ticket summary owner workflow __group__ _version priority severity milestone type _status _created modified _description _reporter Comments 29161 $pagenow variable not set in admin pages on Windows systems reporter-feedback Administration 3.9.1 normal normal Awaiting Review defect (bug) new 2014-08-09T10:59:05Z 2021-12-27T21:25:33Z "In the most recent version of WordPress: `vars.php`, starting line 25: {{{#!php if ( is_network_admin() ) preg_match('#/wp-admin/network/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); elseif ( is_user_admin() ) preg_match('#/wp-admin/user/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); else preg_match('#/wp-admin/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); }}} The ""/"" character does not match the ""\"" character found as the directory separator on Windows systems. This causes various issues throughout the entirety of the administration pages, notably that ""add_meta_box"" ceases to function correctly. Would recommend it be changed to something like this: {{{#!php $ds = preg_quote(DIRECTORY_SEPARATOR); if ( is_network_admin() ) preg_match('#'.$ds.'wp-admin'.$ds.'network'.$ds.'?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); elseif ( is_user_admin() ) preg_match('#'.$ds.'wp-admin'.$ds.'user'.$ds.'?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); else preg_match('#'.$ds.'wp-admin'.$ds.'?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches); }}} Thanks for the wonderful software!" Craxic 4 57379 A Way to Disable Export Theme Administration 6.1.1 normal major Awaiting Review defect (bug) new 2022-12-23T11:32:25Z 2022-12-23T11:32:25Z "related Github issue; https://github.com/WordPress/gutenberg/issues/46661 ## What problem does this address? This button tries to zip my whole theme which as node_modules with 500MB content: [[Image(https://user-images.githubusercontent.com/207720/208480389-b2929241-76de-4d24-89fb-94be7223d039.png)]] Here is the video: https://www.youtube.com/watch?v=9F1LtmMrjsY You can see CPU spike in right macos m1 menu.. And lets say I want to show a demo for my premium theme.. Why would I want a download button? ## What is your proposed solution? I need a way to disable this." unsalkorkmaz 50284 A fix to the CPT-no-create-when-submenu-child problem. Administration 5.5 normal normal Awaiting Review defect (bug) new 2020-05-29T23:04:21Z 2022-11-10T09:27:05Z "Here's a bug and a work around solution. (It is something that coders try to implement, but back away from when they see it's broken.) Code is traced ready to be altered. Please see [StackExchange](https://wordpress.stackexchange.com/questions/367822/how-to-allow-add-new-capability-of-cpt-when-links-to-its-ui-are-placed-as-a-su) for the bloodsucking work. Short is that users with the `edit_{post-type}` custom capability for a custom post type cannot create that particular post type if the UI is accessible by way of a submenu. The fix is to **NOT POPULATE THE POST MENU WITH post-new.php** if the user does not possess the `edit_posts` capability. [This line](https://core.trac.wordpress.org/browser/tags/5.4/src/wp-admin/menu.php#L170) is the problem child: it needs to go sit in the corner with a pointy hat on. I'm new to the whole playing with other WordPressers in the sandbox kind of thing. If I knew how to make changes to the core for upgrades, I would have submitted a file change with that line 170 in wp-admin/menu.php looking like this: `if( current_user_can($ptype_obj->cap->create_posts) ) { $submenu[ $ptype_file ][10] = array( $ptype_obj->labels->add_new, $ptype_obj->cap->create_posts, $post_new_file ); }` ... well, formatted nicely into three lines, obviously." mort1305 5 38805 A hook is missing in class WP_List_Table dev-feedback Administration 4.6.1 normal major Awaiting Review defect (bug) new 2016-11-15T22:03:17Z 2022-04-20T16:51:26Z "If I want to add a column to a WP_List_Table, I used this hooks : * `manage_{$this->screen->id}_columns` * `manage_{$this->screen->id}_sortable_columns` * `manage_{$screen->id}_custom_column` But the last one doesn't exist in WP_List_Table, I can create a column but I can't insert data into. Here the documentation : https://make.wordpress.org/docs/plugin-developer-handbook/10-plugin-components/custom-list-table-columns/#output-table-cell-contents Here the source of WP_List_Table : https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/class-wp-list-table.php Actually, I want to hook a plugin with this hook, I can't add columns. Thanks " madvic 7 36081 Activity dashboard widget is not using word-wrap: break-word mrahmadawais dev-feedback Administration 4.4.2 normal normal Future Release defect (bug) assigned 2016-03-03T07:40:11Z 2019-03-20T18:05:43Z "Long word's without spaces goes out of the container. I think that this class `#dashboard-widgets a` needs `word-wrap: break-word`; Screenshot: http://www.awesomescreenshot.com/image/1048253/7b7bc297dd3c3bd1f3c9532dd9f1138e" Prelc 25 57268 Add Escaping properly in Class Custom background Page has-patch Administration normal normal Awaiting Review defect (bug) new 2022-12-03T10:10:30Z 2022-12-03T18:30:34Z "In the class-custom-background.php , I noticed there are some missing escaping. I think these should be escaped properly. Example: {{{ }}} " shailu25 2 51597 Add debugging of a single session Administration normal normal Awaiting Review defect (bug) new 2020-10-22T01:30:19Z 2020-10-22T01:30:19Z "At the moment, debugging options are controlled by constants. This means that an entire site is either producing debug output and/or saving queries, or it doesn't. In this situation, every user session sees the same output, and that's a problem for all but the person who's trying to fix the problem. On large, active sites, this can be a problem for many, many users, thus affecting the respective business negatively for no good reason. I propose to add a way to debug only a single session. Those with the ""administrator"" role and/or a new ""debug"" capability should see a new menu in the admin bar, where they can turn on various debugging options. By using GET parameters and/or cookies, it should be possible to then trigger debugging functions that match the user's selection only for that one session. Some debugging still requires site-wide flags, e.g. background tasks, API calls, etc. Therefore, the new mechanism cannot replace the use of constants completely. However, if may be possible to identify cases for constants, cases for session flags and cases for both." galbaras 34088 Add delay to admin menu arrow's disappearance has-patch Administration 4.3.1 normal normal Awaiting Review defect (bug) new 2015-09-29T23:11:19Z 2022-11-16T11:25:44Z "Currently if you hover over an item in the admin's left sidebar, the submenu will show after a few hundred milliseconds. The arrow/triangle next to the submenu will appear at the exact same time. However, on leaving the hover state, the arrow disappears right away while the submenu will stay around for a few hundred milliseconds and then disappear. I would assume this is because the arrow is bound to the menu item, and not the submenu. Not really sure what the solution would be to this, but I see it as a bug in code that's improves UX. [[Image(https://cldup.com/oDl-qIUYxW.gif)]]" pathartl 12 49870 "Admin Email Verification ""The Email is Correct"" leads to White Screen" reporter-feedback Administration 5.4 normal normal Awaiting Review defect (bug) new 2020-04-10T16:39:15Z 2020-05-02T23:37:48Z "On every one of my sites, clicking on ""The Email is Correct"" leads to a white screen, and no email sent. A console error on this white screen reads: ""The character encoding of the plain text document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the file needs to be declared in the transfer protocol or file needs to use a byte order mark as an encoding signature."" See screenshot: https://rogueeasyweb.tinytake.com/tt/NDIwMzkzNF8xMzA4MjE4Mg I've been simply clicking in Remind me Later to get around it. This has been happening for months and months now, across multiple WP updates, and on at least 10 different sites on a few different hosts. Sorry I do not have a stock installation sitting around with no plugins/themes to test on. Using Firefox v74.0.1 on Windows 10" rogueeasyweb 2 36201 Admin Pagination URLs Use Wrong Hostname dev-feedback Administration normal normal Future Release defect (bug) reopened 2016-03-10T21:18:06Z 2024-02-01T00:58:46Z "The pagination links on the posts/pages screen uses the wrong host in some cases. Particularly for my case I have a Wordpress blog installed on a separate server from my main website, but it's hosted as a subdirectory `/blog` on the main site using the `mod_proxy` Apache module. So the pagination links are coming through using the wrong host like this: http://1647760595.us-east-1.elb.amazonaws.com/wp-admin/edit.php?paged=2 It seems like these pagination links are the only ones with this issue, and I believe it's because of how they are being constructed. I've attached a patch that solves the issue for me. -Garrett" grimmdude 42 40701 Admin menu icon distorted in Chrome when #adminmenu folded has-patch Administration 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-09T11:17:06Z 2017-06-22T21:30:33Z "By default - when the admin menu is not folded - the icons in the admin menu are 36px wide. {{{ #adminmenu div.wp-menu-image { float: left; width: 36px; height: 34px; margin: 0; text-align: center; } }}} With this width, Chrome renders the icons sharp. When the admin menu is folded it changes the width to 35px: {{{ .folded #adminmenu div.wp-menu-image { width: 35px; height: 30px; position: absolute; z-index: 25; } }}} The icons are blurry as the lines in the icon shifted 0.5px horizontally -> antialising. Possible solution: Do not force .wp-menu-image to 35px when the menu folded. {{{ .folded #adminmenu div.wp-menu-image { height: 30px; position: absolute; z-index: 25; } }}}" nextendweb 2 56302 Admin menu links have relative URLs dev-feedback Administration normal normal Awaiting Review defect (bug) new 2022-07-29T06:01:54Z 2022-11-04T07:53:52Z "Hey, When i opened `abc.com/wp-admin/options.php/` and then try to go on submenu under settings then menu link is wrong and not opening page. more information you can see quick recording. https://www.loom.com/share/e64670a986df4c5da8e81838799a7ea1 Thank you " iihglobal 4 47901 Admin menu variable is not always considered as global dev-feedback Administration normal normal Awaiting Review defect (bug) new 2019-08-20T07:56:15Z 2019-08-24T12:47:43Z "In ""wp-admin/menu.php"", the variable $menu is used as global but never declared as global, this cause issue if you are displaying admin from a router script in PHP by using a require_once. Bug can be solved by adding to ""wp-admin/menu.php"" {{{#!php General-> Click ""Save changes"". You will see the ""Settings Saved"" notice jump from above the H1 to below it. You can see it in the gif below: [[Image(https://www.dropbox.com/s/438bwkztew9349s/admin_notice.gif?dl=0)]] This also happens for custom notices, for example any class=""notice notice-warning"" will also jump. " dschalk 10 50402 Admin notices: error messages should not be all bold joedolson* has-patch Administration normal normal 6.6 defect (bug) accepted 2020-06-16T15:24:54Z 2024-02-29T12:13:13Z "Splitting this out from #47656. While there are cases where the admin notices error messages may legitimately use bold form ''some'' terms within the message, the whole message shouldn't be bold. The vast majority of the error admin notices are just text with a normal font weight. The `` element does add semantic (strong) emphasis but that's an addition that brings in very little vale. Visually: the bold message is inconsistent with most of the error admin notices. Some examples: {{{ echo '

' . __( 'You cannot install a network of sites with your server address.' ) . '

'; }}} and {{{ echo '

' . __( 'The network could not be created.' ) . '

'; }}} These ""all bold"" admin notices should be adjusted to remove the all-bold effect. Worth also reminding the CSS class `class=""error""` is legacy and should be replaced with `class=""notice notice-error""`. " afercia 9 28821 Admin page registered with add_menu_page() allows access through wrong URls and hightlights wrong top level menu item dev-feedback Administration 3.9.1 normal normal defect (bug) new 2014-07-10T21:05:19Z 2019-06-04T19:26:10Z "'''Steps to reproduce:''' * Add a top level admin menu page (with the plugin provided below). * Access the new top level admin menu via the menu item (bottom of menu) * Try to access it via one of the following URLs {{{ http://example.com/wp-admin/options-general.php?page=trac http://example.com/wp-admin/tools.php?page=trac http://example.com/wp-admin/admin.php?page=trac http://example.com/wp-admin/edit-comments.php?page=trac http://example.com/wp-admin/edit.php?post_type=page&page=trac http://example.com/wp-admin/upload.php?page=trac http://example.com/wp-admin/edit.php?page=trac http://example.com/wp-admin/index.php?page=trac ... etc ... // Sub menu items that have the same behavior http://vagrant.local/wp/wp-admin/plugin-install.php?page=trac http://vagrant.local/wp/wp-admin/themes.php?page=custom-header&page=trac http://vagrant.local/wp/wp-admin/themes.php?post-new.php?post_type=page&page=trac ... etc ... }}} '''Bug description:''' Every of the above links will (falsely) work and bring you to the registered page. The top level menu item will be hightlighted while the sub menu item does not exist. The following URls will work (with above bug) as well, but ''not'' highlight any menu item: {{{ http://example.com/wp-admin/edit-tags.php?taxonomy=post_tag&page=trac http://example.com/wp-admin/edit-tags.php?taxonomy=category&page=trac }}} I would not really consider this a ''""feature""''. ---- '''Test Plugin''' {{{

Hello Trac!

/wp-admin/edit.php?post_type=page:1 Checking page content, indeed there are TWO id=""post_parent"" in the TBODY id=inlineedit, and other later in the TR id=bulk-edit Bug appears with all plugins turned off, and fresh install as well. Reproduce: Simply open the ""All pages"" menu on admin panel, and see the console for the DOM form errors. " iarovuo 3 21211 Alter how settings_errors are output in options.php dev-feedback Administration 3.4.1 normal normal defect (bug) new 2012-07-10T23:44:37Z 2019-06-04T19:23:12Z "The `*_settings_error(s)` and `settings_error` functions are used mainly as part of the Settings API, but with the way that options.php currently handles the settings errors, it assumes that people will use this functionality exclusively with the Settings API. Notice options.php, starting at line 153: {{{ /** * Handle settings errors and return to options page */ // If no settings errors were registered add a general 'updated' message. if ( !count( get_settings_errors() ) ) add_settings_error('general', 'settings_updated', __('Settings saved.'), 'updated'); set_transient('settings_errors', get_settings_errors(), 30); }}} This simply assumes that no other outside source has registered any sort of setting error other than the current options page. TwentyEleven does this, and so if any other source has registered any notices via these functions, the ""Settings saved."" message will not be output because the first bit of logic will fail. I don't think this assumption can (nor should) be warranted, so there needs to be another way to handle this so that themes like TwentyEleven who only call `settings_errors` at the top of their options page don't get unknowingly hijacked by other sources. I always suggest registering your own errors at the end of the sanitization callback for your setting, and then output those specific errors within settings_errors to avoid any internal conflicts like this. Just looking for some ways to approach this. :-) " griffinjt 2 43095 Audit the usage of `aria-haspopup` in the admin menu joedolson* Administration normal normal 6.6 defect (bug) accepted 2018-01-15T20:18:01Z 2024-02-20T15:15:16Z "In the admin menu (the one in the left sidebar, not the toolbar one) items that have a sub-menu have an `aria-haspopup` attribute. While the intent is good, I'm not sure this is a 100% appropriate usage. We've discussed this during today's accessibility team meeting and agreed it's worth investigating. In the previous ARIA 1.0 recommendation it was clearly stated that `aria-haspopup` is meant to be used on controls that require user activation to reveal additional content. Then, in the new [https://www.w3.org/TR/wai-aria/#aria-haspopup ARIA 1.1] recommendation, the sentence ""This means that activation renders conditional content"" [https://www.w3.org/2016/04/28-aria-minutes.html#item03 was removed]. Regardless, this doesn't necessarily change things and the new values for `aria-haspopup` don't seem to suggest the current usage in WordPress is 100% correct. What does ""user activation"" means? The `aria-haspopup` makes perfectly sense when users of assistive technologies land on an interactive item and need to be informed that activating the item reveals additional content. That's not the case with the admin menu. Both when tabbing or arrowing when using a screen reader, all the menu items including the sub-menu items get revealed without requiring any special user action. In this case, the information provided by `aria-haspopup` seems pointless, if not confusing. Only in the responsive view, the admin menu works differently and the top level items do require user activation to reveal the sub menus. Seems `aria-haspopup` should be used only in the responsive view. We should further investigate this issue and test with assistive technologies, not only screen readers but also, for example, speech recognition software. For reference, the major screen readers announce `aria-haspopup` this way, as of January 2018: {{{ NVDA ""sub menu"" JAWS ""has pop-up"" VoiceOver ""Menu pop-up"" }}} " afercia 9 53325 Automated Update Failed Notice After Update is Done Administration 5.7.2 normal minor Awaiting Review defect (bug) new 2021-06-03T03:58:36Z 2021-06-30T09:29:26Z "Hello Folks, In my WordPress instance, it showed me the core update for version 5.7.2 I have started updating WordPress but it took longer. I don't know if it was a network issue or any other. But somehow, my update was done. Now, when I am opening the WordPress Admin Dashboard, it gives me constant warning **""An automated WordPress update has failed to complete""** I guess when the update was in progress, in the file: update.php, Line number 804, the option s not getting updated for **""auto_core_update_failed""** " malavvasita 1 41387 Avoid 403's from AJAX requests from postbox.js reporter-feedback Administration normal normal Awaiting Review defect (bug) new 2017-07-20T15:34:23Z 2021-07-24T20:24:11Z "While making some improvements to a plugin's admin pages I changed the HTML in my meta boxes to be more inline with WordPress core. I then noticed that I was getting 403's from the closed-postboxes AJAX request each time I toggled the display of the postbox. Since I don't have a requirement for the open/closed state of my postboxes to persist I don't need the AJAX requests. Consequently I don't have a #closedpostboxesnonce. So, to avoid the 403's I changed postbox.js to not perform the AJAX request if the nonce isn't set. " bobbingwide 3 24447 Avoid losing data after nonces expire iseulde early Administration normal major Future Release defect (bug) assigned 2013-05-29T07:55:35Z 2020-05-14T19:23:54Z "Happens when an admin page containing a form is left open for more than 24 hours and the user decides to submit the form. This is quite rare for most admin pages as the users typically spend short time there. However this can happen on the Edit Post screen too despite that we refresh the basic nonces every `wp_nonce_tick` (12 hours): - The user starts new post. - At some point the Internet connection is lost. - The user decides to finish later and puts the computer to sleep (closes the laptop, etc.). - The user decides to continue writing more than 24 hours after that. At this point all nonces have expired and cannot be updated as we've missed the previous nonce_tick update." azaozz 31 30505 Backbone subviews cannot be attached directly to DOM elements Administration normal normal defect (bug) new 2014-11-26T06:22:26Z 2019-06-04T19:27:07Z "Right now, you need selectors to attach subviews. Even if you have a direct reference to an element in the DOM, it's not possible to attach to this directly. This is an issue when you're working with an existing DOM structure to attach views, and the elements don't have unique identifiers for a selector. Backbone itself is happy to let you do this in a lot of places; this is why you can pass in `el` when constructing a view, for example. However, `wp.Backbone.Views` uses `! _.isString` to overload some of the function parameters, which means you can never pass it through." rmccue 8 38809 Better wp namespace in password-strength-meter.js close Administration normal normal Future Release defect (bug) reviewing 2016-11-15T23:27:37Z 2022-03-30T20:52:46Z "Currently, `password-strength-meter.js` uses this pattern to pass the wp object as argument: {{{ window.wp = window.wp || {}; var passwordStrength; (function($){ wp.passwordStrength = { ... })(jQuery); }}} so `wp` inside the IIFE is, technically, undefined, even if WordPress considers `wp` a global object. Also the first line is pointless if then `window.wp` is not passed as argument." afercia 11 40218 Button and select box alignment issue in page view Administration normal normal Future Release defect (bug) new 2017-03-21T12:33:37Z 2024-02-24T23:43:41Z "Hi, Button and select box are not aligned in the page view. I have attached screenshot for more information. Thanks" sagarprajapati 13 58198 CSS on Login Security page missing Administration 6.2 normal normal Awaiting Review defect (bug) new 2023-04-26T16:06:37Z 2023-04-26T16:06:37Z "Hello I had a problem with logging in today, I was kept in the Verification email loop. So I deactivated Wordfence via FTP and deleted. This caused the site not to work at all. So I deleted all Wordfence related entries in the user.ini and htaccess files. Then the login worked and I deleted and reinstalled Wordfence. Now it seems to work fine. I havn't logged out since and hope, login works again. But I wanted to change the sensibility for the reCaptcha verification. It is on 0.9 right now. But I can not find the Save button on that page as the CSS is missing. Greetings Heinz" bodhi1970 39762 Change in DOM Element Properties as seen in Javascript Event Handlers Between 4.6.2 and 4.7+ reporter-feedback Administration 4.7 normal normal Awaiting Review defect (bug) new 2017-02-01T22:37:55Z 2021-04-06T05:27:06Z "I'm seeing a problem that appears to be related to the change introduced by ticket #37973 in 4.7. I don't see this issue in 4.6.2. I filed ticket #39739 earlier this week that documented another problem related to this change as well. This problem is also related to a ""select all"" checkbox but has to do with the state of child checkboxes within javascript event handlers being different between 4.6.2 and 4.7. In short, I have an event handler for ""click"" for the ""manage-column check-column"" checkbox (simplified HTML shown below). This event handler looks for child checkboxes in the table (""nslb_import_rows"") and triggers their ""click"" event accordingly. The ""click"" events are triggered so that additional HTML can be displayed on the page if certain conditions are met when the individual rows are selected / unselected or en masse via this ""select all"". {{{
Name
Steven
David
}}} Please note the first element with the class ""nslb-dynamic-content"". As the name implies, this content is created dynamically and added to the page via javascript as certain other options on the page are chosen. Because the inner HTML is added dynamically, when this code in common.js at line 459 at the 4.6.2 level executes: {{{ $('thead, tfoot').find('.check-column :checkbox').on( 'click.wp-toggle-checkboxes', function( event ) { ... }}} it doesn't find any elements that match the search criteria as they are not present on the page yet, therefore no event handlers are registered here. The HTML at this point would look only like this: {{{
}}} Conversely, the code in common.js at 4.7+ on line 452 that replaced this line {{{ $body.on( 'click.wp-toggle-checkboxes', 'thead .check-column :checkbox, tfoot .check-column :checkbox', function( event ) { ... }}} fires when the ""manage-column check-column"" checkbox is clicked even though it's in HTML that is added dynamically. This is because the line in 4.7+ handles click events in the body and then evaluates whether or not a ""check-column"" checkbox was clicked in a or as part of click event processing itself thereby finding my ""manage-column check-column"" checkbox"" in the DOM at that point. The net of effect of all this is a change in the value of the ""clicked"" property of these child checkboxes when my own click event handler executes. For example, in 4.6.2, if no checkboxes are selected on the page and I click my ""manage-column check-column"" checkbox, the ""clicked"" properties for the child checkboxes are ""false"" because the event handler on line 459 in common.js doesn't execute. However, in 4.7+ given the same scenario, the ""clicked"" properties for the child checkboxes are already ""true"" because the event handler on line 452 in common.js does execute each time. You could actually argue the behavior in 4.6.2 is defective since the handler does not get registered for ""check-column"" checkboxes added dynamically. FYI, if I hard code this exact HTML statically, then the 4.6.2 event handler does get registered and the ""clicked"" property for child checkboxes is consistent between 4.6.2 and 4.7+. Additionally, the code in common.js at the 4.7+ level could potentially trigger the ""click"" event for any child checkboxes it finds as opposed to just modifying their ""checked"" property, although I'm not sure of the ramifications of that type change." reldev 2 60045 Change to add_new label displays wrong label for old post types joedolson* Administration 6.4 normal normal Future Release defect (bug) accepted 2023-12-11T02:32:49Z 2024-03-12T15:27:00Z "In #47125, the label for adding a new item in the menu changed its default value from Add New to Add New Post, with developers advised to change their code to match when creating custom content types. To me this was a mistake; an appropriate label already existed with that wording: the add_new_item label. If it was desired to change what displayed in the menu, the right fixing was to use display add_new_item, rather than changing the entire meaning of add_new. I have always registered custom post types by setting add_new_item to 'Add New MyPostType', and leaving add_new out of the array entirely, since there was never a need to override the wording of 'Add New'. Now, all of my post types for all clients over many years are displaying 'Add New Post'. Can this change please be reverted, and replaced by displaying add_new_item when you wanted to display the item name, as it was always intended to be used?" smerriman 6 44036 Checkboxes appearing strangely in FireFox responsive view reporter-feedback Administration normal normal Awaiting Review defect (bug) new 2018-05-10T11:52:31Z 2020-04-15T04:31:10Z "When I switch to mobile view in FireFox, the checkboxes are appearing strangely! Please see screenshot. WordPress version: 5.0-alpha-43205 FireFox version: 59.0.2 (64-bit) OS: Ubuntu 14.04 Steps to reproduce: 1. Go to /wp-admin/edit.php?post_type=page 2. Press Shift+Ctrl+M to bring up smaller view" subrataemfluence 5 55768 Checkboxes not displayed when images are turned off in browser Administration 5.3 normal normal Future Release defect (bug) new 2022-05-18T09:24:11Z 2022-05-19T07:59:09Z ​W​hen images ​are ​turned off in browser, ​the ​checked post categories in the admin ​post dashboard disappear​.​ martiniwebb 4 42586 Code Editor: Inconsistent results between finding in CodeMirror vs browser Administration 4.9 normal major Future Release defect (bug) new 2017-11-16T16:43:25Z 2022-11-17T23:54:13Z "When in the Appearance/Editor, f'rinstance, when editing a child theme's CSS file, the Ctrl-F (Search) no longer works. SOMETIMES it will find a string IF that string is on the VISIBLE portion of the screen. It will NOT find that string in the file if the string is NOT visible. Sometimes it will not find the string at all - visible or not. A serious impeiment to the Editor!" wpress2010 47 43331 Color picker breaks admin panel in many templates close Administration normal normal Awaiting Review defect (bug) new 2018-02-15T13:05:04Z 2022-12-02T11:42:09Z "The error prevents the document from beign saved. '''Console error:''' color-picker.min.js?ver=4.9.4:1 Uncaught TypeError: Cannot read property 'addClass' of undefined at a.(anonymous function).(anonymous function).close (https://www.szybkiangielski.pl/wp-admin/js/color-picker.min.js?ver=4.9.4:1:3088).... '''Error is caused by line 316 in color-picker.js''' this.inputWrapper.addClass( 'hidden' ); '''I corrected the code by replacing the code with:''' if(typeof this.inputWrapper !== ""undefined"") { this.inputWrapper.addClass( 'hidden' ); } '''This stops the error, page can now be saved and color picker works fine''' " grzecho 13 36512 Color picker has disappeared from input in custom post type. reporter-feedback Administration 4.5 normal normal defect (bug) new 2016-04-13T14:55:37Z 2022-07-07T17:30:40Z "In a custom plugin I've created some metaboxes with color picker fields. Here how I call the color picker style : {{{ add_action( 'admin_enqueue_scripts', 'le_chiffre_add_color_picker' ); function le_chiffre_add_color_picker( $hook ) { // $hook to apply a check for admin page. wp_enqueue_style( 'wp-color-picker' ); wp_enqueue_script( 'custom-script-handle', plugins_url( 'custom-script.js', __FILE__ ), array( 'wp-color-picker' ), false, true ); } }}} the HTML input (created dynamically): {{{ }}} and the js for my input fields, loading the color picker: {{{ (function( $ ) { // Add Color Picker to all inputs that have 'color-field' class $(function() { $('.color-field').each(function(){ $(this).wpColorPicker(); }); }); })( jQuery ); }}} With WordPress 4.4.2 everything worked like a charm (I even did a reverse from 4.5 to 4.4.2 to be sure of it) and now with the 4.5 version, the color picker doesn't show up on my fields... I didn't found anybody having the same issue. Have a nice day David THOMAS " anou 3 54660 Comment is missing for the bulk_footer function has-patch Administration normal normal Awaiting Review defect (bug) new 2021-12-19T13:20:08Z 2021-12-19T16:26:16Z A comment is missing for the bulk_footer function in the file class-bulk-plugin-upgrader-skin.php yagniksangani 35785 "Concatenating ""wp-post-new-reload=true"" with URL repeatedly" Administration normal normal defect (bug) new 2016-02-09T18:33:12Z 2019-06-04T19:34:27Z "Concatenating ""wp-post-new-reload=true"" with URL repeatedly when a meta box has required field and user click on ""Publish"" button without filling it properly: http://screencast-o-matic.com/watch/cDnQFFhRcR " codename065 1 57030 Condition is not strictly checked on options-general.php file SergeyBiryukov needs-unit-tests Administration 3.0 normal normal Future Release defect (bug) assigned 2022-11-08T09:56:56Z 2023-07-06T03:14:17Z In options-general.php file it is 0 is being compared with another variable which is $current_offset. As 0 is numeric value this needs to be compared. rakibwordpress 6 31593 Conflict of custom post type menu and add_utility_page Administration 4.1.1 normal normal defect (bug) new 2015-03-11T07:00:51Z 2023-11-13T18:56:31Z "I installed a plugin that register_post_type with menu_position 80. Thereafter, I installed a plugin to add a menu by add_utility_page. Then the menu of menu_position 80 is disappeared. Where I examined, I think there is a problem with the count up of `$_wp_last_utility_menu`, but is this correct specification? This is the sample code. {{{ function test_add_utility_page() { add_utility_page( 'test_utility_page', 'test_utility_page', 'edit_posts', 'test_utility_page', '__return_false' ); } add_action( 'admin_menu', 'test_add_utility_page' ); function test_register_post_type() { register_post_type( 'test_post_type', array( 'labels' => array( 'name' => 'test_post_type', ), 'public' => true, 'menu_position' => 80, ) ); } add_action( 'init', 'test_register_post_type' ); }}}" inc2734 3 26050 Continual Admin Page POST (HeartBeats?) Can Cause SQL Connection Issues Administration 3.6 normal normal defect (bug) new 2013-11-15T19:14:10Z 2019-06-04T19:24:36Z "The admin pages (/wp-admin/widget.php, /wp-admin/index.php, etc..) will continually POST to admin-ajax.php ever 2.5-3 min. If multiple admin pages are open for long periods of time(ex. over night) the SQL Connections associated with the POSTs will begin to progressively have longer sleep times. I have seen MYSQL Connecitons Sleep upwards of 45 seconds from these POSTs. This ultimately cause my Server/Account to be shutdown by my host due to the long sleep time taking up connections for no reason. I wouldn't expect the Connections to progressively sleep longer. I was surprised to find that the pages were Sending POSTs even when they were not being used(before I knew about the heartbeat api). Is this the expected experience/results? Should there be a sleep setting on these POSTs to stop after a given time frame? Or can all of these be rolled into 1 POST? To Reproduce: Open up the following in their own tabs: /wp-admin/widgets.php, /wp-admin/index.php, /wp-admin/theme.php, /wp-admin/theme-edit.php, /wp-admin/plugins.php, /wp-admin/post.php Verify they are making post requests ever 2.5-3min, I use Tamper Data add-on for firefox, but fiddler or any other http collector will do. In MYSQL watch the connections by using the command: show full processlist; run the SQL command as soon as you see the POST occur in tamper data or fiddler. Notice the Sleep and time is 0 for the POST request. you might not see it in the process list at first since it is so quick. Once POSTs are occuring ever few min and MySQL is setup to view processes/connections leave the pages open over night. Then test again in the morning by viewing the processlist once you see a POST submitted. It usually easiest to see when post are submitted around the same time. You will notice the sleep time has increased and you will also notice that the response times for the POSTs have increased. I reproduced this on twenty-thirteen theme with all plugins deactivated and using firefox." optimized-marketing.com 16 53035 Copy suggested policy text to clipboard on click success message is not showing has-patch Administration normal normal Awaiting Review defect (bug) new 2021-04-15T06:29:49Z 2021-04-16T04:47:18Z "Hi, I have updated 5.7.1. and lot's of time success message is not showing. more information you can see mentioned quick video link. https://www.loom.com/share/6d051f6236134b6eb6aff20fba228b9e" sumitsingh 4 47505 Create a comprehensive input validation API for WordPress editor and administration interface audrasjb* needs-unit-tests Administration normal normal Future Release defect (bug) accepted 2019-06-07T14:24:03Z 2019-10-04T15:43:46Z "Currently, WordPress lacks a comprehensive API for validating form input and alerting users to errors or missing fields. One example of how this can cause problems was captured by @conner_bw in #47018 -- failing to fill in the required ‘Name’ field when creating a new taxonomy term highlights the field in red but provides no textual message indicating that a required field is missing. As noted by @afercia: > there are at least two WCAG success criteria (1 is level A, the other one is level AA) that requires a clear identification of the item in error and clear suggestions for correction. ([https://wordpress.slack.com/archives/C02RP4X03/p1556291609088300 See Slack discussion]) The lack of input validation mechanisms has also been noted as a shortcoming in Gutenberg ([https://twitter.com/thespacedmonkey/status/1136570949048909824 see tweet] from @spacedmonkey about this). In the [https://wordpress.slack.com/archives/C02RP4X03/p1556291406082600 Slack discussion] of #47018, the Accessibility team agreed that the broader goal of researching and planning a comprehensive form validation API would be a valuable project that would benefit all users. This ticket should serve as a starting point for that exploration process. One example of how this could work shared during the discussion was something along the lines of Tenon’s React-based form validation library: [https://www.tenon-ui.info/forms-full-demo] Two use cases that this API should cover: - Required input is missing - Required input is not the expected type To be continued!" greatislander 11 55812 Custom admin columns don't sort string meta_key values when using MariaDB. Administration 6.0 normal normal Awaiting Review defect (bug) new 2022-05-25T03:24:45Z 2022-06-14T16:35:45Z "If your using MariaDB, and you want to sort the WP_Query using meta_key and orderby 'meta_value' sort does not work. '''To reproduce:''' 1. Create a basic child theme, I made a child theme of Twenty Twenty Two that contained the style.css and functions.php. \\ \\ '''style.css''' {{{ /* Theme Name: Twenty Twenty Two Child Description: Twenty Twenty Two Child Theme Template: twentytwentytwo Version: 1.0.0 Text Domain: twentytwentytwochild */ }}} 2. Define the hooks to add a custom column. \\ \\'''functions.php''' {{{#!php __( 'Test', 'twentytwentytwochild' ), ), array_slice( $columns, 1 ), ); } add_filter( 'manage_pages_columns', 'child_manage_pages_columns' ); function child_pages_custom_columns( $column_key, $post_id ) { switch ( $column_key ) { case 'test_custom_field': $value = get_post_meta( $post_id, 'test_custom_field', true ); echo esc_html( $value ); break; } } add_action( 'manage_pages_custom_column', 'child_pages_custom_columns', 10, 2 ); function child_manage_edit_pages_sortable_columns( $columns ) { $columns['test_custom_field'] = 'test_custom_field'; return $columns; } add_filter( 'manage_edit-page_sortable_columns', 'child_manage_edit_pages_sortable_columns' ); function child_manage_edit_pages_sortable_columns_pre_get_posts( $query ) { if ( ! is_admin() || ! is_main_query() ) { return; } $orderby = $query->get( 'orderby' ); switch ( $orderby ) { case 'test_custom_field': $query->set( 'meta_key', 'test_custom_field' ); $query->set( 'orderby', 'meta_value' ); break; } } add_action( 'pre_get_posts', 'child_manage_edit_pages_sortable_columns_pre_get_posts' ); }}} 3. Log into the WordPress admin panel and add a couple of pages that use custom fields. I made three pages two of those pages had the same custom field value and the third had a new value (Hello World, Hello World, and Other World). 4. Go to the page listing and try to sort with the 'Test' column. The sort may change the first time, but will remain the same each time after that. I tested this with MariaDB version 10.5.4 on Windows 10 with WAMP. I also tested with MySQL 8.0.24 on Windows 10 with WAMP but did not have the issue. Through some testing and google searches I realized the issue is that MariaDB's LongText column type is just not sortable. In my test I updated wp_postmeta's meta_value column to Varchar(15000) and that enabled sort to work as expected." kevincorrigan 1 46307 Custom admin menu items don't provide their title on medium breakpoint garrett-eclipse Administration normal normal Future Release defect (bug) assigned 2019-02-22T06:52:05Z 2019-02-22T17:11:21Z "With custom admin menus if no submenu is provided for them they don't have a flyout on hover which on medium breakpoint leaves them only identified by their icon. Note: Core menus all have submenus so this only affects custom menus developers introduce. It would be nice to still provide the submenu flyout with only the wp-submenu-head item present as that would provide the title of the item. The submenu items are introduced here with the first item being the wp-submenu-head. Am thinking moving the empty check into the ul would leave the flyout providing the title. https://github.com/WordPress/WordPress/blob/92aa2f9e92a4e1ad5471d87d5292587c5cee5702/wp-admin/menu-header.php#L178-L250" garrett-eclipse 3 45135 Dashboard Menu Conflict on Mobile Devices when menu is active Administration 4.9.8 normal normal Awaiting Review defect (bug) new 2018-10-19T18:20:13Z 2018-10-24T17:40:43Z "Bug on dashboard while scrolling down on the same page when menu is active. **Steps to easily reproduce the issue:** 1) Visit any page on the dashboard 2) Tap the Menu Icon (keep it as active) 3) Scroll down the page which you are already visited from the center of the down of page (not via the admin menu). 4) The menu will seems to be hidden and the admin bar will seems to be broken As for getting the admin menu options again, the user need to refresh the page." josevarghese 52919 Dashboard tabs issue on focus has-patch Administration 5.7 normal normal Awaiting Review defect (bug) new 2021-03-26T09:27:49Z 2023-05-25T19:26:58Z Dashboard tabs issue on focus, it needs to be the vertical center. muhammadbux 3 26575 Dashboard widgets should be able to specify a min-width at which they span two columns Administration 3.8 normal normal defect (bug) new 2013-12-12T19:34:01Z 2019-06-04T19:24:39Z Some dashboard widgets [http://imtheirwebguy.com/dont-hit-update-just-yet-wp-3-8-overhauls-ui-breaks-dashboard-widgets/ don't do well in skinny columns]. Maybe we should let them specify a min-width. If breached, they could span two columns. Certainly would be useful for stats/traffic widgets. markjaquith 5 45130 Defer jQuery WordPress Admin & Customizer doesn't work properly Administration normal normal Awaiting Review defect (bug) new 2018-10-19T13:35:56Z 2019-07-01T19:21:09Z "If I defer jQuery or put jQuery in the footer. I get Uncaught ReferenceError: jQuery is not defined errors in the WordPress Customizer and the Customizer doesn't work, like for example changing theme logo, adding widgets or other things directly possible in the page. When I remove defer, everything works as expected. Maybe this is because document ready is not used? I have been checking this issue myself. The following files are effected: - wp-includes/js/mediaelement/mediaelement-migrate.min.js - wp-includes/js/wp-a11y.min.js - wp-includes/js/customize-base.min.js - wp-includes/js/customize-preview.min.js - wp-includes/js/mediaelement/wp-mediaelement.min.js - wp-includes/js/wp-util.min.js - wp-includes/js/mediaelement/wp-playlist.min.js - wp-includes/js/customize-selective-refresh.min.js - wp-includes/js/customize-preview-widgets.min.js - wp-includes/js/customize-preview-nav-menus.min.js" remzicavdar 10 43098 Defining WP_UNINSTALL_PLUGIN also when the uninstall handler is registered via register_uninstall_hook() Administration normal normal Awaiting Review defect (bug) new 2018-01-16T14:18:36Z 2019-01-17T01:26:20Z "At the moment, there's no way to ""know"" that the context execution is uninstallation until the uninstall hook is executed: {{{ do_action( ""uninstall_{$file}"" ); }}} I'd like to move the definition of `WP_UNINSTALL_PLUGIN` to be set for both uninstall handlers (the `uninstall.php` and the `register_uninstall_hook()` hook). The fix is super simple, just moving `define('WP_UNINSTALL_PLUGIN', $file);` in `/wp-admin/includes/plugin.php` outside the `if` statement. It's needed when a plugin need to execute some code prior to the `register_uninstall_hook()` execution that is later used within the callback. I couldn't think of any intentional reason why it shouldn't be defined for both uninstallation methods." svovaf 3 38899 Deletion of auto-drafts and trashed posts never gets scheduled unless user accesses admin pages westonruter* dev-feedback Administration normal normal Future Release defect (bug) accepted 2016-11-22T03:55:27Z 2021-06-07T09:58:35Z "As [https://core.trac.wordpress.org/ticket/38615#comment:37 noted] in #38615: It turns out that the cron event that does `wp_delete_auto_drafts()` is only scheduled when a user lands on `post-new.php`: {{{#!php has_prop( $option ) ) $result = $user->get( $option ); elseif ( $user->has_prop( $prefix . $option ) ) $result = $user->get( $prefix . $option ); else $result = false; ---- //todo bag user options delete this // if ( $user->has_prop( $prefix . $option ) ) // Blog specific // $result = $user->get( $prefix . $option ); // elseif ( $user->has_prop( $option ) ) // User specific and cross-blog // $result = $user->get( $option ); // else // $result = false; }}} " Juriy 4 27162 Don't store admin messages in transients Administration 3.0 low normal defect (bug) new 2014-02-20T02:52:23Z 2019-06-04T19:42:03Z "The settings errors API (`add_settings_error`/`get_settings_errors`) in core uses transients to store messages across requests. Unfortunately, this is a misuse of transients, as [http://journal.ryanmccue.info/296/youre-using-transients-wrong/ transients are not guaranteed to exist] for any length of time. I've noticed this issue appear in two separate scenarios: * When flushing the cache (after a deploy, e.g.): If you happen to flush the object cache between a `add_settings_error` call and the next page load, the message will disappear forever * When disabling caching for testing purposes, the error will never be set/read (depending on how you disable it) ---- There's a few options I can see to fix this: * Store them in options/usermeta: This keeps all the logic on the backend, but causes potentially costly writes to the database * Store them in cookies (session data): This avoids the database write, but means we have to send extra data via the HTTP server, which might be filtering cookies (inbound and outbound). It also means we need to set a hash using a secret key to avoid allowing users to edit their cookies." rmccue 4 43611 Duplicate _ajax_nonce input cause conflict between find_post_div and post_custom_div Administration 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-22T18:39:18Z 2018-03-22T18:39:18Z "I ran into the error today. Here is the situation On Post edit page, I’ve added the FindPost functionality. I’ve included find_posts_div using the admin_footer hook, as normal. It is added to 2 custom post types without custom-fields support and to the regular Post post type. It worked flawlessly on both custom post types, but the ajax call to get the post list from inside the Post edit page, sent back a 403. I’ve isolated the problem to the _ajax_nonce value, which was different from the 2 others post types. After checking the source of the admin page, I saw that there was 2 _ajax_nonce fields, and that the value sent to Find-Posts query was the _ajax_nonce from the Custom-Post-field. More over, I’ve checked and both _ajax_nonce inputs share the same ID (_ajax_nonce). Poor media.js can’t find the right one on line 107. So, they must be differentiated. Easiest fix would be to change the ID of the _ajax_nonce input in FindPostDiv. Further more, the Post Custom div interface creates duplicate #_ajax_nonce for each custom fields (at least with the same value). Feel free to create another ticket for this." charlesstpierre 42254 Duplicate news entries in Events & News dashboard widget Iceable has-patch Administration 4.8 low minor Future Release defect (bug) assigned 2017-10-17T18:15:20Z 2023-10-11T14:26:43Z "The first item in the News widget is always the latest post from the `wordpress.org/news` blog. The next 3 posts are selected from the `planet.wordpress.org` feed, which itself includes the `wordpress.org/news` blog. This can lead to duplicate entries: [[Image(https://cldup.com/R67ghZqMRh.png)]] One potential solution is to search the list of Planet feed items, to check ifany of them match the current News item. If one does, it would be removed, so that the next oldest item takes its place. Reported by @sergeybiryukov on Slack https://wordpress.slack.com/archives/C02RQBWTW/p1507073219000123 " iandunn 21 47111 Dynamically added notifications need ARIA role alert or status joedolson* Administration normal normal 6.6 defect (bug) accepted 2019-05-03T17:19:49Z 2024-02-20T15:20:06Z "Follow up to #46995. In the various admin screens, all the notifications / warnings and the like that are rendered ""on the fly"" and injected in the DOM need either an ARIA role `alert` or `status` to be properly perceived by assistive technologies and users using these technologies. This doesn't apply to the standard ""admin notices"" that are normally rendered on page load. It only applies to JavaScript-rendered notices that appear at some point in a page. There are a few of them across the admin that would greatly benefit from a standardized component. References: https://www.w3.org/TR/wai-aria-1.1/#alert https://www.w3.org/TR/wai-aria-1.1/#status Quoting from the Aria Authoring Practices (emphasis mine): > Dynamically rendered alerts are automatically announced by most screen readers, and in some operating systems, they may trigger an alert sound. **It is important to note that, at this time, screen readers do not inform users of alerts that are present on the page before page load completes.** W3C role=alert example: https://www.w3.org/TR/wai-aria-practices/examples/alert/alert.html" afercia 7 58639 Entity Name vs. Entity Number, for 6.4 has-patch Administration normal normal Awaiting Review defect (bug) new 2023-06-27T06:18:42Z 2023-06-27T06:18:42Z "This is a follow up ticket to #30796, which had some changes included in WordPress 6.3. See that ticket for discussion and history. The list of @sabernhardt findings of strings using `’`: [https://docs.google.com/spreadsheets/d/1HrJsZSuTfWeAiZFu1STBrhrMT6U49qeeb26-cjUIiFo/edit?usp=sharingText strings with the apostrophe character code] A PR at GitHub with some changes implemented from that list: [https://github.com/WordPress/wordpress-develop/pull/4672 PR #4672]" kebbet 56384 Error in CSS for form input Administration 6.0 normal minor Awaiting Review defect (bug) new 2022-08-15T21:50:28Z 2022-08-15T22:12:27Z "In ''user-new.php'' and ''user-edit.php'', I created an interface to add some custom meta fields using checkboxes. The problem is that the CSS bit {{{ #adduser .form-field input, #createuser .form-field input { width: 25em; } }}} breaks my interface as I'm using the HTML {{{ }}} So ''.form-field input'' without excluding checkbox types, or specifically applying it to text/url types, stretches the checkboxes... Below I'm attaching two screenshots, the first with the CSS bit in effect, and the second with it disabled in the developer tools of the browser... [[Image(https://i.ibb.co/Lkf2r4P/Screenshot-2022-08-16-003733.jpg)]] [[Image(https://i.ibb.co/yPKBSCS/Screenshot-2022-08-16-003822.jpg)]]" princeofabyss 2 52611 Error searching post reporter-feedback Administration 5.6.1 normal normal Awaiting Review defect (bug) new 2021-02-22T20:12:44Z 2021-12-11T23:18:20Z "When I use the post search engine the second time I get the error: ""invalid content type"". The first time I enter a search term, everything is fine. The problem is when I try to do a second search. I hope they can correct it. Note: I use WordPress in Spanish and updated to the latest version: 5.6.2. But the problem is present from previous versions: 5.6.1, ... [[Image(https://i.ibb.co/26c5z9h/error-wordpress.png)]]" diego777 1 32097 Extra margin in `post_submit_meta_box()` on non-public post types Administration 4.2 normal normal defect (bug) new 2015-04-24T06:04:39Z 2019-06-04T19:28:37Z "If you're editing a published or scheduled post in a post type registered with `public => false`, there's now some extra space above ""Status.""" dlh 6 38637 Fix autocomplete search suggestions support for Safari + VoiceOver Administration normal normal Future Release defect (bug) new 2016-11-02T22:31:28Z 2021-02-25T20:28:18Z "Splitting this out from #33902. The first implementation of a combobox with autocomplete search suggestions was the link inline toolbar in the Editor, implemented in #33301. In a first moment, that didn't work for Safari + VoiceOver, and a specific fix was introduced in WordPress 4.5.1, see #36458. Worth noting the fix was extensively tested and confirmed to solve the issue. That was on El Capitan + Safari 9 + VoiceOver. Now, some months later, both the link inline toolbar suggestions and the new implementation for the Tags autocomplete (see #33902) are not announced correctly when using Safari + VoiceOver, that is macOS Sierra + Safari 10 + VoiceOver. Not sure why, sometimes the wrong option gets announced. See screenshot below: [[Image(https://cldup.com/rkDTqypw5Q.png)]] Whether or not it's a Sierra/Safari 10 regression (very likely) a possible fix should be investigated. Note: the only example I've found working it's the Twitter search suggestion, which is a very similar implementation, so investigation should probably start from there. Any feedback welcome :) " afercia 4 32017 Fix class name typo from 'hndle' to 'handle' has-patch Administration normal normal Awaiting Review defect (bug) new 2015-04-19T15:43:53Z 2020-01-16T21:20:54Z The typo was introduced in [8682] changeset. michalzuber 6 48881 Fix inline SVG error with wp_admin_css_color reporter-feedback Administration normal normal Awaiting Review defect (bug) new 2019-12-05T04:31:07Z 2023-05-30T18:35:46Z "To get to the point, `url-friendly-colour` in `wp-admin/css/colors/_admin.scss` currently has: `@return '%23' + str-slice( '#{ $color }', 2, -1 );` but both Firefox and Safari (possibly others) are having an issue with CSS generated based on this (at least inline SVG assets). Safari (and possibly others) doesn't like the fact that `'` is used to wrap the str-slice color value since inline SVG assets are using `'` to wrap the parameters/attributes so it then breaks the SVG's syntax by having that value use `'` within itself being wrapped in a `'`. Then, Firefox (and possibly others) doesn't like the fact that `#` is used within an inline SVG since it's expecting `%23` as with the rest of the SVG being encoded. I've found that switching this out for: `@return '%23' + str-slice( %23{ $color }, 2, -1 );` resolves these issues experienced by both of these web browsers (and possibly others.) I haven't tested thoroughly for any potential side-effects, but I don't foresee all that much given how little it seems like `url-friendly-colour` is used (with this then just resolving browser issues for its current usage.) Btw, I came across this with the Admin Color Schemer plugin (with it patched for PHP 7.x per the approved code on its GitHub; not sure why it hasn't been pushed out to WP.org yet... the dev should maybe do that. Either way, this plugin is using WP's own `_admin.scss` and it's not creating compliant results, currently, and this should resolve that issue.)" KZeni 7 43476 Fix parentheses in post status links for RTL dev-feedback Administration normal normal Awaiting Review defect (bug) new 2018-03-06T11:07:18Z 2018-03-06T13:28:33Z "When switching to a RTL language, the parentheses in the post status links can become mixed up, when the status is not translated. '''How to replicate the issue?''' Switch to e.g. the ''Azərbaycan dili'' language that is missing the ''Draft'' post status translation. '''Where to see the issue?:''' Visit the {{{wp-admin/edit.php}}} and check out the parentheses in the ''Draft'' post status link. " birgire 3 56421 "Fix scrolling in Block Editor ""Editor Content"" inside ""Group Block""" has-patch Administration normal normal Awaiting Review defect (bug) new 2022-08-23T13:04:55Z 2022-09-06T16:31:35Z "When I am navigating with my up/down keyboard buttons inside a Group Block in the Block Editor ""Editor Content"" does not scroll until I scroll below the Group Block." ritterml 3 27543 Flyout submenu items can be hidden on Windows touch devices Administration 3.8 normal normal defect (bug) new 2014-03-27T06:08:29Z 2019-06-04T19:25:19Z "Spin out of #26482, specifically comment 5 and the related screenshot. The fly out submenus are broken on Surface. The patch in #26482 fixes that issue for iOS, but we should circle back and fix it for Surface." samuelsidler 1 59410 Getting waring related Warning: array_flip() expects parameter 1 to be array close Administration 6.3.1 normal normal Awaiting Review defect (bug) new 2023-09-20T09:51:01Z 2023-10-03T11:23:07Z "Hey Core Team, when I am using the switch user plugin and after switching user gets a warning on the top bar more information you can see the mentioned screenshot. For more information see mentioned screenshot. " sumitsingh 3 43630 HAVING without GROUP BY in /wp-admin/includes/template.php has-patch Administration 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-25T16:09:42Z 2020-04-15T22:39:03Z "I found in file /wp-admin/includes/template.php, that used HAVING without GROUP BY. It's syntax correct for MySQL {{{#!php postmeta 616 WHERE meta_key NOT BETWEEN '_' AND '_z' 617 HAVING meta_key NOT LIKE %s 618 ORDER BY meta_key 619 LIMIT %d""; }}} Official MySQL doc say: ''""HAVING is merged with WHERE if you do not use GROUP BY or aggregate functions (COUNT(), MIN(), and so on). '' But this incorrect for other databases. Such as SQLite say it's wrong, when using WP with it. Maybe in this case, need replace 'HAVING' on 'AND'? After replace like: {{{#!php postmeta WHERE meta_key NOT BETWEEN '_' AND '_z' AND meta_key NOT LIKE %s ORDER BY meta_key LIMIT %d }}} It's work!" vsvlad 1 55368 Handle ajax failure when doing actions on themes/plugins Administration 5.9.2 normal normal Awaiting Review defect (bug) reopened 2022-03-11T05:36:32Z 2022-05-30T17:21:05Z "When maintenance mode is active or the server is unresponsive for any reason, there are some ui issues in ajax-related messages like: - When trying to delete a plugin: ""Deleting..."" forever. No error shown. - When trying to enable auto-updates on a plugin: ""Enabling..."" forever. ""The request could not be completed"" error is shown. Same for disabling. - When trying to delete a theme: ""Deletion failed: undefined"" error shown. - When trying to enable a theme: ""Enabling..."" forever. ""The request could not be completed."" error shown. Same for disabling. Check the screenshots attached below. I tried to stay short in title description but I'm not sure it's 100% clear." mirkolofio 4 47292 Heartbeat API cause Apache/PHP to exhaust memory Administration 5.2 normal critical Awaiting Review defect (bug) new 2019-05-16T11:11:46Z 2019-05-16T12:17:26Z "WordPress 5.2 Apache/2.4 MPM Prefork (Debian9) PHP 7.0 Also tried upgrading to PHP 7.2 What you expected to happen: Apache memory footprint should remain stable. Steps to reproduce: Install click-to-deploy-images-wordpress-ha from Google Marketplace. Upgrade to WordPress 5.2 Import and edit some posts in WordPress Admin Observe Client side: Examine headers in Chrome Console specifically /wp-admin/admin-ajax.php Observe Server side on Admin VM : Monitor apache memory with: free -m or htop Tried: Upgrading to PHP 7.2. Tweaks in wp-config.php define( 'AUTOSAVE_INTERVAL', 600 ); define( 'WP_POST_REVISIONS', false ); define( 'MEDIA_TRASH', true ); define( 'DISABLE_WP_CRON', true ); define( 'WP_MEMORY_LIMIT', '256M' );" mailandguardian 1 57156 Icons missing in iOS Lockdown Mode reporter-feedback Administration normal normal Awaiting Review defect (bug) new 2022-11-19T19:52:21Z 2022-11-21T20:39:34Z "Have you made any progress on a back-end workaround or better explanation for why all of the icons on mobile devices (WordPress, and numerous other third party applications) all have broken ""squares"" on all of these products. The superficial cause is iOS16 in lockdown mode. But it's breaking all of our products including yours. It will get worse when MacOS Ventura gets released into GA and has the same behavior. I suspect it is a result of loading external JS in the https zone, such as previous problems with XSS and mixed content that have broken other web technologies in the past. There is a workaround called ""How to exclude apps or websites from Lockdown Mode"" at the URL below. Best, https://support.apple.com/en-in/HT212650" noexitorescape 4 49259 Improper Cache control Administration 5.1.1 normal normal Awaiting Review defect (bug) new 2020-01-21T10:03:31Z 2020-02-24T10:46:02Z "Browse some internal authenticated pages and when we set the browser to “Work Offline” mode still user can accessible from browser History directly" vishal05 2 45910 Improve and extend focus styles for Windows High Contrast mode joedolson* Administration normal normal 6.6 defect (bug) accepted 2019-01-10T16:54:41Z 2024-02-20T15:18:52Z "See [44544] and #41286. [44544] introduced new focus styles for the Windows High Contrast mode only for the main user interface elements like buttons, links, media views elements. In order to cover all the controls in the admin, there's the need to explore the admin parts that make use of uncommon styles or don't inherit the relevant CSS, for example the Customizer, the themes browser, etc. Some thorough testing on Windows would be greatly appreciated. " afercia 9 56607 Improve doc for WP_Screen class has-patch Administration 3.3 normal normal Awaiting Review defect (bug) new 2022-09-20T07:24:18Z 2022-09-20T07:28:12Z "WooCommerce 6.9 introduced a conflict with several plugins by accessing to the property `WP_Screen::id` and expecting it to be a string, while conflicting plugins just set the current screen with a simple call to `set_current_screen()` without parameter. In this case, `get_current_screen()` returns a `WP_Screen` object with the property `id` set to null. This pushed me to review the doc of the class and notice that several properties are not correctly documented for this case." Chouby 1 32233 Improve escaping in /wp-admin/includes/template.php has-patch Administration 4.3 normal normal defect (bug) new 2015-05-02T07:28:44Z 2019-06-04T19:28:46Z "It was brought to my attention that various output in /wp-admin/includes/template.php is missing proper escaping. This includes titles for settings sections and fields, inline Thickbox JS, and various translatable strings (the translations for which might accidentally or intentionally include problematic content). This patch adds various escaping functions where needed. " McGuive7 4 58488 Improve performance of wp-admin -> Comments has-patch Administration normal normal Awaiting Review defect (bug) new 2023-06-08T11:12:24Z 2023-06-08T11:22:25Z "Our wp-admin -> Comments screens just got slower over time and the reason is the ""All comment types"" drop down filter. Here's how much that single select box adds on some of our websites depending on the number of comments: * 6 seconds for website with 2,668,659 comments * 1 second for website with 795,581 comments So it's really too much delay anytime you open wp-admin -> Comments just to get that single filtering option. The problematic code is in the WP_Comments_List_Table::comment_type_dropdown() function which calls: {{{#!php get_comments( array( 'number' => 1, 'type' => $type, ) ); }}} That code runs query like: {{{#!sql SELECT wp_comments.comment_ID FROM wp_comments WHERE ( ( comment_approved = '0' OR comment_approved = '1' ) ) AND comment_type IN ('pingback', 'trackback') ORDER BY wp_comments.comment_date_gmt DESC LIMIT 0,1 }}} As illustrated that query can take seconds to finish - as much as 6 seconds in our case and we have to wait that long anytime we open wp-admin -> Comments. There are two causes of the poor performance: === **1) Missing comment_type index** Running SQL EXPLAIN command on the query reveals that it only uses the comment_date_gmt index. Adding the comment_type index helps: ALTER TABLE `wp_comments` ADD INDEX `comment_type` (`comment_type`) Here's how much time adding that index took: * 5 seconds for 2,668,659 comments (dedicated SQL server with low load) * 23 second for 795,581 comments (shared server with higher load) I see the wp-admin/includes/upgrade.php does a fair amount of ALTER TABLE with ADD INDEX. We prepared that upgrade code in wp-admin/includes/upgrade.php. And of course added that index for new install in wp-admin/includes/schema.php. === **2) Using ORDER BY when not required** On one of our databases (using MariaDB) just adding the comment_type index fixed the issue, but on some other we **also** had to get rid of the ORDER BY in the query as it's not important when you are checking if there are any Pings. get_comments() just does that automatically. This can be easily fixed by adding 'oderby' => 'none' to the call in WP_Comments_List_Table::comment_type_dropdown() in wp-admin/includes/class-wp-comments-list-table.php: {{{#!php get_comments( array( 'number' => 1, 'orderby' => 'none', 'type' => $type, ) ) }}} This fix can be seen in the Github pull request. --- With both fixes the performance is now much better: * 0.4 seconds for website with 2,668,659 comments * 0.12 seconds for website with 795,581 comments " FolioVision 2 42002 Improve the accordions accessibility joedolson* has-patch Administration normal normal 6.6 defect (bug) accepted 2017-09-27T07:46:56Z 2024-03-01T05:43:44Z "Splitting this out from #37013, props to monikarao, xavortm, mihai2u, Kopepasah for the work done there. In #37013 was noted that the toggle ""arrows"" of the accordions in the Menus screen don't have the circular shape to indicate keyboard focus. This is inconsistent with other similar controls that do use the circular focus and could be improved. [[Image(https://cldup.com/WXR2bcgPQp.png)]] However, the accordions in the Menus screen are generated with `do_accordion_sections()`: plugins or themes might use this function for their own purposes and any change here should be carefully considered and well communicated. In core, as far as I see, the Menus screen is the only place where `do_accordion_sections()` is used. In other places, for example the Customizer, the accordions markup is output by a custom implementation. The JS part instead, if I'm not wrong, is still shared and uses `accordion.js`. This would be also a good opportunity to improve the accordions accessibility in core and standardize all the different implementations. I'd recommend to follow the example on the ARIA Authoring Practices, see https://www.w3.org/TR/wai-aria-practices/#accordion and see the example on https://www.w3.org/TR/wai-aria-practices/examples/accordion/accordion.html where the accordion ""titles"" use a button inside a heading (note: the example uses `
` because it's an ARIA example :) that's equivalent to a heading)." afercia 19 50486 Improve the admin notices accessibility joedolson* dev-feedback Administration normal normal 6.6 defect (bug) accepted 2020-06-27T12:53:09Z 2024-02-20T15:22:45Z "Follow-up to #47656. See also #50442/ The admin notices accessibility has room for improvements. Currently, all the admin notices are just text printed out on the admin pages. They have no special semantics. There are no mechanisms to inform users some important information is printed on the page other than visuals. There are no methods to navigate directly to admin notices nor established standards on their placement. This way, users with accessibility needs will likely miss important information, as they may have no clue whether and where these messages are printed out. Depending whether the admin notices are PHP-generated notices that appear after a page load or JavaScript-generated ones that are ""injected"" into the DOM, there are ways to improve their accessibility. At the very least, the following improvements should be considered, some of them were mentioned in #47656. == All notices - establish standards for the admin notices placement in the page: there should be one, well defined, area where notices are printed out (recommended: after the main H1) - establish standards for the admin notices content: see the discussion related to the ""text prefix"" on #47656 and #50442 - the above item should apply to the whole WordPress UI, including the block editor - ""inline"" notices (the ones printed out in the middle of the page): make a decision whether to keep them or allow only notices at the top of the page - if ""inline"" notices are kept, explore ways to make them more accessible - worth considering admin notice should be visually prominent and appear within the initial viewport anyways - consider the introduction of a dedicated PHP class with methods to get / print admin notices and additional features, also keeping into consideration [https://make.wordpress.org/core/2019/08/05/feature-project-proposal-wp-notify/ the WP Notify project] and the recent [https://make.wordpress.org/core/2020/06/15/call-for-feedback-wp-notify-v1-requirements-document/ call for feedback on the WP Notify v1 requirements document] == PHP notices - prepend to the document title a short text to inform users there are notices and their number: the document title is the first thing screen readers announce after a page load - the notices should be printed out after the main H1 heading as that's the part of the content with higher chances to be navigated to - define the page area where notices are printed out with an ARIA role that's also a landmark role, e.g. `complementary` (an `
` '''[=#point1 (2)] Error -''' the attribute name of [ ""DATA-HREF"" ] must be in lowercase. '''[=#point1 (3)] Why need this''' some ad providers (such as flipkart) supply code where attributes are uppercase." sudhir600 5 59518 I getting ::marker and unable to remove bacause html not support Widgets 6.3.1 normal normal Awaiting Review defect (bug) new 2023-10-02T18:01:49Z 2023-10-02T18:01:49Z "we know
  • should be inside
      or
        but here is without
          or

          Post Statuses

          }}} At a bare minimum, the filter should allow for classes, and the ability to create multiple lists would be even better. There is a `rightnow_end` action, but it comes after the version and privacy information which feels like a ""footer"" to me. The easiest solution for allowing separate lists and wouldn't require reverting #26495 would be to simply add an action following the closing tag of the At a Glance list. Then the `dashboard_glance_items` could just be extended a bit to add unique classes for styling." mrwweb 18 47890 Indentation within Post Publish (Classic Editor) and Comment Save Metaboxes: Administration normal normal Awaiting Review enhancement new 2019-08-17T12:53:54Z 2021-12-14T18:43:02Z "This is a spinoff from ticket #43587, as suggested by @melchoyce https://core.trac.wordpress.org/ticket/43587#comment:23 to add an indentation for subitems of the Post Publish Metabox for the Classic Editor and the Comment Save Metabox. " birgire 1 41114 "Installation: ""Search Engine Visibility"" not keeping checked on error" has-patch Administration 4.8 normal normal Awaiting Review enhancement new 2017-06-21T10:25:48Z 2019-08-16T06:44:10Z "Given your installing WordPress and you reach the screen about site title, admin login and ""Search Engine Visibility"". When you enable the checkbox for/near ""Search Engine Visibility"" And fill nothing out for mail address And press continue Then an error message appears And most fields are still filled out as before --- Problem: The ""Search Engine Visibility"" is no longer checked. IMHO this should also stay as intended to." screamingdev 1 38923 Introduce `WP_Action_Handler` to clean up admin action mess dev-feedback Administration normal normal Awaiting Review enhancement new 2016-11-24T01:08:35Z 2020-02-15T10:27:30Z "We all know that several parts of the admin code are messy in a way. After we had to take several looks at these files during today's multisite chat, I thought we need to do something about it. My proposal for now is to introduce a new base class `WP_Action_Handler`. This abstract class would lay a foundation to handle any kind of actions on any admin screen. Currently there's a (sometimes huge) switch clause at the beginning of almost every page. By removing these clauses entirely and handling the logic in a dedicated class for this instead, we get the following benefits: * easier readable code * less huge files * possibility to add unit tests for each of the switch cases * possibility to add unit tests the entire handling of an action * easy addition of any custom actions in plugins, beyond just bulk actions (which have become easier to implement thanks to 4.7) I have been experimenting with such a class over the past few hours and will upload a first patch below. Some notes: * The class usage is almost similar to all the list table classes: There's a base class, and then there's (or rather there will be) one class (which extends the base class) for each screen that could benefit from that. * Many of the actions have similarities: They mostly use `check_admin_referer()` at the beginning, followed by some capability and other permission checks to verify the user is allowed to perform the action. Therefore the base class should be able to handle nonces on its own. The capability checks should be separated from the actual action logic for better organization and easier testing. * Many of the actions redirect back to the admin page, with a GET parameter denoting a notification message to show to the user. `WP_Action_Handler` should also be capable of managing such messages to make that easier as well. This will furthermore allow to remove a bunch of code from the admin screen files where they ""bootstrap"" their supported messages. More notes will follow on the initial patch." flixos90 3 33566 Keyboard shortcuts for all functionality of Dashboard + Admin Menu while in read mode Administration 4.3 normal normal Future Release enhancement reopened 2015-08-26T21:52:34Z 2022-12-07T13:50:13Z "I'm constantly hitting cmd+s (or meta+s) in the appearance file editor. I'm also constantly looking for a short cut to preview or publish a post. Aside from the accessibility assistance, I think an addition like this would make WordPress very ""Power User"" friendly. I know the meta+s command works in the post/page editor but the interaction is so subtle, I'd to do it a few times before I saw the ""Draft saved..."" comment at the bottom. I had a notion that something like meta-key + down arrow might overlay a set of keyboard instructions. Things like ""cmd/ctrl + s = Save Draft, cmd/ctrl + shift + L = Preview Post, cmd/ctrl + p = Publish Post/Page"" etc. Obviously, this needs work. Is this something in the pipeline? If not is this something I can propose?" tady 11 32626 List tables CSS: inconsistent alignments Administration 4.2 normal normal Future Release enhancement new 2015-06-12T15:51:24Z 2020-08-26T00:01:19Z "While working on #31654 noticed inconsistencies in the alignments of the checkboxes and also some other small details in the List Tables that would need a bit of love, see the screenshot below for some examples. This would also greatly simplify the List Tables CSS where many (crazy) selectors are just to override exceptions that override other exceptions etc. See also related #29990. [[Image(https://cldup.com/T48AqNGdT0.png)]] A possible plan would be: - stick to a default padding for the cells with checkboxes (10px ?) - the checkbox in the table headers would probably need no padding and `vertical-align: middle` to handle #29990 - handle the special case for comments, plugins and network themes in a consistent way - there's a 1 pixel difference in the vertical alignment of links and normal text in the table headers - images should be consistently aligned" afercia 5 35133 Make the admin menu more flexible in width Administration 4.4 normal normal enhancement new 2015-12-17T14:06:31Z 2019-06-04T19:33:21Z "Two years ago the admin menu was increased by width by 10 pixels, #25918. More and more strings gets translated, which causes the menu to be too small: [[Image(https://dl.dropboxusercontent.com/u/23348/WP/Schermafbeelding%202015-12-17%20om%2014.33.42.png)]] I would suggest to make the menu variable in width, so it can take the space needed for translated menu items." ChantalC 3 56781 "Missing ""Deactivated"" filter at top of ""All Sites"" on multisite installation." Administration normal normal Awaiting Review enhancement new 2022-10-10T14:10:55Z 2022-10-14T23:42:46Z "The administration screen /wp-admin/network/sites.php has several filter links at the top of the page. They are ( All (#) | Public (#) | Archived (#) | Deleted (#) ) The filter ""Deleted"" inaccurately includes sites that are ""Deactivated."" A filter to handle those sites that are ""Deactivated"" should be added. WordPress version: 6.0.2 - Multisite " richardkrone 1 51343 Move Current Submenu to top of Admin Menu Administration normal minor Awaiting Review enhancement new 2020-09-18T12:48:11Z 2022-09-09T07:29:48Z "I propose moving the **current open submenu** to the **top of the adminmenu** so users can more easily navigate to submenu items without having to scroll. This would be especially helpful when using smaller viewports and/or sites with large/numerous submenus. The following CSS accomplishes this: {{{ #adminmenu { display: flex; flex-flow: column; } .wp-has-current-menu { order: 1; } .wp-not-current-submenu { order: 2; } #collapse-menu { order: 3; } }}} " markpraschan 6 45313 Multisite site deletion email contains misleading language about user account dev-feedback Administration normal normal Awaiting Review enhancement new 2018-11-08T15:35:10Z 2018-11-08T15:35:10Z "In Multisite, you can initiate the deletion of a site via wp-admin/ms-delete-site.php. This triggers an email https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-admin/ms-delete-site.php?marks=58#L43 that contains the line: > (But remember your current site and username are gone forever.) But the delete link does not, in fact, delete users or usernames. See https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-admin/ms-delete-site.php?marks=20#L18 This language dates from the MU merge in 3.0. See [12603]. I imagine it was linked to the original conception of WPMU that each user account would correspond to a specific site on the network, a legacy concept that plagues us elsewhere. See #17904, especially https://core.trac.wordpress.org/ticket/17904#comment:14 and subsequent comments. This entire block of text could probably reuse a rethink, since the intended use of Multisite has changed considerably since 2010. I'd suggest changing the email text to something like (using `wpmu_welcome_notification()` as a template): {{{ $content = __( ""Howdy ###USERNAME###, You recently clicked the 'Delete Site' link on your site and filled in a form on that page. If you really want to delete your site, click the link below. Please note that the URL ###SITE_URL### will be unavailable for further use, even after the site is deleted. You will not be asked to confirm again, so only click this link if you are absolutely certain that you'd like to delete your site: ###URL_DELETE### -- The Team @ ###SITE_NAME###"" ); }}}" boonebgorges 39050 New Core Admin Menu Functions -- `add_menu_link` and `add_submenu_link` has-patch Administration 4.7 normal normal Awaiting Review enhancement new 2016-12-04T16:10:58Z 2019-03-15T01:27:12Z "Currently if a plugin would like to add admin menu links that go to a url, instead of a registered admin page, there are only two options: Option 1: Register a dummy admin page, and add an action that sets up a `wp_redirect` on load. Option 2: Mess with the menu globals directly. Neither of these is a particularly good option, and encouraging messing with globals directly feels bad. To that end, this will let folks add admin menu links -- whether to plugin support forums, to the customizer even (there is no good way to add deep links to the customizer currently), and the like. Is this something we'd like to support?" georgestephanis 2 38453 New UI for the settings page of the dashboard Administration normal normal Awaiting Review enhancement new 2016-10-23T12:00:08Z 2019-10-26T09:12:42Z "The dashboard settings page is very basic looking - build using simple table markup and has almost zero stylings applied. I would like to suggest a change to this, where new visual elements and better organization is added to the page. Meaning - better separation between different components, description, larger click area/input fields, validation of the input fields and so on. In short - bring the settings pages to more modern look. It won't add new features to it, so the users won't be required to make choices but instead it will make the general experience of the page better. I am attaching sample mockup/idea screenshot I had on top of which I can work more based on the feedback and if this is needed in the first place. Any input regarding is welcome. ---- Here is the screenshot: [[Image(http://i.imgur.com/KQHZiHk.png)]] The validation is there to show how it can look, not that I focus on this. Honestly, I believe while it would be awesome it's not of very high priority to have it. Another thing I want to comment about the design - the tabs on top are also only an idea, I can see how they can be a problem instead of a solution, so thoughts regarding this is also welcome. It's there just to show it visually" xavortm 6 48887 New action hooks: admin_body_open, login_body_open & embed_body_open has-patch Administration normal normal Awaiting Review enhancement new 2019-12-05T17:29:43Z 2019-12-17T08:06:35Z "== Background == In changeset [changeset:""45042"" 45042] WordPress 5.2 finally introduced the long waited [https://developer.wordpress.org/reference/functions/wp_body_open/ wp_body_open()] function which fires the [https://developer.wordpress.org/reference/hooks/wp_body_open/ wp_body_open] action hook immediately after the opening `body` tag. This little action helps developers to insert JavaScript right after the opening body tag required by 3rd party services like Google Tag Manager. Dev note: https://make.wordpress.org/core/2019/04/24/miscellaneous-developer-updates-in-5-2/ We did a very good job but the hooks are not consistent on other pages (dashboard, login pages and embed templates). This will allow developers to insert code not only to the theme. === Theme Structure === The new theme structure uses several basic functions which fires action hooks: * `wp_head` action fired by `wp_head()` * `wp_footer` action fired by `wp_footer()` * `wp_body_open` action fired by `wp_body_open()` But the front end is not the only place where developers need to insert JavaScript. === WP Admin === The WordPress dashboard uses the following action hooks: * `admin_head` action * `admin_footer` action Missing `admin_body_open` action. === Login Page === The login page uses the following action hooks: * `login_head` action * `login_footer` action Missing `login_body_open` action. === Embed Templates === The embed templates uses the following action hooks: * `embed_head` action * `embed_footer` action Missing `embed_body_open` action. === Other === The attached patch added the missing `{$page}_body_open` hooks. If you know about other pages that missed, please comment bellow and I'll update the patch. " ramiy 1 54857 "New column ""template"" in pages/""screen options"" (enhancement)" Administration normal trivial Awaiting Review enhancement new 2022-01-19T11:15:03Z 2022-05-18T13:55:48Z " With WP5.9 FSE themes, editable “templates” are introduced . Therefore, in the list of “Pages” should now be a new column that displays the selected template name for each page. I suggest to offer a new checkable column option “Templates” within Pages/“Screen Options” to get a better overview of the assigned templates. " iStag 1 29312 No recommended nonce refresh functionality in Heartbeat. dev-feedback Administration 3.6 normal normal enhancement new 2014-08-22T07:49:19Z 2019-06-04T19:26:31Z "Oddly enough it seems there isn't an obvious way to refresh nonces that may be needed on the page after heartbeat-api login dialog. For example, go to wordpress plugins listing page, notice the activate, deactivate links all have a nonce part in the request. In a second tab, log out of the site, and go back to plugin listing page. After awhile, the page realizes it's not logged in, and pops up a log in screen. Log in, and click an ""activate"" or ""deactivate"" button. Notice it gives the nonce-failure message, ""are you sure you want to do this""? Because the previous session's nonces don't work. Why does Wordpress not know to refresh these nonces? I thought new nonces would be sent back as a heartbeat-ajax, but it looks like there isn't an ajax request with the login screen. It seems $(document).on('heartbeat-nonces-expired') can be used to detect when this situation happens, but it happens many times after login successful, is not just triggered once." programmin 5 52893 Not possible to filter by category (and/or date) and by author in wp-admin/edit.php reporter-feedback Administration normal normal Awaiting Review enhancement new 2021-03-23T20:01:51Z 2021-09-17T23:18:42Z "Hello == The problem Currently, **in the Posts screen (some.url/wp-admin/edit.php)** I can filter posts by category and/or date. However, that screen shows posts written by other authors. Then, **if I click on my own author to filter out the posts by different authors, the filter by category and/or date is lost**. == Expected behavior When the user clicks on the author, the Posts screen should show the **posts list filtered by category, date AND author as well**. == Additional information In the Posts screen, the link address in my author is **some.url/wp-admin/edit.php?post_type=post&author=authorId**. So, the filter by author is lost because **the actual url parameters for month and category are not being kept in that link address**. However, if in my browser's address bar I add at the end of the url the parameter '&author=' and my author's id, **I get the page keeping the filter by category and/or date AND by author as well**. Thus, WordPress knows how to handle this request, but **there is no way to do it from the Posts screen UI**." rafaelatias 1 38019 Notify site admin when domain or IP changes and Search Engine Visibilty is set to off reporter-feedback Administration 3.0 normal normal Awaiting Review enhancement new 2016-09-10T19:13:23Z 2020-02-15T10:08:59Z "It would be very valuable to me (and some other wp folks too) if I could get an '''email notification''' when a site is moved from '''localhost''' or '''staging''' to '''production''' site and '''Search Engine Visibility''' is set to '''Discourage'''. It could be as easy as setting two options, domain and ip and checking them in some hook. If not matching and SEO off - send email. The possibility of a misfire and an occasional nag is well worth the SEO points, or so the SEO guys say." vaniivan 2 24795 OS X Treatment has-patch Administration 3.6 normal trivial Future Release enhancement new 2013-07-18T15:54:01Z 2017-02-05T14:09:10Z "Just a minor annoyance. Certain things are inherently different about using a Mac over any other Operating system. Specific to my case is keymappings. While I suspect most Mac users are smart enough to read ""Ctrl + A"" and translate that to ""CMD + A"", we should be explicit when we can. This patch inrtroduces pluggable function is_osx() that is really basic. Sadly, relies on User Agents and so is inherently flawed, but mainly useful anyway. Using this function, the Permalinks Options screen uses Command A instead of CTRL A when .htaccess is not writable. A little thing but annoying enough to warrant a patch." technosailor 11 45006 On Bulk Actions either suppress until checkboxes selected or provide feedback that the action had no items to act on Administration normal normal Awaiting Review enhancement new 2018-09-27T07:06:42Z 2022-01-22T10:11:06Z "Hello, It seems to be the convention in core to simply have no action response when you attempt to execute the Bulk Actions and have no items selected. In #44081 the 44081.3.2.diff provided a concept for the error; {{{#!php '; do_settings_fields( $page, $section['id'] ); echo ''; }}} Something like {{{ do_action( 'do_settings_sections_opening_wrapper_{$page}, 'default_handler' ); }}} " aranwer104 1 50575 Reconsider some admin scheme colors. Administration normal normal Awaiting Review enhancement new 2020-07-06T19:03:41Z 2020-08-21T14:10:58Z "In #50537 we explicitly excluded the ocean and coffee admin schemes from the colored buttons because the default button color there don't meet the contrast guidelines. Also, the buttons in the midnight admin scheme are red and too close to buttons meaning ""danger"" or ""error"". Instead of trying to fix this by tweaking the styles specifically for these admin schemes, I think we should address the root issue and potentially alter the highlight color for these admin scheme colors issue. Alternatively, we consider consider retiring some of these admin scheme colors." youknowriad 2 48470 Remove the Custom Header and Custom Background admin pages dev-feedback Administration normal normal Awaiting Review enhancement new 2019-10-30T17:30:46Z 2019-10-30T17:30:46Z "I fell into a rabbit hole today looking into why the `custom-header.js` file is [https://core.trac.wordpress.org/browser/branches/5.3/Gruntfile.js#L689 specified to not get minified] in `Gruntfile.js`. I did not find an answer to that question (it has been like that since Core switched to the new build process in [25001] and I couldn't find prior discussion), but I realized that the custom header and background pages in the admin should probably be officially deprecated in favor of the Customizer. This is a follow up of #25569, #25571, #28032, which proposed removing these pages, but instead settled on an intermediary set of changes to encourage users, and theme and plugin developers to use the Customizer for this feature instead. Those changes were: - Change the admin menu links from links to `themes.php?page=custom-header`/`themes.php?page=custom-background` to deep links in the Customizer (`https://site.com/wp-admin/customize.php?autofocus[control]=header_image`) - Added an admin notice informing users that the feature can now be managed with live-preview in the Customizer. - Hid the Background and Header links in the admin bar and with CSS when Customizer support is present. This was in version 4.1 (5 years ago). Proper due diligence needs to be performed first, but I'd like to propose removing support for these pages in the admin in favor of redirecting users to the appropriate areas of the Customizer. The pages have been neglected for some time, and the previews are pretty broken for most themes providing a bad experience whenever a plugin or theme has linked to these pages directly." desrosj 34753 "Remove use of ""Toggle"" in strings" dev-feedback Administration 4.4 normal normal Awaiting Review enhancement new 2015-11-20T15:14:58Z 2021-08-01T11:50:10Z "Hello! It would be nice to have WordPress stop using ""Toggle"" in strings in multiple places and contexts -- most particularly action buttons and helper text. It's really two possible actions/behaviors, most of the time different ones depending on the context/location/result of the previous clic, and it's always a pain to translate properly (current way in French replace ""Toggle"" with the French equivalent of ""Open/Close"". Not elegant). I could change the text, sure. But the buttons themselves, not so much. They'd need to go from displaying ""Toggle"" to displaying ""Open"" or ""Close"" depending on the current status of the target. That'd require some JavaScript wizardry. Hence, this ticket. Thanks!" xibe 14 37593 "Replace ""Super Admin"" with ""Network Administrator""" Mista-Flo dev-feedback Administration normal normal Future Release enhancement assigned 2016-08-07T19:17:59Z 2018-09-24T16:39:10Z "After a note by @ocean90 (https://wordpress.slack.com/archives/core-multisite/p1470482829000310) and a following discussion (see particularly https://wordpress.slack.com/archives/core-multisite/p1470579794000339), it was cleared that the term ""Super Admin"" is used inconsistently in Core at the moment. Given that there is no Multinetwork UI in Core at the moment, all usages of the term ""Super Admin"" should probably be replaced by ""Network Administrator"". The term ""super admin"" should rather denote the user level where a user has control over all networks in an entire setup. While for a basic Multisite with one network ""super admin"" and ""network administrator"" denote a similar user level, the terms are different for a Multinetwork - and the way Core works currently, it should probably only use ""Network Administrator""." flixos90 39 49930 Replace wp-admin color schemes with CSS custom properties Administration normal normal Future Release enhancement new 2020-04-17T09:41:44Z 2022-06-02T14:45:07Z "There has been some discussion in the #core-css channel on Slack around changing the colours used for the colour schemes to use CSS Custom Properties. There are a number of complexities and issues that need to be considered before this could happen. This ticket is to capture those conversations here. CSS custom properties have a lot of benefits including future-proofing for when media queries focussing on accessibility features are more heavily used. For example: `@media (prefers-color-scheme: dark) {}` However, the biggest drawback with using CSS Custom Properties is the lack of support in older browsers: https://caniuse.com/#feat=css-variables shows no support for IE 6 - 11 and therefore a strategy for this would also have to be considered. Some tickets/resources that already exist that could affect this discussion are: - https://core.trac.wordpress.org/ticket/26691 Admin Color Schemes: generic classes for colors - https://github.com/ryelle/admin-color-schemes / https://wordpress.org/plugins/admin-color-schemes/ Admin colour schemes plugin - https://wordpress.org/plugins/dark-mode/ Dark mode feature plugin (This is not an exhaustive list, only what has been mentioned in Slack already) Also see this discussion in Slack: https://wordpress.slack.com/archives/CQ7V4966Q/p1586792806203800 and https://wordpress.slack.com/archives/CQ7V4966Q/p1586793176207300" kburgoine 43 41580 Review the usage of the `::-moz-focus-inner` CSS fix for the buttons extra padding in Firefox viktorfroberg has-patch Administration normal normal Awaiting Review enhancement assigned 2017-08-07T14:55:54Z 2022-07-04T11:31:32Z "For a number of years, Firefox used to set some extra padding on the buttons (or inputs of type button/submit/reset). To address this, WordPress uses a known fix targeting the proprietary Firefox pseudo element `::-moz-focus-inner`. Seems something has changed recently and starting with Firefox 53, FF doesn't apply the extra padding any longer. I ''think'' the relevant Bugzilla ticket Firefox 53 release notes, though. Testing a bit on Windows, in the screenshot below: - on the left, Firefox 48: buttons without and with the CSS fix: there's a clear size difference - on the right: Firefox 54: buttons without and with the CSS fix: no size difference [[Image(https://cldup.com/7AkzV22mi3.png)]] Codepen available here: https://codepen.io/afercia/full/Gvrzwz/ Seems these rules used across the admin stylesheets could be simplified a bit. The only part that needs to stay is `border-width: 0;` or, maybe better, `border: 0;` which is necessary on Windows to remove the dotted line on :focus: [[Image(https://cldup.com/aynypgSW6Y.png)]] This could be also a good opportunity for some clean-up. For example, seems to me in `press-this.css` there are two identical rules. " afercia 3 16413 Settings page needs HTML refactoring and UI improvements joedolson* Administration 3.1 normal normal Future Release enhancement accepted 2011-01-30T20:22:09Z 2023-11-10T16:20:51Z "The settings pages haven't had much attention or improvement in a while. We need to refactor the HTML on the settings pages, as they are still using tables instead of divs. We also want to make some minor UI improvements including: - clearer differentiation between option groupings - using consistent text styles for descriptions and links (including the time zone/date format comment) - restructure for better readability Comment if you have any other" chexee 61 54400 "Show ""Add New"" title buttons on single-site Plugins/Themes pages for capable users in multisite" dev-feedback Administration 3.0 normal normal Awaiting Review enhancement new 2021-11-08T18:31:15Z 2021-11-08T20:05:50Z "On multisite installations, when viewing a single site's admin area – as a Network Admin (or otherwise capable user) – none of the ""Add New"" links for Plugins & Themes are displayed. I would like to re-add these buttons back, but have them link to the correct Network Admin pages. At first scan, not having these buttons on single sites makes sense because it is not possible to add a new plugin or theme at the site level. After having this be the default behaviour since WordPress 3.0, I think it could be improved. Conceptually, the problem isn't that installing plugins or themes is no longer possible in multisite, it is simply that the location and capabilities required to do so are elevated from single-site. If the currently logged in user can access those locations ''and'' has the capability to perform the task, it would be convenient to re-show these buttons but link them to the network URLs. To replicate: * Log into a multisite installation as a Network Admin * Visit `/wp-admin/plugins.php` * Notice there is no ""Add New"" link or button anywhere * The only UI path to add a plugin is: `Admin Bar > My Sites > Network Admin > Plugins > Add New` (Themes has the same above issue & relative navigation...)" johnjamesjacoby 3 41442 Show nearby events in dashboard events widget in a per country basis Administration 4.8 normal normal Awaiting Review enhancement new 2017-07-25T18:51:10Z 2018-04-25T12:52:15Z "Hi! I've noticed that the new events dashboard widget don't show all WordCamps in a country basis. It shows only that ones nearby in kilometres, 400 kms as seen in code (https://meta.trac.wordpress.org/browser/sites/trunk/api.wordpress.org/public_html/events/1.0/index.php?rev=5559&marks=707,708#L703). That way, i.e., for an Spanish WordPress user from Madrid (in the geographical center of the Country) it going to be impossible to know about WordCamps in Chiclana (Cádiz) or others far away from that 400 kms standard, and totally impossible for anybody to know about a WordCamp in Las Palmas (Canary Islands), and impossible for anyone that lives in Canary Islands to know about continent WordCamps. It could be possible to extend/change the range to a country basis (best) or more kilometres?" fernandot 8 27996 Show/Hide Postbox doesn't work if dynamically added has-patch Administration 3.9 normal normal enhancement new 2014-04-23T17:23:23Z 2019-06-04T19:25:33Z "If you have a plugin which adds a metabox to the page at runtime, the ""handlediv"" button which shows/hides the contents of that metabox doesn't work. To fix it, the code (on line 12 of postbox.js and also in postbox.min.js) should change from: {{{ $('.postbox h3, .postbox .handlediv').bind('click.postboxes', function() { }}} To: {{{ $(document).on('click.postboxes', '.postbox h3, .postbox .handlediv', function() { }}} P.S. I have tried to submit a patch in the past but my entire computer had a meltdown and scattered files from here to Mordor to the Shire because I have no idea how to do it properly. This after spending a couple weeks reading up on how to it properly. So, unfortunately, I am not able to submit a patch due to the incredibly difficult-for-me-to-understand SVN system. My Apologies." johnstonphilip 8 38238 Sorting a list table by some kind of count should default to DESC initially helen has-patch Administration normal normal Awaiting Review enhancement reviewing 2016-10-05T21:32:01Z 2020-06-29T11:01:52Z "List tables that can be sorted by some kind of count (posts with that term, comments on that post, etc.) should likely use `DESC` for that sort initially, as more frequent user workflows involve wanting to see things with many X (popularity/usage), as opposed to items with no X (cleanup). For example, you may want to see which categories are most popular (related: #36964) or which posts have generated a lot of comments. Should also consider how sortable custom columns indicate whether to use `ASC` or `DESC` initially." helen 9 52871 "Space added after the ""option"" tag on the options-writing.php file" close Administration normal normal Awaiting Review enhancement new 2021-03-20T13:00:07Z 2023-05-29T15:44:27Z "Space added after the ""option"" tag on the options-writing.php file as a standard workflow." Laxman Prajapati 4 49055 Standardise Plugin Notices With a Fly-Out Right-Hand Menu close Administration normal normal Awaiting Review enhancement new 2019-12-20T16:19:38Z 2019-12-20T19:18:56Z "Following on from my previous ticket, I have another suggestion, borne out of frustration. Background: I'm primarily a developer, but with a background in UI design. I've been building with WP for 8 years, and work with client sites day-to-day when they're loaded with plugins, rather than 'vanilla' installs. I'd like to suggest standardising plugin notices. There's such a varying approach to plugin notices. In addition to the top 'header area', being misused for adverts: * Some plugin authors post notices under the 'upgrade' link in the plugin list (Woo is bad for this) * Some launch a notice in the header area after upgrading their plugin, and loading a page, with a 'What's new' etc. * Random adverts displaying occasionally 'do you like our plugin?' * I've started seeing notices pop-up on the front end. An analytics plugin, notifying you if you're signed in that you're not tracked. Plugin authors all think their notices are useful, but they're not if you update 15 plugins doing the same thing, all in different ways, often at inconvenient times, within the **global template**. The plugins own pages are fair-game though. My suggestion for standardisation would be a right-hand fly-out menu for plugin notices. Perhaps an icon top right could indicate new notices are available - click the icon to fly-out the right-hand menu. Within the right-hand menu, plugins can place a notice of their choice - whether informative, up-selling or whatever. End-users could then dismiss an individual notice, or mute a plugin entirely." crdunst 2 46973 Suggestion for selection boxes in Reading setting > settings > Dashboard dev-feedback Administration 5.2 normal normal Awaiting Review enhancement new 2019-04-18T09:46:30Z 2019-04-19T13:17:28Z "Hello, I got across with a suggestion while going through Reading setting > Setting > Dashboard. It would be more convenient if the two selection box(under Reading setting header) will be placed side by side using the white space right side. It will enhance the user experience and will result in clean design." monarkpatel 1 46659 Suggestion: add action hook before admin menu nav in the sidebar Administration normal normal Awaiting Review enhancement new 2019-03-26T16:02:53Z 2019-03-26T16:02:53Z "To increase customizability in the admin sidebar menu, I added an action hook in the file **wp-admin/menu-header.php**. I needed this to implement a menu with the company logo, user avatar , username, some_meta_data, logout link. I removed the top horizontal menu for some user roles. It looks nice and this was the only way I managed to do it without using javascript. Using CSS I change the company logo to a small version of it when the menu is minimized. **wp-admin/menu-header.php** {{{ ...
            ... }}} First time creating a ticket here, sorry if something is wrong." umagrama 34799 Tell admin-post.php to check for $_REQUEST['action2'] ? Administration 4.4 normal normal enhancement new 2015-11-27T10:05:55Z 2019-06-04T19:33:11Z "In plugin development, we can handle POST requests through the `admin-post.php` file. This file is looking after an input with a name of `action` so we can register a custom hook to handle the POST request. After looking at the WP_List_Table, the bulk ""select"" '''top''' tag has a name attribute of `action`. So for custom development, the form where the list table fit can easily point to `admin-post.php` and we can handle the bulk POST request through a custom hook and it works. But here is the issue, if users use the ""select"" '''bottom''' tag for their bulk action, it won't work because the bottom select tag has a name attribute of `action2`. So if a POST request to `admin-post.php`, we can no longer listen to a custom hook to manipulate the request and its data. So I'm asking if it will be ok to update the `admin-post.php` file to check after a `$_REQUEST['action2']` as well?" jlambe 4 54663 There are many missing comments in some files has-patch Administration normal normal Awaiting Review enhancement new 2021-12-19T16:10:55Z 2021-12-19T16:30:42Z yagniksangani 60770 TimeZone select box compatibility with RTL directions has-patch Administration trunk normal normal Awaiting Review enhancement new 2024-03-13T15:35:10Z 2024-03-13T16:55:59Z "This patch fixes the time zone select box compatibility with RTL directions It sets auto direction which makes the options value compatible with both RTL and LTR directions " farhad0 4 57925 Unclear message when URL for non-existing admin page is called Administration 4.6 normal normal Awaiting Review enhancement new 2023-03-15T01:07:55Z 2023-03-15T17:47:14Z "If you try to visit the admin page of a plugin that is currently inactive, then currently (WordPress 6.2) the error message given is: {{{Sorry, you are not allowed to access this page.}}} Even though in this case there may not even be such a page defined. I got this message when I followed a link to the settings page of a plugin that had automatically disabled itself. A user misunderstood this message in https://wordpress.org/support/topic/after-plugin-disabled-sorry-you-are-not-allowed-to-access-this-page/ One may reach this message if following an outdated bookmark to a plugin's admin page. If possible, this particular case ""There is currently no such admin page defined in this system."" would be a better, and more actionable message." tobifjellner 1 31818 Uniform Search Form Display/Experience joedolson* Administration 4.2 normal normal Future Release enhancement accepted 2015-03-31T11:05:37Z 2023-04-28T15:20:54Z "In our recent testing of the search functionality we've found that there are currently five different search types across the admin. A full description of what the tests entailed, their results, and a link to the Slack discussion can be found here: https://make.wordpress.org/accessibility/2015/03/30/usertest-the-search-functions-in-the-admin/ To summarise, these are the five that we've found: * Search input without submit button, no live search (need to press Enter) * e.g. Media Library list mode * Search input without submit button, live search fires “as you type” * e.g. Media Library grid mode, Themes (add new, wp.org API), Network Themes (add new, wp.org API) * Search input no submit button, live search fires “as you type” (more a “filter current collection” than a search) * e.g. Themes (installed themes), Customizer add widget, Plugins (installed plugins) * Search input with hidden submit button, press Enter or tab and submit the hidden button (after the search, the “typeselector” select appears) * e.g. Plugins (add new), Network Plugins (add new) * “Classic” search: search input with submit button, press Enter or submit button * e.g. Posts, Categories, Tags, Pages, Comments, Users, Network index: search users, Network index: search sites, Network Sites, Network Users, Network Themes (installed), Network Plugins (installed) What we'd like to propose is to bring this down to two and ensure they work well. This could then be used as a launchpad to further unify the search experience and use a single type across the board. The lucky two would be: * the classic one, the same for every search, with visible submit button (already commonly used) * the dynamic one, with some improvements like adding wp.a11y.speak to show the results count, and making sure focus doesn’t change dynamically " Cheffheid 47 57393 Unify checkbox handling and match wording with function on the User Profile screen needs-unit-tests Administration 4.9 normal normal Future Release enhancement new 2022-12-28T16:53:48Z 2023-02-07T06:14:36Z "[The focus of this ticket shifted from discussing a potential functional bug to an improvement of wording and a more consistent behavior of checkboxes. Using texts like ""Disable"" for toggled-on checkboxes can be confusing to users. For a better user experience, the toggled-on state should mean ""enabled"".] Original ticket description: CodeMirror highlighting, line numbers, code-folding, brace-matching and other customizations are disabled when highlighting is disabled. This is a real issue for plugins like code-snippets which rely on these features. Here is the condition in question: {{{ function wp_enqueue_code_editor( $args ) { if ( is_user_logged_in() && 'false' === wp_get_current_user()->syntax_highlighting ) { return false; } }}} I believe that the user-form-variable syntax_highlighting is probably misnamed as it should be something like disable_syntax_highlighting to reflect the choice being made. As it is, when ticked (true), highlighting should be disabled. When un-ticked (false), highlighting should be enabled. {{{ if ( ! is_user_logged_in() || 'true' === wp_get_current_user()->syntax_highlighting ) { return false; } }}}" mjdewitt 10 46354 Update Count - Value Should Change as Updates are Applied dev-feedback Administration 5.1 low trivial Future Release enhancement new 2019-02-26T22:58:59Z 2020-02-14T10:54:33Z "The Update Count, shown in the Admin Bar, and the Admin Menu (against 'Dashboard' > 'Updates', and optionally against 'Plugins') should change to reflect the outstanding number of Updates available as Updates are Applied, whether they are applied individually on the Plugin Screen, or in bulk through the Updates Screen. This is not a high priority issue at all, but an extremely minor cosmetic change. I suspect that Javascript could be used to change the value as an Update completes successfully in any scenario. " Lucanos 1 55541 Update the styling for invalid form fields has-patch Administration normal normal Awaiting Review enhancement new 2022-04-07T10:58:42Z 2022-04-07T11:07:13Z "Splitting this out from #47018. In a few places in the admin, a red border (actually a border and a box-shadow) are added to some form controls when submitting the form with some empty values. The style of this red border still uses some transparency and doesn't match any longer with the new style used, for example, for the focus style which is a 'solid' border with no transparency. For consistency, the red 'error' style should be updated. Here's a few places where the red error style can be checked: - The Categories and Tags pages. - The Edit Comment page, see the date and time small form under 'Submitted on'. - Same for the Classic Editor Edit post page. - The Menus page > create a new menu. See attached screenshots." afercia 1 60625 Update user interface for Site icon selection Administration trunk normal normal 6.6 enhancement new 2024-02-23T15:39:53Z 2024-03-05T15:37:15Z "Currently a user can set a site icon in two places outside the site editor: the general settings screen (added in 6.5) and the Customizer. Both these places have currently a design with some years to it. This ticket is aimed to discuss the design of these two places, and possible come up with a new one, and implement it. Note that a preview also is displayed in the media modal when cropping the site icon. This ticket has it's roots in ticket #54370" kebbet 2 31006 Use classes instead of setting and directly animating background colors in JS Administration normal minor enhancement new 2015-01-14T05:32:10Z 2019-06-04T19:27:37Z "Directly setting hex values in JS doesn't tell us much about what the color is being used for, whereas setting a class name is much more semantic. Also, jQuery UI can animate color changes when using addClass/removeClass/toggleClass/switchClass - no need to use .animate() directly and do things like getting background colors of surrounding elements. This is very tightly related to #25060 and blocks it. I am working on it." helen 4 55521 Use dashicons-class in `wp_dashboard_quota` and `wp_dashboard_right_now` has-patch Administration 3.8 normal normal Awaiting Review enhancement new 2022-04-03T18:06:18Z 2023-12-01T08:06:21Z "Proposal: Replace hardcoded css-rules for each item in the `At a Glance`-widget, use dashicons-classes for each item. This makes adding new items to the widget easier, simply just add a `dashicons-before`-class the your new items. Background: So using `dashboard_glance_items` to add custom items to the post list is easy, but changing icons without adding new css with a file or inline to the admin views is hard, since the hardcoded rules overrides `dashicons-before` on my added items. " kebbet 3 60640 "Use of ""selected"" function for ""Week Starts On"" on General Setting page" has-patch Administration trunk normal minor Future Release enhancement new 2024-02-26T17:20:21Z 2024-02-27T12:38:47Z "For the dropdown of weekdays for the ""Week Starts On"" field is using the following turnery operation for ""selected=selectd"" `$selected = ( get_option( 'start_of_week' ) == $day_index ) ? 'selected=""selected""' : '';` We should use WP's `selected` function instead of turnery operation" bhargavbhandari90 5 33573 Use the site icon introduced in 4.3 for the My Sites page has-patch Administration 4.3 low normal Future Release enhancement new 2015-08-27T17:27:32Z 2019-05-08T22:01:42Z Now that site icons are available in core, we should be able to use them on the network sites/my sites list. morganestes 13 46418 Use wp_die() instead of die() function in wordpress close Administration normal normal Future Release enhancement reviewing 2019-03-05T12:01:39Z 2023-09-15T09:54:03Z "When use the wp_json_encode() function that time you should use wp_die function instead of die() function. Because wp_die() function do Kill WordPress execution and display HTML message with error message." immeet94 16 36426 WP Admin memory limit not increasing to base limit by default has-patch Administration 4.6 normal normal enhancement new 2016-04-06T12:54:54Z 2019-06-04T19:35:53Z "We have 2 constants that can be set in wp-config.php (and by using filters, afaik), for example: {{{#!php define( 'WP_MEMORY_LIMIT', '512M' ); // increases WP base (front-end) limit define( 'WP_MAX_MEMORY_LIMIT', '512M'); // increases WP admin (back-end) limit }}} The former isn't really known, which you can Google to find out. People usually only use the first constant. If the 2nd constant (WP_MAX_MEMORY_LIMIT) is not set, it defaults to 256M. WP_MEMORY_LIMIT can be higher than that though, so we could safely increase WP_MAX_MEMORY_LIMIT to match WP_MEMORY_LIMIT if WP_MEMORY_LIMIT is higher and WP_MAX_MEMORY_LIMIT is not set manually to a lower (than WP_MEMORY_LIMIT) value. What I mean in coding terms: {{{ if(!isset(WP_MAX_MEMORY_LIMIT) && isset(WP_MEMORY_LIMIT)){ if(WP_MEMORY_LIMIT>DEFAULT_WP_MAX_MEMORY_LIMIT){ //NOTE to the line above: this requires parsing the actual value in these constants as the strings can be like: 512M, 1G etc.; the DEFAULT_WP_MAX_MEMORY_LIMIT is a thing I came up with, currently the default admin memory limit is 256M define( 'WP_MAX_MEMORY_LIMIT', WP_MEMORY_LIMIT); } } }}} All these values can be checked with the Bulletproof Security plugin, under BPS Security -> System Info. Side note: imho WP_MAX_MEMORY_LIMIT should be renamed to something like WP_ADMIN_MEMORY_LIMIT, but that's another issue. " eclare 2 51817 WP-Admin - Optimize main wpquery with 'fields' => 'ids' causes notice has-patch Administration 5.5.3 normal normal Awaiting Review enhancement new 2020-11-18T15:21:57Z 2021-04-08T07:01:43Z "Hi all I have a post_type (Woocommerce product) with a lot of data in the post contents. So, in wp-admin, WP requires a lot of memory to list them (sometimes I got an OUT-OF-MEMORY) So, I tried to make a lighter query adding via hooks the query params 'fields' => 'ids' It works! The query is more fast and WP does not require so many memory but I got some annoying notices In method _display_rows in WP_Posts_List_Table you have {{{ foreach ( $posts as $a_post ) { $post_ids[] = $a_post->ID; } }}} The method supposes that $posts will be an array of WP_Post object . In my case it is an array of integer Can you handle this scenario? " eumene 1 57200 WP_List_Table::pagination use singular and plural dev-feedback Administration normal normal Awaiting Review enhancement new 2022-11-24T23:33:23Z 2022-12-03T11:23:40Z "WP_List_Table::pagination() currently hardcodes the number of records display as ""1 item""/""XX items"". It would be nice if it used the singular and plural set in the constructor, defaulting to item/items if none are set." RoscoHead 3 26764 Welcome panel - misleading text chriscct7 has-patch Administration 3.5 normal minor Future Release enhancement reviewing 2014-01-03T17:12:32Z 2021-09-26T08:04:37Z "Welcome panel shows: - ""Write your first blog post"" - I have many posts... It should be ""Add a blog post""? - ""Add an About page"" - I have ""About"" page and also many other pages... It should be ""Add additional pages""?" pavelevap 8 46082 Why returning $menu_array[x] instead of $title dev-feedback Administration normal normal Awaiting Review enhancement new 2019-01-23T16:02:40Z 2021-12-08T12:38:49Z " {{{ File: wp-admin/includes/plugin.php Function: get_admin_page_title() }}} In lines `1613, 1616, 1637, 1645 and 1660` the following pattern of assignments and return the value are used: {{{ $title = $menu_array[x]; return $menu_array[x]; }}} where `$tile` is `global`. What is the difference between the following returning patterns {{{ $title = $menu_array[x]; return $menu_array[x]; }}} AND {{{ $title = $menu_array[x]; return $title; }}} Since we are already updating the the global variable `$title` with that of `$menu_array[x]`, why can't we just return `$title` instead of `$menu_array[x]`? For every single request `global $title` will receive a new value. In `line 1620` the return pattern is usual: {{{ $title = $menu_array[0]; return $title; }}} " subrataemfluence 35774 WordPress admin structure SergeyBiryukov dev-feedback Administration normal normal Future Release enhancement assigned 2016-02-08T13:29:06Z 2019-09-23T01:38:27Z "Currently the admin titles has a wired structure. Few examples: * **Dashboard ‹ Site Name — WordPress** * **Posts ‹ Site Name — WordPress** * **Writing Settings ‹ Site Name — WordPress** Same structure applies for plugin setting pages. * `page-title ‹ site-name — WordPress` The problem with this structure: * Why are we using `‹` character? why not `›`. * We should add RTL support for the separator. * The `Site Name` and the `WordPress`, they look like bad combination. Few suggestions: * We need to replace the `‹` character with `›`. * We can add RTL support. See ticket #35737 and changeset [36487]. * And we need to think about the combination of `WordPress` and `Site Name`." ramiy 22 55543 `add_menu_page` incorrectly requires SVG icon data URIs be base64 encoded Administration normal normal Future Release enhancement new 2022-04-07T23:00:35Z 2022-10-29T22:24:46Z "To determine if a developer is using an SVG in a menu, `add_menu_page` checks for a string beginning with `data:image/svg+xml;base64,`. [https://css-tricks.com/probably-dont-base64-svg/ SVGs aren't required to be base64 encoded] and encoding with base64 can increase the size of the attribute. The check ought to be modified to allow for additional encodings. " peterwilsoncc 19707 admin-ajax.php requests via http regardless of force_ssl_admin() state Administration normal normal Awaiting Review enhancement reopened 2012-01-01T00:53:52Z 2018-03-06T13:31:02Z "Noticing these requests failing: ""NetworkError: 403 Forbidden - http://HOSTNAMEwp-admin/admin-ajax.php"" My server explicitly denies http to wp-admin. SSL only. Looks like admin_url() is giving http rather than https. I suspect this bug actually lies somewhere in get_site_url(), but I don't have time to triage this right now. This is technically a security bug since WP should always obey force_ssl_admin(), but I don't think anything is being leaked or compromised. You don't get access to anything, and nothing being sent over the wire is sensitive since it still obeys the rules of the protocol (cookie is secure). It's just a nuisance." robertaccettura 6 41558 create a (reusable) wp_default_admin_scripts Administration 2.6 normal normal Awaiting Review enhancement new 2017-08-03T23:53:48Z 2022-06-29T02:24:54Z "I had to create an admin-like form in the frontend, for guests submitting content. I needed to provide {{{meta/post-box}}}, {{{autocompletion}}} and needed {{{media-views}}}, {{{wp-color-picker}}}, ... I thought {{{wp_enqueue_script()}}} would do the trick... until I discovered the {{{ if(is_admin()) }}} inside {{{wp_default_scripts()}}}. I had no other choice than copy/pasting ~210 WP LoC in my own PHP files Is there a really good reason for reserving all that cool client-side stuff to admin dashboard only? plugin/themes developers may want to load and use it for good and having all that libs already registered by core is useful. I suggest: 1. moving all the admin-oriented script into {{{wp_default_admin_scripts()}}} which should be reusable (even if non-admin), and run it if (is_admin). 2. moving all the {{{localize()}}} corresponding to these admin scripts into another {{{wp_default_admin_scripts_settings()}}} function somehow wrapped by {{{if(! is_admin())}}} 3. Document how to correctly bootstrap the dashboard in the frontend and a couple of common gotchas of these scripts (like that ajax-dashboard-pingback feature forcefully pulled as JS-dependencies and which can't be stopped, ...) " drzraf 3 30527 function to add separator has-patch Administration normal minor Future Release enhancement new 2014-11-27T15:07:32Z 2017-02-05T14:17:36Z "added the function `add_menu_separator( $position )`. Usage: {{{ add_action('admin_menu', 'separator'); function separator() { add_menu_separator(61); } }}} Adds a separator after 'Appearance'. - Just an example. " cfoellmann 5 58448 inconsistency in the $items parameter to the handle_bulk_actions-{$screen} action Administration normal normal Awaiting Review enhancement new 2023-06-03T00:54:37Z 2023-06-03T00:54:37Z "The [https://developer.wordpress.org/reference/hooks/handle_bulk_actions-screen/ handle_bulk_actions-{$screen}] action is fired when custom bulk actions are applied on various screens that have list tables. On `/wp-admin/plugins.php`, `$items` is an array of plugin paths relative to `WP_PLUGINS_DIR` (e.g., `classic-editor/classic-editor.php`). On all the other screens, the `$items` parameter passed to the action's callback is an array of IDs (e.g., post IDs, term IDs, comment IDs, etc). The inconsistency this ticket is about that on some screens the IDs in `$items` are ints and on other screens they are strings. Specifically, `/wp-admin/edit.php` (Posts list table), `/wp-admin/upload.php` (Media list table), and `/wp-admin/edit-comments.php` (Comments list table), the IDs are cast to ints via something like `array_map( 'intval', (array) $post_ids )` before `handle_bulk_actions-{$screen}` is fired. However, on all the other screens (`/wp-admin/edit-tags.php`, `/wp-admin-link-manager.php` (Links list table), and `/wp-admin/users.php`) the IDs are strings. I think it would be easier on developers (e.g., plugin authors) if when `$items` is an array of IDs, all IDs were ints. I don't know if this case be changed at this stage due to BC considerations. But if it can be, I'd be happy to add a patch to that effect." pbiron 21171 jQuery Events for Metaboxes Administration normal minor enhancement new 2012-07-05T21:35:47Z 2019-06-04T19:23:09Z "Currently, when a plugin adds a metabox with complex objects (like TinyMCE, Maps, CodeMirror etc) care must be taken to refresh the objects when the elements are moved (including hidden/shown). After some digging, I've found that this seems to works in most cases: {{{ var context = ""#custom_meta_box_id""; $( '#adv-settings' ).on( 'click', context + '-hide, ', refresh ); $( context ).on( 'click', '.hndle, .handlediv', refresh ); $('.meta-box-sortables').bind( ""sortstop"", refresh ); }}} which isn't terrible, but seems fragile if core changes in the future, and there should just be a better way :-) Two ideas from dev chat are triggering custom events or the (coming soon) ""js actions"" which would be more robust (like php actions)." WraithKenny 2 49166 need a function to know if a dashicon exists. dev-feedback Administration normal normal Awaiting Review enhancement new 2020-01-10T18:27:24Z 2022-05-31T12:36:08Z "Hello, Is there a way to know if a dashicon exist or not? I think there's currently no function and I don't really know if this is possible to create it or not... In my mind, it would be a function as <code>is_dashicon_exists( 'dashicons-linkedin')</code> returning true or false. Do you think it should be possible to create?" sebastienserre 6 57423 we need to check an argument is closure in PclZip has-patch Administration 6.2 normal normal Awaiting Review enhancement new 2023-01-05T11:06:09Z 2023-01-05T11:08:09Z "When we create a zip file with PclZip class, we can pass an PCLZIP_CB_PRE_ADD callback function in create function. And PclZip checks that the callback function is exist or not like below. {{{#!php <?php // ----- Check that the value is a valid existing function if (!function_exists($v_function_name)) { // ----- Error log PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, ""Function '"".$v_function_name.""()' is not an existing function for option '"".PclZipUtilOptionText($p_options_list[$i]).""'""); // ----- Return return PclZip::errorCode(); } }}} I want to pass a closure, but `function_exists($closure_function)` is false. So how about checking the callback function is closure also like below ? {{{#!php <?php // ----- Check that the value is a valid existing function if (!function_exists($v_function_name) && !($v_function_name instanceof Closure)) { // ----- Error log PclZip::privErrorLog(PCLZIP_ERR_INVALID_OPTION_VALUE, ""Function '"".$v_function_name.""()' is not an existing function for option '"".PclZipUtilOptionText($p_options_list[$i]).""'""); // ----- Return return PclZip::errorCode(); } }}} " rpf5573 1 49582 wp-admin CSS audit Administration normal normal Awaiting Review enhancement new 2020-03-05T01:14:16Z 2021-12-16T17:26:57Z "This is an umbrella ticket for an audit of the CSS in wp-admin, as discussed in the #core-css chat: [https://make.wordpress.org/core/2020/03/03/css-chat-summary-27th-february/]. The audit should cover the following aspects, for which separate tickets may be created if they don't exist already: * Identifying where specificity can be reduced; * Identifying dead code; * Identifying code specific to browsers no longer supported (existing ticket: #46015); There is a ticket for auditing the toolbar CSS: #46003. There is also a ticket for auditing all occurrences of `!important`: #26350, and another one tackling just the `!important`s in `common.css`: #47569." isabel_brison 52 58255 wp_send_json_error should respect error state passed in WP_Error. has-patch Administration normal normal Awaiting Review enhancement new 2023-05-04T11:00:43Z 2023-06-19T11:03:55Z WP_Error objects support setting the error state. This is used heavily in the REST API. The function `wp_send_json_error` supports error status code and passing WP_Error as an argument. The `wp_send_json_error` function could respect the status code in WP_Error. spacedmonkey 6 51838 Add first-time user message to application passwords form describing what this form is Application Passwords 5.6 normal normal Future Release enhancement new 2020-11-20T18:20:10Z 2021-01-27T06:30:16Z "I think the application passwords form could use a first-time user message detailing what this feature is and what clicking ""Yes, I approve of this connection."" actually means. The form on its own is a bit short on messaging indicating what it actually is. I think for users bouncing over from a mobile app to this, it probably makes sense since the mobile app has the opportunity to provide the context that the app needs permission in order to work with your site. For someone looking to use social engineering to get users to give up app passwords, sending a user a phishing email with a link to this form and telling them they need to reconnect Jetpack (or insert trusted brand here) to access their account doesn't seem all that malicious. Jetpack users will already be familiar with a connection process and the messaging here is similar enough where it might not raise red flags when it should. With a full OAuth implementation we would see a list of permissions being granted to this application. Since that's not a part of this feature, full access is granted to the app in question. For administrators, that means the ability to create another admin account or change the password of the existing one which would effectively lead to site takeover. That isn't conveyed anywhere on this page. I think we just need to make users aware of the context in which they should've arrived on this page, and what level of access they are giving this application (and really the application here is a URL, the user needs to determine if they trust the URL). There's a WP pointer when you navigate to the plugin file editor that functions as a bit of a speedbump and also lets users know there's the potential to break things by using this feature. I think app passwords needs similar treatment." wfmatt 5 51942 Application Password pagination Application Passwords 5.6 normal normal Awaiting Review enhancement new 2020-12-04T17:48:19Z 2021-02-01T14:11:15Z "Currently, the Application Password entries are stored on one page. Not sure how many entries are we expecting, but it might be worth using pagination here for better UX." Boniu91 10 57809 Application password success_url should allow http when host is localhost or localhost:port needs-unit-tests Application Passwords normal normal Awaiting Review enhancement new 2023-02-25T21:32:38Z 2023-03-22T02:19:31Z When using wp-admin/authorize-application.php to walk a user through the application password flow, WordPress will refuse to use a success_url with an http scheme, requiring that it's https (or a custom scheme). This is good security, and browsers implement the same SSL requirement for many browser APIs for the same reason. However, browsers also have an exception for http://localhost URLs, because it makes local testing much easier. WordPress should do the same here; a local test of a web app which interacts with the WordPress API should be able to walk a user through the application passwords flow, and at the moment it can't. Similarly, a non-web app running on a desktop computer can stand up a temporary HTTP webserver on a high-numbered port to serve the success_url much more easily than it can register a custom URL scheme. aquarius 7 51899 Improve Application Passwords section layout in user profile has-patch Application Passwords normal normal Future Release enhancement new 2020-11-30T23:15:10Z 2021-10-28T20:34:18Z "Background: #42790, #51489. [49109] added a new Application Passwords section to user profiles. @johnjamesjacoby raised a concern in comment:20:ticket:51489: > Is there a compelling reason why the HTML for this feature does not follow the pattern set by every other user profile feature on this page? > This feature would feel much more complete if it did not look as unique and unfamiliar. The section indeed does not seem to match the rest of the Profile screen, with labels on the left and other elements (inputs, buttons, hints) on the right. See the screenshot, where the Application Passwords section is at the bottom. Note: By default, application passwords are enabled if your site uses SSL, or if `WP_ENVIRONMENT_TYPE` is set to `local`. If that is not the case on your testing environment, you can enable the feature with this filter: {{{ add_filter( 'wp_is_application_passwords_available', '__return_true' ); }}}" SergeyBiryukov 44 41172 Allow autosaving to be disabled on a per post type basis has-patch Autosave normal normal 6.6 enhancement new 2017-06-26T08:24:58Z 2024-02-27T22:31:57Z Autosaving should be a post type feature, so that individual post types can opt out. Disabling this feature should remove both the server-side and the client-side saving. Frank Klein 20 24865 Allow plugins to hook into autosave and include field data from the autosave with the package. Autosave normal normal enhancement new 2013-07-28T22:55:43Z 2019-06-04T19:24:10Z "== Why? == Autosaves currently only save ""blessed"" data (post_title and post_description?). Plugin authors may want to add their own data in the autosave package so if they hook into `save_post` they can handle/save that data as needed. == How this works == Metaboxes are generated with an id already on the page. So what we do is add an extra parameter to the `add_meta_box()` function (`do_autosave` bool) so that when a plugin uses add_meta_box() they can set that flag. We set a javascript object that contains the ids of the metaboxes that have had that flag set and then `wp.autosave.getPostData` in `autosave.js` has been modified to loop through the metaboxes matching those ids and return the fields in those metaboxes as an object attached to the data param. Added a new jquery plugin (serializefullarray) as it will handle nested pseudo arrays set as the ""name"" values in inputs (i.e. somedata[one][two]) and create proper objects from them. " nerrad 12 43760 Create a revision when autosaving if the content has changed significantly dev-feedback Autosave normal normal Future Release enhancement new 2018-04-13T13:08:12Z 2019-09-19T20:52:21Z "Sometimes a user may edit a post for hours without saving it. We have autosaves to prevent any data loss. However in some cases there may be an user or a server error and the content may not be submitted or the post may be ""empty"". This doesn't happen often, but is usually devastating for the users. They just lost hours of work! To safeguard against these cases, we can create post revisions when the autosave data is significantly different than the existing post." azaozz 5 22601 Make post content autosave work more generically Autosave normal normal enhancement new 2012-11-27T04:00:31Z 2019-06-04T19:23:41Z "The JS for autosave/AYS looks for the contents of `#post #content`. While we should fix the other JS issue related to targeting `#content` in #22600, it seems that autosave/AYS should be looking for the textarea (or whatever type of input) with the name of content instead, since having that data in the form will save to the post content. That way, if somebody does choose to use a different ID but the right input name, the autosave benefits will kick in. Discovered while working on #22491." helen 2 22325 Abstract GPCS away from the superglobals dev-feedback Bootstrap/Load normal normal enhancement new 2012-10-30T21:15:41Z 2019-06-04T19:23:39Z "As discussed at #wpcs, it looks like we want to move away from directly using the GPCS superglobals. This gives us a way to handle slashing backwards compatibility moving forward. This is still a heap of versions away, but this is a way to keep any notes central." rmccue 39 46652 "Add ""template_loaded"" action after a template has been included as part of the template hierarchy" reporter-feedback Bootstrap/Load 5.1 normal normal Awaiting Review enhancement new 2019-03-26T10:59:34Z 2020-01-02T11:58:20Z "As part of the template hierarchy, WordPress works out what template it should use. It then passes this template through the `template_include` filter, which allows you to change the template name. This template is then included and that's the end of things. Here's the current snippet showing the filter and the include (from here https://core.trac.wordpress.org/browser/tags/5.1.1/src/wp-includes/template-loader.php#L77) {{{#!php <?php // ... if ( $template = apply_filters( 'template_include', $template ) ) { include( $template ); } elseif ( current_user_can( 'switch_themes' ) ) { // ... }}} However, we need to run some code ''after'' the template has been included. We can't rely on the next action to fire (which is `get_header` I believe) --- **I suggest that a new action is added after the template is included. For example: ** {{{#!php <?php // ... if ( $template = apply_filters( 'template_include', $template ) ) { include( $template ); // Add an action here do_action('template_included', $template); } elseif ( current_user_can( 'switch_themes' ) ) { // ... }}} --- For some context, as to why we need this change... we have some code that allows us to use PHP classes (controllers) in these template files. We currently hook into ""template_include"", do the include ourselves then prevent WP from doing the include by not returning anything. However we are running into issues where other hooks on ""template_include"" not behaving correctly now because we are not returning the template. We can get around this for now by making sure our filter runs last by setting a high priority. However it would be ideal for us to run our code after the include has been done. Happy to provide more details or code if needed." adamtomat315 2 18546 Add index.php to wp-includes and wp-admin/includes SergeyBiryukov* dev-feedback Bootstrap/Load 3.2 normal normal Future Release enhancement accepted 2011-08-30T11:42:40Z 2021-01-21T22:46:03Z "In [comment:ticket:17601:15], dd32 suggested an idea of adding `index.php` to `wp-includes`: > /wp-includes/index.php doesnt exist however, leading to that entire folder being indexed by google in some cases (which [http://www.google.com/search?hl=en&client=opera&hs=4Ba&rls=en&q=intitle%3A%22Index+Of%22+inurl%3Awp-includes&aq=f&aqi=&aql=&oq= does happen]), this will cause Search Engines to index the contents of these files, leading to the errors being logged. The patch adds `index.php` to `wp-includes` and `wp-admin/includes`. " SergeyBiryukov 35 13874 "Add package argument to ""_deprecated_function"" function" chriscct7 has-patch Bootstrap/Load normal normal enhancement assigned 2010-06-13T23:48:37Z 2019-06-04T19:21:54Z "Got to thinking it would be nice if plugins could use the _deprecated_ API by passing a ""$package"" argument to separate themselves from WP core, and so this patch was born. " johnjamesjacoby 16 26806 Add support for custom SHORTINIT handlers dev-feedback Bootstrap/Load 3.8 normal normal enhancement new 2014-01-10T14:30:43Z 2019-06-04T19:24:57Z "I'm building ajax caching for a plugin and need a handler to '''conditionally''' determine whether to continue loading WP (based on whether a cached version exists). Example handler file: https://gist.github.com/mgibbs189/8345521 The `SHORTINIT` constant along with `wp-load.php` isn't an option because it forces WP to exit early. Drop-ins like advanced-cache.php, object-cache.php, or db.php won't work because only 1 plugin at a time can use them. I need for my caching to work in combination with these other plugins (e.g. W3 Total Cache)" mgibbs189 4 21077 Add support for custom ports in multisite site addresses has-patch Bootstrap/Load 3.4 normal normal Future Release enhancement reopened 2012-06-26T07:55:39Z 2024-02-07T20:57:56Z This patch enables MultiSite to be used with a custom port, what must be defined as WP_CUSTOM_PORT in wp-config.php. djzone 37 34189 Add warning about changing $table_prefix for existing database has-patch Bootstrap/Load 4.4 normal normal enhancement new 2015-10-07T10:50:06Z 2019-06-04T19:32:46Z "When changing the $table_prefix for an existing database, it is not sufficient to rename the tables. You also have to change several values in at least two tables. In my case, changing prefix from ""wp_"" to ""bbj_wp_"" this involved at least the following SQL: UPDATE bbj_wp_options SET option_name = 'bbj_wp_user_roles' WHERE option_name = 'wp_user_roles'; UPDATE bbj_wp_usermeta SET meta_key = 'bbj_wp_user_level' WHERE meta_key = 'wp_user_level'; UPDATE bbj_wp_usermeta SET meta_key = 'bbj_wp_capabilities' WHERE meta_key = 'wp_capabilities'; The attached patch adds a warning to the generated wp-config.php file about this. There is much room for improvement here, including giving detailed information on what needs to be changed or even re-writingthe particular misfeature that stores tables names in other tables. The patch is intended as a stop-gap 'til such improvements are made. Hopefully this will prevent others from chasing down the same wildly unexpected behavior should they decide to change $table_prefix " bjerke-johannessen 8 46004 Allow actions based on blocks in the current content francina dev-feedback Bootstrap/Load normal normal Future Release enhancement assigned 2019-01-16T11:12:17Z 2021-05-10T18:49:18Z We're finding ourselves having to do stuff based on which blocks are in the page, and others are probably experiencing the same thing. So I think it's wise to add an action in the WP bootstrap that allows for people to do something based on which blocks will be on the page. For now only for singular pages, but as Phase 2 of Gutenberg is expanded, this should probably be expanded to other page types. joostdevalk 5 56252 Allow error_reporting level to be configurable for WP_DEBUG has-patch Bootstrap/Load 6.0 normal normal Awaiting Review enhancement new 2022-07-19T18:34:39Z 2023-03-01T15:36:23Z "I use WP_DEBUG_LOG in production to catch errors not caught during development. But almost all entries are PHP Deprecated errors. This makes hard to spot more relevant errors. It would be useful to be able to configure the error level report when using WP_DEBUG." luistar15 4 45949 Allow plugins or themes to supply their own message when they caused a WSOD Bootstrap/Load normal normal Awaiting Review enhancement new 2019-01-11T22:55:16Z 2019-01-16T16:55:08Z "#44524 ""introduces a WP_Shutdown_Handler class that detects fatal errors and which extension (plugin or theme) causes them. Such an error is then recorded, and an error message is displayed."" which is super cool. That change adds a generic recommendations for getting support that I think are a great default. I was talking about this with @antpb the other day and we discussed how if a plugin causes the crash, that plugin or theme should be able to communicate how to get help. If not, the WordPress user is going to go to WordPress.org/support or the host and eventually, hopefully make it to the plugin's actual support system, which for a commercial plugin is likely not WordPress.org. They might also go to the host who can help identify which plugin or theme is to blame and then send the user to the plugin/ theme support. That's a really bad user experience, they have a problem they want to go right to how to fix it. If plugins and themes could supply a message for how to get support right away when things broke, that would be so much better. The main problem we saw was that if there is a filter for the messages, but how does the plugin that just got deactivated due to error hook into that filter? https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-shutdown-handler.php?rev=44524#L171 So we figured it could be a markdown file in the plugins repo. WordPress could look in its file system for a file called error.md in the main directory of the plugin/ theme that just errored or it could look on WordPress.org for that file. Either way, it doesn't have to load the plugin's main PHP file and the content of that file would be covered by the WordPress.org plugin guidelines. " Shelob9 4 41578 Assure that $_SERVER['PATH_INFO'] is available Bootstrap/Load 4.8.1 normal normal Awaiting Review enhancement new 2017-08-07T00:27:14Z 2017-08-10T06:19:40Z "I use the [http://www.fefe.de/gatling/ gatling] web server on one of my servers (low ressorce consumption). gatling will not set the PATH_INFO environment variable if no path info is available which causes the home page of WP to enter an endless redirect loop. I managed to fix this by setting {{{$_SERVER['PATH_INFO']}}} to the empty string in an unhandled condition in wp-includes/load.php. " glehner 3 21521 Audit use of set_time_limit() dev-feedback Bootstrap/Load 3.4.1 normal normal enhancement new 2012-08-08T17:28:21Z 2019-06-04T19:23:14Z Core calls this half a dozen times. The call in wp_get_http() interferes with unit tests. Unit tests will terminate 60 seconds after wp_get_http() is called. Let's justify each use of set_time_limit() and remove what we can. ryan 6 60611 Bootstrap/Load: Refactor debug.log handling for enhanced protection and usability has-patch Bootstrap/Load trunk normal normal Awaiting Review enhancement new 2024-02-22T19:41:31Z 2024-02-22T19:41:51Z "This commit addresses concerns related to the /wp-content/debug.log file being publicly accessible, which may contain sensitive information in some circumstances. To mitigate this risk, a randomly generated string is now appended to the debug log filename. Additionally, the debug logs have been relocated to a dedicated directory for improved organization and convenience. These changes enhance both the protection and usability of the debug.log subsystem." itschristiandale 1 54117 Changing memory limit descriptions Bootstrap/Load 5.8.1 normal minor Awaiting Review enhancement new 2021-09-13T11:22:55Z 2023-11-28T14:01:11Z "Hi, A couple of things that stand out, WP_MAX_MEMORY_LIMIT is for the admin side of the site and WP_MEMORY_LIMIT is for the visitor side. If these were updated in the next version to more friendly names like WP_VISITOR_MEMORY_LIMIT and WP_ADMIN_MEMORY_LIMIT, it would be easier to set up these limits. How is the memory limit decided for WordPress? I've overridden the defaults since my server has 1GB max memory for PHP, so I've set them to 512 and 1024 respectively but is there a reason why the memory limits are set to arbitrary figures and not a percentage of the limit?" fyremoon 1 48720 Define all debugging constants for developers in wp-config.php Bootstrap/Load 5.3 normal normal Awaiting Review enhancement new 2019-11-19T05:18:52Z 2019-11-19T18:45:43Z "In `wp-config.php`, in the ""For developers"" section, we have: {{{ define( 'WP_DEBUG', false ); }}} I suggest we also add: {{{ define( 'WP_DEBUG_LOG', true ); define( 'WP_DEBUG_DISPLAY', false ); define( 'SCRIPT_DEBUG', true ); }}} This would mean that changing the value of `WP_DEBUG` to `true` would enable the log file but not the display, while making it easy to enable the display. I've been a WordPress developer for many years. This is the first ticket I've created. I'm a proponent of good defaults. I occasionally change the value of `WP_DEBUG`, but then need to disable it so that I can use the WordPress dashboard without scrolling through a list of errors and warning from third party themes and plugins. And to be honest, I never opened the `@link` to https://codex.wordpress.org/Debugging_in_WordPress Thanks for considering this enhancement! " davidnash 11 41520 Disable deprecated functions dev-feedback Bootstrap/Load normal normal Awaiting Review enhancement new 2017-08-01T20:16:06Z 2020-04-20T09:13:07Z In bootstrap process, deprecated.php, pluggable-deprecated.php and ms-deprecated.php are includes. These files include all the deprecated functions in core. This is done for compatibility reasons, however there are many setups that do not requires these functions as they are not using any of these functions. These files inline over 4500 lines of code ( 3881 + 208 + 518 ). There should be an option to disable them. spacedmonkey 9 60419 Emails: Your Site is Experiencing a Technical Issue Bootstrap/Load 5.2 normal normal Awaiting Review enhancement new 2024-02-02T00:30:15Z 2024-02-16T08:12:56Z "I have noticed that the emails regarding: ""Your Site is Experiencing a Technical Issue"" Seems to have the same phrasing even though some errors will bring the site down while other errors will not. I have received these error types of emails **Error Details ============= An error of type E_ERROR was caused in line 52 of the file....** I jump a bit when I get these emails as I wonder if the site has gone down. It seems the E_ERROR errors do not bring the site down. It seems really nothing happens when this error is seen. I have been told over and over to ignore these types of errors. This then comes back to... Whether messaging is/can/should be tailored depending on the type of error? I know it would be helpful if the really fatal errors show an more seriousness tone than the errors that are usually not that fatal. Having different wording based on the type of error will be very helpful. Thanks. " paaljoachim 2 60781 Expand or modify wp_get_environment_type function to allow more environment types dev-feedback Bootstrap/Load 5.5.1 normal normal Awaiting Review enhancement new 2024-03-15T09:49:27Z 2024-03-15T11:29:04Z "Currently the [https://developer.wordpress.org/reference/functions/wp_get_environment_type/ wp_get_environment_type()] function only allows 4 environment types: {{{#!php $wp_environments = array( 'local', 'development', 'staging', 'production', ); }}} But there are projects that have multiple environment types (CI, CD, pre-production, UAT, etc.). So if you define the `WP_ENVIRONMENT_TYPE` to anything outside of these 4 environments, you'll end up with serving the `production` environment. A trivial example would be where you'd like to change the color of your admin UI based on environments. I mean, sure you can use something like {{{defined('WP_ENVIRONMENT_TYPE') ? WP_ENVIRONMENT_TYPE : 'production'}}}, but what's the point of the `wp_get_environment_type` function then? One alternative is to expand the `$wp_environments` variable with some of the industry most-used terms. Or just remove this check, and just return the value of `defined('WP_ENVIRONMENT_TYPE') ? WP_ENVIRONMENT_TYPE : 'production'` check." dingo_d 1 22251 Helper function to simplify checking for constants dev-feedback Bootstrap/Load normal normal Future Release enhancement new 2012-10-22T00:32:27Z 2018-05-31T23:46:31Z "Love 'em or hate 'em, WordPress uses lots of constants. As a result, this pattern is all over core and plugins, and occasionally themes: `if ( defined( 'CONSTANT_NAME' ) && CONSTANT_NAME )` Right now on trunk, it's used 57 times (excluding 2 in Akismet). {{{ ~/code/wptrunk $ ack ""defined\( ?('|\"")([^'\""]+)\1 ?\) \&\& \2"" -h --ignore-dir=wp-content/plugins/ | wc -l 57 }}} How about a new function to make that verbose logic a little bit less repetitive. {{{ function wp_constant( $constant ) { return defined( $constant ) && constant( $constant ); } }}}" evansolomon 28 43712 Improve the user experience when a fatal error or uncaught exception occurs Bootstrap/Load normal normal Awaiting Review enhancement new 2018-04-06T14:43:43Z 2019-01-16T06:50:09Z "If a WordPress page request dies with a catchable fatal error or uncaught exception, WordPress just falls back on PHP's default error handling behavior. What this typically means is: * The page HTML gets cut off at a random point (wherever the error occurred), so the page looks broken but with no indication to the user that anything went wrong. * The request returns with a 200 status (which can result in the broken page being cached in all sorts of places). Proposed improvement: * Use set_error_handler() and set_exception_handler() early in the WordPress bootstrap process to give a better experience by default. For comparison, the way Drupal handles this is that it [https://api.drupal.org/api/drupal/includes%21theme.inc/function/theme_render_template/7.x buffers all output from the theme] (only actually printing it much later on in the page request). That way, if a fatal error or exception does occur, no output has been sent yet, so it can always [https://api.drupal.org/api/drupal/includes%21errors.inc/function/_drupal_log_error/7.x set a ""500 Service unavailable"" header and display a maintenance page instead]. There are pros and cons to that approach, but in any case, I'm not sure that WordPress could be changed to use it in a backwards-compatible way. However, what does seem possible to me is: * The error handler could check headers_sent() to see if output was already sent. * If no output was sent yet, just call wp_die() to display a standard error page with a 500 error. * If output already was sent, maybe at least try to print some kind of HTML before dying so the user can see that something is broken which wasn't their fault. I'm thinking something like an ""Oops - something went wrong and the page didn't finish loading"" message, ideally themed as a simple floating bar at the bottom of the browser window." David_Rothstein 43159 Introduce helper function for XMLRPC checks has-patch Bootstrap/Load normal normal Awaiting Review enhancement new 2018-01-25T20:30:35Z 2018-01-26T17:40:12Z Similar to #25669, it would be nice if there was a helper function for checking if WordPress is doing a XML-RPC request. NathanAtmoz 3 37646 Make wp-settings.php a series of do_actions() dev-feedback Bootstrap/Load normal normal Awaiting Review enhancement new 2016-08-12T19:07:44Z 2017-02-23T04:41:29Z "Now that #36819 is in, my master plan for `wp-settings.php` can begin. ---- '''Problem''' `wp-settings.php` makes many assumptions, many on purpose, others by necessity, some on consequence, and a few by accident. It is somewhat poorly named for what it is, and it's a mishmash of globals, function calls, class instantiations, and do_action() calls. ---- '''Solution''' `do_action()` all of the things. Make `wp-settings.php` a series of action calls. One for setting versions, one for initial constants, one for environmental setup, translations, database, plugins, themes, users, template output, and so on... Introduce a file named `wp-includes/default-actions.php` that serves 2 purposes: * Includes a bunch of new functions that wrap up sections of what's already in `wp-settings.php` * Hooks those new functions into the new actions in `wp-settings.php` ---- '''Why do we do this?''' As more robust and sophisticated plugins, themes, APIs, and systems start to use, rely on, and bend WordPress to their will, the need to override more & more pieces becomes apparent. While WordPress comes with a very handy set of default post types, taxonomies, APIs, helpers, wrappers, and tools, it may be desirable to unhook (or never load) certain pieces so that other pieces can take their place. In the past, this is done only with great intent, with strategic actions & filters in places where specific needs are being addressed. This is good in that it's predictable, but bad in that it's impossible for anyone to truly know what action or hook is *best* to perform any given subsequent action. By breaking `wp-settings.php` up into many clearly named `do_action()` calls, it becomes clearly obvious what actions perform what duties, while also introducing literally maximum flexibility in the entire system for new and exciting things to happen around WordPress itself. Imagine something like: {{{ // Load versions do_action( 'wp_settings_load_versions' ); // Load constants do_action( 'wp_settings_load_constants' ); // Load translations do_action( 'wp_settings_load_translations' ); // Load environment do_action( 'wp_settings_load_environment' ); // Load early WordPress settings do_action( 'wp_settings_load_early' ); // Load database do_action( 'wp_settings_load_database' ); // and on, and on... }}} ---- '''Epilogue''' This is a huge idea, easily scoffed at, and introduces code-churn like whoa. It would mean doubling down on WordPress's actions API, trusting it implicitly to load all of WordPress's core pieces & parts. It would open many doors to many unforeseen oddities while developers start dissecting all the ways things are tied together. It would also enable really cool external tools, like REST API drop-ins that can `SHORTINIT` WordPress if auth is missing, or WP CLI commands that can `die()` literally anywhere in the stack after they've done what they need to do. This is something I've wanted in WordPress since 2006 having seen similar in other libraries, and even old BackPress & bbPress gave nods and hints to back in the day. I'm also happy to give this a first patch if it's helpful to see visually the destruction it causes, or guide someone else along my vision for this if someone is willing and able to see it through before I am. <3" johnjamesjacoby 10 60208 Prevent redirect loops needs-unit-tests Bootstrap/Load normal normal Awaiting Review enhancement new 2024-01-07T20:16:15Z 2024-02-07T20:15:22Z "There are all kinds of issues open that deal with redirect loops and their patches try to resolve the symptom. I propose to instead fix the root cause by checking in wp_redirect/wp_safe_redirect if the $location is equal to the current host/request uri and if that's the case to not execute the redirect but wp_die - just like it's done in those function if response code is not in the 3xx range. If a rogue plugin causes this, this will at least give you a hint of what was happening/where to start, when your WP page suddenly starts to reload indefinitely." kkmuffme 8 57553 Problem in load WordPress. has-patch Bootstrap/Load 6.1.1 normal normal Awaiting Review enhancement new 2023-01-25T15:53:44Z 2023-06-14T17:08:20Z When i define('WP_DEBUG_DISPLAY', true); in config.wp. it will not effect in load.php in wp-includes folder. When any ajax error in face it will return me 500 Internal Server Error but not show detain in my Network. After that when i change **488** line in l**oad.php**, ( '**display_errors', 0** ) to ( **'display_errors', 1** ) in 0 to 1 than i got my error point. I hope most of the Developer face problem in this line here we can add a filter hook that any one can change if any one, may be the hook looks like, ( **ini_set( 'display_errors', apply_filters( 'wp_display_ajax_errors', 0 )** );) mahbubmr500 2 38650 Provide some guidance on what conditionals can/should be used in default-filters.php Bootstrap/Load low minor Awaiting Review enhancement new 2016-11-03T22:37:50Z 2017-06-21T23:12:12Z There are a lot of things you can't use in `default-filters.php`, such as `get_option()` or `is_customize_preview()`. Those deeply familiar with how load works might have some idea as to what's safe and what isn't, but it's generally confusing and a little opaque. I'd suggest some kind of inline comment at the top explaining the point of the file and what's generally safe (i.e. stuff in `load.php` as I understand?). helen 1 29341 Raise default value for WP_MEMORY_LIMIT in wp-includes/default-constants.php dev-feedback Bootstrap/Load 4.0 normal normal Awaiting Review enhancement new 2014-08-23T19:45:21Z 2024-03-17T04:33:21Z "wp-includes/default-constants.php currently has a default value for WP_MEMORY_LIMIT of 40Mb (or 64Mb for multisite). The effect of this constant is that if the current value of ini_get( 'memory_limit' ) is less, then ini_set() is used to raise it to at least WP_MEMORY_LIMIT. This default is fine, if your site has few plugins. When the constant was brought in (looks like 3.0, from the comment in the code), sites tended to have fewer plugins, and need less memory. It is not clear exactly what the rationale behind the default choice for WP_MEMORY_LIMIT is, and what data it is based upon. Nevertheless, I get to read a lot of log files through support for one of my plugins, and it is not uncommon for me to see sites where PHP memory use has exceeded 40Mb. It is not uncommon for me to have to advise someone on how to raise their PHP memory limit, because they are trying to clone their site into something like MAMP, which apparently has a lower limit than this (can't verify: I have no Mac), and the WP default is too low to then load their site successfully. Based on my (admittedly anecdotal) experiences, I would recommend 64Mb or 80Mb as a much more suitable default in 2014 (and a corresponding increase for multisite), if the aim is for users to not be surprised by a lack of memory. I don't think that hosting companies will have a problem with this. I have extensive data on default settings of the PHP memory limit, and 99.8% of web hosting companies in that data have 64Mb or more. 99.5% have 96Mb or more." DavidAnderson 14 33034 Refactor SCRIPT_FILENAME ending with php.cgi check in load.php Bootstrap/Load 4.3 normal normal enhancement new 2015-07-18T13:40:53Z 2019-06-04T19:31:23Z I found the original check pretty confusing :) wildpeat 2 54961 "Revise ""Technical Difficulties"" email to remove feature history and improve clarity of action steps" Bootstrap/Load 5.2 normal normal Future Release enhancement new 2022-01-27T21:25:05Z 2022-12-17T15:29:26Z "As someone who supports websites for numerous people and organizations, I've found that the ""Technical Difficulties"" email with recovery link is confusing to many people. I've had multiple people wonder if it's spam and many others be generally confused by it. I would suggest the following changes based on the feedback I have heard: - Change the first line to clearly indicate there is a potential problem with the website and drop the reference to WordPress 5.2. This is not important information anymore. - Move all technical information to the end of the email so as not to intimidate and confuse non-technical recipients - Be clear that there may or may not be an active problem. I will note that probably half of the emails I see sent are for temporary errors during updates that seem to have no lasting impact on the site. - Suggest people contact their website host -OR- developer (currently, only the host is mentioned) I have included a copy of the email for easy reference at the end of this issue. I'd be happy to work up the patch for this once a few other folks weigh in to either confirm or amend the suggestions I have. > Howdy! > > Since WordPress 5.2 there is a built-in feature that detects when a plugin or theme causes a fatal error on your site, and notifies you with this automated email. > > In this case, WordPress caught an error with one of your plugins, Jetpack. > > First, visit your website ({url}) and check for any visible issues. Next, visit the page where the error was caught ({error path}) and check for any visible issues. > > Please contact your host for assistance with investigating this issue further. > > If your site appears broken and you can't access your dashboard normally, WordPress now has a special ""recovery mode"". This lets you safely login to your dashboard and investigate further. > > {recovery mode link} > > To keep your site safe, this link will expire in 1 day. Don't worry about that, though: a new link will be emailed to you if the error occurs again after it expires. > > When seeking help with this issue, you may be asked for some of the following information: > WordPress version > Current theme: > Current plugin: > PHP version > > > > Error Details > =============" mrwweb 2 31839 Setting error reporting level for wp_debug_mode dev-feedback Bootstrap/Load 4.1.1 normal normal enhancement new 2015-04-01T16:25:34Z 2023-12-12T20:27:56Z "Since PHP 5.4.0 `E_STRICT` errors appear as part of `E_ALL` and headers cannot be sent sometimes - stuff that can lead to a whole set of problems. For me, they are useless and annoying - but for others they can be useful. I just want the possibility to set the `error_reporting` level used in `wp_debug_mode()`. I have applied a small patch to `load.php` as shown below. I have defined a `WP_DEBUG_LEVEL` constant in `wp-config.php` like so: `define( 'WP_DEBUG_LEVEL', E_ALL & ~E_STRICT );` because I do not want to see the `E_STRICT` warnings. Afterwards I modified the `wp_debug_mode` function like so: {{{ #!php function wp_debug_mode() { if ( WP_DEBUG ) { if( !defined( WP_DEBUG_LEVEL ) ) define( 'WP_DEBUG_LEVEL' , E_ALL) ; error_reporting( WP_DEBUG_LEVEL ); if ( WP_DEBUG_DISPLAY ) ini_set( 'display_errors', 1 ); elseif ( null !== WP_DEBUG_DISPLAY ) ini_set( 'display_errors', 0 ); if ( WP_DEBUG_LOG ) { ini_set( 'log_errors', 1 ); ini_set( 'error_log', WP_CONTENT_DIR . '/debug.log' ); } } else { error_reporting( E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR ); } if ( defined( 'XMLRPC_REQUEST' ) ) ini_set( 'display_errors', 0 ); } }}} Here's the [https://gist.github.com/AlexandruIfrim/8e3626f27344f8f28a87 gist] of it." aifrim 10 42264 Systematic way of dealing with compat code and polyfills Bootstrap/Load normal normal Awaiting Review enhancement new 2017-10-18T21:14:14Z 2018-05-23T10:31:48Z "The way compatibility code and fallback/polyfill functionality is currently handled has a few issues: * As everything resides in one big file, all of the code is parsed every time. * As everything resides in one file, problems like the PHP 7.2 parsing error for the autoload polyfill can crop up (as the polyfill is written with now deprecated code). * If the requirements change, it is non-trivial to remove unneeded code again. I'd like the suggest a more systematic way of loading the compatibility layer. The basic premise is that the PHP version of the current server is detected, and then an individual compatibility file is loaded for each version that is not already supported by the server. This provides a clean way of structuring the compatibility layer, giving a good overview of what is needed when, and what can be discarded. It also only loads the code that is needed. Here's the main mechanism that would make this work: {{{#!php <?php // Check the PHP version and load the corresponding compatibility files. // The fall-throughs (missing breaks) are intentional, as this makes sure that // all compat files - starting from the first required one - will be loaded. switch ( substr( PHP_VERSION, 0, 3 ) ) { case '5.2': require ABSPATH . WPINC . '/compat/php-5.2.php'; case '5.3': require ABSPATH . WPINC . '/compat/php-5.3.php'; case '5.4': require ABSPATH . WPINC . '/compat/php-5.4.php'; case '5.5': require ABSPATH . WPINC . '/compat/php-5.5.php'; case '5.6': require ABSPATH . WPINC . '/compat/php-5.6.php'; case '7.0': require ABSPATH . WPINC . '/compat/php-7.0.php'; case '7.1': require ABSPATH . WPINC . '/compat/php-7.1.php'; case '7.2': require ABSPATH . WPINC . '/compat/php-7.2.php'; default: require ABSPATH . WPINC . '/compat/default.php'; } }}} Note the fall-throughs of the case statements. As an example, if the current server would be running PHP 5.6, the above mechanism would load the compatibility files for 5.6, 7.0, 7.1 and 7.2. Inside of the individual files, you'd have fallbacks and polyfills, that are needed for the '''version it resides in and all previous versions'''." schlessera 6 41934 Update load.php with wp_is_bad_request function Bootstrap/Load 4.9 normal normal Awaiting Review enhancement new 2017-09-20T17:42:06Z 2018-08-16T19:19:56Z "I propose adding a wp_is_bad_request function to load.php, as a way to allow plugin developers to short circuit code execution if the HTTP request that started the WordPress load process is considered a junk request. See: #17246 The existing wp_favicon_request (renamed to wp_favicon_request_x in test file) is re-written to use the proposed wp_is_bad_request function. " rpayne7264 2 56390 Updating WP_MEMORY_LIMIT Bootstrap/Load normal normal Awaiting Review enhancement new 2022-08-16T09:04:13Z 2024-01-24T09:26:49Z "During the [https://europe.wordcamp.org/2022/contributor-day/ Contributor Day at the WordCamp Europe 2022], the Hosting Team found that {{{WP_MEMORY_LIMIT}}} is set as 40 MB (single site) and 64 MB (multisite). Furthermore, the {{{WP_MAX_MEMORY_LIMIT}}} is set as 256 MB. {{{WP_MEMORY_LIMIT}}} is the value for the WordPress Memory Limit, usually referred to the frontend memory, and {{{WP_MAX_MEMORY_LIMIT}}} is the value for the PHP Memory Limit, usually referred to the backend memory. == History == Around September 2013, the {{{WP_MEMORY_LIMIT}}} value changed from 32 MB to 40 MB (32+8). Some tests done by the Hosting Team suggest that the memory used on WordPress is around 16 MB. The PHP {{{memory_limit}}} sets the maximum amount of memory in bytes that a script is allowed to allocate. This helps prevent poorly written scripts for eating up all available memory on a server. Note that to have no memory limit, set this directive to {{{-1}}}. Check the [https://www.php.net/manual/en/ini.core.php#ini.memory-limit PHP page for more information]. == Actual code == Checking the [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/default-constants.php default-constants.php], the code for {{{WP_MEMORY_LIMIT}}} is: {{{ #!php $current_limit = ini_get( 'memory_limit' ); $current_limit_int = wp_convert_hr_to_bytes( $current_limit ); // Define memory limits. if ( ! defined( 'WP_MEMORY_LIMIT' ) ) { if ( false === wp_is_ini_value_changeable( 'memory_limit' ) ) { define( 'WP_MEMORY_LIMIT', $current_limit ); } elseif ( is_multisite() ) { define( 'WP_MEMORY_LIMIT', '64M' ); } else { define( 'WP_MEMORY_LIMIT', '40M' ); } } // Set memory limits. $wp_limit_int = wp_convert_hr_to_bytes( WP_MEMORY_LIMIT ); if ( -1 !== $current_limit_int && ( -1 === $wp_limit_int || $wp_limit_int > $current_limit_int ) ) { ini_set( 'memory_limit', WP_MEMORY_LIMIT ); } }}} ''NOTE: this code is an extrapolation of some parts to understand the values.'' For {{{WP_MAX_MEMORY_LIMIT}}}, is: {{{ #!php $current_limit = ini_get( 'memory_limit' ); $current_limit_int = wp_convert_hr_to_bytes( $current_limit ); if ( ! defined( 'WP_MAX_MEMORY_LIMIT' ) ) { if ( false === wp_is_ini_value_changeable( 'memory_limit' ) ) { define( 'WP_MAX_MEMORY_LIMIT', $current_limit ); } elseif ( -1 === $current_limit_int || $current_limit_int > 268435456 /* = 256M */ ) { define( 'WP_MAX_MEMORY_LIMIT', $current_limit ); } else { define( 'WP_MAX_MEMORY_LIMIT', '256M' ); } } }}} ''NOTE: this code is an extrapolation of some parts to understand the values.'' == PHP values == The first part gets the value from PHP, and if not exists, sets a default value. Thereafter, if the value is incorrect (in bytes) sets the memory limit from the constant. This PHP value has evolved: - PHP <5.1.0 (2005-11-24): valued at 8 MB (view [https://web.archive.org/web/20051127013935/https://www.php.net/manual/en/ini.core.php archive.org page]) - PHP =5.2.0: valued at 16 MB - PHP >5.2.0 (2008-12-12): valued at 128 MB (view [https://web.archive.org/web/20081217050654/https://www.php.net/manual/en/ini.core.php#ini.memory-limit archive.org page]) == Some questions == **Why change the WP_MEMORY_LIMIT value?** To level it to the PHP standard. If the hoster has some kind of limitation, misconfiguration, an incorrect value or does not allow changing it, the value used is the lesser, of 40 MB, which usually produces memory errors, when it should use the PHP default value, which is generally acceptable in new installations. At this time, 20 latest versions of WordPress (since WordPress 4.1 / 2014-12-17) can use PHP 5.6.40+ so it would meet the minimums set by PHP. **Can, actually, the value be greater than the PHP value?** Yes. That's why there is an intent to include something like: {{{WP_MEMORY_LIMIT <= WP_MAX_MEMORY_LIMIT <= memory_limit}}} == Premises == We should keep in mind some basic assumptions when incorporating PHP memory limits based on what users can do. The memory limit set by computer systems are set for a reason. And that reason should be enforced; therefore, PHP's memory limit should not be exceeded, and in case it needs to be exceeded, it should be changed by the system administration. Users can set the values they want from the wp-config.php configuration file. Often, extremely high values are set to hide a memory consumption problem due to bad programming. With a few visits it usually works, but it is a short-term fix. We must be realistic about the memory limits of the WordPress Core and the normal use of a WordPress, whether it is a simple WordPress or a WordPress Multisite. Most WordPress sites install plugins and themes that make memory spikes higher. PHP has its baseline memory limits that should serve as a reference for its use and application. == Proposal == Considering that since 2008, and PHP >5.2.0 the {{{memory_limit}}} value is equal to 128 MB, should we consider an update of this value in the WordPress base configuration, or at least an update of the values? The proposal from the WordPress Hosting team is for {{{WP_MEMORY_LIMIT}}}: - WordPress Single: {{{define('WP_MEMORY_LIMIT', '128M');}}} - WordPress Multisite: {{{define('WP_MEMORY_LIMIT', '192M');}}} Another patch should be: {{{WP_MEMORY_LIMIT <= WP_MAX_MEMORY_LIMIT <= memory_limit}}} Users can modify the {{{WP_MEMORY_LIMIT}}} and {{{WP_MAX_MEMORY_LIMIT}}} at {{{wp-config.php}}} and should have some limitations in values, as far as WordPress cannot overflow PHP. == Getting the values == When doing some calls to PHP functions and values, got this: - php.ini: {{{memory_limit}}} -> value: {{{256M}}} - function: {{{memory_get_usage}}} -> value: {{{2097152}}} - updating the {{{ini_set memory_limit}}} to {{{512M}}} -> value: {{{memory_limit = 256M}}} - function: {{{ini_get_all[memory_limit]}}} {{{ Array ( [global_value] => 256M [local_value] => 512M [access] => 7 ) }}} So, the real values are, always in the {{{ini_get_all[memory_limit]}}}. After doing some tests, maybe hard-coding the values is a bad idea, but having some ""limits"" is cool (like now) but reading the real values. == New code == This is just a proposal of code (need revision and checking by the WordPress Core Team). {{{ #!php $default_max_memory = 128 * MB_IN_BYTES; // this is a security limit. Should be align with the default PHP memory_limit. Now (PHP 5.3+) is 128M $memory_default = ini_get( 'memory_limit' ); $ini_get_all = ini_get_all(); // set by global ini if( isset( $ini_get_all['memory_limit']['global_value'] ) ) { $max_memory_default = $ini_get_all['memory_limit']['global_value']; } elseif( $memory_default ) { $max_memory_default = $memory_default; } else { $max_memory_default = $default_max_memory; } // set by site / virtualhost / pool ini if( isset( $ini_get_all['memory_limit']['local_value'] ) ) { $max_memory_real = $ini_get_all['memory_limit']['local_value']; } else { $max_memory_real = $max_memory_default; } unset( $memory_default, $ini_get_all ); // default memory in bytes $max_memory_default_int = wp_convert_hr_to_bytes( $max_memory_default ); if( $max_memory_default_int <= 0 ) $max_memory_default_int = $default_max_memory; // site memory in bytes $max_memory_real_int = wp_convert_hr_to_bytes( $max_memory_real ); if( $max_memory_real_int <= 0 ) $max_memory_real_int = $default_max_memory; if( $max_memory_real_int < $max_memory_default_int ) $max_memory_real_int = $max_memory_default_int; // set the limit to the max memory set wherever // user did not set the WP_MEMORY_LIMIT in wp-config.php if ( ! defined( 'WP_MEMORY_LIMIT' ) ) { define( 'WP_MEMORY_LIMIT', size_format( $max_memory_real_int ) ); // if the WP_MEMORY_LIMIT set by the user is greater than the real available } elseif( $max_memory_real_int < wp_convert_hr_to_bytes( WP_MEMORY_LIMIT ) ) { define( 'WP_MEMORY_LIMIT', size_format( $max_memory_real_int ) ); } // user did not set the WP_MAX_MEMORY_LIMIT in wp-config.php if ( ! defined( 'WP_MAX_MEMORY_LIMIT' ) ) { define( 'WP_MAX_MEMORY_LIMIT', size_format( $max_memory_real_int ) ); // if the WP_MAX_MEMORY_LIMIT set by the user is greater than the real available } elseif( $max_memory_real_int < wp_convert_hr_to_bytes( WP_MAX_MEMORY_LIMIT ) ) { define( 'WP_MAX_MEMORY_LIMIT', size_format( $max_memory_real_int ) ); } if ( wp_convert_hr_to_bytes( WP_MEMORY_LIMIT ) > wp_convert_hr_to_bytes( WP_MAX_MEMORY_LIMIT ) ) { WP_MEMORY_LIMIT = WP_MAX_MEMORY_LIMIT; } unset( $default_max_memory, $max_memory_default, $max_memory_real, $max_memory_default_int, $max_memory_real_int ); }}} Initial Props: @javiercasares, @crixu, @bernardzijlstra, @mikeschroder. Original document from the Hosting team at [https://docs.google.com/document/d/1CFMboqFnHMBifcuozqWKvUQUdxSCqCh-YcCwMOMeAl0/]" JavierCasares 32 41783 allow loading wp-config.php (values) without DB bootstrap Bootstrap/Load 4.8.1 normal normal Awaiting Review enhancement new 2017-09-02T17:43:40Z 2017-09-02T17:43:40Z "Directly related issue: [https://github.com/wp-cli/extension-command/issues/26 wp-cli plugin download command] ''wp-config.php'' is a fundamental and unique source of information about the WP instance. It contains information about database, but some others about languages/paths/... In some case we may want to provide preprovisionned WP instance but also about the to-be-instanciated installation: filesystem/plugin/themes/... to be provided in the filesystem *before* WP got installed). This may be the case when a team share a common WP filesystem image / Docker image / ... External tool (ex `wp-cli`) may benefit from loading not only the WP-core helpers (like, eg, `plugins_api()`), but also to know about some constants inside ''wp-config.php'' although DB is not yet available. An issue is that currently, loading ''wp-config.php'' forcefully attempt a DB connexion. This happens via the unconditional call to `wp_set_wpdb_vars()` inside ''wp-settings.php'' We rather should provide a mechanism to optionally disable such a behaviour. There already exist a '''SHORTINIT''' define. Could we introduce another one that may allow to load `wp-config.php` in a database-less environment? Indirectly related: [https://core.trac.wordpress.org/ticket/41710 WP_* configuration constants from the environment] " drzraf 38204 enhancement: custom pathname to wp-config.php dev-feedback Bootstrap/Load 4.7 normal normal Awaiting Review enhancement new 2016-10-01T15:01:18Z 2022-10-20T18:18:29Z "This patch allows for setting the pathname to the {{{wp-config.php}}} file with a {{{WP_CONFIG_FILE}}} environment variable. The end goal is to have wordpress code separate (and possibly read-only) from the config file, and from the state (user content). " gdamjan 6 41710 optionally obtain WP_* configuration constants from the environment dev-feedback Bootstrap/Load 4.8.1 normal normal Awaiting Review enhancement new 2017-08-23T04:51:51Z 2022-11-02T12:58:26Z "Although hardcoding strings inside a configuration is the traditional way to setup applications, having smooth configurations values is sometimes needed. The context of rising CI/virtualization/automated WP deployments increases the need of '''provisioning''' WP configuration (setup and adjunst DB credentials/debug-mode/site-url/... in an easy and flexible manner). wp-config.php currently imposes harcoding string values in a PHP-formatted regular text file. No file override, no override of the source of the values. This creates [https://github.com/docker-library/wordpress/blob/master/docker-entrypoint.sh#L110 coding] [https://github.com/wp-cli/scaffold-command/blob/master/templates/install-wp-tests.sh#L111 horrors] where people almost invent sed/awk-based PHP macro templating systems to simply configure a WP instance. The fact that wp-config.php uses PHP-format rather than ini/yaml is '''not''' the issue. The issue is that the current configuration does not offer the possibility of environment indirection. (the other ""issue"" being that developers are reluctant to create a modified copy of wp-config-sample.php {{{getenv()}}}-based, maybe to be future-proof in case of wp-config.php changes, maybe to respect user-provided changes) In the Unix world, environment has been the traditional and flexible way to transmit information to child processes. Is there any blocking wp-config.php from fetching some or all of its user-defined constants from the environment out of the box? Would maintainers consider such an enhancement? Some suggestions (among many possible others): 1. fetch from {{{getenv()}}} if {{{wp-config.php}}} is absent 2. fetch from {{{getenv()}}} if mandatory values of {{{wp-config.php}}} values are empty 3. fetch from {{{getenv()}}} even if {{{wp-config.php}}} values are empty 4. load {{{wp-config.$HOSTNAME.php}}} if present 5. load {{{wp-config.{PHP_SAPI}.php}}} if present 6. provide (and maintain) a {{{wp-config-env-sample.php}}} {{{getenv()}}}-based 7. ... [https://wordpress.org/support/topic/implement-env-variables-for-wp-config/ related forum post]" drzraf 2 55973 Add .gitattributes file to annotate generated files Build/Test Tools normal normal Awaiting Review enhancement new 2022-06-14T09:19:11Z 2023-11-16T13:47:45Z "To make development on GitHub easier, we could consider adding a `.gitattributes` file for annotating generated files. The `linguist-generated` attribute can be used to mark or unmark paths that should be ignored for the repository's language statistics and hidden by default in diffs. See https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github for more details This came to mind when reviewing https://github.com/WordPress/wordpress-develop/pull/2647" swissspidy 2 44246 Add `check-node-version` to check required Node.js and npm versions are installed azaozz has-patch Build/Test Tools normal normal Future Release enhancement reopened 2018-05-27T12:16:11Z 2019-01-10T02:46:35Z "This change adds a npm script to the `preinstall` task of `npm install` to check that the required npm and Node.js versions are installed and being used in the current terminal shell instance. If the Node.js version is not `8.9.3` or npm version is not greater than `6.1.0` a warning will be displayed notifying the user to update the respective build tooling. The attached patch depends on #44245 being committed first Related: #44245, #43731 " netweb 11 56602 Add a comment to auto-generated editor files pulled from Gutenberg repository Build/Test Tools normal normal Awaiting Review enhancement new 2022-09-19T13:14:16Z 2022-09-19T13:34:01Z "Background: #30666, #48424. With the increasing amount of files merged from Gutenberg, it's not always clear which files are safe to patch in core and which should first be patched upstream in the Gutenberg repository and then backported to core. At a glance, these fall under the latter category: {{{ wp-includes/blocks/* wp-includes/class-wp-block-parser.php }}} Patching them directly in core would cause a test failure, see comment:10:ticket:56581 for a recent example. To avoid further confusion, it would be great to add a comment like this at the top of the file: {{{ /*! This file is auto-generated */ }}} similar to the one added in [41271] and [46589] for RTL CSS and minified JS and CSS files. Or this one from [source:trunk/tools/release/sync-stable-blocks.js?rev=53688&marks=22#L15 tools/release/sync-stable-blocks.js], added in [53688]: {{{ // This file was autogenerated by tools/release/sync-stable-blocks.js, do not change manually! }}} If that would require changes in both core and Gutenberg build process, this ticket can be used for tracking. If it can be done entirely on the Gutenberg side, happy to move the issue there." SergeyBiryukov 1 48977 Add a new test case for E2E test Build/Test Tools normal normal Awaiting Review enhancement new 2019-12-15T05:30:44Z 2021-03-08T05:56:53Z "Now the E2E test has only one case to test WordPress. So we can add a new test case ** Test case WordPress has two default content. - Post ""Hello world"", post_id=1 - Page: ""Sample Page"", post_id=2 So we can test to these page are these page exists. ** Expect - localhost?p=1 -> should return HTTP200 - localhost?p=2 -> should return HTTP200 - localhost?p=404 -> should return HTTP404" hideokamoto 1 34693 Add browser-based testing and automated acceptance tests (BrowserStack) Build/Test Tools normal normal Future Release enhancement assigned 2015-11-15T23:43:07Z 2020-09-15T01:55:03Z "Automated testing in WordPress is primarily focused on PHPUnit testing, with some JavaScript QUnit tests. While the PHP tests are run against every version of PHP since 5.2, the JavaScript tests are limited to one single browser environment (PhantomJS). This has meant that browser-specific bugs have been introduced (e.g. #30781) because manual testing isn't always performed in all the browsers that WordPress supports. We should connect WordPress unit tests with something like BrowserStack to run the QUnit tests in the various browsers. While we're at it, the unit/integration testing in PHPUnit and QUnit only take us so far in WordPress as it is. What WordPress is missing are acceptance tests that fire up an actual browser to do actual tasks that users would perform when using WordPress. Such acceptance tests would make WordPress much more resilient against regressions, and it would open up a lot of new areas for automated testing that are currently very difficult to test using unit/integration tests. For instance, the Customizer heavily uses data from both PHP and JavaScript along with Ajax requests between the two. To create unit/integration testing mocks for PHP, JS, and Ajax requests adds a lot of testing overhead and is also difficult to maintain. I believe acceptance testing would allow much more of WordPress to be tested automatically, and it would allow tests to be written by more people. See also https://wordpress.slack.com/archives/core/p1419407324003594" westonruter 16 55042 Add end to end test case for Filter media by Date has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2022-02-02T08:18:26Z 2022-02-02T08:22:35Z "Add two new test cases in wp-e2e for Filter media by date This ticket is to add an E2E test for this feature" honesthacker 1 55041 Add end to end test case for Filter media by type has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2022-02-02T07:55:01Z 2022-02-02T07:57:43Z "Add two new test cases in wp-e2e for Filter media by type This ticket is to add an E2E test for this feature" honesthacker 1 53414 Add how to run php coverage reports to readme.md hellofromTonya needs-docs Build/Test Tools normal minor Future Release enhancement assigned 2021-06-15T19:30:07Z 2021-11-10T02:03:18Z "With the@Covers getting added in #39265 we need to make it easy to run/create the coverage reports So let's add the instructions to the readme.md file" pbearne 5 49077 Add https://github.com/WordPress/wordpress-develop to Packagist Build/Test Tools normal normal Awaiting Review enhancement reopened 2019-12-24T11:03:11Z 2020-09-25T19:25:02Z Currently, the WordPress Develop repo is not on Packagist, even though it now has a composer.json file (thanks to #43558). In order to use as a dependency, for example to use as a foundation to building an automated testing suite for a theme or plugin, you need to manually add the Github URL as an additional repository definition in your project's composer.json file. Normally this wouldn't be much of an issue, but due to the large number of branches and tags, Composer has to search the entire repo to generate a list of tags and branches available on every install/update, which takes several minutes! Adding WordPress Develop to Packagist (to be alongside https://packagist.org/packages/wordpress/phpdoc-parser), would parse and cache branches and tags as they are released via the Packagist Github hook. clarinetlord 7 52088 Add multisite support to the local Docker environment Build/Test Tools normal normal Awaiting Review enhancement new 2020-12-16T03:35:13Z 2020-12-16T03:35:13Z "The local Docker development environment should support multisite. Since custom port numbers are not currently supported by multisite installs, this is blocked by #21077." desrosj 53520 Add regression test for the wp_option data corruption bug needs-unit-tests Build/Test Tools normal normal Future Release enhancement new 2021-06-26T01:22:16Z 2021-11-10T18:50:31Z "Gutenberg v10.7.x introduced a bug that caused some `wp_option`s to get blank or corrupted data after (any) settings were updated in the `options-general.php` page. This was eventually fixed in v10.7.4, with this PR: https://github.com/WordPress/gutenberg/releases/v10.7.4. See https://github.com/Automattic/wp-calypso/issues/53447 and https://github.com/Automattic/wp-calypso/issues/53431. There's already a regression E2E test in Gutenberg that was introduced in this PR: ttps://github.com/WordPress/gutenberg/pull/32797. Ideally, though, it'd be either moved to WP core or also implemented here. It doesn't need to be an E2E test, and could be a lower-level integration test, if we can figure out how to reproduce at a lower level (there was a failed attempt to do this, though, see this comment: https://github.com/WordPress/gutenberg/pull/32797#issuecomment-865005516." fullofcaffeine 2 50412 Add support for common PHPUnit arguments when watching Build/Test Tools normal normal Awaiting Review enhancement new 2020-06-17T16:32:14Z 2020-09-04T21:55:33Z "r42760 added the `watch:phpunit` task, but it only supports the filtering tests by the group. In ticket:42282#comment:18 @soulseekah asked about adding support PHPUnit filters, etc. That seems very desirable, and there are other PHPUnit arguments that would be useful too, like filtering by test name, and file. Rather than building all that from scratch, though, we could switch to using [https://github.com/spatie/phpunit-watcher phpunit-watcher] instead. It already has support for all of those, plus an interactive mode where you can switch between them at will, rather than having to restart the task with different args. I've been using it lately and it seems to work well^1^. @netweb, it looks like you've contributed to it in the past; do you think it'd work well for Core? [[br]][[br]] ![1] Since Core is such a large repo, we'd probably need to wait until [https://github.com/spatie/phpunit-watcher/pull/116 #116-phpunit-watcher] is merged." iandunn 3 52613 Add testing setup instructions on wordpress-develop repository readme has-patch Build/Test Tools normal minor Future Release enhancement new 2021-02-22T21:13:59Z 2021-11-10T02:05:46Z "While setting up my environment, I was surprised by running unit tests and seeing an error about a missing config file. {{{ Error: wp-tests-config.php is missing! Please use wp-tests-config-sample.php to create a config file. child_process.js:655 throw err; }}} While I do expect configuration setup when trying to run tests against a different local instance, seeing this error when trying to run this against the docker env made me question if I was doing something wrong. I have a pull request that makes some suggested changes in the readme to help guide others: https://github.com/WordPress/wordpress-develop/pull/1033" gwwar 3 42076 Allow the external HTTP tests to run internally needs-unit-tests Build/Test Tools normal normal Awaiting Review enhancement new 2017-10-03T16:44:26Z 2020-03-22T14:07:03Z "The tests in the `external-http` group are the worst. They not only perform calls out over the internet, but they rely on a combination of wordpress.org, wordpress.com, example.org, example.com, and youtube.com. The external oEmbed tests that use youtube.com (`Tests_External_HTTP_OEmbed`) can probably be removed. They're technically fragile (YouTube could change the structure of their embed URLs and cause the tests to fail) and don't actually test anything that core has control over. It _should_ be possible to run the rest of the external-http tests against a local web server running PHP. As an example, frameworks such as Behat usually run against a server being run by PHP's built in web server. If the test files from wordpress.com and wordpress.org were downloaded and placed into the test suite data directory, they could be served by a local web server and therefore tested without a remote HTTP request. Spinning up a local web server in PHP could be made optional via a flag or an environment variable, and could be enabled on Travis by default. It may even be that the functionality that is being tested by these external HTTP tests can be abstracted and made testable without performing an HTTP request at all, or it could be that the functionality is already covered by unit tests in the Requests framework. Feedback / ideas welcome." johnbillion 11 35318 Automate anti-virus scanning of WordPress zips Build/Test Tools normal normal Awaiting Review enhancement new 2016-01-05T16:36:15Z 2022-01-29T10:48:46Z "In WordPress 4.4, some files were marked as malware by antivirus vendors. This sucks for users. I think we should automate scanning of WordPress packages so that we can alert antivirus vendors as soon as possible that they are miss flagging WordPress files. one api that could work is https://www.virustotal.com/en/documentation/public-api/ , but we should investigate that and other possible options. " jorbin 3 55466 Build Tools: create Docker test environment that use non-direct filesystems dev-feedback Build/Test Tools normal normal Future Release enhancement new 2022-03-26T04:03:21Z 2023-02-02T04:53:27Z "Recently when writing a PR for #51170, @costdev and I, mostly Colin as I let him do this, had a somewhat difficult time setting up a testing environment that used FTPext or FTPsockets. It would be awesome if this could be built into a Docker image for testing with WordPress-develop. If this can be done it might be worthwhile to setup environments for the other file system methods too." afragen 7 50337 Build tools: Ensure built files have been updated or ignored in `src` directory. has-patch Build/Test Tools 5.4 normal normal Awaiting Review enhancement new 2020-06-07T01:50:59Z 2021-03-18T23:02:36Z The `npm run build:dev` command generates some files that need to be committed to the WordPress-Develop repository. It sure would be dandy if the build reported a failure if these files have not been updated. peterwilsoncc 4 49635 Build tools: Remove generated and package sourced files from committed code. gziolo Build/Test Tools normal normal Future Release enhancement assigned 2020-03-12T20:13:05Z 2021-11-10T02:01:24Z "Currently several PHP files either auto-generated or copied during the build process are committed in to the repositories `src` directory, this includes: * `src/wp-includes/assets/script-loader-packages.php` * `wp-includes/blocks/*.php` As including built files can lead to errors during the commit process, it would be dandy if these files could be removed from the repository and added to the list of ignored files. A consideration is if this can be and needs to be done in such a way to avoid requiring JavaScript and CSS be built in order to run the PHP unit tests. I'm sure there are other complexities too. Related #48154" peterwilsoncc 13 51784 Build/Test Tools: Consider always running npm install with --no-optional close Build/Test Tools normal normal Future Release enhancement new 2020-11-16T10:38:14Z 2024-01-03T17:12:41Z "Currently there are 248 optional third (and forth, fifth) party dependencies in package-lock.json that don't seem needed. Running `npm install --no-optional` seems to still install many of them (presumably as they are needed by other dependencies) but reduces the overall size of node_modules by about 40MB and speeds things up a bit. " azaozz 3 59728 Build/Test Tools: Expose error message upon Gutenberg plugin activation failure. Bernhard Reiter has-patch Build/Test Tools normal normal Awaiting Review enhancement assigned 2023-10-25T08:41:31Z 2023-10-25T14:26:15Z "In [54913], an end-to-end test was added to ensure that installing and activating the Gutenberg plugin didn't cause any fatal errors. (For the rationale behind this, refer to #57197.) Through its integration with GitHub's CI, this allowed catching code that would lead to fatals (e.g. duplicated function names) before it was committed. The downside of doing this via an e2e test is that the error message shown in CI is fairly generic and thus somewhat easy to miss and/or ignore, even though WordPress does report the specific error that would cause an error when attempting to activate Gutenberg. Thus, it seems preferable to implement the test differently to expose WordPress' error message. One way to go about this would be to add a separate GH workflow (yml file) and to use WP CLI to install and activate GB." Bernhard Reiter 3 49423 Build: Create Webpack build configuration for vendor dependencies whyisjake* has-patch Build/Test Tools normal normal Future Release enhancement accepted 2020-02-12T21:20:19Z 2021-02-08T16:38:29Z "Related: #49360, #46110 (could be considered a blocker for #49360) The current process for including third-party JavaScript dependencies (jQuery, Moment, etc) occurs as a combination of: - [https://github.com/WordPress/wordpress-develop/blob/3dd39ffecea808afe86b8071331551d9d5e8cf89/Gruntfile.js#L164-L231 Gruntfile task] - [https://github.com/WordPress/wordpress-develop/blob/3dd39ffecea808afe86b8071331551d9d5e8cf89/tools/webpack/packages.js#L74-L86 Webpack packages build] For both of these, they are performed as simple file copying from `node_modules`. This has a few downsides, related to depending on the package to prepackage ""browser-ready"" scripts: - Cannot use a package if it uses CommonJS or other module import semantics (See: ticket:49360#comment:6) - Cannot use a package if its code is not transpiled to run in ES5 environments like Internet Explorer (see #46110) - We must run Uglify minification directly for packages if it does not include a minified distributable All of these problems could be addressed by incorporating the vendor dependencies into the Webpack build process. - Webpack can resolve module import semantics and output browser-ready artifacts - When configured to use the package's default entrypoint (`package.json` `main`) and assuming that entrypoint is ES5-ready, the output should also be ES5-ready. Note that the problems of #46110 are a bit more nuanced, related to [https://github.com/jimmywarting/FormData/issues/69#issuecomment-462791447 upstream issues of the package in question]. We probably want to expect that dependencies are already transpiled; ideally we would not need to incorporate something like Babel as part of this configuration. - Webpack has [https://webpack.js.org/configuration/optimization/ built-in minification handling]. This could technically be done within the existing `packages` configuration, but there's enough differences between packages and vendor scripts (both technically and conceptually) that it would make sense to extract this to its own configuration. There is already precedent here with having a separate configuration for media scripts. See attached patch for proposed implementation." aduth 24 50627 CSS Build process: Consider removing autoprefixer from the source folder. Build/Test Tools normal normal Awaiting Review enhancement new 2020-07-10T19:07:15Z 2021-03-09T07:35:32Z "Right now, the CSS build process is a bit unclear to me. It seems like there's a precommit hook to apply postcss autoprefixer to the CSS fils in src folder. This results in ""source code"" and ""built code"" to be mixed together. The issue becomes more apparent as we explore using new techologies list CSS custom properties. If we continue with the current setup it means we'd have to include in the source code both the CSS variables used, and the necessary fallback for IE11 (as CSS variables are not supported there). So whenever we want to change the value of the CSS variable, we'd have to update all the fallback values, diminishing the value of the CSS variable in the first place. Autoprefixer and CSS Custom properties are the examples I have in mind right now, but this can be problematic for any similar CSS feature we'd be interested in. I think we should consider only applying the PostCSS tweaks (autoprefixer) to the build folder only. The downside is that the source ""css"" files won't have the necessary fallbacks for legacy browsers but they will still continue to work in most recent browsers. In an ideal world, source and dist are completely different but it's too soon for that as a lot of core developers still use the ""src"" folder." youknowriad 2 57426 Coding Standards: mark warnings that trigger CI failures as errors. close Build/Test Tools normal normal Awaiting Review enhancement new 2023-01-05T21:46:54Z 2023-01-06T22:21:19Z "The GitHub workflow for linting PHP currently fails for both warnings and errors, see this [https://github.com/WordPress/wordpress-develop/actions/runs/3526768168/jobs/5915073412 example run in which warnings error out]. As warnings trigger CI errors, I think it would be beneficial to set the phpcs.xml.dist file to bump the severity of all warnings to errors. For developers using linting tools that default to showing errors only, this will ensure their editor/pre-merge script highlight anything that will cause the CI to fail. " peterwilsoncc 7 56087 Configure Codecov status checks Build/Test Tools low normal Awaiting Review enhancement new 2022-06-28T15:19:50Z 2022-06-28T15:26:08Z "There are two [https://docs.codecov.com/docs/commit-status status checks] associated with Codecov reporting being attached to commits: [https://docs.codecov.com/docs/commit-status#project-status project] and [https://docs.codecov.com/docs/commit-status#patch-status patch]. Patch status only measures the lines adjusted in the commit where project measures the overall project coverage and compares the before and after for the current commit. Because a coverage report is not generated for every commit, the `project` check sometimes attaches misleading information to a commit when it does run. For example, see [https://github.com/WordPress/wordpress-develop/commit/567b8377541bf5f212437c73590bf044b22e1730 this commit]. No files in the `src` directory were changed, but the test coverage is reported as declining. It seems that any decline in coverage is also considered a failure." desrosj 1 57556 Configure feature branches on GitHub to trigger workflows to support development on forks needs-docs Build/Test Tools normal normal Awaiting Review enhancement new 2023-01-25T21:30:37Z 2023-02-01T03:05:14Z "When contributing to WordPress core through GitHub, the workflow is to create new branch in a fork, and open a pull request from there to WordPress core. This works reasonably well for smaller pieces of work, but when it comes to larger features it is not a great development experience having to work in a single pull request for the entire effort. A simplified workflow can be to work in individual issues and pull requests within the fork, until a fully functional version of the feature or larger enhancement is ready for an actual WordPress core pull request. This workflow is already possible today, however one caveat is that as long as the development happens on the fork, the GitHub workflows are not triggered unless the work happens against the `trunk` branch. That however is not a good idea in itself as the `trunk` branch is the main development branch and not intended for work on specific features. It would make it impossible to work on multiple features in the same fork if they had to be developed against `trunk`. This ticket therefore proposes to add a certain branch pattern to the CI configuration of WordPress core's GitHub workflows, e.g. to ensure that they run for any branches satisfying the `feature/*` pattern. Of course in theory any fork could implement that individually, but that would eventually not be a great workflow as then every PR against the main `WordPress/wordpress-develop` repository would include that change, which it should not. Since no actual development happens within the `WordPress/wordpress-develop` repository directly, I'd argue there is no harm in adding this extra branch rule. What it would help though is to support the above workflow to develop greater features iteratively in a fork." flixos90 8 37261 Consider removing the `$start` argument from `WP_UnitTest_Generator_Sequence` Build/Test Tools 4.4 normal normal Awaiting Review enhancement new 2016-07-03T12:46:17Z 2019-02-25T01:46:45Z "As a follow up to [35244] and [37299], I wonder whether the `$start` argument in `WP_UnitTest_Generator_Sequence` still makes sense. Currently the class handles two things: - Global increments (via the static incrementor variable). - Local increments (via the `$start` argument). So I'd propose to remove the `$start` argument. A different, simpler class could be used for local increments instead." Frank Klein 54154 Core medias e2e tests Build/Test Tools normal normal Future Release enhancement new 2021-09-21T12:17:40Z 2022-09-02T15:17:22Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for medias e2e tests." justinahinon 1 54157 Core menus e2e tests Build/Test Tools normal normal Future Release enhancement new 2021-09-21T13:03:13Z 2022-09-02T15:17:39Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for menus e2e tests." justinahinon 1 54152 Core posts e2e tests has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2021-09-21T07:39:50Z 2021-09-23T12:24:38Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for Core posts e2e tests." justinahinon 3 54153 Core taxonomies e2e tests has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2021-09-21T12:16:22Z 2021-09-27T12:18:42Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for taxonomies e2e tests." justinahinon 3 54155 Core users e2e tests has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2021-09-21T12:20:41Z 2021-09-21T12:20:59Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for users e2e tests." justinahinon 1 54156 Core widgets e2e tests Build/Test Tools normal normal Future Release enhancement new 2021-09-21T12:49:40Z 2022-09-02T15:17:31Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for widgets e2e tests." justinahinon 1 53737 Create a way to autogenerate end-to-end test code from manual testing steps for WordPress core lucatume Build/Test Tools normal normal Future Release enhancement assigned 2021-07-22T12:17:32Z 2022-07-05T16:41:26Z "As part of the proposal to [https://make.wordpress.org/core/2020/08/07/e2e-end-to-end-testing-in-core-working-group-proposal/ bring end-to-end (e2e) testing to WordPress core], we would like to find a way to autogenerate end-to-end tests from manual testing steps. WordPress uses the [https://jestjs.io/ Jest] test framework for its e2e tests. Jest uses JavaScript code to create tests. Like most testing frameworks, it's built for developers who code the tests to be run on the front end, typically via a decoupled browser instance. However, this means that only those familiar with writing JavaScript code would be able to create new or edit existing tests. This creates a barrier to entry for those who would like to contribute to testing efforts but are not coders. Traditionally performing front-end testing would have been done by contributors following a manual process (i.e., physically filling in fields, clicking on buttons, etc.). Therefore, it would make sense to find a way to continue to allow these testers to contribute to the e2e test suite. We would like to find a way to autogenerate e2e tests, to somehow record and save the process of manual testing and convert that into JavaScript code that is compatible with the Jest framework. This initiative aims to empower any contributor to contribute to the e2e testing efforts without knowing how to code an automated test." psykro 9 54151 Dashboard widgets e2e tests justinahinon has-patch Build/Test Tools normal normal Awaiting Review enhancement assigned 2021-09-21T07:35:18Z 2021-09-21T12:16:01Z "This ticket is a sub ticket of #52895. Here is an overview of e2e tests that are already implemented and those that need implementation in Core: https://docs.google.com/spreadsheets/d/1QTlGV3WYmRZKhtqzUasbv_XELFCwu1su7c4qe-SePMY/edit#gid=0. And here are the tests scenarios I drafted: https://docs.google.com/document/d/1HvZCiCBvRRU978NX6wbP4JrMu5f1-OPjYVTgjkV5CCo/edit?usp=sharing --------------------------------------------------------------------------------------- This ticket is for dashboard widgets." justinahinon 1 42990 Deprecate WP_UnitTestCase::_make_attachment has-patch Build/Test Tools normal normal Future Release enhancement new 2017-12-28T13:07:36Z 2019-10-03T21:05:47Z "In r35309, several ways of creating an attachment for an uploaded media file were consolidated into a single method, `WP_UnitTestCase::_make_attachment`. As part of r34855, a new method, `create_upload_object`, was added to `WP_UnitTest_Factory_For_Attachment`. It contains all of the code from `_make_attachment`, but additionally it also handles the upload of the media file. We should deprecate the `_make_attachment` helper method, and use the factory method instead. This reduces duplicate code, and makes the interface of `WP_UnitTestCase` cleaner." Frank Klein 1 49638 Determine methodology recommendations for CSS audit Build/Test Tools normal normal Awaiting Review enhancement new 2020-03-12T21:09:17Z 2020-06-25T21:10:10Z "This ticket is under the umbrella CSS audit ticket #49582. Ticket #49637 is intended to collect a wish list of *what we want to know* as a result of the audit. This ticket is for determining some recommended approaches and tools for finding that information. For example: * Using PostCSS to find and compare selectors * Creating a specific set of Stylelint rules to flag areas with high specificity * A recommended approach for any manual inspection of files" notlaura 12 48050 Development Build: Provide structure to auto-install plugins dev-feedback Build/Test Tools normal normal Awaiting Review enhancement new 2019-09-16T16:39:11Z 2019-09-17T19:53:34Z "When doing local development, I never use a completely blank version of WordPress. I always install a plugin like Query Monitor to help me debug and monitor development on the fly. Additionally, for some themes and plugin development, a developer may always or often need particular plugins installed. I propose automatically installing Query Monitor (FYI @johnbillion ) for Core development while also creating a structure to allow other developers using this box for other types of work to define as an environmental variable other options. I suggest only installing, not activating, to ensure that the running code is intentional as compared to the pristine environment. In our Travis config, for tests, we should not have anything different than a production build, so a `false` variable will disable anything from being installed. For other uses, a comma-separated list would provide a way to install multiple plugins. cc: @pento" kraftbj 6 50460 Don't minimize the `script-loader-packages.php` file close Build/Test Tools normal normal Future Release enhancement new 2020-06-23T19:09:47Z 2021-11-10T02:01:00Z "The `wp-includes/assets/script-loader-packages.php` file was added in #48154 through [47352] as a means to automate the process of updating the NPM packages from the Gutenberg repository (including dependencies and versions) in a way that the packages would still be available through the `wp_(enqueue|register)_scripts()`. This works great, but the file is a single line return statement that returns a multidimensional array, which makes it impossible to read through without reformatting it. I am proposing that the file not be minimized to one line in order to make it human readable. This would have an added benefit of making the changesets readable, allowing someone to view a changeset and understand exactly what was changed or updated (see [47920], [47517], [47513])." desrosj 12 54892 E2E tests for Creating Menu, Removing existing menu and Remove items from Menu has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2022-01-24T13:15:48Z 2022-03-10T05:39:35Z "Add three new test cases in WP-e2e: 1. Create a New Menu 2. Removing Existing Menu 3. Remove Items from the Menu This ticket is to add E2E test for this feature. " pooja1210 3 54095 Echo local wp-env URL when running env:start has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2021-09-08T20:41:21Z 2021-09-09T04:08:03Z "In an effort to make the wp-env tools a wee bit friendly to new devs I’ve added a `console.log` to echo the local URL when running `env:start` `http://127.0.0.1:` is hard-coded, the port number is added using the variable ` process.env.LOCAL_PORT` On my machine the console output looks like this: {{{ $ npm run env:start > WordPress@5.9.0 env:start > node ./tools/local-env/scripts/start.js Starting wordpress-develop_mysql_1 ... done Starting wordpress-develop_php_1 ... done Starting wordpress-develop_wordpress-develop_1 ... done ------------------------------------------- wp-env now running on http://127.0.0.1:8889 ------------------------------------------- }}} " danfarrow 3 53480 Existing config files lost when installing local-env Build/Test Tools low normal Awaiting Review enhancement new 2021-06-22T17:25:48Z 2021-06-22T17:25:48Z "=== Problem `npm run env:install` overwrites existing `wp-config.php` and `wp-tests-config.php` files without warning. Those files aren't versioned, so they have to be restored from a local backup, if one exists. That makes sense in hindsight, but it wasn't obvious to me before running the command. I normally use a local nginx/php/mysql stack (via homebrew), but the unit tests don't work locally because I'm running PHP 8 (#46149), so I wanted to use local-env to run the tests. Running the install broke my normal environment, but luckily I had a backup. Even if someone is only using local-env, they may have changes they want to preserve between installs. e.g., if they re-install to try and fix something that's not working. === Potential solution: manual intervention One approach would be to remove the `--force` param when creating `wp-config.php`, so WP-CLI errors out. Folks could then manually backup/remove the file and run the command again. For `wp-tests-config.php`, the install script could check if the file exists before creating it, and abort with a warning if it does. That won't affect contributors installing for the first time. === Potential solution: automatic backups To avoid manual intervention, another approach would be to rename existing files to `wp-config.php.backup1`, `wp-config.php.backup2`, so that each version is preserved. === Potential solution: prompt before running A simpler solution might be to just print a warning to the console at the start of the script, and prompt the user to continue. That'd introduce unnecessary friction for new contributors, though. At the very least, though, I think there should be a warning in the `README`." iandunn 45132 Explore better implementation of Autosaves Controller unit tests Build/Test Tools normal normal Future Release enhancement new 2018-10-19T13:55:25Z 2019-02-14T18:07:09Z "In [43768], we had to introduce an edge case where `tests/rest-api/rest-autosaves-controller.php` is run last in the test suite because the definition of `DOING_AUTOSAVE` pollutes the test suite. We can't remove `DOING_AUTOSAVE`, but we could potentially avoid defining it during a test suite run. Or maybe there are other ideas we can explore. ""Done"" for this issue would be a solution where `tests/rest-api/rest-autosaves-controller.php` can be tested as a part of the standard test suite execution order, not last." danielbachhuber 4 58006 Final classes & testing reporter-feedback Build/Test Tools normal normal Awaiting Review enhancement new 2023-03-28T20:19:38Z 2023-03-29T12:37:50Z "Sorry if this is not the place to post. All (or most AFAIK) WordPress classes WP_* are declared final. This is an issue when unit testing since final classes can't be mocked so unit testing a class that relies on a WP_Post instance is hard. If I may ask, is there a reason why these classes are final? Have there been any talks to make them non-final, at least in the official testing environment that uses phpunit?" neblabs 1 44351 "Fix ""Foreign key constraint is incorrectly formed"" when running unit tests" Build/Test Tools 4.9.6 normal normal Awaiting Review enhancement new 2018-06-11T17:09:19Z 2021-11-09T23:22:23Z "I kept getting ""Foreign key constraint is incorrectly formed"" when running tests on my plugin. This drove me nuts for a few hours. The reason is [https://github.com/WordPress/wordpress-develop/blob/9e38c2847e5f3b94785378094d17f09577215d3c/tests/phpunit/includes/testcase.php#L335 WP_UnitTestCase::start_transaction()] The WordPress testing framework changes all 'CREATE TABLE' queries to 'CREATE TEMPORARY TABLE'. [https://dev.mysql.com/doc/refman/5.5/en/create-table-foreign-keys.html From the MYSQL manual]: > Foreign key relationships involve a parent table that holds the central data values, and a child table with identical values pointing back to its parent. The FOREIGN KEY clause is specified in the child table. The parent and child tables must use the same storage engine. **They must not be TEMPORARY tables**. Please add something like: {{{#!php <?php add_filter( 'query', [ $this, '_alter_temporary_tables' ] ); // ... snip ... public function _alter_temporary_tables( $query ) { if ( 'ALTER TABLE' === substr( trim( $query ), 0, 11 ) && strpos( $query, 'ADD CONSTRAINT' ) !== false && strpos( $query, 'FOREIGN KEY' ) !== false ) { return 'SELECT 1'; // Replace borken foreign key query with a fake query } return $query; } }}} To `WP_UnitTestCase::start_transaction()` Thank you for your consideration." conner_bw 2 49274 Grunt copy:files should ignore node_modules Build/Test Tools normal normal Awaiting Review enhancement new 2020-01-22T23:14:52Z 2021-03-08T17:13:56Z "I've gotten this error several times when run `grunt watch`, and [https://wordpress.slack.com/archives/C02RQBWTW/p1569233071368200 several] [https://wordpress.slack.com/archives/C18723MQ8/p1510735332000041 others] [https://wordpress.slack.com/archives/C18723MQ8/p1472636852000040 have] [https://wordpress.slack.com/archives/C18723MQ8/p1463866743000131 too]: `Maximum call stack size exceeded` It happens because there's a `node_modules` folder somewhere in `src/`, and they typically contain too many files for Grunt to handle. Configuring `copy:files` to always ignore `node_modules` folders seems like it'd remove that friction for people." iandunn 13 29792 Grunt: Add a stylelint precommit task to check for CSS syntax errors netweb Build/Test Tools normal normal Future Release enhancement assigned 2014-09-29T13:07:40Z 2021-11-11T21:59:32Z "We need to do a better job of catching sad syntax errors and problems in our CSS before commit - things like parse errors, empty rules, units on zero values, and possibly duplicate properties (when alone, not as a part of a group). There may also be a thing or two that we could enforce per our own standards, such as requiring a comment to follow any declaration with `!important`. CSSLint seems to do most of these, provided we turn off the majority of its checks. Many of those checks (vendor prefixes, selector specificity, etc.) either are not relevant to our set up (due to Autoprefixer, for example) or are just not feasible given our current CSS and possibly not desirable for this project. Interested to know if there are any other tools out there that perhaps fit the job better, and defining the parameters of what we would like to check." helen 63 50266 Had to specify mysql socket to run php automated test Build/Test Tools normal minor Awaiting Review enhancement new 2020-05-27T18:13:49Z 2020-05-27T18:29:44Z "I had to add mysql socket information to be able to run `phpunit`. Without it, phpunit complained that it could not connect to database. Hopefully someone can confirm this and add this information to the docs. Example in wp-tests-config.php: define( 'DB_HOST', 'localhost:/Applications/MAMP/tmp/mysql/mysql.sock' ); I followed all the instructions from here: https://make.wordpress.org/core/handbook/testing/automated-testing/phpunit/ . I am using MacOS Catalina 10.15.2." mmarco9 40281 Improve Documentation for HTTP Unit Testing Build/Test Tools 4.8 normal normal Awaiting Review enhancement reopened 2017-03-27T22:42:10Z 2021-11-16T18:39:48Z Improve Commenting for HTTP Unit Testing. bhubbard 1 57896 Improve devcontainer + Codespaces support has-patch Build/Test Tools normal normal Future Release enhancement new 2023-03-09T15:41:09Z 2023-12-23T03:23:39Z "Background: #57187. Codespaces support was introduced in [55303] and adjusted in [55353]. @johnbillion raised some follow-up points in comment:23:ticket:57187: > 1. `README.md` needs to document the three environment choices now available to devs (Codespaces, local devcontainer, local environment). > 2. The devcontainer doesn't use the same environment for WordPress that you get when you follow the ""Local development"" instructions in the readme. We're going to end up with two confusingly separate but similar environments. Could and should the same environment be used to run WordPress within the devcontainer? > 3. `setup.sh` assumes the workspace directory name is `/workspaces/wordpress-develop` but the local directory name may differ. The `${localWorkspaceFolderBasename}` variable needs to be passed in to that script from `devcontainer.json`." SergeyBiryukov 21 37521 Introduce a procedure for deprecating code used in Unit Tests Build/Test Tools 4.6 normal normal Awaiting Review enhancement new 2016-07-30T08:22:16Z 2019-02-25T01:47:03Z "WordPress has different utility functions to mark functions, methods, hooks, etc. in the core codebase as deprecated, and a dedicated file (`deprecated.php`) to move obsolete code to. I consider that it would be useful to introduce the approach of deprecating code to the unit tests as well. An example for obsolete code would be the `_unregister_post_type()` and `_unregister_taxonomy()` functions in the unit test utils. Since [36316], these test framework functions are only wrappers for core functions. As such, it would be appropriate to use the core functions in the tests, and deprecate the test framework functions. Let's explore how we could handle this in the unit test framework." Frank Klein 41425 Killing phpunit may result in a broken database has-patch Build/Test Tools 4.9 normal normal Awaiting Review enhancement new 2017-07-24T15:50:00Z 2018-06-13T20:03:59Z "While running phpunit for wordpress-develop under Windows I hit ctrl-break during the Install processing. The next time I ran phpunit it didn't work. === Actual output === ""Error establishing a database connection"" <p>One or more database tables are unavailable. The database may need to be <a href=""maint/repair.php?referrer=is_blog_installed"">repaired</a>.</p></body> === Expected output === The install routine should drop and recreate the tables during Install === Explanation === The process was killed after the wp_options table was dropped but before wp_install() had completed. === Workaround === Either change $table_prefix in wp-tests-config.php or drop all the other tables that are missing and re-run. " bobbingwide 4 52668 Make it easier to override the built-in docker environment's config has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2021-02-26T18:28:07Z 2023-06-10T20:24:05Z "Core currently ships with a `.env` file to provide a default configuration to the built-in Docker environment. If you want to override some of these variables you can setup values as environment variables before invoking the `npm run env:*` commands. It can be a somewhat frustrating DUX if you need to consistently override these values, and not just once for testing some specific configuration. For instance if you need to use mariadb for ARM support, or making sure the correct port is used. One possibility to make this more permanent is to modify the `.env` file itself, but then you need to remember to exclude changes to that file when committing which is a bit annoying. There is the ability to create a docker-compose override file. But IMO that is a bit of overkill if just using the existing environment variable configuration would be sufficient. One way I think we could solve this would be to change the `.env` file to `.env.example` and then in a `post install` routine copy the file from `.env.example` to `.env` if a `.env` file does not already exist. That way, if a user wants to they can customize that `.env` file without any fear that a future pull will overwrite their changes or that their changes would be accidentally included in a commit." TimothyBlynJacobs 4 59486 Make test suite compatible with PHPUnit 10 / 11 Build/Test Tools 6.4 normal normal Future Release enhancement new 2023-09-28T08:58:42Z 2024-03-07T09:58:11Z "PHPUnit 10 was released back in February of 2023, and included [https://github.com/sebastianbergmann/phpunit/blob/10.0.0/ChangeLog-10.0.md#1000---2023-02-03 many breaking changes] - they completely rewrote the internal functionality of PHPUnit (mainly the event system for extending the test runner). Besides that, they upped the minimum PHP version to >=8.1, so for WordPress, it could only be used on PHP versions of >=8.1. While this is not a huge and critical update, since the tests are running fine on PHP versions all the way up to version 8.3, it would be a good idea to start preparing for PHPUnit 10 compatibility. Besides being up to date, it will allow external testing library maintainers (such as [https://github.com/lucatume/wp-browser wp-browser] or [https://github.com/dingo-d/wp-pest wp-pest]), to use the latest versions of both PHPUnit, or dependencies that are using PHPUnit 10 (such as PestPHP v2 which depends on PHPUnit 10). I understand that this is a huge undertaking, but it's okay to have a ticket open for this (I didn't find one opened while searching, could be wrong tho), so that we can keep track of changes, and maybe create a roadmap or a to-do list of what needs to be fixed in order to make WordPress test suite compatible with PHPUnit 10. " dingo_d 7 52895 Overview of e2e tests to be written has-patch Build/Test Tools normal normal Awaiting Review enhancement new 2021-03-24T03:36:28Z 2022-07-05T16:41:26Z "#49507 adds e2e tests for the edit posts page. The goal is to write tests for all the admin, but we should be clear on which parts need most testing and what exactly to test. To kick things off, I'm making a list of all the pages, some of the tests we should write, and some questions that occurred to me. Feedback on what to add, change or remove is very welcome! Dashboard: * Quick draft section: add title, save draft, navigate to posts page and check it's there. Updates page: not sure how we should test this one. Categories: * Add new category: add name, click add new category button, check if it appears in list * Check that bulk deleting all categories leaves “uncategorized” untouched * Add child category * Delete category * Search for category * Search for non-existing category Tags: same as categories. Media: * Add image to library * Edit image alt text, title, desc * Search for image * Search for non-existing image Pages: same as posts (see #49507) Comments: * Create post, view it, add a comment, check that it displays in comments page. Themes: * Search for a theme * Activate a theme * Delete a theme, then search for it * Add new theme and activate it Customize: this is pretty theme-dependent, so we should pick a theme and check a few flows on it. Widgets and Menus: might not be worth writing tests yet as these screens are being re-written. Theme editor: * Add a line of CSS in the theme stylesheet and check for it in the front end? Plugins: how should we test this page? Users: * Add new user * Search for user * change user role * Check admin user can't change itself to subscriber Profile: there are lots of options here, should we test changes to each of them? Some may not be relevant, e.g. profile pic just takes us to Gravatar. Import: We could test whether the plugins install correctly, but any further than that should be unnecessary (the plugins should have their own tests) Export/Export personal data: would it be worth trying to check the contents of the downloaded files? Site health: there's no real interaction on this page, so maybe we can skip it. Erase personal data: not sure how to test this one. Settings: like profile, lots of options here. Test each individually? " isabel_brison 16 57761 Prevent non-Latin characters from being used in filenames Build/Test Tools normal normal Awaiting Review enhancement new 2023-02-17T18:28:40Z 2023-02-17T18:37:25Z "In r55294, I committed a few files with non-Latin characters in the filenames: * tests/phpunit/data/themedir1/block-theme-non-latin/parts/small-header-τεστ.html * tests/phpunit/data/themedir1/block-theme-non-latin/parts/small-header-测试.html * tests/phpunit/data/themedir1/block-theme-non-latin/templates/page-τεστ.html * tests/phpunit/data/themedir1/block-theme-non-latin/templates/page-测试.html These filenames caused SVN checkouts to break in some environments ([https://github.com/wp-cli/scaffold-command/actions/runs/4202081401/jobs/7293427452 example]): {{{ svn: E000022: Can't convert string from 'UTF-8' to native encoding: svn: E000022: /tmp/wp-cli-test-run--63ef7647f35894.16389676/wordpress-tests-lib/data/themedir1/block-theme-non-latin/parts/small-header-{U+03C4}{U+03B5}{U+03C3}{U+03C4}.html cwd: /tmp/wp-cli-test-run--63ef7647f35894.16389676/ run time: 6.1638081073761 }}} It'd probably be best to have a pre-commit hook to prevent non-Latin filenames from being committed in the future." danielbachhuber 1 42668 Remove WordPress Importer tests from default test suite Build/Test Tools normal normal Awaiting Review enhancement new 2017-11-23T08:28:49Z 2017-11-29T23:59:39Z "The importers were removed from Core in r14764, 8 years ago. But the [https://core.trac.wordpress.org/browser/trunk/tests/phpunit/tests/import tests] are still located in the core test suite, and are run by default. We should exclude these tests from running by default as a first step, as it means running 14 tests less. Ultimately these tests should be migrated to the [https://github.com/WordPress/wordpress-importer Importer plugin repository], where they can assist with development." Frank Klein 2 50209 Remove all uploads between test methods Build/Test Tools 4.0 normal normal Awaiting Review enhancement new 2020-05-19T11:09:00Z 2020-05-21T08:13:10Z "Commit r29120 added a curious feature to the WordPress testing framework: selective uploads deletion between test runs. What it means is that the first time that `WP_UnitTestCase::setUp()` is called for a test case, it will create a list of all files contained in the uploads directory. This list, stored in the static `$ignore_files` property, allows to selectively delete files uploaded during tests. This code was added so that tests can be run against a development installation of WordPress. In opposition to running tests against a throwaway installation, as should be the case. There are three issues with this behavior: 1. Scanning the uploads directory is slow. If you have too many files in that directory, the test runner will ""hang"" before running the first test. Ultimately it will result in a memory exhaustion error. 2. Attachments are not properly deleted. `_delete_all_data()` runs a SQL query that deletes the database entries of attachments, but not the associated files. Since the function is called before `wpTearDownAfterClass` runs, there's no way to do manual cleanups in tests. The next test case that gets booted up will add the remaining files to the list of files to ignore, making it impossible to do selective uploads deletion. See #41978. 3. There is no automatic clean up of uploads between test methods or test cases, leaving files lingering around. Even after all tests have been run. In short this approach is slow, half-baked, and unneeded. We should therefore remove it, and have uploads be cleared the same as any other fixture. Since this behaviour has been around for years now, we can't unfortunately just remove it, so I propose that we use a feature flag for disabling it." Frank Klein 4 56021 Rename or deprecate assertDiscardWhitespace() Build/Test Tools normal normal Future Release enhancement new 2022-06-20T18:12:26Z 2022-09-19T22:26:15Z "There are a few custom assertion methods in `WP_UnitTestCase_Base`: * `assertWPError()` * `assertNotWPError()` * `assertIXRError()` * `assertNotIXRError()` * `assertEqualFields()` * `assertDiscardWhitespace()` * `assertSameIgnoreEOL()` * `assertEqualsIgnoreEOL()` * `assertSameSets()` * `assertEqualSets()` * `assertSameSetsWithIndex()` * `assertEqualSetsWithIndex()` * `assertNonEmptyMultidimensionalArray()` * `assertQueryTrue()` `assertDiscardWhitespace()` is the odd one out, as it does not match the naming of other methods. Existing since [760/tests], it appears to have never been used in the test suite. I think we can rename it to `assertEqualsDiscardWhitespace()` and keep the old name as an alias just in case, or deprecate it altogether, maybe suggesting `assertSameIgnoreEOL()` as a replacement, though it's not quite the same. While it is possible that plugins may use the method in their tests, searching in the directory [https://wpdirectory.net/search/01G614PXD6J2Q67FDKS8DYS6S3 shows zero results]." SergeyBiryukov 7 50393 Run `composer compat` as a part of `grunt precommit` Build/Test Tools low normal Future Release enhancement new 2020-06-15T15:36:21Z 2020-06-15T15:36:21Z Now that the PHPCompatibilityWP ruleset passes in Core (see #49922), `composer compat` should be run in `grunt precommit` to help prevent new potential compatibility issues from being committed. desrosj 58000 Run core unit tests against object cache enabled with Redis Build/Test Tools normal normal Awaiting Review enhancement new 2023-03-28T13:32:14Z 2023-04-05T09:17:24Z "Redis is a popular technology used for object caching. Redis is used by many large WordPress hosts like pantheon, kinsta and pagely. It may even be more popular than memcache. WordPress core unit tests, should run against redis as well as memcache, to ensure the core team can spot issues early. " spacedmonkey 5 30587 SVG and PNG Images in UI Should Be Optimized has-patch Build/Test Tools normal normal Future Release enhancement new 2014-12-03T16:19:36Z 2020-11-11T14:20:20Z "While nothing Earth-shattering, perhaps it would be wise to establish a best practice of optimizing images used in the UI of WordPress before committing them? Using ImageOptim (a GUI wrapper for [http://pmt.sourceforge.net/pngcrush/ pngcrush]) and [https://github.com/svg/svgo svgo] I was able to save an average of 8.7% per PNG and an average 15.25% for SVG files. A 11% decrease in SVG file sizes isn't that bad. Maybe more important for higher-traffic sites, but all users would benefit. See Also *https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/image-optimization *http://scribdtech.wordpress.com/2011/09/07/shrink-your-ios-app-by-turning-png-compression-up-to-11/" ckoerner 10 48060 Save sent emails in local Docker environment has-patch Build/Test Tools 5.3 normal normal Future Release enhancement new 2019-09-17T17:12:22Z 2023-08-15T17:04:06Z "It would be great to be able to save emails to disk for review and testing. cc @clorith @azaozz." pierlo 2 48007 Setup Windows CI environment Build/Test Tools normal normal Future Release enhancement new 2019-09-09T17:22:55Z 2020-12-08T18:34:56Z "Would bugs like #47980 be more likely to be caught before release if we had a Windows environment setup in Travis, and/or [https://make.wordpress.org/hosting/test-results/ test results] from a Windows host? If so, there may still be some things like #40856 that would need to be resolved first, though. " iandunn 4 24879 Sourcemaps should be provided for use with minified javascript libraries dev-feedback Build/Test Tools normal normal Future Release enhancement new 2013-07-29T15:49:33Z 2017-02-19T10:42:42Z "Sourcemaps make it possible to debug minified files. Supported in Chrome: https://developers.google.com/chrome-developer-tools/docs/javascript-debugging#source-maps Landing in Firefox in v23: https://wiki.mozilla.org/DevTools/Features/SourceMap When this feature is enabled, the Chrome console currently shows a 404 when the script specifies a sourcemap file and it isn't found." jblz 12 42278 Speed up tests by using shared user fixtures needs-unit-tests Build/Test Tools normal normal Future Release enhancement new 2017-10-19T09:09:44Z 2019-01-08T10:13:51Z "There are a lot of tests that require user fixtures. These are then created, and afterwards deleted, as part of the test class set up and tear down methods. These fixtures could all be reused between tests, if a user for every role in Core would be created in the database as part of the unit test setup process. If we had that, all the tests that need for example a user with the `editor` role could just grab the existing user from the database, instead of creating this as a test fixture." Frank Klein 2 42904 Speed up unit tests by disabling password hashing has-patch Build/Test Tools normal normal Future Release enhancement new 2017-12-14T19:47:17Z 2019-09-20T17:33:34Z "Whenever the factory creates a new user during a test, it calls `wp_insert_user()`. This function calls `wp_hash_password()`, which internally uses `PasswordHash::HashPassword()` to create a hash of the default password. In the context of most unit tests, users do not need hashed passwords. Hashing has a performance impact, so the tests should run a bit faster if we avoid hashing if we don't need to. The attached patch introduces a mock password hasher, that is used by the entirety of the tests The exception are a few tests that rely on authentication to work properly." Frank Klein 9 37190 Split out function declarations and code executions. reporter-feedback Build/Test Tools normal normal Awaiting Review enhancement new 2016-06-26T14:59:16Z 2020-09-14T19:03:30Z Quite a few php files in the root directory contain function definitions and code executions. This makes it impossible to unit-test those functions. Should we move those function definitions to `includes/<file-name>.php` and then include them at the top of the root file? stephenharris 2 60370 Test Tools: Clarifying reusable workflows in Github CI Build/Test Tools normal minor Awaiting Review enhancement new 2024-01-29T12:59:58Z 2024-01-29T13:00:51Z "While working on https://github.com/WordPress/wordpress-develop/pull/5922 we had to increase the timeout limit for one of the reusable workflows of the repository: phpunit-tests-run.yml The problem is that the update were not being taken into consideration in the PR because we explicitly refer to the ""trunk"" version of that workflow in `phpunit-tests.yml` Github does offer a way to use relative links to other workflows from the same repository (instead of URLs), ti would have solved the issue there but it comes with a set of tradeoffs that need to be considered. For example, updating Node.JS version in the reusable workflow would need to be done for all the previous branches that WP still supports while forcing the use of the ""trunk"" workflow means we can update in a single place. The initial discussion about this happened on the following Slack Thread https://wordpress.slack.com/archives/C02RQBWTW/p1706523051675219 I'm opening this ticket so we can track this discussion and potentially address it (or not). " youknowriad 1 54537 Tests: Enable PHP version check once PHP 8.0 compatibility is achieved. Build/Test Tools 5.9 normal normal Future Release enhancement new 2021-11-29T21:24:57Z 2023-04-06T12:39:27Z "A test checking if the current recommended PHP version is actively supported was temporarily disabled in [52260]. This should be enabled once PHP 8.0 compatibility is achieved. Related: #54528" Hareesh Pillai 47256 Use composer to install and update external PHP libraries has-patch Build/Test Tools 5.2 normal normal Awaiting Review enhancement new 2019-05-13T18:23:42Z 2019-09-17T14:04:26Z "As of WordPress 5.2, the minimum version of PHP requires was changed to 5.6. This opens up some options around how PHP dependencies can be managed. [https://getcomposer.org/ Composer] is a popular PHP dependency manager similar to npm or yarn for javascript. WordPress core has support already got [https://github.com/WordPress/wordpress-develop/commit/39a145e0e1e442b4bed8921029c86800a804af60#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780 support for composer] since 4.7. Since 5.0, many of the javascript dependancies are now loaded in using npm, php should have a similar build step. Here are a list of dependancies that could be loaded in using composer. - [https://github.com/JamesHeinrich/getID3 ID3] - [https://github.com/rmccue/Requests Requests] - [https://github.com/LeoColomb/pomo Pomo] - [https://github.com/simplepie/simplepie SimplePie] - [https://github.com/paragonie/sodium_compat sodium_compat] - [https://github.com/paragonie/random_compat random_compat] - [https://github.com/pear/Text_Diff Text_Diff] If there are modification to these library in core, these libraries should be forked and maintained outside of core. Composer has a custom install path feature, that may allow us to maintain the current file structure. However, it may mean creating a new vendor directory (wp_vendor) and use autoloading. Loading composer these via composer will remove a lot of the bloat of the code case, will make it easier for the core to manage updates in the future. " spacedmonkey 10 41451 Use pretty permalinks by default in the test suite needs-unit-tests Build/Test Tools normal normal Awaiting Review enhancement new 2017-07-26T21:16:09Z 2018-10-19T11:13:58Z "There are 118 instances of `$this->set_permalink_structure( ... )` in the test suite. The majority of these calls are present simply to enable pretty permalinks, regardless of the permastructure for posts. Pretty permalinks should be enabled by default for the test suite. Let's try it and see if anything breaks." johnbillion 6 29544 WP_Filesystem_MockFS permissions support has-patch Build/Test Tools 3.7 normal normal Future Release enhancement new 2014-09-05T18:52:31Z 2019-02-25T01:45:03Z "At Event Espresso, we are starting to use WP_Filesystem_MockFS to unit test some of our filesystem-related code. One of the things our code was checking for was the permissions on a file, but currently that isn't supported by WP_Filesystem_MocksFS. Actually, when WP_Filesystem_MocksFS::gethchmod() (please note the ""h"" between ""get"" and ""chmod"") is called, a method-not-declare fatal error is thrown, because WP_Filesystem_Basegethchmod() calls the undefined method getchmod() (note the absense of the ""h"" between ""get"" and ""chmod""), which all the other children of WP_Filesystem_Base declare, except WP_Filesystem_MocksFS. I have a patch for this I will try to submit" mnelson4 10 53987 add tests for wp_list_filter has-patch Build/Test Tools normal normal Future Release enhancement new 2021-08-23T22:08:17Z 2022-01-09T00:26:03Z pbearne 14 41781 do not forcefully phpunit delete fixtures data Build/Test Tools 4.8.1 normal normal Awaiting Review enhancement new 2017-09-02T02:06:22Z 2017-09-02T02:06:22Z "When phpunit runs, there are at least three places where test-data are removed (see below). Fixture deletion is good in its principle. But it's also sometimes painful, especially when one is in the process of developing tests and need to run the testsuite many times. WP (re)installation + shared XML fixture loading could easily be '''very''' slow (especially given XML importer slowness). If your plugin's testsuite does not even contains destructive operations (or controlled destructions) then all that time spent in testsuite (re)installation is very frustrating. (In my case it's 1 minutes 50 versus 2 seconds) It would be good if developers could control whether or not fixtures are deleted & database cleaned, when phpunit starts/finishes. Places that need change: * [https://github.com/WordPress/wordpress-develop/blob/ce8a915/tests/phpunit/includes/bootstrap.php#L68 system( WP_PHP_BINARY ... install.php)] * [https://github.com/WordPress/wordpress-develop/blob/ce8a915/tests/phpunit/includes/bootstrap.php#L101 _delete_all_posts()] There is also: [https://github.com/WordPress/wordpress-develop/blob/ce8a91/tests/phpunit/includes/testcase.php#L83 _delete_all_data() inside tearDownAfterClass()] but this one can be easily overriden. Could a couple of filter/action/define/whatever could be made so that data cleanup, being the default, could be disabled if developer wants to? thx" drzraf 51966 npm/grunt watch/build task names are inconsistent and unintuitive dev-feedback Build/Test Tools 5.1 normal normal Awaiting Review enhancement new 2020-12-08T17:07:24Z 2021-03-10T05:25:35Z "#43055 / #44492 made a lot of changes to the typical dev workflow, and I often have trouble getting the right watch or build command going, because they don't seem intuitive or consistent to me. The `dev` flag feels vague, and doesn't describe what it actually does (builds into `src/` instead of `build/`), the `npm` commands aren't always internally consistent, or consistent w/ the corresponding `grunt` commands. They're also syntax differences between `npm` and `grunt` which need to be memorized. Some examples: * There's `npm run build` and `npm run build:dev`, but the corresponding commands are `npm run watch` and `npm run dev`, instead of `npm run watch:dev`. * `npm run build` wraps `grunt build`, but `npm run dev` wraps `grunt watch --dev`; there is no corresponding `grunt dev` task. * running `npm run watch --dev` will run `grunt watch` (into `build/`) instead of `grunt watch --dev` (into `src/`). That's because `npm` uses `-- --` to pass a flag to the proxied command, but grunt uses `--`. The commands aren't clearly documented in the Handbook or readme file, so I have to read the `package.json` or `Gruntfile.js`, and try to memorize the inconsistencies. ==== Ideas I think it'd help to: * Add clear documentation about the purpose of the `src/` and `build/` folders, the pros/cons of running from each, and the commands needed for each scenario. * Rename the commands/flags to be self-documenting and consistent. I'll open a PR with a rough implementation of those as a starting point." iandunn 13 31313 refactor is_email() tests to use separate data files and PHPUnit dataProvider has-patch Build/Test Tools normal normal Future Release enhancement new 2015-02-12T22:06:21Z 2017-02-05T14:14:04Z "There are a number of open tickets involving email validation that seem as though they could benefit from making the tests on {{{is_email()}}} a little more robust. This is my first pass at that. Ultimately, I think moving the dataProvider out of '''IsEmail.php''' would be helpful so it could be re-used when adding tests for {{{sanitize_email()}}}, but I wanted to take this one step at a time. I'm relatively new to automated testing and very open to suggestions. Related: #17433, #17491, #21730, #25108, #30039" salcode 1 56740 set_up_before_class() / wpSetUpBeforeClass() are inconsistent and confusing Build/Test Tools 4.4 normal normal Awaiting Review enhancement new 2022-10-05T17:06:53Z 2022-10-05T22:30:34Z "There was some discussion in #55918 about standardizing on either `set_up_before_class()`/`set_up_after_class()` or `wpSetUpBeforeClass()`/`wpSetUpAfterClass()`. That would bring consistency, and help reduce the confusion that exists around those functions. That applies to the tear down functions as well. See comment:7:ticket:55918 (and replies to it) See https://wordpress.slack.com/archives/C03B0H5J0/p1660782746785649 See https://wordpress.slack.com/archives/C03B0H5J0/p1661876947032299 The `wp...` variants were introduced in r35186. If a change is made here (and probably even if one isn't), it'd be good to update [https://make.wordpress.org/core/handbook/testing/automated-testing/writing-phpunit-tests/ the handbook page] to explain which functions folks should use, and any caveats. " iandunn 2 53651 unit test for wp_removable_query_args needs-unit-tests Build/Test Tools normal normal Future Release enhancement new 2021-07-12T23:38:51Z 2022-01-20T13:01:43Z Added missing unit test pbearne 7 59688 Add descriptions to patterns in bundled themes audrasjb has-patch Bundled Theme normal normal 6.6 enhancement reviewing 2023-10-20T02:09:00Z 2024-02-13T14:24:24Z "Patterns have a parameter called ""Description"". The description is used in the WordPress interface, to add context for users that can not see or use the pattern preview. For example users of screen readers. All patterns without the ""Inserter"" parameter set to ""false"" or ""no"", should use the description parameter (These patterns are hidden in the block inserter and do not use the descriptions). Patterns in bundled themes that are missing descriptions needs to be updated. Patterns can be registered using the patterns folder or with [https://developer.wordpress.org/reference/functions/register_block_pattern/ register_block_pattern()] and both type of patterns should be updated. " poena 9 58452 Add text-wrap: balance to theme styles Bundled Theme 6.2.2 normal normal Future Release enhancement new 2023-06-04T07:21:40Z 2024-02-21T12:59:39Z "Chrome 114 has introduced ""text-wrap:balance"" for CSS. The importance of it is explained in: https://developer.chrome.com/en/blog/new-in-chrome-114/ This helps in displaying content more evenly and often required for headings such as site title and description below it. So WordPress themes should have it. " superpoincare 2 53874 Bundled Themes: Measurement in 'px' is unnecessary has-patch Bundled Theme normal normal Future Release enhancement new 2021-08-04T17:21:06Z 2023-04-05T15:51:04Z Measurement in 'px' is unnecessary in bundled themes. ankitmaru 8 45293 Bundled themes: Add editor styles for form elements Bundled Theme normal normal Future Release enhancement new 2018-11-06T01:19:18Z 2020-02-24T20:51:06Z "Please add editor styles for basic form elements, e.g.: * input[type=text] * input[type=submit] * etc I am developing a block that generates a custom search form for a CPT. On the front-end, the block is styled by whatever the current theme uses for such elements. It would be great if Twenty Seventeen had editor styles for those elements so that it looked the same in the editor. I have opened this [[https://github.com/WordPress/twentynineteen/issues/480|same issue on GitHub for Twenty Nineteen]]. Doing this for all Twenty XXX themes would be great, but Twenty Seventeen & Nineteen are the only really important ones for me." pbiron 1 56487 Bundled themes: opt-in to appearance tools has-patch Bundled Theme normal normal Future Release enhancement new 2022-09-01T14:40:28Z 2023-12-20T01:36:02Z "Core themes are not getting the latest design tools in the editor because they require the theme to opt in. Previously it was only possible to opt-in via a setting in theme.json, but a theme support check was recently added: https://github.com/WordPress/gutenberg/pull/43337. I think we should add this theme support to bundled themes: `add_theme_support( 'appearance-tools' );` This will allow themes to use editor features like setting the border styles and spacing, as well future enhancements. I am not sure how far back we should go, but I think at least TT1 and TT." jffng 25 60064 Edit no-js CSS in bundled themes dev-feedback Bundled Theme normal minor Awaiting Review enhancement new 2023-12-13T21:56:39Z 2024-02-15T06:38:38Z "The CSS directive in `style.css` of the Twenty Fifteen theme `.no-js .main-navigation ul ul` should be altered to this `html.no-js .main-navigation ul ul` As other plugins like buddypress add their own `no-js` classes to the `body` which can cause conflicts. I have raised this with them directly: #buddypress9033 This could be widened into a broader ticket on a standard way of adding `no-js` classes that themes or plugins could follow as right now some add it to the `html` and some to the `body` class" shawfactor 2 58519 Inline styles block styles in bundled themes dev-feedback Bundled Theme 5.8 normal normal Awaiting Review enhancement new 2023-06-12T14:11:07Z 2023-06-19T16:59:26Z "In [50836] function was added, to inline block styles, so for better performance. There are a number of small stylesheets in bundled themes that could do with that could use this functionality. To opt-in a stylesheet, simply add the path add an extra piece of data of the stylesheet. Like this. {{{#!php wp_enqueue_style( 'twentyfifteen-block-style', get_template_directory_uri() . '/css/blocks.css', array( 'twentyfifteen-style' ), '20230122' ); wp_style_add_data( 'twentyfifteen-block-style', 'path', get_template_directory() . '/css/blocks.css' ); }}} This could improve FE performance, as it remove a blocking request. " spacedmonkey 2 44777 Multiple bundled themes ignore/override ordered list types has-patch Bundled Theme normal normal Future Release enhancement new 2018-08-11T21:02:47Z 2023-09-14T18:59:09Z If you set up an ordered list in Twenty Sixteen or Twenty Seventeen, and then try to add a type to it, WordPress ignores the type. You can get only a numbered list. Greg Raven 12 49175 Optimize font-loading techniques for all WordPress Twenty themes dev-feedback Bundled Theme 5.3.2 normal normal Awaiting Review enhancement new 2020-01-12T08:09:55Z 2023-02-25T20:47:29Z "Right now, I'm using the Twenty Seventeen theme for several websites and the Google Font Libre Franklin, included in that theme, is loaded like this: {{{ <link rel=stylesheet id=twentyseventeen-fonts-css href='https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext' type=text/css media=all> }}} For performance reasons, given as this is a font which already has fallbacks defined in the {{{body}}} property, it'd be better to add {{{display=swap}}} and {{{rel=preload}}} to this link. Few links: [https://developers.google.com/web/updates/2016/02/font-display] [https://developers.google.com/web/updates/2016/03/link-rel-preload] [https://addyosmani.com/blog/google-fonts-font-display/] These small steps will **massively increase performance and PageSpeed scores for every core theme implementing these changes** for their Google Fonts. " mvanturnhoutziggonl 2 59012 Option to change Twitter Bird to Twitter X logo Bundled Theme normal normal Future Release enhancement reopened 2023-08-09T03:33:41Z 2023-08-15T05:29:38Z "The Twitter logo changed to X. The Twitter icon in the social widget block and embed block still has the bird logo in it. " kafleg 8 47154 "Prevent ""Call to undefined function: get_header()"" error in theme files" Bundled Theme 5.1.1 normal minor Awaiting Review enhancement new 2019-05-06T16:43:44Z 2021-05-11T18:29:15Z "Referencing a ticket from 14 years ago(!) (#1530), I would like to propose that the default WordPress themes - and the theme developer guidelines - be updated to include protection from accessing theme files directly. Accessing these files give PHP warnings, usually as follows: {{{ Fatal error: Call to undefined function: get_header() }}} Whilst @markjaquith was correct in stating that theme files are not supposed to be accessed directly, bots are finding their ways into theme folders (and triggering index.php) specifically, resulting in the errors being logged. I believe it'd be good practice to extend the recommendation from the ""Writing a Plugin"" documentation ([https://codex.wordpress.org/Writing_a_Plugin#Plugin_Files]) to the ""Theme Handbook"" ([https://developer.wordpress.org/themes/template-files-section/page-template-files/]) Following that recommendation, updating twentynineteen et al to include this (or at least code similar in intention) as the first lines of PHP coding. {{{ defined( 'ABSPATH' ) or die( 'No script kiddies please!' ); }}}" devonto 6 58836 Remove IE specific checks from more default themes (6.4) reporter-feedback Bundled Theme normal normal Future Release enhancement new 2023-07-18T09:26:42Z 2023-09-12T20:24:03Z "Follow-up to #56699 Remove IE conditional statements and register external resources without enqueuing them for four more themes: - Twenty Eleven - Twenty Twelve - Twenty Fourteen - Twenty Sixteen" sabernhardt 2 40486 Standard Themes: Logic for translated strings in connection with Screen Reader text can be improved Bundled Theme normal normal Awaiting Review enhancement new 2017-04-19T17:45:26Z 2024-01-24T09:33:18Z "There are 2 strings including: {{{ screen-reader-text""> ""%s"" }}} 1) {{{#!php Continue reading<span class=""screen-reader-text""> ""%s""</span> }}} & 2) {{{#!php Edit<span class=""screen-reader-text""> ""%s""</span> }}} In german (as an example, I assume this happens too in other languages) the syntax for 1) needs to be reversed like that: {{{#!php <span class=""screen-reader-text"">""%s""</span> weiterlesen }}} 2) gets: {{{#!php <span class=""screen-reader-text"">„%s“</span> bearbeiten }}} which is correct for Screen Reader Users, but it should rather be capitalized in both cases so the button text doesn't start lowercase, see screenshot. https://translate.wordpress.org/projects/wp-themes/twentyseventeen/de/default?filters%5Bterm%5D=screen-reader-text%22%3E+%22%25s%22 We could now capitalize the strings in translation, but there must be a better solution!? PS: Yes, the quotation marks in our translation also needs a little attention, but that's not part of the ticket ;-) " Presskopp 9 60723 TT3: Wrap Navigation block in Row within the header.html template part tomjcafferkey has-patch Bundled Theme trunk normal normal 6.6 enhancement assigned 2024-03-07T12:11:25Z 2024-03-13T09:31:37Z Now that the Block Hooks API has been released as part of WordPress 6.4 3PDs may want to insert their own blocks into the header of the TT3 theme, specifically after the Navigation block. This currently causes problems because the Navigation block and it's siblings are treated as flex items due to its parent being a Row block. tomjcafferkey 2 45741 Theme block style dependencies while enqueuing Bundled Theme 5.0.2 normal trivial Awaiting Review enhancement new 2018-12-22T13:17:50Z 2021-11-30T16:02:34Z "Bundled themes enqueue a block style, such as /css/blocks.css in twentytwelve. These css rules sometimes overwrite the rules in the files with handles ''wp-block-library'' and ''wp-block-library-theme'' While the dependencies seem to be maintained, for the sake for completeness, shouldn't dependencies be made explicit in bundled themes' functions.php files? For example, dependencies in this enqueue? {{{ wp_enqueue_style( 'twentytwelve-block-style', get_template_directory_uri() . '/css/blocks.css', array( 'twentytwelve-style' ), '20181018' ); }}} " superpoincare 1 58127 Twenty Eleven: Add escaping as per the WordPress VIP standards dev-feedback Bundled Theme normal normal Awaiting Review enhancement new 2023-04-13T14:48:47Z 2023-06-09T17:37:15Z "In the Twenty Eleven theme folder, the file named search.php has improper escaping on line number 21 as per the VIP standard. Issue screenshot: [https://share.cleanshot.com/3rPjnj33GHPcFfyL0rKh] The present line of code {{{ printf( __( 'Search Results for: %s', 'twentyeleven' ), '<span>' . get_search_query() . '</span>' ); }}} Improve line of code: {{{ printf( esc_html__( 'Search Results for: %s', 'twentyeleven' ), '<span>' . esc_html( get_search_query() ) . '</span>' ); }}}" himshekhar07 2 49764 Twenty Eleven: Add gradient background options that fit the theme color scheme has-patch Bundled Theme normal normal Future Release enhancement new 2020-04-01T17:51:15Z 2021-05-11T19:25:28Z Now that we have the option for certain blocks to have gradient backgrounds, we need to add gradient background options to the theme that fit the themes color scheme. ianbelanger 8 54172 Twenty Fifteen: Replace frontend jQuery usage with vanilla JS flixos90 has-patch Bundled Theme normal normal Awaiting Review enhancement assigned 2021-09-23T19:11:38Z 2022-02-17T21:02:23Z "Using jQuery for a few simple JS interactions in WordPress themes is a common performance problem, which is in most cases relatively straightforward to address: Vanilla JavaScript has for the better part of a decade included enough APIs that work across all popular browsers so that the remaining benefits of jQuery are around a few utility functions, that could be re-implemented in a few lines of code. Using jQuery for such simple use-cases results in around 80% more JS code being loaded in the frontend. This ticket focuses on removing jQuery as a **frontend** dependency for Twenty Fifteen - specifically the frontend, as for example in the Customizer jQuery is loaded anyway (and performance is a bit less of a concern there). Also see #54171, which does the same for Twenty Twelve." flixos90 4 49761 Twenty Fourteen: Add gradient background options that fit the theme color scheme has-patch Bundled Theme 6.4 normal normal Future Release enhancement new 2020-04-01T17:47:16Z 2024-03-13T22:40:24Z Now that we have the option for certain blocks to have gradient backgrounds, we need to add gradient background options to the theme that fit the themes color scheme. ianbelanger 5 45928 Twenty Nineteen: Add a filter to the $primary_color variable has-patch Bundled Theme normal normal Future Release enhancement reviewing 2019-01-10T22:21:51Z 2020-02-21T17:51:36Z "There should be a filter added to the `$primary_color` variable, so that child-themes and plugins can override the built-in default primary color if they choose. Currently, saturation, lightness, and selected text-color can all be filtered. Once the primary color is also filterable, it’ll allow for child themes and plugins to fully customize the color dynamics in the theme. See: https://core.trac.wordpress.org/browser/trunk/src/wp-content/themes/twentynineteen/inc/color-patterns.php#L15" allancole 17 45911 Twenty Nineteen: Add archive descriptions dev-feedback Bundled Theme 5.0.2 normal normal Awaiting Review enhancement new 2019-01-10T16:56:53Z 2023-04-17T11:02:28Z "Originally reported by @dannycooper in Twenty Nineteen's GitHub repo: Archive descriptions weren't originally included in the theme's design, but it's been suggested they be added now. @kjellr created a mockup of what they should look like. Original issue here: https://github.com/WordPress/twentynineteen/issues/256" laurelfulford 2 49712 Twenty Nineteen: Add gradient background options that fit the theme color scheme has-patch Bundled Theme normal normal Future Release enhancement new 2020-03-27T13:48:41Z 2020-05-24T09:28:18Z Now that we have the option for certain blocks to have gradient backgrounds, we need to add gradient background options to the theme that fit the themes color scheme. ianbelanger 2 45945 Twenty Nineteen: Consider adding a filter for the featured image color filter functionality. dev-feedback Bundled Theme 5.0.3 normal normal Awaiting Review enhancement new 2019-01-11T19:35:36Z 2023-06-21T23:03:26Z "Originally raised by @hvianna and @grapplerulrich in this GitHub thread: https://github.com/WordPress/twentynineteen/issues/722 To make it easier for child themes to disable the featured image filter built into Twenty Nineteen, it might be helpful to add a filter for that functionality. Something along the lines of: {{{ function twentynineteen_image_filters_enabled() { return apply_filters( 'twentynineteen_image_filters_enabled', 0 !== get_theme_mod( 'image_filter', 1 ) ); } }}}" kjellr 1 45917 Twenty Nineteen: Consider adding a search option in the page header Bundled Theme 5.0.2 normal normal Future Release enhancement new 2019-01-10T18:50:26Z 2019-08-12T19:08:09Z "Originally noted by @dartiss in the Twenty Nineteen GitHub repository: https://github.com/WordPress/twentynineteen/issues/583 Twenty Nineteen only has one widget area (in the page footer) and does not allow users to place a search field on the top of the page. Many users would likely benefit from that functionality, so it could be considered for a future release. " kjellr 1 45946 Twenty Nineteen: Consider adding a slide-out animation when the touch menu is closed Bundled Theme 5.0.3 low normal Awaiting Review enhancement new 2019-01-11T19:42:29Z 2019-01-12T01:33:49Z "For the mobile menu, we have a nice slide-in animation for when the menu opens, but we do not have a slide-out animation when the menu closes. This would be a nice additional level of polish to include. Current slide-in animation for reference: [[Image(https://cldup.com/ap0GOkaZQe.gif)]]" kjellr 1 45943 Twenty Nineteen: Consider adding additional social media icons has-patch Bundled Theme 5.0 low normal Awaiting Review enhancement new 2019-01-11T19:10:22Z 2022-10-04T02:26:09Z "There have been a handful of requests for additional icons to be added to the social media links iconset in Twenty Nineteen: - Wikipedia (Proposed by @klaas1): https://github.com/WordPress/twentynineteen/pull/707 - Discord (Proposed by @silas2209): https://github.com/WordPress/twentynineteen/pull/705 - Mastodon (Proposed by Marko Saric): https://github.com/WordPress/twentynineteen/issues/711 Wikipedia and Discord have working patches already (attached): [[Image(https://cldup.com/e-JpiWU-h9-3000x3000.png)]] Twenty Seventeen has a similar social media iconset included, and has received similar requests: #43342, #45328 I don't see an issue with adding these ones (especially the ones that have patches already), but I will note that we should probably agree on some limitations around these sorts of additions: there are a near-infinite number of social media services out there, and we won't be able to include them all. In addition, each icon added provides a (admittedly very tiny) file size bump, and as these services update their logos over time, there'll be maintenance required to keep these up to date. Here is the current list of supported icons in Twenty Nineteen, for reference: https://codex.wordpress.org/Twenty_Nineteen#Add_Social_Icons" kjellr 3 45924 "Twenty Nineteen: Consider making the ""—"" divider in the header translatable." has-patch Bundled Theme 5.0.2 low normal Future Release enhancement new 2019-01-10T20:32:57Z 2019-04-24T14:38:01Z "Twenty Nineteen uses an em dash to separate the site title from the tagline: [[Image(https://cldup.com/n92WHtHO2t-3000x3000.png)]] As originally noted by @pixolin in the Twenty Nineteen GitHub repository, in non-english languages, the em dash is not always the most appropriate/common character for this situation. To address this, we should consider allowing this to be translatable. Note that the em dash is currently inserted (and hidden when appropriate) via CSS, so this could require a bit of a reworking of that functionality. Original report: https://github.com/WordPress/twentynineteen/issues/557" kjellr 1 45919 Twenty Nineteen: Improve comments in `twentynineteen_setup` Bundled Theme 5.0.2 normal normal Future Release enhancement new 2019-01-10T19:07:51Z 2020-11-25T00:04:40Z "Originally reported by @joyously in the Twenty Nineteen GitHub repo: The new interfaces for the editor should be clear and instructive. Many people will look to this theme for ""How To"" information. The comments need to indicate what the add_theme_support really does. The call for the old editor should be marked as such. Currently, it's a bit sparse: {{{ // Add support for Block Styles. add_theme_support( 'wp-block-styles' ); // Add support for full and wide align images. add_theme_support( 'align-wide' ); // Add support for editor styles. add_theme_support( 'editor-styles' ); // Enqueue editor styles. add_editor_style( 'style-editor.css' ); // Editor color palette. add_theme_support( 'editor-color-palette', array( array( 'name' => __( 'Primary Color', 'twentynineteen' ), 'slug' => 'primary', 'color' => twentynineteen_hsl_hex( 'default' === get_theme_mod( 'primary_color' ) ? 199 : get_theme_mod( 'primary_color_hue', 199 ), 100, 33 ), ), ) ); // Add support for responsive embedded content. add_theme_support( 'responsive-embeds' ); }}} There is also a separate function for enqueuing `twentynineteen-editor-customizer-styles` which should have good comments. This handle name is questionable, because it is editor and customizer, so it's confusing. Does it need to say customizer? If I'm looking at this to figure out how to change my theme for the new editor, I can't really tell what's what. Copied over from: https://github.com/WordPress/twentynineteen/issues/634" laurelfulford 1 46108 Twenty Nineteen: Include contributing.txt file with Sass compiler instructions has-patch Bundled Theme 5.0.3 normal normal Awaiting Review enhancement new 2019-01-25T18:26:30Z 2019-01-29T13:57:39Z "In the GitHub repository, there is a `CONTRIBUTING.md` document with instructions for how to compile the Sass for Twenty Nineteen. This file was not migrated over to core. For those working with the theme (both for direct contributions, and for their own purposes), it'd be helpful to bundle instructions for working with the Sass via the included build tool. The attached patch ports over the ""Compiling SCSS"" section from the document on GitHub, as a new `contributing.txt` file. https://github.com/WordPress/twentynineteen/blob/master/CONTRIBUTING.md#compling-scss" kjellr 5 45985 Twenty Nineteen: Introduce better theme support for responsive images Bundled Theme 5.0.3 normal normal Future Release enhancement new 2019-01-14T17:11:10Z 2022-12-21T17:52:53Z "As originally reported by @mor10, in the Twenty Nineteen GitHub repository: https://github.com/WordPress/twentynineteen/issues/50 ---- Currently, for images inserted within posts, the sizes attribute of the responsive images markup does not map to the actual displayed width of images. According to my tests (using a `1920x1080px` non-aligned image, inserted via Gutenberg (and set to `Image Size: Full`): The `sizes` markup is output as: `(max-width: 1920px) 100vw, 1920px` - At viewports `<300px`: A `300px` image is loaded - At viewports `>300px`: A `768px` image is loaded - At viewports `>768px`: A `1024px` image is loaded - At viewports `>1024px`: A `1568px` image is loaded - At viewports `>1568px`: The original `1980px` image is loaded Since this is not a full-width image, each of those image sizes is actually wider than necessary, resulting in a larger file size. For a more specific example: at a screen width of `1024px`, this non-aligned sample image is loaded in at `1568px` wide. As per theme rules, it actually appears only `700px` wide in the layout. On a non-retina screen, there's no need to load a `1568px` image for a `700px` space. Twenty Nineteen should include some theme-specific markup to properly assign `sizes` values that map to theme styles. This was done in Twenty Seventeen for instance: https://github.com/WordPress/WordPress/blob/master/wp-content/themes/twentyseventeen/functions.php#L491-L517 At the time of writing, this issue is blocked by Gutenberg: We can currently issue a custom `sizes` attribute for non-aligned images like the example above, but it is not currently possible to have the theme customize the `sizes` attribute for full/wide images. See the following GitHub issues for reference: https://github.com/WordPress/gutenberg/issues/6131 https://github.com/WordPress/gutenberg/issues/6177 https://github.com/WordPress/gutenberg/pull/11973 ---- I'm including patches ported over from two of @mor10's PRs on the original Twenty Nineteen repository: **Modifying the `sizes` attribute for non-aligned body images** (This currently causes negative results for `full` and `wide` images) https://github.com/WordPress/twentynineteen/pull/701 [attachment:""45985-regular-images.patch""] **Adding custom `sizes` attributes, including `wide` and `full` variants** (This is dependent on [https://github.com/WordPress/gutenberg/pull/11973 Gutenberg #11973] being merged): https://github.com/WordPress/twentynineteen/pull/629 [attachment:""45985-all-images.patch""]" kjellr 5 45878 Twenty Nineteen: Search widget input field width is too narrow on wide screens has-patch Bundled Theme 5.0.2 normal normal Awaiting Review enhancement reopened 2019-01-09T14:02:14Z 2019-03-05T16:37:55Z "At screens below ~600px, the search input field is 100% of the parent container, but above that it changes to `width: auto;` which causes it to shrink to ~170px. I suggest we make that a little larger by removing auto and setting a max-width in the CSS. Below 598px: [[Image(https://cldup.com/N7c64xcdCn-2000x2000.png)]] Above 600px: [[Image(https://cldup.com/8WGvnHWHLQ-3000x3000.png)]] --- This issue was migrated over from Twenty Nineteen's GitHub repository: https://github.com/WordPress/twentynineteen/issues/747" crunnells 1 47925 Twenty Nineteen: Size of style.css seems excessively large (225% as large as the next largest theme's CSS) Bundled Theme 5.0 normal normal Future Release enhancement new 2019-08-22T21:34:10Z 2022-10-26T20:59:22Z "I just did a check of the size of each core theme's `style.css` and here's what I found (first column is byte size): {{{ 221622 twentynineteen/style.css 98458 twentyfifteen/style.css 83559 twentyseventeen/style.css 81216 twentyfourteen/style.css 70311 twentysixteen/style.css 57356 twentyeleven/style.css 57106 twentythirteen/style.css 37606 twentytwelve/style.css 24688 twentyten/style.css }}} The `style.css` for Twenty Nineteen is 225% the size of the next-largest core theme stylesheet, for Twenty Fifteen. Between 5.2.2 and 5.3-alpha, the size of Twenty Nineteen's CSS has grown yet another 9KB. Prior to Twenty Nineteen, themes primarily had their CSS hand-written, I believe. As of Twenty Nineteen, SASS was used for the first time. Depending on how SASS is written, a little bit of code can end up generating a lot of CSS. Is this the case here for Twenty Nineteen? It doesn't seem the large amount of CSS is directly due to styling blocks, since the other themes have also been updated to style blocks. A large amount of CSS has negative impact on performance. Not only does it increase the amount of time to render the page (as CSS is render-blocking) through increased data transfer time and CSS parsing time, it also hurts performance once the page has loaded, as there is more CSS in memory and more selectors to be evaluating. How can the amount of CSS in Twenty Nineteen be reduced to be more in-line with the other core themes? ---- A few resources related to CSS performance: * [https://developers.google.com/web/fundamentals/performance/rendering/reduce-the-scope-and-complexity-of-style-calculations Reduce the Scope and Complexity of Style Calculations] * [https://developers.google.com/web/fundamentals/performance/critical-rendering-path/render-blocking-css Render Blocking CSS] * [https://css-tricks.com/efficiently-rendering-css/ Efficiently Rendering CSS]" westonruter 4 45955 Twenty Nineteen: get_the_archive_title filter issues dev-feedback Bundled Theme normal normal Awaiting Review enhancement new 2019-01-12T05:36:49Z 2019-01-12T06:37:21Z "I was testing the theme with a plugin that adds a custom post type and allows to set a custom title for the custom post type archive view using the following filter: {{{ add_filter( 'get_the_archive_title', 'slug_set_the_archive_title' ); }}} While this filter works fine in the previous WordPress themes, such as Twenty Seventeen, Twenty Sixteen and Twenty Fifteen, it does not work in Twenty Nineteen. It's possible to fix it by setting a priority parameter in the filter. For example: {{{ add_filter( 'get_the_archive_title', 'slug_set_the_archive_title', 99 ); }}} The problem is that it breaks a header style, meaning the title will have the style of the archive view prefix text (grey color and serif font style). Any idea what is the better way to use this filter in the Twenty Nineteen theme?" taskotr 2 49756 Twenty Seventeen: Add gradient background options that fit the theme color scheme has-patch Bundled Theme normal normal Future Release enhancement new 2020-04-01T15:00:51Z 2021-01-21T22:28:44Z Now that we have the option for certain blocks to have gradient backgrounds, we need to add gradient background options to the theme that fit the themes color scheme. ianbelanger 2 39623 Twenty Seventeen: Consider removing custom header from internal pages if selected video header Bundled Theme normal normal Awaiting Review enhancement new 2017-01-18T14:53:04Z 2024-02-22T08:13:21Z "This came up as I first off didn't even notice I still had default custom header until went to that blog page on the front end. It felt logical to me that the video header I had set would continue in the main site or at least I'd not still see the default header image." karmatosed 1 41175 Twenty Seventeen: The letters in words with i, j, l look all the same in h3-headings that are also formatted strong. has-patch Bundled Theme 4.8 normal normal Awaiting Review enhancement new 2017-06-26T19:18:31Z 2023-02-25T20:31:57Z "I stumbled across a website today (brent.fm/how-we-work) that is using the Twenty Seventeen Theme. There are some pages that have text paragraphs that are formatted with the '''h3''' and '''strong''' HMTL-tag. Unfortunately these paragraphs contain a lot of words with ""i"" and ""l"" and even ""j"" like: like, guide, communicators, projects, etc. and these three letters (i,l,j) in the choosen theme font look all the same on Desktop mode, which makes it quite a bit difficult to read. The font-size though gets smaller on Mobile mode and is better readable then, because the letters look like they should: different. I'm not sure if this is really a bug because usually an h3-heading is not meant to be strong formatted also, but as it seems, that's what some people do and the font behaves quite unpleasant in this case, it would be good to have the designers (@melchoye ?) to pay attention to that, with this specific font. I was able to reproduce that on a fresh local installation of WordPress 4.8 on Windows. Screenshot is attached. " transl8or 4 39281 Twenty Seventeen: header.php forces thumbnails on all post types has-patch Bundled Theme 4.8 normal normal 6.6 enhancement reopened 2016-12-14T17:23:54Z 2024-02-22T06:48:27Z "My plugin has custom post type and custom 'single-post-type' views and doesn't utilize thumbnails in them. As a result layout appears broken, and there is nothing I can do to make the plugin compatible with Twentyseventeen. I went to have a look how WooCommerce deals with this, and it turns out that there is this piece of code in the style of twentyseventeen: {{{ .single-product .single-featured-image-header { display: none } }}} While that does work, I don't think it's a solution. At the very least there has to be a filter to dynamically disable the thumbnail from `header.php`" justnorris 10 44537 Twenty Seventeen: submenu is not available from keyboard with disabled java script Bundled Theme normal minor Future Release enhancement new 2018-07-06T15:01:43Z 2019-01-18T20:59:07Z webest 3 49757 Twenty Sixteen: Add gradient background options that fit the theme color scheme williampatton has-patch Bundled Theme normal normal Future Release enhancement assigned 2020-04-01T15:04:34Z 2021-05-11T20:22:52Z Now that we have the option for certain blocks to have gradient backgrounds, we need to add gradient background options to the theme that fit the themes color scheme. ianbelanger 1 55126 Twenty Sixteen: Replace frontend jQuery usage with vanilla JS sergiomdgomes has-patch Bundled Theme normal normal Awaiting Review enhancement assigned 2022-02-09T16:04:02Z 2023-05-19T09:06:26Z "`jQuery` is a large library, at around 90KB uncompressed, or 30KB gzipped. To make matters worse, it's usually enqueued in the head, and thus becomes part of the critical path, delaying first paint and subsequent metrics. Nowadays, the library is being enqueued for relatively little gain in many situations, given that the platform supports much of the functionality. Twenty Sixteen is an example of this, as it's relatively trivial to reimplement its functionality in native JS. This ticket focuses on removing jQuery as a frontend dependency for Twenty Twelve - specifically the frontend, as for example in the Customizer `jQuery` is loaded anyway (and performance is a bit less of a concern there). See also #54171 and #54172, which do the same for other themes." sergiomdgomes 9 49765 Twenty Ten: Add gradient background options that fit the theme color scheme williampatton has-patch Bundled Theme normal normal Future Release enhancement assigned 2020-04-01T17:53:48Z 2021-05-11T15:31:40Z Now that we have the option for certain blocks to have gradient backgrounds, we need to add gradient background options to the theme that fit the themes color scheme. ianbelanger 4 49763 Twenty Twelve: Add gradient background options that fit the theme color scheme has-patch Bundled Theme normal normal Future Release enhancement new 2020-04-01T17:50:16Z 2023-08-29T11:49:35Z Now that we have the option for certain blocks to have gradient backgrounds, we need to add gradient background options to the theme that fit the themes color scheme. ianbelanger 4 54171 Twenty Twelve: Replace frontend jQuery usage with vanilla JS flixos90 has-patch Bundled Theme normal normal Awaiting Review enhancement assigned 2021-09-23T19:10:28Z 2022-02-17T21:02:12Z "Using jQuery for a few simple JS interactions in WordPress themes is a common performance problem, which is in most cases relatively straightforward to address: Vanilla JavaScript has for the better part of a decade included enough APIs that work across all popular browsers so that the remaining benefits of jQuery are around a few utility functions, that could be re-implemented in a few lines of code. Using jQuery for such simple use-cases results in around 80% more JS code being loaded in the frontend. This ticket focuses on removing jQuery as a **frontend** dependency for Twenty Twelve - specifically the frontend, as for example in the Customizer jQuery is loaded anyway (and performance is a bit less of a concern there)." flixos90 4 55660 Twenty Twenty Two: Empty index.php breaks bbPress; consider including generic template loop? has-patch Bundled Theme normal normal Awaiting Review enhancement new 2022-05-02T23:19:31Z 2023-09-09T09:30:36Z "Twenty Twenty Two currently breaks bbPress; including a generic index.php would prevent this without inhibiting it's original intent. I.e. https://wordpress.org/support/topic/blank-topic-pages-on-bbpress-while-using-twenty-twenty-two-theme/#post-15610502 Or perhaps this is not the place for this, and bbPress can sense and compensate for block theme incompatibility? " Steveorevo 1 59934 Twenty Twenty-Four: PHPCS: Empty line required before block comment dev-feedback Bundled Theme 6.4 normal normal Awaiting Review enhancement new 2023-11-20T07:56:34Z 2023-11-24T22:42:14Z I have fixed Empty line required before block the comment PHPCS issue on the twenty-twentyfour theme's function file. pratikharadava 2 53564 Twenty Twenty-One: Consider adding block-templates support has-patch Bundled Theme normal normal Awaiting Review enhancement new 2021-06-30T16:35:42Z 2022-02-04T09:14:49Z "The template editor coming in WordPress 5.8 must be manually enabled on a per-theme basis. At time of writing, this is not turned on for any of the default themes: https://make.wordpress.org/core/2021/06/16/introducing-the-template-editor-in-wordpress-5-8/ It seems reasonable that at least Twenty Twenty-One should support this feature when it's introduced. " kjellr 37 55281 Twenty Twenty-One: Consider decreasing the selector specificity Bundled Theme 5.6 normal normal Awaiting Review enhancement new 2022-03-01T10:08:37Z 2022-08-11T19:36:08Z There is a CSS selector that selects almost any `a` tags and applies white background on focus. This forces users to use at least 4 classes on elements to override by specificity and complicate the code. You can see mentioned selector and how it overrides the focus color of a button with 3 classes already in attached screenshots. Why such strong selector is used there, is it really necessary, can we remove it or decrease the specificity? orkunaybek 1 57433 Twenty Twenty-One: Pagination issue Bundled Theme normal normal Awaiting Review enhancement new 2023-01-09T09:37:30Z 2023-03-20T16:55:31Z "In the Twenty Twenty-One theme, when we inspect the page set the width 768px then pagination links are not displayed. Steps to reproduce: Activate the Twenty Twenty-One theme Inspect the page and set the width to 768px The pagination links are not displayed" patelhitesh 3 52551 Twenty Twenty-One: Search box alignment has-patch Bundled Theme 5.7 normal minor 6.6 enhancement new 2021-02-17T07:17:16Z 2024-03-18T10:28:19Z I was Customized theme twenty twenty-one search-box on tablet and smartphones view. here search-box text field and button are not in correct alignment. vinita29 5 52869 Twenty Twenty-One: Text isn't vertically centered to the checkbox reporter-feedback Bundled Theme 5.6 normal normal Awaiting Review enhancement new 2021-03-20T11:20:23Z 2021-04-29T14:44:11Z "I think we should add `vertical-align: middle;` into the line 1344 to have text aligning centerally vertically to the checkbox. Currently the code is like this: {{{ @supports (-webkit-appearance: none) or (-moz-appearance: none) { input[type=checkbox], input[type=radio] { -webkit-appearance: none; -moz-appearance: none; position: relative; width: 25px; height: 25px; border: var(--form--border-width) solid var(--form--border-color); background: var(--global--color-white); } }}} " ooker 3 57154 "Twenty Twenty-Three: Changing Size Preset from Button Typography is not affecting on front page ""Get in Touch"" button" Bundled Theme 6.1.1 normal normal Awaiting Review enhancement new 2022-11-19T17:36:09Z 2023-03-20T16:54:55Z "1. Go to **Appearance > Editor > Styles**(top right corner) **> Typography > Buttons** 2. Change the values(ie. S, M, L, XL, XXL) from Size Preset 3. Check the ""**Get in Touch**"" button from the left side preview. That's not affected by the size changes. Here is the video as well: https://youtu.be/UcOcMcHGK9s Thank you!" abidhasan112 1 56899 Twenty Twenty-Three: Quote block's citation styling cannot be changed Bundled Theme 6.1 normal normal Awaiting Review enhancement new 2022-10-24T22:00:01Z 2022-10-31T16:25:31Z "**Summary** In the Quote block the citation has less flexibility to be styled than the quote. Used WP 6.1 RC2 to test. **Steps to reproduce** 1. Add a Quote block in a Post editor 2. Try to change the Citation's font size, appearance and background **Expected results** The background, font size and appearance can be changed the same way the quote styling can be changed. **Actual Results** The citation styling stays the same while the quote styling changes. https://www.screencast.com/t/ciwoJmlowm" severinepozzo 6 57024 Twenty Twenty-Three: Randomly apply a style variation on activation dev-feedback Bundled Theme 6.1 normal normal Awaiting Review enhancement new 2022-11-07T19:28:49Z 2022-11-17T19:20:23Z "In addition to the default base styling, Twenty Twenty-Three comes with 10 additional style variations. When activating for the first time, an interesting way to showcase what the theme has to offer would be to randomly apply one of the 11 style variations." desrosj 2 57167 Twenty Twenty-Three: Replace base and contrast color names with ref values dev-feedback Bundled Theme normal normal Awaiting Review enhancement new 2022-11-21T18:20:55Z 2022-12-07T15:26:33Z "There have been previous discussions around the use of ""base"" and ""contrast"" as color names in the Twenty Twenty-Three color palette, here: https://github.com/WordPress/twentytwentythree/issues/36 I'd like to propose another idea that may help solve the naming issues, especially around these two colors. We could define these two colors in `styles.color.background` and `styles.color.text` instead of defining them separately in the color palette. We could then use `ref` values to reference them elsewhere in the theme.json files. The colors can still be defined in the color palette, but perhaps under a descriptive name, e.g. ""dark purple"". This means that the names of these two colors in the color palette would not need to match their purpose (e.g. background, foreground, base, contrast). I've created a PR to demonstrate the idea." mikachan 2 55320 Twenty Twenty-Two: Add Drop cap feature and the ability to change color of individual words other than links Bundled Theme normal normal Awaiting Review enhancement new 2022-03-04T13:39:24Z 2024-02-01T09:16:50Z "The monitor of the Twenty Twenty-Two forum asked me to relay this information to you: t-p wrote: If the theme is to be as flexible as suggested by the authors then the Drop cap as an option should be set true from the start so that all users can benefit, irrespective of technical knowledge. Please report that via https://core.trac.wordpress.org/newticket Please use the “Bundled Theme” component and start the Summary field with Twenty Twenty-Two Post Link: https://wordpress.org/support/topic/theme-upgrades-please/?view=all#post-15424860 ----------- Thank you." daveydo 1 54985 Twenty Twenty-Two: Add viewport meta reporter-feedback Bundled Theme 5.9 normal critical Awaiting Review enhancement new 2022-01-29T12:45:10Z 2022-01-29T13:26:55Z "Hello, I am a WordPress developer and I developed many sites and custom plugins and themes. We found that in your latest theme which is ""Twenty Twenty-Two"", you don't use a responsive port which is cause issues in the plugin's front-end design so, I request you please add below meta port which is perfect for all plugins and other plugins. Because we need to add manually in our plugin with the 'wp_head' hook I hope you will add meta port. Meta Port: <meta name=""viewport"" content=""width=device-width, initial-scale=1.0""> Thank you." divyeshsapariya35 2 55112 Twenty Twenty-Two: Button design has-patch Bundled Theme 5.9 normal trivial Awaiting Review enhancement new 2022-02-08T10:22:04Z 2022-02-08T14:44:45Z "It seems button elements are not styled in Twenty Twenty-Two such as {{{ <button>Click</button> }}} The browser default button appears with such code. It would be great if they have a style like other default themes. " umchal 2 54930 Twenty Twenty-Two: Improve the default template provided to the post/page template editor Bundled Theme 5.9 normal normal Awaiting Review enhancement new 2022-01-26T15:28:00Z 2024-02-01T10:00:52Z "Currently, selecting the ""New"" template option in the post/page editor results in a sample template that includes a generic header: [[Image(https://cldup.com/7juY60zOWn.gif)]] Instead of this template, Twenty Twenty-Two should provide one that's designed like its standard post/page templates, and uses the same header + footer. This was attempted during the theme's initial development, but was blocked because Gutenberg did not properly load a theme's template parts into this template editor: https://github.com/WordPress/twentytwentytwo/issues/177#issuecomment-954794119 There's a Gutenberg issue here to help fix that behavior: https://github.com/WordPress/gutenberg/issues/36124 Once that's taken care of, this issue can be resolved here in the theme. --- Originally reported by @poena on GitHub: https://github.com/WordPress/twentytwentytwo/issues/177" kjellr 1 55596 Twenty Twenty-Two: font-smoothing antialiasing setting Bundled Theme normal normal Awaiting Review enhancement new 2022-04-21T03:40:13Z 2022-06-14T19:14:11Z "Currently, at the top of 2022's style.css, font-smoothing is enabled by default by the following: `body {-moz-osx-font-smoothing: grayscale;-webkit-font-smoothing: antialiased; }` Critics of such anti-aliasing font smoothing say that it actually degrades the clarity of fonts on computer screens, particularly dark text on a light background. It switches rendering from subpixel-rendering to pixel level rendering: https://usabilitypost.com/2012/11/05/stop-fixing-font-smoothing/ https://github.com/google/fonts/issues/1170 Perhaps, font-smoothing should not be enabled by default in the default WordPress theme. Cheers, Sam " happysadhu 1 55169 Twenty Twenty-Two: use custom units spacer blocks has-patch Bundled Theme normal normal Awaiting Review enhancement new 2022-02-15T16:19:32Z 2022-02-15T16:43:49Z "Once https://github.com/WordPress/gutenberg/pull/36186 is backported to trunk and a minor release, we can use custom values in spacer blocks instead of static ones in the following templates, patterns, and parts: - header-dark-small (pattern and part) - header-dark-large (pattern and part) - home - index - search - archive" jffng 1 49711 Twenty Twenty: Add gradient background options that fit the theme color scheme has-patch Bundled Theme normal normal Future Release enhancement new 2020-03-27T13:45:13Z 2020-05-13T11:43:13Z Now that we have the option for certain blocks to have gradient backgrounds, we need to add gradient background options to the theme that fit the themes color scheme. ianbelanger 8 48804 Twenty Twenty: Attach template parts with actions instead of directly including dev-feedback Bundled Theme 5.3 normal normal Awaiting Review enhancement new 2019-11-26T21:42:41Z 2019-11-26T21:54:34Z "Originally requested on GitHub by @thomasplevy https://github.com/WordPress/twentytwenty/issues/947 **The Problem** Not all custom post types are created equal. Some custom post types are like blog posts where meta information, post author information, and navigation between post types makes sense. Other custom post types behave more like native pages where navigation between pages is undesirable. This is a pretty generic and blanket statement and it's not always true. Custom post types are custom and the requirement differ greatly depending on the developer creating them. I am working to add Twenty Twenty theme support for my plugin [LifterLMS](https://github.com/gocodebox/lifterlms) and I have several custom post types which I'd like to be able to remove author and custom post type navigation for. Given the fact that custom post types utilize template at `template-parts/content.php` it is currently only possible for me to remove the navigation and author information by using custom CSS. The meta information I am able to disable using the filter `twentytwenty_disallowed_post_types_for_meta_output`. **Proposed Solution** I'd like to modify the template in question to either be wrapped in a filter which allow the inclusion of `template-parts/entry-author-bio.php` and `template-parts/navigation.php` to be disabled via a filter. For example: https://github.com/WordPress/twentytwenty/blob/dea9290e7ca3d38b7067c3b7107787db6554249a/template-parts/content.php#L68-L72 {{{ if ( is_single() ) { get_template_part( 'template-parts/navigation' ); } }}} Could become: {{{ if ( is_single() && apply_filters( 'twentytwenty_display_single_navigation', true ) ) { get_template_part( 'template-parts/navigation' ); } }}} If this does seem like an acceptable addition I'd be more than happy to write and submit the PR but I didn't want to spend time without a blessing from a core contrib or maintainer first. Thank you for considering this!" ianbelanger 1 49904 Twenty Twenty: Blog Layout Improvements Bundled Theme normal normal Awaiting Review enhancement new 2020-04-14T09:01:57Z 2020-04-23T12:11:42Z "**Background** I am suitably impressed by the Twenty Twenty theme's support and customization, but only to a point. While we can very impressively apply layouts to pages from a visual list of templates shown on the ""Change Layout"" screen, I was hoping for that same level of visual layout for the template of the blog article post page. Instead, what I'm greeted with is no visual layout possibilities of the blog's default post page. Other than a dropdown of Default, Cover Template and Full Width Template, there seems to be no way to modify the layout of the default blog article page. Even then, this dropdown won't even be necessary if the posts page can be customized with an overall layout template. Yes, I can modify each blog article itself one by one, but only within the constraints of the theme. I'm disappointed to find that no layout system exists to modify a blog's overall template page. This is particularly disappointing since WordPress is supposed to be software dedicated to blogging. It's great that so much development effort was given to allow many customization options for modifying pages, but I'm wondering why this same level of customization wasn't given to the blog template page for posts? **Enhancement Request** I'd like to request the following theme improvement. I'd like to see the Twenty Twenty theme allow application of visual page layouts to the default blog article template page in similar form to applying layouts to actual pages. This change will allow us to apply banner images and other decorative images around a blog article post like we can on standard pages. We can also properly space paragraphs, set colors, customize sizing of H1, H2, text and so on through the Default template rather than having to play games in Gutenberg using in-line CSS via each individual article OR by manually mucking about in the theme's CSS style sheet. Once a template is visually configured, the only thing writers need to do is write, not worry about a post's overall layout. Please consider this addition. If this is not the correct bug reporting system to report Twenty Twenty theme improvements, please let me know where to post it. If such a way to do what I suggest already exists in this theme and I'm missing it somewhere, please let me know that too." commorancy0 1 53202 Twenty Twenty: Buttons Are Not Responsive on Mobile Devices Bundled Theme 5.7.2 normal normal Awaiting Review enhancement new 2021-05-13T15:31:52Z 2021-05-15T04:05:02Z "On mobile devices and tablets, the buttons are not responsive. They appear like they would on the desktop website. The buttons should be responsive so users have enough area to click on. They are too small on the mobile and tablet versions of the website. This is what Google says about using buttons: > BE THUMB-FRIENDLY > People use their fingers to operate mobile devices—especially their thumbs. Design your site so even large hands can easily interact with it. > - Use large, centered buttons and give them breathing room to reduce accidental clicks. > - Pad smaller buttons to increase the clickable area. > - Pad check boxes by making the text clickable [https://services.google.com/fh/files/blogs/GoMo_Best%20Practices_GoMo%20Branded.pdf] This is how the page looks on desktop devices. [[Image(https://core.trac.wordpress.org/raw-attachment/ticket/53202/Web-capture_13-5-2021_75816.jpeg)]] This is how the exact page looks on mobile [[Image(https://core.trac.wordpress.org/raw-attachment/ticket/53202/Web-capture_13-5-2021_75945.jpeg)]] As you can see, the buttons are not responsive and do not take up the view so they can easily be clicked on by someone using the mobile device. [[Image(https://core.trac.wordpress.org/raw-attachment/ticket/53202/Web-capture_13-5-2021_8542.jpeg)]] If you change the width settings, this only changes the width of how the buttons will appear on desktop and mobile devices but it does not make them responsive. You can tell the buttons are not responsive because the size of the text within the buttons does not change. Here is a link to the page where I did the test: http://t2.dhosting.network/buttons-not-responsive-on-mobile ''Note: The images are from a desktop computer using the dev tools to change to the mobile view but I get the same result on my mobile device.''" deborah86 2 54852 Twenty Twenty: Consider less aggressive motion preference styles Bundled Theme normal normal Future Release enhancement new 2022-01-18T19:07:15Z 2022-01-19T06:14:30Z "Twenty Twenty styles create animations and transitions but then disable all that animation for people who set the reduced motion preference in their browser/OS. {{{ @media ( prefers-reduced-motion: reduce ) { * { animation-duration: 0s !important; transition-duration: 0s !important; } } }}} The theme needs to continue honoring the preference, but it could define each of its animations within a `(prefers-reduced-motion: no-preference)` media query—and remove the `0s !important` styles—instead. That way, the theme would be responsible for its own motion without disabling motion from other stylesheets (from plugins). Related: #54174 (Twenty Twenty-One)" sabernhardt 1 60462 Twenty Twenty: Cover template overflows browser bar on mobile has-patch Bundled Theme normal trivial Awaiting Review enhancement new 2024-02-07T14:36:50Z 2024-02-07T23:32:42Z "Hey there! Twenty Twenty's cover template fills the whole background with the article image. This works as expected on desktop. On mobile however, some content gets covered by the browser bar. Replacing ''vh'' with ''dvh'' fixes that: {{{#!css .screen-height { min-height: 100dvh; } }}}" twiddler 1 50026 Twenty Twenty: Full height with short content dev-feedback Bundled Theme normal trivial Awaiting Review enhancement new 2020-04-28T22:35:16Z 2023-06-21T23:01:09Z "With the `twentytwenty` theme, when the height of the content in a page does not fill up the entire viewport, the page ends up with extra trailing whitespace. If we treat the `<body>` as a flex box the page will always be filled: {{{ body { display: flex; flex-direction: column; min-height: 100vh; } main#site-content { flex: 1 } }}} " beaucollins 2 55948 Twenty Twenty: Not able to change the Text size or Color for Add citation in Gutenberg Quote block has-patch Bundled Theme 6.0 normal normal Awaiting Review enhancement new 2022-06-08T11:20:47Z 2023-06-02T07:21:13Z "Hello Team, In Twenty Twenty Theme when we select Quote block we cannot able to change the Text size or Color for the ""Add citation"" text. Also for the Left Border we cannot able to change its color. For more information please find the Video attached. Thanks." varshil151189 1 56557 Twenty Twenty: Remove font size and weight definition on cite element Bundled Theme 5.3 normal normal Awaiting Review enhancement new 2022-09-12T10:40:58Z 2022-09-13T02:35:57Z "The {{{cite}}} element in Twenty Twenty is styled in a way that makes it less flexible than it's meant to be, with a smaller font size and no italic. [[https://www.w3schools.com/tags/tag_cite.asp|The W3Schools example uses the element to wrap the title of a painting]], not the author, causing the title to have reduce emphasis (see tt-before.png). The default styling for the `cite` element is to simply have italic text (see intended.png). Suggestion: remove the font-weight, style, and size definitions from TT's `cite` element. See (tt-after.png) Example block markup: {{{ <!-- wp:list --> <ul><!-- wp:list-item --> <li><cite>Do Androids Dream of Electric Sheep</cite>, Philip K. Dick</li> <!-- /wp:list-item --> <!-- wp:list-item --> <li><cite>Neuromancer</cite>, William Gibson</li> <!-- /wp:list-item --> <!-- wp:list-item --> <li><cite>The Diamond Age</cite>, Neal Stephenson</li> <!-- /wp:list-item --></ul> <!-- /wp:list --> }}}" Joen 1 57978 Twenty Twenty: Separator block does not work well with gradients dev-feedback Bundled Theme normal normal Awaiting Review enhancement new 2023-03-24T10:31:49Z 2023-06-10T06:53:38Z "Steps to reproduce the issue :- 1. Download WordPress version beta version. 2. Choose Twenty Twenty theme. 3. Choose separator block. 4. Apply background color to separator block. 5. Now you can able to see that background color overlaps. Because of that design not looks as per requirements. I have attached video for better understanding. Video URL :- WordPress version beta version. https://share.cleanshot.com/Y9t7PKCBmJSB8dBW1hH4" nidhidhandhukiya 2 48801 Twenty Twenty: Starter Content could be improved Bundled Theme 5.3 normal normal Awaiting Review enhancement new 2019-11-26T21:16:22Z 2019-12-09T14:34:00Z "Originally reported on GitHub by @collet https://github.com/WordPress/twentytwenty/issues/959 The ""The New UMoMA Opens its Doors"" page is supposed to showcase what the user can do with the blocks (and how to do it) and be used as a starting point. Currently, a part of this page has a bad structure that can lead the users to use the block editor in a wrong manner. [[Image(https://user-images.githubusercontent.com/54663751/68325713-4472f600-00ca-11ea-86fe-2b3a39b399db.jpg)]] * This kind of layout should be built using 2 Columns blocks instead of one. The content for ""Theatre of Operations"" and ""From Signac to Matisse"" should be placed inside a second Columns block. * With a proper structure, it isn't necessary to use Group blocks inside Column block. * The Image block shouldn't be set to Full Width As a result the design is off, there is way too much spacing between a title and its image. With a proper structure, it should look like http://2020.wordpress.net/" ianbelanger 2 48726 Twenty Twenty: Wrong Text Color for Background Color & Subtle Background when used as background color for blocks Bundled Theme 5.3 normal normal Future Release enhancement new 2019-11-19T16:22:07Z 2024-01-16T14:59:39Z "To reproduce the issue: - In the customizer inside the Colors panel set the Background Color to `#000`, it will generate a white text color - In the editor, insert a block that supports background color (e.g. Paragraph) and select Background Color or Subtle Background as the background color using the color palette. The text color is black instead of white, which makes the text unreadable. The issue (front-end and editor) is caused by the CSS (which set the text to black) at the following lines: - [source:tags/5.3/src/wp-content/themes/twentytwenty/style.css#L2730 style.css line 2730] - [source:tags/5.3/src/wp-content/themes/twentytwenty/style.css#L2739 style.css line 2739] - [source:tags/5.3/src/wp-content/themes/twentytwenty/assets/css/editor-style-block.css#L198 editor-style-block.css line 198] - [source:tags/5.3/src/wp-content/themes/twentytwenty/assets/css/editor-style-block.css#L207 editor-style-block.css line 207] " collet 1 56205 Twenty Twenty: background color of column can affect the inner content color close Bundled Theme 6.0 low normal Awaiting Review enhancement new 2022-07-12T13:52:54Z 2022-07-15T09:45:19Z "Steps to reproduce :- 1. Activate Twenty Twenty theme. 2. Choose Columns block. 3. Give background-colour Accent colour from the options. 4. In inner column give a white background. all the text under that column block is not visible because it is by default taking white colour. For better understanding please refer to this video. Video URL:- [https://share.cleanshot.com/vskbRyILtP0XkAq8aid4]" nidhidhandhukiya 2 55410 Update spacer block markup in patterns/templates registered by Twenty Twenty-Two and Core has-patch Bundled Theme 6.0 normal normal Awaiting Review enhancement new 2022-03-17T09:33:16Z 2022-03-17T09:33:38Z "The Twenty Twenty-Two theme registers block patterns and templates that contain deprecated markup for core/spacer blocks. They specify height attribute as a number (""height"":50) instead of a string that includes units (""height"":""50px""). Because of that, the block parser reports depreciation messages in browser console. The attached patch updates markup of block patterns and templates registered by modules that don't need to be compatible with pre-5.9 WordPress: the Twenty Twenty-Two theme and Core itself." jsnajdr 1 44412 'pre_cache_alloptions' filter in wp_load_alloptions() in option.php cannot be hooked needs-docs Cache API normal normal Future Release enhancement new 2018-06-20T12:47:32Z 2021-06-15T18:40:04Z "Whenever wordpress loads, it fetches all options with the wp_load_alloptions() function in the option.php file. There is a filter in the function before sending it to the cache: {{{#!php <?php $alloptions = apply_filters( 'pre_cache_alloptions', $alloptions ); }}}. However, there is no way to hook into this filter in the theme or plugin because the theme or plugin are loaded afterwards. So the full array is always send to the cache. We were having trouble with a site that loaded all of the options with autoload 'yes' and it crashed with a memory limit exhausted error because there were too many options. An action needs to be added to hook into this filter or move the calling of this function some steps further after a theme or plugin is loaded." redsnowcompany 1 49899 <plugin_name> detected an advanced-cache.php file in the wp-content directory. It seems that this is not the <plugin_name> advanced-cache.php file. Please remove this file and disable any other caching plugins to use this <plugin_name>. reporter-feedback Cache API normal normal Awaiting Review enhancement new 2020-04-13T22:19:40Z 2020-04-14T11:27:37Z "==== How to Reproduce ==== Simply install and activate two cache plugins that use advanced-cache.php file from the admin dashboard one after another. Isn't that time to change how WordPress use the advanced-cache.php file? Why not make wp-settings.php file to look for: /wp-content/*-advanced-cache.php In this way cache plugin developers will be able to create file with their name and functionality such as: /wp-content/<plugin_name>-advanced-cache.php In this way there will be no file replacing/removing and etc. and the whole plugin fight on who to use the advanced-cache.php file will be resolved. There will be no problem to have: /wp-content/<my_plugin>-advanced-cache.php /wp-content/<your_plugin>-advanced-cache.php /wp-content/<our_plugin>-advanced-cache.php The other possible (with eventually slower processing) solution is the advanced-cache.php file to be searched for in all of the plugins directory: /wp-content/plugins/* In this way each plugin can store their advanced-cache.php file in their own plugin root folder: /wp-content/plugins/<my_plugin>/advanced-cache.php /wp-content/plugins/<your_plugin>/advanced-cache.php /wp-content/plugins/<our_plugin>/advanced-cache.php And again this will be resolved. Any ideas on that? Thanks in advance." jeffreycooper 2 57743 Add `$found` parameter to `wp_cache_get_multiple()` has-patch Cache API normal normal Future Release enhancement new 2023-02-17T04:09:25Z 2023-03-24T17:30:21Z "`wp_cache_get()` includes the forth parameter `$found`. It's a boolean passed by reference to allow developers to determine whether the returned value `false` indicates a populated cache with the value `false`. {{{#!php <?php wp_cache_set( 'ticket-57741', false ); $found = false; $result = wp_cache_get( 'ticket-57741', '', false, $found ); var_dump( $found, $result ); // true, false $found = false; $result = wp_cache_get( 'invalid-key', '', false, $found ); var_dump( $found, $result ); // false, false }}} `wp_cache_get_multiple()` does not include a similar parameter and could benefit from one. Instead of been a boolean, it would be an array passed by reference. At the conclusion of the function running, the `$found` array would be of the form: {{{ array( 'set-key' => true, 'unset-key' => false, ) }}} " peterwilsoncc 17 29351 Add a function for stampedes transient caching Cache API 4.0 normal normal Awaiting Review enhancement new 2014-08-24T20:04:51Z 2022-07-08T15:09:55Z "A common caching pattern that's used by WordPress and developers everywhere look something like this: {{{ if ( false === ( $value = get_transient( $cache_key ) ) ) { // A // Bunch // Of // Code // $value = ... set_transient( $cache_key, $value, 300 ); } }}} The downside of this approach is when the cache is cold or when the cache expires there's a stampede effect as multiple requests try and refresh the cache at the same time. Instead if we had a function that allowed for soft expirations we could do something like the following: {{{ $some_slow_func = function() { // A // Bunch // Of // Code // $value = ... return $value; } $value = get_set_soft_transient( $cache_key, $some_slow_func, 300, 'Some fake initial stale value' ); }}} This approach abstracts out the cache refresh logic into another function which can result in slightly cleaner code and can be used to prevent cache stampedes. Some other optimizations / changes that we could do with this approach that's not yet implemented in the patch: * Run all cache refresh functions async via wp_cron so even the unlucky winner that gets to trigger the cache refresh will get stale data (fast). * Better locking so that only one request will refresh the cache. (Right now a couple requests could happen to refresh at the same time on a very busy site.) * Perhaps prevent caching of a `false` value or one that equates to the default passed in? * Use filters instead of PHP callbacks to make this more WordPress like. * Also build out `get_set_soft_site_transient()`. This is inspired by the stampedes cache @gibrown wrote for some of WordPress.com and the @mboynes talk at WordCamp Boston. /cc @betzster" hypertextranch 2 55463 Add a limit to _prime_*_cache functions spacedmonkey dev-feedback Cache API normal normal Future Release enhancement assigned 2022-03-25T12:18:10Z 2023-07-09T22:24:31Z "The _prime_*_cache functions, like `_prime_post_cache` do a simple query to prime caches. This does a IN request to get all the objects. As we know the number of objects we wish returned, as have an array, we can add a simple LIMIT to the query to improve the performance of the query. Example: {{{#!php $fresh_posts = $wpdb->get_results( sprintf( ""SELECT $wpdb->posts.* FROM $wpdb->posts WHERE ID IN (%s) LIMIT %d"", implode( ',', $non_cached_ids ), count( $non_cached_ids ) ) ); }}} " spacedmonkey 8 45471 Allow caching of parse_blocks results francina dev-feedback Cache API 5.0 normal normal Future Release enhancement assigned 2018-12-03T12:08:15Z 2023-03-29T14:48:39Z "A *lot* of Gutenberg implementations are going to have to parse the blocks in a post. Core itself already parses the blocks on output, but also when trimming an excerpt in `excerpt_remove_blocks`. All this parsing is done with `parse_blocks`. Unfortunately, the only thing passed to `parse_blocks` right now is a string, with no way of caching it. My suggestion would be to add a cache key to the `parse_blocks` function, which defaults to false. I've attached a proposed patch to the function, if we agree on this we could then look at how to implement this in core itself." joostdevalk 15 28759 Cache API unit tests should verify public function, not WP_Object_Cache methods has-patch Cache API normal normal Future Release enhancement new 2014-07-05T20:03:51Z 2022-07-08T15:06:37Z "The public API for the WP object cache uses the global `wp_cache_*` functions. Traditionally, these functions are mapped to a class, `WP_Object_Cache`, that provides the logic for the cache through different class methods. The public API is then a wrapper for these methods. I think we should transition our unit tests to test the public API, especially as this makes it easier to test 3rd party caches against these tests. 3rd party object caches ''shouldn't'' be required to implement the `WP_Object_Cache` methods; they should only be required to implement the public functions. Additionally, having these tests test the public API will help should we ever decide to change the `WP_Object_Cache` internals." tollmanz 4 23327 Cache incrementors for get_bookmarks() has-patch Cache API 3.5.1 low normal enhancement new 2013-01-30T18:24:08Z 2022-01-18T13:48:04Z "Make use of a caching incrementor and store queries in individual cache buckets to avoid memory exhaustion. Pattern this after #23167, which does the same thing for get_pages(). See #23173 for an explanation of the motivation behind this." ryan 7 58356 Gravatar local image cache Cache API normal normal Awaiting Review enhancement new 2023-05-19T10:38:52Z 2023-05-19T10:40:09Z "One of the native features of WordPress is the ability to use images in comments or for users. By default, these images are based on email accounts and are loaded from Gravatar. Each time one of these images is to be uploaded, a call is made to the Gravatar CDN, which implies, every so often, a DNS request, downloading from an external server and reliance on a third-party service. NOTE: This proposal does not go into legal issues such as whether MD5 is secure or not, or whether privacy legislation such as GDPR must be complied with. This proposal is purely for performance. The idea would be to give the user the possibility to store the images every N hours, for example with an extra option in Settings → Comments. The images would be called once to be downloaded every N hours, a Cron system may be used for downloading, and a flag that warns if the image is in local or not (and not to make requests to the disk to check it, since it would be cached in the user data, which have to be loaded anyway). It is possible that on small sites the impact would be minimal, but on larger sites, or sites with many comments, the number of external calls would be reduced. In addition, this should also help the sustainability of the sites, since the decision of how often things are cached does not depend on Gravatar but on the user, in addition to the configurations that can be made by the hosting. Related: #14682 #16020 #44268 #55062." JavierCasares 1 56060 Implement wp_cache_replace_multiple() – and related WP_Object_Cache method dev-feedback Cache API normal normal Future Release enhancement new 2022-06-24T02:50:19Z 2023-04-20T17:53:59Z "See: #20875, #54574. See also: https://github.com/WordPress/wordpress-develop/pull/2018#discussion_r799643985 🫠 I would like to replace multiple values in a cache, but not `add` or `set` them if they do not exist. In my experience and understanding, `replace()` doesn't get much love because `_exists()` may be impossible to implement in certain backends – specifically (or especially) when `$group` is empty. My current situation is essentially juggling multiple backends, and only wanting to replace multiple values if they exist on one server and not add or set them until some other unrelated things happen. I went to call `wp_cache_replace_multiple()` and thought my IDE had deceived me when it wasn't autocompleting. Alas! Alas, I say! I can handle this In my own drop-in, and I can account for it in my own codes, but I think perhaps it's worth reconsidering this in core for the sake of parity with everything else. Thoughts?" johnjamesjacoby 2 60053 Improve cache flush handling for large multisite database upgrades Cache API normal normal Awaiting Review enhancement new 2023-12-12T15:24:52Z 2023-12-20T16:28:44Z "We run a large WP multisite (200 sub-sites) and with recent WP major version upgrades, the upgrade process has caused a significant performance drop while the database upgrade was in progress, causing downtime and 503 server errors. This seems to be mainly due to multiple back-to-back flushing of the object cache, network-wide, while the sites are under traffic. In `wp_upgrade()` I see two calls to `wp_cache_flush()` which would happen for each of the subsite DB upgrades and I was wondering if things can be improved there. - Could we make the cache flush to be more selective and drop specific groups rather than dropping the whole network cache? - Could we do only one cache flush at the end of the DB upgrade for all sites instead of dropping the cache for each of the subsites' DB upgrades? - For object caching implementations that support subsite cache flushing (e.g. OCP) could we maybe utilize that feature? I have attached some logs and reports from our APM. This was for upgrading from WP 6.3.x to 6.4.x, using Redis with Object Cache Pro, and 4GB of cached items." xParham 2 57906 Introduce `wp_cache_*_query()` helpers Cache API 6.2 normal normal Awaiting Review enhancement new 2023-03-10T23:08:03Z 2023-03-10T23:09:59Z "Ticket #57625 outlines the issue of the `last_changed` timestamp of cache groups changing often, resulting in new cache keys for the same query, while not (or only slowly) expiring old keys. On busy sites this can be large amounts of cache data. Giving object cache implementation more information about cached queries and sql results could make deleting stale cache keys much more efficient for each individual backend. Take this example: {{{#!php <?php $query = ""SELECT p.ID FROM $wpdb->posts AS p $join $where $sort""; $key = md5( $query ); $last_changed = wp_cache_get_last_changed( 'posts' ); if ( $in_same_term ) { $last_changed .= wp_cache_get_last_changed( 'terms' ); } $cache_key = ""adjacent_post:$key:$last_changed""; $result = wp_cache_get( $cache_key, 'posts' ); }}} The cache key `adjacent_post:eecd152a77156d10fff6090cd03144c1:0.63115800 16784882730.54921700 1678488360` is pretty useless to an implementation. Introducing a new helper `wp_cache_get_latest()` would give an object cache more to work with to perform near instant invalidation, even with 10 of millions of keys: {{{#!php <?php $query = ""SELECT p.ID FROM $wpdb->posts AS p $join $where $sort""; $key = md5( $query ); $last_changed = array( wp_cache_get_last_changed( 'posts' ) ); if ( $in_same_term ) { $last_changed[] = wp_cache_get_last_changed( 'terms' ); } $result = wp_cache_get_query( $key, $last_changed, 'adjacent_post', 'posts' ); }}} This would tell the object cache: - The query hash `$key` - The last changed timestamp to delete older data only - The type `adjacent_post`, so `wp_query` of the same `posts` group doesn't need to be flushed And the implementation can store these in a hash or sorted set, which makes invalidation instantaneous and low cost. Making this a progressive enhancement is cheap and easy: {{{#!php <?php function wp_cache_get_query( $key, $last_changed, $type, $group ) { $last_changed = implode( '', $last_changed ); return wp_cache_get( ""$type:$key:$last_changed"", $group ); } function wp_cache_set_query( $key, $value, $last_changed, $type, $group ) { $last_changed = implode( '', $last_changed ); return wp_cache_set( ""$type:$key:$last_changed"", $value, $group ); } }}} " tillkruess 1 24686 Introduce generic filter on transient return value johnbillion dev-feedback Cache API 2.8 normal normal Awaiting Review enhancement reviewing 2013-07-04T16:53:45Z 2021-06-07T09:59:39Z "The `get_transient()` and `get_site_transient()` functions have a filter on their return value, but the filter name contains the transient key: `transient_{$transient}`. This means it's not possible to hook into the return value for ''every'' transient in order to do something like logging transient hits and misses." johnbillion 10 45417 Lack of actions when wp_cache_flush is called dev-feedback Cache API normal trivial Future Release enhancement new 2018-11-26T14:08:25Z 2018-12-02T22:48:40Z "The function definition of wp_cache_flush doesn't have a do_action call, and neither does WP_Object_Cache->flush. https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-includes/cache.php#L97 https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-includes/cache.php#L498 I want to be able to run additional code whenever the object cache is flushed but currently I can't. Fixing this should be as trivial as adding {{{ do_action('wp_cache_flush'); }}} to the function definition of wp_cache_flush. I don't care about the name of the action or if it runs before or after the flush, I'd just like to have this functionality in the core. Preferably before WordPress 6.0. " k1sul1 1 15565 More context for clean_post_cache() spacedmonkey dev-feedback Cache API 3.1 normal normal Future Release enhancement assigned 2010-11-24T17:41:07Z 2022-07-12T09:59:26Z "I'd like more context to be available when the clean_post_cache hook is run. Scenario: I have a plugin caches the post_IDs of most post queries that go through WP_Query. Invalidating that cache is done via the clean_post_cache hook, but requires a bunch of fragile hacks to prevent cache invalidation for things like comment inserts, which update the post's comment_count (which could, in theory, affect a WP_Query, but that's another story). Option 1: Add extra actions to provide context. This is the simpler option. Patch 1 does this for the above scenario. Option 2: Add an optional context parameter to clean_post_cache(). This is more general, but I can't think of anyplace else WordPress uses as similar approach. Patch two." mdawaffe 11 43341 Proposal: new cache helper functions Cache API normal normal Awaiting Review enhancement new 2018-02-17T01:48:59Z 2018-02-17T01:48:59Z "[https://github.com/stevegrunwell/wp-cache-remember I just tagged version 1.0.0 of WP Cache Remember], which is a small WordPress library that adds six new functions: * `wp_cache_remember()` * `wp_cache_forget()` * `remember_transient()` * `forget_transient()` * `remember_site_transient()` * `forget_site_transient()` These functions all follow the same pattern, with two each for the WP object cache, transients, and site transients, respectively. The goal is to reduce this common pattern: {{{#!php function get_some_value() { $cache_key = 'some-cache-key'; $cached = wp_cache_get( $cache_key ); if ( $cached ) { return $cached; } $value = new WP_Query( /* ... */ ); wp_cache_set( $cache_key, $value ); return $value; } }}} ...to something easier to manage: {{{#!php function get_some_value() { return wp_cache_remember( 'some-cache-key', function () { return new WP_Query( /* ... */ ); } ); } }}} Of course, if the function is being used in WordPress core or anywhere else that needs to support PHP 5.2, any callable — not just closures — could be passed. The function is based on [https://laravel.com/docs/5.6/cache#cache-usage Laravel's Cache::remember() method] and is extremely useful for themes or plugins that are regularly making use of the object cache, transients, and/or site transients. The underlying code uses existing cache API functions, and thus won't require any modification in existing object cache adapters. The complementary function, `wp_cache_forget()` will retrieve and empty the cache value, saving developers a step if they only want a cached value to be returned once (for instance, a ""flash"" message). [https://github.com/stevegrunwell/wp-cache-remember#readme The GitHub README file has a full description of each function and its arguments], along with 100% test coverage. If there's any interest in including some or all of these helpers in core, I'd be more than happy to put together a PR." stevegrunwell 58650 Reset cache in development mode Cache API normal normal Awaiting Review enhancement new 2023-06-28T00:47:17Z 2023-06-28T17:47:41Z "https://core.trac.wordpress.org/ticket/57487 added support for development mode in order that the WordPress code is aware of different methods and levels of caching. Tests in the Gutenberg plugin utilize methods such as `wp_theme_has_theme_json`. In Core, this method checks the current development mode and deal with the cache accordingly. Because Gutenberg had not set the required constants, PHP unit tests were failing, probably because the cache was not being cleared between tests (`$can_use_cached` was always true). In order to get the tests running on the Gutenberg CI, the constant `WP_RUN_CORE_TESTS` needed to be declared in [Gutenberg's PHPUnit bootstrap file]https://github.com/WordPress/gutenberg/pull/51950/files#diff-a51f75ea7a86ddd18edea3fe94a0482427795fcd7b247e6959149cbac60964dfR27. PR: https://github.com/WordPress/gutenberg/pull/51950 An alternative way suggested by @noisysocks was for Core to update Core's implementation of `wp_theme_has_theme_json` to cache the return value in a way that is reset by `wp_clean_theme_json_cache`. cc @flixos90 Related discussion: https://github.com/WordPress/wordpress-develop/commit/4a16702090984caef24af5a07d598cc5afff2fdc#r119747488 " ramonopoly 1 35430 Should the 'counts' cache group be persistent? has-patch Cache API 4.4 normal normal Future Release enhancement new 2016-01-13T02:58:54Z 2022-12-19T01:46:07Z I checked that the places storing data in the `'counts'` cache group have proper way to delete the data in cache on updates. For example, `wp_count_posts()` stores the post count, and `_transition_post_status()` deletes the count. So could we change the `'counts'` cache group to be persistent? This can reduce the repeated counting queries to the database. wjywbs 9 59592 Store last changed value in key instead of using it as a salt for query caches has-patch Cache API normal normal Future Release enhancement new 2023-10-11T10:56:04Z 2023-10-12T13:07:53Z "This 'last changed' timestamp serves as a salt, implying that when this value changes, the cache key also changes, leading to the creation of a new cache. This method of cache invalidation has proven effective over the years but presents a drawback – it generates an excessive number of caches. Imagine a high-traffic website constantly generating new content with new posts added every 10 minutes. This results in the 'last changed' cache being updated every time a new post or revision is created. Consequently, the WP_Query for the homepage could potentially generate a new cache each time a post is updated. This could lead to the creation of hundreds or even thousands of caches. The concept behind an object cache is to allow unused keys to expire and be removed from the cache. However, this process is not swift and may take hours or even days for these keys to naturally fall out of the cache. Furthermore, there's a risk that the object cache could become bloated and remove actively used cache keys. The solution lies in reusing cache keys. Instead of using 'last changed' as a salt, store the 'last changed' values within the cache value itself. Then, retrieve the cache value and compare the 'last changed' value stored in the cache with the actual 'last changed' value. If they don't match, mark the cache as invalid, retrieve the values from the database, and resave the cache with an updated 'last changed' value. This approach offers several benefits: Cache keys are reused, ensuring that the number of cache queries remains stable, and the cache queries clean up after themselves. Predictable cache keys allow caches to be primed efficiently. For instance, a caching plugin can discern the types of queries on a page and prime multiple cache keys in a single request. However, there are some downsides to consider: Third-party plugins may be reliant on salted cache keys. When comparing the last updated value, the entire cache must be retrieved. This means that the first user after cache invalidation may experience a slightly larger request.""" spacedmonkey 6 46388 WP_User::get_data_by(): Cache non-existent users to prevent triggering multiple queries reporter-feedback Cache API 5.2 normal normal Future Release enhancement new 2019-03-01T11:24:01Z 2021-06-15T19:14:20Z "Assume you use the WP_User::get_data_by() function to get the main user fields queried against an ID: {{{ WP_User::get_data_by('ID', 1337); }}} If you call this function multiple times - by calling the function directly or indirectly by using functions like get_userdata or get_avatar - and an user with the given ID does not exist, the database-query is getting executed multiple times resulting in duplicate queries: {{{ SELECT * FROM wp_users WHERE ID = '1337' }}} To prevent triggering multiple queries, non-existing users should get stored inside the WP Object Cache similar as in the get_option() function for non-existing options. The attached patch checks if the user ID exists in the WP Object Cache inside of the notusers-array so the WP_User::get_data_by() function returns FALSE if this is the case: {{{ // Prevent non-existent users from triggering multiple queries $notusers = wp_cache_get( 'notusers', 'users' ); if ( isset( $notusers[ $user_id ] ) ) { return false; } }}} If the user is not existent in the notusers-array but he also does not exist inside of the database, the user gets added to the WP Object Cache before the WP_User:get_data_by() function returns FALSE: {{{ // User does not exist, so we must cache its non-existence if ( ! is_array( $notusers ) ) { $notusers = array(); } $notusers[ $user_id ] = true; wp_cache_set( 'notusers', $notusers, 'users' ); }}} " Asgaros 2 54303 [Object Cache] Allow global caching groups to be filterable / changed dev-feedback Cache API 5.8.1 normal minor Awaiting Review enhancement new 2021-10-21T13:02:06Z 2022-06-09T01:17:57Z "The Object Caching system differentiates between ""local cache groups"" and ""global cache groups"". This is essential for Multisite setups. Global cache groups store cached objects - as the name implies - globally. There is one cached object for all sites in the network. Whereas the local cache groups are stored individually per site. The cache groups are setup using the {{{wp_cache_...}}} API. Like https://developer.wordpress.org/reference/functions/wp_cache_add/ Which groups are actually global is setup in the Object Cache bootstrapping code here: https://github.com/WordPress/WordPress/blob/e791d7f5db8252ba66c7777c456ed80343a450aa/wp-includes/load.php#L732-L735 {{{ wp_cache_add_global_groups( array( 'users', 'userlogins', 'usermeta', 'user_meta', 'useremail', 'userslugs', 'site-transient', 'site-options', 'blog-lookup', 'blog-details', 'site-details', 'rss', 'global-posts', 'blog-id-cache', 'networks', 'sites', 'blog_meta' ) ); }}} This is hardcoded and not filterable in any (reasonable) way. Currently you have to rely on the actual Object Caching implementation to allow one to change the global cache groups. The current globals setup is fine for the assumption of a default WordPress installation. But as it is with customizable software like WordPress, this is not true in any case. For example: If one would split the user information and move it from the (global) network level to the individual sites, one would have to remove all the user related groups from the global cache groups. This is currently not possible at all. There are some possible solutions: 1. Make the array of global cache groups filtereable - This might be a timing issue because the object cache system is loaded very early. But it might work. 2. Add a function to the Object Cache API to actually remove cache groups from the globals list. - This is the {{{add}}} function: https://developer.wordpress.org/reference/classes/wp_object_cache/add_global_groups/ - This could be extended with a counterpart: {{{ public function remove_global_groups( $groups ) { $groups = (array) $groups; $this->global_groups = array_diff_key( $this->global_groups, $groups ); } }}} This could then be leveraged from plugins at any point of time. Yet it still might kick in too late due to the early nature of the object cache system. 3. If timing issues are an issue, instead of the filters, one could make the filtering available using a constant ( WP_OBJECT_CACHE_NON_GLOBAL_GROUPS => array( 'users', 'usermeta' ) ). Yet this depends on PHP7+ 4. Configure the global cachegroups late when filters are available and allow default WP filtering Is this an Edge case? Yes! But it still is quite a burden on the flexibility of the Object cache that could be solved :-)" janthiel 18 36420 A more forgiving redirect guesser dev-feedback Canonical normal normal Awaiting Review enhancement new 2016-04-05T14:13:37Z 2017-08-16T19:53:17Z " I would like the redirect guesser to be more forgiving using SOUNDS LIKE . Here's a small suggestion: {{{#!php function redirect_guess_404_permalink() { global $wpdb; if ( get_query_var('name') ) { $where = $wpdb->prepare(""(post_name SOUNDS LIKE %s"", $wpdb->esc_like( get_query_var('name') ) ); $where .= $wpdb->prepare("" OR post_name LIKE %s)"", $wpdb->esc_like( get_query_var('name') ) . '%'); .... }}} It would be even better if it could be implemented using levenstein distance if that is not too heavy on resources. https://github.com/fza/mysql-doctrine-levenshtein-function " gorillum 2 17653 Canonical Redirect when space(s) are used instead of hyphens when requesting a page SergeyBiryukov* Canonical 3.0 normal normal Future Release enhancement accepted 2011-06-02T01:25:08Z 2018-08-19T03:31:39Z "Create a page with a slug that contains a hyphen (eg. /page-name/). If you then visit /page name/ (ie. use a space instead of a hyphen), WordPress currently manages to locate and display the page-name page. This could cause duplicate content issues. The same issue occurs if multiple spaces are used instead of a hyphen. As an example, this is the original page: http://jamesc.id.au/test-page/ This page is accessible via: * http://jamesc.id.au/test%20page/ * http://jamesc.id.au/test%20%20page/ * http://jamesc.id.au/test%20%20%20page/ * http://jamesc.id.au/test%20%20%20%20page/ and so on. WordPress should either output a 404 error, or redirect to /page-name/. Tested using the latest 3.2 trunk (r18110)." jamescollins 9 18385 "Canonical redirections not suited for Queries with multiple query vars and ""pretty permalinks"" in general" dev-feedback Canonical 3.2 normal normal enhancement new 2011-08-12T09:05:03Z 2019-06-04T19:22:40Z "When the Canonical code was originally written, it served it's purpose quite well. However, over the years the number of Query vars which can be used to access content via has increased, and so have the number of archive views. This has lead to increased complexity in the Taxonomy canonical code which has needlessly caused bugs. What I'm proposing, is that it might be time to lay to rest the current `if.. elseif.. elseif..` style checks, It's not possible for 1 if branch to handle every single access point without duplicating another branch. As a result, I've put a half-finished together alternate version of Canonical, It's based on tallying up which query vars have been used/accounted for and removing any duplicates.. It's certainly not the best, but it's fairing better with the unit tests so far. {{{ Unit Testing: http://unit-tests.trac.wordpress.org/browser/wp-testcase/test_includes_canonical.php Before: FF.......FFFF..FFF.....F......FFFFFF.F....F.....FF....FF... After: FF...........FFF..................FF..................F.... }}} It's a work in progress, but it's worth considering IMO. Attaching a diff, and the full file (since the diff is going to be rather unreadable in some sections)" dd32 1 20283 Create new variable or function in $wp_query object to get canonical URL of any site's page dev-feedback Canonical 3.3.1 normal normal enhancement new 2012-03-22T14:42:36Z 2019-06-04T19:22:53Z "For the sake of Search Engine Optimization it's recommended to set canonical URL inside <link rel='canonical'> tag in any site's page. Incorrect URL can exist in search engine index. For example: http://example.com?some_param=some_val&cat=3,4. URL points to categories with id equals 3 and 4, but we have another unnecessary parameter 'some_param'. It's malicious! We must set canonical URL to http://example.com?cat=3,4. So It's advance to have canonical URL generated some way. I propose to set function or variable inside WP_Query class to retrieve canonical URL to any opened page. In WP_Query we have variable WP_Query::query which consists of all necessary parameters for that propose. But we must use $wp_rewrites also. Any thoughts? " egorpromo 3 18660 Enhance rel_canonical function, add filter joostdevalk has-patch Canonical 3.3 normal normal Future Release enhancement assigned 2011-09-14T15:59:03Z 2019-10-16T10:07:49Z "I think it's a bit shortsighted to think that only singular pages need the canonical tag output in the `<head>`. Considering the fact that just about any page on your site can be accessed with a malformed URL, I think it's time to enhance this function. The attached patch is just a first pass. But I think it gets us started in the right direction. There's also a filter before output, so themes and plugins can further enhance the output of this plugin (related #14458). Patch is against [438126]." nathanrice 36 51508 Fix for canonical.php Canonical 2.3 normal trivial Awaiting Review enhancement new 2020-10-13T12:20:40Z 2020-11-15T07:09:35Z "In extremely rare cases it is impossible to determine the path {{{#!php <?php 74. $original = parse_url( $requested_url ); }}} I propose a very simple solution - check if the path was parsed correctly and if the host parameter has: {{{#!php <?php 74. $original = parse_url( $requested_url ); 75. if ( false === $original || !isset($original['host'])) { 76. return; 77. } }}} You can simply check for the presence of this key, but if it is not there for some reason, then it is better to simply complete this function." anatolykulikov 50506 PHP warning appearing in 404 page and 'post_type' query var is Array needs-unit-tests Canonical 5.4.2 normal normal Awaiting Review enhancement new 2020-06-29T11:34:44Z 2020-06-29T11:46:39Z "Fixed PHP warning appearing in 404 page and 'post_type' field is Array (not string), more exactly function: `redirect_guess_404_permalink` line 700 in '''wp-includes/canonical.php''' To replicate this issue simply add this code inside plugin/theme: {{{ function _debug_php_warning_on_404( $query ) { $query->set( 'post_type', [ 'post', 'portfolio', 'page' ] ); } add_action( 'pre_get_posts', '_debug_php_warning_on_404' ); }}} Then try a missing page slug __domain.test/missing-content__ it will show a warning: wpdb::prepare was called incorrectly. The query only expected one placeholder, but an array of multiple placeholders was sent. Please see Debugging in WordPress for more information. (This message was added in version 4.9.0.) The fix is to replace line 700 and check for array ""post_type"" query var: {{{ if ( $post_type = get_query_var( 'post_type' ) ) { if ( is_array( $post_type ) ) { $where .= "" AND post_type IN ('"" . implode( ""', '"", esc_sql( $post_type ) ) . ""')""; } else { $where .= $wpdb->prepare( ' AND post_type = %s', $post_type ); } } }}}" arl1nd 40082 Pretty links for users when searching Canonical 4.7.3 normal normal Awaiting Review enhancement reopened 2017-03-09T15:12:23Z 2018-08-14T09:50:45Z "When using the site search, users are shown the ugly URL when taken to the results page: > example.com/?s=keyword It appears as though search results can have pretty URLs: > example.com/search/keyword Maybe show the pretty URL in the browser instead?" henry.wright 9 4328 Redirect Old Slugs feature needs to redirect slugs for pages, not just posts, and redirect old permalink structure SergeyBiryukov needs-unit-tests Canonical 2.2 normal normal Future Release enhancement reviewing 2007-05-24T01:52:44Z 2022-01-25T14:30:12Z "Create a page, browse to it, edit it, change its slug, WP redirects to the old page's slug and serves a 404. Wasn't WP 2.1 or WP 2.2 supposed to make the redirect old slug feature built-in? Along the same lines, it would be sweet if instead of simply redirect old slugs, WP would redirect old urls. When the date changes, when the page parent changes, or when the permalink structure changes, the url changes but neither of WP, the redirect old slug plugin, the permalink redirect plugin, or anything else catches this." Denis-de-Bernardy 49 52865 Strip 'enclosed' trailing spaces in URLs Canonical low normal Awaiting Review enhancement new 2021-03-19T10:32:40Z 2021-03-19T10:42:06Z "#20383 made improvements that strip trailing punctuation from URLs. E.g., https://ma.tt/2012/03/productivity-per-square-inch%20 redirects correctly to the canonical URL. However, URLs like https://ma.tt/2012/03/productivity-per-square-inch%20/ (which 'enclose' the trailing space with a trailing slash) are ''not'' redirected. It, and others like it, typically return a 404 error. This kind of 'broken link' pattern is ''extremely'' common on the web; particular as a trailing slash is often appended to a malformed URL ''before'' WP runs (e.g., via a server/htaccess/nginx configuration). We should refine the canonical redirect logic (in `redirect_canonical`) to also consider and redirect these types of requests. **Considerations** - The ""''Remove trailing spaces and end punctuation from the path''"" section of `redirect_canonical` doesn't consider the presence of trailing slashes in the URL. This could/should be adapted to catch those. - There might be cases where a user 'legitimately' has a permalink structure (or slug) that ends in `%20` or `%20/`. That might(?) make a fix more complicated than just sniffing for whether the permalink structure ends with `/`. - It looks like it's inconsistent in WP where `%20` (and/or `%20/` ) can be added to slugs or structures. It's stripped in some places, but not in others. - ''Should'' a permalink or slug be 'allowed' to contain, or end in, a space character? If this is being stripped in some parts of WP, maybe that's a good argument to prevent it elsewhere/everywhere. In which case, fixing this becomes a lot simpler. " jonoaldersonwp 35248 "WordPress should remove domain trailing dot (as/like it removes ""www."")" Canonical 4.4 normal normal Awaiting Review enhancement reopened 2015-12-29T00:35:21Z 2020-01-31T16:22:59Z "I think, WordPress should redirect from address with trailing dot of domain to version without the dot, like it redirects from address with ""www."". I have read about which version is correct and seems version without dot is allowed according to RFCs, and it is very widely used, and even almost nobody know that trailing dot can be used. ( https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol ""The first definition of HTTP/1.1, the version of HTTP in common use, occurred in RFC 2068 in 1997, although this was obsoleted by RFC 2616 in 1999"" -> https://tools.ietf.org/html/rfc2616#section-14.23 ""The Host field value MUST represent the naming authority of the origin server or gateway given by the original URL."" -> https://tools.ietf.org/html/rfc2616#section-3.2.1 ""For definitive information on URL syntax and semantics, see ""Uniform Resource Identifiers (URI): Generic Syntax and Semantics,"" RFC 2396 ..."" -> http://tools.ietf.org/html/rfc2396#section-3.2.2 ""The rightmost domain label of a fully qualified domain name will never start with a digit, thus syntactically distinguishing domain names from IPv4 addresses, and may be followed by a single ""."" if it is necessary to distinguish between the complete domain name and any local domain."" )" qdinar 11 35437 dot in permalinks Canonical normal normal Future Release enhancement new 2016-01-13T06:49:02Z 2019-01-08T13:53:11Z "Just try to add dot in request uri (begin or end of any part) – it will return status 200, but should 404 or may be it should redirect to url without dots, otherwise it generates duplicate pages that is not so good. For example. Correct url is http://site.com/some/url/ Let's try: http://site.com/.some/url/ – will return status 200 and open the correct page. The same behavior if: http://site.com/some./url/ http://site.com/some/.url/ http://site.com/some/url./ Temporary solution in functions.php helpful for me: {{{#!php <?php function clear_uri($var) { global $clear_processed; $clear_processed = true; $str = trim($var, '.'); if( $str[0] == '.' || $str[strlen($str)-1] == '.' ) $str = clear_uri($str, '.'); return $str; } $clear_processed = false; $parts = explode('/', trim($_SERVER['REQUEST_URI'], '/')); foreach($parts as $k => $s) { if( $s[0] == '.' || $s[strlen($s)-1] == '.' ) $parts[$k] = clear_uri($s); } if( $clear_processed ) { $location = '/' . implode('/', $parts) . '/'; header(""Location: "" . $location, true, 301); exit; } }}} " vk_code 5 34631 Extra compat for mbstring: mb_strpos() has-patch Charset 4.4 normal normal enhancement new 2015-11-09T12:00:50Z 2019-06-04T19:33:04Z "Hello, I noticed a missing compat function within compat.php, regarding mb_strpos. The use of this function within a plugin will result in a fatal error if the server doesn't support mbstring. So I made a function that will take over the function if it does not exist. I also implemented debugging errors based on PHP 5.5 source: https://github.com/php/php-src/blob/PHP-5.5/ext/standard/string.c#L1824 {{{#!php if ( ! function_exists( 'mb_strpos' ) ) { function mb_strpos( $haystack, $needle, $offset = 0, $encoding = null ) { return _mb_strpos( $haystack, $needle, $offset, $encoding ); } } /* * Only understands UTF-8 and 8bit. All other character sets will be treated as 8bit. * For $encoding === UTF-8, the $str input is expected to be a valid UTF-8 byte sequence. * The behavior of this function for invalid inputs is PHP compliant. */ if ( ! function_exists( '_mb_strpos' ) ) { function _mb_strpos( $haystack, $needle, $offset = 0, $encoding = null ) { if ( null === $encoding ) { $encoding = get_option( 'blog_charset' ); } // The solution below works only for UTF-8, // so in case of a different charset just use built-in strpos() if ( ! in_array( $encoding, array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ) ) ) { return $offset === 0 ? strpos( $haystack, $needle ) : strpos( $haystack, $needle, $offset ); } $haystack_len = mb_strlen( $haystack ); if ( $offset < (int) 0 || $offset > $haystack_len ) { trigger_error( 'mb_strpos(): Offset not contained in string', E_USER_WARNING ); return false; } if ( !is_string( $needle ) ) { $needle = (string) $needle; if ( !is_string( $needle ) ) { trigger_error( 'mb_strpos(): Array to string conversion', E_USER_WARNING ); return false; } } if ( empty( $needle ) ) { trigger_error( 'mb_strpos(): Empty needle', E_USER_WARNING ); return false; } // Slice off the offset $haystack_sub = mb_substr( $haystack, $offset ); if ( _wp_can_use_pcre_u() ) { // Use the regex unicode support to separate the UTF-8 characters into an array preg_match_all( ""/./us"", $haystack, $match_h ); preg_match_all( ""/$needle/us"", $haystack_sub, $match_n ); $pos = key( array_intersect( $match_h[0], $match_n[0] ) ); if ( empty( $pos ) ) { return false; } return (int) $pos; } $regex = '/( [\x00-\x7F] # single-byte sequences 0xxxxxxx | [\xC2-\xDF][\x80-\xBF] # double-byte sequences 110xxxxx 10xxxxxx | \xE0[\xA0-\xBF][\x80-\xBF] # triple-byte sequences 1110xxxx 10xxxxxx * 2 | [\xE1-\xEC][\x80-\xBF]{2} | \xED[\x80-\x9F][\x80-\xBF] | [\xEE-\xEF][\x80-\xBF]{2} | \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3 | [\xF1-\xF3][\x80-\xBF]{3} | \xF4[\x80-\x8F][\x80-\xBF]{2} )/x'; /** * Place haystack into array */ $match_h = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_h ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $haystack, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_h = array_merge( $match_h, $pieces ); } while ( count( $pieces ) > 1 && $haystack = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Place haystack offset into array */ $match_hs = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_hs ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $haystack_sub, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_hs = array_merge( $match_hs, $pieces ); } while ( count( $pieces ) > 1 && $haystack_sub = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Put needle into array */ $match_n = array( '' ); // Start with 1 element instead of 0 since the first thing we do is pop do { // We had some string left over from the last round, but we counted it in that last round. array_pop( $match_n ); // Split by UTF-8 character, limit to 1000 characters (last array element will contain the rest of the string) $pieces = preg_split( $regex, $needle, 1000, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); $match_n = array_merge( $match_n, $pieces ); } while ( count( $pieces ) > 1 && $needle = array_pop( $pieces ) ); // If there's anything left over, repeat the loop. /** * Compute match of haystack offset with needle * If passed, find the array key number within the full haystack. */ $pos = in_array( $match_n[0], $match_hs ) ? key( array_intersect( $match_h, $match_n ) ) : ''; if ( empty( $pos ) ) { return false; } return (int) $pos; } } }}} `if ( ! function_exists( '_mb_strpos' ) ) {` could probably be removed since it could be a core function. To test this, I've used the following lines of code: {{{#!php var_dump( _mb_strpos( '象形指事', '指', 0 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 1 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 2 ) ); // 2 var_dump( _mb_strpos( '象形指事', '指', 3 ) ); // false var_dump( _mb_strpos( '象形指事', '指', -1 ) ); // false WARNING var_dump( _mb_strpos( '象形指事', '指', 4 ) ); // false var_dump( _mb_strpos( '象形指事', '指', 5 ) ); // false WARNING echo PHP_EOL.PHP_EOL; var_dump( mb_strpos( '象形指事', '指', 0 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 1 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 2 ) ); // 2 var_dump( mb_strpos( '象形指事', '指', 3 ) ); // false var_dump( mb_strpos( '象形指事', '指', -1 ) ); // false WARNING var_dump( mb_strpos( '象形指事', '指', 4 ) ); // false var_dump( mb_strpos( '象形指事', '指', 5 ) ); // false WARNING }}} Feel free to contribute your thoughts :) Thanks!" Cybr 1 32917 Tests_DB_Charset tests don't fully cover wpdb::strip_invalid_text_for_column() needs-unit-tests Charset 4.2 normal normal enhancement new 2015-07-08T00:20:27Z 2019-06-04T19:30:40Z "Related / previously: * #32351 * #32308 * #32127 * #21212 `Tests_DB_Charset` includes a data provider that feeds various charsets into its `wpdb::strip_invalid_text()` test, but not for its `wpdb::strip_invalid_text_for_column()` test, which means it's not being tested fully. It should be." johnbillion 1 53639 "Ability to add checkboxes to ""Email me whenever"" section" has-patch Comments normal normal Awaiting Review enhancement new 2021-07-10T14:50:22Z 2022-06-02T11:26:29Z "In wp-admin > Settings > Discussion, there is a section ""Email me whenever"". The 2 options in this section are: - Anyone posts a comment - A comment is held for moderation There's currently no way for a plugin to add more checkboxes to this list." henry.wright 3 20977 Add Dynamic Comment Statuses dev-feedback Comments 3.4 normal normal Future Release enhancement new 2012-06-15T17:12:07Z 2020-01-14T02:35:50Z It would be great to add some filters/actions that would allow plugin developers to add additional statuses to comments. supercleanse 9 39505 Add an option to add custom classes to comment_reply_link() has-patch Comments 4.7 normal normal Awaiting Review enhancement new 2017-01-06T14:08:03Z 2017-01-06T18:45:38Z In many cases, I want to add custom classes to comment reply link. I can use js or handle comment link string. But it's better if have an option to add custom classes to link via PHP. truongwp 48480 Add comment_form_opening_tag and comment_form_closing_tag filters Comments normal normal Awaiting Review enhancement new 2019-11-01T12:12:17Z 2019-12-03T15:38:11Z "I'd like to be able to customize the `div#respond.comment-respond` wrapper around the comment form and replace it with a suitable HTML5 element, but it seems to be one of the few things one _can't_ change within the form. Therefore I'd like to suggest two filters added to `comment-template.php:2451`: `apply_filters( 'comment_form_opening_tag', '<div id=""respond"" class=""comment-respond"">' );` And `comment-template.php:2643`: `apply_filters( 'comment_form_closing_tag', '</div>' );`" powerbuoy 1 43298 Add filter to hide comment types from showing up in the default query schlessera dev-feedback Comments normal normal Awaiting Review enhancement assigned 2018-02-12T15:05:23Z 2019-01-16T06:50:09Z "Comment types are not something WordPress supports by default. However, there is some data and API support for it. The `wp_comments` table contains a `comment_type` column which can be used for this purpose. The big downside is that by default these will be shown in all comment overview. Both on the frontend and the backend. There are plugins that already do this. The examples that triggered this ticket are [https://github.com/woocommerce/woocommerce/blob/d2e9b366121166c7cb26936bd2c251f3dd7ebd5d/includes/class-wc-comments.php#L110 WooCommerce] and [https://github.com/WordPress/gutenberg/pull/4685/files#diff-df5e27f1866a42a0c24ae7c0b17b1bc6R496 this PR on Gutenberg]. These plugins use the `where` clause in the pieces of the query to make this possible. I propose we add a 'simple' filter that can hide specific comment types from view. If `comment_type` is not queried in any other way, this blacklist will make sure that all comment types in the blacklist are not returned from the query. '''Why not wait for full comment_type support?''' Full `comment_type` support is a much bigger effort. This filter would benefit us in the short run and doesn't conflict with full `comment_type` support." atimmer 1 59488 Add index to comment_type and comment_approved fields in comment table Comments 3.0 normal normal Awaiting Review enhancement new 2023-09-28T12:43:53Z 2023-09-28T12:43:53Z "Follow on from #58368 It is common to query comments by `comment_type` or `comment_approved`. There are several query done in the admin to get counts for different screens. But for sites with many comments, this results in slow returning queries. Add database indexes to these two fields to improve database performance. " spacedmonkey 20597 Allow WP_Comment_Query::query to filter by category needs-unit-tests Comments 3.4 normal normal enhancement new 2012-05-02T03:35:35Z 2019-06-04T19:23:03Z "The attached patch allows WP_Comment_Query::query to accept three additional arguments: * `cat` * `category__in` * `category__not_in` The resulting comments are then filtered by these category arguments as well as any other arguments. These arguments work the same way as their `WP_Query` counterparts. I would appreciate advice on the appropriateness of using `INNER JOIN` (as I have done here) to join in the taxonomy tables to the query." sambauers 2 47447 Allow client-side storing of comment meta Comments normal normal Awaiting Review enhancement new 2019-05-31T15:46:52Z 2019-05-31T15:46:52Z "As a modern counterpart to #12431, I think it'd be nice if plugins could add comment meta from the client side as well. An example use case would be [https://github.com/iandunn/compassionate-comments a plugin that identifies toxic comments, and then encourages the author to rephrase it to be more kind before it gets submitted]. It's currently possible by adding a `preprocess_comment` callback that examines `$_POST`, verifies and sanitizes the data, and then adds it to `$commentdata` before that gets passed to `wp_insert_comment()`. It could be much easier and standardized, though. Ideally, I think a client-side script should be able to just append a hidden input field named `comment_meta[]` to the `.form-submit` element, and have it be automatically added via `wp_insert_comment()`, rather than being ignored by `wp_handle_comment_submission()`. Since it's coming from the client side, the data can't be trusted. We need to verify that it was added by the enqueued script, and then sanitize it. Maybe there could be something similar to `register_post_meta()` with a `allow_in_form` boolean param, and a `sanitize_callback` param." iandunn 48536 Allow cmd/ctrl-enter to submit comment forms in wp-admin davidbaumwald* dev-feedback Comments normal normal Future Release enhancement accepted 2019-11-08T12:02:30Z 2020-02-10T19:19:27Z "This is a follow-up on #41545 which says: > I think it'd be a nice enhancement for comment forms in both the admin and front end to submit this way. However, the r45790 introducing the feature does so only for frontend. Submitting comment by pressing ctrl/cmd + 'enter' does not seem to be working in wp-admin. It would be cool if the new feature could be added to wp-admin as well." david.binda 6 20302 Allow comment_form() to add attributes to <form> tag has-patch Comments 3.3.1 normal normal enhancement new 2012-03-25T15:48:53Z 2019-06-04T19:22:55Z "The standard method to allow Google Analytics to track comment submissions as a 'goal' is to add a piece of JavaScript code wrapped in an 'onsumbit' attribute: http://www.optimisationbeacon.com/analytics/track-blog-comments-in-google-analytics/ http://code.google.com/apis/analytics/docs/tracking/eventTrackerGuide.html We want something like the following: {{{ <form action=""http://www.example.com/wp-comments-post.php"" method=""post"" id=""commentform"" onsubmit=""_gaq.push(['_trackEvent', 'Comments', 'Submit', 'POST TITLE']);""> }}} However the current arguments submitted to comment_form() do not provide for adding attributes to <form> http://codex.wordpress.org/Function_Reference/comment_form I was forced to perform a workaround in which the onsubmit code was inserted by JavaScript on the fly at runtime. So this is request to alter comment_form() such that arguments accepted provide for 'onsubmit' or other custom attributes to be appended on the <form> tag." psbook 10 55470 Allow for finer-grained callbacks for wp_list_comment Comments 2.7 normal normal Awaiting Review enhancement new 2022-03-27T17:48:00Z 2022-03-27T18:16:41Z "I've implemented a variety of different custom comment types, so logically, I'd like to allow for default customized comment output for these different types and still allow a theoretical theme to provide its own callback. Unfortunately, the only two options are a custom callback or a custom Comment Walker. Using the 'wp_list_comments_args' filter to make a custom comment walker the default, and reimplementing the start_el option is the only way to do this...but this means again, the possibility of unanticipated interaction. So, in thinking about this, proposing two enhancement options...looking for thoughts before I write up some code for consideration. 1. Enhance the callback argument in wp_list_comments. Allow it to be an associative array or a string. If an associative array, the key would be comment_type. It would allow the 'all' parameter key, which would mean that the 'all' callback would be used if nothing more specific was provided. If this is a string, it would just set that to the all parameter and use the same logic. This would allow differing callbacks to be called per comment...if you choose to display them mixed. 1. Add a filter inside start_el to allow for greater logic at this point before triggering the built-in or custom callback on a per-comment basis. Now, ideally, the solutions would be found in #35214 with some form of comment registration, but as that would have to be backward compatible, and that it has been 6 years since that conversation started suggests this simpler solution may make sense in the interim and even afterward." dshanske 1 38925 Allow override of depth limits on comment reply link dev-feedback Comments 4.7 normal normal Future Release enhancement new 2016-11-24T06:41:07Z 2020-05-26T20:21:04Z "The core code currently hides the Reply link if a comment is at the maxDepth setting for comment nesting, but this appears to only be a constraint on the presentation. The API still allows replies through URL parameters and the REST interface, which demonstrates that there is not a functional reason for the constraint. I'm proposing that plugin authors are allowed to override this constraint by setting `$args['limit_by_depth'] = false` in a `comment_reply_link_args` filter. This requires only a minor, inconsequential change to comment-template.php per the attached patch. Note the '[https://wordpress.org/plugins/infinite-comment-replies/developers/ Infinite Comment Replies]' plugin currently achieves this by completely rewriting the reply link and thus masking everything that is handled in the core production of the link. The proposal above is a better option to achieve the same effect." TravisR 5 44485 Allow some functions from comments-template.php to accept a comment or post ID has-patch Comments normal normal Awaiting Review enhancement new 2018-07-01T14:11:57Z 2018-07-01T14:11:57Z "Nowadays, it's not uncommon to have to use some templating functions outside of the loop. Most of them already accepts a comment or post ID (get_permalink, ...). But, that's not the case for some functions related to comments. I did a small update of the file to allow that." tristanleboss 57106 Allowing comment form error pages has-patch Comments normal normal Awaiting Review enhancement new 2022-11-14T14:27:08Z 2022-11-14T15:21:43Z "Current status quo: As of now, it is not possible to have customized a customized validation for forms (covered in #57105 ) And every single error will either end in a wp_die() or an exit. Proposal: Instead of always ending in `wp_die()` we could forward to the referer page, including the error_message and the $_POST data, to prefill the form (especially with the comment, since these would be really painful if lost). `comment_form()` would require an enhancement to show errors. This idea is still in progress, I'll provide a working proof of concept later, but I wanted to open this for discussion. Note: Will also need some kind of representation for the Rest API." apermo 1 48088 Anonymous Avatar should be served locally Comments low normal Future Release enhancement new 2019-09-20T17:12:35Z 2019-11-01T17:09:20Z "Right now, even the mystery man is retrieved by querying gravatar. We should have a local copy of the anonymous avatar that is served. At the least, if there is no requirement for an email, which is what is used to provide the gravatar requests, why make requests to gravatar? We could say caching gravatar responses is plugin territory, and while I would like to do with with gravatar for performance, this is about not making a call in the first place." dshanske 1 47514 Change priority of make_clickable callback to boost performance Comments 5.2.1 normal minor Awaiting Review enhancement new 2019-06-09T21:16:48Z 2019-06-12T18:58:25Z "Hi! Preemptive: please excuse me if this ticket is inappropriate. Since WordPress' HackerOne states explicit disinterest in DoS related issues, I hesitated at first to create this ticket here. However, the effectiveness of the DoS attack and the signifcant performance boost I gained after I understood the logic behind the attack and changed a line of code made me think this might be worth sharing here. Last week one of our clients who runs a very high profile site with WordPress fell victim to a sophisticated DoS attack where attackers spammed the site with comments containing thousands of strings such as {{{ftp.z}}}. The processing of requests that displayed these comments took a huge portion of the server's available RAM. Long story short, we identified the following callbacks as the troublemakers: 1. {{{make_clickable}}} 2. {{{wp_kses_post}}} 3. {{{wptexturize}}} 4. {{{convert_chars}}} 5. {{{convert_smilies}}} 6. {{{force_balance_tags}}} 7. {{{wpautop}}} They all have in common that they operate on the entire comment string and attempt to parse out all HTML tags contained within them via REGEX functions, which takes up a lot of RAM. As a solution for our client, we established some more spam filtering for created comments. However, out of personal interest in how this attack worked I tried to understand the logic behind the attack. The reason the attackers had created comments containing thousands of strings such as ftp.x is that the {{{make_clickable}}} callback converts these strings into full {{{<a>}}} tags via PHP's built-in {{{preg_replace_callback}}}. Per default, comments can only contain 65500 characters. The string {{{ftp.x }}} (including the whitespace) contains only 6 characters. Thus it is possible to have the string {{{ftp.x }}} contained 10916 times within a single comment. {{{make_clickable}}} then turns those 10916 strings into 10916 tags, leading to a comment containing over 500.000 characters. Since {{{make_clickable}}} runs first, all of the other 6 callbacks that operate on the comment string use REGEX to parse 10916 * 2 (one opening and one closing) tags, leading to a huge memory overhead. I figured that changing the priority of the {{{make_clickable}}} filter so that it runs after {{{force_balance_tags}}} significantly increased the efficiency of the RAM usage of our server when confronted with comments containing links. Since the {{{<a>}}} tags are properly generated by WP itself, there is no reason to have it run through functions such as {{{force_balance_tags}}}. To reproduce the problem, just open a test setup of WordPress and navigate to a post that has comments enabled. Create a new one and open the developer console of the browser and type {{{comment.value = ""ftp.x "".repeat(10916)}}} Submit the comment and notice how long it takes to load the site. Imagine hundreds of such comments being loaded by hundreds of bots at the same time, then you get what happened to our client's site. The following shows the patch I applied (also attached as a diff file): {{{ --- a.php 2019-06-09 22:47:58.744746903 +0200 +++ b.php 2019-06-09 22:49:00.080742874 +0200 @@ -190,7 +190,7 @@ add_filter( 'comment_text', 'wptexturize' ); add_filter( 'comment_text', 'convert_chars' ); -add_filter( 'comment_text', 'make_clickable', 9 ); +add_filter( 'comment_text', 'make_clickable', 26 ); add_filter( 'comment_text', 'force_balance_tags', 25 ); add_filter( 'comment_text', 'convert_smilies', 20 ); add_filter( 'comment_text', 'wpautop', 30 ); }}} Best regards, Olliver " olliverh87 2 39133 Check email length in is_email() has-patch Comments 4.8 normal normal Awaiting Review enhancement new 2016-12-07T05:38:44Z 2020-07-17T14:50:12Z "In reference to this ticket - https://core.trac.wordpress.org/ticket/38506#comment:12 It would be better to check email length within the is_email() itself instead of validating it at various other places. " PranaliPatel 4 30979 Check for context menu before closing commentReply SergeyBiryukov* has-patch Comments normal normal Future Release enhancement accepted 2015-01-11T14:40:41Z 2021-08-27T13:34:20Z "Login to WP-Admin, go to the comments section and ""Quick edit"" or ""Reply"" to a comment. Bring up the context menu either with a right-click or the menu key, press ESC and the context menu and the comment box will close. [[Image(https://i.imgur.com/xnhrZDr.png)]] I understand that this is the expected behaviour but this can be frustrating at times. If you bring up the context menu while typing a long reply but decide not to autocorrect and press ESC to close the context menu everything you've typed so far is gone :( The ""Compose email"" section of both Gmail and Outlook.com close themselves when ESC is pressed but don't if the context menu is open. So I thought WordPress should also have the same behaviour. The patch checks for a right click or menu key press before doing `commentReply.revert()`." jesin 6 34389 Comment pagination settings should discourage infinite comments-per-page Comments normal normal enhancement new 2015-10-21T16:37:20Z 2019-06-04T19:32:55Z "The default value for `page_comments` is `0`. See #12562. When a comment has hundreds or thousands or trillions of comments, the lack of pagination causes severe performance problems. Part of the spiritual journey described in #8071 involved forcing pagination. We tried a few things in #8071, but decided to leave the problem for a separate ticket. A couple of possible ways forward, some of which are mutually compatible: - Force comment pagination in all cases. This could be coupled with a bump in the default value of `comments_per_page`. Good: It's consistent, and it allows us to drop a checkbox from the UI. Bad: It breaks comment permalinks for many posts (though see #34106). - Force comment pagination only when the number of comments on a post is dangerously high. Good: It reduces permalink breakage. Bad: It's confusing for the user. - Do nothing for existing installations, but enable `page_comments` by default on new installs. This could be coupled with a bump in the default value of `comments_per_page`. - Add some sort of AYS message to options-discussion.php that discourages admins from disabling `page_comments`, or setting `comments_per_page` too high." boonebgorges 20487 Comment search isn't customizable has-patch Comments 3.2.1 normal normal enhancement new 2012-04-18T23:32:07Z 2019-06-04T19:23:01Z "*cross-posted to the wp-hackers mailing list last night* I work on a large news oriented WP site and first off, it actually scales remarkably well. We keep users, comments, and actual posts all in WordPress. However, due to our size, administering comments is causing us issues at the moment. Our last outage was caused by one of our comment moderators doing a simple comment search in the admin. The query took 16 seconds to execute, the next query locked, and, with our traffic, the DB couldn't handle the resulting queued traffic. Staying away from discussions of ""you should use Disqus"" or, ""you need more X for your mysql server,"" I think there is significant opportunity to improve the way WP handles comment searching. Every comment search takes the following form: SELECT * FROM wp_comments WHERE ( comment_approved = '0' OR comment_approved = '1' ) AND (comment_author LIKE '%TERM%' OR comment_author_email LIKE '%TERM%' OR comment_author_url LIKE '%TERM%' OR comment_author_IP LIKE '%TERM%' OR comment_content LIKE '%TERM%') ORDER BY comment_date_gmt DESC LIMIT #; As we can all see, this is a beast of a query. Even when the term is clearly an specific term (say an email or IP), or when the intent of the admin is known (e.g. clicking the IP link on a specific comment). Furthermore, there are no hooks activated in this process for plugins to use to say create an advanced comment search plugin. One might expect hooks like those activated in post search to be activated here, like ""parse_request"" and ""get_search_query."" Waxing philosophical, as posts, comments, and users are the three basic types of data to be stored and displayed in WP, one would expect them to have similar interfaces and functionality. They each have basic functionality of being able to retrieve a single item, a list (in full or in part), search for an element, or edit a single entry. For this reason I don't understand why each of their functionality isn't derived from something like an abstract class or an interface. The architecture here is also difficult in that you are not able to replace or extend a single class to change the functionality. Back on target. I propose that we add functionality by which we'll be able to search by exact match in addition to the existing full wildcard (left, right, or full wildcard is probably excessive) as well as specifying the field to search. This would allow my earlier use case of searching by IP to look for an exact match in the ""comment_author_IP"" field only, not searching the fulltext of every comment. This functionality can be created simply by: 1. Adding ""search_type"" and ""search_field"" to the WP_Comment_Query::query_vars data structure in wp_includes/comment.php 2. Replacing WP_Comment_Query::get_search_sql with something more robust, able to understand these new properties and construct the query on their basis 3. Upgrading WP_Comments_List_Table::prepare_items to accept the new queries and add them to the data structure it creates 4. Either modifying WP_List_Table::search_box to have some options of advanced search, or dropping a hook so that a plugin can easily modify it 5. Modifying the WP_Comments_List_Table::column_author to supply the correct query string to indicate an IP search If I can figure out a way to make this more similar to the signature of posts and users, or at least add some hooks at the right places, I can do that as well. This will add efficiency for everyone--particularly those who have lots of comments. I modified our core for this functionality today and we will fully QA it tomorrow. I made it on 3.2.1 as that is what we're running right now, and there are minimal changes in the affected files and functions between 3.2.1 and 3.3.1 and even the nightly. I can submit a patch as long as it passes our QA--how should I do that, off the nightly? Thanks, -Kenton Jacobsen" brokentone 22 16365 Comment transition for new comments needs-docs Comments 3.1 normal minor enhancement new 2011-01-24T21:07:46Z 2019-06-04T19:22:11Z "As far as I can tell wp_transitions_comment_status() does not get called for new 'comments' based on my testing and review of comment.php in wp-includes. There is a similar transition for posts that gets called for new 'posts' including hooks like 'new_to_publish' and 'new_to_private'. I feel that there should be a similar hook to this form comments so that plugins can hook into new comments differently from comments moved from one existing status to another (like comment_unapproved_to_approved'." MattyRob 24 54473 Comments listing screen in wp-admin doesn't expose if a comment was left by a logged in user has-patch Comments normal normal Awaiting Review enhancement new 2021-11-19T05:34:17Z 2021-11-20T00:26:35Z "When viewing wp-admin/edit-comments.php it's not possible to determine if comments are being left by an ""anonymous"" user, or by a logged in user, despite this being stored in the comments table. This is particularly useful for Sites where users need to be logged in to comment, or for sites with public registration enabled (such as WordPress.org). Using #meta5485 as an example, spammers can register and then leave spam comments on posts, but it's not immediately visible what their user login is, or have any link to their profile - Having a link directing the moderator to the users profile, in addition to being able to spam just the comment, would be greatly beneficial for those use-cases. There's already a bit of information overload on the comments listing author section, so perhaps for logged in users the information shown might be able to be adjusted/minified/etc. There might not be any reason to display the Email address for example." dd32 2 25338 Comments of password-protected posts should not be shown to logged-in users without edit capability Comments normal normal enhancement new 2013-09-17T02:30:31Z 2019-06-04T19:24:16Z "Currently, if an user creates a password-protected post, Authors and lower roles cannot view the post neither on the front end nor in the backend, unless it was their own post (or they have the password). However, they can see comments of those posts while viewing edit-comments.php. Suggested that comments of password-protected posts should not be displayed to users without ability to view/edit the post in the admin." kraftbj 2 39028 Comments on private posts or specific edge cases can get a confusting white screen error. Comments 4.4 normal normal Awaiting Review enhancement new 2016-12-02T14:29:01Z 2017-08-03T14:00:53Z "I have a plugin that uses the private status for a custom post type used in private BuddyPress groups. When a group member tries to comment on one of the post type he's getting a white screen. I've fixed the issue on my side, problem was about caps mapping. But still, i was pretty confused by this behavior. At first i thought it was a fatal error, but xdebug returned nothing, so i've looked in my error.log again nothing ?? Then i've found some returned WP_Error was missing data like the 403 status in `wp_handle_comment_submission()`. As this function was introduced in 4.4, i guess it first appeared in 4.4. I think it could be interesting to have a screen looking like this in this kind of cases : [[Image(https://cldup.com/ymyxLMacts.png)]] I suggest the attached patch." imath 1 45998 Comments trashed after reply reporter-feedback Comments 5.0.3 normal normal Awaiting Review enhancement new 2019-01-16T02:58:34Z 2019-01-16T16:42:52Z "I found A Bug into your software. Which is Whenever I click on **Approve and Reply** option in comments, then it's automatically trashed.. Please Fix it." pkkarn 1 28959 Comments: improve comment moderation text and default style for better UX Comments normal normal enhancement new 2014-07-19T18:31:55Z 2019-06-04T19:26:13Z "The comment moderation email confirmation isn't as helpful as it could be: ""Your comment is awaiting moderation"" doesn't completely suggest the comment went through successfully. (This feedback originally suggested by Scott Berkun, I'm paraphrasing a bit.) ""When a commenter replies, the new comment appears in the middle of the screen, but buried inside the comment area is the message: ""Your comment is awaiting moderation"" -- often in very small text. Suggested improvements: 1. Provide a better default visual indicator that the comment reply succeeded -- this confirms to the commenter that they did everything right. 2. Improve the text to say '''""Your comment was submitted successfully and is awaiting moderation.""''' Attached are before / after screenshots to illustrate (with Twenty Fourteen as an example theme since styles could be theme-specific.)" lancewillett 4 22579 Confusion of WP admin Discussion settings Comments normal normal Future Release enhancement new 2012-11-24T20:46:05Z 2019-11-05T13:26:24Z "On the ""Settings>Discussion"" page: 1) ""'''Default article settings'''"" should be replaced by ""'''Default comment settings'''"" (because these important settings do not only apply to posts (''articles'')), but also to pages! 2) ""'''Allow people to post comments on new articles'''"" should be replaced by: --> ""'''Allow people to post comments'''"" (best option in my opinion) or --> ""Allow people to post comments on new pages and posts"" Sorry if this is not the right place to make such suggestions." Lorangeo 15 40355 "Default to ""https://"" in comment author URL field" dev-feedback Comments normal normal Awaiting Review enhancement new 2017-04-04T15:56:58Z 2021-06-07T10:00:12Z "One pet peeve of mine with commenting on other people's WordPresses, is on new sites I haven't commented on yet (or aren't powered by Jetpack Comments) that I need to type `https://` in every Website field. Traditionally, this field is currently empty unless a cookie exists (see: `wp_get_current_commenter()`). Tangentially, recent efforts across the web to SSL all-of-the-things (`\o/`) makes this field an interesting opportunity to gently nudge the web in the direction of `https://` feeling more like the norm than the exception. A plugin can easily enable this (and I'll likely make one today) but I'll offer up the idea here first. Patch imminent." johnjamesjacoby 3 41110 "Display full content of ""Pending"" comment on WP Dashboard" has-patch Comments 4.8 normal normal Awaiting Review enhancement new 2017-06-21T05:42:37Z 2017-06-21T06:23:25Z """Recent Comments"" widget in WP dashboard displays a list of Pending and recent comments. A ""Pending"" comment has all the action items - approve, reply, edit, trash, spam. But, these items are of no use, because the complete comment text is not visible. It will be good to display the full content of the ""Pending"" comments. OR Add a toggle to display the full content without having to go to ""Comments"" page. " puneetsahalot 1 21758 Do not require a file in comments_template() Comments 3.4.1 normal normal enhancement new 2012-08-31T20:22:16Z 2019-06-04T19:23:20Z "comments_template() is a very useful and reliable way to set up comments for a page, but it has a major downfall: it forces a file to be included when, in reality, one does not need to be. Numerous times it has been the case that I needed comments to be setup in the wp_query object, but did not want to output anything at that time. The hack I have used is simply to include an empty comments.php file. This method is less than desirable for obvious reasons. So, I propose that we simply add a parameter I'm calling $require that will control whether or not a file is included at all." mattonomics 4 13363 Edit Comments: Pending > Approving shouldn't make them disappear from screen wonderboymusic has-patch Comments 3.0 normal normal Future Release enhancement assigned 2010-05-11T23:35:45Z 2023-11-16T17:40:18Z "Edit Comments: Pending > when clicking Approve the comments shouldn't just disappear from the screen. They should collapse and have an undo status like when you trash or spam a comment. ENV: WordPress trunk r14573 (3.0-beta2-14565) " lloydbudd 4 57105 Enhance wp_handle_comment_submission() with a custom validation Comments 6.2 normal normal Awaiting Review enhancement new 2022-11-14T14:06:08Z 2022-11-14T20:23:46Z "As of now, there is no way to do a custom validation on comments, but it is pretty much mandatory in most European countries to ask for consent when storing the data. In 4.4.0 the filter `comment_form_fields` was introduced, which allows to add a custom checkbox for that very consent. My example below shows exactly this case, it comes with an html5 form validation via the `required` attribute, by due to the missing server side component, that is a weak validation(at best). I propose to add a counterpart filter inside of `wp_handle_comment_submission()` that will allow exactly this missing server side validation. {{{#!php <?php /** * Allows a custom validation. * * @since TBD * * @param null|WP_Error $custom_validation Your possible custom error. * @param array $commentdata Array of comment data to be sent to wp_insert_comment(). * @param array $comment_data The raw comment data from the function call. */ $custom_validation = apply_filters( 'comment_form_fields_validation', null, $commentdata, $comment_data ); if ( is_wp_error( $custom_validation ) ) { return $custom_validation; } }}} `$comment_data` will pretty much contain the content of `$_POST`. (Patch with exact position see attachment) Example use case(simplied): {{{#!php <?php namespace CustomNamespace // This is already working since 4.4.0 function comment_privacy_field( array $fields ): array { $fields['privacy'] = '<input id=""privacy consent"" name=""privacy-consent"" type=""checkbox"" value=""yes"" required><label for=""comment-form-privacy-consent"">Yes I consent...</label></p>'; return $fields; } add_filter( 'comment_form_fields', __NAMESPACE__ . '\comment_privacy_field' ); // This is new in my proposal function comment_validation( $custom_validation, $commentdata, $comment_data ): ?\WP_Error { if ( ! isset( $comment_data['privacy-consent'] ) || empty( $comment_data['privacy-consent'] ) ) { return new \WP_Error( 'require_consent', 'You have to consent', 200 ); } return $custom_validation; } add_filter( 'comment_form_fields_validation', __NAMESPACE__ . '\comment_validation', 10, 3 ); }}} This would allow us to add any custom validation. Note: Any comment form error will result in a `wp_die()` page, which would likely need an overhaul in this case too. But I will create a separate ticket for that topic." apermo 3 44923 Filter .children class on nested comments list Comments normal normal Awaiting Review enhancement new 2018-09-09T20:52:44Z 2019-04-21T07:19:28Z "The `start_lvl()` method of `Walker_Comment` should have a filter hook to customize the `.children` class. This will allow theme authors to utilize their preferred system or CSS framework for handling nested comment lists. And, `.children` is generic and requires writing nested CSS selectors to target it. This change would put the comment walker on par with the nav menu walker, where we have the `nav_menu_submenu_css_class` filter hook." greenshady 6 19739 Filters to allow comments on draft & trash post_status posts needs-unit-tests Comments 3.3 normal normal Future Release enhancement new 2012-01-04T19:01:18Z 2023-03-02T15:52:31Z "I'd like to use comments on draft posts as part of an editorial workflow. Will this be as easy as adding a filter to fire before the current comment_on_draft action that can be checked before exiting? I'll try that and add a patch if it looks good. Related #13276. Not relevant to #18630, I think." cyberhobo 16 50361 Highlight if link targets in comments don't refer to the link text dev-feedback Comments normal normal Awaiting Review enhancement new 2020-06-10T20:36:48Z 2020-06-10T20:42:02Z I'm thinking of some kind of solution to warn if links in comments are not what they seem to be to give a little security extra. They can be misused to inject bad stuff if clicked as an admin. I changed class-wp-comments-list-table.php to show a hint like on the screenshot to show you what I mean. What do you think? How could this be done in a non disturbing way? Or don't we want it at all? You decide. Presskopp 33627 In-Context Comment Moderation Comments normal normal Future Release enhancement new 2015-08-31T17:24:33Z 2021-01-27T19:20:14Z "One of the more painful points in the comment moderation UX revolves around knowing whether or not a comment is in context. Right now, WordPress says who a person was replying to and offers a link to the frontend of that comment on replies to a comment. However, it can be quite tedious to go view the original comments a bunch of people were replying to to see if the reply was in-context. An easy fix for this would be to offer a ""Show context"" link next to the ""replying to {name} link on replies, that when clicked, would ajax show the comment the pending comment was originally replying to. " chriscct7 22 39084 Introduce singular capabilities for managing individual comments needs-unit-tests Comments normal normal Future Release enhancement new 2016-12-04T22:14:50Z 2017-07-14T19:41:15Z "As we did in #35614 for taxonomy terms, singular capabilities should be introduced for approving, unapproving, spamming, unspamming, editing, and deleting individual comments. This would allow fine-grained cap checks such as current_user_can( 'edit_comment', $comment_id ) and current_user_can( 'approve_comment', $comment_id )." johnbillion 1 36564 Last Modified for Comments needs-unit-tests Comments 4.4 normal trivial Future Release enhancement new 2016-04-17T20:44:59Z 2017-02-12T10:37:16Z "Related #28463, #19495. Posts have a last modified and last modified gmt, but comments have no such thing. There are several proposals indicating a need for comment revision, or tracking when the comment is first created. Wanted to explore the idea of having last modified and last modified gmt stored as comment meta triggered by update_comment as a simple, low impact way of adding this feature that could be used by a variety of plugins. This could be implemented by plugin hooking to edit_comment, but if such a feature is to be useful, it needs a standard storage format." dshanske 7 41731 Make it Easier to Locate Restored Comments SergeyBiryukov Comments 4.8.1 normal normal Future Release enhancement assigned 2017-08-25T19:30:34Z 2019-06-21T17:56:20Z "When a comment is in the trash, WordPress does not allow you to edit its details without restoring it first. After restoring the comment, it disappears from the Trash and the user is then required to locate it either by memorizing the post it's on or searching for it in the backend. It doesn't show up on the approved comments page because of its original published date. I suggest that if a single comment is restored, it takes users to the post it's on. Even better would be taking the user straight to where the comment is in the Discussions meta box. However, since users can hide this meta box via the screen options, I'm unsure how to account for that. Perhaps redirecting users to the post where the comment is displayed is enough?" jeffr0 2 22164 "Move comment ""keyboard shortcuts"" setting to comments -> screen options" dev-feedback Comments normal normal enhancement new 2012-10-11T14:14:23Z 2019-06-04T19:23:27Z "Seems like it would make more sense to move the comment ""keyboard shortcuts"" setting from ""Your Profile"" to the screen options pane of edit-comments.php. Something like: [[Image(http://f.cl.ly/items/1k210Z2V1o0b350I1n0V/keyboard-shortcuts.jpg)]]" lessbloat 8 23179 New avatar related option - use gravatar only for registered users dev-feedback Comments normal normal enhancement new 2013-01-11T15:40:59Z 2019-06-04T19:23:48Z "The use of gravater is problematic because there is no attempt to verify that a comment with which an email was used was actually left by the owner of the email (AFAICT gravatar doesn't even have an API for authentication). This makes impersonating to someone else that have a gravatar in a wordpress site comments much too easy. IMO non autogenerated gravatars should be displayed by default only for users for which it is known that they actually own the email address, which are usually only the registered users." mark-k 4 23634 New hook for adding content after each comment chriscct7 has-patch Comments normal normal Future Release enhancement assigned 2013-02-26T19:29:57Z 2017-10-23T14:56:06Z "Similar to #18561 (which is for a new ""after post"" hook) add a hook that fires after each comment output with {{{wp_list_comments}}}." lancewillett 8 56261 Normalize comment function parameters with mixed case names SergeyBiryukov* Comments normal normal Future Release enhancement accepted 2022-07-20T16:30:32Z 2023-02-08T14:39:53Z "Background: #56244 As of WordPress 2.9, core normalizes the `user_ID` parameter to `user_id` when passing data to comment functions, see [12267], [12300], and [28915]. We should consider normalizing other parameters in the same way as it was done for `user_ID` → `user_id`: * `comment_ID` → `comment_id` * `comment_post_ID` → `comment_post_id` * `comment_author_IP` → `comment_author_ip` Then any combination of these parameters would work regardless of the case. This would allow extenders to name variables in accordance with the WordPress coding standards: * `$comment_id` * `$comment_post_id` * `$comment_author_ip` and use them subsequently in a `compact()` call without having to worry about a case mismatch. This would also allow us to revert some of `compact()` rearrangements made in [53719] and [53723]: {{{ $compacted = array( 'comment_post_ID' => $comment_post_id, 'comment_author_IP' => $comment_author_ip, ); $compacted += compact( 'comment_author', 'comment_author_email', 'comment_author_url', ... 'user_id' ); }}} which could then be: {{{ $compacted = compact( 'comment_post_id', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_author_ip', ... 'user_id' ); }}} The list of functions this may affect: * `wp_insert_comment()` * `wp_new_comment()` * `wp_update_comment()` * `wp_filter_comment()` * `wp_handle_comment_submission()`" SergeyBiryukov 8 6286 "Proposed changes to ""E-mail me whenever"" Discussion Options" Comments 2.5 normal normal Future Release enhancement new 2008-03-18T19:14:55Z 2019-03-15T00:40:35Z "WRT the ""E-mail me whenever"" options on the Discussion options page: [[Image(http://img132.imageshack.us/img132/4215/picture1vf1.png)]] 1. For ""a comment is helf for moderation,"" the ""me"" is ambiguous. It should specify that it means the blog admin e-mail address. 1. For ""anyone posts a comment,"" again, ""me"" is ambiguous. In this case ""me"" means the author of the post. The comment notification setting is personal, and therefore should be set in the profile options (where it can retain the ""me""). Some authors may want e-mail notification, others might not." markjaquith 33 23233 Radio Button instead of Checkboxes on Comment Moderation option? has-patch Comments 3.5 normal normal enhancement reopened 2013-01-18T16:26:23Z 2019-06-04T19:23:51Z "Hi! I've been a loyal Wordpress user for years. This is nothing urgent, but something that may improve the user experience. In Settings > Discussion > Before a comment appears, there are two options: ""An administrator must always approve the comment "" and ""Comment author must have a previously approved comment"" Perhaps I have missed something here, but aren't these options pretty much either/or? If the first box is checked, it's rather irrelevant if the second box is checked, because the first checkbox would override it? If I'm correct, shouldn't this be changed from a both/and checkbox to an either/or radio button?" danielmount 12 47595 Re-evaluate whether comment form should still get the HTML5 novalidate attribute has-patch Comments 3.6 normal normal Future Release enhancement new 2019-06-24T08:15:42Z 2024-01-12T14:59:01Z "Given a theme that declares theme support for `html5` via: {{{#!php <?php add_theme_support( 'html5', array( 'comment-form' ) ); }}} The result is that not only are the HTML5 input types used (e.g. `email`) but the comment form itself also gets a `novalidate` attribute added to it. This prevents HTML5 client-side validation from being performed on comment form when submitting which was added due to [https://core.trac.wordpress.org/ticket/15080#comment:2 concerns] about browsers implementing validation in very different ways. Nevertheless, this concern was about browsers ''9 years ago'' so it would be worthwhile to see if this is still a problem. (The attribute was added in #15080 via r23689.) If `novalidate` remains important to keep there is a case for optionally allowing it to be removed in order to rely only on client-side validation only. The [https://wordpress.org/plugins/pwa/ PWA feature plugin] adds support for '''Offline Commenting'''. This works by having the service worker intercept the `POST` submission to `wp-comments-post.php`: it then makes the request, and if it fails fails due to the user being offline, the service worker will replay it later when the user comes back online via the [https://github.com/WICG/BackgroundSync BackgroundSync API]. However, if client-side validation was not performed then it is possible the user omitted a required field or provided a bad email address, so when they do come back online and the comment is synced, the server would then reject it and it would be more difficult for the user then to find out that their previously-posted comment actually failed. If no filter is available for removing the `novalidate` attribute, then it has to get removed via hacks like using JS or via PHP with output buffering. But again, is there still a case for adding the `novalidate` attribute in the first place? Is not client-side validation a ''better user experience'' (if browsers now are now consistent in validation)? For that matter, is there even a case for the `format` attribute and shouldn't HTML5 ''always'' be used?" westonruter 15 22198 Realigning the Discussions Settings page chriscct7 has-patch Comments 3.4.2 normal normal enhancement assigned 2012-10-15T14:50:34Z 2019-06-04T19:23:31Z "[I looked for some tikets for this but didn't find any directly related, so hopefully I haven't missed a big one out there floating around.] The Discussions Settings page (options-discussion.php) always trips me up when setting up a new site. There's a lot of options, descriptions, directions, etc on that page — much of which is probably unavoidable. When I visit it, I always think that the hierarchy isn't quite right. To help with this, I thought of two half-measures. 1. A very simple solution: Put the ""Allow people to post comments on new posts"" at the top of the options list, with a little space below it. That would make that option the most prominent on the page, without making it stand out too much. Like this: [[Image(http://f.cl.ly/items/3e0c062W0N1l3J2D0q0Y/Screen%20shot%202012-10-15%20at%2011.56.02%20AM.png)]] 2. A more involved solution: I really like the new click-to-reveal-the-options at work in the ""Page on Front"" (#16379) workflow and thought it might work well here. *Something* in this direction: [[Image(http://f.cl.ly/items/022A1G3k0O3q0g1u380L/Screen%20shot%202012-10-15%20at%2012.12.09%20PM.png)]] The first could be accomplished for 3.5, but the second re-working could be a further down the line item. " saltcod 9 22889 Reconsider no-JS ?replytocom= links SergeyBiryukov* dev-feedback Comments normal normal Future Release enhancement accepted 2012-12-12T15:13:20Z 2023-03-03T07:03:13Z "We have a no-JS fallback for comment replies. Normally JS moves the comment form around. For people with JavaScript disabled, they follow the `?replytocom={123}` link. This results in a lot of extra crawling by search engines (potentially an additional crawl per reply-able comment!) in exchange for enabling an awkwardly executed, likely underused, and non-essential feature for non-JS users. I'd like to consider making comment reply JS-only." markjaquith 30 33735 Reduce Duplication and Improve Comment Notification Email Functions SergeyBiryukov needs-unit-tests Comments low normal Future Release enhancement reviewing 2015-09-04T22:55:04Z 2021-01-27T19:20:55Z "Had touched on this in #33587. wp_notify_postauthor and wp_notify_moderator have some duplicative code that could be eliminated and simplified. The functions for notification also lack a filter similar to the one for displaying the comment text. Proposing the function to show the comment in text form in the notification be separated out into its own function with a filter, and the default text be improved somewhat. " dshanske 31 52480 Refine the display of the comment approval notification opt-in confirmation message dev-feedback Comments normal normal Future Release enhancement new 2021-02-09T17:09:29Z 2021-04-09T15:36:56Z "Follow-up to #52406. The confirmation message shown to a user ''after they opt-in'' to receiving a notification of their pending comment's approval is currently displayed inline with a preview of their comment. This means the display of this confirmation message is only shown if the user opts in within 10 minutes of posting their comment. If they take longer than 10 minutes then their opt-in is respected but they see no confirmation message. As mentioned in the comments in [comment:7:ticket:52406] 10 minutes is likely long enough but no research was done. Let's identify if this functionality needs to be improved. Options: * Extend the time limit further. This needs to take into consideration #49956. * Disconnect the display of the confirmation message from the comment preview, and always show a confirmation message. Would need to take into consideration the cache headers on the page. * Fix the comment spam problem some other way and remove the time limit. * Do something else. * Do nothing and leave it as-is. " johnbillion 8 60238 Remove comments completely option Comments 6.4.2 normal normal Awaiting Review enhancement new 2024-01-12T08:43:00Z 2024-01-12T08:43:00Z "Hi, On my site [https://www.casivo.se casivo.se] and other sites in our network I've noticed that even if comments is turned off, it keeps sneaking in random comments for approval and I can't seem to figure out why, I don't have a comment field anywhere on the site in the code. Is it through some wierd place I'm overlooking? It's on posts but I don't have any comment-code inside the single.php Would be nice if we can just have a option to ""disable comments"" Best regards" linus89 33717 Send Notification Email When a Comment is Approved From Moderation has-patch Comments normal normal Future Release enhancement assigned 2015-09-04T00:43:09Z 2021-05-13T20:02:21Z Currently in WordPress, commenters have no idea their comment is approved unless they visit the page often. When a comment is held for moderation, WordPress should send the commenter an email notification when their comment is approved. I'm using the [http://wptavern.com/an-easy-way-to-notify-users-when-their-comment-is-approved Comment Approved] plugin to add this functionality to WordPress but I really think it should be a core feature. jeffr0 77 17913 Site-level comment options may override individual post settings. Improve help/docs. has-patch Comments normal normal Future Release enhancement new 2011-06-27T20:46:43Z 2019-11-18T18:11:40Z "Post comments may be automatically closed for a site's posts if site option 'close_comments_for_old_posts' is true and the post was published before 'close_comments_days_old' days ago. These two options are set in options-discussion and override the 'comment_status' of an individual post. The edit posts screen's comment meta box displays comments open/close status, allowing publishers to open or close comments for a single post. It's possible the site-level discussion settings will override the individual post yet we still might display a different post comment status than the site settings allow. 1. Enable site-level option to close comments on articles ( wp-admin/options-discussion.php#close_comments_for_old_posts ) 1. Enter a days value of 1 for maximum impact 1. Edit a post published over a day ago 1. View the Discussion meta box ( #commentstatusdiv ) 1. Interact with the 'comment_status' field I would like to better communicate expected failure and let the post author or editor know this particular setting has been overridden at the site options level. If the current user can manage options I might you could link to the override in the options page. I created a new test blog, set comments to auto-close after a day, and checked allow comments in the post screen. I was wondering why comments_open() was false for the post when I was looking at a checked box on the post screen." niallkennedy 10 17020 Some comment queries are not filterable needs-unit-tests Comments 3.1 normal normal enhancement new 2011-04-02T16:56:32Z 2019-06-04T19:22:21Z "Although WP_Comment_Query::query() is fully filterable, some supplemental comment queries are still unfilterable. The submitted patch adds the following hooks: * function get_approved_comments() - query filter 'get_approved_comments_query' * function wp_dashboard_recent_comments() - query filter 'dashboard_recent_comments_query'" kevinB 2 9117 Spam queue doesn't distinguish between filter sources Comments 2.7 normal normal enhancement new 2009-02-12T22:50:51Z 2019-06-04T19:21:30Z "1. On the Settings / Discussion tab, go to the Comment Blacklist box, and add the string ""the"". 2. Post a comment containing the word ""the"". It will be caught as spam. 3. Visit the Comments / Spam tab. Your comment is there, but there is nothing to indicate whether it was caught by the Comment Blacklist, or by Akismet, or by another spam filter. Result: neither the user nor WordPress knows how to prevent that comment from being caught in future. Many users will forget about the Blacklist feature and assume their spam filter plugin is faulty. Suggested fix: comments caught as spam should record the reason. This should be displayed to the user, and used internally by spam filter plugins to decide how to handle false positives. " tellyworth 11 60533 The comment tree is old – maybe it’s worth changing it? reporter-feedback Comments normal normal Awaiting Review enhancement new 2024-02-13T19:54:34Z 2024-02-20T02:26:48Z "Maybe it’s worth considering a new approach to comments on WordPress? It’s about the tree – the rooting of comments. Currently it may be level 10. And later there is no reply button – because they usually get narrower. Or maybe it’s worth ending this rooting and switching to something – where every statement will be treated as a response. Completely without roots and their depth – which has been causing problems in long conversations for years. Maybe it would be worth creating it like on the forums – i.e. on a completely different system, without this limitation. Isn’t it worth thinking about? Sometimes conversations are long and it’s a real pain to keep talking to anyone on WordPress. Because – either they are becoming narrower – or the comment ends after the 10th comment – because it cannot be moved as a child. It is probably worth changing it to some other approach, more known from forums – where the number of comments and conversations as – answer to answer does not matter how many of them there are." Danishsard 3 39282 The process for approving and then replying to a comment can be made more visible Comments 3.1 low normal Awaiting Review enhancement new 2016-12-14T18:17:51Z 2020-09-01T15:53:25Z "The workflow for approving and then immediately replying to a comment has a shortcut in WordPress, but it's not obvious. If you don't know about it, you can waste time and effort switching between the pending and approved views on the comment moderation screen after approving a comment and then wanting to reply to it. The `Reply` link on a pending comment is actually a shortcut for approving and then replying to a comment. The `Reply` link text should be updated to `Approve and Reply` to reflect this and make comment moderation a more enjoyable process." johnbillion 7 58375 Turn comments off by default for attachment pages (or make is easier to do so without code) dev-feedback Comments normal normal Awaiting Review enhancement new 2023-05-22T14:49:42Z 2023-05-25T07:09:59Z "If a new user is installing WordPress the first time, it lasts some time until the first spam comment appears. Typically, they now disable comments on **Settings -> Discussion**. First problem: this is just disabling the comments for ''future'' posts. Now they learn about bulk editing posts, which works fine. But the website is now online for some time and more media is uploaded, and now the spam comes to the next open comment form: **on attachment pages**. Not sure if attachment pages follow the setting from the discussion page, but there will be many media items with open comments. Now we have the second problem: On the grid view, there is no way to disable the comments at all (you need to follow a link to get to the single media edit page). On this page you need to customize the screen options to enable the meta box, and now you can disable the comments for ''this'' media item. This has to done manually for every media item with open comments (but there is no way to see if the comments are open - so you need to edit every media item). This could be a real pain for websites with many media items. **I would recommend changing the behavior and have comments on attachment pages turned off by default.** I think it will be easier to educate theme developers to turn them on again if the theme uses them (e.g. photography themes) as documented here: https://make.wordpress.org/core/2015/07/06/comments-are-now-turned-off-on-pages-by-default/ This is already discussed in the comments on this post. Related tickets: #12991 and #21391 Another way could be to use the idea of this comment: https://core.trac.wordpress.org/ticket/12991#comment:22 If turning the default to off is not possible, we could use the bulk edit to enable/disable the comment/pingback/trackback feature. The need for such a feature could be seen in the plugin directory, as there are more than one plugin for disabling comments on attachment pages (and more): https://wordpress.org/plugins/disable-comments/ https://wordpress.org/plugins/smart-attachment-page-remove/ https://wordpress.org/plugins/disable-comments-rb/ https://wordpress.org/plugins/comments-plus/ https://wordpress.org/plugins/disable-comments-on-attachments/ https://wordpress.org/plugins/disable-comments-by-click5/ https://wordpress.org/plugins/no-page-comment/ https://wordpress.org/plugins/stop-media-comment-spamming/ https://wordpress.org/plugins/disable-comments-wpz/ https://wordpress.org/plugins/disable-post-comments/ https://wordpress.org/plugins/close-comments-on-media-attachment/ These add up to more than a million active installations." zodiac1978 3 57314 Update all references to wp/v2 to namespace field in class-wp-rest-comments-controller.php has-patch Comments normal normal Awaiting Review enhancement reopened 2022-12-11T18:11:02Z 2022-12-12T11:17:55Z This is a very minor change to make it easier for other classes to extend this class and define their own namespace. ihenetudan 2 10653 Update comment_author when display_name changes SergeyBiryukov dev-feedback Comments 5.1 normal normal Future Release enhancement reviewing 2009-08-19T19:43:29Z 2021-04-05T12:31:54Z One thing that has bothered me recently is the fact that your previous comments doesn't get updated when your display_name is being updated. Which could cause some confusion. I wrote a function (see attached file for further reference) that takes care of this but I would love to see a similiar feature in the WordPress core. mptre 15 55922 Update wp_list_comments type parameter to allow array or string Comments 2.7 normal normal Awaiting Review enhancement new 2022-06-05T06:27:24Z 2022-06-05T06:27:24Z "Right now, the options here are all, or a specific comment type. This should allow for multiple comment types as allowed in WP_Comment_Query " dshanske 10931 Verify Comment Email Addresses of Registered Users has-patch Comments 2.8 normal normal Future Release enhancement assigned 2009-10-08T14:34:44Z 2021-05-06T09:05:36Z "When leaving a comment with an email address of a registered user, WordPress should force the visitor to login or change the email address in the comment form. Anyone can impersonate a blog's user if they know the user's email address." mtdewvirus 38 40073 "WP_Comment_Query should support a comment type of ""comment""" Comments 4.8 normal normal Future Release enhancement new 2017-03-08T20:44:29Z 2017-03-13T16:18:07Z "Scenario: User is leveraging the `comment_type` field in their theme or a plugin, and desires all comments to have a type. They assign ""regular"" comments a `comment_type` of ""comment"" as that seems to make sense. If they then ask for those comments using `get_comments` or another function which leverages `WP_Comment_Query`: {{{ $comments = get_comments( [ 'type' => 'comment', ] ); }}} The returned list will not return any comments which have `comment_type` set to ""comment"", only those with no type at all. As this behavior (the swallowing of ""comment"" as a type entirely, rather than looking for `['','comment']`) is undocumented, perhaps `WP_Comment_Query` could be altered as such: {{{ 715 case 'comment': 716 case 'comments': 717 $comment_types[ $operator ][] = ""''""; ___ $comment_types[ $operator ][] = ""'comment'""; ___ $comment_types[ $operator ][] = ""'comments'""; 718 break; 719 720 case 'pings': 721 $comment_types[ $operator ][] = ""'pingback'""; 722 $comment_types[ $operator ][] = ""'trackback'""; ___ $comment_types[ $operator ][] = ""'pings'""; 723 break; }}} A sounder approach would probably be to allow a flag to be passed: {{{ 708 foreach ( $_raw_types as $type ) { ___ if ( empty( $this->query_vars['ignore_default_types'] ) ) { 709 switch ( $type ) { ... 729 } ___ } else { ___ $comment_types[ $operator ][] = $wpdb->prepare( '%s', $type ); ___ } ... 735 } }}} An alternative might be to throw an exception when setting `comment_type` to one of the default values using `wp_new_comment`, `wp_insert_comment` and similar functions. (I feel since there is no way to retrieve a comment when the type is one of these ""reserved"" words with standard WP functions, comments should probably not be able to be saved with a ""reserved"" type using standard functions if `WP_Comment_Query` is not altered.) At the very least, the documentation for comment ""insert"" functions should mention that there are reserved keywords on `comment_type`, note what they are, and that if you use one of them you will need to use the `comments_clauses` filter to allow them to be retrieved." rogerlos 2 50538 WP_Comments_List_Table should not show views that have a count of 0 pbiron dev-feedback Comments normal normal Awaiting Review enhancement assigned 2020-07-02T17:14:28Z 2021-03-12T11:00:37Z "Other core list tables that have a get_views() method do not output a view if the count for that view is 0, e.g., `WP_Posts_List_Table` doesn't output ""Pending (0)"" if there are no posts with $post_status === 'pending'). However, `WP_Comments_List_Table` does output ""Pending (0)"" if there are no pending comments. For consistency's sake, I think `WP_Comments_List_Table` should skip views with count of 0. Related: #47495" pbiron 21 41339 WP_Comments_Query::__construct() should allow a 'status__not_in' parameter needs-unit-tests Comments 4.9 normal normal Future Release enhancement new 2017-07-15T19:47:02Z 2017-07-30T15:24:18Z "`WP_Comments_Query::__construct()` (and hence, `get_comments()`) currently allows a `status` parameter to get comments with a specific status. It would be useful to also allow `$status__not_in` to exclude comments with specific stati. Related: #41338" pbiron 4 16612 WordPress should return nocache headers for requests with comment cookies dev-feedback Comments normal normal enhancement new 2011-02-21T22:45:21Z 2019-06-04T19:22:17Z "Most themes, when displaying the comment form, change the HTML to pre-fill username, email address, and website when comment cookies are received in the HTTP request. Since the response does not have explicit nocache headers, per RFC2616 (http://www.ietf.org/rfc/rfc2616.txt) intermediate caches can use heuristics to determine the cache TTL for the response. Since there is 0 freshness data in the response, it is not really possible to perform good heuristics, but in practice, caches will assign a default TTL to this type of response. The result is that private information input by user A when submitting a comment can be returned to user B when making a request for the same URL. To protect ourselves against this, we should call nocache_headers() when comment cookies are sent and the comment form is being displayed. Alternatively, we can send nocache headers for all requests with comment cookies regardless of the comment form being displayed or not (probably easier and maybe safer). http://humboldtherald.wordpress.com/2011/01/27/gremlins/ is a story likely caused by an aggressive cache and the lack of nocache headers." barry 7 35432 `wp_list_comments()` should perform a more modest fallback comment query Comments 4.4 normal normal enhancement new 2016-01-13T04:17:29Z 2019-06-04T19:33:53Z "Previously: #35175, #35356, #8071. In 4.4, `comments_template()` was updated so that it no longer queries for every single comment belonging to a post; instead, it only fetches the comments appropriate for the current comment-page. See #8071. This change introduced a bug in `wp_list_comments()`: since all of the post's comments were no longer available in `$wp_query->comments`, it was no longer possible to pass custom (read: differing from `$wp_query`) pagination params to `wp_list_comments()` and get the proper comments back. We addressed this problem in 4.4.1 by adding a clause to `wp_list_comments()` that falls back on the old behavior - querying for all of the post's comments - if non-default pagination params are provided. See #35175 [36157]. This fallback solution is obviously not ideal. Querying for all of a post's comments is what #8071 was supposed to fix. `wp_list_comments()`, like `comments_template()`, should be able to perform a fallback query that fetches only the required comments. The necessary logic already exists in `comments_template()`, so this may be a relatively simple matter of porting the functionality over, or abstracting it for use in both functions. cc @smerriman" boonebgorges 10975 comment form nonce Comments normal normal Future Release enhancement new 2009-10-19T06:49:16Z 2020-02-27T17:33:32Z "This adds a nonce to public comment forms, via the comment_form action. " tellyworth 18 47306 comment reply event listener: need ability to run custom js function Comments 5.1 normal normal Future Release enhancement reopened 2019-05-17T16:24:11Z 2019-06-20T16:32:16Z "I wrote the comment-tweaks plugin, which adds the tinymce editor to the comments field. When threaded comments are enabled, clicking on a Reply link moves #comment within the dom, and that breaks tinymce - I need to be able to run a bit of js when a Reply link is clicked to remove the editor, then move the element, then add the editor back. Prior to 5.1, the comment reply link had an onclick attribute calling moveForm(), and I simply overwrote the single onclick handler with a custom one. This is/was a bit of a hack, but worked fine (as long as no other plugin was hoping to also take over onclick). Recent changes (#46260) to comment replying changed how event listeners are handled for the comment Reply and Cancel reply buttons, which now uses a MutationObserver to (re)add click/touchstart listeners every time the document body changes. I can no longer overwrite the onclick handler, as it will be re-added in subsequent document changes. I could probably add my own MutationObserver, handle the race of which fires first, and continue to overwrite the core click/touchstart event handlers, but this is just another hack and I would rather fix it correctly, where other plugins could utilize event handlers on those links as well. Note that I need more than just the ability to add my own event listeners, as they fire in the order they were added, and I need to remove the editor prior to moving #comment (addComment.clickEvent() firing), and add it again afterwards. A javascript ""action hook"" that fires in clickEvent() ahead of moveForm() and another which fires afterwards may be a viable solution. (And another pair of ""action hooks"" in cancelEvent().) Probably could make the entire click/cancel event handlers just call the action hook and add the current clickEvent/cancelEvent code in functions called via those same hooks, so they could be overridden if needed? (I don't need to overwrite them myself if I can order a call before and after them, but perhaps other plugins would.)" jnorell 7 16576 comment_form() fields being displayed only for non logged in users has-patch Comments 3.0.5 normal normal enhancement new 2011-02-16T18:15:44Z 2019-06-04T19:22:16Z "I've just noticed this - When using the '''comment_form()''' function and adding some comment meta fields,using the fields array in the $args, these fields are being showed in the front-end only for non logged in users. In this case, the registered users can never use these comment fields. Look at wp-includes/comment-template, lines 1561-1573 (WP 3.0.5), it parse the $args['fields'] in the else block - {{{ <?php if ( is_user_logged_in() ) : ?> <?php echo apply_filters( 'comment_form_logged_in', $args['logged_in_as'], $commenter, $user_identity ); ?> <?php do_action( 'comment_form_logged_in_after', $commenter, $user_identity ); ?> <?php else : ?> <?php echo $args['comment_notes_before']; ?> <?php do_action( 'comment_form_before_fields' ); foreach ( (array) $args['fields'] as $name => $field ) { echo apply_filters( ""comment_form_field_{$name}"", $field ) . ""\n""; } do_action( 'comment_form_after_fields' ); ?> <?php endif; ?> }}} I think it is better that added meta fields should be displayable for all users (logged in and not logged in), or even to add a parameter to let the developer decide which extra fields are shown to logged or not logged users. " maorb 11 54234 comment_type of reply should be same as parent Comments normal normal Awaiting Review enhancement new 2021-10-08T11:58:54Z 2021-10-18T19:11:33Z "When you creating a reply for custom comment_type. Lets say our comment_type is for 'product_review'. When we create a reply from admin panel. The comment_type of the reply created as 'comment', which doesnt make sense. So our reply will not be shown in comment_list for 'product_review'. Or we can make user decide if this comment should be created as the same comment_type as the parent via checkbox in the comment reply form in admin panel." erikdemarco 17763 comments_popup_link() need a get_* version Comments 3.2 normal normal enhancement new 2011-06-11T06:20:09Z 2019-06-04T19:22:34Z "Currently `comments_popup_link($zero = false, $one = false, $more = false, $css_class = '', $none = false)` has no get_*() version. Usage situation: Where the link needs to be used within a larger string being concatenated." dd32 18 31282 finally introduce comments templating Comments 4.1 normal normal enhancement new 2015-02-10T13:18:31Z 2019-06-04T19:27:55Z "after spending several hours with styling my comments, comment form and using a plugin for the error messages, by default wordpress leads to a new unstyled page showing the errors and only leading back to the homepage if one presses the browser's back button, i'm asking myself why there are no templates and functionality for this all day task. please introduce: - a template for the comments ... yes i know there is comments.php but the comments themself must be templated in a callback function which is terrible (e.g. <?php wp_list_comments( array( 'callback' => 'shape_comment' ) ); ?>) - a template for the comment form ... yes i know there is athe possibility to give the comment_form function $args, but this is much more terrible than the comment list ""templating"", having the need to ""template"" the comment form in an array (!!!...........) - a way that wordpress reloads the current post page if a user sends a comment and is missing required fields like the comment itsself or his/her email address. afterwards showing error messages besides (or wherever my template says so) the comment form fields. that would be a fundamental improvement and a must. i can't explain, why everything in wordpress is so easy to template but the comments. best regards" ageibert 3 58156 finetune wp_update_comment_count has-patch Comments normal normal Awaiting Review enhancement new 2023-04-19T05:42:00Z 2023-07-08T22:20:01Z "there is a @todo in {{{function wp_update_comment_count}}} and I see no reason for not changing the code, which would make it a bit more effective. current: {{{#!php if ( $do_deferred ) { $_deferred = array_unique( $_deferred ); foreach ( $_deferred as $i => $_post_id ) { wp_update_comment_count_now( $_post_id ); unset( $_deferred[ $i ] ); /** @todo Move this outside of the foreach and reset $_deferred to an array instead */ } } }}} new: {{{#!php if ( $do_deferred ) { $_deferred = array_unique( $_deferred ); foreach ( $_deferred as $i => $_post_id ) { wp_update_comment_count_now( $_post_id ); } $_deferred = array(); // for clarity, it is not even needed } }}}" Presskopp 1 43792 get_comment_excerpt filter should tell if the comment was shorted or not dev-feedback Comments normal normal Awaiting Review enhancement new 2018-04-17T22:14:58Z 2019-01-16T06:50:09Z "The design I am currently working on has long comments shortened to 100 words, and a 'show more' / 'show less' link is added. I only want to add the 'show more' text if the comment has been shortened. There is a filter before get_comment_excerpt() returns that I can use to add my link. However it does not pass along information about whether or not the comment was shortened. As a workaround I can check if the comment ends in ""…"", but it would make sense to add a boolean value to the filter arguments to make this easier/cleaner." mattkeys 7 53215 get_comments_number should also need comment_type Comments normal normal Awaiting Review enhancement new 2021-05-16T03:12:29Z 2021-05-16T10:56:30Z Currently, I can use comments_template for custom comment types. For easier manageability, developers don't need to make their own function to get a custom comment count. Its a lot easier if WP have additional 'comment_type' parameter for its get_comments_number() function erikdemarco 36424 graphically visualize if comments are closed (in wp-admin/edit.php) has-patch Comments normal normal Future Release enhancement new 2016-04-06T08:08:36Z 2018-03-12T17:02:29Z "it would be nice if the pages or posts list would not only show the number of comments per page but if it also could show a symbol if comments for this particlar page or post are closed. proposal: - the lock symbol https://developer.wordpress.org/resource/dashicons/#lock - or https://developer.wordpress.org/resource/dashicons/#edit combined with a kind of ""forbidden"" sign/strike, similar to https://developer.wordpress.org/resource/dashicons/#hidden " pixelverbieger 41 35650 title_reply_to should work when javascript is enabled Comments normal normal Future Release enhancement new 2016-01-28T21:51:05Z 2019-06-21T01:16:40Z "`title_reply_to` is a parameter in the `comment_form` function, and has even been around since 2.7 in the `comment_form_title` function, allowing you to display a different heading when replying to a comment, including who you are replying to. While a cancel comment reply link does appear, having a different heading is a very useful concept for making it clear to users exactly what they are doing. Except, nobody ever sees it because it only applies when javascript is disabled. Everybody* has javascript enabled. The javascript for replying to comments should be updated to change the heading based on this parameter. " smerriman 3 34690 when user login is required to comment, there should be a link to registration has-patch Comments normal normal enhancement new 2015-11-15T19:12:17Z 2019-06-04T19:33:05Z "Right now when user login is required the login form only shows a message about the need to login, but if registration is open, there is no reason not to send the visitor directly to the registretion page. At the very least the default text of the link to the login page should be changed to some thing like ""Login or Register"" when registration is open." mark-k 4 43183 wp-comments-post.php endpoint support for OPTIONS reporter-feedback Comments normal normal Awaiting Review enhancement new 2018-01-30T17:13:04Z 2019-07-01T12:24:37Z "Under some circumstance we may need cross-posting from one domain to another (without the wp-json API). At least lets preflight requests flow normally https://github.com/WordPress/WordPress/pull/338 " drzraf 2 41760 wp_list_comments callback params dev-feedback Comments normal normal Awaiting Review enhancement new 2017-08-30T18:44:15Z 2017-08-31T09:05:53Z "In `wp-includes/class-walker-comment.php`, methods `comment()` and `html5_comment()` have following order of @params: `$comment, $depth, $args`. However, when you try to modify comment markup using `callback` argument for `wp_list_comments()`, order of params is `$comment, $args, $depth`. Is it possible to make the same order of params?" milana_cap 1 52655 Ability to Change the wp_next_scheduled() function output. has-patch Cron API normal normal Awaiting Review enhancement new 2021-02-25T15:04:10Z 2021-02-28T23:48:55Z "If I want to replace WP Cron with the Action Scheduler Library it is necessary to change the wp_next_scheduled() function output by overriding it using a filter to use as_next_scheduled_action() function. {{{ function wp_next_scheduled( $hook, $args = array() ) { $next_event = wp_get_scheduled_event( $hook, $args ); if ( ! $next_event ) { return false; } return apply_filters( 'wp_next_scheduled', $next_event->timestamp, $next_event, $hook, $args ); } }}} If we use 'pre_get_scheduled_event' filter, it will also override the default Cron functions. So that I think 'wp_next_scheduled' is necessary." infosatech 5 35491 Add a function to check whether a hook is scheduled has-patch Cron API normal normal Future Release enhancement reopened 2016-01-17T04:46:47Z 2019-06-04T18:11:28Z "I'm working with a plugin that calls `wp_schedule_event()` with an unpredictable value for `$args`. Sometimes it would be helpful to know whether this plugin's event is scheduled, but because I can only guess at `$args`, I can't always detect it with `wp_next_scheduled()`. The attached patch attempts to address this scenario with a function that checks only whether a hook is scheduled, regardless of its `$args`. " dlh 13 58470 Add configurable batching to `wp_scheduled_delete` for controlling cleanup operations Cron API 6.3 normal normal Awaiting Review enhancement new 2023-06-06T22:08:46Z 2023-06-07T14:17:17Z "When posts are trashed, they are automatically cleaned up by the `wp_scheduled_delete` wp-cron task. However, both the frequency that this cron task runs and the number of posts that can be cleaned up at once time lack configurability. Imagine a shop which has more than 100,000 orders: trashing thousands or tens of thousands of them at once could cause the website to become unresponsive when it comes time to clean up the trash. I suggest adding two constants: ||= Constant Name =||= Default Value =||= Description =|| || `EMPTY_TRASH_SCHEDULE` || `daily` || The cron schedule on which the trash scheduler runs. This is useful for increasing the number of times the cleanup process runs when using batching to delete many posts. || || `EMPTY_TRASH_BATCH_SIZE` || `50` || The maximum number of posts to delete at once. || It may also be useful for these and `EMPTY_TRASH_DAYS` to have filters to improve cleanup operations overall." johnrom 2 60645 Add pre-fire hook for cron has-patch Cron API trunk normal normal Awaiting Review enhancement new 2024-02-27T12:38:20Z 2024-02-27T12:42:17Z "Followup to https://core.trac.wordpress.org/ticket/56048 https://core.trac.wordpress.org/changeset/54258 This adds an additional hook before every cron event to allow for custom code to run before a cron hook Use cases: - custom error checking (e.g. if a cron even has no callbacks,...) - load libraries/functions/classes that are only needed for a specific number of cron events and would otherwise slow down the site/cron - this hook allows you to handle multiple at once which is useful for e.g. dynamic hook names or for cases where you need to run it for a number of hooks (instead of adding 100 add_action with same callback) " kkmuffme 1 49693 Drop duplicate recurring cron events whyisjake* has-patch Cron API 5.4 normal normal Future Release enhancement accepted 2020-03-24T19:03:36Z 2021-01-31T21:54:52Z "It's easy to break a site by mistakenly scheduling millions of events because of a typo or a bad check. Here's one example: https://wordpress.org/support/topic/error-in-addcustomcronschedule-degrades-site-performance/ In the past, I've also seen plugins use `get_option` and all kinds of different checks, instead of `wp_next_scheduled`. Fixing the site afterwards can be a bit of a PITA, specially for high traffic ones. DB replication is often an issue when the `cron` option grows in size due to the bug. It's probably a good idea to prevent scheduling recurring events that have the same hook, schedule and args. Additional thoughts: - This might make the `wp_next_scheduled` check obsolete when queuing an event? - Changing the arguments of `wp_schedule_event` isn't something I wanted to do, but considering the current code for reschedule/unschedule in `wp-cron.php`, it seemed the best route (case of missing schedule, and trying to get interval from the event that we're rescheduling). - We're currently doing this with a `schedule_event` filter. Another route could be to add it to `default-filters`, but I think it should be in the Cron API itself." aidvu 32 43801 Need better documentation to show importance of checking for args while using wp_schedule_event and wp_next_scheduled has-patch Cron API normal normal Future Release enhancement new 2018-04-18T15:47:51Z 2021-01-29T12:44:57Z "While the user notes https://developer.wordpress.org/reference/functions/wp_next_scheduled/#user-contributed-notes do relay the importance. I believe it is important that the documentation also be more clear about the issue. When coded incorrectly something like {{{ function schedule_my_event(){ if ( ! wp_next_scheduled( 'myevent' ) ) { // This will always be false wp_schedule_event( time(), 'daily', 'myevent', array( false ) ); } } add_action('init','schedule_my_event'); }}} It's potentially disastrous for a site. The cron value in the options would keep on increasing until the database could no longer withstand it. So keeping that in mind I feel the documentation for both wp_next_scheduled and wp_schedule_event should highlight this point more." digamberpradhan 40161 Wrong documented or coded 'schedule_event' filter Cron API low normal Future Release enhancement reopened 2017-03-15T12:39:06Z 2019-01-08T03:28:43Z "https://core.trac.wordpress.org/browser/trunk/src/wp-includes/cron.php#L41 says that $event parameter should always be an object. But the following code allows to terminate script only when passing ""false"" values to filter ("""", array(), null, 0 or false), whereas checking false as object will produce error. The documentation should be changed to force check isset( $event->hook ) when using this filter, otherwise the filter should be changed to something like this {{{#!php <?php $event = apply_filters( 'schedule_event', $event->hook, $event ); if ( ! $event->hook ) return false; }}} " esemlabel 7 39907 "Add ""Remove all widgets"" button for themes with multiple widget areas" dev-feedback Customize normal normal Awaiting Review enhancement new 2017-02-17T19:04:28Z 2021-05-29T17:01:57Z "I was loading giving one of my sites a new theme as a New Year treat. It only seemed fitting to put on Twenty Sixteen. As this was a simple site, I wanted the single column. Unfortunately, loading up the theme brought a few issues as I suddenly found a lot of widgets I didn't want. For example the footer areas, they were filled with defaults I didn't want. Going in and removing each one took several steps as there were multiples. Whether you want defaults or not may be something the theme can decide, but offering a 'remove all widgets' button I think would be easy enough to add into the Customizer and a great enhancement for the minimalists." karmatosed 5 41972 Add Import/Export functionality to the Customizer Customize 4.8.2 normal normal Awaiting Review enhancement new 2017-09-25T08:35:01Z 2018-07-13T03:25:18Z "As a theme author, a big part of our documentation and guidance is instructing people how to replicate different theme previews. Fr complex Customizer settings, it would be great to be able to provide a user with a file which could be uploaded to the site. Much like uploading an xml file to import the post/page content. I'm aware of plugins such as https://wordpress.org/plugins/customizer-export-import. However I think it would be a great enhancement to add import/export functionality to core, removing the reliance on a plugin and the extra burden this adds for beginner level users. This could also help alleviate issues raised in #27177. The import/export options could be a further development of the UI mentioned in #39896." anonymized_11892634 2 44665 "Add a ""Create New Menu"" button to the menu widget" has-patch Customize 4.3 normal normal Future Release enhancement new 2018-07-29T00:32:39Z 2020-11-30T00:20:15Z "Menu widgets in the customizer have buttons to edit the selected menu, which cross-link to the menus customizer panel. Before a menu is selected, there should be a ""Create New Menu"" button that links to the new menu section and automatically assigns the menu to the corresponding widget. This would be a big improvement in user flow, particularly for new users trying the menu widget for the first time, who may not understand the relationship between widget and menu objects. The UI should match the existing edit menu button." celloexpressions 33107 Add a Menu button: when clicked the icon does not rotate around center point dev-feedback Customize 3.9 low normal Future Release enhancement assigned 2015-07-24T01:47:32Z 2021-05-22T21:08:48Z "When clicking the ""Add a Menu"" button in the Menus area of the customizer, the icon doesn't quite rotate around its center point. On some browsers like Chrome and Firefox the icon is also misaligned and pulled up too high. Here's the icon in Firefox for example: [[Image(https://cldup.com/01NjVg0Qh7-3000x3000.png)]] Screenshot of the rotated icon combined with its original position: [[Image(https://cldup.com/uO_3o712gB-3000x3000.png)]] Here's some short videos of how the icon rotates when clicked: Firefox 39 (OS X) https://cloudup.com/cBb9kdrvjNZ Chrome 43 (OS X) https://cloudup.com/ciNZeSgbab7 Safari 8 (OS X) https://cloudup.com/cUmIW81nSht Safari is the only one that looks correct. The issue is partly caused by the ""add"" icon not a perfect square (it appears 1px wider in some browsers). By using the transform-origin CSS property we can improve how the icon rotates. Because of the icon being rendered 1px wider in some browsers it's not possible to get it exact, but it's certainly an improvement. Shown below are some videos of how they would look after some CSS adjustments using the transform-origin CSS property. Best viewed at normal size with the patch, but you get the idea: Firefox 39 (OS X) https://cloudup.com/ca2OWHuGe8q Chrome 43 (OS X) https://cloudup.com/c_5AROy460x Safari 8 (OS X) https://cloudup.com/c1YdWYfyMqd Also tested in IE 11 on Windows. First patch coming." sumobi 8 60149 Add user-friendly options for customizing the style of password-protected pages Customize normal normal Awaiting Review enhancement new 2023-12-25T16:07:00Z 2024-02-15T16:26:39Z "**What's Needed:** Introduce a section in the WordPress Customizer dedicated to password-protected page styles. Allow users to easily customize the background color, text color, font size, and other relevant styles. **Why It's Important:** Many users, especially those with limited coding knowledge, would benefit from a more accessible way to customize password-protected page styles. Enhancing the visual appearance of password-protected pages contributes to a more cohesive and branded website experience. **Proposed Implementation:** Provide a set of default options and allow for additional custom CSS if users want to make more advanced adjustments." bilalmughl 38549 Additional CSS lost when changing themes dev-feedback Customize 4.7 normal normal Future Release enhancement new 2016-10-28T14:37:14Z 2021-05-23T23:39:27Z When you change themes, the Additional CSS is lost. Change the theme back and it returns. I think there should be an option to retain the Additional CSS across any theme used. If we do not implement that, I have a funny feeling that many users will be confused as to where their custom CSS went. scottwyden 13 40243 Allow Manual Hue input for the HSL Color Picker Customize 4.7 normal normal Future Release enhancement new 2017-03-23T17:58:50Z 2021-05-29T17:23:19Z "The new HSL mode for the color picker is insanely useful! However, if someone has certain brand colors that they wish to incorporate, it might be helpful to allow a specific hue input via an integer value that will allow accurate matching. Right now, with the hue slider, it's anyone's best guess if they near their brand colors." calvinkoepke 2 42806 Allow installing themes in the Customizer on multisite dev-feedback Customize normal normal Future Release enhancement new 2017-12-05T17:47:40Z 2018-07-08T17:44:55Z "Currently the ""Install Themes"" section in the Customizer isn't added when using multisite. There is no technical problem with the installation process, as it still works correctly, simply by adding removing the restriction to only add the section (and enqueueing the related script) if `is_multisite()`, which I tested before opening this ticket. However, what would need to be figured out is how to deal with enabling themes, because by default an installed themes isn't enabled anywhere. And of course it would only be possible for the network administrator, but I think that would still bring a huge benefit, because right now it isn't possible in multisite at all. Here are two suggestions for possible approaches: 1. When in a multisite, there could be a notification like ""By installing a theme you also automatically enable it for this site."" Then, after the installation logic we would only need to handle that part automatically. If we go with that approach, we would need to make sure that the current user has both the `install_themes` and `manage_network_themes` capabilities. 2. When in a multisite, there could be a separate section ""Network Installed Themes"" that includes all themes installed, regardless of whether they're enabled for the site. Each themes would have a button to enable/disable it for the site. That section would require the user to have the `manage_network_themes` capability. We would furthermore need to ensure that themes are transitioned from the ""Network Installed Themes"" to the existing ""Installed Themes"" section and vice-versa when they are enabled/disabled for the site. Plus, when installing a theme through the ""WordPress.org Themes"" section, the user would need to be redirected to the ""Network Installed Themes"" section with that theme pre-seleted, to easily be able to enable and preview it. There are benefits to both ways: While the first approach will be much simpler to implement, it somewhat mixes installing and enabling themes into one. The latter approach will allow more flexibility, but may be overly complex. Especially since installing themes without being able to enable them will make the process useless in multisite, I think I prefer the first approach. Maybe a mix of both could be the right way too, where we start with implementing the first approach as a first iteration (that could even be merged into core as that), but keeping it future-compatible to possibly add a dedicated ""Network Installed Themes"" section later." flixos90 1 37281 Allow non-error notifications to be set for Customizer settings from PHP Customize normal normal Future Release enhancement new 2016-07-04T22:46:29Z 2019-04-19T21:05:35Z "An API adding notifications to Customizer settings was added in #34893. In JS a notification can be added of type `error`, `warning`, `info`, and custom. In PHP, however, only `error` notifications can be added to a setting, and this is done by returning `WP_Error` from a validation routing (or sanitization routine). It may be useful to allow other kinds of notifications to be added via PHP as well. This would likely require adding a `WP_Customize_Setting::$notifications` collection with a `WP_Customize_Setting::add_notification()` and `WP_Customize_Setting::remove_notification()` to provide a similar API in PHP for the general notifications API in JS. It seems clear that non-error notifications shouldn't be added by returning `WP_Error` instances from validation routines, but that the notifications could be added inside of such routines, for example: {{{#!php <?php class My_Setting extends WP_Customize_Setting { function validate( $value ) { $validity = parent::validate( $value ); if ( strlen( $value ) > 20 ) { $this->add_notification( array( 'type' => 'warning', 'code' => 'long_value', 'message' => __( 'This is a long value!' ), ) ); } } } }}} The non-error notifications could be sent back as part of full refresh and selective refresh responses in a similar way that error notifications are sent back and updated into the JS models." westonruter 2 38624 Allow starter content to apply after a site has already been set up and is no longer “fresh” Customize normal normal Future Release enhancement new 2016-11-02T17:26:32Z 2020-11-23T21:19:54Z "Starter content for themes was introduced in #38114. In order to prevent the starter content from overriding a site's existing content, a `fresh_site` option flag was added to prevent the content from applying after the site has been first updated. This means the starter content has limited use when installing new themes to try out during the life of a site. The primary problem for applying starter content on an existing site is how to handle the merge conflicts, how to decide when to use the starter content/configs and when to use existing site content/configs. One option would be a button to “reset” a site to use the starter content. For more granularity, once the starter content is applied there could be a list of the settings that were modified so that you could then go through and evaluate each change to see if you want to keep it. Each control that has a setting containing dirty starter content could be highlighted in some way with a button that allows you to revert the starter content or toggle the starter content so you can compare before/after. This is closely related to #21666 (Customizer reset/undo/revert) and #31089 (Add revisions of settings to the Customizer)." westonruter 24 39362 Checkbox control for 'Automatically add new top-level pages to this menu' not wrapped in checkbox customize control dev-feedback Customize 4.7 normal normal Awaiting Review enhancement new 2016-12-21T11:48:34Z 2021-05-24T02:50:58Z "When you go to set the menu in the customizer you have the option to check the Menu Options for Adding the top-level pages automatically to the current menu. This option isn't wrapped in the {{{ <li class=""customize-control customize-control-checkbox""></li> }}} This isn't a bug, but a hindrance if you want to customize the look of the customizer and would like to have all the checkboxes look the same. One could say that all one needs to add is the style for {{{ .input[type=""checkbox""] }}} but this is not true if you have a custom control that has a checkbox input, and you want to style it differently. In that case you'd need to overwrite additionally. Plus the current style is styled via {{{.customize-control-checkbox input[type=""checkbox""]}}} as well as with just {{{input[type=""checkbox""]}}}." dingo_d 3 42115 "Customize Menus: Add ""Your theme already has a basic menu"" view" bpayton Customize 4.9 normal normal Future Release enhancement assigned 2017-10-05T19:33:34Z 2021-05-29T18:22:01Z "When your theme creates a menu by default, we should display the following text: > Your theme already has a basic menu, to help readers find all your pages. If you’d like to choose what appears instead, create a new menu to replace the default. > > Click the button to start. > > [ Replace default menu ] See screenshot." melchoyce 4 38957 Customize Menus: Menu locations should be able to opt-out of menu item types that can be added to associated menus Customize 4.3 normal normal Future Release enhancement new 2016-11-26T22:24:31Z 2017-01-21T17:34:56Z "Certain menu locations are often designed to use a particular type of menu item - for example, social menus only make sense with custom links, or a custom nav menu walker may be used to display a deeper index of posts within taxonomy terms featured in a menu location. If themes could specify what types of content a particular menu location is intended to contain, the menus UI could correspondingly show/hide or prioritize the types of menu items in the available menu items panel. This should be handled with the `object` and `object_type` menu item parameters. As with #38956, this is difficult due to the current way the menu locations API works, and the fact that menus can be added to multiple locations. This should be considered a usability enhancement that is more conservative in hiding available menu items for items in multiple locations, and that adapts as menu locations are changed." celloexpressions 1 38956 Customize Menus: menus assigned to locations with limited depths should not allow deeper depths Customize 4.3 normal normal Future Release enhancement new 2016-11-26T22:16:54Z 2019-04-03T03:59:02Z "`wp_nav_menu()` allows themes to control how many levels of depth will be displayed in the menu hierarchy. However, the menus UI doesn't reflect this or explain why submenu items may not always be visible. There are often valid situations where menus can only accept one level of hierarchy (such as social menus), and the API allows this on the theme side but doesn't address the usability side of the issue. This may be tricky because depth is defined here a menu is displayed, not where a location is registered. Menus can also be assigned to multiple locations. A better API for menu locations may facilitate this improvement." celloexpressions 2 37417 Customize Nav Menus: more visible way to navigate the preview to a menu item object has-patch Customize 4.3 normal normal Future Release enhancement new 2016-07-20T02:22:43Z 2022-05-17T10:31:57Z "Nav menus in the customizer have the benefit of live preview. One of the more hidden aspects of this experience is the ability to view a menu item's object in the preview with the ""original"" link in the menu item options. Unfortunately, being hidden in the item properties dropdown, this feature is little-known. Can we add a link for this to the menu item handle somehow? I've create a preliminary (fully-functional) patch for this, and while I like the UX I think the UI could use work (feels cluttered). This helps to reinforce the connection between menus and content, as well as making it easier to see what an item is linking to when the current menu isn't shown in the preview. It also helps users that may not know that you can navigate links within the preview." celloexpressions 19 22880 Customize Themes without activation Customize normal normal Future Release enhancement new 2012-12-12T11:34:51Z 2021-05-22T18:12:20Z "Add a posibility to customize deactivated themes with the Theme-Customizer without activating them by default. Useful for Blogs running multiple Themes between which the frontend user can switch." kkkrys 13 42635 Customize: Add default value for customizeAction param for sections Customize 4.3 normal normal Future Release enhancement new 2017-11-20T05:30:21Z 2018-10-12T04:07:05Z "Currently the `customizeAction` has to be explicitly provided when dynamically adding sections via JS. If not, then the section header has broken layout. There should be a default value provided so that this doesn't have to be provided each time (see #42083). Adding a default value for `customizeAction` is complicated a bit by the fact that it [https://github.com/WordPress/wordpress-develop/blob/4af1237176c326e7840361fd580fdc3f97841e6a/src/wp-includes/class-wp-customize-section.php#L228-L233 varies based on whether the section has a parent panel]. The `getContainer` method of `wp.customize.Section` probably should check if `customizeAction` is empty and if so supply one: it could look to see if it has a `panel` parent, and if so, grab the title; otherwise, it can use the default “Customizing” value. A default value should have been originally provided in #30737. Workaround for plugins to provide a default value in the mean time: {{{#!php <?php add_action( 'customize_controls_enqueue_scripts', function() { wp_add_inline_script( 'customize-controls', sprintf( 'wp.customize.Section.prototype.defaults.customizeAction = %s;', wp_json_encode( __( 'Customizing' ) ) ) ); } ); }}} " westonruter 1 54119 Customize: Always Show Homepage Settings dev-feedback Customize 4.7 normal normal Future Release enhancement new 2021-09-14T06:58:32Z 2021-09-18T03:01:09Z "== Summary The options at Appearance → Customize → Homepage Settings are contextual. They appear only if the user has at least one published page. I am proposing tp always show Homepage Settings, regardless of the presence of published pages. == Why When you start a new website, the first page you think about is your homepage. So, when you go to look for Homepage Settings, you may not have published a page yet. Or, maybe you start working on your homepage, but it's still a draft. In this scenario, Homepage Settings is not there at all. A user who visited Customize would have checked there and not seen anything related to setting the homepage, so they would not think to check again for it after publishing their first page. If Homepage Settings were to always show, a user would immediately learn where to set a homepage, even if no pages appear in the dropdown yet to select their homepage. It's also worth noting that at Customize → Homepage Settings, you can use the 'Add New Page' option to create a new page using this interface, therefore a user with no pages yet can create their homepage here. By always showing Homepage Settings, this will avoid the confusion a new user faces with Homepage Settings not being present in Customize." donalirl 1 39031 Customize: Include theme as just another setting instead of passing as separate parameter Customize 4.1 normal normal Future Release enhancement new 2016-12-02T18:58:11Z 2021-05-24T00:19:53Z "The customizer state is currently split in two places: the `customized` settings (changeset) and the previewed `theme`. This separation of the theme from the settings makes sense to a degree since the settings are dependent upon which theme is active. There is currently an `active_theme` setting but it is a dummy setting which is used merely for the sake of wiring up the capability check for the themes panel. The `active_theme` setting is added with a comment: > unused - the theme is considerably more fundamental to the Customizer experience However, since the `theme` is not just another `setting` then this means that the theme cannot currently be made part of a changeset, and as such a theme switch cannot be previewed on the frontend by non-authenticated users and also a theme switch cannot be scheduled in the customizer. Ideally there could be a `theme` setting with the `switch_themes` capability that could be added to a changeset, and when that changeset is published, the `switch_theme` call should then be made. See also #22880." westonruter 4 39389 Customize: Make sure selective refreshed partial placement is scrolled into view Customize 4.5 normal normal Future Release enhancement new 2016-12-24T23:11:57Z 2022-08-26T08:01:45Z As of #36678 there are visible edit shortcuts in addition to the “shift-click to edit” behavior in the preview. This ensures that the corresponding control for a given element in the preview can be focused and discovered. However, there is no corresponding facility to quickly discover and jump to an element in the preview that corresponds to a given control. When making a change in a control any corresponding element (partial placement) in the preview should be scrolled into view. This is a key usability improvement. westonruter 28 42191 Customize: Selectively merge settings from autosave revisions Customize normal normal Future Release enhancement new 2017-10-12T04:06:54Z 2021-05-29T18:26:08Z "In follow-up on #42024, an autosave revision is created as part of changeset locking. When a user returns to the customizer after a lock has been lifted, they will be prompted to restore their revision. The restoration logic should only load settings from the changeset which are older than the settings in the `customize_changeset` post (see new setting prop `date_modified_gmt`), or the settings for which there is no existing setting in the changeset. This merge will more intelligently ensure that a user's restored autosave revision won't override the changes another user saved. There may be some cases, however, where selectively restoring parts of an autosave will have unexpected results (e.g. opting to include a newly-created widget, but not accepting the change to the sidebar), so more investigation will be needed. The problem of conflict resolution in the Customizer is a large problem which is also being worked on in the [https://github.com/xwp/wp-customize-snapshots Customize Snapshots] plugin. See also #31436 (Handle conflicts in concurrent Customizer sessions)" westonruter 42272 Customize: Use client-side templates for rendering base controls Customize 4.9 normal normal Future Release enhancement new 2017-10-19T03:05:59Z 2019-01-09T06:25:05Z "This is a follow-up on #30738. See patches on that ticket. Eliminating server-side rendering of the control content for server-side registered controls was not included as part of 4.9 due to it being a big change and it got too late in the release. This will necessarily need to include support for `dropdown-pages` which we didn't implement in #30738, since we ran out of time and wanted to rely on REST API for fetching the pages." westonruter 2 37916 Customize: ability to disable content creation in menus Customize 4.7 normal normal Future Release enhancement new 2016-09-01T20:55:33Z 2019-06-04T19:41:28Z "There should be a hook to disable the ability to create new posts (and eventually terms, see #37915) in nav menus in the customizer. Ideally, it should be able to be disabled for specific post types as well as all post types. For terms, we'll need to turn it off for the `post_format` taxonomy. This is being split out from the initial merge in #34923, where there are patches with an approach we could take here." celloexpressions 9 37915 Customize: allow terms to be created in nav menus boonebgorges dev-feedback Customize 4.7 normal normal Future Release enhancement assigned 2016-09-01T20:51:39Z 2021-05-23T23:16:18Z "Follow up to #34923. When setting up initial site structure, in many cases it's as important to be able to create new terms to add to menus as the ability to create posts. For users, the distinction between terms and posts probably isn't immediately clear, so this functionality gap may be confusing. There are several patches on #34923 that contain the needed framework here, but we need the ability to preview terms before we can add support for terms. This depends on #37914. Milestoning for 4.7 now for tracking, but we're waiting for that ticket before we can proceed here." celloexpressions 14 36581 Customizer Header Image Control should extend the cropped image control Customize 3.9 normal normal Future Release enhancement new 2016-04-18T19:55:06Z 2019-05-29T17:36:05Z "`WP_Customize_Header_Image_Control` was written (in 3.9) before all of the other customizer media controls were refactored to use the media library (in 4.1) and additional controls were introduced (in 4.2 and 4.3). It uses an almost entirely separate codebase right now, and by merging it back in to use the newer functions, future enhancements can be made in fewer places to apply to more controls, and the cropped-image control will likely benefit with some new reusable features as well. Additionally, this cleanup will simplify the codebase and make it much easier to contribute to and understand the way the headers UI works, and why. Ideally, we would be able to use `WP_Customize_Cropped_Image_Control` directly for header images by bringing more features that are currently specific to headers to all media controls. However, in practice we may end up needing it to remain a distinct control for various reasons. Regardless, it should extend WP_Customize_Cropped_Image_Control directly and make use of its functions in both PHP and JS where possible. Additionally, it should leverage the core API for JS-templated contols introduced in 4.1. See #29211, and #32861, which would likely be fixed in the process of implementing this ticket." celloexpressions 7 33469 Customizer Menus: Restore active menu to a location after selecting and unsetting another menu dev-feedback Customize 4.3 normal normal Awaiting Review enhancement new 2015-08-20T18:40:47Z 2021-05-23T17:52:53Z "When a location is specified for a menu and another menu is assigned to that location in the Customizer, the first menu is removed even if the new settings aren't saved. 1. Assign a menu to a location in the customizer. Click ""Save & Publish"". 1. Assign a different menu to that location, but do not save. 1. Uncheck the location from the second menu. Expected: The previously selected menu for that location should be restored. Actual: The location now has no menu assigned to it." morganestes 5 32768 Customizer Widgets and Themes search improvements reporter-feedback Customize 4.2 normal normal Future Release enhancement assigned 2015-06-23T18:06:29Z 2021-05-22T20:29:24Z "Widgets and Themes search would need the same improvements done for the Menu Customizer. Widgets: - activating ""Add a Widget"" with the Space bar doesn't prevent the default action, as a result the search field gets a space character and the placeholder text is gone. See https://github.com/voldemortensen/menu-customizer/issues/107 Both: - the search results (or no results) should be announced to assistive technologies, possible use case for wp.a11y.speak see #32720 - a short description of the ""live"" search functionality could help, see the Menu items search in core, i.e.: aria-describedby=""menu-items-search-desc""" afercia 6 41126 Customizer does not work if both wp_footer() and wp_head() functions are not present in the theme. Customize 4.7 normal normal Future Release enhancement new 2017-06-22T14:56:18Z 2017-07-05T21:06:03Z I know there is another ticket (#14752) that refers to when wp_head() and wp_footer() are not present in the theme and it was discarded. But in this case, I refer specifically to the Customizer. Since it will not work when those functions are missing, maybe we can disable it completely (maybe with a dismissible notice in the head) or find a way to include the necessary files and data and make it work even when those functions are missing. mdifelice 12 39609 "Customizer should display ""Fade"" effect for entire iFrame for settings using partialRefresh when selector is not visible" Customize 4.5 normal normal Future Release enhancement new 2017-01-17T01:30:41Z 2017-11-06T17:26:53Z "When modifying the value of a setting in the customizer that uses partialRefresh for the transport, typically, the element that is being modified on the live site fades out as the customizer replaces the element with the correct output. This gives the user a nice visual letting them know to be patient as the output is modified. In some cases, the element being modified may not be visible in which case there is no cue to the user to let them know things are being updated. A good example would be an advanced setting for changing the color scheme of the site which adds inline CSS to the head tag. Here is a little video example: https://cl.ly/illS (I don't use postMessage for this setting because there are filters in place so developers can hook in custom elements to be modified and for 3rd party plugin support). I'm sure there are other circumstances where a setting may be altering a ""hidden"" element. This is just one example and while there is very little delay in my specific example, I believe for consistency and UI purposes it would make sense to add the extra check to see if the element is visible and if not fade-out the whole iFrame during the refresh process. Thank you for considering!" AJClarke 3 39910 Customizer: Add ability to drag & drop widgets and menu items Customize normal normal Future Release enhancement new 2017-02-17T19:38:19Z 2021-05-29T17:06:55Z Currently when you add a new widget in the Customizer, the available widgets will show, but you can not drag and drop any of the those widgets, rather you have to select the widget then, that widget will be added in. Drag and drop does work on widgets that already exist or where just added. lukecavanagh 21 38707 Customizer: Additional CSS highlight, revisions, selection, per-page, pop-out Customize normal normal Future Release enhancement new 2016-11-08T06:04:04Z 2021-06-01T03:01:11Z "[[Image(https://core.trac.wordpress.org/raw-attachment/ticket/35395/customizer-css-i2.png)]] This ticket is to track the next steps of Additonal CSS after 4.7. See #35395 for the discussion so far. The MVP of the Additional CSS editor in customizer included the basic UI, navigation and backend work. There are various next steps that area already included in the design above, and can be done either in a single next release or staggered further as needed. From the latest discussed design, the features we already have ready to build are: 1. Syntax Highlighting 2. Revisions 3. Selection of items on the page (CSS selector) 4. Per-Page CSS as a complement of the current ''site-wide'' CSS for better management 5. The ability to pop-out the editor in a separate window for a more comfortable editing experience Just one special note regarding revisions: we might want to not do CSS revisions, and instead build the more flexible and general revision UI for the customizer as a whole. That's being discussed in #31089. " folletto 42 35827 Customizer: Create a dropzone for adding images Customize 4.1 high normal Future Release enhancement assigned 2016-02-13T22:27:11Z 2017-09-26T13:52:00Z "This is a follow-up to #35826. On panels that let you upload images (identity, header, background) we should make the ""no image set"" container a dropzone to drag & drop your images onto. Like the editor, when you drag and drop an image into those dropzones, it would open the media modal and start uploading the image." melchoyce 20 40432 Customizer: Should we stop contextually hiding features? Customize 4.0 normal normal Awaiting Review enhancement new 2017-04-12T22:20:48Z 2018-09-12T17:52:10Z "This is a continuation of the conversation in #39087. If something doesn't appear on a page you're previewing, it gets hidden in the Customizer panel. For example, if your archive pages have a sidebar, but your static pages do not, you will not be able to edit your archive sidebar. It will be hidden until you go to an archive page. The same goes for contextual theme options. For example, you can't assign sections to your homepage in Twenty Seventeen unless you're on your homepage. This is often very confusing for folks new to WordPress, as evident in the previous ticket linked above. I think we should change this behavior, and I'm interested in hearing what others think." melchoyce 59 39599 Customizer: when no title on page it adds weird content in navigation link has-patch Customize normal normal Awaiting Review enhancement new 2017-01-16T12:40:14Z 2017-07-26T01:46:39Z "I understand that that there may need to be a title, however if you have a page and remove the title you then get the following: [[Image(https://cldup.com/sc4tmiokFB.png)]] The output being `#20 (no title)` does make sense but couldn't we increase the usability here and just have it say 'no title'? Do we have to have `#20`?" karmatosed 9 40527 Decouple WP_Customize_Manager Customize 4.8 normal normal Future Release enhancement new 2017-04-22T10:59:58Z 2017-09-25T17:24:37Z "When you create multiple instances of `WP_Customize_Manager` it adds/removes multiple hooks in its constructor which should be executed single time. So let's say if I want to create two new changeset posts it I will do. {{{#!php <?php $data = array( ... // Some changeset data. ); $manager1 = new WP_Customize_Manager(); $manager1->save_changeset_post( array( 'data' => $data ) ); $manager2 = new WP_Customize_Manager(); $manager2->save_changeset_post( array( 'data' => $data ) ); }}} This will cause `wp_ajax_customize_save` to add twice with `$manager1` and `$manager2` it should add only once. `wp_ajax_customize_save` is a just example. See Constructor: https://github.com/WordPress/WordPress/blob/5f771393a318d333503d5e13525dfcd543819302/wp-includes/class-wp-customize-manager.php#L229-L369. So we should decouple `WP_Customize_Manager` class and maybe extract changeset methods in separate class `WP_Customize_Changeset`." utkarshpatel 9 50290 Edit Post and Edit Page is not showing in Admin Bar, When I open any Post or Page in new tab while in Customize dev-feedback Customize normal normal Awaiting Review enhancement new 2020-05-31T16:49:51Z 2021-06-01T03:06:11Z "In Customize, When I try to open any post or any page with the '''open link in new tab ''' or '''open lin in new window''', Edit Post or Edit Page is not showing in Admin Bar. But when I try to open any Category or Tag with the open link in a new tab or new window, it showing Edit Category and Edit Tag in Admin Bar. I have attached a gif file and screenshots for a better understanding." dhruvpandya 2 38072 Eliminate placeholder nav menu items in favor of auto-drafts in Customizer Customize 4.3 normal normal Future Release enhancement new 2016-09-16T05:46:06Z 2017-06-07T00:21:05Z "When nav menus were added to the customizer in 4.3, newly-created nav menu items were assigned a random negative integer to represent the ID for that `nav_menu_item` post. (This was also true of `nav_menu` terms for newly-created nav menus.) Upon saving the customized state, any such `nav_menu_item[...]` settings with negative IDs would then get inserted and assigned actual IDs which would then get sent back in the `customize_save_response` and the UI then replaces the placeholder nav menu item's control with the newly-inserted nav menu item's control. The key motivation here was to ensure that changes made in the customizer would not have an impact any part of WP until hitting Save. (What happens in the customizer stays in the customizer… until you hit Save.) Now, aside from a momentary flicker of placeholder nav menu item controls that get replaced with actual nav menu item controls, there is a key disadvantage to using such placeholder nav menu items (with negative post IDs): it is not possible to relate postmeta to them. There is a long-standing ticket #18584 for allowing nav menu items to be extensible to add custom fields in the customizer (and in the admin screen). In the call to `get_metadata` it has a behavior whereby it passes the supplied post ID through `absint` so if any postmeta are attempted to be related to placeholder `nav_menu_item` posts, they will fail to be accessed when calling `get_post_meta()`. Now, in #34923 there was the introduction of being able to create stubs for posts and pages inside the customizer so that they can have nav menu items created for them. The stubs created here are `auto-draft` posts which ensures that they do not affect other parts of WordPress and they will be automatically garbage-collected if never published. Now, the original Menu Customizer plugin did make an Ajax request for each created new nav menu items but they were `nav_menu_item` posts that were not related to a `nav_menu` (they were orphaned) rather than being `auto-draft`. We could consider going back to making an Ajax request to create each `nav_menu_item` (now an `auto-draft`) in the same way that is being done for post/page stubs. A downside of going to using Ajax to create new nav menu items (to reserve an auto-incremented post ID) is that adding a new nav menu item would no longer be instant. However, it would mean that upon save there wouldn't be any rebuild of nav menu item controls replacing placeholders with actuals, and as such it could mean a lot of code could be removed. But the most important benefit of switching to use `auto-draft` posts for nav menu items is that postmeta could then be created in the customizer and related to actual post IDs which could then be properly targeted in `get_post_metadata`filters. Alternatively, `get_post_meta` could just replace the `absint` with a call to `intval` and then ensure that the `get_post_metadata` filters apply with that negative ID, but then short-circuit if the filter doesn't return with `null` (since it wouldn't be able to find entries with negative IDs in the database). See feature plugin for adding custom fields to the customizer: https://github.com/xwp/wp-customize-nav-menu-item-custom-fields Note how the plugin has to postpone the presentation of custom fields until a newly-added nav menu item is saved the first time: https://github.com/xwp/wp-customize-nav-menu-item-custom-fields/blob/2ad056634441a74ba91982ca88b089297f630971/customize-nav-menu-item-custom-fields.js#L279-L284 Dependency for: #18584" westonruter 8 36582 Export main query from Customizer preview Customize 4.0 low normal Future Release enhancement assigned 2016-04-18T20:45:09Z 2021-05-23T19:56:36Z "Controls, sections, and panels in the Customizer support the concept of an active state (#27993) which controls whether or not the control is contextual to the current query. Controls may want more information than whether to hide/show, but to show contextual information based on which kind of query is loaded in the Customizer preview, such as if it `is_singular` or which post specifically was queried. This information should be exposed from the Customizer preview to the pane as well. An initial implementation of this has been implemented in the Customize Posts feature plugin: https://github.com/xwp/wp-customize-posts When the preview syncs the `WP_Query` data from the preview to the pane, the data should get sent along with the `ready` message along with the `activeControls`, `activeSections`, and `activePanels` data. When the data is received by the pane, it should get populated into a model which can have events attached to it. For example, a `wp.customize.Values` instance could be used as a collection to represent the query_vars. Or there could be one single `wp.customize.Value` that stores the exported `WP_Query` data in like `wp.customize.previewedQuery` which plugins could then listen to changes on. For example: {{{#!js wp.customize.previewedQuery.bind( function( newQuery, oldQuery ) { if ( newQuery.is_singular !== oldQuery.is_singular ) { if ( newQuery.is_singular ) { // We switched to a singular template! } else { // We switched to a non-singular template! } } } ); }}} Some thought will need to be given to how a JavaScript object is used to represent `WP_Query`. See Slack: https://wordpress.slack.com/archives/core-customize/p1461011732000103" westonruter 8 37275 Facilitate creating controls that manipulate settings with object values Customize 3.4 low normal Future Release enhancement new 2016-07-04T20:39:26Z 2019-04-19T21:05:06Z "While #37274 addresses the difficulty to manipulate updating settings that have object values, the Customizer JS API also does not facilitate creating controls that have fields which manage a setting that has a object value. The `MenuNameControl` provides a good example of a control that has a text field for managing a nav menu setting's `name` property: {{{#!js control.nameElement = new api.Element( control.container.find( '.menu-name-field' ) ); control.nameElement.bind(function( value ) { var settingValue = control.setting(); if ( settingValue && settingValue.name !== value ) { settingValue = _.clone( settingValue ); settingValue.name = value; control.setting.set( settingValue ); } }); control.setting.bind(function( object ) { control.nameElement.set( object.name ); }); }}} This works but it is tedious when scaling and makes it difficult to extend, as can be seen in the `MenuItemControl`. There should be a more declarative way to link a field to ''a property'' of a setting value object. One implementation of this can be seen in the [https://github.com/xwp/wp-customize-posts/blob/0.6.1/js/customize-dynamic-control.js Dynamic control] as seen in the Customize Posts plugin. While Core supports a `data-customize-setting-link` attribute in a control template to declaratively link an input field to a setting value, the Dynamic control Dynamic adds support for a `data-customize-setting-property-link` attribute which will link the input field to the a ''property'' of the (default) setting. This eliminates the need for custom JS logic to link the input elements. See an example control which has fields which manipulate a setting value containing a street address: https://github.com/xwp/standalone-customizer-controls/blob/master/class-customize-address-control.php This will facilitate extending nav menu items in the Customizer: #18584." westonruter 3 37274 Facilitate updating/extending Customizer setting values that are objects Customize 3.4 normal normal Future Release enhancement new 2016-07-04T20:22:46Z 2019-04-19T21:04:47Z "There is bit of a dance to work with setting values that are objects. Consider a `mailing_address` setting that represents a street address: {{{#!json { ""street"": ""123 Fictional St."", ""city"": ""Portland"", ""state"": ""OR"", ""zip"": ""97201"" } }}} Getting the value is as simple as `wp.customize( 'mailing_address' ).get()`, but updating the value is not so simple. To change the `street` part of this setting, the following is required: {{{#!js var value = wp.customize( 'mailing_address' ).get(); value = _.clone( value ); value.street = '123 Imaginary Ave'; wp.customize( 'mailing_address' ).set( value ); }}} The clone is required because objects are passed by reference, and if the `value` were to set directly, the subsequent `set` would not trigger a `change` event. Widgets and nav menus use objects as values in Core. Widgets aren't manipulated directly in JS (until #33507) but nav menus and nav menu items are. Here's the code for managing how a nav menu's name gets changed when the nav menu's name field is updated: {{{#!js control.nameElement.bind(function( value ) { var settingValue = control.setting(); if ( settingValue && settingValue.name !== value ) { settingValue = _.clone( settingValue ); settingValue.name = value; control.setting.set( settingValue ); } }); }}} To make it easier to work with setting values as objects, we could introduce a `wp.customize.Value#setExtend` method that allows an object value to be extended in the same way that `setState` works in React, take an object of key/value pairs that are merged on top of the existing value. Here is an example implementation: {{{#!js wp.customize.Value.prototype.setExtend = function( props ) { var value = _.clone( this.get() ); _.extend( value, props ); this.set( value ); }; }}} With this, to update the `mailing_address` setting value property in the above example could be changed to simply: {{{#!js wp.customize( 'mailing_address' ).setExtend( { street: '123 Imaginary Ave' } ) }}} See #26061. Related #37275." westonruter 2 38077 Facilitating embedding customizer controls outside of sections westonruter* Customize normal normal Future Release enhancement accepted 2016-09-16T20:14:50Z 2017-05-07T02:46:53Z "Controls are currently assumed to be always contained within sections in the customizer. This makes it difficult to reuse the controls in other contexts, such as embedding multiple controls inside another control or embedding a control outside the context of the customizer entirely. This will facilitate embedding customize controls on the frontend for contextual editing without having to have the customizer sidebar open or even having to go into `customize.php` at all. Some of the hacks required to get controls to appear outside of the customizer can be seen in https://github.com/xwp/standalone-customizer-controls The Media control in particular needs to be updated to remove the logic resize the player controls when the section is expanded. The `embed` method (used by widgets) also needs to not wait generally for a contained section to expand. Key dependency for #29071 (Make it easier to include an instance of the Customizer outside of customize.php) Depends on or is closely related to #37964 (Allow customizer controls to be encapsulated by accepting pre-instantiated settings)" westonruter 6 21627 Filter for custom-background CSS selector peterwilsoncc needs-unit-tests Customize 3.4.1 low minor Future Release enhancement assigned 2012-08-18T11:46:55Z 2021-05-22T17:41:50Z "There should be an easier way for changing the css selector from body to html or any other then making your own callback. " Horttcore 28 31436 Handle conflicts in concurrent Customizer sessions Customize 3.4 normal normal Future Release enhancement assigned 2015-02-24T19:42:44Z 2021-05-22T20:00:44Z "If two users open the Customizer at the same time and modify the same settings, the user who saves their changes last will win out, and the person who saves first will have their changes lost. (The frequency of the problem was reduced in #29983 since now only dirty settings now get POSTed.) The Customizer needs Heartbeat integration to add the “Post Locking” functionality. We don't need to lock the entire Customizer, however, from concurrent users: we need to add locking for individual settings in the Customizer. When a setting becomes dirty, we need to broadcast via Heartbeat to other users that the setting has been changed and thus any controls for this setting should be marked as ""locked"", with any changes prevented. This will become increasingly important as more and more settings are added to the Customizer and users go there more often to make changes. The locking UI could provide a button to copy the other user's change into the other Customizer session, and this could result in the control being editable again, with subsequent changes pushed out to other users as well, who would then also get the corresponding setting automatically updated if it was dirty, but if it was not dirty then it would remain in its clean state but with a locking notification added. This also should apply when a setting is modified by some means other than the Customizer: if someone is in the Customizer and another user changes a setting via an admin page or via XML-RPC or REST API, then this setting update should also be illustrated in the Customizer to note that the settings are stale and should be refreshed. This refresh could be done inline, without having to reload the entire page. For the issue of conflicting auto-incremented widget IDs across user sessions, see #32183. For the previously-reported issue specific for handling conflicts between editing widgets on the widget admin page, see #12722. For the introduction of concurrency locking for options pages (settings API), see #32202. Some enhancements for a feature plugin: The Customizer UI would benefit from having a list of users currently in the Customizer appearing somewhere, with a list of the changes each user has made. If someone left their Customizer session open, this list would also allow an administrator to sign the user out, using something like the [https://wordpress.org/plugins/user-session-control/ User Session Control] plugin; or the Customizer UI could provide a way to boot a user from the Customizer. For use of Heartbeat to keep nonces fresh, see #31897. See also #42191 (Customize: Selectively merge settings from autosave revisions)" westonruter 16 39040 Hide references to nav menu locations that are not visible in the customizer preview Customize 4.3 normal normal Future Release enhancement reopened 2016-12-03T12:16:53Z 2019-03-19T02:03:11Z "Could be helpful to have menu locations automatically updated when switching template parts. For example if I have two header style: header-singlemenu.php {{{#!php <?php wp_nav_menu( array( 'theme_location' => 'primary', )); }}} header-doublemenu.php {{{#!php <?php wp_nav_menu( array( 'theme_location' => 'primary-left', )); wp_nav_menu( array( 'theme_location' => 'primary-right', )); }}} Those got by {{{#!php <?php get_template_part('header', get_theme_mod('header_style','singlemenu') ); ?> }}} where ''header_style'' obviously can be '''singlemenu''' or '''doublemenu''' in functions.php i have {{{#!php <?php if(get_theme_mod('header_style', 'singlemenu') == 'singlemenu') { register_nav_menu( 'primary', __( 'Primary Menu', 'theme-slug' ) ); } else { register_nav_menu( 'primary-left', __( 'Left Menu', 'theme-slug' ) ); register_nav_menu( 'primary-right', __( 'Right Menu', 'theme-slug' ) ); } }}} When switching header style in customizer, menu location are not updated. You are bound to save your customization, reload the page and then you can be able to see new location. [[Image(https://i.gyazo.com/9fe4cca23b88c55877d65431c756f3a4.gif)]] " khela 3 38845 Implement HTML5 input validity constraints in customizer settings Customize 4.6 normal normal Future Release enhancement new 2016-11-17T23:58:38Z 2017-09-18T19:10:39Z "Ever since #28477 controls in the customizer have supported custom HTML5 input types along with new input attributes passed via the control's `input_attrs` param. The support, however, has been lacking because when a user supplies something that violates some of the constraints (such as `pattern` or `step`) there is nothing that blocks the setting from being saved (using setting validation model in #34893). So using the `input_attrs` along is in fact somewhat harmful if it is not accompanied by the same constraints being applied in the setting's `sanitize_callback` or `validate_callback`. The browser's built-in input validation error UI also does not show because no form actually gets submitted, and there are no calls to the poorly-supported `input.reportValidity()` method. To address these issues, I suggest that the default `validity_callback` for `WP_Customize_Setting` could look for any associated controls and then check the type of the value against the control's `type` and also check the value against the validation constraints defined in the control's `input_attrs` param, such as `min`, `max`, `pattern`, `step`, `maxlength`, and so on. In this way, a setting's `sanitize_callback`/`validate_callback` wouldn't even need to be defined since the validation constraints would be defined declaratively and checked automatically. It's not exactly the best pattern, however, for the setting's validation constraints to be defined on the control. So there could be a new `validation_constraints` param on `WP_Customize_Setting` where the validation input attributes could be defined instead of the on the control's `input_attrs`. A control could then automatically populate it's own `input_attrs` by copying from the setting's `validation_constraints`. These changes will ensure that setting validation routines will apply and error notifications will be displayed when settings fail validation on the server with a full refresh, selective refresh, or changeset update. In order to get the browser's native validation error reporting to appear, the JS control logic can be updated to call `input.reportValidity()` if it is available (it's currently only implemented in Chrome). See feature plugin: https://github.com/xwp/wp-customize-input-validity-constraints" westonruter 5 42331 Improve setting up header images in Customizer Customize 3.9 normal normal Future Release enhancement new 2017-10-25T11:47:08Z 2018-01-15T19:05:10Z "I think the process of setting up header images in Customizer can be more streamlined. When only 1 image is there (uploaded or suggested), why do we offer the 'randomize' option? If you click the button, it gets the 'selected' class, the preview greys out, but nothing has been changed (how could it having only 1 image) - 1) Shouldn't this button rather be only there if we have more then 1 image? 2) Small glich Scenario: Current header image is not set We have 1 uploaded image Set it to 'Randomizing uploaded headers' then delete the image (clicking 'X') Publish It's still set to 'randomize headers' instead of 'no image selected' I think it should switch to 'No image set' in the moment the image is deleted There was a lot of activity in #21785 I'm unable to sum this all up" Presskopp 3 40200 Introduce WP_Customize_Embed_Control Customize 4.7 normal normal Future Release enhancement new 2017-03-18T22:28:29Z 2018-07-08T17:36:03Z Similar to the previously-introduced `WP_Customize_Media_Control`, `WP_Customize_Embed_Control` would offer a UI framework for options that store media information. For this control, associated settings would always store the embed URL, whereas the media control stores an associated local attachment ID. This control would be used to add and manage options that use externally-hosted media via oembed. The initial core usage would be for the external header video control, and this would facilitate showing the embed within the customize pane so that you can directly see what the embed is in the pane, similarly to how the media controls show small previews in the pane to complement the full previews in the customize preview. celloexpressions 4 37887 Make attachments atomic until a Customizer session is published Customize 4.7 normal normal Future Release enhancement new 2016-08-30T16:50:18Z 2017-10-16T06:45:09Z "== Current behavior == When you upload attachments via a Customizer session they are: 1. Added to the filesystem. 2. Saved to the database as a new post. 3. Immediately visible in the Media Library to all other logged in users. == Desired behavior == Attachments that are uploaded during a Customizer session should not be published, or even visible by other logged in users, until the user decides to publish the changes. == Possible idea Until Customizer changed are published, all `attachment` posts that have been uploaded inside the Customizer could have their post status set to `auto-draft` rather than `inherit`. This will make them invisible inside the Media Library from other logged in users. All `attachment` posts uploaded during the Customizer session could be stored inside the new Customizer transaction, and the Media Library query could be made to only show those uploads during the current unpublished session. == Publish or Discard If a transaction (customizer changes) is '''published''', then the post status on these `attachment` IDs can be set to `inherit`, making them visible inside in the Media Library like normal. If a transaction (the customizer changes) is '''discarded''', then the `attachment` IDs can be force deleted via `wp_delete_attachment( $ID, true )` which will not only delete them from the database, but also from the filesystem." fjarrett 16 29071 Make it easier to include an instance of the Customizer outside of customize.php Customize 3.4 normal normal Future Release enhancement reopened 2014-07-30T20:27:19Z 2021-05-22T19:29:30Z "A lot of the bootstrapping of the customizer goes on either in customize.php or in function calls that are hardwired to this instance. We should make this code more modular, so there isn't so much boilerplate required to load a customizer instance on a different page." ericlewis 24 51820 Make starter content for fresh sites more discoverable Customize normal normal Awaiting Review enhancement new 2020-11-18T18:01:55Z 2020-11-18T18:01:55Z "Starter content currently only makes an appearance if you open the customizer on a ""fresh site"" (typically a new install). It's easy for a user to have made other edits before heading into a customizer, which means they'll never see the starter content, and may be left wondering why the theme preview doesn't look anything like their site. On the other hand, if starter content does manage to apply, they might wonder why the customizer preview doesn't look anything like their live site. For the current limited application of starter content, we should consider some kind of prompt to try it out in the customizer before anything else, and show a message in the customizer that starter content has been applied and won't show up on your live site until you hit publish. More broadly we should make starter content usable in more contexts, opening a ticket for that shortly." helen 49876 Menu section improvement ryokuhi* Customize normal normal Future Release enhancement accepted 2020-04-11T10:23:39Z 2021-07-30T15:53:54Z I use wordpress for more than 15 years i still wondering why you dont make the menu section easier, for example if someone have more than 100 categories in a woocomerce he can be lost in the categories and subcategories. It should be good idea to show BOLD wich of items are in use in the current menu preview, so can be easy use the other items. also need more flexibility in menu items column Dblii 12 43469 Native Site Icon feature in Customizer is outdated Customize 4.3 normal normal Future Release enhancement new 2018-03-04T14:17:06Z 2021-05-31T15:07:39Z "Hi, The native Site Icon feature in Customizer is outdated and should be updated. Windows: 1) There's only 1 Windows Tile (270x270px). To cover newer devices there should be a delcaration for the small, medium, wide and large Tile. Source [https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/samples/dn455106(v=vs.85) here]. 2) There should be a colorpicker for the Windows Tile. 3) Because the wide Windows Tile is rectangular (310x150px), there should be an additional file input for this Tile. 4) To overwrite the prefered XML browser configuration file, this should be added: {{{<meta name=""msapplication-config"" content=""none"" />}}} Regarding 2 and 3 check attachment. iOS: 5) Instead of using {{{rel=""apple-touch-icon-precomposed""}}} it's more common to use {{{rel=""apple-touch-icon""}}} nowadays. Example: {{{<link rel=""apple-touch-icon"" sizes=""180x180"" href=""/apple-touch-icon.png"">}}} Guido " Guido07111975 10 29316 Need more value and preview hooks for WP_Customize_Settings Customize 3.4 low normal Future Release enhancement new 2014-08-22T11:57:04Z 2018-03-20T01:22:38Z "There should have more filters to handle settings. for example: add {{{ apply_filters( 'customize_value', $this->defaults, $this); }}} or {{{ apply_filters( 'customize_value_'.$this->type, $this->default, $this); }}} before {{{ apply_filters( 'customize_value_' . $this->id_data[ 'base' ], $this->default ); }}} add {{{ do_action( 'customize_preview_setting', $this ); }}} before {{{ do_action( 'customize_preview_' . $this->id, $this ); }}} " dedepress 14 47990 Opening/Closing the 'Add Items' slideout in the Customizer Menu editor loses the check icon Customize 4.3 normal normal Future Release enhancement new 2019-09-06T08:09:50Z 2021-06-01T00:47:14Z "Hello, While testing [https://core.trac.wordpress.org/ticket/46830 46830] I came across a separate issue I'll open here. The checkbox to indicate an item (page/post) is in the menu gets reverted to the + add icon if you click 'All Items' button to open and close the select menu item drawer. It would be nice if the checkbox icon was persistent to continue to indicate to the user what items are selected in the menu. Thank you " garrett-eclipse 6 47692 Optgroup in Customizer Select Control has-patch Customize 3.4 normal normal Future Release enhancement new 2019-07-13T07:11:07Z 2020-07-27T02:09:14Z Optgroup add in Customizer Select Control chintan1896 27 47500 Optimize customizer load time dev-feedback Customize normal normal Awaiting Review enhancement new 2019-06-07T00:42:58Z 2021-05-31T16:22:13Z "Please see some discussion in slack for background and ideas https://wordpress.slack.com/archives/C0381N237/p1559852377000600 TLDR; More plugins and themes are using the customizer. It's a very good experience when making changes to options that affect the display of the site. As more controls are added the initial page render is taking longer and longer. Searching for things like ""WordPress customizer long load times"" results in tickets like https://wordpress.org/support/topic/customizer-takes-12-seconds-to-load/ In my own tests against a plugin I develop for I've found DOM Ready load times approaching 10 seconds. In default usage this is not apparent, but as themes and plugins use the customizer it becomes very slow. Ideally the initial page render should be more complete and then panels, sections, and controls can be added. This will make the page ""feel"" complete and more responsive." Nick_theGeek 2 40862 Partially visible controls within a pane do not scroll into view jpurdy647 has-patch Customize low normal Future Release enhancement assigned 2017-05-25T13:51:57Z 2020-11-25T19:39:42Z "If the widget pane has many widgets, sometimes the widget dialogue will not be visible when the edit shortcut icon is clicked on the page. If any part of the control is visible, it does not fully scroll into view even though the focus is properly set. A few notes: - If the widget is not in view at all wihtin the pane, it properly scrolls it into view and focuses. - The problem also occurs if the pane is not currently visible when the edit shortcut is clicked. Clicked edit shortcut on a widget in view in the sidebar: https://cldup.com/EPHX4omF81.png Clicked edit shortcut on a widget with part of the header visible in the pane: https://cldup.com/gOsa9rovWG.png" desrosj 8 44976 Proposal to add deregister_control_type(), deregister_panel_type() and deregister_section_type() methods to WP_Customize_Manager dev-feedback Customize normal normal Awaiting Review enhancement assigned 2018-09-21T06:17:24Z 2019-06-01T15:47:37Z "Today was the time I wish I am able to remove a registered customizer control. I also have a patch to implement a deregister_control_type()" Collizo4sky 14 38947 Proposition to add an optimized api.Events manager to the api.Value constructor has-patch Customize 4.7 normal normal Future Release enhancement new 2016-11-26T11:21:36Z 2019-12-05T05:19:54Z "It would be convenient to be able to bind, unbind and trigger `api.Value` instances by event id, instead of using only functions param like it's the case now. The `api.Values` constructor is already extended with the `api.Events` manager object, which is very useful. I propose to do something similar with the `api.Value` constructor. In order to not overload the `api.Value.topics` object with anonymous functions, a possible optimization would be to fallback on the previous binding method of `api.Value`, with a function type param directly added to the `api.Value.callbacks` ( `$.Callbacks` ) object, if no id is provided for the callback, and to populate the `api.Value.topics` property only when an id has been provided on binding. " nikeo 8 34747 "Provide more flexibility for ""You are customizing"" text" ryankienstra close Customize normal normal Awaiting Review enhancement assigned 2015-11-19T22:00:49Z 2021-05-23T18:37:12Z "I'd like to be able to customize the ""You are customizing"" text based on context: [[Image(https://dl.dropboxusercontent.com/s/bu33174tvkdrhnf/2015-11-19%20at%201.55%20PM.png?dl=0)]] Because these strings are rendered directly in `wp-admin/customize.php`, I have very little control over the text. Ideally, this HTML would be rendered by calling `WP_Customize_Panel::content_template()` for the primary panel in the customizer (and I could have different primary panels for each view). However, if this abstraction is hairy, a filter for the title and description would suffice. If no description was present, the `?` wouldn't appear. If no title were present, the informational section wouldn't appear." danielbachhuber 13 35186 "Put the Customizer ""back"" button next to the ""Close"" button" Customize 4.4 normal normal Future Release enhancement new 2015-12-21T15:44:55Z 2020-11-22T16:27:21Z "Seems like a pretty small thing. The ""Back"" button that takes you to the top of the Customizer menu scrolls out of view but the ""Close"" button does not. If we put the Back button next to the Close button, it would be slightly less confusing." DragonFlyEye 45 36447 Responsive preview icons in Customizer need tooltips iamjolly dev-feedback Customize 4.6 normal normal Future Release enhancement assigned 2016-04-08T02:44:59Z 2021-11-09T15:43:27Z "The new icons at the bottom of the Customizer for toggling the preview window of your site really need tooltips to indicate what they're for. Just like the tooltips on the Visual Editor icons, other icons in the Dashboard should have tooltips as well. As leading usability expert Jakob Nielsen explains; >A user’s understanding of an icon is based on previous experience. Due to the absence of a standard usage for most icons, text labels are necessary to communicate the meaning and reduce ambiguity. https://www.nngroup.com/articles/icon-usability/ Even the Google Design Guidelines recommend tooltips for icons https://www.google.com/design/spec/components/tooltips.html# I originally raised this as a post on the [https://wordpress.org/support/topic/responsive-preview-icons-in-customizer-need-tooltips Beta forum] but it was suggested that since it's getting late in the 4.5 release cycle it would be best to raise it as a Trac ticket." ahortin 14 43464 Search Options in Customizer Customize normal normal Future Release enhancement new 2018-03-04T07:05:30Z 2021-05-30T17:34:24Z "If a theme has more than few settings, finding the setting gets frustrating at times. A search functionality in the customizer will be helpful. Here is a plugin that we have developed as a POC: https://wordpress.org/plugins/customizer-search/ But I believe, it will benefit if it is added in the core. " brainstormforce 2 29288 Settings updated within the Customizer Preview are not synced up to main app Panel Customize 3.4 lowest normal Future Release enhancement new 2014-08-20T20:05:43Z 2021-05-22T19:32:28Z "The Customizer has two copies of models for the registered settings: one set in in the Customizer panel parent frame, and changes to these result in the settings getting copied over to the preview either via postMessage or via a refreshing the preview entirely. Updating a setting model from within preview directly, however, does not propagate up to the model. There is currently a one-way-sync from the panel to the preview. As a workaround, the preview can send messages to the panel for which handlers can apply the updates to the settings, but it would be good if this was automatic. By implementing a bi-directional syncing of settings between the panel and preview, there would be lots of opportunities for inline front-end editor controls to more easily be added into the preview directly. See also https://twitter.com/bradyvercher/status/502163462990995456" westonruter 8 48115 Sidebar starter content issue with Twenty Twenty dev-feedback Customize 4.7 normal normal Awaiting Review enhancement new 2019-09-24T00:15:38Z 2021-06-01T00:50:40Z "Hello, While testing the beta I found the sidebar contents functioned a little odd. On initial install the sidebars showing on the front-end match what was in Appearance > Widgets which is; Footer #1 (Search, Recent Posts, Recent Comments) and in Footer #2 (Archives, Categories, Meta) But navigating the Appearance > Customizer > Widgets showed the defaults as Footer #1 (About this site) and Footer #2 (Find Us) and once I published the Customizer I found the front-end showed these two and then now the Appearance > Widgets also showing these. So it seems the default widget content from TwentyTwenty only loads into Customizer as a default and isn't the actual defaults found on install in Appearance > Widgets. Thanks" garrett-eclipse 4 32861 Site Icon: Provide display for all existing site-icon cropped images Customize 4.3 normal normal Future Release enhancement reopened 2015-07-01T21:14:10Z 2019-06-04T19:30:23Z "Example: I had a picture and tried to set it up as site icon. I cropped this image and now I have `cropped-image.png` variant of this image 512 x 512 px. Then I tried other images and in the end I wanted to go with the first one. But when I selected this cropped image, I had to crop it once again even if right dimensions. So, now there is another `cropped-cropped-image.png` image in media library and it does not make sense... Also images for site icons should be somehow marked (as for header images in Customizer). How can I find my cropped images for site icon in media library when trying to set up site icon?" pavelevap 10 55766 Site icon checkbox to use the site logo Customize normal normal Awaiting Review enhancement new 2022-05-18T09:16:08Z 2022-05-18T16:59:50Z ​Logo and site icon are mostly the same. ​I suggest a checkbox near the site icon selection panel to indicate that the logo can be used. Most users use the logo as site icon. martiniwebb 30277 Split up Customizer JS into separate files and remove self-booting jQuery.ready call Customize 3.4 normal normal Future Release enhancement new 2014-11-06T20:11:45Z 2018-06-13T16:28:06Z "The `customize-controls.js` file is huge and is named incorrectly now with #28709 and the fleshed-out models for Panels and Sections. The file should be broken up into `customize-sections.js`, `customize-panels.js`, and `customize-utils.js`. The last of which should include the private function exposed as public methods off of `wp.customize.utils`. This may also include the `wp.customize.init()` mentioned in #29071. We need to stop booting the Customizer inside of these JS libraries with a direct `jQuery.ready` call, and instead let the including page invoke that. This is critical for code reusability and for unit testing. For instance, the `customize.php` page could do in the footer: {{{#!php <script> jQuery(function () { wp.customize.init( _wpCustomizeSettings ); }); </script> }}} For `wp.customize.utils`, see existing patch at: https://github.com/xwp/wordpress-develop/pull/47" westonruter 18 45737 Starter Content: Add support for terms and taxonomies Customize 4.9 normal normal Future Release enhancement new 2018-12-21T21:52:56Z 2019-12-14T01:53:55Z "Starter content has been a great tool not only for themes to showcase what they can do, but for some interesting work around custom onboarding flows that reduce the difficulties of getting started for various groups of new users. As work around these things matures though, it's starting to push against the boundaries of what starter content currently supports. I'd like to see support added for terms. They could work similar to how nav menus, featured images, etc work, allowing terms to be added and a symbol referencing them to be added to the post. {{{#!php <?php [ 'posts' => [ 'blog-post' => [ 'post_type' => 'post', 'post_title' => 'Blog post', 'post_content' => 'Lorem ipsum', 'term_ids' => [ '{{foo-category}}' ], ], ], 'terms' => [ 'foo-category' => [ 'name' => 'Foo', 'slug' => 'foo', 'taxonomy' => 'category', ], ], ] }}} " aaroncampbell 3 34233 There is not a body class filter within the customizer. Customize 3.4 normal normal Future Release enhancement new 2015-10-09T16:23:40Z 2019-12-11T06:58:49Z "I'm hoping for a way to filter the body classes for the customizer panel. https://core.trac.wordpress.org/browser/trunk/src/wp-admin/customize.php#L112 My particular use: I happen to have some custom controls on my widgets. I'd like to style them differently for superadmins versus other users. The rest of my application handles this as a body class, and does so in pure php via filtering. I know that's a pretty specific use, but I do find it surprising that there's not a filter here, given how useful it is in wp-admin and the front end. If it were to mimic admin body classes, where the classes are a new string, it would look something like {{{ $customizer_body_classes = apply_filters( 'customizer_body_classes', '' ); ?> <body class=""<?php echo esc_attr( $body_class ); ?> <?php echo $customizer_body_classes; ?>""> }}} I happen to prefer the front-end treatment, where existing classes are passed in as an array. In that case it would look more like {{{ $classes = array_map( 'sanitize_html_class', $classes ); $classes = apply_filters( 'customizer_body_classes', $classes ); array_unique( $classes ); $classes_str = implode( ' ', $classes ); <body class=""<?php echo esc_attr( $classes_str ); ?> ""> }}} I see some objections to a similar ticket here: #32623 But my request is slightly different because I'm not advocating that we re-use the admin_body_class fliter. Rather, I'm suggesting a new filter just for the customizer body class. This is my first ticket! I would be happy to attempt to make it my first patch as well if there is traction for this enhancement." scofennell@… 6 29948 Use contextual controls (active_callback) API for conditionally-displayed core contextual controls Customize 4.0 lowest normal Future Release enhancement new 2014-10-13T18:18:28Z 2017-02-20T18:33:50Z See `wp-admin/js/customize-controls.js`, near the bottom. Rather than doing some unstructured JS to show/hide controls based on the values of other settings, this should use custom callbacks for the active_callback argument when adding the control (in php). celloexpressions 9 40922 Use finer-grained capabilities with `customize_changeset` post type needs-unit-tests Customize 4.7 normal normal Future Release enhancement new 2017-06-05T04:44:01Z 2020-05-16T17:41:59Z "The `customize_changeset` post type is currently registered with all of its post type capabilities set to `customize`. As part of adding changeset endpoints in the REST API (#38900): > fine-grained capabilities should be introduced for the `customize_changeset` post `caps`, instead of mapping all to `customize`. @westonruter has compiled links to previous discussions and efforts around changeset capabilities here: https://github.com/WP-API/wp-api-customize-endpoints/pull/5#discussion_r118804994. An example of unexpected behavior caused by the current mapping is where a post ID is passed to `current_user_can()`, such as {{{ current_user_can( get_post_type_object( 'customize_changeset' )->cap->edit_post, $changeset_post_id ) }}} This is equivalent to `current_user_can( 'customize' )`, which means the post ID is ignored because `map_meta_cap()` doesn't check the `$args` when mapping the `'customize'` meta cap." dlh 30 39614 Video header: Support free formats like .webm/vp8 and .ogv/theora Customize 4.7.1 normal normal Awaiting Review enhancement new 2017-01-17T16:15:52Z 2017-03-13T00:51:54Z It seems like the theme do not support free formats like webm or ogv. This concerns me as the web should use open standards and not closed ones. Content wise, WordPress supports the use of both mp4 and webm to provide broader support of browsers and it seems like the same practice should be applied here. As I'm not a great programmer I will just create this ticket as a suggestion. fnadde42 3 38797 api.previewer.refresh() could return a deferred.promise() with custom server data has-patch Customize normal normal Future Release enhancement new 2016-11-15T09:49:46Z 2021-05-24T00:02:52Z "Following a discussion (https://core.trac.wordpress.org/ticket/38728#comment:8) with @westonruter, I'd like to propose an enhancement for the `api.previewer.refresh(`) method. There might be cases when a developer needs to fire a previewer refresh after a specific customizer change, and execute other actions when this refresh has been done. From a general standpoint, I think that the asynchronous nature of the refresh makes it a good candidate for returning a deferred promise. An example of use case could be that a developer has several predefined settings configuration available for a given theme. Each time a configuration is switched to, the settings have to be changed to a set of predefined values set in the api. Those predefined values are stored server side in say a custom post type ( like the changeset for ex. ). A way to do that would be to fire an `api.previewer.refresh()` when switching to a given predefined configuration, that would be followed on `api.previewer.refresh().done( ... )` by an update of the api values, if some conditions are met. With the current api, we can add callbacks to the `'synced'` previewer event, but it will be fired on all `api.previewer.refresh()` calls, with no possibility to target a specific refresh situation that should be followed by a custom action. This problem could be solved by making the refresh return a deferred promise. This $.Deferred() would be resolve() in the `onceSynced()` callback function (of the current refreh method), taking a `sent_preview_data` object as param. While this deferred would be implemented in the `api.previewer.refresh(`) method of customize-control.js, another minor addition in customize-preview.js could allow developers to easily pass custom server data on refresh to the panel this way, and then use those data once the refresh is done. This way, it would be possible to use the following kind of syntax to fire an action on demand after a specific refresh(). {{{ api.previewer.refresh().done( function( sent_preview_data ) { // fire actions after a specific refresh, when the preview is ready and synced // the sent_preview_data, could be an object sent when the api.preview.send( 'synced', preview_data() ), // providing customizable server informations that we may need after a refresh. } ); }}} On the preview side, in order to pass a server data object to the resolve refresh, the idea would be to introduce a `new api.Value()` that could be populated before the synced event occurence. The current code in [customize-preview.js]https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/customize-preview.js#L679 : {{{ api.preview.send( 'synced'); }}} could be replaced by : {{{ api.server_data = api.server_data || new api.Value( {} ); api.trigger('before_synced', api.server_data() );//<= developers can alter the api.server_data() here, before it gets sent api.preview.send( 'synced', api.server_data() ); }}} This way, a developer could pass custom data to the panel when `api.previewer.refresh().done()`, using the `synced` event, with this type of code : {{{ <?php add_action('wp_footer', function() { if ( ! is_customize_preview() ) return; ?> <script type=""text/javascript""> jQuery( function( $ ) { wp.customize.bind( 'before_synced', function( value ) { //the developer sets the server_data here, before it is sent to the preview wp.customize.server_data( { custom_data : <?php echo get_custom_data(); ?> } ); } ); } ); </script> <?php }); }}}" nikeo 4 47818 $wpdb should update ->insert_id also when `LAST_INSERT_ID(...)` is found Database normal normal Awaiting Review enhancement new 2019-08-02T06:44:28Z 2019-08-02T06:44:28Z "It is possible to set the insert id pointer manually by in including `LAST_INSERT_ID(column)` anywhere in the statement. `$wpdb` however does not update it's internal `insert_id`, it does this only when the statement is 'insert' or 'replace'. This makes it harder to get the ID of an updated row. https://stackoverflow.com/a/46335863" cpiber 31624 $wpdb->prepare() named placeholders needs-unit-tests Database 4.2 normal normal enhancement new 2015-03-13T08:36:52Z 2023-06-22T07:55:03Z "I think it would be handy to add named placeholders to $wpdb->prepare(). The functionality exists in most modern frameworks and cuts out the need for having to worry about the order of variables, (or repetition) in the current vsprint like syntax. What I'm proposing is that the second parameter of prepare() can optionally be an associative array where the $key is the named placeholder and the $value is the value associated with it. This wont affect any existing functionality of prepare() and is fully backwards compatible. If no associative array is passed it will continue to work as always. Patch with the described functionality is attached for testing." ozthegreat 3 55202 A proper (error) message should be show when mysql setting autocommit=0 Database 5.9 normal normal Awaiting Review enhancement new 2022-02-19T16:35:11Z 2022-02-19T20:03:07Z "A proper (error) message should be show when mysql setting autocommit=0 Somewhere is the text: [https://make.wordpress.org/core/handbook/contribute/design-decisions/#some-esoteric-mysql-settings-are-not-supported Some esoteric MySQL settings are not supported] But why not add a simple error message? (Just because it takes tooo long to find out why the installer will not work without this message). " Luuk34 41944 Add %u support to wpdb->prepare Database 4.8.2 normal normal Awaiting Review enhancement new 2017-09-21T13:30:31Z 2017-09-21T15:30:20Z "MySQL unsigned int: 4bn [[BR]] PHP %d signed int: 2bn[[BR]] [[BR]] Maybe the standard should be %u not %d or at the very least support both while internally using %u for all key lookups?[[BR]] [[BR]] Especially since much of the WP Core specifically sets ID fields as bigint unsigned not null auto_increment.[[BR]] [[BR]] If a site never has more than 2bn records, and MOST will NEVER get that big, it is a non-issue but shouldn't the standard be consistent between the DB engine and the language processor (PHP)?" charlestonsw 7 35109 Add Online DDL support to dbDelta needs-unit-tests Database normal normal enhancement new 2015-12-15T22:24:20Z 2019-06-04T19:33:19Z "Since MySQL 5.1, a bunch of table level operations can be done in an asynchronous manner. We can add support for this by adding `ALGORITHM=INPLACE` to the `ALTER TABLE` query, but the fun part is that this algorithm isn't supported for all types of operations. So, we have a couple of options: * Keep an array of what operations can be done online in each MySQL and MariaDB version, which will need to be updated for each new version of MySQL. * Try all `ALTER` queries with the algorithm flag, then catch any SQL errors and fall back to the old style if needed. This will need careful testing with old versions of MySQL, particularly. https://dev.mysql.com/doc/refman/5.7/en/innodb-create-index-overview.html" pento 3 15499 Add an index for get_lastpostmodified query OllieJones dev-feedback Database 3.0.1 normal normal Future Release enhancement reviewing 2010-11-19T18:20:31Z 2023-09-27T15:38:07Z "I had a friend (Jools Wills) look over a WordPress site recently, to get a fresh view on what might be optimised, and he noticed a query which might benefit from an additional index on `WP_Posts`. The query `SELECT post_modified_gmt FROM $wpdb->posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1` in `get_lastpostmodified` is run for last modified date in GMT, and currently doesn't use an index. This SQL is run whenever certain types of feed are requested as far as I can see. We added `CREATE INDEX type_status_modified ON wp_posts (post_type, post_status, post_modified_gmt);` and `CREATE INDEX type_status_modified_no_id ON wp_posts (post_type, post_status, post_date_gmt);` and the query runs a lot faster now. The following timings were taken running the first query (`post_modified_gmt`) on a 36,362 row posts table. Note that it doesn't use filesort after the index has been added. ''Before:'' {{{ mysql> EXPLAIN SELECT post_modified_gmt FROM slgr_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1; +----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+ | 1 | SIMPLE | slgr_posts | ref | type_status_date | type_status_date | 124 | const,const | 24718 | Using where; Using filesort | +----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+ 1 row in set (0.03 sec) }}} * 0.21290683746338ms * 0.25690102577209ms * 0.230553150177ms * 0.2274341583252ms * 0.23083996772766ms ''After:'' {{{ mysql> EXPLAIN SELECT post_modified_gmt FROM slgr_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1; +----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+ | 1 | SIMPLE | slgr_posts | ref | type_status_date,type_status_modified | type_status_modified | 124 | const,const | 24718 | Using where | +----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+ 1 row in set (0.00 sec) }}} * 0.00082707405090332ms * 0.00072288513183594ms * 0.00074386596679688ms * 0.00066494941711426ms * 0.00066208839416504ms In `get_lastpostmodified` both these queries are run, so the total savings in my case on a quiet server are nearly 0.5 seconds... worth having, I reckon. I've not created a patch for schema changes before, but I think the only place the change would need to go would be `scheme.php`? Suggested patch attached." simonwheatley 50 18315 Add an index to the GUID column in the posts table dev-feedback Database 3.2.1 normal normal enhancement reopened 2011-08-02T04:31:01Z 2019-06-04T19:22:38Z "Running queries on the GUID column in the posts table is slow because the column is not indexed. The attached patch adds an index. Note, this affects ticket #18286 - I will update that ticket with appropriate patches to reflect this request." alexkingorg 11 60254 Add filter to class-wpdb.php#query that allows to return data from filter return value Database trunk normal normal Awaiting Review enhancement new 2024-01-15T07:35:21Z 2024-01-15T07:35:21Z "Similar to #2721, but allows not only changing the SQL query, but also the return value. In our case, we want to cache some SQL queries from third-party plugins that refuse to implement an object cache. Here is an example of a plugin which runs a SQL query multiple times without using a cache mechanism: [[Image(https://i.imgur.com/qAF0eI5.png)]] I have prepared a suggestion for this, but I do not know if this covers all cases from `$wpdb` usage or needs some adjustments: https://gist.github.com/matzeeable/4473915b225aa1550d5da5b9b0b19b16/revisions" mguenter 46210 Add helpers for default/empty datetime value has-patch Database normal normal Awaiting Review enhancement new 2019-02-07T22:37:30Z 2023-02-24T20:17:08Z "Typing `0000-00-00 00:00:00` is error prone, and tedious. There are a few dozen usages of it sprinkled through-out WordPress. Hundreds of plugins also. I offer up the idea of 2 helper functions: * `__return_empty_datetime()` that simply returns `0000-00-00 00:00:00` * `is_empty_datetime( $datetime = '' )` to check if a variable is `empty()` or `0000-00-00 00:00:00`" johnjamesjacoby 5 54642 Add prepared query builder support for `$wpdb` to build prepared queries across multiple location. has-patch Database normal normal Future Release enhancement new 2021-12-17T09:07:50Z 2022-09-19T20:29:29Z "This requests scopes adding a query builder like API to WordPress, so that queries can be built across multiple functions, without needing to disable any PHPCS sniffs. Currently, if the query is not completely being built nearby, developers will eventually have to disable phpcs sniff, since they would need to combine or interpolate queries. Some examples of this are present in WP core as well, such as in the [https://github.com/WordPress/wordpress-develop/blob/954e9c153fe9d1b4f74d76bab9dd5175fd36cebc/src/wp-includes/class-wp-meta-query.php#L668 meta query], [https://github.com/WordPress/wordpress-develop/blob/954e9c153fe9d1b4f74d76bab9dd5175fd36cebc/src/wp-includes/taxonomy.php#L1585 taxonomy] etc. Although WP does a great job generally to avoid disabling phpcs, in the general plugin ecosystem, these examples are more prevalent. Note that most of the examples of disabling phpcs can be refactored to not needing to disable. However, as far as I can tell, building a query this way (across multiple functions/places) is not considered a bad practice, if this assumption is correct then we should support doing it better. This eventual disabling of PHPCS is risky and removes a major and effective protective layer. == Solution The solution for WordPress would be to provide an API where developers can build a prepared query in steps, and join them before executing in a safe manner. I looked at query builders for various ORMs such as Doctrine (Symphony), ActiveRecord (Rails), Laravel etc. While such extensive APIs would likely be overkill for WordPress, one possible solution is this hopefully simpler API that I am proposing in [https://github.com/WordPress/wordpress-develop/pull/2062 this PR 2062]. This PR adds a new class called `WP_DB_Partial_Query` which implements `__toString()` magic method so that it can be interpolated in sprintf calls. The objects of this class will represent a partial query and a new method `$wpdb->prepare_partial()` which will create and return these objects. This `$wpdb->prepare_partial()` method internally calls `$wpdb->prepare()` and takes exactly the same arguments. This PR also introduces a new placeholder `%q` (although this isn't necessary and `%s` can be used as well) which can be used to pass these prepared partial queries. I have added some examples to use the API in [https://github.com/vedanshujain/wordpress-develop/pull/1 this PR on my fork]. Note that this is only a PoC and implementation is not complete. Specifically, along with tests, a major component missing is to match against `%q` placeholders and quote the args if they are not objects of the `WP_DB_Partial_Query` class. I can polish the PoC more to get in an acceptable state if this is a direction that WordPress is interested to explore at all and there are no obvious problems with the general approach that I have missed. " vedjain 6 59106 Add secondary index on `wp_posts` table to improve media queries performance Database 6.4 normal normal Awaiting Review enhancement new 2023-08-15T11:49:34Z 2023-08-15T11:50:28Z "I've been recently been involved in migrating a large site database to MySQL 8.0. Upon testing the site, we've noticed that the MySQL 8 queries related to the Media library seem to take much longer than on MariaDB. Debugging the issue, it seems that MySQL 8, due to its Cost optimiser https://dev.mysql.com/doc/refman/8.0/en/cost-model.html, seems to prefer to drop the type_status_date index and to a full table scan to retrieve the results. Doing a FORCE INDEX(type_status_date) on the media query, like {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts FORCE INDEX(type_status_date) WHERE 1=1 AND wp_posts.post_type = 'attachment' AND ((wp_posts.post_status = 'inherit' OR wp_posts.post_status = 'private')) ORDER BY wp_posts.post_date DESC LIMIT 0, 20 }}} seems to improve the response time. However, a second alternative seems also to show better results, specifically targeting only the post_type, post_date and ID, something like {{{ create index idx_type_date on wp_posts(post_type, post_date, ID); }}} Running the explain analyze on the queries with each index, we seem to get a better cost number when the new index is used, 142 vs 744, which would indicate a better performance at the MySQL level, this being confirmed in our tests on a large database {{{ EXPLAIN ANALYZE SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts FORCE INDEX(type_status_date) WHERE 1=1 AND wp_posts.post_type = 'attachment' AND ((wp_posts.post_status = 'inherit' OR wp_posts.post_status = 'private')) ORDER BY wp_posts.post_date DESC LIMIT 0, 20 -> Limit: 20 row(s) (no early end due to SQL_CALC_FOUND_ROWS) (cost=744 rows=20) (actual time=12..13.1 rows=20 loops=1) -> Sort: wp_posts.post_date DESC (cost=744 rows=3620) (actual time=12..12.8 rows=7407 loops=1) -> Filter: ((wp_posts.post_type = 'attachment') and ((wp_posts.post_status = 'inherit') or (wp_posts.post_status = 'private'))) (cost=744 rows=3620) (actual time=0.0505..8.37 rows=7407 loops=1) -> Index range scan on wp_posts using type_status_date over (post_type = 'attachment' AND post_status = 'inherit') OR (post_type = 'attachment' AND post_status = 'private') (cost=744 rows=3620) (actual time=0.0459..5.63 rows=7407 loops=1) }}} {{{ EXPLAIN ANALYZE SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts FORCE INDEX(idx_type_date) WHERE 1=1 AND wp_posts.post_type = 'attachment' AND ((wp_posts.post_status = 'inherit' OR wp_posts.post_status = 'private')) ORDER BY wp_posts.post_date DESC LIMIT 0, 20 -> Limit: 20 row(s) (no early end due to SQL_CALC_FOUND_ROWS) (cost=142 rows=20) (actual time=0.214..15.3 rows=20 loops=1) -> Filter: ((wp_posts.post_status = 'inherit') or (wp_posts.post_status = 'private')) (cost=142 rows=688) (actual time=0.211..15 rows=7407 loops=1) -> Index lookup on wp_posts using idx_type_date (post_type='attachment') (reverse) (cost=142 rows=3619) (actual time=0.207..13.4 rows=7407 loops=1) }}} To replicate this, we've installed latest WordPress version and MySQL 8, and create the following post_status count structure: {{{ mysql> select post_status, count(*) from wp_posts group by post_status; +-------------+----------+ | post_status | count(*) | +-------------+----------+ | inherit | 7407 | | draft | 1 | | publish | 23 | | auto-draft | 1 | +-------------+----------+ 4 rows in set (0.01 sec) }}} Can this be considered as a core improvement to the wp_posts table that would directly benefit the Media related queries? Basically, if MySQL 8 decides that the new index is faster, specially for Media search queries, it will simply pick that on up as opposed to using the original index or dropping it fully if it considers its much more efficient to do a full table scan. From our database, a search query for term `test` shows an improvement of 0.5 seconds of this basic search media query: {{{ MySQL []> SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts FORCE INDEX(type_status_date) WHERE 1=1 AND wp_posts.post_type = 'attachment' AND ((wp_posts.post_status = 'inherit' OR wp_posts.post_status = 'private')) and post_title like ""%test%"" ORDER BY wp_posts.post_date DESC LIMIT 0, 1; +---------+ | ID | +---------+ | xxxxxxx | +---------+ 1 row in set, 1 warning (3.867 sec) MySQL []> SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts FORCE INDEX(idx_type_date) WHERE 1=1 AND wp_posts.post_type = 'attachment' AND ((wp_posts.post_status = 'inherit' OR wppp_posts.post_status = 'private')) and post_title like ""%test%"" ORDER BY wp_posts.post_date DESC LIMIT 0, 1; +---------+ | ID | +---------+ | xxxxxxx | +---------+ 1 row in set, 1 warning (3.244 sec) }}} Thanks for considering this." ovidiul 59269 Add support for adding metadata in bulk has-patch Database normal normal Awaiting Review enhancement new 2023-09-01T22:39:01Z 2023-09-01T23:43:31Z "Related: #34848 This ticket aims to introduce functions for bulk inserting metadata in a manner that's more performant than calling the `add_*_meta()` functions multiple times per object. This is particularly beneficial during large imports or data generation where `add_*_meta()` is called many times for a large number of users, posts, comments, or terms. This can be achieved by inserting all the metadata for the object in one INSERT query and only deleting the object's meta cache once. The existing filters and actions that are triggered when calling the `add_*_meta()` functions individually should still all be fired as expected, once for each meta key. The performance benefit should grow as the number of rows to insert increases, because both the number of database queries and the number of cache deletions for the object should remain constant (`O(1)`) rather than increasing correspondingly to the number of rows (`O(n)`). That said, there does appear to be a sweet spot after which the performance of one large INSERT query starts to degrade, although according to the PHPBench tests I've added it still remains overall more performant than multiple queries. Some more testing is needed across different payload sizes and database versions." johnbillion 3 38036 Add support for the utf8mb4_0900_ai_ci collation Database normal normal Future Release enhancement new 2016-09-13T10:11:38Z 2023-04-05T10:24:05Z "MySQL 8.0 adds the `utf8mb4_0900_ai_ci` collation, based on the current Unicode Collation algorithm. We should use it when possible. Note that the version check will need to be a little more complex than the `utf8mb4_520` check - MariaDB 10.x doesn't support `utf8mb4_0900_ai_ci`. " pento 5 54627 Adding More Timestamp columns to database Database normal normal Awaiting Review enhancement new 2021-12-14T23:54:04Z 2021-12-14T23:54:04Z "I would love to see 'created_at' and 'updated_at' as new columns to some of the default tables such as users, users_meta, etc. Mysql can autofill these columns automatically, and it is very useful information to know when rows are added or updated. I could also see 'created_by' and 'updated_by' as possible columns as well, so it is possible to know when the table row was created or updated by a particular User ID." bhubbard 45354 Adding index for meta_key and post_id in postmeta dev-feedback Database normal normal Awaiting Review enhancement new 2018-11-14T21:43:31Z 2023-12-19T22:49:54Z "We should add an index on post_id and meta_key as queries that contain these columns are incredibly common (even in loop in core on every page load basically). An index will improve query speed up to 100% even when only 1000 posts are in db. Test it yourself: {{{ ALTER TABLE `wp_postmeta` ADD INDEX `wp_postmeta_key_id` (`meta_key`,`post_id`); }}} " DuckDagobert 11 31759 Allow to set $allow_bail when creating new wpdb object to handle connection error silently Database 4.1.1 normal normal enhancement new 2015-03-25T08:49:23Z 2019-06-04T19:28:21Z Class wpdb doesn't allow to set $allow_bail when creating new wpdb object. So there will be always error 500 on connection error. It would be great to have possibility to set $allow_bail at wpdb object creation (by constructor arguments perhaps). szaqal21 52527 Better RAM handling in wp-db.php Database 5.6.1 normal normal Awaiting Review enhancement new 2021-02-15T11:26:08Z 2021-02-15T11:26:08Z "Hello! I have to start by apologizing if I am in the wrong place, or if I am structuring this ticket badly. I don't have much experience here inside trac. I stumbled upon a fatal error when trying to load the WooCommerce status page. The system runs out of memory on line 2022 in wp-db.php. While the actual bug most certainly lies elsewhere, I got some hints from my host that the solution on line 2022 is not the best. I have no clue about this, but I thought I at least could submit a ticket and let the community decide! To paraphrase a translation, they say: wp-includes/wp-db.php line 2022 is a bad solution because of a database call that loads all results into RAM instead of iterating them one by one. But independent of this the error seems to be caused by a very large SQL-query that returns way too much data. Probably a bug somewhere. This is not a ticket to handle the bug that returns way too much data, but it's a ticket to flag the possible issue of bad RAM handling in wp-db.php. " Dekadinious 38760 Capture result size in bytes when SAVEQUERIES is true Database normal normal Future Release enhancement new 2016-11-11T19:49:44Z 2017-10-03T10:06:01Z Inside of `WP_DB::_do_query()`, it would be neat if `$this->result` was measured as size in bytes, so debugging tools had a better sense of how much data was running over the network. danielbachhuber 1 55115 Change deprecated wpdb::escape() method close Database normal normal Awaiting Review enhancement new 2022-02-08T15:47:19Z 2022-02-12T15:46:30Z "the function wpdb::escape( string|array $data ) is depreciate as per documentation [https://developer.wordpress.org/reference/classes/wpdb/escape/], but it's still using depreciated function such as wpdb::_weak_escape and itself. I think we shouldn't use depreciated functions since charity begins at home." azouamauriac 3 58344 Connect to database on first query has-patch Database normal normal Future Release enhancement new 2023-05-17T13:55:48Z 2023-09-14T03:37:54Z "Currently there is the database connection is made in `__construct` method by calling `db_connect` method. However with sites with persistent object caching enabled, this connection to the database may not be needed. It is common now for requests to have no database queries at all if persistent object caching is setup. Moving the `db_connect` call to the `query` method like this. {{{#!php public function query( $query ) { if ( ! $this->has_connected ) { $this->db_connect(); } if ( ! $this->ready ) { $this->check_current_query = true; return false; } }}} " spacedmonkey 7 56259 Database Repair doesn't check for missing primary keys / A.I. Database normal minor Awaiting Review enhancement new 2022-07-20T15:55:41Z 2023-03-09T10:44:21Z "Hi amazing WP community, This is the second time I've come across this issue in the wild. The built-in DB repair functionality (repair.php) doesn't attempt to verify or repair missing primary key / autoincrement attributes of the core wp_posts table (and possibly other important core tables). This affects fringe/edge cases where this core table has been corrupted due to third-party plugins or other user misfortune. We just need add some SQL to check for this health database attribute, such as: {{{ SELECT COLUMN_NAME FROM information_schema.KEY_COLUMN_USAGE WHERE TABLE_NAME = 'wp_posts' AND CONSTRAINT_NAME = 'PRIMARY'; }}} {{{ SELECT COLUMN_NAME FROM information_schema.KEY_COLUMN_USAGE WHERE TABLE_NAME = 'wp_options' AND CONSTRAINT_NAME = 'PRIMARY'; }}} (Adapted from source: https://stackoverflow.com/a/52288527/8800423) These should each return 1 result each. As part of 'repair', we could have auto-fix SQL to re-enable the auto-increment / primary key. There is obviously sometimes a 'market' for that fix: https://webshop.mijnpress.nl/shop/plugins/wpdb-wp-core-database-sql-index-primary-keys-fix-script/ (commercial; no association) There are quite a few edge/fringe cases recorded that this could help: • https://wordpress.stackexchange.com/questions/353713/wordpress-database-problem-wp-posts-primary-key • https://wordpress.stackexchange.com/questions/237076/resetting-auto-increment-primary-key • https://www.alexgeorgiou.gr/repair-auto_increment-primary-key-wordpress-mysql/ • https://wordpress.stackexchange.com/questions/329162/is-it-possible-to-fix-repair-all-index-primary-key-unique-and-all-other-stru • https://wordpress.stackexchange.com/questions/225641/wordpress-database-lost-auto-increment Additionally, in a sense this is a core functionality break if these database attributes are not present because posts will fail to create in the DB. Perhaps the detection and fix shouldn't be on advanced user’s manual use of repair.php. In which case, running a regular check with mosts WP requests would be non-performant. So perhaps this could be included as a CRON'd/infrequent health check within the WP Site Health scope? N.B. The popular non-core ""WP-DBManager"" plugin does not (at latest version 2.80.8) check for (let alone repair) this issue either." harryfear 2 45697 Database: Upgrading field collations Database normal normal Future Release enhancement new 2018-12-19T02:54:27Z 2022-08-22T15:43:24Z "[37523] added support for the `utf8mb4_unicode_520_ci ` collation, and #38036 exists to look at adding support for the `utf8mb4_0900_ai_ci` collation. With these variations, it's possible for a WordPress site to be installed, then MySQL is upgraded sometime later. Subsequent table changes (for example, a plugin creating a new table) would use the newer collation, while the original tables would use the older collation. This will cause `JOIN` queries between fields of different collations to fail." pento 6 28625 Enhancement: Add constants to support SSL connections for mysqli needs-unit-tests Database 4.0 normal normal Future Release enhancement assigned 2014-06-24T22:39:12Z 2023-06-24T12:22:46Z "In order to support SSL'ed MySQL connections with the `mysqli_*` functions introduced in WordPress 3.9 / PHP 5.5 `mysqli_ssl_set()` must be called to set the path to the SSL certs and keys to be used by the MySQL client before `mysqli_real_connect()` is called. We should add the following optional constants to allow for users to configure secure connections to the database. * `MYSQL_SSL_KEY` * `MYSQL_SSL_CERT` * `MYSQL_SSL_CA` * `MYSQL_SSL_CA_PATH` * `MYSQL_SSL_CIPHER` In addition this should only be set if the feature flag `MYSQLI_CLIENT_SSL` is set for the existing `MYSQL_CLIENT_FLAGS` constant." hypertextranch 18 41956 Errno in $wpdb has-patch Database normal normal Awaiting Review enhancement new 2017-09-22T13:30:45Z 2018-08-17T12:09:42Z "Since I use referential integrity in my plugin, there will be situation that the referential integrity will be violated. But, unfortunately there is not a proper way to identify the reason of the violation in $wpdb->last_error. It is only text, and could differ in diffenrent languages I assume. Since Mysqli contains also the errno, would it be possible to also present the errno as part of the result. In that case I could check the errorno to be 1451 for referential integrity violation. In my opinion a usefull enhancement of the WPDB class. If any help needed, just contact me" LeonN1960 15 54042 Extending wpdb::prepare() to support IN() operator dev-feedback Database normal normal Future Release enhancement new 2021-08-31T14:23:26Z 2023-09-17T10:53:12Z "wpdb::prepare() helps avoid SQL Injection vulnerabilities, by escaping most variables correctly. WP 6.1 added support for Identifiers (table/field names) with `%i`, in #52506. But it's also fairly common to make a mistake to include values with the `IN()` operator, for example: {{{#!php <?php $where = 'WHERE id IN (' . implode( ',', $ids ) . ')'; // INSECURE? }}} Developers need to be sure `$ids` has come from a trusted source, or use something like `wp_parse_id_list()` or `array_map('intval', $ids)`. ---- Maybe support could be added with: {{{#!php <?php $wpdb->prepare('WHERE id IN (%...d)', $ids); }}} Where `%...d` or `%...s` would safely (and easily) include a comma separated array of integers or strings - taking the idea of using '...' for variadics in PHP. https://wiki.php.net/rfc/variadics https://www.php.net/manual/en/functions.arguments.php#functions.variable-arg-list https://dev.mysql.com/doc/refman/8.0/en/comparison-operators.html#operator_in" craigfrancis 46 51769 Full-text search support dev-feedback Database normal normal Awaiting Review enhancement new 2020-11-13T12:18:27Z 2022-08-16T12:16:23Z "Let's talk about first-class fulltext search support in WP core. Is there any reason not to support FULLTEXT search in WordPress core for newer MySQL versions with the current search mechanism serving as a fallback for older MySQL versions? MySQL supports FULLTEXT indexes for MyISAM tables since version 3.23.23 and for InnoDB tables since 5.6. As @TimothyBlynJacobs noted, WordPress supports versions back to MySQL 5.0: https://github.com/WordPress/wordpress-develop/blob/master/src/wp-includes/version.php src/wp-includes/version.php As @desrosj noted: * The recommended versions are MySQL >= 5.6/MariaDB >= 10.1 as per https://wordpress.org/download/. * According to the WordPress stats page, a considerable amount of sites use MySQL 5.5 (35%), and some still use 5.1/5,0. Raising support to >= 5.6 is not really an option. The last discussion about that feature I found was from 10 years ago so maybe it's good time to re-evaluate: https://core.trac.wordpress.org/ticket/14722 " zieladam 12 39748 Function to insert or update DB value Database normal normal Awaiting Review enhancement new 2017-01-31T10:00:01Z 2017-10-29T17:06:57Z "Hello. I have been searching for long and couldnt found a good solution to the simple problem: lets say,in my plugin, I create a new table. Then I want to have a function, that updates a row in table, which's column (named EventId) equals i.e. 734 (if such row not exists, then create it). for that, I use my custom-created function: {{{#!php function UPDATE_OR_INSERT($tablename, $NewArray, $WhereArray){ global $wpdb; $arrayNames= array_keys($WhereArray); //convert array to STRING $o=''; $i=1; foreach ($WhereArray as $key=>$value){ $o .= $key . ' = \''. $value .'\''; if ($i != count($WhereArray)) { $o .=' AND '; $i++;} } //check if already exist $CheckIfExists = $wpdb->get_var(""SELECT "".$arrayNames[0]."" FROM "".$tablename."" WHERE "".$o); if (!empty($CheckIfExists)) { return $wpdb->update($tablename, $NewArray, $WhereArray );} else { return $wpdb->insert($tablename, array_merge($NewArray, $WhereArray) ); } } }}} //usage: {{{ UPDATE_OR_INSERT('my_table', array('new_page_content'=>'blabla'), array('EventId'=>734)); }}} it's good if there was built-in function that replaces this custom method" tazotodua 1 6492 Guids No Longer Have Permalink Format Database 2.5 normal normal Future Release enhancement reopened 2008-03-31T06:03:30Z 2019-08-30T01:26:43Z "When you create a new post using WordPress 2.5 the GUID is created in the http://siteurl/?p=<PostId> format even when permalinks are enabled. This is because the _transition_post_status function in /wp-includes/post.php now checks if the guid is empty (which it never is) before resetting/creating it with the proper permalink structure. Line 2841 should be removed. " brianwhite 72 43019 Hook to validate post form data before save has-patch Database normal major Awaiting Review enhancement new 2018-01-04T13:23:07Z 2021-10-28T03:26:41Z "There doesn't seem to be a hook available to validate form data before a post is saved. In my case I'm considering using JavaScript to validate the post title, content and meta but would prefer to do this validation server side. Can we add a hook?" henry.wright 13 26788 Improve dbDelta fields match has-patch Database 3.8 normal normal enhancement reopened 2014-01-07T12:12:19Z 2019-06-04T19:24:49Z Sometimes plugin authors use multiple spaces between the field name and type rather than a single space when using dbDelta, small change to the regex to stop this producing unnecessary alter queries. pollett 1 37692 Introduce WP_Database_Table base class dev-feedback Database normal normal Awaiting Review enhancement new 2016-08-17T13:23:28Z 2017-03-15T17:20:50Z "I've always thought it odd that WordPress only versions blogs, and not each individual database table. On one hand, it's great that the schema changes rarely enough that WordPress core would not get a lot of use out of it. On the other, many plugins would benefit pretty hugely from a smart base class that encapsulated a lot of the procedural work of having custom database tables and maintaining a schema. BuddyPress, for example, comes with several object & metadata pairs, for groups, activity, friends, profiles, messages, notifications, etc... It currently takes WordPress's approach of having a big-dumb installer and a bunch of tangled together upgrade routines. I'd love it if each component could manage it's own schema on the fly, with it's own upgrade routines and database table classes to separate the responsibilities, but without needing to setup `admin_init` hooks and `version_compare()` checks for each component. Django has something similar currently, as do other open-source projects like Piwik, GitLab, Mattermost, etc... ---- I'm imagining that each core database table would extend the `WP_DB_Table` class, each with their own `db_version` and their own methods for upgrading to newer versions. Global tables (like `wp_users`) would use `site_id` `-1` in the `wp_sitemeta` database table to distinguish them as global, and not per-network or per-site. ---- This way, when a plugin like WooCommerce wants to introduce new database tables, they just extend the base class, pass in an array of column-keys & attributes, and the base class would handle the `$wpdb` table registration and all of the other bits and bobs. Eventually... eventually it could get paired up with some kind of a `WP_Base_Query` class to automatically handle cache-key assignments, and generate basic crud methods based on the parameters in the associated `WP_Database_Table` extension. ---- I think this becomes particularly useful in REST applications, where WordPress's APIs can be used and extended for any manner of scalable data storage outside of the core database schemas. Obviously this is a huge idea with lots of moving parts, and without a core need ideas like this are pretty slow on the go. I am already starting to do something similar in my own plugins though - just without the base class - and it feels much easier to maintain each plugin knowing there is a similar convention between them. See: https://code.flox.io/stuttter/wp-site-aliases/blob/master/includes/class-wp-site-aliases-db-table.php" johnjamesjacoby 3 39826 LIMIT clause not required in get_options function as there's already a UNIQUE KEY on option_name dev-feedback Database 4.7.2 normal normal Awaiting Review enhancement new 2017-02-09T23:41:05Z 2020-05-07T19:31:10Z "The Core get_options (wp-includes/option.php) uses LIMIT 1 to retrieve only a single row for an option. However, the option_name field already has a UNIQUE KEY in the table schema, so it's impossible for the db to contain or return more than one row for any option_name. Barring history I'm unaware of (if there used to not be a UNIQUE KEY on this field in the past), it's safe to remove the LIMIT 1 clauses from these queries (there are a few instances in the function. While LIMIT clauses can sometimes be harmful to performance, in this particular scenario that's not the case. However, it's just superfluous." arjenlentz 3 8857 Make WP MySQL strict mode compliant Database 6.4.2 lowest normal enhancement reopened 2009-01-14T11:25:26Z 2024-01-22T08:45:43Z "Incorrect Mysql scheme during WordPress installation on DBMS with strict date/datetime format settings will result in errors and will be unable to finish succesfully. Existing default date and datetime values are '0000-00-00' and '0000-00-00 00:00:00' which are not supported any more. Please see official Mysql dev documentation for more information: {{{ The DATE type is used when you need only a date value, without a time part. MySQL retrieves and displays DATE values in 'YYYY-MM-DD' format. The supported range is '1000-01-01' to '9999-12-31'. }}} http://dev.mysql.com/doc/refman/5.0/en/datetime.html " ghostks 21 46179 Make fetch_array accessible in $wpdb Database normal normal Awaiting Review enhancement new 2019-02-04T09:38:25Z 2019-02-04T09:38:25Z "Hi, I want to suggest a change in $wpdb. I'd like to see a possibility to use fetch_array by myself rather than taking the result of a query as an array or object. Let me explain why. WordPress doesn't scale very well when you handle large amounts of data from the database. For example, if you want to display a list of all posts and you have like 5000 of them. You'd use WP_Query for that. Which is fine, I guess, for a limited number, but slow in this use case. So you'd query yourself. {{{ SELECT * FROM wp_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_title ASC }}} If you give that to $wpdb, you'd receive an array with all 5600 posts and all the jazz attached to it. It takes 5 seconds and takes about 500 MB of PHP memory. I have now added an own class and established a second database connection. With that, I run the query above but the result remains in mysql. Instead of {{{#!php <?php foreach($results as $current) { // do stuff } }}} I now run {{{#!php <?php while($current = $mydb->fetch_array($results)) { // do stuff } }}} And I only need 30 MB of PHP RAM and 0.4s of time. This saves a lot of resources because you are able to get rid of a lot of PHP overhead. See, the MySQL result is in memory either way (because you did run the query) but you don't have to store everything from the result in PHP memory as well. You process them one at a time and only store (or output or whatever you need to do) what you actually need. I know this is nothing you'd usually do but there are other use-cases where an accessible fetch_array would come in handy in the interest of performance optimization - for example if your plugin utilizes a cronjob which has to handle large amounts of data. I don't assume this would break anything compatibility-wise as it is an additional method inside this class, so it would be a very nice addition. All you'd need is to add a new return method to $wpdb->query that returns the MySQL resource and a new method that exposes a fetch_array function to the public accepting said resource. Thank you a lot for reading my proposal and at least considering it :) -alduin" alduinwf 44292 Make use of protected process_fields Database normal normal Awaiting Review enhancement new 2018-06-01T12:23:58Z 2018-06-01T12:23:58Z "I have written an 'upsert' routine and thought it would be nice to have this functionality in WordPress core. Searching for results in this ticket https://core.trac.wordpress.org/ticket/22196. Not having a method for it, is okay. I already have my own implementation. However I need some field processing like the same way has been done for the insert and update routines. Unfortunately the method for that (process_fields) has been made protected. Is it desirable to make that method public or should I copy the logic of those routines to be able to use it?" andizer 46565 Mixed engine in tables, could bring to major WP failure! Also there is a small fix that could avoid that. Database 4.9.8 normal normal Awaiting Review enhancement new 2019-03-19T18:49:44Z 2019-03-20T07:40:01Z "''First of all ... after MySQL decided to make InnoDB the default engine ... many of us have mixed database with both InnoDB and MyisAM labeled tables. If a plugin add a new table now (it happened to us with both WPML and Woocommerce) the new table will be mostly InnoDB but old table could be MyIsAM. That can bring to JOIN failures, that in our case made us lost primary key or foreign key links, but will definitely cause also tables **permanent locks** (due to plugin/software crash), and that took finally to the main problem: **data (rows) inserted with ID = 0** THAT alone should be advertised a lot around plugin developers, that should check if their plugin tables are equal to the current-default-engine and if they are not, they should: ""alter TABLENAME engine = current-default-engine"".'' **Straight to the point:** Data with ID = 0 actually can make crash WordPress because of this: wp-includes/post.php:4867 Please note that this code will make WordPress go into a recursive infinite loop (causing ""fatal error memory exhausted"") if the ID = 0. I know that ID = 0 is an abnormal situation, but believe me, if having locked tables makes this happen, you want to add a handbreak to that. **This is a small fix, but you surely can do better:** {{{ // Start the search by looking at immediate children. if ( isset( $children[ $page_id ] ) ) { // Always start at the end of the stack in order to preserve original `$pages` order. $to_look = array_reverse( $children[ $page_id ] ); while ( $to_look ) { $p = array_pop( $to_look ); if (!array_key_exists($p->ID,$pidx)) { $pidx[$p->ID]=true; $page_list[] = $p; if ( isset( $children[ $p->ID ] ) ) { foreach ( array_reverse( $children[ $p->ID ] ) as $child ) { // Append to the `$to_look` stack to descend the tree. $to_look[] = $child; } } } } } }}} " Nokao 52253 New filter on wp-db.php reporter-feedback Database normal normal Awaiting Review enhancement new 2021-01-08T05:03:34Z 2021-01-08T18:54:25Z "I need to filter the database returned rows for a plugin I am developping. I cannot accomplish the functionality with current filters. I think that other devs may benefit from these couples of filters I propose. These lines of code placed in substitution of lines 2001 to 2006 of wp-db.php do the job. {{{ $this->last_result[ $num_rows ] = $row; /** * Filters the database returned row in a mysqli context. * * @since 5.6.1 * @param object $row Database fetched row. * @param string $query Database query. */ $row = apply_filters( 'returned_row_mysqli', $row, $query ); $num_rows++; } } elseif ( is_resource( $this->result ) ) { while ( $row = mysql_fetch_object( $this->result ) ) { $this->last_result[ $num_rows ] = $row; /** * Filters the database returned row in a mysql context. * * @since 5.6.1 * @param object $row Database fetched row. * @param string $query Database query. */ $row = apply_filters( 'returned_row_mysql', $row, $query ); $num_rows++; }}} Thanks in advance." guelben 3 31018 Persistent database connections with mysqli needs-unit-tests Database 4.2 normal normal enhancement reopened 2015-01-14T22:37:39Z 2022-08-01T03:57:30Z "WordPress currently does not allow support for persistent database connections. This can be accomplished by prepending ""p:"" to the hostname with mysqli however with its current configuration WordPress will be confused by the "":"" and think the hostname is actually a port if specified in the wp-config.php file. This patch add support for a constant that allows persistent connections to be turned on or off. Why should this be added to core? Because persistent connections are useful :P. But really, we have seen requests for this in other tickets such as #27933. Additionally I am involved in a project where 10,000+ sites are requiring persistent db connection, not an insignificant number. Persistent db connections are also needed to ensure proper performance on IIS and Azure installations. In short a couple lines of code is all it takes to ensure WordPress continues to work well across other platforms and project requirements. Props to awoods and bradparbs for helping identify the issue and solution." blobaugh 15 58826 Please add a default post relations table Database normal critical Awaiting Review enhancement new 2023-07-17T22:10:52Z 2023-07-17T22:10:52Z "As I am sure you know, people have bee using wordpress for a lot of things other than a simple blogging platform. And while your structure allows for basic functionality and relationships, There is a lot of room for improvement. As people continue to add more and more custom post types and related meta, the default posts/post meta tables will quickly become filled and make web queries slow. In addition, the taxonomy system is very limiting, as that is not the only way one would want to group like items. The most common way, would be POST relationships. If a Class has many students, and students have many classes, Displaying an intermediary page between the two is very difficult with the current set up. Therefore, I'd like to request an extension to the database structure as described below in the link below. At minimum the 1st option should be considered as an alternative to archive pages with taxonomies. [https://imgur.com/a/L9q4bAf] If I type domain.exp/articles/for/baseball where baseball is a sports custom post type and arcticles is just one of several custom post types, I expect a query select * from articles where hobby_slug = 'baseball' Currently everyone expects me to make the sport CPT a taxonomy, but if the sport has its own custom fields, and taxonomies already attached, that does not work. This system would be usable in a thousand different use cases and would make your platform more versatile. USERS, comments, posts and custom post types are all Models. Make it easier to establish any relation between them please. " jcc5018 44386 Problem with utf8mb4_unicode_ci collation for arabic content has-patch Database 4.9.6 normal major Awaiting Review enhancement new 2018-06-17T06:52:44Z 2018-06-17T07:00:57Z "I see that since version 4.6, WordPress uses utf8mb4_unicode_ci as the default collation. I see this in the determine_charset function in the /wp-includes/wp-db.php file (CMIIW). In my experience, it looks like utf8mb4_unicode_ci has problems with content that uses arabic letters. Example: I created a tag with the name: {{{ #!span style=""font-size: 28pt"" ٱللَّهِ }}} And I created another tag with the name: {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} Then when I do a tag search (via wp-admin), with keyword: {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} the search results that appear are: {{{ #!span style=""font-size: 28pt"" ٱللَّهِ }}} and {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} tags. Whereas it should appear only tag: {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} according to the search keyword. This becomes a problem when a post wants to use the tag {{{ #!span style=""font-size: 28pt"" ٱللَّهُ }}} , but can not be due to existing tag {{{ #!span style=""font-size: 28pt"" ٱللَّهِ }}} My guess is not a bug from WordPress, but a bug from MySQL. For information, perhaps this link is a related issue: [https://bugs.mysql.com/bug.php?id=76218] (CMIIW)." array064 1 49028 Provide functionality to suppress $wpdb query filter reporter-feedback Database 5.4 normal normal Awaiting Review enhancement new 2019-12-18T12:41:59Z 2020-02-08T13:52:34Z "The custom query class `wpdb` methods (`get_col`, `get_car`, `update`, `delete`...) all use the underlying `query` method which (since WP 2.1) has a filter hook 'query' which allows modification of the sql query. Some queries are specific to the internals of a plugin's functionality and are not meant to be exposed to other plugins/functionality, however, currently, there is no mechanism to suppress this filter. Would it make sense to add a boolean flag on the `$wpdb` instance which would allow developers to suppress any query modification? Something like `$wpdb->suppress_filters` which would be set to false by default." aurovrata 6 54669 Remove ONLY_FULL_GROUP_BY from incompatible wpdb modes needs-unit-tests Database 3.9 normal normal Awaiting Review enhancement new 2021-12-20T12:56:22Z 2022-06-15T20:52:56Z "as GROUP BY is non-deterministic otherwise, ONLY_FULL_GROUP_BY ensures this is not the case. which is why this is enabled by default since MySQL 8 I guess it was disabled originally, as some queries would have to be updated in WP core. I think however, this should be done now, as otherwise we're accumulating more and more technical debt." malthert 2 54324 Rename Table Function - maybe_rename_table() has-patch Database normal normal Awaiting Review enhancement new 2021-10-26T17:22:22Z 2023-01-09T16:23:27Z "I would like to see a helper function to rename tables, similar to maybe_create_table() in /wp-admin/install-helper.php. Having a maybe_delete_table() would be very useful as well." bhubbard 2 54560 Return null from wpdb::get_results when query fails has-patch Database normal normal Awaiting Review enhancement new 2021-12-02T17:14:55Z 2021-12-02T17:14:55Z "It's not currently possible to know if a query failed internal to `wpdb::get_results()` since the result of `$wpdb->query()` isn't checked. This diff introduces a `null` return from `wpdb::get_results()` when a boolean `false` is returned from `wpdb::query()`." jeffstieler 47280 SQL_CALC_FOUND_ROWS is deprecated as of MySQL 8.0.17 johnbillion has-patch Database normal normal Future Release enhancement reviewing 2019-05-15T14:34:03Z 2024-02-22T07:49:16Z "Per https://dev.mysql.com/doc/refman/8.0/en/information-functions.html#function_found-rows > The SQL_CALC_FOUND_ROWS query modifier and accompanying FOUND_ROWS() function are deprecated as of MySQL 8.0.17 and will be removed in a future MySQL version. As a replacement, considering executing your query with LIMIT, and then a second query with COUNT(*) and without LIMIT to determine whether there are additional rows. This is not yet immediately important because most hosts are on 5.5, or 5.6, rarely 5.7, but given the speed with which trac tickets move that impact very core functionalities, I thought it best to open this ticket to get the work started. This impacts all the 6 places where it's being used, though one of them is in the WP_Query definition." javorszky 59 54346 Slow SQL queries fetching posts from specific categories craigfrancis* has-patch Database normal normal Future Release enhancement accepted 2021-10-30T11:05:53Z 2023-12-11T00:44:48Z "Noticed that REST API queries used in mobile app are very slow and found that such SQL queries can be optimized to be 10 times faster (1.8134 seconds vs. 0.1804 seconds) for wp_posts table having 800k records, see below. Very similar queries are used when displaying posts from specific categories on the web, meaning optimizing this could lead to significant speed up everywhere. The one responsible for this is WP_Tax_Query->get_sql_for_clause function. REST API to fetch posts from specific categories, e.g. `/wp-json/wp/v2/posts/?per_page=10&_embed=1&categories=63545,63546,63547,63548,63549,63552,76287&page=1` executes the following SQL query: {{{ SELECT wp_posts.ID FROM wp_posts LEFT JOIN wp_term_relationships ON ( wp_posts.ID = wp_term_relationships.object_id ) WHERE 1 = 1 AND ( wp_term_relationships.term_taxonomy_id IN ( 63545, 63546, 63547, 63548, 63549, 63552, 76287 ) ) AND wp_posts.post_type = 'post' AND( (wp_posts.post_status = 'publish') ) GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 10 }}} Query took 1.8134 seconds. This query can be optimized by using subquery: {{{ SELECT wp_posts.ID FROM wp_posts WHERE wp_posts.ID IN ( SELECT object_id FROM wp_term_relationships WHERE wp_term_relationships.term_taxonomy_id IN ( 63545, 63546, 63547, 63548, 63549, 63552, 76287 ) ) AND wp_posts.post_type = 'post' AND wp_posts.post_status = 'publish' ORDER BY wp_posts.post_date DESC LIMIT 0, 10 }}} Query took 0.1804 seconds seconds. " Krstarica 18 58180 Specify the REGEXP format for meta_query needs-docs Database 6.2 normal trivial Awaiting Review enhancement new 2023-04-24T05:47:20Z 2023-08-01T11:33:44Z "Because of the fact that `meta_query` parameter with `['compare' => 'REGEXP', 'key' => 'foo', 'value' => '^bar']` working as substitution to raw SQL-request like `... foo.meta_key REGEXP ^bar ...` please, specify this explicitly in the [https://developer.wordpress.org/reference/classes/wp_meta_query/ documentation] - especially the fact that this REGEXP should not be wrapped in `/`" letraceursnork 1 42352 Support use of native MySQLi prepared queries early Database normal normal Future Release enhancement new 2017-10-27T04:15:52Z 2023-09-09T22:23:23Z "When we added `$wpdb->prepare()` back in WordPress 2.3, we were forced to roll our own MySQL Prepared queries as the MySQL extension didn't support it. While the MySQL extension still doesn't, the majority of WordPress sites are likely using the newer MySQLi engine (by default, enabled for PHP 5.5+ which accounts for 70~80% of sites). That makes now a good time to start investigating the potential implementation and usage of native prepared queries in the future. Attached is a first-draft of implementing native prepared queries into WPDB, it has no fallbacks for MySQL at present, but it would be possible to force support in for it using a ""simple"" SQL parser. Unfortunately I expect that this draft is incompatible with many DB drop-ins, which is okay, this is only a draft and proof-of-concept. I'll attach some examples of how this first draft could be used in a comment below." dd32 8 47994 The additions of a new wp_posts table columns called post_level and post_patriarch Database normal normal Awaiting Review enhancement new 2019-09-06T23:29:48Z 2019-09-06T23:29:48Z "Many user are looking for an easy solution to sort table by page children. I understand their are functions like get_children, pre_get_posts, get_posts, wp_query. But if I wanted to extract the children directly from the db table wp_posts, their is no easy way. So I am suggest the Core team to add in an additional column: post_level. This is already noticed with the post list table's html row/td as a class (level-0) so it should be in the table. {{{ //Get all 1st generations of post based on 2 parents who are cousins SELECT p.* FROM $wpdb->posts p WHERE p.post_level = 1 AND p.post_parent = 123 OR p.post_parent = 345) //Get all 2nd generation pages of parent post id 1 SELECT p.* FROM $wpdb->posts p WHERE p.post_level = 2 AND p.post_patriarch = 1 }}} post_level depends on what level of Parent (0), Child (1) or Grandchild(2) or GreatGrandChild (3) a page is within the Hierarchy. post_patriarch (or lack of a better word) is always the level 0 parent ID This should also be consider for other tables as well(e.g menu_level) I hope this make sense. " samjco 41424 "Use a better error message than ""Error establishing a database connection"" when site isn't found" needs-unit-tests Database 4.9 normal normal Future Release enhancement new 2017-07-24T14:24:44Z 2017-11-22T08:58:59Z "In multisite, if this query returns no results, the database connection error is triggered: SELECT blog_id FROM wp_blogs WHERE domain IN ( 'example.com' ) AND path IN ( '/' ) ORDER BY blog_id ASC LIMIT 1 I think the error should not mention database connection but allude to the fact that the site was not found. For my use case, I had migrated a production database into QA and didn't update the domain to be qa.example.com so the connection failed. I hope this is helpful. I'm not sure I know what the exact solution is but I thought the connection attempt had failed, when in fact the connection had been made but the data was not as expected. Also, the failure was not found in debug.log." tthorp 4 41054 Use sargable date filtering where possible Database normal normal Awaiting Review enhancement new 2017-06-15T07:54:13Z 2017-06-15T12:13:22Z "Currently, many queries generated by WP use post_date in a non-sargable fashion, namely by filtering based on the output of a MySQL function taking post_date as a parameter. These can be easily rewritten to use the index on post_date without, to my eyes, breaking anything to boost performance. Here's an example: {{{ MariaDB [blog]> EXPLAIN SELECT * FROM blog.wp_posts WHERE YEAR(post_date) = 2017; +------+-------------+----------+------+---------------+------+---------+------+------+-------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +------+-------------+----------+------+---------------+------+---------+------+------+-------------+ | 1 | SIMPLE | wp_posts | ALL | NULL | NULL | NULL | NULL | 2684 | Using where | +------+-------------+----------+------+---------------+------+---------+------+------+-------------+ }}} vs {{{ MariaDB [blog]> EXPLAIN SELECT * FROM blog.wp_posts WHERE post_date >= ""2017-01-01"" AND post_date < ""2018-01-01""; +------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+ | 1 | SIMPLE | wp_posts | range | post_date | post_date | 8 | NULL | 262 | Using index condition | +------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+ }}} This optimization can be applied to any comparison between post_date and an already known parameter (from query_var). The only time it wouldn't be possible would be when comparing a portion of the date of two different posts (e.g. WHERE MONTH(x.post_date) == MONTH(y.post_date)) It's not much, but it's something. " ComputerGuru 1 56091 Using %i for table/field names in wpdb::prepare() craigfrancis has-patch Database 6.1 low minor Future Release enhancement assigned 2022-06-28T19:10:52Z 2024-01-29T20:10:29Z "Now `wpdb::prepare()` supports `%i` for Identifiers (e.g. table/field names), via commit [53575], and ticket #52506. Queries within WP Core should use this, to ensure variables are always quoted, and avoid static analysis tools flagging unescaped SQL input (a non-`literal-string`) for the `$query` parameter: {{{#!php <?php $wpdb->prepare( ""SELECT ID FROM $wpdb->posts WHERE post_type = %s"", $post_type ); $wpdb->prepare( ""SELECT ID FROM %i WHERE post_type = %s"", $wpdb->posts, $post_type ); }}} I'll write a patch for the first set, but I suspect there will be a lot of changes, and they should be checked carefully." craigfrancis 13 40150 VARCHAR/TEXT inefficiencies Database 4.7.3 normal normal Awaiting Review enhancement new 2017-03-14T00:45:10Z 2017-03-14T00:45:10Z "From conversation with Matty Cohen, a selection of structural improvement suggestions, for performance and future-proofing. Note that these aspects have recently been applied to WooCommerce already, resulting in a much optimised/modernised default table structure. Current some of the TEXT and VARCHAR use in WP Core appear to be based on old information - that is, restrictions and behaviour from MySQL versions long ago. This has consequences for performance. First, VARCHAR. In MySQL 4.0, VARCHAR used to be restricted to 255 max. In MySQL 4.1 character sets such as UTF8 were introduced and MySQL 5.1 supports VARCHARs up to 64K-1 in byte length. Thus, any occurrence of VARCHAR(255) indicates some old style logic that needs to be reviewed. Why not just set the maximum length possible? Well... A VARCHAR is subject to the character set it's in, for UTF8 this means either 3 or 4 (utf8mb4) bytes per character can be used. So if one specifies VARCHAR(50) CHARSET utf8mb4, the actual byte length of the stored string can be up to 200 bytes. In stored row format, MySQL uses 1 byte for VARCHAR length when possible (depending on the column definition), and up to 2 bytes if necessary. So, specifying VARCHAR(255) unnecessarily means that the server has to use a 2 byte length in the stored row. This may be viewed as nitpicking in the margin, however storage efficiency affects the number of rows that can fit on a data page and thus the amount of I/O required to manage a certain amount of rows. It all adds up, so having little unnecessary inefficiencies will cost - particularly for larger sites. Best practice is to set VARCHAR to the maximum necessary, not the maximum possible - otherwise, as per the above, the maximum possible is about 16000 for utf8mb4, not 255 - and nobody would propose setting it to 16000, would they? But it's not much different, in stored row space a VARCHAR(255) requires a 2 byte length indicator just like VARCHAR(16000) would. So please review VARCHAR columns and set their definition to the maximum actually necessary, this is very unlikely to come out as 255. If 255, why not 300? Or rather 200? Or 60? Setting a proper number indicates that thought and data analysis has gone into the design. 255 looks sloppy. On to TEXT. TEXT (and LONGTEXT) columns are handled different in MySQL/MariaDB. First, a recap of some facts related to TEXT columns. The db server often needs to create a temporary table while processing a query. MEMORY tables cannot contain TEXT type columns, thus the temporary table created will be a disk-based one. Admittedly this will likely remain in the disk cache and never actually touch a disk, however it goes through file I/O functions and thus causes overhead - unnecessarily. Queries will be slower. InnoDB can store a TEXT column on a separate page, and only retrieve it when necessary (this also means that using SELECT * is needlessly inefficient - it's almost always better to specify only the columns that are required - this also makes code maintenance easier). A TEXT column can contain up to 64k-1 in byte length (4G for LONGTEXT). So essentially a TEXT column can store the same amount of data as a VARCHAR column (since MySQL 5.0), and we know that VARCHAR offers us benefits in terms of server behaviour. Thus, any instance of TEXT should be carefully reviewed and generally the outcome is to change to an appropriate VARCHAR. Using LONGTEXT is ok, if necessary. If the amount of data is not going to exceed say 16KB character length, using LONGTEXT is not warranted and again VARCHAR (not TEXT) is the most suitable column type. Applications don't need to care, so the db definition can be altered without any application impact. Summary: Particularly when combined with the best practice of not using SELECT *, using appropriately defined VARCHAR columns (rather than VARCHAR(255) or TEXT) can have a measurable and even significant performance impact on application environments. It is a worthwhile effort." arjenlentz 55938 WP prefix on installation - instructions to be indicated Database normal minor Awaiting Review enhancement new 2022-06-07T12:48:50Z 2022-06-07T14:37:01Z "Following a bad experience, changing the database prefix from ""wp_"" to ""SAI"" for security. I found out that this is giving Woocommerce a problem with creating tables in the database. This problem is solved, but I create this ticket to give the idea during the next Update, to indicate how to change the prefix. I had put SAI instead of wp_ forgetting the _ and capitalizing, hence the problem I had encountered." valentindu62 31042 WPDB field_types Variable Too Broad? Database normal normal enhancement new 2015-01-17T03:07:49Z 2019-06-04T19:27:49Z "I was wondering if it might make sense to tie the field_types format definitions to tables and columns instead of just columns. As people use WordPress more there may be situations like the one I encountered today where columns of their enhancement tables overlap with those of WordPress' default tables. In my situation my user_id was more of a guid so it was a string that was being formatted to a decimal. While this might not be a common problem with the overhead it would take to change it to a multidimensional array it might make sense. If this is something others would find useful or practical I would be happy to rework the code." njkrut 2 42703 WP_Query: Swap parsing date into own method Database normal normal Awaiting Review enhancement new 2017-11-26T17:32:44Z 2019-01-16T06:50:09Z "The WP_Query::get_posts also parses the date query. This is modular enough to swap it to its own method at last. A proof of concept has been made and all tests are still green. Some details and todos: - see https://github.com/ScreamingDev/wordpress-develop-1/commit/6bb681e8caf4df8ba4811690ee19f12ad1755371 - Check if the whole logic can be shifted to WP_Date_Query::get_sql Hint: The long run is about enabling WordPress to support multiple tables (per ""post-type""). To achieve this some enhancements to the current wpdb and WP_Query class are needed. This issues covers a small bit of it by refurbishing the source." screamingdev 41281 attachment_url_to_postid results in very slow query joemcgill* Database 4.9 normal normal Awaiting Review enhancement accepted 2017-07-10T07:53:25Z 2021-04-30T13:17:51Z "`attachment_url_to_postid` throws query like this: {{{ # wp-includes/media.php ll.3922 $sql = $wpdb->prepare( ""SELECT post_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attached_file' AND meta_value = %s"", $path ); }}} But wp_postmeta table has index only of `meta_key`, this may cause file sort. == Why this is problem == Let's assume that you have 20,000 posts and each post has 10 attachments in your WP news site. MySQL filters rows with `meta_key` but still remain 200,000 possible rows. This causes file sort. `attachment_url_to_postid` is used not only in admin screen, but also in public area(e.g. AMP Plugin https://wordpress.org/plugins/amp/ ). Now twitter changes URL for mobile device if AMP version is available. So, MySQL CPU raises up to 100% by `attachment_url_to_postid` if site traffic is high, == Solution == To avoid slow query, I suggest adding another index. {{{ ALTER TABLE $wpdb->postmeta ADD INDEX meta_key_meta_value (meta_key(191), meta_value (64)); }}}" Takahashi_Fumiki 11 8924 autoload should be boolean in add_option() Database lowest normal Awaiting Review enhancement reopened 2009-01-22T23:51:48Z 2019-03-15T00:30:00Z "Regarding: CREATE TABLE `wp_options` (`autoload` varchar(20) NOT NULL DEFAULT 'yes', Why not boolean binary, or one character long? " jidanni 7 10883 db-error.php not used for all DB failures Database 2.8.4 normal normal enhancement assigned 2009-10-01T02:45:28Z 2023-12-07T13:19:54Z "db-error.php (the optional custom DB error message file to be placed in wp-content) does not get included all the time. Sometimes wp-db.php will use its {{{bail()}}} method to spit out its own message. This code needs to be there too: {{{ if ( file_exists( WP_CONTENT_DIR . '/db-error.php' ) ) { require_once( WP_CONTENT_DIR . '/db-error.php' ); die(); } }}}" markjaquith 5 40357 dbDelta can't change primary keys, create AUTO_INCREMENT columns and doesn't make significant index changes needs-unit-tests Database 4.8 normal normal Awaiting Review enhancement new 2017-04-04T17:20:04Z 2017-04-04T18:21:02Z "dbDelta has three inter-related issues which center around changing indexes. 1) It isn't possible to change which column is the primary key 2) It isn't possible to add a new AUTO_INCREMENT column 2b) It isn't possible to modify an existing AUTO_INCREMENT to no longer be AUTO_INCREMENT 3) Indices with the same name are not dropped/re-created, even when the index definition is changed significantly. == Use case == A client had been tracking inventory in a custom table where the product ID was the primary key. When he opened a new location, we added a location column, and wanted to be able to track how many of each product was in each location. 1. A table's purpose is being expanded, or otherwise doesn't meet the needs of the data. Since the primary key is unique, we needed to add a new key column and change which column was designated as the primary key. 2. A table was originally defined without an AUTO_INCREMENT column and the need for such a column arises. The new column we wanted to add and use for the key was simply an AUTO_INCREMENT integer column. In testing we defined the new column and also defined a new UNIQUE index (so, not changing the primary key yet). Since dbDelta adds new columns before adding the new indices, and in separate ALTER TABLE statements, MySQL refuses to add a new AUTO_INCREMENT column without an index. The solution is to add the new column without the AUTO_INCREMENT designation, then add the UNIQUE index, then alter the table to use AUTO_INCREMENT. 3. A primary (or other key) could be significantly and intentionally altered, significantly changing how queries are run. I understand that WP doesn't want to drop and recreate indices when changing the sub-part of an index (see: https://core.trac.wordpress.org/ticket/34870#comment:21) However I think that it should change the index, if the definition is significantly altered. In the use case above, we could've changed the primary key to be `PRIMARY KEY(productId,location)` instead of adding a new column and switching the index to that column. In other use cases, changing from a BTREE to FULLTEXT index would change which types of queries need to a full table scan. == This Patch == This patch does the following: 1. You can now add a new AUTO_INCREMENT column to an existing table When a new AUTO_INCREMENT column is added to an existing table, the column creation is done in two parts. First the column is created as a non-AUTO_INCREMENT column, and a separate `ALTER TABLE` statement is set to run after index creation to enable AUTO_INCREMENT. Note: The CREATE TABLE statement given to dbDelta must provide the required indexes that MySQL expects. 2. You can now modify a column with AUTO_INCREMENT to no longer use AUTO_INCREMENT 3. You can change which column is the primary key 4. Significant index definitions cause an index to be dropped and re-created The cases that cause an index to be dropped and re-created are: * An index which wasn't UNIQUE, but now is or vice-versa * An index which changes index type (eg. FULLTEXT => BTREE) * An index which contains a different number of columns * An index which contains a different column order * An index which contains different columns Note: Changing the index sub-part or no longer defining the index in the table does not cause it to be dropped. == Other notes == 1. I've tried to use WP coding standards and comment my code well. I'd love feedback if there are things I can do better. 2. I've included a file, test.php which takes 13 table definitions, takes them two at a time, and converts between each possible combination. To run it, put it in the root WordPress directory and run `php ./test.php`. 3. Also, the dbDelta phpunit tests still pass." stuporglue 1 10404 dbDelta creates duplicate indexes when index definition contains spaces has-patch Database 2.8.1 normal normal enhancement reopened 2009-07-14T10:59:54Z 2023-01-21T16:01:09Z "I was adding a much needed index in wp_object_term_relationships, and testing revealed it was getting added multiple times. This works as intended: {{{ CREATE TABLE $wpdb->term_relationships ( object_id bigint(20) unsigned NOT NULL default 0, term_taxonomy_id bigint(20) unsigned NOT NULL default 0, term_order int(11) NOT NULL default 0, PRIMARY KEY (object_id,term_taxonomy_id), UNIQUE KEY reverse_pkey (term_taxonomy_id,object_id), KEY term_taxonomy_id (term_taxonomy_id) ) $charset_collate;""); }}} This doesn't: {{{ CREATE TABLE $wpdb->term_relationships ( object_id bigint(20) unsigned NOT NULL default 0, term_taxonomy_id bigint(20) unsigned NOT NULL default 0, term_order int(11) NOT NULL default 0, PRIMARY KEY (object_id,term_taxonomy_id), UNIQUE KEY reverse_pkey (term_taxonomy_id, object_id), KEY term_taxonomy_id (term_taxonomy_id) ) $charset_collate;""); }}} the only difference between the two is a space in the reverse_pkey column list. we should remove spaces in there to avoid potential bugs." Denis-de-Bernardy 21 20634 dbDelta is unforgiving about field declarations dev-feedback Database 1.5 normal normal enhancement new 2012-05-08T03:27:05Z 2019-06-04T19:23:05Z "the variable type is case sensitive: int(22) != INT(22) the mysql type BOOL or BOOLEAN comes back from the db as tinyint(1): tinyint(1) != BOOLEAN Not a huge issue, just annoying. Makes dbDelta fire off unnecessary sql. " SidHarrell 8 49654 maybe_drop_table Database normal normal Awaiting Review enhancement new 2020-03-16T17:37:38Z 2023-04-07T15:21:11Z We currently have a function for `maybe_create_table`, I was looking for one to `maybe_drop_table`. This would be a very helpful function. bhubbard 1 29938 mysqli_query and multiple resultsets needs-unit-tests Database 3.9 normal normal enhancement new 2014-10-12T10:24:20Z 2019-06-04T19:26:52Z "The WordPress Database API does not expose a way to work with multiple resultsets. Multiple resultsets are returned by queries that have several sets of results available and this is often the case with stored procedures and the usual way is to call {{{next_result}}} and {{{use/store_result}}} on the mysqli connection, however the connection is abstracted away behind the undocumented {{{$wpdb->dbh}}} field. {{{ -- Test procedure for out of sync mysqli commands DROP PROCEDURE IF EXISTS `mysqli_procedure_test`; DELIMITER ;; CREATE PROCEDURE `mysqli_procedure_test`() BEGIN SELECT * FROM `wp_posts` LIMIT 1; SELECT * FROM `wp_posts` LIMIT 1; END;; DELIMITER ; }}} When calling this procedure (apart from the issues outlined in ticket #28155) you can only access the first resultset using the documented APIs. To fetch the second one one would have to use the mysqli API directly. Need to come up with additional public methods to work with these via the Database API instead. There must be a way for a user to fetch the next resultset if there's one, or make this transparent somehow, perhaps using a {{{$wpdb->call( $procedure, $arguments )}}} invocation in the case of procedures? And something like {{{$wpdb->next_results}}} for everything else? Needs brainstorming." soulseekah 2 46576 short-circuit filter for dbDelta Database normal normal Awaiting Review enhancement new 2019-03-20T15:32:29Z 2019-03-20T15:32:29Z "`dbDelta` function can cause strange things on the large-scale WordPress installations. When you have large amounts of data, you don't really want to schema changes apply directly on the production. (at least we don't do that) So, I recommend adding new short-circuit filter to avoid that. (I know, returning an empty array with `dbdelta_queries` might be a workaround but not ideal for this job.)" m_uysl 58871 support uca14.0.0 collation in database where available has-patch Database 6.3 normal normal Awaiting Review enhancement new 2023-07-20T23:36:30Z 2023-09-25T00:17:50Z "Like #32105 supporting a modern collation is a good idea. MariaDB added this in 10.10.1 (ref: https://jira.mariadb.org/browse/MDEV-27009). As the current default is case insensitive, we'll follow the same insensitivity and use accent insensitive. So of the collations available, use uca1400_ai_ci. ref: https://mariadb.com/kb/en/supported-character-sets-and-collations/#collations" danielblack 10 48285 wp-config-sample.php should default to `utf8mb4` instead of `utf8` character set has-patch Database 5.3 normal minor Awaiting Review enhancement assigned 2019-10-11T03:50:07Z 2022-09-27T22:57:02Z "MySQL's `utf8` character encoding is not a correct implementation of the standard and doesn't work with 4-byte characters, which includes many emoji. `utf8mb4` is the corrected implementation. See https://medium.com/@adamhooper/in-mysql-never-use-utf8-use-utf8mb4-11761243e434 or just google ""mysql utf8 vs utf8mb4"" It would seem wise for `wp-config-sample.php` to default then to `utf8mb4` instead of `utf8` so that new installations have the improved character set." bchecketts 9 36242 wpdb set_sql_mode add param Database 3.9 normal normal enhancement new 2016-03-14T23:43:46Z 2019-06-04T19:35:29Z When making a creating a db drop-in that supports multiple databases, I had to override the whole {{{set_sql_mode}}} method. If {{{set_sql_mode}}} accepted a {{{$dbh}}} param, the method could easily be reused. spacedmonkey 48740 Add constant for database date format dev-feedback Date/Time normal normal Awaiting Review enhancement new 2019-11-20T13:08:57Z 2019-11-20T14:18:36Z "A lot of core Date/Time code is dealing with `Y-m-d H:i:s` format, as stored for posts and other objects in database. This is effectively a so-called ""magic"" string, which is not self-explanatory and prone to user error if typed by hand (I messed up `i` with `m` for minutes more than once probably). Since there is no upstream PHP constant for this format, I suggest we introduce one in core and use it in place of magic string: {{{#!php define( 'WP_DATE_MYSQL', 'Y-m-d H:i:s' ); }}} Not absolutely sure about the name, I used `DATE_MYSQL` as class constant before, but `WP_DATE_DATABASE` might be more appropriately generic. To my knowledge there isn't a specific ISO or RFC designation for such format. If there is agreement on the need and the name I'll work on a patch for replacement and switch from strings in core." Rarst 2 29849 Better human_time_diff() Rarst* has-patch Date/Time normal normal Awaiting Review enhancement accepted 2014-10-03T10:54:41Z 2020-09-25T19:40:01Z "Given #9272 #18495 and #27271 I think it's time for a better alternative to `human_time_diff()`. My proposal is an entirely new function which: * Should be simple - no bazillion-dimensional arrays for arguments * Should not lack context in translatable strings - ""from now"", ""ago"" should be part of the resulting strings * Should have consistent strings, no abbreviations such as mins, yrs, hrs, secs * Should assume all timestamps have no offsets" kovshenin 9 52761 Date Permalinks Date/Time normal normal Awaiting Review enhancement new 2021-03-10T13:43:33Z 2021-03-10T16:23:53Z "This one surprised me that there is no functionality around it I could find in the code. A function to generate a date permalink. Specifically, in use case, let's say, in my post, I want to display the date.. March 10, 2021, and link it to the day archive. Then, on the day archive, I want a prev and next button for the day before and day after for better navigation. There is no simple functionality for this that I see. I can write functions to do this, but it seems to me there should be built in functions to figure out what date archive the current retrieved URL is, to generate the permalinks to a day, month, or year archive based on a WP_Post object/post ID or a DateTime object." dshanske 3 55685 Date setting should have two more options: j.n.Y and d.m.Y Date/Time 5.9.3 normal normal Awaiting Review enhancement new 2022-05-05T14:39:41Z 2022-05-05T18:30:39Z "Everytime I set up a WordPress site, I have to consult the PHP date formatting rules to get the site to show dates in the way that is standard in much of Europe, Post-Soviet countries, and many other places: `j.n.Y`. That is, 31.12.2022 for the last day of this year, or 5.5.2022 for today, with no leading zeroes. This is a shortened way of the official `d.m.Y`, which shows 05.05.2022 for today, with leading zeroes. Most of the time I see all types of organizations and individuals prefer the shorter version without leading zeroes, but this official notation has plenty of users as well. Both would be so helpful for so many users to have as one-click options in the site's General Settings page that I think it'd be great to add them there. **More info** https://en.wikipedia.org/wiki/Date_and_time_notation_in_Europe https://en.wikipedia.org/wiki/Date_format_by_country Searching the latter page for ""d.m"" finds 36 countries where either of these formats is in widespread usage. The combined population of these countries is approx. a billion people (e.g. Russia, Germany, Ukraine, Turkey, Israel, Poland). In addition to these, the list shows approx. 100 countries following the DMY order of date representation, without specifying the separators (dots ""."" or otherwise). The combined population in countries using j.n.Y or d.m.Y representations of dates might be well in excess of 1 billion people." Daedalon 2 28988 Detect Time Zones automatically at installation dev-feedback Date/Time normal normal Awaiting Review enhancement new 2014-07-22T19:19:50Z 2021-05-05T19:04:34Z "Currently, upon installing WordPress, one of the steps I always take is to go to Settings > General > Timezone to manually set my time zone. I've been using Wordpress for eight years, so I know to do it and how to do it, and it's just a minor inconvenience. However, I have seen people new to this platform be confused and/or not know how to change this. Is it technologically possible to use a geolocation service to query the IP address of the computer installing Wordpress and automatically set that service's best guess as to time zone, perhaps during the setup process? I would envision the UI option remaining in settings, in case, for example, a developer in one time zone builds a site for a client in another. But automatic detection would be perfect for the average new user. It would be one more element that just works out of the box for those who aren't particularly tech savvy. I did some searching in Trac to see if I could find a similar ticket and couldn't find any." danielmount 9 48935 Need to Remove strtotime() usage from core needs-unit-tests Date/Time 6.2 normal normal Awaiting Review enhancement new 2019-12-11T12:58:07Z 2023-04-06T10:38:43Z "`strtotime()` is routinely used in core for processing timezone-ambiguous input. Since it is affected by default PHP time zone setting (set by core to UTC on boot) it is also vulnerable to this setting being changed by third party code. Related change of `date()` to `gmdate()` in 5.3 release caused some new issues, because in some places while changing default time zone broke things combination of `strtotime()` and `date()` meant things got broken ''by the same amount'' and outputs were ""correct"" (ignoring the fact they would be implied in absolutely different time zone from intended). Dropping use of `strtotime()` in favor of date parsing with explicit time zone handling (such as `DateTimeImmutable` objects) is logical next step to make core insensitive to PHP time zone context." Rarst 3 46366 Posted Date - Field Arrangement - Reflect Locale Format OR Combine Fields Date/Time 5.1 normal trivial Awaiting Review enhancement new 2019-02-27T23:01:22Z 2019-05-27T17:19:04Z "In the ""Quick Edit"" form, as well as the Classic Editor's ""Publish"" Metabox, show 5 fields for entering the Publish Date for a Page/Post. [Month (Select)] [Day (Text)], [Year (Text)] @ [Hour (Text)]:[Minutes (Text)] This is the American format, with Month first, but is not a common format outside of the US. Even when the Date format is changed in Settings, that selected format is not used to arrange the Date Entry fields noted above. Suggestion: Integrate a JS Library which allows DateTimes to be entered in various formats, in a single field, and then be processed to produce a value in the format which is required. Example: I should be able to write a DateTime as ""2019-2-28 10:00"" and for that to be converted to ""2 Feb 2019 10AM""." Lucanos 1 48936 Remove mysql2date() usage from core needs-unit-tests Date/Time normal normal Awaiting Review enhancement new 2019-12-11T13:04:27Z 2023-02-24T15:20:34Z "`mysql2date()` was originally meant from processing times as stored by WP in database. Unfortunately its design is very limited because both time zone of input and output is ambiguous. It is interchangeably used for local and UTC times. As implementation detail that meant that it would produce incorrect output for formats including time zones for local time inputs. Time zone would happen be UTC from WP core setting PHP time zone to UTC on load. In 5.3 release this behavior was flipped to produce correct local time output for local time input, as considerably more common. Accordingly now ''UTC'' input produces incorrect output for formats with time zone. While the function is common and familiar, it is hardly irreplaceable and its design is so limited it seems to be unsalvageable. I propose we move towards eliminating its use in core and eventually formally deprecating it." Rarst 1 53970 Add HTML mark tag support on Gutenberg Editor normal normal Awaiting Review enhancement new 2021-08-20T12:33:37Z 2021-08-20T14:57:34Z "Hi, In Gutenberg when we are writing a paragraph or a list item, sometimes it is needed to highlight a certain part of the text without bolding them. In HTML 5 there is a specific tag for this called `mark`. Using the mark tag we can highlight a certain part of the text so it will look like we have highlighted that text without doing anything crazy. Here is an example code: {{{#!php <p>I have a car and that car is <mark>super fast</mark> even on bad roads.</p> }}} You can take a deep drive into the `mark` tag [https://developer.mozilla.org/en-US/docs/Web/HTML/Element/mark here on the MDN Docs]. Currently, the only way to achieve it is by writing the paragraph or list item in the Gutenberg and then edit them as HTML and add the tag at which point Gutenberg doesn't recognize the element as the same element and ask users to convert it to HTML block. It would be really awesome if a new icon can be added in the Gutenberg formatting menu just beside the icons of Bold, Italics etc. This Highlight icon will simply add the `mark` tag to the selected text and the rest will be automatically taken care of by the browser. It can further be custom styles in CSS if someone wants to do it. Honestly, it would be awesome to see it in Gutenberg." isaumya 1 60784 Add __experimentalSkipSerialization support to shadow has-patch Editor normal normal Awaiting Review enhancement new 2024-03-15T16:00:00Z 2024-03-18T10:35:51Z "What? This is a backport of the merged Gutenberg PR https://github.com/WordPress/gutenberg/pull/59887 When a dynamic block defines experimentalSkipSerialization in its block.supports.shadow the styles continue to be printed to the block wrapper element. This PR corrects that behavior so that shadow behaves like border, color, and others. Why? This provides the expected behavior for dynamic blocks that need to opt out of having the shadow styles printed to the block wrapper. How? Added a check at the start of the render function to return an empty array of the block has set experimentalSkipSerialization (This is my first attempt at submitting a Gutenberg PR to be included back into WP Core so welcome any advice if I'm doing this wrong)" ColinD 4 60063 Add a dynamic hook to filter the pre-rendered content of a single block. Editor normal normal Awaiting Review enhancement new 2023-12-13T18:02:02Z 2023-12-13T18:02:02Z "Introducing a dynamic hook, `pre_render_block_{$block_name}`, as a complement to the already valuable `pre_render_block` hook could increase the developer experience. This new hook aims to filter the pre-rendered content for a specific block, eliminating the need for conditional statements within the `pre_render_block` filter callback. I searched on GitHub, and many folks use the `pre_render_block` and add a check to ensure the logic runs only for a specific block. Some examples: - https://github.com/WordPress/wordcamp.org/blob/7823c7aa3c076f37e99a9ba8f66050ed569b94e4/public_html/wp-content/mu-plugins/blocks/source/variations/sessions-list/controller.php#L19 - https://github.com/buddypress/buddypress/blob/1f5ff3be1880a59a8644b00f03aeb1cd1cdd5b74/src/bp-core/bp-core-filters.php#L108 - https://github.com/woocommerce/woocommerce/blob/22cab4ffc974cfedf1ed3629de04fba20dfd02ba/plugins/woocommerce/src/Blocks/BlockTypes/ProductQuery.php/#L171-L191 For the same reason, the `render_block_{$block_name}` hook has been implemented: https://core.trac.wordpress.org/ticket/46187. I'm happy to work on it!" gigitux 60773 Add a new Post from the editor Editor normal normal Awaiting Review enhancement new 2024-03-14T10:23:55Z 2024-03-14T11:34:51Z " When you are in the editor of an existing Post, there is no way to add a new Post from there. You need to go back to ""View Posts"" -> ""Add New Post"". I would love to have this new usability feature added in the core." klevismiho 1 56522 Add filter for wp_get_layout_style Editor 5.9 normal normal Awaiting Review enhancement assigned 2022-09-06T15:56:00Z 2023-02-09T21:27:59Z "Currently, there is no filter for the output of this function, which contains the layout styles associated with a given block. Having this be filterable seems conducive to clean overrides versus having a specificity battle with inlined styles (which in many cases would require `!important` to override), while allowing this to be a very intentional, opt-in feature. I will be working on a patch for this which I'll add to the ticket once created. " 10upiansvo 2 57420 Add filter for wp_theme_get_element_class_name has-patch Editor normal minor Awaiting Review enhancement new 2023-01-04T10:09:25Z 2023-01-18T10:44:07Z "Hello, I think it would be a good idea to add a filter to the wp_theme_get_element_class_name or WP_Theme_JSON::get_element_class_name function return. This would allow to add classes programmatically to the elements. It could be something like that : {{{#!php <?php public static function get_element_class_name( $element ) { $class_name = ''; if ( array_key_exists( $element, static::__EXPERIMENTAL_ELEMENT_CLASS_NAMES ) ) { $class_name = static::__EXPERIMENTAL_ELEMENT_CLASS_NAMES[ $element ]; } return apply_filters( ""element_{$element}class_name"", $class_name ); // Or another option, without dynamic part. return apply_filters( ""element_class_name"", $class_name, $element ); } }}} Have a nice day." benjgrolleau 2 25070 Add filter to use do_accordion_sections for post metaboxes dev-feedback Editor 3.6 normal normal enhancement new 2013-08-18T15:44:46Z 2019-06-04T19:24:15Z "It'd be really cool to be able to use the new do_accordion_sections to render post metaboxes. Adding a filter to allow devs to do that, will also make easier to render custom styles (tabs or whatever). Attached patch is a really quick proof of concept. " MZAWeb 5 28566 "Add our own ""Are you sure you want to leave this page?"" message when possible" Editor normal normal enhancement new 2014-06-17T16:03:30Z 2019-06-04T19:25:58Z "We could do that by listening for clicks on the page that would unload it. Unfortunately it's not possible to display our own dialog when navigating away with the browser, but I think having our own dialog half of the time is better than nothing. I quite like how FaceBook has done something similar. For the editor, we could have an extra button to save the post. See also the usability test @designsimply has done for the front-end editor. http://make.wordpress.org/ui/2014/03/05/front-end-editor-usability-test-2/#comment-24315 " iseulde 6 51534 Add post type Blocks (reusable blocks) into menu dev-feedback Editor 5.5 normal normal enhancement reopened 2020-10-15T13:41:48Z 2023-05-23T09:00:15Z Because you can manage all reusable blocks - creating new, changing or import from JSON, it will be convenient to have a proper menu link to 'edit.php?post_type=wp_block', possibly in the Appearance menu. oglekler 20 54975 Allow filtering global styles Editor 5.9 normal normal Awaiting Review enhancement new 2022-01-28T14:45:57Z 2023-03-02T08:45:32Z "Due to using `!important` and possibly high selector specificity in CSS declarations in global styles code produced by WordPress 5.9, many themes supporting Gutenberg editor (but not block/FSE themes) [https://github.com/WordPress/gutenberg/issues/38252#issuecomment-1023345698 experience issues] with WordPress overriding their custom font sizes and color palettes ([https://developer.wordpress.org/block-editor/how-to-guides/themes/theme-support/ registered via `add_theme_support()`]). It would be great if WordPress allowed at least filtering global styles code (produced by [https://github.com/WordPress/WordPress/blob/5.9/wp-includes/global-styles-and-settings.php#L88 `wp_get_global_stylesheet()`]) with a hook, such as: changing [https://github.com/WordPress/WordPress/blob/5.9/wp-includes/global-styles-and-settings.php#L133 `return $stylesheet;`] in `wp_get_global_stylesheet()` to: {{{#!php /** * Filters the global CSS styles code. * * @since 5.9.1 * * @param string $stylesheet CSS styles code. * @param array $types Types of styles to load. * @param array $origins A list of origins to include. */ return apply_filters( 'global_styles', $stylesheet, $types, $origins ); }}} That way WordPress can keep its global styles intact (even with `!important` if that's really the best way to provide the styles...) for block/FSE themes and Gutenberg editor themes can adapt the global styles by using this filter if needed. (Block/FSE themes and themes that do not add support for Gutenberg editor do not seem to be affected.) ---- More info can be found in https://github.com/WordPress/gutenberg/issues/38252#issuecomment-1023345698 and related comments." webmandesign 4 37577 "Allow users to ""petition"" for a post lock to be released" dev-feedback Editor normal normal Future Release enhancement new 2016-08-04T21:23:34Z 2020-05-25T17:12:05Z "Our post locking prevents two people from editing the same post, but introduces some awkwardness, in that your options are to wait and hope they exit the post (which slows you down), or boot them out (which could be rude or disruptive), or communicate with them through some other medium (which you might not have). It would be nice if there was a third option... to ""raise your hand"" about wanting to edit the post. If the editing user is actually working on the post, they could say ""not now,"" or they could ""save and release"". Or, if there is no response, that could be communicated to the petitioning user, as that could indicate that the editing user has left the post open and abandoned their computer. We could even communicate when the last mouse movement or on-page activity was." markjaquith 7 25471 Allow wp_link_dialogue to open in contexts outside of the editor Editor 3.6.1 normal normal Future Release enhancement new 2013-10-02T22:35:38Z 2019-06-05T07:08:55Z "I use wp_link_dialogue within metaboxes to provide a nicer way for users to enter URL's. Its handy for say slideshows, or profiles that point to external sites. wp_link_dialogue works perfectly on pages where an editor instance exists, but on pages that don't have editor instances it fails due to wplink.js looking for the global wpActiveEditor var, which of course doesn't exist as there is no editor. Aside from the js error, invoking the dialogue on pages with no editor involves calling _WP_Editors::wp_link_dialog(); directly to output the required html which isn't ideal, or calling wp_editor and using css to hide it, which just seems lame. Ideally wp_link_dialogue should function independently of the editor. Approaches 1. Amend wplink.js to allow wpActiveEditor to be undefined and pass in a seperate value for textfield to the open method. Con is that wp_link_dialog() still has to be invoked with a call to _WP_Editors::wp_link_dialog() 2. Move wp_link_dialog into a seperate class, amend _WP_Editors to call this class and allow for a user defined textfield within wplink.js " we_tell 1 54653 Alphabetically sorted Headers in a Single Blog Post Editor normal normal Awaiting Review enhancement new 2021-12-18T00:18:14Z 2023-10-29T04:38:18Z "I would like to request a new feature enhancement where it would be possible to automatically sort Headers (H2, H3, etc) within a single blog post. This I believe would help blog posts that have long content and need the content to be alphabetically sorted. I originally asked this in a WordPress thread which may be found here: https://wordpress.org/support/topic/alphabetically-sorted-headers/#post-15173407" droyed 57485 Author list on editor only pulls first 50 authors. close Editor 6.1.1 normal normal Awaiting Review enhancement new 2023-01-17T18:50:22Z 2023-01-19T00:27:53Z "Current version: 6.1.1 Bug occurs even when all plugins deactivated, and default theme applied. From the block editor, on the right panel, when I select 'Author' - the dropdown list only shows the first 50 authors. The expected result would be 100+ I can type the authors name, who is not featured on the dropdown, and it will search and find that author. But ideally their name would be on the dropdown. " mwblockengine 1 48279 Avoid block markup in starter content and default pages Editor 5.0 normal normal Awaiting Review enhancement new 2019-10-10T17:28:28Z 2020-11-24T04:11:49Z "In #45151 the Hello World, Sample Page and Privacy Policy content were updated to supply block markup for the editor. The Privacy Policy was the only one that took into account the classic editor and avoided providing the markup in that case as it was also used on the guide which isn't an editor page. In #48130 the starter content is being updated to account for the block editor by adding the necessary markup. It would be nice for users of the classic editor to suppress that markup when they're not using the block editor similar to what was done for the Privacy Policy content." garrett-eclipse 2 60587 Block hooks: Allow filtering of block data on traversal Editor normal normal Awaiting Review enhancement new 2024-02-20T23:32:27Z 2024-02-20T23:32:27Z "When parsing blocks, it would be useful to be able to update block attributes, add metadata, or even potentially update a block name in a template for use in the client. In the WooCommerce product editor, block templates are used ""statically"" in that the product form template is provided to the merchant without the ability to add/remove/reorder blocks. If static templates are a valid use case for blocks, I believe many static template blocks will need to be editable to allow third parties some level of configuration. In this case, we need to allow adding of metadata to blocks to control their visibility, but this can also be useful for updating the titles of blocks or adding block bindings to the templates. {{{#!php <?php $block_to_modify = array( 'blockName' => 'woocommerce/product-tab', 'attrs' => array( 'id' => 'pricing', 'title' => 'Pricing', // Extensions may want to update this property. 'metadata' => array(), // Need the ability to add product type association, block bindings, and block hiding conditions here. ), ); }}} Templates and template parts that are parsed and retrieved via the REST API pass through the [traverse_and_serialize_blocks](https://github.com/WordPress/wordpress-develop/blob/bd78247617da4e23c02876423f400030eb0c75a3/src/wp-includes/blocks.php#L1356) function. Adding a hook to the top of this function would allow flexibility in not only static templates, but also traditional persisted templates where an extension wants to replace block types with newly added blocks. {{{#!php <?php $block = apply_filters( 'pre_traverse_and_serialize_block', $block ); }}} Note that this is already possible by hooking into `get_block_templates` and re-traversing the tree but is less convenient and means poorer performance since all templates will have to be traversed at least twice." joshuaflow 60696 Block hooks: Allow insertion of a hooked block with attributes has-patch Editor normal normal Awaiting Review enhancement new 2024-03-05T21:07:33Z 2024-03-05T21:16:21Z "Previously, the `hooked_block_types` and `hooked_block_{$hooked_block_type}` filters were introduced to allow templates to be extended with blocks by third parties. While those two filters work well with unique blocks, they prove challenging when working with generic blocks that can be customized via attributes. Attempting to hook a block into an area that has already inserted the same block type, but with different attributes won't work with the existing filters. [This PR](https://github.com/woocommerce/woocommerce/pull/44860) demonstrates how attempting to set attributes via the `hooked_block_{$hooked_block_type}` filter will overwrite all of the same block types that have been hooked in. It may be possible that block hooks aren't the appropriate venue for this API, but a way to insert blocks with attributes into templates is quite useful, even in the context of the core editor. **Requirements: ** * [ ] Allow insertion of blocks with block attributes in a single filter * [ ] Allow checking anchor block properties before inserting hooked blocks * [ ] (optional, but preferred) Allow nesting hooked blocks onto previous hooked blocks" joshuaflow 1 56917 Block menu editor reporter-feedback Editor normal normal Awaiting Review enhancement new 2022-10-27T06:42:41Z 2022-10-27T07:25:03Z "I would suggest an enhancement in the post editor while editing link menus some context help should appear when you hover the mouse on the links. Also, I would like to have a way to revert to the classic menu editor. For the moment it seems a lot more faster and functional to work with it. " capbussat 1 59462 Blocks: Introduce a way to enqueue view scripts only when needed for interactivity Editor 6.4 normal normal 6.6 enhancement assigned 2023-09-26T16:47:58Z 2024-02-12T20:55:48Z "It's based on the discussion started by @felixarntz in https://github.com/WordPress/wordpress-develop/pull/5262#discussion_r1336258326 when reviewing the current handling for interactive blocks back ported from the Gutenberg plugin for WordPress 6.4 Beta 1. As of today, the view scripts get enqueued during block rendering in `WP_Block::render`: https://github.com/WordPress/wordpress-develop/blob/6a61084beca680a78ed581d035d76d592d4ef117/src/wp-includes/class-wp-block.php#L271-L274 The custom code used with all core blocks applies the optimization by ensuring that these view scripts are only listed for enqueuing when the block instance of a given type is going to need them. For example, in the Image block, the view script is only useful when the Lightbox feature is activated for the block. There can be multiple block instances of the same type, so the view script gets removed from the list when the functionality isn't used. However, as soon as any block instance needs it, it must be added and never removed. The reason why we didn't go with `wp_enqueue_script()` and `wp_dequeue_script()` is that the script handle would still need to get removed from `view_script_handles` for the block type as it gets automatically registered through `block.json` and later enqueued in the code path shared in the snippet above. It would still have to be manually enqueued when it is needed. In the long run, I hope we can develop some sort of automatic detection based on Interactivity API directives that would inform whether a view script is necessary for the block. It could even allow us to introduce new strategies that allow loading scripts based on some triggers like: when a user hovers over a UI element or when the UI element is visible on the screen." gziolo 6 54665 Blog posts page might be confusing for users as the content and layout in the editor does not reflect on the frontend Editor normal normal Awaiting Review enhancement new 2021-12-19T19:53:07Z 2022-01-18T23:56:03Z "-- Steps to recreate -- 1. Go to the blog page (which can be found on the existing pages from clean installation) 2. Edit the page and add some blocks or change the layout of the query loop block and save it 3. Go to the frontend and look for the changes, the blog page doesn't show the layout change or new blocks as expected. -- Details -- By default in 5.9 beta 3, there is a blog page that shows the latest posts. When you edit the page and add some blocks or change the layout of the query loop block it doesn't get updated on the frontend. Either we have to notify the users that, blog page doesn't work this way or disable users from editing it. " lakshmananphp 3 50803 Button link missing from block settings Editor normal normal Awaiting Review enhancement new 2020-07-29T13:22:52Z 2021-03-09T17:37:03Z "When making a new post, adding a link to a button from the right side Block settings doesn't work, but adding it from the quick settings that appear next to block works. Here is a video regarding the problem https://www.loom.com/share/6cf1f260edb7441d8a46f6bab0cfe804" irinelenache 3 59596 Cache file sizes of core block style files. dev-feedback Editor 6.3 normal normal Future Release enhancement new 2023-10-11T12:15:44Z 2023-10-11T15:38:58Z Introduced in #58528 / [56044], there is now cache for file lookups for core block styles. This was to save file lookups and improve server response time. However, when styles are processed in `wp_maybe_inline_styles` a file lookup is done using `wp_filesize` to get the file size and if the file exists. These lookup can be expensive. As there is already an existing transient cache, reuse that to also cache the file size of the files. spacedmonkey 4 40629 Change default template Editor 4.7.4 normal normal Future Release enhancement new 2017-05-02T06:17:50Z 2020-11-23T05:58:04Z "I recently required to change the default template of theme to another template. The site is already working since 3 months and now client wants to change the default template to the sidebar template while publishing new pages. There is no such action or filter available for it. I am trying to add filter for it but if anyone have other suggestions, please let me know." pratikgandhi 2 57922 Changing class-wp-editor.php Insert/Edit Link header from H1 to H3 or other reporter-feedback Editor 6.1.1 normal normal Awaiting Review enhancement new 2023-03-14T18:43:46Z 2023-03-14T23:05:22Z "Hey there! I am using the wordpress core feature of having a blog page host all our posts. There is a modal in the class-wp-editor.php file located in the wp-includes directory. On line 1868 (or around there) a modal is shown with the title ""Insert/edit link"". This line is wrapped in an H1 which from an SEO standpoint is really unfortunate as google sees that as a title for the page. Even if you put an additional H1 on the page above the modal, google will still see it as the title of the page. And in our case that's every paginated blog page. I think it would be really beneficial for everyone to change that header to an h3 or lower. H2 is fine as well but I don't think it requires that level. Thank you! All the best, D" donniewalden707 5 55958 Checking if _admin_notice_post_locked should be called can slow down the post editing Editor 4.9 normal normal Awaiting Review enhancement new 2022-06-10T10:18:56Z 2022-06-13T07:51:10Z "On `wp-admin/edit-form-advanced.php:28`, WordPress checks if multiple users exist to call _admin_notice_post_locked. In some cases, plugins add additional filters to all `get_users` calls to ensure that a user role doesn't have access to private data. If these checks use meta value comparisons, it can slow post-editing on sites with large `user_meta` tables. The root cause of this issue is how WordPress stores and validates user capabilities, but the `_admin_notice_post_locked` check could be optimized without fixing the root cause. Some suggestions on how to fix this would be: - caching the `$check_users` value - using a boolean option that is true if a site has multiple users - adding a filter that allows manually setting `$check_users` to skip this check " berislav.grgicak 2 34681 "Consider removing the ""Disable the visual editor when writing"" option" Editor normal normal Future Release enhancement new 2015-11-14T14:41:57Z 2019-01-08T09:51:38Z Is anyone even uses it? considering the lack of love the text editor gets I truly hope that the answer is no. mark-k 20 58153 Ctrl + SHIFT + D conflicts with browser shortcuts Editor 6.2 normal normal Awaiting Review enhancement new 2023-04-18T16:29:13Z 2023-04-18T18:02:12Z "Ctrl + SHIFT + D, the shortcut for duplicating blocks doesn't work as expected. Let's take Chrome, for example. Case where it works 1. Create a block 2. Execute the shortcut inside the editor 3. Shortcut works Case where it doesn't work 1. Create a block 2. Select the block in the List View, then click it one more time 3. A blue border appear around the block in the block editor 4. Execute the shortcut 5. The ""Bookmark all tabs"" Chrome modal appears At this point, if you click another block, shortcut works. There seem to be an issue when a block is clicked twice from the List View. That's where browser takes over and the shortcut doesn't work. Same thing with Firefox but for this browser, the ""Add bookmark"" modal opens up. That's generally quite annoying and it has been there forever." quantum_leap 55913 Custom Fields table can have extra-wide checkboxes and radio buttons Editor 6.0 normal normal Awaiting Review enhancement new 2022-06-03T20:11:08Z 2022-06-04T00:33:37Z "In [https://wordpress.org/support/article/custom-fields/ Custom Fields] feature, there is an unforeseeable problem in a specific CSS rule defined for ''div#postcustomstuff''. More specifically there is this defined in wp-admin/css/edit.css: {{{ #postcustomstuff table input, #postcustomstuff table select, #postcustomstuff table textarea { width: 96%; margin: 8px; } }}} While this works well in the situation the rule was written for, it hides a problem when attempted to reuse the code for other cases, where a checkbox or checkbox or radio button is used, as it stretches them out. [[Image(https://i.ibb.co/hmX30Nx/Screenshot-2022-06-03-230840.jpg)]] You might want to consider excluding those two from the CSS rule... {{{ #postcustomstuff table input:not([type=checkbox]):not([type=radio]), }}} " princeofabyss 1 60001 Deprioritize categories dev-feedback Editor normal normal Awaiting Review enhancement new 2023-12-01T19:26:44Z 2024-02-14T00:08:28Z "In the old days of blogging, we used categories. Nice, hierarchical structures which we all understood how they worked. However, as I was recently discussing the many issues around tags and categories with @matt, he made a strong point: people coming into blogging these days might understand tags a whole lot better than categories. We also agreed that the fact that by default, WordPress ships with two taxonomies, (categories and tags), is less than ideal from a new user UX perspective. So I'm proposing a change (for which @matt should actually get credit as he said it first in our conversation): we should (slowly) deprioritize categories. To start, on the pre-publish checks, we should not suggest people add a category to their post if they've never done so, or if they only have posts in the ""Uncategorized"" category. I'd also suggest removing the Categories panel if that's the case. Would love to hear other opinions, or see implementations :)" joostdevalk 3 53790 Do not close block inserter when selecting blocks Editor normal minor Awaiting Review enhancement new 2021-07-27T01:45:40Z 2021-07-27T03:44:12Z "I suggest changing the behavior of the list of all blocks in the block editor to NOT automatically close the list as soon as the user has clicked elsewhere on the page. The automatic closing of the list feels jarring and unexpected, and it increases the number of clicks required to build a post with many blocks. See my short video (1:27) for specifics: https://www.youtube.com/watch?v=SfZqZxzKUuk" curtiskessler 1 59017 Duotone not working in 6.3 Editor 6.3 normal normal Future Release enhancement new 2023-08-09T07:35:24Z 2023-10-03T20:49:01Z "When the WordPress Accessibility Day website updated to 6.3 today the duotone filters we have set on images stopped working. Rolling core back to 6.2.2 solves this problem. #58994 references changes to duotone in 6.3, however, bugs still exist. Here's an example page on a site running 6.3 where duotone is no longer working: https://2023.wpaccessibility.day/about/organizers/. " alh0319 22 57421 Editor: add new parameter to hook when enqueuing block assets has-patch Editor normal normal Awaiting Review enhancement new 2023-01-05T10:12:09Z 2023-01-10T18:16:16Z "This trac ticket is part 1 of a larger discussion spanning multiple issues, about the **potential issues plugin authors may face when developing blocks that rely on the @wordpress/editor dependency**. - This trac ticket is **part 1**: it suggests an option to make conditional asset enqueuing easier in the different block editors. - In **part 2**, I would like to suggest an option to declare support for specific editors at block registration. Discussion about this is happening in [https://github.com/WordPress/gutenberg/issues/46900 this Gutenberg issue]. ---- When enqueuing assets for a block registered in a plugin, one can rely on `block.json`, or hook into the `enqueue_block_editor_assets` hook to enqueue necessary scripts and styles in the block editor. This works well, but offers some challenges with some specific blocks. For instance, your block may rely on the `@wordpress/editor` dependency to handle some of its functionality. That dependency is available in the post editor, but cannot be used in the widget editor or the site editor. See #53569 and [https://github.com/WordPress/gutenberg/issues/33203 33203-gutenberg] for more information on this topic. In this scenario, one may want to enqueue the block's scripts (and its `wp-editor` dependency) **only in the post editor**. The `enqueue_block_editor_assets` hook doesn't currently offer this flexibility. As a result, folks wanting to do that must add a check before they enqueue. Something like this for someone not wanting to load in the widget editor for example. {{{#!php <?php function enqueue_block_assets() { global $pagenow; // Return early when viewing the customizer or widgets screen. if ( is_customize_preview() || 'widgets.php' === $pagenow ) { return; } wp_enqueue_script( 'here' ); } }}} I was consequently wondering if it were possible to extend the `enqueue_block_editor_assets` hook a bit, so it could be used just like the `admin_enqueue_scripts` hook today, so we could do something like this: {{{#!php <?php function enqueue_block_assets( $hook ) { // We only need our script in the post editor // not in the widget editor or the site editor. if ( ! in_array( $hook, array( 'post.php', 'post-new.php' ), true ) ) { return; } wp_enqueue_script( 'here' ); } }}}" jeherve 3 57934 Exit Distraction Free Mode close Editor normal normal Awaiting Review enhancement new 2023-03-16T05:35:48Z 2023-03-16T13:20:24Z "When distraction free mode is accessed via the menu, there is no obvious way to switch back. I did some searching and Control + Shift + / is supposed to be the toggle, but it does not work for me. It did activate another application (KeePass), but I closed that (it runs as a service), but that made no difference! I did discover that when you move the mouse close to the top of the editing area a tool bar appears - which helps, but I found the mouse needs to be in an exact location for the drop down to appear. So it is not an obvious action. But still no luck with the shortcut (tried on two different Window 11 PC's) Dave" DavePorter 3 53602 Expand get_post's $filter parameter to allow a blocks as a return shape Editor 5.8 normal normal Awaiting Review enhancement new 2021-07-06T09:56:21Z 2023-03-29T12:49:31Z "Part of ""PHP APIs Overview"" in Gutenberg: https://github.com/WordPress/gutenberg/issues/8352. `get_posts` accepts three arguments at the moment: https://developer.wordpress.org/reference/functions/get_post/#parameters The proposal is to expand the `$filter` parameter to accept also `blocks` as an option: > (string) (Optional) Type of filter to apply. Accepts 'raw', 'edit', 'db', or 'display'. > Default value: 'raw' The implementation details are still to be defined but it would probably require a [https://developer.wordpress.org/reference/functions/parse_blocks/ `parse_block`] function call. " gziolo 3 57595 Filter comments_array not called for Block comments reporter-feedback Editor normal normal Awaiting Review enhancement new 2023-02-01T00:38:55Z 2023-02-01T07:47:01Z "This is the code for `render_block_core_comment_template()`: {{{ // Get an array of comments for the current post. $comments = $comment_query->get_comments(); if ( count( $comments ) === 0 ) { return ''; } $comment_order = get_option( 'comment_order' ); if ( 'desc' === $comment_order ) { $comments = array_reverse( $comments ); } $wrapper_attributes = get_block_wrapper_attributes(); return sprintf( '<ol %1$s>%2$s</ol>', $wrapper_attributes, block_core_comment_template_render_comments( $comments, $block ) ); }}} But that doesn't allow a plugin author to provide a custom ordering. In my case I am adding comment voting and we want to reorder comments by their up/down votes. I believe that the following line should be inserted prior to the `$wrapper_attributes` assignment: {{{ $comments = apply_filters( 'comments_array', $comments, $block->context[postId] ); }}} " cmautner 2 51258 Fire an action when `replace_editor` is filtered to true has-patch Editor 4.9 normal normal Future Release enhancement new 2020-09-05T23:30:22Z 2021-11-04T23:11:38Z "The `replace_editor` filter was added during the development of Gutenberg to make it possible to implement multiple editor options. See [41829]. Gutenberg [https://github.com/WordPress/gutenberg/blame/08da64b407e95683946b34cf6ebca5d52ac28227/gutenberg.php previously used this filter] to inject necessary hooks and markup before returning `true` to indicate that the editor had been replaced. The `replace_editor` filter is no longer used by the block editor or the Gutenberg plugin—as it has become the editor. Instead, we rely on `use_block_editor_for_post()` to determine whether the block or classic interface should load. In the current state, if `true` is returned via `replace_editor`, the current screen is set and the admin footer markup is loaded. There is no clean opportunity to add markup or other logic. This can be done during the filter, but that does not provide a clean pattern, especially if one or more pieces of code may be making a decision on editor replacement. See #50216 for a description of how it may fire multiple times. The patch attached to this ticket adds a `replaced_editor` action in the `post-new.php` and `post.php` files so that plugins can cleanly inject replacement editor code. " jeremyfelt 16 60593 Font Library: add terms and conditions has-patch Editor trunk normal normal Awaiting Review enhancement new 2024-02-21T18:24:38Z 2024-02-21T20:06:43Z " What problem does this address? - Give users a way to accept or reject loading the data from a registered font collection. - Give font collection creators the ability to add a license text to inform users about the terms and conditions of the font collection. What is your proposed solution? - Add terms and conditions field in the font collection. - Render the terms and conditions from a font collection in the frontend. - Make the Google fonts permission dialog font collection agnostic. " mmaattiiaass 3 60152 "Footnotes save to public, unprefixed ""footnotes"" field" Editor 6.4.2 normal normal Awaiting Review enhancement new 2023-12-26T12:05:41Z 2023-12-27T01:37:52Z "We use a custom solution for adding footnotes to posts. All of our posts with footnotes became uneditable after WP's own implementation for footnotes was introduced. When trying to edit a post with ""our"" footnotes, the editor throws a JS error ""i.map is not a function"" for this line in core-data.min.js {{{ i = t.footnotes ? JSON.parse(t.footnotes) : []; if (i.map((e => e.id)).join('') === r.join('')) return n; }}} Posts containing footnotes do not save or update anymore. We believe this is because WP footnotes are saved to a public, unprefixed meta field ""footnotes"" (see wp-includes\blocks\footnotes.php, 70), which conflicts with our own custom footnotes implementation, which already uses the exact same field name. " Milber 55780 Global Styles: Introduce filter for toggling stylesheet cache has-patch Editor 5.9 normal normal Awaiting Review enhancement new 2022-05-19T15:03:44Z 2022-11-10T01:04:24Z "Currently, for `wp_get_global_stylesheet()` and `wp_get_global_styles_svg_filters()` we'll cache the merged stylesheet data per theme in a transient for a minute if: * `WP_DEBUG` is not enabled; * `SCRIPT_DEBUG` is not enabled; * This is not a REST API request * We're not in the admin However, for huge multisite instances that leverage object caching, this can result in thousands of `wp_cache_set()` operations per minute, which can be quite intensive. At the same time, retrieving the global stylesheet data and merging it, on a well-optimized server will usually take very little time (up to a few milliseconds). As a consequence, we end up wanting to disable that caching, because it creates more problems than it solves. However, there is no good trigger for disabling just that cache. I'd like to propose a filter that allows us to disable the global stylesheet cache. While it will still be enabled by default, disabling it will be easy when needed." tyxla 5 59595 Improve performance of WP_Theme_JSON::compute_style_properties pereirinha has-patch Editor 5.8 normal normal 6.6 enhancement assigned 2023-10-11T11:49:37Z 2024-02-12T21:49:13Z When profiling WP 6.4 ( other releases ), it was not that the method `WP_Theme_JSON::compute_style_properties` can result in around 6-11% of server time spent to generate a page. Research should be conducted to see if this method and child function / method calls, could be improved, to improve performance of this method. spacedmonkey 22 29923 Improve the writing experience on mobile dev-feedback Editor normal normal Future Release enhancement new 2014-10-11T01:01:50Z 2019-06-05T07:06:53Z "Maybe something like the screenshot attached. Problems: * In iOS, position fixed doesn't work when the keyboard is open. And that's exactly when we need it. But there are workarounds. We can absolute position everything and make only the iframe scrollable. Oh wait... * `overflow: hidden;` doesn't work on `html` and `body`. Can be worked around by using `#wpwrap` instead. We can also block scrolling completely with JS since the content we want to scroll is in an iframe. But... * For some reason Apple decided to automatically adjust the height of iframes to its content. So for this we'll need to force a specific height on the iframe, `html` and `body` tags, and make the `body` scrollable. Seems to work. * There are no events fired when the keyboard shows or hides. Also no resize event. The keyboard kind of floats over the window. This means that the window height doesn't change and that we can't detect the height of the visible area and keyboard. But it's possible to work around that too. :) The screenshot is from a working prototype. Ideally there should be a left and right arrow on the toolbar so you can browse the tools. The post.php screen stays mostly the same, with a preview of the content. When you click on it, it goes ""fullscreen"". When you hide the keyboard or tab away, it goes back to the original screen. The alternative is to leave things as they are, with the toolbar unpinned on top of the editor, but we could still move all the buttons to one row with arrows to browse them." iseulde 8 46129 Inconsistent logic in allowed_block_types Editor normal normal Awaiting Review enhancement reopened 2019-01-28T18:05:51Z 2021-02-11T21:44:41Z "There are many filters like that in WP (for example `mime_types`, `manage_posts_columns`, and so on) and all of them are getting a full list of items as `$allowed` param. This way developers can easy manipulate the list (add, remove and so on). On the other hand `allowed_block_types` takes a totally different approach. If all blocks are allowed, you get ""true"" as list of allowed blocks. OK, it may look convenient, but... 1. It's inconsistent with any other WP filter... 2. It makes it really hard to blacklist blocks (let's say we want to remove only 2 blocks). 3. It makes getting the list of registered blocks impossible. PS. I know - you can do this in JS. But I don't think that it's very convenient to put some options in PHP, store these options in DB and then in every request pass this value to JS and process it on client-side..." drozdz 2 36312 Inline link toolbar: add advanced panel Editor normal normal enhancement new 2016-03-23T20:36:56Z 2019-06-04T19:35:35Z Attempt to move advanced fields in the link modal to the inline link toolbar (under the gear icon) and make it easily extendible. Thoughts are welcome. :) iseulde 3 52659 Insert Link tool should not apply anchor tag before anchor has been applied Editor normal normal Awaiting Review enhancement new 2021-02-25T16:42:37Z 2021-02-25T18:27:21Z With the anchor around the text before any link is applied, the user sees the text as underlined and can mistakenly believe the link is already applied. If the user believes the link is already applied s/he may hit the escape key to hide the insert-link tool and they of course lose their work as the text reverts to its pre-linked state. stevesicherman 60654 Install several formats of the same font one by one is not possible Editor trunk normal normal 6.6 enhancement new 2024-02-28T17:12:31Z 2024-03-18T11:52:17Z "== Bug Report === Description It's not possible to install multiple formats of the same font by installing one format at a time, but it works if you select different formats for the same upload. === Environment - WordPress: 6.5-beta3 - PHP: 8.1.15 - Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1q mod_fcgid/2.3.10-dev - Database: mysqli (Server: 8.0.30 / Client: mysqlnd 8.1.15) - Browser: Chrome 122.0.0.0 (Windows 10/11) - Theme: Twenty Twenty-Four 1.0 - MU-Plugins: None activated - Plugins: * WordPress Beta Tester 3.5.5 * Debug Log Manager 2.3.1 === Steps to Reproduce 1. Go to Apparence > Editor > Styles. 2. Click on Edit styles button then Typography (in settings sidebar). 3. Click on Manage fonts button then Upload. 4. Click on Upload font and select the font on your computer. Choose a font for which several formats are available (ttf, woff, woff2) and select only one format, e.g. ttf. 5. The font is uploaded and installed. 6. Then click again on Upload font and select another format for the same font, e.g. woff. 7. 🐞 The following error message is displayed: ""No font faces were installed. Fetch error: A font face matching those settings already exists."" But if you upload several formats (ttf, woff and woff2) of the same font at once, then all 3 files are imported and the font is installed 3 times. === Expected Results 1. ✅ It should be possible to install different formats of the same font, at once or in several times. === Actual Results 1. ❌ When uploading different formats of the same font at once, all files are uploaded and installed, with no error message. But if you've already uploaded a format for a font (e.g. ttf), you can't upload the font in another format (such as woff or woff2), and an error message is displayed." jdy68 5 59131 Introduce filters to modify/inspect the blocks returned by `do_blocks()` luisherranz has-patch Editor 6.4 normal normal Future Release enhancement assigned 2023-08-17T15:40:00Z 2024-02-08T12:33:38Z "The `do_blocks()` function provides a way to process blocks including block parsing and their subsequent rendering. Currently, it is impossible for plugins (including Gutenberg) to inspect those values or customize that logic. A couple of filters should be introduced that allow to modify or inspect the blocks before they are included in the final response: - The first one receives the array of parsed blocks returned by the `parse_blocks` function. This filter provides an easy way to inspect or even modify the blocks as a whole, and also gives the opportunity to know when a call to `do_blocks` has started. - The second one receives the final HTML rendered returned by the recursive call to `render_block`. This filter provides an easy way to inspect or even modify the final rendered output as whole, and also gives the opportunity to know when a call to `do_blocks` is about to finish. With the combination of these two filters, it's also possible to ignore nested calls of `do_blocks` and avoid processing the HTML of blocks more than once, something that is not possible today using `render_block` alone. Target is merging into 6.4. " luisherranz 33 57987 Introduce new `wp_word_count` function has-patch Editor normal normal Awaiting Review enhancement new 2023-03-27T02:06:10Z 2023-08-11T16:46:06Z "In the WordPress core, there is a JavaScript-based `WordCounter`(https://core.trac.wordpress.org/browser/trunk/src/js/_enqueues/wp/utils/word-count.js) class to count the number of characters appropriately based on language type. My understanding is that this logic is incorporated into the `@wordpress/wordcount`(https://github.com/WordPress/gutenberg/tree/trunk/packages/wordcount) package in Gutenberg. This utility is used in the document panel of the block editor to calculate the number of characters. Also, in Gutenberg PR(https://github.com/WordPress/gutenberg/pull/43403), a new ""Post Time To Read"" block was added. This block shows minutes required to finish reading the post. This block uses the `wordcount` package to calculate the number of characters in the content from which the time is calculated. However, the exact same PHP-based logic was needed to render this block server-side on the front-end side. Therefore, we added a new `wp_word_count()` PHP function at the same time we added this block. Since this block is experimental, the block and this function will not be bundled into the core. However, given the possibility that this block may become less experimental and be incorporated into the core in the future, and given the recent addition of the `wp_get_word_count_type()` function, we may consider implementing this function in the core. This PHP function is a direct transfer of the logic of the JavaScript-based `WordCounter.count`. Unit tests have also been implemented. https://github.com/WordPress/gutenberg/pull/43403/files#diff-796959a4b78efdd6a2af2ec364be6a4af2566a57041673f2fabbd153bc743cf9" wildworks 3 36216 Keyboard shortcut for displaying contextual help Editor normal normal enhancement new 2016-03-12T10:22:18Z 2019-06-04T19:35:23Z "Some websites have help panels that pop up when a user types a keyboard shortcut. Press `command+/` on a Mac or `control+/` on Windows in Slack and a pane of keyboard shortcuts pops up. I wonder if it would be helpful to use a keybinding like this to open the ""Keyboard Shortcuts"" modal when a user is within TinyMCE. " ericlewis 2 53287 Make SEO Meta Data Easy Editor 5.7.2 normal normal Awaiting Review enhancement new 2021-05-27T12:48:18Z 2022-08-01T13:36:16Z "**What problem does this address?** Having SEO meta data is an important part of SEO. I am frustrated because in order to just add simple meta data to a page or post, a plugin must be downloaded or code must be inserted. Usually the plugin adds extra features that create additional notifications and bloat on the website. Google sees proper SEO titles and descriptions as important that is why pages without these features show up with errors in Google Lighthouse. **What is your proposed solution?** My solution is to have the Gutenberg editor use the post excerpt for the meta description, the post tile for the meta title, and the post's tags for the meta tags. That way users can have basic SEO features when they use the Gutenberg editor instead of installing an additional plugin. My solution makes it easier for new users who might not understand much about SEO to have an optimized website to compete in search engines better. Many WordPress users don't have the time or the budget to learn how to use SEO so making the editor SEO-friendly from the beginning is a start. This also removes the SEO error a page will get in Google Lighthouse for not having a proper SEO title and description. Originally from [https://github.com/WordPress/gutenberg/issues/32208]" deborah86 2 52819 Naming of Reusable block: make it required & unique Editor normal normal Awaiting Review enhancement new 2021-03-15T13:11:01Z 2021-03-15T15:39:31Z "The naming of the reusable block is not required, which results in some client sites as 4 to 5 reusable blocks with the same name. As the standard label name. This makes it really confusing to use reusable blocks, by choosing or even by deleting. It creates a mess in the reusable block overview. It would be great to require a unique reusable block name." davelo 26988 Need a Button to Cancel/Revert Page/Post Edits in Progress Editor 3.8 normal normal Future Release enhancement new 2014-02-01T22:21:17Z 2021-02-10T14:29:28Z "Currently, if you start editing a page or a post and change your mind, there is no way to easily revert those changes and it leads to a lot of confusion as as if you leave the page and come back, it will tell you that there is an auto save version. Sending to Trash makes no sense because it trashes your whole page. This is VERY confusing and user unfriendly, especially for new users of WP. There should be a ""revert"" or ""cancel"" button when editing that will get rid of current edits and take you back to the last, unedited version of the page/post." tomdryan 5 54540 Need to Add any Icon or align text at the center of social icon block in inspector style setting of Twenty twenty one theme Editor 5.8.2 normal normal Awaiting Review enhancement new 2021-11-30T13:11:00Z 2021-12-10T08:56:54Z "Need to Add any Icon or align text at the center of social icon block in inspector style setting of Twenty twenty one theme screenshot:[https://prnt.sc/213h9ds] Because while selecting icon style setting box layout not looks proper and shows empty box. We have to adding icon for indication on selecting box. or we have to align box styling text between the box. screenshot: " multidots1896 7 58799 Need to add filter to register a template in [NEW] WordPress site editor through a plugin has-patch Editor 6.2.2 normal blocker Awaiting Review enhancement new 2023-07-13T11:55:00Z 2024-03-01T10:09:22Z "I am trying to add a new template in the WordPress site editor like this like this but unable to do it with my custom plugin. I have found a filter to register a custom template {{{ add_filter( 'default_template_types', 'register_template_type' ); function register_template_type( $templates ) { $templates['help-us'] = array( 'title' => _x( 'Page: Help Us', 'Template Name' ), 'description' => __( 'Displays Help Us template' ), ); return $templates; } }}} after adding this code I have figured out that by adding a file in the theme's template directory help-us.html I was able to register and display my custom template. **What if I want to add a custom template via plugin?** I was not able to find a way to add a custom template via the plugin. Previously I was using customizer in my plugin to customize the layout of a page with some custom functionality, now I am looking for a way to customize this page with the help of NEW site editor. **REF**: https://wordpress.stackexchange.com/questions/417325/how-to-register-a-template-in-new-wordpress-site-editor-through-a-plugin After going through, I figured out that we just need to make the template html file visible from the plugin to the template loop in order to display it. So I went over and added filter hooks in two places which just worked for me. We need to add filters in following two lines; 1- wp-includes\block-template-utils.php:263 {{{ $themes = array( get_stylesheet() => get_stylesheet_directory(), get_template() => get_template_directory(), ); // NEW Filter hook $themes = apply_filters( 'block_editor_templates_files', $themes, $template_type ); $template_files = array(); }}} 2- wp-includes\block-template-utils.php:306 {{{ $themes = array( get_stylesheet() => get_stylesheet_directory(), get_template() => get_template_directory(), ); // NEW Filter hook $themes = apply_filters( 'block_editor_templates_files', $themes ); }}} Looking forward to your feedback and consideration. Thanks " saadiqbal 54850 New filter for build_query_vars_from_query_block() has-patch Editor 5.8 normal normal Awaiting Review enhancement new 2022-01-18T10:37:25Z 2022-12-19T14:03:59Z "As raised in [https://github.com/WordPress/gutenberg/issues/36504 Gutenberg #36504] a filter to modify and extend the query for the query block would be helpful. This would allow developers to add new attributes to the query loop block and then pass them to the query." grapplerulrich 4 60020 Padding issue on adding background color Editor normal normal Awaiting Review enhancement new 2023-12-06T10:27:27Z 2024-02-15T16:23:10Z "When we add background colour to the paragraph it takes the padding automatically. Video : https://drive.google.com/file/d/1c2nyyTsPIZEiPG8e30OZ0cfsIvgVK5LX/view?usp=sharing" pitamdey 1 36778 Parent theme editor-style.css cannot be disabled Editor normal normal Future Release enhancement reopened 2016-05-06T16:58:34Z 2020-11-23T04:48:13Z "While it is possible to override the CSS in a parent theme's editor-style.css, it is not currently possible to completely disable or dequeue a parent theme's editor-style.css file. This is a problem for a few reasons: - Theme authors may not keep their editor-style.css files up to date with the HTML the editor produces, leading to formatting oddities. - You may not just want the editor styles customized from the WP defaults at all." matthewmcvickar 10 45435 Port Gutenberg's `removep` Function to Php has-patch Editor 4.9.8 normal normal Awaiting Review enhancement new 2018-11-27T19:15:23Z 2020-11-24T02:44:43Z "Gutenberg has `autop` and `removep` functions, code is here: https://github.com/WordPress/gutenberg/tree/master/packages/autop `autop` in JS is equivalent to `wpautop` in PHP. There is no `removep` or `wpremovep` in PHP. I have often needed it. Please port it into WordPress for PHP developers. Thank you for your consideration." conner_bw 11 58801 Prefetch Block Editor from Posts page adamsilverstein needs-unit-tests Editor normal normal Future Release enhancement assigned 2023-07-13T15:44:37Z 2023-12-04T22:00:53Z "One of the most common user journeys in wp-admin for creating or editing a Post is navigating to the Posts page (`wp-admin/edit.php`) then to the Block Editor (either by clicking a post to edit or clicking the ""New Post"" button or sidebar menu). We can greatly increase up the speed with which the editor loads by prefetching the edit screen once the user reaches the Posts page. Prefetch will ""prime the html cache"" for all of the resources needed by the editor, resulting in the editor loading much faster for users. Note: since users can also reach the editor from the wp-admin bar, we might want to consider adding prefetch when the user interacts or opens the ""New"" menu. However, to keep this initial proposal small and easier to test I decided to limit the scope to the Posts page." adamsilverstein 5 53076 Press This: Add filters to allow custom Press This plugins kraftbj* has-patch Editor 4.9 normal normal Future Release enhancement accepted 2021-04-22T19:38:03Z 2021-05-24T14:59:02Z "The Press This feature of WordPress was spun out of Core in 4.9 as into a ""canonical plugin"". The Core side code presumes the canonical plugin is the only implementation. If a site owner wants a custom version of Press This, they are required to hack the plugin in some way (set the version super high and edit the files, replace it with something of a high version, etc to ensure the plugin is updated back to stock by WordPress). This also limits what site owners can do—selective versions of Press This based on who is logged in, A/B tests of different Press This's, etc. Request a few filters added to wp-admin/press-this.php to allow for alternative implementations. " kraftbj 5 53630 Prior State Recall for Panes in Editor (Collapse/Expanded) Editor 5.7.2 normal trivial Awaiting Review enhancement new 2021-07-08T18:54:18Z 2021-07-08T18:54:18Z "Background: I recently interacted with a site creator who posted this topic in the WordPress.org support forums: https://wordpress.org/support/topic/add-new-post-screen-layout/ Upon further exploration, I noted that it is possible to toggle various panes (especially pertaining to plugin features) to display or not display. However, if you toggle them to display (the default setting), the editor screen/viewport can become quite small, as much real estate is reserved for these panes. If a user toggles the panes to NOT display, it is not ideal, as they may need access to these panes sporadically. A possible solution would be to enable state memory. Essentially, each pane can be expanded or collapsed using a small arrow in the top right of the pane already. Screenshot: https://cloudup.com/cgzDJjk4UWu MY FEATURE REQUEST: Remember the state of each pane so that when the user returns to the editor, the various panes are in their last state (expanded or collapsed)." dansoschin 50191 Propose https prefix, not http for external links Editor normal normal Future Release enhancement new 2020-05-17T10:28:11Z 2022-09-11T17:52:10Z "In https://build.trac.wordpress.org/browser/trunk/wp-includes/class-wp-editor.php?marks=1269#L1269 The text says: The URL you entered seems to be an external link. Do you want to add the required http:// prefix? Might be better to propose to prefix 'https://' as default." casiepa 7 48789 Provide ability to drag and drop images among and between Gutenberg Blocks reporter-feedback Editor 5.3 normal normal Awaiting Review enhancement new 2019-11-25T17:59:19Z 2020-11-24T23:44:04Z "It is not possible to drag and drop images between the different GB blocks. For Example, if I make an image Block I cannot drag the image out of the block and drop into another block. Therefore, to improve UX WordPress should provide the ability to drag and drop images among and between Gutenberg Blocks" Pcosta88 4 59620 Remove a query to /wp-json/wp/v2/users from the editor where there isn't a real need Editor normal normal Awaiting Review enhancement new 2023-10-13T17:02:23Z 2023-10-13T19:24:15Z "I've unset `/wp/v2/users` and `/wp/v2/users/(?P<id>[\d]+)` endpoints to remove access to the users list and make it harder for bots that are trying the login form (This one is custom as well, so they are actually not doing it, but this is not the point), and I've got an 404 error in the Editor in admin, but everything is working, and apart from the annoying red circle with number 1 inside in the Dev Tools, I didn't get any side effects. So, if this is not necessary, why do we have this request to the back in the first place? I am proposing to remove it by default and do it only when necessary. I want to emphasize that everything is working, and apart from this annoying error, everything is fine and several months went by without any complaints from editors." oglekler 2 59811 Remove suggestion to add tags and categories Editor normal normal Awaiting Review enhancement new 2023-11-06T10:37:05Z 2023-11-08T14:00:20Z "Right now, in the pre-publish screen, we suggest users to add tags and categories to their post. I'd like to make a few changes to what we do there, and I'll explain why: - If no tags and no categories are selected, we could suggest adding either a tag or a category. But: - If a site doesn't have any tags, we shouldn't suggest adding tags. - If a site doesn't have any categories, we shouldn't suggest adding categories. - If this leads to not suggesting either, then that's fine. Right now, we suggest adding tags ''and'' categories to every page. Every time someone creates a new tag that way, we create a new URL on the internet that needs to be crawled, when really that page might not be very useful at all. In my ideal world, if a theme has no support for tags (many don't show tags on post pages), we shouldn't even have an interface for it. We might consider adding something like an `add_theme_support` feature for tags, where we default to it being on but allow themes to `remove_theme_support` for tag pages and then not show tags in the interface, or something similar to that extent." joostdevalk 3 38061 Rename the text window name on the editor has-patch Editor normal normal Future Release enhancement assigned 2016-09-14T22:10:52Z 2019-06-21T06:36:36Z "The text window on the editor name should be something that makes better sense to new users. Since the reality is it is a way to tab between the visual editor and actual view the code. So if a new user who does not know this if they tab between Visual and Text it does not make total sense." lukecavanagh 35 36475 Responsive images in TinyMCE Editor normal normal Future Release enhancement new 2016-04-11T12:49:07Z 2019-07-02T14:57:57Z Decide if we should be adding the `srcset` and `sizes` attributes to the images in the editor, and if they should be saved to the database or added with the display filter. iseulde 4 31479 Save custom color palette through refreshes Editor normal normal Future Release enhancement new 2015-02-27T19:47:27Z 2019-07-05T08:48:12Z "When you choose a custom color for your text using the color picker, the custom colors disappear from the palette when the page refreshes, or if the editor is closed and reopened later. This also happens after saving as a draft. Color picker right after changing text color: [[Image(http://cdn2.dropmark.com/74615/a48b9d7e5d6cd1ad5798a7ddfbf2ff20ebbc2086/colorshown.png)]] Color picker after saving draft: [[Image(http://cdn2.dropmark.com/74615/a2c1a5966634e30eb76f2c3c04771f5fbdfa0d2e/colornotshown.png)]] Steps to reproduce: 1. Change text color to a custom color choice. 2. Save post as a draft. 3. Reopen the color palette. Reported in WordPress.com forums: http://en.forums.wordpress.com/topic/custom-color-boxes-in-post-editor" shawnajroberts 4 57626 Searches to add a link in post-edit, to be sortable/filterable to better find tags reporter-feedback Editor normal trivial Awaiting Review enhancement new 2023-02-03T14:30:14Z 2023-03-20T13:51:02Z "Currently when adding a link to a post, I can search for a term and get back a mix of posts, pages and tags. This is the intended behaviour. However, if the search term I am using is broad (e.g. 'Movies') and there are more than 20 posts on my site featuring the word Movies (this is often the case for a broad term), then WordPress will prioritise returning me 20 search results that are all posts, and will not return the Movies tag. This is a general sorting issue, the search function prioritises posts over tags. I'd like see a change where an exact tag match would always appears as the top result. If not, then an option to filter the search, perhaps with checkboxes to show Posts/Pages/Tags etc." joshduffetywong 2 52288 Separate Color Palette for Text sarahricker Editor normal normal Future Release enhancement assigned 2021-01-13T09:22:54Z 2021-05-21T15:39:45Z "It would be great with a separate Theme Support feature to be able to add a color palette for text colors only. It is often not a good feature to allow the average user to have access to a lot of colors that can be mixed in any way. Readability can be discarded. add_theme_support( 'editor-text-color-palette' , [ ... ] ); add_theme_support( 'editor-color-palette' , [ ... ] ); " jontng 6 57330 Show number of scheduled posts in calendar popup when scheduling close Editor normal normal Awaiting Review enhancement new 2022-12-14T18:35:48Z 2022-12-14T19:41:49Z "When scheduling a post using default wordpress scheduler, there is a nice feature – I see a blue dots under a day numbers what means, that there I have some posts already scheduled for that day. But there is only a blue dot – it would be nice to see also a number of posts scheduled for that day. That number is already in the html code visible – when I right click on the blue dot and click “Inspect” in HTML code I see an information like this: “December 10, 2022. Selected. There is **1** event”" sokrates4612 1 38850 Sticky positioning for a smoother scrolling experience iseulde* Editor normal normal Future Release enhancement accepted 2016-11-18T11:06:23Z 2019-06-05T07:06:26Z "Let's consider using sticky positioning to do the scrolling effect we currently have on the editor page. At the moment we use JS and listen to scroll events, which is not ideal. It may look slow and buggy under some circumstances. Browser support is looking good. It's already implemented in Firefox and Safari, and by the time we ship 4.8 it will be in Chrome (est. 31 Jan). It's under consideration for Edge and there's no support in IE. This is no big deal though, as we can just fall back to what we currently have. http://caniuse.com/#feat=css-sticky Note: Firefox now also gives a warning in the console about using JS for this: > This site appears to use a scroll-linked positioning effect. This may not work well with asynchronous panning; see https://developer.mozilla.org/docs/Mozilla/Performance/ScrollLinkedEffects for further details and to join the discussion on related tools and features!" iseulde 6 56852 Support IDs in block wrapper attributes Editor normal normal Future Release enhancement assigned 2022-10-19T13:10:22Z 2023-09-06T21:20:28Z "At the moment dynamic rendered blocks don't support [[https://developer.wordpress.org/block-editor/reference-guides/block-api/block-supports/#anchor|anchors]]. To enable this support, we need to add this feature to the Editor and add the ''id'' in ''get_block_wrapper_attributes()'' to the block. I already created a PR to add this support to the editor: https://github.com/WordPress/gutenberg/pull/44771 This ticket is for adding it to the renderd block HTML." Soean 16 42645 Support passing version number to add_editor_style() dinhtungdu has-patch Editor normal normal Future Release enhancement assigned 2017-11-20T23:11:26Z 2019-09-24T17:53:40Z For automagically flushing browser cache, it would be helpful if `add_editor_style()` supported a version number argument. danielbachhuber 11 60393 Test with Gutenberg active Editor normal normal Awaiting Review enhancement new 2024-01-31T03:53:44Z 2024-01-31T07:21:37Z "On the back of #60315, an issue that keeps occurring on some sites ([https://wordpress.slack.com/archives/C02QB8GMM/p1706630823300079 For example, wordpressfoundation.org earlier today]) is that WordPress trunk ends up being incompatible with the latest stable release of Gutenberg. Usually this happens around PHP back-porting from Gutenberg to Core, but I guess could happen with some of the JS too (I just don't see it). Generally, WordPress trunk has been treated in the past as ""it should be stable"", and as a result, is run on many WordPress.org properties as a way to [https://en.wikipedia.org/wiki/Eating_your_own_dog_food dogfood] and find out about bugs before it hits every other WordPress site in the world. Over the years, this has identified many issues that wouldn't have otherwise been noticed until after release. Often these sites consume the SVN/Git repo's directly, and as such [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/update-core.php#L1844 the upgrade routines] don't protect those sites. I'd like to propose two changes to the unit tests in Core, as a way to hopefully notice these incompatibilities before it happens. 1. Run a unit test run with Gutenberg stable active (Similar to how we run multisite vs not-multisite, but we can probably slim it down to Gutenberg stable + Trunk + Single PHP version, just to reduce action time) 2. If it's a packages update, run all the tests with Gutenberg active (in addition to without) For PRs such as the one that lead to the most recent issue, it'd have flagged that the commit would make trunk incompatible with the stable release, and either a) the core commit could've been delayed 12 hours, or b) the release of an updated Gutenberg could've been done first. For other PRs/commits, it would highlight when a change in Core has caused Gutenberg to fatal or act oddly - Something that should be highly unlikely, but is plausible, and given how close Gutenberg and Core are, it just makes sense to me. This wouldn't replace the Gutenberg unit tests, but would act as a separate double-check." dd32 5 46224 The additional CSS is not reflected in the editor has-patch Editor normal normal Future Release enhancement new 2019-02-10T06:24:54Z 2021-09-29T20:49:07Z "I think that the additional CSS should be reflected to the editor. What do you think? I did not know which file to write the code, so I made a sample plugin. https://github.com/inc2734/additional-css" inc2734 4 54968 Tide Gallery needs responsive design for Mobile Editor 5.9 normal major Awaiting Review enhancement new 2022-01-28T10:13:02Z 2022-01-28T10:13:02Z In a new theme Twenty Twenty Two with a block editor, There is one section of Tide Gallery to implement a Gallery of different types and with different customization options. The Gallery section is not working well for the front-end in responsive. It is showing the same view as it is showing on the desktop. krupalpanchal 54305 Transition of block editor width when previewing desktop/tablet/mobile causes multiple resize events (and unnecessary lag) Editor normal normal Awaiting Review enhancement new 2021-10-21T22:08:34Z 2021-11-01T13:54:06Z "When editing a page, if we click ""preview"", and then click one of the viewport icons at the top (desktop, tablet, mobile), it resizes the editor. This is great. What is not so great is that it animates (seemingly via javascript) the change in width, which causes all the blocks to re-render several times, making the process slow and clunky (I am using ACF Blocks). Honestly, it makes me avoid using the viewport switcher except when I really need it. I believe if the transition was removed, it would only have to fire a single resize event. I don’t see any reason why, technically speaking, the animation should be necessary. " askpivot 1 51284 Update style for side meta boxes azhiyadev has-patch Editor 5.5.1 normal normal Future Release enhancement assigned 2020-09-10T02:56:22Z 2021-12-19T07:29:07Z "In the latest version 5.5.1, WordPress adds the arrows to the meta box handles to allows users to move a meta box up or down. That works nicely for meta boxes below the content area. However, for the side boxes, the arrows takes a lot of space and reduce the space for the meta box title. The 2nd problem is that the toggle icon (collapse/expand) is different from the Gutenberg panel icon. I attach a screenshot to see the problems clearer. " rilwis 15 57016 When searching for a block, there is an unexpected blank space at the bottom of the Editor Editor 6.1 normal normal Awaiting Review enhancement new 2022-11-07T10:21:46Z 2022-11-07T22:07:52Z "With WordPress version 6.1, I observed an unexpected blank space on the editor when searching for any block. Steps to reproduce: - Open Gutenberg editor - Search for a block but do not add/select it. - Now, scroll down on the page, and see a huge white blank space at the bottom. Screencast- https://d.pr/v/1Vl7I8" thebengalboy 58732 WordPress Gallery Block: Column Count Issue Results in Unbalanced Item Widths close Editor 5.0 normal normal Awaiting Review enhancement new 2023-07-06T13:13:40Z 2023-07-06T14:12:58Z "== Enhancement === Description The WordPress gallery block is currently experiencing an issue when users select a specific column count. The problem arises when attempting to achieve a balanced layout, as the items within the gallery block are not receiving a common width. This results in inconsistent and unbalanced item widths. Currently, there is an option to keep all the items in the same width. === Environment - WordPress: 6.3-beta3-56143 - PHP: 7.4.33 - Server: TasteWP-S1 Official/3.0.0 - Database: mysqli (Server: 8.0.32-0ubuntu0.20.04.2 / Client: mysqlnd 7.4.33) - Browser: Chrome 112.0.0.0 (macOS) - Theme: Twenty Twenty-Three 1.1 - MU-Plugins: None activated - Plugins: * WordPress Beta Tester 3.5.0 === Steps to Reproduce 1. Add a gallery block 2. Add a few images to the gallery 3. Change the number of columns option === Expected Results 1. Same column size for all gallery items === Actual Results 1. If there are 6 gallery items and the column count is 4 the last 2 items are showing as 2 columns instead of 4." sarath.ar 1 58278 [Query Loop][Post Template][Custom dynamic block] Impossible to pass query loop context to a custom dynamic block as the post template context is hard coded. dev-feedback Editor 6.2 normal normal Awaiting Review enhancement new 2023-05-09T13:14:16Z 2023-05-09T13:14:16Z "Hello. **Context** : I'm writing a query loop variation, with post templates, then a custom dynamic block. **Problem** : I was trying to get the query loop id inside the custom dynamic block and could not, even when specifying usesContext and providesContext block.json configuration for my dynamic bloc of the core/post-template one. **Observations** : After some investigation, I found that the post template uses the `render_block_core_post_template` function as render callback inside the `post-template.php` file Line 93 of this file, we can see that the function hard codes the context that is then passed to the block : {{{#!php $block_content = ( new WP_Block( $block_instance, array( 'postType' => get_post_type(), 'postId' => get_the_ID(), ) ) )->render( array( 'dynamic' => false ) ); }}} There's no filter or mechanism allowing us to provide more context here which is quite blocking. **Suggestion** : We could do something like this instead : {{{#!php // Render the inner blocks of the Post Template block with `dynamic` set to `false` to prevent calling // `render_callback` and ensure that no wrapper markup is included. $context = array( 'postType' => get_post_type(), 'postId' => get_the_ID(), ); //Check if additional context is provided by ancestor blocks if (!empty($block->block_type->provides_context)) { foreach ($block->block_type->provides_context as $context_name) { if (array_key_exists($context_name, $block->context)) { $context[$context_name] = $block->context[$context_name]; } } } $block_content = ( new WP_Block( $block_instance, $context ) )->render( array( 'dynamic' => false ) ); }}} With this code, I was able to specify and get the queryId to my custom block. **Steps to reproduce** : - Create a query loop variation - In the variation, set the innerblocks setting to use a custom dynamic block. - In your custom block block.json file, we're trying to use the queryId as the context. - As it's not working, I've also specified that I wanted the core/post-template block to provide the queryId via providesContext. - Realize the core/post-template block does not provide any context besides the hard coded one mentioned above. **Expected output** : If we specify that the core/post-template block should specify a context, it should be taken into account alongside the default values that are `postType` and `postId` Thank you for your work." jdmweb 6619 permalink field misleading in page editor: it displays the erroneous values Editor 2.5 normal normal Future Release enhancement new 2008-04-06T14:48:15Z 2021-09-22T13:30:43Z "if you create a sub-page, the permalink field should display the proper permalink. currently, if you have: site.com/page/ and when you create: site.com/page/subpage/ the permalink shows: site.com/subpage/ until it gets saved the expected behavior would be for it to show the correct permalink. the same remark applies when you then change the permalink. if the parent is no longer page, but rather page-2, then the permalink should update accordingly." Denis-de-Bernardy 9 32143 wpLink function getAttrs() missing link-text reporter-feedback Editor 4.2 normal normal Awaiting Review enhancement new 2015-04-27T07:04:06Z 2020-11-24T01:38:12Z "After last update to 4.2 wpLink() was renewed and the title-input was replaced. Instead of title, you can now insert/change the link text. https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/wplink.js?rev=32017 But in function getAttrs() the val of link-text was forgotten. Therfor I proporse to add this line in getAttrs(): linktext: $.trim( inputs.text.val() ), Also it would be nice to populate the link-text field with the document title of a chosed intern element, like it was made with the old title-field before. " xwolf 6 58840 Add Canva as an oEmbed provider Embeds normal normal Future Release enhancement new 2023-07-18T15:06:41Z 2023-08-24T14:38:34Z "**Is the service is popular enough for core developers to have heard of it before? Is it “mainstream?”** It is quite popular with over 100 million users according to Wikipedia. **If similar services are already supported, how does this service compare in terms of size, features, and backing? ** Not sure. **Does this service have an established social media presence?** Almost 300k followers on Twitter: https://twitter.com/canva **Is its oEmbed endpoint clearly established and properly documented? (Sometimes, they are just a developer’s pet project that may not be supported.)** Only found https://www.canva.com/embeds/ and https://www.canva.dev/blog/engineering/how-canva-makes-content-embeddable-and-why-you-should-too/ about this **Does the oEmbed endpoint work with WordPress’ oEmbed auto-discovery? If not, could it be made to work with additional HTML tags or attributes being added to the allow-list? ** oEmbed discovery does not work for Canva because the meta tag is very far down in the page source and WP only parses the first few KB of the response. **Does the service make an effort to build relationships with developers, such as through robust APIs?** Not sure. They do seem to have good dev docs and an engineering blog. **How old is the service?** Over 10 years old. **Does it have a well-established Wikipedia article? (Seriously.)** Yes. https://en.wikipedia.org/wiki/Canva **Has anyone written a WordPress plugin that leverages the service in some way, whether adding it as an oEmbed provider, creating a shortcode, or leveraging other APIs of the service? Do these plugins have any noticeable adoption or traction that would indicate usage and demand?** Years ago they had their own official WordPress plugin but it has been abandoned: https://wordpress.org/plugins/canva/ **Is the provider frequently proposed?** First time AFAIK." swissspidy 59299 Add Felt.com to the list of oEmbed providers Embeds normal normal Awaiting Review enhancement new 2023-09-06T15:45:40Z 2023-10-08T23:10:54Z "I'd like to request whitelisting the Felt.com's oEmbeds. Their mapping platform is both robust and user-friendly, and would be a great addition to WordPress users interested in sharing maps online. Here's an example URL: https://felt.com/map/Learn-to-Use-Felt-Tutorial-0xljGYVlRzGfxNgRV9A6akC?loc=40.7849,-73.97533,13.94z&share=1 **Is the service is popular enough for core developers to have heard of it before? Is it “mainstream?”** It's probably not mainstream yet, but it's a very well-known service in the GIS community. **If similar services are already supported, how does this service compare in terms of size, features, and backing?** As far as I know, core doesn't whitelist embeds for other mapping platforms. To embed maps from other providers (OpenStreetMaps, Google, Mapbox, etc.), a map block is required. **Does this service have an established social media presence?** Yes. https://twitter.com/felt http://threads.net/@feltmaps http://mas.to/@felt https://www.youtube.com/@feltmaps **Is its oEmbed endpoint clearly established and properly documented? (Sometimes, they are just a developer’s pet project that may not be supported.) ** It's supported, but as far as I know, it's not documented in their dev documents https://feltmaps.notion.site/Getting-Started-With-The-Felt-API-69c8b02b7d8e436daa657a04a2dbaffa **Does the oEmbed endpoint work with WordPress’ oEmbed auto-discovery? If not, could it be made to work with additional HTML tags or attributes being added to the allow-list?** Yes, the embed is discoverable. **Does the service make an effort to build relationships with developers, such as through robust APIs?** **How old is the service?** The company was founded in 2021, the platform was launched at the beginning of 2022. **Does it have a well-established Wikipedia article? (Seriously.)** No, but they are contributors to several big open-source projects. More information https://felt.com/open-source, https://felt.com/blog/felt-flagship-member-of-qgis, and https://blog.qgis.org/2023/03/21/felt-is-our-first-sustaining-member **Has anyone written a WordPress plugin that leverages the service in some way, whether adding it as an oEmbed provider, creating a shortcode, or leveraging other APIs of the service? Do these plugins have any noticeable adoption or traction that would indicate usage and demand?** No, as far as I know. **Is the provider frequently proposed?** No, this would be the first time." javiarce 11 60182 Add Gumlet.com to oEmbed allowlist akbansa dev-feedback Embeds normal normal Future Release enhancement assigned 2024-01-03T08:14:32Z 2024-02-20T07:50:51Z "I use Gumlet for my videos, a video hosting platform similar to YouTube. While WordPress's core Editor render Youtube URLs but not Gumlet. Gumlet supports oEmbed and so does WordPress. But on checking further, I found that you have a whitelisted domain list for videos. Please add Gumlet oEmbed support to the whitelisted domains. Gumlet supports Embedding on two URLs, attached below - https://api.gumlet.com/v1/oembed?url=https://www.gumlet.com/watch/6566f0c80701dac63772c357/ https://api.gumlet.com/v1/oembed?url=https://play.gumlet.io/embed/6566f0c80701dac63772c357/" akbansa 25 60321 Add Viostream.com to oEmbed allowlist has-patch Embeds normal normal Awaiting Review enhancement new 2024-01-22T23:55:28Z 2024-01-23T00:06:10Z "Viostream.com has implemented oEmbed support. Adding Viostream.com to the WordPress whitelist will enable Viostream users to seamlessly embed their videos in WordPress. Questionnaire responses below: == Is the service is popular enough for core developers to have heard of it before? Is it “mainstream?” Viostream is widely used by Government and enterprise businesses in Australia - many of their developers have requested easier WordPress integration. == If similar services are already supported, how does this service compare in terms of size, features, and backing? Viostream does have a smaller market share than competitors such as Vidyard, however the feature set is particularly geared towards enterprise and Government, particularly around security aspects of the platform. == Does this service have an established social media presence? Yes - see https://www.facebook.com/viostreamhq/ and https://www.linkedin.com/company/viostream == Is its oEmbed endpoint clearly established and properly documented? (Sometimes, they are just a developer’s pet project that may not be supported.) Yes - see https://help.viostream.com/sharing-your-media/embedding-with-oembed-tags/ == Does the oEmbed endpoint work with WordPress’ oEmbed auto-discovery? If not, could it be made to work with additional HTML tags or attributes being added to the allow-list? Yes, discovery has been implemented. == Does the service make an effort to build relationships with developers, such as through robust APIs? Yes, Viostream provides a RESTful API for video management as well as a player API for presentation integrations. == How old is the service? Viostream as a business has been operating for over 20 years. The current Viostream service has been operating for over 10 years. == Does it have a well-established Wikipedia article? (Seriously.) No. == Has anyone written a WordPress plugin that leverages the service in some way, whether adding it as an oEmbed provider, creating a shortcode, or leveraging other APIs of the service? Do these plugins have any noticeable adoption or traction that would indicate usage and demand? No == Is the provider frequently proposed? Yes - both existing and prospective customers have requested this functionality." sjauldviostream 1 54434 Add Zoomable as an oEmbed provider Embeds normal normal Awaiting Review enhancement new 2021-11-13T03:11:21Z 2021-11-18T14:21:39Z "We would like to apply to become an embed provider on WordPress.com. As requested, here are the answers based on the questions from the WordPress Documentation site. https://developer.wordpress.com/docs/embedding-on-wordpress-com/ **1. How many active monthly users does your service have?** It fluctuates between 3.1K to 17K, depending on the contents and how the creators promote their work. Case in point: Twitch Atlas Vol. 2. Work like this typically draws a lot of traffic with the help of social media. https://www.reddit.com/r/LivestreamFail/comments/m3r9o6/twitch_atlas_vol_2/ **2. Do you have a WordPress.org plugin?** We do have a plugin for WordPress but not on WordPress.org. https://zoomable.ca/zoomable_for_wordpress.html **3. How many self-hosted WordPress sites currently embed your service?** Regrettably, we don't have this information at hand. However, we do have a non-exhaustive list of public sites that embed to our service available on our website. https://zoomable.ca/sites_using_zoomable.html **4. Does your service already support oEmbed?** Yes as we are one of the providers on embed.ly https://embed.ly/provider/zoomable Our service can be embedded on the following sites: - Medium (oEmbed) - Matterport (oEmbed) - Squarespace (oEmbed) - Wix (oEmbed) - Shopify (iframe) - Weebly (iframe) **5. What are the URL scheme and oEmbed API endpoint for your service?** URL 1 (Free Account): !https://srv2.zoomable.ca/* oembed_url: !https://srv2.zoomable.ca/oembed oembed_scheme: !https://srv2.zoomable.ca/viewer.php* example_url_1: https://srv2.zoomable.ca/viewer.php?i=imgecf402ea70b2e191_Spain_and_Portugal_rail_WM_6000px example_url_2: https://srv2.zoomable.ca/viewer.php?i=img3f3680be627ab64b_Dulle_griet_resto example_url_3: https://srv2.zoomable.ca/viewer.php?i=imgca0e93b71726ba80_BaffinBay URL 2 (Paid Account): !https://community.zoomable.ca/* oembed_url: !https://community.zoomable.ca/oembed oembed_scheme: !https://community.zoomable.ca/image/* example_url_1: https://community.zoomable.ca/image/iiCh example_url_2: https://community.zoomable.ca/image/iBx0 example_url_3: https://community.zoomable.ca/image/iV26 **6. What is an example valid URL that we can use to test embedding your service?** See 5. **[What We Do]** Zoomable is an image conversion service that turns high-resolution image (3000 x 3000 px and beyond) into a zoomable image. The zoomable experience invites users to examine the image in greater details. Our service is mentioned in a few wiki entries such as Deep Zoom (the technology that our service is based on), Seadragon Sofware, and Image Composite Editor. Although we don't have a designated page on Wiki, we have an entry on Crunchbase. https://www.crunchbase.com/organization/zoomable **[Our User Base]** Our service caters to a variety of sectors, with strong user base in the creative and cultural sector. We have showcased some of our users on our website. https://zoomable.ca/sites_using_zoomable.html Here are some highlights: **1. 200 Panel Orion Mosaic by Matt Harbison** http://spaceforeverybody.com/Orion/ The above work was featured on Petapixel https://petapixel.com/2020/10/23/this-insane-2-5-gigapixel-image-of-the-orion-constellation-took-five-years-to-complete/ **2. An article on Stuff.co.nz, New Zealand’s leading news website (the zoomable image is at the end of the article).** https://www.stuff.co.nz/environment/300283917/taniwha-in-the-valley-hutt-river-is-both-threatened-and-threatening--but-is-it-just-misunderstood **3. British Library: Hebrew Manuscripts exhibition (Virtual Tour on Matterport platform)** https://t.co/H0mo8Q7hbf?amp=1 **4. National Lottery Heritage Fund: Shared purpose and a clear direction — building our first roadmap (Medium article)** https://medium.com/doing-service-design-at-the-national-lottery/shared-purpose-and-a-clear-direction-building-our-first-roadmap-4795e605a3dd **5. A Dystopian City in a Box (Squarespace site, the zoomable image is at the end of the article)** https://www.ruchikanambiar.com/the-lilliput-proletariat **6. Mike Hall (Shopify store)** https://shop.thisismikehall.com/products/a-panorama-of-london-original-version-giclee-print **7. Ohio County Public Library: Map of the City of Wheeling and Suburbs Ohio Co. Virginia, 1853** https://www.ohiocountylibrary.org/archives/map-of-the-city-of-wheeling-and-suburbs-ohio-co.-virginia-1853/7408 We believe our service will provide an additional tool for the creators to showcase their work easily on WordPress.com. We look forward to hearing from you. Please let us know if there are areas that we need to work on to make this request feasible. Thank you for your time. Zoomable Team" zoomable 2 51738 Adding Adventr as an oEmbed provider Embeds normal normal Future Release enhancement new 2020-11-09T22:13:12Z 2023-05-30T17:12:26Z "This ticket is a request to have *.adventr.io added to the list of whitelisted oEmbed providers. Adventr.io is a popular smart video creation tool that allows any creator to make and publish branching videos with personalized choose-your-own-adventure outcomes. It also allows creators to make parts of their videos into clickable links, so that viewers can learn more about things they see in the video. **Is the service is popular enough for core developers to have heard of it before? Is it “mainstream?”** Adventr is being used by major brands and has been covered in mainstream press such as TechCrunch, Rolling Stone, and more. https://techcrunch.com/2014/05/13/adventr-launch/ https://www.rollingstone.com/music/music-country/texas-gentlemen-floor-it-movie-1076359/ **If similar services are already supported, how does this service compare in terms of size, features, and backing?** Adventr would be the **only** white-listed provider of interactive video experiences. Adventr is the most feature-rich and robust platform for creating and publishing smart videos. **Does this service have a large following on Twitter, Facebook, or other social media? Is its Twitter account verified?** Adventr is not very active on social media (handle is adventrhq), but its founder & CEO has a verified Twitter account: https://twitter.com/springsteezy **Is its oEmbed endpoint clearly established and properly documented? (Sometimes, they are just a developer’s pet project that may not be supported.)** We have oembed API documentation: https://help.adventr.io/en/articles/4613290-adventr-oembed-api Adventr is also supported by Embedly: https://embed.ly/provider/adventr **Does the oEmbed endpoint work with WordPress’ oEmbed auto-discovery? If not, could it be made to work with additional HTML tags or attributes being whitelisted?** It only partially works. WordPress's sandbox settings disable links and sharing within the embed, resulting in making some interaction elements and all share options non-responsive. Wordpress also prevents full-screen playback. In the Rolling Stone article (which is powered by Wordpress) where they embedded an Adventr, clicking any share option fails, fullscreen fails, and links outside of the video also fail: https://www.rollingstone.com/music/music-country/texas-gentlemen-floor-it-movie-1076359/ **Does the service make an effort to build relationships with developers, such as through robust APIs?** Adventr currently offers a realtime javascript API that our creators can use to make in-video interactions affect other parts their page. Details on this API are available here: https://help.adventr.io/en/articles/4467154-using-the-adventr-realtime-player-api This API will be developed over time and allow creators to do more and more interesting things in the future. **How old is the service?** Adventr was originally founded in 2014 and rebranded with a new look and a brand-new HTML5 player in 2020. **Does it have a well-established Wikipedia article? (Seriously.)** Adventr's founder has a well-established Wikipedia article: https://en.wikipedia.org/wiki/Devo_Springsteen **Has anyone written a WordPress plugin that leverages the service in some way, whether adding it as an oEmbed provider, creating a shortcode, or leveraging other APIs of the service? Do these plugins have any noticeable adoption or traction that would indicate usage and demand?** Not yet, but there is plugin potential if someone wants to take advantage of the realtime player API and integrate it with other Wordpress plugins like WooCommerce etc. **Is the provider frequently proposed?** I believe this is the first time it is being proposed here. Our own users have written multiple support requests due to issues with Wordpress embeds, leading us to write a support article explaining how to use Custom HTML instead of Wordpress Embeds. However, this adds complexity to the use of Wordpress and makes it harder to take advantage of Wordpress's responsive sizing. For Wordpress users who are posting content created by other Adventr users (as in the Rolling Stone example above), we believe they expect the content to work correctly when embedded on their Wordpress site." adventrpeter 3 44610 Allow Youtube-Player to use youtube-nocookie.com URLS to avoid setting cookies. has-patch Embeds 4.9.7 normal normal Future Release enhancement assigned 2018-07-19T07:59:59Z 2023-05-26T12:40:39Z "The file ""wp-includes/class-wp-customize-manager.php"" includes a function ""_validate_external_header_video( $validity, $value )"". The regex used in this function is incomplete, as some urls are invalidated in the customizer. What is interesting is that the regex used in ""wp-includes/js/wp-custom-header.js"" (which actually sets the youtube video), is different and validates e.g the youtube-nocookie.com URLs, that I think more people will need due to GDPR. In the javascript file, it actually quotes a stackoverflow regex found at: http://stackoverflow.com/a/27728417 **Proposal:** Update the regex in ""wp-includes/class-wp-customize-manager.php"" (line 5664) to match the one used in ""wp-includes/js/wp-custom-header.js"" (line 379)." jepperask 58 60727 Allow fine-grained control of when to use oEmbed for providers outside the explicit list Embeds normal normal Awaiting Review enhancement new 2024-03-07T18:30:45Z 2024-03-07T18:30:45Z "WordPress maintains a list of appvoed oEmbed providers. Developers are able to add or remove providers from this list. WordPress also attempts to see if URLs, outside the provider list, support oEmbed - and if they do, it uses oEmbed for them. Unfortunately, this is currently an ""all or nothing"" appraoch. You can either agree to use all these random sites oEmbed, or none. I'd love to see a filter added to control whether or not a specific URL, outside the provider list, should use oEmbed. For reference, our specific use case is we want to continue supporting oEmbed for the vast majority of sites that support it - but we've identified some specific domains that do a poor job of oEmbed, and we'd like to only turn it off for those domains." MadtownLems 57076 Allow fullscreen in oembed videos Embeds normal normal Awaiting Review enhancement new 2022-11-11T15:27:50Z 2022-11-15T11:32:51Z "Hi! We're trying to enable fullscreen from a video loaded through oembed (and not by copying directly the iframe) from PeerTube. Here is the link to the video: https://video.davduf.net/w/4V6DMLcQDGQHnZ9wf6h4KH And to the oembed: https://video.davduf.net/services/oembed/?url=https://video.davduf.net/w/4V6DMLcQDGQHnZ9wf6h4KH I tried to understand why it was not working and found this piece of code: https://github.com/WordPress/WordPress/blob/82f3535083c0d8859bd3b8333fe006394978c09e/wp-includes/embed.php#L926 I guess it's because allowed attributes do not include `allowfullscreen` but I am not confident enough with WP code to be sure it's bound to this part. Anyway, would it be possible to allow the allowfullscreen attribute in `iframe` loaded through oembed? Thanks." booteille 49352 Allow get_proxy_item to be filtered/altered before a response is sent to the editor. Embeds normal normal Awaiting Review enhancement new 2020-02-03T16:13:40Z 2020-02-03T16:13:40Z "**tl;dr:** Add a filter in {{{\WP_oEmbed_Controller::get_proxy_item}}} so certain non-oembed sites can still be embeded using a custom handler from a plugin. **Scenario:** I would like to create a generic oEmbed provider on my own site similar to iframely.com. So when a user posts a link in the editor that isn't a oembed provider, I would like to be able to filter the response from {{{\WP_oEmbed_Controller::get_proxy_item}}} and not having it reply with {{{return new WP_Error( 'oembed_invalid_url', get_status_header_desc( 404 ), array( 'status' => 404 ) );}}}. In my ideal case I could catch this and pipe the URL in question through my own proxy endpoint and create a custom oEmbed result from meta and open graph tags generated from the original HTML of the link to be embeded. Currently it seems, that I can only replace the all embeds through a custom handler, similar to what iframely does: https://github.com/itteco/iframely-wordpress/blob/master/iframely/iframely.php#L19-L23 " neverything 55079 Allowed post tags and allowed tags iframe has-patch Embeds 5.9 normal normal Awaiting Review enhancement new 2022-02-04T13:16:44Z 2022-02-04T16:33:10Z I have already checked wp-includes/kses.php file but now allowed iframe tags. iframe is very important for displaying youtube, vimeo videos and other platforms. csesumonpro 1 56489 An extra post lookup in WP_Embed::shortcode for known post Embeds normal normal Awaiting Review enhancement new 2022-09-01T16:34:26Z 2022-09-01T16:37:10Z "`WP_Embed::shortcode` caches embeds into post_meta for known posts (ie.: embed in a post_content) or into a post of the `oembed_cache` post type in case the global post is not set (ie.: outside the loop). However, [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-embed.php?rev=53269#L251 the code] always tries to lookup the `oembed_cache` post, even in case the global post is set, which results in an extra SQL query, since the `oembed_cache` post is never created, if there is a known global post. The `$cached_post_id` variable populated by the `WP_Embed::find_oembed_post_id` function call is really only used in case there is no global post set, and thus, IMHO, should be only populated in such case." david.binda 1 54468 Apply aspect ratio classes to wp_oembed_get when theme_supports('responsive-embeds') is added Embeds 5.9 normal normal Awaiting Review enhancement new 2021-11-18T19:37:38Z 2021-11-18T19:37:38Z "The Gutenberg embed block supports [adding responsive wrappers around embeds that are cognizant of the embed's aspect ratio](https://github.com/WordPress/gutenberg/blob/v11.9.1/packages/block-library/src/embed/util.js#L185). Without creating fixed-width columns, the embed will fill its container at the interpreted aspect ratio. If you're still writing PHP templates, you're using wp_oembed_get, which does not support this. [This ticket](https://core.trac.wordpress.org/ticket/34928) suggests that some JS fires to adjust the height on iframes on window resize, but that's a somewhat different issue, becoming important after the embed has been rendered. That ticket also suggests that an embed expanding to fill its container is undesirable and not in-line with oEmbed's specification, but whoever designed the Gutenberg block must have had a different interpretation of that spec. Would be great if WordPress oEmbeds behaved the same however you create them." eclev91 37868 Avoid default width styles in the markup of the audio player wonderboymusic has-patch Embeds 4.6 normal normal Future Release enhancement assigned 2016-08-29T18:51:47Z 2019-04-19T16:03:03Z "The markup for every audio player contains inline styles for setting its width to 100%, like below (simplified): {{{ <div class=""wp-audio-shortcode"" style=""width: 100%;""> <audio class=""wp-audio-shortcode"" style=""width: 100%;""> }}} Why not move that style to a stylesheet? It is the default style for ''every'' audio player, so let’s not repeat ourselves each time. Moreover, style attributes in the HTML make it hard to override styles. If you don’t want your audio player to be 100% wide you’re left with two ugly options: a) Use `!important` declarations in your own stylesheet to override it. b) Filter out the default width like this: {{{ add_filter( 'shortcode_atts_audio', 'my_shortcode_atts_audio', 10, 4 ); function my_shortcode_atts_audio( $out, $pairs, $atts, $shortcode ) { $out['style'] = preg_replace( '~(?:^|\s)width\s*+:\s*+100%;?~i', '', $out['style'] ); return $out; } }}} " GeertDD 6 49910 Embed: resizable iframes Embeds normal normal Awaiting Review enhancement new 2020-04-15T16:24:05Z 2020-04-15T16:24:05Z "Hi, I am a developer at Weezevent (https://www.weezevent.com/en-gb), a ticketing solution. I am currently developing an oEmbed provider to embed our registration widget in WordPress, that returns a ""rich"" embed containing an iframe with a fixed height. It technically works but our content height changes as the user progresses through the registration steps, so when our content is small it leaves a big gap between the end and the next paragraph in Wordpress; and when our content is big the iframe becomes scrollable. In both cases it's not looking good and not mobile friendly. Our default integration uses a js script to monitor the content size and dynamically resize the iframe. You can check an integration using our js script here https://cabaretvert.com/billets/ Scroll down to the ""Déjà commandé"" part and fold the categories or select a quantity and click ""Suite"" to trigger the resizing. \\ \\ I was wondering if you'd be willing to integrate such a script in Wordpress and enable it for iframe embeds ? I'm sure it would also be useful for other oEmbed providers. \\ \\ I know we could write a plugin to allow unfiltered embeds, but the vast majority of ours users are not technical and asking them to install a plugin will scare them off. (I'd also take being added to the official embed whitelist, but we don't fit the ""globally well-known"" requirement.) Cheers Florent" fthevenetweez 40776 "Feature request : Need class parameter for ""Twitter"" embed share" Embeds normal normal Awaiting Review enhancement new 2017-05-16T06:47:48Z 2019-04-25T13:08:46Z "'''Note:''' Twitter embedded share already working nicely. This is an only feature request. I want to update twitter embed share, but I can't edit or modify that default twitter embed share because it's an iframe. ''For example'', I want to make twitter share as a 'center aligned' within my content area when writing blog posts. (There are number of possibilities as well.) Yes, I found the solution for twitter share center alignment. We need to add one class with iframe - '''''tw-align-center''''' but there is no input box/area available in popup where I can write down my custom classes. Please check this screenshot for more detail - https://d.pr/f32E0" sanjaydabhoya 1 24712 Get errors from wp_oembed_get has-patch Embeds 3.5.2 low normal enhancement new 2013-07-08T19:23:44Z 2019-06-04T20:01:26Z "Would it be possible to add error collection to the oEmbed class? It would be more useful to provide a helpful error when a remote oEmbed source is not available rather than a generic ""there was an issue"". As an example, if you try to use wp_oembed_get() on a YouTube video that is not allowing embedding, plugins (and/or WP itself) would have the option of returning a specific error: ""The requested video doesn't not allow for embedding""." slushman 4 30720 In editor, add a button to refresh/invalidate (oEmbed) embeds cache Embeds 4.0 normal normal Future Release enhancement new 2014-12-15T15:53:31Z 2017-10-20T13:29:18Z "The inline embeds previews in WP4.0 are great, however have one major flaw: One user enters the URL, and preview is generated via oEmbed, the embed code is cached for a day for that URL. There is no way for the author to invalidate it. It generally works well, but not when user wants to experiment with different oEmbed-related plugins or settings. To keep great function, yet make it more straightforward for the user to control the flow, I'd suggest the following. '''Shall we add a button ""reload"" to the inline previews of the embeds? And/or ""reload"" button in the Edit Embed dialog?''' I trust it is a great answer to the problem and fits the user experience well. We are the authors of [https://wordpress.org/plugins/iframely Iframely] plugin. The supports issues we get since WP4.0 mostly relate to oEmbed cache. But such approach will also answer the needs of other devs and users, for example #30282." ivanp 14 49989 Invision embed code supported by WordPress reporter-feedback Embeds normal normal Awaiting Review enhancement new 2020-04-23T20:34:05Z 2020-11-12T13:19:57Z "Hi all, Is there any possibility that WordPress consider **Invision embed codes** to be accepted in their security list? [https://wordpress.org/support/article/embeds/#okay-so-what-sites-can-i-embed-from] Using the IFrame tag that Invision provides, results in a very weird experience. The prototype is half-hidden and it is not responsive. [https://support.invisionapp.com/hc/en-us/articles/360027579812-Embedding-Screens-Prototypes#embedding-a-full-mobile-prototype] Thank you very much!" ArtGoddess 2 35567 New argument `is_embeddable` for `register_post_type()` has-patch Embeds 4.4 normal normal Awaiting Review enhancement assigned 2016-01-21T20:47:31Z 2024-01-26T07:38:05Z "I really love the new oembed functions! But as much as I love the feature, it would be awesome to have an argument in the register_post_type function to choose, if the posttype should be embedable or not. I have no problem with it to be true by default, but I just would love to deactivate it for certain post types which are not that publicly used. There are already arguments like ""publicly_queryable"" or ""has_archive', so this doesn't seem off." pampfelimetten 20 59006 No title attribute on oEmbed and REST API <link>s audrasjb has-patch Embeds 6.2.2 normal normal 6.6 enhancement reviewing 2023-08-08T19:24:56Z 2024-02-20T09:28:35Z "By default, WordPress adds three `<link rel=""alternate"" ...` to the `<head>` of every post. These are missing the `title=""...""` attribute. This means that some browsers will announce the links as ""alternate"" with no explanation of their destination - see screenshot attached. The three links are: {{{ <link rel=""alternate"" type=""application/json"" href=""https://example.com/wp-json/wp/v2/posts/123"" /> <link rel=""alternate"" type=""application/json+oembed"" href=""https://sexample.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fexample.com%2Fpost%2F"" /> <link rel=""alternate"" type=""text/xml+oembed"" href=""https://example.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fexample.com%2Fpost%2F&format=xml"" /> }}} Ideally, these would have `title=""JSON""`, `title=""oEmbed (JSON)""`, `title=""oEmbed (XML)""` or similar." edent 12 43713 Privacy: Add a UI to allow administrators to disable individual embeds / oembeds Embeds 5.1 normal normal Future Release enhancement new 2018-04-06T16:28:33Z 2019-09-27T16:20:25Z "Builds on protecting our users from tracking that was introduced in https://core.trac.wordpress.org/ticket/41784 Embedded iframes allow 3rd parties to collect user's IP addresses and User Agents, to store and retrieve cookies on their browsers, to embed additional third party tracking, and monitor their interaction with that embedded content, including correlating your interaction with the content with their account with that service, if they are logged in to that service. That means, especially when EU residents are visitors, that all that needs to be disclosed in the site's privacy policy. To further improve site's users privacy, and give site owners more control over how their user's privacy is impacted (and how many 3rd party services they would need to disclose in their site's privacy policy) we should allow administrators to disable any/all embeds on their site. This UI could live alongside the privacy page setting controls recently added to core." allendav 15 54414 Support embedding Mobile Twitter URLs Embeds 5.0 normal normal Awaiting Review enhancement new 2021-11-10T16:04:55Z 2021-11-10T16:47:18Z "When embedding a mobile variant of a Tweet URL, the Gutenberg Embed block considers the URL to be an invalid embed. == Steps to Reproduce 1. Add an Embed block via the web or native mobile Gutenberg block editor. 2. Set the Embed block URL to a mobile Twitter URL: https://mobile.twitter.com/rauchg/status/807626710350839808 3. Save the Embed block settings, persisting the URL. == Expected Result The Embed block displays a preview of the Tweet as an embed. == Actual Result The Embed block marks the URL as invalid, resulting in a error message or a plain text URL. == Related * [https://github.com/WordPress/gutenberg/issues/35357 Gutenberg Issue] * [https://github.com/WordPress/wordpress-develop/blob/f2d146d3f1ebd5661af2efd3099b0c988df538c8/src/wp-includes/class-wp-oembed.php#L67-L72 Relevant oembed code] * oEmbed API response message: {{{ { ""code"": ""oembed_invalid_url"", ""message"": ""Not Found"", ""data"": { ""status"": 404 } } }}} == Environment * **WordPress:** 5.8.1 * **Theme:** Twenty Twenty-One * **Plugins:** none * **Browser:** macOS Safari 15.1" dpcalhoun 38128 Twitter Embed - Enhancement change theme Embeds lowest normal Future Release enhancement new 2016-09-22T13:34:18Z 2023-05-30T08:59:36Z "I would like to suggest to add a option to set the twitter embed theme. Currently you only can use the standard White Theme, some possibility to customize it to dark as example for dark sites would be great." Deexgnome 4 39918 Whitelist audioBoom oEmbeds Embeds 4.8 normal normal Awaiting Review enhancement new 2017-02-20T11:00:33Z 2023-05-30T09:50:56Z "{{{ sandbox=""allow-scripts"" }}} is disabling links within our iframe player on some wp sites, try the social icons on the audioBoom player in this article http://www.niemanlab.org/2017/02/in-a-chaotic-presidency-civics-101-is-giving-listeners-a-reintroduction-to-how-the-u-s-government-works/. What are the steps to getting audioBoom whitelisted so that no changes are made to the oEmbed codes? " arunaudioboom 6 40288 Whitelist oEmbed for Apple Keynote has-patch Embeds normal normal Future Release enhancement new 2017-03-28T19:40:23Z 2023-05-30T09:12:08Z "Apple's iCloud Keynote web app added oEmbed support. This ticket is for consideration on whitelisting them as an oembed provider. To test, visit iCloud.com, choose Keynote, and open a presentation. In the presentation, click the person icon along the top, next to the wrench icon. Choose Share Options and set ""Who can access"" to ""Anyone with the link"" (Permissions can be set either way, but ""View Only"" is quite enough). Pasting the URL (icloud.com/keynote/[hash]#[title]) will oembed with the incoming patch." kraftbj 6 39850 WordPress embedded links drop query vars from URL Embeds normal normal Awaiting Review enhancement new 2017-02-11T23:02:51Z 2017-02-11T23:29:04Z "When embedding a WordPress page within another post, any query strings that are passed in the URL get dropped. For example, if embedding http://example.com/page-name/?foo=bar, the actual URL that gets passed to the oEmbed function (and later on to the template files) is http://example.com/page-name/embed/ (foo=bar gets dropped). The link inside the blockquote also drops the url query variable and links to http://example.com/page-name/ instead of http://example.com/page-name/?foo=bar As I see, this occurs because the `wp_filter_pre_oembed_result` function in `embed.php` uses `url_to_postid` to get the embeded post's ID, and later `get_post_embed_url` uses that ID to create the embed permalink. So naturally any url query vars are not preserved in the final URL construction. Similarly in `get_post_embed_html`, the function uses `esc_url( get_permalink( $post ) )`, thus reconstructing the permalink without knowledge of the initial url. I encountered this when embedded a specific photo gallery (from nextcellent plugin), but I assume some other plugins such as language/translation ones may also be affected. I don't think the URL's should be dropping any of the query variables. However, if that is a requirement, it would be good to also pass on the original url in the `post_embed_url` hook to allow plugin developers to make sure to add any parameters from the original url that got dropped off in the embedded url." charleslf 2 59142 X/Twitter posts cannot be embedded has-patch Embeds normal normal 6.6 enhancement reopened 2023-08-18T15:42:05Z 2024-02-12T09:14:58Z When a link to a Tweet/X post is copied in the Twitter/X app (iPhone), it is the x.com address that is copied, not the twitter.com address. When this is inserted in a WordPress post, the post is not embedded, like a Twitter.com post. aphandersen 7 43962 Ziggeo oEmbed Whitelisting reporter-feedback Embeds normal normal Awaiting Review enhancement new 2018-05-04T15:30:02Z 2023-05-30T09:29:32Z "Disclaimer: Not sure this is the right place, but we were forwarded from Developer Support <developers@wordpress.com> to post this here. As per: https://make.wordpress.org/core/handbook/contribute/design-decisions/#whitelisting-oembed-providers We would like to apply to be considered from oEmbed whitelisting on Wikipedia. As per the different criteria you list there: - be well-established, popular, and mainstream services We have been around since 2012 and won a variety of awards for being the best API for video recording and playback. - properly and fully implement the oEmbed specification, We do and are being recognized as oEmbed provider by Tumblr, Embedly, Facebook, LinkedIn and Twitter. - Is the service is popular enough for core developers to have heard of it before? Is it “mainstream?” We have participated as sponsors in all major hackathons (including TC Disrupt) and have established our own yearly hackathon videohackday.com for the past four years now; we are the go to place for engineers and companies alike for all video recording and playback needs. - Does this service have a large following on Twitter, Facebook, or other social media? Is its Twitter account verified? We have around 4.5k followers on Twitter, much more than most other SaaS companies. The account is not verified because Twitter vertification has been stopped. - Is its oEmbed endpoint clearly established and properly documented? (Sometimes, they are just a developer’s pet project that may not be supported.) Yes. See https://ziggeo.com/docs - Does the oEmbed endpoint work with WordPress’ oEmbed auto-discovery? If not, could it be made to work with additional HTML tags or attributes being whitelisted? It should work with auto-discovery. - Does the service make an effort to build relationships with developers, such as through robust APIs? Our main business is an API. - How old is the service? 6 years - Does it have a well-established Wikipedia article? (Seriously.) Yes. - Has anyone written a WordPress plugin that leverages the service in some way, whether adding it as an oEmbed provider, creating a shortcode, or leveraging other APIs of the service? Do these plugins have any noticeable adoption or traction that would indicate usage and demand? Yes. Ziggeo has an official plugin on WP. Thank you for your consideration." oliverfriedmann 3 46190 Firefox Emoji Detection Slow has-patch Emoji 5.0.3 normal normal Awaiting Review enhancement new 2019-02-05T18:52:24Z 2022-07-06T19:25:57Z "The emoji detection script loaded by default on WordPress is parser blocking but it still progressive enhancement as it a) it runs fast, b) finishes before the style requests are being downloaded. However Firefox seems to have an issue in recent versions. I tested the times it takes on Browserstack and sometimes it goes as high as more than 1s on both Windows and Mac. The way I tested is by adding this code to functions.php {{{#!php <?php add_action( 'wp_head', function() { ?> <script>var e=new Date()</script> <?php }, 6 ); add_action( 'wp_head', function() { ?> <script>var n=new Date()-e;console.log(n)</script> <?php }, 7 ); }}} so the the wp-emoji-loader.min.js inlined in the html head is sandwiched between getting the timestamps. On other browsers it is like 8ms, 20ms but Firefox is really slow. Likely a Firefox bug, but should be a workaround for it in WP." superpoincare 2 37788 dns-prefetch s.w.org conditionally via javascript Emoji 4.6 normal normal Awaiting Review enhancement new 2016-08-23T10:31:12Z 2023-06-07T05:54:00Z "For many users, dns-prefetch to s.w.org is not needed if they aren't using Jetpack or any plugin which connects to it. It's because: 1. A page may not have an emoji 2. Even if the page has it, the browser may support emojis. Going forward the support will increase. Hence I propose the dns-prefetch to s.w.org be made only if the feature detection detects wp-emoji-release needs to be loaded or if possible page needs an emoji svg. " superpoincare 5 30170 """Start Date""/""End Date"" are confusing in the exporter" has-patch Export normal normal Awaiting Review enhancement new 2014-10-29T11:40:47Z 2017-07-22T04:03:42Z "I've been running a lot of post exports lately, and for some reason I'm constantly screwing up ""Start Date"" vs ""End Date"" when selecting an export range. The ''right'' way is Start Date == Older Date, and End Date == Newer Date. But, because my memory is pathetic (at best), I constantly forget this and end up downloading empty exports. I think there are a few potential fixes: 1) Change the wording, to something like ""Start Date (Older)"" and ""End Date (Newer)"", or different text entirely 2) Use some JS to alert the user/prevent the download if they chose a more recent month as the Start Date 3) Try to guess the user's intentions and download the export even if they screw up the order (Or perhaps some combination of the three.)" chrisvanpatten 6 19864 Abstract export_wp() for use by CLI scripts Export 3.3.1 normal normal enhancement reopened 2012-01-20T18:16:17Z 2019-06-04T19:43:40Z "Need to be able to execute an export from the PHP CLI for the purpose of running cron / maintenance scripts that write out exports. This would include writing additional hooks that allow the arguments to be pulled from the cli as well as hooks that allow the output to redirected from the output buffer to a file. Related ticket: #19863, extra hooks for manipulating content and arguments of an export" scottconnerly 5 39298 Add filters for the exporter Export normal normal Awaiting Review enhancement new 2016-12-15T15:25:36Z 2019-03-15T01:06:47Z "I think being able to enhance the exporter with plugins would be very helpful. If there was a filter for the export options where custom export queries could be made to possibly return the $post_ids to be exported I think that would be a great addition because I recently had to edit the core export file to build a custom export query. I noticed one plugin attempted this but resorted to completely replacing the export.php file. " stormrockwell 55762 All export xml files have same name dev-feedback Export normal normal Future Release enhancement new 2022-05-18T09:09:58Z 2022-06-07T14:38:53Z ​All download export files​, whether posts or pages ​give the same file name.​ Its difficult to manage if you have several of them because unlike a picture or a word file that you can open and see the contents, a user cannot see the content of the xml file until they upload into a WordPress panel. Loading the wrong file means one needs to clean up and then go back to look for the right file. I suggest each xml download from the Export panel bear the unique name of the file. ​ martiniwebb 4 33461 Allow filtering of meta_value in exporter Export normal normal enhancement new 2015-08-20T08:46:22Z 2020-07-02T15:50:40Z "Hi, There are some filters in the exporter code that allow developers to modify the exported XML data according to their needs. One filter that is missing is the ability to filter the {{{ meta_value }}} field. This can be very helpful ie. to filter out urls or any other data that's being stored there. I'm attaching a patch to be applied to the core. " newkind 1 22435 Export API dev-feedback Export normal normal Future Release enhancement new 2012-11-13T16:41:55Z 2017-12-13T21:26:06Z "From experience and from tickets (#19864, #19307, #17379) it's evident that we need to update the export API. High level goals: * To be usable from different parts of the code. From the web backend, from a CLI script, from an async job. * To allow more control of the output format – serve over HTTP, write a single XML file to disk, split it and write many smaller XML files, write a big zip with many XML files, etc. * To allow exporting the data without querying all the posts at once, so that we can fit the exports to memory. * Keep {{{export_wp()}}} for backwards compatibility without the need to keep all (even any) of its code. Here's my idea for the part of the API 99% of the developers touching export would use and be happy: {{{ #!php <?php // WP_WXR_Export is an aimmutable representing all the data needed for the export and allows us to have it in multiple formats $export = new WP_WXR_Export( array( 'start_date' => '2011-10-10', 'post_type' => 'event', … ) ); backup( $export->get_xml() ); // string $export->export_to_xml_file( 'mom.xml' ); send_to_mom_to_import( 'mom.xml'); $export->serve_xml(); // with all the headers and stuff $export->export_to_xml_files( '/files/exports-for-my-awesome-website/', 'export-%02d.wxr.xml', 5 * MB_IN_BYTES ); }}} Before I dive into implementation details (in the comments, not to pollute the ticket), I'd like to hear what use cases for extending this code you have in mind and where should we draw the line. Adding more output writers? Adding custom export data? Adding formats different from WXR? " nbachiyski 48 28146 Export Filter for Post IDs has-patch Export 2.1 normal normal enhancement assigned 2014-05-06T10:47:48Z 2019-06-04T19:45:46Z "I know there is an action hook '''export_wp''' we can use to create our own export function for custom post queries. The idea is to apply filters for the $post_ids at wp-admin\includes\export.php line 87 {{{ $post_ids = $wpdb->get_col( ""SELECT ID FROM {$wpdb->posts} $join WHERE $where"" ); }}} to {{{ $post_ids = apply_filters( 'export_post_ids', $wpdb->get_col( ""SELECT ID FROM {$wpdb->posts} $join WHERE $where"" ) ); }}} so we can do custom post queries to generate the post id(s). " zourbuth 18 31084 Export capabilities should allow the current user to export their own posts Export normal normal enhancement new 2015-01-21T09:30:53Z 2019-06-04T19:47:38Z "Currently, exporting is restricted to users with the 'export' capability (Admins, Network Admins), which effectively locks Editors, Authors, and Contributors out of the the process. I am proposing that an implicit capability in the exporter be created whereby users without the 'export' capability can choose to export their own posts. The functionality to select a single user's posts for exporting is already built-in for those with the capability, so there is no underlying exporter code that needs to change. Front-facing modifications would include adding a message to the Export screen for non-Admins explaining that they can only download their own posts, specifying the proper single-user form parameters by default, and a few checks on the back-end to avoid any forgery. Functionally, this enhancement would free users to own and control their content, and may help prevent site owners from holding their contributors' content hostage." rileypaulsen 6 36818 Export filter for post meta dev-feedback Export normal normal enhancement new 2016-05-11T20:00:14Z 2019-06-04T19:58:11Z "It would be handy if we had a filter for modifying post meta before it is written to an export file. Our plugin stores serialized arrays in post meta that get corrupted from time to time during the export/import process. The attached patch/filter would allow us to store the data differently in an export file to prevent that from happening. " justinbusa 10 32130 Export tool should manage users Export 3.1 normal normal enhancement new 2015-04-25T10:26:12Z 2020-07-06T14:50:40Z "I'm migrating a site from a server to another with the export/import tool. Users are not imported but new users are created, consequently users informations (including password) are lost. Export tool shoud export/import users as well as pages, articles, ..." jerome.martin 1 48366 Export valid paragraphs HTML with wpautop applied Export normal normal Awaiting Review enhancement new 2019-10-18T12:26:13Z 2021-05-25T18:23:11Z "WordPress exports post content mostly as is from database. It runs through `the_content_export` filter, which does not by default have any of the typical `the_content` filters added. The most visible impact is that `wpautop()` is not applied and paragraphs have no `<p>` tags around them. Effectively this makes exported content corrupted for systems other than WordPress itself. In spirit of ""own your data"" I suggest this is reconsidered, in favor of exporting valid platform-agnostic HTML markup. From a quick look on implementation levels it seems just adding `wpautop()` might not be sufficient due to a special blocks-related logic in WP 5+ ? Or can that be ignored for export purposes?" Rarst 27048 Export: Allow multiple post types to be selected needs-unit-tests Export 3.8 normal normal enhancement new 2014-02-07T09:39:39Z 2022-05-18T16:49:01Z The export tool currently only allows for all post types to be exported, or for only one to be exported. I propose fixing this so that the selection is made via checkboxes and any number of post types can be exported. This will be beneficial in many use cases. hlashbrooke 34 37848 Form fields misaligned on export.php has-patch Export 5.2.1 normal normal Awaiting Review enhancement new 2016-08-27T10:57:16Z 2019-06-17T13:54:31Z "On the export page, all the form fields are misaligned. Refer attached screenshots for a better view." adhun 6 39021 Import Export Attachments Export 4.6.1 normal normal Awaiting Review enhancement new 2016-12-02T02:52:10Z 2019-03-19T02:01:50Z "Currently when we export a post type, it seems that the post thumbnails are exported as id's. It would be fantastic if these could be exported as url's to the images as otherwise there is no way for a separate install to import the post data. currently, for posts with a thumbnail the below or similar is added to the `<item>` {{{ <wp:postmeta> <wp:meta_key><![CDATA[_thumbnail_id]]></wp:meta_key> <wp:meta_value><![CDATA[9]]></wp:meta_value> </wp:postmeta> }}} I propose this is moved to `<wp:attachment>` or `<wp:post_thumbnail>` and the specific postmeta for `_thumbnail_id` removed from postmeta and re-created on each import. Problems with my suggestion that I've considered * Re-importing (w|c)ould create duplicate media. As the post has to exist for post-meta to be added. Maybe using the basename function we could check for existing media, maybe it's an edge case... I think this is unlikely to be a large problem and it potentially empowers less technical users. * Some plugins would see no benefit as they use either custom metadata keys or multiple attached images (like WooCommerce). I'd suggest this could be mitigated by adding a filter of an array of strings that on import / export treats a list of fields as keys to treat as thumbnails) " LewisCowles 19307 "Need ability to export ""All content"" but limited to date range" Export 3.1 normal normal enhancement new 2011-11-20T23:19:43Z 2019-06-04T19:43:35Z "Need ability to export ""All content"" but limited to date range ==== ENV ==== WP 3.3-beta3-19254 (trunk r19367) ==== Additional Details ==== For a larger site is a common scenario to need to export all content, but because of resource limitations or time constraints it cannot be done in a single export. Exporting individual post types is not a work around, further you lose attachments on posts when exporting just ""posts"", and that breaks features including Featured Images. ==== Also Consider ==== Another common scenario for media and enterprise customer is wanting to export a period of time to further analysis that content, or stage it in their development environment for debugging an issue, or developing new designs and features." lloydbudd 19 36340 Other options ignored when using a custom post type with export_wp() Export normal normal Future Release enhancement new 2016-03-25T22:17:35Z 2020-07-06T14:09:01Z "While writing the improved docblock for `export_wp()`, I noticed something that may be an issue when a custom post type is supplied. For the built-in post types you can filter the exported content by start date, end date and/or author. But not with a custom post type: with them it's everything. Is this by design? The fix could be to modify line 113 to include the custom post type option because by that point we know that it's both valid and `can_export` is true thanks to the stuff starting on line 88. I don't use this code myself but it did jump out at me. Thoughts?" theMikeD 1 47446 Tools > Export does not include term meta data for a custom post type Export 5.2.1 normal normal Awaiting Review enhancement assigned 2019-05-31T15:38:54Z 2019-05-31T15:38:54Z "Steps: # Register a public custom post type # Register a custom taxonomy with a custom term_meta # populate with dummy posts, terms and term meta values # go to tools > export and select your custom post type # The resulting XML is perfectly valid and includes all posts along with the terms of the taxonomy. Observe that none of the terms have their corresponding term_meta Expected: When exporting content of one custom post type, the term_meta should be included. Solution: I have not found one. Looking at wp-admin/includes/export.php:148 I can see that $terms is only populated when $args['content'] is set to all (""All Content""). Here the source I am referring to: https://github.com/WordPress/WordPress/blob/5.2.1/wp-admin/includes/export.php#L148 Environment: WP 5.2.1, WAMP, PHP7.2 " mclaurent 58982 Tools > Export does not include termmeta data for post categories Export 6.3 normal normal Awaiting Review enhancement new 2023-08-04T12:44:38Z 2023-08-04T18:07:11Z "Steps to reproduce * Populate some posts and categories on a clean WordPress installation. * Add some term meta fields to those categories. * Go to Tools > Export and export Posts, then All categories. * The export file contains no `wp:category` entry for any categories, hence categories term meta fields are not included. * Go back to Tools > Export and export Posts, then a single category. * The new export file contains no `wp:category` entry for the selected category, hence its term meta fields are not included either. " jadpm 2 26311 Updated (responsive) Tools -> Export admin screen Export 3.8 normal normal Awaiting Review enhancement new 2013-11-29T05:02:40Z 2019-02-26T02:25:27Z "Updated Tools -> Export admin screen Switched from un-ordered lists based html to tables based HTML based on Permalinks admin screen. ''No javascript was harmed in this patch...'' " netweb 7 28375 export posts/pages query chriscct7 Export 3.1 normal normal enhancement assigned 2014-05-27T14:11:42Z 2019-06-04T19:45:51Z "In wp-admin/includes/export.php on line 75 the following check has been done: {{{ if ( 'post' == $args['content'] || 'page' == $args['content'] ) { } }}} This can be removed so the check can be done foreach post? " alcowink 2 48180 extend export with filter for join and where clause Export 5.2.3 normal normal Awaiting Review enhancement new 2019-09-30T10:29:31Z 2019-09-30T11:37:29Z "In attachment I send a patch to add two lines for filters to change external the join and where clause to make it possible to export only the right posts. **I hope your can take it into the core.** Background: I have an user defined post type ""bp-blog"", which extends the default blog with buddypress group functionality. Therefor I save the buddy press group id in postmeta. Now I want export only the ""bp-blog"" posts for a specific group. Without the filter I cannot modify the request query and all ""bp-blog"" posts are exported. Here my usage of the the new filter: {{{#!php <?php add_filter('export_filter_join', 'export_filter_join', 0, 2); public function export_filter_join($join, $args = array()) { if ($args['content'] != 'bp-blog' && !isset($args['group'])) { return $join; } global $wpdb; $join .= "" INNER JOIN {$wpdb->postmeta} ON ({$wpdb->posts}.ID = {$wpdb->postmeta}.post_id)""; return $join; } }}} and {{{#!php <?php add_filter('export_filter_where', 'export_filter_where', 0, 2); public function export_filter_where($where, $args = array()) { if ($args['content'] != 'bp-blog' && !isset($args['group'])) { return $where; } global $wpdb; $where .= "" AND wp_postmeta.meta_key = '_bp_group' AND wp_postmeta.meta_value = {$args['group']}""; return $where; } }}} " mgleich 3 14757 users with no posts are not exported dev-feedback Export 3.1 normal normal Future Release enhancement reopened 2010-09-01T18:14:31Z 2020-07-06T14:48:39Z I just exported a large standalone site and imported into a multisite setup, and I discovered that a number of users who hadn't yet posted anything didn't get moved to the new site. sillybean 7 18909 Bundled jQuery UI should have CSS close External Libraries 3.3 normal normal Future Release enhancement assigned 2011-10-11T18:53:57Z 2022-10-04T06:37:42Z "Now that all of jQuery UI is in core, matching CSS should also be included for use in the admin in both color schemes. Related: #17952" helen 67 42780 Code Editor: Linter (HTMLHint) should show error if checkbox doesn't have associated <label> External Libraries 4.9 normal normal Future Release enhancement new 2017-12-03T17:32:45Z 2020-12-04T16:34:45Z "The Custom HTML Linter should show an error if an checkbox field does not have an associated label element. This would be a good improvement for accessibility. To reproduce: 1. Create a custom HTML widget 2. Enter the following code: {{{ <input type=""checkbox""> Checkbox Label }}} 3. No warning/error appears. " shooper 10 49837 JSDoc correction for wp-includes\js\colorpicker.js has-patch External Libraries normal normal Awaiting Review enhancement new 2020-04-07T06:30:09Z 2020-05-06T17:01:46Z In this function, Comment section is not proper with parameter and return type. jitendrabanjara1991 3 39714 Proposal: Use Full PHPMailer library has-patch External Libraries normal normal Awaiting Review enhancement new 2017-01-26T22:20:40Z 2023-02-02T15:34:11Z "Currently we're using a customized version of phpMailer that strips out some features. This is most evident when you compare class.smtp.php: Ours: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-smtp.php#L465 Official: https://github.com/PHPMailer/PHPMailer/blob/v5.2.21/class.smtp.php#L465-L527 We're missing sections which plugin developers are using to support extended features (oauth, ntlm, etc). By leaving this out, we introduce a reason for them to include versions of PHPMailer which they then have to update in the case of security issues (such as the sort that predicated the 4.7.1 core release). If we were to include the full library, it would be easier (and faster) for core to update in case of security issues, and it would provide more flexibility and security for plugins and (by extension) users of WordPress." Ipstenu 8 10955 Replace ThickBox dev-feedback External Libraries 2.9 normal normal Future Release enhancement reopened 2009-10-14T14:37:42Z 2023-11-10T16:01:17Z "Have you thought about replacing ThickBox? It is no longer under development (as their site says) and it doesn't conform to standard jQuery plugin practices. For example, I'm trying to use it for a plugin of mine and I'm wanting to tie into the ""onClose"" event for ThickBox which isn't too easily done. I know I could just include one of the other plugins, like colorbox, with my plugin but I think it'd be a great service to other developers if you included a more flexible library. (I would have assigned this to 3.0+ but the option isn't available.)" aaron_guitar 41 59580 Test_Diff: sync with upstream External Libraries normal normal 6.6 enhancement new 2023-10-10T11:11:54Z 2024-02-17T14:23:27Z "Follow up on ticket #58298. The `Text_Diff` library, as included in WP, is an external dependency, which hasn't been kept up to date with the original source - i.e. with ""upstream"". The WP local version has also received some WP-only patches, typically for issues related to compatibility with new PHP versions. It should be investigated if there are changes upstream which need to be included in the WP version of the library and if the WP version of the library contains any fixes which aren't included yet upstream and should be (and don't have an open pull request upstream). Relevant parts from the conversation in #58298: @SergeyBiryukov in https://core.trac.wordpress.org/ticket/58298#comment:3: > > The `Text_Diff` library is an external dependency, however, AFAIK it is no longer externally maintained. > > The [https://github.com/pear/Text_Diff pear/Text_Diff] project on GitHub had a release in 2019 and appears to have [https://github.com/pear/Text_Diff/commit/14a70077f643739639845cebaea36a58d647b8c7 recent commits], though is indeed no longer actively maintained, as it has been deprecated and superseded by [https://github.com/horde/Text_Diff Horde_Text_Diff]. > > We could probably consider switching to the newer package. On at least one occasion though, we encountered a bug in the upstream version, see comment:5:ticket:41526, that was patched using a different approach in [42028] / #41526. As far as I can tell, there were [https://github.com/horde/Text_Diff/commits/master/lib/Horde/Text/Diff/Engine/Native.php no further changes] upstream after the [comment:12:ticket:41526 commits in question], so the issue still exists there. > > I have not yet checked whether a [https://github.com/pear/Text_Diff/pull/7 similar fix for pear/Text_Diff] has the same issue. > > > I wonder if it may be prudent to create a repo to maintain this code as a package within the WP organisation ? > > Would it be worth comparing the current code in core with the [https://github.com/pear/Text_Diff pear/Text_Diff] version and checking if a switch would be possible? Otherwise, it looks like we may indeed have to continue maintaining this package for the time being, either in core or separately, to ensure compatibility with newer PHP versions. @jrf in https://core.trac.wordpress.org/ticket/58298#comment:6: > Yes, I think it would be very good if we could take the following actions (probably in a separate ticket though): > * Compare the current version of the package in WP Core with the upstream version of `pear/Text_Diff`. > * Compare the current version of the package in WP Core with the upstream `horde/Text_Diff` package. > > Based on the findings, discuss follow-up steps. > > If we'd decide to upgrade to either the newer version of `pear/Text_Diff` or to `horde/Text_Diff`, I do still think adding at least _some_ tests to safeguard the integration would be a good thing. That way we can also safeguard that the upgrade does not cause any avoidable problems (at least for those situations which we are testing for). @oglekler in https://core.trac.wordpress.org/ticket/58298#comment:10: > This open PR is addressing the issue we had fixed from our side: https://github.com/pear/Text_Diff/pull/8/files" jrf 2 48456 Update CodeMirror to latest version early External Libraries normal normal Future Release enhancement new 2019-10-29T07:55:36Z 2022-10-05T19:48:17Z "From what I can see in the [https://core.trac.wordpress.org/browser/trunk/src/js/_enqueues/vendor/codemirror/codemirror.min.js JS file], we are using CodeMirror version 5.29.1 which is over 2 years old, according to https://codemirror.net/doc/releases.html A lot has happened since then, with the current release being 5.49.2. We should update and set a good example. Getting this in early for 5.4 will allow for testing." TobiasBg 5 60515 Update `regenerator-runtime` polyfill has-patch External Libraries normal normal Awaiting Review enhancement new 2024-02-12T19:51:19Z 2024-02-19T10:00:47Z "A new version of the `regenerator-runtime` polyfill (0.14.1) is available. The [https://github.com/facebook/regenerator/compare/v0.14.0...v0.14.1 full of changes] are on [https://github.com/facebook/regenerator/ GitHub]." desrosj 1 60512 Update backbone.js to the latest version (1.6.0) has-patch External Libraries normal normal Awaiting Review enhancement new 2024-02-12T17:27:37Z 2024-02-19T09:11:23Z Version 1.6.0 of Backbone.js is available (see [https://backbonejs.org/#changelog changelog]). desrosj 2 54034 Update jQuery UI Touch Punch to the latest version Hareesh Pillai dev-feedback External Libraries normal normal Future Release enhancement assigned 2021-08-28T19:39:10Z 2023-03-23T17:20:07Z A new version of jQuery UI Touch Punch is available ([https://github.com/furf/jquery-ui-touch-punch/blob/master/jquery.ui.touch-punch.min.js v 0.2.3]). However, this version was released 7 years ago and might have issues while updating. Hareesh Pillai 15 60514 Update whatwg-fetch library has-patch External Libraries normal normal Awaiting Review enhancement new 2024-02-12T19:49:10Z 2024-02-19T09:23:11Z "A new version of the `whatwg-fetch` polyfill (3.6.20) is available. The [https://github.com/JakeChampion/fetch/blob/main/CHANGELOG.md changelog] and [https://github.com/JakeChampion/fetch/compare/v3.6.17...v3.6.20 full of changes] are on [https://github.com/JakeChampion/fetch/ GitHub]." desrosj 1 43749 Update zxcvbn to 4.4.2 has-patch External Libraries normal normal Future Release enhancement assigned 2018-04-12T16:32:33Z 2021-11-18T20:42:43Z "4.4.2 contains several bug fixes. For a full list of changes, see https://github.com/dropbox/zxcvbn/compare/v4.4.1...v4.4.2." desrosj 25 60516 Upgrade Moment.js to the latest version has-patch External Libraries normal normal Awaiting Review enhancement new 2024-02-12T20:02:55Z 2024-02-19T08:46:30Z "A new version of the `moment` (2.30.1) is now available. The [https://github.com/moment/moment/blob/develop/CHANGELOG.md changelog] and [https://github.com/moment/moment/compare/2.29.4...2.30.1 full of changes] are on [https://github.com/moment/moment GitHub]." desrosj 1 60478 Upgrade to JQuery 4 External Libraries normal normal Future Release enhancement new 2024-02-08T20:52:50Z 2024-03-04T09:07:43Z "JQuery just released a beta version of jQuery v4. Is this something that wp core will be looking to implement? https://blog.jquery.com/2024/02/06/jquery-4-0-0-beta/" nickchomey 5 48499 request: bundle unminified jQuery External Libraries 5.2.4 normal normal Awaiting Review enhancement new 2019-11-05T10:24:47Z 2019-11-05T15:53:15Z "This is a follow-up to #47020. WordPress is including a patched jQuery 1.12.4 now as we require this version but need to patch in security related fixes; whereas jQuery is supporting only newer versions. However we do not include an unminified jQuery. As a result this makes this makes it very hard to verify certain which patches are included, as the source code is not available, and the minification process differs from jQuery's therefore an online diff contains a lot of false positives. To have verifiable patches I'd like to request that we please keep a list of fixes somewhere (whether it's ticket numbers or full documentation), start including an unmodified jQuery, and verify the bundled jQuery contains all patches post 1.12.4. " pacifika 1 52536 "Add ""X-Robots-Tag: noindex"" to feeds by default" Feeds normal major Awaiting Review enhancement new 2021-02-16T10:46:30Z 2024-01-08T21:42:17Z "We’ve noticed that spammy websites are linking to RSS search results on our site that include their domain in the search terms. For example, if our site is wordpress.org and their site is example.com, they might link to wordpress.org/search/+example.com+best+pharmacy+pills+online/feed/rss2/ For normal WordPress searches, this isn’t a problem because the search results are set to “noindex”. However, these RSS2 pages are outputted as XML and don’t include any kind of “noindex” tag, so Google recognizes them as being indexable pages. Looking around Google, it seems like this type of blackhat SEO technique is fairly common and most likely done in bulk by bots. SEO plugins like Yoast and AIOSEOP appear to add a ""noindex"" tag to the search result pages, but neither of them seems to add that response header to the feeds, which means that most WordPress sites are vulnerable to that tactic. Since feeds and search pages are built into WordPress's core and most people wouldn't want their results to be indexed anyway, can we add noindex to those two types of pages by default?" pikamander2 10 46227 Add Rel-Feed Link to Header needs-unit-tests Feeds low trivial Future Release enhancement reviewing 2019-02-10T17:35:29Z 2021-05-13T20:03:29Z "When the front page is not the posts page, proposing that Core add a link in the header to the actual posts page, using the rel=feed designator. https://blog.whatwg.org/feed-autodiscovery Example <link rel=""feed"" type=""text/html"" href=""/posts"" title=""Posts Page"" /> This would allow a system to figure out where the posts page is." dshanske 35 42261 Add Support for No Limit Queries to 'posts_per_rss' . has-patch Feeds 4.8.2 normal normal Future Release enhancement new 2017-10-18T18:12:32Z 2018-11-14T21:12:57Z Setting `posts_per_rss = -1` will result in a query with `LIMIT 0, -1`. ohryan 4 43604 Add option to completely disable syndication feeds Feeds normal normal Awaiting Review enhancement reopened 2018-03-21T21:04:46Z 2019-01-16T06:50:09Z "Some site owners do not want to provide RSS/Atom/whatever feeds, for various reasons. Right now, there is no way to globally disable feeds. The current way to disable feeds involves: - hiding feed URLs from the end user (by removing the ""Meta"" widget from the sidebar and removing the feed links from the header) - filtering the functions that write the feed URLs - disabling feed endpoints by deleting the array containing the feed types in WordPress core - hooking in to the `do_feed_x` actions to redirect the user to a 404 See for example the instructions for disabling feeds one user provides [https://wordpress.stackexchange.com/questions/33072/how-to-remove-feeds-from-wordpress-totally here]. It would be nice if there was a setting in `options-reading.php` to disable syndication feeds altogether, which disables display and generation of the feeds across the whole site." seanleavey 2 50441 Allow CORS for RSS feed Feeds normal normal Awaiting Review enhancement new 2020-06-20T18:22:19Z 2021-10-08T06:59:23Z "I'm developing an in-browser RSS reader and want to get an RSS feed from my blog on WP.com but browser (both Chrome and FF) shows me the error: {{{ Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://wordpress.com/blog/feed/. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). }}} Here is a small example to reproduce: {{{ <html> <head> <script src=""https://unpkg.com/rss-parser/dist/rss-parser.min.js""></script> <script> let parser = new RSSParser(); parser.parseURL('https://wordpress.com/blog/feed/', function(err, feed) { if (err) throw err; console.log(feed.title); feed.items.forEach(function(entry) { console.log(entry); }) }) </script> </head> </html> }}} This is quite popular thing that a lot of peoples tries to do: https://www.google.com/search?q=wordpress+feed+cors That's one of the main reasons why most browser JS RSS readers requires to use a dedicated proxy server that will make a server to sever call to retrieve the RSS: * https://github.com/sdepold/jquery-rss proxies RSS fetch via Feedr. * https://github.com/enginkizil/FeedEk proxies RSS fetch via Feed API * https://github.com/rbren/rss-parser uses https://cors-anywhere.herokuapp.com The fix is easy: {{{ add_action( 'pre_get_posts', 'add_header_origin' ); function add_header_origin() { if (is_feed()){ header( 'Access-Control-Allow-Origin: *' ); } } }}} But I wan't the fix to be added into WP trunk because my reader will mostly consume RSS from wordpress.com or many other WP blogs. It should be fine to allow CORS requests to feed. The only one problem is a security concern. Hacker can make a DDoS by pasting on some popular site an <img> tag with src to WP feed and this will produce a big load to WP instance. But here we can add a simple check: when browser requests an image it sends the header `Accept: image/webp,image/apng,image/*,*/*;q=0.8` while JS RSS headers can set the `Accept` header manually to `application/rss+xml`. Actually the rss-parser already sends the `Accept: application/rss+xml`. So on the server side we can just check that client requested exactly the feed and only then try to generate it. As far I see this is something really important (because already used workarounds) and it should be easy to implement and safe to enable by default. So I'll set Major severity. " stokito 5 43860 Dead code in feed_links_extra() has-patch Feeds 3.7 normal normal Future Release enhancement new 2018-04-25T17:34:26Z 2019-01-09T06:03:08Z "Probably a detail, but in {{{general-template.php}}}, function [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/general-template.php#L2799 feed_links_extra()] contains two {{{elseif}}} statements with the same condition {{{if ( is_post_type_archive() )}}}. The second one can't be reached and can be considered as dead code." dmenard 5 55909 Do WordPress feeds need pagination query SQL_CALC_FOUND_ROWS? Feeds 6.0 normal normal Awaiting Review enhancement new 2022-06-03T07:40:59Z 2022-06-03T15:20:46Z "It seems that by default, WordPress feeds endpoints generate an extra SQL_CALC_FOUND_ROWS query, because the `no_found_rows` query parameter [https://github.com/WordPress/wordpress-develop/blob/2c06c9afd5ba32a0f55a9f8313e636fbcb698cab/src/wp-includes/class-wp-query.php#L1943 defaults] to false. On large sites with ten of thousands of posts, this can create slow queries which overall can affect the database performance. While checking the docs and expected functionality of feeds https://wordpress.org/support/article/wordpress-feeds/ , I don't see any mention for pagination, so my question is: Are feeds supposed to have pagination enabled and if NOT, does it make sense to set the `no_found_rows => true` for the default WP_Query when feeds are triggered? So far, I've managed to fix it with {{{#!php <?php function feed_filter($query) { if( $query->is_feed && $query->is_main_query() ) { $query->set('no_found_rows', true); } } add_action( 'pre_get_posts', 'feed_filter' ); }}} but curious if there might be other implications to this?" ovidiul 1 48414 Enhancement: feed_links_extra needs filter to remove a feed from pages Feeds normal normal Awaiting Review enhancement new 2019-10-23T19:40:25Z 2019-10-23T19:40:25Z "Use case: If your site doesn't have comments, or uses a service like disqus, the singletitle feed is useless and always empty (since comments are open, just not using wordpress native commenting). I'd like to be able to remove it from the header. Other use cases are if people do not want to provide an RSS feed for a tags or authors. Suggestion: allow a filter on feed_links_extra to eliminate the echoing of that feed into the header. This ticket proposes filtering the default values: https://core.trac.wordpress.org/ticket/43225 Perhaps modify that to accept null or false values for things like 'singletitle' and if false, skip the creation of that item. " sgatz 34083 Feed for post type should link to post type archive if available stevenkword dev-feedback Feeds normal normal Future Release enhancement assigned 2015-09-29T20:50:33Z 2017-03-17T19:16:03Z "This post type feed: https://yoast.com/dev-blog/feed/ has {{{ <link>https://yoast.com</link> }}} Even though that particular post type has a post type archive. IMHO, it should link to the post type archive `https://yoast.com/dev-blog/`. " joostdevalk 7 40587 Feed link markup should contain rel and type attributes has-patch Feeds normal normal Future Release enhancement new 2017-04-27T18:31:44Z 2017-05-19T15:01:56Z "The markup of feed links should really contain a {{{rel}}} and a {{{type}}} attribute. For example: {{{<a rel=""alternate"" type=""application/rss+xml"" href=""https://example.com/feed"">#</a>}}} The {{{post_comments_feed_link()}}} is an example of where this doesn't happen." henry.wright 12 9611 Make comment feeds fail with an error code when comments are closed dev-feedback Feeds 2.8 normal normal enhancement new 2009-04-21T14:12:42Z 2019-06-04T19:42:34Z "This is mostly a suggestion as an enhancement. When you close a post's comments and pings, it should no longer output an rss feed. Instead, it should return a not found (404) or gone (410) error and die. Likewise, if all posts and pages on a site disallow comments and pings, the comments feeds should not be broadcast, and should return the same error code. Thoughts?" Denis-de-Bernardy 9 9510 Multiple feed fixes and enhancements dev-feedback Feeds 2.7.1 normal major enhancement new 2009-04-11T09:36:47Z 2019-06-04T19:42:32Z Currently, the feed always returns the same subtitle, self link, alternate link and replies link no matter what the page type is. I think they should be different for each page type. peaceablewhale 26 13867 New filter for comment RSS feed's title killua99 has-patch Feeds 3.0 normal normal Future Release enhancement assigned 2010-06-12T21:53:07Z 2021-11-10T03:51:19Z "I'd like to be able to customize comments titles in RSS feed. Currently it's hardcoded and has no way to be changed, so I added 2 new filters so that plugins can edit them. I've tested and patch is working for me." shidouhikari 31 57107 No-op `MagpieRSS` dev-feedback Feeds normal normal Awaiting Review enhancement new 2022-11-14T15:44:34Z 2023-05-30T16:34:08Z "MagpieRSS is an XML-based RSS parser built in the days of PHP 4.x. MagpieRSS has been deprecated in WordPress since version 3.0 was released in 2010. The library itself has not been updated since 2004 and is abandoned. Since then the library has continued to be included with WordPress to avoid breaking any sites that may have been using it. It has been deemed an ""adopted"" external library, but only the following very minor updates have been made: - inline documentation. - changes to avoid fatal PHP errors in modern versions of PHP. - changes to avoid deprecated notices/other warnings in modern versions of PHP. Looking at the plugin directory, there is [https://wpdirectory.net/search/01GHVBFXQJA6M0VH9FVT4HHF1S almost no meaningful usage of the class]. 90-95% of the matches are false positives related to identifying when a crawler is accessing pages/feeds. Enough time has passed since deprecating this class where no-opping can be considered to avoid continuing to ship code that no one is using." desrosj 4 41905 Only loop over enclosure meta keys in rss_enclosure() and atom_enclosure() has-patch Feeds 2.2 normal normal Awaiting Review enhancement new 2017-09-18T10:26:38Z 2018-08-23T10:55:28Z "Instead of getting all post meta keys for the current post and then filter out the {{{enclosure}}} keys: {{{ foreach ( (array) get_post_custom() as $key => $val ) { if ($key == 'enclosure') { }}} we could only get the ones we need with: {{{ $meta_enclosures = get_post_meta( get_the_ID(), 'enclosure', false ); foreach ( (array) $meta_enclosures as $key => $val ){ }}} where {{{get_post_custom()}}} is a wrapper for {{{get_post_meta( get_the_ID() )}}}. See {{{atom_enclosure()}}} [https://github.com/WordPress/WordPress/blob/bbb8d48086b7d10908f4fda673585ee122f2851d/wp-includes/feed.php#L463 here] and {{{rss_enclosure()}}} [https://github.com/WordPress/WordPress/blob/bbb8d48086b7d10908f4fda673585ee122f2851d/wp-includes/feed.php#L463 here]. " birgire 14 6425 Support for RTL in feeds close Feeds normal normal Awaiting Review enhancement assigned 2008-03-27T20:56:51Z 2023-02-02T13:42:09Z "In the current state of most Feed readers, the only surefire way to make RTL content display properly is to have directionality enforced inside the content - that is, either with {{<div dir=""rtl"">}}} tags inside CDATA or with Unicode directionality characters (for e.g., RLE and PDF, or ‫ and ‬, or U+202B and U+202C.) for excerpts or titles. While we currently have pretty good support for RTL languages, there is no support for RTL in feeds - all is left up up to the feed reader. I suggest adding a mechanism to automatically insert these tags/characters for blogs that have text_direction set to RTL - much in the same way RTL css style sheets are loaded for these blogs. I have attached a patch that modifies the feed templates to insert these tags/characters. Note that there is no checking of blog directionality here - this is just an example of how to enforce RTL in feeds, not how to enforce it conditionally. This relate to a previous ticket I submitted (#5517), regarding adding an option to set the feed language - which currently just defaults to EN. Certain feed readers know to display RTL text in proper directionality according to feed language (for e.g., feeds that have their feed language set to HE (Hebrew), will get displayed from Right to Left). While setting feed language is not a comprehensive solution, it is a step in the right direction." RanYanivHartstein 8 8828 Tags and Categories are undifferentiable in Atom and RSS feeds has-patch Feeds 2.7 low minor Future Release enhancement new 2009-01-09T11:48:18Z 2018-02-08T16:03:00Z "In RSS feeds this can be achieved using the 'domain' attributes of the category element. This is already done in WordPress export through the wxr_post_taxonomy function, so we just have to do the same in RSS feeds. In Atom feeds this can be achieved using the 'scheme' attributes of the category element. The Atom standard is not explicit about what to put in this scheme attributes. There is [http://edward.oconnor.cx/2007/02/representing-tags-in-atom an interesting topic on Edward O’Connor blog]. In my proposed patch, i decided to use the 1st representation and i also considered seriously the 2nd. In the patch, i'm also adding the 'label' attribute to the atom category element and changed the 'term' attribute to be the tag slug. Seems this are currently the best practices in the Atom community." znarfor 6 26530 Unnecessary database requests and untidy code in do_enclose has-patch Feeds 3.8 normal normal enhancement new 2013-12-11T02:05:39Z 2019-06-04T19:45:12Z "The function do_enclose in wp_includes/functions.php is 62 lines long with up to 8 levels of intendation, and begins with the comment {{{ //TODO: Tidy this ghetto code up and make the debug code optional }}} The single biggest problem of this code might be that it unnecessarily asks the database if links are referenced as enclosures or not for the current post, once for every new link. {{{ foreach ( (array) $post_links as $url ) { if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( ""SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)"", $post_ID, like_escape( $url ) . '%' ) ) ) { }}} This information is already available through $pung, {{{ $pung = get_enclosed( $post_ID ); }}} do_enclose also always uses extension guessing to determine the mime type of a link, even when there is header information available. Bad naming of variables and bad separation of tasks makes the workings this function difficult to grasp." joakimf 3 11585 WordPress should cache failed feed fetches so as to avoid overloading feed sources pbearne has-patch Feeds 2.9 normal normal enhancement assigned 2009-12-24T02:25:17Z 2024-02-22T23:43:57Z "Following up on #11219, which fixed the cause of that particular error, but not the one that related to caching of feed errors. When SimplePie fails to fetch or parse a feed, it should not hammer whichever server the feed came from on every page load. This is bad for two reasons: it disturbs the originating server, and it tremendously slows down page loads when the feed is in an RSS widget on the front end. Instead, we should cache the error for a reasonably long amount of time (15 minutes? An hour? More?) and bypass SimplePie until that duration expires." Denis-de-Bernardy 9 14493 do_enclose() can ping the same URL many times, can't filter URLs to ping nacin* Feeds 3.0.1 normal normal enhancement accepted 2010-07-31T18:52:01Z 2019-06-04T19:43:08Z "If the same URL is included in a post several times, do_enclose() can check that URL for inclusion as a possible enclosure several times. Additionally, there's no way to filter what URLs do_enclose() should ping for possible inclusion as enclosures. Attached adds an array_unique() call to do_enclose(). Attached adds a {{{do_action_ref_array( 'pre_enclose', array( &$post_links, &$pung ) )}}} hook to allow filtration of URLs to ping. (Matches the pre_ping hook.) do_enclose() has several more problems this patch addresses. 1. Correct non-functional DELETE FROM postmeta query (bad use of wpdb::prepare()). 2. Use like_escape() in several LIKE queries. 3. Add an {{{apply_filters( 'enclosure_mime_types', array( 'video', 'audio' ) )}}} hook. 4. Currently do_enclose() doesn't allow root URLs as enclosures (e.g. http://example.com/), only URLs with a non-trivial path or query. Move that functionality to the new pre_enclose filter. 5. Efficiency improvements in conditional logic. 6. Clean up code by reducing control structure nesting depth." mdawaffe 7 43225 feed_links and feed_links_extra should have filters needs-docs Feeds normal normal Awaiting Review enhancement new 2018-02-04T20:34:25Z 2019-01-16T06:50:09Z There ought to be a way to modify the way feed links are displayed by the `feed_links` function. Currently there is, for instance, no way to change the separator from `»` to something else. topdownjimmy 2 49321 provide standard pagination links in RSS/Atom feeds Feeds 5.4 normal normal Awaiting Review enhancement new 2020-01-29T17:09:52Z 2022-06-03T15:21:16Z "Since feeds use the same query parameters as the rest of WordPress, it's already possible to get RSS/Atom-format lists of older posts in addition to the newest 10 (or whatever `posts_per_rss` is set to). However, a client has to know it's looking at a WordPress-generated feed, and manually construct the right paginated feed URLs. I'd like WordPress to implement the Atom pagination links standardized in 2007 by [https://tools.ietf.org/html/rfc5005 RFC 5005], which also has an appendix on using them in RSS. I've written a plugin demonstrating how to do this in a spec-conformant way (https://github.com/jameysharp/wp-fullhistory). The spec requirements that enable aggressive caching in feed readers make the ""obvious"" ways to do this not work, but the plugin is still quite simple. I've included extensive comments if you're interested in the details, and the plugin passes WordPress coding standards 2.2.0. But PHP isn't one of the languages I normally use, so I'd certainly appreciate code review. I brought this up in the forums a while back ([https://wordpress.org/support/topic/add-rfc5005-support-to-wordpress-generated-rss-feeds/ post]) and got very helpful starting points from Samuel Wood, but my current implementation is much simpler than I had thought it would be. I've considered just encouraging people to use the plugin, rather than trying to get this standard supported in core. But there already aren't very many WordPress users who know what RSS is, let alone understand extensions. (I surveyed several dozen webcomic creators, in particular.) So for the same reasons that it's good for the open web that WordPress just automatically provides feeds, I hope you'll automatically provide standard pagination in those feeds too." jameysharp 1 44083 Add action to wp_mkdir_p() when directory is created successfully SergeyBiryukov has-patch Filesystem API 2.0.1 normal normal Future Release enhancement reviewing 2018-05-15T00:11:46Z 2024-02-12T22:26:12Z "It would be nice if the `wp_mkdir_p()` function contained a hook for plugins to interact with when a directory gets created. The use-case I have currently is that Easy Digital Downloads (for example) creates `.htaccess` files and empty `index.php` files in its own `uploads/edd` directory, and each directory inside it, as one way of protecting those empty directories from being publicly browsable. Because there is no action hook here, EDD uses a daily transient, which leaves new directories potentially open until the transient expires. An action hook on directory creation would allow for EDD to create those files immediately." johnjamesjacoby 24 20716 Control how and when request_filesystem_credentials outputs creds form dd32 has-patch Filesystem API 3.4 normal normal enhancement assigned 2012-05-21T02:02:08Z 2019-06-04T19:43:49Z "When using WP_Filesystem in a plugin or other external app, you can initialize it this way: {{{ if ( false == ( $creds = request_filesystem_credentials( $url, $method, false, false, $form_fields ) ) ) { return true; } }}} Makes sense. If the method isn't direct or we don't have the credentials we need, `request_filesystem_credentials` outputs a form and returns false. Then we check again to make sure the credentials can be verified, and it not, we continue to output the form until the credentials are good. {{{ if ( ! WP_Filesystem( $creds ) ) { request_filesystem_credentials( $url, $method, true, false, $form_fields ); return true; } }}} `request_filesystem_credentials` arbitrarily outputs the form whether you want it to or not, unless you explicitly filter the `request_filesystem_credentials` function itself. Using this in conjunction with Ajax, you have to use output buffering to catch the output and return it to the Ajax script for processing or else you get errors. This definitely isn't ideal. I'd suggest storing the form in a variable and possibly pass a parameter that determines whether or not we want to actually output the form or not. Or, if there is another (better) way, that's cool too. Just some way to help `request_filesystem_credentials` determine how we want to interact with credentials should we need them. " griffinjt 5 34064 Filter the file type error message Filesystem API normal normal enhancement new 2015-09-28T20:42:56Z 2021-06-03T14:54:59Z "When uploading a file type that is not permitted, the error `Sorry, this file type is not permitted for security reasons.` is returned. By adding a filter, a plugin/site admin can add a customized message. An example use case: A plugin that allows a front-end post submission system that allow file add-ons. By filtering the response, the author/admin can give more detailed specifications including allowable file types, if desired. Example function of the filter in psudocode: {{{ add_filter( 'upload_filetype_error', 'bk_test_error' ); function bk_test_error() { $allowed = get_allowed_mime_types(); $message = ""This type of file is not allowed! Please use one of the following: "" . implode( ', ', array_keys( $allowed ) ); return $message; } }}} " kraftbj 1 24925 Improve no disk space error handling when updating plugins dev-feedback Filesystem API normal minor Awaiting Review enhancement new 2013-08-02T11:25:24Z 2021-07-20T23:02:17Z "I received the following uninformative error message when trying to update a plugin (roughly translated from Finnish): {{{ Error on updating BulletProof Security. Cannot create folder. /[WPDIR]/wp-content/upgrade/bulletproof-security.tmp. }}} The error was caused by not having enough disk space. The plugin update should check if that's the reason for the error and then display a more informative error message." Daedalon 2 22772 Introduce HOMEPATH Filesystem API 3.5 normal normal enhancement new 2012-12-06T03:05:42Z 2019-06-04T19:44:19Z "I was poking around with get_home_path() and wondering if there's any reason to not set a constant HOMEPATH (like ABSPATH) in the root index.php I'd seem to be more reliable then get_home_path() and that function could simply return the new constant. get_home_path has it's origins 8 years ago when the code was very different: [1567]" WraithKenny 5 46561 Make wp_normalize_path() on Windows resolve drive letter for drive–relative paths dev-feedback Filesystem API 3.9 normal minor Awaiting Review enhancement new 2019-03-19T09:18:48Z 2023-03-12T08:45:38Z "Though rarely used, Windows allows to omit drive letter in file path to treat is as drive–relative. This causes inconsistency where paths pointing to the same dir are not normalized to the same representation by `wp_normalize_path()`: {{{#!php <?php var_dump( wp_normalize_path( 'C:\server\www\dev' ) ); // ""C:/server/www/dev var_dump( wp_normalize_path( '\server\www\dev' ) ); // /server/www/dev << same path, but mismatch after normalize var_dump( wp_normalize_path( realpath( '\server\www\dev' ) ) ); // C:/server/www/dev << resolved drive letter before normalize }}} I think drive letter should be explicitly resolved as part of normalization for this case." Rarst 3 57725 Use of rand() function instead of wp_rand() dev-feedback Filesystem API normal normal Awaiting Review enhancement new 2023-02-15T11:14:13Z 2023-06-21T11:00:43Z "Filesystem API function {{{wp_edit_theme_plugin_file}}} using PHP {{{rand()}}} function rather than WP's {{{wp_rand()}}}. Can we enhance this as {{{rand()}}} is discouraged? File path: wp-admin/includes/file.php Line: 524 and 526 " haritpanchal 4 43990 Use wp_delete_file instead of unlink has-patch Filesystem API low normal Future Release enhancement assigned 2018-05-07T14:35:43Z 2018-05-14T19:44:35Z Use `wp_delete` instead of `unlink` as much as possible throughout the codebase. macbookandrew 5 55469 WP_Filesystem_SSH2::chmod() should use ssh2_sftp_chmod() has-patch Filesystem API normal normal Awaiting Review enhancement new 2022-03-27T17:10:57Z 2022-03-27T17:13:32Z "`WP_Filesystem_SSH2::chmod()` currently uses `::run_command( sprintf( 'chmod %o %s', $mode, escapeshellarg( $file ) ), true )` (which calls [https://www.php.net/manual/en/function.ssh2-exec.php ssh2_exec()]). It has essentially been this way since `WP_Filesystem_SS2` was introduced in [8812]. However, some sftp servers do not allow `ssh2_exec()` to be run, generating PHP warnings such as: > PHP Warning: ssh2_exec(): Unable to request command execution on remote host and on those severs all calls to `WP_Filesystem_SSH2::chmod()` basically become noops. Luckily, starting with version [https://pecl.php.net/package/ssh2/0.12 0.12], the ssh2 extension introduced [https://www.php.net/manual/en/function.ssh2-sftp-chmod.php ssh2_sftp_chmod()], and `WP_Filesystem_SSH2::chmod()` should be changed to use it." pbiron 1 30644 """wpautop"" Enhancements" dev-feedback Formatting normal normal enhancement new 2014-12-09T18:35:14Z 2020-08-11T00:30:02Z "Since there are several problems (e.g. invalid markup) with the current ""wpautop"" function I tried to come up with a new approach. The text gets parsed and a little analyzed in order to generate valid and comprehensible markup. The script is not really compatible with the current implementation since whitespaces and line breaks are added differently. Performance is slightly worse, depending on the input (normal text vs. heavy html) of course. Comments in the code are still missing. I think Shortcodes should also be considered in this markup generation process so the additional use of ""shortcode_unautop"" could be avoided. Please let me know what you think and test it if you like. == Sample === Input {{{ paragraph <!-- comment --> <hr> paragraph <strong>test</strong> <i>italic</i> normal <!-- div --> <div class=""whatever""> <blockquote> paragraph </blockquote> paragraph </div> paragraph <ul> <li>line</li> <li> paragraph <!-- paragraph --> paragraph </li> </ul> paragraph <pre> Honor this whitespace </pre> paragraph <style><!-- Do not alter! --></style> paragraph <p>paragraph</p> <div>text</div> }}} === Output {{{ <p> paragraph <!-- comment --> </p> <hr> <p> paragraph <strong>test</strong> </p> <p> <i>italic</i><br> normal </p> <!-- div --> <div class=""whatever""> <blockquote> <p> paragraph </p> </blockquote> <p> paragraph </p> </div> <p> paragraph </p> <ul> <li> line </li> <li> <p> paragraph <!-- paragraph --> </p> <p> paragraph </p> </li> </ul> <p> paragraph </p> <pre> Honor this whitespace </pre> <p> paragraph </p> <style><!-- Do not alter! --></style> <p> paragraph </p> <p>paragraph</p> <div> text </div> }}}" stefanrz 5 54322 Add Logical Properties to safecss_filter_attr dev-feedback Formatting 5.8.1 normal normal Awaiting Review enhancement new 2021-10-26T07:59:07Z 2021-11-19T18:16:32Z "== Background CSS Logical Properties and Values give easier control over automating different writing mode formats by using logical, rather than physical directions. In other words, it means that the intended spacing, sizing, etc for each appropriate side of a box element translate seamlessly. Mozilla Reference: https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_Logical_Properties With the increase in inline styling from blocks, it's important to add more flexibility to how a theme or plugin developer might want to style their spacing components or future proof them as accessibility and internationalization become increasingly important and stop of mind. Global usage is at a decent enough support level where it makes sense: https://caniuse.com/?search=logical%20properties. == Proposed Enhancement The proposed addition would just be to add to the properties to the default array in safecss_filter_attr(). File: wp-includes/kses.php: https://github.com/WordPress/wordpress-develop/blob/98bf67e02b0a4b4aa3848f4e8266c4fd66cdaad0/src/wp-includes/kses.php#L2170 The complete list of Logical Properties: {{{ // Properties for sizing 'block-size', 'inline-size', 'max-block-size', 'max-inline-size', 'min-block-size', 'min-inline-size', // Properties for borders 'border-block', 'border-block-color', 'border-block-end', 'border-block-end-color', 'border-block-end-style', 'border-block-end-width', 'border-block-start', 'border-block-start-color', 'border-block-start-style', 'border-block-start-width', 'border-block-style', 'border-block-width', 'border-inline', 'border-inline-color', 'border-inline-end', 'border-inline-end-color', 'border-inline-end-style', 'border-inline-end-width', 'border-inline-start', 'border-inline-start-color', 'border-inline-start-style', 'border-inline-start-width', 'border-inline-style', 'border-inline-width', 'border-start-start-radius', 'border-start-end-radius', // Properties for margin & padding 'margin-block', 'margin-block-end', 'margin-block-start', 'margin-inline', 'margin-inline-end', 'margin-inline-start', 'padding-block', 'padding-block-end', 'padding-block-start', 'padding-inline-end', 'padding-inline-start', // Properties for float & positioning 'inset', 'inset-block', 'inset-block-end', 'inset-block-start', 'inset-inline', 'inset-inline-end', 'inset-inline-start', // Other Misc Props 'caption-side', 'overflow-block', 'overflow-inline', 'overscroll-behavior-block', 'overscroll-behavior-inline', 'resize', 'text-align' }}} " wazeter 3 18330 Add a Class functionality to wpautop() has-patch Formatting normal normal enhancement reopened 2011-08-04T20:17:29Z 2023-07-25T16:42:17Z "It would be nice to be able to add a class to <p> with wpauto as an optional arg. " wpsmith 6 47594 Add nbsp symbol codes to convert throught sanitize_title SergeyBiryukov* has-patch Formatting 5.3 normal minor Future Release enhancement accepted 2019-06-23T17:06:42Z 2021-10-28T21:01:12Z "Default filters needs to be supplemented nbsp codes such as {{{ [ '%e2%80%af', '%e2%80%87', '%e2%81%a0' ] }}} and {{{ [ ' ', ' ', ' ', ' ', '⁠', '⁠' ] }}} " hokku 22 52444 Add support for Telegram Messenger Protocol close Formatting 3.3 normal normal Awaiting Review enhancement new 2021-02-04T10:56:32Z 2021-02-05T06:39:35Z "I found an issue with a link to Telegram messenger. The simple link works correct {{{<a href=""tg://resolve?domain=man_o2"">}}} If I add “target”, it works correct on pages. {{{<a href=""tg://resolve?domain=man_o2"" target=""_blank"">}}} But if I use it in «Custom HTML» widget, I see a wrong result code: {{{<a href=""//resolve?domain=man_o2"" target=""_blank"">}}} I asked The7 theme support and they have said “it works the same with the standard WP theme”. Screenshot from support:[https://www.evernote.com/l/AnTcHk6kxa5Ltb_UT4cgDp7V-ofL4md-1fQ]" customer8765 4 51707 Add white-space as an allowed kses CSS attribute. has-patch Formatting 5.3.1 normal normal Future Release enhancement new 2020-11-04T23:35:29Z 2020-11-15T06:58:31Z "`white-space` has wide [https://developer.mozilla.org/en-US/docs/Web/CSS/white-space browser support], and users would benefit from not having it stripped while adding to posts. /wp-includes/kses.php:2177" whyisjake 1 60544 Allow individual blocks to be excluded from `excerpt_remove_blocks()` Formatting trunk normal normal Awaiting Review enhancement new 2024-02-14T23:16:54Z 2024-02-14T23:16:54Z "In `excerpt_remove_blocks()`, it is possible to to filter the list of block names that should be included when generating excerpt text. It should also be possible to selectively exclude (or include) individual blocks based on their individual attributes. For this to work, a new filter would need to be inserted in `excerpt_remove_blocks()` and `_excerpt_render_inner_blocks()`. I think it would then be enough to check with the existing logic as: {{{ if ( in_array( $block['blockName'], $allowed_blocks, true ) && apply_filters( 'excerpt_allowed_block', true, $block ) ) }}} Then, if I added a custom attribute to a core (e.g. paragraph) block, I could add a filter to return `false` when that attribute was detected. The current alternative for this is unhooking `wp_trim_excerpt()` from `get_the_excerpt()` entirely and then reusing it as forked code with an alternate version of `excerpt_remove_blocks()`." jeremyfelt 43010 Attribute Name Escape needs-unit-tests Formatting normal normal Awaiting Review enhancement new 2018-01-02T17:03:09Z 2022-01-18T14:34:00Z "The HTML5 spec allows us to arbitrarily named attributes for tags, e.g. '''''data-my-arb-attr-name'''=""attr value""''. This allows for generated attribute names and thus, a need to escape to avoid potential security implications. I have seen several occasions of developers using `esc_attr` to resolve this case, however this is far from correct - the requirements of the name of an attribute are very different to that of the value, the best example of this simply being whitespace. The requirements of an attribute name can be found here: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2 There is a need for an `esc_attr_name` function to avoid compromises in html. I have provided a simple addition patch to wp-includes/formatting.php which should resolve this issue." joe_bopper 7 41458 Class gets stripped out when inserting a link in author biography box Formatting 3.5 normal normal Awaiting Review enhancement new 2017-07-27T16:44:55Z 2017-07-30T16:11:39Z "Class gets stripped out when inserting a link in author biography box For example <a href=""#"" class=""test"">My link</a> becomes <a href=""#"" >My link</a>" neodjandre 1 39724 Defining custom validation callbacks for tag/attribute values in wp_kses() Formatting 4.8 normal normal Awaiting Review enhancement new 2017-01-27T17:54:04Z 2017-06-17T11:00:12Z "This patch allows to define a custom validation callbacks to check tag/attributres values in `wp_kes()` etc. The callbacks are defined through `wp_kses_allowed_html` filter. If a tag and/or tag attribute is a callable function/method, then it will be used to check/validate/process the value, for example: {{{#!php <?php add_filter( 'wp_kses_allowed_html', 'my_wp_kses_allowed_html_flter' ), 10, 2 ); function my_wp_kses_allowed_html_flter ( $tags, $context ) { $tags['span']['style'] = function ( $name, $value, $element ) { // return sanitized $value or empty to remove it return $value; }; // iframe callback $tags['iframe'] = function ( $element, $attr ) { // does something with complete attribute string or return empty to remove it return $attr; }; return $tags; } }}} While waiting for the core updates the list of allowed tags/attribitutes/values (for example for `style` attribute, see #24157, #37134, #37248 and probaly many others), this enhancement could offer the possibility of having the fine control over every tag attributes value. Regards" enrico.sorcinelli 1 57517 Expose MutationObserver instance in wpEmoji has-patch Formatting normal normal Awaiting Review enhancement new 2023-01-20T19:30:38Z 2023-01-20T20:05:34Z "The current implementation of MutationObserver in wpEmoji keeps the instance private, making it impossible to disconnect/reconnect the observer if necessary. This has performance implications whenever a page performs large/complex DOM updates frequently. A typical workaround is to disable wpEmoji altogether, but I believe there's a better way. If we expose the observer instance, we can call connect/disconnect as needed. {{{#!javascript // Before doing something expensive wp.emoji.getObserver().disconnect(); // render 10k nodes in your favorite frontend framework // Re-enable later wp.emoji.getObserver().observe( document.body, { childList: true, subtree: true } ) }}} " rinatkhaziev 2 43224 Extract `$utf8_pcre` from `wp_check_invalid_utf8()` into a separate function Formatting normal normal Awaiting Review enhancement new 2018-02-03T23:59:24Z 2019-01-16T06:50:09Z "The `wp_check_invalid_utf8()` function checks to confirm support for the `/u` flag in regular expressions. The result of that check is cached in a static variable within that function. However, other areas of the codebase might want to run the same check, or maybe plugins would like to check also. I'm considering a change in Gutenberg's PEG parser and that might serve as an example use case for the new `wp_can_utf8_pcre()` function I'm proposing in this ticket. Instead of running the same check all over again, having this check run once by a utility function would be nice. See: https://github.com/WordPress/gutenberg/blob/daad3f21319ec9ec73fa1b907119a7464442bfac/lib/parser.php#L1818" jaswrks 3 26868 Function 'make_clickable()' doesn't make hyperlinks from explicit URLs using the `mailto:`, `tel:` and other schemes that do not start with `//` needs-unit-tests Formatting 3.8 normal normal enhancement new 2014-01-18T16:00:14Z 2019-06-04T19:45:21Z "Function `make_clickable()` tries to recognise URLs and convert these into clickable hyperlinks. The function is by default configured as a filter for comment text. Unfortunately, the function assumes that all explicitly declared URLs begin with the string `//` after the scheme and colon parts which is not the case for the `mailto:`, `tel:` and many other schemes. Such URLs could usefully be made clickable, especially for use on smartphones and tablets. This also leads to inconsistencies between explicitly and implicitly declared URLs. For example, the string `myemail@mydomain.com` is converted into a clickable hyperlink whilst the string `mailto:myemail@mydomain.com` is not. By contrast, the TinyMCE post editor correctly and automatically makes both implicit and explicit `mailto:` links clickable but does nothing with `tel:`. For reference, the syntax of URLs is defined by http://tools.ietf.org/html/std66, the `mailto:` scheme by http://tools.ietf.org/html/rfc6068 and that for `tel:` by http://tools.ietf.org/html/rfc3966. As #16892 has illustrated, parsing URLs can be hard. The use of `wp_allowed_protocols()` may help in detecting which strings we wish to make clickable. Found whilst testing #22946." mdgl 2 24225 Improve regular expressions when matching attributes miqrogroove needs-unit-tests Formatting 3.6 normal normal enhancement assigned 2013-04-29T15:37:56Z 2019-06-04T19:44:41Z "When working with HTML attributes in various functions we use something like `[\'""](.+?)[\'""]` to match the attribute value. Although not used much in attribute values, such an approach breaks when a single or double quote is intentionally part of the value: * `attr=""val'ue""` * `attr='val""ue'` Some of these are new 3.6 functions, mostly around media." kovshenin 19 40933 Improvements for get_file_data() function has-patch Formatting 4.7.5 normal normal Awaiting Review enhancement new 2017-06-06T20:28:37Z 2017-07-18T09:20:04Z "It seams as a bug or as imperfection at least. I try to explain in example. Assume we have such comments in file: {{{#!php <?php /* Plugin Name: My plug Version: 1.0 */ // and trying to get file data like: $data = get_file_data( __FILE__, ['ver'=>'Version'] ); echo $data['ver']; //> 1.0 }}} This is works as we need. BUT if we change comments a little, the get_file_data() becomes broken: {{{#!php <?php /* Plugin Name : My plug Version : 1.0 */ // and trying to get file data like^ $data = get_file_data( __FILE__, ['ver'=>'Version'] ); echo $data['ver']; //> '' }}} All we do just add spaces before `:` to make comments more readable... - Solution I think it's better to improve regular expression of the get_file_data() and add `[\t ]*` before `:` {{{#!php <?php if ( preg_match( '/^[ \t\/*#@]*' . preg_quote( $regex, '/' ) . ':(.*)$/mi', $file_data, $match ) && $match[1] ) to if ( preg_match( '/^[ \t\/*#@]*' . preg_quote( $regex, '/' ) . '[\t ]*:(.*)$/mi', $file_data, $match ) && $match[1] ) }}} " Tkama 5 44906 "Include greek accent characters on ""remove_accents"" function" dev-feedback Formatting 4.9.8 normal minor Awaiting Review enhancement new 2018-09-06T19:53:57Z 2018-09-13T01:19:43Z "Hi, I extended the ""remove_accents"" function to support greek accents. If you wish you can add it in core. I have just added greek characters after: {{{#!php elseif ( 'el' == $locale ) { }}} Thanks {{{#!php <?php function remove_accents( $string ) { if ( !preg_match('/[\x80-\xff]/', $string) ) return $string; if (seems_utf8($string)) { $chars = array( // Decompositions for Latin-1 Supplement 'ª' => 'a', 'º' => 'o', 'À' => 'A', 'Á' => 'A', 'Â' => 'A', 'Ã' => 'A', 'Ä' => 'A', 'Å' => 'A', 'Æ' => 'AE','Ç' => 'C', 'È' => 'E', 'É' => 'E', 'Ê' => 'E', 'Ë' => 'E', 'Ì' => 'I', 'Í' => 'I', 'Î' => 'I', 'Ï' => 'I', 'Ð' => 'D', 'Ñ' => 'N', 'Ò' => 'O', 'Ó' => 'O', 'Ô' => 'O', 'Õ' => 'O', 'Ö' => 'O', 'Ù' => 'U', 'Ú' => 'U', 'Û' => 'U', 'Ü' => 'U', 'Ý' => 'Y', 'Þ' => 'TH','ß' => 's', 'à' => 'a', 'á' => 'a', 'â' => 'a', 'ã' => 'a', 'ä' => 'a', 'å' => 'a', 'æ' => 'ae','ç' => 'c', 'è' => 'e', 'é' => 'e', 'ê' => 'e', 'ë' => 'e', 'ì' => 'i', 'í' => 'i', 'î' => 'i', 'ï' => 'i', 'ð' => 'd', 'ñ' => 'n', 'ò' => 'o', 'ó' => 'o', 'ô' => 'o', 'õ' => 'o', 'ö' => 'o', 'ø' => 'o', 'ù' => 'u', 'ú' => 'u', 'û' => 'u', 'ü' => 'u', 'ý' => 'y', 'þ' => 'th', 'ÿ' => 'y', 'Ø' => 'O', // Decompositions for Latin Extended-A 'Ā' => 'A', 'ā' => 'a', 'Ă' => 'A', 'ă' => 'a', 'Ą' => 'A', 'ą' => 'a', 'Ć' => 'C', 'ć' => 'c', 'Ĉ' => 'C', 'ĉ' => 'c', 'Ċ' => 'C', 'ċ' => 'c', 'Č' => 'C', 'č' => 'c', 'Ď' => 'D', 'ď' => 'd', 'Đ' => 'D', 'đ' => 'd', 'Ē' => 'E', 'ē' => 'e', 'Ĕ' => 'E', 'ĕ' => 'e', 'Ė' => 'E', 'ė' => 'e', 'Ę' => 'E', 'ę' => 'e', 'Ě' => 'E', 'ě' => 'e', 'Ĝ' => 'G', 'ĝ' => 'g', 'Ğ' => 'G', 'ğ' => 'g', 'Ġ' => 'G', 'ġ' => 'g', 'Ģ' => 'G', 'ģ' => 'g', 'Ĥ' => 'H', 'ĥ' => 'h', 'Ħ' => 'H', 'ħ' => 'h', 'Ĩ' => 'I', 'ĩ' => 'i', 'Ī' => 'I', 'ī' => 'i', 'Ĭ' => 'I', 'ĭ' => 'i', 'Į' => 'I', 'į' => 'i', 'İ' => 'I', 'ı' => 'i', 'IJ' => 'IJ','ij' => 'ij', 'Ĵ' => 'J', 'ĵ' => 'j', 'Ķ' => 'K', 'ķ' => 'k', 'ĸ' => 'k', 'Ĺ' => 'L', 'ĺ' => 'l', 'Ļ' => 'L', 'ļ' => 'l', 'Ľ' => 'L', 'ľ' => 'l', 'Ŀ' => 'L', 'ŀ' => 'l', 'Ł' => 'L', 'ł' => 'l', 'Ń' => 'N', 'ń' => 'n', 'Ņ' => 'N', 'ņ' => 'n', 'Ň' => 'N', 'ň' => 'n', 'ʼn' => 'n', 'Ŋ' => 'N', 'ŋ' => 'n', 'Ō' => 'O', 'ō' => 'o', 'Ŏ' => 'O', 'ŏ' => 'o', 'Ő' => 'O', 'ő' => 'o', 'Œ' => 'OE','œ' => 'oe', 'Ŕ' => 'R','ŕ' => 'r', 'Ŗ' => 'R','ŗ' => 'r', 'Ř' => 'R','ř' => 'r', 'Ś' => 'S','ś' => 's', 'Ŝ' => 'S','ŝ' => 's', 'Ş' => 'S','ş' => 's', 'Š' => 'S', 'š' => 's', 'Ţ' => 'T', 'ţ' => 't', 'Ť' => 'T', 'ť' => 't', 'Ŧ' => 'T', 'ŧ' => 't', 'Ũ' => 'U', 'ũ' => 'u', 'Ū' => 'U', 'ū' => 'u', 'Ŭ' => 'U', 'ŭ' => 'u', 'Ů' => 'U', 'ů' => 'u', 'Ű' => 'U', 'ű' => 'u', 'Ų' => 'U', 'ų' => 'u', 'Ŵ' => 'W', 'ŵ' => 'w', 'Ŷ' => 'Y', 'ŷ' => 'y', 'Ÿ' => 'Y', 'Ź' => 'Z', 'ź' => 'z', 'Ż' => 'Z', 'ż' => 'z', 'Ž' => 'Z', 'ž' => 'z', 'ſ' => 's', // Decompositions for Latin Extended-B 'Ș' => 'S', 'ș' => 's', 'Ț' => 'T', 'ț' => 't', // Euro Sign '€' => 'E', // GBP (Pound) Sign '£' => '', // Vowels with diacritic (Vietnamese) // unmarked 'Ơ' => 'O', 'ơ' => 'o', 'Ư' => 'U', 'ư' => 'u', // grave accent 'Ầ' => 'A', 'ầ' => 'a', 'Ằ' => 'A', 'ằ' => 'a', 'Ề' => 'E', 'ề' => 'e', 'Ồ' => 'O', 'ồ' => 'o', 'Ờ' => 'O', 'ờ' => 'o', 'Ừ' => 'U', 'ừ' => 'u', 'Ỳ' => 'Y', 'ỳ' => 'y', // hook 'Ả' => 'A', 'ả' => 'a', 'Ẩ' => 'A', 'ẩ' => 'a', 'Ẳ' => 'A', 'ẳ' => 'a', 'Ẻ' => 'E', 'ẻ' => 'e', 'Ể' => 'E', 'ể' => 'e', 'Ỉ' => 'I', 'ỉ' => 'i', 'Ỏ' => 'O', 'ỏ' => 'o', 'Ổ' => 'O', 'ổ' => 'o', 'Ở' => 'O', 'ở' => 'o', 'Ủ' => 'U', 'ủ' => 'u', 'Ử' => 'U', 'ử' => 'u', 'Ỷ' => 'Y', 'ỷ' => 'y', // tilde 'Ẫ' => 'A', 'ẫ' => 'a', 'Ẵ' => 'A', 'ẵ' => 'a', 'Ẽ' => 'E', 'ẽ' => 'e', 'Ễ' => 'E', 'ễ' => 'e', 'Ỗ' => 'O', 'ỗ' => 'o', 'Ỡ' => 'O', 'ỡ' => 'o', 'Ữ' => 'U', 'ữ' => 'u', 'Ỹ' => 'Y', 'ỹ' => 'y', // acute accent 'Ấ' => 'A', 'ấ' => 'a', 'Ắ' => 'A', 'ắ' => 'a', 'Ế' => 'E', 'ế' => 'e', 'Ố' => 'O', 'ố' => 'o', 'Ớ' => 'O', 'ớ' => 'o', 'Ứ' => 'U', 'ứ' => 'u', // dot below 'Ạ' => 'A', 'ạ' => 'a', 'Ậ' => 'A', 'ậ' => 'a', 'Ặ' => 'A', 'ặ' => 'a', 'Ẹ' => 'E', 'ẹ' => 'e', 'Ệ' => 'E', 'ệ' => 'e', 'Ị' => 'I', 'ị' => 'i', 'Ọ' => 'O', 'ọ' => 'o', 'Ộ' => 'O', 'ộ' => 'o', 'Ợ' => 'O', 'ợ' => 'o', 'Ụ' => 'U', 'ụ' => 'u', 'Ự' => 'U', 'ự' => 'u', 'Ỵ' => 'Y', 'ỵ' => 'y', // Vowels with diacritic (Chinese, Hanyu Pinyin) 'ɑ' => 'a', // macron 'Ǖ' => 'U', 'ǖ' => 'u', // acute accent 'Ǘ' => 'U', 'ǘ' => 'u', // caron 'Ǎ' => 'A', 'ǎ' => 'a', 'Ǐ' => 'I', 'ǐ' => 'i', 'Ǒ' => 'O', 'ǒ' => 'o', 'Ǔ' => 'U', 'ǔ' => 'u', 'Ǚ' => 'U', 'ǚ' => 'u', // grave accent 'Ǜ' => 'U', 'ǜ' => 'u', ); // Used for locale-specific rules $locale = get_locale(); if ( 'de_DE' == $locale || 'de_DE_formal' == $locale || 'de_CH' == $locale || 'de_CH_informal' == $locale ) { $chars[ 'Ä' ] = 'Ae'; $chars[ 'ä' ] = 'ae'; $chars[ 'Ö' ] = 'Oe'; $chars[ 'ö' ] = 'oe'; $chars[ 'Ü' ] = 'Ue'; $chars[ 'ü' ] = 'ue'; $chars[ 'ß' ] = 'ss'; } elseif ( 'da_DK' === $locale ) { $chars[ 'Æ' ] = 'Ae'; $chars[ 'æ' ] = 'ae'; $chars[ 'Ø' ] = 'Oe'; $chars[ 'ø' ] = 'oe'; $chars[ 'Å' ] = 'Aa'; $chars[ 'å' ] = 'aa'; } elseif ( 'ca' === $locale ) { $chars[ 'l·l' ] = 'll'; } elseif ( 'sr_RS' === $locale || 'bs_BA' === $locale ) { $chars[ 'Đ' ] = 'DJ'; $chars[ 'đ' ] = 'dj'; } elseif ( 'el' == $locale ) { $chars[ 'Ά' ] = 'Α'; $chars[ 'ά' ] = 'α'; $chars[ 'Έ' ] = 'Ε'; $chars[ 'έ' ] = 'α'; $chars[ 'Ί' ] = 'Ι'; $chars[ 'ί' ] = 'ι'; $chars[ 'ΐ' ] = 'ϊ'; $chars[ 'Ύ' ] = 'Υ'; $chars[ 'ύ' ] = 'υ'; $chars[ 'ΰ' ] = 'ϋ'; $chars[ 'Ή' ] = 'Η'; $chars[ 'ή' ] = 'η'; $chars[ 'Ό' ] = 'Ο'; $chars[ 'ό' ] = 'ο'; $chars[ 'Ώ' ] = 'Ω'; $chars[ 'ώ' ] = 'ω'; } $string = strtr($string, $chars); } else { $chars = array(); // Assume ISO-8859-1 if not UTF-8 $chars['in'] = ""\x80\x83\x8a\x8e\x9a\x9e"" .""\x9f\xa2\xa5\xb5\xc0\xc1\xc2"" .""\xc3\xc4\xc5\xc7\xc8\xc9\xca"" .""\xcb\xcc\xcd\xce\xcf\xd1\xd2"" .""\xd3\xd4\xd5\xd6\xd8\xd9\xda"" .""\xdb\xdc\xdd\xe0\xe1\xe2\xe3"" .""\xe4\xe5\xe7\xe8\xe9\xea\xeb"" .""\xec\xed\xee\xef\xf1\xf2\xf3"" .""\xf4\xf5\xf6\xf8\xf9\xfa\xfb"" .""\xfc\xfd\xff""; $chars['out'] = ""EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy""; $string = strtr($string, $chars['in'], $chars['out']); $double_chars = array(); $double_chars['in'] = array(""\x8c"", ""\x9c"", ""\xc6"", ""\xd0"", ""\xde"", ""\xdf"", ""\xe6"", ""\xf0"", ""\xfe""); $double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th'); $string = str_replace($double_chars['in'], $double_chars['out'], $string); } return $string; } }}} " papazetis 3 49129 Incorrect German Umlaut substitutions dev-feedback Formatting 5.4 normal minor Awaiting Review enhancement new 2020-01-04T00:18:46Z 2020-01-04T09:39:30Z "Hello, as a native speaker, I find the German Umlaut substitutions quite strange. Correctly, ü is turned into ue, but Ü is turned into Ue. Since the second character should be considered as part of the former character, the former capitalization should be respected. This is especially strange in uppercase text: FRÖHLICH -> FROeHLICH KÖNNEN -> KOeNNEN If it was changed to be all uppercase, it would work much better: FRÖHLICH -> FROEHLICH KÖNNEN -> KOENNEN When used at the start of a word, it would also work fine, if capitalized: ÖFFENTLICH -> OEffentlich ÜBERGANG -> UEbergang Therefore, I would propose changing the table located in wp-includes/formatting.php:1941 (https://github.com/WordPress/WordPress/blob/master/wp-includes/formatting.php#L1941) to the following: {{{ if ( 'de_DE' == $locale || 'de_DE_formal' == $locale || 'de_CH' == $locale || 'de_CH_informal' == $locale ) { $chars['Ä'] = 'AE'; $chars['ä'] = 'ae'; $chars['Ö'] = 'OE'; $chars['ö'] = 'oe'; $chars['Ü'] = 'UE'; $chars['ü'] = 'ue'; $chars['ß'] = 'ss'; }}} Though, to be entirely correct, the surrounding characters would have to be checked, which would be difficult, given the current architecture. There even is a capital ß now, which would be substituted with SS. I am happy to hear any second opinions on this. Best regards, Benedikt" bmuessig 3 43147 Introduce `esc_html_comment` and translation related functions dev-feedback Formatting normal normal Awaiting Review enhancement new 2018-01-23T15:27:17Z 2019-01-16T06:50:09Z "Triggered by the following PR on Yoast SEO [https://github.com/Yoast/wordpress-seo/pull/8687 #8687] I saw the need for `esc_html_comment` functionality in WordPress. This patch is based on the current API for formatting and escaping functions. The implementation is based on the specifications found on the [https://www.w3.org/TR/html51/syntax.html#sec-comments HTML specifications page]. I've added unit tests to cover the situations that I could come up with." jipmoors 7 19100 Introduce esc_color() dev-feedback Formatting normal normal Future Release enhancement new 2011-11-01T12:16:14Z 2020-03-04T06:27:35Z Currently there is no way to escape a color in hexadecimal notation before printing it to a block of css or saving to the database. Many themes like to introduce functionality, whether it be core-supported or completely custom, to change the color of various parts of the templates. I believe that a function such as `esc_color()` would promote best practices while ensuring that unintended values do not get stored as colors and thus echoed in css blocks potentially breaking display. mfields 17 28607 Make wpautop()'s $allblocks variable filterable has-patch Formatting normal normal Awaiting Review enhancement new 2014-06-21T04:51:59Z 2017-01-18T22:58:34Z "'''The problem''': I'd like <img> tags to ''not'' be wrapped by <p> in the_content(). I used to use a regex filter on the_content to achieve this, but looking at the source for wpautop(), I think it would be much cleaner to ''prevent'' <img>s from being wrapped in the first place by making $allblocks filterable. The <p><img /></p> issue commonly causes formatting issues, and making the block list filterable would let theme/plugin authors change this without and other blocks without breaking stylesheets configured for images in paragraphs. Additionally, I think it's semantically cleaner for a standalone image, since ""The HTML <p> element (or HTML Paragraph Element) represents a paragraph of text."" https://developer.mozilla.org/en-US/docs/Web/HTML/Element/p" walkinonwat3r 7 30531 Make wptexturize the last filter before output azaozz Formatting normal normal enhancement assigned 2014-11-27T20:30:22Z 2019-06-04T19:46:52Z "This will allow it to be simplified/refactored and run faster. Advantages: - Not looking at shortcodes as it will run after do_shortcode(). That will make it less complex and faster. This also avoids all edge cases with shortcodes. - Better detection/handling of quotes around `<p>` tags as it will run after wpautop(). Also, preg_split() will split the text in more chunks which will be easier to process. Disadvantage: the `no_texturize_shortcodes` filter will stop working. " azaozz 3 35201 Mobile email validation Formatting 4.4 normal normal Awaiting Review enhancement new 2015-12-22T17:08:27Z 2017-02-06T09:14:45Z "While testing form submission through Samsung Android devices (Galaxy S6 Edge and Galaxy Note 5), we noticed that when user selects their email from the field history dropdown, it appends a space at the end of the email address. This invalidates the email when using the is_email validation function in wp-includes/formatting.php. A fix I am currently using is simply adding a trim function to the email address in the first line of the function... $email = trim($email); This resolves the Samsung bug and passes the email validation. I hope this helps. " njbebop 3 56774 Need more options on pre-existing blocks. Formatting 6.0.2 normal normal Awaiting Review enhancement new 2022-10-09T20:46:32Z 2022-10-09T20:46:32Z "I have the following queries regarding css customisation through pre-existing blocks. I want to add an option to: Add borderRadius to featured/post-image/cover/image Add breakpoints (let's say Bootstrap 5 responsive grid) More control over navigation/header padding/margin Set a default image when the post featured image is missing More control on the drop-down, especially translucent background-color and border-radius" adsingh14 41422 Need replace_filter() function for improved Just In Time filter adjusment Formatting 4.9 normal normal Awaiting Review enhancement new 2017-07-24T09:42:10Z 2017-08-03T15:59:07Z "In the new solution for text widgets there is some Just In Time code that adjusts the attached filter functions. The logic finds the priority before removing the filter function then re-instates the filter with the same priority. This logic assumes that the sequence in which the filter functions have been attached with the same priority are performed doesn't matter. If this is not the case then the order change could affect processing where the filter is shared but invoked for different purposes. e.g. the 'widget_text' filter for Text widget and Custom HTML widget The logic could be improved by implementing a new suite of filter functions including replace_filter(), restore_filter(), disable_filter() and a dummy filter function disabled_filter(). Instead of calling remove_filter() and add_filter() we'd use disable_filter() and restore_filter() disable_filter() is simply replace_filter() using the disabled_filter() function. Example: Filters attached at priority 10 have been set to do_shortcode and balanceTags. With the current logic after JIT replacement the attached filters would have become balanceTags then do_shortcode. Using disable_filter() and restore_filter() the attached filters at priority 10 would be unchanged. " bobbingwide 6 26759 New Generic Sanitize Functions for Core dev-feedback Formatting 3.8 normal normal enhancement new 2014-01-02T17:54:48Z 2019-06-04T19:45:16Z "Core currently supplies a number of sanitize functions: {{{ sanitize_email() sanitize_file_name() sanitize_html_class() sanitize_key() sanitize_meta() sanitize_mime_type() sanitize_option() sanitize_sql_orderby() sanitize_post_field() sanitize_text_field() sanitize_title() sanitize_title_for_query() sanitize_title_with_dashes() sanitize_user() }}} They all sanitize by usage, not by data type. As such, I (and I suspect others) wind up using these to escape things they weren't initially meant for -- for the sake of brevity, and it's just quicker and leads to tidier code. I believe it could result in better and simpler sanitizing if we were to include sanitize-by-format functions in core. For example, {{{ wp_sanitize_numeric( $raw ); // [\d] wp_sanitize_numeric_float( $raw ); // [\d\.,] allowing both commas and periods as decimal indicator and thousands seperator wp_sanitize_hex( $raw ); // [\da-f] case-insensitive wp_sanitize_alphanumeric( $raw ); // [\da-z] case-insensitive wp_sanitize_letters( $raw ); // [a-z] case-insensitive wp_sanitize( $raw, $regex ); // uses passed in regex to determine what to strip. }}} The specific functions to use are up for discussion. I'm just hoping to make it simpler for users to sanitize data by expected type. As a side note, this will let folks use `wp_sanitize_numeric()` to sanitize integers larger than `PHP_INT_MAX` -- which tumblr and twitter IDs often happen to be for imports and feeds and the like (as casting to `(int)` isn't a good idea)." georgestephanis 3 22330 Optimize regexes to remove protocol from URL needs-unit-tests Formatting 3.4.2 normal normal enhancement new 2012-10-31T09:30:48Z 2019-06-04T19:44:10Z "Regexes used to chop off the protocol of a URL should be anchored to the start of the string. 1. The regex fails faster and thus avoid useless work. No need to look further down the URL for strings like `""http://""`. 2. The regex should not alter any URLs that might be contained in the query string." GeertDD 1 47557 Sanitize Email Suggestion needs-unit-tests Formatting 5.2.1 normal minor Awaiting Review enhancement new 2019-06-18T15:19:58Z 2023-03-23T16:11:52Z "I am using WooCommerce and I've noticed several customer emails come through like... {{{ example@example.com1234 example@example.com1234567812345678 }}} It's mostly due to the email input being the last one before the credit card step, but these emails are passing the validation and sanitization that exists: is_email and sanitize_email. I am doing something like the following to fix... {{{#!php <?php public function clean_billing_email_address( $value ) { return trim( preg_replace( '/\d*$/', '', $value ) ); } add_filter( 'woocommerce_process_checkout_field_billing_email', 'clean_billing_email_address' ); }}} You may consider adding something like this to the sanitize_email function since no TLD ends with numbers anyways, at least at this point in time." dandersoncm 1 57021 Sanitize should accept broader types close Formatting 6.2 normal normal Awaiting Review enhancement new 2022-11-07T14:39:00Z 2024-02-07T20:21:43Z "by default $_GET/$_POST can be string|array type. All sanitize functions accept only string, which makes it necessary to validate $_GET/$_POST for `is_string` all the time before calling sanitize function to avoid PHP notices. Instead sanitize function should accept mixed param and validate string internally." kkmuffme 4 39636 Smilies not converted when directly followed by punctuation marks dev-feedback Formatting 4.7.1 normal normal Future Release enhancement new 2017-01-19T10:29:30Z 2022-04-11T03:02:17Z "Steps to recreate: - Create a new post or comment - Insert a smilie directly followed by a period or other punctuation mark such as :). - View the post or comment Expected: Ideally the smilie would show followed by the punctuation mark. I've attached a screenshot showing how a post with the following text appears. Smiles with a space between them and the punctuation mark show, but the others do not. {{{ This is a test :). It uses smilies :) If a smilie has punctuation directly after, it is not converted :(! :( The expected behavior would be to look like this: :) ! :) , However instead they appear as this :)! :), }}} " ourvalley 4 53709 Spaces as <br> in RSS Excerpts Formatting 5.8 normal normal Awaiting Review enhancement new 2021-07-21T06:39:54Z 2021-07-25T02:32:39Z "**Problem:** if I use RSS block and want to show text excerpts, all <br> elements missing. It looks not very good, like missing spaces after some sentences. Look at the image, I highlighted places where is <br> in original RSS feed. [[Image(https://i.imgur.com/P6MsiL6.jpg)]] Feed: [https://store.steampowered.com/feeds/news/app/1306770/?cc=RU&l=russian&snr=1_2108_4__2107] **Suggestion:** RSS block should display all <br> as spaces in excerpts." arskrigitsioniets 1 39674 Special characters are encoded in the database, for site settings options Formatting 4.7.1 normal normal Awaiting Review enhancement new 2017-01-24T09:50:40Z 2017-01-24T09:53:18Z "If you change the name of the blog in the settings page, for example to ""Donald's blog"", we can see in the mysql database, the result is ""Donald's blog"" for the '''blogname''' option name, so I can not understand why this happening, I think in the database the result should be the same of what we type. All sensitization actions I think must be used on the front (page view) side not on the database side (before submitting to the database). I use Windows 64b, PHP: 7.0.4, WordPress: 4.7.1 " alexvorn2 22402 Stripping non-alphanumeric multi-byte characters from slugs dev-feedback Formatting normal normal enhancement new 2012-11-10T05:07:10Z 2019-06-04T19:44:12Z "`sanitize_title_with_dashes()` strips non-alphanumeric characters from a title to create a slug. Unfortunately it only strips ASCII non-alphanumeric characters. Apart from a few exceptions, all multi-byte characters are preserved. This means all non-Western (and plenty of Western) non-alphanumeric characters end up in the slug as they're treated just like any other multi-byte character. As an example, here are some common non-alphanumeric Chinese characters which would ideally be stripped from slugs, but are not: * 。 (U+3002, Ideographic Full Stop, %E3%80%82) * , (U+FF0C, Fullwidth Comma, %EF%BC%8C) * ! (U+FF01, Fullwidth Exclamation Mark, %EF%BC%81) * : (U+FF1A, Fullwidth Colon, %EF%BC%9A) * 《 (U+300A, Left Double Angle Bracket, %E3%80%8A) * 》 (U+300B, Right Double Angle Bracket, %E3%80%8B) Obviously it would be impractical to make a list of ''all'' the non-ASCII characters we want to strip from slugs. The list would be gigantic. So the question is, would it be possible to use Unicode ranges to blacklist (or whitelist) whole ranges of characters to be stripped from (or preserved in) slugs? Is this practical or even desirable? Or would it make more sense to continue using a list of just the most common multi-byte characters to be stripped? The latter makes a whole lot more sense, but the former is a more complete solution. Thoughts?" johnbillion 1 52886 Update esc_url to allow for specifying an https:// as default protocol has-patch Formatting normal normal Future Release enhancement new 2021-03-22T18:00:37Z 2022-07-05T14:51:36Z " If no protocol is specified for esc_url the function will automatically prepend the http:// protocol. This is likely now the wrong assumption, but potentially can break backwards compatibility if changed, since developers may rely on this. So this change proposes an additional parameter to the function to specify a default protocol, keeping the old default but now allowing for one to ask for https:// This came up in this ticket: https://github.com/WordPress/gutenberg/pull/30100 The usage could then be: {{{ esc_url( $url, null, 'display', 'https://' ); }}}" mkaz 10 55962 Upgrade `sanitize_hex_color()` to CSS Color Level 4 pbearne dev-feedback Formatting normal normal Future Release enhancement assigned 2022-06-11T04:57:08Z 2024-01-17T00:09:09Z "I’ve noticed that the `sanitize_hex_color()` function unsupports the CSS Color Level 4 with the alpha channel and can therefore not be used. As users are given the ability to provide settings by configuration filters in a mini-plugin or in their theme’s `functions.php`, they may wish to configure opacity alongside. The fix is to extend the validation condition of `sanitize_hex_color()` from: `if ( preg_match( '|^#([A-Fa-f0-9]{3}){1,2}$|', $color ) )` to `if ( preg_match( '|^#([A-Fa-f0-9]{3,4}){1,2}$|', $color ) )`" anrghg 10 56120 "WordPress should add a space character on every possible ""wrap point"" in a post title when building ""html title"", ""og:title"" and so on" dev-feedback Formatting normal normal Awaiting Review enhancement new 2022-07-01T05:13:27Z 2022-07-05T05:23:50Z "In WordPress it is possible to use html tags inside posts title. This is very nice: for example, it allows to use italics, and to make posts titles wrap where one wants. When the latter is the case, though, the titles get displayed good in the post, but not in the browser's window title (that usually the browser builds after the `<title>Foobar` html entity), and not in the link previews that one can get by linking a post into a social network post (that usually have their title based on the `` entity). For example, a post title like `First line
            second line
            third line` will result in a `First linesecond linethird line` entity and in a `` entity, that will result in ugly and difficult to read browser window and link previews titles. This could be avoided by changing WordPress code so that it added a space character on every possible ""wrap point"" (`
            `, `

            `, `
          ` and so on) in a post title when building ""html titles"", ""og:title""s and the likes." pezcurrel 2 43156 _walk_bookmarks(): please add the link id as HTML id attribute. Formatting 4.9.2 normal normal Awaiting Review enhancement new 2018-01-24T17:28:33Z 2018-01-24T17:28:33Z "Hi, would it be possible to add an HTML attribute that contains the WP link ID when outputting the a blogroll link with _walk_bookmarks() ? It would be nice to be able to customize links with CSS. I know it is possible to do it by hooking a function on 'wp_list_bookmarks', but... what a waste of time for nothing :) Thanks" grosbouff 56663 `tag_escape()` does not follow naming convention. Formatting normal normal Awaiting Review enhancement new 2022-09-27T03:08:33Z 2022-09-27T14:06:24Z "In WordPress, escaping functions generally use the naming convention `esc_thing()`. The `tag_escape()` function and it's associated hook do not. Is it worth renaming each to either `esc_tag` or the more precise `esc_html_tag`? There is some [https://wpdirectory.net/search/01GDYE8DKXN527KR6GDA24HCE2 use within the plugin repository] but not a huge amount. " peterwilsoncc 2 12084 allow preserving HTML in the_excerpt (specify allowed tags for strip_tags in wp_trim_excerpt) has-patch Formatting 3.0 normal normal enhancement new 2010-01-29T22:36:40Z 2019-06-04T19:42:50Z Right now, `wp_trim_excerpt` is destructive. You can filter it, but once tags are stripped, you can't get them back without recreating the excerpt from the raw input. It would be nice if theme developers had an option to preserve at least some of the HTML formatting when using excerpts as post teasers (see #9260). sillybean 2 25856 debug of wpautop function with Unit Tests Formatting 3.8 normal normal enhancement new 2013-11-07T03:04:23Z 2019-06-04T19:45:03Z "== Cleanup / Refactor of wpautop function == Upon review of the WordPress Trac needs-unit-test filter I saw that the wpautop function was needing both cleanup and unit tests. I have created a comprehensive test suite for the function that covers in my opinion the full breadth of use cases for the function. During this process I have been working on modifying the wpautop function to resolve out open defects and remove ''fix'' code that was placed to resolve an issue without resolving the underlying cause of the error. I've attached the following files for support of the changes. ''autop-20622.out'' --> OUTPUT from running the unit tests against current code base (revision 20622) ''autop-diff.out'' --> OUTPUT from running the unit test against modififed wpautop function as given in the diff. ''Autop.diff'' --> diff of changes made to the Autop test class :: Unit Tests ''formatting.diff'' --> diff of changes made to the formatting.php function file :: wpautop changes ''As a note I've added a trim call to the end of wpautop as it was always appending a new line, which I did not think was needed. This causes a good amount of test cases to fail as the expected output is not containing the additional new line given by current implementation.'' ---- == Enhancements / Fixes to wpautop function == 1. Corrected core logic to identify when double new lines wrap open or close block element tags due to nested block level elements. Original Logic adds \n\n before open tags and \n\n after close tags which allows for output of

          TEXT

          that is not correct, and had several patches implemented to attempt to fix. *Fixes :: Formatting of Lists, Nested Lists, orphaned

          tags 2. Added logic to not add
          tags after comments 3. Added logic to not convert \n for svg, math, style, select or script codes 4. Added logic to not format audio, video or object elements. This is implemented as the elements are in-line but can contain block level content for displaying in browsers that don't support the HTML5 elements. 5. case insensitive recognition of block tags 6. inclusion of variable re-naming as outlined in #25516 ---- == Overview of Tickets reviewed and covered by the Unit Tests == Ticket : Current Status : Summary #6877 : Closed : large posts causes empty return #3476 : Closed : Improper formatting of Object elements, additional
          and no ending

          #3669 : Closed : Don't insert

          tags inside of block elements that only contain inline elements/text #6809 : Closed : wpautop correctly handles auto

          of basic text #11024 : Closed : Incorrect handling of div tags with nested inline tags #1305 : Closed : Handling of blocks> #1706 : Closed :

          tags with attributes introduce additional
          #2285 : Closed : Strip excessive
          in content #2813 : Closed :
          elements added instead of
          #3007 : Closed : Spacing of text in block elments reveals improper handling of nested elements #3035 : Closed : Extra
          tags introduced in Object tags. #3238 : Closed : Dangling

          tags, no closing #3621 : Closed : Don't format new lines in Script and Object tags #3854 : Closed : Don't format new lines in Script and Style tags #3935 : Closed (wf) : Erroneous

          tags added to the content '''has fix''' #3952 : Closed : Don't autop hr tags #5250 : OPEN : incorrect handling of lists + nested Lists '''has fix''' #7937 : Closed : incorrect handling of inline tags #7988 : Closed (wf) : incorrect handling of nested tags '''has fix''' #8644 : Closed : HTML5 block elements #10033 : OPEN : autop does not handle Comments '''has fix''' *also contains wptexturize details that I am not sure are fully closed out. #11257 : Closed : autop errors out on large content #11678 : OPEN : autop does not recognize upper tags '''has fix''' #13340 : OPEN : nested MATH tag handling '''has fix''' #2833 : OPEN : No formating Style and Script tags '''has fix''' #4298 : Accepted : handling of tags with attributes on new lines '''fix already existed''' #3833 : OPEN : incorrect

          tags in block elements (explicitly blockquote) '''has fix''' #6041 : Closed : incorrect handling of DL lists and DT,DD elements #9437 : OPEN : dont modify SVG content '''has fix''' #10247 : Closed : no new lines in Video, Audio, Source #4857 : OPEN : incorrect autop logic '''has fix''' #15918 : OPEN : incorrect handling of nested tags '''has fix''' #16456 : Closed : input is not block level #3054 : Closed : input is not block level #16790 : Reviewing : functional specifications '''can close''' #18534 : Closed : noscript are block level #20444 : OPEN : Single line handling (nested block level issue) '''has fix''' #18136 : OPEN : extra

          tags being added due to white space '''has fix''' #23135 : OPEN : block element filter '''close as won't fix''' #18807 : Closed : samp is not block level #25516 : OPEN : variable name changes '''changes included''' #9305 : Closed : handling of empty content #6218 : Closed : handling of empty content #11947 : Closed : no formating of select options '''has fix''' #12335 : Closed : HTML5 Block Elements == Tickets concerning ShortCode handling == Ticket : Current Status #12061 : OPEN #6984 : OPEN #21689 : OPEN #24085 : OPEN #24846 : OPEN ''Currently the wpautop function does not concern itself with shortcodes. I suggest that 12061 remain open as a future enhancement and that other tickets can be closed referending 12061 unless there is issues with '''shortcode_unatop''' or other functions used.'' == Tickets Reviewed but Ignored/ Not Tested/ Duplicate == '''Ticket''' : '''Current Status''' : '''Summary''' #11249 : Closed : standalone function #10490 : Closed : Duplicate of #10082 #9218 : Closed : Duplicate of #4298 #19934 : Closed : Duplicate of #16456 #18330 : Rejected : Enhancement #18514 : Rejected : Enhancement #23858 : Closed : Duplicate of #18807 #23375 : Closed : Duplicate of #18807 " mdbitz 19 29910 esc_attr does not properly deal with json_encode Formatting normal normal Awaiting Review enhancement new 2014-10-09T17:54:32Z 2017-05-07T03:11:39Z "Current doing something like esc_attr( json_encode( $data ) ); doesn't work properly. Since the input to json_encode() above can contain '"'. And for calls to json_encode() lacking the JSON_HEX_AMP option, that '"' is left unaltered. Running '"' through esc_attr() also leaves it unaltered since esc_attr() does not double-encode. This means we end up with an attribute like {{{ data-gallery=""{"foo":"""} }}} which is interpreted by the browser as {{{ {""foo"":""""""} }}} which results in a JSON decoded error. The preferred workaround is to include the JSON_HEX_AMP (and friends) options, but these are not available until 5.3.0. Alternatively, we can use _wp_specialchars( , , , true ) instead of esc_attr(), which will double-encode. Since we can't rely on JSON_HEX_AMP, we do both. I would like to see a function like {{{ esc_json_encode( $data ) }}} That you can use to encode json data and pass it to the html. I have included a file that includes a functions that does just that. " enej 2 46188 esc_html does not have support for multiline output. esc_br_html or line-breaking parameter for esc_html is missing Formatting 5.0.3 normal normal Awaiting Review enhancement new 2019-02-05T12:40:02Z 2019-03-02T12:24:33Z "Let's say that we want to save not a title, but a block of text in the database. So we have to support multiline escaping. Now I have to do this: {{{#!php itemDescription = $printItemDescription; }}} But then the reviewers at Envato and other coding standards fans are not happy that at the template file I use: {{{
          }}} While following the concept of of 'escaping at the template' would could be instead 'esc_br_html': {{{
          }}} or with `fuction esc_html($text, $escapeLineBreaks = FALSE) {...}` {{{
          }}} I just see a lot of confusion and misinterpreation of escaping of text that has multiple lines, and there is NO function. And we should not do explode, implode, array_map things inside the template code, as the template is for designers, and ever CSS developer has to be able easily understand the template, so there so be no explodings, implodings. " KestutisIT 4 33204 kses $allowedposttags should support microdata Formatting normal normal Awaiting Review enhancement new 2015-07-30T10:30:26Z 2018-11-15T13:27:39Z "It should support more attributes: itemscope, itemprop, itemref, itemtype and itemid check out https://en.wikipedia.org/wiki/Microdata_(HTML)#Global_attributes" wordpressplugindeveloper 4 32787 make_clickable filter johnjamesjacoby needs-unit-tests Formatting 0.71 normal normal Future Release enhancement assigned 2015-06-25T09:38:02Z 2022-08-02T13:01:09Z "Hi, it could be very usefull to add filters to regex callback functions in make_clickable : _make_url_clickable _make_web_ftp_clickable_cb _make_email_clickable_cb Example : {{{ function _make_email_clickable_cb($matches) { $email = $matches[2] . '@' . $matches[3]; $href = apply_filters( 'make_email_clickable_href', 'mailto:'.$email ); $text = apply_filters( 'make_email_clickable_text', $email ); $html = apply_filters( 'make_email_clickable_html', ''.$text.'' ); return $matches[1] . $html; } }}} Thank you." tlexcellent 16 40569 next_post_link parameters $format and $link, have default values that produce awkward to use output Formatting 4.7.4 normal normal Awaiting Review enhancement new 2017-04-26T02:45:16Z 2017-04-26T02:49:11Z "The default output when using the default next_post_link() is: {{{ Post Title Linked here » }}} Note how the » is left outside of the linked text by default. I believe for most users this will cause a styling issue to fix as soon as you use this function, and otherwise, seems improper for a default output. I used next_post_link() with the following values to get what I think should be default output behavior {{{ next_post_link( ""%link"", ""%title »"" ); }}} Which outputs: {{{ Post Title Linked here » }}} Note that the » is now inside of the linked text, and any css applied to the next post link will also affect the » by default, and no changes to function parameters would be required by users. To implement this enhancement, I believe you would simply move the » into the default value for the $link parameter, and out of the $format parameter default value." bhartlenn 46329 sanitize_text_field after 5.1 update should account for __toString() methods Formatting 5.1 normal normal Awaiting Review enhancement new 2019-02-23T15:34:50Z 2019-02-24T22:54:46Z "Since 5.1 the `sanitize_text_field` changed to check if the parameter is an object or array. That broken one of my codes and possibly for other people too because I was passing a `SimpleXMLElement Object`. It has a magic `__toString()` method that gets called when you do that type conversion. As @iCaleb suggested in #41450, we may want to add another check. {{{#!php ""\xf0\x90\x8c\xbc"", // 'Valid 4 Octet Sequence' => ""\xf8\xa1\xa1\xa1\xa1"", //'Valid 5 Octet Sequence (but not Unicode!)' => ""\xfc\xa1\xa1\xa1\xa1\xa1"", //'Valid 6 Octet Sequence (but not Unicode!)' => ""Iñtërnâtiônàlizætiøn\xf0\x90\x8c\xbcIñtërnâtiônàlizætiøn"", // valid four octet id 'Iñtërnâtiônàlizætiøn', // valid UTF-8 string ""\xc3\xb1"", // valid two octet id ""Iñtërnâtiônàlizætiøn\xe2\x82\xa1Iñtërnâtiônàlizætiøn"", // valid three octet id ); $invalid_utf = array( ""\xc3\x28"", //'Invalid 2 Octet Sequence' => ""\xa0\xa1"", //'Invalid Sequence Identifier' => ""\xe2\x28\xa1"", //'Invalid 3 Octet Sequence (in 2nd Octet)' => ""\xe2\x82\x28"", //'Invalid 3 Octet Sequence (in 3rd Octet)' => ""\xf0\x28\x8c\xbc"", //'Invalid 4 Octet Sequence (in 2nd Octet)' => ""\xf0\x90\x28\xbc"", // 'Invalid 4 Octet Sequence (in 3rd Octet)' => ""\xf0\x28\x8c\x28"", //'Invalid 4 Octet Sequence (in 4th Octet)' => chr(0xE3) . chr(0x80) . chr(0x22), // Invalid malformed because 0x22 is not a valid second trailing byte following the leading byte 0xE3. http://www.unicode.org/reports/tr36/ chr(0xF8) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Invalid UTF-8, overlong 5 byte encoding. chr(0xD0) . chr(0x01), // High code-point without trailing characters. chr(0xC0) . chr(0x80), // Overlong encoding of code point 0 chr(0xF8) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Overlong encoding of 5 byte encoding chr(0xFC) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Overlong encoding of 6 byte encoding chr(0xD0) . chr(0x01), // High code-point without trailing characters ""Iñtërnâtiôn\xe9àlizætiøn"", // invalid UTF-8 string ""Iñtërnâtiônàlizætiøn\xfc\xa1\xa1\xa1\xa1\xa1Iñtërnâtiônàlizætiøn"", // invalid six octet sequence ""Iñtërnâtiônàlizætiøn\xf0\x28\x8c\xbcIñtërnâtiônàlizætiøn"", // invalid four octet sequence ""Iñtërnâtiônàlizætiøn \xc3\x28 Iñtërnâtiônàlizætiøn"", // invalid two octet sequence ""this is an invalid char '\xe9' here"", // invalid ASCII string ""Iñtërnâtiônàlizætiøn\xa0\xa1Iñtërnâtiônàlizætiøn"", // invalid id between two and three ""Iñtërnâtiônàlizætiøn\xf8\xa1\xa1\xa1\xa1Iñtërnâtiônàlizætiøn"", // invalid five octet sequence ""Iñtërnâtiônàlizætiøn\xe2\x82\x28Iñtërnâtiônàlizætiøn"", // invalid three octet sequence third ""Iñtërnâtiônàlizætiøn\xe2\x28\xa1Iñtërnâtiônàlizætiøn"", // invalid three octet sequence second ); }}} ---- Notes and more info: {{{ In order process UTF-8 strings, you must build PCRE to include UTF-8 support in the code, and, in addition, you must call pcre_compile() with the PCRE_UTF8 option flag, or the pattern must start with the sequence (*UTF8). When either of these is the case, both the pattern and any subject strings that are matched against it are treated as UTF-8 strings instead of strings of 1-byte characters. UTF-8 was devised in September 1992 by Ken Thompson, guided by design criteria specified by Rob Pike, with the objective of defining a UCS transformation format usable in the Plan9 operating system in a non- disruptive manner. Char. number range | UTF-8 octet sequence (hexadecimal) | (binary) --------------------+--------------------------------------------- 0000 0000-0000 007F | 0xxxxxxx 0000 0080-0000 07FF | 110xxxxx 10xxxxxx 0000 0800-0000 FFFF | 1110xxxx 10xxxxxx 10xxxxxx 0001 0000-0010 FFFF | 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx A UTF-8 string is a sequence of octets representing a sequence of UCS characters. An octet sequence is valid UTF-8 only if it matches the following syntax, which is derived from the rules for encoding UTF-8 and is expressed in the ABNF of [RFC2234]. UTF8-octets = *( UTF8-char ) UTF8-char = UTF8-1 / UTF8-2 / UTF8-3 / UTF8-4 UTF8-1 = %x00-7F UTF8-2 = %xC2-DF UTF8-tail UTF8-3 = %xE0 %xA0-BF UTF8-tail / %xE1-EC 2( UTF8-tail ) / %xED %x80-9F UTF8-tail / %xEE-EF 2( UTF8-tail ) UTF8-4 = %xF0 %x90-BF 2( UTF8-tail ) / %xF1-F3 3( UTF8-tail ) / %xF4 %x80-8F 2( UTF8-tail ) UTF8-tail = %x80-BF }}} * http://www.pcre.org/pcre.txt * http://us1.php.net/manual/en/pcre.constants.php * http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 * http://en.wikipedia.org/wiki/Unicode * http://unicode.org/faq/utf_bom.html * http://www.unicode.org/versions/Unicode6.1.0/ch03.pdf * http://www.pcre.org/pcre.txt * http://tools.ietf.org/rfc/rfc3629.txt * http://www.unicode.org/faq/utf_bom.html * http://www.unicode.org/versions/Unicode5.2.0/ch03.pdf * http://www.unicode.org/reports/tr36/ * http://tools.ietf.org/rfc/rfc3629.txt Related Tickets: * https://core.trac.wordpress.org/ticket/11175 * https://core.trac.wordpress.org/ticket/28786 " askapache 23 51482 wp_kses_post should filter javascript content as well as the tags, but not the actual javascript itself. If you sanitize some content using wp_kses_post that contains world!""; wp_kses_post($str); Outputs: hello myvar = 'foobar'; world! Expected output: hello world!" janmiddelkoop 29379 Add a hook to filter gallery classes has-patch Gallery 3.9.2 low normal Future Release enhancement new 2014-08-26T15:35:45Z 2022-07-12T19:01:32Z "Hi, it would be really great to be allowed to filter the gallery classes. Here's what I suggest : instead of : {{{ $size_class = sanitize_html_class( $atts['size'] ); $gallery_div = ""