__group__ ticket summary owner component _version priority severity milestone type _status workflow _created modified _description _reporter Slated for Next Release 60809 .editor-styles-wrapper styles opacity changed Editor trunk normal normal 6.5.1 defect (bug) new reporter-feedback 2024-03-20T03:57:30Z 2024-03-25T23:27:02Z "In WordPress 6.4.3, the block editor automatically applies this to `.editor-styles-wrapper`: {{{ .editor-styles-wrapper.mce-content-body, .editor-styles-wrapper.editor-styles-wrapper { opacity: 1; } }}} While testing WordPress 6.5, this no longer occurs. Our theme has `opacity: 0` applied to the body, and we use jQuery to change it to `opacity: 1` when the DOM is loaded. This means that in 6.5, our block editor has 0 opacity. The issue for us is that this also applies to the block editor and as a result we see a grey box instead of the blocks of content. In testing with WordPress Alpha 6.6 or with the latest Gutenberg activated this doesn't appear to be the case, is there a reason this was removed from the 6.5 core?" killerbeez Slated for Next Release 59945 About the feed name specified in the add_feed() Feeds 1.5 normal normal 6.6 defect (bug) new 2023-11-22T02:51:18Z 2024-02-17T13:49:13Z "There is no restriction on the first parameter of the add_feed function, but if it starts with ""_"" it will not function properly. {{{ function feed2_callback( $is_comment_feed, $feed ) { header( 'Content-Type: application/xml; charset=UTF-8', true ); echo ''; ?> Test wp_die <![CDATA[WordPress &rsaquo; Error]]> 404 }}} This is not a problem with the code I tried, but because the ""_"" at the beginning of the feed name is removed in the do_feed function. {{{ function do_feed() { global $wp_query; $feed = get_query_var( 'feed' ); // Remove the pad, if present. $feed = preg_replace( '/^_+/', '', $feed ); }}} This process results in an action name of 'do_feed_' . **'feed2'** when $feed is '_feed2'. Since this is not done in the add_feed function and the action name specified in the add_action function is 'do_feed_' . **'_feed2'**, it appears that the two action names do not match, resulting in the error indicated in the response. Should I remove the leading '_' in the feed name in the add_feed function or not remove the '_' in the do_feed function? In any case, I would like to see consistency in the handling of feed names. " tmatsuur Slated for Next Release 52723 Admin options.php default value to NULL for option_value may lead to MySQL Integrity constraint violation error, potential other bugs Options, Meta APIs 2.7 normal normal 6.6 defect (bug) new needs-unit-tests 2021-03-05T14:26:35Z 2024-02-27T12:01:48Z "It looks like `wp-admin/options.php` set a `null` value by default for any unchecked option: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/options.php#L306 Now, this leads to execute queries like this by `update_option`: UPDATE `wp_options` SET `option_value` = NULL WHERE `option_name` = 'default_pingback_flag' Which is wrong, given the schema explicitly set `option_value` to `NOT NULL`: https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/schema.php#L144 This would trigger an integrity constraint violation error by MySQL when in (default) strict mode: Error! SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'option_value' cannot be null To get around this (and for other reasons too, I presume), WordPress currently tries to disable any MySQL strict mode in the `$wpdb` class, with the effect that MySQL silently ""fix"" the error itself: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/wp-db.php#L567 https://core.trac.wordpress.org/browser/trunk/src/wp-includes/wp-db.php#L826 But **not every environment support this**, so there are people out there who cannot save options and they are confused about the reason why, for example: https://www.reddit.com/r/Wordpress/comments/l61rvs/cannot_disable_avatars/ https://wordpress.org/support/topic/discussion-comment-settings-saved-changes-are-not-taking-effect-at-all/ https://wordpress.org/support/topic/wordpress-database-error-column-option_value-cannot-be-null/ A simple solution would be to set a different default value (`0` or even an empty string) in `wp-admin/options.php` and, ''better yet'', **cast any `NULL` value to the same different default value in both `update_option` and `add_option`**. Please note that, without a fix, **this bug may also lead to other nasty side effects**. As a quick fix/test, I successful got around this with this simple filter: {{{#!php see signup-activate-1.patch If running `wp()` is required for a reason i don't see, a query could still be saved and it could be interested to use this to set a ""page"" title for the `` tag. > see signup-activate-2.patch " imath Slated for Next Release 59514 Add more context to split_the_query filter Query 3.4 normal normal 6.6 enhancement new has-patch 2023-10-02T11:41:06Z 2024-03-13T15:45:24Z "Current the split_the_query filter has the current WP_Query instance as context. However to calculate the value you need the value variables. - $old_request - $limits - $fields - $q ( query arguments ). It is worth noting that `$this->request` can be received by `WP_Query` instance and `$wpdb->posts` can be received from global $wpdb. With this extra context, will be make the filter much more useful. " spacedmonkey Slated for Next Release 35833 "Adding a table with the ""widefat"" class on post and taxonomy list table screens causes the quick edit UI and bulk edit to fail" Quick/Bulk Edit 4.4.2 normal normal 6.6 enhancement assigned has-patch 2016-02-15T05:11:47Z 2024-02-12T09:19:40Z "This is a very strange issue. On a fresh WP install running twentysixteen with no plugins activated, including this code causes the quick edit UI to miscalculate its width and end up looking wacky: {{{ add_action( 'load-edit.php', 'xxx_test_table_in_help_tab' ); function xxx_test_table_in_help_tab() { $test_table_args = array( 'id' => 'test_help_table', 'title' => 'Something', 'content' => '<table class=""widefat""><tr><td>Something</td></tr></table>', ); get_current_screen()->add_help_tab( $test_table_args ); } }}} I'm attaching a screenshot of what the quick edit UI looks like with this code in place. Removing the class ""widefat"" restores the quick edit UI to normal. As strange as it sounds, I believe the presence of the widefat class is causing something in the quick edit JS to miscalculate. I haven't found the exact line where the issue is, but it seems to all come down to the presence of the ""widefat"" class." Braad Slated for Next Release 41172 Allow autosaving to be disabled on a per post type basis Autosave normal normal 6.6 enhancement new has-patch 2017-06-26T08:24:58Z 2024-02-27T22:31:57Z Autosaving should be a post type feature, so that individual post types can opt out. Disabling this feature should remove both the server-side and the client-side saving. Frank Klein Slated for Next Release 58312 Display password hint on additional screens Users 4.3 normal normal 6.6 enhancement new dev-feedback 2023-05-14T20:39:22Z 2024-02-12T15:00:40Z "In WordPress 4.1.0, the function `wp_get_password_hint` was introduced. This function returns a hint to display to the user when creating a new password. Currently, it is only used when user go through the ""Forget password"" steps. This ticket and the PR with it add the password hint to three screens, WordPress install screen, new user screen and user profile screen." petitphp Slated for Next Release 33073 "Some strings need ""no HTML entities"" translator comments" I18N normal normal 6.6 enhancement new has-patch 2015-07-22T14:44:59Z 2024-02-12T13:49:08Z "This is a renewal of #10005, which was apparently my first patch to WP 6 years ago, but never got accepted. #10005 was closed as fixed, but it truth it was not (see my last comment there). So, I'm opening a new ticket about this... and updating the description and patch from 6 years :) Here goes! Several strings need to have an indication warning translators against the inclusion of HTML entities within their translation, because of where the strings are user (RSS feeds, e-mails, JavaScript...). Case in point: in French, there should be a non-breaking space ( ) before any double sign (; : ! ?). So, translators would turn ""URL: %s"" into ""Adresse web : %s"". But since it is used in e-mails, it is displayed as-is. And for strings that are used in feeds, it breaks them... Suggestions comment: ""Do not add HTML entities ( , etc): used in [context]"". Patch fixes all strings that I could find. I do hope it is a simple enough patch, and not too close to RC, that it could make it into 4.3. Thanks!" xibe Slated for Next Release 39281 Twenty Seventeen: header.php forces thumbnails on all post types Bundled Theme 4.8 normal normal 6.6 enhancement reopened has-patch 2016-12-14T17:23:54Z 2024-02-22T06:48:27Z "My plugin has custom post type and custom 'single-post-type' views and doesn't utilize thumbnails in them. As a result layout appears broken, and there is nothing I can do to make the plugin compatible with Twentyseventeen. I went to have a look how WooCommerce deals with this, and it turns out that there is this piece of code in the style of twentyseventeen: {{{ .single-product .single-featured-image-header { display: none } }}} While that does work, I don't think it's a solution. At the very least there has to be a filter to dynamically disable the thumbnail from `header.php`" justnorris Slated for Next Release 52551 Twenty Twenty-One: Search box alignment Bundled Theme 5.7 normal minor 6.6 enhancement new has-patch 2021-02-17T07:17:16Z 2024-03-18T10:28:19Z I was Customized theme twenty twenty-one search-box on tablet and smartphones view. here search-box text field and button are not in correct alignment. vinita29 Slated for Next Release 54738 Unable to upload images with URL over API when the image doesn’t have a filetype in the filename Media normal normal 6.6 enhancement new has-patch 2022-01-04T15:37:53Z 2024-02-14T16:59:53Z "**Problem**: It’s not possible to upload images with URL per API when the image doesn’t have a filetype in the filename. **Elaboration**: There are some websites which don’t put filetypes inside the URL for images. For example: https://img.ricardostatic.ch/t_1800x1350/pl/1187743940/3/1/ Or: https://media.istockphoto.com/photos/coppersmith-repair-copper-kettle-on-fire-in-kashgar-in-xinjiang-picture-id1298102169?s=612x612 The format of the image is set and recognized by the browser with the MIME-Type. In theory WordPress could handle this, but unfortunately it never gets to the point where the correct MIME type is read out of the image signature. **Reason**: At the function wp_check_filetype type will always be defined as false - if there is no filetype set inside the filename. Call of the function: https://github.com/WordPress/WordPress/blob/266c58518846201a7e98cd7995ce2c7429caf1db/wp-includes/functions.php#L2984 Further down there would be a function to get back the real mime type from the signature of the image. However, the function is never called since type at this point is always false in that give case: https://github.com/WordPress/WordPress/blob/266c58518846201a7e98cd7995ce2c7429caf1db/wp-includes/functions.php#L2999 **Possible Bug**: If the filename has no filetype the function wp_get_image_mime should always be called to get the type from the signature of the image. **Following Bug**: After changing this, the filename at the upload should be extended with the filetype: https://github.com/WordPress/WordPress/blob/266c58518846201a7e98cd7995ce2c7429caf1db/wp-admin/includes/file.php#L924 Since it’s only really showing up in the library with the correct filetype." masteradhoc Slated for Next Release 60625 Update user interface for Site icon selection Administration trunk normal normal 6.6 enhancement new 2024-02-23T15:39:53Z 2024-03-05T15:37:15Z "Currently a user can set a site icon in two places outside the site editor: the general settings screen (added in 6.5) and the Customizer. Both these places have currently a design with some years to it. This ticket is aimed to discuss the design of these two places, and possible come up with a new one, and implement it. Note that a preview also is displayed in the media modal when cropping the site icon. This ticket has it's roots in ticket #54370" kebbet Slated for Next Release 40370 "add_image_sizes does not create the ""crop position"" versions of the image" Media 2.9 normal normal 6.6 enhancement reopened dev-feedback 2017-04-05T13:29:32Z 2024-02-12T09:04:43Z "I wanted to introduce 3 different version of post thumbnails - each with different cropping position (top, center, left) , so i added them like this: {{{#!php add_image_size( 'newscentered', 400, 400, array( 'center', 'center') ); add_image_size( 'newstop', 400, 400, array( 'center', 'top' ) ); add_image_size( 'newsbottom', 400, 400, array( 'center', 'bottom' ) ); }}} Now, whenever i use the the_post_thumbnail() with the name of my custom image size i always get the same image, cropped to the default WordPress crop position of ('center', 'center') . Why is that happening? I did 'refresh' the thumbnails and tried also uploading fresh image files and still i can't get 3 differently cropped versions of the image. I noticed that when i set the cropping defaults using the following function and set the cropping there, then it works: {{{#!php set_post_thumbnail_size( 400, 400, array('center', 'bottom')); }}} ... but it affects the cropping of all of my thumbnails, so i can only get one ""crop position"" for all my images. Guys, is this some kind of bug or do i configure something in a wrong way? I'm using the newest official WordPress version" piejesus Slated for Next Release 48086 Add required extensions and libraries to composer.json Build/Test Tools 5.2.3 normal normal 6.6 task (blessed) new has-patch 2019-09-20T12:00:49Z 2024-02-26T16:59:03Z "Composer offers a way to require or suggest certain platform packages: https://getcomposer.org/doc/01-basic-usage.md#platform-packages Ticket 48081 addresses the PHP version, and this one covers the required libraries and extensions. I've used the WP-CLI ext package (https://github.com/johnbillion/ext) to generate all the required and suggested extensions and libraries. " dingo_d Slated for Next Release 60700 Coding Standards fixes for WP 6.6 General normal normal 6.6 task (blessed) new has-patch 2024-03-06T05:03:13Z 2024-03-27T12:28:38Z "Previously: - #59650 (6.5) - #58831 (6.4) - #57839 (6.3) - #56791 (6.2) - #55647 (6.1) - #54728 (6.0) - #53359 (5.9) - #52627 (5.8) - #51799 (5.7) - #50767 (5.6) - #49542 (5.5) - #49222 (5.4) - #47632 (5.3) - #45934 (5.1)" mukesh27 Slated for Next Release 60699 Docblock improvements for 6.6 General normal normal 6.6 task (blessed) new 2024-03-06T04:57:35Z 2024-03-19T14:44:26Z "Previously: - #59651 (6.5) - #58833 (6.4) - #57840 (6.3) - #56792 (6.2) - #55646 (6.1) - #54729 (6.0) - #53399 (5.9) - #52628 (5.8) - #51800 (5.7) - #50768 (5.6) - #49572 (5.5) - #48303 (5.4) - #47110 (5.3) - #46543 (5.2) - #42505 (5.1) - #41017 (4.9) - #39130 (4.8) - #37770 (4.7) - #32246 (4.6)" SergeyBiryukov Slated for Next Release 59233 Improve error handling for unserialize() General normal normal 6.6 task (blessed) new dev-feedback 2023-08-28T23:47:32Z 2024-02-26T22:05:20Z "From https://core.trac.wordpress.org/ticket/59231: > === [https://wiki.php.net/rfc/unserialize_warn_on_trailing_data Make unserialize() emit a warning for trailing bytes] > > While based on the current test suite, WP is not ''directly'' affected by this, the [https://developer.wordpress.org/reference/functions/maybe_unserialize/ `maybe_unserialize()`] function could still be confronted by data with trailing bytes. > > However, the call to the PHP native `unserialize()` within `maybe_unserialize()` silences all (PHP 8.0+: non-fatal) errors, so this new warning will not affect WP or its ecosystem as long as the `maybe_unserialize()` function is used. > > Having said that, a critical look at `maybe_unserialize()` may be warranted as the new warning in PHP is related to security issues discovered in other projects, so WP may want to consider rejecting unserialization for data throwing this warning. > > Also note that there are 7 uses of `unserialize()` in total within WP Core, one within `maybe_unserialize()`, but the function is also used in 6 other places and 5 of those do not use error silencing. > > > === [https://wiki.php.net/rfc/improve_unserialize_error_handling Improve unserialize() error handling] > > This, again, affects the [https://developer.wordpress.org/reference/functions/maybe_unserialize/ `maybe_unserialize()`] function and this time, the code should probably be adjusted to handle the new errors which `unserialize()` can now throw. > > The change does not affect unserializing valid data, but in the case of invalid data, the type of and severity of the notices/warnings/catchable exceptions have been changed. > > All 7 uses of `unserialize()` in WP Core should be reviewed and for the 6 uses outside of the `maybe_unserialize()` function, it should be reviewed whether they can/should switch to using `maybe_unserialize()` and/or whether they should get their own (improved) error handling. " jrf Slated for Next Release 59649 PHP 8.0: improvements to allow for named parameters in 6.6 General normal normal 6.6 task (blessed) new 2023-10-17T12:16:28Z 2024-02-26T10:21:48Z "Previously: * #58976 (6.4) * #57838 (6.3) * #56788 (6.2) * #55650 (6.1) * #55327 (6.0) * #51553 (5.9) Quoted in full below: > PHP 8.0 introduces the ability to pass named parameters to function calls. > Ref: https://wiki.php.net/rfc/named_params > > Code example: > {{{#!php > <?php > // Using positional arguments: > array_fill(0, 100, 50); > > // Using named arguments: > array_fill(start_index: 0, num: 100, value: 50); > > // Named arguments do not have to follow the same order as positional arguments: > array_fill(value: 50, num: 100, start_index: 0); > }}} > > **More than anything, this means that, as of PHP 8.0, renaming a parameter in a function declaration is a backward-compatibility break! ** > > This should most definitely get prominent mention in the PHP8 dev-note as a lot of Core/plugin/theme developers will not be aware of this at this time. > > > I'm opening this ticket to address a number of issues this brings up for WordPress Core. > > I've so far identified three tasks which should be executed ASAP to prepare for named parameters in function calls. > > == Task 1: Review Function Signatures of methods in child classes > > Methods in child classes may use different parameter names than those used for the same method by its parent. Similarly, classes implementing an interface do not have to use the same parameter names. > > While this does not change in PHP 8, it could create problems when the method is called using named parameters. > > To quote from [https://wiki.php.net/rfc/named_params#parameter_name_changes_during_inheritance the RFC]: > > > If an inheriting class changes a parameter name, calls using named arguments might fail, thus violating the Liskov substitution principle (LSP). > > > PHP will silently accept parameter name changes during inheritance, which may result in call-time exceptions when methods with renamed parameters are called > > Code sample: > {{{#!php > <?php > interface I { > public function test($foo, $bar); > } > > class C implements I { > public function test($a, $b) {} > } > > $obj = new C; > > // Pass params according to I::test() contract > $obj->test(foo: ""foo"", bar: ""bar""); // ERROR! > }}} > > > **Note: For variadic functions this will not cause an error, but will move the unrecognized names to be part of the variadic argument, which can cause all sorts of problems.** > Code sample [https://twitter.com/giveupalready/status/1312139952776306688 courtesy of Chris Riley] illustrating the problem: https://3v4l.org/MhJ79 > > With regards to WordPress, I'd like to propose making the parameter names in child classes/classes implementing an interface consistent to prevent such issues. > > > > > == Task 2: Review Other Function Signatures > > 1. The function signatures of existing functions and methods of all WordPress code should be examined and non-descriptive parameter names should be fixed (renamed) **NOW** as later will no longer be an option without creating a BC-break. > 2. While using reserved keywords as parameter name labels is allowed, in the context of function calls using named parameters, this will easily lead to confusion. I'd like to recommend to rename function parameters which use reserved keywords to remove this confusion. > {{{#!php > <?php > function array_foobar($toggle = false, $array = []) {} > > array_foobar(array: $value); > }}} > > > == Task 3: Review all uses of `call_user_func_array()` > > Named parameters cause a BC-break for `call_user_func_array()` when passing an associative array. > In previous PHP versions, the array keys would have been ignored. In PHP 8, string keys will be interpreted as parameter name labels. > > For more detail, see: https://wiki.php.net/rfc/named_params#call_user_func_and_friends > > Basically, we need to make sure that any array passed to `call_user_func_array()` does NOT have string keys. If it does or if the format of the array is unknown (like when it is passed in via a function parameter), we need to add extra safeguards to make the code cross-version compatible. > A typical way to do this would be to use `array_values()` on the array before passing it to `call_user_func_array()`, though beware that ''**will**'' break code written for PHP 8 which actually expects the label to be used. > > > > > > > == Other references: > > * https://twitter.com/CiaranMcNulty/status/1312087225857970182 > > > Related Trac tickets: #50913, #50531" hellofromTonya Slated for Next Release 59654 PHP 8.x: various compatibility fixes for WordPress 6.6 General normal normal 6.6 task (blessed) new 2023-10-17T12:33:14Z 2024-02-26T10:20:59Z "Previously: * #57837 (6.3) * #56790 (6.2) * #55656 (6.1) * #54730 (6.0) * #53635 (5.9) * #50913 (5.6) This ticket will be used as an ""epic"", allowing a variety of small patches each fixing a specific failure to be added to and committed against this ticket. For patches addressing all instances of failures related to one specific PHP version (such as PHP 8.0, 8.1, or 8.2) change across the codebase, separate tickets should still be opened. For an example of issues/patches with separate tickets, see: * #53299 PHP 8.1: Update `is_serialized` function to accept Enums * #53465 PHP 8.1.: the default value of the flags parameter for `htmlentities()` et all needs to be explicitly set When opening a separate ticket, please tag it with the appropriate PHP version keyword so that these tickets can be easily found: * PHP 8.3: keyword is `php83` with its report https://core.trac.wordpress.org/query?keywords=~php83 * PHP 8.2: keyword is `php82` with its report https://core.trac.wordpress.org/query?keywords=~php82 * PHP 8.1: keyword is `php81` with its report https://core.trac.wordpress.org/query?keywords=~php81 * PHP 8.0: keyword is `php8` with its report https://core.trac.wordpress.org/query?keywords=~php8" hellofromTonya Slated for Next Release 59231 Prepare for PHP 8.3 General 6.4 normal normal 6.6 task (blessed) new has-patch 2023-08-28T23:15:51Z 2024-02-17T16:12:34Z "This is a meta ticket to track the efforts to prepare for PHP 8.3. For PHP 8.0/8.1/8.2 specific fixes, please refer to the generic WP 6.4 PHP 8.x ticket: #58850 Please link patches related to a specific PHP 8.3 related task to the appropriate dedicated issue, if there is one (see the links in the description below). Generic/one-off PHP 8.3 related patches can be linked to this ticket. ---- == PHP 8.3: Important dates PHP 8.3 is [https://wiki.php.net/todo/php83 expected to be released on November 23 2023]. Other note-worthy dates: * The first alpha was released on June 8th 2023. * Feature freeze started on July 18, 2023. **Note**: The below represents the status per August 28, 2023. As PHP 8.3 is in feature freeze, these statuses should be reasonably reliable. == Readiness of essential tooling === [https://github.com/composer/composer Composer] Current status: * CI for Composer itself was not yet being run against PHP 8.3. I've opened [https://github.com/composer/composer/pull/11601 a PR] for this. ''[JRF: this PR has since been merged]'' * I've ran linting, PHPCompatibility (bleeding edge) and the test suites against PHP 8.3 and found no problems for PHP 8.3 though. * The only issues I've managed to identify are in the test suite of Composer, which has no impact on end-users of Composer. === [https://github.com/sebastianbergmann/phpunit PHPUnit] Current status: * CI for PHPUnit itself is being run against PHP 8.3. * No known issues in the last release supported for the WP test suite (9.6.11). === [https://github.com/Yoast/PHPUnit-Polyfills PHPUnit Polyfills] Current status: * CI for PHPUnit Polyfills itself is being run against PHP 8.3. * No known issues in the last release (1.1.0). === [https://github.com/wp-cli/wp-cli WP-CLI] Current status: * CI for WP-CLI was not (yet) being run against PHP 8.3. A [https://github.com/wp-cli/.github/pull/68 PR to change this has been opened and merged]. * **''Status unknown''**. === Other tooling Other (PHP) tooling doesn't necessarily have to run against PHP 8.3 (yet), so has not been evaluated. == Initial DevOps Tasks Typical tasks which need to be executed to allow WordPress to prepare for PHP 8.3: === [https://github.com/WordPress/wpdev-docker-images Docker] * Add PHP 8.3 to the Docker images. A [https://github.com/WordPress/wpdev-docker-images/pull/113 PR for this] was merged on July 26, 2023 === GitHub Actions * Add PHP 8.3 to the GitHub Actions `phpunit-tests.yml` configuration. [https://github.com/WordPress/wordpress-develop/pull/5106 GH PR #5106] ''[JRF: this PR has since been merged]'' Notes: - Test failures on PHP 8.3 should not (yet) fail the build, but as the actual script to run the tests has been moved, it is currently impossible to use `continue-on-error` as that keyword is not supported when calling a reusable workflow... /cc @desrosj == PHP 8.3 changes for which WordPress will need to prepare === [https://wiki.php.net/rfc/deprecations_php_8_3 Generic deprecations for PHP 8.3] Based on initial (bleeding edge) PHPCompatibility scans + the tests, WP is not affected by the deprecations which passed from this RFC (not all of them did). === [https://wiki.php.net/rfc/deprecate_functions_with_overloaded_signature Deprecation of functions with overloaded signatures] This RFC only partially affects PHP 8.3. If a replacement is readily available already, the deprecation of the overloaded signature takes place in PHP 8.3. If no replacement was available, the replacement functions are being introduced in PHP 8.3 and the actual deprecation of the overloaded signature takes place in PHP 8.4. Based on initial (bleeding edge) PHPCompatibility scans + the tests, WP is affected by two of the deprecations in PHP 8.3: * `get_class()` and `get_parent_class()` - this is already being tracked in #58876, there is a patch available, which IMO is ready for commit. ''[JRF: the PR for this has since been merged]'' * `ReflectionProperty::setValue()` with static properties. [https://github.com/WordPress/wordpress-develop/pull/5105 GH PR #5105] ''[JRF: this PR has since been merged]'' The other deprecations in this RFC do not appear to affect WP Core at this time. There is one - `stream_context_set_option()`, which will impact Requests, but only in PHP 8.4 and [https://github.com/WordPress/Requests/pull/822 a patch has already been pulled] for this. === [https://wiki.php.net/rfc/saner-inc-dec-operators Saner increment/decrement operators] To my surprise, I have not found any issues in WP with this change based on the tests alone, but I would not be surprised if the odd issue around this gets reported over time. === [https://wiki.php.net/rfc/marking_overriden_methods Marking overridden methods] This is a new feature with limited validation functionality attached. The attribute basically allows to mark methods in a (child) class/interface which overload a method in a parent class or from an interface, as doing so intentionally. Per the RFC: > ... being able to express if a method is intended to override another method or implement an interface would make it easier to debug a mistake, to refactor and to clean up existing code. Another possible use case is to easily detect a possibly breaking change in a parent class that was provided by a library without needing to read the changelog in detail or missing some item in the list of changes I'd like to advocate for adding these attributes to WP Core in all the relevant places as it: * Increases awareness of the method overload for contributors. * Can serve as a warning that the method signature should not be touched (unless the parent method signature changes). * Has no downside as attributes are ignored in older PHP versions and in PHP versions where the attribute referenced does not exist. In the rare case that the attribute, once added, would result in a fatal error, that would be fantastic, as that means we have actually found a bug in WP before it got into a stable release. Separate ticket to allow for discussing this proposal in more detail and for patches: #59232. === [https://wiki.php.net/rfc/unserialize_warn_on_trailing_data Make unserialize() emit a warning for trailing bytes] While based on the current test suite, WP is not ''directly'' affected by this, the [https://developer.wordpress.org/reference/functions/maybe_unserialize/ `maybe_unserialize()`] function could still be confronted by data with trailing bytes. However, the call to the PHP native `unserialize()` within `maybe_unserialize()` silences all (PHP 8.0+: non-fatal) errors, so this new warning will not affect WP or its ecosystem as long as the `maybe_unserialize()` function is used. Having said that, a critical look at `maybe_unserialize()` may be warranted as the new warning in PHP is related to security issues discovered in other projects, so WP may want to consider rejecting unserialization for data throwing this warning. Also note that there are 7 uses of `unserialize()` in total within WP Core, one within `maybe_unserialize()`, but the function is also used in 6 other places and 5 of those do not use error silencing. === [https://wiki.php.net/rfc/improve_unserialize_error_handling Improve unserialize() error handling] This, again, affects the [https://developer.wordpress.org/reference/functions/maybe_unserialize/ `maybe_unserialize()`] function and this time, the code should probably be adjusted to handle the new errors which `unserialize()` can now throw. The change does not affect unserializing valid data, but in the case of invalid data, the type of and severity of the notices/warnings/catchable exceptions have been changed. All 7 uses of `unserialize()` in WP Core should be reviewed and for the 6 uses outside of the `maybe_unserialize()` function, it should be reviewed whether they can/should switch to using `maybe_unserialize()` and/or whether they should get their own (improved) error handling. Separate ticket to allow for discussing this and the previously listed RFC in more detail and for patches: #59233. === [https://wiki.php.net/rfc/assert-string-eval-cleanup Deprecate remains of string evaluated code assertions] As WP Core does not use assertions, it is not affected by the changes in this RFC. Plugins/themes may still be affected, though I'd hope none of those would use `assert()`.* * `assert()` is intended for dev-only use. The behaviour of `assert()` is heavily affected by ini settings which cannot be changed at runtime, which means that end-users may be confronted by unexpected fatal errors due to the use of `assert()` if they run on an incorrectly configured webhost. === [https://wiki.php.net/rfc/proper-range-semantics Define proper semantics for range() function] This RFC adds a number of errors and warnings for incorrect use of the `range()` function. WP Core has 8 uses of this function in `src`, 2 in `class-wp-text-diff-renderer-table.php` and 6 in various files from external dependencies. I've visually reviewed each of these and they all look to be okay, though a check to safeguard that the WP native uses are covered sufficiently by tests would be prudent. [TODO] === [https://wiki.php.net/rfc/datetime-exceptions More Appropriate Date/Time Exceptions] This RFC reclassifies warnings and errors from the DateTime extension to catchable Exceptions when the OO-interface is used (procedural use of the DateTime functionality is not affected). Based on the tests, WP Core is not affected by this and as the DateTime use of WP Core is pretty well tested, I'm fairly confident, we'll be fine. === [https://wiki.php.net/rfc/json_validate New json_validate() function] This function is a high-performance way to validate json prior to decoding it. This function cannot be polyfilled without a performance hit. However, due to the potential for using json for Denial-of-Service attack vectors (via a HUGE file/stream), I would strongly recommend for WP Core to start using this new function in all appropriate places wrapped within an `if ( function_exists() ) {}`. The `json_decode()` function is used 44 times within `src` (excluding external dependencies). We may want to consider introducing a `wp_json_decode()` function to ensure the use of `json_validate()` (when available). This would then mirror the already existing [https://developer.wordpress.org/reference/functions/wp_json_encode/ `wp_json_encode()`] function. See: #59234 == Status of External Dependencies === [https://github.com/JamesHeinrich/getID3 GetID3] Current status: * Linting is enabled against PHP 8.3. The build passes without finding any PHP 8.3 related issues. * **Important**: the project has no test suite, so the linting passing on PHP 8.3 is only a small comfort and does not provide any real security. * In other words: **''status unknown''**. * WordPress is using the latest version (1.9.22), see #56692 === [https://github.com/PHPMailer/PHPMailer PHPMailer] Current status: * Linting and tests are being run against PHP 8.3. * No known issues in the last release (6.8.0) (aside from something in the PHPMailer test suite, which doesn't affect WP). * WordPress is using the latest version, see #57873 === [https://github.com/WordPress/Requests Requests] Current status: * Linting and tests are being run against PHP 8.3. * No known issues in the last release (2.0.7) (aside from something in the Requests test suite, which doesn't affect WP). * WordPress is using the latest relevant version `2.0.6`, see #58079. Requests 2.0.7 only updated the certificates bundle, while WP uses its own) === [https://github.com/simplepie/simplepie SimplePie] Current status: * Tests are being run against PHP 8.3. * No known issues in the current `master` branch. * WordPress is behind and is still using version `1.5.8`, while the latest release is `1.6.0`, see #55604 I've done a test run of SimplePie 1.5.8 against PHP 8.3 and based on the tests, there are no relevant PHP 8.3 issues known at this moment. === [https://github.com/paragonie/sodium_compat Sodium Compat] Current status: * A [https://github.com/paragonie/sodium_compat/pull/160 PR has been opened] to enable running of the tests against PHP 8.3. The build passes without finding any PHP 8.3 related issues. ''[JRF: this PR has since been merged]'' * No known issues in the last release (1.20.0). * WordPress is using the latest version, see #58224. === [https://github.com/openwall/phpass PHPass] Current status: * Tests are being run against PHP 8.3. * No known issues in the current `main` branch, which translates to the `0.5.4` version. * WordPress is using version `0.5.0`, but the script is a little out of sync with upstream, though not in a way that it impacts the running of WP on PHP 8.3." jrf Tickets Awaiting Review 27606 """Add Existing User"" form does not preserve input in case of an error" Users low minor Awaiting Review defect (bug) new has-patch 2014-03-31T10:43:42Z 2019-05-03T10:39:43Z "Background: #27006 In single site, ""Add New User"" form preserves entered values in case of an error. In Multisite, ""Add New User"" form preserves the values, but ""Add Existing User"" does not. In network admin, ""Add New User"" form does not preserve the values." SergeyBiryukov Tickets Awaiting Review 48553 """Admin Color Scheme"" should not be saved before hitting the ""Update Profile"" button in profile page" Users 3.8 normal normal Awaiting Review defect (bug) assigned has-patch 2019-11-10T11:29:13Z 2023-05-26T09:54:34Z "On the profile page (''/wp-admin/profile.php'') when you click on a color scheme, it instantly updates (via AJAX) in the user meta and changes the color. I think this should not happen. User meta should be updated only after they hit the ""Update Profile"" button. It's OK to show the color (preview) as soon as they click an option, but storing the value in the database should be updated along with other info after clicking the save button. [[Image(https://s.nimbusweb.me/attachment/3516583/0ug6f4ro5vxd2e91ggdm/alEdMIiK5cCc8V2P/screenshot-core.wp-2019.11.10-17_25_46.png)]]" mukto90 Tickets Awaiting Review 56599 """All"" view not selected for all relevant views for custom post type" Posts, Post Types 4.2 normal trivial Awaiting Review defect (bug) new has-patch 2022-09-19T10:58:34Z 2022-09-19T14:24:10Z When the screen options get saved, the parameter `mode=list` gets appended to the URL. For the posts table, the “All” view gets the `.current` HTML class, since `\WP_Posts_List_Table::is_base_request()` returns `true`. For all other post types—including pages—it returns `false`. alpipego Tickets Awaiting Review 40340 """Attach to existing content"" modal shows posts and pages of other users" Role/Capability normal normal Awaiting Review defect (bug) reopened needs-unit-tests 2017-04-02T15:19:15Z 2017-08-03T17:54:02Z "From the Media library, a user can attach media (through the Attach link) that were uploaded by himself only. The first image shows the Attach links appearing for certain media only. In the same way, the ""Attach to existing content"" should also list only those posts/pages for which the user has the permissions to attach. Instead it lists all posts (including private) and pages of all users, and then, upon selection, gives the message ""Sorry, you are not allowed to edit this post."" " menakas Tickets Awaiting Review 57365 """Attempt Block Recovery"" functionality broken for buttons ""Convert to.."" click" Editor 6.1.1 normal normal Awaiting Review defect (bug) new 2022-12-21T12:16:37Z 2022-12-30T05:56:34Z "When i edit the HTML manually and click away, the ""Attempt Block Recovery"" error appears. == BUG: **Clicking on the ""''Convert to HTML''"" or ""''Convert to Blocks''"" does nothing.** [[Image(https://i.imgur.com/fzLTpaH.png)]] The button ""Attempt Block Recovery"" itself works and reverts the action to the previous state before I edited the html. I also screenshotted the red text from the console: [[Image(https://i.imgur.com/1l0PjIv.png)]]" mikulabc Tickets Awaiting Review 60082 """Copied"" tooltip should be hidden when another attachment URL is copied (in list mode)" Media 6.0 normal normal Awaiting Review defect (bug) new 2023-12-15T13:05:00Z 2024-03-12T15:39:27Z "In the media list view, clicking the ""Copy URL"" action link displays previously clicked ""Copy URL"". The previously clicked row showing ""Copied!"" when hover the media again. === Environment - WordPress: 6.4.2 - PHP: 8.2.0 - Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2u PHP/8.2.0 mod_wsgi/3.5 Python/2.7.18 mod_fastcgi/mod_fastcgi-SNAP-0910052141 mod_perl/2.0.11 Perl/v5.30.1 - Database: mysqli (Server: 5.7.39 / Client: 8.2.0) - Browser: Firefox 119.0 (macOS) - Theme: Twenty Twenty-Four 1.0 - MU-Plugins: None activated - Plugins: * WordPress Beta Tester 3.5.5 === Steps to Reproduce 1. Go to media library 2. Click ""Copy URL"" of one of the media. 3. Click ""Copy URL"" of another media. 4. The previously clicked row showing ""Copied!"" when hover the media again. === Expected Results 1. The previously ""Copied!"" tooltip should be close after clicking the next one. === Actual Results 1. The previously clicked row showing ""Copied!"" when hover the media again." jayadevankbh Tickets Awaiting Review 58518 """More info about performance optimization"" links in Site Health go to 404 error on WordPress.org" Site Health normal normal Awaiting Review defect (bug) new 2023-06-12T14:03:56Z 2023-06-13T06:47:37Z "On the Site Health page, at least under the ""Enqueued scripts"" improvements, the links for ""More info about performance optimization"" go to a broken link on wordpress.org (https://wordpress.org/support/article/optimization/). According to archive.org, it looks like that link was live as late as May 16, 2023. Not sure if there is now a new page. The only optimization page is https://wordpress.org/documentation/article/search-engine-optimization/." jeffgreendesign Tickets Awaiting Review 59340 """Open in new tab"" checkbox in hyperlink entry doesn't save" Editor 6.3 normal normal Awaiting Review defect (bug) new 2023-09-13T16:37:54Z 2023-09-29T15:48:45Z "When interfacing, the ""Open in new tab"" selection sometimes doesn't work. Rapidly entering the information on a slow internet connection should reproduce the bug. It's probably tied to network information, where the ""Save"" button SHOULD send a delayed network transmission of the update. Instead, it drops the information. This compounds as a worse problem with the new UI information, since it requires several clicks to confirm each hyperlink's present status. The workaround is to wait 2-3 seconds after selecting the checkbox but before selecting ""Save"". This most heavily affects power users and users with slow internet connections." phileossopher Tickets Awaiting Review 48954 """Sticky"" post state shows even for non-Post post-types" Posts, Post Types normal normal Awaiting Review defect (bug) new 2019-12-12T21:54:48Z 2019-12-12T22:15:24Z "Reported in the support forums: https://wordpress.org/support/topic/sticky-tag-remains/ When users of my Post Type Switcher plugin switch a Post into a Page, that page still shows as ""Sticky"" in the Pages list-table UI, even though Pages do not support the ""sticky"" functionality." johnjamesjacoby Tickets Awaiting Review 58287 """The server cannot process the image"" error, set_imagick_time_limit() and WP 6.2" Media 6.2 normal major Awaiting Review defect (bug) new 2023-05-10T15:51:53Z 2023-05-10T19:54:45Z "On many of our sites, managed on different machines and with different configurations, with version 6.2 of WordPress, when uploading images we often get this error: ""The server cannot process the image. This can happen if the server is busy or does not have enough resources to complete the task. Uploading a smaller image may help. Suggested maximum size is 2560 pixels."" Nothing appears in the `debug.log`, but analyzing the issue -which had never occurred before WordPress 6.2- we realized that it seems to be due to the new `set_imagick_time_limit()` method of the `WP_Image_Editor_Imagick` class. Maybe the value `0.8 * $php_timeout` is that a bit too conservative? Maybe it could be made hookable?" delitestudio Tickets Awaiting Review 43531 $content_width and Add Media (+ twentyseverteen?) Media 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-12T20:07:38Z 2019-01-21T22:04:59Z "I apologize in advance if this isn't a bug. However, I couldn't seem to find any documentation on the expected behavior (e.g., there's nothing on the codex page for the image_size_names_choose filter). None the less, it certainly feels odd / awkward. When adding an image (to a post / page), the size setting select (Add Media > Attachment Display Setting > Size) doesn't feel quite right. I understand the relationship between (global) $content_width and this setting. That is, the <img> tag's width= is forced / maxed to the $content_width (if the image is wider than the $content_width). I see this happening for the size = large images, as well as any image sizes I've added via add_image_size() that are too wide. However, it (i.e., the forced max width=) doesn't happen to the size Medium when the Medium width is set wider than the content width. Perhaps this is intentional? Theme was twentyseventeen. Unfortunately, I've haven't had time to try to reproduce this on another theme. The size Medium was set to 800 x 800. I'd like to suggest the Settings > Media page display the current $content_width, as well as explain a bit, as well as link to a deeper explanation. As it is, a user can select a theme, blindly set the image sizes (not realizing who they actually map to the theme), and then be hit with the experience (?) described above, AND have no idea why. Truth be told, it took me too long to figure this out. Somehow I've managed to avoid $content_width. Too many custom themes maybe? :) Or am I just missing something about the intent of what otherwise feels like a sloppy experience? I hope this helps. TIA " ChiefAlchemist Tickets Awaiting Review 43695 $depth and $args are switched when using custom callback in wp_list_comments() Comments 4.9.5 normal normal Awaiting Review defect (bug) new has-patch 2018-04-05T05:55:31Z 2021-11-26T11:12:27Z "For the custom function I am using the [latest function from walker](https://github.com/WordPress/WordPress/blob/master/wp-includes/class-walker-comment.php#L343) as a base. When you use custom callback in comments.php template: {{{#!php <?php // comments.php $args = [ 'type' => 'comment', 'format' => 'html5', 'style' => 'ol', 'short_ping' => true, ]; // Use our custom callback if it's available if( function_exists( 'custom_render_comment' ) ){ $args['format'] = 'custom'; $args['callback'] = 'custom_render_comment'; } wp_list_comments( $args ); }}} The arguments that get passed to custom_render_comment function are switched: {{{#!php <?php // custom_render_comment.php function custom_render_comment( $comment, $depth, $args ) { /* var_dump($depth): array(15) { [""walker""]=> NULL [""max_depth""]=> string(1) ""5"" [""style""]=> string(2) ""ol"" [""callback""]=> string(21) ""faeiv2_render_comment"" [""end-callback""]=> NULL [""type""]=> string(7) ""comment"" [""page""]=> int(0) [""per_page""]=> int(0) [""avatar_size""]=> int(32) [""reverse_top_level""]=> bool(false) [""reverse_children""]=> string(0) """" [""format""]=> string(6) ""faeiv2"" [""short_ping""]=> bool(true) [""echo""]=> bool(true) [""has_children""]=> bool(true) } } var_dump($args): int(1) */ } }}} The result is this error: {{{ Warning: array_merge(): Argument #1 is not an array in [...]/wp-content/themes/mytheme/inc/render-comment.php on line 56 }}} I haven't found any mention of switching arguments in the WordPressCodex. The fix is easy, just switch those variables, but I think it should be addressed somewhere in the documentation." vincurekf Tickets Awaiting Review 52651 $option_group argument in settings_fields() function is misdescribed Options, Meta APIs 2.7 normal normal Awaiting Review defect (bug) new 2021-02-25T10:59:49Z 2021-02-28T10:52:51Z "The settings_fields() function in plugin.php takes a single argument described as $option_group. However this argument is then used to populate the 'option_page' hidden element. The docBlock param description says ""This should match the group name used in register_setting()"" but if you follow this advice, your option group will not be included in $allowed_settings and you will get an error. {{{#!php /** * Output nonce, action, and option_page fields for a settings page. * * @since 2.7.0 * * @param string $option_group A settings group name. This should match the group name * used in register_setting(). */ function settings_fields( $option_group ) { echo ""<input type='hidden' name='option_page' value='"" . esc_attr( $option_group ) . ""' />""; echo '<input type=""hidden"" name=""action"" value=""update"" />'; wp_nonce_field( ""$option_group-options"" ); } }}} It seems a common fix for this on the internet is to pass the 'option_page' value instead. https://wordpress.stackexchange.com/questions/376785/wordpress-error-options-page-setting-not-found-in-the-allowed-options-list if the argument name could be changed to $option_group and the docBlock updated accordingly, that would correct the issue without breaking existing implementations {{{#!php <?php /** * Output nonce, action, and option_page fields for a settings page. * * @since 2.7.0 * * @param string $option_page The slug-name of the settings page on which the section is shown. */ function settings_fields( $option_page ) { echo ""<input type='hidden' name='option_page' value='"" . esc_attr( $option_page ) . ""' />""; echo '<input type=""hidden"" name=""action"" value=""update"" />'; wp_nonce_field( ""$option_page-options"" ); } }}} " pe01b6 Tickets Awaiting Review 43372 $wp_query->max_num_pages return value as float Query 4.9.4 normal trivial Awaiting Review defect (bug) new 2018-02-20T16:32:40Z 2022-02-10T15:13:40Z "As a page number, Integer would make more sense than Float. This is not a big problem but kinda annoying when you do strict comparison on this value. since no one will define a page number as float." ironghost63 Tickets Awaiting Review 43664 $wpdb->get_results fails in specific cases with non-latin charaters in where clause Database 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-30T08:37:47Z 2018-04-08T19:09:08Z "Let's say we have user with display name 'Алексей'; {{{$wpdb->get_results(""SELECT user_login FROM $wpdb->users where `display_name`='Алексей' "", ARRAY_A);}}} executes normally {{{$wpdb->get_results(""SELECT user_login AS 'russian person' FROM $wpdb->users where `display_name`='Алексей' "", ARRAY_A);}}} executes normally as well but {{{$wpdb->get_results(""SELECT user_login AS 'person from Russia' FROM $wpdb->users where `display_name`='Алексей' "", ARRAY_A);}}} returns empty array and results in error: [table <table_prefix> Russia.doesn't exist] SHOW FULL COLUMNS FROM `Russia` That means 'from' in 'person from Russia' somehow gets in sql It's an obscure enough situation, but might signify that something is wrong with wpdb query handling" altert Tickets Awaiting Review 40014 & converted to '#038 Themes 4.7.2 normal normal Awaiting Review defect (bug) new 2017-03-02T08:41:46Z 2017-03-03T05:01:54Z "Hi guys, This is a follow-up to #30831. Using WordPress v4.7.2 . With paginate_links() and setting the 'add_args' to an an array of values breaks the url. Specifically replaces '''&''' with '''#038'''; Sample code below: {{{ echo paginate_links( array( 'base' => str_replace( $big, '%#%', esc_url( get_pagenum_link( $big ) ) ), 'current' => max( 1, get_query_var( 'paged' ) ), 'total' => $query_object->max_num_pages, 'format' => 'page/%#%', 'add_args' => array( 'project' => 1 /* or whatever the project number is*/ ), ) ); }}} The code above replaces '''&''' with '''#038'''; Sample result: http://domain.com/?page_id=1&paged=2#038project=1 " fervillz Tickets Awaiting Review 40899 '&' Is always escaped in the JavaScript template. General 4.7.5 normal normal Awaiting Review defect (bug) new 2017-06-01T08:41:12Z 2020-09-08T13:05:47Z "When I tried the JavaScript template, '&' was always escaped. Source: {{{ <script type=""text/template"" id=""tmpl-fields""> <p>&</p> <p>Unscaped: {{{data.value}}}</p> <p>Escaped: {{data.value}}</p> </script> <script type=""text/javascript""> ( function($) { $(document).ready( function () { var template = wp.template( 'fields' ); $( '.widget_search' ).after( template( { value: ""W<i>o</i>&r'l\""d"" } ) ); } ); } )( jQuery ); </script> }}} Rendering: {{{ <p>&</p> <p>Unscaped: W<i>o</i>&r'l""d</p> <p>Escaped: W<i>o</i>&r'l""d</p> }}} While checking the interpolation of the variable, '&' was always converted to '& amp;'. Is this a specification or a bug? " tmatsuur Tickets Awaiting Review 27244 'Restore This Autosave' immediately updates a published post Revisions normal normal Awaiting Review defect (bug) new 2014-02-28T23:43:29Z 2024-02-25T19:29:55Z "The ""Restore This Autosave"" button on the revisions screen immediately replaces the post with the autosave without making it clear that that is the case. Steps to reproduce: 1. Publish a post. 2. Edit the content of the post and trigger an autosave (either by waiting two minutes or by clicking the 'Preview Changes' button). 3. Navigate away from the post editing screen. 4. Return to the post editing screen and note the message stating ""There is an autosave of this post that is more recent than the version below"". Click ""View the autosave"". 5. On the revisions screen, click ""Restore This Autosave"". 6. Note that the autosave has been published rather than simply being restored to the editing screen." johnbillion Tickets Awaiting Review 40585 'Update' vs 'Schedule' Posts, Post Types normal normal Awaiting Review defect (bug) reopened has-patch 2017-04-27T16:48:26Z 2017-05-08T18:44:30Z "Hi, today i work with WordPress and i noticed a problem. My timeline event is: 1) I have an article ""X"" published of the 26 april at 20.00. 2) Today, 27 april at 18.02 i start the edit the article 3) At 18.15 finish edit article and modified date of article in pubblication in 27 april at 18.15 4) Now i don't look button ""Update"" but i look button ""Planning"". I have feeling that WordPress don't check date in this moment (18.15) but check date open edit article (18.02). The article is pubblished in all cases but theoretically the article is deleter on the google serp for some minutes. Sorry for my english :)" micheleconversano Tickets Awaiting Review 39914 'orderby' date results differs depend on 'post_status' Query 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-19T09:40:43Z 2017-02-19T09:40:43Z "Default 'orderby' date return different order results depend on 'post_status' passed in WP_Query. For example, 3 published posts with identical post_date (if bulk publish, import or other stuff) in WP_Query will return different posts order on page, which depend on 'post_status' = 'publish' or 'any'. Since all posts are published, setting 'post_status' should not affect default orderby date results. Most notably this difference in edit.php?post_type= in comparison with front-end WP_Query results. Is it normal behaviour of such querying results?" esemlabel Tickets Awaiting Review 42422 'unique' index not removed from the 'slug' column of the 'wp_terms' table Taxonomy 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-02T19:07:15Z 2017-11-11T18:10:02Z "This is a follow-up to #22023. It appears that on one of my older installations of wordpress the unique index was never removed from the 'slug' column of the 'wp_terms' table. The latest update 4.8.3 must have stirred something up with wp cron, conflicting with the unique status of the column. This has caused thousands of the following errors to be logged which in turn caused our server to 503 due to hitting the PHP FcgidMaxProcessesPerClass limit. Note: this installation has had regular updates since being installed years ago. {{{ stderr: WordPress database error Duplicate entry 'category-slug' for key 'slug' for query INSERT INTO `wp_terms` (`name`, `slug`, `term_group`) VALUES ('Category Name', 'category-slug', 0) made by do_action_ref_array, WP_Hook->do_action, WP_Hook->apply_filters, _wp_batch_split_terms, _split_shared_term }}}" joellisenby Tickets Awaiting Review 43676 .htaccess rules don't work with Plain Rewrite Rules normal normal Awaiting Review defect (bug) new has-patch 2018-04-02T21:03:48Z 2022-01-05T12:08:54Z "If I use ""Plain Url Style"" in Permalink Settings then I can't add custom rules .htaccess from mod_rewrite_rules filter. I think that this is bug. For example: {{{#!php <?php function uploads_from_remote_server( $rules ) { $rules = ""<IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule wp-content/uploads/(.*) http://example.com/wp-content/uploads/$1 [NC,L] </IfModule>\n\n"" . $rules; return $rules; } add_filter( 'mod_rewrite_rules', 'uploads_from_remote_server' ); }}} This filter not working in Plain Url Style but should." sebastian.pisula Tickets Awaiting Review 44313 /wp-admin/css/forms.css problem when adding a <select> with 'restrict_manage_users' Users normal normal Awaiting Review defect (bug) new 2018-06-05T20:10:29Z 2018-06-05T20:14:10Z "When `current_user_can( 'promote_users' )`, [[https://developer.wordpress.org/reference/classes/wp_users_list_table/extra_tablenav/|WP_Users_List_Table::extra_tablenav()]] adds a dropdown of roles and a ""Change"" button. All well and good; see the `without_restrict_manage_users_current.png` attached screen shot. If something then hooks into [[https://developer.wordpress.org/reference/hooks/restrict_manage_users|restrict_manage_users]] and adds another dropdown, the ""Change"" button is located to the right of that new dropdown rather than still being next to the roles dropdown; see the `restrict_manage_users_current.png` attached screen shot, and the `restrict_manage_users_expected.png` screen shot for what I expect to see." pbiron Tickets Awaiting Review 40685 /wp-includes/class-wp-hook.php function resort_active_iterations not working correct General 4.7.4 normal normal Awaiting Review defect (bug) new 2017-05-06T19:23:26Z 2017-06-08T00:02:14Z "if you have current priority of 5, whose only hook is cancelling itself (remove_filter) and the new priority list is for example (2,7,12), then this part {{{#!php while ( current( $iteration ) < $current ) { if ( false === next( $iteration ) ) { break; } } }}} sets the current pointer to 7, so the next priority worked on is the 12 in apply_filters function, while it should be 7. " tim2017 Tickets Awaiting Review 41128 404 Page not found after using same URL in post / page Posts, Post Types 4.8 normal normal Awaiting Review defect (bug) new 2017-06-22T15:40:28Z 2017-06-22T17:13:21Z "Starting from a clean Wordpress 4.8 installation. 1. Configure permalinks to: http://domain.com/post-title/ 2. Create a post with title 'new' 3. Remove the post with title 'new' to trash 4. Create a new page with title 'new' 5. Remove post 'new' from trash (not necessarily, both cases result in 404) 6. The page you created trows a 404 due to a database error since it has two different objects with the same URL, though different objects. " jpgos Tickets Awaiting Review 60011 6.4.1 seems to deliver poor external cache performance compared with 6.3.2 Cache API 6.4 normal normal Awaiting Review defect (bug) new 2023-12-04T21:52:06Z 2024-01-10T13:52:41Z "Hello, After upgrading WordPress from 6.3.2 to 6.4.1 I noticed a performance degradation and started to investigate. The upgrade was done on our staging site, where as the production site still runs on 6.3.2 I went through all plug-ins and made sure that staging and production had the same code base and system running except for the WordPress versions. We use Redis version 6 as central cache for our sites, that all run on 2 instances in Azure Web Services for Linux, using PHP 8.2 as base. The cache miss rate has constantly been ~10% on version 6.3.2 but increased to ~34% on version 6.4.1. I have run the two setups side by side over the weekend and had a similar load on the sites and the figures above seem consistent over time. I have nothing more specific to share as to which lookups that fail, but it seems consistent over WordPress and plug-ins using the external cache. I have had a look on Pods behavior together with Pods support as I at first after upgrading saw a 1000% increased page load time and Pods was generating most of it. At this point the cache showed a missrate of >70%. But after saving Pods settings in 6.4.1, the update of alloptions seemed to get rid of that specific overhead and Pods were performing as the rest of the plug-ins. This is how I realized that the increased load time in 6.4.1 might be cache related as the miss rate did not go below 30%. As stated above, I have no firm examples of erroneous calls to share, it seems to be a general behavior. I am also attaching a link to an image showing Redis cache behavior with 6.3.2 on top, 6.4.1 below. If Cache API is the right component for this, I dont know, but it seemed to be close to my obeservaton. Kind regards, Bjørn Hasselberg [[Image(https://pro4uadmin.blob.core.windows.net/wordpress/6.3.2%20and%206.4.1%20cache.png)]] " bjornha Tickets Awaiting Review 37362 @font-face errors with dashicons in Microsoft Edge Script Loader normal normal Awaiting Review defect (bug) new 2016-07-14T12:08:36Z 2017-12-11T23:04:04Z "I encountered the following errors in Microsoft Edge console when enter admin dashboard: CSS3113:@font-face font format not recognized dashicons.eot CSS3120: No fonts available for @font-face rule load-styles.php (0,37) This is the following explanation of error code https://msdn.microsoft.com/query/dev12.query?appId=Dev12IDEF1&l=EN-US&k=k%28VS.WebClient.Help.CSS3113%29#cssCodes " jevuska Tickets Awaiting Review 60451 @subpackage tag is considered deprecated by phpDocumentor General normal normal Awaiting Review defect (bug) new 2024-02-07T01:13:08Z 2024-02-07T01:13:08Z "The @subpackage tag is considered deprecated by phpDocumentor. Instead, the @package tag supports multiple levels. Source https://docs.phpdoc.org/3.0/guide/references/phpdoc/tags/subpackage.html > This tag is considered deprecated and support may be removed in a future version of phpDocumentor. It is recommended to use the @package tag's ability to provide multiple levels instead." henry.wright Tickets Awaiting Review 39939 A Contributor cannot preview their own post if it's scheduled Posts, Post Types normal minor Awaiting Review defect (bug) new needs-unit-tests 2017-02-22T12:52:02Z 2017-02-23T05:36:25Z "Steps to reproduce: 1. A Contributor writes a post and submits it for review. At this point they can preview their post. 2. An Editor or Administrator approves the post and schedules it for publication at a later date. 3. The contributor viewing the Posts listing table can no longer preview their post. Previously: #33694 " johnbillion Tickets Awaiting Review 47593 A Role Setting is missing on Users page for Bulk Actions Users normal normal Awaiting Review defect (bug) new has-patch 2019-06-23T12:27:08Z 2020-06-30T08:10:06Z " On a User’s Edit Profile page it is possible to set the ROLE as “- No Role for this site -” On the Users page (list of all users) this is displayed as Role = None But the option is not available in the CHANGE ROLE selection for Bulk Actions. This is a useful feature and seems to have been missed. Ref:[https://wordpress.org/support/topic/wp-5-2-2-missing-feature/]" jim5471 Tickets Awaiting Review 50284 A fix to the CPT-no-create-when-submenu-child problem. Administration 5.5 normal normal Awaiting Review defect (bug) new 2020-05-29T23:04:21Z 2022-11-10T09:27:05Z "Here's a bug and a work around solution. (It is something that coders try to implement, but back away from when they see it's broken.) Code is traced ready to be altered. Please see [StackExchange](https://wordpress.stackexchange.com/questions/367822/how-to-allow-add-new-capability-of-cpt-when-links-to-its-ui-are-placed-as-a-su) for the bloodsucking work. Short is that users with the `edit_{post-type}` custom capability for a custom post type cannot create that particular post type if the UI is accessible by way of a submenu. The fix is to **NOT POPULATE THE POST MENU WITH post-new.php** if the user does not possess the `edit_posts` capability. [This line](https://core.trac.wordpress.org/browser/tags/5.4/src/wp-admin/menu.php#L170) is the problem child: it needs to go sit in the corner with a pointy hat on. I'm new to the whole playing with other WordPressers in the sandbox kind of thing. If I knew how to make changes to the core for upgrades, I would have submitted a file change with that line 170 in wp-admin/menu.php looking like this: `if( current_user_can($ptype_obj->cap->create_posts) ) { $submenu[ $ptype_file ][10] = array( $ptype_obj->labels->add_new, $ptype_obj->cap->create_posts, $post_new_file ); }` ... well, formatted nicely into three lines, obviously." mort1305 Tickets Awaiting Review 41180 ABSPATH definition - incorrect on chrooted vhost Bootstrap/Load 4.8 normal normal Awaiting Review defect (bug) new has-patch 2017-06-27T08:17:39Z 2019-02-04T17:41:03Z "ABSPATH defined in wp-load.php (and in other files) returns incorrect string on chrooted vhosts (double slash '/' instead of a single): {{{#!php <?php if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', dirname( __FILE__ ) . '/' ); } }}} On chrooted vhost - output of dirname( __FILE__ ) is '/' and no need to add additional '/' at the end of string. It would be nice if the ABSPATH definition looked like the following: {{{#!php <?php if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', ('/' === dirname( __FILE__ )) ? dirname( __FILE__ ) : dirname( __FILE__ ) . '/' ); } }}} " dacartpl Tickets Awaiting Review 45818 ALLOW_UNFILTERED_UPLOADS does not work on multisite Upload normal normal Awaiting Review defect (bug) new 2019-01-03T16:25:01Z 2022-09-22T17:34:48Z "In a multisite environment ALLOW_UNFILTERED_UPLOADS does not work. It only works for super admin. /wp-includes/capabilities.php line ~385. {{{#!php <?php case 'unfiltered_upload': if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin( $user_id ) ) ) $caps[] = $cap; else $caps[] = 'do_not_allow'; break; }}} I have a site where the client needs to be able to upload files that are created by various CAD applications, too numerous to name them all, I don't even know them all. The mime type varies on these file depending on what application is creating them, there seems to be no standardization for extension/mime type in CAD applications and each file extension is only allowed a single mime type. Due to this I must constantly fiddle with the allowed files and mime types so that they can upload them. This is ridonkulous as there seems to be no other way on multisite to allow unfiltered uploads." Hube2 Tickets Awaiting Review 55515 About the problem that the php file of the theme editor and plugin editor cannot be edited in multi-site Networks and Sites 5.9.2 normal normal Awaiting Review defect (bug) new has-patch 2022-04-02T13:45:22Z 2022-04-02T14:30:49Z "Nice to meet you. Create a ticket for the first time. If you do not follow the rules, please let me know. In multi-site, when editing with the theme editor and plugin editor of the management screen, the php file is in an uneditable state. After verification, it was possible to solve it by changing the admin_url function on lines 552 to 562 of wp-admin / includes / file.php to the network_admin_url function. https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/file.php#L552-L562 The problem is that I'm making a validation request containing wp_scrape_key for a php file, but even for multi-site the request is now sent to /wp-admin/theme-editor.php. Therefore, when verifying wp_scrap_key, it will be redirected to /wp-admin/network/theme-editor.php and cannot be verified, resulting in loopback_request_failed that cannot be edited. This seems to be happening at all multi-sites. If anyone knows, please let me know." ishihara takashi Tickets Awaiting Review 52990 Account for single quoted attributes when lazy loading images and iframes. Embeds 5.5 normal normal Awaiting Review defect (bug) new needs-unit-tests 2021-04-07T00:24:58Z 2021-06-11T00:22:11Z "`wp_iframe_tag_add_loading_attr()` and `wp_img_tag_add_loading_attr()` includes a check to ensure the elements have a `src`, `width` and `height` attribute before adding the lazy loading attribute. In both functions the check only considers attributes using double quotes so the lazy loading tag is not added for elements using single quoted attributes. [https://github.com/WordPress/wordpress-develop/blob/895d6a691d7ccdfe80cdf999bc0c8a78d11ad55a/src/wp-includes/media.php#L1893-L1895 img ref], [https://github.com/WordPress/wordpress-develop/blob/895d6a691d7ccdfe80cdf999bc0c8a78d11ad55a/src/wp-includes/media.php#L2012-L2015 iframe ref]. As WordPress does not normalize attribute tags to use double quotes, single quoted attribute tags ought to be considered. Image version 5.5, iframe version 5.7. Follow up to #50756, #52768." peterwilsoncc Tickets Awaiting Review 41324 Action of password-protect form. Posts, Post Types normal normal Awaiting Review defect (bug) new 2017-07-14T12:38:49Z 2017-07-14T12:43:17Z "The default form action too-easily (I think just two submissions of a blank or incorrect password) loads wp-login.php?action=postpass with a 'service unavailable' message'). Simple validation to ensure correct password can prevent this. " gulliver Tickets Awaiting Review 44891 Activate button showing after theme activated Themes 4.9.8 normal normal Awaiting Review defect (bug) new has-patch 2018-09-05T06:24:28Z 2018-09-06T15:17:33Z "How to get bug:- First go on Appearance - > Theme After that active theme i will go on next page add new theme on this page my activated theme showing again active button." anilhada Tickets Awaiting Review 52874 "Activating plugins on Install page randomly errors with ""The plugin does not have a valid header"" message." Plugins normal normal Awaiting Review defect (bug) new 2021-03-21T01:09:33Z 2021-03-22T22:10:18Z "This seems to be something that has been occurring for some time without resolution in core. Just started seeing a lot more reports of it recently for one of my plugins, which lead me to dig and see that it has been occurring in the same way to other plugins for years. Issue: On Plugin Installer page, if you install and activate plugins it can show the following message: ""The plugin does not have a valid header"". Most users get around it by going to the All Plugins page and activating without issue. Plugin that currently seems affected include: - Content Control - [W3 Total Cache](https://www.pixelwars.org/forums/topic/the-plugin-does-not-have-a-valid-header/) - [Zapier](https://wordpress.org/support/topic/the-plugin-does-not-have-a-valid-header-198/) And some from the past few years with same issue: - [Etsy Shop](https://wordpress.org/support/topic/the-plugin-does-not-have-a-valid-header-150/) - [Jotform](https://www.jotform.com/answers/2975729-jotform-wp-plugin-plugin-does-not-have-a-valid-header-error) That was only what I found on first page of google." danieliser Tickets Awaiting Review 40394 Activation email not sent to new users on Windows (have come out another time) Mail 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-08T08:59:29Z 2017-04-08T12:48:27Z "https://wordpress.org/support/topic/activation-email-not-sent-to-users/#post-9009273 I experience this into a: windowsOS/php5.6/apache2.4 when i test an user registration, the email that inform the admin about new user is sent out, while the activation email to the user not. so to fix it on fly, i've remove (like last time) $header that seem to cause a problem: {{{#!php <?php //Can't use additional_parameters in safe_mode, calling mail() with null params breaks //@link http://php.net/manual/en/function.mail.php if (ini_get('safe_mode') or !$this->UseSendmailOptions or is_null($params)) { //$result = @mail($to, $subject, $body, $header); $result = @mail($to, $subject, $body); } else { $result = @mail($to, $subject, $body, $header, $params); } return $result; }}} " axewww Tickets Awaiting Review 52975 "Add ""states"" to terms list table (for WP_Taxonomy::$default_term)" Taxonomy normal normal Awaiting Review defect (bug) new 2021-04-05T22:26:56Z 2021-04-05T22:26:56Z "The Terms list table (`WP_Terms_List_Table`) should include support for the ""states"" concept that currently also exists for Posts, Media, and Sites. Specifically, I'd like to see ""– Default"" added to the default term. I want this because WordPress Admin does not offer any explanation why the ""Uncategorized"" Category has no ""Delete"" link in the list-table UI and also has no checkbox for bulk-actions. See: `_post_states()`, `_media_states()`, and `WP_MS_Sites_List_Table::site_states()` Mock-up screenshot imminent." johnjamesjacoby Tickets Awaiting Review 53195 Add $post or $post_id to the quick_edit_custom_box hook Posts, Post Types normal normal Awaiting Review defect (bug) new 2021-05-12T11:17:34Z 2021-05-12T11:17:34Z "Right now when you're adding a custom box to quick edit, you can't set an existing value without using JavaScript, cause you don't have acces to the post. For a more elaborate explanation, see the User Contributed Notes, top one by stevenlinx: https://developer.wordpress.org/reference/hooks/quick_edit_custom_box/ It would be more elegant if we could just use the post within the hook I think." tomjdevisser Tickets Awaiting Review 57268 Add Escaping properly in Class Custom background Page Administration normal normal Awaiting Review defect (bug) new has-patch 2022-12-03T10:10:30Z 2022-12-03T18:30:34Z "In the class-custom-background.php , I noticed there are some missing escaping. I think these should be escaped properly. Example: {{{ <?php echo $input['label']; ?> }}} " shailu25 Tickets Awaiting Review 53314 Add Themes page in UI issue Themes 5.7.2 normal normal Awaiting Review defect (bug) reopened 2021-06-01T05:06:10Z 2022-01-08T05:09:35Z "Hi , i have found some small issue on IPhone on add new theme page on admin side. More information you can see mentioned screenshot. Thank you " sumitsingh Tickets Awaiting Review 59986 Add a filter into the $wp_meta_boxes output loop to provide the ability to change data Posts, Post Types normal normal Awaiting Review defect (bug) new 2023-11-29T13:52:42Z 2023-11-29T15:43:44Z "I have a metabox added via plugin that connects a custom post type with users. But I don't like the name of the Meta Box, it obscures the purpose of the box. So, the plugin doesn't have this option, and I have to change global $wp_meta_boxes for the desired effect, which isn't the correct thing to do. Of course, I could write a plugin author plea to add a filter (and it will be the third ""brilliant idea"" from me in two days 🙈), but it is possible to stumble across this need with another plugin as well. This is why I think it is necessary to add the filter to the core. Related ticket: https://core.trac.wordpress.org/ticket/39969" oglekler Tickets Awaiting Review 46266 Add auto-draft to list of statuses faked in get_sample_permalink() Permalinks normal normal Awaiting Review defect (bug) new has-patch 2019-02-17T15:07:12Z 2019-06-19T13:09:54Z "In the new editor, we currently have to wait for a manual save or publish in order to edit the permalink. I'm working on resolving this in https://github.com/WordPress/gutenberg/pull/12009. To facilitate immediate editing of the permalink, we need to know the permalink structure at the time the editor is initialized. #45017 added added the `permalink_template` to the REST posts controller. The solution there uses `get_sample_permalink()` to generate the `permalink_template` value. This works for certain non-published post statuses by [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/post.php?rev=44670&marks=1339-1343#L1339 faking the post status] to `publish` when running `get_permalink()`. However, when we initialize a new post in the block editor, the status is `auto-draft`. So it returns a standard non-pretty permalink in the format `/?p=123`. We don't know the permalink structure until a draft is manually saved, or the post is published. By adding `auto-draft` to this list of statuses that are faked as published, it will return the proper `permalink_template` for `auto-draft` posts. " earnjam Tickets Awaiting Review 51597 Add debugging of a single session Administration normal normal Awaiting Review defect (bug) new 2020-10-22T01:30:19Z 2020-10-22T01:30:19Z "At the moment, debugging options are controlled by constants. This means that an entire site is either producing debug output and/or saving queries, or it doesn't. In this situation, every user session sees the same output, and that's a problem for all but the person who's trying to fix the problem. On large, active sites, this can be a problem for many, many users, thus affecting the respective business negatively for no good reason. I propose to add a way to debug only a single session. Those with the ""administrator"" role and/or a new ""debug"" capability should see a new menu in the admin bar, where they can turn on various debugging options. By using GET parameters and/or cookies, it should be possible to then trigger debugging functions that match the user's selection only for that one session. Some debugging still requires site-wide flags, e.g. background tasks, API calls, etc. Therefore, the new mechanism cannot replace the use of constants completely. However, if may be possible to identify cases for constants, cases for session flags and cases for both." galbaras Tickets Awaiting Review 34088 Add delay to admin menu arrow's disappearance Administration 4.3.1 normal normal Awaiting Review defect (bug) new has-patch 2015-09-29T23:11:19Z 2022-11-16T11:25:44Z "Currently if you hover over an item in the admin's left sidebar, the submenu will show after a few hundred milliseconds. The arrow/triangle next to the submenu will appear at the exact same time. However, on leaving the hover state, the arrow disappears right away while the submenu will stay around for a few hundred milliseconds and then disappear. I would assume this is because the arrow is bound to the menu item, and not the submenu. Not really sure what the solution would be to this, but I see it as a bug in code that's improves UX. [[Image(https://cldup.com/oDl-qIUYxW.gif)]]" pathartl Tickets Awaiting Review 51306 Add inline documentation for atomlib.php Feeds 5.5 normal normal Awaiting Review defect (bug) new 2020-09-14T08:09:30Z 2021-06-29T17:34:38Z Doc: Add $msg parameter entry for _p($msg) function anonymized_18274256 Tickets Awaiting Review 56794 Add linting for `gutenberg_*` functions Build/Test Tools normal normal Awaiting Review defect (bug) new 2022-10-11T15:32:06Z 2023-06-29T16:11:03Z "When Gutenberg functionality is deemed ready and merged into Core, all `gutenberg` prefixes should be replaced with` wp_*` or other more context appropriate ones. There should be some type of automated process that attempts to detect occurrences that accidentally make their way in." desrosj Tickets Awaiting Review 32433 Add registered image sizes in WXR export file Export normal normal Awaiting Review defect (bug) new has-patch 2015-05-18T21:26:41Z 2018-07-17T08:15:01Z "When a WordPress site is exported, attachments are also exported (though only the original image url). If a user then imports that into a new WordPress install, images will be generated for all registered image sizes on the new blog. If however, the exported site was running different image sizes, it will potentially have references to those images in post content (e.g. `image-322x422.png`); however, `322x422` is not a registered image size on the new site. This will produce 404 images in the new post content. This was acknowledged (though I don't think addressed) in #16984: > A problem that might arise is if there are different image size settings on the export and import sites. So an exported post might contain an image img-200x200.jpg but the import site hasn't generated the appropriate size. For the first patch I'm ignoring this and saying that it's up to the user to ensure the settings are consistent. Potential future fixes include importing options or generating the extra sizes on the fly The user will typically not have control over image sizes either way (as they have to be registered in code) - also the recipient of a WXR file does not know the image sizes on the exported site. It therefore seems logical to include image sizes somewhere in the WXR file, so importers (the WordPress importer or otherwise) know what image sizes to generate for all existing attachments." joehoyle Tickets Awaiting Review 40502 Add the check version and template attributes method for /themes/update-check/1.1/ API HTTP API 4.7.4 normal normal Awaiting Review defect (bug) new 2017-04-20T19:55:09Z 2017-04-20T19:55:09Z "I created a child theme for work, but WordPress noticed me that new theme has an update. That is so weird. So I traced the code and found that problem is API(api.wordpress.org/themes/update-check/1.1/) did not check the whole theme's info between local and WordPress DB. Here is my steps: 1. install the base theme named `site` 2. create a child theme named `royal` 3. add theme info in royal/style.css and royal/functions.php style.css: /* Theme Name: Royal Author: Knockers Version: 1.0 Template: site */ functions.php: <?php ?> 4. login to wp-admin/themes.php and the update notice shows up! I think the API must check the `Theme Name`, `Version`, `Author` and `Template` attributes at least and make sure the theme package is current belong to someone." mxp Tickets Awaiting Review 42478 Add_permastruct ignores EP_NONE and other args if %post_id% is present in struct Rewrite Rules 4.9 normal normal Awaiting Review defect (bug) new 2017-11-08T22:15:20Z 2017-11-08T22:15:20Z "Additional rewrite rules are made if the %post_id% is in a struct passed to add_permastruct. This happens because generate_rewrite_rules (called in to process the permastructs) assumes anything with %post_id% in its struct is a post and should have attachments, talkbacks, comments, etc. I suspect it's holdover from when %post_id% and p= only referred to posts and post_ids from the wp_posts table at large. I have a simple enough solution. Add another default rewrite_tag that generates the 'p=' query but doesn't trigger the additional rewrites. i.e. add_rewrite_tag( '%p%', '([0-9]+)', 'p=' );" Underscorefunk Tickets Awaiting Review 54500 Added Javascript (such as online chat) are displayed also in the widget editor Widgets 5.8.2 normal normal Awaiting Review defect (bug) new 2021-11-24T08:22:51Z 2021-11-24T08:22:51Z "See screenshots.. I don't think this is supposed to be like that, right? [[Image(https://i.imgur.com/tXYvaM6.png)]] [[Image(https://i.imgur.com/TSrKjU4.png)]] specifically, this is - theme GeneratePress - tawk.to plugin" mikulabc Tickets Awaiting Review 41680 Added rewrite tags using add_rewrite_tag() not working on static front-page Rewrite Rules 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-20T19:46:58Z 2017-08-20T19:46:58Z "Hello everyone, the following ticket is a little bit similar to the issue described here: #25143 == Introduction == I am working on a plugin which provides a shortcode. This shortcode generates some content/output on a page where it is placed on. The shown output depends on optional URL-parameters. For example those two URLs result in different outputs: - my-site.com/my-page - my-site.com/my-page?'''foo'''=''bar'' In preparation for pretty URLs I have to register a new rewrite-tag '''foo''': {{{#!php add_rewrite_tag('%foo%', '([^/]*)'); }}} This allows me (in combination with the corresponding rewrite rules) to use pretty URLs like this: - my-site.com/my-page/'''foo'''/''bar'' As expected you can access the assigned value ''bar'' of '''foo''' with the following code: {{{#!php $value_of_foo = get_query_var('foo'); // returns: bar }}} == Problem == This all works fine as long as the page which includes the shortcode is not set as the sites static front-page. In this case your URLs will usually look like that: - my-site.com (the content of the static page is shown) - my-site.com/?'''foo'''=''bar'' (from here it is broken) So, whats happening? Instead of generating and showing the content based on the URL parameter, the second URL loads the front-page but instead of showing the content of the static page, it acts like the blog page and shows the list of the latest posts. The problem is that {{{is_home}}} is improperly set to {{{true}}} because we now have a custom query-var in our URL which basically makes the content of a ''static'' page not ''static'' anymore. But this fact shouldnt let WordPress showing the list of the latest posts-page instead. This problem makes it impossible for users to place and show the content of a shortcode - which is based on (prettyfied) URL-parameters - on their static front-page. At the moment I am using the following code as a workaround but I think this is not an optimal long-term solution for this problem: {{{#!php function fix_query_vars_on_front_page($query) { // Dont do this workaround when we are in the administration area or when we are not inside the main query. if (is_admin() || !$query->is_main_query()) { return; } // Cache the actual query vars first. $queryVarCache = $query->query; // Only continue when our query vars are not already empty. if (!empty($queryVarCache)) { // Remove our query vars from the cache when they are set. if (isset($queryVarCache['foo'])) { unset($queryVarCache['view']); } // When our cache is empty, we are on a front-page (is_home() or is_front_page()). Ensure that the following filtering only happens on a static front page. if (empty($queryVarCache) && get_option('show_on_front') === 'page') { // Get the ID of the front page and add it to the query vars. $query->query['page_id'] = get_option('page_on_front'); // Reparse the query. $query->parse_query($query->query); } } } add_action('pre_get_posts', 'fix_query_vars_on_front_page'); }}} Maybe some way to add custom rewrite tags without adding them as a query var would be a possible solution for this. Of course there would be a need to add a function to access them, for example {{{get_rewrite_var('foo')}}} instead of {{{get_query_var('foo')}}}. I am looking forward that WordPress will make this possible in a future version. :-)" Asgaros Tickets Awaiting Review 59746 Adding User Biographical Info without space breaks the container and adds horizontal scroll Users 6.3.2 normal normal Awaiting Review defect (bug) new 2023-10-26T10:43:35Z 2023-10-27T04:30:09Z "I found one issue in User Biographical Info module. Whenever I am adding bio without spacing, it breaks the container and adds horizontal scroll ! - Environment: fresh WordPress with no additional plugins - Theme: Twenty Twenty-One ( 1.9 ) - Screen recording: https://screenrec.com/share/H6zALe1fXd" mihirdev21 Tickets Awaiting Review 40500 Adding custom capabilities to a custom post type seems to break permalink link on post edit screen Posts, Post Types 4.7.3 normal normal Awaiting Review defect (bug) new 2017-04-20T16:28:46Z 2019-11-27T20:38:26Z "Added custom capabilities to a wordpress custom post type to be used in conjunction with a role scoper plugin .... see: https://www.dropbox.com/s/7gzvma9t3lm028j/Screenshot%202017-04-20%2010.27.15.png?dl=0) ... seems to make the permalink link that shows up on the post edit screen, beneath the title, non-functional (ie, no URL is actually outputted). Also does not have the ""view [custom post type]"" link that typically appears in the black wordpress admin toolbar. Otherwise, everything works as designed. Confirmed on two separate hosts with plugins disabled and default theme. Confirmed that removing custom capabilities fixes the issue. Confirmed that adding capability using alternative method of simply 'capability_type' => array('print', 'prints'), also has the same result. " finitejest Tickets Awaiting Review 35887 Adding multiple media to post - selecting image size Media 4.4.2 normal normal Awaiting Review defect (bug) new 2016-02-20T12:03:10Z 2023-10-25T04:35:24Z "When clicking ""Add Media"" to add images to a post, you can select multiple images. With all images selected, logic follows that if you change the ""ATTACHMENT DISPLAY SETTINGS"" size from default ""Medium"" to ""Full Size"", that all selected images would have the same setting changed, but when you add them, only the one image that was highlighted is actually ""Full Size"" and the rest which were selected, but not highlighted, are still ""Medium"". I think when adding multiple media, all should be changed to size that is selected in ""ATTACHMENT DISPLAY SETTINGS""." myburgh.bernard@… Tickets Awaiting Review 55095 Adding widgets to widget area with the classic editor in appearance => widgets, widget does not display on front-end (brand new widgets only)) Widgets 5.9 normal normal Awaiting Review defect (bug) new 2022-02-06T09:25:11Z 2022-02-06T09:25:11Z "Hi, I have noticed that when trying to create and manage widgets in the classic editor using the view; appearance => widgets, that when you attempt to display the widget on the front-end of the website using dynamic_sidebar('sidebar-name'), that for some reason the widget does not display. This only happens with brand new widget areas that have had no previous widgets assigned to them. I then added a new widget to the same widget area in the customizer => widgets view, and the widget then displayed using dynamic_sidebar('sidebar-name'). This then showed both widgets added to the area, the widget i assigned in appearance => widgets, and the new one i just assinged in customizer => widgets. To be clear these widgets were exactly the same in both widget used and content assigned. after doing this through the customizer, then adding another widget to the widget area in the appearance => widgets view, the updates are displaying on the front-end as you would expect. I am using self-hosted a self-hosted WordPress website. The widget I was trying to add to my website was a custom widget that, that followed the documentation in https://codex.wordpress.org/Widgets_API to the letter." morgscode94 Tickets Awaiting Review 57219 Additional CSS not visible in editor on List block Editor 6.1 normal normal Awaiting Review defect (bug) new dev-feedback 2022-11-28T11:21:52Z 2022-12-23T05:58:13Z "List block doesn't have Additional CSS classes loaded in the Gutenberg editor. For test, I opened a post that has Additional classes on List, they are not visible in the editor. Then I just saved the post without making any change.The result: Before: {{{ <!-- wp:list {""className"":""warnings-red spaced-half""} --> <ul class=""warnings-red spaced-half""> }}} {{{ After: <!-- wp:list --> <ul><!-- wp:list-item --> }}} This means that after every old post update, we have to add back additional classes. " ivojerkovic Tickets Awaiting Review 52616 Admin Taxonomy Search returns only 10 results max and no pagination Menus normal normal Awaiting Review defect (bug) new 2021-02-23T00:51:16Z 2021-02-23T10:37:57Z "In Admin : /wordpress/wp-admin/nav-menus.php In the 'Add menu items' section. When you search for products or categories or other taxonomies, it returns maximum of ten 10 results and with no option of pagination. Looked for a solution but found nothing. Can this be fixed somehow?" aristotelisj Tickets Awaiting Review 28117 Admin bar shouldn't use dynamic styles on frontend for logged out visitors Toolbar 3.3 normal normal Awaiting Review defect (bug) new has-patch 2014-05-04T14:49:33Z 2021-09-02T19:50:50Z "Admin bar gets styles depending on current user's browser. Problem is that when you using admin bar on front end for logged out users with full page cache turned on, visitor with IE or mobile might be the first one so everyone else with get that specific style. See #26221 for similar problem." dimadin Tickets Awaiting Review 42610 Admin created account password reset process not reverse proxy friendly Login and Registration 4.9 normal normal Awaiting Review defect (bug) new 2017-11-17T21:08:41Z 2017-11-17T21:08:41Z "WordPress newbie, so feel free to point me to a better resolution. Couldn't find anything quite like this. Have WP running mostly correctly behind a reverse proxy. So no one ever directly touches blog.<domain>.com (the WP site), instead they access it through www.<domain>.com/blog If I create user accounts in the admin, it sends initial password reset links to the new accounts, which have a format like www.<domain>.com/blog/wp-login.php?action=rp&key=<hash>&login=<user> In wp-login.php, I see the case that catches the rp action, and it does something with the key and user parameters, then strips them off and redirects again to wp-login as follows: {{{#!php wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) ); }}} I'm unclear on why this line doesn't incorporate site_url as do several other places in nearby code. The user ends up getting a redirect to /wp-login.php. That is, from the '''user's perspective''' (not seeing the reverse proxy activity), it looks like: www.<domain>.com/blog/wp-login.php?action=rp&key=<hash>&login=<user> redirects to www.<domain>.com/wp-login.php?action=rp which is a 404 From the '''WP server's''' perspective, it told blog.<domain>.com/wp-login.php?action=rp&key=<hash>&login=<user> to redirect to /wp-login.php?action=rp which would have been fine if there were no reverse proxy involved. This is not the desired behavior in my case, and I would think it would be safe to redirect to <site_url>/wp-login.php?<query string with key and login removed> I can work around it in the main site's rewrite rules by forcing /wp-login to /blog/wp-login, but that seems as if it shouldn't be necessary. Thanks for your consideration." normjhansen Tickets Awaiting Review 52514 Admin dasboard load verry slow at some active plugins - WP Advanced Comment Comments 5.6 normal major Awaiting Review defect (bug) assigned has-patch 2021-02-12T19:23:20Z 2021-02-12T19:23:20Z Hello. When some plugins are active, it takes very long to load the main dashboard and the query times are very long. Example, wp advanced comment. Take a look on fresh install wordpress and activate this kind of plugins. attosoftonline Tickets Awaiting Review 43267 "Admin editor ""Insert link"" modal on mobile seems to have incorrect styling" Editor 4.8.3 normal normal Awaiting Review defect (bug) new has-patch 2018-02-09T06:32:50Z 2018-02-14T03:58:54Z "The modal box that pops up when you hit the link button of the editor in text mode is positioned strangely, in a way that on some devices you can't even hit the Add Link button, making it impossible to add a link. I looked at the css and noticed that the modal is in a fixed position in the center of the screen when the screen is big enough (the modal is 500px by 500px), and when the screen is smaller the modal is responsive. The issue seems to be that while the class #wp-link-wrap has a margin-top of -250px to center the modal in the middle, there is a media query ( max-width: 782px ) that specifies a margin-top of -140px. There is a separate media query (max-width: 520px) that's apparently trying to make the modal responsive but because the margin-top: -140px is applied, the modal box is way lower than it should be on mobile. I noticed there is a media query for the height also but that's targeting max-width 520px as well, so any mobile device that has a screen height larger than 520px would have the modal positioned awkwardly. I added a custom css in my admin screen that forces a margin-top of -250px as a quick fix, but I was wondering if this is a styling bug that's going to get fixed. I tested on several version of WordPress that I had access to, and I reproduced this in the latest, as well as versions 4.9.2, and 4.8.3. I checked an older site with version 3.9.2 and on this version the modal has a height of 280px that expands to 500px when I click on ""Or link to existing content"". I'm guessing the -140px margin was a declaration that was written for that version of the modal box that didn't get deleted when the modal box became 500px on default. Sorry if this is duplicate, I tried searching for a ticket that was similar but could not find anything." dannymasao Tickets Awaiting Review 48705 Admin email confirmation language should be changed Users 5.3 normal normal Awaiting Review defect (bug) new 2019-11-18T17:02:05Z 2019-11-18T17:02:46Z The new confirmation regarding the admin email is confusing, as many sites will have multiple admin level users. The language doesn't make it obvious that the email being confirmed is the overall site's admin email address, as opposed to the email of the admin person logging in. This will result in the main admin email getting changed back and forth between users, and notifications ending up not where they belong. mywebmaestro Tickets Awaiting Review 54685 Admin email verification redirects back to login page Login and Registration 5.8.1 normal normal Awaiting Review defect (bug) new has-patch 2021-12-23T00:53:15Z 2024-03-12T19:38:31Z "Hi everyone, Recently, our admins started to getting `Administration email confirmation` on logon. However, after clicking on `This email is correct` admins are redirected back to login page and asked to login again. We've tried many times and it's an infinite loop of logging in, confirming email address, redirecting back to login page, logging in, confirming email addres, redirecting to login page and so on. We use login URL configured on the /wp-admin/options-general.php?page=move-login page and it seems like WP doesn't properly handle admin email confirmation when login URL is set. I had a look at the codebase and I believe this `?action=confirm_admin_email` string parameter gets lost when webserver redirects `wp-login.php` to configured login page: https://github.com/WordPress/WordPress/blob/b788e6255a97dbdd1dc55d42f8fbeeb66c806214/wp-login.php#L623 I added one more hidden input same way as `redirect_to` is implemented https://github.com/WordPress/WordPress/blob/b788e6255a97dbdd1dc55d42f8fbeeb66c806214/wp-login.php#L635 and this fixed the issue. I'm happy to attach a patch file. Kind regards, Mikhail Golenkov" golenkovm Tickets Awaiting Review 40701 Admin menu icon distorted in Chrome when #adminmenu folded Administration 4.7.4 normal normal Awaiting Review defect (bug) new has-patch 2017-05-09T11:17:06Z 2017-06-22T21:30:33Z "By default - when the admin menu is not folded - the icons in the admin menu are 36px wide. {{{ #adminmenu div.wp-menu-image { float: left; width: 36px; height: 34px; margin: 0; text-align: center; } }}} With this width, Chrome renders the icons sharp. When the admin menu is folded it changes the width to 35px: {{{ .folded #adminmenu div.wp-menu-image { width: 35px; height: 30px; position: absolute; z-index: 25; } }}} The icons are blurry as the lines in the icon shifted 0.5px horizontally -> antialising. Possible solution: Do not force .wp-menu-image to 35px when the menu folded. {{{ .folded #adminmenu div.wp-menu-image { height: 30px; position: absolute; z-index: 25; } }}}" nextendweb Tickets Awaiting Review 56302 Admin menu links have relative URLs Administration normal normal Awaiting Review defect (bug) new dev-feedback 2022-07-29T06:01:54Z 2022-11-04T07:53:52Z "Hey, When i opened `abc.com/wp-admin/options.php/` and then try to go on submenu under settings then menu link is wrong and not opening page. more information you can see quick recording. https://www.loom.com/share/e64670a986df4c5da8e81838799a7ea1 Thank you " iihglobal Tickets Awaiting Review 42527 "Admin menus: PHP warning ""open_basedir restriction..."" when `_wp_menu_output` is called" Administration 4.8.3 normal normal Awaiting Review defect (bug) new has-patch 2017-11-13T10:13:25Z 2024-03-28T09:03:43Z "When plugins create certain kinds of administration menus, PHP warnings can occur when those menus are rendered. Although it's the plugin that generates the menu, it's the WordPress core code that is responsible for the warnings. There may be related situations under which PHP warnings may occur during administration menu rendering, but the ones I've observed are, in summary: * When the PHP setting `open_basedir` is used. * When PHP is running under a Windows operating system. * When a plugin generates an administration menu featuring an external URL. Possible related issues are... * ticket:25048 -- file_exists check in menu-header.php causes issue with backend menu on an IIS server * ticket:0132 -- PHP Warning at menu-header.php line 118 === Steps to Reproduce 1. Preparation: (a) Make a website testing area running under a Windows operating system. I tested with Windows 7. (b) Have a web server installed. I tested with Apache 2.2. (c) Have MySQL installed and prepare necessary user accounts and databases. I used MySQL 5.6. (d) Have PHP installed and configured so that the `open_basedir` setting is ''not'' used (the test plugin will do that). I tested with PHP 7.1.5. Ensure PHP error logging is enabled. 2. Install WordPress 4.8.3. 3. Create a directory `wp-content/mu-plugins`. 4. Put the file `test.admin.menu.php` (attached) into that directory. 5. Log into WordPress as administrator. 6. Go to the dashboard. 7. Check that the ""NaNoWriMo"" menu appears. 8. Click the ""Info"" sub-menu under ""NaNoWriMo"". === Expected Behaviour The ""National Novel Writing Month"" information page should appear in the dashboard. Below the info, there should be only one error message displayed as ""test error, please ignore"". === Actual Behaviour In addition, there is an ""open_basedir"" error message displayed. This message may also appear in the PHP error log. The above happens when PHP runs under Windows. Under Linux, the behaviour is as expected, with no extra warning messages. === Impact The administrative menus are created correctly and behave as expected, however, there are PHP warning messages generated when those menus are rendered by `wp_menu_output()` in `wp-admin/menu-header.php`. The problem may seem relatively benign, but it could lead to bloated logs. It may also indicate more serious underlying issues. === Analysis The issue occurs when an administration menu (or sub-menu) with an external URL is created. The WordPress core attempts to make a file system path out of this URL, then checks for its existence. For example: `{DOCUMENT_ROOT}/wp-content/plugins/https:/nanowrimo.org` While this kind of operation may not be inherently dangerous, and does not seem to cause warnings unless the `open_basedir` PHP setting is used, concatenating URLs to file system paths is not an algorithmically correct thing to do." darkskipper Tickets Awaiting Review 45186 Admin notice jumps from above the H1 to below it when created. Administration 2.7 normal normal Awaiting Review defect (bug) new 2018-10-25T13:39:59Z 2022-07-24T00:11:42Z "Admin notices first appear above the H1 of a page, and then jump to just below it one second later. It is easy to reproduce by going to Settings->General-> Click ""Save changes"". You will see the ""Settings Saved"" notice jump from above the H1 to below it. You can see it in the gif below: [[Image(https://www.dropbox.com/s/438bwkztew9349s/admin_notice.gif?dl=0)]] This also happens for custom notices, for example any class=""notice notice-warning"" will also jump. " dschalk Tickets Awaiting Review 42146 Admin side menu id not displaying proper when name is long Posts, Post Types 4.8.2 normal normal Awaiting Review defect (bug) new has-patch 2017-10-08T10:30:32Z 2017-10-08T10:41:38Z "I am registering one custom post type. Post type menu name is too long without space. If menu name is ""mycustomedesignerbywordpressdeveloper"" then it goes outside of admin menu." arzookansagra Tickets Awaiting Review 51287 Administrators & Editors can't create localfile links in a multisite installation Formatting normal major Awaiting Review defect (bug) new 2020-09-10T11:08:31Z 2020-09-24T00:02:56Z "Steps to reproduce: Clean WordPress Multisite installation. Create a user with Administrator (or Editor) capabilities, not Super Admin. Login as the new user. Create a new page, and create a local file link in the visual editor. Enter a local file URL, e.g. **localfile:E:\foobar\** Publish and refresh the page. The link has now been stripped into a **\foobar\.** Note, if you try this with a Super Admin user it works as expected, and the link is correctly created. Why does WP strip the **localfile:E:** part of the link if the user is not an admin? " peikgabriel Tickets Awaiting Review 40630 "Advanced meta compare ""like"" in WP_Query" Query 4.7.4 normal normal Awaiting Review defect (bug) new has-patch 2017-05-02T06:28:33Z 2017-05-16T15:17:40Z "I try get posts with LIKE compare. For example: {{{#!php <?php add_action( 'init', function () { $q = new WP_Query( [ 'post_type' => 'any', 'meta_key' => '_stock_status', 'meta_value' => 'i%st', 'meta_compare' => 'LIKE', ] ); } ); }}} And I have SQL Query: {{{ SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) WHERE 1=1 AND ( ( wp_postmeta.meta_key = '_stock_status' AND wp_postmeta.meta_value LIKE '%i\\%st%' ) ) AND wp_posts.post_type IN ('post', 'page', 'attachment', 'product') AND (wp_posts.post_status = 'publish') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 10 }}} I can't get posts with meta value for example `instock` and other matched. " sebastian.pisula Tickets Awaiting Review 27832 All sites automatically marked as archived after upgrade Networks and Sites 3.7 normal normal Awaiting Review defect (bug) new 2014-04-16T10:47:37Z 2018-12-08T15:08:06Z "Strange thing, all sites were automatically marked as archived after automatic upgrade to 3.8.3. Maybe it is not related, but it was the last thing which is time-related to this problem. I checked database tables and all sites had archived = 1 in wp_blogs, but last_update column was not changed. So, it suggests, that it was not done by administrator. Administrator can archive primary site? Then it is not possible to access administration... I repaired it by setting 0 for all sites, but I am not sure, how could it happen? Do you have any ideas? There are no plugins which could cause it. I searched code and did not find any clue. Also hosting company is used for many other Multisite installations without problems. There are also some posts from different forums (usually somehow related to WordPress upgrade), but they are only talking about fixing problem and not about finding why... http://wordpress.org/support/topic/site-automagically-archived-or-suspended-on-multisite http://wordpress.org/support/topic/after-install-site-has-been-suspended-or-archived http://wpgarage.com/tips/unarchive-archived-suspended-site-wordpress-multisite/ Not sure, if it is some kind of bug, incompatibility or security hole..." pavelevap Tickets Awaiting Review 35538 "AllPosts page UI: link ""All"" has incorrect color" Posts, Post Types 4.4.1 normal trivial Awaiting Review defect (bug) new 2016-01-19T23:15:48Z 2023-07-09T20:45:45Z "STEPS TO REPRODUCE: 1) Log in (administrator), remove all posts. 2) Create new post. Go to AllPosts page. 3) Remove post to trash by clicking ""Trash"" menu item. EXPECTED RESULT: ""All (0)"" link color #000 ACTUAL RESULT: ""All (0)"" link color #0073aa" antonrinas Tickets Awaiting Review 41949 Allow multiple values for the same meta key to be passed to `wp_insert_post()` Posts, Post Types 4.4 normal normal Awaiting Review defect (bug) new has-patch 2017-09-22T02:03:21Z 2023-08-25T07:51:09Z [33910] introduced the `meta_input` argument to `wp_insert_post()`. However, there is no way to pass multiple values for the same meta key to be stored individually. desrosj Tickets Awaiting Review 54802 Allow post_comments_feed_link to disable feed output Feeds normal normal Awaiting Review defect (bug) new has-patch 2022-01-12T16:47:31Z 2022-01-12T16:47:39Z "Using `add_filter( 'post_comments_feed_link', '__return_false');` one would expect to disable ""Comment feeds"". It's not the case, because `$x = false; isset($x) === true;` https://github.com/WordPress/wordpress-develop/pull/2150" drzraf Tickets Awaiting Review 43653 Allow to filter the final message of signup user notification email Networks and Sites 4.9.5 normal normal Awaiting Review defect (bug) new 2018-03-28T14:18:11Z 2023-06-08T08:56:08Z "When a signup user notification is sent, we cannot filter the final message contained in $message. We can only filter one part of the message. This prevent us to send nice formatted emails using HTML (to send a formatted email, we need add include the message inside an HTML template)." benoitchantre Tickets Awaiting Review 38936 Alter Table Always Expects a COLUMN; Crashes on a CONSTRAINT Upgrade/Install normal normal Awaiting Review defect (bug) new dev-feedback 2016-11-24T17:25:13Z 2022-12-16T08:17:47Z "Hello, I'm attempting to activate a plugin I'm developing. The database creation scripts have CONSTRAINTs on them. When I attempt to reactivate, I'm getting this error: {{{ WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'CONSTRAINT `mytable_mycol_foreign` FOREIGN KEY (`mycol' at line 1] ALTER TABLE wp_mytable ADD COLUMN CONSTRAINT `mytable_mycol_foreign` FOREIGN KEY (`mycol`) REFERENCES `myothertable` (`myothercol`) }}} As you can see the SQL error lies in `ADD COLUMN CONSTRAINT`. This is being generated in `wp-admin/includes/upgrade.php` around line 2392 {{{#!php <?php // For every remaining field specified for the table. foreach ($cfields as $fieldname => $fielddef) { // Push a query line into $cqueries that adds the field to that table. $cqueries[] = ""ALTER TABLE {$table} ADD COLUMN $fielddef""; $for_update[$table.'.'.$fieldname] = 'Added column '.$table.'.'.$fieldname; } }}} `ADD COLUMN` is hardcoded and is creating this SQL error. I googled for a solution but didn't find anything. I've tried it with the constraints being part of the full table creation statement, and also as a stand alone statement, with the same results. " philsown Tickets Awaiting Review 31416 An accessibility issue with the Publish metabox Posts, Post Types 4.1.1 normal normal Awaiting Review defect (bug) new 2015-02-22T22:03:33Z 2018-12-09T20:28:05Z "Taking a closer look at the Publish metabox for posts I realise that it has what I would call a bug. Take a look at the image attached. It tells me a post is published, while it's still asking for confirmation to be published. This screen shows up when first a post is set to private -and so gets published privately- and next is set to public, without hitting the 'Publish' button. The post is actually published privately, which should show up as it's status, as it normally does. It tells me though it's published (which impies it should be published publicly). I stumbled upon this, while I was searching for a more intiutive solution for inexperienced posters on one of my sites to post privately. I found two threads in forums which adress this issue: https://wordpress.org/support/topic/how-to-set-new-post-visibility-to-private-by-default?replies=14 http://wordpress.stackexchange.com/questions/118970/set-posts-of-a-custom-post-type-to-be-private-by-default Neither of threads mention (or seem to be aware?) of this shortcoming, while both try to solve the same issue I'm having. I question whether this problem can be solved, while the Publish metabox has such shortcomings. I hope that by fixing this little bug, it might actually be possible to create a more accessisble Publish metabox for guests on a site, maybe by a hack or plugin, but preferably within the WP core files. [[Image(http://www.basbva.nl/wp-content/uploads/2015/02/publish-metabox-bug.jpg)]]" basbva Tickets Awaiting Review 43206 Angle brackets around URLs can confuse email clients Mail 4.9.2 normal normal Awaiting Review defect (bug) reopened 2018-02-01T19:20:43Z 2018-07-17T23:16:30Z "In #14140, angle brackets were added to plain text emails sent by WordPress due to some email clients not handling long URLs correctly. However in some email clients, the trailing `>` is treated as part of the link, which also causes users to end up at the wrong URL. As there is no standardised way to make a link clickable in a plain text document I think the best solution would be for WordPress to send all mail in both `text/plain` and `text/html`." tomdxw Tickets Awaiting Review 40164 Apace HTTP 414 error on deleting comments in bulk Comments 4.7.3 normal normal Awaiting Review defect (bug) new has-patch 2017-03-15T15:41:13Z 2017-03-15T21:23:12Z "Bit of an edge case, but I just had to delete 3000 comments from a WP site I took on and I was doing them in 200's (so not to over run the server and so I can check for any legitimate comments). Doing this, the first 200 comments were ""spanmmed"" fine, but then you do the next 200, it generates a 414 error as the url becomes something like: {{{ /wp-admin/edit-comments.php?s=&comment_status=moderated&pagegen_timestamp=2017-03-15+15%3A31%3A06&_total=200&_per_page=200&_page=1&paged=1&_ajax_fetch_list_nonce=ef4afc8347&_wp_http_referer=%2Fnew-site%2Fwp-admin%2Fedit-comments.php%3Fcomment_status%3Dmoderated%26paged%3D1%26spammed%3D200%26ids%3D814%2C365%2C2177%2C813%2C2021%2C812&_wpnonce=461233332d&_wp_http_referer=%2Fnew-site%2Fwp-admin%2Fedit-comments.php%3Fcomment_status%3Dmoderated%26paged%3D1%26spammed%3D200%26ids%3D814%2C365%2C2177%2C813 }}} Basically for every process it duplicates the url and if you have 100+ ID's in each request, it passes a really long url string 1) Is there a reason why all the comment ID's are passed to the url? 2) Can this be amended so in edge cases, so the 414 error isn't generated as it can and will frustrate some people." garethgillman Tickets Awaiting Review 60203 Application Passwords no longer authenticating Application Passwords 6.4.2 normal normal Awaiting Review defect (bug) new 2024-01-06T21:24:17Z 2024-02-15T14:18:51Z "hello, Application password does not work for me with WordPress 6.4.2. Error: 500 {“code”:”incorrect_password”,”message”:”Error:<\/strong> The password you entered for the username username<\/strong> is incorrect. Lost your password?<\/a>”,”data”:null} when i downgrade to 6.3.1 its work the user/application password did not change I use php 8.0" ihabosman Tickets Awaiting Review 49452 Approximately every week permalinks are lost for custom post types in multisite Permalinks 5.3.2 normal normal Awaiting Review defect (bug) new 2020-02-17T07:31:42Z 2020-02-17T09:49:56Z "I have to check my site https://6teamconditions.com/ multiple times a day as it will randomly just loose the permalinks for custom post types and will return a 404. I have deactivated security and cache plugins and still have same behaviour. There are no errors logged, I can not find any event that is causing this. I have used the same theme method for creating custom post types on hundreds of normal (non multisite) wordpress sites over many years without ever having this problem. The site has had this problem since going live in December, wordpress has been updated to latest version each time. I have been posting in the support forum with no luck https://wordpress.org/support/topic/permalinks-disapear-for-custom-post-types/#post-12332300 Example log of error 404 on website https://6teamconditions.com 135.180.133.34 - - [17/Feb/2020:01:14:55 +0000] ""GET /podcast/episode-002-the-6-conditions-framework/ HTTP/2"" 404 6464 ""-"" ""Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.100 Safari/537.36"" " Lauriate Tickets Awaiting Review 46931 Argument type mismatch Comments normal normal Awaiting Review defect (bug) new has-patch 2019-04-15T11:26:11Z 2020-10-16T00:36:26Z "In `wp-includes/comment-template.php`, we have argument types mismatched in DOC block of `comment_form_title` function. Please check if the proposed patch works." subrataemfluence Tickets Awaiting Review 41353 Async upload breaks when there are special characters into file name Media 4.8 normal normal Awaiting Review defect (bug) new dev-feedback 2017-07-18T07:53:48Z 2017-07-19T14:48:50Z After crunching the image, thumbnail breaks for the image. bhargavbhandari90 Tickets Awaiting Review 41511 Attachment page URL not created correctly for image uploaded directly to library before being added to post Editor 4.8 normal normal Awaiting Review defect (bug) new 2017-08-01T10:11:55Z 2018-03-22T20:36:13Z "=== To replicate: === 1. Visit Media ->Add New and upload a media file 2. Visit Posts ->Add New 3. Click Add Media 3. Select the media file previously uploaded and set Link To setting to Attachment Page 4. Publish the post 5. View post and click on image === What I expected: === To be taken to the attachment page for the image === What happened instead: === I got a Page not found error. Additionally the URL is formed as `http://SITE_URL/FILE_SLUG/` which is not the correct format for media attachment pages. I went back to the editor, clicked the image and clicked the edit icon. The Link To setting now shows that I have a Custom URL set instead of Attachment Page. Updating the setting to attachment page again changes the URL to `http://SITE_URL/YEAR/MONTH/POST_SLUG/FILE_SLUG/` If I now update the post, I can click the image to view the attachment page. === Context: === Reported via the [http://en.forums.wordpress.com/topic/problems-with-images-and-attachment-page-custom-url-settings WordPress.com support forums], but I've confirmed it on a non-WordPress.com site as well." kokkieh Tickets Awaiting Review 36680 "Audio player with preload=""metadata"" shows incorrect duration for audio files 1 hour or longer" Media 4.5.1 normal normal Awaiting Review defect (bug) new 2016-04-27T04:29:12Z 2017-09-20T21:29:57Z "For an audio file that's longer than one hour, using the audio player shortcode with preload=""metadata"" shows an incorrect duration for the audio when the page loads. The hours are chopped off. So an audio that is 1:07:45 in duration will erroneously display 07:45 upon loading. Then when the audio file is played, the correct duration pops in, but this causes the volume control to disappear, so the volume can no longer be adjusted while the clip is playing. Many podcasts are longer than an hour in duration. For a demonstration of the bug, see audio 16 on this page, which is 1:07:45 in duration: http://www.stevepavlina.com/audio/" Dexterity Tickets Awaiting Review 49393 Author user role, Gutenberg add picture from someone else, rest_forbidden_context crash, image size crash Editor 5.3.2 normal normal Awaiting Review defect (bug) new 2020-02-10T06:07:06Z 2020-10-25T04:43:08Z "Login as a user with role Author (important, user editor works normaly). Create post, add **existing picture from the gallery** to your article. In the console you'll get an error : [[Image(https://i.ibb.co/Xpkh5zs/bug-wordpress.png)]] /wp-json/wp/v2/media/11133?context=edit&_locale=user {code: ""rest_forbidden_context"", and you can't change the image size. - User roles Editor and Admin are not affected. - Uploaded picture by the Author are not affected. " debricon Tickets Awaiting Review 53325 Automated Update Failed Notice After Update is Done Administration 5.7.2 normal minor Awaiting Review defect (bug) new 2021-06-03T03:58:36Z 2021-06-30T09:29:26Z "Hello Folks, In my WordPress instance, it showed me the core update for version 5.7.2 I have started updating WordPress but it took longer. I don't know if it was a network issue or any other. But somehow, my update was done. Now, when I am opening the WordPress Admin Dashboard, it gives me constant warning **""An automated WordPress update has failed to complete""** I guess when the update was in progress, in the file: update.php, Line number 804, the option s not getting updated for **""auto_core_update_failed""** " malavvasita Tickets Awaiting Review 40032 Automatic redirects with _wp_old_slug won't mantain GET parameters if present Permalinks 2.1 normal normal Awaiting Review defect (bug) new has-patch 2017-03-04T15:05:27Z 2021-03-09T06:31:59Z "If for example links come up with GET parameters, for example utm parameters for analytics, they get stripped before the redirect. post_name = 'new-slug' _wp_old_slug = 'old-slug' http://example.org/old-slug/?utm_source=test1&utm_medium=test2&utm_campaign=test3 Wordpress will build the link for the redirect to the new slug without any GET parameter: http://example.org/new-slug/ I think it should mantein them instead: http://example.org/new-slug/?utm_source=test1&utm_medium=test2&utm_campaign=test3 I'm not even sure if this should be classified as a bug, if it's the correct behaviour or not. I'll let you judge." DrLightman Tickets Awaiting Review 34296 Autoplay for more than one self-hosted video fails Media 4.3.1 normal normal Awaiting Review defect (bug) reopened 2015-10-14T10:05:48Z 2017-07-05T20:12:26Z "Hi, When adding more than one self-hosted video to a page (using the [video] shortcode or media browser to insert), if you set more than one to autoplay, then none of them autoplay. This might be a mediaelementjs problem. Stock 4.3.1 install with TwentyFifteen: http://test.10degrees.uk/one-video-autoplay/ - one video set to autplay, works fine. http://test.10degrees.uk/two-videos-autoplay/ - both videos set to autoplay, neither plays. These are both mp4 files. Jonny" jonnyvaughan Tickets Awaiting Review 29920 Autosave breaks if post revision fields contains a value that isn't a string Revisions normal normal Awaiting Review defect (bug) new has-patch 2014-10-10T14:11:32Z 2019-06-04T18:12:47Z "This isn't exactly a bug... Its possible to filter '_wp_post_revision_fields' to add more fields. I am using this to track revisions for some meta fields. However the value of this must be an string otherwise you get notices when trying to create an autosave - as this calls `normalize_whitespace` on an array. It would be nice if this didn't completely break things. I've added a patch that only calls normalize whitespace if both values are strings - otherwise just do a simple comparison. If you think i'm doing_it_wrong - feel free to tell me so! I guess this is related to #20564 and any other meta revision fields." mattheu Tickets Awaiting Review 44070 Avoid flickering of admin notices General normal normal Awaiting Review defect (bug) new 2018-05-14T10:16:22Z 2018-05-14T12:50:11Z "Here's an example: - Save settings on the ''General Settings'' page ({{{wp-admin/options-general.php}}}) - Then the ""Saved settings"" admin notice displays first above the page header. - Then it moves below it, causing flickering. The admin notices are moved with Javascript in {{{wp-admin/js/common.js}}} {{{ /* * The `.below-h2` class is here just for backward compatibility with plugins * that are (incorrectly) using it. Do not use. Use `.inline` instead. See #34570. * If '.wp-header-end' is found, append the notices after it otherwise * after the first h1 or h2 heading found within the main content. */ if ( ! $headerEnd.length ) { $headerEnd = $( '.wrap h1, .wrap h2' ).first(); } $( 'div.updated, div.error, div.notice' ).not( '.inline, .below-h2' ).insertAfter( $headerEnd ); }}} See ticket #35047 and changeset [36134]. Also ticket #34570 and changeset [35516]. The same happens for notices on the other admin ''Settings'' screens, like: - {{{wp-admin/options-writing.php}}} - {{{wp-admin/options-reading.php}}} - {{{wp-admin/options-discussion.php}}} - {{{wp-admin/options-permalink.php}}} - {{{wp-admin/profile.php}}} - {{{wp-admin/user-edit.php?user_id=123}}} - ... etc ... We should avoid this flickering, e.g. hide it with CSS and display it with Javascript? I guess we should also consider the case if Javascript is turned off? Related #43978 [https://core.trac.wordpress.org/ticket/43978 Avoid flickering on the Tools / Export page] " birgire Tickets Awaiting Review 37635 BUG in get_option Options, Meta APIs normal normal Awaiting Review defect (bug) new 2016-08-11T08:11:58Z 2020-12-17T23:11:48Z "in wp_options, i had saved this large serialized string: http://pastebin.com/raw/hxwETuHX however, when i run `get_option(""option_name"")` it returns false... i have spent time and found out, that it's because that get_option tries to unserialize it and return the result, but it have problems while unserializing. then i decided to manually grab the value and unserialize by hand.. and i succeeded! {{{#!php $raw_data=$wpdb->get_var(""Select option_value from wp_options Where option_name='option_name'""); unserialize(Serialized_Fixer($raw_data)); function Serialized_Fixer($serialized_string){ // securities if ( !preg_match('/^[aOs]:/', $serialized_string) ) return $serialized_string; if ( @unserialize($serialized_string) !== false ) return $serialized_string; return preg_replace_callback( '/s\:(\d+)\:\""(.*?)\"";/s', function ($matches){ return 's:'.strlen($matches[2]).':""'.$matches[2].'"";'; }, $serialized_string ) ; } }}} and that worked! this is seriously a bug of WP! please fix it! thanks!" tazotodua Tickets Awaiting Review 58432 "BUG: Custom Core Block Variation details not updated in ""Settings Sidebar"" section" Editor normal major Awaiting Review defect (bug) new 2023-05-31T06:10:30Z 2023-06-13T16:31:52Z "**Issue:** When adding a custom **core block variation**, the details ( title, icon, description ) are not updated in the **""Settings Sidebar""** section. Hence there is no way to distinguish between custom core block **variations** and core **blocks** once a block is added. **How to reproduce:** 1. Add support for block variations to your existing theme. {{{ function prefix_editor_assets() { wp_enqueue_script( 'prefix-block-variations', get_template_directory_uri() . '/assets/js/blocks/block-variations.js', array( 'wp-blocks' ) ); } add_action( 'enqueue_block_editor_assets', 'prefix_editor_assets' ); }}} 2. Create a custom **core block variation** {{{ wp.blocks.registerBlockVariation( 'core/group', { name: 'card-group', title: 'Card group', description: 'A group with card styling', label: 'Card group', icon: 'wordpress', attributes: { className: 'card-group', }, innerBlocks: [ [ 'core/heading', { content: '' } ], [ 'core/paragraph', { content: '' } ], ] } ); }}} 3. Check inside editor for new core block variation. 4. Add new core block variation and check the siderbar with the block selected. Attaching pic & screen recording of the issue as well. Note: I used the following tutorial by **Carolina Nymark** to create the variation https://fullsiteediting.com/lessons/block-variations/ " deepakvijayan Tickets Awaiting Review 41304 Bad protocol sanitization in KSES for URLs NOT RFC 3986 compliant Formatting 4.8 normal normal Awaiting Review defect (bug) new 2017-07-13T10:41:29Z 2017-07-13T14:10:32Z "For URL's that are passed through the kses sanitizer. As specified in RFC 3986, Section 3.3 The path component contains data, usually organized in hierarchical form, that, along with data in the non-hierarchical query component (Section 3.4), serves to identify a resource within the scope of the URI's scheme and naming authority (if any). The path is terminated by the first question mark (""?"") or number sign (""#"") character, or by the end of the URI. If a URI contains an authority component, then the path component must either be empty or begin with a slash (""/"") character. If a URI does not contain an authority component, then the path cannot begin with two slash characters (""//""). In addition, a URI reference (Section 4.1) may be a relative-path reference, in which case the first path segment cannot contain a colon ("":"") character. The ABNF requires five separate rules to disambiguate these cases, only one of which will match the path substring within a given URI reference. We use the generic term ""path component"" to describe the URI substring matched by the parser to one of these rules. So colon(':') is allowed inside URL's. When trying to split the URL like this: {{{#!php <?php function wp_kses_bad_protocol_once($string, $allowed_protocols, $count = 1 ) { $string2 = preg_split( '/:|�*58;|�*3a;/i', $string, 2 ); ... }}} for URL's that do not contain a specified scheme and use colon (':') inside the URL this breaks and returns only the second part of the URL after the colon. Eg: //t0.gstatic.com/images?q=tbn:ANd9GcSxT2q6fV-59s5hq5a03fpgsFYzVtL014iARzGRG7S_3CUjYpIGNlQx0ruGtVl5KCAEOxAtb_ZQ will return: ANd9GcSxT2q6fV-59s5hq5a03fpgsFYzVtL014iARzGRG7S_3CUjYpIGNlQx0ruGtVl5KCAEOxAtb_ZQ Also a “network-path reference” should be implied, in the current format you assume a scheme exists beforehand. Changing the split to: {{{#!php <?php ... $string2 = preg_split( '/(:\/\/)|�*58;|�*3a;/i', $string, 2 ); if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) { ... $string = $protocol . '//' . $string; } ... }}} fixes this issue and is more compliant without breaking sensitization. " bogdanpreda Tickets Awaiting Review 53785 Block Styles dropdown should use 'Default' instead of 'Not set' Editor normal normal Awaiting Review defect (bug) new 2021-07-26T14:41:11Z 2022-01-11T09:39:16Z "Issue: After registering a new Block Style to the WordPress Core Paragraph block I noticed the text used in the dropdown states ''""Not set""'' instead of ''""Default""'', which is used as a caption in the image. This is confusing to (new) users. Proposed solution: Change the text in the dropdown into ''default''. This matches the image caption and clearly indicates that this style is the default style. " BjornW Tickets Awaiting Review 59318 Block Themes Fatal Error in PHP 8.1 When Referring To Missing Template Parts Themes 6.3.1 normal normal Awaiting Review defect (bug) new has-patch 2023-09-08T14:32:27Z 2024-02-09T16:01:36Z "We have a system that manages template and template part posts, and have noticed that if a template refers to a template part that no longer exists or did not sync to the site, we get a cryptic PHP fatal error about passing null to preg_replace: {{{ preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated }}} This occurs in template-part.php in the render_block_core_template_part function when calling shortcode_unautop: {{{ // Run through the actions that are typically taken on the_content. $content = shortcode_unautop( $content ); }}} In this case $content contains the value null. My expectation is that this would fail gracefully, and there is a check if it is null further up the function, but it only runs if $debug is true: {{{ // WP_DEBUG_DISPLAY must only be honored when WP_DEBUG. This precedent // is set in `wp_debug_mode()`. $is_debug = WP_DEBUG && WP_DEBUG_DISPLAY; if ( is_null( $content ) && $is_debug ) { }}} Meaning that unless WP_DEBUG and WP_DEBUG_DISPLAY are both set to true, there is no protection against null being passed into shortcode_autop" TJNowell Tickets Awaiting Review 52626 Block editor doesn't paginate parent page results Editor 5.6.2 normal major Awaiting Review defect (bug) new 2021-02-23T17:10:15Z 2023-11-08T05:05:24Z "Conditions: More than 100 pages. Use gutenberg editor. Edit a page. Result: Parent page dropdown is broken / does not contain all pages. Expected result: Should be able to see all the 100+ pages in the parent page dropdown. Reason: rest api ajax request only fetches the first 100 pages. The response headers does contain the corrent headers: X-WP-Total: 1040 (i have 1040 pages) X-WP-TotalPages: 11 (yes it's 11 x 100 pages) I see only one ajax request for the first 100 pages. After that i would see 10 more requests in older versions of wordpress. Now it's only one. I have tried reading the javascript but it's not easy to read. This breaks my companies internal website. Would be nice to have a fix. We can't switch away from gutenberg. This is also related to an older unfixed bug: https://core.trac.wordpress.org/ticket/46294 " hobzhobz Tickets Awaiting Review 55902 Block theme rendering issue Themes normal blocker Awaiting Review defect (bug) new 2022-06-02T11:27:45Z 2022-08-03T16:50:28Z "Hi, I am from Pagelayer team. And we have checked and found that in the `wp-includes/template-canvas.php` file, you have called the function `get_the_block_template_html()` above the header that breaks the flow of the calling hooks like (`get_header`, `wp_enqueue_scripts`, `wp_header`). For example, If we add any `the_content` hook inside the `wp_enqueue_scripts` hook, then the `the_content` hook not working properly. Please check and try fix the issue ASAP if possible. " jivansoft Tickets Awaiting Review 58709 Bug 6.3 beta-3: Black screen when selecting blocks in List view outside the block editor viewport. Editor normal major Awaiting Review defect (bug) new 2023-07-04T06:06:04Z 2023-07-04T06:54:43Z "When using the List View in the block editor, if a block is not currently visible in the viewport of the editor, selecting that block from the List View results in a black screen. Steps to Reproduce: - Install WordPress **6.3 Beta-3**. - Create a new post or page. - Add multiple blocks, ensuring that some of them are not currently visible within the viewport of the block editor. - Switch to List View to see the list of blocks. - Choose ""Select"" from Tools. - Attempt to select a block from the List View that is not currently visible in the viewport. Screenshot - https://share.getcloudapp.com/p9uZbOz2" abhijitnage Tickets Awaiting Review 59522 Bug handling multisites where main site URL and main blog URL are different Networks and Sites 6.3 normal normal Awaiting Review defect (bug) new has-patch 2023-10-03T10:34:20Z 2024-01-30T17:00:13Z "WordPress 6.3 and up appear to break handling of multisites where the `BLOG_ID_CURRENT_SITE` and the domain and path for the network in the `wp_site` table do not point at the same blog. It treats the the site configured in `wp_site` as if it is also the main blog in the network (over-riding `BLOG_ID_CURRENT_SITE`). This results in image paths being broken on the site set in `wp_site` if it is not in the root directory. How to recreate the bug: 1. In WordPress 6.2 or below, create a directory-based multisite, with 2 sites in the network, site 1 at just `http://localhost` and site 2 at `http://localhost/foo`. In `wp-config.php`, set both `SITE_ID_CURRENT_SITE` and `BLOG_ID_CURRENT_SITE` to `1`. In the `wp_site` table (which should only contain 1 entry, with ID `1`), set the domain to `localhost` and the path to `/foo/`. 2. Upload an image to the media library of `http://localhost/foo`. It should display correctly in the library, and have a URL of `http://localhost/onsblog/wp-content/uploads/sites/foo/[year]/[month]/[your-filename]`. 3. In the network site list, at `http://localhost/foo/network/sites.php`, `localhost` should be marked as the main site, reflecting the `BLOG_ID_CURRENT_SITE` constant. 4. Upgrade to WordPress 6.3 or 6.3.1. 5. In the media library of `http://localhost/foo`, the uploaded image will no longer display. If you view the image properties, it will report an image URL of `http://localhost/onsblog/wp-content/uploads/[year]/[month]/[your-filename]`, i.e. the subsite part of the path is missing. 6. In the network site list, `localhost/foo` is now marked as the main site, which does not reflect the `BLOG_ID_CURRENT_SITE` setting. This bug also results in all images uploaded via the classic editor prior to 6.3 404-ing in the frontend on the affected subsite post-upgrade. This behaviour was introduced in this commit: https://github.com/WordPress/WordPress/commit/05f19b1ed76af6d60855a1d44b8c15a166c5e36f, presumably unintentionally given the commit message. This line specifically is the issue: https://github.com/WordPress/WordPress/commit/05f19b1ed76af6d60855a1d44b8c15a166c5e36f#diff-254cbb80547c44f4b3a7ef37746bb5eb9f42bf29f0de5215034a8d1015928fecR242. When the `WP_Network` object is populated via the `WP_Network::get_instance()` method, the `$id` property is populated via a WPDB query: https://github.com/WordPress/WordPress/blob/master/wp-includes/class-wp-network.php#L106. This returns the `id` from the database as a string (normally `'1'`), which is then passed into `WP_Network::__construct()`, resulting in the `id` property being populated as a string. Therefore this check: {{{#!php ( defined( 'SITE_ID_CURRENT_SITE' ) && (int) SITE_ID_CURRENT_SITE === $this->id ) }}} will always return false, as `$this->id` will be a string. Either `$this->id` should also be cast as an integer, or the `WP_Network::__construct()` method should perform type enforcement, e.g. by calling the same class's `__set()` method to set properties. " robdxw Tickets Awaiting Review 39992 Bug in get_the_content Posts, Post Types 4.7.2 normal normal Awaiting Review defect (bug) new has-patch 2017-02-28T21:01:15Z 2017-10-11T20:25:06Z "In get_the_content $post is not checked if it's null, after {{{#!php <?php $post = get_post(); }}} and then on line: {{{#!php <?php if ( false !== strpos( $post->post_content, '<!--noteaser-->' ) && ( ! $multipage || $page == 1 ) ) }}} as you see, $post->post_content is queried. Then if $post is null, the program falls. A solution can be to check: {{{#!php <?php $post = get_post(); if ( ! $post ) { return ''; } //else }}} and then continue. Thank you for everything! :)" olik9 Tickets Awaiting Review 49725 Bug in plugin upload Upload normal normal Awaiting Review defect (bug) new dev-feedback 2020-03-29T07:47:29Z 2020-03-30T07:54:45Z "bug in wordpress version 5.3.2 how to exploit: 1. download wordpress and run into localhost. 2. trying to upload plugin than they are showing here only upload .zip file. 3. but we are trying to upload .php shell file. 4. now see file is upload successfully in database. " offensive Tickets Awaiting Review 39153 Bug in wp_html_split with unclosed PHP tag (or HTML tag <) Formatting 4.6.1 normal normal Awaiting Review defect (bug) new needs-unit-tests 2016-12-07T17:48:32Z 2018-03-02T08:27:32Z "The problem is in the ''shortcodes.php'' file, but exact problem is function ''wp_html_spli''t in ''formatting.php'' This bug is completely described in this question forum thread. https://wordpress.org/support/topic/bug-in-wp_html_split-with-unclosed-php-tag/ Consider following post code. {{{ Some amount of useless text <!--more--> [code-highlight line-numbers=""table"" linenostart=""53"" highlight-lines=""1,3,8"" style=""native"" lang=""html+php"" pyg-id=""1"" ] <?php //This callback registers our plug-in function wpse72394_register_tinymce_plugin($plugin_array) { $plugin_array['wpse72394_button'] = 'path/to/shortcode.js'; return $plugin_array; } //This callback adds our button to the toolbar function wpse72394_add_tinymce_button($buttons) { //Add the button ID to the $button array $buttons[] = ""wpse72394_button""; return $buttons; } ? [/code-highlight] Some amount of useless text <strong>checkstyle</strong> [code-highlight style=""native"" lang=""perl"" pyg-id=""2"" ] (?:s+)(?:(/*([^*]|[rn]|(*+([^*/]|[rn])))**+/)|(//(?!.*(CHECKSTYLE)).*)) [/code-highlight] }}} Here dump after this line {{{ $textarr = wp_html_split( $content ); var_dump($textarr); exit; }}} {{{ array(25) { [0]=> string(0) """" [1]=> string(3) ""<p>"" [2]=> string(28) ""Some amount of useless text "" [3]=> string(11) ""<!--more-->"" [4]=> string(0) """" [5]=> string(4) ""</p>"" [6]=> string(1) "" "" [7]=> string(3) ""<p>"" [8]=> string(121) ""[code-highlight line-numbers=""table"" linenostart=""53"" highlight-lines=""1,3,8"" style=""native"" lang=""html+php"" pyg-id=""1"" ]"" [9]=> string(6) ""<br />"" [10]=> string(1) "" "" [11]=> string(464) ""<?php //This callback registers our plug-in function wpse72394_register_tinymce_plugin($plugin_array) { $plugin_array['wpse72394_button'] = 'path/to/shortcode.js'; return $plugin_array; } //This callback adds our button to the toolbar function wpse72394_add_tinymce_button($buttons) { //Add the button ID to the $button array $buttons[] = ""wpse72394_button""; return $buttons; } ? [/code-highlight] Some amount of useless text <strong>"" [12]=> string(10) ""checkstyle"" [13]=> string(9) ""</strong>"" [14]=> string(0) """" [15]=> string(4) ""</p>"" [16]=> string(56) "" [code-highlight style=""native"" lang=""perl"" pyg-id=""2"" ]"" [17]=> string(6) ""<br />"" [18]=> string(72) "" (?:s+)(?:(/*([^*]|[rn]|(*+([^*/]|[rn])))**+/)|(//(?!.*(CHECKSTYLE)).*))"" [19]=> string(6) ""<br />"" [20]=> string(19) "" [/code-highlight] "" [21]=> string(3) ""<p>"" [22]=> string(15) ""Some Text Again"" [23]=> string(4) ""</p>"" [24]=> string(1) "" "" } }}} As you can see one shortcode was not splitted, and here the problem. If php closing tag is present (?>) than everything works fine. Problematic regex provider {{{#!php <?php function get_html_split_regex() { static $regex; if ( ! isset( $regex ) ) { $comments = '!' // Start of comment, after the <. . '(?:' // Unroll the loop: Consume everything until --> is found. . '-(?!->)' // Dash not followed by end of comment. . '[^\-]*+' // Consume non-dashes. . ')*+' // Loop possessively. . '(?:-->)?'; // End of comment. If not found, match all input. $cdata = '!\[CDATA\[' // Start of comment, after the <. . '[^\]]*+' // Consume non-]. . '(?:' // Unroll the loop: Consume everything until ]]> is found. . '](?!]>)' // One ] not followed by end of comment. . '[^\]]*+' // Consume non-]. . ')*+' // Loop possessively. . '(?:]]>)?'; // End of comment. If not found, match all input. $escaped = '(?=' // Is the element escaped? . '!--' . '|' . '!\[CDATA\[' . ')' . '(?(?=!-)' // If yes, which type? . $comments . '|' . $cdata . ')'; $regex = '/(' // Capture the entire match. . '<' // Find start of element. . '(?' // Conditional expression follows. . $escaped // Find end of escaped element. . '|' // ... else ... . '[^>]*>?' // Find end of normal element. . ')' . ')/'; } return $regex; } }}} Without any doubts this case should be included in regex. " crosp Tickets Awaiting Review 39811 Bug maybe_unserialize() broke mysql data. Database 4.7.2 normal normal Awaiting Review defect (bug) new 2017-02-08T13:53:06Z 2017-02-20T06:34:57Z "I have an issue what is realated to maybe_unserialize() function. Example: When someone made MySQL export or backup and you want that data to import in database again, widgets, some plugin setup, some template setup, particular WPBakery Visual Composer or similar visual editors lost it's setup. To get all work well I change function into this: {{{ function maybe_unserialize( $original ) { if ( is_serialized( $original ) ) { $fixed = preg_replace_callback( '!(?<=^|;)s:(\d+)(?=:""(.*?)"";(?:}|a:|s:|b:|i:|o:|N;))!s', 'serialize_fix_callback', $original ); return @unserialize( $fixed ); } return $original; } function serialize_fix_callback($match) { return 's:' . strlen($match[2]); } }}} -wit this code I get all data to work well but I'm unable to install new plugins or made any kind of update. What to do with it, how to fix this problem and can you made some update to this code or add some solution to not happen this problems? Here is also my StackOwerflow question: http://wordpress.stackexchange.com/q/255591/82023 Thanks!" ivijanstefan Tickets Awaiting Review 41891 Bug when changing $(comments_)pagination_base of WP_Rewite instance to string with non-ASCII characters Rewrite Rules normal normal Awaiting Review defect (bug) new 2017-09-15T13:05:55Z 2017-09-15T13:05:55Z "When you change `$pagination_base`/`$comments_pagination_base` for `WP_Rewrite` instance to string with ASCII characters, it works as expected. But when you change to non-ASCII string, it doesn't work because it redirects from `/<pagination_base>/2` to `/<pagination_base>/2/<pagination_base>/2` which returns 404. If you use `rawurlencode()` on that string, it again works as expected. So, in short: `$GLOBALS['wp_rewrite']->pagination_base = 'something';` - works `$GLOBALS['wp_rewrite']->pagination_base = 'чџш';` - doesn't work `$GLOBALS['wp_rewrite']->pagination_base = rawurlencode( 'чџш' );` - works This doesn't apply to other bases, they work without `rawurlencode()`, for example: `$GLOBALS['wp_rewrite']->author_base = 'гдђ';`" dimadin Tickets Awaiting Review 59022 Bulk Action Issue For Plugin Component Plugins normal normal Awaiting Review defect (bug) new has-patch 2023-08-09T12:39:29Z 2023-08-10T05:31:03Z "When a user chooses a bulk action to enable and disable an auto-update plugin in the plugin field, it doesn't operate as intended. Likewise, if all plugins are set to auto-update by default and the user chooses to enable auto-update in the bulk action selection, the action instead does an enable to deactivate auto-update. https://www.awesomescreenshot.com/video/19806536?key=c795fd47ff5abdbfcb54f4499cebd0f0" harsh175 Tickets Awaiting Review 44854 Bulk action missing/hidden on taxonomies Taxonomy 3.8 normal minor Awaiting Review defect (bug) new has-patch 2018-08-28T06:20:44Z 2021-11-09T15:16:06Z "I have found this issue on mobile. When I go to taxonomies like category/tags the bulk action on top of the table is missing. After inspecting it I found that it is getting hidden using CSS. We can make it visible there because if someone wants to bulk delete then they have to select from top and then have to scroll down to do so. Just because it is hidden using CSS still there are CSS rules putting margins and all there. For this we have to remove this css only: {{{ @media screen and (max-width: 782px){ .form-wrap>p, .tablenav .view-switch, .tablenav.top .actions, .tablenav.top .displaying-num, .tablenav.top .tablenav-pages.one-page { display: none; } } }}} This will explain what I want to say : https://screencast-o-matic.com/watch/cFju1nqupU Also here I am seeing that search box is at bottom we can put it just before the table." poojasahgal Tickets Awaiting Review 51446 CORS issues with QUnit while running tests Build/Test Tools 5.5 normal normal Awaiting Review defect (bug) new dev-feedback 2020-10-05T04:01:48Z 2020-11-10T02:05:09Z "Hello, For a while I've been having an error when running `grunt test` with the qunit tests; {{{ Running ""qunit:files"" (qunit) task Testing tests/qunit/compiled.html ......................................................................................................................................................................................................................................................................................................OK Testing tests/qunit/index.html Access to XMLHttpRequest at 'file:///wp-admin/admin-ajax.php' from origin 'null' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https. Failed to load resource: net::ERR_FAILED ......................................................................................................................................................................................................................................................................................................OK >> 588 tests completed with 0 failed, 0 skipped, and 0 todo. >> 1738 assertions (in 8024ms), passed: 1738, failed: 0 }}} Looking into this a little I was able to resolve these by updating the `tests/qunit/index.html` to use localhost for the ajax urls. Uploading patch but am unsure if it's the correct action, seems to work nicely for me at least and suppresses the error." garrett-eclipse Tickets Awaiting Review 43759 CS: Fix violations for wp-includes/class-wp-comment-query.php Comments normal normal Awaiting Review defect (bug) new has-patch 2018-04-13T11:46:50Z 2020-10-16T00:46:01Z Working on a patch for this during WordCamp London, currently. jipmoors Tickets Awaiting Review 54475 CSS Selector in block-library css will broke SVG scaled text rendering in Chrome 96 (Win 10, Win 11, Mac OS) Editor 5.8.2 normal major Awaiting Review defect (bug) new 2021-11-19T16:31:48Z 2021-11-22T12:52:34Z "**Issue:** We detected wrong rendered SVG Text elements in Google Chrome 96. Our svg map solution is embedded in a wordpress based website of our client. We detected moving ""shop numbers"" in our map solution, if the map is embedded in the wordpress website. As soon as the user changes the zoom of the map the shop numbers will be rendered out of sync with the other svg parts. We tracked the issue down to the following css file: wp-includes/css/dist/block-library/style.min.css The selectors used in the blocks {{{ .wp-block-table table[style*=border-style]>*, .wp-block-table table[style*=border-style] td, .wp-block-table table[style*=border-style] th, .wp-block-table table[style*=border-style] tr { border-style: auto } .wp-block-table table[style*=border-width]>*, .wp-block-table table[style*=border-width] td, .wp-block-table table[style*=border-width] th, .wp-block-table table[style*=border-width] tr { border-width: auto } }}} will cause the issue. Reduced to the exact selectors: {{{ .wp-block-table table[style*=border-style]>*, }}} and {{{ .wp-block-table table[style*=border-width]>*, }}} or simplified: {{{ *[style*=x]>* {} }}} We were also able to reproduce the issue in our test system: Map without the critical selector: https://db-ek-preview.d-ssl.de/preview/station_bonn.html Map with the critical selector (style selector used in header): https://db-ek-preview.d-ssl.de/preview/station_bonn_broken_chrome.html **Steps to reproduce:** 1. Open website: https://www.einkaufsbahnhof.de/dresden-neustadt/lageplan or https://db-ek-preview.d-ssl.de/preview/station_bonn_broken_chrome.html 2. Scroll to map view 3. Zoom in or out by mouse wheel / drag gesture / controls **Current behavior:** numbers within the circles in to of the shopping areas will be drawn outside of the circle **Expected behavior:** shop numbers drawn in sync with white circles **Note** Window resize by 1px or more will trigger svg area render updates, which will fix the issue until next zoom action. **Test result:** Affected systems * Win 11 - Google Chrome 96 * Win 10 - Google Chrome 96 * Mac OS 12 - Google Chrome 96 Not affected systems * Mac OS 12 - Safari 15.1 * Mac OS 12 - Mozilla Firefox * Win 10 - Google Chrome 95 * Mac OS 11 - Google Chrome 95 * Win 10 - Edge 95 Beta * Win 10 - Edge 94 * Android 11 (Pixel 5) - Google Chrome * Android 11 (Huawei P30 Pro) - Google Chrome * iOS 15.1 (iPad Pro 10,5) - Safari I know the bug is a Google Chrome Browser issue in v96 and I will report the issue to Google Chrome team too. But I report this issue to WordPress core team too, to trigger a workaround for WordPress, because I think the Google Chrome team will not prioritize this issue." dashart Tickets Awaiting Review 55509 CSS conflict in Custom Fields table Editor 5.9.1 normal normal Awaiting Review defect (bug) new has-patch 2022-03-31T21:33:26Z 2022-04-29T09:49:44Z "When using the [https://wordpress.org/support/article/custom-fields/ Custom Fields] feature, there are two conflicting CSS styles. More specifically the background-color in the following CSS bit: {{{ #postcustomstuff table { margin: 0; width: 100%; border: 1px solid #dcdcde; border-spacing: 0; background-color: #f6f7f7; } }}} with the background-color in the following CSS bit: {{{ .alternate, .striped > tbody > :nth-child(2n+1), ul.striped > :nth-child(2n+1) { background-color: #f6f7f7; } }}} resulting in all rows of the table in div#postcustomstuff to have the same background color (#f6f7f7)" princeofabyss Tickets Awaiting Review 55663 CSS theme and features themes is buggy Networks and Sites 5.9.3 normal normal Awaiting Review defect (bug) new 2022-05-03T09:19:07Z 2022-05-03T09:19:07Z "Hello, To explain my problem, I created a multi-site network and I want to use a theme, or even divi, the WordPress CSS is buggy. Then I installed Divi (the theme) and when I go to validate my license (in the options), there is no divi css, but this: https://prnt.sc/ElUkmp_zXBPW But even with the default theme ""Twenty Twenty-Two"", I have this same problem: https://prnt.sc/j1BRIO8yU85I While on the main site, there are no CSS bugs. Is this normal, is it still recommended to use the network? Thank you for your reply" valentindu62 Tickets Awaiting Review 57973 Can not delete custom template when name contains non-Latin characters REST API 6.1.1 normal normal Awaiting Review defect (bug) new has-patch 2023-03-23T14:23:48Z 2023-03-26T16:14:09Z "I can create a custom template whose name contains non-Latin characters. But when I delete this template. It failed without any message in the front-end. I can only find out the error message in the developer tools. The ajax post request '/wp/v2/templates/theme_name//template_name' returns 404. I think the problem is caused by the two slashes before none-Latin template_name. To reproduce: 1. create a new template with non-Latin characters in post editor. 2. save the template, re-enter a post editor. 3. choose the template, and click 'edit template'. 4. open your browser's developer tools with the network tab. 5. click 'delete template', then you will see the 404 error in your developer tools." funway Tickets Awaiting Review 56728 Can we fix featured image view issue when allowed SVG image type? Posts, Post Types 6.0.2 normal normal Awaiting Review defect (bug) new 2022-10-04T09:17:51Z 2022-10-04T09:17:51Z "Hi, I am facing issue when allowing to upload SVG image on wordpress media. You can see mentioned SS. Thank you " sumitsingh Tickets Awaiting Review 42751 Can we please enqueue media-views independently ? Media 4.9 normal normal Awaiting Review defect (bug) new 2017-11-29T22:14:11Z 2023-10-18T16:16:58Z "Many of theme developers are styling mediaelement to their preference and this is a first step when they do so; {{{ /* * use theme mediaelement CSS */ wp_deregister_style('mediaelement'); wp_deregister_style('wp-mediaelement'); }}} that disables the default CSS and lets us use our own. Issue with this is that buttons, imgareaselect and media-views CSS files depend on these and if anyone is using a frontend page builder or anything that needs media library in frontend, these 3 CSS files are not present. My first tought was {{{ /* * since we have deregistered medialement style * make sure media dependencies are loaded * in case of frontend editros */ if( is_user_logged_in() ){ wp_enqueue_style( 'buttons' ); wp_enqueue_style( 'imgareaselect' ); wp_enqueue_style( 'media-views' ) ; } }}} but to my surprise media-views which is a key CSS file for media library is not loading since it is a dependent. I know that I can do the direct enque but since we have a handle we should be able to use it independently from other styles. While we are at it, why are we loading mediaelement CSS files at the bottom of body http://prntscr.com/hh0808 ? CSS files should always be in head. " Themezly Tickets Awaiting Review 52930 Can't close Insert/Edit Link Pop Up when Editting a Comment Comments 5.7 normal normal Awaiting Review defect (bug) new 2021-03-28T07:25:12Z 2021-03-28T07:44:01Z "Hi! Today I tried to insert a link using the link button while editing a comment of mine on my own website, using the back end. I can add as many links as I want, but I can't close the pop up with mouse or keyboard, by clicking on the X or Cancel. " thesimarchitect Tickets Awaiting Review 42248 Can't create category slug with same name for different parents Permalinks 4.9 normal normal Awaiting Review defect (bug) new dev-feedback 2017-10-17T13:11:38Z 2017-10-25T12:52:46Z "Issue with same category slug creation even though both have different parent category. For example I have structure like this wanted to build up. Cars - Category Toyota & Maruti - Subcategory of Cars Parts - Subcategory of Toyota & Maruti /cars/toyota/parts /cars/maruti/parts Wordpress isn't allow it. See attached screenshot." ashokrd2013 Tickets Awaiting Review 59332 Can't customize search in header General 6.3.1 normal normal Awaiting Review defect (bug) new 2023-09-12T19:52:07Z 2023-10-05T14:35:32Z "The search block can't be customized when added to the header navigation. It can be added, but when any customizations are selected, such as ""Change button position"" -> ""No button"", the search box only flickers and nothing changes. This applies to any change I try to make from the toolbar. To reproduce problem: 1. Go to Appearance -> Template Parts 2. Select Header 3. Add navigation block, and add search box to end of nav 4. Try to customize the search block I'm using: - WordPress version 6.3.1; Gutenberg plugin is not installed, tested on custom theme, and Twenty Twenty-Two - Happening in both Chrome and Edge browsers - Using desktop with Windows 11 GIF of issue: https://imgur.com/a/PYccoLh" christinameyne Tickets Awaiting Review 42572 Can't delete custom taxonomy tags from a post Taxonomy 4.9 normal normal Awaiting Review defect (bug) new 2017-11-16T07:17:40Z 2017-11-16T07:17:40Z "Symptoms are the same as #39388: I can add terms in my custom taxonomy to a post, but I can't remove them. I'm not using any of the filters mentioned in that ticket. Based on logging all SQL queries on saving a post, it looks like removing a category triggers a query like: {{{ DELETE FROM wp_term_relationships WHERE object_id = 1470 AND term_taxonomy_id IN ('7') }}} No DELETE query at all is running when I try to remove the custom taxonomy, so it's not a malformed query. Same problem whether I'm using the classic editor, the quick editor, or Gutenberg. As a further wrinkle, in the classic editor, my terms don't even show up in the checkboxes in the sidebar (all of them are unchecked), though they do show up on the front end, in the quick editor, and in Gutenberg. This didn't always happen, but I don't recall the version it started with. Disabling all plugins doesn't fix it, neither does clearing out my functions.php entirely, and neither does changing 'hierarchical' to false. My arguments for registering the taxonomy are as follows: {{{ $args = [ 'labels' => [ /* a bunch of strings */ ], 'public' => true, 'hierarchical' => true, 'show_in_rest' => true, 'rewrite' => ['hierarchical' => true], 'query_var' => 'idea' ]; }}}" thrica Tickets Awaiting Review 55827 Can't drag and drop block into empty column in list view Editor 6.0 normal normal Awaiting Review defect (bug) new 2022-05-25T13:35:05Z 2022-06-02T14:33:26Z When editing a page and using the List View to see the blocks, you can't drag and drop a block into an empty column. Only if there is already a block in a column can you drag and drop any other block into it in List View. You can, however, drag and drop a block into an empty column on the page itself. bhammondCVL Tickets Awaiting Review 28568 Can't get private posts/pages via WP_Query when not logged in as administrator Query 3.9 normal normal Awaiting Review defect (bug) reopened 2014-06-17T18:44:59Z 2019-03-22T14:10:01Z "I want to use WP_Query to display content of one private page on some place in a template. {{{ // ... theme template sidebar.php, for example <?php $the_query = new WP_Query( array( 'page_id' => 25, 'post_status' => 'private' )); // page #25 is set to ""private"" if ($the_query->have_posts()) { // ... nope, no posts for you today while ($the_query->have_posts()) { $the_query->the_post(); the_content(); } wp_reset_postdata(); } ?> }}} But it only works when I am logged in as administrator. When I am not logged in, and print_r() the $the_query, there is ""request"" index filled with: {{{SELECT wp_posts.* FROM wp_posts WHERE 1=1 AND wp_posts.ID = 25 AND wp_posts.post_type = 'page' AND ((wp_posts.post_status = 'private')) ORDER BY wp_posts.post_date DESC}}} Querying database with it directly in PHPMyAdmin, it returns one row as expected (page ID 25 row). But template loop does not anything. ""Posts"" index in $the_query is empty. I have expected WP_Query works like ""just give me anything I want (defined by the arguments)"" ... and I want page with ID 25. " mklusak Tickets Awaiting Review 39495 Can't navigate to subsite without logging in again. Networks and Sites 4.7 normal normal Awaiting Review defect (bug) new 2017-01-05T23:50:39Z 2017-05-02T04:05:13Z "In a multi-site configuration, as a Super Admin user, log in to the root site. Then navigate to the dashboard of a subsite. Expected result: navigate to the subsite unhindered. Actual result: prompted to log in before navigating to the subsite. Problem occurs when we use WP Core 4.7. Problem does not occur on WP Core 4.6. Problem occurs when all plugins are deactivated and uninstalled. Problem occurs on more than one theme." davidmlentz Tickets Awaiting Review 55600 Can't save registered post meta field of type string that equals registered default value via REST API Options, Meta APIs normal normal Awaiting Review defect (bug) new 2022-04-21T13:47:24Z 2022-04-21T13:47:24Z "== Current behaviour Currently if you register a post meta key as string and set a default value: {{{ register_post_meta( 'my_cpt, 'my_meta', [ 'show_in_rest' => true, 'single' => true, 'type' => 'string', 'default' => 'foo' ] ); }}} and then save the default value it is not actually being written to the database. If you save any other type, e.g. a boolean {{{ register_post_meta( 'my_cpt, 'my_meta', [ 'show_in_rest' => true, 'single' => true, 'type' => 'boolean', 'default' => true ] ); }}} it is being written to the database. Also not saving via the REST API, but via `update_metadata()` works for strings. == What seems to happen The problem seems to happen like this: - Post meta is only saved if it differs from the currently stored value. - So before saving each field the new value is compared with the stored value. - When doing so the assumption is (rightfully) that all stored data is a string since that is how post meta is stored in the DB. - If the key doesn't exist though, the comparison happens with the default value. - The default value though isn't necessarily a string, but is handled as such in the strict equality check. - So the strict equality check fails on anything but a string field. **-> String fields can't save the default value, anything else can.** == How did it come to this? I am not absolutely sure what is actually the intended behavior, but I assume if there is nothing stored in the DB the value should be saved, even if it equals the default. I assume this because the behavior of `update_metadata()` [https://core.trac.wordpress.org/changeset/48402 got changed] to only consider DB data, not default values for the comparison by retrieving the stored data using `get_metadata_raw()` instead of `get_metadata()`. `WP_REST_Meta_Fields` duplicates some of the checks in `update_metadata()` ([https://github.com/WordPress/wordpress-develop/blob/14d9ca8da64688f799695eb9683e6ac8166cd4ee/src/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php#L382 even explicitly states that in a comment]) but `WP_REST_Meta_Fields::update_meta_value()` (and some other places in that class) didn't get the change to use `get_metadata_raw()` instead of `get_metadata()`. I assume this got overlooked when introducing the default metadata values in https://core.trac.wordpress.org/changeset/48402 It seems that replacing get_metadata with get_metadata_raw in that class should fix the issue, but I haven't found time yet to prepare a patch, so I thought I'd at least document the issue for now to see if someone else finds time for a fix before me." kraftner Tickets Awaiting Review 42794 Can't upload new media files when multiple media dialogues are present on a single page Media 3.7.19 normal normal Awaiting Review defect (bug) new has-patch 2017-12-04T16:01:05Z 2018-01-19T09:44:09Z "'''Layman error description''': When there are more than one Inline Media Uploader on a page in the Admin, and one tries to upload a new image or file to the Media Library, the upload gets stuck and the image is never inserted into the media library (see attached screenshot). This happens to me when using the post-types-definitely plugin to create multiple media fields in a CPT. The exact same error (including error messages) has been described before ([https://wordpress.org/support/topic/js-bug-prevents-uploading-media-in-pagepost-editor/?replies=11#post-6860868] and https://wordpress.org/support/topic/error-uploading-media-in-post-if-yoast-is-active/#post-6922117), and even though there it was related to a plugin combination, it is not in my case. The workaround proposed there is not applicable to my case and the error source I found has nothing to do with plugins.[[BR]][[BR]] '''Technical error description''': When examined in the Firefox Developer Tools, the console shows the error `TypeError: this.$index is undefined`. In Chrome, the error is `Cannot read property 'text' of undefined`. Both of them point to `wp-includes/js/media-views.js:UploaderStatus.info()` [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/media-views.js?rev=40359#L8361][[BR]][[BR]] '''Technical analysis''': Upon closer inspection of the code, the problem seems to be as follows: When we upload a file (by clicking Ok on the OS file dialogue), a callback handler calls info() on each UploadStatus object belonging to a loaded media dialogue. The method info() relies on the fact that normally, the method ready() on the same UploadStatus object is called before the call to info(). ready() uses JQuery to set (amongst others) the member variable $index inside the UploadStatus object. info() then tries to access this.$index on all UploadStatus objects and set their contents using the JQuery text() function. However, since ready() is not called before a media dialogue is opened for the first time, and our opened dialogue calls info() on all media dialogues, the access to this.$index fails in the unopened UploadStatus objects, throwing the above Javascript Error and making the script abort, therefore freezing the upload progress bar.[[BR]][[BR]] '''Workarounds''': This analysis is confirmed by the fact that when I open all media dialogues on the page at least once before uploading an image in any of them, uploading works as expected (because all of the UploadStatuses are ready() and have their $index member variable defined). A workaround for the problem is to just use the inline media dialogues for selecting existing media from the media library, and using the Media->New menu to actually upload any files. The error happened in all Wordpress versions I tested (since 4.8.3).[[BR]][[BR]] '''Proposed solution''': I can see a number of different solutions for this problem. The best one would be to only call info() on the UploadStatus belonging to the opened media dialogue. However, the info() calls are performed via a single event trigger ([https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/media-views.js?rev=40359#L8289]) that all info() methods subscribe to in the UploadStatus.initialize() function (relevant for this bug is the `""add""` trigger), and this trigger cannot distinguish its subscribers. Therefore I propose to instead call ready() at the end of the initialize() function. This way, ready() is only called once more than before per media dialogue and page load, and we can be certain that info() is only called on UploadStatuses that are ready()." carlobeltrame Tickets Awaiting Review 39496 Can't view page preview. General 4.7 normal normal Awaiting Review defect (bug) new 2017-01-05T23:55:18Z 2017-04-15T20:19:15Z "Clicking any Edit link on the list of published pages (wp-admin/edit.php?post_status=publish&post_type=page), and then clicking the Preview Changes button on the edit page, I'm unable to preview the page. Instead I'm presented with the error message ""Sorry, you are not allowed to preview drafts."" Expected result: Clicking the Preview Changes button shows me the page, including the WP Admin bar. Actual result: Clicking the Preview Changes button shows me the error message ""Sorry, you are not allowed to preview drafts."" Problem occurs when we use WP Core 4.7. Problem does not occur on WP Core 4.6. Problem occurs when all plugins are deactivated and uninstalled. Problem occurs on more than one theme." davidmlentz Tickets Awaiting Review 55200 Cannot add caption to images on mobile Media 5.9 normal normal Awaiting Review defect (bug) new 2022-02-19T01:05:50Z 2023-06-14T11:45:43Z On the mobile view of the admin section you cannot add ally text, captions, or descriptions to media uploads vincepettit Tickets Awaiting Review 42150 Cannot edit links with visual editor on chromium-based browser General 4.8.2 normal normal Awaiting Review defect (bug) new 2017-10-08T13:40:22Z 2017-10-10T21:06:31Z "Hi, When I'm trying to edit links with visual editor on any chromium-based browser (Opera, Vivaldi and Google Chrome), the editor doesn't respond at all [[Image(https://thumbs.gfycat.com/InfamousContentArchaeocete-size_restricted.gif)]] But at the same time the link editor works perfectly on Microsoft Edge and Mozilla Firefox" 3liwa Tickets Awaiting Review 40609 Cannot register an application/foo+xml mime type without also registering application/xml Upload normal normal Awaiting Review defect (bug) new 2017-04-30T04:05:08Z 2017-06-01T19:21:11Z "In wp_check_filetype_and_ext() there is a block that uses finfo_file to sniff the mime type of a file. When registering an application/foo+xml type the returned type from finfo_file is application/xml so to allow application/foo+xml using the upload_mimes filter one must also allow application/xml otherwise this real_mime check fails. It seems like the check should allow the original mime type if the real_mime is application/xml and the $mime is of the form application/foo+xml" paulsowden Tickets Awaiting Review 53395 Cannot use wp_is_mobile() in Network activated plugins Plugins normal normal Awaiting Review defect (bug) new 2021-06-14T10:31:25Z 2021-06-14T21:56:30Z "Steps to reproduce - Create a network site - Create and activate a simple custom plugin, use wp_is_mobile() function anywhere in that plugin - Login to the network dashboard and then activate the plugin You will see an error: Uncaught Error: Call to undefined function wp_is_mobile() Looking at the source code of wp_is_mobile(), I can't see anything that would prevent it from loading earlier. Maybe it should be loaded earlier? " promz Tickets Awaiting Review 37775 Capabilities inconsistence when registering CPT Posts, Post Types normal normal Awaiting Review defect (bug) new 2016-08-22T21:52:54Z 2019-04-25T10:57:20Z "When registering CPT I can define `capabilities`, and some of them can be ""turned off"", so I can disable, for example, creating a new CPT object with `'create_posts' => false`. But here is the interesting part: {{{ 'delete_post' => null, 'delete_posts' => false, }}} To prevent deletion, I need to specify exactly like above, otherwise I will get notices from WP. In my opinion, we should have 1 approach, like `false`" slaFFik Tickets Awaiting Review 18209 Capabilities with misplaced dependencies in edit_theme_options Menus 3.2.1 normal normal Awaiting Review defect (bug) assigned has-patch 2011-07-22T06:33:07Z 2022-08-04T10:00:18Z "When setting capabilities for other groups, the user is unable to add to theme options with just '''edit_theme_options''' if they do not also have '''edit_posts''' capabilities. The user will be able to delete things like menu elements, but may not add them without this flag. == How to reproduce; == Edit capabilities of group removing all '''POSTS''' to hide the Posts Dashboard pages (works by just removing '''edit_posts''' as well). Give group '''edit_theme_options''' capabilities to edit their own menus. Users may now access the Theme Options, and may delete objects. User can add menu items to the preview, but once they Save these, the changes are not committed without the edit_posts permission." Clorith Tickets Awaiting Review 50252 Capability issue with admin menu Role/Capability 5.4.1 normal normal Awaiting Review defect (bug) new 2020-05-26T04:20:02Z 2023-06-24T05:55:23Z "An answering of a question on Stack Exchange ([https://wordpress.stackexchange.com/questions/367518/how-do-i-code-access-to-the-built-in-ui-of-a-cpt-when-its-placed-as-submenu-of]) led to the reporting of this bug. Please refer to it for further explanation and coding examples. When a custom post type is registered, the {{{show_in_menu}}} option allows for the UI link of the custom post type to be nested under the menu of a second custom post type. However, if the user is authorized to view/edit the first post type, the UI of said nested post type is unavailable if the user does not also possess the capabilities required of the post type represented in the parent menu. The bug is this: the admin menu is properly displaying the links to pages which the user is capable of viewing, but the user is not permitted to access those pages. The same can be said of any page whose link is nested in the admin menu under a page which the user does not possess the required capabilities of that parent." mort1305 Tickets Awaiting Review 45076 Category counter is not updated Taxonomy normal normal Awaiting Review defect (bug) new dev-feedback 2018-10-11T06:08:01Z 2018-12-09T21:13:46Z "When we create new category from admin panel category successfully added in right category panel but it's counter is not updated. Suppose i have create five category like !''Category 1!'', !''Category 1.1!'', !''Category 2!'', !''Category 2.1!'', !''Uncategorized!'' system show counter as 5 items but when i create new category called !''Category 3!'' it will added successfully in category list but total counter still show 5 items it should show 6 items but when i refresh that page it show counter as 6 items. Check video https://youtu.be/rBmziC5_0XQ" mukesh27 Tickets Awaiting Review 50498 "Change ""html"" to ""HTML"" in atomlib.php" Feeds normal normal Awaiting Review defect (bug) new has-patch 2020-06-28T16:47:35Z 2021-01-22T11:18:44Z "Follow #50473, there is a string in {{{wp-includes\atomlib.php}}} https://core.trac.wordpress.org/browser/tags/5.4/src/wp-includes/atomlib.php#L217 {{{ Invalid content in element found. Content must not be of type text or html if it contains markup. }}} " man4toman Tickets Awaiting Review 60799 Change the Header Tag in Link Modal from <h1> to <h2> for Better Accessibility Editor 6.4.3 normal normal Awaiting Review defect (bug) new 2024-03-18T15:38:57Z 2024-03-26T20:04:49Z "=== Problem: Currently, the WordPress link insertion modal in the text editor uses an <h1> tag for its title (""Insert/edit link""). This can create accessibility issues, as multiple <h1> tags on a single page can confuse screen readers and undermine the semantic structure of the content, potentially leading to a poor user experience for people with disabilities. === Proposed Solution: I suggest changing the <h1> tag in the link insertion modal to a <h2> tag, or alternatively to a <span> tag if the heading level is not appropriate in the context of the modal's use. This change would improve the semantic HTML structure and enhance accessibility by maintaining a proper heading hierarchy. === Justification: According to the HTML5 specification and accessibility guidelines, a page should have a clear and logical heading hierarchy. The main content should start with an <h1> tag, followed by <h2>, <h3>, and so on. The current use of an <h1> tag in the link modal disrupts this hierarchy, especially since this modal can appear on any page regardless of the existing heading structure. Implementing this change will make WordPress more accessible and compliant with WCAG (Web Content Accessibility Guidelines) standards, which is crucial for users relying on screen readers and for SEO best practices. === Steps to Reproduce: 1. Go to the WordPress text editor. 2. Click on the 'Add link' button to open the link insertion modal. 3. Inspect the modal's title element, which is currently marked up as an <h1>. === Possible Implementation: The change can be implemented by modifying the HTML structure in the core WordPress files where the link modal is defined. Additionally, testing should be conducted to ensure that this change does not affect the modal's functionality and that it enhances the accessibility as intended. I am looking forward to the community's input on this proposal and am happy to contribute to the implementation and testing phases. " lyonmuller Tickets Awaiting Review 59337 Change the escape esc_attr() to esc_url() General normal normal Awaiting Review defect (bug) new has-patch 2023-09-13T11:51:04Z 2023-09-14T05:41:00Z "Change the esc_attr() function to esc_url() in ""wp-admin/user-edit.php""" truptikanzariya Tickets Awaiting Review 47732 Change user email link Users 5.2.2 normal normal Awaiting Review defect (bug) new 2019-07-18T13:33:17Z 2019-08-30T11:23:08Z "If you are not logged in, Email doesn't change when you click on confirm link in the email. Steps to reproduce: 1. From Users > profile add new email address 2. Log out of your wp-admin 3. Open the received email and click on the link to confirm the change 4. wp-admin asks for login, you input your username/password and click login the email address is not changed. Another example, where I used 2 devices (mobile and pc): 1. From Users > profile add new email address 2. Switch to another device/browser where you are not logged into your site 2. Open the received email and click on the link to confirm the change 3. wp-admin asks for login, you input your username/password and click login the email address is not changed. I figured out that clicking the confirm link again while logged in does in fact change the email address. Which might be a security feature that checks if the user that is trying to change email address is logged in, but shouldn't this work also after the user logs in?" stefanpejcic Tickets Awaiting Review 37645 Changes made to certain is_*() functions generates PHP Notices when arrays or objects are present Query 4.5 normal normal Awaiting Review defect (bug) new has-patch 2016-08-12T16:12:38Z 2021-07-23T10:35:28Z "The patch added by #35902 can generate PHP Array to string conversion notices if an array is passed that contains sub-arrays or objects that don't implement `__toString()`. The supplied patch applies the `strval` conversion taking those special conditions into account. Functions affected: is_attachment() is_author() is_category() is_tag() is_page() is_single() I came across this using plugin I built which adds custom data, in the form of an array, to the WP_Post object for my templates to use. When `strval` is run (by post_class() calling is_attachment()) it throws notices when it comes across the arrays." Enchiridion Tickets Awaiting Review 54040 Changing element text or background color should only affect color Editor 5.8 normal normal Awaiting Review defect (bug) new 2021-08-31T11:40:02Z 2021-09-07T13:33:39Z "Page elements get unintended padding when changing background or font color, violating the [https://en.wikipedia.org/wiki/Principle_of_least_astonishment principle of least astonishment]. In effect, the end-user is expecting that a change to the background color would have only one outcome. Instead, there is a second side-effect where the element gets padding. Padding is added to many elements via CSS selectors that mostly target "".has-background,"" such as the following. - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/heading/style.css#L76-L78 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/heading/style-rtl.css#L76-L78 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/list/style.min.css#L1 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/list/style-rtl.min.css#L1 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/group/_editor.scss#L18-L23 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/list/style-rtl.css#L72-L74 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/list/style.css#L72-L74 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/paragraph/style-rtl.css#L101-L103 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/paragraph/style.css#L101-L103 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/rss/_editor.scss#L104-L107 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/rss/_style.scss#L104-L107 - https://github.com/WordPress/WordPress/blob/8a11188d0f5728bc9bbdf331ff9174d45b1768a6/wp-content/themes/twentytwentyone/assets/sass/03-generic/vertical-margins.scss#L159-L161 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/paragraph/_editor.scss#L4-L6 - https://github.com/WordPress/WordPress/blob/1a7033e75ff6b5911b2b9d34ceee38e80084b85e/wp-content/themes/twentytwentyone/assets/sass/05-blocks/query-loop/_style.scss#L3-L8 - https://github.com/WordPress/WordPress/blob/1a7033e75ff6b5911b2b9d34ceee38e80084b85e/wp-content/themes/twentytwentyone/assets/sass/05-blocks/query-loop/_editor.scss#L3-L7 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentytwentyone/assets/sass/05-blocks/paragraph/_style.scss#L6-L8 - https://github.com/WordPress/WordPress/blob/0a2b52dfeb4e28e4ff3714899a2890a779c3748f/wp-content/themes/twentytwentyone/assets/sass/05-blocks/latest-posts/_style.scss#L112-L115 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/preformatted/style.css#L75-L77 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/preformatted/style-rtl.css#L75-L77 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/group/editor.css#L83-L86 - https://github.com/WordPress/WordPress/blob/8df663cbfafedd6e594c3df8101e6085dfe18035/wp-includes/blocks/group/editor-rtl.css#L83-L86 - https://github.com/WordPress/WordPress/blob/c3ea09ebb8034be04f42e5aaf5f523cbead7e2a4/wp-includes/blocks/columns/style.css#L85-L87 - https://github.com/WordPress/WordPress/blob/c3ea09ebb8034be04f42e5aaf5f523cbead7e2a4/wp-includes/blocks/columns/style-rtl.css#L85-L87 - https://github.com/WordPress/WordPress/blob/0638de4c60de0d9cf800ca887177b67ba8ad68f0/wp-content/themes/twentynineteen/style-editor.scss#L868-L880 - https://github.com/WordPress/WordPress/blob/270f2011f8ec7265c3f4ddce39c77ef5b496ed1c/wp-content/themes/twentyseventeen/assets/css/editor-blocks.css#L496-L498" brylie Tickets Awaiting Review 40882 Characters omitted when copying and pasting from Word Editor 4.7.5 normal normal Awaiting Review defect (bug) new has-patch 2017-05-29T19:48:44Z 2020-11-24T06:28:05Z "I have been preparing WordPress pages by arranging the information in Microsoft Word 2016, and then copying it from Word and pasting it into WordPress. My pages almost all include citations that I've copied from Google Scholar and pasted into Word. I noticed recently that in the citations, the following characters would be missing: - the (nonbreaking) space that follows the italicized publication name - the volume number that follows after that - the period that follows after that When I first noticed this, I went back through 70+ pages and it looked like these characters had been omitted every time. Note that when this happened again on another page yesterday, I decided to report a bug. I had already deleted the Word source file, so I tried to reproduce the behavior with a small new Word file. I found that I was never able to reproduce this behavior. Today I saw this behavior again on yet another new page. This time I've saved the Word source file, and I've confirmed that this happened again when I copied and pasted again. Please fix this if at all possible. Copying and pasting is such a reliable operation normally in every modern application that it's fairly easy to not realize that in WordPress this operation introduces errors that need to be fixed. Thanks!" janthony636 Tickets Awaiting Review 58102 Check PHPcs Coding standard into the wp-includes folder General normal normal Awaiting Review defect (bug) new 2023-04-07T08:40:06Z 2023-04-11T18:10:33Z "Hello Team, I have reviewed the code and found a few errors in some of the below files. Please below files: Files: wp-includes/admin-bar.php wp-includes/option.php Thanks," viralsampat Tickets Awaiting Review 53298 Checking if wp-config-sample.php file exists before checking if wp-config.php exists Upgrade/Install 5.7.2 normal trivial Awaiting Review defect (bug) new dev-feedback 2021-05-29T20:34:43Z 2023-07-12T06:17:11Z "Currently in WordPress core, wp-admin/setup-config.php checks if wp-config-sample.php file exists before checking if wp-config.php exists. If the sample file exists, it then checks if the wp-config.php file exists, and if so, suggests deletion if necessary. For security, some WordPress users may delete the sample file, and restrict open_basedir for directory above that of the web root directory. Because of these two cases, the current order produces the follow error: `PHP message: PHP Warning: file_exists(): open_basedir restriction in effect. File(/var/www/example/wp-config-sample.php) is not within the allowed path(s): (/var/www/example/web:/var/www/example/private:/var/www/example/tmp:/tmp:...) in /var/www/example/web/wp-admin/setup-config.php on line 46` If the check for existence of sample file could be moved after checking if wp-config.php exists, we could avoid this error and avoid checking if sample file exists if wp-config.php does and not checking both if they both do. i.e. Moving the section commented `Support wp-config-sample.php one level up, for the develop repo.` to after the section commented `Check if wp-config.php exists above the root directory but is not part of another installation.` in `wp-admin/setup-config.php`" machineitsvcs Tickets Awaiting Review 55485 Clarify `wp_should_load_separate_core_block_assets()`, `block.json` script expectations Script Loader normal normal Awaiting Review defect (bug) new 2022-03-30T00:49:10Z 2023-10-25T10:27:44Z "In the `block.json` [https://github.com/WordPress/gutenberg/blob/45a8e6be0eb7fca87d64ce8140792b30e6bc4a20/schemas/json/block.json schema], the `script` property is described as: > ""Block type frontend and editor script definition. It will be enqueued both in the editor and when viewing the content on the front of the site."" From that description, I expect the `script` set in my block's `block.json` to load in the editor and on the front-end when my block is in use. I do not expect the script to load on the front-end when my block is not in use. If I activate TwentyTwentyTwo, everything works as expected. If I activate TwentyTwentyOne, my script appears on every front-end view, whether or not the block is loaded. The cause of this can be tracked to `wp_should_load_separate_core_block_assets()`, which has a short description of: > Checks whether separate styles should be loaded for core blocks on-render This implies at the beginning of the function documentation that the function will only apply to **core** blocks. The longer description helps a bit, but is muddied up in talking about core and third-party blocks separately when in reality it seems that they are treated the same. It mentions `block-library/style.css`, which itself implies this _might_ be talking about styles rather than all assets. The filter inside the function, `should_load_separate_core_block_assets`, defaults to `false` for themes that are not FSE and has a short description of: > Filters whether block styles should be loaded separately. The longer description refers only to ""core block assets"". ----- == Proposal My guess is that we can't just change the filter to default to `true`, though that would be ideal. :) I think the function docs could be clarified with something like: {{{ /** * Checks whether block assets should always load or only on-render. * * When this function returns true, block assets defined by the `script` and * `style` properties in `block.json` are loaded on-render. * * When this function returns false, these block assets are always loaded, * regardless of whether the block is rendered in a page. * * This only affects front end and not the block editor screens. }}} And the filter docs with something like: {{{ * Filters whether block assets should always load or load only on-render. * * Returning false loads all block assets, regardless of whether they are rendered * in a page or not. Returning true loads block assets only when they are rendered. }}} Previously #53505 " jeremyfelt Tickets Awaiting Review 59972 Clarify description of wp_script_add_data() General normal normal Awaiting Review defect (bug) new 2023-11-27T18:21:20Z 2023-11-27T18:21:20Z "The function description does not include `strategy` as a possible value for `$key`. Suggest to adjust to indicate function is a wrapper for `WP_Scripts::add_data()`, and then add possible values `conditional` and `strategy` to `WP_Scripts::add_data()` function description or parameter description. > This documentation does not make it very clear that this can’t be used for adding arbitrary values attributes to the script tag. It only supports ‘conditional’ or, more recently, a “strategy” value. > > For adding an alternate `type` attribute, for example, you’ll still need to use older strategies like the `script_loader_tag` filter. > > [https://wordpress.stackexchange.com/questions/387674/wp-script-add-data-doesnt-seem-to-work See this StackExchange post for details.] Reported by @mrwweb via User Contributed Notes." crstauf Tickets Awaiting Review 56039 Classic Editor: Current selection is not preserved when switching Visual to Text editor Editor normal normal Awaiting Review defect (bug) new has-patch 2022-06-22T11:58:49Z 2023-04-19T13:25:23Z "Plugin: Classic Editor == Problem In some cases (when formatting HTML attributes is disabled), the current selection when switching Visual to Text editor is not preserved. The selected text gets unselected and the editor does not jump to the previous selection position. This is because the regular expression is not appropriate. **Line 774 in `wp-admin/editor.js`** The regular expression to find the selection position is: {{{#!js var startRegex = new RegExp( '<span[^>]*\\s*class=""mce_SELRES_start""[^>]+>\\s*' + selectionID + '[^<]*<\\/span>(\\s*)' ); }}} This works well with: {{{#!xml <span class=""mce_SELRES_start"" style=""display: inline-block; ...""> }}} However, it does not work **when ""class"" is the last attribute**: {{{#!xml <span style=""display: inline-block; ..."" class=""mce_SELRES_start""> }}} ---- == Solution Changing `+`(1 or more) to `*`(0 or more) in the regular expression makes it work. `wp-admin/editor.js` **Line 775** {{{#!js '<span[^>]*\\s*class=""mce_SELRES_start""[^>]+>\\s*' + selectionID + '[^<]*<\\/span>(\\s*)' }}} ↓ {{{#!js '<span[^>]*\\s*class=""mce_SELRES_start""[^>]*>\\s*' + selectionID + '[^<]*<\\/span>(\\s*)' }}} **Line 779** {{{#!js '(\\s*)<span[^>]*\\s*class=""mce_SELRES_end""[^>]+>\\s*' + selectionID + '[^<]*<\\/span>' }}} ↓ {{{#!js '(\\s*)<span[^>]*\\s*class=""mce_SELRES_end""[^>]*>\\s*' + selectionID + '[^<]*<\\/span>' }}}" shge Tickets Awaiting Review 59978 Classic editor cursor control Editor 6.4 normal normal Awaiting Review defect (bug) new 2023-11-28T16:10:55Z 2023-12-19T15:42:56Z Since WordPress 6.4.1 or one version earlier, when pressing the cursor right or cursor left button in the block editor, the page simultaniously swaps several lines down or up. Most of the times the edited line is swapping out of sight and you are losing orientation on your work. jjb100 Tickets Awaiting Review 60107 Classic editor cursor control Editor 6.4.1 normal normal Awaiting Review defect (bug) new 2023-12-19T15:58:30Z 2023-12-19T15:58:30Z "Since wordpress 6.4.1 or a version before, the classic editor reacts strangely to keystrokes. If you press the ""cursor left"" or ""cursor right"" keys on the PC keyboard, the edited text always scrolls up or down several lines ""uncontrollably"". The edited line often disappears from the screen, so that you lose the orientation to your work. This happens under Windows 10 Pro regardless of the browser used (Firefox, Opera). " jjb100 Tickets Awaiting Review 41581 Cleared Comments stuck in moderation Comments 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-07T18:32:40Z 2018-08-31T23:57:30Z "I am the third person to report this issue, since it was first reported in June on the [https://en.forums.wordpress.com/topic/comments-stuck-in-moderation-queue-even-though-akismet-cleared-this-comment?replies=44 Dot Com Forum]. A Staff Member responded to the ticket, at the time, and stated that they would be filing a Bug Report, but we have not heard back. A third user reported the issue on the [https://wordpress.org/support/topic/comments-held-in-moderation-even-after-previously-approved-comment/#post-9388458 Dot Org Forum] 2 months and 2 weeks ago. Not all cleared users are getting their comments bumped into moderation. This is the case for all three of us. The only plugin the other dot org user and I have in common is the Akismet plugin and I disabled that to confirm that it didn't fix the problem. Please advise." fb2ts Tickets Awaiting Review 49291 Code issues with set_time_limit Revisions 5.3.2 normal normal Awaiting Review defect (bug) new 2020-01-25T23:24:12Z 2020-01-27T12:43:01Z "file: wp-admin\includes\ajax-actions.php function: `wp_ajax_get_revision_diffs` line: 3425 Issue: no time limit set Suggestion: set value to 120 file: wp-includes\class-pop3.php function: `__construct` line: 63 Issue: timeout value is not tested and can be set to 9999999 or a negitive value that acts the same as 0 Suggestion: Force a range for the value (1 to 120) " madpeter Tickets Awaiting Review 51781 Code not pulling website URL Users 5.5.3 normal normal Awaiting Review defect (bug) new 2020-11-15T18:45:42Z 2021-09-23T08:06:20Z "Hello people, I have activated the multisite network. And when a user signs up on one of the network’s sites (main site or subsite), that user receives an email with a confirmation link. After the user clicks on the confirmation link, he receives another email stating that his account is ok, and the signature of that email shows the code (###SITEURL###) that should call the URL of my site: https://prnt.sc/vjjaxz Thank you!" vejapixel Tickets Awaiting Review 39472 Code tag still parses embeds Embeds 4.7 normal normal Awaiting Review defect (bug) new 2017-01-04T20:55:45Z 2017-02-20T10:57:26Z "WordPress 4.7. The 'code' block in the WordPress editor behaves incorrectly. For example: {{{ <code>Test Test Another www.google.com http://www.google.com https://www.youtube.com/watch?v=JHw6LTuMkNQ Foxtrot Uniform Charlie Kilo </code> }}} Displays as normal code in the wp-admin, but once published it creates an embed on the page. This should not happen and the contents of the code block should be displayed without embeds." rmens Tickets Awaiting Review 59085 Command Palette - switching posts wrong url redirect for non FSE sites Posts, Post Types 6.3 normal normal Awaiting Review defect (bug) new 2023-08-12T12:24:23Z 2023-08-12T12:24:23Z "With the new update to WordPress 6.3, they introduced the command palette. This is great for quickly and easily switching between posts and other things. It is enabled for all sites (including sites not using a FSE theme) However, when trying to switch to a different post, it redirects me to: {{{/wp-admin/site-editor.php?postType=post&postId=12621}}} Which I then get the error: {{{The theme you are currently using is not compatible with the Site Editor.}}} The command should change the slug it tries to visit depending on if your site supports FSE or not. Either: {{{/wp-admin/post.php?post=12621&action=edit}}} or {{{/wp-admin/site-editor.php?postType=post&postId=12621}}} " tdrayson Tickets Awaiting Review 41037 Comment author can't edit their comment(s) if they aren't the post author Comments normal normal Awaiting Review defect (bug) new 2017-06-14T00:26:14Z 2019-11-22T11:42:32Z "In {{{map_meta_cap()}}}, the {{{edit_comment}}} meta capability is eventually mapped to {{{edit_others_posts}}} which results in comment authors not being able to edit their own comment(s) if their comment(s) are on a different user's post. Note 1: The issue is specific to the author role. The editor role doesn't see the issue because this role has the {{{edit_others_posts}}} cap. Note 2: The problem doesn't exist if the comment author is also the post author. This is because, in such cases, {{{edit_comment}}} is mapped to either {{{edit_published_posts}}} or {{{edit_posts}}}" henry.wright Tickets Awaiting Review 47393 Comment form submission with invalid fields incorrectly returns 200 OK response Comments 4.1 normal normal Awaiting Review defect (bug) new has-patch 2019-05-26T15:28:48Z 2020-10-25T04:31:58Z "This follows up on #11286. I just noticed that a bunch of error responses are returning 200 status code: * `comment_author_column_length` * `comment_author_email_column_length` * `comment_author_url_column_length` * `comment_content_column_length` * `require_name_email` * `require_valid_email` * `require_valid_comment` The origin of this seems to be this [https://core.trac.wordpress.org/ticket/11286#comment:44 comment]: > * Validation errors: 200. I agree completely w/bpetty. This isn't a 4xx error: the request was understood and the client received a response. I don't think this is right. Sure the request was understood, but it was understood to be incorrect. Should they not be 400 (Bad Request)? The argument against 400 was this [https://core.trac.wordpress.org/ticket/11286#comment:21 comment]: > The HTTP Specification says that 400 is for when ""the request could not be understood by the server due to malformed syntax"". So whilst this might be an appropriate response for invalid inputs (e.g. bad email address), I don't think it should be used in wp-includes/comment.php for duplicate comments and comment flooding. There 403 is more appropriate. Nothing here specifically arguing against using 400 for invalid fields. Also, more recently the REST API sends 400 status code responses in `\WP_REST_Comments_Controller::create_item()` for these errors: * `rest_comment_exists` * `rest_invalid_comment_type` * `rest_comment_content_invalid` * `rest_comment_author_data_required` * `comment_author_column_length` * `comment_author_email_column_length` * `comment_author_url_column_length` * `comment_content_column_length` * `comment_flood` The exceptions are `comment_duplicate` which returns [https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/409 409] (Conflict), and the generic DB error `rest_comment_failed_create` which returns with a 500 error code, as expected. For the length errors, a [https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/413 413] (Payload Too Large) code may be more specific. Also, for comment flooding, what about the status [https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429 429] (Too Many Requests)? The REST API should perhaps be updated to use this instead of 400. All this to say, to align with the REST API the comment form submission errors should use 400+ error codes instead of 200." westonruter Tickets Awaiting Review 54660 Comment is missing for the bulk_footer function Administration normal normal Awaiting Review defect (bug) new has-patch 2021-12-19T13:20:08Z 2021-12-19T16:26:16Z A comment is missing for the bulk_footer function in the file class-bulk-plugin-upgrader-skin.php yagniksangani Tickets Awaiting Review 55409 Comment link navigation positioning messed with comment, when i try option “break comment to 50 top level” Comments 5.9.2 normal normal Awaiting Review defect (bug) new 2022-03-17T03:51:08Z 2022-03-17T03:57:26Z "Navigation on comment positioning is messed up. Check my screenshot here. https://prnt.sc/ErlX_M6nLwxL and here https://prnt.sc/OwxWUUTdMW_T and here https://prnt.sc/XZcJsPknS5zo those screenshot is from my live site. everything is updated to latest version. i also try to test it on local environment, the issue persist. " mryudha Tickets Awaiting Review 48519 Comment reply form in admin incompatible with most custom fields plugins Comments 5.2.4 normal normal Awaiting Review defect (bug) new 2019-11-06T22:17:16Z 2019-11-06T22:17:16Z "If you are using any plugin that adds custom (meta) fields to comments the admin interface for replying isn't compatible. The front-end comment template includes various hooks for plugins to use. The admin however does not (at all). See: Front-end: `wp-invludes/comment-template` function: `wp_comment_reply()` from around line 2393 Admin: `wp-admin/includes/template.php` function `comment_form()` from around line 437 In my case it's a compatibility bug with required fields created by Pods. Within WP Admin it won't show the custom fields and this doesn't save any comments because required fields are not filled. Some missing hooks: Filters: - `comment_form_default_fields` - `comment_form_fields` - `comment_form_logged_in` (Not needed as it's in WP admin) - `comment_form_field_comment` - `comment_form_field_{$name}` - `comment_form_submit_button` (Not sure if this is desirable in WP admin) - `comment_form_submit_field` (Not sure if this is desirable in WP admin) Actions: - `comment_form_before` - `comment_form_must_log_in_after` (Not needed as it's in WP admin) - `comment_form_top` - `comment_form_logged_in_after` - `comment_form_before_fields` - `comment_form_after_fields` - `comment_form` " keraweb Tickets Awaiting Review 46713 Comment reply link uses inconvenient eventlistener Comments 5.1 normal normal Awaiting Review defect (bug) new has-patch 2019-03-29T09:04:48Z 2023-06-17T02:01:37Z "When comment-reply.js was rewritten recently the behavior of the reply-button changed. It now seems to use 'touchstart' as eventlistener which makes it really ""touchy"" to use on mobile. It's almost impossible to use scroll now since you always trigger the touchstart event which opens the reply-box." szandman Tickets Awaiting Review 40293 Comment template - warning Comments 4.8 normal normal Awaiting Review defect (bug) new has-patch 2017-03-29T07:15:59Z 2017-10-11T11:29:50Z "Hi, in the `comments_template` function, you are entering a divide-by-zero condition at line '''1379''' of the `wp-includes/comment-template.php` file. The line described above is like this. {{{#!php <?php $comment_args['offset'] = ( ceil( $top_level_count / $per_page ) - 1 ) * $per_page; ?> }}} I believe this will solve. {{{#!php <?php $offset = 0; if ( $top_level_count && $per_page ) { $offset = ( ceil( $top_level_count / $per_page ) - 1 ) * $per_page; } $comment_args['offset'] = $offset; ?> }}} I'm using a default install with theme Twenty Seventeen. Thank you!" victorfreitas Tickets Awaiting Review 46963 Comments meta box offset bug for custom comment types Comments normal normal Awaiting Review defect (bug) new has-patch 2019-04-17T13:13:39Z 2019-04-30T09:57:56Z "There is a conflict in the 'comments' meta box when used in combination with custom comment types. The `Show more comments` link loads duplicates, without an offset due to this line of code: https://github.com/WordPress/WordPress/blob/72979b167d913bf49745fa737654bdf6d13168de/wp-admin/js/post.js#L99 {{{ this.st = jQuery('#the-comment-list tr.comment:visible').length; }}} For custom comment types, the `comment` class may not exist. See how comment classes are generated here: https://github.com/WordPress/WordPress/blob/03240dd3f4442546562824bc6a10ed7c197bd6b2/wp-includes/comment-template.php#L466 {{{#!php <?php $classes[] = ( empty( $comment->comment_type ) ) ? 'comment' : $comment->comment_type; }}} You can see an example of this with WooCommerce which uses a comment type named 'review' (https://github.com/woocommerce/woocommerce/issues/23313). Because the comments out output without the `comment` class and instead they have a `review` class, the JS code fails to set the correct offset. Possible solutions: - Output `comment` class for custom comment types in addition to their custom class. - Revise jquery selector to be more generic e.g. count the `tr` elements instead." mikejolley Tickets Awaiting Review 42459 "Comments metabox doesn't load all the comments when clicking ""Show more comments"" link" Comments 4.8.3 normal normal Awaiting Review defect (bug) new 2017-11-07T18:04:17Z 2018-07-31T18:11:29Z "Recently, I found an issue related to the Comments meta-box on a post edit screen. To reproduce the bug, go to the article with a certain number of comments. Suppose there are 25 comments. Then go to the post edit screen, enable the comments and scroll down to view all the comments(you will see 10). Then click the link ""Show more comments"" at the bottom of the section. You will see the second part of the comments (10 again), and the link ""Show more comments"" will disappear. You may notice that you can't load the remaining comments(5). Why this happened? My short investigation below. I found that on my opinion there is a mismatch in amount of loaded comments between the ''commentBox'' object(`/wp-admin/js/post.js`) and comments meta-box init script(`/wp-admin/includes/meta-boxes.php`). First have a look at `/wp-admin/includes/meta-boxes.php:741` {{{#!php <script type=""text/javascript"">jQuery(document).ready(function(){commentsBox.get(<?php echo $total; ?>, 10);});</script> }}} As you can see there are 10 comments set to be loaded. Then go to `/wp-admin/js/post.js:42-45` {{{#!js if ( ! num ) num = 20; this.st += num; }}} As you can see there is default `num` value set to 20. Important: then commentBox.st was increased by a `num` value. But now have a look at ""Show more comments"" link onclick attribute. {{{#!php <a href=""#commentstatusdiv"" onclick=""commentsBox.load(26);return false;"">Show more comments</a> }}} As you can see `commentsBox.load(26)` call will update `commentBox.st` but then `commentBox.get(26, 20)` will be called (because `num = 20`). But to fit the init script(`meta-boxes.php`) it should be `commentBox.get(26, 10)`. My solution here is to set default `num` value to 10. So I guess `/wp-admin/js/post.js:42` should looks like this: {{{#!js if ( ! num ) num = 10; }}} Let me know if I missed something and we can't accept new default `num` value. I have tested it on my local end. It works well after I changed `num` default value to 10." rku4er Tickets Awaiting Review 45106 Concerns related to moving mce_external_plugins filter to WP_Scripts::__construct Script Loader 5.0 normal normal Awaiting Review defect (bug) new 2018-10-17T13:19:26Z 2019-01-16T22:59:17Z "In r43723 the `mce_external_plugins` filter was moved to a function called via `wp_default_scripts` which, in turn, is called from `WP_Scripts::__construct` (via `WP_Scripts::init`). While the `wp_default_packages_inline_scripts` function calling the `apply_filters( 'mce_external_plugins'` is only triggered in case the `did_action( 'init' )` returns true, there might be cases when the `WP_Scripts` object is being reinitialised after the `init` and thus code hooked to `mce_external_plugins` trying to enqueue or register a script causes an infinite loop, since the constructor of the `WP_Scripts` class is calling the filter, which calls the constructor again. This does not feel like something what would matter in 99% of time, but, for instance, this breaks core unit tests which are reinitialising the WP_Scripts object, eg.: `Test_WP_Customize_Selective_Refresh::test_register_scripts`. in case such a piece of code is being used. An example of a code used in a mu-plugin and breaking the mentioned test: {{{#!php <?php add_filter( 'mce_external_plugins', function( $plugins ) { wp_enqueue_script( 'somescript', plugins_url( 'someplugin/somescript.js' ), array(), false, true ); return $plugins; } }}} I think it should be easy to change the plugin in question, but this used to work perfectly fine up to recent changes to the script loading in r43723 and thus it might be considered being a regression." david.binda Tickets Awaiting Review 42164 Conditional Tags not working when using ugly URL Query 4.8.2 normal normal Awaiting Review defect (bug) new needs-unit-tests 2017-10-10T10:23:14Z 2017-10-10T13:54:21Z "When accessing a category archive via its pretty URL e.g. {{{ example.com/category/whatever }}} the conditional tag {{{ is_category() }}} returns '''true'''. Accessing the same category archive via its ugly URL {{{ example.com?cat=whatever }}} the conditional tag {{{ is_category() }}} returns '''false'''. I'm pretty sure this concerns other conditional tags too. This is not only a cosmetic flaw because it causes WP to use the wrong template. I've tested it with Twenty Seventeen and the homepage template was used in case of using an ugly URL. Due tue the ugly URL always work independently of permalink settings this is a bug in my opinion." petersplugins Tickets Awaiting Review 38288 Connection Timeout when importing heavy .xml (LiteSpeed) Import 4.6.1 normal normal Awaiting Review defect (bug) new 2016-10-11T21:24:41Z 2019-04-01T14:49:05Z "When importing big .xml files using the WordPress importer, the connection times out on LiteSpeed servers. This is due to server not sending new content to the browser, so connection automatically closes. This is different to a PHP timeout due to low max_execution_time. This might be prevented by showing some sort of progress bar so the connection is not closed due to inactivity." jscrm Tickets Awaiting Review 53960 Construct WP_User::cap_key dynamically from wpdb instance Users normal normal Awaiting Review defect (bug) new 2021-08-19T14:18:53Z 2021-08-19T14:48:35Z "Currently, `WP_User` is set up to set the `cap_key` property, which is used as the usermeta key for a user's role on a given site, only when the `WP_User` instance is instantiated. This leads to some complication when setting a user role after a `switch_to_blog` call. While `switch_to_blog` internally calls a hook which ends up calling `wp_switch_roles_and_user`, that method only changes the ''current'' user's role without impacting other `WP_User` instances. This means the following (psuedo-)code would not work as one might expect: {{{#!php <?php $user = get_user_by( 'id', 123 ); // note: 123 is not the logged in user here $sites = get_sites( /* some criteria */ ); foreach ( $sites as $site_id ) { switch_to_blog( $site_id ); $user->set_role( /* some role */ ); restore_current_blog(); } }}} The end result is that the role is only applied to the root site, because the user object's `cap_key` property is never updated when the site is switched. However, the user's ""user level"" ''is'' updated correctly for each site — because WP_User's `update_user_level_from_caps` method generates the user meta key dynamically from the blog prefix ''when the method is called'' ([https://github.com/WordPress/WordPress/blob/87bd00ac5b41674810cdc5b125561407ee827868/wp-includes/class-wp-user.php#L672 ref]). I would propose changing the `cap_key` to be generated dynamically every time it is referenced, rather than only when the object is instantiated or `WP_User::for_site()` is explicitly called." chrisvanpatten Tickets Awaiting Review 40079 Content of static pages does not show when you have a count_post in the theme Posts, Post Types 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-09T14:08:13Z 2017-03-09T14:14:38Z "in page.php when you have elsewhere: {{{#!php <?php $count_posts = wp_count_posts(); $posts = $count_posts->publish; $numberofcats = wp_count_terms('category'); echo ""<p><u>"".$posts."" articles in "".$numberofcats. "" categories:</u></p>""; ?> }}} then the content inside the loop of a static page will display the content of an article. well for me i fixed it with: {{{#!php <?php $count_posts = wp_count_posts(); $numberofcats = wp_count_terms('category'); echo ""<p><u>"".$count_posts->publish."" articles in "".$numberofcats. "" categories:</u></p>""; ?> }}} I am testing it on a custom theme but with plain code you will see this too. tested it on a plain installation with custom theme in page.php: {{{ <?php get_header(); ?> <h2>Categories:</h2> <?php $count_posts = wp_count_posts(); $posts = $count_posts->publish; $numberofcats = wp_count_terms('category'); echo ""<p><u>"".$posts."" articles in "".$numberofcats. "" categories:</u></p>""; ?> <?php if (have_posts()) : while (have_posts()) : the_post(); ?> <h2><a href=""<?php the_permalink() ?>""><?php the_title(); ?></a></h2> <div class=""entry""> <?php the_content(); ?> </div> <?php endwhile; endif; ?> <?php get_sidebar(); ?> <?php get_footer(); ?> }}} " devlink1337 Tickets Awaiting Review 59339 Conversion to webp causes fatal error when original image is a palette image (as opposed to truecolor) Media 6.3.1 normal normal Awaiting Review defect (bug) new 2023-09-13T13:41:52Z 2023-09-13T13:41:52Z "I am working on an image conversion plugin. I've run into a bug when the original image is a ""paletter image""[https://www.thecoderscamp.com/paletter-image-not-supported-by-webp/]"", or in other words, an image that has an indexed palette rather than being truecolor. I believe it's a png. The error I get is: {{{ Fatal error: Paletter image not supported by webp in /home/username/public_html/wp-includes/class-wp-image-editor.php on line 584 }}} And how I'm using it: {{{#!php <?php $image_editor = wp_get_image_editor( $this->image_path ); $new_file_info = $this->get_editor()->save( $this->image_path, 'image/webp' ); }}} This method worked fine on hundreds of images of png, jpg, and tiff until I ran into this one that has a ""palette"". In `wp-includes/class-wp-image-editor-gd.php:487`, if the image loaded into WP_Image_Editor is a png, we check for a palette and convert to true color before saving. I believe that we need to also check in the webp conditional and, just like for png, convert to truecolor first. " jakeparis Tickets Awaiting Review 53035 Copy suggested policy text to clipboard on click success message is not showing Administration normal normal Awaiting Review defect (bug) new has-patch 2021-04-15T06:29:49Z 2021-04-16T04:47:18Z "Hi, I have updated 5.7.1. and lot's of time success message is not showing. more information you can see mentioned quick video link. https://www.loom.com/share/6d051f6236134b6eb6aff20fba228b9e" sumitsingh Tickets Awaiting Review 56873 Core Blocks validation error from wordpress 6.0.3 Editor 6.0.3 normal minor Awaiting Review defect (bug) new 2022-10-20T21:47:17Z 2022-10-21T01:46:23Z Hello! There seem to be some validation errors of some core block patterns from version 6.0.3 (they seem to be inconsistencies of the style attribute). They can be viewed in the developer console. gigito78 Tickets Awaiting Review 60423 Correct documentation for WP_Block_Parser_Frame class General normal normal Awaiting Review defect (bug) new has-patch 2024-02-02T09:33:10Z 2024-02-02T15:33:06Z In the DocBlocks for the `__construct` of the class, the `@param` missing null type for `$prev_offset` and `@leading_html_start` jigar bhanushali Tickets Awaiting Review 43009 Create Video/Audio Playlist hooks not working as expected Media 4.9.1 normal normal Awaiting Review defect (bug) new has-patch 2018-01-02T15:54:41Z 2022-03-25T17:43:10Z "WordPress now provides the following hooks: https://developer.wordpress.org/reference/hooks/media_library_show_video_playlist/ https://developer.wordpress.org/reference/hooks/media_library_show_audio_playlist/ We can use these to hide the “Create Video Playlist” (and Audio) button in the media library. These only seem to work on initial page load. The “Create Video Playlist” button still appears for me even though I'm using these filters. To reproduce from a fresh install. 1. Set these lines in your theme functions.php {{{#!php add_filter( 'media_library_show_audio_playlist', function() { return false; }); add_filter( 'media_library_show_video_playlist', function() { return false; }); }}} 2. Go to wp-admin/post-new.php. 3. Click 'Add Media', notice that the playlist buttons are missing. 4. Upload a video file (I used .mov). Notice that the 'Create Video Playlist' button now appears. This likely exists in versions earlier than 4.9.1, but this was the version I tested in." iforrest Tickets Awaiting Review 42953 Created images have a larger filesize than the original Media normal normal Awaiting Review defect (bug) new 2017-12-21T12:34:42Z 2020-11-30T03:14:16Z "Images uploaded in the media library get resized to the defined sizes. However, if the image has been optimized beforehand the result can be that the generated images have a filesize larger than the originally uploaded image. It can happen due to a very high `jpeg_quality` value for example.. This should not happen under any circumstances. Uploading optimized images is something a lot of people do for SEO purposes, and larger generated images affect that negatively. Sometimes even if the image-size is smaller, the generated file's filesize is bigger. One solution would be to save the image in a temp location and have its filesize checked against the original image. If the image is smaller than the original one then move to its final location. If not, then some other solution has to be found." aristath Tickets Awaiting Review 53008 Creating an anonymous comment with custom fields via REST API REST API 4.7 normal normal Awaiting Review defect (bug) new 2021-04-09T14:16:40Z 2021-04-12T08:04:40Z "Hi! When `rest_allow_anonymous_comments` filter is enabled, I'm able to successfully create anonymous comments via REST API POST /comments method, without any authorization. Unfortunately, when trying to create a comment with a registered, non-protected meta field, I got a 401 error (details below). Even when `auth_callback` is forced to return true for that field, things don't change. I think that by default, when `rest_allow_anonymous_comments` is enabled, one should be able to create a comment with meta fields. Field definition: {{{#!php <?php add_filter( 'rest_allow_anonymous_comments', '__return_true' ); register_meta('comment', 'twitter_handle', [ 'single' => true, 'type' => 'string', 'show_in_rest' => true, ]); }}} Request: {{{ curl --request POST \ --url 'http://example.com/wp-json/wp/v2/comments' \ --header 'Content-Type: application/json' \ --data '{ ""post"": 1, ""content"": ""Lorem ipsum"", ""author_name"": ""Dawid"", ""author_email"": ""example@example.com"", ""meta"": { ""twitter_handle"": ""dmgawel"" } }' }}} Response: {{{ { ""code"": ""rest_cannot_update"", ""message"": ""Sorry, you are not allowed to edit the twitter_handle custom field."", ""data"": { ""key"": ""twitter_handle"", ""status"": 401 } } }}} I got the same response for the following meta field definition: {{{#!php <?php add_filter( 'rest_allow_anonymous_comments', '__return_true' ); register_meta('comment', 'twitter_handle', [ 'single' => true, 'type' => 'string', 'show_in_rest' => true, 'auth_callback' => function(){ return true; } ]); }}} " dawgawel Tickets Awaiting Review 43306 Creating site using wpmu_create_blog() without / prefixed with $path causes get_id_from_blogname() to fail. General 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-13T19:55:03Z 2019-04-01T22:10:10Z "The below code will result in `NULL`: $id = wpmu_create_blog( 'example.org', 'example', 'neutralized', 1 ); $result = get_id_from_blogname( 'example' ); But the below code will result in an `int`. $id = wpmu_create_blog( 'example.org', '/example', 'neutralized', 1 ); $result = get_id_from_blogname( 'example' ); The difference is in the 2nd snippet I prefix `$path` with a `/`. Without that being apparent in docs we should strip the need for the `/` or update docs. I found this while writing a unit test, and you can see it changing below: [[Image(http://aubrey.pw/d/2018/BoaRz4J88N.gif)]]" aubreypwd Tickets Awaiting Review 57451 Cross Site Request Forgery on Admin of any wordpress site to export files Export normal minor Awaiting Review defect (bug) new 2023-01-12T13:13:23Z 2023-03-20T04:34:24Z "[Marked as No Impact By WordPress Hackerone Team] Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker’s choosing Steps To Reproduce: 1. Login to WordPress Backend as an Admin 2. Go-to Tools > Export > Select what to export 3. Select the Data you want to export. Capture this request using a web-proxy like BurpSuite 4. Since this is a GET request, Copy the URL to which request is made. 5. Send this URL to another admin or user with equal rights. 6. When he clicks on the URL, he shall download the file automatically. The endpoint vulnerable: `http://<your_wp.com>/wp-admin/export.php?download=true&content=all&cat=0&post_author=2&post_start_date=0&post_end_date=0&post_status=0&page_author=0&page_start_date=0&page_end_date=0&page_status=0&attachment_start_date=0&attachment_end_date=0&submit=Download+Export+File` Recommendations Enforce CSRF protection like wpNonce Token for file export endpoint. Impact Unauthorised File Download on an administrator's PC An attacker can write a script which sends 100s of GET requests at once to the endpoint, and share the script to another user, and when he downloads 100 files at once, it shall also consume his disk space" f41z4n Tickets Awaiting Review 53996 Custom Coded Template files breaking MetaBoxes Themes 5.8 normal normal Awaiting Review defect (bug) new 2021-08-24T21:02:24Z 2021-08-24T21:02:24Z "We discovered on all of our sites using 5.7 and up, are having issues when swapping between custom made templates. We follow the codex on syntax and nothing unusual is being done on any one template versus another (we have about 15 sites). The Issue: When you are in a page editor, using Gutenberg, if you swap templates to any template, it breaks the toggle ability for meta boxes in the content area. When this happens we notice a browser warning about being in JS Quirks mode pointing at the JS for Core (not any of ours). I did remove ALL of our JS to make sure it was not breaking there first. This could be completely un-related though. What we have tried to do to fix the issue: Deactivated all plugins Deactivated one at a time Updated plugins Removed Yoast (because it is an asshole) Renamed entire plugin file so it can't find ANY files Deleted entire JS library to account for any JS conflicts Commented out Enqueue scripts Anything about ACF in functions files I removed Swapped theme (see notes) Here is our basic template setup: {{{ <?php /** * Template Name: Locations * * The template for displaying all pages * * * @link https://developer.wordpress.org/themes/basics/template-hierarchy/ * * @package [name of package] */ get_header(); ?> }}} Notes: We also found that the Twenty-twenty-one theme does fine UNTIL you add a custom page with the codex formatting suggestions like above. As soon as you save and try to swap templates the break happens. " juliacramer Tickets Awaiting Review 29117 Custom Field metabox shows table header information even though it has no data to show. Posts, Post Types 2.9 normal normal Awaiting Review defect (bug) new has-patch 2014-08-05T13:33:42Z 2019-06-20T12:36:47Z This can be verified by adding a post and then submitting an empty meta key and meta value. A validation error occurs but at the same time the table header information is displayed. Ankit K Gupta Tickets Awaiting Review 43121 Custom HTML Widget Warning Tooltips Error Widgets 4.9.2 normal normal Awaiting Review defect (bug) new 2018-01-17T22:16:24Z 2018-01-19T14:26:14Z "I am using Custom HTML widgets in the current version of WordPress, and I have noticed an error in the display of warning tooltips within the current version of Firefox. When I mouseover a warning icon in the Custom HTML widget, the resulting tooltip displays beneath the editor pane, making the warning text unreadable. '''Warning Tooltip in Firefox:''' [[Image(https://img.nettech.net/Temp/CustomHTMLWidget_WarningTooltip_Firefox.jpg)]] The same warning tooltip appears correctly in the latest versions of Chrome and Edge. '''Warning Tooltip in Chrome''' [[Image(https://img.nettech.net/Temp/CustomHTMLWidget_WarningTooltip_Chrome_Edge.jpg)]] I have not tested across themes, so for reference I am currently working within Front Page sidebars in a Genesis child theme. I have tested the same widget across Firefox, Chrome, and Edge, and only Firefox exhibits the described behavior." JosefNT Tickets Awaiting Review 36418 Custom MIME type icons lost in WP Media List view Media normal normal Awaiting Review defect (bug) new dev-feedback 2016-04-05T01:18:11Z 2021-10-23T13:22:48Z "The ability to define custom MIME icons has been possible since at least v2.5, by hooking into several filters, one of which is `icons_dir`. `icons_dir` allows you to specify additional directory/uri pairs for the `wp_mime_type_icon` routine to search, ideally adding icon support for additional MIME types. However, going through SVN history, it seems that almost from the beginning of the availability of that hook, there has been a loophole where the additional icon directories are ignored! Specifically: `wp_get_attachment_image_src` calls `wp_mime_type_icon`, which in theory could select a custom icon directory added by the `icon_dirs` hook. It then attempts to fetch width and height information from the selected icon file, but only checks the default wp-includes/images/media directory. Of course, this prevents the custom icons from displaying when fetched through `wp_get_attachment_image_src`." jhorowitz Tickets Awaiting Review 47041 Custom Post type author empty Posts, Post Types 5.1.1 normal normal Awaiting Review defect (bug) new 2019-04-25T11:30:05Z 2020-04-22T06:20:09Z "If I created Custom post type with rest enabled [ for Gutenberg support ] and I try to created/publish custom post type then Post author is empty instead of the current user I checked with bbPress Post type forum, For enabled rest support, refer the following code {{{#!php function twentyseventeen_rest_support_bbpress() { global $wp_post_types; $forum_post_type = bbp_get_forum_post_type(); if (isset($wp_post_types[$forum_post_type])) { $wp_post_types[ $forum_post_type ]->show_in_rest = true; } } add_action('init', 'twentyseventeen_rest_support_bbpress', 25); }}} " dipesh.kakadiya Tickets Awaiting Review 55812 Custom admin columns don't sort string meta_key values when using MariaDB. Administration 6.0 normal normal Awaiting Review defect (bug) new 2022-05-25T03:24:45Z 2022-06-14T16:35:45Z "If your using MariaDB, and you want to sort the WP_Query using meta_key and orderby 'meta_value' sort does not work. '''To reproduce:''' 1. Create a basic child theme, I made a child theme of Twenty Twenty Two that contained the style.css and functions.php. \\ \\ '''style.css''' {{{ /* Theme Name: Twenty Twenty Two Child Description: Twenty Twenty Two Child Theme Template: twentytwentytwo Version: 1.0.0 Text Domain: twentytwentytwochild */ }}} 2. Define the hooks to add a custom column. \\ \\'''functions.php''' {{{#!php <?php function child_manage_pages_columns( $columns ) { return array_merge( array_slice( $columns, 1, 1 ), array( 'test_custom_field' => __( 'Test', 'twentytwentytwochild' ), ), array_slice( $columns, 1 ), ); } add_filter( 'manage_pages_columns', 'child_manage_pages_columns' ); function child_pages_custom_columns( $column_key, $post_id ) { switch ( $column_key ) { case 'test_custom_field': $value = get_post_meta( $post_id, 'test_custom_field', true ); echo esc_html( $value ); break; } } add_action( 'manage_pages_custom_column', 'child_pages_custom_columns', 10, 2 ); function child_manage_edit_pages_sortable_columns( $columns ) { $columns['test_custom_field'] = 'test_custom_field'; return $columns; } add_filter( 'manage_edit-page_sortable_columns', 'child_manage_edit_pages_sortable_columns' ); function child_manage_edit_pages_sortable_columns_pre_get_posts( $query ) { if ( ! is_admin() || ! is_main_query() ) { return; } $orderby = $query->get( 'orderby' ); switch ( $orderby ) { case 'test_custom_field': $query->set( 'meta_key', 'test_custom_field' ); $query->set( 'orderby', 'meta_value' ); break; } } add_action( 'pre_get_posts', 'child_manage_edit_pages_sortable_columns_pre_get_posts' ); }}} 3. Log into the WordPress admin panel and add a couple of pages that use custom fields. I made three pages two of those pages had the same custom field value and the third had a new value (Hello World, Hello World, and Other World). 4. Go to the page listing and try to sort with the 'Test' column. The sort may change the first time, but will remain the same each time after that. I tested this with MariaDB version 10.5.4 on Windows 10 with WAMP. I also tested with MySQL 8.0.24 on Windows 10 with WAMP but did not have the issue. Through some testing and google searches I realized the issue is that MariaDB's LongText column type is just not sortable. In my test I updated wp_postmeta's meta_value column to Varchar(15000) and that enabled sort to work as expected." kevincorrigan Tickets Awaiting Review 53865 Custom fields overlaps Post content blocks Editor normal normal Awaiting Review defect (bug) new 2021-08-03T06:11:27Z 2021-09-17T05:50:12Z "When creating a post or edit an existing one, the Custom fields overlap Gutenberg blocks(wordpress version 5.8). I cannot enter content into those blocks so I cannot complete my post using the new editor. Also other Additional areas to the editor such as meta boxes from plugins(Yoast seo etc) are also overlapping the content. Screenshots 1.Add new post (without any plugins-theme: twenty twenty-one) :https://ibb.co/SyhWP9F 2.Edit post(with yoast SEO metabox-theme: twenty twenty) :https://ibb.co/3zm2kf4 Support ticket created at https://wordpress.org/support/topic/custom-fields-overlaps-post-content-blocks/?view=all#post-14724825 and @t-p responded to create a ticket in bug tracker. Thank You. " anjali94 Tickets Awaiting Review 39442 Custom rewrite endpoints and wp_old_slug_redirect Rewrite Rules 4.7 normal normal Awaiting Review defect (bug) new 2017-01-03T00:21:03Z 2020-07-14T05:13:13Z "Previously: #33920 {{{wp_old_slug_redirect}}} currently only handles core rewrite endpoints (like {{{feed}}} and {{{embed}}}). If you have a custom rewrite endpoint, you end up redirected back to the new permalink. You can use the [old_slug_redirect_url https://developer.wordpress.org/reference/hooks/old_slug_redirect_url/] filter to redirect correctly but the filter does not pass the post id, which makes things a bit challenging (especially if you need to do any processing beyond just appending the endpoint). It would be nice if the post id was passed into the {{{old_slug_redirect_url}}} filter: {{{ $link = apply_filters( 'old_slug_redirect_url', $link, $id ); }}} It would be even nicer if the redirect handled custom endpoints automatically as well." batmoo Tickets Awaiting Review 40436 Custom taxonomy terms order lost under wp-admin/post.php edit action for a custom post type Taxonomy 4.7 normal normal Awaiting Review defect (bug) new has-patch 2017-04-13T10:01:40Z 2019-03-26T21:01:47Z "Hi, I have registered a custom taxonomy (for a custom post type) that supports sorting using the following taxonomy args {{{#!php const DEFAULT_ARGS = [ 'public' => true, // Make WP function is_tax() working for this custom taxonomy 'show_ui' => true, 'show_in_menu' => true, 'show_in_nav_menus' => false, 'show_tagcloud' => false, 'show_in_quick_edit' => true, 'meta_box_cb' => null, // If null default to WP post_tags_meta_box() in not 'hierarchical' otherwise to post_categories_meta_box() (see WP meta-boxes.php) 'show_admin_column' => true, 'hierarchical' => false, // 2017-01-25 Seems not to be necessary anymore 'update_count_callback' => 'My_Query_Admin::cb_update_count_callback', 'query_var' => true, // Make WP function is_tax() working for this custom taxonomy 'rewrite' => false, 'capabilities' => [], 'sort' => true, // Need by post terms ordering for M_Post_Type::get_main_term() (https://core.trac.wordpress.org/ticket/5857) '_builtin' => false, ]; }}} I used the following args for registering the custom post type {{{ // Default custom post type arguments // https://codex.wordpress.org/Function_Reference/register_post_type const DEFAULT_ARGS = [ 'description' => '', 'public' => false, 'exclude_from_search' => true, 'publicly_queryable' => true, 'show_ui' => true, 'show_in_nav_menus' => false, 'show_in_menu' => true, 'show_in_admin_bar' => true, // 'capability_type' => 'post', // 'capabilities' => [], // 'map_meta_cap' => false, 'hierarchical' => false, 'supports' => [ 'title', 'editor', 'thumbnail', 'custom-fields', ], 'register_meta_box_cb' => null, 'has_archive' => false, 'rewrite' => false, 'permalink_epmask' => EP_PERMALINK, 'query_var' => true, 'can_export' => false, 'delete_with_user' => false, 'show_in_rest' => false, // 'rest_base' => $post_type, // 'rest_controller_class' => WP_REST_Posts_Controller, // '_builtin' => false, '_edit_link' => 'post.php?post=%d', ]; }}} Terms order is well respected using {{{#!php wp_get_object_terms($post->ID, $taxonomy, ['orderby' => 'term_order']); }}} but when editing post under admin panel, order is lost and reverts always to alphabetical order. Can anyone confirm that bug or tell me what's wrong for me? Thanks a lot " solo14000 Tickets Awaiting Review 39352 Customize: menu widgets have two edit shortcuts Customize 4.7 normal normal Awaiting Review defect (bug) new 2016-12-20T22:59:37Z 2021-05-24T02:47:23Z "r39622 fixes the edit shortcut for menus inside widgets, but that still leaves two edit shortcuts for those partials, generally with one on top of the other. Right now the menu shortcut is on top of the widget shortcut, so I was thinking it might be worth while to hide one, but I wonder which one is the better experience for users? Clicking on the menu shortcut brings up the editor for that menu. [[Image(https://cldup.com/7lTAzaHguo.png)]] Clicking on the widget shortcut brings up the widget settings, which allow changing which menu is displayed there. [[Image(https://cldup.com/mWvyLgbTc1.png)]] It seems to me that both could be what a user might be looking for, but I think we can really only have one. Since you can click the ""Edit Menu"" button to get from the widget settings to the menu settings and not the other way around, I suggest we hide the menu shortcut, but I'm open to a dissenting opinion. cc: @folletto and @melchoyce for a UX perspective Split from #39101 " sirbrillig Tickets Awaiting Review 49009 Customizer header overlaps top of preview at small screen sizes Customize 5.3.1 normal normal Awaiting Review defect (bug) new has-patch 2019-12-17T10:19:20Z 2023-06-07T13:56:08Z "Hi, Design issue in customize.php on Twenty Twenty theme when preview page. For more information sees mention screenshot. Thanks" sumitsingh Tickets Awaiting Review 40183 Customizer strange slide out Customize 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-17T12:23:52Z 2021-05-29T17:18:28Z Don't know how to say it right what it looks like. Strange customizer behaviour when selecting text input or when clicking anywhere and dragging to the right. halftones Tickets Awaiting Review 45135 Dashboard Menu Conflict on Mobile Devices when menu is active Administration 4.9.8 normal normal Awaiting Review defect (bug) new 2018-10-19T18:20:13Z 2018-10-24T17:40:43Z "Bug on dashboard while scrolling down on the same page when menu is active. **Steps to easily reproduce the issue:** 1) Visit any page on the dashboard 2) Tap the Menu Icon (keep it as active) 3) Scroll down the page which you are already visited from the center of the down of page (not via the admin menu). 4) The menu will seems to be hidden and the admin bar will seems to be broken As for getting the admin menu options again, the user need to refresh the page." josevarghese Tickets Awaiting Review 52919 Dashboard tabs issue on focus Administration 5.7 normal normal Awaiting Review defect (bug) new has-patch 2021-03-26T09:27:49Z 2023-05-25T19:26:58Z Dashboard tabs issue on focus, it needs to be the vertical center. muhammadbux Tickets Awaiting Review 38186 Database Collations Bypassed by determine_charset() in wp-db.php Charset 4.6.1 normal major Awaiting Review defect (bug) new 2016-09-29T14:26:56Z 2017-02-10T14:32:55Z "The function 'determine_charset' in wp-db.php, since 4.6.0 will try to set the database collation to the best option available, 'utf8mb4_unicode_520_ci'. This makes sense when the collation is not explicitly defined in wp-config.php, and most likely beneficial to novice developers. However, this assumptive behavior occurs even when the DB collation ''is'' explicitly defined in wp-config, effectively ignoring 'utf8_general_ci', 'utf8mb4_unicode_ci', and collations starting with 'utf8_' in certain environments. There appears to be no way to force these collations when defined by the developer. If the developer has set the collation in the config file, shouldn't the software obey the word of the developer? In short, ''a valid database collation set in wp-config should not be bypassed by WP Core.'' There is no workaround that vindicates the logic in determine_charset(). A possible solution would involve determine_charset() checking for a config setting such as 'FORCE_DB_COLLATE'. If true, use the collation defined in wp-config without assuming otherwise. " natecf Tickets Awaiting Review 34683 Default .htaccess config creates rewrite infinite loops for path-based multisite installations Rewrite Rules 4.3.1 normal normal Awaiting Review defect (bug) new 2015-11-14T20:16:54Z 2020-03-27T14:11:01Z "Default .htaccess config for path-based multisite installations looks like that: {{{ RewriteBase / RewriteRule ^index\.php$ - [L] # add a trailing slash to /wp-admin RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ - [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] RewriteRule . index.php [L] }}} The problem is in these lines: {{{ RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] }}} `?` sign makes expression `([_0-9a-zA-Z-]+/)` optional, so rule works also for request like `http://example.com/wp-config/file.png` and basicly try to internal redirect request to the same address. If file does not exist, it creates infinite internal loops that causes internal server errors. There is no sense create rewrite rules for main site of network and site prefix should no be optional for rewrites. Correct .htaccess content should be: {{{ RewriteBase / RewriteRule ^index\.php$ - [L] # add a trailing slash to /wp-admin RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^ - [L] RewriteRule ^([_0-9a-zA-Z-]+/)(wp-(content|admin|includes).*) $2 [L] RewriteRule ^([_0-9a-zA-Z-]+/)(.*\.php)$ $2 [L] RewriteRule . index.php [L] }}} " rob006 Tickets Awaiting Review 33332 Default ACL entries are not set correctly when file is uploaded to WP Filesystem API 4.1.1 normal major Awaiting Review defect (bug) new 2015-08-10T22:21:08Z 2019-02-07T07:30:14Z "Hello there! We are using ACL permissions on our server in order to isolate all websites from each other. Both nginx and php-fpm has it's own users. Actually, each website has it's own php-fpm user. The ACL permissions are set for new files via default permission set: {{{ getfacl -a ./sitename/wp-content/uploads # file: sitename/wp-content/uploads # owner: www-data # group: www-data user::rwx user:nginx:r-x user:fpm-sitename:rwx group::rwx mask::rwx other::--- default:user::rwx default:user:nginx:r-x default:user:fpm-sitename:rwx default:group::rwx default:mask::rwx default:other::--- }}} So, when I manually create a file, the correct ACL permissions will be set for it by the filesystem itself: {{{ $ sudo -u fpm-sitename touch test $ getfacl ./test # file: test # owner: fpm-sitename # group: fpm-sitename user::rw- user:nginx:r-x #effective:r-- user:fpm-sitename:rwx #effective:rw- group::rwx #effective:rw- mask::rw- other::--- }}} And nginx will be able to read and serve it. However, when I upload a file through the WordPress it has no ACL entries at all. I've looked through the code and the following part of the '''_wp_handle_upload()''' seems to be the culprit: {{{ // Set correct file permissions. $stat = stat( dirname( $new_file )); $perms = $stat['mode'] & 0000666; @ chmod( $new_file, $perms ); }}} After commenting it out uploading works like a charm and proper ACL entries are set as expected. We're using Ubuntu Server 14.04.3 LTS. Cheers!" slavafomin Tickets Awaiting Review 42910 Default Post Format doesn't apply on post created from Quick Draft Post Formats 4.9.1 normal normal Awaiting Review defect (bug) reopened has-patch 2017-12-15T09:09:31Z 2018-04-15T07:24:06Z "Default Post Format doesn't keep selected while submitting posts using Quick Draft option of dashboard. '''Steps To Reproduce:''' 1. Login into the WordPress admin 2. Navigate to the Settings > Writing 3. Change the Default Post Format to any format 4. Clicked on ‘Save changes’ button 5. Now navigate to the Dashboard 6. Inside Quick Draft block Add post title and description and Clicked on ‘Save Draft’. 7. Now check the post format of added post. Note: ''it is working after 2-3 attempt but when you again change the post format then it will not work as expected.'' '''Expected result:''' default post format should be applied on post created from ""Quick Draft"" option." aiyaz Tickets Awaiting Review 52256 Default hide password field. Users 5.6 normal normal Awaiting Review defect (bug) reopened dev-feedback 2021-01-08T09:39:32Z 2023-10-20T01:13:17Z "Generate password not working when the first click on generate password button. Check different behavior in the below URLs **{siteurl}/wp-admin/user-new.php {siteurl}/wp-admin/profile.php {siteurl}/wp-admin/user-edit.php?user_id={user_id}** Check the video for a better understanding. https://www.loom.com/share/2b91de25ab1447e3bb069738c0d318b8" dilipbheda Tickets Awaiting Review 43613 Default post format setting does not respect theme support Post Formats normal normal Awaiting Review defect (bug) new 2018-03-22T22:20:39Z 2023-08-01T16:30:49Z "In `options-writing.php`, the `Default Post Format` setting does not check whether the current theme supports the built-in formats. Would it not be more intuitive if only the formats supported by the current theme were in the list to select? Then a description could be added underneath to say ""these are the formats supported by the currently selected theme"". Alternatively, there could be a filter added to `get_post_format_strings` in `wp-includes/post-formats.php` to allow themes/plugins to remove available formats from this list. " seanleavey Tickets Awaiting Review 45130 Defer jQuery WordPress Admin & Customizer doesn't work properly Administration normal normal Awaiting Review defect (bug) new 2018-10-19T13:35:56Z 2019-07-01T19:21:09Z "If I defer jQuery or put jQuery in the footer. I get Uncaught ReferenceError: jQuery is not defined errors in the WordPress Customizer and the Customizer doesn't work, like for example changing theme logo, adding widgets or other things directly possible in the page. When I remove defer, everything works as expected. Maybe this is because document ready is not used? I have been checking this issue myself. The following files are effected: - wp-includes/js/mediaelement/mediaelement-migrate.min.js - wp-includes/js/wp-a11y.min.js - wp-includes/js/customize-base.min.js - wp-includes/js/customize-preview.min.js - wp-includes/js/mediaelement/wp-mediaelement.min.js - wp-includes/js/wp-util.min.js - wp-includes/js/mediaelement/wp-playlist.min.js - wp-includes/js/customize-selective-refresh.min.js - wp-includes/js/customize-preview-widgets.min.js - wp-includes/js/customize-preview-nav-menus.min.js" remzicavdar Tickets Awaiting Review 40060 Define ADMIN_COOKIE_PATH cause unreachable /wp-login.php Users 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-07T13:11:56Z 2017-03-07T14:44:52Z "If user is logged in and tries to open /wp-login.php page, he never couldn't do this if ADMIN_COOKIE_PATH is set to root '/' (is equal to COOKIEPATH). Instead, the redirect to /wp-admin/ will occur. Even more, many of function during page load will run twice. In a long route of functions, the last one is wp_parse_auth_cookie(), which return false to many functions called from, which cause ""true"" check in wp-login.php on line 814, where unneeded redirect happens. {{{#!php <?php if ( !is_wp_error($user) && !$reauth ) { ... wp_redirect( $redirect_to ); exit(); }}} In regular situation, wp_parse_auth_cookie() return ""false"" when checking auth cookie on wp-login.php from path '/', because existing one is for /wp-admin path. So wp-login.php loads normally. {{{#!php <?php if ( empty($_COOKIE[$cookie_name]) ) return false; }}} But if ADMIN_COOKIE_PATH is defined with value, that not differs from COOKIEPATH or SITECOOKIEPATH - it return ""true"" and forever redirect to /wp-admin/. Any ideas to solve this?" esemlabel Tickets Awaiting Review 43098 Defining WP_UNINSTALL_PLUGIN also when the uninstall handler is registered via register_uninstall_hook() Administration normal normal Awaiting Review defect (bug) new 2018-01-16T14:18:36Z 2019-01-17T01:26:20Z "At the moment, there's no way to ""know"" that the context execution is uninstallation until the uninstall hook is executed: {{{ do_action( ""uninstall_{$file}"" ); }}} I'd like to move the definition of `WP_UNINSTALL_PLUGIN` to be set for both uninstall handlers (the `uninstall.php` and the `register_uninstall_hook()` hook). The fix is super simple, just moving `define('WP_UNINSTALL_PLUGIN', $file);` in `/wp-admin/includes/plugin.php` outside the `if` statement. It's needed when a plugin need to execute some code prior to the `register_uninstall_hook()` execution that is later used within the callback. I couldn't think of any intentional reason why it shouldn't be defined for both uninstallation methods." svovaf Tickets Awaiting Review 43326 Delay when setting Featured Image Post Thumbnails 4.9.4 normal normal Awaiting Review defect (bug) new 2018-02-15T00:09:47Z 2018-02-15T03:49:14Z "When setting a Featured Image on a page/post, there's a delay of a few seconds after choosing the image. If you hit the page/post Update button before the Featured Image is displayed, it won't be saved. Perhaps disable the Update button until the featured image has finished setting." bluesix Tickets Awaiting Review 28701 Deleted option is not deleted if value was ever null Options, Meta APIs 2.2 normal normal Awaiting Review defect (bug) new needs-unit-tests 2014-07-01T04:15:03Z 2021-02-16T10:34:38Z "If an autoloaded option ever contains `null`, it will cease to be autoloaded after this. It will then be stored in the individual option cache (`wp_cache_get('optname', 'options')`), rather than the autoloaded options. The autoloaded option cache will then contain `optname` with the value `null` (and `isset(null) === false`). Typically, this would be fine, but `delete_option` checks the database autoload value directly. It then only attempts to delete this from the autoload options cache (which again fails because of an isset check). After deleting, the value is still stored in the object cache (!!!), causing it to return a value despite not existing in the database. As far as I can tell, this has existed since r4855 (WP 2.2). ---- To reproduce (requires external object cache to be enabled): {{{ // Add the option with initial value set to null add_option( 'testingkey', null ); // Update to real value update_option( 'testingkey', 'realvalue' ); // Delete the option completely delete_option( 'testingkey' ); // Check the value var_dump( get_option( 'testingkey', 'default' ) ); }}} Expected result: {{{ string(7) ""default"" }}} Actual result: {{{ string(9) ""realvalue"" }}}" rmccue Tickets Awaiting Review 59365 Deprecated notice when calling get_admin_page_title() on some dashboard pages. Administration normal minor Awaiting Review defect (bug) new has-patch 2023-09-15T11:35:39Z 2023-09-17T17:22:35Z "{{{ Deprecated preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated wp-admin/includes/plugin.php:2092 preg_replace() wp-admin/includes/plugin.php:2092 get_plugin_page_hookname() wp-admin/includes/plugin.php:2056 get_plugin_page_hook() wp-admin/includes/plugin.php:1980 get_admin_page_title() }}} This occurs on all pages where global `$plugin_page` is null (Plugins, Tools, etc.) " apedog Tickets Awaiting Review 42599 Design changes in Tools Categories and Tags Converter box and Tools Import box Import 4.9 normal normal Awaiting Review defect (bug) new has-patch 2017-11-17T10:27:46Z 2019-01-30T06:51:36Z "Some Design changes in Categories and Tags Converter box and Import box Go to wp-admin 1. Tools > Available Tools 2. Tools > Import" Shital Patel Tickets Awaiting Review 58949 Directory 'code' missing from 'wp-includes/js/tinymce/plugins' TinyMCE 6.2.2 normal normal Awaiting Review defect (bug) new 2023-08-01T01:19:15Z 2023-08-01T01:19:15Z "Directory 'code' missing from 'wp-includes/js/tinymce/plugins' It used to be there but it's missing now - i.e. I did NOT receive an error when using the plugin 'code' for tinymce. I do not know when it stopped to be there. == latest WP version yes == steps taken to consistently reproduce the problem If you build a text area using the following code {{{ <textarea name='commentEditor' id='commentEditor' form='notes-form' class='tinymce-enabled required'>Please wait ...</textarea> <script> jQuery(document).ready(function(){ tinyMCE.init({ plugins: 'textcolor lists code ', toolbar: 'undo redo formatselect fontsizeselect bold italic underline subscript superscript forecolor backcolor bullist numlist code ', mode: 'exact', theme: 'modern', menubar: false, statusbar: false, elements: 'commentEditor', forced_root_block: '', force_br_newlines: false, force_p_newlines: false, apply_source_formatting: false, cleanup: false, theme_advanced_statusbar_location: 'bottom', theme_advanced_path: false, theme_advanced_resizing: true, theme_advanced_resize_horizontal: false, theme_advanced_resizing_use_cookie : true, branding: false }); }); </script> }}} you will receive an error in the web development console section: {{{ GET https://DOMAIN.COM/wp-includes/js/tinymce/plugins/code/plugin.min.js Status 404 Not Found }}} == Does problem occur when all plugins deactivated and use the default theme? N/A == what is the expected output or result? What did you see instead? The expected outcomes would be: 1) the direcotry and file '//DOMAIN.COM/wp-includes/js/tinymce/plugins/code/plugin.min.js'would be available 2) tinymce would show the code icon 3) no error displayed == additional information Not that this really matters for this, more related to wordpress version os: alma 8.8 php: 7.4.33 AND 8.1 browser: not applicable " jobst Tickets Awaiting Review 42743 Disable wp_options autoload for inactive widgets Widgets normal normal Awaiting Review defect (bug) new 2017-11-29T04:25:59Z 2023-09-07T11:58:23Z "Options/settings for all widgets are saved in wp_options with autoload=yes, but autoload is enabled for the wp_options even for deactivated widgets. On sites with many widgets installed (but not even activated), the size of data transferred from the DB to the PHP host on each and every page request can add significant overhead and introduce noticeable slowdowns. I can't see a reason why autoload can't be disabled on deactivation of a widget, preloaded on navigation to the widget settings page, and then re-enabled when said widget is activated." ComputerGuru Tickets Awaiting Review 49731 Display embeds in WordPress plugin descriptions Plugins normal normal Awaiting Review defect (bug) new 2020-03-31T03:05:52Z 2020-03-31T04:08:25Z "The WordPress.org plugin directory [https://meta.trac.wordpress.org/browser/sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-plugin-directory.php#L573 supports two shortcode embeds] (specifically `[youtube` and `[vimeo`) and [https://meta.trac.wordpress.org/browser/sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-plugin-directory.php#L1401 several oembed locations]. Most of these embeds appear to return `iframe` elements, which are removed by Core, see [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/plugin-install.php#L533 $plugins_allowedtags]. For example, the Updraft Plus plugin has an embed on the WordPress.org site, but not within the WordPress Add new plugin screen. If you have Jetpack installed, it appears that it converts the `iframe` into a shortcode and displays that instead. This was originally reported as #meta2846, see that ticket for an example of the HTML that's stripped by this behaviour." dd32 Tickets Awaiting Review 43505 Display of html encoded text in dashboard. Plugins normal normal Awaiting Review defect (bug) new 2018-03-08T21:59:56Z 2018-03-08T22:57:45Z "I have discussed the issue in this thread https://make.wordpress.org/polyglots/2018/02/26/hello-18/, I report here the issue of the display of the text in UI, not the editorial choice of the translation itself. In fr_FR and fr_CA, there where changes done (last year?) to accomodate french ponctuation typographic rules but also, I guess, make sure the text doesnt fall on two line inadvertantly (ex. ""text !"", so a non-breaking space is inserted instead of a space). This non-breaking space is inserted as html encoded entity and it looks like it is displayed as is, without decoding like it is visible in this exemple screenshot : https://imgur.com/a/iVy9h " anonym999999 Tickets Awaiting Review 42642 Displayin page WP 4.9 General 4.9 normal normal Awaiting Review defect (bug) new 2017-11-20T15:10:06Z 2017-11-20T15:27:45Z "I prefer to display my pages on one column rather than on two, as default checked in WP. It works fine with twentyseventeen theme and WP 4.8.3. But it does not any longer works with WP 4.9. So, I undergraded to 4.8.3 but what a work and waste of time. Any idea about this bug solving ? Jacques" jibe64320 Tickets Awaiting Review 50554 Do not use iframe for plugin information dialog Plugins normal normal Awaiting Review defect (bug) new 2020-07-03T22:38:07Z 2020-10-08T23:11:45Z When you click a plugin title in the Add Plugins page, the plugin information dialog displays inside an iframe. This causes a problem if your htaccess file has X-Frame-Options: DENY. A solution to this problem would be to not use an iframe for the dialog. techboyg5 Tickets Awaiting Review 57337 Docs: WP Theme class reference properties don't match code Themes normal normal Awaiting Review defect (bug) new 2022-12-16T04:31:00Z 2022-12-19T01:48:47Z I was developing a plugin based on the information on https://developer.wordpress.org/reference/classes/wp_theme/ . This page implies that I should be able to get the theme author using the Author property and the URI of the Author's website using the AuthorURI property. However, in reality the AuthorURI property is always NULL and the Author property contains the author embedded inside an <a> tag with the AuthorURI. The docs should more clearly reflect this, and ideally mention a way to get the bare Author and URI (I ended up not finding a way to even do this, so I'm parsing the HTML now, really silly). bertvandepoel Tickets Awaiting Review 43069 Docs: improve documentation for register_meta() function Options, Meta APIs 4.9.1 normal normal Awaiting Review defect (bug) new has-patch 2018-01-11T16:23:29Z 2018-01-11T16:33:40Z "The documentation for the `register_meta()` function would benefit from additional clarity to help developers recognize that the `$object_type` parameter does not mean custom post type and the implications that registering the meta field applies to all objects of a type. Within that method there are also missing default values and optional markers in the docblock as well as a backwards compatibility comment that could be more specific and useful in an inline comment. https://developer.wordpress.org/reference/functions/register_meta/" terriann Tickets Awaiting Review 51167 Document the $update_results parameter in auto-update email filters Upgrade/Install normal normal Awaiting Review defect (bug) new has-patch 2020-08-28T02:50:23Z 2022-12-15T23:24:00Z "In a similar way to #51126, the structure of the `$update_results` parameter added to auto-update email filters in [48888] should be documented. The filters in question: * `auto_plugin_update_send_email` * `auto_theme_update_send_email`" SergeyBiryukov Tickets Awaiting Review 51307 "Document title broken when ""Homepage"" isn't set in Settings > Reading" General normal normal Awaiting Review defect (bug) new has-patch 2020-09-14T09:10:22Z 2021-03-08T12:28:46Z "Steps to reproduce the bug 1. Go to Settings > Reading 2. For ""Your homepage displays"" select ""A static page"" 3. Do not set ""Homepage"" 4. Set ""Posts page"" to a page you have already created 5. Save Visit the homepage and check the document title. For example `<title>The document title is here` Instead of the expected {blogName} - {blogDescription} you will get just {blogName} " henry.wright Tickets Awaiting Review 51623 Does WordPress run a clean-up cron-job for menu items having the draft status? Menus 5.5.1 normal normal Awaiting Review defect (bug) new 2020-10-24T22:15:13Z 2020-10-24T22:15:13Z "On the menu admin screen, after dragging new menu items to the selected menu, whenever I discard the option to save the menu settings before reloading the page I noticed that the added menu items (not-saved) is still in my post database table with status ""draft"". Now if I discard 100 menu items, my post table is filled with 100 rows of redundant data. Why? " zenithcity Tickets Awaiting Review 54290 Domain mapping: Text displayed on wp-signup.php asserts site doesn't exist when it does actually exist Networks and Sites normal normal Awaiting Review defect (bug) new 2021-10-19T09:22:59Z 2021-10-26T18:11:21Z "In a network install, when domain mapping is active for a custom domain, the following message appears on the wp-signup.php page when the network sub-domain is visited: > The site you were looking for, https://foo.example.com/, does not exist, but you can create it now! **Steps to reproduce** 1. Map a network site ""foo.example.com"" to a custom domain ""foo.com"" using this guide: https://wordpress.org/support/article/wordpress-multisite-domain-mapping/ 2. Visit the network sub-domain ""foo.example.com"" in a browser 3. Observe the text on wp-signup.php which notes ""foo.example.com"" doesn't exist The network sub-domain ""foo.example.com"" does exist so this text shouldn't be displayed." henry.wright Tickets Awaiting Review 42512 Domain with special character redirect loop on homepage Canonical 4.5 normal normal Awaiting Review defect (bug) new 2017-11-11T11:31:53Z 2018-03-14T01:39:00Z "Hi, i am experiencing a problem with wordpress starting with 4.5 i think. Since this commit [1] i always get redirect loops on the home page. this issue seemed to be fixed, and i can confirm this on various wordpress instances. But one instance has a '''domain with a special character''' (""ö"" - german Umlaut), and the problem persists there. Also i am not the only user who can confirm this issue [2]. Currently i have to reset the line [3] to the old value after every update since it gets overwritten. This is not a solution, only a very bad workaround. Of course i already have tried to disable all plugins, themes etc. which could cause the issue. I can say, that the problem is not caused by the hoster since i have many wordpress instances running on the same hoster and no other does have this problem (and no other have a special character in the domain) Regards [1] https://github.com/WordPress/WordPress/commit/84a3b4407f9e03311aa591004f3bec0639f3ba3f?diff=unified [2] https://wordpress.org/support/topic/45-causes-infinite-redirect-on-static-front-page/page/2/#post-8156893 [3] https://github.com/WordPress/WordPress/commit/84a3b4407f9e03311aa591004f3bec0639f3ba3f?diff=unified#diff-dc3247fd3fa65f15e6fc5ce8c6fa2d42L175" stefan-niedermann Tickets Awaiting Review 41035 Don't return if WP_Error object return by wp_insert_term() from foreach() loop in wp_set_object_terms() Taxonomy 4.7 normal normal Awaiting Review defect (bug) new 2017-06-13T20:57:30Z 2018-05-02T14:32:39Z "Recently, I'm trying to restrict tag creation for some user roles. I tried with using roles and capabilities but it's not possible. So I hook function to `pre_insert_term` filter which returns WP_Error object if condition match. {{{ add_action( 'pre_insert_term', 'prevent_terms', 1, 2 ); function prevent_terms ( $term, $taxonomy ) { if ( 'post_tag' !== $taxonomy ) { return $term; } // Only administrator can create tag. $allowed_roles = array( 'administrator' ); $user = wp_get_current_user(); if ( ! empty( $user->roles ) && empty( array_intersect( $allowed_roles, $user->roles ) ) ) { return new WP_Error( 'term_addition_blocked', 'You are not allowed to create new tags.' ); } return $term; } }}} Now, a restricted user goes to the edit post and trying to assign existing tags to the post and its work fine. But when a user adds a tag which does not exist along with existing tags then existing tags also not assigned to that post. Because `wp_set_object_terms()` function will create new tag if it's not exists and I've return WP_Error object using `pre_insert_term` hook. So once it get WP_Error object then it returns from the `wp_set_object_terms()` function and it's also not execute for other terms. See https://core.trac.wordpress.org/browser/tags/4.8/src/wp-includes/taxonomy.php#L2237 To complete my functionality I hook into `admin_init` action and remove new tags from $_POST so that remaining existing tags can assign to the post. I believe, instead of returning, it should continue execution for other terms. Also, I'm not sure whether it's valid use case or not. So main question is, do we need to return if there is WP_Error while creating term or don't return and continue execution for other terms. I hope, I'm able to explain it properly. :) " chandrapatel Tickets Awaiting Review 40057 Double hashed value for background-color of body.background-color Themes 4.7.3 normal normal Awaiting Review defect (bug) new 2017-03-07T10:34:58Z 2019-03-13T00:59:01Z "The problem is that body.custom-background has background-color property which gets double hashed value. So if theme is supporting custom background features, then you'll get wrong (double hashed) background-color value all the time. I have already found the cause of the problem. Check this file: wp-includes/theme.php on line: 1564 change this: $style = $color ? ""background-color: #$color;"" : ''; to this: $style = $color ? ""background-color: $color;"" : ''; That will solve the problem." hovhanneshovakimyan Tickets Awaiting Review 60090 Double login with cloned wordpress instance Security 6.4.2 normal major Awaiting Review defect (bug) new 2023-12-18T08:21:22Z 2023-12-22T01:13:05Z "We use Flatsome theme, from cPanel, use WordPress Manager by Softaculous feature to clone a ""live"" wordpress to new ""staging"" website. ""live"" one is in domain: something.edu.vn ""staging"" one is in domain: stage.something.edu.vn Both websites use single hosting, i.e no CDN installed. As they are cloned from another, two sites have same config salf keys (SECURE_AUTH_SALT, AUTH_KEY, LOGGED_IN_KEY, NONCE_KEY,AUTH_SALT,LOGGED_IN_SALT,NONCE_SALT) Open staging site, log in with an admin user (e.x ''adminuser'') Open same browser new tab. Browse ""live"" site, just refresh few times then we see that ''adminuser'' as logged in the ""live"" site. " vchn Tickets Awaiting Review 33940 Double spaces in term names can cause problems XML-RPC normal normal Awaiting Review defect (bug) assigned 2015-09-20T22:56:04Z 2019-08-15T06:46:02Z "Create a tag called 'test term'. Use XML-RPC to create a post with a tag of: {{{ test term }}} (two spaces). You'll get an error thrown, with the post not created: {{{ A term with the name already exists in this taxonomy }}} This appears to be due to the `_insert_post` function in XML-RPC using `get_term_by( 'name', $term_name, $taxonomy );`, which is returning false - thus it tries to create the term as new, and fails. Most other aspects of WP seem to filter the term name to strip double spaces first - is that what is necessary here? Or could the issue affect more than just XML-RPC?" smerriman Tickets Awaiting Review 43482 Draft Posts Throw 404 on Preview when Supporting post_format Post Formats 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-07T01:07:03Z 2018-03-07T01:07:03Z "A client is reporting that they're not able to preview drafts of some of the custom post types we have running on their site. The issue is not occurring for all post types on their site. I believe I've traced the issue to the fact that the errant post types support ""post_format."" The preview URL that gets generated when I preview the ""ask-the-expert"" post is: https://www.sitename.com/?post_type=ask-the-expert&p=4063&preview_id=4063&preview_nonce=ebffa07dd9&post_format=standard&_thumbnail_id=-1 That above URL throws a 404 page. When I pull out the 'post_format=standard' part of the query, so that the URL looks like: https://www.sitename.com/?post_type=ask-the-expert&p=4063&preview_id=4063&preview_nonce=ebffa07dd9&_thumbnail_id=-1 then the preview loads correctly. Interestingly, just for giggles I also tried: https://www.sitename.com/?post_type=ask-the-expert&p=4063&preview_id=4063&preview_nonce=ebffa07dd9&_post_format=standard&_thumbnail_id=-1 and that also worked as it should. (notice the added underscore before 'post_format.' For now I think I'm just going to disable post formats for the offending post types, but methinks I found a bug. " marklavin Tickets Awaiting Review 41727 Draft page loses its hierarchy on save when other pages are drafts in hierarchy Posts, Post Types 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-25T13:12:54Z 2020-12-15T22:48:25Z "How to reproduce: 1. Create a set of pages with a status publish 2. Set hierarchy to pages 3. Change the status to of the aforementioned set to draft 4. Open draft for editing. 5. Save as draft. 6. Now you have lost the hierarchy. I think you should retain the hierarchy, because it is quite common use case to build something as drafts before publishing them or taking pages to drafts if they are in need for editing and the user wants them out before edits are done. Tickets possibly related #15541 and #12890. " stode Tickets Awaiting Review 49894 Drag & Drop image upload error on multisite install when no upload space available Editor normal normal Awaiting Review defect (bug) new 2020-04-13T13:19:19Z 2020-12-15T05:38:22Z "On a multisite installation, a maximum upload space can be limited. When using the classic editor and it's drag-and-drop upload feature while not having enough available space for a site, the image file ends up being loaded in the browser (at least in chrome) with following JS error in console: {{{ Uncaught TypeError: Cannot read property 'uploader' of undefined in wp-includes/js/media-views.js:5268 }}} See: https://core.trac.wordpress.org/browser/trunk/src/js/media/views/uploader/editor.js?rev=46800#L161 I would expect the classic editor to display an error similar to the one which is being displayed in media modal when attempting to upload a file while not having any available space: {{{ Upload Limit Exceeded Sorry, you have used your space allocation of 1 MB. Please delete some files to upload more files. }}} " david.binda Tickets Awaiting Review 46557 Dragging image to uploader directly from another website causes redirection Upload normal normal Awaiting Review defect (bug) new 2019-03-18T16:28:19Z 2019-03-18T16:28:19Z "1. Drag image from another website to editor 2. Image is handled correctly and embeded in content (by hotlink, but some may argue it's desired behavior) 1. Open Media Library modal (or Media admin page) 2. Drag and drop image from another website 3. Dropzone overlay is presented indicating ability to drop image to upload 4. Redirection to image URL is fired instead There is no issue when image is dragged to Desktop first and then from Desktop to Library." marsjaninzmarsa Tickets Awaiting Review 57246 Duotone SVG function does not check for CSS variable color format Themes normal normal Awaiting Review defect (bug) new 2022-12-01T15:12:35Z 2022-12-02T23:03:27Z "The function `wp_get_duotone_filter_svg` and/or `wp_tinycolor_string_to_rgb` do not verify the format of the color code passed to it. My theme uses a CSS variable `var(--nv-text-dark-bg)`. After getting `$color` from `wp_tinycolor_string_to_rgb`, it assumes the color array has valid values. Since the original color is not one of the expected formats, this generates the following warnings: {{{ PHP Warning: Trying to access array offset on value of type null in /wp-includes/block-supports/duotone.php on line 422 PHP message: PHP Warning: Trying to access array offset on value of type null in /wp-includes/block-supports/duotone.php on line 423 PHP message: PHP Warning: Trying to access array offset on value of type null in /wp-includes/block-supports/duotone.php on line 424 PHP message: PHP Warning: Trying to access array offset on value of type null in /wp-includes/block-supports/duotone.php on line 425 }}} Please change one or the other method to check for CSS variables before using values from `$color` array." mattf10 Tickets Awaiting Review 40115 Duplicate Custom Fields are created Options, Meta APIs 4.7.3 normal normal Awaiting Review defect (bug) new has-patch 2017-03-12T09:16:44Z 2017-03-15T09:25:56Z "Duplicate custom fields are created when populating multiple custom fields at once. Steps to reproduce: * Create a New Post * Add a custom field ""custom_1"" with a value ""test1"" * Add a custom field ""custom_2"" with a value ""test2"" * Save Draft ...you will now see the ""custom_2"" field repeated twice (both with a value of ""test2""), so ought to delete one." ChrisBAshton Tickets Awaiting Review 43611 Duplicate _ajax_nonce input cause conflict between find_post_div and post_custom_div Administration 4.9.4 normal normal Awaiting Review defect (bug) new 2018-03-22T18:39:18Z 2018-03-22T18:39:18Z "I ran into the error today. Here is the situation On Post edit page, I’ve added the FindPost functionality. I’ve included find_posts_div using the admin_footer hook, as normal. It is added to 2 custom post types without custom-fields support and to the regular Post post type. It worked flawlessly on both custom post types, but the ajax call to get the post list from inside the Post edit page, sent back a 403. I’ve isolated the problem to the _ajax_nonce value, which was different from the 2 others post types. After checking the source of the admin page, I saw that there was 2 _ajax_nonce fields, and that the value sent to Find-Posts query was the _ajax_nonce from the Custom-Post-field. More over, I’ve checked and both _ajax_nonce inputs share the same ID (_ajax_nonce). Poor media.js can’t find the right one on line 107. So, they must be differentiated. Easiest fix would be to change the ID of the _ajax_nonce input in FindPostDiv. Further more, the Post Custom div interface creates duplicate #_ajax_nonce for each custom fields (at least with the same value). Feel free to create another ticket for this." charlesstpierre Tickets Awaiting Review 59542 Duplicate default statement in wp_get_attachment_image_src() documentation General normal normal Awaiting Review defect (bug) new has-patch 2023-10-04T14:03:50Z 2024-01-17T10:34:54Z "I suspect this is a result of the default value being added to the parameter's description. Removing from the parameter's description will allow the default value to be retrieved from the function argument's list without duplication. Documentation: https://developer.wordpress.org/reference/functions/wp_get_attachment_image_src/ Reported by @vitzkrieg via User Contributed Notes." crstauf Tickets Awaiting Review 58748 Duplicate tags we can't select under post edit page. even slug are different. Taxonomy 6.3 normal major Awaiting Review defect (bug) new 2023-07-07T10:08:53Z 2023-07-07T10:30:42Z "Post tags, we are able to create duplicate tag items but we are not able to select both tags under post edit. so either we should disallow to create of duplicate tags or allow to select of both tags under post edits" chiragrathod103 Tickets Awaiting Review 54706 EMBED AND IMAGE SLIDER DON'T WORK Post Formats normal major Awaiting Review defect (bug) new 2021-12-29T10:24:43Z 2021-12-29T10:24:43Z "The blocks ""**Embed**"" and ""**Image Slider**"" does not work. As I view my articles with incognito, these two blocks didn't show anything. Just a white blank. This article is an example: [https://nowmods.com/simple-realistic-3d-far-cry-6/] Some capture for more specific: [https://drive.google.com/drive/u/0/folders/1sl_xIjjaQwe3UVhz4ZnFCSNsQr1NuSDH] Really glad if there will be some fix on this! Thank you." anhdoan Tickets Awaiting Review 41594 Edit tag form limited to 800px width Taxonomy 4.8.1 normal normal Awaiting Review defect (bug) new has-patch 2017-08-09T15:27:23Z 2021-04-06T06:20:52Z "In taxonomy edit page the form width is limited to 800px by css. Many space was lost on large screens. The bug seam come from wp-admin/css/edit.css at line 1095 and appear since WP 4.8.1 (work correctly on previous version) [[Image()]]" fabienlege Tickets Awaiting Review 41573 Editor and Quick Edit display the slug of a page selected as static front page Posts, Post Types 4.8.1 normal normal Awaiting Review defect (bug) new 2017-08-06T16:52:02Z 2017-08-06T17:22:26Z "Dear Happy Engineers of WP! I'm writing about a possible WP BUG after consulting the issue with 'AThemes Support' that tells me there is this possibility... The issue is about a SLUG that can not be cancelled in a ""Homepage"" (it has been a normal page before choosing it as Static Frontpage...) But please, in order to don't repeat the conversation of the issue, I beg you to read it in the following link where is more clear... https://wordpress.org/support/topic/slug-homepage-static-page-seo-front-page-wp/ Thank you a lot! " cekar Tickets Awaiting Review 38102 Email header Content-Type: multipart boundary ignored by wp_mail Mail 4.6 normal normal Awaiting Review defect (bug) new 2016-09-20T07:29:15Z 2019-04-01T20:37:11Z "I have a requirement to send a multipart email with a csv attachment via wp_mail. The code I am using worked prior to upgrading to Wordpress 4.6. Following the upgrade, emails sent by my code appear to have no content when received. Examining the email source shows that both the content and attachment are present, but the header field Content-Type: multipart/mixed; boundary=... is missing, so the email client can't determine the content. Here is a simplified example of code that sends a multipart (text and html) email demonstrating the problem: {{{#!php \r\n"" . ""\r\n"" . ""\r\n"" . ""\r\n"" . ""\r\n"" . ""\r\n"" . ""\r\n"" . ""

This is a red paragraph

\r\n"" . ""\r\n"" . ""\r\n"" . ""--$multipart_boundary--""; wp_mail( 'whoever@example.com', 'Multipart email test', $body, $headers ); }}} The email sent by this code should show either the text part or the html part, depending on the email client. I use Thunderbird and it shows no content at all. The source of the problem is in the Wordpress file /includes/pluggable.php, function wp_mail(). The function argument $headers array/string supplied by the user is assigned to a variable $tempheaders and then $headers is set to an empty array. $tempheaders is then processed in a switch statement block starting at line 251 to extract the header fields From, Content_Type, Cc, Bcc and Reply-To. Any other header fields are considered 'custom headers' and are added back into the $headers array by the default case of the switch block. At the end of processing $tempheaders, if there are no 'custom header' fields present, then the $headers variable remains an empty array. At line 441, the $headers variable is tested to see if any 'custom headers' need setting. {{{#!php $content ) { $phpmailer->AddCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) ); } if ( false !== stripos( $content_type, 'multipart' ) && ! empty($boundary) ) $phpmailer->AddCustomHeader( sprintf( ""Content-Type: %s;\n\t boundary=\""%s\"""", $content_type, $boundary ) ); } }}} Strangely, not only does this if statement block set the 'custom headers' ($headers) when they exist, it also sets the Content-Type: multipart/...; boundary=... Hence, if $headers is empty, as is the case for my example above, the multipart boundary is not set. The question is: why is setting the multipart boundary dependent on there being these so called 'custom headers'? I have only noticed this problem since Wordpress 4.6+. Since version 4.6, the header field Reply-To was added to Wordpress' list of 'non-custom headers'. Prior to version 4.6, Reply-To was considered a 'custom header' and so, $headers was not empty and my code worked. As a work-around, if I add Return-Path: ... to my headers, then everything works and my emails are readable again. However, I shouldn't need to do this. I think this problem needs some serious attention. Tony " drtonyb Tickets Awaiting Review 26805 Email with Apostrophe May Not Update in Multisite Users 3.8 normal normal Awaiting Review defect (bug) reopened has-patch 2014-01-10T07:40:41Z 2019-06-04T18:11:11Z "From what I understand, an apostrophe is allowed in an email address before the @ sign. The is_email function does not validate this and fails, returning false if there is an apostrophe" contrid Tickets Awaiting Review 40464 Embed video in Wordpress gives W3c Markup Validation issue Embeds 4.4 normal normal Awaiting Review defect (bug) new 2017-04-16T10:47:25Z 2017-04-16T15:51:37Z "When embed video in wordpress, the below validation issue occurs: Error: The frameborder attribute on the iframe element is obsolete. Use CSS instead." pmbaldha Tickets Awaiting Review 34634 Empty PHP_SELF causes 404 pages to load front page with 200 status code Bootstrap/Load 2.0 normal normal Awaiting Review defect (bug) new has-patch 2015-11-09T14:34:39Z 2018-11-16T00:53:36Z "I've been having this issue where visiting a non-existent page in wordpress on our live server would result in the homepage being loaded with a 200 OK response, however on local and staging going to an non-existent page would result in the correct 404 page and template being loaded. I have a standard 4.3.1 WP install subdomain base multisite with pretty permalinks enabled running with Nginx/PHP-FPM. I've looked to see what was different between local and live and it turns out on live `$_SERVER['PHP_SELF']` is being set blank and on staging it is being set to `/index.php`. So to test I set at the top of my index.php file the following line `$_SERVER['PHP_SELF'] = '';`. Then when running on staging I was now getting the homepage load on a non-existent page. So I've fired up my debugger to see what is going on in core and here are my findings. In wp-load.php we set PHP_SELF to something based off REQUEST_URI {{{#!php // Fix empty PHP_SELF $PHP_SELF = $_SERVER['PHP_SELF']; if ( empty( $PHP_SELF ) ) $_SERVER['PHP_SELF'] = $PHP_SELF = preg_replace( '/(\?.*)?$/', '', $_SERVER[""REQUEST_URI""] ); }}} So the request `http://www.example.com/non-existent` results in `PHP_SELF` equal to `/non-existent` instead of `/index.php` Then in `class-wp.php WP->parese_request()` we have: {{{#!php $self = $_SERVER['PHP_SELF']; $home_path = trim( parse_url( home_url(), PHP_URL_PATH ), '/' ); $home_path_regex = sprintf( '|^%s|i', preg_quote( $home_path, '|' ) ); // Trim path info from the end and the leading home path from the // front. For path info requests, this leaves us with the requesting // filename, if any. For 404 requests, this leaves us with the // requested permalink. $req_uri = str_replace($pathinfo, '', $req_uri); $req_uri = trim($req_uri, '/'); $req_uri = preg_replace( $home_path_regex, '', $req_uri ); $req_uri = trim($req_uri, '/'); $pathinfo = trim($pathinfo, '/'); $pathinfo = preg_replace( $home_path_regex, '', $pathinfo ); $pathinfo = trim($pathinfo, '/'); $self = trim($self, '/'); $self = preg_replace( $home_path_regex, '', $self ); $self = trim($self, '/'); }}} This ends up with: `$req_uri = $self = non-existent` Later in the same function we have: {{{#!php // If req_uri is empty or if it is a request for ourself, unset error. if ( empty($request) || $req_uri == $self || strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) { unset( $error, $_GET['error'] ); if ( isset($perma_query_vars) && strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false ) unset( $perma_query_vars ); $this->did_permalink = false; } }}} Here because `$req_uri == $self` this code unsets the 404 which subsequently results in the front page being loaded rather than the 404 page I did some further investigation and this appears to only happen on multisite installs. If I take a normal wordpress install and set `$_SERVER['PHP_SELF'] = ''` the 404's work as normal. " l3rady Tickets Awaiting Review 40953 Empty values are handled inconsistently between wpdb->get_results() and wpdb->get_col() Database 0.71 normal normal Awaiting Review defect (bug) new dev-feedback 2017-06-08T17:18:39Z 2017-06-08T17:51:19Z "As outlined and discussed yesterday in Slack [https://wordpress.slack.com/archives/C02RQBWTW/p1496821047585923 here], [https://wordpress.slack.com/archives/C02RQBWTW/p1496844209230845 here], and [https://wordpress.slack.com/archives/C02RQBWTW/p1496850305693715 here], `wpdb` treats empty stored values differently in the `get_results()` and `get_col()` methods. This is because of the use of `get_var()` inside of `get_col()`, which defaults to null for empty values. For example, let's say you're running a query like `SELECT rate FROM sometable` through `get_results()`. With the default parameters and empty values for the column, you'd get something like the following: {{{ array(2) { [0]=> object(stdClass)#1734 (1) { [""rate""]=> string(0) """" } [1]=> object(stdClass)#1735 (1) { [""rate""]=> string(0) """" } } }}} If you ran that same query through `get_col()`, you'd instead get an array of `null` values: {{{ array(4) { [0]=> NULL [1]=> NULL } }}} This seems oddly inconsistent. And writing tests for the workaround is annoying in that creates the need to understand the core workaround in the future. Now, this code goes all the way back to [112], so changing the default behavior is not even on the table. Some solutions brainstormed with @boonebgorges and @johnjamesjacoby include: * A global flag to check against, i.e. `wpdb_get_col_force_strings( true );` * A global flag in the form of a constant * A settable `wpdb`-level flag * A new argument for `get_col()` to selectively change the behavior. The global flag ideas are attractive because they cover the entire DB stack: whether you're using the abstraction layers like `get_posts()`, `WP_Query`, or any of the other query classes, it ''just works'' all the way down the line. The settable `wpdb` flag is attractive only if you're really working with direct queries like we are in our custom table query classes. The same goes for a new argument in `get_col()`, though both could be implemented higher up the stack in the form of arguments or filters. I think a good first step here would be to try to benchmark performance for all of the listed options, just to see what we're looking at. The global flag choices seem like they could be the least impactful. In the short term, our workaround for AffiliateWP will probably be to create a wrapper for `get_results()` that simply plucks the values out so we can maintain consistency, but I'm not a big fan of writing and maintaining core workarounds in perpetuity. Whichever way we go in core, this is something that we should probably address. Who knows how many workarounds there are currently in the wild to fix this." DrewAPicture Tickets Awaiting Review 58512 Enhancing Security and User Experience: Addressing Password Length Limitations and Improving Validation Process Posts, Post Types 6.2.2 normal normal Awaiting Review defect (bug) new dev-feedback 2023-06-12T11:08:25Z 2023-07-14T11:31:15Z "When I attempted to use a password consisting of 256 characters and tried to publish my post, I encountered an error message stating, ""Updating failed. Could not update post in the database."" It appears that this issue may affect all users. Therefore, I kindly request that you consider addressing this problem by either fixing it or implementing validation on the input field to prevent such errors in the future. I used below password for password protect post : 123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345 **Total Characters: 255** Could you please verify the attached video URL, https://www.awesomescreenshot.com/video/18248088?key=dd7a62697a5b66aaf5d332dec3a0a9b9" utsav72640 Tickets Awaiting Review 43560 Entering single quotes in Add Media dialog after recropping causes browser to hang Media 4.9.4 normal normal Awaiting Review defect (bug) new has-patch 2018-03-15T14:46:23Z 2020-02-19T16:46:40Z "'''To reproduce''' * Create a draft and insert an image into the content. * In the Visual editor, click on the image to get the tooltip image edit menu, then on the pencil icon to edit the image. * In the Image Details dialog click the ""Edit Original"" button to edit the image. * In the Edit Image dialog, click and drag on the image to create a cropping zone. * Click the crop icon in top left above the image to crop it. * Click the ""Save"" button below the image to save the crop. * Back on the Image Details dialog, try to enter several single quotes in the Alternative Text input. Tap your single quote key six or seven times. '''What I expect to see''' * I am able to continue entering text in the image dialog inputs, even if I'm prevented from entering a single quote. '''What I see instead''' * I am unable to enter any text in any of the dialog's inputs. * In most cases the page seems to lock for some time - I'm unable to interact with it at all: I can't refresh or close it normally. The Chrome task manager shows 101% CPU usage for the tab. * There are no JS errors in the console, and no requests in the network tab. * On some occasions, after leaving the page for several minutes, it eventually unlocks by itself, and some of the characters I typed in my earlier attempt to enter text are output wherever I happen to have my cursor. '''Notes''' It looks like some piece of JS is somehow capturing the keypresses in the Alternative Text input. This was reproduced in macOS and Windows Chrome 64 and macOS Chromium 62 (the Chromium with no browser extensions) on a fresh checkout of WordPress v4.9.4. It doesn't happen in FF55." andfinally Tickets Awaiting Review 58639 Entity Name vs. Entity Number, for 6.4 Administration normal normal Awaiting Review defect (bug) new has-patch 2023-06-27T06:18:42Z 2023-06-27T06:18:42Z "This is a follow up ticket to #30796, which had some changes included in WordPress 6.3. See that ticket for discussion and history. The list of @sabernhardt findings of strings using `’`: [https://docs.google.com/spreadsheets/d/1HrJsZSuTfWeAiZFu1STBrhrMT6U49qeeb26-cjUIiFo/edit?usp=sharingText strings with the apostrophe character code] A PR at GitHub with some changes implemented from that list: [https://github.com/WordPress/wordpress-develop/pull/4672 PR #4672]" kebbet Tickets Awaiting Review 52070 Erase Personal Data & Export Personal Data Table Nav Free Space Issue Privacy 5.6 normal normal Awaiting Review defect (bug) new 2020-12-14T19:20:28Z 2021-01-28T21:45:41Z "Hello Erase Personal Data & Export Personal Data Ui Design Mistake https://www.screenpresso.com/=87BDf please remove Free Space of ""tablenav - top "" apply CSS Display: none; I think also need to check into the RTL language also. Thanks." urvik1 Tickets Awaiting Review 56384 Error in CSS for form input Administration 6.0 normal minor Awaiting Review defect (bug) new 2022-08-15T21:50:28Z 2022-08-15T22:12:27Z "In ''user-new.php'' and ''user-edit.php'', I created an interface to add some custom meta fields using checkboxes. The problem is that the CSS bit {{{ #adduser .form-field input, #createuser .form-field input { width: 25em; } }}} breaks my interface as I'm using the HTML {{{ }}} So ''.form-field input'' without excluding checkbox types, or specifically applying it to text/url types, stretches the checkboxes... Below I'm attaching two screenshots, the first with the CSS bit in effect, and the second with it disabled in the developer tools of the browser... [[Image(https://i.ibb.co/Lkf2r4P/Screenshot-2022-08-16-003733.jpg)]] [[Image(https://i.ibb.co/yPKBSCS/Screenshot-2022-08-16-003822.jpg)]]" princeofabyss Tickets Awaiting Review 53959 Error message when creating new widget using block editor Widgets 5.8 normal normal Awaiting Review defect (bug) new 2021-08-19T14:07:08Z 2021-08-23T14:48:47Z "Our church website stm.org.uk is WordPress hosted by IONOS. I have just tried the first update to the Content Sidebar since we were upgraded to WordPress 5.8. I attempted to add the 'Breakfast Church' item using the new block editor, but I got a message: There was an error. Invalid parameter(s): requests. I ended up installing the 'classic widget editor' plugin and managed to create the item by adding two block widgets at the beginning, copying the block HTML from a similar item. I did it this way, rather than setting up a text widget, to get a more consistent appearance. Incidentally, the 'our vicar' image widget has not been converted to a block and its appearance is not consistent with the others. There seems to be no good reason for the error message." mdrb55 Tickets Awaiting Review 45958 Errors displayed on shutdown handler Bootstrap/Load high normal Awaiting Review defect (bug) new has-patch 2019-01-12T13:59:04Z 2019-09-16T16:09:54Z "PHP errors are displayed on shutdown handler screen for REST API requests. See attached screenshot." spacedmonkey Tickets Awaiting Review 35839 Escape backslashes upon export for better import Import 4.4.2 normal normal Awaiting Review defect (bug) new 2016-02-15T21:10:19Z 2017-03-30T01:05:40Z "Exporting a WordPress site and importing it again will lose backslashes in Post content. For example, if you had a post discussing c:\Windows\System32\calc.exe it would be imported as c:WindowsSystem32calc.exe" JasonH09 Tickets Awaiting Review 58511 Escaping function missing in wp-trackback.php Pings/Trackbacks normal normal Awaiting Review defect (bug) new has-patch 2023-06-12T06:30:58Z 2023-06-12T07:07:00Z Escaping function missing in wp-trackback.php file. utsav72640 Tickets Awaiting Review 40793 Events widget on back button loses location Widgets normal normal Awaiting Review defect (bug) new 2017-05-17T21:21:01Z 2017-05-17T21:22:38Z "I noticed that if you save a location, visit a meetup, then click back button in browser, you will lose your location. It returns on refreshing your browser. Here is video: [[Image(https://cldup.com/pyYG5Z4gtz.gif, 50%)]] " karmatosed Tickets Awaiting Review 34185 "Excluding certain PHPUnit test groups results in ""Database is dead"" notice and tests terminate" Build/Test Tools normal normal Awaiting Review defect (bug) new 2015-10-07T07:35:43Z 2021-03-09T18:03:52Z "When excluding certain PHPUnit groups from the full test suite the tests fail with a ""Database is dead"" notice. Known groups thus far: * `phpunit --exclude-group import` * `phpunit --exclude-group query` {{{ $ phpunit --exclude-group import Installing... Running as single site... To run multisite, use -c tests/phpunit/multisite.xml PHPUnit 4.7.7 by Sebastian Bergmann and contributors. ............................................................. 61 / 4556 ( 1%) ...................................SS........................ 122 / 4556 ( 2%) ............................................................. 183 / 4556 ( 4%) ............................................................. 244 / 4556 ( 5%) .S........................................................... 305 / 4556 ( 6%) ............................................................. 366 / 4556 ( 8%) ............................................................. 427 / 4556 ( 9%) ............................................................. 488 / 4556 ( 10%) ............................................................. 549 / 4556 ( 12%) ............................................................. 610 / 4556 ( 13%) .....................S....S.................................. 671 / 4556 ( 14%) ................................................S............ 732 / 4556 ( 16%) ............................................................. 793 / 4556 ( 17%) ..................................Database is dead. }}}" netweb Tickets Awaiting Review 45126 Expired session post editing continuation bug Editor 4.9.8 normal normal Awaiting Review defect (bug) new 2018-10-18T21:59:36Z 2020-11-12T05:59:06Z "While editing or creating a new post, it's not possible to continue your workflow in the same post when your WordPress session expires and you're asked to log in again. Attempting to save or publish from the existing screen after re-logging in from the pop-up dialogue will produce a ""link expired"" error. You then have to navigate back to the Dashboard and re-open the post you were working on. " ChrisDca Tickets Awaiting Review 34798 Export Bug Export normal normal Awaiting Review defect (bug) new dev-feedback 2015-11-27T05:00:43Z 2017-10-03T07:52:59Z " We found a bug in export process that prevents post data changes going to actual export. In wp\wp-admin\includes\export.php L416 you select all matching posts from DB, having $posts array of stdClass objects as result. Then you call setup_postdata for every post, that goes to wp\wo-includes\query.php setup_postdata which calls $wp_query->setup_postdata after passing the $post. In function setup_postdata L4754 you check instance of the $post which will always be stdClass and create a new $post object. It breaks the reference link original $post from export.php so all changes in function setup_postdata will not be reflected to original object. A possible fix would be converting $post object to WP_Post before calling setup_postdata in expost.php Please see patch attached " eugenekireev Tickets Awaiting Review 39381 Export->Import WordPress menu bug when image is saved as label Import 4.7 normal normal Awaiting Review defect (bug) new 2016-12-23T15:11:28Z 2017-06-06T04:06:22Z "So I use this as ""Home"" content value: {{{ }}} And then I export with: WordPress -> Tools -> Export -> All And then I import with this official plugin: wordpress-importer.0.6.3.zip ( https://wordpress.org/plugins/wordpress-importer/ ) And then I see that it was 'Home' text imported (the actual page name). Another bug is if I leave the field empty, after saving it get gone from Navigation menu at all. While I may want to use CSS for that. And assigning a CSS class to menu item is gone/missing. (or maybe that was from the theme), but I want to have an option to leave a blank element and hook to it's css. " KestutisIT Tickets Awaiting Review 53384 "External plugins who can auto-update are always listed under ""auto-updates"" disabled" Plugins 5.7.2 normal normal Awaiting Review defect (bug) new 2021-06-11T13:57:21Z 2021-12-10T17:46:55Z "On my site, I have four plugins who can auto-update yet in the plugin screen they are shown under ""auto-updates disabled"". I think it would be better if those come under a list that has the name: ""external updating"" or something of that nature. OR a way for devs to tell WP their plugins can auto update so it doesn't appear on that list...? In it's current implementation, it can give the wrong idea to a site admin. " NekoJonez Tickets Awaiting Review 51885 Extra space in subject line - plugin auto update Mail 5.5.3 normal minor Awaiting Review defect (bug) new has-patch 2020-11-27T16:07:19Z 2020-11-28T02:13:19Z "Keep receiving email in this manner: ASCII based/quotedp {{{ Subject: =?us-ascii?Q?[LONGER-SITENAME]_Some_plugins_were_automat?= =?us-ascii?Q?ically_updated?= }}} Result (in Thunderbird): {{{ [LONGER-SITENAME] Some plugins were automat ically updated }}} -- UTF Based/quotedp {{{ Subject: =?UTF-8?Q?[SHORTER-SITENAME]_Some_plugins_were_auto?= =?UTF-8?Q?matically_updated?= }}} Result: {{{ [SITENAME] Some plugins were auto matically updated }}} So, the result in both cases (regardless of UTF, or ASCII encoding) is to add a space that shouldn't be there. I will try disabling plugins if this isn't reproducible - but the sites only use phpmailer afaik - no smtp plugins, or the like. " 22-7ths Tickets Awaiting Review 43114 FLV video - NetworkError: Exception ProgressEvent error Media 4.9.2 normal normal Awaiting Review defect (bug) new 2018-01-17T18:13:19Z 2021-04-01T14:56:40Z "Hello, FLV doesn't work any more since last versions of Wordpress. I have this error : NetworkError: Exception ProgressEvent error when I use this code in articles : [video width=""640"" height=""480"" flv=""http://mydomaine.org/wp-content/uploads/2012/02/DSC_0011.flv""][/video] and sometimes this error : ""Aucune vidéo dont le format ou le type MINE est géré n'a été trouvée"" Thank you for your help" Fred001 Tickets Awaiting Review 60151 FSE theme Styles select Issue Editor normal normal Awaiting Review defect (bug) assigned 2023-12-26T11:46:13Z 2024-02-15T16:25:33Z "Hi, I am a WordPress plugin developer. While developping a feature I found a bug in styling gutenberg block. The issue is: Suppose I have four preset color. Ex. primary: `#000000`, secondary: `#7345F7`, tertiary: `#f0f0f0`, custom: `#7345F7`. When select the color property of a block if I select ""custom"" both ""custom"" and ""secondary"" got selected and in the backend the ""secondary"" is saved but I did not choose the ""secondary"" option. I think it selects based on color code rather than color slug. Issue image link : https://drive.google.com/file/d/1j-b1MH4u_gdV7vbVxaDhffbgmNEUFfnA/view?usp=sharing Thank You. Regards Tazeen Ehsan Teebro" tazeenehsan Tickets Awaiting Review 58109 Fatal Error when changed Taxonomy from hierarchical False to True Taxonomy 6.2 normal normal Awaiting Review defect (bug) reopened 2023-04-10T07:30:26Z 2023-04-26T19:41:33Z "When we changed hierarchical False to True for Taxonomy then we received Fatal Error. {{{ taxonomy_meta_box_sanitize_cb_checkboxes [11:39 AM] Uncaught exception 'TypeError' with message 'array_map(): Argument #2 ($array) must be of type array, string given' in /var/www/wp-admin/includes/post.php:2091 }}} This is happening because of **taxonomy_meta_box_sanitize_cb_checkboxes** function. This function not has the checked if the **$term** is array or not which is causing fatal error. We can use is_array condition for this like already done in **taxonomy_meta_box_sanitize_cb_input** function. " narenin Tickets Awaiting Review 54417 Featured Image Exceeds Container Editor 5.8.1 normal normal Awaiting Review defect (bug) new 2021-11-10T23:44:33Z 2021-11-10T23:44:33Z When a portrait-oriented featured image is selected on a WordPress post, it appears to be exceeding the boundaries of its container and obscuring other items on the right hand toolbar. The left edge of the Featured Image tab is still clickable, and the problem can be circumvented by closing the Featured Image tab. But, while it is open, any items behind the Featured Image are not visible or clickable. johnkakuk Tickets Awaiting Review 56883 Feeds of non-existent tags and categories displays an empty feed instead of 404 Feeds 6.0.3 normal normal Awaiting Review defect (bug) new 2022-10-21T19:27:09Z 2022-10-21T19:27:09Z "I noticed in Google Search Console that Google often visits feeds of tags that no longer exist. It turns out that the RSS feeds still work instead of returning a 404. Recreating the issue is simple: Go to the page of the non-existent tag, e.g. `/tag/asdsdsad/` and append `feed/` to the end of the address, eg. `/tag/asdsdsad/feed/`. An empty feed will be displayed instead of a 404. This should return a 404 so that search engine bots can forget about it instead of fetching it every so often. I have thousands of such deleted tags on my site. It would be better for the environment if the bots didn't waste resources on this." rafaucau Tickets Awaiting Review 50136 Files types not included in Upload file types are allowed to be uploaded because of loose file extension check Upload normal normal Awaiting Review defect (bug) new has-patch 2020-05-09T14:27:00Z 2024-02-24T23:22:45Z "A loose file-extension check in WordPress allows an extended number of file-types to be uploaded despite not be mentioned in Upload file types setting in a multisite. This happens because the condition to check the file extensions passes even if part of the extension passes. ([https://github.com/WordPress/WordPress/blob/cad04902d6a162ba8320f82a6c65c7eb58cf9759/wp-includes/ms-functions.php#L1814 Code Link]) Steps To Reproduce: On a WordPress Multisite - 1. Navigate to the Network settings, Add file type tx to the setting Upload file types 2. On any sub-sites, try to upload a .txt file and it should be uploaded. 3. Any file extension has to match in just part with the extensions allowed in the network setting to be allowed to be uploaded. For example - If you add `xls` file type files `xlsm`, `xlsx` ,`xlsb` etc. are allowed to be uploaded." Nikschavan Tickets Awaiting Review 40692 Filter default image size in gallery Gallery 4.8 normal normal Awaiting Review defect (bug) new 2017-05-08T13:39:43Z 2020-09-21T11:10:24Z "Using the `media_view_settings` filter, I can specify default `link` and `column` settings for new galleries but the `size` parameter is not filterable. For example: {{{ function me_filter_gallery_settings( $settings ) { // This will successfully set the default number of columns to 5 $settings['galleryDefaults']['columns'] = 5; // This does nothing $settings['galleryDefaults']['size'] = 'large'; return $settings; } add_filter( 'media_view_settings', 'me_filter_gallery_settings' ); }}} I know that it’s possible to override these defaults when outputting the gallery via the `gallery_shortcode`. However, this may be confusing to the user who would expect to see the same value for the image size appear when the gallery is generated on the front end as they have seen in the admin. To clarify: at the moment, I can set a default size for gallery images to ‘medium’, for example, although in the Gallery Settings panel in the page editor, the size will still display as ‘Thumbnail’. Indeed, the user could change the value of the size field without actually affecting the image size on the front end. [[Image(https://catapultthemes.com/wp-content/uploads/2017/05/gallery-admin-default-size.jpeg)]] In wp-includes/media-template.php replace lines 775 - 779 with: {{{ foreach ( $size_names as $size => $label ) : ?> }}} This will allow: {{{ function me_filter_gallery_settings( $settings ) { $settings['galleryDefaults']['size'] = 'large'; return $settings; } add_filter( 'media_view_settings', 'me_filter_gallery_settings' ); }}} Thereby allowing plugin and theme developers to set a default value for the image size in galleries." Catapult_Themes Tickets Awaiting Review 40903 Filtered posts_request query can break found_posts query Query normal normal Awaiting Review defect (bug) new 2017-06-01T16:54:45Z 2017-06-01T18:40:57Z "Suppose the `posts_request` query is built with `SQL_CALC_FOUND_ROWS`. The stage is set for `WP_Query::set_found_posts` issue `SELECT FOUND_ROWS()` because `$limits` is non-empty. Now suppose a plugin filters `posts_requests` to the empty string because it gets results another way. WP_Query will still go ahead and issue `SELECT FOUND_ROWS()` erroneously. Some plugins avoid this by filtering `found_posts_query` to the empty string. However, it seems like there is a better way to write the logic of `set_found_posts` so that it respects the filtered `posts_request` query and avoids the problematic statement: simply check the filtered query for `SQL_CALC_FOUND_ROWS` instead of looking at `$limits`. Proposed fix: {{{ private function set_found_posts( $q, $limits ) { global $wpdb; // Bail if posts is an empty array. Continue if posts is an empty string, // null, or false to accommodate caching plugins that fill posts later. if ( $q['no_found_rows'] || ( is_array( $this->posts ) && ! $this->posts ) ) return; - if ( ! empty( $limits ) ) { + if ( substr( $this->request, 0, 26 ) === 'SELECT SQL_CALC_FOUND_ROWS' ) ) { /** * Filters the query to run for retrieving the found posts. * }}}" andy Tickets Awaiting Review 44565 Find plural text in description of username on profile page. Users normal normal Awaiting Review defect (bug) new has-patch 2018-07-11T10:31:52Z 2020-01-21T15:25:35Z "When I logged in as admin in WordPress dashboard and check the user profile, I found the description of username is ""Usernames cannot be changed."" ""Usernames"" is a plural text I think we should use singular ""Username"" over there." harsh175 Tickets Awaiting Review 53591 Firts