https://github.com/simplepie/simplepie/releases/tag/1.6.0 * https://github.com/simplepie/simplepie/blob/1.6.0/CHANGELOG.md#160---2022-04-21 * https://github.com/simplepie/simplepie/compare/1.5.8...1.6.0 I've done a cursory check of the changes and they look sane to me, but would very much like to invite a second opinion and I'd recommend testing this change (more thoroughly than usually done for upgrades like these). I'd also like to recommend for a few cursory tests to be added to the WP test suite to ensure that both the PSR-0 as well as the PSR-4 class names load correctly when only including the `library` directory in WP. I'd recommend for this update to be applied in WP 6.1 **early**. Previous: #36669, #51521, #54659" jrf 31 55607 wp-config overrides of WP_HOME and WP_SITEURL are forgotten when installing MultiSite. dev-feedback Networks and Sites 3.0 normal normal Awaiting Review enhancement new 2022-04-22T18:37:42Z 2022-12-03T20:03:10Z "The chain of events I encountered when playing with WordPress on my home server. 1. Installed WP successfully. 2. I changed the two URL settings to the wrong value by accident. 3. Tried logging back into the admin panel, but I kept being redirected to the wrong place, the one I had mis-typed. 4. Google'd for a fix that would avoid my having to reinstall from scratch and found you can override these two settings in wp-config. I added the correct values for WP_HOME and WP_SITEURL. 5. Finding access to my website restored, I forgot about the two settings editable on the setting panel. 6. I switched on Multi-Site by setting WP_ALLOW_MULTISITE in wp-config. 7. I followed the Network-Setup panel, opting for subfolders. (The sample code to paste into wp-config had the correct name for DOMAIN_CURRENT_SITE.) 8. I followed the instructions to update both wp-config and .htaccess. 9. I went to the login page and saw the page layout was all messed up. Investigating, I found the CSS etc links were all to the mistyped URL I had typed back in step 2. Note, after restoring the htaccess and wp-config (but keeping my WP_HOME and WP_SITEURL changes) I found I could not update the wrong settings in the DB, as both text boxes were greyed out. WP multi-site appears to have some reference one of the two URL settings in the database. This should defer to the replacement settings in wp-config." billpg 1 55610 HTTP response should not be 200 when returning error-page HTTP API normal major Awaiting Review defect (bug) new 2022-04-23T09:21:41Z 2022-11-29T17:24:50Z "Current behavior: When WordPress web site was under high concurrency access, the database connections may reach the limitation of the system resource. WordPress was still returning 200 of HTTP response code when database connection error happens. The page with error information as: Error establishing a database connection This either means that the username and password information in your wp-config.php file is incorrect or we can't contact the database server at dbhost. This could mean your host's database server is down. Expected behavior: Returns HTTP code with 500 or other error codes to indicate error happens, when showing error pages." april213 4 55616 Helper function to unhook anonymous class methods dev-feedback Plugins normal normal Awaiting Review defect (bug) new 2022-04-25T13:12:13Z 2022-05-13T08:50:06Z "Problem: it’s pretty common (even if it’s not polite) for plugins to use a class constructor to hook their own public methods into things, but doing so makes it ''near-impossible'' to unhook procedurally. Solution: I just ran across the following function on StackExchange, and imagined something similar could be quite useful to have globally available: https://wordpress.stackexchange.com/a/304861 It’s gnarly, but it works, and I think having WordPress core include this functionality makes more sense than having plugin authors all include their own version of it." johnjamesjacoby 2 55618 combine/concatenate enqueued relative js/css Script Loader normal normal Awaiting Review feature request new 2022-04-25T22:33:12Z 2022-04-25T22:33:12Z "What everybody is looking for nowadays is to optimize the speed of websites and one of the ways is to compress/optimize/combine jss/css files. There are many plugins to do that but many of them are clunky or load multiple versions in different pages which doesn't improve the speed. I think the combining part should be done by the application, and if it's done through the WP core it would be better, like with load-scripts.php in the admin panel. One way to do it is to combine js/css that have been enqueued using relative paths, and keep a hash of each, then keep a hash of all hashes - or simply timestamps. for example wp-content/themes/XX/style.css -> timestamp of it wp-content/plugins/XX/whatever.css -> timestamp of it save as 1 transient all paths+timestamps above as key and as value the combined css Propose to serve it dynamically or statically by either serving the content through a php file (like i think it was done in the admin panel) or saving the combined version in a cache folder (would probably need a hashing for the filename). + checking regularly through the wp-cron that they didn't change. Instead of timestamp it could be hashes (propose 2 different hashing, timestamp check only is much faster, or $ver+timestamp, $ver, $ver+hash etc). If served dynamically also allow to set the expiration. And add options to refresh(force to resave)/clear (in db only)/purge (also delete local cache files). You could also integrate some of the logic of load-styles load-scripts, this was an example." briandd 55630 add array input to meta_query key has-patch Query 5.9.3 normal normal Awaiting Review enhancement new 2022-04-27T14:55:34Z 2022-04-27T15:06:37Z "use : {{{ 'meta_query' => array( 'relation' => 'OR', array( 'key' => ['meta_key_1' , 'meta_key_2', 'meta_key_3'], 'value' => 23, ), ); }}} Instead of this : {{{ 'meta_query' => array( 'relation' => 'OR', array( 'key' => 'meta_key_1', 'value' => 23, ), array( 'key' => 'meta_key_2', 'value' => 23, ), array( 'key' => 'meta_key_3', 'value' => 23, ), ); }}} " hossin277 1 55635 "wp_convert_hr_to_bytes() report correct byte sizes for php.ini ""shorthand"" values" dev-feedback Upload normal normal Awaiting Review defect (bug) new 2022-04-27T21:43:16Z 2022-09-14T23:16:00Z "Resolves #17725 When `wp_convert_hr_to_bytes()` was introduced in [4388] it provided a simplified mechanism to parse the values returned by functions like `ini_get()` which represent byte sizes. The over-simplified approach has led to issues in that function reporting the wrong byte sizes for various php.ini directives, leading to confusing problems such as uploading files that are rejected improperly or accepted improperly. In this patch we're porting the parser from PHP's own source (which has remained stable for decades and probably can't change without major breakage) in order to more accurately reflect the values it uses when it reads those configurations. Unfortunately PHP doesn't offer a mechanism to read its own internal value for these fields and a 100% port is extremely cumbersome (at best) due to the different ways that PHP and C handle signed integer overflow. These differences should only appear when supplying discouraged/invalid values to the system anyway, and PHP warns that in these situations things are likely to break anyway. Over the years this function has been modified a couple of times in ways that this patch reverts: - [38013] introduced a `PHP_INT_MAX` limit in a way that coerces hexadecimal and octal integer representations to decimal. - [35325] replaced the hard-coded byte size with overwritable constants but if there were any occasion for someone to change those constants in `wp-config.php` then we would actually want to preserve the hard-coded values in `wp_convert_hr_to_bytes()` since that function refers to code inside of PHP, not inside of WordPress. - The original code from [4388] looks for the presence of the suffixes //anywhere// within the value string and prioritizes `g` over `m` over `k` whereas PHP only looks at the last character in the input string (this is something that [https://core.trac.wordpress.org/attachment/ticket/17725/17725.3.diff 17725.3.diff] got right). This can cause unexpected parses, such as with `14gmk` when WordPress interprets it as 14GiB but PHP interprets it as 14KiB. Further we do acknowledge the mismatch between PHP's definition of ""gigabyte""/""megabyte""/""kilobyte"" being factors of 1024 apart from each other and the standard of being 1000. WordPress follows PHP's convention so this is simply noted in the function and preserved. This patch introduces new behaviors which might seem unexpected or wrong. It's important to consider that this function exists because PHP doesn't expose the values it parses from the php.ini directives. Therefore it's job in WordPress can be considered to do as best as it can to represent what's really happening inside of PHP; this may not match our intuition about what PHP should be doing. To that end the over-simplified code for the past 16 years has misreported many plausible-looking values like `100MB` (which PHP interprets as 100 bytes but WordPress thinks is 100 MiB). **Testing** In order to fully verify the updated code we have to understand PHP's interpretation of the php.ini directive values. One way to do this is to set a value, `upload_max_size` for instance, in any number of the possible configurable places and then make repeated uploads to see if it's rightfully accepted or rejected. This is cumbersome. An alternative approach is to compile PHP locally with added instrumentation; this is the approach taken in preparing this PR. The following patch will report three values every time a ""Long"" value is parsed from a php.ini directive: the shorthand value being parsed, the bound `long` value before applying the magnitude suffix, and the possibly-overflowed value derived from applying the possible `g`, `m`, and `k` suffixes. {{{#!diff diff --git a/Zend/zend_operators.c b/Zend/zend_operators.c index 8a0cc813..362cef76 100644 --- a/Zend/zend_operators.c +++ b/Zend/zend_operators.c @@ -164,6 +164,9 @@ ZEND_API zend_long ZEND_FASTCALL zend_atol(const char *str, size_t str_len) /* { break; } } + + printf(""zend_atol( \""%s\"" ) = %lld : %lld\n"", str, ZEND_STRTOL(str, NULL, 0), retval); + return (zend_long) retval; } /* }}} */ }}} For example, a sampling of values run through PHP produces this output. {{{#!bash zend_atol( ""0"" ) = 0 : 0 zend_atol( ""0g"" ) = 0 : 0 zend_atol( ""1g"" ) = 1 : 1073741824 zend_atol( ""3G"" ) = 3 : 3221225472 zend_atol( ""3mg"" ) = 3 : 3221225472 zend_atol( ""3km"" ) = 3 : 3145728 zend_atol( ""boat"" ) = 0 : 0 zend_atol( ""-14k"" ) = -14 : -14336 zend_atol( ""-14chairsg"" ) = -14 : -15032385536 zend_atol( ""9223372036854775807"" ) = 9223372036854775807 : 9223372036854775807 zend_atol( ""9223372036854775807g"" ) = 9223372036854775807 : -1073741824 zend_atol( ""9223372036854775808"" ) = 9223372036854775807 : 9223372036854775807 zend_atol( ""0xt"" ) = 0 : 0 zend_atol( ""0x5teak_and_egg"" ) = 5 : 5368709120 }}}" dmsnell 13 55636 Drag and drop video's go to the top of the page. reporter-feedback General 5.9.3 normal normal Awaiting Review defect (bug) new 2022-04-28T00:17:51Z 2022-07-27T19:29:22Z "Take some time going to the right part to drop a video in and then it put's it at the top. Nice can just use the arrows or hold and drag it to the right spot. It's nice too that now it shows like a icon that it's still uploading. But what would be nice is a bar to show the % of it uploading." RaymondDay 1 55638 Undefined property: WP_Post_Type::$post_type Posts, Post Types 5.9.3 normal normal Awaiting Review defect (bug) new 2022-04-28T08:38:11Z 2022-05-13T08:48:12Z " PHP 8.1.5 PHP Warning: Undefined property: WP_Post_Type::$post_type in wp-includes/post-template.php on line 649" pienoz 7 55639 Implement Async CSS has-patch General normal normal Awaiting Review enhancement new 2022-04-28T10:14:06Z 2022-05-12T19:09:57Z "Initially created as a Performance Lab issue: https://github.com/WordPress/performance/issues/120 by @dainemawer. Copied description below: Another pattern to possibly follow is Asynchronous CSS - this was suggested by the Filament Group at some point and has had some decent results: https://www.filamentgroup.com/lab/load-css-simpler/ It is slightly hacky, but it involves loading CSS files with media attribute set to print - this allows the browser to load the stylesheet in a non render block fashion. Using the onload attribute, we can set media back to all so that the stylesheet is applied as one would expect. As fallback, the original link is included in a a