)
at ll (http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:72639)
at Tl (http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:82514)
at Cl (http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:82422)
at Xl (http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:103806)
at ct (http://localhost:10043/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:43430)
at os (http://localhost:10043/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:111136)
at Ur (http://localhost:10043/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:77643)
at Ir (http://localhost:10043/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:77571)
}}}",ritterml
Tickets Needing Feedback,33640,Unable to add menu items to menus on Ubuntu droplet,,Menus,4.3,normal,normal,,defect (bug),new,reporter-feedback,2015-09-01T00:21:47Z,2019-06-04T20:15:46Z,"This is a follow-up to #26047.
Although the bug has been reportedly closed, I am posting a bug report because there hasn't been an response in the support forums. This has caused my site to not be public due to the lack of a menu an the inability to add one.
My support forum post:
>I tried a local installation of WordPress 4.3 on my Windows XAMPP server where everything ran smoothly. I tried adding a custom menu using the default twentyfifteen theme and it worked flawlessly.
>
>I then followed nearly identical steps on my DigitalOcean Ubuntu droplet running PHP and MySQL and setup everything the same. But now I am not able to add anything to the custom menu. Every time I add anything (page/post/category/custom link) the message under Menu Structure changes from
>{{{Add menu items from the column on the left.}}}
>to
>{{{Drag each item into the order you prefer. Click the arrow on the right of the item to reveal additional configuration options.}}}
>
>I couldn't find any help online except a reference to a bug that was fixed in 3.8 #26047.. I can't understand why the same install works on my Windows XAMPP but not on the Ubuntu. This menu thing has been the only bug I have seen and have clean installed WordPress nearly 10 times.
I have tried repeated clean installs of Wordpress with and without any plugins.",znromonk
Candidates for Closure,44516,Unable to edit theme's file on multisite from default editor,,Administration,4.9.6,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2018-07-04T21:38:12Z,2019-12-21T19:50:24Z,"I am using WP 4.9.6 and on multisite when I tried editing theme's files from the editor it shows that it generated some fatal error. The actual message is 'Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.'
Please see: https://prnt.sc/k2mshy",prashantvatsh
Candidates for Closure,48982,Unable to update the wordpress,,Upgrade/Install,5.2.5,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2019-12-15T09:25:05Z,2022-11-04T09:14:08Z,"Hi,
I have facing issue with WordPress 5.2.5 to WordPress 5.3.1 update. when i am trying to update then some time timeout issue & now we are getting some other error ( other update is currently in progress). for more information see mention below video link & screenshot link.
https://www.loom.com/share/d3ad963dcb6544cc82211feb0384ab62
Thanks",iihglobal
Tickets Needing Feedback,33371,Undefined Indexes for Movable Type and TypePad Importer.,westi*,Import,,normal,normal,,defect (bug),accepted,reporter-feedback,2015-08-14T08:25:25Z,2019-12-06T05:07:37Z,"Display notice in ""Assign Authors"" ( WP_DEBUG = true ) .
{{{
Notice: Undefined index: upload_type in movabletype-importer/movabletype-importer.php on line 233
Notice: Undefined index: id in movabletype-importer/movabletype-importer.php on line 248
}}}",mt8.biz
Candidates for Closure,54621,"Unsaved comment warning without any changes made when click on Publish, Update or Preview Buttons",,Comments,4.6,normal,major,Awaiting Review,defect (bug),assigned,reporter-feedback,2021-12-14T14:42:58Z,2022-03-18T16:47:44Z,"Hi Team,
I got unsaved comment changes warning without any changes made in the content of the custom post type post, here is screenshot: https://i.imgur.com/PQmirDL.png
I see new codes are added in the WordPress core file: wp-admin/js/edit-comments.js And there is some condition issue, the code is have strict equality comparison operator to undefined ID which is not present in the custom post type: #replyrow
Screenshot: https://i.imgur.com/kAHNkrs.png
Please review it.
Thanks",askaryabbas
Tickets Needing Feedback,36789,Upload Folder Bug,,Media,4.5,normal,normal,,defect (bug),new,reporter-feedback,2016-05-09T10:46:03Z,2019-06-04T20:24:40Z,"Affected Version 4.5.x
If changing the upload folder path in wp-config.php (define( 'UPLOADS', 'media' );) - no image will work after update to 4.5.x, because the url path structure changes in the sourcecode.
for example:
",netzilicious
Candidates for Closure,58944,Upload to Media Library not replicating to all pod's 6.2.2,,Media,6.2.2,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2023-07-31T10:18:52Z,2023-10-04T15:34:54Z,"Hello, after updating from WP 6.1.1 to 6.2.2 the new uploaded images start to apear ""broken"" on Media Library. If we refresh the page several time's we will see the image ok, but if we refresh it again it will be broken. We are running the WP in kubernetes, so we have several pod's. This behaviour means the uploaded image is no longer been replicated to all pod's. So it only exist's in one pod.
After reverting to 6.1.1 all is ok.",vitorgandra
Candidates for Closure,43796,User Role with integer role name not showing in admin filter list,,Users,4.9,lowest,normal,Awaiting Review,defect (bug),new,reporter-feedback,2018-04-18T08:38:58Z,2024-01-17T19:20:54Z,When we create a new user role using add_role function and role name is an integer then assign that role to users and that role will not display on top of User listing. ,aiyaz
Tickets Needing Feedback,23562,Using Speech Recognition Software with the Add Media Panel,joedolson*,Media,3.5.1,normal,normal,Future Release,defect (bug),accepted,reporter-feedback,2013-02-20T16:06:02Z,2023-08-24T13:36:57Z,"Linked to #23560 this ticket specifically concerns the speech recognition user's accessibility experience of the Add Media functionality.
I'm using Dragon Naturally Speaking with IE9 on Windows 7 - a typical setup as Dragon works best with IE.
Within the Edit Post screen I can use Dragon to action the Add Media link successfully. The command in Dragon for such an action is ""Click Add Media"". This works, but then I run into the following problem:
* With the exception of Set Featured Image, none of the other links on the panel appear to be directly accessible with Dragon.
* If I select Set Featured Image I can't action any of the other links.
Dragon users can use voice commands to replicate pressing the tab key. The experience then mirrors that outlined in #23560 - but of course this cannot be used to select the images or other files.
It is possible for Dragon users to interact with screens using mouse commands but it is an incredibly laborious and time consuming process - used only as a last resort.
If one of the images is selected, the information panel for that images opens to the right. Unfortunately none of the input fields (for title, alt, etc) are directly available to Dragon. Ironically, the Insert Into Post button can be accessed directly with a voice command.
Some investigation needs to be done as to why most of the links and input fields cannot be directly accessed by Dragon when the panel is opened. This is a parallel with the situation on the Theme Customizer panel.
It is interesting that the Set Featured Image link and the Insert Into Post button '''can''' be directly accessed. What is different about them?
",grahamarmfield
Candidates for Closure,47817,Using file editor ignores schema and always uses http,,Filesystem API,5.2.2,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2019-08-01T22:52:15Z,2023-03-11T03:26:19Z,"When editing a template/theme or plugin file with the WordPress file editor, the internal loopback which I assume uses wp-json does not honor the schema of the siteurl.
For example:
Siteurl: https://kinsta.com
The request will come through as http://kinsta.com
If SSL is forced at the server level, this will force the https:// schema.
This was recently discovered and was failing because a user's SSL intermediate chain was missing, so the site would edit fine without HTTPS forced, but with SSL forced it would fail.
We were able to identify the chain issue due to this error occuring when force HTTPS was enabled in Nginx:
```Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.```",jeffpaulkinsta
Candidates for Closure,52741,Video embeds (YouTube and Wistia) do not show on page.,,Editor,5.6.2,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2021-03-09T20:56:33Z,2021-04-08T20:16:52Z,"When adding a Wistia video embed using the Gutenberg editor's ""embed"" block the video embed does not show in the page. Upon inspection of the DOM, I noticed that if you toggle the .wp-block-embed__wrapper from position: relative to off the video shows.
The offending CSS style is located ""/wp-includes/css/dist/block-library/style.css"" on line: 502. I've simply deleted this style and the embed seems to work again without any issues across browsers and devices.
To reproduce the issue, create a new post and add an embed block in between a heading and above a paragraph. Paste in a Wisitia video link and save. ",kevinwoodfield
Candidates for Closure,53935,Vimeo oembed force player with large height on blog post,,Embeds,5.8,normal,minor,Awaiting Review,defect (bug),new,reporter-feedback,2021-08-16T17:08:49Z,2021-08-18T19:46:11Z,"Hi,
When embedding a Vimeo Video Player on a blog post, the admin automatic embed display the player correctly but the published version have height that is way bigger than the player.
How to reproduce :
- create a new blog post
- insert text before
- embed a Vimeo video with link : player.vimeo.com/video/VIDEOID
- insert text after
- publish post
-> the vimeo video player is with large blank space on top and bottom
More details :
Seems like this is the iframe code on the WP Public page :
>> this width / height seems large and does not seems to come from the site theme either.
",Trouffman
Candidates for Closure,55870,WP App Passwords Should be URL Decoded,,Application Passwords,5.6,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2022-05-29T04:05:15Z,2022-05-30T04:52:34Z,"Using OAuth 2 based. authentication IETF recommends for [https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1 client id/secrets] URL [https://datatracker.ietf.org/doc/html/rfc6749#appendix-B encoded] forms.
Which means, by using some node OpenID clients, we always get `Authorization: Basic urlSafeEncodedBase64String('user:pass')`.
This fails to authenticate as [https://github.com/WordPress/wordpress-develop/blob/0a6c37ceb0a86bebf0b287ac12d200e67bbf948f/src/wp-includes/user.php#L474 WordPress doesn't decode] the `user` and `pass` which could also be clientId and clientSecret in OAuth2.
This could be solved by using `urldecode( string $str )`.
BEFORE
{{{#!php
set in pre_get_posts either by assigning the tax_query as an array or WP_Tax_Query object (which was a hail mary test)
Any necessary information needed to debug this can be provided. But it ""appears"" to be some sort of regression or new bug associated with the new taxonomy features and that is limited to custom post types with custom taxonomies.",vrazer
Tickets Needing Feedback,36269,WordPress 4.4.2 Gallery Ordering,,Gallery,4.4.2,normal,normal,,defect (bug),new,reporter-feedback,2016-03-17T16:01:00Z,2019-06-04T19:56:16Z,There seems to be an issue with the ordering functionality in the latest version of WordPress. Wordpress seems to ignore/misunderstand gallery image order.,aj@…
Tickets Needing Feedback,16404,WordPress Importer fails to import images,,Import,3.0.4,normal,normal,,defect (bug),new,reporter-feedback,2011-01-29T00:42:28Z,2019-06-04T20:02:31Z,"WordPress Importer fails to import images and update image src urls when download and import file attachments is checked.
WordPress MS with images in a post via Media using WP image mapping, e.g. image url: http://site.domainname.com/files/2011/01/myimage.jpg
Fails to download, import and update image src url. All image src urls remain intact from the old domain name.
If you change the image source to specific directory rather than the WP uploads directory: e.g. image url:
http://site.domainname.com/images/myimage.jpg
Images are downloaded and imported to media but it fails to update image src url in posts. All image src urls in posts remain intact from the old domain name.
I tested this on clean install of WP 3.0.4 MultiSite with TwentyTen theme and no other plugins activated.",wlpdrpat
Candidates for Closure,42995,WordPress XML-RPC editComment return error 500 changing date_created_gmt,,XML-RPC,4.9.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2017-12-28T19:01:25Z,2019-06-20T14:10:09Z,"Grettings,
This:
// Do some timestamp voodoo
if (!empty($content_struct['date_created_gmt'])) {
// We know this is supposed to be GMT, so we're going to slap that Z on there by force
$dateCreated = rtrim($content_struct['date_created_gmt']->getIso(), 'Z') . 'Z';
$comment_date = get_date_from_gmt(iso8601_to_datetime($dateCreated));
$comment_date_gmt = iso8601_to_datetime($dateCreated, 'GMT');
}
[Thu Dec 28 15:52:34.123148 2017] [php7:notice] [pid 5507] [client 127.0.0.1:39464] PHP Fatal error: Uncaught Error: Call to a member function getIso() on string in wp-includes/class-wp-xmlrpc-server.php:3533
",fpilee
Tickets Needing Feedback,33337,WordPress crashes in Chrome when trying to upload images too quickly into Media Library,,Media,4.3,normal,major,,defect (bug),new,reporter-feedback,2015-08-11T10:30:58Z,2019-06-04T20:15:30Z,"Steps to reproduce
1) Use Chrome and a wordpress installation with at least few images, the more images, the easier to reproduce.
2) Create new post
3) Click Add Media
4) Whilst the Media Library is loading all of the images, try to drag new images into the window to upload.
The result is that Chrome crashes. It seems as though the trying to drag images into the window before the ""Drag to upload"" function is loaded kills it.
",tstania
Candidates for Closure,52556,WordPress is adding always,,Editor,5.6.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2021-02-17T14:44:45Z,2021-02-23T10:01:41Z,"Hello,
This bug is happening only if gutenberg editor is disabled.
Ill try to explain in best way how wordpress is adding this  .
1. Create a new page
1.1 Type a title or without both give same result.
1.2 In content there should be nothing
1.3 Publish
2. After publish try to leave the page editing lest say clicking on dashboard from the menu.
Wordpress will promp asking to save changes.
If you are in visual editor and swap to text editor you will notice that was added.
3. If you click update everytime wordpress will add a new
In inspector i have notice this script
{{{
}}}
If i put a breakpoint and reload the page will return thousandsSeparator undefined
I dont know much about this function and the idea behind it but any ideas how to prevent this would be great.
",snuffybg
Tickets Needing Feedback,36663,"Wordpress 4.5 Query Strings Replacing ""."" with ""_""",,Administration,4.5,normal,normal,,defect (bug),new,reporter-feedback,2016-04-25T17:07:37Z,2019-06-04T19:37:19Z,"As of Wordpress 4.5, any query strings using a ""."" will get converted to a ""_"". While i understand that PHP doesn't support a period in a query string value, there are instances where query strings with periods are used by JavaScript and need to be retained. For example, the Webtrends analytics platform uses periods in most of their analytics query string values. For example, they use ""wt.mc_id"", ""wt.z_mce"", and ""wt.dl"".
It appears that changes to 'wp-includes/canonical.php' in 4.5 cause these periods to be visually and functionally converted to underscores when the pages loads. Interestingly, this only happens on pages and not posts.
Can we get the functionality put back the way it was so that the periods are retained, as this update will break Webtrends functionality, as well as any site using JavaScript that expects a period in a query string value?",michael.bucklin
Candidates for Closure,56403,Write 'Activated' instead of 'Installed' for activated theme,audrasjb,Themes,,normal,normal,Awaiting Review,defect (bug),reviewing,reporter-feedback,2022-08-18T09:08:42Z,2022-08-18T15:22:40Z,"On theme-install page, there have text for all installed theme but it should be 'Activated' instead of 'Installed' for activated theme.",alireyad
Candidates for Closure,48527,Wrong upgrade notification,,Upgrade/Install,,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2019-11-07T11:59:57Z,2023-02-15T20:17:06Z,I am running on WordPress 5.2.3 and but it gives me to update to 5.2.2,dkarfa
Candidates for Closure,33425,XML-RPC missing options on wp.getOptions,,XML-RPC,4.3,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2015-08-19T08:35:27Z,2017-04-14T13:41:05Z,"Why the list of options available here
https://github.com/WordPress/WordPress/blob/ce557062f4123d8513378cf415b4e8b612c33ccc/wp-includes/class-wp-xmlrpc-server.php#L383
doesn’t match this https://codex.wordpress.org/Option_Reference
For example default_category or blog_public fields are not available on XML-RPC.",SergioEstevao
Tickets Needing Feedback,36694,"[Pages] [Edit Page] Changing the Permalink URL updates the displayed anchor text, but not the HREF (URL) property",,Permalinks,4.5.1,normal,normal,,defect (bug),new,reporter-feedback,2016-04-27T23:25:56Z,2019-06-04T20:57:57Z,"Steps to reproduce:
1. Create a page or post
2. Edit said page or post
3. Change the Permalink URL using ""Edit"" button next to displayed permalink
4. Click OK button after updating Permalink URL
Observe.
Expected: the anchor link text is updated and the anchor link HREF property is updated to the new value input in the field
Actual: the anchor link text is updated but the anchor link HREF property remains the same.",setsailmedia
Candidates for Closure,51908,add_image_size not working with custom plugin code,,Media,,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2020-12-01T17:55:45Z,2020-12-02T12:30:10Z,"Hey,
add_image_size() not working within the custom plugin code that we can change the the_post_thumbnail() with any custom size.
Thanks,
Arpit G Shah",arpitgshah
Candidates for Closure,32422,add_menu_page() returns incorrect $hookname when using plugin filename as $menu_slug,,Plugins,4.2.2,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2015-05-17T05:06:29Z,2017-07-01T04:02:45Z,"When using `add_menu_page()` and `add_submenu_page()` with filenames in the $menu_slug parameter, the resulting hookname does not match the expected `do_action('load-' …)` hookname.
In the following examples the expected hookname from `do_action( 'load-' . $plugin_page );` (in ''wp-admin/admin.php'') is: '''load-myplugin/admin/resources.php'''. However, the hookname returned by `$hookname = get_plugin_page_hookname( $menu_slug, $parent_slug);` (from `add_submenu_page()` in ''wp-admin/includes/plugin.php'') is '''myplugin_page_myplugin/admin/resources'''.
The result is, this code does not work:
{{{
$hookname = add_submenu_page(""myplugin/dashboard.php"", 'Resources', 'Resources', 'edit_pages', ""myplugin/resources.php"");
add_action($hookname, 'add_resources_options' );
function add_resources_options() {
add_screen_option('per_page', array(
'label' => 'Resources',
'default' => 10,
'option' => 'resources_per_page'
));
}
}}}
However, the hooknames do match when using `add_menu_page()` and `add_submenu_page()` with a callback slugname. This code works (notice only the first line has been changed to use callback slugs instead of filename slugs):
{{{
$hookname = add_submenu_page('dashboard', 'Resources', 'Resources', 'edit_pages', 'myresources', 'myresources');
add_action($hookname, 'add_resources_options' );
function add_resources_options() {
add_screen_option('per_page', array(
'label' => 'Resources',
'default' => 10,
'option' => 'resources_per_page'
));
}
}}}
The solution is either:
* Modify `function get_plugin_page_hookname() …` to return a hookname that is caught by `do_action( 'load-' . $plugin_page );`.
* Or modify `do_action( 'load-' . $plugin_page );` to use the hookname currently returned by `get_plugin_page_hookname()`.
",quinncom
Tickets Needing Feedback,23867,add_rewrite_endpoint causes front-page.php template to be ignored,,Rewrite Rules,3.5.1,normal,normal,,defect (bug),new,reporter-feedback,2013-03-26T21:49:18Z,2019-06-04T21:08:27Z,"I have a front-page.php template in my theme folder, as per the template hierarchy this is used regardless of whether I am showing posts or a page as the front page.
However, when I add a rewrite endpoint (on the init hook), index.php is used for the front page template when I add my query var to the URL. It makes no difference if I set the front page to show posts or a page. If I do not add the query var, front-page.php is correctly used.
i.e. http://domain.com correctly uses front-page.php, http://domain.com/nl wrongly uses index.php
This happens whether I use EP_ALL or EP_ROOT as the places parameter.
All other template files are fine, it's only the homepage with the problem as far as I can see.",lumpysimon
Candidates for Closure,53789,all kinds of error messages using WordPress 5.8 Widgets block editor,,Widgets,5.8,normal,major,Awaiting Review,defect (bug),new,reporter-feedback,2021-07-26T22:35:24Z,2021-10-13T23:48:14Z,"After the Upgrade to WordPress 5.8, in the backend when I choose Appearance / Widgets (to edit widgets), I get error messages like these:
The ""blog_subscription"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""google_translate_widget"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""recent-posts"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""text"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""nav_menu"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""text"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""text"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""text"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""text"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""text"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""bbpmmymessages"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""text"" block was affected by errors and may not function properly. Check the developer tools for more details.
The ""search"" block was affected by errors and may not function properly. Check the developer tools for more details.
I installed and activated the Classic Widget Editor plugin so I could function. Later (after an update from one of the Widget providers), I deactivated the CWE plugin so I could see if this provider's widgets were now working with the 5.8 Widget block editor. (Some were fixed, some weren't). Unbelievably, though, I got more errors than before showing that widget blocks which seemed to be working before now were not working! I got a lot of Internal Error messages, whereas before I only saw one or two of these. Did switching to the Classic Widget Editor and then deactivating cause more problems? Now every time I try to access the 5.8 Widgets block editing, I get new or different errors. Very confusing and upsetting.
",janecarole
Tickets Needing Feedback,35871,before_delete_post incorrectly triggered from edit.php to post.php,,"Posts, Post Types",4.4.2,normal,normal,,defect (bug),new,reporter-feedback,2016-02-19T10:44:18Z,2019-06-04T20:55:27Z,"It seems there's a bug where {{{before_delete_post}}} triggers when clicking the post name (on edit.php) to go to the post.php admin edit screen. I have this code
{{{#!php
blog_id );
echo get_bloginfo( 'name' );
echo get_bloginfo( 'language' );
restore_current_blog();
}
}}}
",kukac7
Candidates for Closure,55442,count(): Parameter must be an array or an object that implements Countable in /var/www/html/wp-includes/post-template.php on line 319,,"Posts, Post Types",,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2022-03-22T21:59:34Z,2022-03-22T23:41:57Z,"Call get_the_content() with no arguments and $post is null. If post is null then this is ran:
{{{#!php
$elements = compact( 'page', 'more', 'preview', 'pages', 'multipage' );
}}}
Associate array has keys with null values. Then on lin3 319 is
{{{#!php
if ( $elements['page'] > count( $elements['pages'] ) ) {
}}}
Which causes this notice:
{{{
Warning: count(): Parameter must be an array or an object that implements Countable in /var/www/html/wp-includes/post-template.php on line 319 Notice: Trying to access array offset on value of type null in /var/www/html/wp-includes/post-template.php on line 325
}}}
",davidscpl
Candidates for Closure,56905,css media query issue,,General,6.0.3,normal,trivial,Awaiting Review,defect (bug),new,reporter-feedback,2022-10-25T13:24:22Z,2022-10-25T16:29:28Z,"The media queries used for the responsivness for mobile use a max-width of 767px and the min-width for the tablet one is 768px. However max-width is exclusiv so when the screen is exactly 767px you are neither in mobile or tablet mode.
Unfortunately, when i put a window in half screen mode it is precisely 767px so this number is not that odd and other user could experience the same issue.
(Tested on wordpress 6.0.3 and google chrome)",damien4444
Tickets Needing Feedback,43076,current-menu-item for archive menu item on singular page,audrasjb,Menus,,normal,normal,Future Release,defect (bug),assigned,reporter-feedback,2018-01-12T09:51:43Z,2020-01-17T00:02:45Z,If I have CPT with archive and singular page and I add to menu url to archive and I go to singular page of CPT then should be add current-menu-item to menu item of archive,sebastian.pisula
Candidates for Closure,43122,customize.php fails to load with default changeset_uuid,bpayton,Customize,4.7,normal,normal,Awaiting Review,defect (bug),assigned,reporter-feedback,2018-01-18T00:46:13Z,2021-05-30T17:26:42Z,"I am seeing a rare condition where users are unable to load the Customizer with no specified changeset and see the message ""Cheatin, uh? This changeset cannot be further modified.""
In all cases, I am seeing two `customize_changeset` posts with the same GUID post name, one with draft status and the other with published status. When WP_Customize_Manager attempts to find a changeset to load by default, it finds the draft with the GUID, and when it attempts to load the post, it finds the published post with the same GUID and dies with the message mentioned above.
I read WP_Customizer and theorized how this could be happening but have no theory worth mentioning. Still, this seems like some kind of race condition.",bpayton
Tickets Needing Feedback,52593,default user and woocommerce bug,,Users,5.6.1,normal,normal,,defect (bug),reopened,reporter-feedback,2021-02-22T09:16:39Z,2023-04-28T17:45:01Z,"Good morning,
we have a problem with the graphical arrangement of native WP elements and products created via WooCommerce.
We can't understand why, but if you log into WP via the default admin user or via a new admin user, there are some substantial differences, as you can see from the images below.
The pictures are taken from the same product.
We tried to disable plugin and theme but the problem persists.
We have no idea how the problem came out or how we can do to replicate it.
For the moment we are using the new user instead of the default user, but we would still like the problem to be fixed.
[[Image(https://www.caffecarlito.ch/wp-content/uploads/2021/02/caffecarlito_admin.png)]]
[[Image(https://www.caffecarlito.ch/wp-content/uploads/2021/02/caffecarlito_andrea.png)]]",variante
Tickets Needing Feedback,36499,"featured image, image upload",,General,4.5,normal,normal,,defect (bug),new,reporter-feedback,2016-04-13T01:35:59Z,2019-06-04T19:57:19Z,"Using Avada theme with WP4.5, many elements have broken since WP4.5 update.
Including:
Slidedeck Slider shows ini_set errors and load.php errors
Fusion Slider - stuck at spinning wheel trying to load slides
Featured Images for blog posts not showing
Add Media into post or page (images wont load to select from)
Surprised this update has affected just about all my sites (about 200) which updated automatically. Now I am trying to revert them all to 4.4x
How did you guys drop the ball this time?",diskmandotnet
Tickets Needing Feedback,22530,garbage query strings on URLs are not sanitized or removed,,General,3.4.2,normal,normal,,defect (bug),reopened,reporter-feedback,2012-11-21T15:52:50Z,2019-06-04T19:44:14Z,"Here is an interesting problem I ran into, a bug / feature that appears to be used by malicious people to cause Google to see your site as full of duplicate content.
If you visit a wordpress site, and add a garbage query string to the end of the URL, that garbage gets carried forward. Example:
yourblog.here/page/2?ssdlfkjsdlkfjsdfs
When you scroll down, the ""previous"" and ""next"" links will automatically carry that query string forward.
Normally, this would not be a big issue. However, some people appear intent on specifically creating these sorts of links to wordpress sites, and Googlebot is finding those links on remote sites. Those links are followed, and then the ""previous - next"" situation perpetuates the problem through every page on the site. If you have 1000 posts, at 10 per page, Google just indexed 100 duplicate content pages.
So the bug is the following:
Passed query strings need to be sanitized, and junk removed - there is no reason to pass it on. In the case of a junk passed string, there should be an http 301 or 302 reply and the user / bot redirected to the proper page without the query string.
Further, query strings should not be perpetuated forward through the ""previous - next"" links on the pages unless they are relevant to that page change. As an example, a valid search string might be worth moving forward with. Other passed items may not be worth carrying forward.
Potentially, any unsanitized input accepted in a query is a vector for other attacks. Having that query carry forward is a real issue. As an example, full select * from queries are not accepted and not dealt with, and perpetuated forward. No, they are not currently actually causing anything to happen, but a failure to sanitize these inputs suggests a vector for a future attack, such as an input overflow or similar.",rawalex
Candidates for Closure,54964,get_permalink() does not use the correct slug rewrite base,,"Posts, Post Types",5.9,normal,blocker,Awaiting Review,defect (bug),new,reporter-feedback,2022-01-27T22:10:49Z,2023-10-04T11:54:50Z,"Hello,
get_permalink does not work well for custom posts with slug rewrite.
E.g. I have implemented articles post type:
{{{#!php
array('slug' => _x('articles','slug','mydomain')),...));
}}}
'articles' is translateD to slovak language as 'clanky'. But **get_permalink({id_of_article})** returns '''localhost:10010/articles/my-title'''. It is wrong and i have recieve error 404, because right link is '''localhost:10010/clanky/my-title'''.
It works OK for older WP version.
Thanks a lot for any result.
Kind regards,
Ondrej Jakuba
",jakubaondrej
Candidates for Closure,43453,heartbeat_received filter requires data in order to execute,,Plugins,3.6,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2018-03-01T15:38:38Z,2022-02-26T22:34:38Z,"With regards to the heartbeat api, the plugin developer handbook states:
Not every feature will need all three of these steps. For example, if you don’t need to send any data to
the server, you can use just the latter two steps.
But this does not seem to be the case given this line of of [https://core.trac.wordpress.org/browser/tags/4.9/src/wp-admin/includes/ajax-actions.php#L2808 wp_ajax_heartbeat].
This makes it less useful if you just want to include some new data on an interval. It requires an approach like:
{{{
#!javascript
$( document ).on('heartbeat-send', (e, data) => {
data.wouldLikeFilterToTrigger = true;
});
$(document).on('heartbeat-tick', (e, data) => {
// do something with data generated by filter
console.log(data);
});
}}}
If you omit the send event, the filter on the server never runs.
It seems like this constraint should be lifted, or at the very least the documentation should be updated.",brianscaturro
Tickets Needing Feedback,32994,invite email from secondary blog does not use network site URL for wp-activate link,,Networks and Sites,4.2.2,normal,normal,,defect (bug),new,reporter-feedback,2015-07-14T14:33:18Z,2019-06-04T20:15:01Z,"When inviting a user as an admin from a secondary site, the message uses `site_url('wp-activate.php?key=$key')` to generate the invite link. This is a problem because `wp-activate.php` returns a 404 when accessed outside the network site domain. Instead it should use `network_site_url('wp-activate.php?key=$key')`, as is done elsewhere.
Here is the line in question: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/ms-functions.php#L953",leedo
Tickets Needing Feedback,33602,is_active_sidebar returns true when widget has been deactivated,,Widgets,4.3,normal,normal,,defect (bug),assigned,reporter-feedback,2015-08-30T03:10:32Z,2019-06-05T06:41:30Z,"When I activate a plugin (in this case Ultimate Social Media and Share icons)
Add the widget to my sidebar area
Deactivate the plugin
The widget is no longer visible in the sidebar
BUT
is_active_sidebar still returns true",karlikdesign
Tickets Needing Feedback,33521,manage_${post_type}_posts_columns parameters shifted,,Taxonomy,4.3,normal,minor,,defect (bug),new,reporter-feedback,2015-08-23T21:28:05Z,2019-06-04T21:16:27Z,"Hello,
manage_${post_type}_posts_columns requires three parameters, however, as shown in the link below, it only uses 2.
https://core.trac.wordpress.org/browser/tags/4.2.2/src/wp-admin/includes/class-wp-posts-list-table.php#L978
The paremeters are also shifted.
The example below shows the var dump outputs in render_column_with_bug():
{{{
'posts',
'pages' => 'pages',
'category' => 'edit-category',
'post_tag' => 'edit-post_tag',
);
foreach ( $supported_post_types as $slug => $type ) {
add_action( ""manage_{$type}_columns"", array( $this, 'add_column'), 10, 1 );
// Add 3rd parameter because of bug
add_action( ""manage_{$slug}_custom_column"", array( $this, 'render_column_with_bug'), 10, 3 );
}
}
// Add new column name here
public function add_column( $columns ) {
$columns = array_merge( array(
'my_column_name' => 'column_slug',
), $columns );
return $columns;
}
// Output column contents here here
public function render_column_with_bug( $column, $post_id, $tax_id = '' ) {
$status = '';
var_dump ( $column );
/*
Outputs: column name on posts/pages
Outputs: empty string on taxonomies
*/
var_dump ( $post_id );
/*
Outputs: post id posts/pages
Outputs: column name taxonomies
*/
var_dump ( $tax_id );
/*
Outputs: empty string on posts/pages
Outputs: taxonomy id on taxonomies
*/
if ( $column == 'my_column_name' )
$status = $this->post_status();
echo $status;
}
// Output column contents here here
public function render_column_bug_fixed( $column, $post_id, $tax_id = '' ) {
$status = '';
$type = get_post_type( $post_id );
if ( !empty ( $tax_id ) && ! $type ) {
$column = $post_id;
$screen = get_current_screen();
$type = $screen->id;
}
if ( $column == 'my_column_name' )
$status = $this->post_status();
echo $status;
}
public function post_status() {
// render output
}
}
new Example_Class();
}}}",Cybr
Tickets Needing Feedback,37391,memory issue action,,Menus,,normal,normal,,defect (bug),new,reporter-feedback,2016-07-17T22:14:37Z,2019-04-18T20:14:42Z,"( i have seen this issue on many sites)
the problem is that, while saving any custom-menu,
it gives frequently error:
`PHP Fatal error: Out of memory (allocated xxxx) .... on `wp-includes/functions.php, line 3350`
it is `wp_list_filter` function. in the start of that function, i have included this script:
echo '';print_r(debug_backtrace());
and i have counted how many times `wp_list_filter` executes and how heavy data it processes on each loop.. look this file, i have included only first 5 ""debug_backtrace: results (because after 20nd loop php crashed, because of out of memory):
https://drive.google.com/open?id=0Bz7qe_olclTwVXEzeDk2eXdkZVk
please help.
i cant save menus, i cant do anything like that, it crashed with ""out of memory"". i know that i should increase memory limit, but evidently , WP has issue.
",tazotodua
Candidates for Closure,39003,menu_page_url() not working on Ajax call,,Administration,4.6.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-12-01T13:50:38Z,2023-02-20T17:36:29Z,"`menu_page_url( 'menu_slug', false )` is always returning empty string on AJAX response. The `global $_parent_pages;` is return NULL on AJAX call. But the same menu slug is working on normal page load.",vinoth06
Candidates for Closure,49805,missing get_the_title / confusing the_title filter,,"Posts, Post Types",5.5,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2020-04-04T08:52:05Z,2020-04-04T15:19:16Z,"I and probably many others (e.g. #39848) got problems with filtering H1 - the problem is, that in most templates (and also in twenty twenty) there is no way how to filter H1.
There is the_title function, that encloses the get_the_content() result with defined prefix and suffix, but this the_title function has no filter!
And what is VERY confusing - there is the_title filter, but that filter is not called from the_title function, but from get_the_title function!
I understand that it would be probably very difficult to move that the_title function where it belongs and replace it with proper get_the_title filter, but i believe there must be some quick way, e.g. that proposed wrap (but i would recommend to add all the arguments of the the_title function, so resulting in apply_filters( 'the_title_wrap', $title, $before, $after, $echo ); This way we could easily filter the result based on any option.
",thomask
Candidates for Closure,54145,new widget feature broke database,,Widgets,5.8.1,normal,critical,Awaiting Review,defect (bug),new,reporter-feedback,2021-09-19T02:47:16Z,2021-09-28T00:59:22Z,"https://prnt.sc/1srrhlp
== **Error establishing a database connection
**when i install new themes or develop websites uses astra or paid themes
this new widget module creates critical bugs and broke database also
after going to this page it makes my website says ""Error establishing a database connection""
but host is worked well and wp-config is correct; so in two condition i test sometimes create php errors and make database corrupt so my suggestion is make a site owner to decide what he want to use new module or not and suggest to put old widget plugin in main plugin page side classic editor and i hope to fix it soon in coming updates
thanks for making wordpress open for everyone",starmido213
Candidates for Closure,43689,next_post_link()/previous_post_link() broken for custom post types in same custom taxonomy term,,"Posts, Post Types",4.9.5,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2018-04-04T09:11:13Z,2022-05-26T22:22:37Z,"The link to the next post is being displayed however the third parameter $in_same_term seems to be completely ignored even though parameter $taxonomy is correct (https://codex.wordpress.org/Function_Reference/next_post_link).
E.g. you are on singular pages of a custom post type ""Job"". You want to have the next post link of ""Jobs"" which are in the same ""Job Group"" (a custom taxonomy) e.g. ""Developer"". However next post link will deliver a next Job which is in the ""Job Group"" ""Graphic Designer"" even though $in_same_term was set to true.",Blackbam
Candidates for Closure,58933,plugin-install.php search works incorrect,,Plugins,6.2.2,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2023-07-29T11:41:02Z,2023-08-08T16:43:13Z,"i got 29 pages as result of search but after i go to last page
more results coming
also search very weak by default
many irrelevant results coming after search with 2 keywords
",AlexeyVertinsky
Candidates for Closure,57364,remove_meta_box for commentstatusdiv stores null value for comments configuration.,,Administration,6.1.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2022-12-21T10:46:15Z,2023-06-17T12:23:15Z,"Removing meta box commentstatusdiv for e.g. some user roles stores null value for comments configuration in database, after a user without that meta box stores the post.
Example:
- post edit as admin **with** commentstatusdiv meta box
- meta box commentstatusdiv -> Allow comments is **activated**
- Post edit as user **without** commentstatusdiv meta box
- save post as user
- post edit as admin
- meta box commentstatusdiv -> Allow comments is **deactivated**",phlegx
Tickets Needing Feedback,35504,response to adding data to taxonomy shows in a wrong place,,Taxonomy,4.4.1,normal,normal,,defect (bug),new,reporter-feedback,2016-01-17T22:55:55Z,2020-06-04T05:50:50Z,"Hello,
i created a custom taxonomy and when i try to add an item, item will be successfully add but response from ajax request to add this data show's in wrong place and the table not getting updated. response data showing as the message value instead. i toke screenshot.
and i tested my codes and wordpress healthy time and time over. I'm Sure it's core bug.
[[Image(http://uupload.ir/files/kuv1_bug.jpg)]]",ehsanaghaei
Tickets Needing Feedback,35648,the_post_thumbnail sets srcset with http protocol,,Media,4.4,normal,normal,,defect (bug),new,reporter-feedback,2016-01-28T16:28:48Z,2019-06-04T20:21:48Z,"We have a wordpress site that uses https always, when we use the_post_thumbnail, it returns HTTPS for the SRC attribute but it returns HTTP values for the SRCSET attribute. This is not a duplicate of #28261 or #15928 because this only happens on the srcset attribute.
We had to do this filter in order to do a quick patch:
{{{#!php
_do_query('SELECT post_id,...')
#1 /wp-includes/class-wpdb.php(3152): wpdb->query('SELECT post_id,...')
#2 /wp-includes/meta.php(1177): wpdb->get_results('SELECT post_id,...', 'ARRAY_A')
#3 /wp-includes/post.php(7421): update_meta_cache('post', Array)
#4 /wp-includes/post.php(7808): update_postmeta_cache(Array)
#5 /wp-includes/nav-menu.php(804): _prime_post_caches(Array, false)
#6 /wp-includes/class-wp-query.php(3560): update_menu_item_cache(Array)
#7 /wp-includes/class-wp-query.php(3824): WP_Query->get_posts()
#8 /wp-includes/post.php(2460): WP_Query->query(Array)
#9 /wp-includes/nav-menu.php(729): get_posts(Array)
#10 /wp-includes/nav-menu-template.php(165): wp_get_nav_menu_items(Object(WP_Term), Array)
#11 /wp-content/themes/beaverwarrior/components/CustomHeader/custom-header/includes/frontend.php(19): wp_nav_menu(Object(stdClass))
}}}
The way I'm currently fixing this problem is modifying `update_menu_item_cache`. Yes, this is corehacking, and I understand that it will be overwritten and break with the next core update.
I specifically changed this line:
{{{#!php
if ( ! empty( $post_ids ) ) {
_prime_post_caches( $post_ids, false );
}
}}}
to instead be:
{{{#!php
if ( ! empty( $post_ids ) ) {
_prime_post_caches( $post_ids, false, false );
}
}}}
This disables postmeta cache priming for linked posts in nav menus and fixes the memory limit I was running into. I would like to know if there's any further implications from doing this that I'm not aware of. If not, I can submit a pull request to have this merged in.",huemordave
Tickets Needing Feedback,30285,url_to_postid on FORCE_SSL_ADMIN takes https path instead of http,,General,4.0,normal,normal,,defect (bug),reopened,reporter-feedback,2014-11-07T17:59:53Z,2019-06-04T19:46:47Z,"A server has FORCE_SSL_ADMIN set to TRUE, which makes its wp-admin load under SSL, though the public pages are still on http.
Now, I have a plugin which runs in the admin area. When I call url_to_postid with a post permalink under http (http://www.domain.com/post) the function always returns 0. What happens is that url_to_postid uses site_url to parse the permalink, but site_url with FORCE_SSL_ADMIN returns the path with https, thus not finding it in the http permalink.
I think url_to_postid should always take the public settings even when called from an admin context, as it will take in input public paths.",Ste_95
Candidates for Closure,32306,wp-cron throws 500 errors for SSL enabled sites,,Cron API,4.2.1,normal,critical,Awaiting Review,defect (bug),reopened,reporter-feedback,2015-05-08T07:49:05Z,2017-11-14T14:01:53Z,"I have several WP installs that are throwing 500 error codes when calling wp-cron.php after a pageview. The error is not consistent - it will sometimes return 200, and sometimes 500. All the installs I see this on use SSL with properly signed certs with SNI in use on the server under Apache. Instances on the same server where do not use SSL have not shown this issue at all.
I have managed to reproduce this on a clean WP install running twentyfifteen with no plugins installed so it doesn't appear to be plugin related.
Oddly, I don't get any PHP warnings when it happens (though I've tested that if I force a php script in the same pool to throw an error, it does get captured) - I do get the following recorded in the Apache Virtualhost error log (redacted):
[Fri May 08 08:29:34.479946 2015] [core:error] [pid 13870:tid 140644332824320] [client xxxx:xxxx:x:xx:xxxx:xx:x:x:57492] AH00524: Handler for fastcgi-script returned invalid result code 32
Apache access log (redacted):
xxxx:xxxx:x:xx:xxxx:xx:x:x - - [08/May/2015:08:29:26 +0100] ""POST /wp-cron.php?doing_wp_cron=1431070166.8151741027832031250000 HTTP/1.0"" 500 4066 ""-"" ""WordPress/4.2.2; https://www.domain.com""
System config is as follows:
* Fully patched Debian Jessie running on amd64 arch with kernel 3.16.0
* Webserver: Apache/2.4.10 (Debian), mod_fastcgi/mod_fastcgi-SNAP-0910052141, mod_fcgid/2.3.9, mod_python/3.3.1, Python/2.7.9, OpenSSL/1.0.1k
* MySQL 5.5.43-0+deb7u1
* PHP 5.6.7+dfsg-1 running under PHP-FPM (seen with and without opcache in place)
* Wordpress 4.2.2 fresh install (also seen on 4.2.1) with all plugins removed.
The server listens both on IPv4 and IPv6 - I've tried forcing wp-cron to use IPv4 by setting the hostname in /etc/hosts but that makes no difference.
Refer also to :
https://wordpress.org/support/topic/wp-cron-throwing-500-errors-on-ssl-sites?replies=9",coatesg
Tickets Needing Feedback,31236,wp_ajax_upload_attachment does not properly handle situation when post_id is set,,Media,4.1,normal,normal,,defect (bug),new,reporter-feedback,2015-02-04T23:13:47Z,2020-02-08T18:33:04Z,"In the wp_ajax_upload_attachment function of wp_admin/includes/ajax_actions.php, it appears that the wrong capability is checked by the current_user_can function if post_id is set in the $_REQUEST object. At line 1845, this code exists:
if ( ! current_user_can( 'edit_post', $post_id ) )
As far as I can tell, edit_post is not a valid capability. I was building a custom post upload for my site that allowed certain users to add media. I had given them the edit_posts capability and they were still receiving the error message ""You don't have permission to attach files to this post."" Once I changed this line of code in wp-admin to:
if ( ! current_user_can( 'edit_posts', $post_id ) )
it worked as expected.",johncacpro
Candidates for Closure,31686,wp_authenticate_username_password() should check for a WP_Error object,,Security,3.7,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2015-03-18T16:29:08Z,2019-08-06T09:19:25Z,"This is a follow-up to #19714 and #22516
These were closed, but IMHO, the bug as such is not resolved.
wp_authenticate_username_password() does only check whether $user is a WP_Error object when either password or username are empty:
{{{
75 if ( empty($username) || empty($password) ) {
76 if ( is_wp_error( $user ) )
77 return $user;
78 …
}}}
However, another plugin that hooks into authenticate might pass a WP_Error even if $username and $password were provided, but the specific authentication mechanism failed.
The current implementation completely ignores this.
The result is that users who exist locally can log in using a local, possibly older password, bypassing the plugins' additional authentication mechanisms completely.
I'd advocate to check for is_wp_error($user) much earlier in wp_authenticate_username_password(), so that the authentication process will fail as soon as one ""authenticate"" filter returns a WP_Error object.",kwisatz
Tickets Needing Feedback,31520,wp_cache_get generates fatal error,,Cache API,4.1.1,normal,normal,,defect (bug),new,reporter-feedback,2015-03-04T08:47:40Z,2019-06-04T19:28:04Z," There are timing issues in WP where some code in plugins, specifically wp super cache, make called to wp_cache_get before $wp_object_cache is initiated.
This generates a fatal error in php and can often send apache crashing.
This only occurs n wp_cache_get() and it seems as if the easiest solution is to check to see if $wp_object_cache is actually initaited and/or an object before calling its get() function.
… at /var/sentora/hostdata/zadmin/public_html/freemaal_in/wp-includes/
cache.php (113)
…at /var/sentora/hostdata/zadmin/public_html/freemaal_in/wp-includes/
option.php (54)
…/public_html/freemaal_in/wp-content/plugins/wp-super-cache/
wp-cache-phase2.php (255)",jatingupta2k
Tickets Needing Feedback,32056,wp_dropdown_roles() bug,,Role/Capability,2.1,normal,normal,,defect (bug),new,reporter-feedback,2015-04-22T11:59:25Z,2021-12-03T20:06:06Z,"Hello, in the function wp_dropdown_roles() located in wp-admin/includes/template.php there is a bug.
More specifically, around line 855 you can find
{{{
if ( $selected == $role ) // preselect specified role
}}}
In this condition you are comparing 2 strings, therefore the correct operator for comparison is ""==="". If compared only with ""=="" then the preselected role is wrong if the site has custom roles. Also the {} brackets are missing, but this is ok...
Please consider fixing it in the next version :)",InS0mN1aC
Candidates for Closure,57267,wp_enqueue_style is not working under shortcode,,Shortcodes,6.1.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2022-12-03T07:41:09Z,2022-12-15T13:08:25Z,"we have tested in older version wp_enqueue_style('some-id'); is working fine on 5.7.8
but it's not working on 6.1.1
even its not working on ""wp_head"", ""wp_footer""",hasanrang05
Candidates for Closure,55841,wp_get_nav_menu_items doesn't work properly,,Menus,6.0,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2022-05-26T09:45:23Z,2022-05-27T21:47:56Z,"Function ""wp_get_nav_menu_items"" doesn't work correctly, when you try to retrieve a list of terms for a specific menu using slug returns all pages available.
",andreamarrano
Tickets Needing Feedback,31706,wp_list_categories for hierarchical taxonomy return wrong tree if orderby clause is used,,General,4.1.1,normal,normal,,defect (bug),new,reporter-feedback,2015-03-20T11:11:52Z,2019-06-04T19:48:23Z,"My taxonomy is e.g.
{{{
-term 1
--subterm 1.1
---subterm 1.1.1
--subterm 2.1
--subterm 3.1
-term 2
-term 3
}}}
and lets say i am on the 'term 1' page and i want to return all suterms. But when i run
{{{
$args = array(
'style' => 'list',
'title_li' => '',
'echo' => 0,
'hierarchical' => true,
'depth' => 2,
'taxonomy' => 'my_taxonomy',
'orderby' => 'count',
'order' => 'DESC',
'show_option_none' => ''
);
$args['child_of'] = $current_term->term_id;
}}}
it return only
{{{
Subterm 1.1.1
}}}
Problem is that
{{{
'orderby' => 'count',
'order' => 'DESC',
}}}
when i put it out, it works as expected
BTW IMO wp_list_categories() need some bigger rewrite - it is probably the oldest code in WP :-). No filters, strange classes etc. especially comparing to similar wp_nav_menu. E.g. there is no class to parent LI (and it is often need to change e.g. for Bootstrap), nor any action or filter, the only way are some non-trivial preg_match on the full results or replacing the whole Walker, what is not optimal for forward and plugin compatibility ",thomask
Candidates for Closure,41867,wp_list_categories throws SQL error if list is empty,,Taxonomy,4.8.1,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2017-09-13T08:05:49Z,2019-02-21T03:13:59Z,"If via the args, we exclude the only category available in the list, then the SQL query will end up wrongly formated (empty : IN() statement).
See full query here :
{{{
SELECT object_id, term_taxonomy_id FROM wp_term_relationships INNER JOIN wp_posts ON object_id = ID WHERE term_taxonomy_id IN () AND post_type IN
('post') AND post_status = 'publish';
}}}
Sample php code :
{{{#!php
'category',
'child_of' => $queried_object->category_parent,
'depth' => 1,
'exclude' => $queried_object->cat_ID,
'echo' => 0,
'hierarchical' => true,
'hide_empty' => false,
'show_count' => 1,
'title_li' => '');
echo wp_list_categories($args);
}}}
The solution would be to check if there are other categories to be displayed and if not, then just return the empty result.",firebird75
Candidates for Closure,59827,wp_save_post_revision() assumes ALL post meta is text! Fatal error in PHP 8.2.,adamsilverstein,Revisions,6.3.2,normal,normal,Awaiting Review,defect (bug),assigned,reporter-feedback,2023-11-07T17:31:11Z,2024-02-05T19:14:55Z,"The wp_save_post_revision() function assumes that ALL post meta is text:
https://github.com/WordPress/wordpress-develop/blob/6.3/src/wp-includes/revision.php#L164
When using register_meta() with 'revisions_enabled' => true to register post meta that is an array, it causes a fatal error in PHP 8.2:
{{{
PHP Fatal error: Uncaught TypeError: trim():
Argument #1 ($string) must be of type string, array given in /.../wp-includes/formatting.php:5486
}}}
Since registering post meta is announced for WP 6.4 (see https://make.wordpress.org/core/2023/10/24/framework-for-storing-revisions-of-post-meta-in-6-4/), it's a pretty serious problem.
I've tested the issue on WP 6.3.2 and WP 6.4 (although the footer says 6.5-alpha-57075).
js.",jsmoriss
Candidates for Closure,37670,wp_validate_redirect fails when running WordPress on a port,,Security,4.5.3,normal,normal,Awaiting Review,defect (bug),new,reporter-feedback,2016-08-15T15:19:35Z,2019-06-04T18:12:31Z,"$allowed_hosts is checking againts host value the parsed host value doesn't contain the port number and $wpp does. Thereror hosts aren't matched and wp_validate_redirect fails.
{{{
$lp = @parse_url($test);
}}}
equals
{{{
array (size=4)
'scheme' => string 'http' (length=4)
'host' => string 'localhost' (length=9)
'port' => int 3002
'path' => string '/project/xactly-com/insights/' (length=29)
}}}
where
{{{
$wpp = parse_url(home_url());
}}}
equals
{{{
array (size=2)
'scheme' => string 'http' (length=4)
'host' => string 'localhost:3002' (length=23)
}}}
will result in
{{{
if (isset($lp['host']) && (!in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host']))) {
}}}
failing
The server is running on a local proxy.",raptor235
Candidates for Closure,49899, detected an advanced-cache.php file in the wp-content directory. It seems that this is not the advanced-cache.php file. Please remove this file and disable any other caching plugins to use this .,,Cache API,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2020-04-13T22:19:40Z,2020-04-14T11:27:37Z,"==== How to Reproduce ====
Simply install and activate two cache plugins that use advanced-cache.php file from the admin dashboard one after another.
Isn't that time to change how WordPress use the advanced-cache.php file? Why not make wp-settings.php file to look for:
/wp-content/*-advanced-cache.php
In this way cache plugin developers will be able to create file with their name and functionality such as:
/wp-content/-advanced-cache.php
In this way there will be no file replacing/removing and etc. and the whole plugin fight on who to use the advanced-cache.php file will be resolved. There will be no problem to have:
/wp-content/-advanced-cache.php
/wp-content/-advanced-cache.php
/wp-content/-advanced-cache.php
The other possible (with eventually slower processing) solution is the advanced-cache.php file to be searched for in all of the plugins directory:
/wp-content/plugins/*
In this way each plugin can store their advanced-cache.php file in their own plugin root folder:
/wp-content/plugins//advanced-cache.php
/wp-content/plugins//advanced-cache.php
/wp-content/plugins//advanced-cache.php
And again this will be resolved. Any ideas on that?
Thanks in advance.",jeffreycooper
Candidates for Closure,43742,Add $_wp_admin_css_colors variable to front-end,,General,3.0,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2018-04-12T07:17:43Z,2020-06-04T23:11:00Z,"I've developed a plugin that uses the admin colour scheme functionality.
When a colour scheme is registered (using `wp_admin_css_color`), it's added to the `$_wp_admin_css_colors` variable. This is only accessible within the dashboard though so if you try and use that variable on the front-end, it returns `null` (doesn't exist).
Can this be made accessible on the front-end too?",danieltj
Candidates for Closure,49779,Add a filter that controls the size of the images on the Attachment pages,,Media,,normal,major,Awaiting Review,enhancement,new,reporter-feedback,2020-04-02T11:52:39Z,2022-03-10T16:35:34Z,"The images (attachments) on the Attachment pages are hardcoded as ""medium"".
On narrow themes, that might be fine, but on wider themes it leads to a tiny-looking image with a lot of awkward whitespace.
Many users have wanted to change the size of the image on that page, which has lead to multiple guides suggesting that they replace the hardcoded value in /wp-includes/post-template.php
Examples of such guides:
* https://zolahost.com/change-wordpress-attachment-page-image-size/
* https://wordpress.org/support/topic/attachment-page-image-size-3/
* https://www.dmuth.org/fixing-image-sizes-on-wordpress-attachment-pages/
The problem with that solution, of course, is that the changes will be overwritten when the next WordPress update is released, leading to a lot of confused and frustrated users.
To fix that, we could apply a filter to the attachment size.
**Original /wp-includes/post-template.php code:**
{{{
$p .= wp_get_attachment_link( 0, 'medium', false );
$p .= '';
}}}
**Modified code:**
{{{
$attachment_size = apply_filters( 'prepend_attachment_size', 'medium' );
$p .= wp_get_attachment_link( 0, $attachment_size, false );
$p .= '';
}}}
After that, it's very easy for users to change the attachment image's size in their child theme's functions.php file.
**Example:**
{{{
add_filter('prepend_attachment_size', 'set_attachment_image_size_to_large');
function set_attachment_image_size_to_large()
{
return 'large';
}
}}}
",pikamander2
Tickets Needing Feedback,30870,Add an $actions array and a filter in inline_edit() function,,Quick/Bulk Edit,3.1,normal,normal,,enhancement,new,reporter-feedback,2014-12-31T08:07:42Z,2019-06-04T21:13:29Z,"There is no current possibility for the developper not to display part of the form generated by the inline_edit() function. It would be great enhancement to store the filedset in an array, then apply a ""post_inline_edit_fields"" with as parameter the fieldset array and the post, and then echo the fieldset.
For the moment, you can add a metabox but not remove any part of the form.
Thank you.",olivierstern
Tickets Needing Feedback,38079,Add hooks before output for each action in wp-login.php,voldemortensen,Login and Registration,4.7,normal,normal,Future Release,enhancement,assigned,reporter-feedback,2016-09-17T19:13:19Z,2017-10-03T05:59:58Z,"7 years ago, in #9682, `wp-login.php` was made more pluggable. The thing is, if you just want to change the look (as my plugin ""Theme My Login"" does), you also have to replicate the logic.
Having an action that fires just before the `login_header()` call in each case of the action handler switch should be sufficient. One such hook is already present for one action: `lost_password`.
However, the hook `register` is already in use for the register link as is the format `{$action}_form`. So, I propose using `pre_{$action}_form`.
Patch incoming.",jfarthing84
Tickets Needing Feedback,27289,Add populate_network action,,Networks and Sites,,normal,normal,,enhancement,new,reporter-feedback,2014-03-06T04:31:42Z,2019-06-04T20:07:02Z,"At the moment, `populate_network_meta` is the only hook available to do extra work when a new network is created. However, this is called before the initial site is created when installing the first network. This means it's impossible to do certain things on network creation, such as creating new sites.
(I want to be able to create a new site on network creation so that the network always starts with two sites: the migrated main site and another site.)",rmccue
Candidates for Closure,52639,Add proper Security Attributes to the Cookies set by WordPress,,Security,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2021-02-24T13:17:12Z,2022-06-20T14:43:17Z,"Hi,
I have come across this security matter while we were developing a project using WordPress as the CMS for the Government. As Government sites go through a strict security audit that's is where I came across this matter.
Apparently, all the cookies that are set by WordPress don't have any of the security attributes like `secure`, `HttpOnly`, `SameSite=Strict` in them. This means these cookies can be accessed any way a script wants.
Not just WP Core but even almost all popular plugins like WooCommerce doesn't follow these security practices, I don't know why. Just adding a few extra parameters to a Cookie can make it quite secure and stop it from being accessed however a script wants.
But here I'm focusing on the WP Core as other plugins look at the coding standards of WP Core and try to follow that. So, implementing these basic security practices in WP Core will lead to many other plugins following the same path and creating a more secure system.
**Now if we focus on a very basic `/wp-login.php` page:**
We can see only the `wordpress_test_cookie` has `secure` attribute in them while every other cookie simply has Cookie Name, Value, Expiration Date, Max-Age & Path; i.e. only the bare necessary things for that cookie to work and ignoring all other security features. Here is a screenshot:
[[Image(https://i.imgur.com/zbyvDBo.png)]]
Instead, WP Core can take advantage of `is_ssl()` function to check whether or not to add the `secure` attribute. But the rest, i.e. `HttpOnly`, `SameSite=Strict` should be part of each cookie.
**Take a look at WooCommerce cookies now:**
I know WooCommerce issue is out of context here as here we are only focusing on WP Core, but I am showing this just to show how widespread this issue is.
[[Image(https://i.imgur.com/ekz8Qr8.png)]]
So, maybe if WP Core implements these security features it will push others to do the same.
Please note that this is not specific to WP Admin login page but almost all cookies added by WordPress. Would love to see these security attributes get added into cookies added by WP Core.",isaumya
Tickets Needing Feedback,35428,Allow the suppression of errors if user already exists,,Login and Registration,,normal,normal,,enhancement,new,reporter-feedback,2016-01-12T21:19:14Z,2019-06-04T20:21:01Z,"The install instructions for s2members requires that we add a filter to suppress errors
it seems to be we should add the filter to allow this.
",pbearne
Candidates for Closure,57922,Changing class-wp-editor.php Insert/Edit Link header from H1 to H3 or other,,Editor,6.1.1,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2023-03-14T18:43:46Z,2023-03-14T23:05:22Z,"Hey there!
I am using the wordpress core feature of having a blog page host all our posts. There is a modal in the class-wp-editor.php file located in the wp-includes directory.
On line 1868 (or around there) a modal is shown with the title ""Insert/edit link"". This line is wrapped in an H1 which from an SEO standpoint is really unfortunate as google sees that as a title for the page. Even if you put an additional H1 on the page above the modal, google will still see it as the title of the page. And in our case that's every paginated blog page. I think it would be really beneficial for everyone to change that header to an h3 or lower. H2 is fine as well but I don't think it requires that level.
Thank you!
All the best,
D",donniewalden707
Candidates for Closure,45874,Content Section is overlapping the menu background,valentinbora*,Administration,5.0.2,normal,trivial,Awaiting Review,enhancement,accepted,reporter-feedback,2019-01-09T12:36:13Z,2024-01-17T20:19:39Z,"Hi,
Just uploading some content into WordPress dashboard and saw a little layout bug, I'm not sure if it is kept like this but I thought, maybe it should be behind the menu background completely. As I have uploaded a screenshot, once the menu height finishes then the content is showing below. it should be behind the menu bar.
[[Image(http://ahmadgulzar.com/wpscr.png)]]
it can be fixed by just changing z-index of #adminmenuback from 1 to 3
{{{
#adminmenuback {
position: fixed;
top: 0;
bottom: -120px;
z-index: 3;
}
}}}
Thanks
",ahmadgulzar
Candidates for Closure,59132,Create two filters in wp_scripts() and wp_styles().,,Script Loader,4.2,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2023-08-17T18:19:00Z,2023-11-27T21:00:48Z,"I'd like to know if it's possibile to change this:
{{{#!php
`.
I know that it's possibile to write own function handler using `wp_die_handler` filter, but accepting a custom back url, and not only a boolean, could be an easy way without rewrite all the function.
In some cases it could be useful, here is an example.
I wrote a plugin that creates custom roles with custom caps. I use the meta cap filter to let user of custom roles to edit users of other roles, but not admin users.
So when an user of custom roles tries to bulk edit/promote/delete admin and not-admin users together, the user gets a wp_die message like: ''You can’t edit that user.''.
When the user goes back with browser, the user will see again the old users page with old (and wrong) info, because the bulk action has edited properly the not-admin users and leave the admins untouch.
I think it could be useful to provide the back url to wp_die message, so you can load the updated version of previous page.
I propose that `$args['back_link']` can accept 3 types of values:
- `false`: no back link shown (as now);
- `true`: show javascript back link shown (as now);
- `{url}`: show passed url.
In this way I can use `wp_die` for custom messages in my plugin pages, like:
`wp_die( 'Error message', '', array( 'back_link' => admin_url('whatever.php') ) );`
Then, it could be useful to have a filter inside `_default_wp_die_handler` function to customise error messages of default dashboard pages.
We could use the arguments (`$message`, `$title`, `$args`) to provide context to the filter, e.g.:
`apply_filters( 'default_wp_die_handler_back_link', $r['back_link'], $title, $args )`
`apply_filters( 'default_wp_die_handler_back_link_'.sanitize_key( $title ), $r['back_link'], $args )`
Or maybe use `wp_get_referer` to add more context.
I hope my explanation has been clear.",eventualo
Tickets Needing Feedback,32768,Customizer Widgets and Themes search improvements,,Customize,4.2,normal,normal,Future Release,enhancement,assigned,reporter-feedback,2015-06-23T18:06:29Z,2021-05-22T20:29:24Z,"Widgets and Themes search would need the same improvements done for the Menu Customizer.
Widgets:
- activating ""Add a Widget"" with the Space bar doesn't prevent the default action, as a result the search field gets a space character and the placeholder text is gone. See https://github.com/voldemortensen/menu-customizer/issues/107
Both:
- the search results (or no results) should be announced to assistive technologies, possible use case for wp.a11y.speak see #32720
- a short description of the ""live"" search functionality could help, see the Menu items search in core, i.e.: aria-describedby=""menu-items-search-desc""",afercia
Tickets Needing Feedback,30530,Enhance privacy by hiding posts of other users,,Query,,normal,normal,,enhancement,new,reporter-feedback,2014-11-27T16:32:54Z,2019-06-04T20:48:05Z,"I haven't found an entry in Trac for this, but I know that this is discussed in blogs/stackexchage/... many times: A feature to hide posts of other authors in the admin interface.
The proposed solutions mostly include a pre_get_posts or request filter. However, most comments critizise that the post counter is still wrong. Thus, another filter for wp_count_posts is needed, duplicating much of the code of wp-includes/post.php's wp_count_posts(). Moreover, the select query in the original wp_count_posts() is executed anyway, but the result is thrown away. Finally, to make caching work, a third filter for transition_post_status to clear the post counter cache is needed.
An all this just to hide the posts of other users...
There should be an easy option to achieve this provided by the Core. There could be a 'list_others_*' capability that is honoured by query.php's get_posts() and post.php's wp_count_posts(). One could argue that published posts could be seen anyway, so the capability could also be named 'list_others_protected_*' and hides/shows the posts with a post_status marked as protected (get_posts() includes all posts with these status if we are in the admin).
That would be a great feature often requested by users and greatly enhancing the CMS capabilities!",minderdl
Tickets Needing Feedback,49714,Explore UI for destructive controls & contexts,Travel_girl,Administration,,normal,normal,Future Release,enhancement,assigned,reporter-feedback,2020-03-27T16:03:04Z,2024-01-29T15:38:05Z,"After considering ticket #49603, we think that WordPress should take a look at the consistency of informing users when they are in a destructive context and when a control will have destructive consequences.
In general, we have a standing expectation that these controls will be red & have text that clearly indicates the action to be taken, but this should be reviewed for consistency.
Reviewing #49603 showed that the 'Force Erase Personal Data' control is blue, which doesn't match expectations.
The intention of 49603 is to draw attention to the fact that the 'Erase Personal Data' screen is entirely dedicated to destructive actions. While using a background color to indicate this may not be the ideal choice, the concept is well worth exploring.
Summary: review destructive actions & contexts to ensure clarity and maximize error prevention. ",joedolson
Tickets Needing Feedback,14110,Expose height and width attributes to 'wp_get_attachment_image_attributes' filter,adamsilverstein,Media,3.0,normal,minor,,enhancement,assigned,reporter-feedback,2010-06-27T00:54:46Z,2023-10-11T13:51:39Z,"The filter 'wp_get_attachment_image_attributes' allows you to alter the attributes of embedded images. However the height and width attributes aren't passed to this filter. These would be useful to have – I'm making a theme with a fluid layout where I have to remove all height and width attributes to ensure that the browser maintains the attribute of images when they're resized.
I've attached a patch with a fix. In it I've also changed the function 'get_image_tag' so that I could remove the immensely pointless 'hwstring' function.",divinenephron
Candidates for Closure,58006,Final classes & testing,,Build/Test Tools,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2023-03-28T20:19:38Z,2023-03-29T12:37:50Z,"Sorry if this is not the place to post.
All (or most AFAIK) WordPress classes WP_* are declared final.
This is an issue when unit testing since final classes can't be mocked so unit testing a class that relies on a WP_Post instance is hard.
If I may ask, is there a reason why these classes are final? Have there been any talks to make them non-final, at least in the official testing environment that uses phpunit?",neblabs
Candidates for Closure,43642,Gallery titles and labels erasing,,Gallery,4.9.5,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2018-03-27T11:42:19Z,2022-05-26T22:23:13Z,"It would be great to have some ""erase all titles and labels"" button when creating new gallery. Especially when you create large one with 50 or more pics.
It's very frustrating to do it manually on every imported photo.",marcinmichno
Tickets Needing Feedback,40415,Imagick resize filter hook,,Media,4.7.3,normal,normal,Future Release,enhancement,new,reporter-feedback,2017-04-11T16:57:07Z,2022-04-12T13:14:37Z,"As of ticket #33642, WordPress 4.5 introduces the `thumbnail_image()` function within the `WP_Image_Editor_Imagick` class.
This function uses the default imagick filter `FILTER_TRIANGLE` to assists the image resizing process.
Within the `thumbnail_image()` is even declared a list of allowed filters that actually are absolute unsued due to the fact that wordpress uses only the default filter `FILTER_TRIANGLE`. The filter list is
{{{
'FILTER_POINT'
'FILTER_BOX'
'FILTER_TRIANGLE'
'FILTER_HERMITE'
'FILTER_HANNING'
'FILTER_HAMMING'
'FILTER_BLACKMAN'
'FILTER_GAUSSIAN'
'FILTER_QUADRATIC'
'FILTER_CUBIC'
'FILTER_CATROM'
'FILTER_MITCHELL'
'FILTER_LANCZOS'
'FILTER_BESSEL'
'FILTER_SINC'
}}}
Resizing image using the default filter often gives as a result a softly blurry thumbnail image. this blur effect became more visible as the thumbnail size increase.
Using filter like `FILTER_HAMMING` or `FILTER_SINC` the blur effect disappear, giving a great resizing result.
To better improve the use of the resizing process and to give any users the ability to choose which type of filter to use, I think that could be implemented the following filter hook:
{{{
$filter_name = apply_filters('image_resize_filter', $filter_name);
}}}
that will give an opportunity to change this filter before the resizing process will perform.
This filter should be implemented at the beginning (line 1) of the `thumbnail_image()` function.
This way everyone can, optionally, change the imagick resize filter easily.",virgodesign
Candidates for Closure,47316,"Improve the admin User Profile page, the user interface is not user friendly.",,Users,,normal,minor,Awaiting Review,enhancement,new,reporter-feedback,2019-05-18T12:15:56Z,2019-05-18T16:12:50Z,"The admin User Profile page, which allows you to edit a user's details and credentials, is horrendous. The edit User Profile page, is used by many plugins, namely woocommerce. For non-techy types, such as staff members of a online retail company who work in admin or operations, the user interface of this edit user profile page is very difficult to use.
I have considered creating a plugin for a completely separate admin panel so staff do not need to access /wp-admin, which could be more user friendly then the existing admin edit user profile page.
Please make the admin pages more user friendly.",sirwan
Tickets Needing Feedback,35955,Improvements for Menus,,Menus,4.4.2,normal,normal,,enhancement,new,reporter-feedback,2016-02-25T21:33:35Z,2019-06-04T20:23:06Z,"I'd like to propose some improvements for Menus.
- When adding a set of pages with children, I think it would be useful if the menu structure would also follow the relationship between parent and children elements. Currently, when adding pages and their children, all of them go into first level so children and their children must be rearranged manually.
- If replacing a parent menu item (does not necessarily need to be a parent page), all the children are sent to level below, so they have to be rearranged manually again. I think it would be useful if we could replace any element that has children with another element without losing the structure (something like ""replace this menu item"")
",Mckilem
Candidates for Closure,48408,Introduce eagerloading of meta data,,Query,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2019-10-23T13:49:00Z,2019-10-23T14:01:39Z,"I believe it should be possible to introduce eagerloading to postmeta/attachments.
In ""Laravel"" language you would do:
take(10)->get();
?>
Which would produce two queries: 1) for the posts table 2) for the post_meta table where post ids IN posts result.
That would produce TWO queries to fetch 10 posts and ALL of its meta data, instead of currently where it produces a lot of requests to the database.
A SO user produced a draft that illustrates how it could work, see: https://wordpress.stackexchange.com/a/225743/50042
Speed is alfaomega in these times, and I think WordPress should take it way more serious.",mattiasf
Tickets Needing Feedback,35315,New action `manage_posts_before_extra_area`,,"Posts, Post Types",,normal,normal,,enhancement,new,reporter-feedback,2016-01-05T07:47:13Z,2019-06-04T20:54:00Z,I think that should be action before table of posts in edit.php. Why ? Because I want add settings for post type in this section or custom form.,sebastian.pisula
Candidates for Closure,33963,New function: `upload_url()`,,Upload,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2015-09-22T12:32:57Z,2019-05-15T21:20:24Z,Retrieve the url to the uploads directory.,sebastian.pisula
Tickets Needing Feedback,35475,New functions: `current_widget` and `current_widget_id`,,Widgets,,normal,normal,,enhancement,reopened,reporter-feedback,2016-01-15T16:08:56Z,2019-06-05T06:43:09Z,"This is alternative for ticket #35456. In widgets we can use different filters and actions. For example we use the_title filter but in widget we don't want (this is abstract example). So:
{{{#!php
posts ) {
$this->posts = array_map( 'get_post', $this->posts );
}
}}}
This costs a lot of time when fetching a lot of posts (e.g. products, orders, etc).
It could be fasten up by fetching only the field ""ids"" but this is also bad because when we need the post_content then a ""get_post( 123 )"" would do another query.
To bypass all of this a new ""fields operator"" could be added:
{{{#!php
if ( $this->posts && $q['fields'] !== 'raw' ) {
$this->posts = array_map( 'get_post', $this->posts );
}
}}}
The SQL-Query would still fetch all data but we would prevent the data from going through the ""get_post"" stuff.
In times of Generator it is ridiculous to iterate over the same set of data multiple times. By receiving the raw data the developer can decide when to generate a WP_Post object.
Note:
filter = ""raw"" could imply ""suppress_filters"" = true because we no longer carry WP_Post objects. But it should be allowed by the developer to switch ""suppress_filters = false"" again because the stdObjects have almost the same structure as WP_Post objects. This means (in short):
{{{#!php
if ( ! isset( $q['suppress_filters'] ) ) {
$q['suppress_filters'] = ($q['filter'] === 'raw' ? true: false);
}
}}}
",screamingdev
Tickets Needing Feedback,43178,Rethinking what “captions” means for video,postphotos,Media,5.1,normal,normal,Future Release,enhancement,assigned,reporter-feedback,2018-01-29T16:32:59Z,2023-10-19T18:38:35Z,"'''Because different users will use the word ""caption"" in different ways, it would be helpful to look at reducing this term in WordPress media and clarifying all media terms as a whole.'''
Captions carry a meaning in the video industry that is closely related to subtitles. It's recommended that we change how we describe our images, videos, and other media used within WordPress.
''Note: For architectural reasons, the field data should be left alone, but we need a better label for the associated meta. I also talked about this a bit in #31177''
This proposal further explores the messy language in media attachments and focuses on clear description so that all users can understand them, including clarifying WordPress' use of video subtitles.
A proposal to revising these terms is below.
Images
1) Wherever images use {{{data-setting=""title""}}} - instead of ""Title"" the English label should read ""Media Title.""
2) Wherever images use {{{data-setting=""caption""}}} - instead of ""Caption"" the English label should read ""Image Caption."" Because the specific term ""photo captioning"" describes a widely-used industry term, it should be clarified here but not removed.
3) Wherever images use {{{data-setting=""description""}}} - instead of ""Description"" the English label should read ""Longer Description."" This is because theme developers do not output this data beyond attachment pages and having three ill-described content areas - alt, caption, description - is an anti-pattern to describe what these images.
Videos
1) Wherever images use {{{data-setting=""title""}}} - instead of ""Title"" the English label should read ""Media Title.""
2) Wherever video use {{{data-setting=""caption""}}} - instead of ""Caption"" the English label should read ""Media Description.""
3) Wherever images use {{{data-setting=""description""}}} - instead of ""Description"" the English label should read ""Longer Description."" This is because theme developers do not output this data beyond attachment pages and having three ill-described content areas - alt, caption, description - is an anti-pattern to describe these images.
By adjusting these terms and exposing utility of the meta values, this level of clarity will greatly enhance the ability for all users, especially those helping create content for both multi-lingual and Deaf audiences, to understand the meta values in managing media work without the need to read documentation.
Goals:
1. Because videos are reused on separate posts and all subtitled videos should contain this as a part of their output, create a meta value (or some other object type) that stores associated SRTs per language.
2. Allow for a better way for all videos that stores the associated SRTs to be associated with a language or as another kind of subtitle track - i.e. commentary, descriptive text, etc.
3. Allow videos uploaded at the same time with the same subtitle file name (or in a language structure) to be associated with each other. Assume the default core language for videos with no LANG code and associate the only subtitle as belonging to default core’s. (If there’s only one SRT with no lang suffix, it’s probably a caption.)
If we leave the existing labels as-is, new and old users will both continue to put the wrong information in because of the lack of context to each field. Whatever fix we decide on, this should also be further adjusted in each target language that WordPress core is released in.",postphotos
Candidates for Closure,57626,"Searches to add a link in post-edit, to be sortable/filterable to better find tags",,Editor,,normal,trivial,Awaiting Review,enhancement,new,reporter-feedback,2023-02-03T14:30:14Z,2023-03-20T13:51:02Z,"Currently when adding a link to a post, I can search for a term and get back a mix of posts, pages and tags. This is the intended behaviour.
However, if the search term I am using is broad (e.g. 'Movies') and there are more than 20 posts on my site featuring the word Movies (this is often the case for a broad term), then WordPress will prioritise returning me 20 search results that are all posts, and will not return the Movies tag.
This is a general sorting issue, the search function prioritises posts over tags.
I'd like see a change where an exact tag match would always appears as the top result.
If not, then an option to filter the search, perhaps with checkboxes to show Posts/Pages/Tags etc.",joshduffetywong
Candidates for Closure,54479,Set_blog_id performance,,General,5.9,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2021-11-20T10:06:43Z,2021-11-20T17:27:05Z,"On multisite many plugins switches blog (wbdb->set_blog_id) many times (few thousands).
There is a performance impact in wpdb->tables method.
Simple caching reduces overall execution time.",wladwm
Candidates for Closure,37190,Split out function declarations and code executions.,,Build/Test Tools,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2016-06-26T14:59:16Z,2020-09-14T19:03:30Z,Quite a few php files in the root directory contain function definitions and code executions. This makes it impossible to unit-test those functions. Should we move those function definitions to `includes/.php` and then include them at the top of the root file?,stephenharris
Candidates for Closure,52869,Twenty Twenty-One: Text isn't vertically centered to the checkbox,,Bundled Theme,5.6,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2021-03-20T11:20:23Z,2021-04-29T14:44:11Z,"I think we should add `vertical-align: middle;` into the line 1344 to have text aligning centerally vertically to the checkbox. Currently the code is like this:
{{{
@supports (-webkit-appearance: none) or (-moz-appearance: none) {
input[type=checkbox],
input[type=radio] {
-webkit-appearance: none;
-moz-appearance: none;
position: relative;
width: 25px;
height: 25px;
border: var(--form--border-width) solid var(--form--border-color);
background: var(--global--color-white);
}
}}}
",ooker
Candidates for Closure,41910,Update plugin/theme maintenance message,,Plugins,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2017-09-18T13:41:50Z,2019-06-20T21:06:25Z,"Hey
The message that shows up when updating plugins or themes should not remove the visible site. Instead it should keep the old plugin/theme until it has finished updating and then smoothly change over to the new without disrupting the frontend of the site.
On fatal error it should automatically revert to the old and just give a message in the backend that it could not update to the new plugin/theme because of whatever reason. Then a message saying let the author of the theme/plugin know about the error.
",paaljoachim
Candidates for Closure,54182,Use wp_unslash() for $_REQUEST Parameter in wp-admin/admin-post.php file,,General,5.8.1,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2021-09-25T11:13:03Z,2021-09-30T20:56:30Z,"Need to use the `wp_unslash()` for `$_REQUEST['action']`, you can see screenshot.",yagniksangani
Candidates for Closure,52964,Video On Login Page,,Login and Registration,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2021-04-03T12:12:29Z,2023-08-16T16:43:16Z,"So I was wondering about how can I add a video as a background of the login form by editing the login form's code.
Turns out we cannot as there is no vector to do so.
Can we add a hook to do so..?",wparslan
Tickets Needing Feedback,20437,WP Upgrader filter to allow plugins to upload to existing directory,,Upgrade/Install,3.3.1,normal,normal,,enhancement,new,reporter-feedback,2012-04-13T16:52:30Z,2019-06-04T21:07:27Z,"Our plugin for WP uses various elements of the WP upgrader class to manage plugins for our plugin. ;) This has worked great except when we went to extend it further and allow uploading of plugins through the WP Upgrader class much like you can with WP plugins.
The issue is that currently, the WP Upgrader class is coded to expect the upload destination to be empty - EXCEPT if the upload destination (the base directory) is one of these hard coded locations:
in_array( $destination, array(ABSPATH, WP_CONTENT_DIR, WP_PLUGIN_DIR, WP_CONTENT_DIR . '/themes') )
So since our plugin storage location is not one of those, it fails since there may already be some plugins there.
Sure would be nice if that array of locations that does not have to be empty (the important base dirs which allow dropping down a directory level)... a simple filter would accomplish this...
Hope its not too late in 4.3 for a simple filter...",usermrpapa
Candidates for Closure,39653,WP_Http_Cookie changes,,HTTP API,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2017-01-20T14:56:16Z,2017-01-20T15:30:30Z,"1. The WordPress convention is to use underscores instead of camelCase for function and method change
2. add new param to return array in get_attributes method
3. change parse_url to wp_parse_url",sebastian.pisula
Tickets Needing Feedback,46388,WP_User::get_data_by(): Cache non-existent users to prevent triggering multiple queries,,Cache API,5.2,normal,normal,Future Release,enhancement,new,reporter-feedback,2019-03-01T11:24:01Z,2021-06-15T19:14:20Z,"Assume you use the WP_User::get_data_by() function to get the main user fields queried against an ID:
{{{
WP_User::get_data_by('ID', 1337);
}}}
If you call this function multiple times - by calling the function directly or indirectly by using functions like get_userdata or get_avatar - and an user with the given ID does not exist, the database-query is getting executed multiple times resulting in duplicate queries:
{{{
SELECT * FROM wp_users WHERE ID = '1337'
}}}
To prevent triggering multiple queries, non-existing users should get stored inside the WP Object Cache similar as in the get_option() function for non-existing options.
The attached patch checks if the user ID exists in the WP Object Cache inside of the notusers-array so the WP_User::get_data_by() function returns FALSE if this is the case:
{{{
// Prevent non-existent users from triggering multiple queries
$notusers = wp_cache_get( 'notusers', 'users' );
if ( isset( $notusers[ $user_id ] ) ) {
return false;
}
}}}
If the user is not existent in the notusers-array but he also does not exist inside of the database, the user gets added to the WP Object Cache before the WP_User:get_data_by() function returns FALSE:
{{{
// User does not exist, so we must cache its non-existence
if ( ! is_array( $notusers ) ) {
$notusers = array();
}
$notusers[ $user_id ] = true;
wp_cache_set( 'notusers', $notusers, 'users' );
}}}
",Asgaros
Candidates for Closure,55089,ajax `wp_ajax_update_plugin` show download failed when contain another update (eg: translations) with same process fail.,,Plugins,5.9,normal,minor,Awaiting Review,enhancement,assigned,reporter-feedback,2022-02-05T15:02:59Z,2022-02-05T15:02:59Z,"I found that {{{wp_ajax_update_plugin}}} contain invalid response when trying to update plugin via ajax request.
This happend when {{{$upgrader->bulk_upgrade( array( $plugin ) );}}} called, and any other update progress run on same time.
Eg: there are translations update exists and when contain errors on translations update, the plugin update tell that the plugin fail to download, but the plugins successfully updated.
",arrayiterator
Candidates for Closure,38054,class.wp-scripts.php - add_action when init is already doing,,Script Loader,4.6.1,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2016-09-14T13:12:13Z,2019-04-09T21:27:34Z,"Hi,
I've simple WP installation and I'm trying to make ""my profiler"" which will show executing times of all actions. I just found an issue in class.wp-scripts.php. Plugin Query monitor runs `wp_register_script( 'debug-bar', false, array( 'query-monitor') );` inside init action. (it's first call of wp_register_script). Then constructor of WP_Scripts runs `add_action( 'init', array( $this, 'init' ), 0 )`, but action is already doing and my profiler shows warning about it (`$merged_filters['init']` has reset state).
I think that constructor should be:
{{{
public function __construct() {
$this->init();
if ( ! did_action( 'init' ) ) add_action( 'init', array( $this, 'init' ), 0 );
}
}}}
Sasa
",stodorovic
Candidates for Closure,41335,dbDelta() does not recognize MySQL's IF NOT EXISTS statement,,Upgrade/Install,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2017-07-15T12:24:51Z,2022-10-21T12:46:12Z,"When a new table is creating with {{{IF NOT EXISTS}}} MySQL statement in query then array {{{$cqueries}}}(creational queries) will have invalid table names as keys.
The keys of the array use below in the function's code for fetch the table column structure in {{{DESCRIBE}}} statement.
Example query: {{{CREATE TABLE wp_delta_table...}}}
The extracted table name: wp_delta_table
Example query: {{{CREATE TABLE IF NOT EXISTS wp_delta_table...}}}
The extracted table name: IF",kmaxim
Tickets Needing Feedback,25671,get_theme_mods does not have a filter,,Themes,,normal,normal,,enhancement,new,reporter-feedback,2013-10-23T15:38:08Z,2019-06-04T21:09:15Z,"I am making use of the Theme Modifications API for the first time and using it to store theme customisation options controlled via the theme customiser.
I hit an issue when previewing customisation changes using the refresh transport. The theme modifications functions are not aware of the `$_POST'd` changes coming from the theme customiser.
Let's say a user has changed a heading colour from red to blue and not yet hit save. The `get_theme_mod('heading_colour')` function is still returning red in the preview panel. This bug does not overly concern me (it may be that way by design) but to get around it it would be handy to be able to filter get_theme_mods (see patch).
For now I have gone higher up in the API and used a filter on `get_option`:
{{{
add_filter( 'option_theme_mods_' . $theme_slug)
}}}",scottsweb
Candidates for Closure,52143,memory_limit not always adhered,,General,5.6,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2020-12-21T16:36:30Z,2021-01-07T11:02:11Z,"From time to time I notice that WordPress, or it's plugin don't adhere the ""memory_limit"" that's set by it's php.ini or through .htaccess
A simple and quick fix, is adding the following line:
{{{
define('WP_MEMORY_LIMIT', ini_get('memory_limit'));
}}}
I'd suggest adding this line to the default contents of wp-config.php to resolve the issue in the cases it occurs.",danielbareman
Candidates for Closure,43183,wp-comments-post.php endpoint support for OPTIONS,,Comments,,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2018-01-30T17:13:04Z,2019-07-01T12:24:37Z,"Under some circumstance we may need cross-posting from one domain to another (without the wp-json API).
At least lets preflight requests flow normally
https://github.com/WordPress/WordPress/pull/338
",drzraf
Candidates for Closure,32143,wpLink function getAttrs() missing link-text,,Editor,4.2,normal,normal,Awaiting Review,enhancement,new,reporter-feedback,2015-04-27T07:04:06Z,2020-11-24T01:38:12Z,"After last update to 4.2 wpLink() was renewed and the title-input was replaced.
Instead of title, you can now insert/change the link text.
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/js/wplink.js?rev=32017
But in function getAttrs() the val of link-text was forgotten.
Therfor I proporse to add this line in getAttrs():
linktext: $.trim( inputs.text.val() ),
Also it would be nice to populate the link-text field with the document title of a chosed intern element, like it was made with the old title-field before.
",xwolf
Candidates for Closure,40872,Add $item argument to start_lvl (nav menu walker),,Menus,4.7.5,normal,normal,Awaiting Review,feature request,new,reporter-feedback,2017-05-26T20:08:47Z,2017-06-28T07:45:39Z,"Would it be possible to add the $item argument inside the start_lvl function?
Other than the usual dropdown menu, I'd also like to build megamenus and to make that possible, I need to use different ul tags (along with some JavaScript components). These custom ul tags will be different based on the parent li ((array) $item->classes) and $depth.
",mireillesan
Candidates for Closure,56894,"Add new param for ""register_taxonomy"" for required taxonomy",,Taxonomy,2.3,normal,normal,Awaiting Review,feature request,new,reporter-feedback,2022-10-24T10:22:46Z,2023-03-20T13:47:07Z,"Hi,
It would be great if we have the possibility to set new param in ""register_taxonomy"" function to force user set term for post type.
Currently, we did the trick with some Javascript but if this was the default setting, it would probably be cleaner
My patch is coming ;-)",Spidlace
Tickets Needing Feedback,28324,Add primary and secondary color definitions to admin color schemes and add function to retrieve color scheme info,,Administration,3.8,normal,normal,,feature request,new,reporter-feedback,2014-05-21T14:31:36Z,2019-06-04T19:25:50Z,"I'd like to be able to implement a user's selected admin color scheme into my plugin admin UI design but, at this point in time, using wp_admin_css_color() to register a color scheme only asks for an array of colors and then depends on a stylesheet to use said colors so there's no way for me to, at the very least, detect a primary and secondary color to use in my design.
From what I can tell, most color schemes have what they consider to be the primary and secondary color, and they use those colors for primary buttons and admin menu links and such, but there's no way for someone else to detect those color values.
It would also be nice if there was a function to retrieve the color scheme info. Perhaps something like this:
{{{
function get_user_admin_color() {
global $_wp_admin_css_colors;
if ( ( $user_admin_color = get_user_option( 'admin_color' ) )
&& isset( $_wp_admin_css_colors[ $user_admin_color ] ) ) {
return $_wp_admin_css_colors[ $user_admin_color ];
}
return false;
}
}}}
But the big request is changes to the wp_admin_css_color() function so, at the very least, a primary and secondary color can be defined and stored in $_wp_admin_css_colors. Perhaps something like this?
{{{
function wp_admin_css_color( $key, $name, $url, $colors = array(), $icons = array(), $primary_color = NULL, $secondary_color = NULL ) {
global $_wp_admin_css_colors;
// If a primary color is not defined, use first color from $colors array
if ( ! isset( $primary_color ) && count( $colors ) >= 1 )
$primary_color = $colors[0];
// If a secondary color is not defined, use second color from $colors array
if ( ! isset( $secondary_color ) && count( $colors ) >= 2 )
$secondary_color = $colors[1];
if ( ! isset( $_wp_admin_css_colors ) )
$_wp_admin_css_colors = array();
$_wp_admin_css_colors[$key] = (object) array(
'name' => $name,
'url' => $url,
'primary_color' => $primary_color,
'secondary_color => $secondary_color,
'colors' => $colors,
'icon_colors' => $icons,
);
}
}}}
",bamadesigner
Tickets Needing Feedback,37042,Additional filter for has_category function,,Taxonomy,4.5.2,normal,normal,,feature request,new,reporter-feedback,2016-06-07T07:27:25Z,2019-06-04T21:24:00Z,"Our plugin translates categories and posts. Let's assume we have two languages:
- original: English
- second: French
We defined category ""test"" and its translation ""test-fr"". The category is assigned to the post in such way that English post has English category and vice versa.
Currently, when we call has_category(""test"") in single.php file, it returns true only for the English post ( because French one does not have ""test"" category but ""test-fr"" ). We expect that result will be true in both cases.
----
For this reason, we need some filter inside ''is_object_in_term'' function, similar to ""get_object_terms"" inside ""wp_get_object_terms"" function. It will give as opportunity to adjust ""has_category"" behaviour to out requirements. ",jakubbis
Candidates for Closure,39372,Allow count for wp_terms query to count other post statuses as well as published posts,,Taxonomy,4.7,normal,normal,Awaiting Review,feature request,new,reporter-feedback,2016-12-22T16:51:55Z,2020-12-23T19:18:41Z,"While it is great to use the wp_terms query to get the terms, when counting the number of posts assigned to each of these terms, it would be great if there was a way to be able to include the number of posts that have other post statuses and not just count the number of posts that have been published.
At the moment if I want to do this, I have to return all of the terms from a taxonomy and then go through each one and count how many posts are associated with each term for both published posts and draft posts which is a lot more inefficient.",roperjonathan
Tickets Needing Feedback,33740,Create a new API to standardize application tracing,,Bootstrap/Load,4.4,normal,normal,,feature request,new,reporter-feedback,2015-09-05T13:10:31Z,2019-06-04T19:32:32Z,"Having read #30934 and #28319, I think it's best if I raise a new requirement.
My proposal isn't about logging, it's related to problem determination tracing; the ability to dynamically activate trace logic to help someone to track down a problem.
I have been using my own solution ( a plugin called oik-bwtrace ) for a while now.
There are two dormant APIs that I need to make available at all times, even when tracing is not activated.
Since these functions are currently not available by default I've had to be careful where I use them. To circumvent the problem of trying to use an API which doesn't exist, many of my plugins have dependencies on a base plugin which supplies the dormant APIs.
Life would be a lot simpler if WordPress came with a set of dormant functions which I can rely on to exist.
This proposal is for two trace APIs. It could easily be extended to support logging.
The dormant APIs have the same basic structure
{{{
function dormant_api( easy to use parameters ) {
global $api_set_active;
if ( $api_set_active ) {
lazy_api( easy to use parameters );
}
}
}}}
In this example $api_set_active is just a boolean.
It's set to true when the API logic is activated, false otherwise.
To cater for different levels of tracing ( or logging ) we can either implement the test in the dormant API, or pass it to the lazy_api().
This solution is different from 'pluggable'.
The dormant APIs need to exist, from very early on.
The lazy APIs are provided by implementing plugins and should be implemented as pluggable.
The two APIs I really do need are currently called bw_trace2() and bw_backtrace().
I've attached the latest version of my shared library file that defines these APIs and the constants they use.
Assuming that these APIs will be required to trace WordPress core logic I feel that they need to have been defined early on in wp-settings.php
I therefore propose a new file called dormant.php which can, if the developer so wishes, be included in wp-config.php but would otherwise be loaded in wp-settings.php before load.php.
Note: It's the implementing plugin's responsibility to know when it's safe to do things.
In my implementation of a hook for the 'all' action I've used multiple strategies which involve loading my APIs in wp-config.php before wp-settings.php, using a Must-Use plugin to be able to record most hooks, but requiring a custom db.php to be able to capture everything. I can't do it before db.php since add_action()'s not available until then.
",bobbingwide
Tickets Needing Feedback,35503,"Dashboard page: comment status in ""Activity"" group box shows incorrect",,Comments,4.4.1,normal,trivial,,feature request,new,reporter-feedback,2016-01-17T21:54:34Z,2019-06-04T19:33:54Z,"'''STEPS TO REPRODUCE''':
log in (subscriber user), create new comment for post, log in (administrator user), approve comment on Dashboard page using ""Activity"" group box, click ""Approved (1)"", click ""Go back one page"" in browser.
'''EXPECTED RESULT''': comment status - Approved
'''ACTUAL RESULT''': comment status - Unapproved
This problem was found in browsers Firefox 44.0b9, Chrome 47.0.2526.111 m",antonrinas
Candidates for Closure,48746,Disable admin email verification screen on a per-user basis,,Users,,normal,normal,Awaiting Review,feature request,new,reporter-feedback,2019-11-20T18:09:59Z,2019-11-29T16:31:08Z,"During this week's #hosting-community team meeting, some members said they would like to be able to disable the admin email verification screen for some of their administrator users instead of for all administrator users. This would be a useful feature for our team members who manage WordPress websites on behalf of their customers.
Would it be possible to add this feature?",jadonn
Candidates for Closure,54580,Latest Posts Gutenberg Block not supporting args filter.,,Editor,5.8.2,normal,normal,Awaiting Review,feature request,reopened,reporter-feedback,2021-12-05T17:46:09Z,2022-01-31T13:24:43Z,"Shouldn't we add the filter for recent posts widget arguments in the Latest Posts Block?
{{{#!php
Site Editor > stylizing of captions in the Image block,,Editor,,normal,normal,Awaiting Review,feature request,new,reporter-feedback,2023-02-14T18:59:23Z,2023-02-16T15:49:37Z,In the Site Editor -> Styles -> Blocks -> Image Block I was expecting controls to edit the font and alignment of the image captions (the text that goes under the image).,ddegner
Candidates for Closure,43366,_default_wp_die_handler() Need filter code for update css style.,,Administration,4.9.4,normal,normal,Awaiting Review,feature request,new,reporter-feedback,2018-02-20T10:49:46Z,2020-12-20T01:14:28Z,"wp-includes\functions.php Line no 2768.
",ravipatel
Slated for Next Release,52723,"Admin options.php default value to NULL for option_value may lead to MySQL Integrity constraint violation error, potential other bugs",,"Options, Meta APIs",2.7,normal,normal,6.6,defect (bug),new,needs-unit-tests,2021-03-05T14:26:35Z,2024-02-27T12:01:48Z,"It looks like `wp-admin/options.php` set a `null` value by default for any unchecked option:
https://core.trac.wordpress.org/browser/trunk/src/wp-admin/options.php#L306
Now, this leads to execute queries like this by `update_option`:
UPDATE `wp_options` SET `option_value` = NULL WHERE `option_name` = 'default_pingback_flag'
Which is wrong, given the schema explicitly set `option_value` to `NOT NULL`:
https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/schema.php#L144
This would trigger an integrity constraint violation error by MySQL when in (default) strict mode:
Error! SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'option_value' cannot be null
To get around this (and for other reasons too, I presume), WordPress currently tries to disable any MySQL strict mode in the `$wpdb` class, with the effect that MySQL silently ""fix"" the error itself:
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/wp-db.php#L567
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/wp-db.php#L826
But **not every environment support this**, so there are people out there who cannot save options and they are confused about the reason why, for example:
https://www.reddit.com/r/Wordpress/comments/l61rvs/cannot_disable_avatars/
https://wordpress.org/support/topic/discussion-comment-settings-saved-changes-are-not-taking-effect-at-all/
https://wordpress.org/support/topic/wordpress-database-error-column-option_value-cannot-be-null/
A simple solution would be to set a different default value (`0` or even an empty string) in `wp-admin/options.php` and, ''better yet'', **cast any `NULL` value to the same different default value in both `update_option` and `add_option`**.
Please note that, without a fix, **this bug may also lead to other nasty side effects**.
As a quick fix/test, I successful got around this with this simple filter:
{{{#!php
[code-highlight line-numbers=""table"" linenostart=""53"" highlight-lines=""1,3,8"" style=""native"" lang=""html+php"" pyg-id=""1"" ]
checkstyle
[code-highlight style=""native"" lang=""perl"" pyg-id=""2"" ]
(?:s+)(?:(/*([^*]|[rn]|(*+([^*/]|[rn])))**+/)|(//(?!.*(CHECKSTYLE)).*))
[/code-highlight]
}}}
Here dump after this line
{{{
$textarr = wp_html_split( $content );
var_dump($textarr);
exit;
}}}
{{{
array(25) {
[0]=>
string(0) """"
[1]=>
string(3) """"
[2]=>
string(28) ""Some amount of useless text ""
[3]=>
string(11) """"
[4]=>
string(0) """"
[5]=>
string(4) ""
""
[6]=>
string(1) ""
""
[7]=>
string(3) """"
[8]=>
string(121) ""[code-highlight line-numbers=""table"" linenostart=""53"" highlight-lines=""1,3,8"" style=""native"" lang=""html+php"" pyg-id=""1"" ]""
[9]=>
string(6) "" ""
[10]=>
string(1) ""
""
[11]=>
string(464) """"
[12]=>
string(10) ""checkstyle""
[13]=>
string(9) """"
[14]=>
string(0) """"
[15]=>
string(4) ""
""
[16]=>
string(56) ""
[code-highlight style=""native"" lang=""perl"" pyg-id=""2"" ]""
[17]=>
string(6) "" ""
[18]=>
string(72) ""
(?:s+)(?:(/*([^*]|[rn]|(*+([^*/]|[rn])))**+/)|(//(?!.*(CHECKSTYLE)).*))""
[19]=>
string(6) "" ""
[20]=>
string(19) ""
[/code-highlight]
""
[21]=>
string(3) """"
[22]=>
string(15) ""Some Text Again""
[23]=>
string(4) ""
""
[24]=>
string(1) ""
""
}
}}}
As you can see one shortcode was not splitted, and here the problem. If php closing tag is present (?>)
than everything works fine.
Problematic regex provider
{{{#!php
is found.
. '-(?!->)' // Dash not followed by end of comment.
. '[^\-]*+' // Consume non-dashes.
. ')*+' // Loop possessively.
. '(?:-->)?'; // End of comment. If not found, match all input.
$cdata =
'!\[CDATA\[' // Start of comment, after the <.
. '[^\]]*+' // Consume non-].
. '(?:' // Unroll the loop: Consume everything until ]]> is found.
. '](?!]>)' // One ] not followed by end of comment.
. '[^\]]*+' // Consume non-].
. ')*+' // Loop possessively.
. '(?:]]>)?'; // End of comment. If not found, match all input.
$escaped =
'(?=' // Is the element escaped?
. '!--'
. '|'
. '!\[CDATA\['
. ')'
. '(?(?=!-)' // If yes, which type?
. $comments
. '|'
. $cdata
. ')';
$regex =
'/(' // Capture the entire match.
. '<' // Find start of element.
. '(?' // Conditional expression follows.
. $escaped // Find end of escaped element.
. '|' // ... else ...
. '[^>]*>?' // Find end of normal element.
. ')'
. ')/';
}
return $regex;
}
}}}
Without any doubts this case should be included in regex. ",crosp
Tickets Awaiting Review,42164,Conditional Tags not working when using ugly URL,,Query,4.8.2,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2017-10-10T10:23:14Z,2017-10-10T13:54:21Z,"When accessing a category archive via its pretty URL e.g.
{{{
example.com/category/whatever
}}}
the conditional tag
{{{
is_category()
}}}
returns '''true'''.
Accessing the same category archive via its ugly URL
{{{
example.com?cat=whatever
}}}
the conditional tag
{{{
is_category()
}}}
returns '''false'''.
I'm pretty sure this concerns other conditional tags too. This is not only a cosmetic flaw because it causes WP to use the wrong template. I've tested it with Twenty Seventeen and the homepage template was used in case of using an ugly URL.
Due tue the ugly URL always work independently of permalink settings this is a bug in my opinion.",petersplugins
Tickets Awaiting Review,28701,Deleted option is not deleted if value was ever null,,"Options, Meta APIs",2.2,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2014-07-01T04:15:03Z,2021-02-16T10:34:38Z,"If an autoloaded option ever contains `null`, it will cease to be autoloaded after this. It will then be stored in the individual option cache (`wp_cache_get('optname', 'options')`), rather than the autoloaded options. The autoloaded option cache will then contain `optname` with the value `null` (and `isset(null) === false`).
Typically, this would be fine, but `delete_option` checks the database autoload value directly. It then only attempts to delete this from the autoload options cache (which again fails because of an isset check).
After deleting, the value is still stored in the object cache (!!!), causing it to return a value despite not existing in the database.
As far as I can tell, this has existed since r4855 (WP 2.2).
----
To reproduce (requires external object cache to be enabled):
{{{
// Add the option with initial value set to null
add_option( 'testingkey', null );
// Update to real value
update_option( 'testingkey', 'realvalue' );
// Delete the option completely
delete_option( 'testingkey' );
// Check the value
var_dump( get_option( 'testingkey', 'default' ) );
}}}
Expected result:
{{{
string(7) ""default""
}}}
Actual result:
{{{
string(9) ""realvalue""
}}}",rmccue
Tickets Awaiting Review,19998,Feeds can contain characters that are not valid XML,,Feeds,3.3.1,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2012-02-09T16:28:47Z,2020-06-19T00:25:59Z,"It is possible for any of the feeds to contain control characters which are not valid in XML e.g. http://www.fileformat.info/info/unicode/char/1c/index.htm
When outputting user supplied content in an XML context we should strip these control characters - they are unprintable and just break feed parsers.
http://en.wikipedia.org/wiki/Valid_characters_in_XML has a good list of what is and isn't valid.
I guess we need a {{{strip_for_xml()}}} function or something.",westi
Tickets Awaiting Review,50002,"Hack in get_sample_permalink() can cause filters like post_link, and pre_post_link to have inaccurate post_status in admin",,"Posts, Post Types",5.4,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2020-04-24T20:07:13Z,2020-04-26T12:35:32Z,"For context: https://github.com/aubreypwd/WordPress/issues/5
When editing a post (that is a draft) in the admin, add a filter to `post_link` you'll notice that the pass for `get_sample_permalink()` shows that `$post->post_status` is set incorrectly (un-truthfully) to `publish`.
This is because of a 12 year old block of code in `get_sample_permalink()`:
{{{
// Hack: get_permalink() would return ugly permalink for drafts, so we will fake that our post is published.
if ( in_array( $post->post_status, array( 'draft', 'pending', 'future' ) ) ) {
$post->post_status = 'publish';
$post->post_name = sanitize_title( $post->post_name ? $post->post_name : $post->post_title, $post->ID );
}
}}}
In order for `post_link` and even `pre_post_link` filters to pass accurate info about a post, the patch I have attached is my first attempt at ensuring `get_sample_permalink()` still gets the same result, while not affecting `post_status`. Obviously I tested this, but I still feel some more testing will need to be done.
",aubreypwd
Tickets Awaiting Review,53692,Inaccurate schema for the app_id property in the application-passwords endpoints,,Application Passwords,5.6,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2021-07-19T12:28:48Z,2021-07-19T12:32:43Z,The schema for the `app_id` property of objects in the `wp/v2/application-passwords/*` endpoints has a `format` of `uuid`. This is not entirely accurate because if no app ID was provided when the application password was registered then this field contains an empty string.,johnbillion
Tickets Awaiting Review,53236,Nonce lifespans are inaccurate and unintuitively affected by timezones,,Date/Time,2.5,normal,minor,Awaiting Review,defect (bug),new,needs-unit-tests,2021-05-20T09:51:46Z,2021-06-02T04:37:01Z,"The docs on [[https://developer.wordpress.org/reference/functions/wp_verify_nonce/|wp_verify_nonce()]] specify that nonces are either 0-12 or 12-24 hours old by default, but this isn't true. In reality, the value `1` means < 12 hours old, but `2` means anywhere from 1 second to < 24 hours old.
Observe what happens to the nonce tick value over a day:
||=local time=||=seconds since epoch=||=tick=||
||2021-05-20T00:00:00+03:00||1621458000||37534||
||2021-05-20T01:00:00+03:00||1621461600||37534||
||2021-05-20T02:00:00+03:00||1621465200||37534||
||2021-05-20T03:00:00+03:00||1621468800||37534||
||2021-05-20T04:00:00+03:00||1621472400||37535||
||2021-05-20T05:00:00+03:00||1621476000||37535||
||2021-05-20T06:00:00+03:00||1621479600||37535||
||2021-05-20T07:00:00+03:00||1621483200||37535||
||2021-05-20T08:00:00+03:00||1621486800||37535||
||2021-05-20T09:00:00+03:00||1621490400||37535||
||2021-05-20T10:00:00+03:00||1621494000||37535||
||2021-05-20T11:00:00+03:00||1621497600||37535||
||2021-05-20T12:00:00+03:00||1621501200||37535||
||2021-05-20T13:00:00+03:00||1621504800||37535||
||2021-05-20T14:00:00+03:00||1621508400||37535||
||2021-05-20T15:00:00+03:00||1621512000||37535||
||2021-05-20T16:00:00+03:00||1621515600||37536||
||2021-05-20T17:00:00+03:00||1621519200||37536||
||2021-05-20T18:00:00+03:00||1621522800||37536||
||2021-05-20T19:00:00+03:00||1621526400||37536||
||2021-05-20T20:00:00+03:00||1621530000||37536||
||2021-05-20T21:00:00+03:00||1621533600||37536||
||2021-05-20T22:00:00+03:00||1621537200||37536||
||2021-05-20T23:00:00+03:00||1621540800||37536||
…and over the boundary of a tick:
||=local time=||=seconds since epoch=||=tick=||
||2021-05-20T14:59:58+03:00||1621511998||7535||
||2021-05-20T14:59:59+03:00||1621511999||7535||
||2021-05-20T15:00:00+03:00||1621512000||7535||
||2021-05-20T15:00:01+03:00||1621512001||7536||
||2021-05-20T15:00:02+03:00||1621512002||7536||
In this example, you can see that a nonce generated at 3pm and verified one second later will return 2 because of the tick change. The ticks do not align with timezones due to their basis in universal time, so nonces will always appear “old” to your code at certain times of the day, as touched on in ticket:33635#comment:2.
I haven't thought of a way to reduce the huge variance in ages that have equal nonce values, but I did think of a way to make them more predictable. I've attached a patch that would align ticks to WP's timezone so there would be a predictable two ticks per calendar day, a.m. and p.m., starting at 00:00.",lev0
Tickets Awaiting Review,42323,Posts vs CPT user permissions issue,,"Posts, Post Types",4.9,normal,normal,Awaiting Review,defect (bug),assigned,needs-unit-tests,2017-10-24T14:51:56Z,2017-10-24T15:10:29Z,"We have the following use case:
1. User does not have access to create new ""Posts""
2. User does have access to create new Product Submissions (CPT post type)
With these prerequisites, when the user clicks on ""New Product Submission"" from the list view (or the edit view), they get the No access message.
This happens because in core we check for `edit.php` no_priv instead of `edit.php?post_type=product_submission`.",bor0
Tickets Awaiting Review,53622,"Query Param status default is a string value, but an array is required",rachelbaker*,REST API,,normal,minor,Awaiting Review,defect (bug),accepted,needs-unit-tests,2021-07-07T17:24:41Z,2023-02-20T21:33:06Z,"The default value in the collection params that is a string. https://github.com/WordPress/wordpress-develop/blob/953e1c5f8313a89d4d3b99ab5996b4660045c976/src/wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php#L2847
Really, we should make that `['publish']`.
Original commit: https://github.com/WordPress/wordpress-develop/commit/ede099a7047a150a37d43a380e661b99387bce41",austyfrosty
Tickets Awaiting Review,40477,REST API: Does NOT Trigger New User Notifications!,,Users,4.7,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2017-04-19T07:35:19Z,2017-12-04T05:11:43Z,"If you create new users with WP REST API. The notification for new WordPress users via email does NOT get triggered. I tried it on a fresh install. Used the [Email log](https://wordpress.org/plugins/email-log/) WP plugin to test that no emails were sent.
",mrahmadawais
Tickets Awaiting Review,41226,"Static ""posts page"" preview not working",,"Posts, Post Types",,normal,normal,Awaiting Review,defect (bug),reopened,needs-unit-tests,2017-07-03T09:41:05Z,2019-02-17T13:21:59Z,"My site has both a static front page and a static posts page. The former is intended to be the site's home page, the latter the blog section home page.
The static posts page is a regular page, created through the admin interface. Some parts of it are editable by admin - this is a design choice driven by project needs.
Whenever I update the static posts page through the editor, the preview doesn't work: '''clicking on the ""preview"" shows the preview of the ""front page"" instead.'''
Apart from that, everything works on the front-end side, and I can edit and save the posts page as needed.
Unfortunately, as the project is being currently developed, I can't publicly publish urls or screenshots at the time.",emross
Tickets Awaiting Review,43489,Strengthen resilience of wp_register_plugin_realpath to support Gutenberg,,Plugins,,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2018-03-07T18:25:25Z,2020-12-01T05:24:00Z,"For many years now I've been working in a Windows development environment with multiple subdirectory installs referencing plugins using symlinks.
Every now and then I get problems due to plugin files apparently not being present when they quite clearly are. I have not been able to track it down. I think it's a bug in PHP associated with OpCache.
Anyway, the bottom line is that sometimes this problem, or something similar, results in the `$wp_plugin_paths` array containing entries with a null value for `$realdir`.
This can lead to the following:
`Warning: strpos(): Empty needle in C:\apache\htdocs\hm\wp-includes\plugin.php on line 658.`
This message has the uncanny knack of happening at the most inappropriate times.
Now, with Gutenberg looming, the problem is further reducing my ability to create content locally; Gutenberg can't handle the unexpected Warnings and Notices from a development server and fails. See https://github.com/WordPress/gutenberg/issues/5439
To reduce the likelihood of the problem I'd like to propose a change to `wp_register_plugin_path()` to cater for a false value being returned from the `realpath()` PHP function.
The proposal being that if `$plugin_realpath` does appear to be null, then don't add an entry in `$wp_plugin_paths`.
This change will prevent the warning message being issued from plugin_basename()'s test
{{{
if ( strpos( $file, $realdir ) === 0 ) {
}}}
and therefore increases the robustness of the system.
Bottom line.
- `realpath()` may return false.
- This should be catered for.
",bobbingwide
Tickets Awaiting Review,60158,The description field for media doesn't automatically make paragraphs in the generated code,joedolson*,Media,,normal,normal,Awaiting Review,defect (bug),accepted,needs-unit-tests,2023-12-27T11:47:53Z,2024-02-12T21:00:48Z,"There are two ways to edit a media:
- via a modal window where all the contribution fields are only simple textareas;
- via a dedicated web page where ""alternative text"" and ""caption"" fields are simple textareas and the ""description"" field is a WYSIWYG editor in text mode where TinyMCE is deactivated.
For some media, you can need to add a long description just like a transcript (for videos, audios, complex images like infographic, etc.).
So, in these cases, the description field can be used because it's totally appropriate.
But, there is a problem: usually, in editor fields, the paragraphs ( elements) are automatically added when you display the web page (in the front view). In this field, they are not.
For accessibility reason, paragraphs need to be HTML paragraphs ([https://www.w3.org/WAI/WCAG21/Understanding/info-and-relationships.html WCAG Success Criterion 1.3.1: Info and Relationships (level A)]).
I've tried to modify the code in the core to add TinyMCE that is explicitly deactivated and this is fixing the problem.
It's in wp-admin/includes/media.php, on line 3261 where you can just change ""false"" to ""true"" for ""tinymce"":
{{{#!php
'strong,em,link,block,del,ins,img,ul,ol,li,code,close' );
$editor_args = array(
'textarea_name' => 'content',
'textarea_rows' => 5,
'media_buttons' => false,
'tinymce' => false,
'quicktags' => $quicktags_settings,
);
}}}
So, is it possible to activate TinyMCE for this field? Why is it deactivated?
Or, if it's not possible, is it possible to make this option hookable?
Thank you
",juliemoynat
Tickets Awaiting Review,40588,Trashing and restoring a draft post replaces the slug,,"Posts, Post Types",4.5,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2017-04-27T20:39:43Z,2018-07-31T14:57:32Z,"Using the latest version of WordPress, if you create a draft post with a slug, lets say 'test-post', then trash it and restore it, the slug becomes
{{{__trashed-xxx}}}, where xxx is a number
Related to https://core.trac.wordpress.org/ticket/11863",TJNowell
Tickets Awaiting Review,56694,Uncached database read for logged in users when Privacy Policy Page is deleted,,Privacy,5.7,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2022-09-29T20:47:20Z,2022-09-29T21:24:19Z,"As a logged in WordPress user navigating around WordPress Admin, a hook fires on every admin page that attempts to notify you whether or not the suggested Privacy Policy text (in WordPress) has changed, sourced from the ""Privacy Policy Guide"" settings page.
The Privacy Policy itself is a Page, and the numeric ID of that page is saved as a Setting.
If the WordPress Page (that matches the ID that is set as the Privacy Policy Page setting) is permanently deleted, WordPress still attempts to query the database to look for this Page.
This results in a single database read query that will never find what it is looking for, and is not cached because it does not exist, causing it to happen again on every subsequent page that any logged in user navigates to inside of WordPress Admin.
* This user would normally never know this database chatter is happening because it isn't anything they are intentionally looking for
* I discovered this misbehavior while using the Query Monitor plugin on a dev site, and noticed that there was always 1 uncached database read
Screenshot of the query & call stack will be attached below.",johnjamesjacoby
Tickets Awaiting Review,41791,Unicode + add_permastruct breaks rewrite rules,,Rewrite Rules,4.9,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2017-09-04T11:15:57Z,2017-09-15T13:14:58Z,"This was reported here https://github.com/woocommerce/woocommerce/issues/16673
To recreate the issue, create a taxonomy with a cyrillic name such as Сертификат. View the taxonomy archive. You'll see no results; it will go to the homepage rather than an archive.
In WooCommerce you can recreate this by creating an attribute (Product > Attributes) with a cyrillic name, and enabling the 'archive', assigning a term from this taxonomy to a product, and trying to view products by that term.
I managed to trace it back to the `add_permastruct`. The `struct` is added with unicode % encoded characters. When the rewrite rules are processed, it thinks these are placeholders so the `matches` variables do not align. See this screenshot for clarity:
https://www.dropbox.com/s/5vztnfm6895488a/query%20is%20wrong.png?dl=0
Notice all the $matches? Compare to a working taxonomy:
https://www.dropbox.com/s/24zyr5v7taw7b60/correct.png?dl=0
This can be fixed by using `urldecode` when adding the permastruct. I don't know if this has side effects but it worked in testing.
Patch to follow.
",mikejolley
Tickets Awaiting Review,59354,Unnecessary queries performed when updating a post without providing categories or tags,,"Posts, Post Types",,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2023-09-14T22:43:53Z,2023-09-14T22:43:53Z,"Given an existing post with at least some categories or tags present, updating the post via `wp_update_post()` (which calls `wp_insert_post()`) with data that does not include categories or tags, many unnecessary taxonomy-related database queries are performed. This slows down the saving significantly.
* If `$postarr` doesn't contain a `post_category` element, there's no point in calling `wp_set_post_categories()`.
* If `$postarr` doesn't contain a `tags_input` element, there's no point in calling `wp_set_post_tags()`
== Todo ==
* Need tests to verify the above is correct
* Need a list of queries that are performed before and after the change
== To reproduce ==
1. Publish a post with at least one category
2. Update the post via:
{{{#!php
$id,
'post_content' => 'Hello, World!',
] );
}}}
3. Observe that a significant number of unnecessary taxonomy queries are performed",johnbillion
Tickets Awaiting Review,43071,User without the ability to publish are unable to edit post status,,Editor,,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2018-01-11T21:46:21Z,2021-12-10T05:34:24Z,"If a user is able to edit a post but unable to publish a post, they can change the post status from the `wp-admin/edit.php?post_type=post_type` page using the quick edit dropdown feature. However, if the user goes to the `wp-admin/post.php?post=ID&action=edit` page, they are unable to edit the post status.
User who are able to edit post_type should be able to do so from the post edit page.",NathanAtmoz
Tickets Awaiting Review,42513,WP_Theme::get_post_templates() is extremely inefficient for large themes,,Themes,4.8.3,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2017-11-11T14:07:01Z,2017-11-12T13:13:42Z,"WP_Theme::get_post_templates() uses file_get_contents() to read the complete contents of each theme php file in the root of a theme into memory, twice, and processes the result with a custom Regular Expression.
As a result, significantly more data than necessary is processed when loading large themes.
In addition, because the standard get_file_data() function is not called (as it is with all other header comments), the ""extra_{$context}_headers"" filter is never called, which is inconsistent behavior with other file_header related operations, such as the WP_Theme constructor.",gschoppe
Tickets Awaiting Review,52559,When doing JOINs for meta queries the meta_key should be in the ON clause whenever possible.,,Query,,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2021-02-17T17:17:35Z,2021-04-26T07:45:57Z,"Currently when doing `JOIN`s for meta queries the meta_key is only included in the `ON` clause if the meta compare is `NOT EXISTS`. In all other cases only the `post_id` is included.
This means that the meta key is only filtered after the JOIN is done.
Case in point, a meta_query that with 5 different keys generates the following query:
{{{#!sql
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts
LEFT JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id )
LEFT JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id )
LEFT JOIN wp_postmeta AS mt2 ON ( wp_posts.ID = mt2.post_id )
LEFT JOIN wp_postmeta AS mt3 ON ( wp_posts.ID = mt3.post_id )
LEFT JOIN wp_postmeta AS mt4 ON (wp_posts.ID = mt4.post_id AND mt4.meta_key = 'events_time_frame_end' )
WHERE 1=1 AND (
( wp_postmeta.meta_key = 'events_date_till' AND wp_postmeta.meta_value >= '20210217' )
AND
(
( mt1.meta_key = 'events_date_till' AND mt1.meta_value > '20210217' )
OR
(
( mt2.meta_key = 'events_date_till' AND mt2.meta_value = '20210217' )
AND
( mt3.meta_key = 'events_time_frame_end' AND mt3.meta_value >= '14:59:19' )
)
OR
mt4.post_id IS NULL
)
) AND wp_posts.post_type = 'events' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' OR wp_posts.post_status = 'dp-rewrite-republish') GROUP BY wp_posts.ID ORDER BY wp_postmeta.meta_value ASC LIMIT 0, 10;
}}}
This query takes 60 seconds on very well provisioned database with posts that each have 50 postmeta rows in a database with 50 million total postmeta rows.
In contrast the following query:
{{{#!sql
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts
LEFT JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = 'events_date_till' )
LEFT JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id AND mt1.meta_key = 'events_date_till' )
LEFT JOIN wp_postmeta AS mt2 ON ( wp_posts.ID = mt2.post_id AND mt2.meta_key = 'events_date_till' )
LEFT JOIN wp_postmeta AS mt3 ON ( wp_posts.ID = mt3.post_id AND mt3.meta_key = 'events_time_frame_end' )
LEFT JOIN wp_postmeta AS mt4 ON (wp_posts.ID = mt4.post_id AND mt4.meta_key = 'events_time_frame_end' )
WHERE 1=1 AND (
( wp_postmeta.meta_value >= '20210217' )
AND
(
( mt1.meta_value > '20210217' )
OR
(
( mt2.meta_value = '20210217' )
AND
( mt3.meta_value >= '14:59:19' )
)
OR
mt4.post_id IS NULL
)
) AND wp_posts.post_type = 'events' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' OR wp_posts.post_status = 'dp-rewrite-republish') GROUP BY wp_posts.ID ORDER BY wp_postmeta.meta_value ASC LIMIT 0, 10;
}}}
Takes 400ms and returns identical results.
I believe the cause here is that because in the first query filtering is only done after the join and each event has 50 postmeta fields MySQL is first creating a virtual table with 50^4^ ( 4 because the last JOIN does include the meta_key ) rows joined resulting in 60.000.000 total that are then filtered back down.
Adding the meta_key condition to the `ON` clause means we're only joining 1 ( or a small number in the case of the meta_key existing in multiple rows ) rows for each JOIN meaning the virtual table being created is significantly smaller thus having much better query performance.
At the very least when there is any LEFT JOIN occurring then ALL `meta_key` conditions should be moved in the `ON` clause. Although it may be simpler to always have the `meta_key` condition in the `ON` clause.",herregroen
Tickets Awaiting Review,50863,[playlist] + text =
error,,Formatting,5.4.2,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2020-08-06T02:49:55Z,2020-08-06T13:41:14Z,"There is a bug that is very simple to reproduce -
if you create a [playlist] and then add some text, such as
[playlist ids=""1,2,3""] Hey everyone, check out my new songs!
it will produce an html parsing error where element is closed, but never opened.
Thank you",hvar
Tickets Awaiting Review,38486,current_page_parent class wrongly added to menu item,williampatton,Menus,4.6.1,normal,normal,Awaiting Review,defect (bug),assigned,needs-unit-tests,2016-10-25T15:46:20Z,2020-07-31T16:06:44Z,"If the current page being viewed is either of the following:
- a custom post type archive
- a custom post type single item
a {{{current_page_parent}}} class is added to the menu item assigned as the {{{page_for_posts}}}.
I believe this is wrong because the page assigned as the {{{page_for_posts}}} is associated with ''posts'' only. It has nothing to do with CPTs.",henry.wright
Tickets Awaiting Review,9968,dynamically adding/removing filters breaks plugins,,Plugins,,low,normal,Awaiting Review,defect (bug),reopened,needs-unit-tests,2009-05-28T23:43:11Z,2020-03-02T15:43:22Z,"noticed this while doing something similar to this:
{{{
add_action('foo', 'bar1', 10);
add_action('foo', 'bar2', 20);
function bar1() {
remove_filter('foo', 'bar1', 10);
}
}}}
in the above, bar2() doesn't get called. it is because of the usage of next()/current() to loop through filters.
attached patch uses a foreach loop instead, to make it work.",Denis-de-Bernardy
Tickets Awaiting Review,37454,get_avatar_data() delivers different url for scheme=https and is_ssl(),,Users,4.3,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2016-07-25T08:09:46Z,2017-02-15T07:56:44Z,"get_avatar_data() has an option to set the scheme. If https is used, an image URL is returned which is different to the one which is returned in case delivery is conducted via https without the scheme parameter. I think it would be better to serve the same gravatar url for https pages and explicit https-scheme requests.
Regarding performance and depending on the infrastructure, it could also be benefical to drop https://%d.gravatar.com completely and serve all requests to gravatar independent of the page's protocol via https://secure.gravatar.com/ to benefit from HTTP/2 (http and https://%d.gravatar.com requests are served via HTTP/1.1 whereas https://secure.gravatar.com/ allows multiplexing via HTTP/2).",neoxx
Tickets Awaiting Review,42517,get_file_data() doesn't support the single-line variant of post template headers,,General,4.9,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2017-11-12T13:05:45Z,2017-11-13T17:24:40Z,"get_file_data() is the common function used to retrieve information stored in a file's header comment. The function works fine for Plugin files and Theme style.css files, but is currently not used by the functions enumerating post templates, despite their header format being a clear subset of the same grammar.
The issue comes from the fact that post templates have traditionally supported single-line header comments, of the form:
{{{#!php
}}}
or even
{{{#!php
# Template Name: Full-Width ?>
}}}
Addressing this inconsistency will allow post templates to use the same file-handling function that other theme/plugin files use, and will significantly reducing the amount of potential data parsed by WP_Theme::get_post_templates() see issue [https://core.trac.wordpress.org/ticket/42513 #42513]",gschoppe
Tickets Awaiting Review,36273,update_attached_file() on Windows will result in invalid image path when using native Windows directory separators,,Media,4.4.2,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2016-03-18T10:48:16Z,2018-04-30T23:34:09Z,"Calling ''update_attached_file( $image->ID, $file );'' on platforms like Windows can be really bad if ''$file'' was normalized/validated using PHP's ''realpath()'' function:
{{{#!php
ID );
// Well, in real world you could have created the path manually...
// The only important thing to know is, that we call ""realpath()"" which will
// convert any directory separator into the native directory separator:
// Linux will end with /dir/subdir/basename.jpg
// Windows will end with C:\Dir\Subdir\basename.jpg
$file = realpath( $file );
// Again, this is just a demo, for real world cases see plugins like ""Force Regenerate Thumbnails""
// But this is a valid API call:
update_attached_file( $image->ID, $file );
// On Windows this will result in an update statement like
// UPDATE `postmeta` SET `meta_value` = 'C:WWWSitesdemohtdocswordpresswp-contentuploads201603example.jpg' WHERE `post_id` = 123 AND `meta_key` = '_wp_attached_file'
// when $file was set to ""C:\WWW\Sites\demo\htdocs\wordpress\wp-content\uploads\2016\03\example.jpg""
// Now imagine a plugin which is re-generating thumbnails :]
// The problem is
// $meta_value = wp_unslash($meta_value);
// in wp-includes/meta.php update_metadata().
}}}
When using ''update_attached_file()'' we should make sure that ''update_metadata()'' don't update the path value to an invalid value...
PS: After you updated all image paths to an invalid value, the media library won't work anymore:
{{{
[18-Mar-2016 07:31:10 UTC] PHP Warning: file_exists() expects parameter 1 to be a valid path, string given in C:\WWW\Sites\demo\htdocs\wordpress\wp-includes\media.php on line 3063
}}}
",Whissi
Tickets Awaiting Review,38052,wp-utility.js misses function argument null,,General,4.6,normal,major,Awaiting Review,defect (bug),new,needs-unit-tests,2016-09-14T09:26:29Z,2017-07-28T08:57:16Z,"Since 4.6 the wp-utility is updated. The null parameter has been removed here:
{{{
compiled = compiled || _.template( $( '#tmpl-' + id ).html(), null, options );
}}}
to
{{{
compiled = compiled || _.template( $( '#tmpl-' + id ).html(), options );
}}}
Which can give the following error:
{{{
wp-util.min.js:1 Uncaught TypeError: (intermediate value)(intermediate value) is not a function
}}}
This is fixed by adding that null value again like this:
{{{
compiled = compiled || _.template( $( '#tmpl-' + id ).html(), null, options );
}}}
Affects version 4.6 and 4.6.1",wiardvanrij
Tickets Awaiting Review,36437,wp_delete_attachment causes warning,,Media,2.0,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2016-04-07T06:24:34Z,2017-07-27T16:26:17Z,wp_delete_attachment assumes that attachments uses category and post_tag taxonomies. This causes a warning in wp_delete_object_term_relationships when post type attachment is not using category or post_tag taxonomies.,thorbrink
Tickets Awaiting Review,28664,"wp_load_alloptions() fails to set object cache when persistent alloptions cache is ""0""",,Cache API,,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2014-06-28T17:44:57Z,2022-07-08T14:55:25Z,"When alloptions persistent object cache is set to `0`, `wp_load_alloptions()` fails to reset it with appropriate values. This results in every use of `get_option()` to produce the load alloptions query `SELECT option_name, option_value FROM wp_options WHERE autoload = 'yes'` because the object cache never gets appropriately populated. Specifically, `wp_cache_add()`won't set the alloptions value when it's already seen to be set.
The end result is a massive impact on site performance when the object cache backend failboats. I'd expect WordPress to handle this scenario a bit more gracefully, possibly falling back to its internal object cache if it detects failures with the persistent object cache. However, it's debatable as to whether the solution lies within a drop-in, or whether it's the responsibility of core.
`wp_cache_add()` is used over `wp_cache_set()` for performance reasons with *external* object caches — it doesn't matter one way or another for the internal object cache (genesis #4138). One option is to distinguish between them, and offer different behaviors. However, the most technically appropriate solution is likely to check that the data coming from `wp_cache_get()` is as expected.
To answer your question before you ask it, I'm not sure how the Memcached persistent object cache value gets set to zero. It seems to come and go, sometimes occurring regularly when I restart Memcached, and I've seen the issue reproduce with both Ryan Boren's and Zack Tollman's drop-ins (meaning real bug is most likely outside of WordPress).",danielbachhuber
Tickets Awaiting Review,37178,Add $cache_only parameter to get_option,,"Options, Meta APIs",,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2016-06-26T11:21:08Z,2023-04-24T13:03:34Z,"When you do `get_option()` and the option doesn't exist in the option cache, WordPress does a query to check whether that option exists and loads it. This is great as default behavior, but when you ''know'' that an option would have been autoloaded, you might not want that to happen.
I propose adding a parameter `$cache_only`, which defaults to false, which, when set to true, returns false when there is no option set in the cache. The ""workaround"" currently would be to set an empty option, but that means adding unnecessary data to the database.",joostdevalk
Tickets Awaiting Review,39695,Add preload headers in redirects,,HTTP API,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2017-01-25T22:09:45Z,2017-02-27T09:32:49Z,"http2 push enabled servers can immediately push linked assets or documents for the client. This saves clients from one round-trip.
At the moment at least Cloudflare and h2o web server can http2 server push assets defined in Link headers: https://www.w3.org/TR/preload/#server-push-http-2.
I believe more will follow in the next few years. WordPress powers so much of the web that it's our responsibility to try to make it as fast as we can.
This is usually quite hard topic because we have no idea what is stored in the client browser cache.
We can start implementing the Link preload headers in internal redirects because in that situation it's quite obvious that the client wants to make that request as their next one.
This is what I want to achieve
{{{
$ curl --http2 -i https://wordpress.test/wp-admin/
HTTP/2 302
...
Location: https://laextra.test/wp-login.php?redirect_to=https%3A%2F%2Flaextra.test%2Fwp-admin%2F&reauth=1
Link: ; rel=preload; as=document
}}}
I created a patch which adds these headers automatically in '''wp_redirect()''' function.
Links about http2 server push:
https://blog.cloudflare.com/announcing-support-for-http-2-server-push-2/
https://h2o.examp1e.net/configure/http2_directives.html",onnimonni
Tickets Awaiting Review,42076,Allow the external HTTP tests to run internally,,Build/Test Tools,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2017-10-03T16:44:26Z,2020-03-22T14:07:03Z,"The tests in the `external-http` group are the worst. They not only perform calls out over the internet, but they rely on a combination of wordpress.org, wordpress.com, example.org, example.com, and youtube.com.
The external oEmbed tests that use youtube.com (`Tests_External_HTTP_OEmbed`) can probably be removed. They're technically fragile (YouTube could change the structure of their embed URLs and cause the tests to fail) and don't actually test anything that core has control over.
It _should_ be possible to run the rest of the external-http tests against a local web server running PHP. As an example, frameworks such as Behat usually run against a server being run by PHP's built in web server.
If the test files from wordpress.com and wordpress.org were downloaded and placed into the test suite data directory, they could be served by a local web server and therefore tested without a remote HTTP request.
Spinning up a local web server in PHP could be made optional via a flag or an environment variable, and could be enabled on Travis by default.
It may even be that the functionality that is being tested by these external HTTP tests can be abstracted and made testable without performing an HTTP request at all, or it could be that the functionality is already covered by unit tests in the Requests framework.
Feedback / ideas welcome.",johnbillion
Tickets Awaiting Review,43588,Anonymize commenter IP address once a comment is no longer pending,,Privacy,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2018-03-20T19:06:12Z,2019-01-09T19:17:26Z,"A commenter's IP address is stored with each comment. The commenters IP address can often be used to identify a single individual or device at a location.
To enhance commentor's privacy, and to reduce the amount of personal data stored by a WordPress site in preparation for upcoming laws like the GDPR, this issue proposes that once a comment transitions out of pending, core WordPress should zero the commentor's IP address final octet similar to how Google Analytics Anonymizes IP addresses
The rationale for keeping it while a comment is pending is to continue to allow anti-spam access to the IP address which can be used to detect spam.
The rationale for keeping all but the last octet is to still allow statistics to be gathered about the general geographic location of commenters based on the first three octets of the IP address.",allendav
Tickets Awaiting Review,43010,Attribute Name Escape,,Formatting,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2018-01-02T17:03:09Z,2022-01-18T14:34:00Z,"The HTML5 spec allows us to arbitrarily named attributes for tags, e.g. '''''data-my-arb-attr-name'''=""attr value""''. This allows for generated attribute names and thus, a need to escape to avoid potential security implications.
I have seen several occasions of developers using `esc_attr` to resolve this case, however this is far from correct - the requirements of the name of an attribute are very different to that of the value, the best example of this simply being whitespace.
The requirements of an attribute name can be found here: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
There is a need for an `esc_attr_name` function to avoid compromises in html.
I have provided a simple addition patch to wp-includes/formatting.php which should resolve this issue.",joe_bopper
Tickets Awaiting Review,56105,Call update_post_parent_caches in the_post function in WP_Query class,,Query,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2022-06-30T12:01:38Z,2023-04-20T12:55:57Z,"Hello Team,
In {{{the_post}}} function {{{class WP_Query}}}, {{{update_post_author_caches}}} is already in use but not {{{update_post_parent_caches}}}.
I am not sure if it is because of {{{update_post_parent_caches}}} calls the private function {{{_prime_post_caches}}} or what.",priyankkpatel
Tickets Awaiting Review,54293,Expand functionality of themes REST API,,REST API,4.7,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2021-10-20T09:30:08Z,2022-06-07T11:59:12Z,"Current the REST API for themes is extremely limited. It only allows for listing themes and getting the current theme. However, there are lots theme related functions that are not possible to access via this api. This includes ( but it not limited to )
- Installing new themes
- Network activating theme ( multisite only )
- Network deactivating theme ( multisite only )
- Active ( switch to theme )
- Deleting theme
Any themes api should allow the patterns / structure of the plugins REST API, in it's params and responses.
It is also worth noting, that have a multisite element, as themes can be network activated / deactivated.",spacedmonkey
Tickets Awaiting Review,41771,Global configuration table,,Networks and Sites,4.9,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2017-08-31T22:19:51Z,2017-09-19T16:37:54Z,"In multisite, there is no way to have settings or configuration what goes applies to all networks. There are network level settings (Network options) and site levels settings (Options) but nothing global.
In #37923 the need for global configuration arose, as storing data the network level ends up with the same data in every network. Also having a global config table, would help rid ourselves of our dependence on PHP defines for configuration. If this config table was installed on single site as well, the following defines, could be moved the config table.
- MULTISITE
- SUBDOMAIN_INSTALL
- WP_CACHE
- FORCE_SSL_ADMIN
- WP_DEFAULT_THEME
This could make the process of installing multisite, much easier.
A number of feature flag that are currently store in options / network options could be moved to the global store. Features such as.
- link_manager - enabled / disabled
- global_terms - enabled / disabled
- use blog_versions - enabled / disabled
- site meta - enabled / disabled
- ms_files_rewriting - enabled / disabled
This global table could also store multi network wide settings such as
- Global super admin
- Global user roles
- Global plugins (Not mu plugins)
- Global database version
- Default Language
",spacedmonkey
Tickets Awaiting Review,54648,Improve filter to enable setting quality for each subsize image,adamsilverstein*,Media,,normal,normal,Awaiting Review,enhancement,accepted,needs-unit-tests,2021-12-17T16:19:39Z,2024-02-23T11:07:57Z,"Talking with https://profiles.wordpress.org/codekraft/ we was wondering if it is possible to get a filter to specify the quality of subsized images.
Right now the `wp_update_image_subsizes` https://github.com/WordPress/wordpress-develop/blob/cdd5e43a04930bac390537944eb6f4256d364bd4/src/wp-admin/includes/image.php#L153 doesn't have that filter.
So on `wp_create_image_subsizes` https://github.com/WordPress/wordpress-develop/blob/cdd5e43a04930bac390537944eb6f4256d364bd4/src/wp-admin/includes/image.php#L228 calls `_wp_make_subsizes` https://github.com/WordPress/wordpress-develop/blob/cdd5e43a04930bac390537944eb6f4256d364bd4/src/wp-admin/includes/image.php#L386
But doesn't specify the quality.
Probably the best solution is to use `set_quality` of the Image Editor ImageMagick/GD classes in the last function.
This can help, in our thoughts, on generate smallest images (like under 200x200) with a different compression that can be more strong, compared to the others, as they have a different usage and the quality of those can be different.
This can save space and speed up the page.
Some examples? In the woocommerce gallery where there are the preview as tiny squares (150x150).
Maybe this idea can interest the new Performance team?",Mte90
Tickets Awaiting Review,43818,Invalidate query caches less aggressively by using a `last_changed` key specific to metadata,,"Options, Meta APIs",,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2018-04-20T08:13:55Z,2018-04-20T08:13:55Z,"Currently, the meta implementations for posts, terms, comments and sites (in multisite) invalidate all respective query caches when any value is changed (via setting the `last_changed` key). This is a really aggressive method of cache invalidation and causes in query caches being too frequently invalidated, resulting in lots of unnecessary cache misses.
Most queries (or at least many queries) do not make use of meta queries, and those should stay unaffected by when a meta value changes. Therefore I suggest introducing a specific `meta_last_changed` cache key, and have the meta functions set that one instead of the generic `last_changed`. In the query classes, we can then check if a meta query is present, and only then make use of the `meta_last_changed` key - otherwise we can ignore it and use the regular `last_changed` key.
Regarding the initial implementation, we should think about whether we would wanna roll this out to all the above object types immediately, or whether we should rather start with an object type less popular for metadata (i.e. ''not'' posts). Related to this is #43813.",flixos90
Tickets Awaiting Review,58416,Media Title field should soft wrap in Media Modal: For better readability/editing of long titles.,,Media,3.5,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2023-05-26T20:48:37Z,2023-06-13T11:08:12Z,"**Usability Issue:**
- In the **Media Modal** the **Title** field currently is an ` ` and as such is single line only.
- Scrolling a ~50 character long title within a ~20 char text field sucks.
- Soft wrapping would really benefit longer media titles in terms of instant readability and easy editing.
**Solution Approaches:**
1. Leaving it a ` ` and tweak it to soft wrapping with CSS only.
- I found the [https://stackoverflow.com/questions/5286663/wrapping-text-inside-input-type-text-element-html-css exact same request on StackOverflow] for HTML in general (CMS agnostic)
- Pure [https://stackoverflow.com/a/31814539/199400 CSS solutions for this] which once worked, became unsupported around 2016 in major browsers.
- Bottom line: ` ` is single line only and always, user agents allow no circumventions.
2. Alternative approach: Use a ` ';
?>
}}}
I have ```string(**) ""Cat 1, Cat 2""```
",sebastian.pisula
Tickets Awaiting Review,40661,WP_Term_Query->parse_query() needs filter like 'get_terms',,Taxonomy,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2017-05-04T10:28:28Z,2017-08-04T17:50:55Z,"The new class/method WP_Term_Query->parse_query() does not provide a filter like the old function get_terms() does. Using WP_Term_Query directly has thus different functionality from using the old wp_terms function.
Using a plugin like:
https://wordpress.org/support/plugin/custom-taxonomy-order-ne/
with a custom term_order field and sorting based on that, gives the default sort based on name.
Adding a filter to the method like get_terms, provides backwards compatibility for plugin and theme authors, that are switching to WP_Term_Query directly.
This filter gives options to apply a custom order to the list of terms.
Reference on support forum:
https://wordpress.org/support/topic/doesnt-reorder-when-using-wp_term_query/
If adding a filter is somehow not wanted by core devs, then I will have to answer to add this filter manually to the code when support requests are coming. To be clear, I would consider that a valid response.",mpol
Tickets Awaiting Review,40357,"dbDelta can't change primary keys, create AUTO_INCREMENT columns and doesn't make significant index changes",,Database,4.8,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2017-04-04T17:20:04Z,2017-04-04T18:21:02Z,"dbDelta has three inter-related issues which center around changing indexes.
1) It isn't possible to change which column is the primary key
2) It isn't possible to add a new AUTO_INCREMENT column
2b) It isn't possible to modify an existing AUTO_INCREMENT to no longer be AUTO_INCREMENT
3) Indices with the same name are not dropped/re-created, even when the index definition is changed significantly.
== Use case ==
A client had been tracking inventory in a custom table where the product ID was the primary key. When he opened a new location, we added a location column, and wanted to be able to track how many of each product was in each location.
1. A table's purpose is being expanded, or otherwise doesn't meet the needs of the data.
Since the primary key is unique, we needed to add a new key column and change which column was designated as the primary key.
2. A table was originally defined without an AUTO_INCREMENT column and the need for such a column arises.
The new column we wanted to add and use for the key was simply an AUTO_INCREMENT integer column. In testing we defined the new column and also defined a new UNIQUE index (so, not changing the primary key yet).
Since dbDelta adds new columns before adding the new indices, and in separate ALTER TABLE statements, MySQL refuses to add a new AUTO_INCREMENT column without an index.
The solution is to add the new column without the AUTO_INCREMENT designation, then add the UNIQUE index, then alter the table to use AUTO_INCREMENT.
3. A primary (or other key) could be significantly and intentionally altered, significantly changing how queries are run.
I understand that WP doesn't want to drop and recreate indices when changing the sub-part of an index (see: https://core.trac.wordpress.org/ticket/34870#comment:21)
However I think that it should change the index, if the definition is significantly altered.
In the use case above, we could've changed the primary key to be `PRIMARY KEY(productId,location)` instead of adding a new column and switching the index to that column.
In other use cases, changing from a BTREE to FULLTEXT index would change which types of queries need to a full table scan.
== This Patch ==
This patch does the following:
1. You can now add a new AUTO_INCREMENT column to an existing table
When a new AUTO_INCREMENT column is added to an existing table, the column creation is done in two parts. First the column is created as a non-AUTO_INCREMENT column, and a separate `ALTER TABLE` statement is set to run after index creation to enable AUTO_INCREMENT.
Note: The CREATE TABLE statement given to dbDelta must provide the required indexes that MySQL expects.
2. You can now modify a column with AUTO_INCREMENT to no longer use AUTO_INCREMENT
3. You can change which column is the primary key
4. Significant index definitions cause an index to be dropped and re-created
The cases that cause an index to be dropped and re-created are:
* An index which wasn't UNIQUE, but now is or vice-versa
* An index which changes index type (eg. FULLTEXT => BTREE)
* An index which contains a different number of columns
* An index which contains a different column order
* An index which contains different columns
Note: Changing the index sub-part or no longer defining the index in the table does not cause it to be dropped.
== Other notes ==
1. I've tried to use WP coding standards and comment my code well. I'd love feedback if there are things I can do better.
2. I've included a file, test.php which takes 13 table definitions, takes them two at a time, and converts between each possible combination.
To run it, put it in the root WordPress directory and run `php ./test.php`.
3. Also, the dbDelta phpunit tests still pass.",stuporglue
Tickets Awaiting Review,45640,get_blogs_of_user improvements,alexstine,Networks and Sites,3.0,normal,minor,Awaiting Review,enhancement,assigned,needs-unit-tests,2018-12-14T11:59:18Z,2021-11-16T13:59:24Z,"get_blogs_of_user function is often pulling more data than it needs. This often won't cause any issues but in some cases when user is attached to big number of blogs, it may lead to out of memory error.
Attached patch has changes that can lead to more improvements like pagination for ""My Sites"" admin page, limitation of listed sites in admin bar and on ""access denied"" page.",maniu
Tickets Awaiting Review,39473,get_routes() called multiple times within single REST request causing the rest_endpoints() filter to also fire more than once,,REST API,4.4,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2017-01-04T21:59:38Z,2023-01-19T23:28:07Z,"Hi all,
Many thanks for creating the REST API, and also for getting it into core! :)
When I had a closer look at how to integrate this in our projects I noticed something peculiar with the rest_endpoints() filter: it is called multiple times over; in some cases twice, in others three times.
So I did a little digging around and found that the root cause seemed to be the use of get_routes() at multiple locations:
- in the rest_pre_dispatch filter (rest_handle_options_request)
- in the rest_post_dispatch filter (rest_send_allow_header)
- in the dispatch() itself
- in the get_index() method
- in the get_namespace_index() method
After looking how these locations interact with each other, I couldn't detect any code which altered the generated route map between consecutive calls to get_routes().
I will add a patch in which I propose to store the generated route map in the class, and re-use that one instead of generating yet again the same array (and also re-filtering the same array).
Since the name 'endpoints' is already taken, and being used in the initialization as well, I thought it would be prune to use another variable name: $route_map, which is also being used in the current doc-block.
I did not profile this patch (not really sure how to do that), so I'm not sure if storing this rather large associative array is a good thing to do. However generating it multiple times (and re-filtering it also) may also be quite 'expensive'.
Thanks,
Ruud
",ruud@…
Tickets Awaiting Review,42148,url_to_postid plain permalinks for CPTs,,Permalinks,1.0,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2017-10-08T11:42:20Z,2017-10-08T11:46:15Z,"Would be nice to have {{{url_to_postid}}} working with plain permalinks for custom post types.
There's are currently some issues in {{{url_to_postid}}} where the wrong ID is returned for custom post type plain permalinks (query-based).
{{{
true
) );
/** Create a post */
$post_id = wp_insert_post( array( 'post_type' => 'findme', 'post_status' => 'publish' ) );
$findme = get_permalink( $post_id );
$found = url_to_postid( $findme );
/** Guess it */
printf( ""%s (%s) == %s (%s)"", $post_id, $findme, $found, get_permalink( $found ) );
exit;
} );
}}}
{{{30 (http://localhost:8080/?findme=30) == 0 ()}}} and {{{30 (http://localhost:8080/?findme=30) == 2 (http://localhost:8080/)}}} if the frontpage is setup to point ot a post.
Why is it not working? Why is the frontpage post being returned? Let's see how the {{url_to_postid}} function works:
{{{
// First, check to see if there is a 'p=N' or 'page_id=N' to match against
if ( preg_match('#[?&](p|page_id|attachment_id)=(\d+)#', $url, $values) ) {
$id = absint($values[2]);
if ( $id )
return $id;
}
}}}
Then?
{{{
if ( trim( $url, '/' ) === home_url() && 'page' == get_option( 'show_on_front' ) ) {
$page_on_front = get_option( 'page_on_front' );
if ( $page_on_front && get_post( $page_on_front ) instanceof WP_Post ) {
return (int) $page_on_front;
}
}
}}}
Uh, wait what... already? So a short-circuit without checking the custom post types. And that's understandable, since there is inherently no support for custom post type ID mappings as pointed out by:
{{{
// Check to see if we are using rewrite rules
$rewrite = $wp_rewrite->wp_rewrite_rules();
// Not using rewrite rules, and 'p=N' and 'page_id=N' methods failed, so we're out of options
if ( empty($rewrite) )
return 0;
}}}
What stands in our way to find the URL earlier?
1. The query var is not one of p, page_id, attachment_id
2. The query var value for CPTs is not necessarily, and most often not numeric (the post_title)
A proposed solution would be to look at the query parameters much higher, maybe by injecting the custom ones, ones that support slugs as well, since WordPress sets the {{{page_title}}} for a CPT itself, so that {{{\d+}}} check would fail.
Use case? Well, this was encountered when trying to paste plain oEmbed URLs for a custom post type (https://github.com/gravityview/GravityView/issues/927).",soulseekah
Tickets Awaiting Review,29717,"wp_check_invalid_utf8 - pcre tricks and failsafes, +mb_convert_encoding, iconv fix, performance",,Formatting,,normal,normal,Awaiting Review,enhancement,new,needs-unit-tests,2014-09-20T17:18:13Z,2019-05-18T07:49:17Z,"Used in core in these 4 functions.
* esc_attr()
* esc_js()
* esc_html()
* sanitize_text_field()
It's the first function to execute for all 4, and especially for sanitize_text_field it gets called quite a bit and is pretty important.
It's purpose is to check a string for invalid utf. It utilizes preg_match with the '/u' modifier to parse both the pattern and subject for utf. PCRE automatically checks both the pattern and subject for invalid utf, upon which it will exit with an error code/constant.
The changes here: Normally pcre is compiled with utf support. It can also be compiled to disallow utf support, and it can be compiled without utf support. If utf is compiled and enabled the '/u' modifier for preg_match is available which turns on the automatic utf validation.
For older dists or those with utf support turned off at compile, there is a trick to enable the same functionality as the '/u' provides.
http://www.pcre.org/pcre.txt
In order process UTF-8 strings, you must build PCRE to include UTF-8
support in the code, and, in addition, you must call pcre_compile()
with the PCRE_UTF8 option flag, or the pattern must start with the
sequence (*UTF8). When either of these is the case, both the pattern
and any subject strings that are matched against it are treated as
UTF-8 strings instead of strings of 1-byte characters.
So the first change to this function was to allow a fallback to that pattern option trick in case '/u' wasnt supported.
1. `@preg_match( '//u', '' ) !== false`
2. `@preg_match( '/(*UTF8)/', '' ) !== false`
3. Fallback to a regex that doesn't require UTF support, instead of using pcre utf validation it searches for it
I also wanted it to have better performance, especially due to its use in those 4 core functions I use often. I benchmarked it pretty thoroughly to try and gain more speed. This patch is about 10-20% faster.
Many gains were from refactoring the logic and control structures, chaining within if statements using bools, and utilizing the static variables to the fullest. This is especially crucial since this function gets called repeatedly. I also gained some cycles by replacing an in_array() check with a `stripos`.
One of the bigger gains came from replacing the `strlen( $string ) == 0` that ran on every run with. Since the $string variable was already casted to a string, that should always work and keep things a little cheaper.
{{{
$string = (string) $string;
// if string length is 0 (faster than strlen) return empty
if ( ! isset( $string[0] ) )
return '';
}}}
The final change was to the 2nd parameters $strip, which if true is supposed to strip the invalid utf out of the string and return the valid. In core nowhere is that parameter being used (yet), which explains the deprecated looking iconv. Also added a fallback to use mb_convert_encoding in case iconv is missing.
{{{
// try to use iconv if exists
if ( function_exists( 'iconv' ) )
return @iconv( 'utf-8', 'utf-8//ignore', $string );
// otherwise try to use mb_convert_encoding, setting the substitue_character to none to mimic strip
if ( function_exists( 'mb_convert_encoding' ) ) {
@ini_set( 'mbstring.substitute_character', 'none' );
return @mb_convert_encoding( $string, 'utf-8', 'utf-8' );
}
}}}
Here are some of the test strings I used, I also used the utf-8-test file at http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt. I did testing on 4.0 using php 5.6, 5.4, 5.3, and 5.4. I verified the output and the strip feature as well. For all tests I had php error_reporting set to the max:
{{{
ini_set( 'error_reporting', 2147483647 );
}}}
{{{
$valid_utf = array(
""\xc3\xb1"", // 'Valid 2 Octet Sequence'
""\xe2\x82\xa1"", // 'Valid 3 Octet Sequence' =>
""\xf0\x90\x8c\xbc"", // 'Valid 4 Octet Sequence' =>
""\xf8\xa1\xa1\xa1\xa1"", //'Valid 5 Octet Sequence (but not Unicode!)' =>
""\xfc\xa1\xa1\xa1\xa1\xa1"", //'Valid 6 Octet Sequence (but not Unicode!)' =>
""Iñtërnâtiônàlizætiøn\xf0\x90\x8c\xbcIñtërnâtiônàlizætiøn"", // valid four octet id
'Iñtërnâtiônàlizætiøn', // valid UTF-8 string
""\xc3\xb1"", // valid two octet id
""Iñtërnâtiônàlizætiøn\xe2\x82\xa1Iñtërnâtiônàlizætiøn"", // valid three octet id
);
$invalid_utf = array(
""\xc3\x28"", //'Invalid 2 Octet Sequence' =>
""\xa0\xa1"", //'Invalid Sequence Identifier' =>
""\xe2\x28\xa1"", //'Invalid 3 Octet Sequence (in 2nd Octet)' =>
""\xe2\x82\x28"", //'Invalid 3 Octet Sequence (in 3rd Octet)' =>
""\xf0\x28\x8c\xbc"", //'Invalid 4 Octet Sequence (in 2nd Octet)' =>
""\xf0\x90\x28\xbc"", // 'Invalid 4 Octet Sequence (in 3rd Octet)' =>
""\xf0\x28\x8c\x28"", //'Invalid 4 Octet Sequence (in 4th Octet)' =>
chr(0xE3) . chr(0x80) . chr(0x22), // Invalid malformed because 0x22 is not a valid second trailing byte following the leading byte 0xE3. http://www.unicode.org/reports/tr36/
chr(0xF8) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Invalid UTF-8, overlong 5 byte encoding.
chr(0xD0) . chr(0x01), // High code-point without trailing characters.
chr(0xC0) . chr(0x80), // Overlong encoding of code point 0
chr(0xF8) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Overlong encoding of 5 byte encoding
chr(0xFC) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Overlong encoding of 6 byte encoding
chr(0xD0) . chr(0x01), // High code-point without trailing characters
""Iñtërnâtiôn\xe9àlizætiøn"", // invalid UTF-8 string
""Iñtërnâtiônàlizætiøn\xfc\xa1\xa1\xa1\xa1\xa1Iñtërnâtiônàlizætiøn"", // invalid six octet sequence
""Iñtërnâtiônàlizætiøn\xf0\x28\x8c\xbcIñtërnâtiônàlizætiøn"", // invalid four octet sequence
""Iñtërnâtiônàlizætiøn \xc3\x28 Iñtërnâtiônàlizætiøn"", // invalid two octet sequence
""this is an invalid char '\xe9' here"", // invalid ASCII string
""Iñtërnâtiônàlizætiøn\xa0\xa1Iñtërnâtiônàlizætiøn"", // invalid id between two and three
""Iñtërnâtiônàlizætiøn\xf8\xa1\xa1\xa1\xa1Iñtërnâtiônàlizætiøn"", // invalid five octet sequence
""Iñtërnâtiônàlizætiøn\xe2\x82\x28Iñtërnâtiônàlizætiøn"", // invalid three octet sequence third
""Iñtërnâtiônàlizætiøn\xe2\x28\xa1Iñtërnâtiônàlizætiøn"", // invalid three octet sequence second
);
}}}
----
Notes and more info:
{{{
In order process UTF-8 strings, you must build PCRE to include UTF-8
support in the code, and, in addition, you must call pcre_compile()
with the PCRE_UTF8 option flag, or the pattern must start with the
sequence (*UTF8). When either of these is the case, both the pattern
and any subject strings that are matched against it are treated as
UTF-8 strings instead of strings of 1-byte characters.
UTF-8 was devised in September 1992 by Ken Thompson, guided by design
criteria specified by Rob Pike, with the objective of defining a UCS
transformation format usable in the Plan9 operating system in a non-
disruptive manner.
Char. number range | UTF-8 octet sequence
(hexadecimal) | (binary)
--------------------+---------------------------------------------
0000 0000-0000 007F | 0xxxxxxx
0000 0080-0000 07FF | 110xxxxx 10xxxxxx
0000 0800-0000 FFFF | 1110xxxx 10xxxxxx 10xxxxxx
0001 0000-0010 FFFF | 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
A UTF-8 string is a sequence of octets representing a sequence of UCS
characters. An octet sequence is valid UTF-8 only if it matches the
following syntax, which is derived from the rules for encoding UTF-8
and is expressed in the ABNF of [RFC2234].
UTF8-octets = *( UTF8-char )
UTF8-char = UTF8-1 / UTF8-2 / UTF8-3 / UTF8-4
UTF8-1 = %x00-7F
UTF8-2 = %xC2-DF UTF8-tail
UTF8-3 = %xE0 %xA0-BF UTF8-tail / %xE1-EC 2( UTF8-tail ) /
%xED %x80-9F UTF8-tail / %xEE-EF 2( UTF8-tail )
UTF8-4 = %xF0 %x90-BF 2( UTF8-tail ) / %xF1-F3 3( UTF8-tail ) /
%xF4 %x80-8F 2( UTF8-tail )
UTF8-tail = %x80-BF
}}}
* http://www.pcre.org/pcre.txt
* http://us1.php.net/manual/en/pcre.constants.php
* http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8
* http://en.wikipedia.org/wiki/Unicode
* http://unicode.org/faq/utf_bom.html
* http://www.unicode.org/versions/Unicode6.1.0/ch03.pdf
* http://www.pcre.org/pcre.txt
* http://tools.ietf.org/rfc/rfc3629.txt
* http://www.unicode.org/faq/utf_bom.html
* http://www.unicode.org/versions/Unicode5.2.0/ch03.pdf
* http://www.unicode.org/reports/tr36/
* http://tools.ietf.org/rfc/rfc3629.txt
Related Tickets:
* https://core.trac.wordpress.org/ticket/11175
* https://core.trac.wordpress.org/ticket/28786
",askapache
Tickets Awaiting Review,27888,Feature request: `get_current_admin_url()` and `get_current_admin_hook()`,lucatume,Administration,3.9,normal,normal,Awaiting Review,feature request,assigned,needs-unit-tests,2014-04-18T12:22:45Z,2019-12-11T20:16:46Z,"It would be sweet if to be able to get the current page's url using some kind of API. And its hook, for that matter. For instance:
{{{
public function get_current_admin_page_url()
{
if (!is_admin()) {
return false;
}
global $pagenow;
global $typenow;
global $taxnow;
global $plugin_page;
$url = $pagenow;
if (!empty($plugin_page)) {
$url .= '?page='.$plugin_page;
}
elseif (!empty($typenow)) {
$url .= '?post_type='.$typenow;
}
elseif (!empty($taxnow)) {
$url .= '?taxonomy='.$taxnow;
}
return $url;
}
}}}
And something similar for `get_current_admin_hook()`.",Denis-de-Bernardy
Tickets Awaiting Review,37376,Make it possible for custom post type to have an archive but no single,,"Posts, Post Types",4.6,normal,normal,Awaiting Review,feature request,new,needs-unit-tests,2016-07-15T17:55:34Z,2021-08-24T05:07:13Z,"Very commonly we'll have testimonials, faqs, and such custom post types, which warrant an archive, but don't make sense to have a single. It's possible to have a post type with no archive and a single, but not the other way around. Funnily enough, I find that we far more often could use what isn't available versus what is.
There are workarounds. One option is to make it a non-publicly-queryable post type and use a page template or something to display the results. Another option I've seen around is to hook into template_redirect on the single and redirect the user. Chances are there's no links on the front-end, so this really only occurs when users click on the link from edit-post admin-side.
Another thing to consider here is SEO plugins and the like which look to the definition of the CPT to build the sitemap. The redirect method ends up putting useless links in the sitemap. The page template method works fine, but obviously means the CPT has to be queried separately.
Would there be a downside to adding a sibling `has_single` option? If it's true by default then it's backwards compatible, and the single rewrites simply reflect the option.",jason_the_adams
Tickets Awaiting Review,38432,Validate user creation and email change by token,,Login and Registration,4.9,normal,normal,Awaiting Review,feature request,new,needs-unit-tests,2016-10-21T13:34:31Z,2018-01-17T11:57:10Z,"When you register on a wordpress site or when you change your email, we can use a fake email (or error entry) and it create ghost profile. I see 36 bad profile in 2 month on a website.
If an email is send with a validate links (token), the profile or the email change can be executed.
It secure correct data.
Thanks
",lriaudel
Candidates for Closure,34591,"BugFix to WP_Scripts::do_item(), remove doubled ""//""",,Script Loader,4.3.1,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2015-11-05T11:01:37Z,2017-02-05T09:08:07Z,"Current code in `do_item()` of class.wp-script.php on line 172:
{{{
$src = $this->base_url . $src;
}}}
may produce duplicate slashes `""//""`, resulting in problems.
This might be fixed with code:
{{{
$src = $this->base_url . $src;
}}}
Currently:
* WP_Scripts contains: `""public $base_url; // Full URL with trailing slash""` and
* script-loader.php contains calls `$scripts->add()` with initial `""/""` in relative paths
Together this produces doubled slashes `""//""`. For example:
http://www.ocelovehaly.cz/ll//wp-includes/js/jquery/jquery.js?ver=1.11.3
This makes W3TC include script in minified version, but not to remove it from the original HTML.
Including jQuery twice makes LayerSlider not to work.
Please, could you bugfix class.wp-script.php on line 172?
Thank you :-)",jan.mazanek
Tickets Needing Feedback,2691,HTML comments in posts aren't handled properly.,adamsilverstein*,Formatting,2.8.5,normal,normal,Future Release,defect (bug),accepted,needs-unit-tests,2006-04-25T03:16:37Z,2024-01-10T10:11:05Z,"When an HTML comment is added in a post, autop adds paragraph ( ) tags around the comment and for multi-line comments line breaks ( ) are added after every line. This should not happen in HTML comments.
This ticket is similar to #712 which was closed with wontfix. I would like to know why this isn't seen as an issue? It prevents the addition of RDF and other metadata, not to mention just plain old HTML comments in posts.",gord
Unpatched Bugs,33017,Images displayed with page.php instead of index.php,,Themes,,normal,normal,,defect (bug),reopened,needs-unit-tests,2015-07-16T15:04:19Z,2019-06-04T21:15:50Z,"I am developing a theme and currently do not have an `attachment.php` or a `single.php`. When I insert an unattached image into a post and select ""Link to: Attachment Page"", I expect the image to be displayed with `index.php` according to the template hierarchy [https://developer.wordpress.org/files/2014/10/wp-template-hierarchy.jpg]. However, the attachment page is displayed with the `page.php` tempalte instead, and the URL is under my static front page.
The issue does not show up with images attached to the post.",creon
Tickets with Patches,3329,Need to strip % from the auto-permalink in the editor.,pishmishy*,Permalinks,2.0,normal,normal,Future Release,defect (bug),accepted,needs-unit-tests,2006-11-04T20:41:06Z,2023-02-02T12:43:17Z,"I made an article with ""x = 18,98 * y - %10"" as title, and this generated http://www.example.com/blog/2006/11/03/x-1898-y-%10/ which doesn't work.",Heyneken
Tickets with Patches,11235,"Pages whose ancestors are not all ""published"" cannot be used as parents for other pages.",,"Posts, Post Types",2.9,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2009-11-23T01:04:01Z,2019-06-04T18:12:41Z,Pages with trashed parents cannot be used as parents for other pages (they do not appear on the list).,caesarsgrunt
Candidates for Closure,37336,Pre-existing page with slug /embed/ does not work as described,,Embeds,4.5,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2016-07-12T02:22:56Z,2020-09-28T09:56:19Z,"In #34971, embeds were added to static frontpages, and there was a discussion of how this would affect an existing page with a slug of /embed/.
The solution was:
- an existing page with slug /embed/ will work as is and disable the pretty embed URL
- new pages can't be created with a slug of /embed/.
However, this did not work properly. On a site of mine, there is a page with URL /embed/ that was working fine prior to this upgrade. Now:
- if you visit /embed/, you are redirected to the homepage.
- if you attempt to edit the page, the slug previews as /embed-2/, meaning editing the page content and saving has the unwanted side effect of forcing the URL to change and all links to the page to break without warning.
Suggested changes:
- fix whatever is incorrectly redirecting the URL
- allow a slug of /embed/ to continue to save as-is if it already exists.",smerriman
Candidates for Closure,52464,The value of argument passed to the update_option_new_admin_email() is not a valid email.,SergeyBiryukov,Networks and Sites,,normal,normal,Awaiting Review,defect (bug),reviewing,needs-unit-tests,2021-02-07T12:08:54Z,2022-09-29T17:38:21Z,"While creating a patch for ticket #43706, I found out that the function `update_option_new_admin_email()` is responsible for the template. It does accept two parameters, however, the first parameter `$old_value` does not seem to get the correct value.
When checking the value, it holds the value `new_admin_email` instead of the old email address.
Thanks!",tremidkhar
Candidates for Closure,30430,WP_Object_Cache does not properly cache objects nested in arrays,,Cache API,2.0,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2014-11-21T00:17:31Z,2022-07-08T23:23:03Z,"I noticed on a plugin that cached data wasn't coming out the way it was inserted. What was happening is that it was an array of objects. The code would then go and change the original data and the data in the cache is changed. I would expect data retrieved from the cache to be exactly the same as what was inserted.
To make sure there was minimal performance impact I did some tests and the test script is attached. Initially I thought unserialize(serialize($data)) would be a good route, but it was twice as slow as rolling your own solution. I tried numerous methods and the function I initially build was always the fastest.
The transient/option table doesn't have this problem because it calls maybe_serialize.
Another way to fix this would be to call maybe_serialize on the set, and maybe_unserialize on a get but that would spread the cost to both functions and I think it is better to have the set be slightly more expensive than having every set and get take slightly longer.
",jamesgol
Tickets with Patches,28801,Walker::walk makes an incorrect assumption if $top_level_elements is empty.,,General,3.8,normal,normal,,defect (bug),new,needs-unit-tests,2014-07-09T16:02:56Z,2019-06-04T19:46:05Z,"A colleague of mine was generating a sidebar sub-navigation for one of his projects. The subnavigation contained second-level and third-level navigation elements.
The problem my colleague was having was that occasionally third-level elements would not be nested underneath their parent element (also in the list of elements) on some pages.
My colleague was calling wp_list_pages with an array of page IDs that he wanted to render in the sub-navigation, wp_list_pages then turned the list of page IDs into a list of Page objects, and it sorted the page objects by their 'menu_order' attribute; the third-level navigational elements all had their 'menu_order' set to 0, whereas the second-level navigational elements all had 'menu_order' set to something more than 0 - causing the third-level elements to be the first elements in the list.
wp_list_pages later made a call to Walker::walk, passing along that list of pages. Here is a relevant code snippet from Walker::walk:
{{{
/*
* When none of the elements is top level.
* Assume the first one must be root of the sub elements.
*/
if ( empty($top_level_elements) ) {
$first = array_slice( $elements, 0, 1 );
$root = $first[0];
$top_level_elements = array();
$children_elements = array();
foreach ( $elements as $e) {
if ( $root->$parent_field == $e->$parent_field )
$top_level_elements[] = $e;
else
$children_elements[ $e->$parent_field ][] = $e;
}
}
}}}
'''The bug is this code's assumption that the first item in $elements is a suitable root-element for the entire list''' (sentence emboldened for anybody not wanting to read the wall of text). wp_list_pages ordered our list by 'menu_order' which put our 3rd-level elements at the top of the list - causing a 3rd-level element to be treated as the navigation's root.
I wrote up a quick fix for this (I'm not sure if it's the best fix, I'm not overly experienced in Wordpress), and for our project we'll use wp_list_pages with a custom walker class that implements my fix.
Here is the patch of my fix:
{{{
Index: public_html/wp-includes/class-wp-walker.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- public_html/wp-includes/class-wp-walker.php (date 1404915904000)
+++ public_html/wp-includes/class-wp-walker.php (revision )
@@ -217,12 +217,34 @@
/*
* When none of the elements is top level.
- * Assume the first one must be root of the sub elements.
+ * ~~Assume the first one must be root of the sub elements.~~ Disregard - RJ CGIT 2014-07-09
+ *
+ * ----------
+ *
+ * Modified by Rob Jackson, Castlegate IT; 2014-07-09:
+ * Do not assume the first element is root, instead loop through the elements
+ * until we find one whose parent is _not_ in the list of elements. If that fails,
+ * just fall back to the default behaviour of using the first element.
*/
if ( empty($top_level_elements) ) {
+ $root = false;
+ $element_ids = array_map(function($element){ return $element->ID; }, $elements);
+ foreach($elements as $element)
+ {
+ if (!in_array($element->post_parent, $element_ids))
+ {
+ $root = $element;
+ break;
+ }
+ }
+ unset($element);
+
+ if ($root === false)
+ {
- $first = array_slice( $elements, 0, 1 );
- $root = $first[0];
+ $first = array_slice( $elements, 0, 1 );
+ $root = $first[0];
+ }
$top_level_elements = array();
$children_elements = array();
}}}
Kind regards,
Rob
",rob-castlegate
Tickets Needing Feedback,39254,"When in Customizer Preview, starter content posts are not displayed in the loop",westonruter*,Customize,4.7,normal,normal,Future Release,defect (bug),accepted,needs-unit-tests,2016-12-12T21:03:24Z,2020-05-27T04:33:56Z,"As discussed in [https://wordpress.slack.com/archives/core-customize/p1481567934000409 Slack], posts in Starter Content aren't appearing in the posts list.
Being able to display the bundled content, specifically posts, is key for an improved user experience when configuring a new theme. Posts give structure to the theme, allowing users to see exactly how the theme will look with content.
This would also allow theme developers to completely match the content bundled with the theme to the content on the theme’s demo site. This helps address the popular complaint amongst WordPress users that a newly installed theme looks nothing like the demo.",tiagonoronha
Tickets Needing Feedback,37653,"customizer sections with 'active_callback' set to 'is_front_page' don't show when ""Front page displays"" ""a static page"" and no page is selected",,Customize,3.4,normal,normal,,defect (bug),new,needs-unit-tests,2016-08-13T18:02:08Z,2019-06-04T19:41:19Z,"When using a theme with customizer sections set up with the ""active_callback"" feature set to ""is_front_page"", when customizing the theme on a blog which has ""Front page displays a static page"" under ""Reading setting"", these sections to not show up when accessing ""Appearance""->""Customize"".
The problem appears to be that when running ""Customize"", the WP_Query object is started with an empty string. When the query is empty, then `is_front_page` looks at the value of `get_option( 'show_on_front')` and if it is set to ""posts"" it checks `is_home` - which resolves to `true` when the query is empty.
On the other hand, if `get_option( 'show_on_front')` resolves to ""pages"", `is_front_page` then checks `$this->is_page( get_option( 'page_on_front' ) )` which never resolves to true when starting with an empty query.
The problem with `is_page` not responding correctly `get_option( 'show_on_front') == ""pages""` is that `WP_Query::__construct()` will not do anything if `empty($query)` and will not run `WP_Query::query()` - which would in turn run `get_posts()` and then `parse_query` only there does `get_option('show_on_front')` gets resolved and `is_page` is set if needed.
Tested on 4.5.1, but the code paths I traced exist without change in trunk. I'm running my tests on a mutli-site set up, so that might also contribute to the issue, but not in anyway I managed to detect.",Guss77
Tickets Needing Feedback,34475,get_comment_link incorrect page number in returned url.,SergeyBiryukov,Comments,4.3.1,normal,normal,Future Release,defect (bug),reviewing,needs-unit-tests,2015-10-28T16:36:42Z,2019-10-03T22:15:05Z,Since 4.3 core update the get_comment_link function returns incorrect page numbers for paginated comments. Have tried using default twentyfifteen theme with no plugins enabled and issue still persists.,Property118
Candidates for Closure,41746,oEmbed does not respect canonical provider url parameter,,Embeds,2.9,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2017-08-28T20:30:45Z,2017-09-20T20:39:38Z,"I came across a Twitter URL format that would not embed correctly. Providing that URL to their provider endpoint returned an error. But the original page had a ` ` element which already had a working, canonical `url` parameter in its querystring.
An example URL is:
{{{https://twitter.com/i/web/status/898599373956722688}}}
If you try to fetch oEmbed data for that URL by just adding it as a `url` querystring parameter on the standard Twitter oEmbed provider URL, it will return an error.
But view source on that page, and you'll see:
{{{ }}}
Note that the path of this URL is `.../{username}/status/{id}`, whereas the original URL was `.../i/web/status/{id}`.
I've worked out a small patch and method for getting WordPress to use oEmbed discovery to extract and use the canonical URL.
When using `wp_oembed_add_provider()`, if you leave the provider URL falsey, then `WP_oEmbed::get_provider()` will use discovery to find it (assuming that you haven't forced `discovery = false` in `$args`). Then my patch will pull the `url` arg from there and use that, instead of the original URL that was passed in to the embed handling.
Later, when the JSON response is being handled, the code will still be able to see whether this is a whitelisted URL pattern, and bypass/perform security filtering such as `kses()` (see `wp_filter_oembed_result()`).
",dougal
Tickets Needing Feedback,39370,wp_insert_user() appends suffix to nicename when updating already existing user,,Users,4.6.1,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2016-12-22T14:11:21Z,2020-03-12T02:58:27Z,"wp_insert_user() appends suffix to nicename when updating already existing user, even though the user_nicename prop is set to exactly the same value as it currently has.
Steps to reproduce:
- Asuming you have a user in your wordpress database with the ID 1 and user_nicename set to 'test-nicename'.
- If you then make an update using wp_insert_user() of that user and in the update set the user_nicename to 'test-nicename', then wordpress will update the user, but append -2 as a suffix to the nicename.
This happens because of a check located on line 1597 - 1609 in wp-includes/user.php
{{{#!php
get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $user_nicename, $user_login));
if ( $user_nicename_check) {
$suffix = 2;
while ($user_nicename_check) {
// user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix.
$base_length = 49 - mb_strlen( $suffix );
$alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . ""-$suffix"";
$user_nicename_check = $wpdb->get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $alt_user_nicename, $user_login));
$suffix++;
}
$user_nicename = $alt_user_nicename;
}
}}}
This code is there to make sure that there are no duplicate nicenames in the wp_users table, which is fine. However it does not take into account updating the nicename of a user with the same value as it currently has.
The way to solve it is very easy, only simply changes the if() statement to check the id fethced in $user_nicename_check against the ID of the user currently being updated, like so:
{{{#!php
get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $user_nicename, $user_login));
if ( $user_nicename_check && $ID != $user_nicename_check) {
$suffix = 2;
while ($user_nicename_check) {
// user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix.
$base_length = 49 - mb_strlen( $suffix );
$alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . ""-$suffix"";
$user_nicename_check = $wpdb->get_var( $wpdb->prepare(""SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1"" , $alt_user_nicename, $user_login));
$suffix++;
}
$user_nicename = $alt_user_nicename;
}
}}}
This makes prevents the code from appending the suffix when the $user_nicename_check ID matches the ID of the user currently being updated
",alfhen
Candidates for Closure,40676,"wpautop adds opening & closing p tags around the opening a tag and around the closing a tag when the link contains certain flow content elements like div, h1, h2...",,Formatting,4.8,normal,normal,Awaiting Review,defect (bug),new,needs-unit-tests,2017-05-05T10:55:47Z,2017-07-21T11:02:23Z,"Hi,
== Description ==
wpautop leaves {{{}}} (opening tag of the link) in between {{{
}}} tags and {{{ }}} (closing tag of the link) in between {{{
}}} tags when the link contains certain flow content elements like div, h1, h2...
== Example 1 ==
If I add this to the HTML editor:
{{{
DIV inside link
}}}
The output source code is:
{{{
DIV inside link
}}}
----
== Example 2 ==
If I add this to the HTML editor:
{{{
H1 inside link
}}}
The output source code is:
{{{
H1 inside link
}}}
----
== Note 1 ==
I would like to point out that html '''''flow content'' elements such as {{{
}}}
The new filter
{{{#!php
'title',
'parent' => 'parent',
'comments' => 'comment_count',
'date' => array( 'date', true )
);
return apply_filters( ""manage_taxonomies_for_{$post_type}_sortable_columns"", $default );
}
}}}
The developer could then set the filter as normal
{{{
add_filter( ""manage_taxonomies_for_{$post_type}_columns"", 'add_sortable_column' );
function add_sortable_column ( $columns ) {
$columns[ taxonomy-tax_name ] = 'Taxonomy Label';
return $columns;
}
}}}",tifosi
Tickets Needing Feedback,26806,Add support for custom SHORTINIT handlers,,Bootstrap/Load,3.8,normal,normal,,enhancement,new,dev-feedback,2014-01-10T14:30:43Z,2019-06-04T19:24:57Z,"I'm building ajax caching for a plugin and need a handler to '''conditionally''' determine whether to continue loading WP (based on whether a cached version exists).
Example handler file: https://gist.github.com/mgibbs189/8345521
The `SHORTINIT` constant along with `wp-load.php` isn't an option because it forces WP to exit early.
Drop-ins like advanced-cache.php, object-cache.php, or db.php won't work because only 1 plugin at a time can use them. I need for my caching to work in combination with these other plugins (e.g. W3 Total Cache)",mgibbs189
Tickets Needing Feedback,32642,Add supports argument to register_taxonomy,,Taxonomy,4.3,normal,normal,Future Release,enhancement,new,dev-feedback,2015-06-14T12:09:41Z,2018-04-30T15:16:19Z,"This patch adds the `supports` argument to `register_taxonomy()`. It allows custom taxonomies to opt out of having the slug and description fields.
I've had custom private taxonomies where the only field which would be set is ""Name"", so an enhancement like this would allow taxonomies be more lightweight for clients.",paulwilde
Candidates for Closure,40047,Add term_meta to WP_Term class getter method,,Taxonomy,4.8,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-03-06T17:28:27Z,2017-03-13T14:22:20Z,"The `WP_Post` and `WP_User` classes allow getting a meta value by calling its getter function, eg. `$post->my_meta_key`. This functionality was omitted when introducing the `WP_Term` class.",barryceelen
Tickets with Patches,53673,Add unit tests for v5.8 widget sidebar IDs,hellofromTonya,REST API,5.8,normal,normal,Future Release,enhancement,assigned,dev-feedback,2021-07-15T17:55:43Z,2021-08-31T16:58:05Z,"r51239 was included in 5.8, but was intended to have included unit tests as part of the release. See [https://core.trac.wordpress.org/ticket/53452#comment:13 parent ticket] as possible starting point for a unit test patch on this.",JeffPaul
Candidates for Closure,32545,"Adding actions before and after ""Add New"" button",,"Posts, Post Types",4.2.2,normal,normal,Awaiting Review,enhancement,reopened,dev-feedback,2015-06-01T05:33:27Z,2019-05-30T00:04:12Z,"We need a proper action to add new customs options (button, link, information) before and after the ""Add New"" button of post pages.
Such as http://stackoverflow.com/questions/29811433/wordpress-add-custom-button-on-post-type-list-page
on #wp-admin/edit.php line 281
on #wp-admin/edit-form-advanced.php line 395
This is just a addition of actions to make wordpress more customizable and modular.
Few use-case scenarios
[[Image(screenshot1.png)]]
[[Image(screenshot2.png)]]
'''Solution'''
We can use the following sample code to solve the problem.
{{{#!php
/**
* Fires before the Add New button is added to screen.
*
* The before_add_new- hook fires in a number of contexts.
*
* The dynamic portion of the hook name, `$pagenow`, is a global variable
* referring to the filename of the current page, such as 'edit.php',
* 'post.php' etc. A complete hook for the latter would be
* 'before_add_new-post.php'.
*/
do_action('before_add_new-'.$pagenow);
if ( current_user_can( $post_type_object->cap->create_posts ) )
echo ' ' . esc_html( $post_type_object->labels->add_new ) . ' ';
/**
* Fires after the Add New button is added to screen.
*
* The after_add_new- hook fires in a number of contexts.
*
* The dynamic portion of the hook name, `$pagenow`, is a global variable
* referring to the filename of the current page, such as 'edit.php',
* 'post.php' etc. A complete hook for the latter would be
* 'before_add_new-post.php'.
*/
do_action('after_add_new-'.$pagenow);
}}}
",vivekbhusal
Unpatched Enhancements,28997,Adding additional classes to image captions via UI,,Media,,normal,normal,,enhancement,new,dev-feedback,2014-07-23T09:25:29Z,2019-06-04T20:08:39Z,"This is a follow-up to #25295.
In the ""Advanced Settings"" of an image, you can already set the classes of the image and the link, but not the caption.
Although you can now add a class to the caption manually under the ""code"" tab, there is no UI in the ""Image Details/Advanced Options"" of the image that actually allow you to add the class as you would expect.
The reason why I've escalated this to a feature request, rather than an arbitrary hack or plugin is this; for the end user, if you can add classes to the image and the link, you'd expect to be able to add classes for the caption, since this is a ""caption"" shortcode we're talking about here.
Although issue #25295 does now permit classes in the shortcode, it does not add a user interface.",jpswade
Candidates for Closure,37870,Adding hints to login/registration form fields,,Login and Registration,4.6,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-08-29T21:22:51Z,2019-04-19T16:04:22Z,"Could it be possible to clarify a bit the login/registration system for computer-illiterate people, by putting a grayed-out example of the kind of data they have to enter in each login field?
I have already seen this on other websites, and it is very effective IMHO. For example:
- ID: grayed-out johnsmith
- Email: grayed-out john@smith.org
- Etc.
Of course, the grayed-out examples should be considered for i18n, so that the form displays examples relevant to each culture/language.",davidbourguignon
Candidates for Closure,58264,Adding spinner to submit_button with wrap,,Administration,6.2,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2023-05-06T04:36:56Z,2023-10-30T15:44:51Z,"As a plugin developer, I need to use this function on almost all panels I make, but every time I need an ajax functionality, or somewhere where i need to prevent double click and disable the button, and perhaps show a spinner, the wrap=true functionality does not work for me.
I suggest we extend this function to have a spinner, in case of wrap=true.",msolution
Unpatched Enhancements,38549,Additional CSS lost when changing themes,,Customize,4.7,normal,normal,Future Release,enhancement,new,dev-feedback,2016-10-28T14:37:14Z,2021-05-23T23:39:27Z,"When you change themes, the Additional CSS is lost. Change the theme back and it returns. I think there should be an option to retain the Additional CSS across any theme used. If we do not implement that, I have a funny feeling that many users will be confused as to where their custom CSS went.",scottwyden
Tickets with Patches,22277,Admin (not just superadmin) should be able to add user without confirmation email in multisite,morganestes,Users,3.4.2,normal,normal,,enhancement,assigned,dev-feedback,2012-10-25T18:04:19Z,2019-06-05T06:38:51Z,"I don't know why admins would be restricted from adding existing users without sending them a confirmation, but they are in multisite. You have to be a superadmin to get that option. I think that is lame, and would like to see admins have that admin option. Is there is a reason why it is that way (security etc)? Since neither @markjaquith nor I could remember a reason, making this ticket and hoping we fix it. ",jane
Tickets with Patches,35912,Allow changing network URL scheme,,Networks and Sites,,normal,normal,,enhancement,new,dev-feedback,2016-02-23T02:37:42Z,2019-06-04T20:55:37Z,"Right now, it's not possible to convert a network from HTTP to HTTPS. The normal way to enforce HTTPS on a site is to change the URLs for the site, but with multisite, this has to be done via the Network Admin. However, the URL isn't editable at all for the main site on the network, so it's not possible to edit it.
Attached patch allows setting only the scheme for the main site. However, this does have a big question attached: should updating the scheme for the network update it across all sites? If so, should it only update from HTTP -> HTTPS, or vice versa as well?",rmccue
Tickets with Patches,48536,Allow cmd/ctrl-enter to submit comment forms in wp-admin,davidbaumwald*,Comments,,normal,normal,Future Release,enhancement,accepted,dev-feedback,2019-11-08T12:02:30Z,2020-02-10T19:19:27Z,"This is a follow-up on #41545 which says:
> I think it'd be a nice enhancement for comment forms in both the admin and front end to submit this way.
However, the r45790 introducing the feature does so only for frontend. Submitting comment by pressing ctrl/cmd + 'enter' does not seem to be working in wp-admin.
It would be cool if the new feature could be added to wp-admin as well.",david.binda
Unpatched Enhancements,42806,Allow installing themes in the Customizer on multisite,,Customize,,normal,normal,Future Release,enhancement,new,dev-feedback,2017-12-05T17:47:40Z,2018-07-08T17:44:55Z,"Currently the ""Install Themes"" section in the Customizer isn't added when using multisite.
There is no technical problem with the installation process, as it still works correctly, simply by adding removing the restriction to only add the section (and enqueueing the related script) if `is_multisite()`, which I tested before opening this ticket.
However, what would need to be figured out is how to deal with enabling themes, because by default an installed themes isn't enabled anywhere. And of course it would only be possible for the network administrator, but I think that would still bring a huge benefit, because right now it isn't possible in multisite at all.
Here are two suggestions for possible approaches:
1. When in a multisite, there could be a notification like ""By installing a theme you also automatically enable it for this site."" Then, after the installation logic we would only need to handle that part automatically. If we go with that approach, we would need to make sure that the current user has both the `install_themes` and `manage_network_themes` capabilities.
2. When in a multisite, there could be a separate section ""Network Installed Themes"" that includes all themes installed, regardless of whether they're enabled for the site. Each themes would have a button to enable/disable it for the site. That section would require the user to have the `manage_network_themes` capability. We would furthermore need to ensure that themes are transitioned from the ""Network Installed Themes"" to the existing ""Installed Themes"" section and vice-versa when they are enabled/disabled for the site. Plus, when installing a theme through the ""WordPress.org Themes"" section, the user would need to be redirected to the ""Network Installed Themes"" section with that theme pre-seleted, to easily be able to enable and preview it.
There are benefits to both ways: While the first approach will be much simpler to implement, it somewhat mixes installing and enabling themes into one. The latter approach will allow more flexibility, but may be overly complex. Especially since installing themes without being able to enable them will make the process useless in multisite, I think I prefer the first approach. Maybe a mix of both could be the right way too, where we start with implementing the first approach as a first iteration (that could even be merged into core as that), but keeping it future-compatible to possibly add a dedicated ""Network Installed Themes"" section later.",flixos90
Tickets with Patches,31085,CPT selector to “Recent Posts” widget,,Widgets,4.2,normal,normal,,enhancement,new,dev-feedback,2015-01-21T11:18:12Z,2019-06-05T06:40:29Z,"I think that ""Recent Posts"" widget should support selection to show all posts or only in selected CPT.",sippis
Tickets Needing Feedback,19691,Cannot modify admin messages for /wp-admin/edit.php,,Administration,3.3,normal,normal,,enhancement,new,dev-feedback,2011-12-30T02:10:01Z,2019-06-04T19:22:50Z,"The admin console messages output on line `264` of WordPress 3.3's file `/wp-admin/edit.php` are not filterable. This causes problems when added row actions need to HTTP GET from to WordPress to modify a post and then display an appropriate message complete with a revert link ''(like the ""Trash"" link does.)''
An example use-case could be for a custom post type used for both quotes and invoices where a row action might be ''""Convert Quote to Invoice""'' where you'd want a message and link displayed at the top of the admin after similar to this:
- ''Quote #{$post_id} converted to Invoice. __Revert__''
Currently the only way to accomplish this is to pick hooks before and after the messages are output and use PHP's output buffering; clearly not a ''""best practice""'' approach.
In order to address this I'm proposing an '''`'admin_messages'`''' filter hook to run just before the messages are output:
{{{
$messages = apply_filters( 'admin_messages', $messages );
}}}
However, since messages are output in numerous locations in the WordPress admin it seemed best to add the hook in every location where messages are output, which is what my patch does. Thus a hook can look at `$pagenow` or `get_current_screen()` to decide it is needs to do anything.
Also while searching for places in the admin code that echo messages I found `$messages` are sometimes an array of HTML where the entire array is echoed and other times the $messages are an array with an index passed via `$_GET` and only one message will be displayed. For those cases I created another hook '''`'admin_message'`''' ''(note that this hook name is singular)'':
{{{
$message = apply_filters( 'admin_message', $message, $messages, $_GET['message'] );
}}}
I really only found a specific need for `/wp-admin/edit.php` today, but it seemed that it would be better for consistency if all messages were made hook filterable. That's why I created a larger patch when all my use-case needs is one new line.
Looking forward to your feedback.
",mikeschinkel
Tickets with Patches,43281,"Capitalize ""Set featured image"" media button on Media Modal",,Media,,normal,normal,Future Release,enhancement,new,dev-feedback,2018-02-10T18:49:38Z,2021-04-27T17:00:40Z,"All the button on WordPress are in capitalize form except this ""Set featured image"" button so there should be consistency on all button.",monikarao
Candidates for Closure,46618,Change login behaviour to only set the test cookie when a user attempts to login instead of just on visiting the login page,,Login and Registration,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2019-03-23T09:02:24Z,2019-04-05T05:13:50Z,"Hello,
I'm branching this from #44175 to account for the idea presented by @SergeyBiryukov;
> I wonder if we could change the behavior to match the text, so that the test cookie is only set upon trying to log in, as that probably makes more sense. I'd be more comfortable with doing that in a major release though.
The change would be to move the logic for the test cookie to be triggered upon the login action rather than the login page visit.
Cheers",garrett-eclipse
Tickets with Patches,58781,Change wording of field description for tagline,,Administration,,normal,normal,Future Release,enhancement,new,dev-feedback,2023-07-11T06:26:54Z,2024-01-19T06:33:34Z,"This is a follow-up to #57675
I [https://core.trac.wordpress.org/ticket/57675#comment:28 raised my concerns there], but it was too late in the cycle. So here we go:
These are my concerns about the solution we use now:
1) The example is misleading, the tagline should be meaningful, and just not like in the example
Using a unique and descriptive tagline is important for search engine optimization (SEO) purposes, as it helps convey the website's purpose and relevance to both search engines and visitors.
2) The “ and ” could be misunderstood so people would enter quotation marks into the tagline.
This can impact the visual presentation and readability of the tagline to visitors.
To keep the iconic phrase ""Just another WordPress site"" while being informative at the same time we could formulate:
In a few words, explain what this site is about. We're sure your site is so much more than ""Just another WordPress site""",Presskopp
Candidates for Closure,48563,Changing site admin email address is backwards,,Users,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2019-11-11T16:31:28Z,2021-04-27T00:43:26Z,"The current process for changing the admin email address in the General settings tab seems pretty sketchy to me.
Currently:
1. Change the email address.
2. Confirmation email is sent to the NEW admin.
3. New admin confirms
4. Email sent to OLD admin to inform him or her it was done.
It should be:
1. Change the email address.
2. Confirmation email sent to OLD admin to be sure it’s ok to change this very important information.
3. Old admin confirms it’s ok (or freaks out and starts changing passwords because he or she did not initiate this process).
4. Email is sent to NEW admin to accept the invite and to verify the address.
5. NEW admin confirms address and accepts new responsibility.
6. Email goes to old admin to let them know the process has been completed.",maguijo
Candidates for Closure,39362,Checkbox control for 'Automatically add new top-level pages to this menu' not wrapped in checkbox customize control,,Customize,4.7,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-12-21T11:48:34Z,2021-05-24T02:50:58Z,"When you go to set the menu in the customizer you have the option to check the Menu Options for Adding the top-level pages automatically to the current menu. This option isn't wrapped in the
{{{
}}}
This isn't a bug, but a hindrance if you want to customize the look of the customizer and would like to have all the checkboxes look the same.
One could say that all one needs to add is the style for
{{{
.input[type=""checkbox""]
}}}
but this is not true if you have a custom control that has a checkbox input, and you want to style it differently. In that case you'd need to overwrite additionally. Plus the current style is styled via {{{.customize-control-checkbox input[type=""checkbox""]}}} as well as with just {{{input[type=""checkbox""]}}}.",dingo_d
Tickets Needing Feedback,40373,Conditionally initialize Playlist Media Element,,Media,4.7.3,normal,normal,Future Release,enhancement,new,dev-feedback,2017-04-05T15:54:22Z,2019-01-24T21:48:32Z,"The single element media player (https://develop.svn.wordpress.org/trunk/src/wp-includes/js/mediaelement/wp-mediaelement.js) uses a special jQuery filter to remove already initialized media elements from the initialization process:
Source: https://develop.svn.wordpress.org/trunk/src/wp-includes/js/mediaelement/wp-mediaelement.js
Lines: 43~49
{{{
// Only initialize new media elements.
$( '.wp-audio-shortcode, .wp-video-shortcode' )
.not( '.mejs-container' )
.filter(function () {
return ! $( this ).parent().hasClass( 'mejs-mediaelement' );
})
.mediaelementplayer( settings );
}}}
However, a similar approach is not implemented for the Playlist element and might be needed.
Source: https://develop.svn.wordpress.org/trunk/src/wp-includes/js/mediaelement/wp-playlist.js
Lines: 167~171
Original Code:
{{{
$(document).ready(function () {
$('.wp-playlist').each( function() {
return new WPPlaylistView({ el: this });
} );
});
}}}
Should probably be (my suggestion):
{{{
// Only initialize new media elements.
$(document).ready(function () {
$('.wp-playlist')
.not(':has(.mejs-mediaelement)') // <-- Filter out already initialized playlist media elements
.each( function() {
return new WPPlaylistView({ el: this });
} );
});
}}}
I have tested both media elements (single player and playlist player) on an Ajax-based WordPress theme, and I've noticed that an already initialized playlist media element stops playing when the wp-playlist.js file is reloaded on a new page load.
When the conditional (patch above) is placed in the code, the playlist element continues playing without problem on subsequent page loads.
Awaiting feedback.",kostasx
Candidates for Closure,44689,Convert user sites (my-sites.php) to table,,Networks and Sites,3.0,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2018-08-01T07:02:10Z,2021-01-12T11:52:01Z,"I think for better consistence we could add a table in the user's sites in a multisite like everything else in WordPress (super admin sites, users, posts etc.).
The Primary Site option could change from the bulk actions.",eArtboard
Candidates for Closure,43492,Core Telemetry and Updates,,Upgrade/Install,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2018-03-07T20:37:53Z,2018-10-10T19:56:13Z,"It has been discussed on the #gdpr-compliance and the question had made it's cycle around some other rooms with various replies as well occasionally but it's time to take a final decision.
When WordPress requests updates it sends more than enough data needed to actually perform the update.
We did a search a bit at some point to take a glimpse of the past and how all those got added in there and why but couldn't find anything specific.
There's already a way to modify the call through https://developer.wordpress.org/reference/hooks/core_version_check_query_args/ (and may be more as well) but the concept here is to have everything off by default and add a proper UI and opt-in for the Admins to select what exactly they want to send.",xkon
Candidates for Closure,56164,Create a way to reference function parameter documentation when complex parameters are passed to hooks,,General,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2022-07-06T17:22:46Z,2022-07-06T17:30:09Z,"When a parameter is passed to a filter or action hook that is also passed to the calling function itself, it's common for the `@param` tag on the hook to very briefly explain the parameter.
For example, the `$postarr` parameter in `wp_insert_post()` is very complex. Though some modifications to the array are made prior, `$postarr` is ultimately passed to several filter hooks, such as [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/post.php#L4108-L4124 wp_insert_post_empty_content] and [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/post.php#L4348-L4376 wp_insert_attachment_data/wp_insert_post_data]. The `@param` tags for these parameters within the filter hook documentation is very brief (""Array of post data."" and ""An array of slashed and sanitized attachment post data, but not processed."" respectively).
It would be great to have a way to remain brief within hook documentation in these scenarios while also referring someone to the more detailed, expanded documentation found for the function.",desrosj
Unpatched Enhancements,37915,Customize: allow terms to be created in nav menus,boonebgorges,Customize,4.7,normal,normal,Future Release,enhancement,assigned,dev-feedback,2016-09-01T20:51:39Z,2021-05-23T23:16:18Z,"Follow up to #34923. When setting up initial site structure, in many cases it's as important to be able to create new terms to add to menus as the ability to create posts. For users, the distinction between terms and posts probably isn't immediately clear, so this functionality gap may be confusing.
There are several patches on #34923 that contain the needed framework here, but we need the ability to preview terms before we can add support for terms.
This depends on #37914. Milestoning for 4.7 now for tracking, but we're waiting for that ticket before we can proceed here.",celloexpressions
Candidates for Closure,33469,Customizer Menus: Restore active menu to a location after selecting and unsetting another menu,,Customize,4.3,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2015-08-20T18:40:47Z,2021-05-23T17:52:53Z,"When a location is specified for a menu and another menu is assigned to that location in the Customizer, the first menu is removed even if the new settings aren't saved.
1. Assign a menu to a location in the customizer. Click ""Save & Publish"".
1. Assign a different menu to that location, but do not save.
1. Uncheck the location from the second menu.
Expected: The previously selected menu for that location should be restored.
Actual: The location now has no menu assigned to it.",morganestes
Tickets with Patches,57145,"Deactivate button ""Copy site info to clipboard"" until health check has completed",,Site Health,5.2,normal,normal,Future Release,enhancement,new,dev-feedback,2022-11-18T09:08:10Z,2023-02-07T06:09:50Z,"In the (German) support forums we frequently ask people to provide more information about their website and refer to the button ""Copy site info to clipboard"" in Tools > Site Health > Info. Often users try to react immediately and spontanously click the button before the health check is completed and the status is shown above. This results in an incomplete report, showing the text ""loading …"" for the size of the entire website and some subdirectories. We are then missing an important piece of information to fully evaluate the website.
**As an ''enhancement'' I kindly suggest that the button gets grayed out until the Health Check is completed.**",pixolin
Candidates for Closure,51527,Debugging in Multisite context: list of plugins,,Site Health,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2020-10-15T06:41:03Z,2020-10-19T16:24:15Z,"Hello,
On site Health in Multisite context, it could be cool to know if a plugin is site activated or network activated.
I'm currently debugging a conflict and I've deactivated all plugins. I'm reactivating one by one with the Site Health Active plugin list, but now I have activated all site plugin, several are network only and I have to re-check all one by one because it's not in the report.
Should be good to add in the plugin line ""network activated"" by example as it is in the plugin list",sebastienserre
Candidates for Closure,56582,Decide how to format multi-line comments in global scope.,,General,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2022-09-15T15:58:03Z,2022-09-17T07:47:15Z,"[https://developer.wordpress.org/coding-standards/inline-documentation-standards/php/ The PHP Documentation Standards] include formats for various types of comment.
However, there is no clear description of what to use for multi-line comments in global scope.
For example:
**3. Requires and Includes**
Files required or included should be documented with a summary description DocBlock.
Optionally, this may apply to inline `get_template_part()` calls as needed for clarity.
However:
**5. Inline Comments**
Inline comments inside methods and functions should be formatted as follows:
**5.2 Multi line Comments**
{{{
/*
* This is a comment that is long enough to warrant being stretched over
* the span of multiple lines. You'll notice this follows basically
* the same format as the PHPDoc wrapping and comment block style.
*/
}}}
**Important note:** Multi-line comments must not begin with `/**` (double asterisk) as the parser might mistake it for a DocBlock. Use `/*` (single asterisk) instead.
Note: It's quite possible that the inline multi-line format just never expected to have to cover multi-line comments in global scope and was too specific in saying ""inside methods and functions"".
This leads to inconsistent formats and unnecessary discussion about what is correct.
Let's decide on a format that is appropriate.
Should we use `/**`, which is described for other items in global scope, or, as this format typically denotes something extra important (such as requires/includes, docblocks, class members, pre-existing filter docblocks), should we instead use the already existing multi-line comment format of `/*`?",costdev
Candidates for Closure,40355,"Default to ""https://"" in comment author URL field",,Comments,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-04-04T15:56:58Z,2021-06-07T10:00:12Z,"One pet peeve of mine with commenting on other people's WordPresses, is on new sites I haven't commented on yet (or aren't powered by Jetpack Comments) that I need to type `https://` in every Website field. Traditionally, this field is currently empty unless a cookie exists (see: `wp_get_current_commenter()`).
Tangentially, recent efforts across the web to SSL all-of-the-things (`\o/`) makes this field an interesting opportunity to gently nudge the web in the direction of `https://` feeling more like the norm than the exception.
A plugin can easily enable this (and I'll likely make one today) but I'll offer up the idea here first.
Patch imminent.",johnjamesjacoby
Tickets with Patches,38630,Discourage usage of legacy properties in WP_Site,,Networks and Sites,4.5,low,normal,Future Release,enhancement,new,dev-feedback,2016-11-02T21:21:20Z,2021-11-22T07:25:30Z,"Working on #38597, it was figured out that the best solution for handling problems with IDE handling of `WP_Network`s magic ID property is to rename the actual properties to reflect our current naming conventions. This enhancement will encourage to use the new conventions while still supporting the old ones for legacy code.
Let's do the same for `WP_Site`:
* `$blog_id` (string) is replaced with `$id` (int)
* `$site_id` (string) is replaced with `$network_id` (int)
* both legacy names will continue to work through magic methods",flixos90
Candidates for Closure,59362,Display deprecated function usage in Site Health,,Site Health,6.3.1,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2023-09-15T09:17:44Z,2023-09-16T19:27:31Z,"== Enhancement Request ==
=== Summary ===
WordPress Site Health provides valuable information about the health and performance of a WordPress instance. However, it does not offer any insights into whether the instance is using deprecated functions, classes, constructors, hooks, file_includes, which can be crucial for maintaining the site's compatibility with future WordPress versions.
This enhancement ticket proposes adding an additional check to Site Health that detects and displays information about any deprecated functions, classes, constructors, hooks, file_includes, being used within the WordPress instance.
Adding a ""Deprecated Functions"" check to the Site Health tool will be a enhancement for WordPress administrators, helping them identify and replace deprecated functions, classes, constructors, hooks, file_includes, plugins, themes, ensuring the site's long-term stability and compatibility with upcoming WordPress updates.
=== Details ===
The deprecated function check should be integrated into the existing Site Health tool as follows:
1. Log: Log deprecated functions, classes, constructors, hooks, file_includes
2. Display Check Results: Under a ""Deprecated Functions"" check, display a list of deprecated functions, classes, constructors, hooks and file_includes used in the WordPress instance. Result should
* include the function, class, constructor, hook or file_include name
* the version in which it was deprecated
* which Plugin or Theme called it,
* when in was called the last time
* a brief explanation of the recommended action.
=== Implementation Suggestions ===
* Utilize existing WordPress core functionality for detecting usage of deprecated functions
* Add a action to 'deprecated_{[]}_run' that logs the usage of a deprecated functions
* Use debug_backtrace() do indentify the source / code.
* The check results should display the log entries with status 'recommended'.
* Keep the log process ""stupid"" and put logic etc. into the check, to avoid complexity and potential crashes.
=== Challenges ===
* To provide the administrator with sufficient information so that they are capable of taking action.
* Decision on how long entries stay in the log e.g. only show deprecated function calls of the last 30 days or allow the (administrative ) user to clear the log?
* Should there be one check in Site Health of all kinds of deprecated? Or one for each?
=== Why It's Important ===
WordPress is constantly evolving, and maintaining compatibility with newer versions is crucial for security and performance reasons. Deprecated functions may be removed in future releases, causing issues for sites that rely on them. By providing this information in Site Health, WordPress can empower site administrators to keep their installations future proof.
",Michi91
Candidates for Closure,42012,Do not switch roles and capabilities when accessing options through `*_blog_option()`,,"Options, Meta APIs",,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-09-27T21:51:32Z,2021-08-03T11:42:38Z,"[41625] has outsourced the functionality to switch the current user's capabilities and available roles when sites are being switched, instead this now happens in `wp_switch_roles_and_user()` which is hooked into the `switch_blog` action.
When accessing `get_blog_option()`, `add_blog_option()`, `update_blog_option()` or `delete_blog_option()`, it should be safe to always unhook the function temporarily (see `WP_Roles::get_roles_data()` for an example where it already happens manually in core) to improve performance, in some cases significantly. Roles and capabilities are not needed when accessing options, however we need to be careful and think about what plugins are possibly doing here.
Let's discuss whether this can happen automatically in core or whether it should be left to developers.",flixos90
Candidates for Closure,42915,Don't load admin dashboard widgets if they're not shown,,Administration,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-12-15T19:55:41Z,2020-02-15T13:08:37Z,"I'm not sure how doable this is given that #23910 was closed, but some plugins load slow admin dashboard widgets that use HTTP API requests or else involve heavy db lookups and processing. (Yes, these plugins should be designed better.)
Since this is the admin dashboard and not some other component that is heavily modified and reconfigured such as the post page and since #23910 was closed, would it be possible to require a page reload when an admin component is enabled (so that the page can be re-requested while calling the widget routine) instead of preloading all widgets and then simply hiding the unshown dashboard elements?
Or perhaps #23910 could be revisited with consideration given to non-stock admin dashboard widgets that are not as ""no big deal"" as the ones that WP ships with out of the box.",ComputerGuru
Candidates for Closure,45000,"Eliminating ""Add New"" Button Beside Titles in Admin",,Administration,4.9.8,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2018-09-26T21:20:53Z,2020-01-06T17:45:29Z,"This is apart of a bigger project for my staff and I, you can find the context here https://www.theportlandcompany.com/2017/09/10/proposed-improvements-to-the-wordpress-ui/.
Our goal is to clean up the UI, especially to reduce scrolling on mobile, with three principles in mind:
- Context Visibility - Only show something when it's in context.
- Add With Purpose - If something, such as padding or margins, don't serve a purpose, don't add them.
- Simplify Number of Actions - If a step can be avoided in a process, avoid it.
We propose eliminating the Add New button that appears beside Titles when on various admin pages because:
- There is already a button in the admin menu on the left.
- The position of the button changes depending on the length of the title, disorienting users.
- On mobile, especially, it makes the page look broken as a result of the above mentioned issue.
- Feedback from dozens of clients we've trained concur - for some reason - that they are confused by multiple ""Add New"" links/buttons. Maybe this is subjective - we're not confused by it and feel multiple access points is helpful, but only when it's in a sensible and easy to accessible place. We think maybe because ""Add New"" is appearing next to the page title they don't understand it's creating a new Post, but rather something related to whatever they titled that page.",s3w47m88
Candidates for Closure,58303,Escape $columns_css variable in dashboard widget,,Administration,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2023-05-13T10:40:29Z,2023-05-26T00:43:20Z,"While examining the [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-admin/includes/dashboard.php#L269 \wp-admin\includes\dashboard.php] file in WordPress, I discovered an escaping issue when echoing a dynamic value of an attribute (such as ""class"") in an HTML attribute. Specifically, the issue is located on line 269 of that file. Based on my observation, I believe that the dynamic value should be properly escaped to prevent potential syntax errors or security vulnerabilities.",mahamudur78
Tickets Needing Feedback,38715,Facilitate posts storing raw JSON in post_content by short-circuiting KSES and other filters,,"Posts, Post Types",,normal,normal,Future Release,enhancement,new,dev-feedback,2016-11-08T21:55:55Z,2019-03-26T07:59:01Z,"When attempting to store arbitrary JSON in WordPress, the `post_content` field is the logical choice. Using `post_content` to store arbitrary JSON instead of postmeta is more performant and it also means that the JSON content will automatically get support for revisions.
Storing JSON is done in core now for `customize_changeset` posts and it is done in the `widget_instance` post type in the Customize Widgets Plus plugin. In both cases, however, there are challenges when storing the JSON due to filters that may apply on `content_save_pre`. In particular, the KSES filters will apply on the `post_content` and strip out markup that is intended to be contained within JSON strings. The solution taken by changesets is to wrap the updates to the `customize_changeset` post type by the `\WP_Customize_Manager::save_changeset_post()` method. Before this method calls `wp_update_post()`/`wp_insert_post()` it suspends the KSES filters temporarily:
{{{#!php
` for arrays, for example a list containing strings is documented thus:
{{{#!php
/**
* @param array $foo
*/
}}}
An associative array of booleans (where the shape is not known) is documented thus:
{{{#!php
/**
* @param array $foo
*/
}}}
The benefit of this syntax over, for example, `string[]` or `array` is it allows the types of the array keys to be specified. This allows both lists and associative arrays to be documented more completely even when their shape is not known.
When used in combination with a static analysis tool such as PHPStan this allows for greater type safety and more accurate analysis of structures such as array access and array iteration. It allows developers looking at the documentation to understand the type of the array keys, and thus whether an array is a list or associative. That said, I appreciate that this syntax is comparatively rare within the WordPress ecosystem and therefore can be foreign to developers who've not seen it elsewhere.
This notation is supported by all of the static analysis tools and code editors (either natively or via a PHP add-on) that I could find, including VS Code, PHPStorm, Sublime Text, PHPStan, Psalm, and Phan, and it's used by countless other frameworks and libraries such as Symfony, Laravel, and PHP Parser. It's not a new syntax, it's just new to WordPress core.
== Benefits
* Increased awareness of whether an array is a list or an associative array for developers reading inline documentation
* Increased accuracy provided to static analysis tools
* Increased accuracy in editors and IDEs that either natively support this syntax or support the PHP implementation of the language server protocol
== Concerns
* Syntax that can be jarring for developers who've not seen it before
* Not part of a phpDocumentor or PSR-5 PHPDoc standard (although PSR-5 has been stalled for 9 years so probably not a concern)
== Implementation
Much like the general ongoing improvements to inline docs, this will be a gradual process. There won't be a patch or PR that updates all the existing `type[]` notation at once.
Any objections?",johnbillion
Unpatched Enhancements,56060,Implement wp_cache_replace_multiple() – and related WP_Object_Cache method,,Cache API,,normal,normal,Future Release,enhancement,new,dev-feedback,2022-06-24T02:50:19Z,2023-04-20T17:53:59Z,"See: #20875, #54574.
See also: https://github.com/WordPress/wordpress-develop/pull/2018#discussion_r799643985
🫠
I would like to replace multiple values in a cache, but not `add` or `set` them if they do not exist.
In my experience and understanding, `replace()` doesn't get much love because `_exists()` may be impossible to implement in certain backends – specifically (or especially) when `$group` is empty.
My current situation is essentially juggling multiple backends, and only wanting to replace multiple values if they exist on one server and not add or set them until some other unrelated things happen.
I went to call `wp_cache_replace_multiple()` and thought my IDE had deceived me when it wasn't autocompleting. Alas! Alas, I say!
I can handle this In my own drop-in, and I can account for it in my own codes, but I think perhaps it's worth reconsidering this in core for the sake of parity with everything else.
Thoughts?",johnjamesjacoby
Candidates for Closure,49258,Improper Session Termination,,Users,5.1.1,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2020-01-21T09:45:13Z,2023-08-23T05:37:46Z,After Logout into wordpress back-end when we press “Back” button of the browser an authenticated page got displayed without entering any valid credentials. ,vishal05
Candidates for Closure,39418,"Improve ""Empty Spam"" and ""Empty Trash"" user experience",,Administration,2.5,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-12-28T18:04:55Z,2018-08-20T06:57:38Z,"Now that plugins are doing more with post types, and dealing with sometimes hundreds of thousands of entries in the posts table, emptying spam and/or trash is starting to feel a little outdated.
When there is a need to empty many spam or trashed items, it's not uncommon for this page to timeout, or to reload in the browser in such a way that rendering is blocked while the server processes the mass deletion of content.
In my imagination, it would be a nice improvement to fallback to the current behavior for `noscript`, but to leverage the power of javascript being asynchronous to provide some kind of modal window to chug through the process, maybe with a progress bar and some basic error feedback if the empty action fails for any reason.",johnjamesjacoby
Tickets with Patches,41081,"Improve Custom Menu widget, show notification if menu is empty or no menu selected",mdifelice,Widgets,4.9,normal,normal,Future Release,enhancement,assigned,dev-feedback,2017-06-16T13:33:58Z,2022-06-08T19:34:41Z,"If you choose a menu for Custom Menu widget and we remove all items in that menu OR the menu is not selected -> nothing shows on the page.
Maybe we should add a text message that will inform the user that the menu is empty or is not selected?",alexvorn2
Candidates for Closure,32653,Improve Linkback Presentation,,Pings/Trackbacks,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2015-06-15T12:04:10Z,2017-02-14T20:31:27Z,"The current default presentation for linkbacks(pingbacks and trackbacks) does not encourage their use. Currently,the presentation looks something like this:
[…] A pingback example. […]
People have complained that the utility of linkbacks has been overshadowed by their use as a vector for DDOS attacks and spam.
The recent improvements to Press This show we can do better in presentation of linked content.
The pingback specification is a bit vague in terms of presentation suggestions, stating: ""Bob's blog also retrieves other data required from the content of Alice's new post, such as the page title, an extract of the page content surrounding the link to Bob's post, any attributes indicating which language the page is in, and so forth.""
I am proposing by default we switch to a default with improved readability and more consistent with the user experience on other websites.
For example, a basic linkback should display the author/site name, the name of the linked content, etc, rather than the summary, and that information stored as comment meta. This would look more like a citation.
That display could be (optionally) progressively enhanced by other factors, for example, page markup such as MicroFormats, Microdata, or OpenGraph(popularized by Facebook), etc to add a better experience if the linked site supports it.
The basic point is that linkbacks are unusable by people in their current form, but the idea of letting people know you linked to their content is a good one. It encourages conversation and interaction. I think we just need to make it a better experience. Otherwise, everyone just turns it off.
I'm aware the above could be done by a plugin(and may start as a 'feature' plugin), however I think the basic structure of this change belongs in core.",dshanske
Candidates for Closure,24925,Improve no disk space error handling when updating plugins,,Filesystem API,,normal,minor,Awaiting Review,enhancement,new,dev-feedback,2013-08-02T11:25:24Z,2021-07-20T23:02:17Z,"I received the following uninformative error message when trying to update a plugin (roughly translated from Finnish):
{{{
Error on updating BulletProof Security. Cannot create folder. /[WPDIR]/wp-content/upgrade/bulletproof-security.tmp.
}}}
The error was caused by not having enough disk space. The plugin update should check if that's the reason for the error and then display a more informative error message.",Daedalon
Candidates for Closure,45023,Improve parent and child category description example,,Taxonomy,,normal,minor,Awaiting Review,enhancement,new,dev-feedback,2018-10-02T15:10:28Z,2018-10-03T17:56:54Z,"The descriptive text under the Parent Category section of the Category page describes an example that may not be as easily understood or translatable compared to more universally translated words.
Before: parent category ""jazz"" + child categories ""bebop"" and ""big band"".
Screenshot: https://cloudup.com/inms-imkM-I
After: parent category ""music"" + child categories ""jazz"" and ""rock"".
Screenshot: https://cloudup.com/i31WAPdv7Wp
This ticket proposes changing the description to the ""after"" example.
Please see attachment below.",joanrho
Candidates for Closure,37656,Improve plugin bootstrapping processes,,Plugins,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-08-14T11:32:28Z,2019-12-13T19:04:03Z,"I recently thought about if we could make bootstrapping plugins easier and take away some common tasks that (should) happen in every plugin. It would also be nice to have a general plugin class registry.
What I was thinking of is to introduce an abstract class `WP_Plugin` that plugin developers can extend for their plugin's main class. Then they would call a new function `register_plugin( __FILE__, $plugin_class_name )` to register that class with WordPress. We could take some regular processes away from the developer and, by doing that, also make sure that they don't implement it the wrong way. For example, we could take care of plugin installation routines: If the class implements a static method `install()`, the base class `WP_Plugin` would register an activation hook to an internal function that takes care of whether the plugin is activated network-wide. The actual `install()` method would only contain those steps necessary for the setup on the current site (`WP_Plugin` would take care of switching sites as appropriate). Many plugin developers overlook Multisite in their setup routines, causing the plugin to only install on the main site although being network-activated. We could also deal with other tasks, like hooking the `bootstrap()` method of the plugin class in `plugins_loaded` or `muplugins_loaded` (detected by the base class).
I think this whole concept could improve the way plugins initialize themselves. It would not be mandatory (since several plugins don't even use classes), but it would become a best practice. This is just an idea that I wanted to throw on Trac to discuss about it. If we get to the point that we agree this is a good idea, we would need to come up with actual details (of which I don't have any yet).",flixos90
Candidates for Closure,50389,Improve support for site health issues in WordPress,,Site Health,5.2,normal,normal,Awaiting Review,enhancement,reopened,dev-feedback,2020-06-15T04:23:12Z,2020-06-15T20:28:10Z,"after we upgraded to wordpress 5.4, we are getting these performance issues. this is what was mentioned in the site health report. can you pl tell us how to fix them?
PHP modules perform most of the tasks on the server that make your site run. Any changes to these must be made by your server administrator.
The WordPress Hosting Team maintains a list of those modules, both recommended and required, in the team handbook (opens in a new tab).
Warning The optional module, imagick, is not installed, or has been disabled.
Warning The optional module, zip, is not installed, or has been disabled.",evapparao
Tickets with Patches,39441,Improve the Settings API for accessibility and ease of use.,,Plugins,,normal,normal,Future Release,enhancement,new,dev-feedback,2017-01-02T21:58:14Z,2023-01-10T18:32:17Z,"Today a kickoff meeting for the Settings API took place on Slack (Archive: https://wordpress.slack.com/archives/accessibility/p1483376507000492) where we discussed ways to improve it, both in terms of accessibility and ease of use.
After a good discussion we came to the conclusion that we would like to focus on the existing Settings API for now and do what we can to improve it. The Fields API project will eventually make the process of registering settings and having them automatically rendered even easier and complete, but we should not wait until it is ready for a core-merge, as some issues in the existing Settings API should be solved sooner than later.
We figured out two main goals:
* Add some basic support to automatically render fields so that plugin developers no longer need to write their own callback functions for basic fields.
* Get rid of the table structure to improve accessibility. Furthermore the accessibility team should also ensure that the markup generated as the core field output is accessible.
For the technical improvements, we would like to do the following:
* Adjust `add_settings_field()` to support a predefined set of identifiers for a field type instead of a callback function. In that case a default callback function that we would introduce in core would take care of rendering the field. The requirement to write custom callbacks for even the most basic fields is one major issue with the current Settings API and why most people rely on external libraries for that.
* Enhance the `$args` parameter of `add_settings_field()`. It should become more significant and probably go through some validation, filling it with default values. This is especially important for the new default callbacks.
* Possibly support providing one `$args` array as sole parameter to `add_settings_field()` that contains the other parameters as well. This would of course need to work in a backward-compatible way.
For the accessibility part, we would like to do the following:
* Scaffold an HTML prototype for what a settings page should look like. This will give a good overview of the accessibility approach we should take without having to deal with the PHP implementation.
* Get rid of the current table structure. Whatever the above prototype looks like, it will not have tables anymore. We can generally remove the table structure and change it to something else easily, since all the table output is generated by core (in particular by `do_settings_sections()` and `do_settings_fields()`). For everyone who uses the API as recommended, this will not bring any BC issues unless they are using specific table-related selectors (like `td`) in CSS or JS code. It is unclear whether these should be considered edge-cases and whether a dev-note reflecting the changes is sufficient, or whether we should only support the new markup through an additional parameter which would default to the current `table` way. The latter is backward-compatible, but on the other hand it would decrease the amount of sites that become more accessible out-of-the-box.
* Do not deal with people who completely write the table markup manually. We simply cannot do this, other than recommending them to switch to using the Settings API or at least changing their markup. The only thing to keep in mind here is that we should never remove any CSS related to these tables, in order to keep their code working.
All of these enhancements would also benefit #38734 as it would become a lot easier to change core's own settings pages to actually use the Settings API.
We will from now on have meetings on Slack to continue discussion in detail every 2 weeks on Monday at 17:00 UTC. However, general opinions and discussion can and should also be placed in this ticket.",flixos90
Candidates for Closure,38109,Improvements to user deletion,,Users,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-09-20T13:50:32Z,2019-04-01T23:06:06Z,"User deletion in WordPress, at the moment, is not straightforward.
When you click ""delete"" on users who have authored content, you are presented with this ultimatum:
[[Image(https://i.imgur.com/11ex3hz.png)]]
At my company, we build and host WP sites for clients and we almost never make decisions about content. But we do sometimes want to delete users, for instance in the situation where a person who works for a client leaves their position as they have been promoted or left for another job. In that case we would like to be able to delete the user account of that person. But without knowing how to answer the question of which user to assign their content to, we're forced to ask the client to make that decision.
With a view to making it possible for sysadmins to delete users without having to consult with the client, I'd like to propose two solutions:
1. WordPress disassociates user accounts from authorship information (like in the Automattic plugin [https://wordpress.org/plugins/co-authors-plus/ co-authors-plus])
2. WordPress allows deactivating user accounts so that the user can no longer login or reset their password, but the account still exists",tomdxw
Candidates for Closure,48167,"Increase discoverability of, and describe, ""Anyone can register"" and other settings",,Administration,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2019-09-29T10:44:07Z,2019-10-02T13:13:32Z,"Right now, after installation, it is not possible to register until the user enables Anyone Can Register option from Settings -> General area. Which is confusing for the general user. If it can be enabled by default that would be really time-saving. Also, this option can be added to the installation setup-wizard of WordPress.
Screenshot- https://prnt.sc/pcf1xf",nazmulhassann20
Candidates for Closure,58519,Inline styles block styles in bundled themes,,Bundled Theme,5.8,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2023-06-12T14:11:07Z,2023-06-19T16:59:26Z,"In [50836] function was added, to inline block styles, so for better performance. There are a number of small stylesheets in bundled themes that could do with that could use this functionality. To opt-in a stylesheet, simply add the path add an extra piece of data of the stylesheet. Like this.
{{{#!php
wp_enqueue_style( 'twentyfifteen-block-style', get_template_directory_uri() . '/css/blocks.css', array( 'twentyfifteen-style' ), '20230122' );
wp_style_add_data( 'twentyfifteen-block-style', 'path', get_template_directory() . '/css/blocks.css' );
}}}
This could improve FE performance, as it remove a blocking request.
",spacedmonkey
Candidates for Closure,37692,Introduce WP_Database_Table base class,,Database,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-08-17T13:23:28Z,2017-03-15T17:20:50Z,"I've always thought it odd that WordPress only versions blogs, and not each individual database table. On one hand, it's great that the schema changes rarely enough that WordPress core would not get a lot of use out of it. On the other, many plugins would benefit pretty hugely from a smart base class that encapsulated a lot of the procedural work of having custom database tables and maintaining a schema.
BuddyPress, for example, comes with several object & metadata pairs, for groups, activity, friends, profiles, messages, notifications, etc... It currently takes WordPress's approach of having a big-dumb installer and a bunch of tangled together upgrade routines. I'd love it if each component could manage it's own schema on the fly, with it's own upgrade routines and database table classes to separate the responsibilities, but without needing to setup `admin_init` hooks and `version_compare()` checks for each component.
Django has something similar currently, as do other open-source projects like Piwik, GitLab, Mattermost, etc...
----
I'm imagining that each core database table would extend the `WP_DB_Table` class, each with their own `db_version` and their own methods for upgrading to newer versions.
Global tables (like `wp_users`) would use `site_id` `-1` in the `wp_sitemeta` database table to distinguish them as global, and not per-network or per-site.
----
This way, when a plugin like WooCommerce wants to introduce new database tables, they just extend the base class, pass in an array of column-keys & attributes, and the base class would handle the `$wpdb` table registration and all of the other bits and bobs.
Eventually... eventually it could get paired up with some kind of a `WP_Base_Query` class to automatically handle cache-key assignments, and generate basic crud methods based on the parameters in the associated `WP_Database_Table` extension.
----
I think this becomes particularly useful in REST applications, where WordPress's APIs can be used and extended for any manner of scalable data storage outside of the core database schemas.
Obviously this is a huge idea with lots of moving parts, and without a core need ideas like this are pretty slow on the go. I am already starting to do something similar in my own plugins though - just without the base class - and it feels much easier to maintain each plugin knowing there is a similar convention between them.
See: https://code.flox.io/stuttter/wp-site-aliases/blob/master/includes/class-wp-site-aliases-db-table.php",johnjamesjacoby
Candidates for Closure,38923,Introduce `WP_Action_Handler` to clean up admin action mess,,Administration,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-11-24T01:08:35Z,2020-02-15T10:27:30Z,"We all know that several parts of the admin code are messy in a way. After we had to take several looks at these files during today's multisite chat, I thought we need to do something about it.
My proposal for now is to introduce a new base class `WP_Action_Handler`. This abstract class would lay a foundation to handle any kind of actions on any admin screen. Currently there's a (sometimes huge) switch clause at the beginning of almost every page. By removing these clauses entirely and handling the logic in a dedicated class for this instead, we get the following benefits:
* easier readable code
* less huge files
* possibility to add unit tests for each of the switch cases
* possibility to add unit tests the entire handling of an action
* easy addition of any custom actions in plugins, beyond just bulk actions (which have become easier to implement thanks to 4.7)
I have been experimenting with such a class over the past few hours and will upload a first patch below. Some notes:
* The class usage is almost similar to all the list table classes: There's a base class, and then there's (or rather there will be) one class (which extends the base class) for each screen that could benefit from that.
* Many of the actions have similarities: They mostly use `check_admin_referer()` at the beginning, followed by some capability and other permission checks to verify the user is allowed to perform the action. Therefore the base class should be able to handle nonces on its own. The capability checks should be separated from the actual action logic for better organization and easier testing.
* Many of the actions redirect back to the admin page, with a GET parameter denoting a notification message to show to the user. `WP_Action_Handler` should also be capable of managing such messages to make that easier as well. This will furthermore allow to remove a bunch of code from the admin screen files where they ""bootstrap"" their supported messages.
More notes will follow on the initial patch.",flixos90
Candidates for Closure,43147,Introduce `esc_html_comment` and translation related functions,,Formatting,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2018-01-23T15:27:17Z,2019-01-16T06:50:09Z,"Triggered by the following PR on Yoast SEO [https://github.com/Yoast/wordpress-seo/pull/8687 #8687] I saw the need for `esc_html_comment` functionality in WordPress.
This patch is based on the current API for formatting and escaping functions.
The implementation is based on the specifications found on the [https://www.w3.org/TR/html51/syntax.html#sec-comments HTML specifications page].
I've added unit tests to cover the situations that I could come up with.",jipmoors
Unpatched Enhancements,36317,Introduce a cookie prefix default constant,,Login and Registration,,normal,normal,,enhancement,new,dev-feedback,2016-03-24T01:41:57Z,2019-06-04T20:23:42Z,"Right now, all of WordPress's cookies are prefixed with the same `wordpress` namespace. A problem arises with `advanced-cache.php` caching solutions that load before `wp_cookie_constants()` is called, where the cookie prefix cannot be guessed.
The current work around is to stab at each cookie individually:
{{{
// Auth cookie
if ( defined( 'AUTH_COOKIE' ) && ( $this->cookie === AUTH_COOKIE ) ) {
return true;
}
// User cookie
if ( defined( 'USER_COOKIE' ) && ( $this->cookie === USER_COOKIE ) ) {
return true;
}
// Logged-in cookie
if ( defined( 'LOGGED_IN_COOKIE' ) && ( $this->cookie === LOGGED_IN_COOKIE ) ) {
return true;
}
}}}
And to special case the test cookie, like:
{{{
// Generic 'wordpress' cookies (that are not test cookies)
if ( ( substr( $this->cookie, 0, 9 ) === 'wordpress' ) && ( $this->cookie !== 'wordpress_test_cookie' ) ) {
return true;
}
}}}
But without a known and trusted cookie prefix, it's still an unpredictable environment.
-----
I'd like to re-propose an 8 year old issue (#6413) to introduce a new default constant to define a cookie prefix. This could turn the above snippet into something at least slightly more sane, like:
{{{
// Generic 'wordpress' cookies (that are not test cookies)
if ( defined( 'COOKIEPREFIX' ) ) {
$len = strlen( COOKIEPREFIX );
if ( substr( $this->cookie, 0, $len ) === COOKIEPREFIX ) && ( false !== strpos( $this->cookie, 'test_cookie', $len ) ) {
return true;
}
}
}}}
A `COOKIEPREFIX` constant would also allow plugins an easy way to drop themselves inside of WordPress's cookie namespace, which will help them play more nicely in environments where WordPress is not the only application within the domain.",johnjamesjacoby
Candidates for Closure,39364,Introduce a trigger to handle a custom queue job and run them,,Upgrade/Install,4.7,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-12-21T17:03:28Z,2023-03-23T00:11:28Z,"While I was creating a plugin which imports theme demos. I have to utilize the `wp.updates` for AJAX way to import and delete the demo packs but unfortunately there are no any trigger which I can utilize to update the queue job for demo by using its action and data in `wp.updates.queueChecker`. As a fix I have introduced a trigger in a patch file :)
Any procedure to the extend self-executing anynonmous function `wp.updates.queueChecker` below with only trigger `$document.trigger( 'wp-updates-queue-job', job );` is much appreciated :)
{{{
( function( $, wp ) {
var $document = $( document );
wp = wp || {};
/**
* The WP Updates object.
*
* @type {object}
*/
wp.updates = wp.updates || {};
/**
* Sends an Ajax request to the server to delete a demo.
*
* @param {object} args
* @param {string} args.slug Demo Pack.
* @param {deleteDemoSuccess=} args.success Optional. Success callback. Default: wp.updates.deleteDemoSuccess
* @param {deleteDemoError=} args.error Optional. Error callback. Default: wp.updates.deleteDemoError
* @return {$.promise} A jQuery promise that represents the request,
* decorated with an abort() method.
*/
wp.updates.deleteDemo = function( args ) {
var $button = $( '.theme-actions .delete-demo' );
args = _.extend( {
success: wp.updates.deleteDemoSuccess,
error: wp.updates.deleteDemoError
}, args );
if ( $button && $button.html() !== wp.updates.l10n.deleting ) {
$button
.data( 'originaltext', $button.html() )
.text( wp.updates.l10n.deleting );
}
wp.a11y.speak( wp.updates.l10n.deleting, 'polite' );
// Remove previous error messages, if any.
$( '.theme-info .update-message' ).remove();
$document.trigger( 'wp-demo-deleting', args );
return wp.updates.ajax( 'delete-demo', args );
};
/**
* Updates the UI appropriately after a successful demo deletion.
*
* @typedef {object} deleteDemoSuccess
* @param {object} response Response from the server.
* @param {string} response.slug Slug of the demo that was deleted.
*/
wp.updates.deleteDemoSuccess = function( response ) {
wp.a11y.speak( wp.updates.l10n.deleted, 'polite' );
$document.trigger( 'wp-demo-delete-success', response );
};
/**
* Updates the UI appropriately after a failed demo deletion.
*
* @typedef {object} deleteDemoError
* @param {object} response Response from the server.
* @param {string} response.slug Slug of the demo to be deleted.
* @param {string} response.errorCode Error code for the error that occurred.
* @param {string} response.errorMessage The error that occurred.
*/
wp.updates.deleteDemoError = function( response ) {
var $button = $( '.theme-actions .delete-demo' ),
errorMessage = wp.updates.l10n.deleteFailed.replace( '%s', response.errorMessage ),
$message = wp.updates.adminNotice( {
className: 'update-message notice-error notice-alt',
message: errorMessage
} );
if ( wp.updates.maybeHandleCredentialError( response, 'delete-demo' ) ) {
return;
}
$( '.theme-info .theme-description' ).before( $message );
$button.html( $button.data( 'originaltext' ) );
wp.a11y.speak( errorMessage, 'assertive' );
$document.trigger( 'wp-demo-delete-error', response );
};
/**
* Pulls available jobs from the queue and runs them.
*/
wp.updates.queueChecker = function() {
var job;
if ( wp.updates.ajaxLocked || ! wp.updates.queue.length ) {
return;
}
job = wp.updates.queue.shift();
// Handle a queue job.
switch ( job.action ) {
case 'install-plugin':
wp.updates.installPlugin( job.data );
break;
case 'update-plugin':
wp.updates.updatePlugin( job.data );
break;
case 'delete-plugin':
wp.updates.deletePlugin( job.data );
break;
case 'install-theme':
wp.updates.installTheme( job.data );
break;
case 'update-theme':
wp.updates.updateTheme( job.data );
break;
case 'delete-theme':
wp.updates.deleteTheme( job.data );
break;
default:
break;
}
$document.trigger( 'wp-updates-queue-job', job );
};
})( jQuery, window.wp );
}}}
",shivapoudel
Candidates for Closure,38690,Introduce classes for settings,,"Options, Meta APIs",,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-11-07T08:53:14Z,2019-03-26T13:14:34Z,"Let's add classes surrounding settings to provide a better structure for dealing with them. It will also allow us to get rid of some globals if we are in a position to remove them (in terms of BC).
Here is what I have in mind:
* A `WP_Settings` class should be introduced that contains `get()`, `update()`, `add()` and `delete()` methods. This will mostly be copy-paste from the related functions. The functions themselves will become wrappers.
* A `WP_Settings_Registry` will be introduced. It should contain all methods that handle registered settings (mostly introduced in 4.7). Again, the functions would become wrappers. We could get rid of the `$wp_registered_settings` global here and store these in a class property instead.
* The `WP_Settings_Registry` instance will be contained by the `WP_Settings` instance as a public property.
* A function `wp_settings()` will be introduced to access the `WP_Settings` instance or generate it if it does not exist yet. I'm not sure yet how to store the instance: The easy way is a global, but I was wondering where we're at with plans like a `WP::get( 'settings' )` so that we could do it differently. Anyway, let's assume a global first.
I think it would be a good pattern to build the class in a flexible way, so that the registry instance and database instance are passed to the class constructor. The following is how I would envision the `wp_settings()` function:
{{{
function wp_settings() {
global $wp_settings;
if ( ! isset( $wp_settings ) ) {
$wp_settings = new WP_Settings( new WP_Settings_Registry(), $GLOBALS['wpdb'] );
}
return $wp_settings;
}
}}}
I think once we agree on an approach, we should do something similar for metadata. But let's have the discussion in here first and open the other ticket afterwards.",flixos90
Tickets with Patches,41332,Introduce dedicated capabilities for managing attachments,,Media,,normal,normal,Future Release,enhancement,new,dev-feedback,2017-07-14T19:01:53Z,2021-02-18T15:56:08Z,"The capabilities for attachments currently use the regular post capabilities, so it is impossible to grant users specific attachment capabilities without giving them the same post capabilities. While this is fine for WordPress itself, it can be a pain for custom setups which need specific users to have access to their attachments without them being able to write a post.
It is rather easy to change that by setting the `capability_type` argument for the `attachment` post type to `attachment` instead of `post`. To make this change compatible we could do two things:
* For new setups, we could simply add the necessary capabilities to the respective roles. Note that this won't work retroactively as it would require a heavy migration none of us wants to invest their time for. :)
* For existing setups, the necessary capabilities could be granted to users through a default filter for `'user_has_cap'`, so that it would basically map back to posts. Custom setups could remove that filter to invent their own handling of the attachment capabilities.
It might be a bit of a tough idea to have two different ways for this to work, so if we are too wary of doing it, we could of course only do what I described in the second point everywhere.
An alternative to the whole thing would be to not change anything but introduce a filter for the attachment post type's `capability_type` argument. Otherwise the value would need to be hacked on the already-registered post object. This solution would clearly lay the responsibility more on the plugin authors, which might make sense given the benefits do not really matter for core itself.",flixos90
Candidates for Closure,24686,Introduce generic filter on transient return value,johnbillion,Cache API,2.8,normal,normal,Awaiting Review,enhancement,reviewing,dev-feedback,2013-07-04T16:53:45Z,2021-06-07T09:59:39Z,"The `get_transient()` and `get_site_transient()` functions have a filter on their return value, but the filter name contains the transient key: `transient_{$transient}`.
This means it's not possible to hook into the return value for ''every'' transient in order to do something like logging transient hits and misses.",johnbillion
Candidates for Closure,43210,Introduce singular capabilities for managing individual options,,Role/Capability,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2018-02-02T00:21:35Z,2018-04-19T21:52:52Z,"We've always had `manage_options`, but it's currently impossible whether a user can manage a specific option. As part of related tickets dealing with more granular capabilities (see https://core.trac.wordpress.org/query?status=accepted&status=assigned&status=new&status=reopened&status=reviewing&keywords=~granular-capabilities&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=milestone&col=component&order=priority), I suggest adding a meta capability `manage_option`.
It should accept (or basically require) the option name as argument. By default it should fallback to the regular `manage_options`, but an `auth_callback` could be passed to `register_setting()` to tweak the permissions there (such an `auth_callback` is already known from `register_meta()`).
This would also be useful for the REST API so that it can use the more granular permissions.",flixos90
Tickets with Patches,39156,Introduce singular capabilities for managing individual sites on a network,,Networks and Sites,3.0,normal,normal,Future Release,enhancement,new,dev-feedback,2016-12-07T18:50:16Z,2021-07-20T08:00:36Z,"As we did in #35614 for taxonomy terms, singular capabilities should be introduced for editing and deleting individual sites on a network.
This would allow fine-grained cap checks such as `current_user_can( 'edit_site', $site_id )`.
Bear in mind there's a potential clash here with the existing `delete_site` capability which is intended as a cap check for site admins to delete their own site. Needs some thought.",johnbillion
Candidates for Closure,39826,LIMIT clause not required in get_options function as there's already a UNIQUE KEY on option_name,,Database,4.7.2,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-02-09T23:41:05Z,2020-05-07T19:31:10Z,"The Core get_options (wp-includes/option.php) uses LIMIT 1 to retrieve only a single row for an option.
However, the option_name field already has a UNIQUE KEY in the table schema, so it's impossible for the db to contain or return more than one row for any option_name.
Barring history I'm unaware of (if there used to not be a UNIQUE KEY on this field in the past), it's safe to remove the LIMIT 1 clauses from these queries (there are a few instances in the function.
While LIMIT clauses can sometimes be harmful to performance, in this particular scenario that's not the case. However, it's just superfluous.",arjenlentz
Tickets with Patches,33967,"MS Sites: content of the users column should be by choice, number is not too informative",,Networks and Sites,4.3,normal,normal,,enhancement,assigned,dev-feedback,2015-09-22T13:43:11Z,2019-06-04T20:51:42Z,"I sadly noticed, that on network admin -> sites, the users column only shows numbers now.
It looks nicer with the less data, but on the other hand we used that information.
I ask, it is possible to make it choosable, or at least, list the users in the excerpt listing mode?
Why I ask this:
We have a multisite install with many blogs and open registration. Because of that we sometimes have spam blogs.
We frequently delete those spam blogs with its user(s), but now it's more complicated, because we don't see the email (user) at first. We have to open it on a new window (by clicking on the number of users).
That slows down the process.
And in some cases, just from the registered user (email) we saw if it was a spam blog or not.",katazina
Candidates for Closure,17924,Make Integrating Multiple Roles Per User Easier for Plugin Authors,,Role/Capability,2.0,normal,major,Awaiting Review,enhancement,new,dev-feedback,2011-06-28T23:40:48Z,2021-07-20T16:41:38Z,"WordPress supports multiple role per user, however to use this feature is very difficult for plugin authors to integrate well, and often requires adding plugin admin pages instead of integrating with the pre-existing user-edit.php. Due to the difficulty of this, and the fact that most plugins that allow this aren't very user-friendly, I believe users are staying away from multiple roles.
This ticket aims to change how easy it is to work with the current role management system, as well as to add a couple role-based filters and actions, while still keeping the front-end of the administrative interface single-role only. (Because it seems to be the prevailing opinion the multiple roles per user is plugin territory.) In addition, I completely agree that the vast majority of sites can best function with one role per user, however in some cases (such as the site I'm working on now) you simply need to be able to choose multiple roles.
= Changes =
== First Patch File ==
attachment:Replace_Admin_Role_Dropdown.patch
The first patch file moves the code for the role dropdown off of /wp-admin/user-edit.php, /wp-admin/includesclass-wp-users-list-table.php, /wp-admin/users-new.php, /wp-admin/options-general.php and into /wp-admin/includes/template.php where two new functions are created:
=== {{{wp_get_dropdown_roles()}}} ===
This function does what {{{wp_dropdown_roles}}} used to do, but it returns the value instead of echoing it. (Note that {{{wp_dropdown_roles()}}} now acts as a wrapper for {{{wp_get_dropdown_roles()}}}. (The old function is still in place for backwards compatibility.)
=== {{{wp_user_role_selector()}}} ===
This function creates the full dropdown and applies a new {{{'user_role_selector'}}} filter to the markup before echoing it out. This way the default dropdown can be overridden by something else (perhaps checkboxes).
== Second Patch File ==
attachment:Create_Role_Update_Actions_Filters.patch
The second patch file changes the functions that handle user creation and updating so they can be hooked into and a developer could make this work with multiple roles. This file affects /wp-admin/includes/users.php and /wp-includes/user.php.
=== {{{wp_sanitize_user_role()}}} ===
A new {{{sanitize_user_role}}} filter was created and sanitation of {{{$_POST['role']}}} in /wp-admin/includes/user.php when user-edit.php is submitted was moved there. The new function is called {{{wp_sanitize_user_role()}}}. (This is so that if user-edit.php is submitted and {{{$_POST['role']}}} were to contain a value other than a string (perhaps an array of roles) it can be sanitized and worked with accordingly.
=== {{{pre_user_role}}} ===
A new {{{pre_user_role}}} filter was added to {{{wp_insert_user()}}} in /wp-includes/user.php. This was mainly done because almost every other field that this function processes has a matching filter like this, and I thought maybe {{{$roles}}} felt left out as it did not. :(
I supposed somebody could also use it for something useful as well.
=== {{{apply_user_role}}} ===
A new {{{apply_user_role}}} action was added to {{{wp_insert_user()}}}. The function itself no longer uses {{{$user->set_role()}}}, instead saving user role changes is now handled by this new action. A matching function {{{wp_apply_user_role()}}} was added to set the user role like {{{wp_insert_user()}}} used to do. This way however, a plugin author could simply hook into {{{apply_user_role}}} to apply multiple roles to a user.
= Conclusion =
All in all, this patch was designed so that the average user would never even notice that a change has been made to user management, however a plugin author looking to add an easy way for people to select multiple roles for a user can quickly hook into this and have a nice, easy, well integrated and WordPress-like plugin.
I have done a few tests adding users and changing roles around with these patches applied on a fresh installation with no plugins and the only changes to WordPress being those that are in the attached patches, and everything seems to work seamlessly.
By the way, I am quite new to WordPress, so I added the needs-testing tag, because it does, but I also want to make sure I've done everything the 'WordPress' way and I want to make sure I havn't missed anything that is broken because of these small changes.",mobius5150
Candidates for Closure,41362,Make locate_template() filterable to change the template locations,,Themes,4.8,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-07-19T02:07:03Z,2019-10-04T20:58:40Z,"Right now WordPress expects all templates to reside in the root of your theme directory. We have all come across a theme with dozens of templates and well, that can get messy. With 6 lines of code we can easily, and vastly enhance the templating system.
This would provide a number of benefits:
1) This would allow developers to logical group functionally similar files / separates functional dissimilar files
2) It allows the root of the theme directory to be cleaned up and used for ""resources"" such as the functions.php and style.css files
3) By having the ability to pick and choose which templates go where, we can turn WordPress into an MVC application framework (personally what I use this technique for)
4) Related - this plays really nice with Timber
5) This lays the groundwork for future enhancements which I also use and plan to introduce shortly
= Examples =
== Moving all templates with the {{{""templates_path""}}} filter ==
Say I wanted to move all my templates into a directory named ""templates"" because as mentioned, this theme I inherited has dozens of templates, maybe one for each page. A good start would be to just move all the templates into a directory named ""templates"":
{{{#!php
ID;
$obj = get_queried_object();
if($obj->post_parent == $parent_id)
$path = rtrim($path, '/') . '/' . 'team';
return $path;
}
add_filter('page_templates_path', 'move_team_pages');
}}}
Now your theme might look something like:
{{{
/twentyseventeen/
|-- /assets/
|-- /inc/
|-- /templates/
|-- index.php
|-- single.php
|-- /team/
|-- page-mortimer.php
|-- page-biff.php
}}}
As we see, the two filters can (and perhaps should) be used together, but can also be used alone.
== Timber ==
As mentioned before, I use something like this on every project. I generally put all my templates into a directory called ""controllers"" and my twig files (if using Timber) into a directory called ""views"" so I have something akin to an MVC application.
My functions file sets Timber to look for twig files in a directory called ""views"" which is right inside the theme directory (next to ""templates""):
{{{
$timber = new \Timber\Timber();
Timber::$dirname = array('views');
}}}
so my {{{ templates/index.php}}} could set up my Timber context and pass it all the way to the {{{ index.twig }}} file in the ""views"" directory:
{{{
$context = Timber::get_context();
$context['posts'] = Timber::get_posts();
Timber::render('index.twig', $context);
}}}
",kylejennings83
Unpatched Enhancements,39909,Make title behaviours consistent across all widgets on first load,westonruter,Widgets,2.8,normal,normal,Future Release,enhancement,reopened,dev-feedback,2017-02-17T19:17:20Z,2021-06-25T15:47:08Z,"On first load the word 'Archives' outputs as the Widget title but it doesn't appear in the input field. If there is a default text, perhaps it should show. This could also assist by users making the connection with the words and where they can edit.
For example:
[[Image(https://cldup.com/EK1v0wxGX1.png, 50%)]]
Another example, the Calendar widget has no title and compared to the examples above this feels weird. What I think should happen is that the same title behaviour occurs for all widgets when you first load them.",karmatosed
Candidates for Closure,37646,Make wp-settings.php a series of do_actions(),,Bootstrap/Load,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-08-12T19:07:44Z,2017-02-23T04:41:29Z,"Now that #36819 is in, my master plan for `wp-settings.php` can begin.
----
'''Problem'''
`wp-settings.php` makes many assumptions, many on purpose, others by necessity, some on consequence, and a few by accident. It is somewhat poorly named for what it is, and it's a mishmash of globals, function calls, class instantiations, and do_action() calls.
----
'''Solution'''
`do_action()` all of the things.
Make `wp-settings.php` a series of action calls. One for setting versions, one for initial constants, one for environmental setup, translations, database, plugins, themes, users, template output, and so on...
Introduce a file named `wp-includes/default-actions.php` that serves 2 purposes:
* Includes a bunch of new functions that wrap up sections of what's already in `wp-settings.php`
* Hooks those new functions into the new actions in `wp-settings.php`
----
'''Why do we do this?'''
As more robust and sophisticated plugins, themes, APIs, and systems start to use, rely on, and bend WordPress to their will, the need to override more & more pieces becomes apparent. While WordPress comes with a very handy set of default post types, taxonomies, APIs, helpers, wrappers, and tools, it may be desirable to unhook (or never load) certain pieces so that other pieces can take their place.
In the past, this is done only with great intent, with strategic actions & filters in places where specific needs are being addressed. This is good in that it's predictable, but bad in that it's impossible for anyone to truly know what action or hook is *best* to perform any given subsequent action.
By breaking `wp-settings.php` up into many clearly named `do_action()` calls, it becomes clearly obvious what actions perform what duties, while also introducing literally maximum flexibility in the entire system for new and exciting things to happen around WordPress itself.
Imagine something like:
{{{
// Load versions
do_action( 'wp_settings_load_versions' );
// Load constants
do_action( 'wp_settings_load_constants' );
// Load translations
do_action( 'wp_settings_load_translations' );
// Load environment
do_action( 'wp_settings_load_environment' );
// Load early WordPress settings
do_action( 'wp_settings_load_early' );
// Load database
do_action( 'wp_settings_load_database' );
// and on, and on...
}}}
----
'''Epilogue'''
This is a huge idea, easily scoffed at, and introduces code-churn like whoa. It would mean doubling down on WordPress's actions API, trusting it implicitly to load all of WordPress's core pieces & parts. It would open many doors to many unforeseen oddities while developers start dissecting all the ways things are tied together. It would also enable really cool external tools, like REST API drop-ins that can `SHORTINIT` WordPress if auth is missing, or WP CLI commands that can `die()` literally anywhere in the stack after they've done what they need to do.
This is something I've wanted in WordPress since 2006 having seen similar in other libraries, and even old BackPress & bbPress gave nods and hints to back in the day.
I'm also happy to give this a first patch if it's helpful to see visually the destruction it causes, or guide someone else along my vision for this if someone is willing and able to see it through before I am. <3",johnjamesjacoby
Candidates for Closure,41583,"Menus Administration screen, menu items are always loaded even when not needed",,Menus,4.8.1,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-08-07T22:04:44Z,2017-10-10T01:39:18Z,"On the Menus Administration screen menu items are always loaded. For performance, menu items should only be loaded when editing an existing menu and not on the locations tabs or when adding a new menu item. I've attached a patch that fixes this.",webgeekconsulting
Candidates for Closure,40178,Menus that contain post types in Draft status should be hidden from logged out users,,General,4.7.3,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-03-16T23:39:44Z,2017-03-19T19:48:41Z,"I recently added 2 pages to my site. I published them, and moved them into a Menu on my site.
Then realized, I don't want them public, but I also don't want to lose their positioning where I put them in the menu. I moved them to draft.
When I go to my site logged out, I still see the links and goes to a 404.
I'm proposing that when an item in the Menu moves to a non-published state that isn't the Trash (Draft or Pending), it should remain in the nav, but be hidden from any logged out users.",jdingman
Tickets with Patches,31559,Meta boxes should have before/after hooks,,General,,normal,normal,,enhancement,new,dev-feedback,2015-03-07T20:38:33Z,2019-06-04T19:47:58Z,"Currently there is no way to hook into an existing metabox. If I wanted to modify the featured image metabox (add a checkbox or something), I'd have to unregister the metabox, and re-register w/ my own callback. This is not good for compatibility w/ other plugins, etc.
I propose before_callback and after_callback hooks for metaboxes.
Basically, we'd replace this:
{{{
echo '' . ""\n"";
call_user_func($box['callback'], $object, $box);
echo ""
\n"";
}}}
with:
{{{
echo '' . ""\n"";
do_action( 'before_metabox_callback', $object, $box );
do_action( ""before_{$box['id']}_metabox_callback"", $object, $box );
call_user_func($box['callback'], $object, $box);
do_action( 'after_metabox_callback', $object, $box );
do_action( ""after_{$box['id']}_metabox_callback"", $object, $box );
echo ""
\n"";
}}}
",jtsternberg
Candidates for Closure,57231,"Missing "":"" in strings with links.",,Text Changes,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2022-11-30T07:20:41Z,2023-11-16T13:10:33Z,"Personally, I think that strings with a link should have a "":"". To separate the actual sentence with the link. There are a few places where this doesn't happen. In this ticket/PR I'm going to change that.",NekoJonez
Candidates for Closure,59586,Missing Features for FSE / Block Themes,,General,6.4,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2023-10-10T16:09:04Z,2023-10-10T16:09:04Z,"With Classic themes there were some general options that all themes had.
Moving from Classic themes to Block Themes users have to change some settings by going to
General > Settings instead of going to Appearance Editor.
Non tech-savvy users would benefit from having options built in core to change some generic site mods via the new user interface.
The ones i am thinking of are :
i) Site Title
ii) Tagline
iii) Site Logo
iv) Favicon
v) What to use for the Homepage
",digamberpradhan
Candidates for Closure,52188,Move Multisite settings page into tabs,,Networks and Sites,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2020-12-29T17:27:55Z,2022-02-26T10:25:17Z,"Hello all,
In a multisite, the network settings page (/wp-admin/network/settings.php) is quiet long as we can see in wp-ms-network-settings.png and may be difficult to find a setting.
My idea should be to split each section into tabs.
",sebastienserre
Tickets with Patches,29513,Move heavy lifting of wp_mail() to child class of PHPMailer,,Mail,4.0,normal,normal,Future Release,enhancement,new,dev-feedback,2014-09-04T18:10:10Z,2020-09-16T18:59:53Z,"If a plug-in is sending an e-mail, the class `PHPMailer` has a lot of useful methods (e.g. `addStringAttachment()`), but these are not available when using `wp_mail()`, which is a requirement to work with numerous other plug-ins owing to the hooks it triggers.
`wp_mail()` does a number of things:
1. Instantiates a `PHPMailer` instance
2. Sets default values (e.g. ""from"" headers, charset, content type etc. )
3. Parses the passed arguments and feeds it to the `PHPMalier` instance.
4. Executes a ""pre-send"" routine, (e.g. triggering hooks `wp_mail_from`, `phpmailer_init` etc)
5. Sends the e-mail
The attached patch does a number of things:
1. Defines a `WPMailer` class ( a child of `PHPMailer`)
2. Defines a `WPMailerFactory` class which creates an instance with appropriate default values
3. Defines 'helper' methods which do the 'heavy lifting' of (3) above
4. Overrides the preSend method of PHPMailer to execute the 'pre-send routine' present in `wp_mail()` (i.e. (4) above)
5. Refactors `wp_mail()` to ""operate"" `WPMailer()` instance
The result is that developers can either use `wp_mail()` or `$wpmailer = WPMailerFactory::getMailer()` to send e-mails, and both will behave identically (in terms of default values, and hooks being triggered), while maintaining backwards compatibility.
This would also effectively close tickets #28407, #28059, #23291, #15539 , #11376 and maybe others.
== Remarks ==
'''Why just not use `phpmailer_init`?'''
This hook is very useful, but offers no context in which `wp_mail()` is called. As an example, suppose a plug-ins sends an e-mail with an ""on-the-fly"" purchase receipt attached. At `phpmailer_init` I don't know the purchase ID from which to generate and attach the receipt.
'''Class/method naming standards'''
I've used PHPMailer's naming standards which I understand conflicts slightly with WordPress' naming standards. A future iteration of this patch could well change this if that is deemed best.
'''Global $phpmailer'''
The global `$phpmailer` is redundant, as the factory creates a fresh instance for each request. Or at least it ''would''. The ''only'' reason the patch still uses this global, is that all the relevant unit tests pass without any further changes. Subject to this ticket being accepted in principle, these tests should be updated along with the patch.
'''Backwards compatability'''
Assuming `wp_mail()` hasn't been overriden by a plug-in/theme, then the is no change in behaviour. If it has been overridden, it's clear from the original function that the `$_GLOBAL['phpmailer']` should not be expected to exist, nor even the required classes to be loaded. As such they can be expected to operate independently of the changes made here, which are non-destructive.
'''Uni tests'''
For me, the mail group unit tests pass with 1 skipped. For some reason some tests failed (e.g. `Tests_DB::test_bail()`), but these failed even without this patch.",stephenharris
Candidates for Closure,45313,Multisite site deletion email contains misleading language about user account,,Administration,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2018-11-08T15:35:10Z,2018-11-08T15:35:10Z,"In Multisite, you can initiate the deletion of a site via wp-admin/ms-delete-site.php. This triggers an email https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-admin/ms-delete-site.php?marks=58#L43 that contains the line:
> (But remember your current site and username are gone forever.)
But the delete link does not, in fact, delete users or usernames. See https://core.trac.wordpress.org/browser/tags/4.9.8/src/wp-admin/ms-delete-site.php?marks=20#L18
This language dates from the MU merge in 3.0. See [12603]. I imagine it was linked to the original conception of WPMU that each user account would correspond to a specific site on the network, a legacy concept that plagues us elsewhere. See #17904, especially https://core.trac.wordpress.org/ticket/17904#comment:14 and subsequent comments.
This entire block of text could probably reuse a rethink, since the intended use of Multisite has changed considerably since 2010. I'd suggest changing the email text to something like (using `wpmu_welcome_notification()` as a template):
{{{
$content = __( ""Howdy ###USERNAME###,
You recently clicked the 'Delete Site' link on your site and filled in a
form on that page.
If you really want to delete your site, click the link below. Please note
that the URL ###SITE_URL### will be unavailable for further use, even after
the site is deleted.
You will not be asked to confirm again, so only click this link if you are absolutely certain that you'd like to delete your site:
###URL_DELETE###
-- The Team @ ###SITE_NAME###"" );
}}}",boonebgorges
Tickets with Patches,54298,Multisite: resetpassform always posts to the main-site wp-login.php file,,Login and Registration,,normal,normal,,enhancement,new,dev-feedback,2021-10-20T14:50:00Z,2023-10-01T01:52:18Z,The reset password form always posts to the main-site wp-login.php file. If the reset password form on a sub-site is being used then I'd expect the form to post to the sub-site wp-login.php file.,henry.wright
Candidates for Closure,49773,Navigating through list of posts on single.php is not functioning,,"Posts, Post Types",5.5,normal,major,Awaiting Review,enhancement,new,dev-feedback,2020-04-01T23:30:54Z,2020-04-02T02:44:45Z,"Wordpress is fantastic, but there are some flaws (at least from my perspective). I don't know if this can be classified as a bug or an enhancement, but WordPress expects that (single) pages could contain archive listings and might require pagination, yet single posts do not expected to have archive listings which is causing this issue. Instead of taking the page-slug/page/#/, it should take the post-slug/#/ when using the pagination in single.php.
What's happening is that the page # request portion is ignored and $paged will always be 1, and the “wrong” URL is rewritten to the “correct” one. Taking the $paged value from the main query and use it in a custom query often is problematic.
So, it does not allow us to add navigate through a list of posts in single.php. When using e.g. this snippet:
{{{
...
}}}
It will only spit out the HTML elements, but not the buttons, as there is nothing to show.
Another example:
{{{#!php
25,
'paged' => $paged,
) );
$paged = ( get_query_var( 'paged' ) ) ? get_query_var( 'paged' ) : 1;
if ( $wp_query->have_posts() ) :
?>
have_posts() ) : $wp_query->the_post();
?>
"">
}}}
Nothing works. Best case scenario is that it adds a page, but you then get the following: websiteURL/post-url/page/number
And of course, that also does not work and therefore you can't scroll through posts as you like.
Can we get this checked and hopefully fixed, please? I am desperately waiting for this, and many more are like me (Stackoverflow is filled with these questions).",1BJK903
Unpatched Enhancements,34293,Network Admin Email description doesn't really explain what it is.,,Networks and Sites,,normal,normal,,enhancement,new,dev-feedback,2015-10-13T21:18:49Z,2019-06-04T20:52:18Z,"On /wp-admin/network/settings.php the field for **Network Admin Email** has this as the description:
> This email address will receive notifications. Registration and support emails will also come from this address.
By contrast, the per-site has this:
> This address is used for admin purposes, like new user notification.
I propose we change the Network Admin one to this:
> This address is used for admin purposes, like site notifications. Registration and support emails will be sent from this address.
That makes for a little more parity, and explains more clearly that emails are sent FROM this address (which has been unclear to some).
The attached patch comes in two versions.
1) As I originally proposed
2) Without the 'and support' phrase since I have no idea what we are referring to with that one.",Ipstenu
Tickets with Patches,43233,Network transients,,Networks and Sites,2.9,normal,normal,Future Release,enhancement,new,dev-feedback,2018-02-06T09:28:25Z,2020-05-12T17:03:35Z,"Currently site (network) transients do not support multi network. For sites with object caching it stores the transient as a global and for sites without object caching, it stores it on the current networks options. This is a strange behavour, as object cached sites act very differet from none.
The behaviour should be the same on both types of site and how type of store a network transient should be better defined. Is it a global store or a network level store. ",spacedmonkey
Candidates for Closure,31387,New core API for adding Meta tags to the header,,General,,normal,normal,Awaiting Review,enhancement,assigned,dev-feedback,2015-02-19T19:08:23Z,2021-08-11T15:56:09Z,"There is often a conflict between one or more plugins about registering meta tags in the header. Meta tags that shouldn't be duplicated, it's difficult to know which one should 'win'. A lightweight framework in core that multiple plugins could use to register meta tags seems like it would be useful.
It would need to handle several different attributes for all use cases -- `name` `property` `http-equiv` `charset` -- possibly generic `data-*` attributes? Uncertain.
Twitter discussion: https://twitter.com/nacin/status/562109983069061120 (up and down the thread)
My first swing at it:
https://gist.github.com/georgestephanis/0f0cca2c5f1a6cd4aab2",georgestephanis
Candidates for Closure,39848,New filter 'the_title_wrap',,"Posts, Post Types",4.7.2,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-02-11T20:46:21Z,2017-07-03T15:18:35Z,"== Problem:
In plugin I wish to add some markup after/before the post and page title so, naturally, I use `the_title` filter. However, this filter is applied on `get_the_title()` function which is used by all instances of post title all over the page (menus, edit links etc). On top of that, more and more themes are using `the_title()` with before and after params which makes all my custom markup wrapped inside this before and after. So when theme is using `the_title( '', ' ' )`, and my markup in filter is, for example an image, then I get:
{{{
The title
}}}
Or something even worse if my custom markup is more complex.
== Proposal (possible solution):
I have tested another filter on `the_title()` function **(wp-includes/post-template.php)** and it gave me exactly what I needed:
{{{#!php
/**
* Display or retrieve the current post title with optional markup.
*
* @since 0.71
*
* @param string $before Optional. Markup to prepend to the title. Default empty.
* @param string $after Optional. Markup to append to the title. Default empty.
* @param bool $echo Optional. Whether to echo or return the title. Default true for echo.
* @return string|void Current post title if $echo is false.
*/
function the_title( $before = '', $after = '', $echo = true ) {
$title = get_the_title();
if ( strlen($title) == 0 )
return;
$title = $before . $title . $after;
/**
* Filters the post title after 'the_title' filter.
*
* @param string $title The post title.
*/
$title = apply_filters( 'the_title_wrap', $title );
if ( $echo )
echo $title;
else
return $title;
}
}}}
I named it `the_title_wrap` because it wraps everything that comes with `the_title` function and filter. This filter doesn't apply on menus, edit links etc. Tested on twenty* themes, it applies only on posts and pages title on singulars and on posts title inside the loop on archive pages. Also, my custom markup doesn't end up inside `` or `` tags. Now it looks like this:
{{{
The title
}}}
This is, of course, somewhat uncertain because I'm counting on theme author to use `the_title()` instead of `get_the_title()` but I think it's worth of effort as sometimes it becomes nearly impossible to target only entry title on singular or inside loop on archives etc.
Thank you.",milana_cap
Candidates for Closure,35097,New filter: `edit_post_type_title`,,"Posts, Post Types",,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2015-12-15T09:15:30Z,2017-02-05T13:53:13Z,"Filter in edit.php to filter title. Why ?
I filter this page by term and I want have title of current term
edit.php?post_type=investor-day&funds-categories=title",sebastian.pisula
Tickets Needing Feedback,34699,New function: `get_query_arg()`,,General,,normal,normal,Future Release,enhancement,new,dev-feedback,2015-11-16T12:51:31Z,2021-07-20T08:07:55Z,"For example i have url $url = 'http://example.com/?param=1¶m2=2¶m3=3' and I want get `param2` so I use function: get_query_arg('param2', $url);
Second argument: exists function add_query_arg and remove_query_arg",sebastian.pisula
Candidates for Closure,45864,On list page All(x) count does not consider Trash items. Hence Trash should appear differently,,"Posts, Post Types",5.0.2,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2019-01-08T13:29:48Z,2019-05-22T12:33:17Z,"I find it confusing with the way WordPress shows `All(xx)` along with a broken down counts of each status when we have trashed items, `All(xx)` only considers un-trashed posts.
So I feel displaying `Trash(xx)` exactly as rest of the status is not visually right. Since Trashed items are not considered in `All` count, it needs to be displayed a bit differently.
I think if we can do something like the following it will look more logical.
1. Increase left margin before `Trash(xx)` so that it looks a bit separated.
2. Change the color of Trash link to `#dc3232`. Since `Delete Permanently` and `Trash` links are also using red color.
3. One more observation. We are writing `Published`, `Scheduled`, so I think rather `Trashed` could be used instead of `Trash` to match the rest.
Here is a proposed solution:
File: `/wp-admin/css/common.css`
{{{
.subsubsub li.trash-posts {
margin-left: 2rem;
}
.subsubsub li.trash-posts a {
color: #dc3232;
}
}}}
File: `wp-admin/includes/class-wp-list-table.php`
{{{#!php
$view ) {
if( 'trash' === $class ) {
$views[$class] = ""\t$view"";
} else {
$views[$class] = ""\t $view"";
}
}
...
}
}}}
File: `wp-includes/post.php`
{{{#!php
_x( 'Trash', 'post status' ),
...
...
'label_count' => _n_noop( 'Trash (%s) ', 'Trashed (%s) ' ),
...
) );
}}}
Please let me know if this makes sense.",subrataemfluence
Candidates for Closure,38278,Only query taxonomies assigned to the post types being queried,,Taxonomy,4.7,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2016-10-10T20:28:53Z,2017-04-20T03:02:26Z,"While working on #31383 (Add `WP_Tax_Query` support to `WP_User_Query`), it was brought up that taxonomy queries do not check to see whether the requested taxonomies are registered to the requested post type.
Opening this ticket to discuss further. Should taxonomies always match the queried `post_type`?
From @boonebgorges on the other ticket:
Here's a way to frame the issue: are we likely to confuse developers if we allow (ie, don't throw errors for) queries like `get_users( ... 'tax_query' => ... 'taxonomy=post_tag' )`? Or `get_posts( ... 'tax_query' => ... 'taxonomy=some_user_taxonomy' )`? Or maybe these queries will just always end up empty? We should think through the possible confusions (or, maybe, lack thereof).
",desrosj
Candidates for Closure,49175,Optimize font-loading techniques for all WordPress Twenty themes,,Bundled Theme,5.3.2,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2020-01-12T08:09:55Z,2023-02-25T20:47:29Z,"Right now, I'm using the Twenty Seventeen theme for several websites and the Google Font Libre Franklin, included in that theme, is loaded like this:
{{{
}}}
For performance reasons, given as this is a font which already has fallbacks defined in the {{{body}}} property, it'd be better to add {{{display=swap}}} and {{{rel=preload}}}
to this link. Few links:
[https://developers.google.com/web/updates/2016/02/font-display]
[https://developers.google.com/web/updates/2016/03/link-rel-preload]
[https://addyosmani.com/blog/google-fonts-font-display/]
These small steps will **massively increase performance and PageSpeed scores for every core theme implementing these changes** for their Google Fonts. ",mvanturnhoutziggonl
Candidates for Closure,40348,Option to enable User Dashboard on single-site installations,,Users,3.0,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2017-04-03T19:45:58Z,2021-08-04T21:11:11Z,"Since WordPress 3.0, the User Dashboard located at `/wp-admin/user/` has only been exposed to multisite installations. I would like the option to use this dashboard as a replacement for `profile.php`, even on single-site installations.
----
'''Why?'''
Because `profile.php` is just 1 page, and plugins (like BuddyPress & bbPress) cannot user-centric data management without overriding the profile screen completely, which has the adverse affect of abandoning other plugins that have hooked into this screen. If we have to do that, we may as well invest more in the User Dashboard that already comes with WordPress core.
My WP User Profiles plugin helps to re-imagine how the WordPress User experience might work & look, and comes with full integration into the User Dashboard. I'd like to bring that experience to single-site installations, and the core code currently explicitly prevents this behavior.
----
'''How?'''
I believe, today, the User Dashboard should be off-by-default for single-site installations, and work as-is for multi-site installations. Plugins should be allowed to enable access to the User Dashboard, and plugins can then opt-into supporting that new dashboard in new & creative ways.
I'm proposing that we simply enable this feature to function, and not that we completely jump head-first into supporting it in core and/or replacing `profile.php` entirely, at least not yet or my foreseeable future.
----
'''Caveats'''
There are zero caveats for all existing WordPress installations, though as with any new feature, I can imagine the range of future scenarios from bad to good on how this could be used and/or abused.
The one major bummer is that the Admin Settings API does not support either the Network or User dashboards, so saving options is still a completely custom affair. The theoretical Fields API could save us here, or maybe not.
----
This functionality is relatively easily achieved, and I'll be attaching a patch imminently.",johnjamesjacoby
Candidates for Closure,59182,Plugin/theme zip update screen max-width,,Upgrade/Install,5.5,normal,minor,Awaiting Review,enhancement,new,dev-feedback,2023-08-24T09:55:54Z,2023-08-26T05:22:21Z,"Hi,
Can we set the max-width to 100rem instead of 40rem?
Current CSS for wrap class.
{{{
.update-php .wrap {
max-width: 40rem;
}
}}}
it should be
{{{
.update-php .wrap {
max-width: 100rem;
}
}}}
let me know if this makes sense or not, please.
For more information see mentioned screenshot below.
",sumitsingh
Unpatched Enhancements,36324,Post status labels use inconsistent grammar,,"Posts, Post Types",,normal,normal,,enhancement,new,dev-feedback,2016-03-25T05:57:25Z,2019-06-04T20:56:27Z,"Our post status labels switch back and forth between being verbs, adjectives, or potentially past-participles:
* All
* Mine
* Published
* Scheduled
* Drafts
* Trash
I'd like to suggest we tidy these up. Maybe something like:
* All
* Authored (I don't love this, but you get the idea)
* Published
* Scheduled
* Drafted
* Trashed
",johnjamesjacoby
Unpatched Enhancements,55535,Pre-populate Image Alt Text field with IPTC Photo Metadata Standard Alt Text,joedolson*,Media,,normal,minor,Future Release,enhancement,accepted,dev-feedback,2022-04-05T21:45:25Z,2024-02-05T20:52:37Z,"The IPTC Photo Metadata Standard includes the ability to embed Alt Text with a photo.
Seems like it would be helpful if WordPress would check for this data when an image is uploaded, and, if it exists, pre-populate the Alt Text field with it.
I could see this being especially useful for site owners who purchase stock photography; if the alt text is embedded with those images, it would save the site owner time, and it would also help ensure that an Alt Text itself is added -- and is an accurate description of the image (assuming the photographer or stock photo site actually enters a good description!).
http://www.iptc.org/std/photometadata/specification/IPTC-PhotoMetadata#alt-text-accessibility",eatingrules
Candidates for Closure,54390,Privacy Policy should be generated on the site language (locale) and not on users language,,Privacy,,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2021-11-07T08:59:03Z,2021-11-08T04:48:27Z,"If the user chose another language for admin and generated the Privacy Policy page, it was created in its chosen language and not in the site's language (locale).
Example: While managing site with German language and English language as personal preference, I've got English Privacy Policy page and not Datenschutzerklärung as I've exected.
It can be even better to give a user option to change the default (site's language) to another available one as an added feature.",oglekler
Tickets Needing Feedback,49490,Proposal: New wrapper function and hook for creating attachments,,Media,,normal,normal,Future Release,enhancement,new,dev-feedback,2020-02-21T22:44:38Z,2020-10-07T05:28:16Z,"Everywhere you look for the code related to inserting a new attachment you find 3 steps are needed:
1. wp_insert_attachment
2. wp_generate_attachment_metadata
3. wp_update_attachment_metadata
I see no reason not to have a wrapper function instead of having these 3 functions being repeated all over core files + 3rd party themes and plugins. Plus, as people commit changes in core mistakes are occurring [ticket:49449].
The most important reason to create this new wrapper function is to improve interoperability by adding a real hook to know when an attachment has been totally processed by core. This is needed by many plugins that work with images or caching. Right now the hook most used to know of a new attachment is `add_attachment` found in `wp_insert_post()`, but this is run before step 2 and 3, therefore attachment metadata has not been created yet.
Developers are having to create a custom wrapper function to add this hook (my company included) in their projects and that means attachments inserted via WP Dashboard wont be taken into action.
`media_handle_upload()` is a good example of the wrapper function I am talking about, but sadly it goes out of scope by assuming the file will be located in `$_FILES` variable instead of receiving the file by a parameter, therefore is not friendly or future proof. When that function was created I guess it wasn't taken into consideration that files can be uploaded to the server in many ways. Plus is lacking the appropriate hooks too.
Even the `WP_REST_Attachments_Controller` had to create custom methods to fulfill a scenario where attachment data is being sent in the body of the request.
A fast search in core for `wp_insert_attachment` will illustrate how this function is followed by `wp_generate_attachment_metadata()` and `wp_update_attachment_metadata()` in most cases:
* `media_handle_sideload()`
* `media_handle_upload()`
* `wp_ajax_crop_image()`
* `Custom_Background::handle_upload()`
* `WP_Site_Icon::insert_attachment()`
* `wp_xmlrpc_server::mw_newMediaObject()`
* `WP_REST_Attachments_Controller`
I wont even mention third party implementations I’ve found.
A quick boilerplate...
{{{#!php
$post_type,
'labels' => array(),
'description' => '',
'public' => false,
'hierarchical' => false,
'exclude_from_search' => null,
'publicly_queryable' => null,
'show_ui' => null,
'show_in_menu' => null,
'show_in_nav_menus' => null,
'show_in_admin_bar' => null,
'menu_position' => null,
'menu_icon' => null,
'capability_type' => 'post',
'capabilities' => array(),
'map_meta_cap' => null,
'supports' => array(),
'register_meta_box_cb' => null,
'taxonomies' => array(),
'has_archive' => false,
'rewrite' => true,
'query_var' => true,
'can_export' => true,
'delete_with_user' => null,
'_builtin' => false,
'_edit_link' => 'post.php?post=%d',
);
}}}",moshiezz
Candidates for Closure,24672,Remove final from WP_Post class,,"Posts, Post Types",3.5,normal,normal,Awaiting Review,enhancement,reopened,dev-feedback,2013-07-02T03:48:03Z,2018-04-18T19:44:22Z,"After discussing it with stephdau and reading through #21309, I think a discussion should be had on the validity of using the final keyword on the class.
While I agree that a decorator pattern is probably best for building the class, there is still no reason for the keyword to be used. If someone wants to extend the class then they should be allowed to do so.",carlalexander
Tickets with Patches,51407,Remove inline event handlers and JavaScript URIs for Strict CSP-compatibility,adamsilverstein,Security,4.8,normal,normal,Future Release,enhancement,assigned,dev-feedback,2020-09-28T13:34:53Z,2023-12-26T18:36:00Z,"Content Security Policy is a mechanism designed to make applications more secure against common web vulnerabilities, particularly cross-site scripting. It is enabled by setting the Content-Security-Policy HTTP response header.
An application can add a critical defense-in-depth layer against markup injection attacks by adopting a strict policy that prevents the loading of untrusted scripts or plugins.
A basic policy (nonce + strict-dynamic + unsafe-eval) would block more than [https://speakerdeck.com/lweichselbaum/csp-a-successful-mess-between-hardening-and-mitigation?slide=16 40%] of the XSS sinks.
To make an application compatible with strict CSP, it is necessary to make changes to HTML templates and client-side code and add the policy header:
1. Add nonces to
}}}
Becomes
{{{
}}}
This happens because wpautop adds those BR tags to the post. (As it should, just not within STYLE or SCRIPT tags.)
I've made a (temporary?) workaround for this by creating a pre and post event for wpautop, which substitute the necessary newlines by a temporary value in the pre event and placing them back in the post event. Although I think this should be incorporated in wpautop itself.
See also: http://wordpress.org/support/topic/76433 and http://wordpress.org/support/topic/76297
While searching trac I also found ticket #2346, which is about the same problem, but which was for 2.0 and self-closed by the submitter?
P.S. I have TinyMCE turned of.",Nazgul
Tickets Needing Feedback,11678,wpautop() fails on uppercase closing tags,,Formatting,2.9,normal,normal,,defect (bug),new,dev-feedback,2009-12-31T11:26:11Z,2019-06-04T19:42:47Z,"To reproduce, in a post enter:
{{{
Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!
}}}
View the post (source) and you get:
{{{
Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!
}}}
Because I (incorrectly) entered an uppercase closing tag, wpautop() thinks there is no closing tag so adds a , which then often renders as a double tag. Close if this is not a bug, though I thought it may be good to do some sanitizing or something on uppercase tags.
",joehoyle
Tickets Needing Feedback,12257,wpdb Scales Badly Due to Unnecessary Copies of All Query Results,,Database,,normal,critical,,defect (bug),assigned,dev-feedback,2010-02-17T03:08:06Z,2019-06-04T19:21:45Z,"While working on #11726, I encountered a reproducible crash in wpdb::query()
The following code causes memory exhaustion on large result sets:
{{{
while ( $row = @mysql_fetch_object($this->result) ) {
$this->last_result[$num_rows] = $row;
$num_rows++;
}
}}}
The memory exhaustion message is error-controlled, causing a white screen of death even in debug mode.
I searched wp-db.php for references to $this->last_result, and I found no justification for these object reference copies. $this->last_result '''should''' be maintained as a MySQL resource and properly optimized using the MySQL client layer instead of this PHP nonsense.
Tagging for dev-feedback to discuss which Milestone is appropriate.",miqrogroove
Tickets Needing Feedback,31166,wpmu_signup_user_notification filter is incorrect,,Login and Registration,3.0,normal,normal,,defect (bug),new,dev-feedback,2015-01-28T20:30:03Z,2019-06-04T20:10:50Z,"Simple ticket here,
The wpmu_signup_user_notification filter seems to be filtering the wrong option
{{{
if ( ! apply_filters( 'wpmu_signup_user_notification', $user, $user_email, $key, $meta ) )
return false;
}}}
If I'm thinking correctly, the filter should be filtering a boolean. If two filters are added to this and the first returns false, there is no way for the second filter to recover the $user variable.
This is how I see it working
WP4.1, /wp-includes/ms-functions.php line 919
{{{
if ( ! apply_filters( 'wpmu_signup_user_notification', true, $user, $user_email, $key, $meta ) )
return false;
}}}",johnrom
Tickets Needing Feedback,13743,Ability to choose a network default theme,,Networks and Sites,3.0,normal,normal,Future Release,enhancement,reopened,dev-feedback,2010-06-06T05:44:12Z,2018-03-28T09:11:24Z,"As stated in summary. I use WP 3.0 RC and I've found out that there is no way to set up a theme which should be used by default for newly created sites in network. Even then I disable all the themes except the one I want to be used, WP still set thentyten as theme for newly registered site. The only solution I was able to find is to change theme description and name to twentyten and delete all other themes. It's so simple to let administrator choose default network theme, and this option is present in many other CMS.",fuwaneko
Tickets Needing Feedback,15230,Action hook before the inserting post into the database,,"Posts, Post Types",3.1,normal,normal,Future Release,enhancement,new,dev-feedback,2010-10-27T09:18:46Z,2021-05-11T12:51:37Z,"Something like
{{{
do_action( 'pre_post_insert', $data, $postarr );
}}}
added to ''wp_insert_post'' function right after the ""else"" statement on line 2501 in .../wp-includes/post.php
",johnnypea
Tickets Needing Feedback,23207,Add $labels argument to register_post_status(),,"Posts, Post Types",3.0,normal,normal,,enhancement,reopened,dev-feedback,2013-01-15T19:32:54Z,2019-06-04T20:43:43Z,"WordPress functions '''register_taxonomy()''' and '''register_post_type()''' has '''labels''' argument. Why not add labels to '''register_post_status()'''?
The current way to add status:
{{{
$args = array(
'label' => __( 'draft', 'text_domain' ),
'label_count' => _n_noop( 'Draft (%s)', 'Drafts (%s)', 'text_domain' ),
'public' => false,
'show_in_admin_all_list' => true,
'show_in_admin_status_list' => true,
'exclude_from_search' => true,
);
register_post_status( 'draft', $args );
}}}
The new way (using labels):
{{{
$labels = array(
'name' => __( 'Draft', 'text_domain' ),
'singular_count' => __( 'Draft (%s)', 'text_domain' ),
'plural_count' => __( 'Drafts (%s)', 'text_domain' ),
'any_other_label' => __( 'Any Other Label', 'text_domain' )
);
$args = array(
'labels' => $labels,
'public' => false,
'show_in_admin_all_list' => true,
'show_in_admin_status_list' => true,
'exclude_from_search' => true,
);
register_post_status( 'draft', $args );
}}}",ramiy
Tickets Needing Feedback,15924,Add 'media_default_link_type' option to parallel 'image_default_link_type',,Upload,,normal,normal,Future Release,enhancement,new,dev-feedback,2010-12-20T21:12:12Z,2019-05-15T20:48:42Z,"It is often recommended that site owners change the 'image_default_link_type' option to ""none"" if they don't plan on linking to full size images often from their posts. The problem is that this also affects the default link type for other media (uploaded zip files, pdfs, etc.) Adding an additional option for 'media_default_link_type' which behaves in the same way would get around this problem.
",goldenapples
Tickets Needing Feedback,18816,Add 'offset' parameter and 'ancestral' boolean to wp_nav_menu,,Menus,,normal,normal,,enhancement,new,dev-feedback,2011-09-29T16:13:42Z,2019-06-04T20:02:57Z,"Since we can now call wp_nav_menu multiple times and there is the very useful 'depth' parameter, I believe adding an 'offset' parameter would be very beneficial in many situations. This would allow you to start at the children of the main pages for example and combined with depth it becomes very powerful. An 'ancestral' => 'true' option could output only menu items that the current page is a descendant of. Currently if you want to display a main menu in the header and then a submenu on page.php you either need a tricky custom walker or terrible CSS 'visibility:hidden' or 'display:none' situations.",signyourbikeout
Tickets Needing Feedback,20977,Add Dynamic Comment Statuses,,Comments,3.4,normal,normal,Future Release,enhancement,new,dev-feedback,2012-06-15T17:12:07Z,2020-01-14T02:35:50Z,It would be great to add some filters/actions that would allow plugin developers to add additional statuses to comments.,supercleanse
Tickets Needing Feedback,36492,Add `WP_Post_Status` class,,"Posts, Post Types",3.0,normal,normal,,enhancement,reviewing,dev-feedback,2016-04-12T10:30:14Z,2019-06-04T20:56:46Z,"Similar to #36217 and #36224, a dedicated class for post statuses would make it easier to work with those as they are currently represented through raw objects.
The global variable `$wp_post_statuses` would then hold objects of `WP_Post_Status` which would provide the benefits of autocompletion in IDEs, and we could possibly add methods to the class in the future to make post status management easier.",flixos90
Tickets Needing Feedback,23008,Add a Hook To Hide Inactive Widgets,,Widgets,3.5,normal,normal,,enhancement,new,dev-feedback,2012-12-19T19:59:12Z,2019-06-05T06:38:58Z,"Hello,
This is my first feature request so hopefully I'm going through the process correctly. Onto the request...
Adding a hook to remove or hide the Inactive Widgets sidebar on the WordPress Admin Widgets page would be very useful for developers who don't use the area and want to be able to hide it for better UX.
If this is approved I would love to submit a patch. :)",BFTrick
Tickets Needing Feedback,25616,Add a content length filter to wp_dashboard_recent_drafts(),,Administration,,normal,normal,,enhancement,new,dev-feedback,2013-10-17T01:41:34Z,2019-06-04T19:24:26Z,It would be nice to be able to change the length of the recent drafts content via a filter. The fixed value of 10 is too short for character count based users.,tenpura
Tickets Needing Feedback,51832,Add a more visible way to delete unused themes,,Themes,5.5,normal,normal,Future Release,enhancement,new,dev-feedback,2020-11-20T11:20:47Z,2022-06-06T13:26:04Z,"Today (in WP 5.5) in order to delete a theme I don't use, I need to navigate to Appearance → Themes, then click on ""Theme Details"" that is only visible when a theme has focus and in the splash dialog, finally, hit ""Delete"".
Since the Health Check reminds users to remove themes they don't use, we systematically set people off looking for how to delete unused themes without finding (and then writing nervous posts in various help forums).
Let's add a more discoverable way!
On the ""Themes"" page, we could add a button at the top of the page (after the ""Search installed themes"" dialog) ""Delete unused themes"".
When you hit that button, you get a list of all your themes. Your current theme (and its parent theme, where applicable) would be inaccessible and ""greyed out"". All other themes would have selection boxes. At the top of the list there should be a two buttons: ""Select all themes recommended for deletion"" and ""Delete selected themes"".
Hmm. May words. Perhaps someone with suitable skills could draft a mock-up?",tobifjellner
Tickets Needing Feedback,15499,Add an index for get_lastpostmodified query,OllieJones,Database,3.0.1,normal,normal,Future Release,enhancement,reviewing,dev-feedback,2010-11-19T18:20:31Z,2023-09-27T15:38:07Z,"I had a friend (Jools Wills) look over a WordPress site recently, to get a fresh view on what might be optimised, and he noticed a query which might benefit from an additional index on `WP_Posts`. The query `SELECT post_modified_gmt FROM $wpdb->posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1` in `get_lastpostmodified` is run for last modified date in GMT, and currently doesn't use an index. This SQL is run whenever certain types of feed are requested as far as I can see.
We added `CREATE INDEX type_status_modified ON wp_posts (post_type, post_status, post_modified_gmt);` and `CREATE INDEX type_status_modified_no_id ON wp_posts (post_type, post_status, post_date_gmt);` and the query runs a lot faster now. The following timings were taken running the first query (`post_modified_gmt`) on a 36,362 row posts table. Note that it doesn't use filesort after the index has been added.
''Before:''
{{{
mysql> EXPLAIN SELECT post_modified_gmt FROM slgr_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1;
+----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+
| id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra |
+----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+
| 1 | SIMPLE | slgr_posts | ref | type_status_date | type_status_date | 124 | const,const | 24718 | Using where; Using filesort |
+----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+
1 row in set (0.03 sec)
}}}
* 0.21290683746338ms
* 0.25690102577209ms
* 0.230553150177ms
* 0.2274341583252ms
* 0.23083996772766ms
''After:''
{{{
mysql> EXPLAIN SELECT post_modified_gmt FROM slgr_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1;
+----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+
| id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra |
+----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+
| 1 | SIMPLE | slgr_posts | ref | type_status_date,type_status_modified | type_status_modified | 124 | const,const | 24718 | Using where |
+----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+
1 row in set (0.00 sec)
}}}
* 0.00082707405090332ms
* 0.00072288513183594ms
* 0.00074386596679688ms
* 0.00066494941711426ms
* 0.00066208839416504ms
In `get_lastpostmodified` both these queries are run, so the total savings in my case on a quiet server are nearly 0.5 seconds... worth having, I reckon.
I've not created a patch for schema changes before, but I think the only place the change would need to go would be `scheme.php`? Suggested patch attached.",simonwheatley
Tickets Needing Feedback,18315,Add an index to the GUID column in the posts table,,Database,3.2.1,normal,normal,,enhancement,reopened,dev-feedback,2011-08-02T04:31:01Z,2019-06-04T19:22:38Z,"Running queries on the GUID column in the posts table is slow because the column is not indexed. The attached patch adds an index.
Note, this affects ticket #18286 - I will update that ticket with appropriate patches to reflect this request.",alexkingorg
Tickets Needing Feedback,19392,Add auto-suggest support for all flat taxonomies in Bulk Edit.,,Quick/Bulk Edit,3.0,normal,normal,,enhancement,new,dev-feedback,2011-11-29T18:37:18Z,2019-06-04T21:07:15Z,"Auto-suggest in the Bulk Edit area for post_tag's was fixed in 3.3. Let's add support for all other non-hierarchy tax's in 3.4.
See [http://core.trac.wordpress.org/ticket/19176#comment:11 #19176] for more info.",scottbasgaard
Tickets Needing Feedback,16883,"Add check for ""Template Version"" on theme activation",,Themes,3.1,normal,normal,,enhancement,new,dev-feedback,2011-03-18T03:28:36Z,2019-06-04T21:06:36Z,"Related: #16395
In addition to adding Template Version to the standard meta information extracted from style.css in `get_theme_data()`, I think that for this information to be useful, a child theme shouldn't be able to be activated unless the template template the child theme uses (parent theme) meets the minimum version requirement identified in ""Template Version"".
A polite and graceful failure, with an error notice, would be preferable :-)
Reason: many times child themes utilize functionality that only exists in the latest version of a parent theme. They're stuck either writing backward compatibility into into their code, or risking whitescreens.
This not only prevents that, but it could be used to gently encourage the user to update the parent theme.
Certainly not a candidate for 3.1.1, but perhaps 3.2?",nathanrice
Tickets Needing Feedback,56221,Add download URL to plugins REST create (install) endpoint,TimothyBlynJacobs*,Plugins,5.5,normal,normal,Future Release,enhancement,accepted,dev-feedback,2022-07-14T21:51:39Z,2023-06-27T07:04:57Z,"The `wp-json/wp/v2/plugins` endpoint allows installing plugins by POSTING the `slug` parameter. It then queries the .org plugin repo for the download link and proceeds to download and install that zip file using `Plugin_Upgrader`.
I would like to be able to specify the download URL so I can install plugins from outside the .org plugin repo.
My plan is to install plugins to my site when a I create a new release on GitHub, i.e. use GitHub Actions to POST the new download URL to my site, then serve the plugin to other sites using SatisPress.
I tried unsuccessfully to find past related tickets that maybe discussed if omitting this functionality was intentional.
It looks like a relatively easy change. I'll make PR for it soon.
https://github.com/WordPress/WordPress/blob/4c265b66297074f09d66c17d9f14d11a5fffdb00/wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php#L289-L313",brianhenryie
Tickets Needing Feedback,16828,Add filter on initial_meta_boxes for nav menu,,Menus,,normal,normal,Future Release,enhancement,new,dev-feedback,2011-03-10T21:08:40Z,2020-07-27T17:25:27Z,"When you create a custom post type with `show_in_nav_menus = true` the metabox in Appearance->Menus is hidden to all new users. This is especially annoying for multi-site setups. The issue is in `wp_initial_nav_menu_meta_boxes()` where it sets the initial meta boxes:
{{{
$initial_meta_boxes = array( 'nav-menu-theme-locations', 'add-custom-links', 'add-page', 'add-category' );
}}}
I'd settle for a filter on that, but it seems like a more complete fix would be to add the filter with a default function hooked into it which would add post types with `show_in_nav_menus = true` to the list.",aaroncampbell
Tickets Needing Feedback,25070,Add filter to use do_accordion_sections for post metaboxes,,Editor,3.6,normal,normal,,enhancement,new,dev-feedback,2013-08-18T15:44:46Z,2019-06-04T19:24:15Z,"It'd be really cool to be able to use the new do_accordion_sections to render post metaboxes. Adding a filter to allow devs to do that, will also make easier to render custom styles (tabs or whatever).
Attached patch is a really quick proof of concept.
",MZAWeb
Tickets Needing Feedback,12726,Add get_post_by_*() functions,,"Posts, Post Types",3.0,normal,normal,,enhancement,assigned,dev-feedback,2010-03-27T05:57:13Z,2019-06-04T20:41:11Z,"Current there are get_page_by_path() and get_page_by_title() function but they hardcode the post_type of 'page'. With support for new custom post types I'm finding a need for functionality to look up posts of custom post types:
{{{
$args = array('post_type','my_custom_post_type');
$path = 'foo-bar';
$post = get_post_by_path($path,$args);
$title = 'Foo Bar'
$post = get_post_by_title($title,$args);
}}}
Another option would be a simple get_post_by():
{{{
$args = array('post_type','my_custom_post_type');
$path = 'foo-bar';
$post = get_post_by('path',$path,$args);
$title = 'Foo Bar'
$post = get_post_by('title',$title,$args);
}}}
This code is not hard to write but looking at the functions in post.php there's not one consistent style so I'm not sure what the best approach would be to write it. Further, I don't completely understand the significance of all the code in get_page_by_path() so wouldn't want to start with it (although I could see it being modified to use the more generic functions that I propose.)
I can make these updates if I get enough direction from the core team, or I'd happily just see them get done. :)
",mikeschinkel
Tickets Needing Feedback,18546,Add index.php to wp-includes and wp-admin/includes,SergeyBiryukov*,Bootstrap/Load,3.2,normal,normal,Future Release,enhancement,accepted,dev-feedback,2011-08-30T11:42:40Z,2021-01-21T22:46:03Z,"In [comment:ticket:17601:15], dd32 suggested an idea of adding `index.php` to `wp-includes`:
> /wp-includes/index.php doesnt exist however, leading to that entire folder being indexed by google in some cases (which [http://www.google.com/search?hl=en&client=opera&hs=4Ba&rls=en&q=intitle%3A%22Index+Of%22+inurl%3Awp-includes&aq=f&aqi=&aql=&oq= does happen]), this will cause Search Engines to index the contents of these files, leading to the errors being logged.
The patch adds `index.php` to `wp-includes` and `wp-admin/includes`.
",SergeyBiryukov
Tickets Needing Feedback,41305,Add lazily evaluated translations,timothyblynjacobs,I18N,4.8,normal,normal,Future Release,enhancement,assigned,dev-feedback,2017-07-13T11:16:56Z,2023-05-12T12:14:20Z,"In the context of #40988, I did a few performance tests and experimented with adding a lazily evaluated translation object.
The general principle is this:
Instead of returning the resulting string of a translation, return an object for which the `__toString()` and `jsonSerialize()` methods will fetch the resulting string instead.
I tested by having the `__()` method return such a proxy object, instead of the actual translated string.
From a quick profiling run on `wptrunk.dev/wp-json/wp/v2/posts`, I got the following results:
Returning a `translate()` from `__()`:
{{{
Wall Time 162ms
CPU Time 157ms
I/O Time 5.48ms
Memory 16.5MB
Network n/a n/a n/a
SQL 4.41ms 13rq
}}}
Returning a `TranslationProxy` from `__()`:
{{{
Wall Time 144ms -19ms -14.9%
CPU Time 138ms -18ms -15.4%
I/O Time 5.33ms -154µs -3.0%
Memory 16.6MB +81.6KB n/s
Network n/a n/a n/a
SQL 4.33ms 13rq
}}}
As you can see, this shaved off almost 15% from this simple request.
It saved 2255 calls to `translate()`, 2157 calls to `get_translations_for_domain()` and, more importantly still, 2156 calls to `apply_filters()` (which could involve a lot of additional processing in some cases).
The main problem with this approach is that WordPress does not contain real type-hinting, so BC is broken wherever the proxy is not echoed, but used directly.
As we cannot possibly foresee how plugins might use their localized strings, I suggest adding new lazy variations of the translation functions. To mirror the ""echo"" variations that prefix the translation functions with an `e`, I'd suggest using the `l` prefix for these variations:
{{{#!php
// Lazily retrieve the translation of $text.
_l( $text , $domain = 'default' );
// Lazily retrieve the translation of $text and escape it for safe use in an attribute.
esc_attr_l( $text, $domain = 'default' );
// Lazily retrieve the translation of $text and escape it for safe use in HTML output.
esc_html_l( $text, $domain = 'default' );
// Lazily retrieve translated string with gettext context.
_lx( $text, $context, $domain = 'default' );
// Lazily translate string with gettext context, and escape it for safe use in an attribute.
esc_attr_lx( $text, $context, $domain = 'default' );
// Lazily translate string with gettext context, and escape it for safe use in HTML output.
esc_html_lx( $text, $context, $domain = 'default' );
}}}
Arbitrary testing has shown that using such lazily evaluated translations strategically can improve the performance by 10-30% for certain scenarios.
Implementing them in this BC fashion allows us to fine-tune Core usage and make it available to plugins, while playing it safe with existing code.",schlessera
Tickets Needing Feedback,42589,"Add missing ""third argument"" documentation to user_can()",,Role/Capability,,normal,normal,Future Release,enhancement,new,dev-feedback,2017-11-16T20:28:54Z,2019-01-08T10:11:37Z,"There is an undocumented, third argument, '''$args''', into [https://developer.wordpress.org/reference/functions/user_can/ user_can()] function as written in [https://developer.wordpress.org/plugins/users/roles-and-capabilities/#user-can Roles and Capabilities] section of Plugin Handbook.
It's the same of [https://developer.wordpress.org/reference/functions/current_user_can/ current_user_can()] (already documented).",mariovalney
Tickets Needing Feedback,32202,Add support for options page locking (settings API concurrency),,"Options, Meta APIs",3.6,normal,normal,,enhancement,new,dev-feedback,2015-04-30T01:18:48Z,2021-08-26T21:18:12Z,"If two users access an options page at the same time, the user who saves last will have their settings stick, while the user who saves first will have their settings lost. This is because options pages lack any access concurrency checking.
In #31436 we propose to handle conflicts in concurrent Customizer sessions by adding locking to individual controls so that users can't override each others' values. The same functionality is needed for options pages generated generated via the Settings API. At the most basic level, locking could be implemented to block a user from accessing an options page if someone else is already there, presenting the user with the same takeover screen as shown for post locking.
A more sophisticated approach would be to allow multiple users to edit an options page at once, either by syncing values across the sessions via Heartbeat, or by disabling a field entirely for other users when one user starts editing it. In this way, the disabled field would not be included when the other users submit the form. This may not work in all cases, however.
Another approach, less sophisticated and not using Heartbeat at all, would be to introduce a persistent counter for saves to a given admin page. This would serve as a revision number, and the revision could be included with each settings form. If the submitted form has a setting number that is not the same as what is currently stored, then this would indicate there is a potential conflict and the user could be presented with a screen to resolve any differences.",westonruter
Tickets Needing Feedback,14077,Add support for removal of multiple features from a post type in remove_post_type_support,,"Posts, Post Types",3.0,normal,minor,,enhancement,new,dev-feedback,2010-06-24T18:10:59Z,2020-01-09T00:34:23Z,"From [http://groups.google.com/group/wp-hackers/browse_thread/thread/1843101eba1f29fc this thread]
add_post_type_support allows an array to be passed as the 2nd parameter, but remove_post_type_support doesn't.
The patch attached adds the functionality.",Utkarsh
Tickets Needing Feedback,43437,Add way for registered users to request deletion or anonymization of their private data,,Privacy,4.9.6,normal,normal,Future Release,enhancement,new,dev-feedback,2018-02-28T16:04:55Z,2020-10-17T07:54:02Z,"All registered users can edit or delete most of their data in WordPress like name, nickname, email, site, etc. The only exception is they cannot delete or anonymize their own account.
Generally a registered user can contact an admin and request this, but it would be better to have a standard ""procedure"" to do that. It will need to be confirmed to avoid misuse.
A good way to do that would be to have a simple button on the user profile screen where the user can request anonymization. Clicking it will email the user a confirmation link, similar to the password reset link. When clicked, it will load wp-admin again and will send email to the site admin. ",azaozz
Tickets Needing Feedback,21070,Added a filter to the sub-menu class attribute,,Menus,3.4,normal,normal,,enhancement,reopened,dev-feedback,2012-06-25T12:47:34Z,2019-06-04T20:03:26Z,"The sub-menus are hard coded with ""sub-menu"" as the only CSS class. This may cause bad performing CSS with maintainability issues, like when you're targeting the third level sub menu.
I've added a filter, so CSS classes like ""sub-menu-level-$depth"" can be added.",bjornjohansen
Tickets Needing Feedback,20596,Adding more actions to a widget,,Widgets,,normal,normal,,enhancement,new,dev-feedback,2012-05-02T00:14:28Z,2019-06-05T06:38:33Z,"On the Widget UI, there is a ""Close"" button, aside with the ""Delete"" button, and I that developers should have a way to add more of those.
For exemple, I would see as a good use case when you have a way of previewing the widget.
Because right now the only way is by JS which is kinda of lame.
Thanks,",webord
Tickets Needing Feedback,35537,AllPosts page: sorting is not remembered,,"Posts, Post Types",4.4.1,normal,minor,Future Release,enhancement,new,dev-feedback,2016-01-19T22:43:43Z,2017-02-06T09:13:22Z,"STEPS TO REPRODUCE
1) Log in (administrator).
2) Remove all posts.
3) Create 3 new posts with titles accordingly ""1"", ""2"", ""3""
4) Go to AllPosts page.
5) Click on ""Title"" column header to sort posts by title (as a result: posts is sorted in order 1,2,3).
6) Click ""Published (3)"".
7) Click ""All (3)""
EXPECTED RESULT: posts is sorted in order 1,2,3
ACTUAL RESULT: posts is sorted in order 3,2,1",antonrinas
Tickets Needing Feedback,45471,Allow caching of parse_blocks results,francina,Cache API,5.0,normal,normal,Future Release,enhancement,assigned,dev-feedback,2018-12-03T12:08:15Z,2023-03-29T14:48:39Z,"A *lot* of Gutenberg implementations are going to have to parse the blocks in a post. Core itself already parses the blocks on output, but also when trimming an excerpt in `excerpt_remove_blocks`. All this parsing is done with `parse_blocks`. Unfortunately, the only thing passed to `parse_blocks` right now is a string, with no way of caching it.
My suggestion would be to add a cache key to the `parse_blocks` function, which defaults to false. I've attached a proposed patch to the function, if we agree on this we could then look at how to implement this in core itself.",joostdevalk
Tickets Needing Feedback,22921,Allow get_users() to return array of values via 'fields' parameter,,Users,3.5,normal,normal,,enhancement,new,dev-feedback,2012-12-13T17:39:24Z,2021-04-14T13:24:16Z,"Currently, the `'fields'` parameter in the arguments array for `get_users()` only accepts either an array of user data fields, or the string `'all'`. Both of these options cause `get_users()` to return an array of object comprised of the specified user data. Passing any other string value to `'fields'` causes `get_users()` to return an array of user IDs.
Per the Codex:
> Array of objects, '''except when fields specifies a single field to be returned, then an array of values is returned'''. If fields is set to all_with_meta, it will return an array of WP_User objects.
This statement appears to be untrue, but would be incredibly useful if it were true.
Patch adds this functionality to `get_users()`.
Potentially related: #18581",chipbennett
Tickets Needing Feedback,38925,Allow override of depth limits on comment reply link,,Comments,4.7,normal,normal,Future Release,enhancement,new,dev-feedback,2016-11-24T06:41:07Z,2020-05-26T20:21:04Z,"The core code currently hides the Reply link if a comment is at the maxDepth setting for comment nesting, but this appears to only be a constraint on the presentation. The API still allows replies through URL parameters and the REST interface, which demonstrates that there is not a functional reason for the constraint.
I'm proposing that plugin authors are allowed to override this constraint by setting `$args['limit_by_depth'] = false` in a `comment_reply_link_args` filter. This requires only a minor, inconsequential change to comment-template.php per the attached patch.
Note the '[https://wordpress.org/plugins/infinite-comment-replies/developers/ Infinite Comment Replies]' plugin currently achieves this by completely rewriting the reply link and thus masking everything that is handled in the core production of the link. The proposal above is a better option to achieve the same effect.",TravisR
Tickets Needing Feedback,37577,"Allow users to ""petition"" for a post lock to be released",,Editor,,normal,normal,Future Release,enhancement,new,dev-feedback,2016-08-04T21:23:34Z,2020-05-25T17:12:05Z,"Our post locking prevents two people from editing the same post, but introduces some awkwardness, in that your options are to wait and hope they exit the post (which slows you down), or boot them out (which could be rude or disruptive), or communicate with them through some other medium (which you might not have). It would be nice if there was a third option... to ""raise your hand"" about wanting to edit the post. If the editing user is actually working on the post, they could say ""not now,"" or they could ""save and release"". Or, if there is no response, that could be communicated to the petitioning user, as that could indicate that the editing user has left the post open and abandoned their computer. We could even communicate when the last mouse movement or on-page activity was.",markjaquith
Tickets Needing Feedback,31643,Allow widget sidebars to be loaded open or closed via filtering,,Widgets,4.2,normal,normal,,enhancement,new,dev-feedback,2015-03-14T23:44:54Z,2019-06-05T06:40:41Z,This could be useful to allow certain sidebars to always load open or closed.,silb3r
Tickets Needing Feedback,6814,Async media crunching,adamsilverstein,Upload,2.5,normal,normal,Future Release,enhancement,assigned,dev-feedback,2008-04-23T00:19:05Z,2022-08-24T14:14:22Z,"The upload part of the new multi-uploader is pretty nice now, but it blocks on the ""crunching"" phase, which can sometimes take 20-60 seconds, I assume to create medium thumbnails and such.
The crunching part of the upload should not block the next file beginning the upload process, it should happen asynchronously with the rest of the process.",matt
Tickets Needing Feedback,21521,Audit use of set_time_limit(),,Bootstrap/Load,3.4.1,normal,normal,,enhancement,new,dev-feedback,2012-08-08T17:28:21Z,2019-06-04T19:23:14Z,Core calls this half a dozen times. The call in wp_get_http() interferes with unit tests. Unit tests will terminate 60 seconds after wp_get_http() is called. Let's justify each use of set_time_limit() and remove what we can.,ryan
Tickets Needing Feedback,48937,Auto-refresh maintenance mode screen,,Upgrade/Install,,normal,normal,Future Release,enhancement,new,dev-feedback,2019-12-11T15:35:48Z,2022-08-08T07:48:44Z,"''I [https://wordpress.org/support/topic/feature-request-with-solution-auto-refresh-maintenance-mode-screen/ already posted this] on the community forums, and was advised to post here instead.''
While WordPress updates a theme, a plugin or its core, it conveniently displays a message to any visitor:
> Briefly unavailable for maintenance. Check back in a minute.
Unfortunately, when presented with such a bland screen, most visitors will immediately leave and find a different website.
If the visitor hasn’t disabled Javascript in his browser, it would be most helpful to make this a little more informative and add some automation:
> Briefly unavailable for maintenance.
> This page will automatically load when it is available.
Have the webpage automatically refresh the page every (say) 10 seconds.
Obviously, if the user has disabled Javascript, you can only display the brief message.
= Solution
I’m not really a programmer, but I’ve taken the default WordPress method and modified it to do just this — see below. You are welcome to use it as is, or to use the ideas and code within, to implement this feature automatically. I have tested this and it seems to work perfectly. A programmer might find a better way to implement it than I have done.
There is one problem with what I’ve done, and that is the lack of translation for other languages. I don’t know how to cater for that.
Thank you
= Revised contents
I took the file /wp-content/maintenance.php and modified it as follows. All that I did was to add a
Sorry… Briefly unavailable for scheduled maintenance.
Please try again in a minute.
Thank you for your patience.